last executing test programs: 11.700864809s ago: executing program 1 (id=2464): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r4, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r5], 0x18, 0x20040800}, 0x0) 11.058323423s ago: executing program 1 (id=2465): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4], 0x18, 0x20040800}, 0x0) 10.537584206s ago: executing program 1 (id=2466): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/32], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r4) 9.822055251s ago: executing program 1 (id=2468): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r4, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r5], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r7) close(r6) 9.078360615s ago: executing program 1 (id=2471): r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000540)=0x3d3) r1 = socket$kcm(0xa, 0x922000000003, 0x11) socket$kcm(0x10, 0x3, 0x10) r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x922000000003, 0x11) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x1, 0x4, 0x6d, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x8010, 0x0, 0x0, 0x0, 0x40001}, 0x0, 0x4000000000000200, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xf6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x3}, 0x6000, 0x0, 0x4, 0x6, 0x0, 0x2000000a, 0xfffc, 0x0, 0x5}, 0x0, 0x1, 0xffffffffffffffff, 0xd) r4 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r4, 0x29, 0x23, &(0x7f0000000040), 0xcf) sendmsg$kcm(r4, &(0x7f00000001c0)={&(0x7f0000000a00)=@in6={0xa, 0x4e23, 0xe, @empty, 0x7}, 0x80, 0x0}, 0x48084) recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r5 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703", 0x44}], 0x1}, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x29, 0x1, 0x1, 0xfc, 0x0, 0x40000004, 0x2a324, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x1, 0x10000, 0x0, 0x0, 0x7, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000500)={0xffffffffffffffff, &(0x7f0000000340)="c0087a1a4dcb109d1b2ff0389d9a4e14d9d54fedc81ca053e4ee407fdfc723d5d85d0647b314315c7c2fe1968126f2bfdd33c564f7c8c491de8454aea44d95aee3e6cb02e723506ad851fa95d4a4da76a4fd10acf7183318035e3ae0dedf88ef6b3205368815ab179ad9800e26ffbafd6d47b4ccec58e03a26b8d606829746c7d4eda5f342ba34de5ef9aa84a14aa964181d4727cb9495fa986cc32d51a5", &(0x7f0000000440)=""/34, 0x4}, 0x20) r6 = socket$kcm(0x10, 0x400000002, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r7, &(0x7f0000003680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=""/4096, 0x1000}, 0x12000) sendmsg$inet(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000580)="5c00000052006bab9a3fe3d86e17aa0a0af36504001a0038021d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d49380e78ff6a1577ae18c819945fb4e37e70e4509c500"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r9 = openat$cgroup_int(r8, &(0x7f0000000400)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYBLOB='M'], 0x27) sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x15}, {&(0x7f0000000200)="68cabf2dfb58fc0a01008888ffff0200258f", 0x12}], 0x2}, 0x40400c0) 7.203941026s ago: executing program 1 (id=2473): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000016000b63d25a8064000000000124fc60", 0x14}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003400)=[{&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000002400)=""/4096, 0x1000}], 0x3, 0x0, 0x4000}, 0x0) 3.579599808s ago: executing program 0 (id=2498): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r4) 3.42216901s ago: executing program 3 (id=2491): r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000540)=0x3d3) r1 = socket$kcm(0xa, 0x922000000003, 0x11) socket$kcm(0x10, 0x3, 0x10) r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x922000000003, 0x11) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x1, 0x4, 0x6d, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x8010, 0x0, 0x0, 0x0, 0x40001}, 0x0, 0x4000000000000200, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xf6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x3}, 0x6000, 0x0, 0x4, 0x6, 0x0, 0x2000000a, 0xfffc, 0x0, 0x5}, 0x0, 0x1, 0xffffffffffffffff, 0xd) r4 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r4, 0x29, 0x23, &(0x7f0000000040), 0xcf) sendmsg$kcm(r4, &(0x7f00000001c0)={&(0x7f0000000a00)=@in6={0xa, 0x4e23, 0xe, @empty, 0x7}, 0x80, 0x0}, 0x48084) recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r5 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x29, 0x1, 0x1, 0xfc, 0x0, 0x40000004, 0x2a324, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x1, 0x10000, 0x0, 0x0, 0x7, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) r6 = socket$kcm(0x10, 0x400000002, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r7, &(0x7f0000003680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=""/4096, 0x1000}, 0x12000) sendmsg$inet(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000580)="5c00000052006bab9a3fe3d86e17aa0a0af36504001a0038021d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d49380e78ff6a1577ae18c819945fb4e37e70e4509c500"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r9 = openat$cgroup_int(r8, &(0x7f0000000400)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYBLOB='M'], 0x27) sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x15}, {&(0x7f0000000200)="68cabf2dfb58fc0a01008888ffff0200258f", 0x12}], 0x2}, 0x40400c0) 3.35725549s ago: executing program 0 (id=2493): r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x6000, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac141410e00000010000000038000000000000000000000007"], 0x58}, 0x0) 3.050776812s ago: executing program 2 (id=2494): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r5) 2.936632702s ago: executing program 0 (id=2495): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r4) 2.060227498s ago: executing program 2 (id=2497): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x80, 0x0, 0xfe, 0x0, 0x8c, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffd, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 2.058217638s ago: executing program 0 (id=2499): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000003a80)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960207142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe8023c889fd4cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337bc5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35db96c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae374bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0c4367ef4124bfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de589020000dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161520b7e7d37b581a0f51fe26167e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800af3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09229dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a411347051460326f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9c5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba33770ce3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f24600000000a80455f324746048ea24c0df0375e2cf333fa90a51cb4cc307e208a93d56368c920c239d0b3a21136d20d4c3ac328254adc96753ab34c4e31b500f71a49a75d9d598035765a72278bc823f63f770ee055e35c367be5301fcaf733e0caad10e0e1eb103b4783243c299729b4c9e26a4a6e0f2e1170e07c63fb58bcc8e145d9d9e54291361cd906ad379fa99b345a3002a2769af372eeadb9c8ebfd4402866f278781cc0d71ecbfcb16b0dfab8043f39b44cf8cc98266e6ffd9122fe16acf0b9071e359ff2fe351601c4ef491fc21cec175d0ed34885b80e8ab975f0552756be2ead3f963487d04a0fdf28aa7f59330c2f0c78ed3800d5eeaa9627472480af1e688e79bb873503c1aecdb0b5d3dda8cb3f0c189fad95955438c0fad34d4f60755d80e3977767be97443e95f7b7982c19a731a07cda09df5b746d5ad96c3e0b84493d94bd211ff1f0e30fc959322317aff59e86e512140a9cae22becca0f195b508905fce03ab6dd01dfb1c91600ef6119aeff341d04ee74c02a717b2f6107479989cd5075e806ea2c5aad0e02db9dc43b10d2792db042e7a2cc55779403b65e442a26d1ec0227fe5d05d0d63f4b0c1ae44f391b6"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000500)="b958945d8ae49c4f19be14f06558", 0x0, 0x1cb0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000001d00)=@in6={0xa, 0xe23, 0xfffffffc, @private1, 0xffffffff}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x29, 0x4}], 0x10}, 0xc0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x3f, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640), 0x400002, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000680)={'nicvf0\x00', @multicast}) sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="8f00000015006b05c84e21000ab16d8b230675f802000000440002005805530461bc24eeb556a705251e6182149a36c23d1b48dfd8cd81bf9367b098fa51f60a64c9f40800000000", 0x48}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8094) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x9, 0x3, 0x4, 0x4, 0x0, 0x1}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='hrtimer_init\x00', r7}, 0x10) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r5) r8 = perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=0xffffffffffffffff, 0x4) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, 0x0) r9 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r9, 0x107, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r10 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) 1.929997909s ago: executing program 3 (id=2500): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r4) 1.841656779s ago: executing program 2 (id=2501): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000100)=0x50) r1 = socket$kcm(0xa, 0x2, 0x88) perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80102, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x18944, 0x401, 0x25, 0x0, 0x1, 0x200, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000140)="f0e9c9d5470c34b70d23c8a2f622ccc7aacfef2fd74b28daff4ff459933dd15529d2aac32e90c06cca880b2c85341eedcd206b8a191ad3a12155f52dcf304a83e64f2d3bab", 0x45}], 0x1}, 0x20000402) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xb, 0x8, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r3, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000280)=r2}, 0x20) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00') r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0x838, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={r6, &(0x7f0000000200)}, 0x20) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r5, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44) bpf$ITER_CREATE(0x21, &(0x7f0000000240)={r0}, 0x8) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000400000000000000fcffff0185000000bc0000001801000020646c2400000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000f000000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94) r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000880)=@o_path={&(0x7f0000000800)='./file0\x00', r5, 0x4000, r9}, 0x18) r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r8}, 0x10) r11 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r10}, 0x8) r12 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000000009500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r12, 0x11, 0x0, 0x0, @void, @value=r11}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000440)={r4, &(0x7f00000001c0), 0x0}, 0x20) sendmsg$sock(r1, &(0x7f0000000180)={&(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @remote, 'dvmrp0\x00'}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000080)="0edf3efa7449ebe9ab679ee79e4d0e71ad56c5639f7e45bd8354236dc36073cf5ec3bf532b378c4d717790d380a587e456a0885718648898177ae26202a8f19306f3110fb003f210eea62ca7798f96f892ac3d582a2c89f4b59e4b74fff2b4824aa76bde5afd93de1216f203f154c0bc0dbf0a43d6c6629ca73a211cd8c8fe527037a461454cfadbc1ca7c15e975ce582c86f5a1f4b595dae7ac5eaf930b7ce1e682f592480d36e6e3b7d1", 0xab}, {&(0x7f0000000380)="44cf029661b2cd87ec2bd48034a094ded41184000a7daf74d18b275df5f248bf7cbbf221b0c16a23feb528076a7e7c7a87cb37a7d996dc42bf27cc63e7b76c5a038485f611e3cac7a8d7b83fd24d68daec6cd0ee18790ca38e487cc0e60a582380d1e39ad50927c5029cbd740d8547230762d73933a5930f04f418634720575f63c7670b185a26cc", 0x88}, {&(0x7f0000000680)="37cdc59053cecb130b9bf5861743912992e65852fcbccc8ad4dd9da2d4d6a392360ee24f2db605a46c75f0bd52b9753053a5666e6789fd2225a716b96c735497eca49a239541b69ae40197a0943a99e67abf4a47c4c7cb64bcd383a3a71890769e934c20f107274f74ba5e11900f6ab6ca6de13bb433a6d05e67d17f347e55a1c3834a4b4d10316dae7f9b3c68427e36965ffc542bf8f4b313a43af00fb72c2cbaa5e40347ff5308862cbc", 0xab}, {&(0x7f0000000740)="189e81834e617057697884ec530a2b52959b5935b1f5f23787302cdbbbc67c7174841f0780be300efe63eaf5b348b0176ce2b1aafb7f5806fed7ced2619a1c68a92f2eecbf73973b1358eb", 0x4b}], 0x37}, 0x4000) sendmsg$kcm(r1, &(0x7f0000000480)={&(0x7f00000002c0)=@in6={0xa, 0x4e23, 0xfffffffc, @loopback={0xfe80000000000000}, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000440)='m', 0x1}], 0x1}, 0x20008810) 1.64523276s ago: executing program 3 (id=2502): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r4) 1.518170071s ago: executing program 2 (id=2503): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94) r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext={0x0, 0x1000000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x9, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x3ffffffe}, [@func={0x85, 0x0, 0x1, 0x0, 0x4}, @generic={0xc6, 0x8}, @initr0, @exit, @exit]}, &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) 1.436757661s ago: executing program 3 (id=2504): r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000540)=0x3d3) r1 = socket$kcm(0xa, 0x922000000003, 0x11) socket$kcm(0x10, 0x3, 0x10) r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x922000000003, 0x11) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x1, 0x4, 0x6d, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x8010, 0x0, 0x0, 0x0, 0x40001}, 0x0, 0x4000000000000200, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xd) r4 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r4, 0x29, 0x23, &(0x7f0000000040), 0xcf) sendmsg$kcm(r4, &(0x7f00000001c0)={&(0x7f0000000a00)=@in6={0xa, 0x4e23, 0xe, @empty, 0x7}, 0x80, 0x0}, 0x48084) recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r5 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x29, 0x1, 0x1, 0xfc, 0x0, 0x40000004, 0x2a324, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x1, 0x10000, 0x0, 0x0, 0x7, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000500)={0xffffffffffffffff, &(0x7f0000000340)="c0087a1a4dcb109d1b2ff0389d9a4e14d9d54fedc81ca053e4ee407fdfc723d5d85d0647b314315c7c2fe1968126f2bfdd33c564f7c8c491de8454aea44d95aee3e6cb02e723506ad851fa95d4a4da76a4fd10acf7183318035e3ae0dedf88ef6b3205368815ab179ad9800e26ffbafd6d47b4ccec58e03a26b8d606829746c7d4eda5f342ba34de5ef9aa84a14aa964181d4727cb9495fa986cc32d51a5", &(0x7f0000000440)=""/34, 0x4}, 0x20) r6 = socket$kcm(0x10, 0x400000002, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r7, &(0x7f0000003680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=""/4096, 0x1000}, 0x12000) sendmsg$inet(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000580)="5c00000052006bab9a3fe3d86e17aa0a0af36504001a0038021d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d49380e78ff6a1577ae18c819945fb4e37e70e4509c500"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r9 = openat$cgroup_int(r8, &(0x7f0000000400)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYBLOB='M'], 0x27) sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x15}, {&(0x7f0000000200)="68cabf2dfb58fc0a01008888ffff0200258f", 0x12}], 0x2}, 0x40400c0) 938.295605ms ago: executing program 2 (id=2505): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e22, @private=0xa010101}, 0x10, 0x0}, 0x6f24a6de8443a7d8) socket$kcm(0xf, 0x3, 0x2) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x1, 0x2}, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000017c0)=0xffffffffffffffff, 0x4) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001c00)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x3}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001dc0)={{0x1, 0xffffffffffffffff}, 0x0, &(0x7f0000001d80)}, 0x20) r2 = perf_event_open(0x0, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x15, 0x5, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8b, 0x5, 0x9, 0x1, 0x1}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x40, 0x20, 0x0, r1}, 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r4, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000440)={@cgroup, 0xffffffffffffffff, 0x18, 0x1d, 0xffffffffffffffff, @void, @value=r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r4, &(0x7f0000000140), 0x0}, 0x20) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r6 = openat$cgroup_devices(r5, &(0x7f0000000140)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="622037353a2a090aef"], 0xa) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, 0xfffffffffffffffd) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@bloom_filter={0x1e, 0x4, 0x4, 0x10000, 0x2000, 0xffffffffffffffff, 0xb16, '\x00', 0x0, r2, 0x3, 0x5, 0x4, 0x8}, 0x50) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x14, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r9, 0x1, 0x32, &(0x7f00000000c0)=r11, 0x4) sendmsg$unix(r10, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x10100) socket$kcm(0x10, 0x2, 0x10) 796.994245ms ago: executing program 0 (id=2512): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4], 0x18, 0x20040800}, 0x0) 398.684408ms ago: executing program 2 (id=2506): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r4) 392.490208ms ago: executing program 0 (id=2507): r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000540)=0x3d3) r1 = socket$kcm(0xa, 0x922000000003, 0x11) socket$kcm(0x10, 0x3, 0x10) r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x922000000003, 0x11) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x1, 0x4, 0x6d, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x8010, 0x0, 0x0, 0x0, 0x40001}, 0x0, 0x4000000000000200, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xf6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x3}, 0x6000, 0x0, 0x4, 0x6, 0x0, 0x2000000a, 0xfffc, 0x0, 0x5}, 0x0, 0x1, 0xffffffffffffffff, 0xd) r4 