last executing test programs: 3.391896344s ago: executing program 0 (id=180): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x2}, 0x18) syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0) 2.911627936s ago: executing program 0 (id=182): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000000000000000000000000000007fffffff0001000000000071273fa79d93014b8e3381"], 0xfdef) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2.075125702s ago: executing program 0 (id=184): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000480)='kfree\x00', r2, 0x0, 0x2}, 0x18) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001100)={&(0x7f00000007c0)=@newsa={0x154, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in6=@empty, {}, {0xfffffffffffffffd, 0x7, 0x8000000, 0x200}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0xa, 0x1, 0x0, 0xcd}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0x0, 0x70bd2a, 0x70bd28}}]}, 0x154}}, 0x0) 1.273527025s ago: executing program 1 (id=188): r0 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000640), &(0x7f0000000340)) io_uring_register$IORING_REGISTER_MEM_REGION(r0, 0x22, &(0x7f00000002c0)={&(0x7f0000000280)={&(0x7f0000000200)='D', 0x1, 0x1, 0x1}}, 0x1) 1.073459119s ago: executing program 1 (id=189): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000440)='rxrpc_peer\x00', r1, 0x0, 0xfffffffffb}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r1}, 0x18) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0) 921.974499ms ago: executing program 0 (id=190): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18) r1 = io_uring_setup(0x4a88, &(0x7f0000000300)={0x0, 0xb67e, 0x8, 0x8001002, 0x3d7}) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000180)=@file={0x1}, 0x6e) listen(r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) connect$unix(r3, &(0x7f0000000000)=@file={0x1}, 0x6e) connect$unix(r3, &(0x7f0000000080)=@file={0x1}, 0x6e) close_range(r1, 0xffffffffffffffff, 0x0) 703.667163ms ago: executing program 1 (id=191): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000000c0007800800064000000701050005000200000005000400"], 0x5c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 350.279547ms ago: executing program 1 (id=192): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800) 222.838965ms ago: executing program 0 (id=193): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7a7}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x97}, 0x18) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)={0xffffffffffffffff}, 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000180), r2, 0x1}}, 0x18) 141.751001ms ago: executing program 1 (id=194): capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$rds(0x15, 0x5, 0x0) mount_setattr(0xffffffffffffffff, 0x0, 0x9800, 0x0, 0x20) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) 379.641µs ago: executing program 0 (id=195): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$inet6(r0, &(0x7f0000000000)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @empty, 0x4}, 0x1c, 0x0}}], 0x1, 0x20040005) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f0000000100)='./file0\x00', 0x204) 0s ago: executing program 1 (id=196): r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300030e0000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e20ac1414bb000000000000000002000100000000000000070c00000000030005000000000002004e20ac1e01010000000000000000010014"], 0x70}, 0x1, 0x7}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:63521' (ED25519) to the list of known hosts. syzkaller login: [ 86.881228][ T3302] cgroup: Unknown subsys name 'net' [ 87.173522][ T3302] cgroup: Unknown subsys name 'cpuset' [ 87.206975][ T3302] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 87.713232][ T3302] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 100.787316][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.802553][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.983682][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.003982][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.919356][ T3319] hsr_slave_0: entered promiscuous mode [ 101.923388][ T3319] hsr_slave_1: entered promiscuous mode [ 102.517889][ T3318] hsr_slave_0: entered promiscuous mode [ 102.523304][ T3318] hsr_slave_1: entered promiscuous mode [ 102.536115][ T3318] debugfs: 'hsr0' already exists in 'hsr' [ 102.536856][ T3318] Cannot create hsr debugfs directory [ 103.396452][ T3319] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 103.452148][ T3319] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 103.512192][ T3319] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 103.551402][ T3319] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 103.747370][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 103.782095][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 103.827871][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 103.861316][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.816094][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.333421][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.546806][ T3319] veth0_vlan: entered promiscuous mode [ 109.633506][ T3318] veth0_vlan: entered promiscuous mode [ 109.672734][ T3319] veth1_vlan: entered promiscuous mode [ 109.785819][ T3318] veth1_vlan: entered promiscuous mode [ 109.971526][ T3319] veth0_macvtap: entered promiscuous mode [ 110.009812][ T3319] veth1_macvtap: entered promiscuous mode [ 110.171352][ T3318] veth0_macvtap: entered promiscuous mode [ 110.240778][ T3318] veth1_macvtap: entered promiscuous mode [ 110.334251][ T790] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.338507][ T790] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.338996][ T790] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.339148][ T790] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.763194][ T1196] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.781848][ T1196] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.792766][ T790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.793453][ T790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.190871][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 112.370858][ T30] audit: type=1326 audit(112.090:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3467 comm="syz.1.2" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.374128][ T30] audit: type=1326 audit(112.100:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3467 comm="syz.1.2" exe="/syz-executor" sig=0 arch=c00000b7 syscall=111 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.376567][ T30] audit: type=1326 audit(112.110:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3467 comm="syz.1.2" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.376863][ T30] audit: type=1326 audit(112.110:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3467 comm="syz.1.2" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.662297][ T30] audit: type=1326 audit(112.410:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3470 comm="syz.1.3" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.668999][ T30] audit: type=1326 audit(112.420:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3470 comm="syz.1.3" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.691366][ T30] audit: type=1326 audit(112.440:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3470 comm="syz.1.3" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.696796][ T30] audit: type=1326 audit(112.450:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3470 comm="syz.1.3" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.701840][ T30] audit: type=1326 audit(112.450:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3470 comm="syz.1.3" exe="/syz-executor" sig=0 arch=c00000b7 syscall=193 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 112.705939][ T30] audit: type=1326 audit(112.450:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3470 comm="syz.1.3" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 113.040021][ T3477] syzkaller0: entered promiscuous mode [ 113.042801][ T3477] syzkaller0: entered allmulticast mode [ 113.166885][ T3479] syz.0.7 uses obsolete (PF_INET,SOCK_PACKET) [ 114.109281][ T3490] syzkaller0: entered promiscuous mode [ 114.111571][ T3490] syzkaller0: entered allmulticast mode [ 115.177330][ T3502] syzkaller0: entered promiscuous mode [ 115.179865][ T3502] syzkaller0: entered allmulticast mode [ 115.557905][ T3507] netlink: 20 bytes leftover after parsing attributes in process `syz.1.20'. [ 116.334413][ T3519] mmap: syz.1.26 (3519) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 116.724538][ T3528] netlink: 104 bytes leftover after parsing attributes in process `syz.0.30'. [ 118.117184][ T3531] netlink: 104 bytes leftover after parsing attributes in process `syz.0.32'. [ 121.668605][ T3578] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 122.102091][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 122.102841][ T30] audit: type=1326 audit(121.850:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3583 comm="syz.1.50" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.118355][ T30] audit: type=1326 audit(121.870:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3583 comm="syz.1.50" exe="/syz-executor" sig=0 arch=c00000b7 syscall=151 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.126849][ T30] audit: type=1326 audit(121.870:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3583 comm="syz.1.50" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.168333][ T30] audit: type=1326 audit(121.910:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3583 comm="syz.1.50" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.414160][ T3588] netlink: 19 bytes leftover after parsing attributes in process `syz.1.52'. [ 123.572054][ T3596] netlink: 8 bytes leftover after parsing attributes in process `syz.0.55'. [ 124.147171][ T30] audit: type=1326 audit(123.890:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3605 comm="syz.0.59" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 124.147900][ T30] audit: type=1326 audit(123.890:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3605 comm="syz.0.59" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 124.148092][ T30] audit: type=1326 audit(123.890:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3605 comm="syz.0.59" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 124.148253][ T30] audit: type=1326 audit(123.890:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3605 comm="syz.0.59" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 124.166328][ T30] audit: type=1326 audit(123.910:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3605 comm="syz.0.59" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 124.180709][ T30] audit: type=1326 audit(123.920:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3605 comm="syz.0.59" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 124.928527][ T3616] netlink: 60 bytes leftover after parsing attributes in process `syz.0.64'. [ 124.939545][ T3616] netlink: 60 bytes leftover after parsing attributes in process `syz.0.64'. [ 125.163119][ T3616] netlink: 60 bytes leftover after parsing attributes in process `syz.0.64'. [ 125.164547][ T3616] netlink: 60 bytes leftover after parsing attributes in process `syz.0.64'. [ 125.403879][ T3616] netlink: 60 bytes leftover after parsing attributes in process `syz.0.64'. [ 125.404215][ T3616] netlink: 60 bytes leftover after parsing attributes in process `syz.0.64'. [ 125.608205][ T3627] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 126.136723][ T3635] netlink: 96 bytes leftover after parsing attributes in process `syz.1.70'. [ 126.401953][ T3640] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 126.412889][ T3640] xt_SECMARK: unable to map security context 'system_u:object_r:dbusd_etc_t:s0' [ 127.394538][ T9] hid-generic 0000:0003:0001.0001: item fetching failed at offset 0/2 [ 127.397916][ T9] hid-generic 0000:0003:0001.0001: probe with driver hid-generic failed with error -22 [ 