last executing test programs: 5.504733811s ago: executing program 0 (id=2560): perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe000000007110100000000000e5000200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000100000d0000000000000000030000000000000000000001ff0000004000000000000000000000030000000002"], 0x0, 0x56}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000711206000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00') perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000404000000002e"], 0x0, 0x37}, 0x28) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x122) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200}) r0 = socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000640)="2e00000011008188040f80ec59acbc04005e140602000000000e0027001000004556df17f9000200000000000000", 0x2e}], 0x1}, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8946, &(0x7f0000000080)) 4.371146596s ago: executing program 0 (id=2568): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="030000d8b9e85405c2be11c3ba00040000000400", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x2b, 0x1, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x10000003, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00') socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) socket$kcm(0x2a, 0x2, 0x0) recvmsg$unix(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xfffffef2, &(0x7f0000000600)}, 0x122) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) r3 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x10) r5 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000500)="1400000024000b475280ce6e7806f37201cf3494", 0x14}], 0x1}, 0x44) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f00000002c0)='\t&\tq\xae(tO@m\xa9\xeb\x18:\x12\xbdh\xa5ym\x94\xfdlc@\xf5\xa3\'OA\xdf\x9co\xdfE\xa2\"k\xb6Ns\xaa\x00\x00\x00\x00\x00\x00\xc1-\x90B3\x86\xefK\x84\x97nm\xae\x8aAR\xd1\xf2\x9f\xbf\x067n\xd1{T\xcd\x00\x00\x006\x00\a\x82\xbc>\xfb\xe0\xf3gd\x00\x00\x00\x00\x00\x00\x93\xf9x\x86\xf6\x80\xeb\xc6\x83:\xa7!\xd9\xdd\x02~\x8d\xb4\xbe|\xebw\x11#\x99w\xcc\x8e\x8dOQb\x1d$\xc1\x7f\xd8\n\xe9J\xbe\x14\xb2.(\xa4\xd7\xec\x062\xbb@\xce\tG\xf4\xe5\x8c\xa5\xe6\xabr\xa7\xa0#\xa7\xb3\xc03w\xa5Y+\vd\x96S\x9bg\tA\x02\x06wY?\x109C[\x8ftC\xb6#_\xaa\xe6P\xa09.\x16\x1dTT\x93CK$\x02\x9f!\x80\xb4\xb6\x9b_\x86\xea0\xd3\x8dB3(\xa7ug(w0\x94\x1d!%<\xe22\x84\x1d\x1c\x9f\xb4e\v\x1dQ\x12\x00\x00\x00\x00') 3.552793736s ago: executing program 0 (id=2576): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x16, 0x2, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0xfffffffffffffffe, 0xa6}, 0x11619d, 0x9, 0xfffffbff, 0x5, 0x2, 0x200, 0x5, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x9) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00004a00530c8e5eb88edc5a9c0e0a9b80"], 0xfe33) r1 = socket$kcm(0x2b, 0x5, 0x0) setsockopt$sock_attach_bpf(r1, 0x6, 0x24, &(0x7f0000000200), 0x4) r2 = socket$kcm(0x2, 0x3, 0x84) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYRESOCT=0x0], 0xfe33) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="260a0000000000006110a000000000001800000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000900)=ANY=[@ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{0x1, 0xffffffffffffffff}, &(0x7f0000000600), &(0x7f0000000640)=r3}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0100000002000000a003000005", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000080), &(0x7f0000000240), 0x1800, r9}, 0x38) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x22, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000040000000000000005000000850000001f00000062a0e0ff100000008d7818001000000018200000", @ANYRES32=r5, @ANYBLOB="0000000009000000185500000900000000000000000000008500000016000000d794c0ffffffffff18110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000b7080000000000007b8af8ff00000000b7080000018000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b705000008000000850000003535027a8b00000000000000ca6a35ab24fe701890b7b6cb75bd9ef010515c1e0000db7eba5ec11a978d917396aadf077a3cbb0d3992151ef4bf242b2d8fd6c2dc26fb1c59209a526be3270bc0116218c9ccc39eabaf5bfb1072cfa1f0c7799249040f30000000000000000000"], &(0x7f0000000800)='syzkaller\x00', 0x81, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000840)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000880)={0x4, 0x9, 0x3ab3, 0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)=[r9], 0x0, 0x10, 0xe}, 0x94) r10 = socket$kcm(0x2b, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$inet(r10, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc) setsockopt$sock_attach_bpf(r10, 0x1, 0xd, &(0x7f0000000080), 0x24) close(r10) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x891b, &(0x7f0000000100)) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={0x1, 0x5f, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0xf, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b7080000000000399d3d4976957cb3f5007b8af8ff00000000b70800008fffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000fc4deeadc8893841212871c4a38c730adc468847556af09831a60de61922a8c1d697a309ca4a15fa026f70b01e3da29e7654b41d221e2a4788d5bd0daf2c1e07d2cdb43597ef7316825655a393524945e4678415985fa1c10c00bddb81d98e141d5029fa1102bd8287ae5af50737e56ae374c75942c1302066a89aad3a1871f3248c7846398f99e16ea869999ed4ce16a7", @ANYRES32=0x1, @ANYBLOB="0000000000000000b70500000800000085000000a500000085100000050000008520000005000000"], &(0x7f00000001c0)='GPL\x00', 0x61f4, 0x9f, &(0x7f0000000300)=""/159, 0x41000, 0x10, '\x00', r11, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000480)={0x4, 0x3, 0x3, 0x400}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f00000004c0)=[{0x2, 0x5, 0x7, 0xd}, {0x2, 0x1, 0xf, 0x4}, {0x0, 0x4, 0x1, 0x8}, {0x0, 0x3, 0xc, 0x4}, {0x1, 0x3, 0x6}], 0x10, 0x5}, 0x94) 2.550003191s ago: executing program 1 (id=2582): socket$kcm(0x2, 0x5, 0x84) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1400, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000002800)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_bp={0x0, 0x4}, 0x11411d, 0x32, 0xfffffbfd, 0x3, 0x8000, 0xfffffffd, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}], 0x70}, 0x2160) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'}) socketpair(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080)) 2.500252533s ago: executing program 0 (id=2583): r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$kcm(0xf, 0x3, 0x2) sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="020a030002000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0) 2.298537555s ago: executing program 2 (id=2586): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x20, 0xf, 0x200cc, 0x6, 0x5}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) r1 = socket$kcm(0x29, 0x2, 0x0) bpf$MAP_CREATE(0x2000000000000018, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000008000005c00000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002000000000000000000"], 0x48) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f00000005c0)={'team0\x00'}) r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48) r5 = socket$kcm(0x2, 0x1, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) sendmsg$inet(r5, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r4}, 0x8) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000040)={r5, r4}) sendmsg$kcm(r1, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, &(0x7f0000000540)=""/245, &(0x7f00000000c0), &(0x7f0000000680), 0x2, r0}, 0x38) socket$kcm(0x2, 0x1000000000000002, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0xa, 0x7, 0x0) 2.187392824s ago: executing program 0 (id=2587): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20040018}, 0x0) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000042c0)="86", 0x1}, {&(0x7f0000000200)="e72940e2be15a21c752703fc2458f5fafd242715dc98135b063f8859126cad9dc18453102e156cd491748c846636511e6504bc77224437e8a0f8971d1ccaae040e0e425308cb4b66f96b8256a7229819cb304268e903d9d293a3f7eba4eee5e9b461689ac21ae552350581f99b827473754743f9caf4", 0x76}, {&(0x7f00000004c0)="62741222c97d5778da0883b46aa920bba92024cd7a7386522517ce2699bcc6ce276311d03451ac1639de4208421ebb066f861146fba367e315ce4449bd724c6a3cb73c4503e96951ba1ffa672dcda6c0d7eba1057f623b16194704581dd03ac79560c04d642a29a460bc93e837c8a26795ec88a63283c73a9e2f214bdb3c5ffc3f6d0381bf12ebfe4585386fc910f2030e10b098a1c14e9567ff3b9a8bb1347328ba414ebec7e78b778d6dd5c192cbcd302c0bedb599d30b06a66f98dae518582f886ce296fcb0df51eef2", 0xcb}], 0x3}, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x21, &(0x7f0000000040), 0x4) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) r3 = socket$kcm(0x11, 0x3, 0x300) setsockopt$sock_attach_bpf(r3, 0x1, 0x28, &(0x7f0000000040), 0x4) recvmsg(r3, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x2) setsockopt$sock_attach_bpf(r2, 0x1, 0xd, &(0x7f0000000080), 0x4) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @remote}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) 1.880199424s ago: executing program 1 (id=2589): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x20, 0xf, 0x200cc, 0x6, 0x5}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) r1 = socket$kcm(0x29, 0x2, 0x0) bpf$MAP_CREATE(0x2000000000000018, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000008000005c00000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002000000000000000000"], 0x48) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f00000005c0)={'team0\x00'}) r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48) r5 = socket$kcm(0x2, 0x1, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) sendmsg$inet(r5, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r4}, 0x8) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000040)={r5, r4}) sendmsg$kcm(r1, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, &(0x7f0000000540)=""/245, &(0x7f00000000c0), &(0x7f0000000680), 0x2, r0}, 0x38) socket$kcm(0x2, 0x1000000000000002, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0xa, 0x7, 0x0) 1.227879083s ago: executing program 3 (id=2593): r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000300), 0x4) 1.180931806s ago: executing program 0 (id=2594): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x6, 0x21507ac6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50) 1.096398157s ago: executing program 4 (id=2595): bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1b, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000d100000095"], &(0x7f0000000ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.096277453s ago: executing program 3 (id=2596): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000003c0)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014009080c00000000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x40002062) 1.077130666s ago: executing program 2 (id=2597): r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.idle_time\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 951.020812ms ago: executing program 1 (id=2598): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081) recvmsg(r0, 0x0, 0x40010000) recvmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40000002) 888.395934ms ago: executing program 4 (id=2599): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb01001800000000000000400000004000000002000000000000000000000604000000000000000000000f0500"], 0x0, 0x5a}, 0x28) 851.380209ms ago: executing program 4 (id=2600): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016020000b30000007f"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffff8}, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {0x3, 0x3, 0x6}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222}, 0x78) 835.302038ms ago: executing program 2 (id=2601): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x5, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{0x2}]}]}, {0x0, [0x0, 0x5f, 0x1]}}, 0x0, 0x31, 0x0, 0x8}, 0x28) 796.962746ms ago: executing program 3 (id=2602): r0 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x10, 0x110, 0x2}], 0x10}, 0x404f444) 636.390869ms ago: executing program 2 (id=2603): bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xe, 0x4, 0x4, 0x20006}, 0x50) 612.553774ms ago: executing program 4 (id=2604): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r0) socket$kcm(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000001c0)={r1, &(0x7f0000000180)}, 0x20) 597.999042ms ago: executing program 1 (id=2605): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x14, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1, 0x0, 0x7}, 0x18) r2 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r2, 0x84, 0x25, &(0x7f0000000000), 0x20000010) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) 582.422482ms ago: executing program 3 (id=2606): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x97}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 316.33303ms ago: executing program 4 (id=2607): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="bc05000000000000711093000000000006000000000000009500000000000020"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x3, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) 316.168397ms ago: executing program 3 (id=2608): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x5, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x7}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000180), &(0x7f0000000100)=r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, &(0x7f0000000300), 0x0}, 0x20) 222.153413ms ago: executing program 1 (id=2609): bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB="000000000000000000000000000000000000df841e86b15ed4aa4da1f25ab1fab7995b9f4524fc74db407e06309aa820ed203cabdec9c4d402a02dbe", @ANYRES32=0x0], 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0xfffffdff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 219.990642ms ago: executing program 2 (id=2610): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf]}, &(0x7f0000000300)='GPL\x00', 0x8, 0xff8, &(0x7f0000001e00)=""/4088}, 0x90) 94.36306ms ago: executing program 3 (id=2611): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffff000001"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 48.327592ms ago: executing program 4 (id=2612): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x8, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x15, 0x8, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x1}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000280)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0xd}, 0x94) 48.198989ms ago: executing program 1 (id=2613): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f00000000c0)) 0s ago: executing program 2 (id=2614): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x15, 0x17, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000b4000000bf09000000000000550901000074f696e500000000000000180100002020702500000000002020207baaf8ff00000000bda100000000000027010000f8ffffffb702000008000000b7030000000000002500000006000000be91000000000000b502ecffffff00008500000005000000b70000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) kernel console output (not intermixed with test programs): free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 305.871045][T10476] lowmem_reserve[]: 0 2500 2502 2502 2502 [ 305.876856][T10476] Node 0 DMA32 free:1302432kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28692kB inactive_anon:0kB active_file:85884kB inactive_file:157604kB unevictable:1536kB writepending:712kB present:3129332kB managed:2560960kB mlocked:0kB bounce:0kB free_pcp:55804kB local_pcp:34900kB free_cma:0kB [ 305.910190][T10476] lowmem_reserve[]: 0 0 1 1 1 [ 305.915703][T10476] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1844kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 305.964341][T10476] lowmem_reserve[]: 0 0 0 0 0 [ 305.969248][T10476] Node 1 Normal free:3904684kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:16800kB local_pcp:6624kB free_cma:0kB [ 306.002517][T10476] lowmem_reserve[]: 0 0 0 0 0 [ 306.007290][T10476] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 306.020063][T10476] Node 0 DMA32: 2830*4kB (UME) 3632*8kB (UME) 2820*16kB (UME) 2263*32kB (UME) 1003*64kB (UME) 461*128kB (UME) 235*256kB (UM) 149*512kB (UM) 78*1024kB (UME) 4*2048kB (UM) 195*4096kB (UM) = 1304344kB [ 306.058816][T10476] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 306.071698][T10476] Node 1 Normal: 195*4kB (UME) 48*8kB (UME) 48*16kB (UME) 141*32kB (UME) 40*64kB (UME) 11*128kB (UME) 4*256kB (UM) 4*512kB (UME) 2*1024kB (ME) 1*2048kB (E) 949*4096kB (M) = 3904684kB [ 306.094720][T10476] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.178723][T10476] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 306.223314][T10476] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.294514][T10476] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 306.371700][T10476] 62741 total pagecache pages [ 306.398330][T10476] 0 pages in swap cache [ 306.421315][T10476] Free swap = 124996kB [ 306.447166][T10476] Total swap = 124996kB [ 306.485595][T10476] 2097051 pages RAM [ 306.499948][T10476] 0 pages HighMem/MovableOnly [ 306.523591][T10476] 424705 pages reserved [ 306.538236][T10476] 0 pages cma reserved [ 306.785615][T10495] __nla_validate_parse: 10 callbacks suppressed [ 306.785633][T10495] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1551'. [ 306.813738][T10495] net_ratelimit: 3 callbacks suppressed [ 306.813752][T10495] netlink: zone id is out of range [ 306.887076][T10495] netlink: zone id is out of range [ 306.892401][T10495] netlink: zone id is out of range [ 306.897562][T10495] netlink: zone id is out of range [ 306.923317][T10495] netlink: zone id is out of range [ 306.928491][T10495] netlink: zone id is out of range [ 307.011174][T10495] netlink: zone id is out of range [ 