Warning: Permanently added '10.128.0.108' (ED25519) to the list of known hosts. 2024/05/08 01:18:22 fuzzer started 2024/05/08 01:18:22 dialing manager at 10.128.0.169:30007 [ 57.293543][ T5083] cgroup: Unknown subsys name 'net' [ 57.403320][ T5083] cgroup: Unknown subsys name 'rlimit' 2024/05/08 01:18:24 code coverage: enabled 2024/05/08 01:18:24 comparison tracing: enabled 2024/05/08 01:18:24 extra coverage: enabled 2024/05/08 01:18:24 delay kcov mmap: enabled 2024/05/08 01:18:24 setuid sandbox: enabled 2024/05/08 01:18:24 namespace sandbox: enabled 2024/05/08 01:18:24 Android sandbox: /sys/fs/selinux/policy does not exist 2024/05/08 01:18:24 fault injection: enabled 2024/05/08 01:18:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/05/08 01:18:24 net packet injection: enabled 2024/05/08 01:18:24 net device setup: enabled 2024/05/08 01:18:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/05/08 01:18:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/05/08 01:18:24 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/05/08 01:18:24 USB emulation: enabled 2024/05/08 01:18:24 hci packet injection: enabled 2024/05/08 01:18:24 wifi device emulation: enabled 2024/05/08 01:18:24 802.15.4 emulation: enabled 2024/05/08 01:18:24 swap file: enabled 2024/05/08 01:18:24 starting 5 executor processes [ 58.812192][ T5083] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.824603][ T5083] syz-executor (5083) used greatest stack depth: 19024 bytes left [ 59.763124][ T5106] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.772481][ T5106] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 59.786387][ T5106] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 59.793884][ T5106] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.800475][ T5109] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 59.802796][ T5106] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 59.810501][ T5109] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 59.823956][ T5109] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 59.832210][ T5111] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 59.832600][ T5109] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 59.841489][ T5106] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 59.848164][ T5109] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.853520][ T5113] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 59.869755][ T5113] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 59.870564][ T5109] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 59.877142][ T5106] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 59.885299][ T5114] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 59.898757][ T5113] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.900358][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 59.906159][ T5109] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 59.913484][ T5114] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 59.921519][ T5109] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.927552][ T5114] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 59.934505][ T5113] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 59.943863][ T5106] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 59.949479][ T5113] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.958278][ T5106] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 59.969724][ T5106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 59.972581][ T5113] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 59.986883][ T5106] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 60.452165][ T5095] chnl_net:caif_netlink_parms(): no params data found [ 60.649917][ T5102] chnl_net:caif_netlink_parms(): no params data found [ 60.662072][ T5096] chnl_net:caif_netlink_parms(): no params data found [ 60.728850][ T5094] chnl_net:caif_netlink_parms(): no params data found [ 60.741727][ T5095] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.750576][ T5095] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.758212][ T5095] bridge_slave_0: entered allmulticast mode [ 60.765046][ T5095] bridge_slave_0: entered promiscuous mode [ 60.805155][ T5097] chnl_net:caif_netlink_parms(): no params data found [ 60.814868][ T5095] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.822962][ T5095] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.830671][ T5095] bridge_slave_1: entered allmulticast mode [ 60.837467][ T5095] bridge_slave_1: entered promiscuous mode [ 60.933233][ T5095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.994971][ T5095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.015763][ T5102] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.022922][ T5102] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.033385][ T5102] bridge_slave_0: entered allmulticast mode [ 61.041004][ T5102] bridge_slave_0: entered promiscuous mode [ 61.053315][ T5102] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.060617][ T5102] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.070785][ T5102] bridge_slave_1: entered allmulticast mode [ 61.077885][ T5102] bridge_slave_1: entered promiscuous mode [ 61.084544][ T5096] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.092712][ T5096] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.100120][ T5096] bridge_slave_0: entered allmulticast mode [ 61.107714][ T5096] bridge_slave_0: entered promiscuous mode [ 61.148734][ T5096] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.156062][ T5096] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.163218][ T5096] bridge_slave_1: entered allmulticast mode [ 61.170444][ T5096] bridge_slave_1: entered promiscuous mode [ 61.186754][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.193898][ T5094] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.201275][ T5094] bridge_slave_0: entered allmulticast mode [ 61.208785][ T5094] bridge_slave_0: entered promiscuous mode [ 61.228246][ T5095] team0: Port device team_slave_0 added [ 61.281585][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.291691][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.299219][ T5094] bridge_slave_1: entered allmulticast mode [ 61.307784][ T5094] bridge_slave_1: entered promiscuous mode [ 61.324141][ T5095] team0: Port device team_slave_1 added [ 61.351920][ T5102] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.364489][ T5102] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.377851][ T5096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.400257][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.421215][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.428946][ T5097] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.436789][ T5097] bridge_slave_0: entered allmulticast mode [ 61.443556][ T5097] bridge_slave_0: entered promiscuous mode [ 61.451882][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.459769][ T5097] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.467218][ T5097] bridge_slave_1: entered allmulticast mode [ 61.474029][ T5097] bridge_slave_1: entered promiscuous mode [ 61.492022][ T5096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.513359][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.532158][ T5095] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.539217][ T5095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.566021][ T5095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.616094][ T5102] team0: Port device team_slave_0 added [ 61.652020][ T5095] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.664331][ T5095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.691192][ T5095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.705293][ T5097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.719896][ T5097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.731425][ T5102] team0: Port device team_slave_1 added [ 61.749622][ T5096] team0: Port device team_slave_0 added [ 61.759774][ T5096] team0: Port device team_slave_1 added [ 61.768768][ T5094] team0: Port device team_slave_0 added [ 61.781968][ T5094] team0: Port device team_slave_1 added [ 61.818704][ T5102] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.826090][ T5102] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.853674][ T5102] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.901907][ T5097] team0: Port device team_slave_0 added [ 61.912149][ T5097] team0: Port device team_slave_1 added [ 61.918861][ T5102] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.927063][ T5102] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.953254][ T5102] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.976401][ T52] Bluetooth: hci0: command tx timeout [ 61.996508][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.003501][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.029488][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.055902][ T52] Bluetooth: hci2: command tx timeout [ 62.055918][ T5113] Bluetooth: hci1: command tx timeout [ 62.067104][ T5113] Bluetooth: hci4: command tx timeout [ 62.067389][ T5113] Bluetooth: hci3: command tx timeout [ 62.082490][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.090100][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.116211][ T5096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.129812][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.136942][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.162939][ T5096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.191463][ T5095] hsr_slave_0: entered promiscuous mode [ 62.198139][ T5095] hsr_slave_1: entered promiscuous mode [ 62.205698][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.212662][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.239178][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.251447][ T5097] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.258677][ T5097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.284966][ T5097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.325047][ T5102] hsr_slave_0: entered promiscuous mode [ 62.331522][ T5102] hsr_slave_1: entered promiscuous mode [ 62.338187][ T5102] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.346784][ T5102] Cannot create hsr debugfs directory [ 62.379098][ T5097] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.389146][ T5097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.416504][ T5097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.508161][ T5096] hsr_slave_0: entered promiscuous mode [ 62.514540][ T5096] hsr_slave_1: entered promiscuous mode [ 62.521083][ T5096] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.528840][ T5096] Cannot create hsr debugfs directory [ 62.557005][ T5094] hsr_slave_0: entered promiscuous mode [ 62.563257][ T5094] hsr_slave_1: entered promiscuous mode [ 62.570723][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.578616][ T5094] Cannot create hsr debugfs directory [ 62.603291][ T5097] hsr_slave_0: entered promiscuous mode [ 62.610183][ T5097] hsr_slave_1: entered promiscuous mode [ 62.617312][ T5097] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.624912][ T5097] Cannot create hsr debugfs directory [ 63.039254][ T5102] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 63.052257][ T5102] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 63.072067][ T5102] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 63.090809][ T5102] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 63.135042][ T5095] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 63.144554][ T5095] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 63.169702][ T5095] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 63.180663][ T5095] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 63.256630][ T5096] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 63.310636][ T5096] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 63.321407][ T5096] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 63.347495][ T5096] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 63.373673][ T5094] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 63.384688][ T5094] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 63.394319][ T5094] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 63.404192][ T5094] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 63.516024][ T5102] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.534779][ T5097] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.547242][ T5097] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.573251][ T5097] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.605942][ T5097] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.621053][ T5095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.634381][ T5102] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.674675][ T930] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.682090][ T930] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.729222][ T5095] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.763962][ T930] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.771134][ T930] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.781489][ T930] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.788651][ T930] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.831444][ T5107] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.838581][ T5107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.901122][ T5096] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.970294][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.991920][ T5096] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.023456][ T5107] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.030592][ T5107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.056024][ T5113] Bluetooth: hci0: command tx timeout [ 64.081028][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.088234][ T5098] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.120058][ T5094] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.139071][ T5113] Bluetooth: hci3: command tx timeout [ 64.139676][ T5108] Bluetooth: hci2: command tx timeout [ 64.144491][ T5113] Bluetooth: hci4: command tx timeout [ 64.150322][ T52] Bluetooth: hci1: command tx timeout [ 64.217681][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.224856][ T5098] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.249976][ T5097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.276895][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.284067][ T5098] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.398256][ T5097] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.414860][ T5095] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.430781][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.437917][ T5098] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.473372][ T5102] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.519678][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.526919][ T5098] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.713284][ T5095] veth0_vlan: entered promiscuous mode [ 64.743618][ T5095] veth1_vlan: entered promiscuous mode [ 64.838265][ T5095] veth0_macvtap: entered promiscuous mode [ 64.889269][ T5095] veth1_macvtap: entered promiscuous mode [ 64.971291][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.033427][ T5096] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.045363][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.083088][ T5095] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.093114][ T5095] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.104804][ T5095] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.113983][ T5095] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.144404][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.301120][ T5097] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.324523][ T5102] veth0_vlan: entered promiscuous mode [ 65.334286][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.348112][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.362221][ T5096] veth0_vlan: entered promiscuous mode [ 65.421309][ T5102] veth1_vlan: entered promiscuous mode [ 65.432140][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.442599][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.449448][ T5096] veth1_vlan: entered promiscuous mode executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181003f000000000100000010001f0e0027000200000000800200121f", 0x2e}], 0x1}, 0x0) [ 65.497870][ T5094] veth0_vlan: entered promiscuous mode [ 65.528142][ T5097] veth0_vlan: entered promiscuous mode [ 65.631442][ T5096] veth0_macvtap: entered promiscuous mode [ 65.644631][ T5094] veth1_vlan: entered promiscuous mode [ 65.663183][ T5181] netlink: 'syz-executor.1': attribute type 39 has an invalid length. executing program 1: r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x80, 0x2, 0xb3, 0x5, 0x0, 0x2, 0x1400, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x91, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x4000, 0x1f, 0xdfd2, 0x8, 0x0, 0x20, 0x4, 0x0, 0x5, 0x0, 0x100000000}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x401) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe8, 0xe8, 0x5, [@union={0xb, 0x4, 0x0, 0x5, 0x1, 0x1, [{0x8, 0x3, 0x7}, {0x10, 0x3, 0x101}, {0xe, 0x0, 0x7fff}, {0x9, 0x3, 0x5}]}, @int={0x5, 0x0, 0x0, 0x1, 0x0, 0x5a, 0x0, 0x4e, 0x4}, @func={0x6, 0x0, 0x0, 0xc, 0x4}, @struct={0xd, 0x9, 0x0, 0x4, 0x0, 0x81, [{0x7, 0x3}, {0x6, 0x1, 0x7}, {0x7, 0x2, 0x9}, {0xb, 0x5, 0x9c04}, {0x5, 0x3, 0x3f}, {0x1, 0x1, 0x7fffffff}, {0xa, 0x2, 0xfffffffa}, {0x1, 0x2, 0x36}, {0x0, 0x0, 0x401}]}, @fwd={0x2}, @restrict={0xd, 0x0, 0x0, 0xb, 0x2}]}, {0x0, [0x61, 0x5f, 0x61]}}, &(0x7f0000000200)=""/148, 0x105, 0x94, 0x0, 0x1f}, 0x20) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup/syz0\x00', 0x1ff) perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0xf9, 0x6, 0x80, 0x4, 0x0, 0x2, 0x20308, 0xc, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x400, 0x7, @perf_config_ext={0x4, 0x7fff}, 0x0, 0x10001, 0xc6, 0x2, 0x200, 0x6, 0x7ff, 0x0, 0x80, 0x0, 0xffffffff}, 0xffffffffffffffff, 0xe, r1, 0x0) r2 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000003c0)='tasks\x00', 0x2, 0x0) r3 = getpid() write$cgroup_pid(r2, &(0x7f0000000400)=r3, 0x12) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000440)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000480)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x4, [@var={0xf, 0x0, 0x0, 0xe, 0x5, 0x1}, @restrict={0x1, 0x0, 0x0, 0xb, 0x3}, @const={0xa, 0x0, 0x0, 0xa, 0x1}, @fwd={0x9}]}, {0x0, [0x2e, 0x5f]}}, &(0x7f0000000540)=""/78, 0x50, 0x4e}, 0x20) r6 = perf_event_open(&(0x7f00000006c0)={0x4, 0x80, 0xf7, 0x3f, 0x0, 0x7, 0x0, 0x8000000000000000, 0x0, 0xd, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x1, 0x4}, 0x100024, 0x3, 0x5, 0x0, 0x5, 0x27, 0x800, 0x0, 0xfff, 0x0, 0x290c}, r3, 0x1, 0xffffffffffffffff, 0x8) r7 = perf_event_open(&(0x7f0000000640)={0x4, 0x80, 0x80, 0xff, 0x5, 0x3f, 0x0, 0xfd, 0x48000, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000600)}, 0x4300, 0x1, 0x7, 0x0, 0x7, 0x1, 0x9, 0x0, 0xbe, 0x0, 0x7}, r3, 0x2, r6, 0x8) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xed, 0xed, 0x6, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x4, 0x3}}, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x9, 0x1}, {0x9, 0x3}, {0x0, 0x5}, {0x5}, {0x4, 0x4}]}, @datasec={0x5, 0x3, 0x0, 0xf, 0x2, [{0x1, 0x1, 0x42}, {0x1, 0x80000000, 0xddb}, {0x3, 0x80, 0x7fffffff}], "c037"}, @fwd={0x5}, @restrict={0x4}, @typedef={0x6, 0x0, 0x0, 0x8, 0x2}, @datasec={0xc, 0x5, 0x0, 0xf, 0x3, [{0x1, 0x8, 0x1f}, {0x4, 0x5, 0x1ff}, {0x1, 0x7, 0x6d3}, {0x4, 0xfffffffc, 0x5}, {0x4, 