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r4, 0x29, 0x23, &(0x7f0000000040), 0xcf) sendmsg$kcm(r4, &(0x7f00000001c0)={&(0x7f0000000a00)=@in6={0xa, 0x4e23, 0xe, @empty, 0x7}, 0x80, 0x0}, 0x48084) recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r5 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x29, 0x1, 0x1, 0xfc, 0x0, 0x40000004, 0x2a324, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x1, 0x10000, 0x0, 0x0, 0x7, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) r6 = socket$kcm(0x10, 0x400000002, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r7, &(0x7f0000003680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=""/4096, 0x1000}, 0x12000) sendmsg$inet(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000580)="5c00000052006bab9a3fe3d86e17aa0a0af36504001a0038021d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d49380e78ff6a1577ae18c819945fb4e37e70e4509c500"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r9 = openat$cgroup_int(r8, &(0x7f0000000400)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0) write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYBLOB='M'], 0x27) sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x15}, {&(0x7f0000000200)="68cabf2dfb58fc0a01008888ffff0200258f", 0x12}], 0x2}, 0x40400c0) 327.237268ms ago: executing program 3 (id=2508): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4], 0x18, 0x20040800}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close(r5) 0s ago: executing program 3 (id=2509): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x80, 0x0, 0xfe, 0x0, 0x8c, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffd, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): 1671 Not tainted syzkaller #0 [ 337.195575][T10332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 337.205673][T10332] Call Trace: [ 337.209023][T10332] [ 337.212082][T10332] dump_stack_lvl+0x16c/0x230 [ 337.216823][T10332] ? show_regs_print_info+0x20/0x20 [ 337.222088][T10332] ? load_image+0x3b0/0x3b0 [ 337.226650][T10332] ? __might_fault+0xaa/0x120 [ 337.231384][T10332] should_fail_ex+0x39d/0x4d0 [ 337.236144][T10332] copyin+0x1a/0x90 [ 337.240098][T10332] _copy_from_iter+0x404/0x1290 [ 337.245038][T10332] ? slab_post_alloc_hook+0x8a/0x4d0 [ 337.250374][T10332] ? __virt_addr_valid+0x18c/0x540 [ 337.255554][T10332] ? __lock_acquire+0x7c80/0x7c80 [ 337.260617][T10332] ? copyout_mc+0x70/0x70 [ 337.264985][T10332] ? __virt_addr_valid+0x18c/0x540 [ 337.270432][T10332] ? __virt_addr_valid+0x18c/0x540 [ 337.275589][T10332] ? __virt_addr_valid+0x469/0x540 [ 337.280736][T10332] ? __check_object_size+0x506/0xa30 [ 337.286058][T10332] netlink_sendmsg+0x75c/0xbe0 [ 337.290871][T10332] ? netlink_getsockopt+0x580/0x580 [ 337.296104][T10332] ? aa_sock_msg_perm+0x94/0x150 [ 337.301076][T10332] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 337.306400][T10332] ? security_socket_sendmsg+0x80/0xa0 [ 337.311985][T10332] ? netlink_getsockopt+0x580/0x580 [ 337.317395][T10332] ____sys_sendmsg+0x5bf/0x950 [ 337.322211][T10332] ? __asan_memset+0x22/0x40 [ 337.326835][T10332] ? __sys_sendmsg_sock+0x30/0x30 [ 337.331902][T10332] ? __import_iovec+0x3fa/0x860 [ 337.336810][T10332] ? import_iovec+0x73/0xa0 [ 337.341538][T10332] ___sys_sendmsg+0x220/0x290 [ 337.346262][T10332] ? __sys_sendmsg+0x270/0x270 [ 337.351078][T10332] ? __lock_acquire+0x7c80/0x7c80 [ 337.356164][T10332] __se_sys_sendmsg+0x1a5/0x270 [ 337.361055][T10332] ? __x64_sys_sendmsg+0x80/0x80 [ 337.366049][T10332] ? lockdep_hardirqs_on+0x98/0x150 [ 337.371279][T10332] do_syscall_64+0x55/0xb0 [ 337.375732][T10332] ? clear_bhb_loop+0x40/0x90 [ 337.380439][T10332] ? clear_bhb_loop+0x40/0x90 [ 337.385151][T10332] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 337.391076][T10332] RIP: 0033:0x7ff48798efc9 [ 337.395520][T10332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.415162][T10332] RSP: 002b:00007ff488845038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 337.423645][T10332] RAX: ffffffffffffffda RBX: 00007ff487be5fa0 RCX: 00007ff48798efc9 [ 337.431735][T10332] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 337.439771][T10332] RBP: 00007ff488845090 R08: 0000000000000000 R09: 0000000000000000 [ 337.447777][T10332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 337.456386][T10332] R13: 00007ff487be6038 R14: 00007ff487be5fa0 R15: 00007fff68a16038 [ 337.464489][T10332] [ 337.883514][T10351] netlink: 'syz.0.1677': attribute type 41 has an invalid length. [ 337.919094][T10351] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1677'. [ 339.163985][T10369] FAULT_INJECTION: forcing a failure. [ 339.163985][T10369] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 339.197619][T10369] CPU: 0 PID: 10369 Comm: syz.2.1685 Not tainted syzkaller #0 [ 339.205155][T10369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 339.215516][T10369] Call Trace: [ 339.218838][T10369] [ 339.221798][T10369] dump_stack_lvl+0x16c/0x230 [ 339.226613][T10369] ? show_regs_print_info+0x20/0x20 [ 339.231853][T10369] ? load_image+0x3b0/0x3b0 [ 339.236405][T10369] ? __might_fault+0xaa/0x120 [ 339.241130][T10369] ? __lock_acquire+0x7c80/0x7c80 [ 339.246205][T10369] should_fail_ex+0x39d/0x4d0 [ 339.250948][T10369] _copy_from_iter+0x1d3/0x1290 [ 339.255855][T10369] ? slab_post_alloc_hook+0x8a/0x4d0 [ 339.261201][T10369] ? __virt_addr_valid+0x18c/0x540 [ 339.266368][T10369] ? __lock_acquire+0x7c80/0x7c80 [ 339.271436][T10369] ? rcu_is_watching+0x15/0xb0 [ 339.276253][T10369] ? copyout_mc+0x70/0x70 [ 339.280715][T10369] ? __virt_addr_valid+0x18c/0x540 [ 339.285877][T10369] ? __virt_addr_valid+0x18c/0x540 [ 339.291032][T10369] ? __virt_addr_valid+0x469/0x540 [ 339.296192][T10369] ? __check_object_size+0x506/0xa30 [ 339.301551][T10369] netlink_sendmsg+0x75c/0xbe0 [ 339.306377][T10369] ? netlink_getsockopt+0x580/0x580 [ 339.311627][T10369] ? aa_sock_msg_perm+0x94/0x150 [ 339.316701][T10369] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 339.322029][T10369] ? security_socket_sendmsg+0x80/0xa0 [ 339.327542][T10369] ? netlink_getsockopt+0x580/0x580 [ 339.332776][T10369] ____sys_sendmsg+0x5bf/0x950 [ 339.337578][T10369] ? __asan_memset+0x22/0x40 [ 339.342207][T10369] ? __sys_sendmsg_sock+0x30/0x30 [ 339.347243][T10369] ? __import_iovec+0x5f2/0x860 [ 339.352142][T10369] ? import_iovec+0x73/0xa0 [ 339.356663][T10369] ___sys_sendmsg+0x220/0x290 [ 339.361383][T10369] ? __sys_sendmsg+0x270/0x270 [ 339.366234][T10369] ? __lock_acquire+0x7c80/0x7c80 [ 339.371353][T10369] __se_sys_sendmsg+0x1a5/0x270 [ 339.376290][T10369] ? __x64_sys_sendmsg+0x80/0x80 [ 339.381324][T10369] ? lockdep_hardirqs_on+0x98/0x150 [ 339.386558][T10369] do_syscall_64+0x55/0xb0 [ 339.391117][T10369] ? clear_bhb_loop+0x40/0x90 [ 339.395814][T10369] ? clear_bhb_loop+0x40/0x90 [ 339.400514][T10369] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 339.406418][T10369] RIP: 0033:0x7ff48798efc9 [ 339.410866][T10369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.430508][T10369] RSP: 002b:00007ff488824038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 339.438986][T10369] RAX: ffffffffffffffda RBX: 00007ff487be6090 RCX: 00007ff48798efc9 [ 339.446975][T10369] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004 [ 339.454957][T10369] RBP: 00007ff488824090 R08: 0000000000000000 R09: 0000000000000000 [ 339.462952][T10369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.470945][T10369] R13: 00007ff487be6128 R14: 00007ff487be6090 R15: 00007fff68a16038 [ 339.478943][T10369] [ 339.980274][T10381] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1689'. [ 340.125642][T10376] netlink: 'syz.1.1686': attribute type 10 has an invalid length. [ 340.699496][T10400] netlink: 'syz.2.1697': attribute type 41 has an invalid length. [ 340.727444][T10400] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1697'. [ 341.901310][ T5799] Bluetooth: hci3: ISO packet for unknown connection handle 14 [ 343.713791][T10454] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1718'. [ 348.160099][T10511] FAULT_INJECTION: forcing a failure. [ 348.160099][T10511] name failslab, interval 1, probability 0, space 0, times 0 [ 348.184526][T10511] CPU: 1 PID: 10511 Comm: syz.1.1738 Not tainted syzkaller #0 [ 348.192084][T10511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 348.202270][T10511] Call Trace: [ 348.205590][T10511] [ 348.208562][T10511] dump_stack_lvl+0x16c/0x230 [ 348.213382][T10511] ? show_regs_print_info+0x20/0x20 [ 348.218730][T10511] ? load_image+0x3b0/0x3b0 [ 348.223457][T10511] ? __might_sleep+0xe0/0xe0 [ 348.228101][T10511] ? __lock_acquire+0x7c80/0x7c80 [ 348.233178][T10511] should_fail_ex+0x39d/0x4d0 [ 348.237927][T10511] should_failslab+0x9/0x20 [ 348.242575][T10511] slab_pre_alloc_hook+0x59/0x310 [ 348.247660][T10511] ? sctp_association_new+0x89/0x25c0 [ 348.253103][T10511] __kmem_cache_alloc_node+0x53/0x260 [ 348.258546][T10511] ? sctp_association_new+0x89/0x25c0 [ 348.263975][T10511] kmalloc_trace+0x2a/0xe0 [ 348.268527][T10511] sctp_association_new+0x89/0x25c0 [ 348.273812][T10511] ? sctp_do_bind+0x6bb/0x9a0 [ 348.278544][T10511] ? __ipv6_addr_type+0x118/0x2f0 [ 348.283618][T10511] sctp_connect_new_asoc+0x2bf/0x690 [ 348.288969][T10511] ? __sctp_connect+0xd20/0xd20 [ 348.293875][T10511] ? __local_bh_enable_ip+0x12e/0x1c0 [ 348.299385][T10511] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 348.304987][T10511] ? security_sctp_bind_connect+0x89/0xb0 [ 348.310779][T10511] sctp_sendmsg+0x155c/0x27e0 [ 348.315528][T10511] ? sctp_getsockopt+0xb60/0xb60 [ 348.320533][T10511] ? aa_sk_perm+0x7fc/0x930 [ 348.325102][T10511] ? aa_af_perm+0x2b0/0x2b0 [ 348.329655][T10511] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 348.336180][T10511] ? sock_rps_record_flow+0x19/0x400 [ 348.341607][T10511] ? inet_send_prepare+0x260/0x260 [ 348.346874][T10511] ? inet_sendmsg+0xe9/0x2f0 [ 348.351512][T10511] ? inet_send_prepare+0x260/0x260 [ 348.356674][T10511] ____sys_sendmsg+0x5bf/0x950 [ 348.361503][T10511] ? __sys_sendmsg_sock+0x30/0x30 [ 348.366582][T10511] ? __import_iovec+0x5f2/0x860 [ 348.371476][T10511] ? import_iovec+0x73/0xa0 [ 348.376017][T10511] ___sys_sendmsg+0x220/0x290 [ 348.380993][T10511] ? __sys_sendmsg+0x270/0x270 [ 348.385867][T10511] ? __lock_acquire+0x7c80/0x7c80 [ 348.390951][T10511] __se_sys_sendmsg+0x1a5/0x270 [ 348.395853][T10511] ? __x64_sys_sendmsg+0x80/0x80 [ 348.400844][T10511] ? lockdep_hardirqs_on+0x98/0x150 [ 348.406073][T10511] do_syscall_64+0x55/0xb0 [ 348.410526][T10511] ? clear_bhb_loop+0x40/0x90 [ 348.415238][T10511] ? clear_bhb_loop+0x40/0x90 [ 348.420041][T10511] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 348.425965][T10511] RIP: 0033:0x7f297b18efc9 [ 348.430419][T10511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.450087][T10511] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 348.458654][T10511] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 348.466939][T10511] RDX: 0000000020004000 RSI: 0000200000000080 RDI: 0000000000000003 [ 348.474940][T10511] RBP: 00007f297bf95090 R08: 0000000000000000 R09: 0000000000000000 [ 348.482964][T10511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 348.491166][T10511] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 348.499446][T10511] [ 348.886494][T10526] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.1742'. [ 349.064942][T10526] netlink: 'syz.1.1742': attribute type 10 has an invalid length. [ 349.167867][T10526] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 349.893048][T10549] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1751'. [ 351.102918][T10586] FAULT_INJECTION: forcing a failure. [ 351.102918][T10586] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 351.137645][T10586] CPU: 1 PID: 10586 Comm: syz.2.1765 Not tainted syzkaller #0 [ 351.145283][T10586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 351.155386][T10586] Call Trace: [ 351.158709][T10586] [ 351.161679][T10586] dump_stack_lvl+0x16c/0x230 [ 351.166421][T10586] ? show_regs_print_info+0x20/0x20 [ 351.171681][T10586] ? load_image+0x3b0/0x3b0 [ 351.176251][T10586] ? __might_fault+0xaa/0x120 [ 351.180985][T10586] should_fail_ex+0x39d/0x4d0 [ 351.185724][T10586] copyout+0x1a/0x90 [ 351.189673][T10586] _copy_to_iter+0x432/0x10d0 [ 351.194421][T10586] ? iov_iter_init+0x1e0/0x1e0 [ 351.199250][T10586] ? __virt_addr_valid+0x18c/0x540 [ 351.204414][T10586] ? __virt_addr_valid+0x469/0x540 [ 351.209589][T10586] ? __phys_addr_symbol+0x2f/0x70 [ 351.214682][T10586] __skb_datagram_iter+0xdb/0x780 [ 351.219774][T10586] ? skb_copy_datagram_iter+0x200/0x200 [ 351.225372][T10586] skb_copy_datagram_iter+0xb1/0x200 [ 351.230717][T10586] netlink_recvmsg+0x2c5/0xdf0 [ 351.235592][T10586] ? netlink_sendmsg+0xbe0/0xbe0 [ 351.240598][T10586] ? aa_sk_perm+0x7fc/0x930 [ 351.245158][T10586] ? aa_af_perm+0x2b0/0x2b0 [ 351.249717][T10586] ? __lock_acquire+0x1260/0x7c80 [ 351.254799][T10586] ? verify_lock_unused+0x140/0x140 [ 351.260059][T10586] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 351.265400][T10586] ? security_socket_recvmsg+0x89/0xb0 [ 351.270905][T10586] ? netlink_sendmsg+0xbe0/0xbe0 [ 351.275898][T10586] ____sys_recvmsg+0x29e/0x5b0 [ 351.280733][T10586] ? __sys_recvmsg_sock+0x50/0x50 [ 351.285833][T10586] ? import_iovec+0x73/0xa0 [ 351.290423][T10586] ___sys_recvmsg+0x1b6/0x510 [ 351.295177][T10586] ? __sys_recvmsg+0x270/0x270 [ 351.300003][T10586] ? ksys_write+0x1c1/0x250 [ 351.304572][T10586] ? __fget_files+0x44a/0x4d0 [ 351.309407][T10586] __x64_sys_recvmsg+0x1f2/0x2c0 [ 351.314414][T10586] ? ___sys_recvmsg+0x510/0x510 [ 351.319345][T10586] ? lockdep_hardirqs_on+0x98/0x150 [ 351.324593][T10586] do_syscall_64+0x55/0xb0 [ 351.329078][T10586] ? clear_bhb_loop+0x40/0x90 [ 351.333794][T10586] ? clear_bhb_loop+0x40/0x90 [ 351.338521][T10586] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 351.344469][T10586] RIP: 0033:0x7ff48798efc9 [ 351.348937][T10586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.368763][T10586] RSP: 002b:00007ff488845038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 351.377222][T10586] RAX: ffffffffffffffda RBX: 00007ff487be5fa0 RCX: 00007ff48798efc9 [ 351.385239][T10586] RDX: 0000000000000002 RSI: 0000200000000300 RDI: 0000000000000003 [ 351.393257][T10586] RBP: 00007ff488845090 R08: 0000000000000000 R09: 0000000000000000 [ 351.401458][T10586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 351.409497][T10586] R13: 00007ff487be6038 R14: 00007ff487be5fa0 R15: 00007fff68a16038 [ 351.417559][T10586] [ 352.043146][T10604] netlink: 'syz.1.1771': attribute type 29 has an invalid length. [ 352.096346][T10604] netlink: 'syz.1.1771': attribute type 29 has an invalid length. [ 352.631672][T10618] syz.0.1775: vmalloc error: size 12288, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 352.653145][T10618] CPU: 1 PID: 10618 Comm: syz.0.1775 Not tainted syzkaller #0 [ 352.660733][T10618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 352.670864][T10618] Call Trace: [ 352.674213][T10618] [ 352.677202][T10618] dump_stack_lvl+0x16c/0x230 [ 352.682034][T10618] ? show_regs_print_info+0x20/0x20 [ 352.687479][T10618] ? load_image+0x3b0/0x3b0 [ 352.692069][T10618] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 352.698701][T10618] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 352.705307][T10618] warn_alloc+0x210/0x300 [ 352.709729][T10618] ? zone_watermark_ok_safe+0x230/0x230 [ 352.715411][T10618] __vmalloc_node_range+0x103e/0x1320 [ 352.720934][T10618] ? free_vm_area+0x50/0x50 [ 352.725518][T10618] ? arch_dup_task_struct+0x57/0xd0 [ 352.730789][T10618] ? __asan_memcpy+0x40/0x70 [ 352.735457][T10618] dup_task_struct+0x3d0/0x7c0 [ 352.740283][T10618] ? copy_process+0x549/0x3d70 [ 352.745112][T10618] ? lockdep_hardirqs_on+0x98/0x150 [ 352.750471][T10618] copy_process+0x549/0x3d70 [ 352.755129][T10618] ? trace_event_raw_event_lock+0x230/0x230 [ 352.761187][T10618] ? perf_trace_lock+0xf7/0x380 [ 352.766142][T10618] ? __pidfd_prepare+0x140/0x140 [ 352.771186][T10618] kernel_clone+0x21b/0x840 [ 352.775751][T10618] ? ksys_write+0x1c1/0x250 [ 352.780578][T10618] ? create_io_thread+0x140/0x140 [ 352.785820][T10618] __x64_sys_clone+0x18c/0x1e0 [ 352.790660][T10618] ? __fget_files+0x44a/0x4d0 [ 352.795517][T10618] ? __ia32_sys_vfork+0x100/0x100 [ 352.800679][T10618] ? lock_chain_count+0x20/0x20 [ 352.805612][T10618] ? lockdep_hardirqs_on+0x98/0x150 [ 352.810903][T10618] do_syscall_64+0x55/0xb0 [ 352.815393][T10618] ? clear_bhb_loop+0x40/0x90 [ 352.820320][T10618] ? clear_bhb_loop+0x40/0x90 [ 352.825165][T10618] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 352.831135][T10618] RIP: 0033:0x7fe5d098efc9 [ 352.835643][T10618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.855495][T10618] RSP: 002b:00007fe5d1763fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 352.864106][T10618] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 352.872151][T10618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000003002400 [ 352.880193][T10618] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 352.888320][T10618] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 352.896518][T10618] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 352.904709][T10618] [ 352.962951][T10618] Mem-Info: [ 352.966373][T10618] active_anon:5310 inactive_anon:0 isolated_anon:0 [ 352.966373][T10618] active_file:1502 inactive_file:39977 isolated_file:0 [ 352.966373][T10618] unevictable:768 dirty:386 writeback:0 [ 352.966373][T10618] slab_reclaimable:9955 slab_unreclaimable:91998 [ 352.966373][T10618] mapped:24429 shmem:1361 pagetables:535 [ 352.966373][T10618] sec_pagetables:0 bounce:0 [ 352.966373][T10618] kernel_misc_reclaimable:0 [ 352.966373][T10618] free:1361077 free_pcp:11015 free_cma:0 [ 353.021405][T10618] Node 0 active_anon:21240kB inactive_anon:0kB active_file:6008kB inactive_file:159704kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97716kB dirty:1540kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:14120kB pagetables:2140kB sec_pagetables:0kB all_unreclaimable? no [ 353.106373][T10618] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 353.209673][T10618] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 