307.042435][T10495] netlink: zone id is out of range [ 307.064674][T10495] netlink: zone id is out of range [ 307.088584][T10504] FAULT_INJECTION: forcing a failure. [ 307.088584][T10504] name failslab, interval 1, probability 0, space 0, times 0 [ 307.090594][T10495] netlink: zone id is out of range [ 307.178928][T10504] CPU: 1 UID: 0 PID: 10504 Comm: syz.0.1554 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 307.178952][T10504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 307.178964][T10504] Call Trace: [ 307.178975][T10504] [ 307.178987][T10504] dump_stack_lvl+0x189/0x250 [ 307.179030][T10504] ? __pfx____ratelimit+0x10/0x10 [ 307.179059][T10504] ? __pfx_dump_stack_lvl+0x10/0x10 [ 307.179100][T10504] ? __pfx__printk+0x10/0x10 [ 307.179165][T10504] ? __pfx___might_resched+0x10/0x10 [ 307.179194][T10504] ? fs_reclaim_acquire+0x7d/0x100 [ 307.179253][T10504] should_fail_ex+0x414/0x560 [ 307.179320][T10504] should_failslab+0xa8/0x100 [ 307.179358][T10504] kmem_cache_alloc_noprof+0x73/0x3c0 [ 307.179390][T10504] ? getname_flags+0xb8/0x540 [ 307.179452][T10504] getname_flags+0xb8/0x540 [ 307.179512][T10504] do_sys_openat2+0xbc/0x1c0 [ 307.179566][T10504] ? __pfx_do_sys_openat2+0x10/0x10 [ 307.179591][T10504] ? perf_trace_preemptirq_template+0xa3/0x340 [ 307.179641][T10504] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 307.179678][T10504] ? __pfx_ksys_write+0x10/0x10 [ 307.179694][T10504] ? rcu_is_watching+0x15/0xb0 [ 307.179753][T10504] __x64_sys_openat+0x138/0x170 [ 307.179821][T10504] do_syscall_64+0xfa/0x3b0 [ 307.179842][T10504] ? lockdep_hardirqs_on+0x9c/0x150 [ 307.179866][T10504] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.179888][T10504] ? clear_bhb_loop+0x60/0xb0 [ 307.179934][T10504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.179953][T10504] RIP: 0033:0x7ff7bbf8d290 [ 307.179977][T10504] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 307.179993][T10504] RSP: 002b:00007ff7bce05f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 307.180012][T10504] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff7bbf8d290 [ 307.180025][T10504] RDX: 0000000000000002 RSI: 00007ff7bce05fa0 RDI: 00000000ffffff9c [ 307.180037][T10504] RBP: 00007ff7bce05fa0 R08: 0000000000000000 R09: 0000000000000000 [ 307.180048][T10504] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 307.180059][T10504] R13: 0000000000000000 R14: 00007ff7bc1b5fa0 R15: 00007ffe3e073d38 [ 307.180175][T10504] [ 307.900591][T10517] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.1558'. [ 307.921934][T10520] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.1560'. [ 308.262277][T10535] netlink: 'syz.3.1564': attribute type 10 has an invalid length. [ 308.277381][T10535] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1564'. [ 309.388342][T10574] netlink: 'syz.2.1577': attribute type 29 has an invalid length. [ 309.600695][T10582] netlink: 'syz.2.1580': attribute type 10 has an invalid length. [ 310.860338][T10596] netlink: 'syz.0.1585': attribute type 29 has an invalid length. [ 311.044461][T10594] netlink: 'syz.2.1584': attribute type 10 has an invalid length. [ 311.052573][T10594] team0: Device ip6_vti0 is of different type [ 311.155977][T10606] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1588'. [ 311.611373][T10629] FAULT_INJECTION: forcing a failure. [ 311.611373][T10629] name failslab, interval 1, probability 0, space 0, times 0 [ 311.624508][T10629] CPU: 0 UID: 0 PID: 10629 Comm: syz.1.1594 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 311.624533][T10629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 311.624544][T10629] Call Trace: [ 311.624551][T10629] [ 311.624558][T10629] dump_stack_lvl+0x189/0x250 [ 311.624591][T10629] ? __pfx____ratelimit+0x10/0x10 [ 311.624609][T10629] ? __pfx_dump_stack_lvl+0x10/0x10 [ 311.624638][T10629] ? __pfx__printk+0x10/0x10 [ 311.624664][T10629] ? __pfx___might_resched+0x10/0x10 [ 311.624691][T10629] ? fs_reclaim_acquire+0x7d/0x100 [ 311.624720][T10629] should_fail_ex+0x414/0x560 [ 311.624749][T10629] should_failslab+0xa8/0x100 [ 311.624774][T10629] __kmalloc_noprof+0xcb/0x4f0 [ 311.624793][T10629] ? bpf_test_init+0xc2/0x170 [ 311.624820][T10629] bpf_test_init+0xc2/0x170 [ 311.624846][T10629] bpf_prog_test_run_skb+0x1e9/0x1560 [ 311.624868][T10629] ? __fget_files+0x2a/0x420 [ 311.624893][T10629] ? __fget_files+0x2a/0x420 [ 311.624923][T10629] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 311.624948][T10629] bpf_prog_test_run+0x2c4/0x340 [ 311.624978][T10629] __sys_bpf+0x4a4/0x860 [ 311.625014][T10629] ? __pfx___sys_bpf+0x10/0x10 [ 311.625052][T10629] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 311.625077][T10629] ? __pfx_ksys_write+0x10/0x10 [ 311.625094][T10629] ? rcu_is_watching+0x15/0xb0 [ 311.625128][T10629] __x64_sys_bpf+0x7c/0x90 [ 311.625150][T10629] do_syscall_64+0xfa/0x3b0 [ 311.625168][T10629] ? lockdep_hardirqs_on+0x9c/0x150 [ 311.625184][T10629] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.625202][T10629] ? clear_bhb_loop+0x60/0xb0 [ 311.625224][T10629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.625242][T10629] RIP: 0033:0x7f2d8af8e929 [ 311.625258][T10629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.625273][T10629] RSP: 002b:00007f2d8bd2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 311.625293][T10629] RAX: ffffffffffffffda RBX: 00007f2d8b1b5fa0 RCX: 00007f2d8af8e929 [ 311.625306][T10629] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a [ 311.625318][T10629] RBP: 00007f2d8bd2a090 R08: 0000000000000000 R09: 0000000000000000 [ 311.625329][T10629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 311.625339][T10629] R13: 0000000000000000 R14: 00007f2d8b1b5fa0 R15: 00007ffcecb61948 [ 311.625367][T10629] [ 312.503998][T10646] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1597'. [ 312.581386][T10646] netlink: 'syz.3.1597': attribute type 21 has an invalid length. [ 312.691290][T10646] netlink: 'syz.3.1597': attribute type 3 has an invalid length. [ 312.810577][T10646] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1597'. [ 313.117181][T10658] @ÿ: renamed from bond_slave_0 [ 316.303492][T10677] netlink: 24032 bytes leftover after parsing attributes in process `syz.0.1605'. [ 316.357522][T10677] netlink: 104088 bytes leftover after parsing attributes in process `syz.0.1605'. [ 316.381060][T10677] netlink: 24032 bytes leftover after parsing attributes in process `syz.0.1605'. [ 316.541184][T10682] netlink: 'syz.4.1607': attribute type 10 has an invalid length. [ 316.631049][T10682] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1607'. [ 316.883438][T10682] : entered promiscuous mode [ 316.917970][T10682] @ÿ: entered promiscuous mode [ 316.976844][T10682] bond_slave_1: entered promiscuous mode [ 317.000766][T10682] 8021q: adding VLAN 0 to HW filter on device  [ 317.043334][T10682] bridge0: port 5() entered blocking state [ 317.065549][T10682] bridge0: port 5() entered disabled state [ 317.089823][T10682] : entered allmulticast mode [ 317.107055][T10682] @ÿ: entered allmulticast mode [ 317.126102][T10682] bond_slave_1: entered allmulticast mode [ 317.136576][T10682] bridge0: port 5() entered blocking state [ 317.142691][T10682] bridge0: port 5() entered forwarding state [ 317.148123][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.155251][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.838416][T10718] netlink: 'syz.0.1619': attribute type 29 has an invalid length. [ 317.909639][T10720] netlink: 64535 bytes leftover after parsing attributes in process `syz.1.1621'. [ 317.939815][T10720] netlink: 61211 bytes leftover after parsing attributes in process `syz.1.1621'. [ 318.370006][T10733] netlink: 160 bytes leftover after parsing attributes in process `syz.0.1625'. [ 318.916219][T10757] net_ratelimit: 72 callbacks suppressed [ 318.916239][T10757] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 318.928516][T10757] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 318.986670][T10760] netlink: 'syz.2.1633': attribute type 29 has an invalid length. [ 319.265299][T10769] FAULT_INJECTION: forcing a failure. [ 319.265299][T10769] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 319.305119][T10769] CPU: 0 UID: 0 PID: 10769 Comm: syz.1.1635 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 319.305143][T10769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 319.305155][T10769] Call Trace: [ 319.305162][T10769] [ 319.305170][T10769] dump_stack_lvl+0x189/0x250 [ 319.305204][T10769] ? __pfx____ratelimit+0x10/0x10 [ 319.305223][T10769] ? __pfx_dump_stack_lvl+0x10/0x10 [ 319.305253][T10769] ? __pfx__printk+0x10/0x10 [ 319.305288][T10769] should_fail_ex+0x414/0x560 [ 319.305320][T10769] strncpy_from_user+0x36/0x290 [ 319.305357][T10769] getname_flags+0xf3/0x540 [ 319.305388][T10769] do_sys_openat2+0xbc/0x1c0 [ 319.305418][T10769] ? __pfx_do_sys_openat2+0x10/0x10 [ 319.305445][T10769] ? ksys_write+0x22a/0x250 [ 319.305469][T10769] ? __pfx_ksys_write+0x10/0x10 [ 319.305485][T10769] ? rcu_is_watching+0x15/0xb0 [ 319.305518][T10769] __x64_sys_openat+0x138/0x170 [ 319.305551][T10769] do_syscall_64+0xfa/0x3b0 [ 319.305569][T10769] ? lockdep_hardirqs_on+0x9c/0x150 [ 319.305587][T10769] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.305605][T10769] ? clear_bhb_loop+0x60/0xb0 [ 319.305629][T10769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.305646][T10769] RIP: 0033:0x7f2d8af8d290 [ 319.305662][T10769] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 319.305678][T10769] RSP: 002b:00007f2d88df5f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 319.305697][T10769] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2d8af8d290 [ 319.305710][T10769] RDX: 0000000000000002 RSI: 00007f2d88df5fa0 RDI: 00000000ffffff9c [ 319.305722][T10769] RBP: 00007f2d88df5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 319.305733][T10769] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 319.305743][T10769] R13: 0000000000000000 R14: 00007f2d8b1b6080 R15: 00007ffcecb61948 [ 319.305776][T10769] [ 319.306169][T10768] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1636'. [ 319.484321][T10762] netlink: 'syz.2.1634': attribute type 29 has an invalid length. [ 319.636058][T10779] netlink: 'syz.1.1640': attribute type 39 has an invalid length. [ 319.761322][T10785] FAULT_INJECTION: forcing a failure. [ 319.761322][T10785] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 319.785011][T10785] CPU: 0 UID: 0 PID: 10785 Comm: syz.4.1641 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 319.785036][T10785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 319.785048][T10785] Call Trace: [ 319.785055][T10785] [ 319.785068][T10785] dump_stack_lvl+0x189/0x250 [ 319.785102][T10785] ? __pfx____ratelimit+0x10/0x10 [ 319.785120][T10785] ? __pfx_dump_stack_lvl+0x10/0x10 [ 319.785149][T10785] ? __pfx__printk+0x10/0x10 [ 319.785169][T10785] ? __might_fault+0xb0/0x130 [ 319.785200][T10785] should_fail_ex+0x414/0x560 [ 319.785230][T10785] _copy_from_user+0x2d/0xb0 [ 319.785252][T10785] ___sys_sendmsg+0x158/0x2a0 [ 319.785281][T10785] ? __pfx____sys_sendmsg+0x10/0x10 [ 319.785303][T10785] ? irqentry_exit+0x74/0x90 [ 319.785356][T10785] ? __fget_files+0x2a/0x420 [ 319.785378][T10785] ? __fget_files+0x3a0/0x420 [ 319.785411][T10785] __x64_sys_sendmsg+0x19b/0x260 [ 319.785440][T10785] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 319.785475][T10785] ? __pfx_ksys_write+0x10/0x10 [ 319.785500][T10785] ? do_syscall_64+0xbe/0x3b0 [ 319.785522][T10785] do_syscall_64+0xfa/0x3b0 [ 319.785542][T10785] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.785560][T10785] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 319.785577][T10785] ? clear_bhb_loop+0x60/0xb0 [ 319.785600][T10785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.785617][T10785] RIP: 0033:0x7f6d8ab8e929 [ 319.785633][T10785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.785649][T10785] RSP: 002b:00007f6d8ba2c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 319.785668][T10785] RAX: ffffffffffffffda RBX: 00007f6d8adb5fa0 RCX: 00007f6d8ab8e929 [ 319.785681][T10785] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 319.785693][T10785] RBP: 00007f6d8ba2c090 R08: 0000000000000000 R09: 0000000000000000 [ 319.785704][T10785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 319.785715][T10785] R13: 0000000000000000 R14: 00007f6d8adb5fa0 R15: 00007fffe8dfe988 [ 319.785743][T10785] [ 320.011515][T10777] netlink: 'syz.0.1639': attribute type 29 has an invalid length. [ 320.019958][T10780] netlink: 'syz.0.1639': attribute type 29 has an invalid length. [ 320.031502][T10783] netlink: 'syz.0.1639': attribute type 29 has an invalid length. [ 320.048663][T10788] netlink: 'syz.0.1639': attribute type 29 has an invalid length. [ 320.157250][T10794] veth1_macvtap: entered allmulticast mode [ 320.240805][T10799] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1644'. [ 320.267000][T10794] netlink: 'syz.1.1646': attribute type 2 has an invalid length. [ 320.297322][T10799] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 321.065383][T10826] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1654'. [ 321.251464][T10829] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1657'. [ 321.924760][T10842] netlink: 'syz.3.1661': attribute type 29 has an invalid length. [ 322.004708][T10841] netlink: 'syz.3.1661': attribute type 29 has an invalid length. [ 322.828479][T10872] netlink: 'syz.1.1673': attribute type 7 has an invalid length. [ 322.890299][T10872] netlink: 'syz.1.1673': attribute type 6 has an invalid length. [ 322.926161][T10875] FAULT_INJECTION: forcing a failure. [ 322.926161][T10875] name failslab, interval 1, probability 0, space 0, times 0 [ 323.013238][T10875] CPU: 1 UID: 0 PID: 10875 Comm: syz.3.1675 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 323.013263][T10875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 323.013275][T10875] Call Trace: [ 323.013289][T10875] [ 323.013304][T10875] dump_stack_lvl+0x189/0x250 [ 323.013356][T10875] ? __pfx____ratelimit+0x10/0x10 [ 323.013395][T10875] ? __pfx_dump_stack_lvl+0x10/0x10 [ 323.013443][T10875] ? __pfx__printk+0x10/0x10 [ 323.013612][T10875] should_fail_ex+0x414/0x560 [ 323.013705][T10875] should_failslab+0xa8/0x100 [ 323.013762][T10875] __kmalloc_cache_noprof+0x70/0x3d0 [ 323.013800][T10875] ? sctp_add_bind_addr+0x8c/0x370 [ 323.013881][T10875] sctp_add_bind_addr+0x8c/0x370 [ 323.013964][T10875] sctp_copy_local_addr_list+0x30b/0x4e0 [ 323.014032][T10875] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 323.014074][T10875] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 323.014151][T10875] ? sctp_v4_is_any+0x35/0x60 [ 323.014179][T10875] ? sctp_copy_one_addr+0x93/0x360 [ 323.014256][T10875] sctp_bind_addr_copy+0xb3/0x3c0 [ 323.014308][T10875] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 323.014386][T10875] sctp_connect_new_asoc+0x2e0/0x690 [ 323.014458][T10875] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 323.014483][T10875] ? __local_bh_enable_ip+0x12d/0x1c0 [ 323.014589][T10875] ? bpf_lsm_sctp_bind_connect+0x9/0x20 [ 323.014606][T10875] ? security_sctp_bind_connect+0x7e/0x2e0 [ 323.014670][T10875] sctp_sendmsg+0x155c/0x2810 [ 323.014834][T10875] ? __pfx_sctp_sendmsg+0x10/0x10 [ 323.014916][T10875] ? aa_sk_perm+0x81e/0x950 [ 323.015010][T10875] ? __pfx_aa_sk_perm+0x10/0x10 [ 323.015090][T10875] ? sock_rps_record_flow+0x19/0x410 [ 323.015152][T10875] ? inet_sendmsg+0x2f4/0x370 [ 323.015227][T10875] __sock_sendmsg+0x19c/0x270 [ 323.015299][T10875] ____sys_sendmsg+0x505/0x830 [ 323.015399][T10875] ? __pfx_____sys_sendmsg+0x10/0x10 [ 323.015531][T10875] ? import_iovec+0x74/0xa0 [ 323.015608][T10875] ___sys_sendmsg+0x21f/0x2a0 [ 323.015679][T10875] ? __pfx____sys_sendmsg+0x10/0x10 [ 323.015928][T10875] ? __fget_files+0x2a/0x420 [ 323.016080][T10875] ? __fget_files+0x2a/0x420 [ 323.016109][T10875] ? __fget_files+0x3a0/0x420 [ 323.016246][T10875] __x64_sys_sendmsg+0x19b/0x260 [ 323.016317][T10875] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 323.016486][T10875] ? rcu_is_watching+0x15/0xb0 [ 323.016535][T10875] ? trace_sys_enter+0x25/0x120 [ 323.016630][T10875] do_syscall_64+0xfa/0x3b0 [ 323.016653][T10875] ? lockdep_hardirqs_on+0x9c/0x150 [ 323.016683][T10875] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.016708][T10875] ? clear_bhb_loop+0x60/0xb0 [ 323.016770][T10875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.016799][T10875] RIP: 0033:0x7f057078e929 [ 323.016829][T10875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.016845][T10875] RSP: 002b:00007f05715f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 323.016864][T10875] RAX: ffffffffffffffda RBX: 00007f05709b5fa0 RCX: 00007f057078e929 [ 323.016878][T10875] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000005 [ 323.016890][T10875] RBP: 00007f05715f6090 R08: 0000000000000000 R09: 0000000000000000 [ 323.016901][T10875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 323.016912][T10875] R13: 0000000000000000 R14: 00007f05709b5fa0 R15: 00007ffe80584128 [ 323.017078][T10875] [ 323.853753][T10890] netlink: 'syz.2.1681': attribute type 29 has an invalid length. [ 324.069583][T10903] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1684'. [ 324.111176][T10903] netlink: zone id is out of range [ 324.116411][T10903] netlink: zone id is out of range [ 324.130866][T10903] netlink: zone id is out of range [ 324.142091][T10903] netlink: zone id is out of range [ 324.147237][T10903] netlink: zone id is out of range [ 324.191056][T10903] netlink: zone id is out of range [ 324.227924][T10913] netlink: 'syz.3.1688': attribute type 49 has an invalid length. [ 324.339138][T10903] netlink: zone id is out of range [ 324.373327][T10903] netlink: zone id is out of range [ 324.381586][T10903] netlink: zone id is