0x8, 0x2}], "2de914"}]}, {0x0, [0x61, 0x2e, 0x5f, 0x61]}}, &(0x7f0000000880)=""/100, 0x10e, 0x64, 0x0, 0xffff}, 0x20) r8 = openat$cgroup_subtree(r4, &(0x7f0000000940), 0x2, 0x0) r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x7, '\x00', 0x0, r4, 0x4, 0x1, 0x2}, 0x48) write$cgroup_subtree(r8, &(0x7f0000000a00)={[{0x2b, 'net_cls'}, {0x2d, 'freezer'}, {0x2d, 'freezer'}, {0x2d, 'memory'}, {0x2b, 'hugetlb'}, {0x2b, 'cpuacct'}]}, 0x35) perf_event_open(&(0x7f0000000a40)={0x3, 0x80, 0x7, 0x6, 0x3, 0x5, 0x0, 0x6, 0x4, 0xf, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0xf6c, 0x3}, 0x2080, 0xffff, 0x7f, 0x4, 0x80000001, 0x4, 0x2, 0x0, 0x1000, 0x0, 0x8}, r3, 0xe, r7, 0x3) write$cgroup_subtree(r8, &(0x7f0000000ac0)={[{0x2d, 'cpuset'}, {0x7d, 'cpu'}, {0x2b, 'cpuacct'}, {0x2d, 'devices'}, {0x2d, 'net'}]}, 0x24) socket$kcm(0x29, 0x5, 0x0) r10 = getpid() perf_event_open(&(0x7f0000000b40)={0x1, 0x80, 0x7f, 0x1f, 0xea, 0x7a, 0x0, 0x40, 0x4040, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000b00)}, 0x12018, 0x3, 0x3ff, 0x4, 0x1, 0x20, 0x0, 0x0, 0xe237, 0x0, 0x8c}, r10, 0xf, 0xffffffffffffffff, 0xa) write$cgroup_int(r5, &(0x7f0000000bc0)=0x3, 0x12) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000d00)={r5, &(0x7f0000000c00)="44b84734f43c8ca8dbadca5e6bfa1855ce2109090998f317391ac54d5b3a7cccc2e13fa4b0e598c301366c97b44d404496f14186e615a2b846c962102bfb5f9423e2a102f7cce7205c374e58d0ae6f6a909c5ef35878a21ca2a14f5fda35dc99adc3ef7caa268eb6cd467ad2f229c49eb75467a47943cb198ac62f2de8a523fa63ff96e863892956b3fb0167a992bd6a7ac9e044131cb134e305e72767116826b555dac605b2", &(0x7f0000000cc0)=""/62}, 0x20) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000d40)=0x401) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000dc0)=@generic={&(0x7f0000000d80)='./file0\x00', r4}, 0x18) r11 = socket$kcm(0x29, 0x2, 0x0) sendmsg$kcm(r11, &(0x7f0000001580)={&(0x7f0000000e00)=@l2tp={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000001480)=[{&(0x7f0000000e80)="f9305bddf77619d7f1ff0ba7ed94582769c88f1fb36e93b190a2c09b4bda885c4988be4aa4c522b2ec34e49712b62bb4b3c093814b1f455e6d869cf719d1a22467519c0553178309817ec990e90df4ba0e18325673747f9903891028c3ad5b0ed0d03c60d444136d0c664e8d99d9dc49f7a222f54453cb5a52dada58dcb1cffaf76e6bfa4072f445ee4c0421f822b3dfaa95c1f7d1a74a5ed30e4e1df12dd1753d01986aa457bbb9", 0xa8}, {&(0x7f0000000f40)="034e1eed93ee66ef4b35d0771d6e9bb76f3984f079ec26863d83d5ea9c21918f135bcf75a027a5106d3058a8915927e5fe7aff36ff408de139bf6577cbffd1f7c5e241e0991e1391d2e21fd56f3e9076a68ae52a33ccca5644cb014271d19089fa650b97968b0b47e9035b6a076428ca045af820126061cdc0317a27815ec59ade44c02737ff2b764431790801e3d2943ac53158813581c6", 0x98}, {&(0x7f0000001000)="ace12b92614a0c038350884bd02a3688eadd58975352522d9081436f798f63ba3d0eb8bed3b76c7bf590030c5de43b820e71d9077fa45cbae2e55290953a2f5f1819b68d57a61bbef173abdd072ffb77de8cfa3c8c49b7e96339c5bf377a3d9a0a5a8acf6de241d4ced36c09e9b9c6dca51389ce310394eb7ce0eb67080beed61fd7f8a477511cfc746d2413b53d0aca4fbd8f4b562ecbb036191a6a7129f7f788d679ff4adf617a961f62c9b638edba67de74918e613fac2124ac3bc5c5b5e706fcd74ff89c5bdfc0f1387ef5f082c42aa6d64f2cf34a1b1914458c71963a742b9325", 0xe3}, {&(0x7f0000001100)="afe5e8f95e8c65a5511c9e58a9c3f06cd394d04256cc7b164964a1f6621eff5d06de175fa7653b6792eba3debc4b0aa1dae8ab7c81e329c8a15060dcdd633e40e6ab54f949d38f2dfdf66bceb0785a1e92f4d83e18c15701aa5e34fba6be9e915b876f96a6e6", 0x66}, {&(0x7f0000001180)="74bd869f53847078bde258c548e25a467f80600ac3cc7656aba37251f716abeebc340de39af730909de29ea3a86abefdda4ab27ad85ccadc713474820e5d4c5fb93172b1d2fc5402ebf76bdb900df6b0ff0f3e09946c4e507e8f", 0x5a}, {&(0x7f0000001200)="6143d141565ce4c81d3c0d33efd321fb335b8fa87387a00d95dc7f2d3f108a9b86fa962d0575978fbe32214c59ad17bfbc78c56d614c38666388c2bfbc41ba55f9a1eee30584ba0baa6065e5e4298640c6240ac8e79d29a188d3adb32eef55e79f5e351ed4df86d8c58a433011e329fea90768d45c756f45456fad727f3688c8cd2c240b58c404a768993907bdb45b1793c0a82577ca934a569fdfb92cd86a8f05897bb25f18cd3bf864c3b308a4176d77ffc40655e918019d9173fb0e6aa4967319e3315dd9f75d151fa3e72de6e1cb8779652ccaecccb65263ac85", 0xdc}, {&(0x7f0000001300)="018da5410c4c23b9f97cb885be57860418488cac78d2e8ff09791812f45fa349e3bf096d8f8c097a96dd2438b4b755a0e6569ededb9ce02b51aa5e10db065cdc0ab4fa3835bbfc56d11029c7fc0e2a7793a775d1b504fe190fe0db2e95b97ec0ccfcc743142af0978f942e39f8d8d7ab2c7ff09976b97f8405eb0cdbfc0447f23d78b3de72a75c2fb803c87fcfd7da2a1bad55463c1aac2f7f75206903214a621fee2bcb937b33c49c3990", 0xab}, {&(0x7f00000013c0)="c4c3f95f08a04f9e7e70ea0e177e22001c41c1bce5dc467d218d84b72933b0fb83a4e5a54eed1ca9c237cd98fe42da12b00953d409ea68e5113422a2787a1f788f4ecd5f146a430e3b3c369efbcbf8e177ba70f98570d0fa7b6527d5e55885c446a7020237037607f2e1588bd73ff455fd6c16f9a2006afe723b8479f2d6f44d25eb2b3d0688", 0x86}], 0x8, &(0x7f0000001500)=[{0x70, 0x111, 0x3e3, "12e97f7b23823bfcf37aaa0447c9b2d482e735d5b29bec9afb709038d4e0072f0328b6d01663e3c72600950ecec3adc65353348504dee5acc9d987b30c6f5132efd39e47a141f83fcacf26422599085b52fa4769c49483f5bedf62"}], 0x70}, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001700)={r9, &(0x7f00000015c0)="98b3992ce0b49a2825fc4f4708411abc9a4deba6d459891a4b74fd634b86", &(0x7f0000001600)=""/229}, 0x20) write$cgroup_subtree(r4, &(0x7f0000001740)={[{0x2d, 'cpuacct'}, {0x0, 'cpu'}, {0x2d, 'rlimit'}, {0x2d, 'io'}, {0x71, 'perf_event'}, {0x6, 'cpuacct'}, {0x2d, 'perf_event'}]}, 0x3b) [ 65.682609][ T5102] veth0_macvtap: entered promiscuous mode [ 65.695327][ T5096] veth1_macvtap: entered promiscuous mode [ 65.704005][ T5097] veth1_vlan: entered promiscuous mode [ 65.749374][ T5102] veth1_macvtap: entered promiscuous mode executing program 1: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, &(0x7f00000001c0)=[0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1c, &(0x7f0000000240)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0xf7, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000600), 0x4) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0x20, &(0x7f0000000840)={&(0x7f00000006c0)=""/135, 0x87, 0x0, &(0x7f0000000780)=""/133, 0x85}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x9, 0x18, &(0x7f0000000080)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x69b}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0x9, 0x5, 0x0, 0x2}, @exit, @generic={0x6, 0x1, 0x5, 0x7f, 0x10001}, @alu={0x7, 0x1, 0xa, 0x0, 0x5, 0x20, 0x10}, @jmp={0x5, 0x1, 0xd, 0x4, 0x2, 0x50, 0xfffffffffffffffc}, @ldst={0x1, 0x0, 0x2, 0x3, 0x9, 0xfffffffffffffffe, 0x4}, @call={0x85, 0x0, 0x0, 0x64}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000a00)='GPL\x00', 0x2b3d, 0x0, 0x0, 0x40f00, 0xd, '\x00', r2, 0x14, r3, 