353.295598][T10618] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 353.314215][T10622] netlink: 'syz.2.1777': attribute type 21 has an invalid length. [ 353.322567][T10618] Node 0 DMA32 free:1525608kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:21620kB inactive_anon:0kB active_file:6008kB inactive_file:158384kB unevictable:1536kB writepending:1540kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:24056kB local_pcp:15676kB free_cma:0kB [ 353.411866][T10618] lowmem_reserve[]: 0 0 1 1 1 [ 353.448496][T10618] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 353.597396][T10618] lowmem_reserve[]: 0 0 0 0 0 [ 353.602236][T10618] Node 1 Normal free:3902056kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:16224kB local_pcp:6976kB free_cma:0kB [ 353.644532][T10618] lowmem_reserve[]: 0 0 0 0 0 [ 353.652597][T10618] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 353.670392][T10618] Node 0 DMA32: 3*4kB (UME) 1*8kB (M) 205*16kB (UME) 209*32kB (UM) 118*64kB (UME) 51*128kB (UME) 37*256kB (UM) 19*512kB (UM) 9*1024kB (UME) 3*2048kB (UME) 356*4096kB (M) = 1516804kB [ 353.717403][T10618] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 353.729839][T10618] Node 1 Normal: 262*4kB (UME) 54*8kB (UME) 38*16kB (UME) 114*32kB (UME) 32*64kB (UME) 8*128kB (UME) 2*256kB (UM) 1*512kB (E) 1*1024kB (E) 2*2048kB (UE) 949*4096kB (M) = 3902056kB [ 353.776158][T10618] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 353.817418][T10618] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 353.848387][T10618] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 353.877756][T10618] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 353.897393][T10618] 42840 total pagecache pages [ 353.908588][T10618] 0 pages in swap cache [ 353.923140][T10618] Free swap = 124996kB [ 353.933310][T10618] Total swap = 124996kB [ 353.942786][T10618] 2097051 pages RAM [ 353.952916][T10618] 0 pages HighMem/MovableOnly [ 353.961827][T10618] 416137 pages reserved [ 353.985529][T10618] 0 pages cma reserved [ 354.168319][T10635] veth0_vlan: entered allmulticast mode [ 357.485291][T10706] netlink: 'syz.3.1809': attribute type 10 has an invalid length. [ 357.674743][T10703] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1808'. [ 358.017966][T10706] hsr_slave_0 (unregistering): left promiscuous mode [ 359.369716][T10747] netlink: 'syz.1.1823': attribute type 10 has an invalid length. [ 359.497773][T10747] hsr_slave_0 (unregistering): left promiscuous mode [ 360.548321][T10774] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1835'. [ 360.589095][T10773] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1835'. [ 361.717997][T10806] netlink: 'syz.1.1847': attribute type 10 has an invalid length. [ 361.904597][T10806] 8021q: adding VLAN 0 to HW filter on device team0 [ 361.939487][T10806] bond0: (slave team0): Enslaving as an active interface with an up link [ 364.101847][T10871] FAULT_INJECTION: forcing a failure. [ 364.101847][T10871] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 364.121311][T10871] CPU: 1 PID: 10871 Comm: syz.0.1873 Not tainted syzkaller #0 [ 364.128839][T10871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 364.139122][T10871] Call Trace: [ 364.142481][T10871] [ 364.145516][T10871] dump_stack_lvl+0x16c/0x230 [ 364.150281][T10871] ? lockdep_hardirqs_on+0x98/0x150 [ 364.155538][T10871] ? show_regs_print_info+0x20/0x20 [ 364.160803][T10871] ? _printk+0x103/0x110 [ 364.165149][T10871] should_fail_ex+0x39d/0x4d0 [ 364.169872][T10871] _copy_from_user+0x2f/0xe0 [ 364.174480][T10871] __sys_bpf+0x1e9/0x800 [ 364.178755][T10871] ? bpf_link_show_fdinfo+0x350/0x350 [ 364.184457][T10871] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 364.190679][T10871] __x64_sys_bpf+0x7c/0x90 [ 364.195144][T10871] do_syscall_64+0x55/0xb0 [ 364.199596][T10871] ? clear_bhb_loop+0x40/0x90 [ 364.204363][T10871] ? clear_bhb_loop+0x40/0x90 [ 364.209077][T10871] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.215000][T10871] RIP: 0033:0x7fe5d098efc9 [ 364.219521][T10871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.239241][T10871] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 364.247702][T10871] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 364.255718][T10871] RDX: 0000000000000050 RSI: 0000200000000340 RDI: 000000000000000a [ 364.263826][T10871] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 364.271914][T10871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 364.279912][T10871] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 364.287935][T10871] [ 364.584714][T10879] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.1876'. [ 366.083983][T10909] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1889'. [ 370.242026][T10947] FAULT_INJECTION: forcing a failure. [ 370.242026][T10947] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 370.256347][T10947] CPU: 1 PID: 10947 Comm: syz.3.1903 Not tainted syzkaller #0 [ 370.263886][T10947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 370.273993][T10947] Call Trace: [ 370.277323][T10947] [ 370.280297][T10947] dump_stack_lvl+0x16c/0x230 [ 370.285034][T10947] ? show_regs_print_info+0x20/0x20 [ 370.290286][T10947] ? load_image+0x3b0/0x3b0 [ 370.294845][T10947] ? __lock_acquire+0x7c80/0x7c80 [ 370.299927][T10947] ? snprintf+0xdb/0x120 [ 370.304247][T10947] should_fail_ex+0x39d/0x4d0 [ 370.309010][T10947] _copy_to_user+0x2f/0xa0 [ 370.313478][T10947] simple_read_from_buffer+0xe7/0x150 [ 370.318962][T10947] proc_fail_nth_read+0x1e3/0x250 [ 370.324042][T10947] ? proc_fault_inject_write+0x340/0x340 [ 370.329731][T10947] ? fsnotify_perm+0x271/0x5e0 [ 370.334556][T10947] ? proc_fault_inject_write+0x340/0x340 [ 370.340257][T10947] vfs_read+0x27e/0x920 [ 370.344471][T10947] ? kernel_read+0x1e0/0x1e0 [ 370.349118][T10947] ? __fget_files+0x28/0x4d0 [ 370.353861][T10947] ? __fget_files+0x44a/0x4d0 [ 370.358601][T10947] ? __fdget_pos+0x2a3/0x330 [ 370.363244][T10947] ? ksys_read+0x75/0x250 [ 370.367637][T10947] ksys_read+0x147/0x250 [ 370.372031][T10947] ? vfs_write+0x940/0x940 [ 370.376592][T10947] ? syscall_enter_from_user_mode+0x2e/0x80 [ 370.382533][T10947] do_syscall_64+0x55/0xb0 [ 370.386981][T10947] ? clear_bhb_loop+0x40/0x90 [ 370.391699][T10947] ? clear_bhb_loop+0x40/0x90 [ 370.396505][T10947] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 370.402428][T10947] RIP: 0033:0x7f0992b8d9dc [ 370.406895][T10947] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 370.426622][T10947] RSP: 002b:00007f0993ab5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 370.435067][T10947] RAX: ffffffffffffffda RBX: 00007f0992de5fa0 RCX: 00007f0992b8d9dc [ 370.443070][T10947] RDX: 000000000000000f RSI: 00007f0993ab50a0 RDI: 000000000000000a [ 370.451324][T10947] RBP: 00007f0993ab5090 R08: 0000000000000000 R09: 0000000000000000 [ 370.459324][T10947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 370.467320][T10947] R13: 00007f0992de6038 R14: 00007f0992de5fa0 R15: 00007ffdd2866668 [ 370.475346][T10947] [ 370.923283][T10965] delete_channel: no stack [ 371.694265][T10982] netlink: 192 bytes leftover after parsing attributes in process `syz.0.1917'. [ 372.517160][T11004] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1926'. [ 373.643656][T11015] syzkaller0: entered promiscuous mode [ 373.660982][T11015] syzkaller0: entered allmulticast mode [ 376.288063][T11069] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1947'. [ 376.372930][T11071] netlink: 'syz.0.1948': attribute type 10 has an invalid length. [ 376.412806][T11071] macvlan0: entered promiscuous mode [ 376.420465][T11071] macvlan0: entered allmulticast mode [ 376.591595][T11071] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 378.952819][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.967375][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.225301][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.236795][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.247702][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.258502][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.269723][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.280382][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.290707][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.301042][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.311920][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 383.322749][T11134] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 385.476873][T11157] netlink: 'syz.2.1975': attribute type 10 has an invalid length. [ 385.485020][T11157] team0: Device wlan1 is up. Set it down before adding it as a team port [ 386.014415][T11173] netlink: 'syz.3.1983': attribute type 10 has an invalid length. [ 386.557936][T11189] netlink: 'syz.2.1988': attribute type 3 has an invalid length. [ 386.565751][T11189] netlink: 'syz.2.1988': attribute type 1 has an invalid length. [ 386.586585][T11189] netlink: 60387 bytes leftover after parsing attributes in process `syz.2.1988'. [ 387.137453][T11207] FAULT_INJECTION: forcing a failure. [ 387.137453][T11207] name failslab, interval 1, probability 0, space 0, times 0 [ 387.155248][T11207] CPU: 1 PID: 11207 Comm: syz.2.1996 Not tainted syzkaller #0 [ 387.162851][T11207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 387.173146][T11207] Call Trace: [ 387.176560][T11207] [ 387.179528][T11207] dump_stack_lvl+0x16c/0x230 [ 387.184266][T11207] ? show_regs_print_info+0x20/0x20 [ 387.189619][T11207] ? load_image+0x3b0/0x3b0 [ 387.194173][T11207] ? __might_sleep+0xe0/0xe0 [ 387.198820][T11207] ? __lock_acquire+0x7c80/0x7c80 [ 387.203913][T11207] ? do_syscall_64+0x55/0xb0 [ 387.208567][T11207] should_fail_ex+0x39d/0x4d0 [ 387.213393][T11207] should_failslab+0x9/0x20 [ 387.218037][T11207] slab_pre_alloc_hook+0x59/0x310 [ 387.223122][T11207] kmem_cache_alloc+0x5a/0x2e0 [ 387.227944][T11207] ? getname_kernel+0x5a/0x2f0 [ 387.232787][T11207] getname_kernel+0x5a/0x2f0 [ 387.237437][T11207] kern_path+0x1d/0x50 [ 387.241561][T11207] create_local_trace_uprobe+0xa6/0x6a0 [ 387.247163][T11207] ? bpf_get_uprobe_info+0x520/0x520 [ 387.252590][T11207] ? __might_fault+0xaa/0x120 [ 387.257329][T11207] ? _copy_from_user+0xa5/0xe0 [ 387.262149][T11207] perf_uprobe_init+0xf3/0x190 [ 387.266971][T11207] perf_uprobe_event_init+0xe6/0x180 [ 387.272315][T11207] perf_try_init_event+0x12b/0x3c0 [ 387.277492][T11207] perf_event_alloc+0xfa4/0x21b0 [ 387.282485][T11207] ? perf_event_alloc+0xc06/0x21b0 [ 387.287660][T11207] __se_sys_perf_event_open+0x5ed/0x1c20 [ 387.293360][T11207] ? mutex_unlock+0x10/0x10 [ 387.297921][T11207] ? __x64_sys_perf_event_open+0xc0/0xc0 [ 387.303614][T11207] ? lock_chain_count+0x20/0x20 [ 387.308517][T11207] ? lockdep_hardirqs_on+0x98/0x150 [ 387.313754][T11207] ? __x64_sys_perf_event_open+0x20/0xc0 [ 387.319438][T11207] do_syscall_64+0x55/0xb0 [ 387.323902][T11207] ? clear_bhb_loop+0x40/0x90 [ 387.328623][T11207] ? clear_bhb_loop+0x40/0x90 [ 387.333400][T11207] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 387.339346][T11207] RIP: 0033:0x7ff48798efc9 [ 387.343804][T11207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.363549][T11207] RSP: 002b:00007ff488845038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 387.372006][T11207] RAX: ffffffffffffffda RBX: 00007ff487be5fa0 RCX: 00007ff48798efc9 [ 387.380015][T11207] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000000 [ 387.388117][T11207] RBP: 00007ff488845090 R08: 0000000000000000 R09: 0000000000000000 [ 387.396132][T11207] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 387.404150][T11207] R13: 00007ff487be6038 R14: 00007ff487be5fa0 R15: 00007fff68a16038 [ 387.412192][T11207] [ 388.464127][T11218] netlink: 'syz.2.1999': attribute type 9 has an invalid length. [ 388.637756][T11218] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1999'. [ 389.268136][T11217] netlink: 'syz.2.1999': attribute type 9 has an invalid length. [ 389.308037][T11217] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1999'. [ 389.501436][T11242] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2008'. [ 389.676704][T11242] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2008'. [ 389.742107][T11245] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2008'. [ 390.210615][T11257] FAULT_INJECTION: forcing a failure. [ 390.210615][T11257] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 390.256523][T11257] CPU: 0 PID: 11257 Comm: syz.3.2012 Not tainted syzkaller #0 [ 390.264087][T11257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 390.274259][T11257] Call Trace: [ 390.277606][T11257] [ 390.280585][T11257] dump_stack_lvl+0x16c/0x230 [ 390.285384][T11257] ? show_regs_print_info+0x20/0x20 [ 390.290657][T11257] ? load_image+0x3b0/0x3b0 [ 390.295233][T11257] ? __might_fault+0xaa/0x120 [ 390.299979][T11257] ? __lock_acquire+0x7c80/0x7c80 [ 390.305349][T11257] should_fail_ex+0x39d/0x4d0 [ 390.310134][T11257] _copy_from_iter+0x1d3/0x1290 [ 390.315050][T11257] ? slab_post_alloc_hook+0x8a/0x4d0 [ 390.320388][T11257] ? __virt_addr_valid+0x18c/0x540 [ 390.325544][T11257] ? __lock_acquire+0x7c80/0x7c80 [ 390.330873][T11257] ? rcu_is_watching+0x15/0xb0 [ 390.335726][T11257] ? copyout_mc+0x70/0x70 [ 390.340099][T11257] ? __virt_addr_valid+0x18c/0x540 [ 390.345520][T11257] ? __virt_addr_valid+0x18c/0x540 [ 390.350672][T11257] ? __virt_addr_valid+0x469/0x540 [ 390.355835][T11257] ? __check_object_size+0x506/0xa30 [ 390.361177][T11257] netlink_sendmsg+0x75c/0xbe0 [ 390.366034][T11257] ? netlink_getsockopt+0x580/0x580 [ 390.371286][T11257] ? aa_sock_msg_perm+0x94/0x150 [ 390.376265][T11257] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 390.381591][T11257] ? security_socket_sendmsg+0x80/0xa0 [ 390.387275][T11257] ? netlink_getsockopt+0x580/0x580 [ 390.392519][T11257] ____sys_sendmsg+0x5bf/0x950 [ 390.397341][T11257] ? __asan_memset+0x22/0x40 [ 390.402009][T11257] ? __sys_sendmsg_sock+0x30/0x30 [ 390.407078][T11257] ? __import_iovec+0x5f2/0x860 [ 390.412006][T11257] ? import_iovec+0x73/0xa0 [ 390.416577][T11257] ___sys_sendmsg+0x220/0x290 [ 390.421303][T11257] ? __sys_sendmsg+0x270/0x270 [ 390.426161][T11257] ? __lock_acquire+0x7c80/0x7c80 [ 390.431274][T11257] __se_sys_sendmsg+0x1a5/0x270 [ 390.436177][T11257] ? __x64_sys_sendmsg+0x80/0x80 [ 390.441234][T11257] ? lockdep_hardirqs_on+0x98/0x150 [ 390.446478][T11257] do_syscall_64+0x55/0xb0 [ 390.451010][T11257] ? clear_bhb_loop+0x40/0x90 [ 390.455744][T11257] ? clear_bhb_loop+0x40/0x90 [ 390.460549][T11257] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 390.466482][T11257] RIP: 0033:0x7f0992b8efc9 [ 390.470932][T11257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 390.490630][T11257] RSP: 002b:00007f0993ab5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 390.499130][T11257] RAX: ffffffffffffffda RBX: 00007f0992de5fa0 RCX: 00007f0992b8efc9 [ 390.507143][T11257] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 000000000000000b [ 390.515155][T11257] RBP: 00007f0993ab5090 R08: 0000000000000000 R09: 0000000000000000 [ 390.523168][T11257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 390.531347][T11257] R13: 00007f0992de6038 R14: 00007f0992de5fa0 R15: 00007ffdd2866668 [ 390.539471][T11257] [ 390.753052][T11268] netlink: 'syz.2.2018': attribute type 21 has an invalid length. [ 390.763322][T11268] netlink: 'syz.2.2018': attribute type 1 has an invalid length. [ 391.025552][T11278] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2020'. [ 391.072889][T11279] netlink: 'syz.3.2019': attribute type 2 has an invalid length. [ 391.097363][T11279] netlink: 'syz.3.2019': attribute type 8 has an invalid length. [ 391.115839][T11279] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2019'. [ 391.134238][T11278] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2020'. [ 391.146830][T11274] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2020'. [ 392.419888][T11319] __nla_validate_parse: 1 callbacks suppressed [ 392.419907][T11319] netlink: 1030 bytes leftover after parsing attributes in process `syz.3.2034'. [ 392.605116][T11311] FAULT_INJECTION: forcing a failure. [ 392.605116][T11311] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 392.632463][T11311] CPU: 0 PID: 11311 Comm: syz.1.2032 Not tainted syzkaller #0 [ 392.640011][T11311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 392.650117][T11311] Call Trace: [ 392.653433][T11311] [ 392.656401][T11311] dump_stack_lvl+0x16c/0x230 [ 392.661308][T11311] ? show_regs_print_info+0x20/0x20 [ 392.666642][T11311] ? load_image+0x3b0/0x3b0 [ 392.671199][T11311] ? __might_fault+0xaa/0x120 [ 392.675920][T11311] ? __lock_acquire+0x7c80/0x7c80 [ 392.680994][T11311] should_fail_ex+0x39d/0x4d0 [ 392.685725][T11311] _copy_to_user+0x2f/0xa0 [ 392.690190][T11311] bpf_test_finish+0x4d8/0x620 [ 392.695001][T11311] ? convert___skb_to_skb+0x590/0x590 [ 392.700408][T11311] ? convert_skb_to___skb+0x420/0x420 [ 392.705809][T11311] ? slab_build_skb+0x25f/0x3f0 [ 392.710742][T11311] bpf_prog_test_run_skb+0xc28/0x11c0 [ 392.716153][T11311] ? cpu_online+0x60/0x60 [ 392.720508][T11311] bpf_prog_test_run+0x321/0x390 [ 392.725474][T11311] __sys_bpf+0x440/0x800 [ 392.729763][T11311] ? bpf_link_show_fdinfo+0x350/0x350 [ 392.735186][T11311] ? lock_chain_count+0x20/0x20 [ 392.740079][T11311] __x64_sys_bpf+0x7c/0x90 [ 392.744540][T11311] do_syscall_64+0x55/0xb0 [ 392.749075][T11311] ? clear_bhb_loop+0x40/0x90 [ 392.753780][T11311] ? clear_bhb_loop+0x40/0x90 [ 392.758488][T11311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.764404][T11311] RIP: 0033:0x7f297b18efc9 [ 392.768851][T11311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.788570][T11311] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 392.797010][T11311] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 392.805010][T11311] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a [ 392.813010][T11311] RBP: 00007f297bf95090 R08: 0000000000000000 R09: 0000000000000000 [ 392.821098][T11311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.829092][T11311] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 392.837121][T11311] [ 394.778621][T11361] ref_ctr_offset mismatch. inode: 0x7a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xfe [ 396.118525][T11395] netlink: 'syz.1.2066': attribute type 10 has an invalid length. [ 396.195174][T11395] vlan0: entered allmulticast mode [ 396.213076][T11395] veth0_vlan: entered allmulticast mode [ 396.275654][T11395] team0: Port device vlan0 added [ 396.533680][T11404] netlink: 'syz.3.2070': attribute type 29 has an invalid length. [ 396.569090][T11403] netlink: 'syz.3.2070': attribute type 29 has an invalid length. [ 396.654938][T11404] netlink: 'syz.3.2070': attribute type 29 has an invalid length. [ 396.888474][T11410] netlink: 'syz.0.2071': attribute type 10 has an invalid length. [ 396.928034][T11410] vlan0: entered allmulticast mode [ 396.938450][T11410] veth0_vlan: entered allmulticast mode [ 397.006031][T11410] team0: Port device vlan0 added [ 397.911048][T11442] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2084'. [ 397.957696][T11442] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2084'. [ 398.005002][T11439] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2084'. [ 398.017166][T11445] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2084'. [ 398.297704][T11448] netlink: 'syz.2.2086': attribute type 9 has an invalid length. [ 398.323611][T11448] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2086'. [ 398.407509][T11450] FAULT_INJECTION: forcing a failure. [ 398.407509][T11450] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 398.488323][T11450] CPU: 1 PID: 11450 Comm: syz.0.2087 Not tainted syzkaller #0 [ 398.495876][T11450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 398.506075][T11450] Call Trace: [ 398.509392][T11450] [ 398.512362][T11450] dump_stack_lvl+0x16c/0x230 [ 398.517099][T11450] ? show_regs_print_info+0x20/0x20 [ 398.522354][T11450] ? load_image+0x3b0/0x3b0 [ 398.526915][T11450] ? __might_fault+0xaa/0x120 [ 398.531657][T11450] ? __lock_acquire+0x7c80/0x7c80 [ 398.536748][T11450] should_fail_ex+0x39d/0x4d0 [ 398.541498][T11450] _copy_from_user+0x2f/0xe0 [ 398.546141][T11450] generic_map_update_batch+0x58e/0x810 [ 398.551777][T11450] ? rcu_read_unlock+0xa0/0xa0 [ 398.556706][T11450] ? __fdget+0x180/0x210 [ 398.561007][T11450] ? rcu_read_unlock+0xa0/0xa0 [ 398.565823][T11450] bpf_map_do_batch+0x3d7/0x610 [ 398.570729][T11450] __sys_bpf+0x31b/0x800 [ 398.575023][T11450] ? bpf_link_show_fdinfo+0x350/0x350 [ 398.580580][T11450] ? lock_chain_count+0x20/0x20 [ 398.585536][T11450] __x64_sys_bpf+0x7c/0x90 [ 398.590014][T11450] do_syscall_64+0x55/0xb0 [ 398.594494][T11450] ? clear_bhb_loop+0x40/0x90 [ 398.599220][T11450] ? clear_bhb_loop+0x40/0x90 [ 398.603922][T11450] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 398.609843][T11450] RIP: 0033:0x7fe5d098efc9 [ 398.614286][T11450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.633931][T11450] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 398.642452][T11450] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 398.650543][T11450] RDX: 0000000000000038 RSI: 00002000000004c0 RDI: 000000000000001a [ 398.658547][T11450] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 398.666546][T11450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 398.674556][T11450] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 398.682916][T11450] [ 398.761766][T11448] netlink: 'syz.2.2086': attribute type 9 has an invalid length. [ 398.890031][T11448] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2086'. [ 398.943469][T11456] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.2088'. [ 399.109173][T11447] delete_channel: no stack [ 399.285119][T11465] netlink: 'syz.3.2092': attribute type 3 has an invalid length. [ 399.317949][T11465] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2092'. [ 399.610399][T11472] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2096'. [ 400.512945][T11469] delete_channel: no stack [ 401.188431][T11500] FAULT_INJECTION: forcing a failure. [ 401.188431][T11500] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 401.234944][T11500] CPU: 1 PID: 11500 Comm: syz.0.2105 Not tainted syzkaller #0 [ 401.242492][T11500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 401.252612][T11500] Call Trace: [ 401.255937][T11500] [ 401.258891][T11500] dump_stack_lvl+0x16c/0x230 [ 401.263601][T11500] ? show_regs_print_info+0x20/0x20 [ 401.268829][T11500] ? load_image+0x3b0/0x3b0 [ 401.273395][T11500] ? __might_fault+0xaa/0x120 [ 401.278102][T11500] ? __lock_acquire+0x7c80/0x7c80 [ 401.283200][T11500] should_fail_ex+0x39d/0x4d0 [ 401.287935][T11500] _copy_to_user+0x2f/0xa0 [ 401.292377][T11500] bpf_test_finish+0x4d8/0x620 [ 401.297176][T11500] ? convert___skb_to_skb+0x590/0x590 [ 401.302587][T11500] ? convert_skb_to___skb+0x420/0x420 [ 401.307994][T11500] ? slab_build_skb+0x25f/0x3f0 [ 401.312968][T11500] bpf_prog_test_run_skb+0xc28/0x11c0 [ 401.318486][T11500] ? cpu_online+0x60/0x60 [ 401.322924][T11500] bpf_prog_test_run+0x321/0x390 [ 401.327893][T11500] __sys_bpf+0x440/0x800 [ 401.332183][T11500] ? bpf_link_show_fdinfo+0x350/0x350 [ 401.337598][T11500] ? lock_chain_count+0x20/0x20 [ 401.342744][T11500] __x64_sys_bpf+0x7c/0x90 [ 401.347186][T11500] do_syscall_64+0x55/0xb0 [ 401.351725][T11500] ? clear_bhb_loop+0x40/0x90 [ 401.356451][T11500] ? clear_bhb_loop+0x40/0x90 [ 401.361158][T11500] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 401.367084][T11500] RIP: 0033:0x7fe5d098efc9 [ 401.371526][T11500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 401.391345][T11500] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 401.399830][T11500] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 401.407840][T11500] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a [ 401.415841][T11500] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 401.423834][T11500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 401.431916][T11500] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 401.439932][T11500] [ 401.775267][T11509] tap0: tun_chr_ioctl cmd 1074025677 [ 401.785643][T11509] tap0: linktype set to 270 [ 404.115144][T11534] FAULT_INJECTION: forcing a failure. [ 404.115144][T11534] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 404.176475][T11534] CPU: 1 PID: 11534 Comm: syz.3.2116 Not tainted syzkaller #0 [ 404.184019][T11534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 404.194122][T11534] Call Trace: [ 404.197438][T11534] [ 404.200400][T11534] dump_stack_lvl+0x16c/0x230 [ 404.205133][T11534] ? show_regs_print_info+0x20/0x20 [ 404.210461][T11534] ? load_image+0x3b0/0x3b0 [ 404.215010][T11534] ? __lock_acquire+0x7c80/0x7c80 [ 404.220081][T11534] ? snprintf+0xdb/0x120 [ 404.224364][T11534] should_fail_ex+0x39d/0x4d0 [ 404.229089][T11534] _copy_to_user+0x2f/0xa0 [ 404.233555][T11534] simple_read_from_buffer+0xe7/0x150 [ 404.238987][T11534] proc_fail_nth_read+0x1e3/0x250 [ 404.244057][T11534] ? proc_fault_inject_write+0x340/0x340 [ 404.249773][T11534] ? fsnotify_perm+0x271/0x5e0 [ 404.254589][T11534] ? proc_fault_inject_write+0x340/0x340 [ 404.260277][T11534] vfs_read+0x27e/0x920 [ 404.264573][T11534] ? kernel_read+0x1e0/0x1e0 [ 404.269212][T11534] ? __fget_files+0x28/0x4d0 [ 404.273846][T11534] ? __fget_files+0x44a/0x4d0 [ 404.278594][T11534] ? __fdget_pos+0x2a3/0x330 [ 404.283222][T11534] ? ksys_read+0x75/0x250 [ 404.287600][T11534] ksys_read+0x147/0x250 [ 404.291892][T11534] ? vfs_write+0x940/0x940 [ 404.296361][T11534] ? lockdep_hardirqs_on+0x98/0x150 [ 404.301604][T11534] do_syscall_64+0x55/0xb0 [ 404.306058][T11534] ? clear_bhb_loop+0x40/0x90 [ 404.310774][T11534] ? clear_bhb_loop+0x40/0x90 [ 404.315493][T11534] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 404.321422][T11534] RIP: 0033:0x7f0992b8d9dc [ 404.325877][T11534] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 404.345708][T11534] RSP: 002b:00007f0993ab5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 404.354172][T11534] RAX: ffffffffffffffda RBX: 00007f0992de5fa0 RCX: 00007f0992b8d9dc [ 404.362282][T11534] RDX: 000000000000000f RSI: 00007f0993ab50a0 RDI: 0000000000000005 [ 404.370286][T11534] RBP: 00007f0993ab5090 R08: 0000000000000000 R09: 0000000000000000 [ 404.378292][T11534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 404.386292][T11534] R13: 00007f0992de6038 R14: 00007f0992de5fa0 R15: 00007ffdd2866668 [ 404.394339][T11534] [ 404.477925][T11531] delete_channel: no stack [ 405.936563][T11569] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.2130'. [ 406.191709][T11577] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 406.281037][ T5799] Bluetooth: hci0: unexpected subevent 0x0a length: 150 > 30 [ 406.304320][T11584] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2136'. [ 406.523166][T11590] syz.0.2138[11590] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 406.523315][T11590] syz.0.2138[11590] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 406.926363][T11596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2142'. [ 406.948236][T11596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2142'. [ 406.959126][T11596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2142'. [ 406.969414][T11596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2142'. [ 406.980391][T11596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2142'. [ 407.459295][T11606] netlink: 'syz.3.2146': attribute type 4 has an invalid length. [ 407.489730][T11606] netlink: 'syz.3.2146': attribute type 16 has an invalid length. [ 407.523348][T11606] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2146'. [ 408.361609][ T5799] Bluetooth: hci3: unexpected subevent 0x04 length: 150 > 11 [ 408.983319][T11639] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2159'. [ 408.993502][T11639] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2159'. [ 409.636870][T11662] netlink: 'syz.1.2167': attribute type 10 has an invalid length. [ 409.652519][T11662] team0: entered promiscuous mode [ 409.659355][T11662] team_slave_1: entered promiscuous mode [ 409.665522][T11662] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 409.678060][T11662] vlan0: entered promiscuous mode [ 409.686489][T11662] team0: entered allmulticast mode [ 409.700242][T11662] team_slave_1: entered allmulticast mode [ 409.715565][T11662] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 412.234760][T11662] bond0: (slave team0): Releasing backup interface [ 412.289426][T11662] net_ratelimit: 886 callbacks suppressed [ 412.289448][T11662] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 412.697111][T11678] __nla_validate_parse: 4 callbacks suppressed [ 412.697133][T11678] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2171'. [ 412.775188][T11678] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2171'. [ 412.858886][T11679] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2171'. [ 412.894270][T11678] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2171'. [ 413.044010][T11684] netlink: 'syz.1.2173': attribute type 27 has an invalid length. [ 413.052254][T11684] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2173'. [ 413.171501][T11685] sit0: entered allmulticast mode [ 413.965829][T11696] FAULT_INJECTION: forcing a failure. [ 413.965829][T11696] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 413.988648][T11696] CPU: 1 PID: 11696 Comm: syz.0.2176 Not tainted syzkaller #0 [ 413.996204][T11696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 414.006490][T11696] Call Trace: [ 414.009818][T11696] [ 414.012796][T11696] dump_stack_lvl+0x16c/0x230 [ 414.017543][T11696] ? show_regs_print_info+0x20/0x20 [ 414.018910][T11693] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2178'. [ 414.022837][T11696] ? load_image+0x3b0/0x3b0 [ 414.036468][T11696] ? __lock_acquire+0x7c80/0x7c80 [ 414.041561][T11696] ? snprintf+0xdb/0x120 [ 414.045945][T11696] should_fail_ex+0x39d/0x4d0 [ 414.051158][T11696] _copy_to_user+0x2f/0xa0 [ 414.055693][T11696] simple_read_from_buffer+0xe7/0x150 [ 414.061146][T11696] proc_fail_nth_read+0x1e3/0x250 [ 414.066395][T11696] ? proc_fault_inject_write+0x340/0x340 [ 414.072103][T11696] ? fsnotify_perm+0x271/0x5e0 [ 414.076937][T11696] ? proc_fault_inject_write+0x340/0x340 [ 414.082682][T11696] vfs_read+0x27e/0x920 [ 414.086938][T11696] ? kernel_read+0x1e0/0x1e0 [ 414.091609][T11696] ? __fget_files+0x28/0x4d0 [ 414.096315][T11696] ? __fget_files+0x44a/0x4d0 [ 414.101158][T11696] ? __fdget_pos+0x2a3/0x330 [ 414.105803][T11696] ? ksys_read+0x75/0x250 [ 414.110201][T11696] ksys_read+0x147/0x250 [ 414.114523][T11696] ? vfs_write+0x940/0x940 [ 414.119017][T11696] ? lockdep_hardirqs_on+0x98/0x150 [ 414.124717][T11696] do_syscall_64+0x55/0xb0 [ 414.129458][T11696] ? clear_bhb_loop+0x40/0x90 [ 414.134307][T11696] ? clear_bhb_loop+0x40/0x90 [ 414.139053][T11696] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 414.145006][T11696] RIP: 0033:0x7fe5d098d9dc [ 414.149767][T11696] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 414.169709][T11696] RSP: 002b:00007fe5d1764030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 414.178803][T11696] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098d9dc [ 414.186852][T11696] RDX: 000000000000000f RSI: 00007fe5d17640a0 RDI: 0000000000000004 [ 414.194885][T11696] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 414.202996][T11696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 414.211025][T11696] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 414.219198][T11696] [ 414.276837][T11700] FAULT_INJECTION: forcing a failure. [ 414.276837][T11700] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 414.296305][T11700] CPU: 1 PID: 11700 Comm: syz.1.2179 Not tainted syzkaller #0 [ 414.303954][T11700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 414.314167][T11700] Call Trace: [ 414.317491][T11700] [ 414.320728][T11700] dump_stack_lvl+0x16c/0x230 [ 414.325551][T11700] ? show_regs_print_info+0x20/0x20 [ 414.330812][T11700] ? load_image+0x3b0/0x3b0 [ 414.335381][T11700] ? __might_fault+0xaa/0x120 [ 414.340133][T11700] ? __lock_acquire+0x7c80/0x7c80 [ 414.346004][T11700] ? __might_fault+0xaa/0x120 [ 414.350751][T11700] should_fail_ex+0x39d/0x4d0 [ 414.355572][T11700] _copy_from_iter+0x1d3/0x1290 [ 414.360468][T11700] ? __might_fault+0xaa/0x120 [ 414.365217][T11700] ? _copy_from_iter+0x248/0x1290 [ 414.370278][T11700] ? __virt_addr_valid+0x18c/0x540 [ 414.375427][T11700] ? __lock_acquire+0x7c80/0x7c80 [ 414.380568][T11700] ? copyout_mc+0x70/0x70 [ 414.384973][T11700] ? copyout_mc+0x70/0x70 [ 414.389432][T11700] ? __virt_addr_valid+0x18c/0x540 [ 414.394678][T11700] ? page_copy_sane+0x16a/0x270 [ 414.399584][T11700] copy_page_from_iter+0x7b/0x100 [ 414.404697][T11700] skb_copy_datagram_from_iter+0x2e4/0x6e0 [ 414.410580][T11700] tun_get_user+0x1583/0x3bf0 [ 414.415331][T11700] ? trace_event_raw_event_lock+0x230/0x230 [ 414.421273][T11700] ? aa_file_perm+0x120/0xec0 [ 414.426042][T11700] ? aa_file_perm+0x3e8/0xec0 [ 414.430855][T11700] ? rcu_read_unlock+0xa0/0xa0 [ 414.435774][T11700] ? tun_get+0x1c/0x2e0 [ 414.440096][T11700] ? __lock_acquire+0x7c80/0x7c80 [ 414.445158][T11700] ? tun_get+0x1c/0x2e0 [ 414.449350][T11700] tun_chr_write_iter+0x119/0x200 [ 414.454428][T11700] vfs_write+0x43b/0x940 [ 414.458801][T11700] ? file_end_write+0x250/0x250 [ 414.463810][T11700] ? __fget_files+0x44a/0x4d0 [ 414.468649][T11700] ? __fdget_pos+0x1d8/0x330 [ 414.473300][T11700] ? ksys_write+0x75/0x250 [ 414.477753][T11700] ksys_write+0x147/0x250 [ 414.482123][T11700] ? __ia32_sys_read+0x90/0x90 [ 414.487016][T11700] ? lockdep_hardirqs_on+0x98/0x150 [ 414.492251][T11700] do_syscall_64+0x55/0xb0 [ 414.496789][T11700] ? clear_bhb_loop+0x40/0x90 [ 414.501491][T11700] ? clear_bhb_loop+0x40/0x90 [ 414.506200][T11700] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 414.512117][T11700] RIP: 0033:0x7f297b18efc9 [ 414.516551][T11700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.536202][T11700] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 414.544677][T11700] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 414.552673][T11700] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8 [ 414.560676][T11700] RBP: 00007f297bf95090 R08: 0000000000000000 R09: 0000000000000000 [ 414.568869][T11700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 414.577060][T11700] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 414.585067][T11700] [ 416.525869][T11749] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.533732][T11749] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 417.074920][T11759] FAULT_INJECTION: forcing a failure. [ 417.074920][T11759] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 417.094655][T11759] CPU: 1 PID: 11759 Comm: syz.0.2202 Not tainted syzkaller #0 [ 417.102304][T11759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 417.112432][T11759] Call Trace: [ 417.115779][T11759] [ 417.118773][T11759] dump_stack_lvl+0x16c/0x230 [ 417.123541][T11759] ? show_regs_print_info+0x20/0x20 [ 417.128823][T11759] ? load_image+0x3b0/0x3b0 [ 417.133431][T11759] ? __might_fault+0xaa/0x120 [ 417.138271][T11759] ? __lock_acquire+0x7c80/0x7c80 [ 417.143462][T11759] should_fail_ex+0x39d/0x4d0 [ 417.148227][T11759] _copy_from_iter+0x1d3/0x1290 [ 417.153148][T11759] ? slab_post_alloc_hook+0x8a/0x4d0 [ 417.158682][T11759] ? __virt_addr_valid+0x18c/0x540 [ 417.163869][T11759] ? __lock_acquire+0x7c80/0x7c80 [ 417.168964][T11759] ? rcu_is_watching+0x15/0xb0 [ 417.173821][T11759] ? copyout_mc+0x70/0x70 [ 417.178311][T11759] ? __virt_addr_valid+0x18c/0x540 [ 417.183591][T11759] ? __virt_addr_valid+0x18c/0x540 [ 417.188784][T11759] ? __virt_addr_valid+0x469/0x540 [ 417.194058][T11759] ? __check_object_size+0x506/0xa30 [ 417.199424][T11759] netlink_sendmsg+0x75c/0xbe0 [ 417.204251][T11759] ? netlink_getsockopt+0x580/0x580 [ 417.209504][T11759] ? aa_sock_msg_perm+0x94/0x150 [ 417.214493][T11759] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 417.219829][T11759] ? security_socket_sendmsg+0x80/0xa0 [ 417.225371][T11759] ? netlink_getsockopt+0x580/0x580 [ 417.230631][T11759] ____sys_sendmsg+0x5bf/0x950 [ 417.235469][T11759] ? __asan_memset+0x22/0x40 [ 417.240113][T11759] ? __sys_sendmsg_sock+0x30/0x30 [ 417.245190][T11759] ? __import_iovec+0x5f2/0x860 [ 417.250285][T11759] ? import_iovec+0x73/0xa0 [ 417.254848][T11759] ___sys_sendmsg+0x220/0x290 [ 417.259582][T11759] ? __sys_sendmsg+0x270/0x270 [ 417.264438][T11759] ? __lock_acquire+0x7c80/0x7c80 [ 417.269554][T11759] __se_sys_sendmsg+0x1a5/0x270 [ 417.274471][T11759] ? perf_trace_preemptirq_template+0x281/0x340 [ 417.280767][T11759] ? __x64_sys_sendmsg+0x80/0x80 [ 417.285869][T11759] ? lockdep_hardirqs_on+0x98/0x150 [ 417.291145][T11759] do_syscall_64+0x55/0xb0 [ 417.295603][T11759] ? clear_bhb_loop+0x40/0x90 [ 417.300338][T11759] ? clear_bhb_loop+0x40/0x90 [ 417.305051][T11759] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 417.310986][T11759] RIP: 0033:0x7fe5d098efc9 [ 417.315445][T11759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.335107][T11759] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 417.343562][T11759] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 417.351577][T11759] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006 [ 417.359581][T11759] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 417.367607][T11759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 417.375621][T11759] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 417.383665][T11759] [ 417.688836][T11766] netlink: 'syz.0.2206': attribute type 3 has an invalid length. [ 417.699689][T11768] netlink: 'syz.1.2205': attribute type 10 has an invalid length. [ 417.708143][T11766] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2206'. [ 418.093481][T11768] team0: Device veth0_vlan is already a lower device of the team interface [ 418.105482][T11766] netlink: 28059 bytes leftover after parsing attributes in process `syz.0.2206'. [ 418.285983][T11781] FAULT_INJECTION: forcing a failure. [ 418.285983][T11781] name failslab, interval 1, probability 0, space 0, times 0 [ 418.308243][T11781] CPU: 0 PID: 11781 Comm: syz.0.2210 Not tainted syzkaller #0 [ 418.315814][T11781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 418.326047][T11781] Call Trace: [ 418.329376][T11781] [ 418.332346][T11781] dump_stack_lvl+0x16c/0x230 [ 418.337087][T11781] ? show_regs_print_info+0x20/0x20 [ 418.342345][T11781] ? load_image+0x3b0/0x3b0 [ 418.346906][T11781] ? __might_sleep+0xe0/0xe0 [ 418.351553][T11781] ? __lock_acquire+0x7c80/0x7c80 [ 418.356645][T11781] should_fail_ex+0x39d/0x4d0 [ 418.361391][T11781] should_failslab+0x9/0x20 [ 418.365954][T11781] slab_pre_alloc_hook+0x59/0x310 [ 418.371053][T11781] ? tomoyo_encode+0x28b/0x540 [ 418.375900][T11781] ? tomoyo_encode+0x28b/0x540 [ 418.380750][T11781] __kmem_cache_alloc_node+0x53/0x260 [ 418.386290][T11781] ? tomoyo_encode+0x28b/0x540 [ 418.391195][T11781] __kmalloc+0xa4/0x240 [ 418.395619][T11781] tomoyo_encode+0x28b/0x540 [ 418.400292][T11781] tomoyo_realpath_from_path+0x592/0x5d0 [ 418.406023][T11781] tomoyo_path_number_perm+0x1ea/0x590 [ 418.411541][T11781] ? tomoyo_path_number_perm+0x1ba/0x590 [ 418.417243][T11781] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 418.422799][T11781] ? ksys_write+0x1c1/0x250 [ 418.427426][T11781] ? __fget_files+0x28/0x4d0 [ 418.432129][T11781] security_file_ioctl+0x70/0xa0 [ 418.437136][T11781] __se_sys_ioctl+0x48/0x170 [ 418.442052][T11781] do_syscall_64+0x55/0xb0 [ 418.446525][T11781] ? clear_bhb_loop+0x40/0x90 [ 418.451252][T11781] ? clear_bhb_loop+0x40/0x90 [ 418.455996][T11781] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 418.461944][T11781] RIP: 0033:0x7fe5d098efc9 [ 418.466492][T11781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.486758][T11781] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 418.495224][T11781] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 418.503242][T11781] RDX: 0000200000000140 RSI: 0000000000008b26 RDI: 0000000000000007 [ 418.511262][T11781] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 418.519279][T11781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 418.527318][T11781] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 418.535383][T11781] [ 418.582073][T11781] ERROR: Out of memory at tomoyo_realpath_from_path. [ 418.926688][T11785] netlink: 'syz.3.2212': attribute type 29 has an invalid length. [ 418.955898][T11785] netlink: 'syz.3.2212': attribute type 29 has an invalid length. [ 418.988793][T11788] netlink: 'syz.3.2212': attribute type 29 has an invalid length. [ 419.018250][T11788] netlink: 'syz.3.2212': attribute type 29 has an invalid length. [ 419.387086][T11801] syz.3.2218[11801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 419.387629][T11801] syz.3.2218[11801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 419.393996][T11799] netlink: 208064 bytes leftover after parsing attributes in process `syz.1.2217'. [ 419.604021][T11807] netlink: 'syz.1.2221': attribute type 21 has an invalid length. [ 419.614035][T11808] netlink: 'syz.1.2221': attribute type 21 has an invalid length. [ 419.800510][T11815] netlink: 'syz.2.2222': attribute type 29 has an invalid length. [ 419.841576][T11815] netlink: 'syz.2.2222': attribute type 29 has an invalid length. [ 419.862414][T11817] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2223'. [ 419.876529][T11817] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2223'. [ 419.887090][T11817] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2223'. [ 419.898324][T11817] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2223'. [ 420.738108][T11834] pimreg: tun_chr_ioctl cmd 1074025677 [ 420.743837][T11834] pimreg: linktype set to 780 [ 420.755399][T11833] FAULT_INJECTION: forcing a failure. [ 420.755399][T11833] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 420.803622][T11833] CPU: 1 PID: 11833 Comm: syz.3.2229 Not tainted syzkaller #0 [ 420.811196][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 420.821310][T11833] Call Trace: [ 420.824627][T11833] [ 420.827717][T11833] dump_stack_lvl+0x16c/0x230 [ 420.832462][T11833] ? show_regs_print_info+0x20/0x20 [ 420.837728][T11833] ? load_image+0x3b0/0x3b0 [ 420.842277][T11833] ? __lock_acquire+0x7c80/0x7c80 [ 420.847364][T11833] ? snprintf+0xdb/0x120 [ 420.851655][T11833] should_fail_ex+0x39d/0x4d0 [ 420.856404][T11833] _copy_to_user+0x2f/0xa0 [ 420.860878][T11833] simple_read_from_buffer+0xe7/0x150 [ 420.866395][T11833] proc_fail_nth_read+0x1e3/0x250 [ 420.871477][T11833] ? proc_fault_inject_write+0x340/0x340 [ 420.877166][T11833] ? fsnotify_perm+0x271/0x5e0 [ 420.881991][T11833] ? proc_fault_inject_write+0x340/0x340 [ 420.887668][T11833] vfs_read+0x27e/0x920 [ 420.891926][T11833] ? kernel_read+0x1e0/0x1e0 [ 420.896569][T11833] ? __fget_files+0x28/0x4d0 [ 420.901208][T11833] ? __fget_files+0x44a/0x4d0 [ 420.905944][T11833] ? __fdget_pos+0x2a3/0x330 [ 420.910577][T11833] ? ksys_read+0x75/0x250 [ 420.914993][T11833] ksys_read+0x147/0x250 [ 420.919284][T11833] ? vfs_write+0x940/0x940 [ 420.924108][T11833] ? lockdep_hardirqs_on+0x98/0x150 [ 420.929461][T11833] do_syscall_64+0x55/0xb0 [ 420.933924][T11833] ? clear_bhb_loop+0x40/0x90 [ 420.938642][T11833] ? clear_bhb_loop+0x40/0x90 [ 420.943375][T11833] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 420.949319][T11833] RIP: 0033:0x7f0992b8d9dc [ 420.953787][T11833] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 420.973525][T11833] RSP: 002b:00007f0993ab5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 420.982007][T11833] RAX: ffffffffffffffda RBX: 00007f0992de5fa0 RCX: 00007f0992b8d9dc [ 420.990026][T11833] RDX: 000000000000000f RSI: 00007f0993ab50a0 RDI: 0000000000000006 [ 420.998063][T11833] RBP: 00007f0993ab5090 R08: 0000000000000000 R09: 0000000000000000 [ 421.006181][T11833] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 421.014282][T11833] R13: 00007f0992de6038 R14: 00007f0992de5fa0 R15: 00007ffdd2866668 [ 421.022334][T11833] [ 421.099378][T11838] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2230'. [ 421.666455][T11838] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2230'. [ 421.972306][T11855] netlink: 'syz.2.2234': attribute type 9 has an invalid length. [ 421.980648][T11855] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.2234'. [ 422.094055][T11857] FAULT_INJECTION: forcing a failure. [ 422.094055][T11857] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 422.118303][T11857] CPU: 0 PID: 11857 Comm: syz.2.2235 Not tainted syzkaller #0 [ 422.125862][T11857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 422.135963][T11857] Call Trace: [ 422.139286][T11857] [ 422.142240][T11857] dump_stack_lvl+0x16c/0x230 [ 422.147083][T11857] ? show_regs_print_info+0x20/0x20 [ 422.152334][T11857] ? load_image+0x3b0/0x3b0 [ 422.156875][T11857] ? __might_fault+0xaa/0x120 [ 422.161579][T11857] ? __lock_acquire+0x7c80/0x7c80 [ 422.166646][T11857] should_fail_ex+0x39d/0x4d0 [ 422.171387][T11857] _copy_from_user+0x2f/0xe0 [ 422.176015][T11857] ___sys_sendmsg+0x159/0x290 [ 422.180742][T11857] ? __sys_sendmsg+0x270/0x270 [ 422.185559][T11857] ? __lock_acquire+0x7c80/0x7c80 [ 422.190647][T11857] __se_sys_sendmsg+0x1a5/0x270 [ 422.195538][T11857] ? __x64_sys_sendmsg+0x80/0x80 [ 422.200526][T11857] ? lockdep_hardirqs_on+0x98/0x150 [ 422.205762][T11857] do_syscall_64+0x55/0xb0 [ 422.210221][T11857] ? clear_bhb_loop+0x40/0x90 [ 422.214956][T11857] ? clear_bhb_loop+0x40/0x90 [ 422.219667][T11857] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 422.225591][T11857] RIP: 0033:0x7ff48798efc9 [ 422.230034][T11857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.249675][T11857] RSP: 002b:00007ff488845038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 422.258117][T11857] RAX: ffffffffffffffda RBX: 00007ff487be5fa0 RCX: 00007ff48798efc9 [ 422.266209][T11857] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 422.274391][T11857] RBP: 00007ff488845090 R08: 0000000000000000 R09: 0000000000000000 [ 422.282396][T11857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 422.290479][T11857] R13: 00007ff487be6038 R14: 00007ff487be5fa0 R15: 00007fff68a16038 [ 422.298498][T11857] [ 422.490711][T11865] netlink: 'syz.1.2237': attribute type 9 has an invalid length. [ 423.221892][T11888] macvlan1: entered allmulticast mode [ 423.248980][T11888] veth1_vlan: entered allmulticast mode [ 423.266293][T11888] macvlan1: entered promiscuous mode [ 423.273382][T11888] team0: Port device macvlan1 added [ 423.858843][T11890] syzkaller0: entered allmulticast mode [ 424.083483][T11909] validate_nla: 2 callbacks suppressed [ 424.083501][T11909] netlink: 'syz.2.2252': attribute type 1 has an invalid length. [ 424.121300][T11909] __nla_validate_parse: 1 callbacks suppressed [ 424.121318][T11909] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2252'. [ 424.137520][T11909] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 424.207322][T11916] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 424.214451][T11916] syzkaller1: linktype set to 823 [ 425.383148][T11943] netlink: 'syz.1.2262': attribute type 10 has an invalid length. [ 425.417115][T11943] netlink: 210880 bytes leftover after parsing attributes in process `syz.1.2262'. [ 425.605007][T11951] FAULT_INJECTION: forcing a failure. [ 425.605007][T11951] name failslab, interval 1, probability 0, space 0, times 0 [ 425.618250][T11951] CPU: 1 PID: 11951 Comm: syz.0.2265 Not tainted syzkaller #0 [ 425.625749][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 425.635826][T11951] Call Trace: [ 425.639220][T11951] [ 425.642180][T11951] dump_stack_lvl+0x16c/0x230 [ 425.646912][T11951] ? show_regs_print_info+0x20/0x20 [ 425.652137][T11951] ? load_image+0x3b0/0x3b0 [ 425.656669][T11951] should_fail_ex+0x39d/0x4d0 [ 425.661461][T11951] should_failslab+0x9/0x20 [ 425.665989][T11951] slab_pre_alloc_hook+0x59/0x310 [ 425.671046][T11951] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 425.677070][T11951] kmem_cache_alloc+0x5a/0x2e0 [ 425.681868][T11951] ? dst_alloc+0x105/0x170 [ 425.686493][T11951] dst_alloc+0x105/0x170 [ 425.690773][T11951] ip_route_output_key_hash_rcu+0x14f0/0x2360 [ 425.696885][T11951] ? ip_route_output_key_hash+0x12f/0x340 [ 425.702640][T11951] ip_route_output_key_hash+0x20b/0x340 [ 425.708216][T11951] ? __sys_bpf+0x440/0x800 [ 425.712660][T11951] ? __x64_sys_bpf+0x7c/0x90 [ 425.717275][T11951] ? do_syscall_64+0x55/0xb0 [ 425.721905][T11951] ? ip_route_input_rcu+0x3010/0x3010 [ 425.727462][T11951] ? __asan_memset+0x22/0x40 [ 425.732324][T11951] ip_route_output_flow+0x2a/0x150 [ 425.737569][T11951] ip_tunnel_xmit+0x96c/0x2360 [ 425.742388][T11951] ? ip_tunnel_xmit+0x90/0x2360 [ 425.747292][T11951] ? ip4_dst_hoplimit+0x2d0/0x2d0 [ 425.752374][T11951] ? gre_build_header+0x25b/0x990 [ 425.757440][T11951] ipgre_xmit+0x7a6/0xb20 [ 425.761809][T11951] dev_hard_start_xmit+0x246/0x740 [ 425.766970][T11951] __dev_queue_xmit+0x1a64/0x35a0 [ 425.772053][T11951] ? __dev_queue_xmit+0x245/0x35a0 [ 425.777203][T11951] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 425.783405][T11951] ? netdev_core_pick_tx+0x340/0x340 [ 425.788811][T11951] ? skb_release_data+0x1cf/0x800 [ 425.793985][T11951] ? pskb_expand_head+0xbfe/0x1230 [ 425.799141][T11951] ? __bpf_redirect+0x533/0xe60 [ 425.804033][T11951] __bpf_tx_skb+0x189/0x250 [ 425.808570][T11951] bpf_clone_redirect+0x270/0x3d0 [ 425.813638][T11951] bpf_prog_208b094576c80b22+0x5e/0x63 [ 425.819222][T11951] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 425.825259][T11951] ? lock_chain_count+0x20/0x20 [ 425.830145][T11951] ? seqcount_lockdep_reader_access+0x124/0x1c0 [ 425.836435][T11951] ? lockdep_softirqs_on+0x570/0x570 [ 425.841752][T11951] ? ktime_get+0x7f/0x280 [ 425.846108][T11951] ? seqcount_lockdep_reader_access+0x176/0x1c0 [ 425.852389][T11951] ? ktime_get_real_ts64+0x420/0x420 [ 425.857805][T11951] ? bpf_prog_test_run+0x321/0x390 [ 425.862958][T11951] ? __local_bh_disable_ip+0xf2/0x190 [ 425.868385][T11951] ? __cant_sleep+0x210/0x210 [ 425.873104][T11951] ? read_tsc+0x9/0x20 [ 425.877226][T11951] ? ktime_get+0x24b/0x280 [ 425.881706][T11951] ? bpf_test_run+0x15c/0x810 [ 425.886407][T11951] bpf_test_run+0x2c7/0x810 [ 425.890945][T11951] ? lock_chain_count+0x20/0x20 [ 425.895838][T11951] ? bpf_test_run+0x15c/0x810 [ 425.900548][T11951] ? convert___skb_to_skb+0x590/0x590 [ 425.906031][T11951] ? bpf_prog_test_run_skb+0xa1a/0x11c0 [ 425.911615][T11951] bpf_prog_test_run_skb+0xa67/0x11c0 [ 425.917087][T11951] ? cpu_online+0x60/0x60 [ 425.921451][T11951] bpf_prog_test_run+0x321/0x390 [ 425.926427][T11951] __sys_bpf+0x440/0x800 [ 425.930702][T11951] ? bpf_link_show_fdinfo+0x350/0x350 [ 425.936230][T11951] ? lock_chain_count+0x20/0x20 [ 425.941120][T11951] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 425.947143][T11951] __x64_sys_bpf+0x7c/0x90 [ 425.951588][T11951] do_syscall_64+0x55/0xb0 [ 425.956071][T11951] ? clear_bhb_loop+0x40/0x90 [ 425.960779][T11951] ? clear_bhb_loop+0x40/0x90 [ 425.965486][T11951] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 425.971760][T11951] RIP: 0033:0x7fe5d098efc9 [ 425.976204][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.996048][T11951] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 426.004500][T11951] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 426.012591][T11951] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a [ 426.020688][T11951] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 426.028712][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 426.036720][T11951] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 426.044769][T11951] [ 426.446111][T11956] netlink: 'syz.0.2267': attribute type 1 has an invalid length. [ 426.461321][T11956] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.2267'. [ 426.483529][T11956] netlink: 9 bytes leftover after parsing attributes in process `syz.0.2267'. [ 427.707579][T11985] sctp: [Deprecated]: syz.0.2275 (pid 11985) Use of struct sctp_assoc_value in delayed_ack socket option. [ 427.707579][T11985] Use struct sctp_sack_info instead [ 428.447650][T12005] netlink: 'syz.3.2282': attribute type 10 has an invalid length. [ 428.459677][T12005] geneve0: entered promiscuous mode [ 429.205848][T12005] $Hÿ: (slave geneve0): Enslaving as an active interface with an up link [ 429.216103][T12008] netlink: 'syz.0.2283': attribute type 17 has an invalid length. [ 429.224095][T12008] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2283'. [ 429.233721][T12008] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 429.506616][T12023] netlink: 'syz.1.2288': attribute type 33 has an invalid length. [ 429.527356][T12023] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2288'. [ 429.549092][T12023] `: renamed from team0 [ 437.586030][T12056] syzkaller0: entered promiscuous mode [ 437.597147][T12056] syzkaller0: entered allmulticast mode [ 439.883671][T12063] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 439.905234][T12065] netlink: 'syz.2.2302': attribute type 21 has an invalid length. [ 439.919166][T12065] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2302'. [ 439.972313][T12076] netlink: 'syz.0.2304': attribute type 39 has an invalid length. [ 440.395475][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.402114][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.509097][T12098] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 441.769576][T12122] FAULT_INJECTION: forcing a failure. [ 441.769576][T12122] name failslab, interval 1, probability 0, space 0, times 0 [ 441.783523][T12122] CPU: 1 PID: 12122 Comm: syz.1.2319 Not tainted syzkaller #0 [ 441.791064][T12122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 441.801647][T12122] Call Trace: [ 441.805022][T12122] [ 441.807993][T12122] dump_stack_lvl+0x16c/0x230 [ 441.812794][T12122] ? show_regs_print_info+0x20/0x20 [ 441.818134][T12122] ? load_image+0x3b0/0x3b0 [ 441.822693][T12122] ? __might_sleep+0xe0/0xe0 [ 441.827339][T12122] ? __lock_acquire+0x7c80/0x7c80 [ 441.832415][T12122] ? rcu_is_watching+0x15/0xb0 [ 441.837240][T12122] should_fail_ex+0x39d/0x4d0 [ 441.842001][T12122] should_failslab+0x9/0x20 [ 441.846628][T12122] slab_pre_alloc_hook+0x59/0x310 [ 441.851711][T12122] ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 441.858129][T12122] __kmem_cache_alloc_node+0x53/0x260 [ 441.863565][T12122] ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 441.869555][T12122] kmalloc_trace+0x2a/0xe0 [ 