out of range [ 324.391315][T10903] netlink: zone id is out of range [ 324.417656][T10913] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.1688'. [ 325.011442][T10922] netlink: 'syz.2.1692': attribute type 1 has an invalid length. [ 325.050375][T10922] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1692'. [ 325.140523][T10928] netlink: 'syz.0.1694': attribute type 10 has an invalid length. [ 325.203987][T10928] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1694'. [ 325.491116][T10938] netlink: 'syz.3.1701': attribute type 8 has an invalid length. [ 325.538661][T10938] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1701'. [ 325.781761][T10947] netlink: 'syz.0.1703': attribute type 49 has an invalid length. [ 325.835073][T10947] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.1703'. [ 326.444893][T10977] pim6reg1: entered promiscuous mode [ 326.467035][T10977] pim6reg1: entered allmulticast mode [ 327.526076][T10996] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1722'. [ 327.796450][T11005] sit0: left promiscuous mode [ 327.866700][T10998] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1723'. [ 328.013526][T11011] sit0: left promiscuous mode [ 328.117401][T11013] sit0: entered promiscuous mode [ 328.251662][T11018] FAULT_INJECTION: forcing a failure. [ 328.251662][T11018] name failslab, interval 1, probability 0, space 0, times 0 [ 328.340629][T11018] CPU: 0 UID: 0 PID: 11018 Comm: syz.0.1730 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 328.340655][T11018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.340667][T11018] Call Trace: [ 328.340676][T11018] [ 328.340685][T11018] dump_stack_lvl+0x189/0x250 [ 328.340723][T11018] ? __pfx____ratelimit+0x10/0x10 [ 328.340745][T11018] ? __pfx_dump_stack_lvl+0x10/0x10 [ 328.340778][T11018] ? __pfx__printk+0x10/0x10 [ 328.340841][T11018] should_fail_ex+0x414/0x560 [ 328.340884][T11018] should_failslab+0xa8/0x100 [ 328.340915][T11018] kmem_cache_alloc_noprof+0x73/0x3c0 [ 328.340937][T11018] ? skb_clone+0x212/0x3a0 [ 328.340983][T11018] skb_clone+0x212/0x3a0 [ 328.341023][T11018] __netlink_deliver_tap+0x404/0x850 [ 328.341082][T11018] ? netlink_deliver_tap+0x2e/0x1b0 [ 328.341114][T11018] netlink_deliver_tap+0x19c/0x1b0 [ 328.341146][T11018] netlink_sendskb+0x68/0x140 [ 328.341178][T11018] netlink_rcv_skb+0x28c/0x470 [ 328.341207][T11018] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 328.341237][T11018] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 328.341300][T11018] ? netlink_deliver_tap+0x2e/0x1b0 [ 328.341325][T11018] ? netlink_deliver_tap+0x2e/0x1b0 [ 328.341368][T11018] netlink_unicast+0x758/0x8d0 [ 328.341421][T11018] netlink_sendmsg+0x805/0xb30 [ 328.341474][T11018] ? __pfx_netlink_sendmsg+0x10/0x10 [ 328.341511][T11018] ? aa_sock_msg_perm+0x94/0x160 [ 328.341546][T11018] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 328.341574][T11018] ? __pfx_netlink_sendmsg+0x10/0x10 [ 328.341610][T11018] __sock_sendmsg+0x219/0x270 [ 328.341643][T11018] ____sys_sendmsg+0x505/0x830 [ 328.341688][T11018] ? __pfx_____sys_sendmsg+0x10/0x10 [ 328.341743][T11018] ? import_iovec+0x74/0xa0 [ 328.341778][T11018] ___sys_sendmsg+0x21f/0x2a0 [ 328.341814][T11018] ? __pfx____sys_sendmsg+0x10/0x10 [ 328.341920][T11018] ? __fget_files+0x2a/0x420 [ 328.341990][T11018] ? __fget_files+0x2a/0x420 [ 328.342018][T11018] ? __fget_files+0x3a0/0x420 [ 328.342082][T11018] __x64_sys_sendmsg+0x19b/0x260 [ 328.342126][T11018] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 328.342190][T11018] ? __pfx_ksys_write+0x10/0x10 [ 328.342212][T11018] ? rcu_is_watching+0x15/0xb0 [ 328.342265][T11018] ? do_syscall_64+0xbe/0x3b0 [ 328.342304][T11018] do_syscall_64+0xfa/0x3b0 [ 328.342326][T11018] ? lockdep_hardirqs_on+0x9c/0x150 [ 328.342350][T11018] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.342373][T11018] ? clear_bhb_loop+0x60/0xb0 [ 328.342409][T11018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.342432][T11018] RIP: 0033:0x7ff7bbf8e929 [ 328.342455][T11018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.342474][T11018] RSP: 002b:00007ff7bce06038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 328.342497][T11018] RAX: ffffffffffffffda RBX: 00007ff7bc1b5fa0 RCX: 00007ff7bbf8e929 [ 328.342513][T11018] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004 [ 328.342526][T11018] RBP: 00007ff7bce06090 R08: 0000000000000000 R09: 0000000000000000 [ 328.342540][T11018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 328.342552][T11018] R13: 0000000000000000 R14: 00007ff7bc1b5fa0 R15: 00007ffe3e073d38 [ 328.342626][T11018] [ 328.991677][T11028] netlink: 24032 bytes leftover after parsing attributes in process `syz.3.1734'. [ 329.000957][T11028] netlink: 104088 bytes leftover after parsing attributes in process `syz.3.1734'. [ 329.330169][T11040] __nla_validate_parse: 1 callbacks suppressed [ 329.330187][T11040] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1738'. [ 331.164661][T11065] netlink: 24032 bytes leftover after parsing attributes in process `syz.3.1746'. [ 331.174020][T11065] netlink: 104088 bytes leftover after parsing attributes in process `syz.3.1746'. [ 331.191383][T11065] netlink: 24032 bytes leftover after parsing attributes in process `syz.3.1746'. [ 331.271166][T11071] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1748'. [ 331.295833][T11075] netlink: 'syz.4.1751': attribute type 16 has an invalid length. [ 331.304431][T11075] netlink: 'syz.4.1751': attribute type 3 has an invalid length. [ 331.313823][T11075] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1751'. [ 332.982102][T11109] netlink: 'syz.0.1763': attribute type 4 has an invalid length. [ 333.180214][T11114] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1764'. [ 333.413803][T11119] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1767'. [ 333.988042][T11132] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1770'. [ 334.031134][T11132] net_ratelimit: 77 callbacks suppressed [ 334.031150][T11132] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 334.354676][T11141] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1774'. [ 334.373066][T11143] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1775'. [ 334.424974][T11141] bridge0: port 4(dummy0) entered disabled state [ 334.609536][T11141] dummy0 (unregistering): left allmulticast mode [ 334.616748][T11141] bridge0: port 4(dummy0) entered disabled state [ 334.742598][T11151] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1776'. [ 334.856119][T11151] netlink: zone id is out of range [ 334.861620][T11151] netlink: get zone limit has 8 unknown bytes [ 335.743648][T11172] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1787'. [ 335.769704][T11172] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 335.805066][T11176] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1788'. [ 335.840331][T11176] netlink: zone id is out of range [ 335.854147][T11176] netlink: get zone limit has 8 unknown bytes [ 336.060888][T11179] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1790'. [ 336.098185][T11179] netlink: 'syz.0.1790': attribute type 21 has an invalid length. [ 336.129200][T11179] netlink: 'syz.0.1790': attribute type 3 has an invalid length. [ 336.138124][T11179] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1790'. [ 336.287642][T11190] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1794'. [ 336.352404][T11190] netlink: zone id is out of range [ 336.389876][T11190] netlink: zone id is out of range [ 336.401403][T11190] netlink: get zone limit has 8 unknown bytes [ 337.282190][T11204] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1800'. [ 337.301743][T11204] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 337.391434][T11213] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1803'. [ 337.812409][T11224] syz_tun: refused to change device tx_queue_len [ 339.755719][T11266] __nla_validate_parse: 3 callbacks suppressed [ 339.755754][T11266] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1826'. [ 339.855174][T11273] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1828'. [ 339.877757][T11273] net_ratelimit: 4 callbacks suppressed [ 339.877770][T11273] netlink: zone id is out of range [ 339.896668][T11273] netlink: zone id is out of range [ 339.903981][T11273] netlink: zone id is out of range [ 339.909214][T11273] netlink: zone id is out of range [ 339.935590][T11273] netlink: zone id is out of range [ 339.940748][T11273] netlink: zone id is out of range [ 339.948398][T11273] netlink: zone id is out of range [ 339.953765][T11273] netlink: zone id is out of range [ 339.959087][T11273] netlink: zone id is out of range [ 339.964372][T11273] netlink: zone id is out of range [ 340.067555][T11281] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1832'. [ 340.163428][T11282] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1831'. [ 340.318083][T11285] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1833'. [ 340.871715][T11299] FAULT_INJECTION: forcing a failure. [ 340.871715][T11299] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 340.903060][T11299] CPU: 1 UID: 0 PID: 11299 Comm: syz.3.1839 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 340.903099][T11299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 340.903111][T11299] Call Trace: [ 340.903123][T11299] [ 340.903136][T11299] dump_stack_lvl+0x189/0x250 [ 340.903182][T11299] ? __pfx____ratelimit+0x10/0x10 [ 340.903215][T11299] ? __pfx_dump_stack_lvl+0x10/0x10 [ 340.903258][T11299] ? __pfx__printk+0x10/0x10 [ 340.903324][T11299] ? __might_fault+0xb0/0x130 [ 340.903395][T11299] should_fail_ex+0x414/0x560 [ 340.903469][T11299] _copy_to_user+0x31/0xb0 [ 340.903518][T11299] simple_read_from_buffer+0xe1/0x170 [ 340.903583][T11299] proc_fail_nth_read+0x1df/0x250 [ 340.903642][T11299] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 340.903701][T11299] ? rw_verify_area+0x258/0x650 [ 340.903730][T11299] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 340.903779][T11299] vfs_read+0x200/0x980 [ 340.903851][T11299] ? __pfx___mutex_lock+0x10/0x10 [ 340.903887][T11299] ? __pfx_vfs_read+0x10/0x10 [ 340.903937][T11299] ? __fget_files+0x2a/0x420 [ 340.904005][T11299] ? __fget_files+0x3a0/0x420 [ 340.904032][T11299] ? __fget_files+0x2a/0x420 [ 340.904127][T11299] ksys_read+0x145/0x250 [ 340.904180][T11299] ? __pfx_ksys_read+0x10/0x10 [ 340.904196][T11299] ? rcu_is_watching+0x15/0xb0 [ 340.904270][T11299] ? do_syscall_64+0xbe/0x3b0 [ 340.904333][T11299] do_syscall_64+0xfa/0x3b0 [ 340.904353][T11299] ? lockdep_hardirqs_on+0x9c/0x150 [ 340.904380][T11299] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.904403][T11299] ? clear_bhb_loop+0x60/0xb0 [ 340.904453][T11299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.904475][T11299] RIP: 0033:0x7f057078d33c [ 340.904500][T11299] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 340.904516][T11299] RSP: 002b:00007f05715f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 340.904536][T11299] RAX: ffffffffffffffda RBX: 00007f05709b5fa0 RCX: 00007f057078d33c [ 340.904549][T11299] RDX: 000000000000000f RSI: 00007f05715f60a0 RDI: 0000000000000005 [ 340.904561][T11299] RBP: 00007f05715f6090 R08: 0000000000000000 R09: 0000000000000000 [ 340.904573][T11299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 340.904583][T11299] R13: 0000000000000000 R14: 00007f05709b5fa0 R15: 00007ffe80584128 [ 340.904708][T11299] [ 341.706525][T11309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1843'. [ 341.808870][T11314] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1844'. [ 342.310681][T11326] FAULT_INJECTION: forcing a failure. [ 342.310681][T11326] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.363877][T11326] CPU: 1 UID: 0 PID: 11326 Comm: syz.4.1849 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 342.363901][T11326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 342.363913][T11326] Call Trace: [ 342.363923][T11326] [ 342.363933][T11326] dump_stack_lvl+0x189/0x250 [ 342.363973][T11326] ? __pfx____ratelimit+0x10/0x10 [ 342.364001][T11326] ? __pfx_dump_stack_lvl+0x10/0x10 [ 342.364037][T11326] ? __pfx__printk+0x10/0x10 [ 342.364084][T11326] ? __might_fault+0xb0/0x130 [ 342.364169][T11326] should_fail_ex+0x414/0x560 [ 342.364228][T11326] _copy_from_user+0x2d/0xb0 [ 342.364261][T11326] __sys_bpf+0x1ed/0x860 [ 342.364308][T11326] ? __pfx___sys_bpf+0x10/0x10 [ 342.364433][T11326] ? ksys_write+0x22a/0x250 [ 342.364487][T11326] ? __pfx_ksys_write+0x10/0x10 [ 342.364503][T11326] ? rcu_is_watching+0x15/0xb0 [ 342.364571][T11326] __x64_sys_bpf+0x7c/0x90 [ 342.364606][T11326] do_syscall_64+0xfa/0x3b0 [ 342.364625][T11326] ? lockdep_hardirqs_on+0x9c/0x150 [ 342.364647][T11326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.364668][T11326] ? clear_bhb_loop+0x60/0xb0 [ 342.364706][T11326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.364725][T11326] RIP: 0033:0x7f6d8ab8e929 [ 342.364747][T11326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.364763][T11326] RSP: 002b:00007f6d8ba2c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 342.364782][T11326] RAX: ffffffffffffffda RBX: 00007f6d8adb5fa0 RCX: 00007f6d8ab8e929 [ 342.364795][T11326] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005 [ 342.364807][T11326] RBP: 00007f6d8ba2c090 R08: 0000000000000000 R09: 0000000000000000 [ 342.364818][T11326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.364829][T11326] R13: 0000000000000001 R14: 00007f6d8adb5fa0 R15: 00007fffe8dfe988 [ 342.364920][T11326] [ 342.818555][T11329] ªªªªªª: renamed from vlan0 (while UP) [ 343.145183][T11338] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1852'. [ 343.165969][T11338] netlink: 'syz.4.1852': attribute type 21 has an invalid length. [ 343.231571][T11340] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1854'. [ 343.239797][T11338] netlink: 'syz.4.1852': attribute type 3 has an invalid length. [ 343.286300][T11338] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1852'. [ 343.665898][T11359] netlink: 'syz.0.1857': attribute type 2 has an invalid length. [ 343.685410][T11359] netlink: 'syz.0.1857': attribute type 8 has an invalid length. [ 343.897507][T11365] netlink: 'syz.4.1861': attribute type 39 has an invalid length. [ 344.465540][T11371] delete_channel: no stack [ 344.706916][T11392] netlink: 'syz.3.1871': attribute type 21 has an invalid length. [ 344.760438][T11392] netlink: 'syz.3.1871': attribute type 3 has an invalid length. [ 344.770330][T11392] __nla_validate_parse: 8 callbacks suppressed [ 344.770347][T11392] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1871'. [ 346.187419][T11443] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1887'. [ 346.228420][T11443] netlink: 'syz.4.1887': attribute type 21 has an invalid length. [ 346.238007][T11443] netlink: 'syz.4.1887': attribute type 3 has an invalid length. [ 346.261255][T11443] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1887'. [ 346.768782][T11460] netlink: 'syz.0.1889': attribute type 10 has an invalid length. [ 346.786983][T11460] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1889'. [ 346.844844][T11462] team0: Device ipvlan1 failed to register rx_handler [ 347.232845][T11477] netlink: 24032 bytes leftover after parsing attributes in process `syz.2.1896'. [ 347.242493][T11477] netlink: 104088 bytes leftover after parsing attributes in process `syz.2.1896'. [ 347.253580][T11477] netlink: 24032 bytes leftover after parsing attributes in process `syz.2.1896'. [ 347.277001][T11478] FAULT_INJECTION: forcing a failure. [ 347.277001][T11478] name failslab, interval 1, probability 0, space 0, times 0 [ 347.289775][T11478] CPU: 0 UID: 0 PID: 11478 Comm: syz.3.1898 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 347.289798][T11478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 347.289809][T11478] Call Trace: [ 347.289817][T11478] [ 347.289824][T11478] dump_stack_lvl+0x189/0x250 [ 347.289858][T11478] ? __pfx____ratelimit+0x10/0x10 [ 347.289877][T11478] ? __pfx_dump_stack_lvl+0x10/0x10 [ 347.289906][T11478] ? __pfx__printk+0x10/0x10 [ 347.289934][T11478] ? __pfx___might_resched+0x10/0x10 [ 347.289960][T11478] ? fs_reclaim_acquire+0x7d/0x100 [ 347.289990][T11478] should_fail_ex+0x414/0x560 [ 347.290022][T11478] should_failslab+0xa8/0x100 [ 347.290047][T11478] __kmalloc_noprof+0xcb/0x4f0 [ 347.290066][T11478] ? security_sk_alloc+0x52/0x390 [ 347.290092][T11478] security_sk_alloc+0x52/0x390 [ 347.290116][T11478] sk_prot_alloc+0x101/0x220 [ 347.290138][T11478] ? sk_alloc+0x24/0x370 [ 347.290163][T11478] sk_alloc+0x3a/0x370 [ 347.290185][T11478] ? bpf_ctx_init+0x167/0x1d0 [ 347.290211][T11478] bpf_prog_test_run_skb+0x2ed/0x1560 [ 347.290233][T11478] ? __fget_files+0x2a/0x420 [ 347.290272][T11478] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 347.290297][T11478] bpf_prog_test_run+0x2c4/0x340 [ 347.290329][T11478] __sys_bpf+0x4a4/0x860 [ 347.290356][T11478] ? __pfx___sys_bpf+0x10/0x10 [ 347.290396][T11478] ? ksys_write+0x22a/0x250 [ 347.290418][T11478] ? __pfx_ksys_write+0x10/0x10 [ 347.290435][T11478] ? rcu_is_watching+0x15/0xb0 [ 347.290472][T11478] __x64_sys_bpf+0x7c/0x90 [ 347.290496][T11478] do_syscall_64+0xfa/0x3b0 [ 347.290514][T11478] ? lockdep_hardirqs_on+0x9c/0x150 [ 347.290531][T11478] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.290549][T11478] ? clear_bhb_loop+0x60/0xb0 [ 347.290573][T11478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.290590][T11478] RIP: 0033:0x7f057078e929 [ 347.290606][T11478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.290623][T11478] RSP: 002b:00007f05715d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 347.290643][T11478] RAX: ffffffffffffffda RBX: 00007f05709b6080 RCX: 00007f057078e929 [ 347.290656][T11478] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a [ 