0x8, &(0x7f0000000640)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x5, 0x3, 0x1ff, 0x8}, 0x10, r4, 0xffffffffffffffff, 0x3, &(0x7f00000008c0)=[r0], &(0x7f0000000900)=[{0x0, 0x3, 0xa, 0xc}, {0x0, 0x4, 0x10, 0xb}, {0x5, 0x2, 0xa, 0x5}]}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0xb, 0xff7, &(0x7f0000001e00)=""/4087}, 0x90) executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc409559b8ca3ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d622a86eb3a00d622924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c10cd3e1f95872499a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f34ff60ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757308220399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc948239120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be317ac9a19ea20f2170d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc211c280abe51427b9f6cd72b5da6d0252803c66730cd5f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33384253af570f4ef9c0254afdd89c73943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711b8d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b703043f4b2497ae5602473d8c1bb627d5f73790476a4a2e8b1f71d611b964059bd6cf526298497b52a9260b0a9c6e4896360edfba316e1eff1bf2d910438654323b2e617b7e2d974b2b03270a1d0449274dea794c000000000000000000000000000700000000005c4cef7458e06bdb257208d5f9ece51f0034a38513d27975b6288cb800a1f8ca1cd8c1e84be09e5837ae7f1b6bcf5f0e1f9d9e617c787dc5a21d6f11420d9f97023694e5d42a656e04e96755389e944f6d2d15ef344825a78e41dd64174203dd47c192331e27f2ce18484f1ef77ab2713e0e8ded6b45031900d492ad499c70f5c1cd54eae56248847c959e68b95824c33005dc3c1c8b2ce1a97cae4f68c3a29f4bc9027aeed05eeced9785dc5f162ff054c030d4e9975918423dec46aa7d83ee20b25c672f7dd5dfb84d0e31cf625b0d46ea04af5a98e29505a4052a14db48906195396c97ad76789e264b5d361ff876fd05c250c8e3084276c18dc31537d8ca8f03a71546fe540bbf5c96c6b56fae576e4aa97eeaf8acfdb744ad709ce2bc833f2fe1aaf10f596f5f228df26e5b56bd794faa0a227ebe5f24a3bbce1c702067a3f7626b8ad3549e9e5ff5493e10cc3f4ff691a58e3cceb7f5700e"], &(0x7f0000000000)='GPL\x00', 0x5}, 0x90) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0x10000, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffc, 0x0, 0x0, 0x0, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000140)='syz1\x00', 0x200002, 0x0) openat$cgroup_procs(r2, &(0x7f0000000180)='cgroup.threads\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r3 = socket$kcm(0x2, 0x3, 0x106) sendmsg$inet(r3, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x30, 0x0, 0x7, {[@noop, @timestamp_prespec={0x44, 0x1c, 0x12, 0x3, 0x0, [{@loopback}, {}, {@multicast2}]}]}}}], 0x30}, 0x0) [ 65.864125][ T5102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.882462][ T5102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.902503][ T5102] batman_adv: batadv0: Interface activated: batadv_slave_0 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0xb, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, [@btf_id={0x18, 0xa, 0x3, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x96e, 0x0, 0x0, 0x0, 0x9}, @map_idx={0x18, 0x6, 0x5, 0x0, 0x9}, @ldst={0x1, 0x2, 0x3, 0x8, 0x2, 0x8, 0x10}, @exit]}, &(0x7f00000000c0)='GPL\x00', 0xc0, 0xb8, &(0x7f0000000100)=""/184, 0x41000, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x4, 0x9, 0x124, 0xd23}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff], &(0x7f0000000280)=[{0x1, 0x2, 0x2}, {0x1, 0x5, 0x6, 0xa}, {0x5, 0x2, 0xe, 0x4}], 0x10, 0x5775}, 0x90) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbc0413a181003f000000000100000010001f0e0027000f00000000800200121f", 0x2e}], 0x1}, 0x0) [ 65.928838][ T5102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.949972][ T5102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.962551][ T5102] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.003489][ T5097] veth0_macvtap: entered promiscuous mode [ 66.016740][ T5094] veth0_macvtap: entered promiscuous mode [ 66.044854][ T5102] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.059186][ T5102] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.068545][ T5102] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.077895][ T5102] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.092585][ T5097] veth1_macvtap: entered promiscuous mode [ 66.102688][ T5190] netlink: 'syz-executor.1': attribute type 39 has an invalid length. [ 66.112491][ T5190] veth0_macvtap: left promiscuous mode [ 66.137933][ T5108] Bluetooth: hci0: command tx timeout [ 66.157803][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.172731][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.182843][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.193923][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.210924][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.218352][ T5108] Bluetooth: hci4: command tx timeout [ 66.227342][ T52] Bluetooth: hci1: command tx timeout [ 66.227354][ T5113] Bluetooth: hci3: command tx timeout [ 66.235616][ T5108] Bluetooth: hci2: command tx timeout [ 66.248074][ T5094] veth1_macvtap: entered promiscuous mode [ 66.273392][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.283953][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.295364][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.307921][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.322191][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.345683][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.357202][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.367812][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.381259][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.392377][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.403624][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.414765][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.431634][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.442266][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.453297][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.465129][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.475022][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.485713][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.499618][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.526493][ T5096] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.535243][ T5096] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.555529][ T5096] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.564389][ T5096] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.584670][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.595694][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.608499][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.619656][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.629547][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.640418][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.650327][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.661762][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.673718][ T5097] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.684962][ T5094] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.693959][ T5094] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.703738][ T5094] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.714265][ T5094] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.740482][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.751251][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.762820][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.773502][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.786993][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.798054][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.808661][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.819232][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.830485][ T5097] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.877575][ T5097] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.892546][ T5097] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.903041][ T5097] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.912414][ T5097] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.939563][ T746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.953342][ T746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.059339][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.071457][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.097578][ T746] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.110800][ T746] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="1802000000000000040000000000004397000000ad0000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x7, 0xb, &(0x7f00000020c0)=""/191}, 0x90) [ 67.175540][ T930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.201640][ T930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 4: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a80)='./cgroup.net/syz1\x00', 0x200002, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001180)={0xffffffffffffffff, 0x0, 0x0, 0xd90ac387e2dc616c}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x2, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x93, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x61e5cc96}, 0x90) r5 = socket$kcm(0x11, 0x2, 0x0) sendmsg$sock(r5, &(0x7f00000000c0)={&(0x7f0000000200)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x80, 0x0}, 0x0) recvmsg$unix(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x140) (async) recvmsg$unix(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x140) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x3, &(0x7f00000000c0)=@framed={{0x46, 0xa, 0x0, 0x0, 0x0, 0x79, 0x10, 0x98}}, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x4}, 0x48) (async) r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x4}, 0x48) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000180)=r6, 0x4) (async) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000180)=r6, 0x4) r7 = gettid() bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000800)={@cgroup, 0xffffffffffffffff, 0x14, 0x0, 0xffffffffffffffff, @prog_id=0xffffffffffffffff}, 0x20) r8 = perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x7, 0x80, 0x8, 0x7, 0x0, 0xc, 0x0, 0x7, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x7ffd, 0x4, @perf_bp={&(0x7f0000000340), 0x4}, 0x20, 0x93, 0x8, 0x0, 0x402, 0x7, 0x4, 0x0, 0x8000001, 0x0, 0x3}, r7, 0x6, r4, 0x18) ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r3) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000b40)="a2", 0xfffffd2a}], 0x1, 0x0, 0x0, 0x20000000}, 0x4000041) (async) sendmsg$tipc(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000b40)="a2", 0xfffffd2a}], 0x1, 0x0, 0x0, 0x20000000}, 0x4000041) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x6, 0x1}, 0x48) sendmsg$tipc(r9, &(0x7f0000000a40)={&(0x7f00000004c0)=@name={0x1e, 0x2, 0x3, {{0x2, 0x3}, 0x2}}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000500)="186a7a19a12320dbf57797e0923107b4ce2c62658dffb3b0cc062014b683c66e20232f160986eacf084f29342e93c2877168211c6cc80e133fbd063bfa06b9fd55541e54131b3b245cf5f1db721ced93139e44afe76f63fa00aa3291defcc2b382ba7868ab4f130158f9e000445ad1dc130be7e1b6a08cfdb589e07da96e1fb4c4969f8f630db5ad24439bac1537e5c5918de4998eb6ac07479873d6c7b9468c8213fb0dbef29e74836e991fd673c0b262ae495d4736110aee29fd899d8cfa30f9d4a75d3b639621f43022852a4b17f8a489c6d443b66eb4e2aeda68e5ae2243fd2fced74dac182c57818207e5048953b5b56e9cbf414aa113a9", 0xfa}, {&(0x7f0000000600)="1e5247fb403364db8df9bb4c04e1328808b2a69578284f7f9e96e8b698c54ab4616328bd70ca0fdede40d70b2359c82672846a8ad8faab6b15629fb13c7be31aa2accfe496678247b6472a4b5f600a91c8130995c9ac14afd8990f938f10086720da764664ca883f85fcdaf243d205a33e5e6c86e2025795471a0c39b2099217c4a054c3fad6defab472113390ffad392c06a8d2953720e72626ee9eb89100dc5d70454b60046c0f8b0778a648953205997685cc93dad72ee0d97fedeb2a56a62ba1f18ec4635701d33748259022da8e920df2f3109f486e725d3e1d97122d47c0b5af0cee944292", 0xe8}, {&(0x7f0000000700)="27706ed718082a4147b83d0489bdb01dc576b0e1fa05a9f15db9bdac7e29fa4d18723d64ed8f2cf4a9fa31df7d510b571e5e6d29dd03b9c8f503a5a0ae7f69f755aff792c1d88ff6e680a8f89f2eb1d6b3b5e2f75ad2fc1b2f2b512b73ba20551d41bdd4895b0fefdd89ddcb42976473", 0x70}], 0x3, &(0x7f0000000840)="7433c32b730fe34d38cfb48f862b6fa23a6fd4a8a2a8c95787f336c9e01357898969ad7e90b6f80cde7f16225c62e63826d94b11bde41743a609c8b2cf39cbfab4f2295bfcf1ea4a3b234b82e38f93041ccaf083e48f10ecdc73850723d9d9742fc74df84045fc852742e23179cdeb6fb07707b5fd75a519f88ed1ecd2060dcb49ae47d189929f0256231f8182b84327642d86473cf18822f93fef52099b4636905f95ac5542c6fcf72831", 0xab, 0x4000}, 0x20008005) (async) sendmsg$tipc(r9, &(0x7f0000000a40)={&(0x7f00000004c0)=@name={0x1e, 0x2, 0x3, {{0x2, 0x3}, 0x2}}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000500)="186a7a19a12320dbf57797e0923107b4ce2c62658dffb3b0cc062014b683c66e20232f160986eacf084f29342e93c2877168211c6cc80e133fbd063bfa06b9fd55541e54131b3b245cf5f1db721ced93139e44afe76f63fa00aa3291defcc2b382ba7868ab4f130158f9e000445ad1dc130be7e1b6a08cfdb589e07da96e1fb4c4969f8f630db5ad24439bac1537e5c5918de4998eb6ac07479873d6c7b9468c8213fb0dbef29e74836e991fd673c0b262ae495d4736110aee29fd899d8cfa30f9d4a75d3b639621f43022852a4b17f8a489c6d443b66eb4e2aeda68e5ae2243fd2fced74dac182c57818207e5048953b5b56e9cbf414aa113a9", 