441.874036][T12122] sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 441.879830][T12122] sctp_association_new+0x15d3/0x25c0 [ 441.885294][T12122] sctp_connect_new_asoc+0x2bf/0x690 [ 441.890730][T12122] ? __sctp_connect+0xd20/0xd20 [ 441.895646][T12122] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 441.901512][T12122] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 441.907451][T12122] ? sctp_endpoint_lookup_assoc+0x22f/0x260 [ 441.913413][T12122] __sctp_connect+0x5a2/0xd20 [ 441.918276][T12122] ? sctp_send_asconf+0x170/0x170 [ 441.923544][T12122] ? __local_bh_enable_ip+0x12e/0x1c0 [ 441.928969][T12122] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 441.934662][T12122] ? security_sctp_bind_connect+0x89/0xb0 [ 441.940484][T12122] sctp_setsockopt_connectx+0x104/0x1a0 [ 441.946091][T12122] sctp_setsockopt+0x6d8/0x11e0 [ 441.951001][T12122] ? sock_common_recvmsg+0x1b0/0x1b0 [ 441.956545][T12122] do_sock_setsockopt+0x175/0x1a0 [ 441.961817][T12122] __x64_sys_setsockopt+0x184/0x200 [ 441.967094][T12122] do_syscall_64+0x55/0xb0 [ 441.971560][T12122] ? clear_bhb_loop+0x40/0x90 [ 441.976284][T12122] ? clear_bhb_loop+0x40/0x90 [ 441.981099][T12122] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 441.987092][T12122] RIP: 0033:0x7f297b18efc9 [ 441.991642][T12122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.011476][T12122] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 442.019945][T12122] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 442.027957][T12122] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000004 [ 442.036067][T12122] RBP: 00007f297bf95090 R08: 0000000000000010 R09: 0000000000000000 [ 442.044209][T12122] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 442.052498][T12122] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 442.060657][T12122] [ 443.202793][T12142] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2327'. [ 443.982261][ T5104] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 443.993947][ T5104] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 444.019461][ T5104] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 444.032849][ T5104] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 444.043949][ T5104] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 444.052506][ T5104] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 444.508519][ T8439] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.774615][ T8439] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.873587][T12164] TCP: TCP_TX_DELAY enabled [ 445.122077][ T8439] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.357103][T12174] FAULT_INJECTION: forcing a failure. [ 445.357103][T12174] name failslab, interval 1, probability 0, space 0, times 0 [ 445.406384][T12174] CPU: 0 PID: 12174 Comm: syz.2.2337 Not tainted syzkaller #0 [ 445.413959][T12174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 445.424092][T12174] Call Trace: [ 445.427446][T12174] [ 445.430613][T12174] dump_stack_lvl+0x16c/0x230 [ 445.435407][T12174] ? show_regs_print_info+0x20/0x20 [ 445.440959][T12174] ? load_image+0x3b0/0x3b0 [ 445.445540][T12174] ? __might_sleep+0xe0/0xe0 [ 445.450215][T12174] ? __lock_acquire+0x7c80/0x7c80 [ 445.455758][T12174] should_fail_ex+0x39d/0x4d0 [ 445.460530][T12174] should_failslab+0x9/0x20 [ 445.465138][T12174] slab_pre_alloc_hook+0x59/0x310 [ 445.470257][T12174] ? sctp_association_new+0x89/0x25c0 [ 445.475748][T12174] __kmem_cache_alloc_node+0x53/0x260 [ 445.481229][T12174] ? sctp_association_new+0x89/0x25c0 [ 445.486685][T12174] kmalloc_trace+0x2a/0xe0 [ 445.491192][T12174] sctp_association_new+0x89/0x25c0 [ 445.496474][T12174] ? sctp_do_bind+0x6bb/0x9a0 [ 445.501256][T12174] sctp_connect_new_asoc+0x2bf/0x690 [ 445.506629][T12174] ? __sctp_connect+0xd20/0xd20 [ 445.511566][T12174] ? mark_lock+0x94/0x320 [ 445.515959][T12174] ? sctp_endpoint_lookup_assoc+0xd1/0x260 [ 445.521855][T12174] __sctp_connect+0x5a2/0xd20 [ 445.526642][T12174] ? sctp_send_asconf+0x170/0x170 [ 445.531750][T12174] ? __local_bh_enable_ip+0x12e/0x1c0 [ 445.537198][T12174] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 445.542812][T12174] ? security_sctp_bind_connect+0x89/0xb0 [ 445.548614][T12174] sctp_setsockopt_connectx+0x104/0x1a0 [ 445.554394][T12174] sctp_setsockopt+0x6d8/0x11e0 [ 445.559419][T12174] ? sock_common_recvmsg+0x1b0/0x1b0 [ 445.564784][T12174] do_sock_setsockopt+0x175/0x1a0 [ 445.569891][T12174] ? __fdget+0x180/0x210 [ 445.574213][T12174] __x64_sys_setsockopt+0x184/0x200 [ 445.579506][T12174] do_syscall_64+0x55/0xb0 [ 445.583999][T12174] ? clear_bhb_loop+0x40/0x90 [ 445.588743][T12174] ? clear_bhb_loop+0x40/0x90 [ 445.593496][T12174] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 445.599550][T12174] RIP: 0033:0x7ff48798efc9 [ 445.604036][T12174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.624166][T12174] RSP: 002b:00007ff488845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 445.632945][T12174] RAX: ffffffffffffffda RBX: 00007ff487be5fa0 RCX: 00007ff48798efc9 [ 445.641162][T12174] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000004 [ 445.649211][T12174] RBP: 00007ff488845090 R08: 0000000000000010 R09: 0000000000000000 [ 445.657253][T12174] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.665398][T12174] R13: 00007ff487be6038 R14: 00007ff487be5fa0 R15: 00007fff68a16038 [ 445.674082][T12174] [ 445.693464][ T8439] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.021785][T12181] FAULT_INJECTION: forcing a failure. [ 446.021785][T12181] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 446.037542][T12181] CPU: 1 PID: 12181 Comm: syz.1.2339 Not tainted syzkaller #0 [ 446.045125][T12181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 446.055420][T12181] Call Trace: [ 446.058743][T12181] [ 446.061720][T12181] dump_stack_lvl+0x16c/0x230 [ 446.066470][T12181] ? show_regs_print_info+0x20/0x20 [ 446.071738][T12181] ? load_image+0x3b0/0x3b0 [ 446.076384][T12181] ? __might_fault+0xaa/0x120 [ 446.081119][T12181] ? __lock_acquire+0x7c80/0x7c80 [ 446.086227][T12181] should_fail_ex+0x39d/0x4d0 [ 446.091077][T12181] _copy_from_user+0x2f/0xe0 [ 446.095818][T12181] smc_setsockopt+0x3c5/0xab0 [ 446.100584][T12181] ? smc_shutdown+0x9b0/0x9b0 [ 446.105317][T12181] ? __fget_files+0x28/0x4d0 [ 446.109981][T12181] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 446.115772][T12181] ? security_socket_setsockopt+0x7e/0xa0 [ 446.121652][T12181] ? smc_shutdown+0x9b0/0x9b0 [ 446.126398][T12181] do_sock_setsockopt+0x175/0x1a0 [ 446.131607][T12181] ? __fdget+0x180/0x210 [ 446.136309][T12181] __x64_sys_setsockopt+0x184/0x200 [ 446.141583][T12181] do_syscall_64+0x55/0xb0 [ 446.146061][T12181] ? clear_bhb_loop+0x40/0x90 [ 446.150795][T12181] ? clear_bhb_loop+0x40/0x90 [ 446.155534][T12181] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 446.161486][T12181] RIP: 0033:0x7f297b18efc9 [ 446.165966][T12181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.185804][T12181] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 446.194460][T12181] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 446.202488][T12181] RDX: 0000000000000025 RSI: 0000000000000006 RDI: 0000000000000003 [ 446.210631][T12181] RBP: 00007f297bf95090 R08: 0000000000000004 R09: 0000000000000000 [ 446.218753][T12181] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001 [ 446.226791][T12181] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 446.228495][ T5799] Bluetooth: hci1: command tx timeout [ 446.234886][T12181] [ 446.371020][T12185] syz.1.2341[12185] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 446.371295][T12185] syz.1.2341[12185] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 446.581696][T12152] chnl_net:caif_netlink_parms(): no params data found [ 447.111703][T12200] FAULT_INJECTION: forcing a failure. [ 447.111703][T12200] name failslab, interval 1, probability 0, space 0, times 0 [ 447.135458][T12200] CPU: 1 PID: 12200 Comm: syz.1.2345 Not tainted syzkaller #0 [ 447.143554][T12200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 447.153738][T12200] Call Trace: [ 447.157075][T12200] [ 447.160042][T12200] dump_stack_lvl+0x16c/0x230 [ 447.164811][T12200] ? show_regs_print_info+0x20/0x20 [ 447.170074][T12200] ? load_image+0x3b0/0x3b0 [ 447.174706][T12200] ? __lock_acquire+0x7c80/0x7c80 [ 447.179783][T12200] ? __might_fault+0xaa/0x120 [ 447.184518][T12200] should_fail_ex+0x39d/0x4d0 [ 447.189276][T12200] should_failslab+0x9/0x20 [ 447.193957][T12200] slab_pre_alloc_hook+0x59/0x310 [ 447.199154][T12200] ? sk_prot_alloc+0xe7/0x210 [ 447.204139][T12200] ? sk_prot_alloc+0xe7/0x210 [ 447.208857][T12200] __kmem_cache_alloc_node+0x53/0x260 [ 447.214284][T12200] ? sk_prot_alloc+0xe7/0x210 [ 447.219001][T12200] __kmalloc+0xa4/0x240 [ 447.223419][T12200] sk_prot_alloc+0xe7/0x210 [ 447.228056][T12200] ? sk_alloc+0x24/0x360 [ 447.232373][T12200] sk_alloc+0x3a/0x360 [ 447.236492][T12200] ? bpf_ctx_init+0x163/0x1a0 [ 447.241281][T12200] ? bpf_prog_test_run_skb+0x268/0x11c0 [ 447.247224][T12200] bpf_prog_test_run_skb+0x39a/0x11c0 [ 447.252662][T12200] ? __fget_files+0x28/0x4d0 [ 447.257514][T12200] ? cpu_online+0x60/0x60 [ 447.262005][T12200] bpf_prog_test_run+0x321/0x390 [ 447.267011][T12200] __sys_bpf+0x440/0x800 [ 447.271321][T12200] ? bpf_link_show_fdinfo+0x350/0x350 [ 447.276775][T12200] ? lock_chain_count+0x20/0x20 [ 447.281790][T12200] __x64_sys_bpf+0x7c/0x90 [ 447.286416][T12200] do_syscall_64+0x55/0xb0 [ 447.290897][T12200] ? clear_bhb_loop+0x40/0x90 [ 447.295634][T12200] ? clear_bhb_loop+0x40/0x90 [ 447.300376][T12200] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 447.306415][T12200] RIP: 0033:0x7f297b18efc9 [ 447.311136][T12200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 447.331156][T12200] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 447.339653][T12200] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 447.347774][T12200] RDX: 0000000000000050 RSI: 0000200000002300 RDI: 000000000000000a [ 447.355808][T12200] RBP: 00007f297bf95090 R08: 0000000000000000 R09: 0000000000000000 [ 447.363828][T12200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 447.371941][T12200] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 447.379989][T12200] [ 447.585814][T12206] netlink: set zone limit has 8 unknown bytes [ 447.743569][T12152] bridge0: port 1(bridge_slave_0) entered blocking state [ 447.763667][T12152] bridge0: port 1(bridge_slave_0) entered disabled state [ 447.783948][T12152] bridge_slave_0: entered allmulticast mode [ 447.801590][T12152] bridge_slave_0: entered promiscuous mode [ 447.867483][T12152] bridge0: port 2(bridge_slave_1) entered blocking state [ 447.874874][T12152] bridge0: port 2(bridge_slave_1) entered disabled state [ 447.892457][T12152] bridge_slave_1: entered allmulticast mode [ 447.905239][T12152] bridge_slave_1: entered promiscuous mode [ 447.993879][T12152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 448.151681][T12152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 448.307776][ T5799] Bluetooth: hci1: command tx timeout [ 448.583765][T12152] team0: Port device team_slave_0 added [ 448.812693][T12152] team0: Port device team_slave_1 added [ 449.819750][T12152] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 449.826789][T12152] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 449.856728][T12152] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 449.926379][T12243] FAULT_INJECTION: forcing a failure. [ 449.926379][T12243] name failslab, interval 1, probability 0, space 0, times 0 [ 449.961215][T12243] CPU: 1 PID: 12243 Comm: syz.2.2355 Not tainted syzkaller #0 [ 449.968811][T12243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 449.978949][T12243] Call Trace: [ 449.982312][T12243] [ 449.985438][T12243] dump_stack_lvl+0x16c/0x230 [ 449.990251][T12243] ? show_regs_print_info+0x20/0x20 [ 449.995520][T12243] ? load_image+0x3b0/0x3b0 [ 450.000145][T12243] ? __lock_acquire+0x7c80/0x7c80 [ 450.005322][T12243] should_fail_ex+0x39d/0x4d0 [ 450.010098][T12243] should_failslab+0x9/0x20 [ 450.014682][T12243] slab_pre_alloc_hook+0x59/0x310 [ 450.019863][T12243] ? sk_prot_alloc+0xe7/0x210 [ 450.024810][T12243] ? sk_prot_alloc+0xe7/0x210 [ 450.029566][T12243] __kmem_cache_alloc_node+0x53/0x260 [ 450.035228][T12243] ? sk_prot_alloc+0xe7/0x210 [ 450.040060][T12243] __kmalloc+0xa4/0x240 [ 450.044303][T12243] sk_prot_alloc+0xe7/0x210 [ 450.049191][T12243] ? sk_alloc+0x24/0x360 [ 450.053513][T12243] sk_alloc+0x3a/0x360 [ 450.057641][T12243] ? bpf_ctx_init+0x163/0x1a0 [ 450.062400][T12243] ? bpf_prog_test_run_skb+0x268/0x11c0 [ 450.068032][T12243] bpf_prog_test_run_skb+0x39a/0x11c0 [ 450.073471][T12243] ? __fget_files+0x28/0x4d0 [ 450.078266][T12243] ? cpu_online+0x60/0x60 [ 450.082679][T12243] bpf_prog_test_run+0x321/0x390 [ 450.087695][T12243] __sys_bpf+0x440/0x800 [ 450.092121][T12243] ? bpf_link_show_fdinfo+0x350/0x350 [ 450.097618][T12243] ? lock_chain_count+0x20/0x20 [ 450.102724][T12243] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 450.108800][T12243] __x64_sys_bpf+0x7c/0x90 [ 450.113402][T12243] do_syscall_64+0x55/0xb0 [ 450.117986][T12243] ? clear_bhb_loop+0x40/0x90 [ 450.122728][T12243] ? clear_bhb_loop+0x40/0x90 [ 450.127474][T12243] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 450.133429][T12243] RIP: 0033:0x7ff48798efc9 [ 450.137908][T12243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.157677][T12243] RSP: 002b:00007ff488845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 450.166181][T12243] RAX: ffffffffffffffda RBX: 00007ff487be5fa0 RCX: 00007ff48798efc9 [ 450.174311][T12243] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a [ 450.182360][T12243] RBP: 00007ff488845090 R08: 0000000000000000 R09: 0000000000000000 [ 450.190399][T12243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 450.198437][T12243] R13: 00007ff487be6038 R14: 00007ff487be5fa0 R15: 00007fff68a16038 [ 450.206536][T12243] [ 450.320860][T12152] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 450.340197][T12152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.372616][T12152] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 450.397357][ T5799] Bluetooth: hci1: command tx timeout [ 450.491874][T12253] FAULT_INJECTION: forcing a failure. [ 450.491874][T12253] name failslab, interval 1, probability 0, space 0, times 0 [ 450.504786][T12253] CPU: 0 PID: 12253 Comm: syz.2.2358 Not tainted syzkaller #0 [ 450.512316][T12253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 450.522422][T12253] Call Trace: [ 450.525771][T12253] [ 450.528780][T12253] dump_stack_lvl+0x16c/0x230 [ 450.534280][T12253] ? show_regs_print_info+0x20/0x20 [ 450.539590][T12253] ? load_image+0x3b0/0x3b0 [ 450.544204][T12253] ? __lock_acquire+0x7c80/0x7c80 [ 450.549391][T12253] should_fail_ex+0x39d/0x4d0 [ 450.554192][T12253] should_failslab+0x9/0x20 [ 450.558797][T12253] slab_pre_alloc_hook+0x59/0x310 [ 450.563927][T12253] ? sk_prot_alloc+0xe7/0x210 [ 450.568693][T12253] ? sk_prot_alloc+0xe7/0x210 [ 450.573452][T12253] __kmem_cache_alloc_node+0x53/0x260 [ 450.578931][T12253] ? sk_prot_alloc+0xe7/0x210 [ 450.583698][T12253] __kmalloc+0xa4/0x240 [ 450.587973][T12253] sk_prot_alloc+0xe7/0x210 [ 450.592573][T12253] ? sk_alloc+0x24/0x360 [ 450.596917][T12253] sk_alloc+0x3a/0x360 [ 450.601065][T12253] ? bpf_ctx_init+0x163/0x1a0 [ 450.605801][T12253] ? bpf_prog_test_run_skb+0x268/0x11c0 [ 450.611516][T12253] bpf_prog_test_run_skb+0x39a/0x11c0 [ 450.616959][T12253] ? __fget_files+0x28/0x4d0 [ 450.621762][T12253] ? cpu_online+0x60/0x60 [ 450.626169][T12253] bpf_prog_test_run+0x321/0x390 [ 450.631271][T12253] __sys_bpf+0x440/0x800 [ 450.635579][T12253] ? bpf_link_show_fdinfo+0x350/0x350 [ 450.641058][T12253] ? lock_chain_count+0x20/0x20 [ 450.645996][T12253] __x64_sys_bpf+0x7c/0x90 [ 450.650508][T12253] do_syscall_64+0x55/0xb0 [ 450.654989][T12253] ? clear_bhb_loop+0x40/0x90 [ 450.659933][T12253] ? clear_bhb_loop+0x40/0x90 [ 450.664712][T12253] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 450.670663][T12253] RIP: 0033:0x7ff48798efc9 [ 450.675146][T12253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.694903][T12253] RSP: 002b:00007ff488845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 450.703468][T12253] RAX: ffffffffffffffda RBX: 00007ff487be5fa0 RCX: 00007ff48798efc9 [ 450.711603][T12253] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a [ 450.719628][T12253] RBP: 00007ff488845090 R08: 0000000000000000 R09: 0000000000000000 [ 450.727677][T12253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 450.735710][T12253] R13: 00007ff487be6038 R14: 00007ff487be5fa0 R15: 00007fff68a16038 [ 450.743780][T12253] [ 450.921245][T12245] syzkaller0: entered promiscuous mode [ 450.942359][T12245] syzkaller0: entered allmulticast mode [ 451.961110][ T5799] Bluetooth: hci2: unexpected subevent 0x01 length: 150 > 18 [ 452.469730][ T5104] Bluetooth: hci1: command tx timeout [ 453.935626][T12152] hsr_slave_0: entered promiscuous mode [ 453.974862][T12152] hsr_slave_1: entered promiscuous mode [ 454.597481][ T8439] hsr_slave_1: left promiscuous mode [ 454.612509][ T8439] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 454.624287][ T8439] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 454.652284][ T8439] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 454.667402][ T8439] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 454.730763][ T8439] veth1_macvtap: left promiscuous mode [ 454.750856][ T8439] veth0_macvtap: left promiscuous mode [ 454.756535][ T8439] veth1_vlan: left allmulticast mode [ 454.786751][ T8439] veth1_vlan: left promiscuous mode [ 455.354307][ T8439] $Hÿ (unregistering): (slave geneve0): Releasing backup interface [ 455.905915][ T8439] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface [ 455.915591][ T8439] bond_slave_1 (unregistering): left promiscuous mode [ 455.962213][ T8439] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface [ 455.972277][ T8439] bond_slave_0 (unregistering): left promiscuous mode [ 456.193771][ T8439] $Hÿ (unregistering): (slave batadv0): Releasing backup interface [ 456.203351][ T8439] batadv0 (unregistering): left promiscuous mode [ 456.362864][ T8439] $Hÿ (unregistering): Released