347.290667][T11478] RBP: 00007f05715d5090 R08: 0000000000000000 R09: 0000000000000000 [ 347.290678][T11478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 347.290689][T11478] R13: 0000000000000000 R14: 00007f05709b6080 R15: 00007ffe80584128 [ 347.290721][T11478] [ 347.309189][T11479] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1897'. [ 347.560545][T11479] net_ratelimit: 162 callbacks suppressed [ 347.560562][T11479] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 347.961368][T11493] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1902'. [ 348.746079][T11502] sit0: left allmulticast mode [ 348.755981][T11506] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1907'. [ 349.449404][T11534] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 350.067876][T11549] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 350.074350][T11549] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 350.208226][T11557] validate_nla: 2 callbacks suppressed [ 350.208240][T11557] netlink: 'syz.3.1924': attribute type 10 has an invalid length. [ 350.259637][T11557] __nla_validate_parse: 1 callbacks suppressed [ 350.259650][T11557] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1924'. [ 350.296362][T11559] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1925'. [ 350.315532][T11559] netlink: 'syz.4.1925': attribute type 21 has an invalid length. [ 350.326510][T11559] netlink: 'syz.4.1925': attribute type 3 has an invalid length. [ 350.337467][T11559] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1925'. [ 350.350299][T11563] netlink: 'syz.1.1927': attribute type 29 has an invalid length. [ 350.361485][T11557] ipvlan1: entered promiscuous mode [ 350.366794][T11557] ipvlan1: entered allmulticast mode [ 350.381251][T11557] veth0_vlan: entered allmulticast mode [ 350.398423][T11557] bridge0: port 4(ipvlan1) entered blocking state [ 350.410873][T11557] bridge0: port 4(ipvlan1) entered disabled state [ 350.430591][T11557] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 350.466967][T11563] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.1927'. [ 350.478028][T11566] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1928'. [ 350.496565][T11566] netlink: 'syz.2.1928': attribute type 21 has an invalid length. [ 350.537936][T11566] netlink: 'syz.2.1928': attribute type 3 has an invalid length. [ 350.566688][T11566] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1928'. [ 350.627219][T11573] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1929'. [ 351.260020][T11588] FAULT_INJECTION: forcing a failure. [ 351.260020][T11588] name failslab, interval 1, probability 0, space 0, times 0 [ 351.290512][T11588] CPU: 1 UID: 0 PID: 11588 Comm: syz.3.1933 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 351.290537][T11588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 351.290549][T11588] Call Trace: [ 351.290556][T11588] [ 351.290564][T11588] dump_stack_lvl+0x189/0x250 [ 351.290597][T11588] ? __pfx____ratelimit+0x10/0x10 [ 351.290616][T11588] ? __pfx_dump_stack_lvl+0x10/0x10 [ 351.290644][T11588] ? __pfx__printk+0x10/0x10 [ 351.290677][T11588] ? __pfx___might_resched+0x10/0x10 [ 351.290704][T11588] ? fs_reclaim_acquire+0x7d/0x100 [ 351.290733][T11588] should_fail_ex+0x414/0x560 [ 351.290764][T11588] should_failslab+0xa8/0x100 [ 351.290788][T11588] __kmalloc_noprof+0xcb/0x4f0 [ 351.290807][T11588] ? bpf_test_init+0xc2/0x170 [ 351.290833][T11588] bpf_test_init+0xc2/0x170 [ 351.290859][T11588] bpf_prog_test_run_flow_dissector+0x1e1/0x5c0 [ 351.290897][T11588] ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10 [ 351.290924][T11588] ? __fget_files+0x2a/0x420 [ 351.290950][T11588] ? __fget_files+0x2a/0x420 [ 351.290974][T11588] ? __fget_files+0x3a0/0x420 [ 351.290996][T11588] ? __fget_files+0x2a/0x420 [ 351.291023][T11588] ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10 [ 351.291050][T11588] bpf_prog_test_run+0x2c4/0x340 [ 351.291080][T11588] __sys_bpf+0x4a4/0x860 [ 351.291107][T11588] ? __pfx___sys_bpf+0x10/0x10 [ 351.291146][T11588] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 351.291172][T11588] ? __pfx_ksys_write+0x10/0x10 [ 351.291189][T11588] ? rcu_is_watching+0x15/0xb0 [ 351.291224][T11588] __x64_sys_bpf+0x7c/0x90 [ 351.291247][T11588] do_syscall_64+0xfa/0x3b0 [ 351.291265][T11588] ? lockdep_hardirqs_on+0x9c/0x150 [ 351.291282][T11588] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.291300][T11588] ? clear_bhb_loop+0x60/0xb0 [ 351.291322][T11588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.291340][T11588] RIP: 0033:0x7f057078e929 [ 351.291355][T11588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.291371][T11588] RSP: 002b:00007f05715d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 351.291390][T11588] RAX: ffffffffffffffda RBX: 00007f05709b6080 RCX: 00007f057078e929 [ 351.291404][T11588] RDX: 0000000000000050 RSI: 0000200000000940 RDI: 000000000000000a [ 351.291416][T11588] RBP: 00007f05715d5090 R08: 0000000000000000 R09: 0000000000000000 [ 351.291427][T11588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 351.291438][T11588] R13: 0000000000000000 R14: 00007f05709b6080 R15: 00007ffe80584128 [ 351.291466][T11588] [ 351.787510][T11597] sit0: left promiscuous mode [ 351.933180][T11600] netlink: 'syz.0.1940': attribute type 39 has an invalid length. [ 352.057349][T11610] sit0: entered promiscuous mode [ 352.222302][T11617] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1945'. [ 352.435995][T11629] netlink: 'syz.1.1947': attribute type 2 has an invalid length. [ 352.446980][T11629] netlink: 51 bytes leftover after parsing attributes in process `syz.1.1947'. [ 352.518936][T11628] netlink: 'syz.3.1949': attribute type 7 has an invalid length. [ 352.672147][T11641] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1953'. [ 352.706438][T11641] netlink: 'syz.2.1953': attribute type 21 has an invalid length. [ 354.192918][T11689] block nbd7: not configured, cannot reconfigure [ 354.266937][T11692] FAULT_INJECTION: forcing a failure. [ 354.266937][T11692] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 354.280519][T11692] CPU: 1 UID: 0 PID: 11692 Comm: syz.4.1971 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 354.280544][T11692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 354.280555][T11692] Call Trace: [ 354.280563][T11692] [ 354.280571][T11692] dump_stack_lvl+0x189/0x250 [ 354.280605][T11692] ? __pfx____ratelimit+0x10/0x10 [ 354.280623][T11692] ? __pfx_dump_stack_lvl+0x10/0x10 [ 354.280651][T11692] ? __pfx__printk+0x10/0x10 [ 354.280671][T11692] ? __might_fault+0xb0/0x130 [ 354.280702][T11692] should_fail_ex+0x414/0x560 [ 354.280733][T11692] _copy_from_iter+0x1db/0x16f0 [ 354.280755][T11692] ? rcu_is_watching+0x15/0xb0 [ 354.280784][T11692] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 354.280807][T11692] ? __pfx__copy_from_iter+0x10/0x10 [ 354.280826][T11692] ? __build_skb_around+0x257/0x3e0 [ 354.280852][T11692] ? netlink_sendmsg+0x642/0xb30 [ 354.280874][T11692] ? skb_put+0x11b/0x210 [ 354.280901][T11692] netlink_sendmsg+0x6b2/0xb30 [ 354.280933][T11692] ? __pfx_netlink_sendmsg+0x10/0x10 [ 354.280959][T11692] ? irqentry_enter+0x3d/0x60 [ 354.280975][T11692] ? aa_sock_msg_perm+0x94/0x160 [ 354.281003][T11692] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 354.281028][T11692] ? __pfx_netlink_sendmsg+0x10/0x10 [ 354.281052][T11692] __sock_sendmsg+0x219/0x270 [ 354.281074][T11692] ____sys_sendmsg+0x505/0x830 [ 354.281105][T11692] ? __pfx_____sys_sendmsg+0x10/0x10 [ 354.281139][T11692] ? import_iovec+0x74/0xa0 [ 354.281171][T11692] ___sys_sendmsg+0x21f/0x2a0 [ 354.281199][T11692] ? __pfx____sys_sendmsg+0x10/0x10 [ 354.281250][T11692] ? __fget_files+0x2a/0x420 [ 354.281273][T11692] ? __fget_files+0x3a0/0x420 [ 354.281305][T11692] __x64_sys_sendmsg+0x19b/0x260 [ 354.281334][T11692] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 354.281369][T11692] ? __pfx_ksys_write+0x10/0x10 [ 354.281394][T11692] ? do_syscall_64+0xbe/0x3b0 [ 354.281417][T11692] do_syscall_64+0xfa/0x3b0 [ 354.281437][T11692] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.281454][T11692] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 354.281471][T11692] ? clear_bhb_loop+0x60/0xb0 [ 354.281493][T11692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.281506][T11692] RIP: 0033:0x7f6d8ab8e929 [ 354.281518][T11692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.281529][T11692] RSP: 002b:00007f6d8ba2c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 354.281543][T11692] RAX: ffffffffffffffda RBX: 00007f6d8adb5fa0 RCX: 00007f6d8ab8e929 [ 354.281552][T11692] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 354.281560][T11692] RBP: 00007f6d8ba2c090 R08: 0000000000000000 R09: 0000000000000000 [ 354.281568][T11692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 354.281575][T11692] R13: 0000000000000000 R14: 00007f6d8adb5fa0 R15: 00007fffe8dfe988 [ 354.281596][T11692] [ 354.825748][T11706] FAULT_INJECTION: forcing a failure. [ 354.825748][T11706] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 354.839904][T11706] CPU: 1 UID: 0 PID: 11706 Comm: syz.1.1977 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 354.839928][T11706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 354.839940][T11706] Call Trace: [ 354.839947][T11706] [ 354.839954][T11706] dump_stack_lvl+0x189/0x250 [ 354.839987][T11706] ? __pfx____ratelimit+0x10/0x10 [ 354.840005][T11706] ? __pfx_dump_stack_lvl+0x10/0x10 [ 354.840034][T11706] ? __pfx__printk+0x10/0x10 [ 354.840054][T11706] ? __might_fault+0xb0/0x130 [ 354.840085][T11706] should_fail_ex+0x414/0x560 [ 354.840115][T11706] _copy_from_user+0x2d/0xb0 [ 354.840136][T11706] __sys_bpf+0x1ed/0x860 [ 354.840163][T11706] ? __pfx___sys_bpf+0x10/0x10 [ 354.840208][T11706] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 354.840234][T11706] ? __pfx_ksys_write+0x10/0x10 [ 354.840261][T11706] __x64_sys_bpf+0x7c/0x90 [ 354.840283][T11706] do_syscall_64+0xfa/0x3b0 [ 354.840303][T11706] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.840320][T11706] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 354.840338][T11706] ? clear_bhb_loop+0x60/0xb0 [ 354.840361][T11706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.840378][T11706] RIP: 0033:0x7f2d8af8e929 [ 354.840394][T11706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.840410][T11706] RSP: 002b:00007f2d8bd2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 354.840429][T11706] RAX: ffffffffffffffda RBX: 00007f2d8b1b5fa0 RCX: 00007f2d8af8e929 [ 354.840443][T11706] RDX: 0000000000000090 RSI: 0000200000000180 RDI: 0000000000000005 [ 354.840454][T11706] RBP: 00007f2d8bd2a090 R08: 0000000000000000 R09: 0000000000000000 [ 354.840465][T11706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 354.840476][T11706] R13: 0000000000000000 R14: 00007f2d8b1b5fa0 R15: 00007ffcecb61948 [ 354.840504][T11706] [ 355.257924][T11719] validate_nla: 7 callbacks suppressed [ 355.257941][T11719] netlink: 'syz.3.1980': attribute type 21 has an invalid length. [ 355.271461][T11719] __nla_validate_parse: 6 callbacks suppressed [ 355.271474][T11719] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1980'. [ 355.288987][T11719] netlink: 'syz.3.1980': attribute type 5 has an invalid length. [ 355.298587][T11719] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1980'. [ 355.341822][T11710] netlink: 'syz.3.1980': attribute type 39 has an invalid length. [ 355.668099][T11736] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1988'. [ 355.689934][T11736] netlink: 'syz.4.1988': attribute type 21 has an invalid length. [ 355.698577][T11736] netlink: 'syz.4.1988': attribute type 3 has an invalid length. [ 355.710916][T11736] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1988'. [ 355.720914][T11741] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 355.727405][T11741] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 356.013433][T11746] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1992'. [ 356.075110][T11751] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1993'. [ 356.106896][T11752] netlink: 'syz.0.1992': attribute type 21 has an invalid length. [ 356.140038][T11751] netlink: 'syz.3.1993': attribute type 21 has an invalid length. [ 356.148460][T11752] netlink: 'syz.0.1992': attribute type 3 has an invalid length. [ 356.192550][T11752] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1992'. [ 356.213455][T11751] netlink: 'syz.3.1993': attribute type 3 has an invalid length. [ 356.231441][T11751] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1993'. [ 356.256414][T11754] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 356.285426][T11754] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 356.330230][T11766] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1997'. [ 356.458943][T11754] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 356.483167][T11754] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 356.613758][T11770] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1998'. [ 357.009631][T11783] netlink: 'syz.0.2003': attribute type 49 has an invalid length. [ 358.327527][T11812] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 358.334162][T11812] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 358.891581][T11837] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 359.264941][T11855] FAULT_INJECTION: forcing a failure. [ 359.264941][T11855] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 359.319485][T11855] CPU: 0 UID: 0 PID: 11855 Comm: syz.3.2031 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 359.319511][T11855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 359.319522][T11855] Call Trace: [ 359.319530][T11855] [ 359.319538][T11855] dump_stack_lvl+0x189/0x250 [ 359.319571][T11855] ? __pfx____ratelimit+0x10/0x10 [ 359.319590][T11855] ? __pfx_dump_stack_lvl+0x10/0x10 [ 359.319619][T11855] ? __pfx__printk+0x10/0x10 [ 359.319641][T11855] ? fs_reclaim_acquire+0x7d/0x100 [ 359.319677][T11855] should_fail_ex+0x414/0x560 [ 359.319710][T11855] prepare_alloc_pages+0x213/0x610 [ 359.319743][T11855] __alloc_frozen_pages_noprof+0x123/0x370 [ 359.319774][T11855] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 359.319812][T11855] ? policy_nodemask+0x27c/0x720 [ 359.319831][T11855] ? __lock_acquire+0xab9/0xd20 [ 359.319862][T11855] alloc_pages_bulk_noprof+0x560/0x710 [ 359.319896][T11855] ? alloc_pages_noprof+0xbe/0x190 [ 359.319922][T11855] kasan_populate_vmalloc+0xba/0x1a0 [ 359.319948][T11855] alloc_vmap_area+0xd51/0x1490 [ 359.319993][T11855] ? __pfx_alloc_vmap_area+0x10/0x10 [ 359.320014][T11855] ? __kasan_kmalloc+0x93/0xb0 [ 359.320034][T11855] ? __kmalloc_cache_node_noprof+0x234/0x3d0 [ 359.320055][T11855] ? __sys_bpf+0x67e/0x860 [ 359.320076][T11855] ? __get_vm_area_node+0x13f/0x300 [ 359.320096][T11855] ? dev_map_alloc+0x1c9/0x540 [ 359.320114][T11855] __get_vm_area_node+0x1f8/0x300 [ 359.320141][T11855] __vmalloc_node_range_noprof+0x301/0x12f0 [ 359.320164][T11855] ? dev_map_alloc+0x1c9/0x540 [ 359.320211][T11855] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 359.320234][T11855] ? rcu_is_watching+0x15/0xb0 [ 359.320261][T11855] ? trace_kmalloc+0x1f/0xd0 [ 359.320278][T11855] ? __kmalloc_node_noprof+0x293/0x4e0 [ 359.320295][T11855] ? bpf_map_area_alloc+0x64/0x180 [ 359.320324][T11855] bpf_map_area_alloc+0x12d/0x180 [ 359.320349][T11855] ? dev_map_alloc+0x1c9/0x540 [ 359.320369][T11855] dev_map_alloc+0x1c9/0x540 [ 359.320392][T11855] map_create+0x900/0x1150 [ 359.320420][T11855] ? security_bpf+0x7e/0x300 [ 359.320445][T11855] __sys_bpf+0x67e/0x860 [ 359.320471][T11855] ? __pfx___sys_bpf+0x10/0x10 [ 359.320510][T11855] ? ksys_write+0x22a/0x250 [ 359.320533][T11855] ? __pfx_ksys_write+0x10/0x10 [ 359.320550][T11855] ? rcu_is_watching+0x15/0xb0 [ 359.320586][T11855] __x64_sys_bpf+0x7c/0x90 [ 359.320609][T11855] do_syscall_64+0xfa/0x3b0 [ 359.320627][T11855] ? lockdep_hardirqs_on+0x9c/0x150 [ 359.320645][T11855] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.320664][T11855] ? clear_bhb_loop+0x60/0xb0 [ 359.320687][T11855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.320705][T11855] RIP: 0033:0x7f057078e929 [ 359.320721][T11855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.320738][T11855] RSP: 002b:00007f05715d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 359.320757][T11855] RAX: ffffffffffffffda RBX: 00007f05709b6080 RCX: 00007f057078e929 [ 359.320771][T11855] RDX: 0000000000000048 RSI: 0000200000000580 RDI: 0000000000000000 [ 359.320782][T11855] RBP: 00007f05715d5090 R08: 0000000000000000 R09: 0000000000000000 [ 359.320794][T11855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 359.320805][T11855] R13: 0000000000000000 R14: 00007f05709b6080 R15: 00007ffe80584128 [ 359.320837][T11855] [ 360.154993][T11880] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 360.409173][T11886] __nla_validate_parse: 13 callbacks suppressed [ 360.409195][T11886] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2042'. [ 360.469083][T11890] validate_nla: 11 callbacks suppressed [ 360.469100][T11890] netlink: 'syz.1.2043': attribute type 21 has an invalid length. [ 360.970672][T11907] netlink: 'syz.2.2051': attribute type 41 has an invalid length. [ 360.978720][T11907] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2051'. [ 361.604019][T11920] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2054'. [ 361.638630][T11924] netlink: 24032 bytes leftover after parsing attributes in process `syz.2.2055'. [ 361.706154][T11920] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 361.719587][T11924] netlink: 104088 bytes leftover after parsing attributes in process `syz.2.2055'. [ 361.779443][T11924] netlink: 24032 bytes leftover after parsing attributes in process `syz.2.2055'. [ 362.594803][T11951] FAULT_INJECTION: forcing a failure. [ 