0xfa}, {&(0x7f0000000600)="1e5247fb403364db8df9bb4c04e1328808b2a69578284f7f9e96e8b698c54ab4616328bd70ca0fdede40d70b2359c82672846a8ad8faab6b15629fb13c7be31aa2accfe496678247b6472a4b5f600a91c8130995c9ac14afd8990f938f10086720da764664ca883f85fcdaf243d205a33e5e6c86e2025795471a0c39b2099217c4a054c3fad6defab472113390ffad392c06a8d2953720e72626ee9eb89100dc5d70454b60046c0f8b0778a648953205997685cc93dad72ee0d97fedeb2a56a62ba1f18ec4635701d33748259022da8e920df2f3109f486e725d3e1d97122d47c0b5af0cee944292", 0xe8}, {&(0x7f0000000700)="27706ed718082a4147b83d0489bdb01dc576b0e1fa05a9f15db9bdac7e29fa4d18723d64ed8f2cf4a9fa31df7d510b571e5e6d29dd03b9c8f503a5a0ae7f69f755aff792c1d88ff6e680a8f89f2eb1d6b3b5e2f75ad2fc1b2f2b512b73ba20551d41bdd4895b0fefdd89ddcb42976473", 0x70}], 0x3, &(0x7f0000000840)="7433c32b730fe34d38cfb48f862b6fa23a6fd4a8a2a8c95787f336c9e01357898969ad7e90b6f80cde7f16225c62e63826d94b11bde41743a609c8b2cf39cbfab4f2295bfcf1ea4a3b234b82e38f93041ccaf083e48f10ecdc73850723d9d9742fc74df84045fc852742e23179cdeb6fb07707b5fd75a519f88ed1ecd2060dcb49ae47d189929f0256231f8182b84327642d86473cf18822f93fef52099b4636905f95ac5542c6fcf72831", 0xab, 0x4000}, 0x20008005) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cgroup.stat\x00', 0x0, 0x0) openat$cgroup_ro(r12, &(0x7f0000000440)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r10}, 0x0, 0x0}, 0x20) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x2, 0x7f, 0x0, 0x7f, 0x0, 0x4, 0x888a0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000000), 0xc}, 0x8, 0x8000000000000001, 0xffffff01, 0x2, 0x9, 0x3, 0x1, 0x0, 0x0, 0x0, 0x5}, r7, 0xa, r0, 0x2) (async) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x2, 0x7f, 0x0, 0x7f, 0x0, 0x4, 0x888a0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000000), 0xc}, 0x8, 0x8000000000000001, 0xffffff01, 0x2, 0x9, 0x3, 0x1, 0x0, 0x0, 0x0, 0x5}, r7, 0xa, r0, 0x2) [ 67.259027][ T5107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.290550][ T5107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0xb, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r3, &(0x7f0000000240), 0x20000000}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r3}, &(0x7f0000000440), &(0x7f0000000480)=r2}, 0x20) bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r3, &(0x7f0000000100), 0x20000000}, 0x20) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0) r4 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r4, 0x29, 0x14, &(0x7f0000000100), 0x120) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r5}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffc) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz1\x00', 0x200002, 0x0) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000041000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b509020000000000dbaaf8fff1000000bf8200000000000007080000f8ffffffbfa400000000000007090000f0ffffffc70200000800000018220000", @ANYRES32=r6, @ANYBLOB="0000000000001f00b7050000080000004608f1ff76000000bf980000000000005608001600c91e57fd6c530000004cc029a7a8635bae00000700000007000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 67.378842][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.379212][ T2423] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.404278][ T2423] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.408661][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 3: r0 = socket$kcm(0x29, 0x2, 0x0) close(r0) socket$kcm(0xa, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x2, {0x0, @local}}}], 0x20}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0}, 0x0) r1 = socket$kcm(0x2, 0x5, 0x84) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$inet(r1, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x0, @local}, 0x10, &(0x7f0000000680)=[{&(0x7f00000000c0)="ee", 0x1fed0}], 0x28}, 0xe400) socket$kcm(0x29, 0x2, 0x0) (async) close(r0) (async) socket$kcm(0xa, 0x2, 0x0) (async) sendmsg$inet(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x2, {0x0, @local}}}], 0x20}, 0x0) (async) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0}, 0x0) (async) socket$kcm(0x2, 0x5, 0x84) (async) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) sendmsg$inet(r1, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x0, @local}, 0x10, &(0x7f0000000680)=[{&(0x7f00000000c0)="ee", 0x1fed0}], 0x28}, 0xe400) (async) [ 67.539482][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.557813][ T5195] [ 67.560188][ T5195] ====================================================== [ 67.567220][ T5195] WARNING: possible circular locking dependency detected [ 67.573883][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.574230][ T5195] 6.9.0-rc5-syzkaller-01462-g329a6720a3eb #0 Not tainted [ 67.588542][ T5195] ------------------------------------------------------ [ 67.595579][ T5195] syz-executor.4/5195 is trying to acquire lock: [ 67.601934][ T5195] ffff8880224ddc98 (&sighand->siglock){-...}-{2:2}, at: __lock_task_sighand+0x149/0x2e0 [ 67.611739][ T5195] [ 67.611739][ T5195] but task is already holding lock: [ 67.619119][ T5195] ffff8880b95387e8 (lock#10){+.+.}-{2:2}, at: __mmap_lock_do_trace_acquire_returned+0x8f/0x630 [ 67.629534][ T5195] [ 67.629534][ T5195] which lock already depends on the new lock. [ 67.629534][ T5195] [ 67.639954][ T5195] [ 67.639954][ T5195] the existing dependency chain (in reverse order) is: [ 67.648982][ T5195] [ 67.648982][ T5195] -> #2 (lock#10){+.+.}-{2:2}: [ 67.655970][ T5195] lock_acquire+0x1ed/0x550 [ 67.661017][ T5195] __mmap_lock_do_trace_acquire_returned+0xa8/0x630 [ 67.668166][ T5195] stack_map_get_build_id_offset+0x9b2/0x9d0 [ 67.674689][ T5195] __bpf_get_stack+0x4ad/0x5a0 [ 67.679992][ T5195] bpf_get_stack_raw_tp+0x1a3/0x240 [ 67.685736][ T5195] bpf_prog_ec3b2eefa702d8d3+0x42/0x46 [ 67.691745][ T5195] bpf_trace_run2+0x2ec/0x540 [ 67.696973][ T5195] trace_tlb_flush+0x118/0x140 [ 67.702265][ T5195] switch_mm_irqs_off+0x7cb/0xae0 [ 67.707801][ T5195] __schedule+0x1066/0x4a50 [ 67.712830][ T5195] schedule+0x14b/0x320 [ 67.717499][ T5195] do_nanosleep+0x197/0x600 [ 67.722516][ T5195] hrtimer_nanosleep+0x227/0x470 [ 67.727972][ T5195] __se_sys_clock_nanosleep+0x32b/0x3c0 [ 67.734032][ T5195] do_syscall_64+0xf5/0x240 [ 67.739049][ T5195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.745462][ T5195] [ 67.745462][ T5195] -> #1 (&rq->__lock){-.-.