all slaves [ 456.412879][T12303] netlink: 11254 bytes leftover after parsing attributes in process `syz.0.2372'. [ 456.701423][T12313] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.2374'. [ 456.924058][T12315] syzkaller0: entered promiscuous mode [ 456.946412][T12325] netlink: 'syz.2.2377': attribute type 4 has an invalid length. [ 456.947617][T12315] syzkaller0: entered allmulticast mode [ 456.988449][T12325] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2377'. [ 457.388048][T12340] FAULT_INJECTION: forcing a failure. [ 457.388048][T12340] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 457.405572][T12340] CPU: 0 PID: 12340 Comm: syz.1.2380 Not tainted syzkaller #0 [ 457.413127][T12340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 457.423254][T12340] Call Trace: [ 457.426589][T12340] [ 457.429570][T12340] dump_stack_lvl+0x16c/0x230 [ 457.434355][T12340] ? show_regs_print_info+0x20/0x20 [ 457.439625][T12340] ? load_image+0x3b0/0x3b0 [ 457.444208][T12340] ? __might_fault+0xaa/0x120 [ 457.448949][T12340] ? __lock_acquire+0x7c80/0x7c80 [ 457.454069][T12340] should_fail_ex+0x39d/0x4d0 [ 457.458875][T12340] _copy_to_user+0x2f/0xa0 [ 457.463412][T12340] bpf_obj_get_info_by_fd+0x1775/0x2d90 [ 457.469075][T12340] ? bpf_map_get_fd_by_id+0x310/0x310 [ 457.474526][T12340] ? trace_event_raw_event_lock_acquire+0x2a0/0x2a0 [ 457.481247][T12340] ? get_pid_task+0x20/0x1e0 [ 457.486374][T12340] ? file_end_write+0x159/0x250 [ 457.491395][T12340] ? __might_fault+0xaa/0x120 [ 457.496150][T12340] ? __might_fault+0xc6/0x120 [ 457.500943][T12340] ? __might_fault+0xaa/0x120 [ 457.505685][T12340] ? bpf_lsm_bpf+0x9/0x10 [ 457.510086][T12340] ? security_bpf+0x7e/0xa0 [ 457.514662][T12340] __sys_bpf+0x781/0x800 [ 457.518975][T12340] ? bpf_link_show_fdinfo+0x350/0x350 [ 457.524449][T12340] ? lock_chain_count+0x20/0x20 [ 457.529404][T12340] __x64_sys_bpf+0x7c/0x90 [ 457.533895][T12340] do_syscall_64+0x55/0xb0 [ 457.538396][T12340] ? clear_bhb_loop+0x40/0x90 [ 457.543149][T12340] ? clear_bhb_loop+0x40/0x90 [ 457.547923][T12340] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 457.553889][T12340] RIP: 0033:0x7f297b18efc9 [ 457.558379][T12340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.578054][T12340] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 457.586540][T12340] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 457.594576][T12340] RDX: 0000000000000010 RSI: 0000200000000800 RDI: 000000000000000f [ 457.602603][T12340] RBP: 00007f297bf95090 R08: 0000000000000000 R09: 0000000000000000 [ 457.610636][T12340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 457.618663][T12340] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 457.626742][T12340] [ 463.078263][T12355] netlink: 'syz.1.2383': attribute type 11 has an invalid length. [ 463.224617][T12361] FAULT_INJECTION: forcing a failure. [ 463.224617][T12361] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 463.292445][T12361] CPU: 0 PID: 12361 Comm: syz.0.2384 Not tainted syzkaller #0 [ 463.300081][T12361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 463.310185][T12361] Call Trace: [ 463.313497][T12361] [ 463.316476][T12361] dump_stack_lvl+0x16c/0x230 [ 463.321295][T12361] ? show_regs_print_info+0x20/0x20 [ 463.327278][T12361] ? load_image+0x3b0/0x3b0 [ 463.331994][T12361] ? __might_fault+0xaa/0x120 [ 463.336819][T12361] ? __lock_acquire+0x7c80/0x7c80 [ 463.342016][T12361] should_fail_ex+0x39d/0x4d0 [ 463.346907][T12361] _copy_from_user+0x2f/0xe0 [ 463.351631][T12361] ____sys_sendmsg+0x30d/0x950 [ 463.356464][T12361] ? __sys_sendmsg_sock+0x30/0x30 [ 463.361540][T12361] ? __import_iovec+0x3fa/0x860 [ 463.366446][T12361] ? import_iovec+0x73/0xa0 [ 463.370994][T12361] ___sys_sendmsg+0x220/0x290 [ 463.375879][T12361] ? __sys_sendmsg+0x270/0x270 [ 463.381019][T12361] ? __lock_acquire+0x7c80/0x7c80 [ 463.386102][T12361] __se_sys_sendmsg+0x1a5/0x270 [ 463.391004][T12361] ? __x64_sys_sendmsg+0x80/0x80 [ 463.395999][T12361] ? lockdep_hardirqs_on+0x98/0x150 [ 463.401250][T12361] do_syscall_64+0x55/0xb0 [ 463.405882][T12361] ? clear_bhb_loop+0x40/0x90 [ 463.410631][T12361] ? clear_bhb_loop+0x40/0x90 [ 463.415354][T12361] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 463.421285][T12361] RIP: 0033:0x7fe5d098efc9 [ 463.425774][T12361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.445420][T12361] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 463.453870][T12361] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 463.461966][T12361] RDX: 0000000000000000 RSI: 0000200000001180 RDI: 0000000000000003 [ 463.469969][T12361] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 463.477979][T12361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 463.486106][T12361] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 463.494228][T12361] [ 463.606323][T12152] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 463.672192][T12152] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 463.736810][T12152] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 463.766085][T12152] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 463.923551][T12381] netlink: 'syz.2.2388': attribute type 13 has an invalid length. [ 463.953273][T12381] netlink: 160 bytes leftover after parsing attributes in process `syz.2.2388'. [ 464.031963][T12381] erspan0: refused to change device tx_queue_len [ 464.049635][T12381] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 464.281890][T12152] 8021q: adding VLAN 0 to HW filter on device bond0 [ 464.339553][T12152] 8021q: adding VLAN 0 to HW filter on device team0 [ 464.361050][ T8398] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.368376][ T8398] bridge0: port 1(bridge_slave_0) entered forwarding state [ 464.433918][ T8398] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.441492][ T8398] bridge0: port 2(bridge_slave_1) entered forwarding state [ 465.265937][T12152] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 465.296781][T12420] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2398'. [ 465.332346][T12420] netlink: 'syz.0.2398': attribute type 3 has an invalid length. [ 465.397827][T12420] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2398'. [ 465.435457][T12152] veth0_vlan: entered promiscuous mode [ 465.452404][T12152] veth1_vlan: entered promiscuous mode [ 465.556773][T12152] veth0_macvtap: entered promiscuous mode [ 465.612171][T12152] veth1_macvtap: entered promiscuous mode [ 465.675327][T12152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 465.715870][T12152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 465.729620][T12152] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 465.748307][T12433] netlink: 'syz.0.2402': attribute type 29 has an invalid length. [ 465.753242][T12152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 465.775285][T12152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 465.786975][T12152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 465.799033][T12152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 465.816737][T12152] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 465.835400][T12433] netlink: 'syz.0.2402': attribute type 29 has an invalid length. [ 465.888065][T12438] netlink: 'syz.0.2402': attribute type 6 has an invalid length. [ 465.899604][T12438] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2402'. [ 465.930063][T12152] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 465.958709][T12152] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 465.980859][T12152] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 466.001125][T12152] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 466.174965][T12446] FAULT_INJECTION: forcing a failure. [ 466.174965][T12446] name failslab, interval 1, probability 0, space 0, times 0 [ 466.188531][T12446] CPU: 0 PID: 12446 Comm: syz.1.2406 Not tainted syzkaller #0 [ 466.196656][T12446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 466.207159][T12446] Call Trace: [ 466.210504][T12446] [ 466.213509][T12446] dump_stack_lvl+0x16c/0x230 [ 466.218340][T12446] ? show_regs_print_info+0x20/0x20 [ 466.223697][T12446] ? load_image+0x3b0/0x3b0 [ 466.228277][T12446] should_fail_ex+0x39d/0x4d0 [ 466.233032][T12446] should_failslab+0x9/0x20 [ 466.237615][T12446] slab_pre_alloc_hook+0x59/0x310 [ 466.242759][T12446] kmem_cache_alloc_node+0x60/0x330 [ 466.248031][T12446] ? __alloc_skb+0x108/0x2c0 [ 466.252711][T12446] __alloc_skb+0x108/0x2c0 [ 466.257196][T12446] skb_segment+0xee0/0x3f50 [ 466.261838][T12446] tcp_gso_segment+0x3fb/0x1960 [ 466.266761][T12446] ? sk_setup_caps+0xa10/0xa10 [ 466.271616][T12446] ipv6_gso_segment+0xb6f/0x2120 [ 466.276652][T12446] ? inet6_del_offload+0x50/0x50 [ 466.281706][T12446] ? skb_crc32c_csum_help+0x520/0x520 [ 466.287122][T12446] ? __lock_acquire+0x1260/0x7c80 [ 466.292222][T12446] ? inet6_del_offload+0x50/0x50 [ 466.297292][T12446] skb_mac_gso_segment+0x31a/0x630 [ 466.302490][T12446] ? skb_mac_gso_segment+0x17f/0x630 [ 466.307860][T12446] ? skb_eth_gso_segment+0x270/0x270 [ 466.313938][T12446] __skb_gso_segment+0x302/0x4a0 [ 466.319191][T12446] validate_xmit_skb+0x565/0xf50 [ 466.324264][T12446] ? validate_xmit_skb_list+0x120/0x120 [ 466.329871][T12446] validate_xmit_skb_list+0x84/0x120 [ 466.335312][T12446] sch_direct_xmit+0xd4/0x4a0 [ 466.340034][T12446] ? read_lock_is_recursive+0x20/0x20 [ 466.345574][T12446] ? rcu_read_lock_bh_held+0x7a/0xe0 [ 466.351116][T12446] ? mrp_pdu_parse_vecattr_event+0x2a0/0x2a0 [ 466.357156][T12446] ? __lock_acquire+0x7c20/0x7c80 [ 466.362243][T12446] __dev_queue_xmit+0x173e/0x35a0 [ 466.367324][T12446] ? copyin+0x70/0x90 [ 466.371392][T12446] ? __dev_queue_xmit+0x245/0x35a0 [ 466.376555][T12446] ? netdev_core_pick_tx+0x340/0x340 [ 466.381877][T12446] ? virtio_net_hdr_to_skb+0xa31/0x14b0 [ 466.387486][T12446] ? skb_setup_tx_timestamp+0x1e0/0x1e0 [ 466.393187][T12446] ? packet_extra_vlan_len_allowed+0x200/0x200 [ 466.399382][T12446] ? skb_copy_datagram_from_iter+0x62e/0x6e0 [ 466.405447][T12446] ? packet_xmit+0x66/0x330 [ 466.409998][T12446] ? packet_sendmsg+0x3a48/0x4d30 [ 466.415160][T12446] packet_sendmsg+0x3b47/0x4d30 [ 466.420080][T12446] ? __might_sleep+0xe0/0xe0 [ 466.424719][T12446] ? perf_trace_lock+0xf7/0x380 [ 466.429623][T12446] ? aa_sk_perm+0x7fc/0x930 [ 466.434196][T12446] ? packet_getsockopt+0xa20/0xa20 [ 466.439444][T12446] ? aa_sock_msg_perm+0x94/0x150 [ 466.444599][T12446] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 466.449923][T12446] ? security_socket_sendmsg+0x80/0xa0 [ 466.455424][T12446] ? packet_getsockopt+0xa20/0xa20 [ 466.460683][T12446] ____sys_sendmsg+0x5bf/0x950 [ 466.465515][T12446] ? __asan_memset+0x22/0x40 [ 466.470168][T12446] ? __sys_sendmsg_sock+0x30/0x30 [ 466.475338][T12446] ? __import_iovec+0x3fa/0x860 [ 466.480249][T12446] ? import_iovec+0x73/0xa0 [ 466.484855][T12446] ___sys_sendmsg+0x220/0x290 [ 466.489600][T12446] ? __sys_sendmsg+0x270/0x270 [ 466.494518][T12446] ? __lock_acquire+0x7c80/0x7c80 [ 466.499607][T12446] __se_sys_sendmsg+0x1a5/0x270 [ 466.504510][T12446] ? __x64_sys_sendmsg+0x80/0x80 [ 466.509517][T12446] ? lockdep_hardirqs_on+0x98/0x150 [ 466.514763][T12446] do_syscall_64+0x55/0xb0 [ 466.519219][T12446] ? clear_bhb_loop+0x40/0x90 [ 466.523933][T12446] ? clear_bhb_loop+0x40/0x90 [ 466.528644][T12446] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 466.534622][T12446] RIP: 0033:0x7f297b18efc9 [ 466.539077][T12446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.558840][T12446] RSP: 002b:00007f297bf95038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 466.567565][T12446] RAX: ffffffffffffffda RBX: 00007f297b3e5fa0 RCX: 00007f297b18efc9 [ 466.575669][T12446] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 466.583775][T12446] RBP: 00007f297bf95090 R08: 0000000000000000 R09: 0000000000000000 [ 466.591872][T12446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 466.599874][T12446] R13: 00007f297b3e6038 R14: 00007f297b3e5fa0 R15: 00007ffc92426bf8 [ 466.607894][T12446] [ 466.751013][ T8460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 466.779772][ T8460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 466.924764][ T8460] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 466.960158][ T8460] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 467.667904][T12470] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2410'. [ 468.557710][ T5799] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 468.567953][ T5799] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 468.576548][ T5799] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 468.586999][ T5799] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 468.597059][ T5799] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 468.604872][ T5799] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 469.107135][ T8398] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.166146][T12489] delete_channel: no stack [ 469.306930][ T8398] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.389471][T12510] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.2418'. [ 469.406688][T12511] netlink: 'syz.3.2418': attribute type 33 has an invalid length. [ 469.447536][T12511] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2418'. [ 469.523218][ T8398] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.779514][ T8398] team0: Port device netdevsim0 removed [ 469.810597][ T8398] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.075853][T12493] chnl_net:caif_netlink_parms(): no params data found [ 470.298355][T12536] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 470.666112][T12493] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.677795][T12493] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.686962][T12493] bridge_slave_0: entered allmulticast mode [ 470.694938][T12493] bridge_slave_0: entered promiscuous mode [ 470.708879][ T5104] Bluetooth: hci4: command tx timeout [ 470.848699][T12493] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.855987][T12493] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.895242][T12493] bridge_slave_1: entered allmulticast mode [ 470.917311][T12493] bridge_slave_1: entered promiscuous mode [ 471.327983][T12493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.462193][T12493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 471.752749][T12493] team0: Port device team_slave_0 added [ 471.795735][T12493] team0: Port device team_slave_1 added [ 472.207809][T12493] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.225412][T12493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.301087][T12493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.787350][ T5104] Bluetooth: hci4: command tx timeout [ 472.946974][T12493] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 472.957316][T12493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.984255][T12493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 473.242418][T12493] hsr_slave_0: entered promiscuous mode [ 473.284306][T12493] hsr_slave_1: entered promiscuous mode [ 473.306753][T12493] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 473.325524][T12493] Cannot create hsr debugfs directory [ 473.438097][ T8398] hsr_slave_0: left promiscuous mode [ 473.459160][ T8398] hsr_slave_1: left promiscuous mode [ 473.538578][ T8398] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 473.546143][ T8398] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 473.564075][T12612] FAULT_INJECTION: forcing a failure. [ 473.564075][T12612] name failslab, interval 1, probability 0, space 0, times 0 [ 473.617369][T12612] CPU: 0 PID: 12612 Comm: syz.0.2440 Not tainted syzkaller #0 [ 473.624914][T12612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 473.635283][T12612] Call Trace: [ 473.638605][T12612] [ 473.641577][T12612] dump_stack_lvl+0x16c/0x230 [ 473.646316][T12612] ? show_regs_print_info+0x20/0x20 [ 473.651566][T12612] ? load_image+0x3b0/0x3b0 [ 473.656127][T12612] ? __might_sleep+0xe0/0xe0 [ 473.660859][T12612] ? __lock_acquire+0x7c80/0x7c80 [ 473.665950][T12612] should_fail_ex+0x39d/0x4d0 [ 473.670697][T12612] should_failslab+0x9/0x20 [ 473.675249][T12612] slab_pre_alloc_hook+0x59/0x310 [ 473.680329][T12612] ? tomoyo_encode+0x28b/0x540 [ 473.685155][T12612] ? tomoyo_encode+0x28b/0x540 [ 473.690065][T12612] __kmem_cache_alloc_node+0x53/0x260 [ 473.695498][T12612] ? tomoyo_encode+0x28b/0x540 [ 473.700316][T12612] __kmalloc+0xa4/0x240 [ 473.704543][T12612] tomoyo_encode+0x28b/0x540 [ 473.709468][T12612] tomoyo_realpath_from_path+0x592/0x5d0 [ 473.715187][T12612] tomoyo_path_number_perm+0x1ea/0x590 [ 473.720706][T12612] ? tomoyo_path_number_perm+0x1ba/0x590 [ 473.726401][T12612] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 473.731929][T12612] ? ksys_write+0x1c1/0x250 [ 473.736547][T12612] ? __fget_files+0x28/0x4d0 [ 473.741214][T12612] security_file_ioctl+0x70/0xa0 [ 473.746303][T12612] __se_sys_ioctl+0x48/0x170 [ 473.750954][T12612] do_syscall_64+0x55/0xb0 [ 473.755424][T12612] ? clear_bhb_loop+0x40/0x90 [ 473.760149][T12612] ? clear_bhb_loop+0x40/0x90 [ 473.764880][T12612] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 473.770834][T12612] RIP: 0033:0x7fe5d098efc9 [ 473.775286][T12612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 473.794945][T12612] RSP: 002b:00007fe5d1764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 473.803488][T12612] RAX: ffffffffffffffda RBX: 00007fe5d0be5fa0 RCX: 00007fe5d098efc9 [ 473.811489][T12612] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000005 [ 473.819486][T12612] RBP: 00007fe5d1764090 R08: 0000000000000000 R09: 0000000000000000 [ 473.827484][T12612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 473.835485][T12612] R13: 00007fe5d0be6038 R14: 00007fe5d0be5fa0 R15: 00007ffed0b73ad8 [ 473.843502][T12612] [ 473.877511][T12612] ERROR: Out of memory at tomoyo_realpath_from_path. [ 473.976417][ T8398] veth0_vlan: left promiscuous mode [ 474.867456][ T5104] Bluetooth: hci4: command tx timeout [ 476.583831][ T8398] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface [ 476.657067][ T8398] team0 (unregistering): Port device team_slave_1 removed [ 476.707410][ T8398] team0 (unregistering): Port device C removed [ 476.754598][ T8398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 476.953202][ T5104] Bluetooth: hci4: command tx timeout [ 477.302268][ T8398] bond0 (unregistering): Released all slaves [ 478.606222][T12648] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 478.612817][T12648] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 483.332811][T12687] netlink: 'syz.3.2455': attribute type 5 has an invalid length. [ 483.420328][T12493] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 483.433680][T12493] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 483.521408][T12493] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 484.399652][T12493] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 487.156445][T12493] 8021q: adding VLAN 0 to HW filter on device bond0 [ 487.291763][T12493] 8021q: adding VLAN 0 to HW filter on device team0 [ 487.412887][ T8439] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.420257][ T8439] bridge0: port 1(bridge_slave_0) entered forwarding state [ 487.515946][ T8439] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.523272][ T8439] bridge0: port 2(bridge_slave_1) entered forwarding state [ 488.885346][T12493] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 489.376076][T12493] veth0_vlan: entered promiscuous mode [ 489.533663][T12493] veth1_vlan: entered promiscuous mode [ 489.840250][T12493] veth0_macvtap: entered promiscuous mode [ 490.043688][T12493] veth1_macvtap: entered promiscuous mode [ 490.157990][T12493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.208546][T12493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.220805][T12493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.236359][T12493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.260643][T12493] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 490.288272][T12493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.317305][T12493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.329427][T12493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.340707][T12493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.353121][T12493] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 490.375883][T12493] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.384990][T12493] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.421522][T12493] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.458867][T12493] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.820775][ T8447] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 490.846962][ T8447] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 490.889645][ T8398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 490.901629][ T8398] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.269769][T12795] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2476'. [ 491.289786][T12795] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2476'. [ 491.312839][T12795] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2476'. [ 491.334316][T12795] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2476'. [ 492.225590][ T5799] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 492.251128][ T5799] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 492.262173][ T5799] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 492.275237][ T5799] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 492.284828][ T5799] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 492.297246][ T5799] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 492.571195][T12812] syzkaller0: entered allmulticast mode [ 492.939493][ T8402] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.162003][ T8402] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.416959][ T8402] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.464912][T12808] chnl_net:caif_netlink_parms(): no params data found [ 493.573959][T12827] netlink: 'syz.2.2483': attribute type 29 has an invalid length. [ 493.597964][ T8402] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.993197][T12827] netlink: 'syz.2.2483': attribute type 29 has an invalid length. [ 494.108255][T12832] netlink: 'syz.2.2483': attribute type 29 has an invalid length. [ 494.161909][T12836] netlink: 'syz.2.2483': attribute type 29 has an invalid length. [ 494.249468][T12808] bridge0: port 1(bridge_slave_0) entered blocking state [ 494.256742][T12808] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.280850][T12808] bridge_slave_0: entered allmulticast mode [ 494.302348][T12808] bridge_slave_0: entered promiscuous mode [ 494.344956][T12808] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.367551][T12808] bridge0: port 2(bridge_slave_1) entered disabled state [ 494.374881][T12808] bridge_slave_1: entered allmulticast mode [ 494.386723][T12808] bridge_slave_1: entered promiscuous mode [ 494.398672][ T5799] Bluetooth: hci0: command tx timeout [ 494.553941][T12808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 494.614063][T12808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 495.036148][T12808] team0: Port device team_slave_0 added [ 495.049526][T12808] team0: Port device team_slave_1 added [ 496.144238][T12808] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 496.159832][T12808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 496.200178][T12808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 496.300934][T12808] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 496.317327][T12808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 496.374534][T12808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 496.402601][T12881] netlink: 'syz.0.2499': attribute type 10 has an invalid length. [ 496.455171][T12881] team0: Port device wlan1 added [ 496.477876][ T5799] Bluetooth: hci0: command tx timeout [ 496.673826][T12808] hsr_slave_0: entered promiscuous mode [ 496.709851][T12808] hsr_slave_1: entered promiscuous mode [ 496.737428][T12808] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 496.791559][T12808] Cannot create hsr debugfs directory [ 498.399791][ T8402] [ 498.402200][ T8402] ====================================================== [ 498.409253][ T8402] WARNING: possible circular locking dependency detected [ 498.416317][ T8402] syzkaller #0 Not tainted [ 498.420772][ T8402] ------------------------------------------------------ [ 498.427819][ T8402] kworker/u4:16/8402 is trying to acquire lock: [ 498.434086][ T8402] ffff88803097cd00 (team->team_lock_key#4){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0 [ 498.443722][ T8402] [ 498.443722][ T8402] but task is already holding lock: [ 498.451212][ T8402] ffff88807cae0768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680 [ 498.461624][ T8402] [ 498.461624][ T8402] which lock already depends on the new lock. [ 498.461624][ T8402] [ 498.472059][ T8402] [ 498.472059][ T8402] the existing dependency chain (in reverse order) is: [ 498.481105][ T8402] [ 498.481105][ T8402] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}: [ 498.488887][ T8402] __mutex_lock+0x129/0xcc0 [ 498.493966][ T8402] ieee80211_open+0x144/0x200 [ 498.499214][ T8402] __dev_open+0x2bc/0x430 [ 498.504107][ T8402] dev_open+0xab/0x170 [ 498.508742][ T8402] team_add_slave+0xae7/0x2660 [ 498.514045][ T8402] do_setlink+0xe14/0x3fb0 [ 498.519001][ T8402] rtnl_newlink+0x175b/0x2020 [ 498.524226][ T8402] rtnetlink_rcv_msg+0x7c7/0xf10 [ 498.529809][ T8402] netlink_rcv_skb+0x216/0x480 [ 498.535384][ T8402] netlink_unicast+0x751/0x8d0 [ 498.540688][ T8402] netlink_sendmsg+0x8c1/0xbe0 [ 498.546002][ T8402] ____sys_sendmsg+0x5bf/0x950 [ 498.551315][ T8402] ___sys_sendmsg+0x220/0x290 [ 498.556536][ T8402] __se_sys_sendmsg+0x1a5/0x270 [ 498.561938][ T8402] do_syscall_64+0x55/0xb0 [ 498.566898][ T8402] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 498.573336][ T8402] [ 498.573336][ T8402] -> #0 (team->team_lock_key#4){+.+.}-{3:3}: [ 498.581536][ T8402] __lock_acquire+0x2ddb/0x7c80 [ 498.586931][ T8402] lock_acquire+0x197/0x410 [ 498.591978][ T8402] __mutex_lock+0x129/0xcc0 [ 498.597035][ T8402] team_del_slave+0x32/0x1c0 [ 498.602168][ T8402] team_device_event+0x28d/0xa20 [ 498.607746][ T8402] notifier_call_chain+0x197/0x390 [ 498.613409][ T8402] unregister_netdevice_many_notify+0xf36/0x1810 [ 498.620288][ T8402] unregister_netdevice_queue+0x324/0x360 [ 498.626557][ T8402] _cfg80211_unregister_wdev+0x16b/0x580 [ 498.632837][ T8402] ieee80211_remove_interfaces+0x496/0x680 [ 498.639289][ T8402] ieee80211_unregister_hw+0x5d/0x2a0 [ 498.645238][ T8402] mac80211_hwsim_del_radio+0x274/0x450 [ 498.651417][ T8402] hwsim_exit_net+0x585/0x640 [ 498.656644][ T8402] cleanup_net+0x6f4/0xb90 [ 498.661610][ T8402] process_scheduled_works+0xa45/0x15b0 [ 498.667699][ T8402] worker_thread+0xa55/0xfc0 [ 498.672840][ T8402] kthread+0x2fa/0x390 [ 498.677448][ T8402] ret_from_fork+0x48/0x80 [ 498.682408][ T8402] ret_from_fork_asm+0x11/0x20 [ 498.687727][ T8402] [ 498.687727][ T8402] other info that might help us debug this: [ 498.687727][ T8402] [ 498.698086][ T8402] Possible unsafe locking scenario: [ 498.698086][ T8402] [ 498.705637][ T8402] CPU0 CPU1 [ 498.711016][ T8402] ---- ---- [ 498.716406][ T8402] lock(&rdev->wiphy.mtx); [ 498.720935][ T8402] lock(team->team_lock_key#4); [ 498.728506][ T8402] lock(&rdev->wiphy.mtx); [ 498.735549][ T8402] lock(team->team_lock_key#4); [ 498.740518][ T8402] [ 498.740518][ T8402] *** DEADLOCK *** [ 498.740518][ T8402] [ 498.748683][ T8402] 5 locks held by kworker/u4:16/8402: [ 498.754076][ T8402] #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 498.765022][ T8402] #1: ffffc9000b68fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 498.775583][ T8402] #2: ffffffff8dfaee10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90 [ 498.785174][ T8402] #3: ffffffff8dfbbc48 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0 [ 498.795055][ T8402] #4: ffff88807cae0768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680 [ 498.805971][ T8402] [ 498.805971][ T8402] stack backtrace: [ 498.811924][ T8402] CPU: 1 PID: 8402 Comm: kworker/u4:16 Not tainted syzkaller #0 [ 498.819612][ T8402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 498.829787][ T8402] Workqueue: netns cleanup_net [ 498.834763][ T8402] Call Trace: [ 498.838057][ T8402] [ 498.841009][ T8402] dump_stack_lvl+0x16c/0x230 [ 498.845717][ T8402] ? load_image+0x3b0/0x3b0 [ 498.850240][ T8402] ? show_regs_print_info+0x20/0x20 [ 498.855474][ T8402] ? print_circular_bug+0x12b/0x1a0 [ 498.860698][ T8402] check_noncircular+0x2bd/0x3c0 [ 498.865664][ T8402] ? print_deadlock_bug+0x5d0/0x5d0 [ 498.870887][ T8402] ? lockdep_lock+0xe0/0x220 [ 498.875508][ T8402] ? __lock_acquire+0x1334/0x7c80 [ 498.880568][ T8402] ? _find_first_zero_bit+0xd3/0x100 [ 498.885998][ T8402] __lock_acquire+0x2ddb/0x7c80 [ 498.890912][ T8402] ? verify_lock_unused+0x140/0x140 [ 498.896139][ T8402] ? verify_lock_unused+0x140/0x140 [ 498.901464][ T8402] lock_acquire+0x197/0x410 [ 498.905999][ T8402] ? team_del_slave+0x32/0x1c0 [ 498.910791][ T8402] ? __might_sleep+0xe0/0xe0 [ 498.915405][ T8402] ? read_lock_is_recursive+0x20/0x20 [ 498.920808][ T8402] __mutex_lock+0x129/0xcc0 [ 498.925347][ T8402] ? team_del_slave+0x32/0x1c0 [ 498.930146][ T8402] ? __lock_acquire+0x7c80/0x7c80 [ 498.935198][ T8402] ? rcu_is_watching+0x15/0xb0 [ 498.939990][ T8402] ? trace_contention_end+0x39/0xe0 [ 498.945252][ T8402] ? __mutex_lock+0x304/0xcc0 [ 498.949980][ T8402] ? team_del_slave+0x32/0x1c0 [ 498.954771][ T8402] ? mutex_lock_nested+0x20/0x20 [ 498.959739][ T8402] ? bond_netdev_event+0xe1/0xef0 [ 498.964788][ T8402] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 498.970460][ T8402] ? bond_ipsec_offload_ok+0x410/0x410 [ 498.975965][ T8402] team_del_slave+0x32/0x1c0 [ 498.980581][ T8402] team_device_event+0x28d/0xa20 [ 498.985557][ T8402] notifier_call_chain+0x197/0x390 [ 498.990713][ T8402] unregister_netdevice_many_notify+0xf36/0x1810 [ 498.997074][ T8402] ? lock_chain_count+0x20/0x20 [ 499.001967][ T8402] ? unregister_netdevice_many+0x20/0x20 [ 499.007648][ T8402] ? kernfs_remove_by_name_ns+0x117/0x150 [ 499.013416][ T8402] ? __lock_acquire+0x7c80/0x7c80 [ 499.018488][ T8402] unregister_netdevice_queue+0x324/0x360 [ 499.024244][ T8402] ? list_netdevice+0x730/0x730 [ 499.029129][ T8402] ? kernfs_remove_by_name_ns+0x117/0x150 [ 499.034910][ T8402] _cfg80211_unregister_wdev+0x16b/0x580 [ 499.040607][ T8402] ieee80211_remove_interfaces+0x496/0x680 [ 499.046448][ T8402] ? ieee80211_do_stop+0x1db0/0x1db0 [ 499.051768][ T8402] ? rcu_is_watching+0x15/0xb0 [ 499.056580][ T8402] ieee80211_unregister_hw+0x5d/0x2a0 [ 499.061988][ T8402] mac80211_hwsim_del_radio+0x274/0x450 [ 499.067564][ T8402] ? rhashtable_remove_fast+0xbf0/0xbf0 [ 499.073141][ T8402] hwsim_exit_net+0x585/0x640 [ 499.077845][ T8402] ? hwsim_init_net+0x90/0x90 [ 499.082558][ T8402] ? __ip_vs_dev_cleanup_batch+0x238/0x250 [ 499.088385][ T8402] cleanup_net+0x6f4/0xb90 [ 499.092835][ T8402] ? ops_free_list+0x3b0/0x3b0 [ 499.097643][ T8402] ? _raw_spin_unlock_irq+0x23/0x50 [ 499.102865][ T8402] ? process_scheduled_works+0x957/0x15b0 [ 499.108616][ T8402] ? process_scheduled_works+0x957/0x15b0 [ 499.114362][ T8402] process_scheduled_works+0xa45/0x15b0 [ 499.119943][ T8402] ? assign_work+0x400/0x400 [ 499.124559][ T8402] ? assign_work+0x39e/0x400 [ 499.129184][ T8402] worker_thread+0xa55/0xfc0 [ 499.133913][ T8402] kthread+0x2fa/0x390 [ 499.138000][ T8402] ? pr_cont_work+0x560/0x560 [ 499.142708][ T8402] ? kthread_blkcg+0xd0/0xd0 [ 499.147393][ T8402] ret_from_fork+0x48/0x80 [ 499.151832][ T8402] ? kthread_blkcg+0xd0/0xd0 [ 499.156444][ T8402] ret_from_fork_asm+0x11/0x20 [ 499.161246][ T8402] [ 499.173075][ T5799] Bluetooth: hci0: command tx timeout [ 499.182351][ T8402] mac80211_hwsim hwsim9 wlan1 (unregistering): left promiscuous mode [ 499.190806][ T8402] mac80211_hwsim hwsim9 wlan1 (unregistering): left allmulticast mode [ 499.200358][ T8402] `: Port device wlan1 removed [ 499.268504][ T8487] wlan1: Trigger new scan to find an IBSS to join [ 499.381883][ T8402] hsr_slave_1: left promiscuous mode [ 499.390931][ T8402] veth1_macvtap: left promiscuous mode [ 499.396514][ T8402] veth0_macvtap: left promiscuous mode [ 499.406206][ T8402] veth1_vlan: left allmulticast mode [ 499.411927][ T8402] veth1_vlan: left promiscuous mode [ 499.639856][ T8402] macvlan1 (unregistering): left promiscuous mode [ 499.647741][ T8402] ` (unregistering): Port device macvlan1 removed [ 499.685209][ T8402] vlan0 (unregistering): left promiscuous mode [ 499.693681][ T8402] ` (unregistering): Port device vlan0 removed [ 499.800781][ T8402] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface [ 499.833058][ T8402] team_slave_1 (unregistering): left promiscuous mode [ 499.840271][ T8402] team_slave_1 (unregistering): left allmulticast mode [ 499.848631][ T8402] ` (unregistering): Port device team_slave_1 removed [ 499.911086][ T8402] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 500.154304][ T8402] bond0 (unregistering): Released all slaves [ 500.335539][T12808] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 500.346330][T12808] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 500.367358][T12808] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 500.404964][T12808] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 500.560022][T12808] 8021q: adding VLAN 0 to HW filter on device bond0 [ 500.585166][T12808] 8021q: adding VLAN 0 to HW filter on device team0 [ 500.599189][ T8402] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.606377][ T8402] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.640586][ T8402] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.647815][ T8402] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.859097][T12808] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 500.912193][T12808] veth0_vlan: entered promiscuous mode [ 500.925966][T12808] veth1_vlan: entered promiscuous mode [ 500.958303][T12808] veth0_macvtap: entered promiscuous mode [ 500.968780][T12808] veth1_macvtap: entered promiscuous mode [ 500.991100][T12808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 501.002275][T12808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.013725][T12808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 501.025638][T12808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.036539][T12808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 501.050573][T12808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.062886][T12808] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 501.080044][T12808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 501.090918][T12808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.103982][T12808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 501.114873][T12808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.126772][T12808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 501.139551][T12808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.151319][T12808] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 501.166700][T12808] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.175883][T12808] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.185672][T12808] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.195983][ T5799] Bluetooth: hci0: command tx timeout [ 501.201920][T12808] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.240832][T12808] ieee80211 phy17: Selected rate control algorithm 'minstrel_ht' [ 501.280008][ T8460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 501.284249][T12808] ieee80211 phy18: Selected rate control algorithm 'minstrel_ht' [ 501.296086][ T8460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 501.325899][ T8439] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 501.335082][ T8439] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 501.831247][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.838004][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.228161][ T8402] wlan1: Trigger new scan to find an IBSS to join [ 505.267518][ T8433] wlan1: Trigger new scan to find an IBSS to join [ 506.167662][ T8487] wlan1: Creating new IBSS network, BSSID 00:8d:8d:ff:00:00