362.594803][T11951] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 362.618199][T11951] CPU: 1 UID: 0 PID: 11951 Comm: syz.4.2062 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 362.618223][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 362.618234][T11951] Call Trace: [ 362.618241][T11951] [ 362.618249][T11951] dump_stack_lvl+0x189/0x250 [ 362.618282][T11951] ? __pfx____ratelimit+0x10/0x10 [ 362.618301][T11951] ? __pfx_dump_stack_lvl+0x10/0x10 [ 362.618330][T11951] ? __pfx__printk+0x10/0x10 [ 362.618363][T11951] should_fail_ex+0x414/0x560 [ 362.618393][T11951] _copy_from_user+0x2d/0xb0 [ 362.618416][T11951] bpf_test_init+0xf8/0x170 [ 362.618442][T11951] bpf_prog_test_run_flow_dissector+0x1e1/0x5c0 [ 362.618508][T11951] ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10 [ 362.618538][T11951] ? __fget_files+0x2a/0x420 [ 362.618577][T11951] ? __fget_files+0x2a/0x420 [ 362.618598][T11951] ? __fget_files+0x3a0/0x420 [ 362.618620][T11951] ? __fget_files+0x2a/0x420 [ 362.618647][T11951] ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10 [ 362.618673][T11951] bpf_prog_test_run+0x2c4/0x340 [ 362.618703][T11951] __sys_bpf+0x4a4/0x860 [ 362.618729][T11951] ? __pfx___sys_bpf+0x10/0x10 [ 362.618767][T11951] ? ksys_write+0x22a/0x250 [ 362.618790][T11951] ? __pfx_ksys_write+0x10/0x10 [ 362.618806][T11951] ? rcu_is_watching+0x15/0xb0 [ 362.618842][T11951] __x64_sys_bpf+0x7c/0x90 [ 362.618865][T11951] do_syscall_64+0xfa/0x3b0 [ 362.618883][T11951] ? lockdep_hardirqs_on+0x9c/0x150 [ 362.618899][T11951] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.618918][T11951] ? clear_bhb_loop+0x60/0xb0 [ 362.618939][T11951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.618957][T11951] RIP: 0033:0x7f6d8ab8e929 [ 362.618973][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.618989][T11951] RSP: 002b:00007f6d8ba0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 362.619008][T11951] RAX: ffffffffffffffda RBX: 00007f6d8adb6080 RCX: 00007f6d8ab8e929 [ 362.619021][T11951] RDX: 0000000000000050 RSI: 0000200000000940 RDI: 000000000000000a [ 362.619033][T11951] RBP: 00007f6d8ba0b090 R08: 0000000000000000 R09: 0000000000000000 [ 362.619044][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.619053][T11951] R13: 0000000000000000 R14: 00007f6d8adb6080 R15: 00007fffe8dfe988 [ 362.619080][T11951] [ 362.865637][T11954] netlink: 'syz.3.2063': attribute type 33 has an invalid length. [ 363.120698][T11959] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2066'. [ 363.147971][T11959] netlink: 'syz.0.2066': attribute type 21 has an invalid length. [ 363.157174][T11959] netlink: 'syz.0.2066': attribute type 3 has an invalid length. [ 363.167432][T11959] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2066'. [ 363.182130][T11963] netlink: 24032 bytes leftover after parsing attributes in process `syz.1.2068'. [ 363.191604][T11963] netlink: 104088 bytes leftover after parsing attributes in process `syz.1.2068'. [ 364.747193][T12013] netlink: 'syz.0.2085': attribute type 21 has an invalid length. [ 364.791451][T12013] netlink: 'syz.0.2085': attribute type 3 has an invalid length. [ 365.713877][T11930] delete_channel: no stack [ 366.076982][T12035] FAULT_INJECTION: forcing a failure. [ 366.076982][T12035] name failslab, interval 1, probability 0, space 0, times 0 [ 366.119159][T12035] CPU: 0 UID: 0 PID: 12035 Comm: syz.4.2090 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 366.119185][T12035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.119196][T12035] Call Trace: [ 366.119203][T12035] [ 366.119211][T12035] dump_stack_lvl+0x189/0x250 [ 366.119243][T12035] ? __pfx____ratelimit+0x10/0x10 [ 366.119262][T12035] ? __pfx_dump_stack_lvl+0x10/0x10 [ 366.119290][T12035] ? __pfx__printk+0x10/0x10 [ 366.119317][T12035] ? ref_tracker_alloc+0x318/0x460 [ 366.119347][T12035] should_fail_ex+0x414/0x560 [ 366.119377][T12035] should_failslab+0xa8/0x100 [ 366.119401][T12035] kmem_cache_alloc_noprof+0x73/0x3c0 [ 366.119421][T12035] ? skb_clone+0x212/0x3a0 [ 366.119453][T12035] skb_clone+0x212/0x3a0 [ 366.119483][T12035] __netlink_deliver_tap+0x404/0x850 [ 366.119518][T12035] ? netlink_deliver_tap+0x2e/0x1b0 [ 366.119543][T12035] netlink_deliver_tap+0x19c/0x1b0 [ 366.119568][T12035] netlink_unicast+0x72f/0x8d0 [ 366.119601][T12035] netlink_sendmsg+0x805/0xb30 [ 366.119633][T12035] ? __pfx_netlink_sendmsg+0x10/0x10 [ 366.119661][T12035] ? aa_sock_msg_perm+0x94/0x160 [ 366.119689][T12035] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 366.119714][T12035] ? __pfx_netlink_sendmsg+0x10/0x10 [ 366.119739][T12035] __sock_sendmsg+0x219/0x270 [ 366.119761][T12035] ____sys_sendmsg+0x505/0x830 [ 366.119792][T12035] ? __pfx_____sys_sendmsg+0x10/0x10 [ 366.119826][T12035] ? import_iovec+0x74/0xa0 [ 366.119850][T12035] ___sys_sendmsg+0x21f/0x2a0 [ 366.119878][T12035] ? __pfx____sys_sendmsg+0x10/0x10 [ 366.119938][T12035] ? __fget_files+0x2a/0x420 [ 366.119960][T12035] ? __fget_files+0x3a0/0x420 [ 366.119993][T12035] __x64_sys_sendmsg+0x19b/0x260 [ 366.120022][T12035] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 366.120057][T12035] ? __pfx_ksys_write+0x10/0x10 [ 366.120082][T12035] ? do_syscall_64+0xbe/0x3b0 [ 366.120105][T12035] do_syscall_64+0xfa/0x3b0 [ 366.120124][T12035] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.120141][T12035] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 366.120166][T12035] ? clear_bhb_loop+0x60/0xb0 [ 366.120187][T12035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.120205][T12035] RIP: 0033:0x7f6d8ab8e929 [ 366.120221][T12035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.120237][T12035] RSP: 002b:00007f6d8ba0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 366.120257][T12035] RAX: ffffffffffffffda RBX: 00007f6d8adb6080 RCX: 00007f6d8ab8e929 [ 366.120270][T12035] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 366.120282][T12035] RBP: 00007f6d8ba0b090 R08: 0000000000000000 R09: 0000000000000000 [ 366.120293][T12035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 366.120303][T12035] R13: 0000000000000000 R14: 00007f6d8adb6080 R15: 00007fffe8dfe988 [ 366.120333][T12035] [ 366.120655][T12035] netlink: 'syz.4.2090': attribute type 39 has an invalid length. [ 366.699921][T12048] __nla_validate_parse: 7 callbacks suppressed [ 366.699937][T12048] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2096'. [ 366.756275][T12050] netlink: 24032 bytes leftover after parsing attributes in process `syz.1.2095'. [ 366.765672][T12050] netlink: 104088 bytes leftover after parsing attributes in process `syz.1.2095'. [ 366.807357][T12050] netlink: 24032 bytes leftover after parsing attributes in process `syz.1.2095'. [ 367.178208][T12075] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2105'. [ 367.208151][T12075] netlink: 'syz.4.2105': attribute type 21 has an invalid length. [ 367.226597][T12075] netlink: 'syz.4.2105': attribute type 3 has an invalid length. [ 367.295838][T12077] netlink: 'syz.2.2107': attribute type 10 has an invalid length. [ 367.314355][T12075] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2105'. [ 367.752907][T12099] netlink: 'syz.3.2112': attribute type 29 has an invalid length. [ 367.804677][T12101] netlink: 24032 bytes leftover after parsing attributes in process `syz.4.2113'. [ 367.835190][T12101] netlink: 104088 bytes leftover after parsing attributes in process `syz.4.2113'. [ 367.857041][T12101] netlink: 24032 bytes leftover after parsing attributes in process `syz.4.2113'. [ 367.992848][ T51] Bluetooth: hci0: unexpected event 0x04 length: 15 > 10 [ 367.993126][ T51] Bluetooth: hci0: connection err: -111 [ 368.044653][T12107] FAULT_INJECTION: forcing a failure. [ 368.044653][T12107] name failslab, interval 1, probability 0, space 0, times 0 [ 368.136563][T12107] CPU: 1 UID: 0 PID: 12107 Comm: syz.1.2115 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 368.136588][T12107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 368.136599][T12107] Call Trace: [ 368.136610][T12107] [ 368.136621][T12107] dump_stack_lvl+0x189/0x250 [ 368.136661][T12107] ? __pfx____ratelimit+0x10/0x10 [ 368.136689][T12107] ? __pfx_dump_stack_lvl+0x10/0x10 [ 368.136730][T12107] ? __pfx__printk+0x10/0x10 [ 368.136790][T12107] ? __pfx___might_resched+0x10/0x10 [ 368.136823][T12107] ? fs_reclaim_acquire+0x7d/0x100 [ 368.136876][T12107] should_fail_ex+0x414/0x560 [ 368.136935][T12107] should_failslab+0xa8/0x100 [ 368.136973][T12107] kmem_cache_alloc_lru_noprof+0x78/0x3d0 [ 368.137005][T12107] ? __d_alloc+0x31/0x6f0 [ 368.137063][T12107] __d_alloc+0x31/0x6f0 [ 368.137097][T12107] ? trace_call_bpf+0xb7/0x850 [ 368.137148][T12107] d_alloc_parallel+0xe0/0x14e0 [ 368.137184][T12107] ? __pfx_trace_call_bpf+0x10/0x10 [ 368.137272][T12107] ? perf_trace_run_bpf_submit+0x100/0x170 [ 368.137331][T12107] ? __pfx_d_alloc_parallel+0x10/0x10 [ 368.137391][T12107] ? __raw_spin_lock_init+0x45/0x100 [ 368.137429][T12107] ? __init_waitqueue_head+0xa9/0x150 [ 368.137480][T12107] __lookup_slow+0x116/0x3d0 [ 368.137530][T12107] ? __pfx___lookup_slow+0x10/0x10 [ 368.137638][T12107] ? down_read+0x1ad/0x2e0 [ 368.137680][T12107] lookup_slow+0x53/0x70 [ 368.137721][T12107] link_path_walk+0x935/0xea0 [ 368.137839][T12107] path_openat+0x28c/0x3830 [ 368.137879][T12107] ? trace_call_bpf+0xb7/0x850 [ 368.138056][T12107] ? __pfx_path_openat+0x10/0x10 [ 368.138076][T12107] ? perf_trace_run_bpf_submit+0x100/0x170 [ 368.138130][T12107] ? perf_trace_lock_acquire+0x335/0x410 [ 368.138222][T12107] do_filp_open+0x1fa/0x410 [ 368.138239][T12107] ? __lock_acquire+0xab9/0xd20 [ 368.138282][T12107] ? __pfx_do_filp_open+0x10/0x10 [ 368.138358][T12107] ? __pfx_kfree_link+0x10/0x10 [ 368.138431][T12107] ? _raw_spin_unlock+0x28/0x50 [ 368.138460][T12107] ? alloc_fd+0x64c/0x6c0 [ 368.138548][T12107] do_sys_openat2+0x121/0x1c0 [ 368.138597][T12107] ? __pfx_do_sys_openat2+0x10/0x10 [ 368.138637][T12107] ? ksys_write+0x22a/0x250 [ 368.138677][T12107] ? __pfx_ksys_write+0x10/0x10 [ 368.138694][T12107] ? rcu_is_watching+0x15/0xb0 [ 368.138747][T12107] __x64_sys_openat+0x138/0x170 [ 368.138809][T12107] do_syscall_64+0xfa/0x3b0 [ 368.138829][T12107] ? lockdep_hardirqs_on+0x9c/0x150 [ 368.138853][T12107] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.138873][T12107] ? clear_bhb_loop+0x60/0xb0 [ 368.138915][T12107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.138934][T12107] RIP: 0033:0x7f2d8af8d290 [ 368.138956][T12107] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 368.138972][T12107] RSP: 002b:00007f2d8bd29f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 368.138998][T12107] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2d8af8d290 [ 368.139011][T12107] RDX: 0000000000000002 RSI: 00007f2d8bd29fa0 RDI: 00000000ffffff9c [ 368.139022][T12107] RBP: 00007f2d8bd29fa0 R08: 0000000000000000 R09: 0000000000000000 [ 368.139034][T12107] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 368.139044][T12107] R13: 0000000000000000 R14: 00007f2d8b1b5fa0 R15: 00007ffcecb61948 [ 368.139135][T12107] [ 368.201609][T12112] FAULT_INJECTION: forcing a failure. [ 368.201609][T12112] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 368.561145][T12112] CPU: 1 UID: 0 PID: 12112 Comm: syz.4.2117 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 368.561172][T12112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 368.561183][T12112] Call Trace: [ 368.561200][T12112] [ 368.561211][T12112] dump_stack_lvl+0x189/0x250 [ 368.561251][T12112] ? __pfx____ratelimit+0x10/0x10 [ 368.561279][T12112] ? __pfx_dump_stack_lvl+0x10/0x10 [ 368.561317][T12112] ? __pfx__printk+0x10/0x10 [ 368.561348][T12112] ? __might_fault+0xb0/0x130 [ 368.561425][T12112] should_fail_ex+0x414/0x560 [ 368.561481][T12112] _copy_from_user+0x2d/0xb0 [ 368.561510][T12112] ___sys_sendmsg+0x158/0x2a0 [ 368.561557][T12112] ? __pfx____sys_sendmsg+0x10/0x10 [ 368.561752][T12112] ? __fget_files+0x2a/0x420 [ 368.561777][T12112] ? __fget_files+0x3a0/0x420 [ 368.561860][T12112] __x64_sys_sendmsg+0x19b/0x260 [ 368.561925][T12112] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 368.562018][T12112] ? __pfx_ksys_write+0x10/0x10 [ 368.562039][T12112] ? rcu_is_watching+0x15/0xb0 [ 368.562108][T12112] ? do_syscall_64+0xbe/0x3b0 [ 368.562158][T12112] do_syscall_64+0xfa/0x3b0 [ 368.562182][T12112] ? lockdep_hardirqs_on+0x9c/0x150 [ 368.562215][T12112] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.562240][T12112] ? clear_bhb_loop+0x60/0xb0 [ 368.562286][T12112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.562310][T12112] RIP: 0033:0x7f6d8ab8e929 [ 368.562336][T12112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.562355][T12112] RSP: 002b:00007f6d8ba2c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 368.562377][T12112] RAX: ffffffffffffffda RBX: 00007f6d8adb5fa0 RCX: 00007f6d8ab8e929 [ 368.562393][T12112] RDX: 0000000000000000 RSI: 0000200000007940 RDI: 0000000000000005 [ 368.562407][T12112] RBP: 00007f6d8ba2c090 R08: 0000000000000000 R09: 0000000000000000 [ 368.562420][T12112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 368.562433][T12112] R13: 0000000000000000 R14: 00007f6d8adb5fa0 R15: 00007fffe8dfe988 [ 368.562536][T12112] [ 370.044348][T12128] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2123'. [ 370.854084][T12136] netlink: 'syz.1.2125': attribute type 21 has an invalid length. [ 370.912095][T12136] netlink: 'syz.1.2125': attribute type 6 has an invalid length. [ 372.228353][T12184] __nla_validate_parse: 3 callbacks suppressed [ 372.228375][T12184] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2142'. [ 372.530207][T12185] netlink: 'syz.3.2143': attribute type 21 has an invalid length. [ 373.090011][T12195] netlink: 'syz.2.2144': attribute type 21 has an invalid length. [ 373.559974][T12216] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2156'. [ 373.655888][T12217] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2153'. [ 373.675249][T12217] netlink: 'syz.1.2153': attribute type 21 has an invalid length. [ 373.687914][T12217] netlink: 'syz.1.2153': attribute type 3 has an invalid length. [ 373.703264][T12217] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2153'. [ 374.537391][T12228] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2159'. [ 374.580081][T12228] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 374.862856][T12243] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2165'. [ 374.927775][T12242] netlink: 'syz.2.2165': attribute type 21 has an invalid length. [ 374.973158][T12242] netlink: 'syz.2.2165': attribute type 3 has an invalid length. [ 374.980916][T12242] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2165'. [ 375.998545][T12266] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2171'. [ 376.042099][T12266] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 376.503827][T12275] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2174'. [ 376.515558][T12275] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 376.673977][T12278] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2175'. [ 377.157781][T12263] wg2: entered promiscuous mode [ 377.162895][T12263] wg2: entered allmulticast mode [ 377.497509][T12293] netlink: 'syz.4.2180': attribute type 2 has an invalid length. [ 377.515188][T12293] netlink: 'syz.4.2180': attribute type 8 has an invalid length. [ 377.533140][T12293] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2180'. [ 378.580891][T12317] netlink: 9286 bytes leftover after parsing attributes in process `syz.4.2185'. [ 378.605280][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.615050][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.126567][T12322] ªªªªªª: renamed from vlan0 (while UP) [ 381.319686][T12335] netlink: 'syz.1.2193': attribute type 2 has an invalid length. [ 381.328417][T12335] netlink: 'syz.1.2193': attribute type 1 has an invalid length. [ 381.337346][T12332] netlink: 'syz.3.2192': attribute type 33 has an invalid length. [ 381.360865][T12335] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2193'. [ 381.394803][T12335] FAULT_INJECTION: forcing a failure. [ 381.394803][T12335] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 381.456740][T12335] CPU: 1 UID: 0 PID: 12335 Comm: syz.1.2193 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 381.456765][T12335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 381.456777][T12335] Call Trace: [ 381.456792][T12335] [ 381.456807][T12335] dump_stack_lvl+0x189/0x250 [ 381.456860][T12335] ? __pfx____ratelimit+0x10/0x10 [ 381.456902][T12335] ? __pfx_dump_stack_lvl+0x10/0x10 [ 381.456953][T12335] ? __pfx__printk+0x10/0x10 [ 381.457036][T12335] ? __might_fault+0xb0/0x130 [ 381.457144][T12335] should_fail_ex+0x414/0x560 [ 381.457245][T12335] _copy_to_user+0x31/0xb0 [ 381.457308][T12335] simple_read_from_buffer+0xe1/0x170 [ 381.457398][T12335] proc_fail_nth_read+0x1df/0x250 [ 381.457474][T12335] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 381.457553][T12335] ? rw_verify_area+0x258/0x650 [ 381.457586][T12335] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 381.457649][T12335] vfs_read+0x200/0x980 [ 381.457751][T12335] ? __pfx___mutex_lock+0x10/0x10 [ 381.457794][T12335] ? __pfx_vfs_read+0x10/0x10 [ 381.457858][T12335] ? __fget_files+0x2a/0x420 [ 381.457944][T12335] ? __fget_files+0x3a0/0x420 [ 381.457974][T12335] ? __fget_files+0x2a/0x420 [ 381.458106][T12335] ksys_read+0x145/0x250 [ 381.458183][T12335] ? __pfx_ksys_read+0x10/0x10 [ 381.458200][T12335] ? rcu_is_watching+0x15/0xb0 [ 381.458298][T12335] ? do_syscall_64+0xbe/0x3b0 [ 381.458373][T12335] do_syscall_64+0xfa/0x3b0 [ 381.458395][T12335] ? lockdep_hardirqs_on+0x9c/0x150 [ 381.458427][T12335] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.458453][T12335] ? clear_bhb_loop+0x60/0xb0 [ 381.458520][T12335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.458542][T12335] RIP: 