}-{2:2}: [ 67.752764][ T5195] lock_acquire+0x1ed/0x550 [ 67.757784][ T5195] _raw_spin_lock_nested+0x31/0x40 [ 67.763410][ T5195] raw_spin_rq_lock_nested+0x2a/0x140 [ 67.769300][ T5195] sched_mm_cid_exit_signals+0x17b/0x4b0 [ 67.775453][ T5195] exit_signals+0x2a1/0x5c0 [ 67.780480][ T5195] do_exit+0x6a8/0x27e0 [ 67.785240][ T5195] __pfx___ia32_sys_exit+0x0/0x10 [ 67.790787][ T5195] do_syscall_64+0xf5/0x240 [ 67.795812][ T5195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.802245][ T5195] [ 67.802245][ T5195] -> #0 (&sighand->siglock){-...}-{2:2}: [ 67.810075][ T5195] validate_chain+0x18cb/0x58e0 [ 67.815458][ T5195] __lock_acquire+0x1346/0x1fd0 [ 67.820851][ T5195] lock_acquire+0x1ed/0x550 [ 67.825867][ T5195] _raw_spin_lock_irqsave+0xd5/0x120 [ 67.831680][ T5195] __lock_task_sighand+0x149/0x2e0 [ 67.837317][ T5195] group_send_sig_info+0x274/0x310 [ 67.842956][ T5195] bpf_send_signal_common+0x2dd/0x430 [ 67.848850][ T5195] bpf_send_signal_thread+0x16/0x20 [ 67.854571][ T5195] bpf_prog_7bb747c56a8bcba8+0x1d/0x25 [ 67.860549][ T5195] bpf_trace_run4+0x334/0x590 [ 67.865746][ T5195] __mmap_lock_do_trace_acquire_returned+0x5c8/0x630 [ 67.872967][ T5195] vm_mmap_pgoff+0x3e8/0x420 [ 67.878081][ T5195] do_syscall_64+0xf5/0x240 [ 67.883107][ T5195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.889520][ T5195] [ 67.889520][ T5195] other info that might help us debug this: [ 67.889520][ T5195] [ 67.899747][ T5195] Chain exists of: [ 67.899747][ T5195] &sighand->siglock --> &rq->__lock --> lock#10 [ 67.899747][ T5195] [ 67.911925][ T5195] Possible unsafe locking scenario: [ 67.911925][ T5195] [ 67.919367][ T5195] CPU0 CPU1 [ 67.924725][ T5195] ---- ---- [ 67.930087][ T5195] lock(lock#10); [ 67.933814][ T5195] lock(&rq->__lock); [ 67.940399][ T5195] lock(lock#10); [ 67.946645][ T5195] lock(&sighand->siglock); [ 67.951236][ T5195] [ 67.951236][ T5195] *** DEADLOCK *** [ 67.951236][ T5195] [ 67.959373][ T5195] 5 locks held by syz-executor.4/5195: [ 67.964826][ T5195] #0: ffff88802c2027a0 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x182/0x420 [ 67.974241][ T5195] #1: ffff8880b95387e8 (lock#10){+.+.}-{2:2}, at: __mmap_lock_do_trace_acquire_returned+0x8f/0x630 [ 67.985048][ T5195] #2: ffffffff8e334e20 (rcu_read_lock){....}-{1:2}, at: get_mm_memcg_path+0xb1/0x600 [ 67.994630][ T5195] #3: ffffffff8e334e20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590 [ 68.004047][ T5195] #4: ffffffff8e334e20 (rcu_read_lock){....}-{1:2}, at: __lock_task_sighand+0x29/0x2e0 [ 68.013799][ T5195] [ 68.013799][ T5195] stack backtrace: [ 68.019679][ T5195] CPU: 1 PID: 5195 Comm: syz-executor.4 Not tainted 6.9.0-rc5-syzkaller-01462-g329a6720a3eb #0 [ 68.030000][ T5195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 68.040059][ T5195] Call Trace: [ 68.043334][ T5195] [ 68.046260][ T5195] dump_stack_lvl+0x241/0x360 [ 68.050940][ T5195] ? __pfx_dump_stack_lvl+0x10/0x10 [ 68.056137][ T5195] ? print_circular_bug+0x130/0x1a0 [ 68.061332][ T5195] check_noncircular+0x36a/0x4a0 [ 68.066268][ T5195] ? __pfx_check_noncircular+0x10/0x10 [ 68.071727][ T5195] ? lockdep_lock+0x123/0x2b0 [ 68.076398][ T5195] ? _find_first_zero_bit+0xd4/0x100 [ 68.081692][ T5195] validate_chain+0x18cb/0x58e0 [ 68.086549][ T5195] ? __pfx_validate_chain+0x10/0x10 [ 68.091741][ T5195] ? __pfx_validate_chain+0x10/0x10 [ 68.096933][ T5195] ? __pfx_validate_chain+0x10/0x10 [ 68.102128][ T5195] ? __pfx_validate_chain+0x10/0x10 [ 68.107320][ T5195] ? validate_chain+0x11b/0x58e0 [ 68.112251][ T5195] ? __pfx_lock_acquire+0x10/0x10 [ 68.117266][ T5195] ? __pfx_validate_chain+0x10/0x10 [ 68.122462][ T5195] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 68.128781][ T5195] ? mark_lock+0x9a/0x350 [ 68.133103][ T5195] __lock_acquire+0x1346/0x1fd0 [ 68.137955][ T5195] lock_acquire+0x1ed/0x550 [ 68.142455][ T5195] ? __lock_task_sighand+0x149/0x2e0 [ 68.147738][ T5195] ? __pfx_lock_acquire+0x10/0x10 [ 68.152757][ T5195] ? __pfx_lock_acquire+0x10/0x10 [ 68.157775][ T5195] _raw_spin_lock_irqsave+0xd5/0x120 [ 68.163053][ T5195] ? __lock_task_sighand+0x149/0x2e0 [ 68.168335][ T5195] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 68.174228][ T5195] __lock_task_sighand+0x149/0x2e0 [ 68.179332][ T5195] ? __lock_task_sighand+0x29/0x2e0 [ 68.184527][ T5195] group_send_sig_info+0x274/0x310 [ 68.189641][ T5195] ? __pfx_group_send_sig_info+0x10/0x10 [ 68.195271][ T5195] bpf_send_signal_common+0x2dd/0x430 [ 68.200638][ T5195] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 68.206530][ T5195] ? bpf_trace_run4+0x244/0x590 [ 68.211375][ T5195] bpf_send_signal_thread+0x16/0x20 [ 68.216569][ T5195] bpf_prog_7bb747c56a8bcba8+0x1d/0x25 [ 68.222020][ T5195] bpf_trace_run4+0x334/0x590 [ 68.226695][ T5195] ? __pfx_bpf_trace_run4+0x10/0x10 [ 68.231893][ T5195] ? __mmap_lock_do_trace_acquire_returned+0x50a/0x630 [ 68.238744][ T5195] __mmap_lock_do_trace_acquire_returned+0x5c8/0x630 [ 68.245417][ T5195] ? __mmap_lock_do_trace_acquire_returned+0x8f/0x630 [ 68.252186][ T5195] vm_mmap_pgoff+0x3e8/0x420 [ 68.256779][ T5195] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 68.261885][ T5195] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 68.268205][ T5195] ? do_syscall_64+0x102/0x240 [ 68.272964][ T5195] ? ksys_mmap_pgoff+0xdd/0x6e0 [ 68.277811][ T5195] ? __x64_sys_mmap+0x7f/0x140 [ 68.282575][ T5195] do_syscall_64+0xf5/0x240 [ 68.287093][ T5195] ? clear_bhb_loop+0x35/0x90 [ 68.291773][ T5195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.297660][ T5195] RIP: 0033:0x7fe00ea7dce3 [ 68.302073][ T5195] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 b0 ff ff ff 64 c7 [ 68.321676][ T5195] RSP: 002b:00007ffd885ff248 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 68.330090][ T5195] RAX: ffffffffffffffda RBX: 00007fe00d4006c0 RCX: 00007fe00ea7dce3 [ 68.338062][ T5195] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000 [ 68.346040][ T5195] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000 [ 68.354018][ T5195] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffd885ff4a0 [ 68.361986][ T5195] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000 [ 68.369967][ T5195] [ 68.406784][ T5108] Bluetooth: hci2: command tx timeout [ 68.412311][ T52] Bluetooth: hci3: command tx timeout [ 68.417825][ T5108] Bluetooth: hci0: command tx timeout [ 68.423340][ T52] Bluetooth: hci1: command tx timeout [ 68.428856][ T5108] Bluetooth: hci4: command tx timeout [ 68.612939][ T5211] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 68.652892][ T5217] netlink: 121244 bytes leftover after parsing attributes in process `syz-executor.4'. [ 71.818904][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.826297][ T1246] ieee802154 phy1 wpan1: encryption failed: -22