0033:0x7f2d8af8d33c [ 381.458573][T12335] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 381.458589][T12335] RSP: 002b:00007f2d8bd2a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 381.458608][T12335] RAX: ffffffffffffffda RBX: 00007f2d8b1b5fa0 RCX: 00007f2d8af8d33c [ 381.458622][T12335] RDX: 000000000000000f RSI: 00007f2d8bd2a0a0 RDI: 0000000000000005 [ 381.458633][T12335] RBP: 00007f2d8bd2a090 R08: 0000000000000000 R09: 0000000000000000 [ 381.458644][T12335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 381.458654][T12335] R13: 0000000000000000 R14: 00007f2d8b1b5fa0 R15: 00007ffcecb61948 [ 381.458834][T12335] [ 382.100215][T12359] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 382.106748][T12359] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 382.371779][T12359] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2199'. [ 382.853183][T12376] netlink: 'syz.3.2203': attribute type 1 has an invalid length. [ 382.883497][T12376] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 382.963295][T12376] bridge0: port 3(batadv_slave_1) entered disabled state [ 382.976969][T12376] bridge0: port 2(bridge_slave_1) entered disabled state [ 382.996894][T12376] bridge0: port 1(bridge_slave_0) entered disabled state [ 383.037118][T12376] bridge0: entered allmulticast mode [ 383.136734][T12376] tap0: tun_chr_ioctl cmd 1074025677 [ 383.145178][T12376] tap0: linktype set to 776 [ 383.309634][T12387] netlink: 'syz.4.2207': attribute type 33 has an invalid length. [ 383.510374][T12398] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2211'. [ 383.535342][T12396] netlink: 'syz.2.2209': attribute type 10 has an invalid length. [ 383.541353][T12398] netlink: 'syz.3.2211': attribute type 21 has an invalid length. [ 383.564744][T12398] netlink: 'syz.3.2211': attribute type 3 has an invalid length. [ 383.581137][T12398] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2211'. [ 384.493153][T12396] veth0_vlan: left promiscuous mode [ 384.524243][T12396] veth0_vlan: entered promiscuous mode [ 384.601558][T12396] team0: Device veth0_vlan failed to register rx_handler [ 384.694804][T12396] syz.2.2209 (12396) used greatest stack depth: 17144 bytes left [ 384.908195][T12416] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2215'. [ 385.582028][T12437] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2225'. [ 385.661448][T12441] netlink: 'syz.3.2225': attribute type 21 has an invalid length. [ 385.687953][T12443] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2224'. [ 385.697544][T12443] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 385.812007][T12441] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2225'. [ 385.848919][T12441] netlink: 'syz.3.2225': attribute type 6 has an invalid length. [ 385.877281][T12441] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2225'. [ 386.231680][T12451] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 386.238406][T12451] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 386.295561][T12454] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2227'. [ 386.343798][T12460] netlink: 61211 bytes leftover after parsing attributes in process `syz.4.2231'. [ 386.469252][T12463] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2232'. [ 386.606322][T12465] validate_nla: 2 callbacks suppressed [ 386.606357][T12465] netlink: 'syz.2.2233': attribute type 49 has an invalid length. [ 387.809645][T12482] netlink: 'syz.2.2237': attribute type 21 has an invalid length. [ 389.562963][T12505] __nla_validate_parse: 1 callbacks suppressed [ 389.562983][T12505] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2246'. [ 389.614543][T12511] netlink: 'syz.1.2246': attribute type 21 has an invalid length. [ 389.700888][T12511] netlink: 'syz.1.2246': attribute type 3 has an invalid length. [ 389.802776][T12511] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2246'. [ 391.203038][T12545] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2259'. [ 392.318114][T12564] netlink: 'syz.2.2265': attribute type 29 has an invalid length. [ 392.349567][T12564] FAULT_INJECTION: forcing a failure. [ 392.349567][T12564] name failslab, interval 1, probability 0, space 0, times 0 [ 392.369819][T12564] CPU: 0 UID: 0 PID: 12564 Comm: syz.2.2265 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 392.369844][T12564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 392.369856][T12564] Call Trace: [ 392.369864][T12564] [ 392.369873][T12564] dump_stack_lvl+0x189/0x250 [ 392.369911][T12564] ? __pfx____ratelimit+0x10/0x10 [ 392.369935][T12564] ? __pfx_dump_stack_lvl+0x10/0x10 [ 392.369972][T12564] ? __pfx__printk+0x10/0x10 [ 392.370015][T12564] ? ref_tracker_alloc+0x318/0x460 [ 392.370053][T12564] should_fail_ex+0x414/0x560 [ 392.370098][T12564] should_failslab+0xa8/0x100 [ 392.370130][T12564] kmem_cache_alloc_noprof+0x73/0x3c0 [ 392.370152][T12564] ? skb_clone+0x212/0x3a0 [ 392.370206][T12564] skb_clone+0x212/0x3a0 [ 392.370247][T12564] __netlink_deliver_tap+0x404/0x850 [ 392.370307][T12564] ? netlink_deliver_tap+0x2e/0x1b0 [ 392.370340][T12564] netlink_deliver_tap+0x19c/0x1b0 [ 392.370372][T12564] netlink_unicast+0x72f/0x8d0 [ 392.370430][T12564] netlink_sendmsg+0x805/0xb30 [ 392.370483][T12564] ? __pfx_netlink_sendmsg+0x10/0x10 [ 392.370521][T12564] ? aa_sock_msg_perm+0x94/0x160 [ 392.370557][T12564] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 392.370585][T12564] ? __pfx_netlink_sendmsg+0x10/0x10 [ 392.370616][T12564] __sock_sendmsg+0x219/0x270 [ 392.370645][T12564] ____sys_sendmsg+0x505/0x830 [ 392.370684][T12564] ? __pfx_____sys_sendmsg+0x10/0x10 [ 392.370732][T12564] ? import_iovec+0x74/0xa0 [ 392.370765][T12564] ___sys_sendmsg+0x21f/0x2a0 [ 392.370801][T12564] ? __pfx____sys_sendmsg+0x10/0x10 [ 392.370889][T12564] ? __fget_files+0x2a/0x420 [ 392.370952][T12564] ? __fget_files+0x2a/0x420 [ 392.370976][T12564] ? __fget_files+0x3a0/0x420 [ 392.371031][T12564] __x64_sys_sendmsg+0x19b/0x260 [ 392.371068][T12564] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 392.371124][T12564] ? __pfx_ksys_write+0x10/0x10 [ 392.371142][T12564] ? rcu_is_watching+0x15/0xb0 [ 392.371189][T12564] ? do_syscall_64+0xbe/0x3b0 [ 392.371230][T12564] do_syscall_64+0xfa/0x3b0 [ 392.371248][T12564] ? lockdep_hardirqs_on+0x9c/0x150 [ 392.371269][T12564] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.371289][T12564] ? clear_bhb_loop+0x60/0xb0 [ 392.371319][T12564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.371339][T12564] RIP: 0033:0x7f3b3258e929 [ 392.371358][T12564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.371375][T12564] RSP: 002b:00007f3b3347c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 392.371394][T12564] RAX: ffffffffffffffda RBX: 00007f3b327b5fa0 RCX: 00007f3b3258e929 [ 392.371408][T12564] RDX: 0000000000000000 RSI: 0000200000002940 RDI: 0000000000000003 [ 392.371419][T12564] RBP: 00007f3b3347c090 R08: 0000000000000000 R09: 0000000000000000 [ 392.371431][T12564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.371441][T12564] R13: 0000000000000000 R14: 00007f3b327b5fa0 R15: 00007fff7ae07788 [ 392.371504][T12564] [ 393.319363][T12593] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2274'. [ 393.827178][T12607] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.2280'. [ 393.839715][T12607] netlink: zone id is out of range [ 393.845749][T12607] netlink: get zone limit has 8 unknown bytes [ 393.885404][T12603] netlink: 'syz.3.2278': attribute type 29 has an invalid length. [ 393.913584][T12603] netlink: 'syz.3.2278': attribute type 29 has an invalid length. [ 393.975124][T12605] netlink: 'syz.2.2279': attribute type 21 has an invalid length. [ 393.983290][T12605] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2279'. [ 394.001622][T12605] netlink: 'syz.2.2279': attribute type 4 has an invalid length. [ 394.072323][T12605] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2279'. [ 395.226524][T12629] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2288'. [ 395.910097][T12637] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2290'. [ 396.363123][T12637] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 396.553379][T12645] netlink: 'syz.4.2293': attribute type 33 has an invalid length. [ 396.618372][T12647] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.2294'. [ 396.628587][T12647] netlink: zone id is out of range [ 396.638903][T12647] netlink: get zone limit has 8 unknown bytes [ 397.241421][T12661] delete_channel: no stack [ 397.490262][T12672] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2303'. [ 397.506115][T12675] netlink: 'syz.2.2305': attribute type 21 has an invalid length. [ 397.673868][T12672] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 397.844265][T12682] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2306'. [ 398.378411][T12700] netlink: 'syz.3.2314': attribute type 33 has an invalid length. [ 398.852771][T12703] netlink: 'syz.4.2313': attribute type 1 has an invalid length. [ 399.550304][T12719] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2320'. [ 399.588952][T12717] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2319'. [ 399.711404][T12717] netlink: 'syz.1.2319': attribute type 21 has an invalid length. [ 399.737591][T12723] FAULT_INJECTION: forcing a failure. [ 399.737591][T12723] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 399.738014][T12717] netlink: 'syz.1.2319': attribute type 3 has an invalid length. [ 399.758611][T12717] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2319'. [ 399.770202][T12723] CPU: 1 UID: 0 PID: 12723 Comm: syz.0.2323 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 399.770227][T12723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 399.770239][T12723] Call Trace: [ 399.770247][T12723] [ 399.770254][T12723] dump_stack_lvl+0x189/0x250 [ 399.770288][T12723] ? __pfx____ratelimit+0x10/0x10 [ 399.770306][T12723] ? __pfx_dump_stack_lvl+0x10/0x10 [ 399.770335][T12723] ? __pfx__printk+0x10/0x10 [ 399.770356][T12723] ? __might_fault+0xb0/0x130 [ 399.770387][T12723] should_fail_ex+0x414/0x560 [ 399.770418][T12723] _copy_from_user+0x2d/0xb0 [ 399.770440][T12723] dev_ethtool+0xd0/0x1990 [ 399.770471][T12723] ? __lock_acquire+0xab9/0xd20 [ 399.770503][T12723] ? __pfx_dev_ethtool+0x10/0x10 [ 399.770541][T12723] ? dev_load+0x21/0x1f0 [ 399.770563][T12723] ? dev_load+0x21/0x1f0 [ 399.770590][T12723] dev_ioctl+0x392/0x1150 [ 399.770615][T12723] sock_do_ioctl+0x22c/0x300 [ 399.770632][T12723] ? irqentry_enter+0x3d/0x60 [ 399.770651][T12723] ? __pfx_sock_do_ioctl+0x10/0x10 [ 399.770666][T12723] ? __lock_acquire+0xab9/0xd20 [ 399.770706][T12723] sock_ioctl+0x576/0x790 [ 399.770726][T12723] ? __pfx_sock_ioctl+0x10/0x10 [ 399.770761][T12723] ? security_file_ioctl+0xcb/0x2d0 [ 399.770784][T12723] ? bpf_lsm_file_ioctl+0x9/0x20 [ 399.770802][T12723] ? __pfx_sock_ioctl+0x10/0x10 [ 399.770829][T12723] __se_sys_ioctl+0xf9/0x170 [ 399.770850][T12723] do_syscall_64+0xfa/0x3b0 [ 399.770871][T12723] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.770888][T12723] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 399.770906][T12723] ? clear_bhb_loop+0x60/0xb0 [ 399.770928][T12723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.770946][T12723] RIP: 0033:0x7ff7bbf8e929 [ 399.770963][T12723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 399.770978][T12723] RSP: 002b:00007ff7bce06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 399.770997][T12723] RAX: ffffffffffffffda RBX: 00007ff7bc1b5fa0 RCX: 00007ff7bbf8e929 [ 399.771011][T12723] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000001f [ 399.771022][T12723] RBP: 00007ff7bce06090 R08: 0000000000000000 R09: 0000000000000000 [ 399.771033][T12723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 399.771044][T12723] R13: 0000000000000000 R14: 00007ff7bc1b5fa0 R15: 00007ffe3e073d38 [ 399.771072][T12723] [ 400.421893][T12737] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2325'. [ 400.446254][T12737] netlink: 'syz.0.2325': attribute type 21 has an invalid length. [ 400.462724][T12737] netlink: 'syz.0.2325': attribute type 3 has an invalid length. [ 400.470667][T12737] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2325'. [ 400.621664][T12744] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2326'. [ 400.673989][T12744] netlink: 'syz.4.2326': attribute type 21 has an invalid length. [ 400.745642][T12744] netlink: 'syz.4.2326': attribute type 3 has an invalid length. [ 400.775866][T12749] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2328'. [ 400.803268][T12744] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2326'. [ 400.814867][T12749] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 402.069428][T12770] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2334'. [ 402.084684][T12770] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 402.105013][T12780] netlink: 'syz.4.2335': attribute type 3 has an invalid length. [ 402.148731][T12780] netlink: 198000 bytes leftover after parsing attributes in process `syz.4.2335'. [ 402.472573][T12786] delete_channel: no stack [ 402.525378][T12789] validate_nla: 1 callbacks suppressed [ 402.525409][T12789] netlink: 'syz.4.2338': attribute type 21 has an invalid length. [ 402.800996][T12789] €Â: renamed from hsr0 (while UP) [ 402.829827][T12797] FAULT_INJECTION: forcing a failure. [ 402.829827][T12797] name failslab, interval 1, probability 0, space 0, times 0 [ 402.950620][T12797] CPU: 1 UID: 0 PID: 12797 Comm: syz.1.2343 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 402.950645][T12797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 402.950657][T12797] Call Trace: [ 402.950665][T12797] [ 402.950673][T12797] dump_stack_lvl+0x189/0x250 [ 402.950708][T12797] ? __pfx____ratelimit+0x10/0x10 [ 402.950728][T12797] ? __pfx_dump_stack_lvl+0x10/0x10 [ 402.950758][T12797] ? __pfx__printk+0x10/0x10 [ 402.950785][T12797] ? __pfx___might_resched+0x10/0x10 [ 402.950821][T12797] should_fail_ex+0x414/0x560 [ 402.950853][T12797] should_failslab+0xa8/0x100 [ 402.950878][T12797] __kmalloc_cache_node_noprof+0x73/0x3d0 [ 402.950902][T12797] ? __get_vm_area_node+0x13f/0x300 [ 402.950922][T12797] ? __pfx_perf_trace_lock+0x10/0x10 [ 402.950958][T12797] __get_vm_area_node+0x13f/0x300 [ 402.950986][T12797] __vmalloc_node_range_noprof+0x301/0x12f0 [ 402.951010][T12797] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 402.951057][T12797] ? perf_trace_lock+0xec/0x3b0 [ 402.951097][T12797] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 402.951119][T12797] ? __might_fault+0xb0/0x130 [ 402.951139][T12797] ? __pfx_aa_get_newest_label+0x10/0x10 [ 402.951165][T12797] ? _parse_integer_limit+0x1ae/0x1f0 [ 402.951199][T12797] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 402.951224][T12797] __vmalloc_noprof+0xb1/0xf0 [ 402.951247][T12797] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 402.951278][T12797] bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 402.951316][T12797] bpf_prog_alloc+0x3c/0x1a0 [ 402.951347][T12797] bpf_prog_load+0x735/0x1930 [ 402.951388][T12797] ? __pfx_bpf_prog_load+0x10/0x10 [ 402.951414][T12797] ? __pfx_perf_trace_lock+0x10/0x10 [ 402.951466][T12797] ? bpf_lsm_bpf+0x9/0x20 [ 402.951483][T12797] ? security_bpf+0x7e/0x300 [ 402.951510][T12797] __sys_bpf+0x5f1/0x860 [ 402.951539][T12797] ? __pfx___sys_bpf+0x10/0x10 [ 402.951581][T12797] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 402.951608][T12797] ? __pfx_ksys_write+0x10/0x10 [ 402.951638][T12797] __x64_sys_bpf+0x7c/0x90 [ 402.951662][T12797] do_syscall_64+0xfa/0x3b0 [ 402.951680][T12797] ? lockdep_hardirqs_on+0x9c/0x150 [ 402.951697][T12797] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.951716][T12797] ? clear_bhb_loop+0x60/0xb0 [ 402.951739][T12797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.951757][T12797] RIP: 0033:0x7f2d8af8e929 [ 402.951774][T12797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.951790][T12797] RSP: 002b:00007f2d8bd2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 402.951809][T12797] RAX: ffffffffffffffda RBX: 00007f2d8b1b5fa0 RCX: 00007f2d8af8e929 [ 402.951823][T12797] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005 [ 402.951834][T12797] RBP: 00007f2d8bd2a090 R08: 0000000000000000 R09: 0000000000000000 [ 402.951846][T12797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 402.951857][T12797] R13: 0000000000000001 R14: 00007f2d8b1b5fa0 R15: 00007ffcecb61948 [ 402.951888][T12797] [ 403.396420][T12792] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2341'. [ 403.411172][T12792] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 403.457298][T12797] syz.1.2343: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 403.495729][T12797] CPU: 0 UID: 0 PID: 12797 Comm: syz.1.2343 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 403.495754][T12797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 403.495765][T12797] Call Trace: [ 403.495772][T12797] [ 403.495780][T12797] dump_stack_lvl+0x189/0x250 [ 403.495816][T12797] ? __pfx_dump_stack_lvl+0x10/0x10 [ 403.495846][T12797] ? __pfx__printk+0x10/0x10 [ 403.495867][T12797] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 403.495888][T12797] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 403.495911][T12797] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 403.495934][T12797] warn_alloc+0x214/0x310 [ 403.495969][T12797] ? __pfx_warn_alloc+0x10/0x10 [ 403.495996][T12797] ? __get_vm_area_node+0x13f/0x300 [ 403.496023][T12797] ? __get_vm_area_node+0x2b5/0x300 [ 403.496052][T12797] __vmalloc_node_range_noprof+0x326/0x12f0 [ 403.496096][T12797] ? perf_trace_lock+0xec/0x3b0 [ 403.496135][T12797] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 403.496157][T12797] ? __might_fault+0xb0/0x130 [ 403.496176][T12797] ? __pfx_aa_get_newest_label+0x10/0x10 [ 403.496203][T12797] ? _parse_integer_limit+0x1ae/0x1f0 [ 403.496236][T12797] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 403.496267][T12797] __vmalloc_noprof+0xb1/0xf0 [ 403.496290][T12797] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 403.496319][T12797] bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 403.496351][T12797] bpf_prog_alloc+0x3c/0x1a0 [ 403.496381][T12797] bpf_prog_load+0x735/0x1930 [ 403.496420][T12797] ? __pfx_bpf_prog_load+0x10/0x10 [ 403.496446][T12797] ? __pfx_perf_trace_lock+0x10/0x10 [ 403.496498][T12797] ? bpf_lsm_bpf+0x9/0x20 [ 403.496516][T12797] ? security_bpf+0x7e/0x300 [ 403.496543][T12797] __sys_bpf+0x5f1/0x860 [ 403.496570][T12797] ? __pfx___sys_bpf+0x10/0x10 [ 403.496612][T12797] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 403.496639][T12797] ? __pfx_ksys_write+0x10/0x10 [ 403.496669][T12797] __x64_sys_bpf+0x7c/0x90 [ 403.496691][T12797] do_syscall_64+0xfa/0x3b0 [ 403.496711][T12797] ? lockdep_hardirqs_on+0x9c/0x150 [ 403.496728][T12797] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 403.496747][T12797] ? clear_bhb_loop+0x60/0xb0 [ 403.496774][T12797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 403.496792][T12797] RIP: 0033:0x7f2d8af8e929 [ 403.496808][T12797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 403.496825][T12797] RSP: 002b:00007f2d8bd2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 403.496843][T12797] RAX: ffffffffffffffda RBX: 00007f2d8b1b5fa0 RCX: 00007f2d8af8e929 [ 403.496857][T12797] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005 [ 403.496869][T12797] RBP: 00007f2d8bd2a090 R08: 0000000000000000 R09: 0000000000000000 [ 403.496880][T12797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 403.496890][T12797] R13: 0000000000000001 R14: 00007f2d8b1b5fa0 R15: 00007ffcecb61948 [ 403.496922][T12797] [ 403.496993][T12797] Mem-Info: [ 403.796051][T12797] active_anon:23922 inactive_anon:0 isolated_anon:0 [ 403.796051][T12797] active_file:21725 inactive_file:39951 isolated_file:0 [ 403.796051][T12797] unevictable:768 dirty:406 writeback:0 [ 403.796051][T12797] slab_reclaimable:10476 slab_unreclaimable:96906 [ 403.796051][T12797] mapped:41453 shmem:18060 pagetables:1221 [ 403.796051][T12797] sec_pagetables:0 bounce:0 [ 403.796051][T12797] kernel_misc_reclaimable:0 [ 403.796051][T12797] free:1298272 free_pcp:11230 free_cma:0 [ 403.845892][T12797] Node 0 active_anon:95988kB inactive_anon:0kB active_file:86900kB inactive_file:159600kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:165812kB dirty:1620kB writeback:0kB shmem:70904kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11784kB pagetables:4756kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 403.884278][T12794] delete_channel: no stack [ 403.984419][T12797] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 404.034789][T12797] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 404.065776][T12797] lowmem_reserve[]: 0 2500 2502 2502 2502 [ 404.072618][T12797] Node 0 DMA32 free:1271856kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:94808kB inactive_anon:0kB active_file:86900kB inactive_file:157756kB unevictable:1536kB writepending:1648kB present:3129332kB managed:2560960kB mlocked:0kB bounce:0kB free_pcp:30544kB local_pcp:23824kB free_cma:0kB [ 404.123356][T12797] lowmem_reserve[]: 0 0 1 1 1 [ 404.128273][T12797] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1844kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 404.157663][T12797] lowmem_reserve[]: 0 0 0 0 0 [ 404.213455][T12797] Node 1 Normal free:3905964kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:15552kB local_pcp:6624kB free_cma:0kB [ 404.215855][T12810] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.2346'. [ 404.257805][T12810] netlink: zone id is out of range [ 404.263769][T12797] lowmem_reserve[]: 0 0 0 0 0 [ 404.268852][T12810] netlink: zone id is out of range [ 404.269035][T12797] Node 0 [ 404.274392][T12810] netlink: get zone limit has 8 unknown bytes [ 404.277468][T12797] DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 404.308050][T12797] Node 0 DMA32: 1794*4kB (UME) 2055*8kB (UM) 1781*16kB (UM) 1249*32kB (UME) 962*64kB (UME) 382*128kB (UM) 280*256kB (UM) 175*512kB (UM) 91*1024kB (UME) 8*2048kB (UM) 195*4096kB (UM) = 1272112kB [ 404.335318][T12797] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 404.347252][T12797] Node 1 Normal: 195*4kB (UME) 48*8kB (UME) 48*16kB (UME) 161*32kB (UME) 48*64kB (UME) 12*128kB (UME) 4*256kB (UM) 4*512kB (UME) 2*1024kB (ME) 1*2048kB (E) 949*4096kB (M) = 3905964kB [ 404.371911][T12797] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 404.384408][T12797] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 404.399751][T12797] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 404.414262][T12797] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 404.450483][T12797] 76822 total pagecache pages [ 404.458419][T12797] 0 pages in swap cache [ 404.466218][T12797] Free swap = 124996kB [ 404.482346][T12797] Total swap = 124996kB [ 404.486622][T12797] 2097051 pages RAM [ 404.521241][T12797] 0 pages HighMem/MovableOnly [ 404.539552][T12797] 424705 pages reserved [ 404.544966][T12797] 0 pages cma reserved [ 404.945199][T12820] delete_channel: no stack [ 405.076791][T12828] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2354'. [ 405.087216][T12828] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 405.485332][T12831] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2355'. [ 405.506142][T12831] netlink: 'syz.3.2355': attribute type 21 has an invalid length. [ 405.524734][T12831] netlink: 'syz.3.2355': attribute type 3 has an invalid length. [ 405.573238][T12831] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2355'. [ 406.092637][T12853] FAULT_INJECTION: forcing a failure. [ 406.092637][T12853] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 406.111014][T12853] CPU: 1 UID: 0 PID: 12853 Comm: syz.3.2364 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 406.111038][T12853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 406.111049][T12853] Call Trace: [ 406.111057][T12853] [ 406.111064][T12853] dump_stack_lvl+0x189/0x250 [ 406.111096][T12853] ? __pfx____ratelimit+0x10/0x10 [ 406.111115][T12853] ? __pfx_dump_stack_lvl+0x10/0x10 [ 406.111143][T12853] ? __pfx__printk+0x10/0x10 [ 406.111175][T12853] should_fail_ex+0x414/0x560 [ 406.111206][T12853] _copy_to_user+0x31/0xb0 [ 406.111229][T12853] bpf_test_finish+0x24e/0x700 [ 406.111260][T12853] ? __pfx_bpf_test_finish+0x10/0x10 [ 406.111287][T12853] ? slab_build_skb+0x273/0x3e0 [ 406.111313][T12853] bpf_prog_test_run_skb+0xed5/0x1560 [ 406.111348][T12853] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 406.111372][T12853] bpf_prog_test_run+0x2c4/0x340 [ 406.111401][T12853] __sys_bpf+0x4a4/0x860 [ 406.111426][T12853] ? __pfx___sys_bpf+0x10/0x10 [ 406.111465][T12853] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 406.111491][T12853] ? __pfx_ksys_write+0x10/0x10 [ 406.111509][T12853] ? rcu_is_watching+0x15/0xb0 [ 406.111547][T12853] __x64_sys_bpf+0x7c/0x90 [ 406.111570][T12853] do_syscall_64+0xfa/0x3b0 [ 406.111589][T12853] ? lockdep_hardirqs_on+0x9c/0x150 [ 406.111607][T12853] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.111626][T12853] ? clear_bhb_loop+0x60/0xb0 [ 406.111650][T12853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.111668][T12853] RIP: 0033:0x7f057078e929 [ 406.111685][T12853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 406.111701][T12853] RSP: 002b:00007f05715f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 406.111721][T12853] RAX: ffffffffffffffda RBX: 00007f05709b5fa0 RCX: 00007f057078e929 [ 406.111735][T12853] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a [ 406.111748][T12853] RBP: 00007f05715f6090 R08: 0000000000000000 R09: 0000000000000000 [ 406.111760][T12853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 406.111772][T12853] R13: 0000000000000000 R14: 00007f05709b5fa0 R15: 00007ffe80584128 [ 406.111821][T12853] [ 409.864646][T12874] delete_channel: no stack [ 409.870475][T12877] netlink: 'syz.2.2372': attribute type 33 has an invalid length. [ 410.628545][T12915] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2387'. [ 410.639366][T12915] netlink: 'syz.0.2387': attribute type 21 has an invalid length. [ 410.649749][T12915] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2387'. [ 411.812067][T12952] pim6reg1: entered allmulticast mode [ 411.905166][T12963] netlink: 'syz.2.2405': attribute type 7 has an invalid length. [ 411.923208][T12963] netlink: 'syz.2.2405': attribute type 2 has an invalid length. [ 411.935601][T12963] netlink: 'syz.2.2405': attribute type 1 has an invalid length. [ 411.949722][T12963] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2405'. [ 412.120876][T12969] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2407'. [ 412.142659][T12970] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2406'. [ 412.160289][T12970] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 412.170572][T12969] netlink: 'syz.2.2407': attribute type 21 has an invalid length. [ 412.187229][T12969] netlink: 'syz.2.2407': attribute type 3 has an invalid length. [ 412.206017][T12969] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2407'. [ 412.267897][T12972] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2408'. [ 412.280245][T12972] netlink: 'syz.3.2408': attribute type 21 has an invalid length. [ 412.295557][T12972] netlink: 'syz.3.2408': attribute type 3 has an invalid length. [ 412.304367][T12972] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2408'. [ 412.983144][ T1082] tipc: Subscription rejected, illegal request [ 413.246113][T13005] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.2417'. [ 413.384745][T13002] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.2417'. [ 414.604738][T13040] netlink: 'syz.2.2431': attribute type 21 has an invalid length. [ 415.872460][T13067] delete_channel: no stack [ 416.285456][T13075] pim6reg1: entered allmulticast mode [ 417.279541][T13106] pim6reg1: entered allmulticast mode [ 417.316374][T13111] FAULT_INJECTION: forcing a failure. [ 417.316374][T13111] name failslab, interval 1, probability 0, space 0, times 0 [ 417.362375][T13111] CPU: 0 UID: 0 PID: 13111 Comm: syz.0.2457 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 417.362404][T13111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 417.362418][T13111] Call Trace: [ 417.362431][T13111] [ 417.362445][T13111] dump_stack_lvl+0x189/0x250 [ 417.362496][T13111] ? __pfx____ratelimit+0x10/0x10 [ 417.362531][T13111] ? __pfx_dump_stack_lvl+0x10/0x10 [ 417.362578][T13111] ? __pfx__printk+0x10/0x10 [ 417.362657][T13111] ? __pfx___might_resched+0x10/0x10 [ 417.362731][T13111] should_fail_ex+0x414/0x560 [ 417.362809][T13111] should_failslab+0xa8/0x100 [ 417.362859][T13111] kmem_cache_alloc_noprof+0x73/0x3c0 [ 417.362889][T13111] ? security_inode_alloc+0x39/0x330 [ 417.362963][T13111] security_inode_alloc+0x39/0x330 [ 417.363025][T13111] inode_init_always_gfp+0x9ed/0xdc0 [ 417.363113][T13111] ? __pfx_proc_alloc_inode+0x10/0x10 [ 417.363155][T13111] alloc_inode+0x82/0x1b0 [ 417.363199][T13111] new_inode+0x22/0x170 [ 417.363257][T13111] proc_pid_make_inode+0x21/0x130 [ 417.363298][T13111] proc_pident_instantiate+0x6d/0x2b0 [ 417.363354][T13111] proc_pident_lookup+0x1b3/0x290 [ 417.363428][T13111] __lookup_slow+0x297/0x3d0 [ 417.363482][T13111] ? __pfx___lookup_slow+0x10/0x10 [ 417.363606][T13111] ? down_read+0x1ad/0x2e0 [ 417.363652][T13111] lookup_slow+0x53/0x70 [ 417.363697][T13111] link_path_walk+0x935/0xea0 [ 417.363833][T13111] path_openat+0x28c/0x3830 [ 417.364055][T13111] ? __pfx_path_openat+0x10/0x10 [ 417.364121][T13111] ? perf_trace_lock_acquire+0x335/0x410 [ 417.364230][T13111] do_filp_open+0x1fa/0x410 [ 417.364248][T13111] ? __lock_acquire+0xab9/0xd20 [ 417.364294][T13111] ? __pfx_do_filp_open+0x10/0x10 [ 417.364380][T13111] ? __pfx_kfree_link+0x10/0x10 [ 417.364462][T13111] ? _raw_spin_unlock+0x28/0x50 [ 417.364491][T13111] ? alloc_fd+0x64c/0x6c0 [ 417.364590][T13111] do_sys_openat2+0x121/0x1c0 [ 417.364644][T13111] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.364687][T13111] ? ksys_write+0x22a/0x250 [ 417.364731][T13111] ? __pfx_ksys_write+0x10/0x10 [ 417.364748][T13111] ? rcu_is_watching+0x15/0xb0 [ 417.364805][T13111] __x64_sys_openat+0x138/0x170 [ 417.364873][T13111] do_syscall_64+0xfa/0x3b0 [ 417.364893][T13111] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.364918][T13111] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.364940][T13111] ? clear_bhb_loop+0x60/0xb0 [ 417.364985][T13111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.365005][T13111] RIP: 0033:0x7ff7bbf8d290 [ 417.365029][T13111] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 417.365046][T13111] RSP: 002b:00007ff7bce05f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 417.365065][T13111] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff7bbf8d290 [ 417.365079][T13111] RDX: 0000000000000002 RSI: 00007ff7bce05fa0 RDI: 00000000ffffff9c [ 417.365097][T13111] RBP: 00007ff7bce05fa0 R08: 0000000000000000 R09: 0000000000000000 [ 417.365108][T13111] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 417.365119][T13111] R13: 0000000000000000 R14: 00007ff7bc1b5fa0 R15: 00007ffe3e073d38 [ 417.365225][T13111] [ 417.903276][T13123] __nla_validate_parse: 4 callbacks suppressed [ 417.903294][T13123] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2460'. [ 418.020488][T13123] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 418.486050][T13138] validate_nla: 1 callbacks suppressed [ 418.486068][T13138] netlink: 'syz.3.2466': attribute type 33 has an invalid length. [ 419.976353][T13166] pim6reg1: entered allmulticast mode [ 420.682887][T13184] netlink: 'syz.4.2483': attribute type 21 has an invalid length. [ 421.397693][T13189] netlink: 'syz.1.2482': attribute type 6 has an invalid length. [ 421.466032][T13189] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2482'. [ 421.774767][T13199] FAULT_INJECTION: forcing a failure. [ 421.774767][T13199] name failslab, interval 1, probability 0, space 0, times 0 [ 421.791319][T13199] CPU: 1 UID: 0 PID: 13199 Comm: syz.0.2487 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 421.791347][T13199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 421.791360][T13199] Call Trace: [ 421.791372][T13199] [ 421.791384][T13199] dump_stack_lvl+0x189/0x250 [ 421.791430][T13199] ? __pfx____ratelimit+0x10/0x10 [ 421.791461][T13199] ? __pfx_dump_stack_lvl+0x10/0x10 [ 421.791506][T13199] ? __pfx__printk+0x10/0x10 [ 421.791613][T13199] should_fail_ex+0x414/0x560 [ 421.791691][T13199] should_failslab+0xa8/0x100 [ 421.791747][T13199] __kmalloc_cache_noprof+0x70/0x3d0 [ 421.791772][T13199] ? sctp_add_bind_addr+0x8c/0x370 [ 421.791822][T13199] sctp_add_bind_addr+0x8c/0x370 [ 421.791871][T13199] sctp_copy_local_addr_list+0x30b/0x4e0 [ 421.791931][T13199] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 421.791967][T13199] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 421.792024][T13199] ? sctp_v4_is_any+0x35/0x60 [ 421.792052][T13199] ? sctp_copy_one_addr+0x93/0x360 [ 421.792108][T13199] sctp_bind_addr_copy+0xb3/0x3c0 [ 421.792149][T13199] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 421.792213][T13199] sctp_connect_new_asoc+0x2e0/0x690 [ 421.792271][T13199] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 421.792300][T13199] ? __local_bh_enable_ip+0x12d/0x1c0 [ 421.792379][T13199] ? bpf_lsm_sctp_bind_connect+0x9/0x20 [ 421.792399][T13199] ? security_sctp_bind_connect+0x7e/0x2e0 [ 421.792451][T13199] sctp_sendmsg+0x155c/0x2810 [ 421.792560][T13199] ? __pfx_sctp_sendmsg+0x10/0x10 [ 421.792586][T13199] ? trace_call_bpf+0xb7/0x850 [ 421.792646][T13199] ? aa_sk_perm+0x81e/0x950 [ 421.792720][T13199] ? __pfx_aa_sk_perm+0x10/0x10 [ 421.792781][T13199] ? sock_rps_record_flow+0x19/0x410 [ 421.792828][T13199] ? inet_sendmsg+0x2f4/0x370 [ 421.792884][T13199] __sock_sendmsg+0x19c/0x270 [ 421.792937][T13199] ____sys_sendmsg+0x505/0x830 [ 421.793010][T13199] ? __pfx_____sys_sendmsg+0x10/0x10 [ 421.793115][T13199] ? import_iovec+0x74/0xa0 [ 421.793175][T13199] ___sys_sendmsg+0x21f/0x2a0 [ 421.793222][T13199] ? __pfx____sys_sendmsg+0x10/0x10 [ 421.793355][T13199] ? __fget_files+0x2a/0x420 [ 421.793442][T13199] ? __fget_files+0x2a/0x420 [ 421.793467][T13199] ? __fget_files+0x3a0/0x420 [ 421.793547][T13199] __x64_sys_sendmsg+0x19b/0x260 [ 421.793596][T13199] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 421.793675][T13199] ? __pfx_ksys_write+0x10/0x10 [ 421.793735][T13199] ? do_syscall_64+0xbe/0x3b0 [ 421.793779][T13199] do_syscall_64+0xfa/0x3b0 [ 421.793798][T13199] ? lockdep_hardirqs_on+0x9c/0x150 [ 421.793822][T13199] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.793843][T13199] ? clear_bhb_loop+0x60/0xb0 [ 421.793883][T13199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.793903][T13199] RIP: 0033:0x7ff7bbf8e929 [ 421.793925][T13199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.793941][T13199] RSP: 002b:00007ff7bce06038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 421.793960][T13199] RAX: ffffffffffffffda RBX: 00007ff7bc1b5fa0 RCX: 00007ff7bbf8e929 [ 421.793974][T13199] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000005 [ 421.793986][T13199] RBP: 00007ff7bce06090 R08: 0000000000000000 R09: 0000000000000000 [ 421.793997][T13199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 421.794008][T13199] R13: 0000000000000000 R14: 00007ff7bc1b5fa0 R15: 00007ffe3e073d38 [ 421.794098][T13199] [ 423.317995][T13211] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2492'. [ 423.329942][T13211] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 429.958659][T13229] netlink: 'syz.3.2500': attribute type 10 has an invalid length. [ 430.033900][T13229] team0: Device ipvlan1 is up. Set it down before adding it as a team port [ 431.009796][T13271] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2511'. [ 431.027505][T13268] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2511'. [ 431.144094][T13276] netlink: 'syz.2.2514': attribute type 33 has an invalid length. [ 431.349680][T13280] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.2516'. [ 433.420901][T13305] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2524'. [ 433.442401][T13305] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 433.954865][T13330] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2532'. [ 433.988663][T13332] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2530'. [ 434.035350][T13332] netlink: 'syz.0.2530': attribute type 21 has an invalid length. [ 434.108393][T13332] netlink: 'syz.0.2530': attribute type 3 has an invalid length. [ 434.144936][T13332] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2530'. [ 434.473159][T13341] FAULT_INJECTION: forcing a failure. [ 434.473159][T13341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 434.527184][T13341] CPU: 1 UID: 0 PID: 13341 Comm: syz.3.2534 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 434.527212][T13341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 434.527230][T13341] Call Trace: [ 434.527240][T13341] [ 434.527253][T13341] dump_stack_lvl+0x189/0x250 [ 434.527289][T13341] ? __pfx____ratelimit+0x10/0x10 [ 434.527310][T13341] ? __pfx_dump_stack_lvl+0x10/0x10 [ 434.527342][T13341] ? __pfx__printk+0x10/0x10 [ 434.527366][T13341] ? __might_fault+0xb0/0x130 [ 434.527399][T13341] ? __might_fault+0xb0/0x130 [ 434.527430][T13341] should_fail_ex+0x414/0x560 [ 434.527466][T13341] _copy_from_user+0x2d/0xb0 [ 434.527491][T13341] __sys_bpf+0x1ed/0x860 [ 434.527522][T13341] ? __pfx___sys_bpf+0x10/0x10 [ 434.527572][T13341] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 434.527601][T13341] ? __pfx_ksys_write+0x10/0x10 [ 434.527621][T13341] ? rcu_is_watching+0x15/0xb0 [ 434.527663][T13341] __x64_sys_bpf+0x7c/0x90 [ 434.527689][T13341] do_syscall_64+0xfa/0x3b0 [ 434.527709][T13341] ? lockdep_hardirqs_on+0x9c/0x150 [ 434.527729][T13341] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.527749][T13341] ? clear_bhb_loop+0x60/0xb0 [ 434.527776][T13341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.527799][T13341] RIP: 0033:0x7f057078e929 [ 434.527817][T13341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.527835][T13341] RSP: 002b:00007f05715f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 434.527858][T13341] RAX: ffffffffffffffda RBX: 00007f05709b5fa0 RCX: 00007f057078e929 [ 434.527873][T13341] RDX: 0000000000000020 RSI: 0000200000000180 RDI: 000000000000001c [ 434.527886][T13341] RBP: 00007f05715f6090 R08: 0000000000000000 R09: 0000000000000000 [ 434.527899][T13341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 434.527911][T13341] R13: 0000000000000000 R14: 00007f05709b5fa0 R15: 00007ffe80584128 [ 434.527948][T13341] [ 436.096083][T13368] pim6reg1: entered allmulticast mode [ 437.176932][T13391] FAULT_INJECTION: forcing a failure. [ 437.176932][T13391] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 437.190153][T13391] CPU: 0 UID: 0 PID: 13391 Comm: syz.3.2548 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 437.190181][T13391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 437.190192][T13391] Call Trace: [ 437.190200][T13391] [ 437.190205][T13391] dump_stack_lvl+0x189/0x250 [ 437.190229][T13391] ? __pfx____ratelimit+0x10/0x10 [ 437.190243][T13391] ? __pfx_dump_stack_lvl+0x10/0x10 [ 437.190263][T13391] ? __pfx__printk+0x10/0x10 [ 437.190277][T13391] ? __might_fault+0xb0/0x130 [ 437.190298][T13391] should_fail_ex+0x414/0x560 [ 437.190319][T13391] _copy_from_user+0x2d/0xb0 [ 437.190334][T13391] sock_do_ioctl+0x182/0x300 [ 437.190349][T13391] ? __pfx_sock_do_ioctl+0x10/0x10 [ 437.190359][T13391] ? __lock_acquire+0xab9/0xd20 [ 437.190388][T13391] sock_ioctl+0x576/0x790 [ 437.190400][T13391] ? __pfx_sock_ioctl+0x10/0x10 [ 437.190422][T13391] ? __fget_files+0x2a/0x420 [ 437.190438][T13391] ? __fget_files+0x3a0/0x420 [ 437.190453][T13391] ? __fget_files+0x2a/0x420 [ 437.190474][T13391] ? bpf_lsm_file_ioctl+0x9/0x20 [ 437.190486][T13391] ? __pfx_sock_ioctl+0x10/0x10 [ 437.190505][T13391] __se_sys_ioctl+0xf9/0x170 [ 437.190520][T13391] do_syscall_64+0xfa/0x3b0 [ 437.190532][T13391] ? lockdep_hardirqs_on+0x9c/0x150 [ 437.190544][T13391] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.190556][T13391] ? clear_bhb_loop+0x60/0xb0 [ 437.190571][T13391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.190583][T13391] RIP: 0033:0x7f057078e929 [ 437.190594][T13391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 437.190605][T13391] RSP: 002b:00007f05715d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 437.190618][T13391] RAX: ffffffffffffffda RBX: 00007f05709b6080 RCX: 00007f057078e929 [ 437.190627][T13391] RDX: 0000200000002280 RSI: 0000000000008942 RDI: 0000000000000004 [ 437.190635][T13391] RBP: 00007f05715d5090 R08: 0000000000000000 R09: 0000000000000000 [ 437.190643][T13391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 437.190650][T13391] R13: 0000000000000000 R14: 00007f05709b6080 R15: 00007ffe80584128 [ 437.190670][T13391] [ 437.230865][T13392] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2549'. [ 437.421181][T13392] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 437.709646][T13404] delete_channel: no stack [ 437.907581][T13415] netlink: 'syz.4.2557': attribute type 22 has an invalid length. [ 437.921723][T13416] pim6reg1: entered allmulticast mode [ 438.308520][T13427] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2560'. [ 438.607195][T13432] delete_channel: no stack [ 439.288847][T13446] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 439.295352][T13446] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 439.402420][T13440] delete_channel: no stack [ 439.775244][T13463] netlink: 'syz.1.2574': attribute type 21 has an invalid length. [ 439.991288][T13460] pim6reg1: entered allmulticast mode [ 440.027400][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.034133][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.178064][T13474] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.2576'. [ 440.408716][T13484] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2578'. [ 440.466315][T13485] netlink: 'syz.1.2578': attribute type 21 has an invalid length. [ 440.750090][T13485] netlink: 'syz.1.2578': attribute type 3 has an invalid length. [ 440.792659][T13485] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2578'. [ 440.884941][T13492] sctp: [Deprecated]: syz.2.2580 (pid 13492) Use of struct sctp_assoc_value in delayed_ack socket option. [ 440.884941][T13492] Use struct sctp_sack_info instead [ 440.942597][T13489] lo: entered promiscuous mode [ 441.581963][T13506] netlink: 'syz.3.2585': attribute type 21 has an invalid length. [ 441.942160][T13509] pim6reg1: entered allmulticast mode [ 443.664516][T13570] ------------[ cut here ]------------ [ 443.670028][T13570] verifier bug: expected array map for tail call(1) [ 443.692517][T13570] WARNING: CPU: 1 PID: 13570 at kernel/bpf/verifier.c:11084 record_func_key+0x2d6/0x490 [ 443.702423][T13570] Modules linked in: [ 443.706361][T13570] CPU: 1 UID: 0 PID: 13570 Comm: syz.4.2612 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 443.717997][T13570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 443.728570][T13570] RIP: 0010:record_func_key+0x2d6/0x490 [ 443.734523][T13570] Code: 09 cc e8 9d 65 e3 ff 80 3d 87 16 ae 0d 01 74 ba e8 8f 65 e3 ff c6 05 79 16 ae 0d 01 90 48 c7 c7 40 e4 91 8b e8 8b 08 a7 ff 90 <0f> 0b 90 90 eb 9f e8 6f 65 e3 ff eb 05 e8 68 65 e3 ff 48 8b 5c 24 [ 443.754389][T13570] RSP: 0018:ffffc9001c16ec70 EFLAGS: 00010246 [ 443.760486][T13570] RAX: dcb139afeafcd600 RBX: dffffc0000000000 RCX: 0000000000080000 [ 443.768530][T13570] RDX: ffffc9000d24c000 RSI: 000000000000538b RDI: 000000000000538c [ 443.776574][T13570] RBP: 0000000000000012 R08: 0000000000000003 R09: 0000000000000004 [ 443.784630][T13570] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: ffff888035bf3800 [ 443.792854][T13570] R13: ffff888021bcf000 R14: ffff8880557a8000 R15: 1ffff1100aaf5006 [ 443.800865][T13570] FS: 00007f6d8ba2c6c0(0000) GS:ffff888125d4d000(0000) knlGS:0000000000000000 [ 443.809877][T13570] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 443.816568][T13570] CR2: 00007f2d8bd29f98 CR3: 00000000489ae000 CR4: 00000000003526f0 [ 443.824625][T13570] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 443.832857][T13570] DR3: 0000200000000300 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 443.840874][T13570] Call Trace: [ 443.844688][T13570] [ 443.847655][T13570] check_helper_call+0x2fcc/0x6a90 [ 443.853231][T13570] ? __pfx_check_helper_call+0x10/0x10 [ 443.858728][T13570] ? verbose+0x10a/0x180 [ 443.863286][T13570] ? bpf_vlog_reset+0x1db/0x340 [ 443.868175][T13570] ? print_insn_state+0x106/0x170 [ 443.873283][T13570] do_check+0x95ec/0xe080 [ 443.877647][T13570] ? unwind_get_return_address+0x4d/0x90 [ 443.883349][T13570] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 443.889568][T13570] ? bpf_prog_load+0x1318/0x1930 [ 443.894623][T13570] ? __x64_sys_bpf+0x7c/0x90 [ 443.899245][T13570] ? do_syscall_64+0xfa/0x3b0 [ 443.904055][T13570] ? __pfx_do_check+0x10/0x10 [ 443.908778][T13570] ? __pfx_verbose+0x10/0x10 [ 443.913505][T13570] ? __pfx_disasm_kfunc_name+0x10/0x10 [ 443.918999][T13570] ? __asan_memset+0x22/0x50 [ 443.923672][T13570] ? init_func_state+0x1ddf/0x2d20 [ 443.929264][T13570] do_check_common+0x188f/0x23f0 [ 443.934597][T13570] bpf_check+0x10252/0x1a5d0 [ 443.939321][T13570] ? __lock_acquire+0xab9/0xd20 [ 443.944279][T13570] ? is_bpf_text_address+0x26/0x2b0 [ 443.949520][T13570] ? is_bpf_text_address+0x292/0x2b0 [ 443.954892][T13570] ? is_bpf_text_address+0x26/0x2b0 [ 443.960134][T13570] ? __kernel_text_address+0xd/0x40 [ 443.965427][T13570] ? unwind_get_return_address+0x4d/0x90 [ 443.971132][T13570] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 443.977323][T13570] ? __pfx_bpf_check+0x10/0x10 [ 443.982185][T13570] ? __lock_acquire+0xab9/0xd20 [ 443.987098][T13570] ? __pfx___mutex_trylock_common+0x10/0x10 [ 443.993071][T13570] ? css_rstat_updated+0x1a5/0xca0 [ 443.998241][T13570] ? pcpu_block_update+0x526/0x8d0 [ 444.003457][T13570] ? __lock_acquire+0xab9/0xd20 [ 444.008352][T13570] ? ktime_get_with_offset+0x8c/0x2a0 [ 444.013808][T13570] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 444.020086][T13570] ? lockdep_hardirqs_on+0x9c/0x150 [ 444.025490][T13570] ? ktime_get_with_offset+0x8c/0x2a0 [ 444.031365][T13570] ? seqcount_lockdep_reader_access+0x175/0x1c0 [ 444.037639][T13570] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 444.044691][T13570] ? bpf_obj_name_cpy+0x194/0x1e0 [ 444.049747][T13570] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 444.055027][T13570] ? security_bpf_prog_load+0x7f/0x310 [ 444.060521][T13570] bpf_prog_load+0x1318/0x1930 [ 444.065380][T13570] ? __pfx_bpf_prog_load+0x10/0x10 [ 444.070548][T13570] ? bpf_lsm_bpf+0x9/0x20 [ 444.074952][T13570] ? security_bpf+0x7e/0x300 [ 444.079583][T13570] __sys_bpf+0x5f1/0x860 [ 444.083931][T13570] ? __pfx___sys_bpf+0x10/0x10 [ 444.088761][T13570] ? rcu_is_watching+0x15/0xb0 [ 444.093613][T13570] __x64_sys_bpf+0x7c/0x90 [ 444.098068][T13570] do_syscall_64+0xfa/0x3b0 [ 444.102679][T13570] ? lockdep_hardirqs_on+0x9c/0x150 [ 444.107915][T13570] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.114046][T13570] ? clear_bhb_loop+0x60/0xb0 [ 444.118754][T13570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.124710][T13570] RIP: 0033:0x7f6d8ab8e929 [ 444.129150][T13570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 444.149313][T13570] RSP: 002b:00007f6d8ba2c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 444.158126][T13570] RAX: ffffffffffffffda RBX: 00007f6d8adb5fa0 RCX: 00007f6d8ab8e929 [ 444.166167][T13570] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005 [ 444.174201][T13570] RBP: 00007f6d8ac10b39 R08: 0000000000000000 R09: 0000000000000000 [ 444.182233][T13570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.190233][T13570] R13: 0000000000000000 R14: 00007f6d8adb5fa0 R15: 00007fffe8dfe988 [ 444.198297][T13570] [ 444.201406][T13570] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 444.208707][T13570] CPU: 1 UID: 0 PID: 13570 Comm: syz.4.2612 Not tainted 6.16.0-rc3-syzkaller-g1f24c0d81990 #0 PREEMPT(full) [ 444.220262][T13570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 444.230316][T13570] Call Trace: [ 444.233594][T13570] [ 444.236529][T13570] dump_stack_lvl+0x99/0x250 [ 444.241142][T13570] ? __asan_memcpy+0x40/0x70 [ 444.245775][T13570] ? __pfx_dump_stack_lvl+0x10/0x10 [ 444.250989][T13570] ? __pfx__printk+0x10/0x10 [ 444.255597][T13570] panic+0x2db/0x790 [ 444.259507][T13570] ? __pfx_panic+0x10/0x10 [ 444.263949][T13570] __warn+0x31b/0x4b0 [ 444.267942][T13570] ? record_func_key+0x2d6/0x490 [ 444.272894][T13570] ? record_func_key+0x2d6/0x490 [ 444.277845][T13570] report_bug+0x2be/0x4f0 [ 444.282182][T13570] ? record_func_key+0x2d6/0x490 [ 444.287137][T13570] ? record_func_key+0x2d6/0x490 [ 444.292083][T13570] ? record_func_key+0x2d8/0x490 [ 444.297037][T13570] handle_bug+0x84/0x160 [ 444.301281][T13570] exc_invalid_op+0x1a/0x50 [ 444.305784][T13570] asm_exc_invalid_op+0x1a/0x20 [ 444.310637][T13570] RIP: 0010:record_func_key+0x2d6/0x490 [ 444.316188][T13570] Code: 09 cc e8 9d 65 e3 ff 80 3d 87 16 ae 0d 01 74 ba e8 8f 65 e3 ff c6 05 79 16 ae 0d 01 90 48 c7 c7 40 e4 91 8b e8 8b 08 a7 ff 90 <0f> 0b 90 90 eb 9f e8 6f 65 e3 ff eb 05 e8 68 65 e3 ff 48 8b 5c 24 [ 444.335796][T13570] RSP: 0018:ffffc9001c16ec70 EFLAGS: 00010246 [ 444.341873][T13570] RAX: dcb139afeafcd600 RBX: dffffc0000000000 RCX: 0000000000080000 [ 444.349847][T13570] RDX: ffffc9000d24c000 RSI: 000000000000538b RDI: 000000000000538c [ 444.357824][T13570] RBP: 0000000000000012 R08: 0000000000000003 R09: 0000000000000004 [ 444.365794][T13570] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: ffff888035bf3800 [ 444.373775][T13570] R13: ffff888021bcf000 R14: ffff8880557a8000 R15: 1ffff1100aaf5006 [ 444.381771][T13570] check_helper_call+0x2fcc/0x6a90 [ 444.386921][T13570] ? __pfx_check_helper_call+0x10/0x10 [ 444.392390][T13570] ? verbose+0x10a/0x180 [ 444.396649][T13570] ? bpf_vlog_reset+0x1db/0x340 [ 444.401508][T13570] ? print_insn_state+0x106/0x170 [ 444.406541][T13570] do_check+0x95ec/0xe080 [ 444.410876][T13570] ? unwind_get_return_address+0x4d/0x90 [ 444.416528][T13570] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 444.422726][T13570] ? bpf_prog_load+0x1318/0x1930 [ 444.427675][T13570] ? __x64_sys_bpf+0x7c/0x90 [ 444.432273][T13570] ? do_syscall_64+0xfa/0x3b0 [ 444.436979][T13570] ? __pfx_do_check+0x10/0x10 [ 444.441670][T13570] ? __pfx_verbose+0x10/0x10 [ 444.446261][T13570] ? __pfx_disasm_kfunc_name+0x10/0x10 [ 444.451729][T13570] ? __asan_memset+0x22/0x50 [ 444.456327][T13570] ? init_func_state+0x1ddf/0x2d20 [ 444.461453][T13570] do_check_common+0x188f/0x23f0 [ 444.466411][T13570] bpf_check+0x10252/0x1a5d0 [ 444.471027][T13570] ? __lock_acquire+0xab9/0xd20 [ 444.475897][T13570] ? is_bpf_text_address+0x26/0x2b0 [ 444.481105][T13570] ? is_bpf_text_address+0x292/0x2b0 [ 444.486396][T13570] ? is_bpf_text_address+0x26/0x2b0 [ 444.491608][T13570] ? __kernel_text_address+0xd/0x40 [ 444.496812][T13570] ? unwind_get_return_address+0x4d/0x90 [ 444.502456][T13570] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 444.508625][T13570] ? __pfx_bpf_check+0x10/0x10 [ 444.513399][T13570] ? __lock_acquire+0xab9/0xd20 [ 444.518269][T13570] ? __pfx___mutex_trylock_common+0x10/0x10 [ 444.524161][T13570] ? css_rstat_updated+0x1a5/0xca0 [ 444.529287][T13570] ? pcpu_block_update+0x526/0x8d0 [ 444.534410][T13570] ? __lock_acquire+0xab9/0xd20 [ 444.539272][T13570] ? ktime_get_with_offset+0x8c/0x2a0 [ 444.544653][T13570] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 444.550893][T13570] ? lockdep_hardirqs_on+0x9c/0x150 [ 444.556093][T13570] ? ktime_get_with_offset+0x8c/0x2a0 [ 444.561472][T13570] ? seqcount_lockdep_reader_access+0x175/0x1c0 [ 444.567713][T13570] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 444.574314][T13570] ? bpf_obj_name_cpy+0x194/0x1e0 [ 444.579335][T13570] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 444.584535][T13570] ? security_bpf_prog_load+0x7f/0x310 [ 444.590002][T13570] bpf_prog_load+0x1318/0x1930 [ 444.594779][T13570] ? __pfx_bpf_prog_load+0x10/0x10 [ 444.599920][T13570] ? bpf_lsm_bpf+0x9/0x20 [ 444.604255][T13570] ? security_bpf+0x7e/0x300 [ 444.608869][T13570] __sys_bpf+0x5f1/0x860 [ 444.613150][T13570] ? __pfx___sys_bpf+0x10/0x10 [ 444.617937][T13570] ? rcu_is_watching+0x15/0xb0 [ 444.622721][T13570] __x64_sys_bpf+0x7c/0x90 [ 444.627155][T13570] do_syscall_64+0xfa/0x3b0 [ 444.631656][T13570] ? lockdep_hardirqs_on+0x9c/0x150 [ 444.636854][T13570] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.642928][T13570] ? clear_bhb_loop+0x60/0xb0 [ 444.647621][T13570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.653518][T13570] RIP: 0033:0x7f6d8ab8e929 [ 444.657939][T13570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 444.677555][T13570] RSP: 002b:00007f6d8ba2c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 444.685975][T13570] RAX: ffffffffffffffda RBX: 00007f6d8adb5fa0 RCX: 00007f6d8ab8e929 [ 444.693955][T13570] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005 [ 444.701950][T13570] RBP: 00007f6d8ac10b39 R08: 0000000000000000 R09: 0000000000000000 [ 444.709926][T13570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.717897][T13570] R13: 0000000000000000 R14: 00007f6d8adb5fa0 R15: 00007fffe8dfe988 [ 444.725883][T13570] [ 444.729196][T13570] Kernel Offset: disabled [ 444.733524][T13570] Rebooting in 86400 seconds..