128.659414][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 128.661627][ T30] audit: type=1326 audit(128.410:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3658 comm="syz.0.78" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 128.666396][ T30] audit: type=1326 audit(128.410:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3658 comm="syz.0.78" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 130.610104][ T3696] netdevsim netdevsim1: Direct firmware load for ./file1 failed with error -2 [ 130.610830][ T3696] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file1 [ 134.633044][ T3712] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 135.797174][ T30] audit: type=1326 audit(135.550:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3733 comm="syz.0.111" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 135.808699][ T30] audit: type=1326 audit(135.550:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3733 comm="syz.0.111" exe="/syz-executor" sig=0 arch=c00000b7 syscall=155 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 135.817000][ T30] audit: type=1326 audit(135.550:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3733 comm="syz.0.111" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 135.817579][ T30] audit: type=1326 audit(135.550:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3733 comm="syz.0.111" exe="/syz-executor" sig=0 arch=c00000b7 syscall=434 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 135.817941][ T30] audit: type=1326 audit(135.550:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3733 comm="syz.0.111" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 135.818103][ T30] audit: type=1326 audit(135.550:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3733 comm="syz.0.111" exe="/syz-executor" sig=0 arch=c00000b7 syscall=440 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 135.818242][ T30] audit: type=1326 audit(135.550:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3733 comm="syz.0.111" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 136.664384][ T3753] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 136.768582][ T30] audit: type=1326 audit(136.520:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3754 comm="syz.0.121" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 136.776498][ T30] audit: type=1326 audit(136.520:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3754 comm="syz.0.121" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 136.784496][ T30] audit: type=1326 audit(136.520:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3754 comm="syz.0.121" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 136.930004][ T3757] Zero length message leads to an empty skb [ 137.502494][ T3764] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 138.768511][ T3767] syz.0.126 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 139.142815][ T3774] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 139.277074][ T3776] netlink: 4 bytes leftover after parsing attributes in process `syz.1.131'. [ 139.415330][ T3776] hsr_slave_1 (unregistering): left promiscuous mode [ 139.870557][ T3782] netlink: 12 bytes leftover after parsing attributes in process `syz.0.134'. [ 140.399454][ T3790] Driver unsupported XDP return value 0 on prog (id 11) dev N/A, expect packet loss! [ 141.199848][ T3802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.143'. [ 141.202769][ T3802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.143'. [ 141.371199][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 141.374971][ T30] audit: type=1326 audit(141.120:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.387638][ T30] audit: type=1326 audit(141.120:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.388104][ T30] audit: type=1326 audit(141.140:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.397678][ T30] audit: type=1326 audit(141.140:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.399472][ T30] audit: type=1326 audit(141.150:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.404223][ T30] audit: type=1326 audit(141.150:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.411454][ T30] audit: type=1326 audit(141.160:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.421397][ T30] audit: type=1326 audit(141.170:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.421888][ T30] audit: type=1326 audit(141.170:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 141.437781][ T30] audit: type=1326 audit(141.180:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3806 comm="syz.0.145" exe="/syz-executor" sig=0 arch=c00000b7 syscall=216 compat=0 ip=0xffffafd5c3e8 code=0x7ffc0000 [ 143.691627][ T3842] netlink: 4 bytes leftover after parsing attributes in process `syz.1.158'. [ 145.339343][ T3873] netlink: 8 bytes leftover after parsing attributes in process `syz.0.168'. [ 145.349849][ T3873] netlink: 8 bytes leftover after parsing attributes in process `syz.0.168'. [ 145.974534][ T3881] netlink: 24 bytes leftover after parsing attributes in process `syz.1.171'. [ 145.990280][ T3881] netlink: 67 bytes leftover after parsing attributes in process `syz.1.171'. [ 146.469171][ T3890] netlink: 24 bytes leftover after parsing attributes in process `syz.1.175'. [ 148.678715][ T3911] netlink: 44 bytes leftover after parsing attributes in process `syz.1.183'. [ 150.851117][ T3948] capability: warning: `syz.1.194' uses 32-bit capabilities (legacy support in use) [ 151.064098][ C0] ------------[ cut here ]------------ [ 151.069645][ C0] WARNING: net/mptcp/subflow.c:1527 at subflow_data_ready+0xa0/0x124, CPU#0: kworker/u8:10/1544 [ 151.078942][ C0] Modules linked in: [ 151.080852][ C0] CPU: 0 UID: 0 PID: 1544 Comm: kworker/u8:10 Not tainted syzkaller #0 PREEMPT [ 151.081557][ C0] Hardware name: linux,dummy-virt (DT) [ 151.082210][ C0] Workqueue: krdsd rds_tcp_accept_worker [ 151.083062][ C0] pstate: 21402009 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 151.083489][ C0] pc : subflow_data_ready+0xa0/0x124 [ 151.083756][ C0] lr : tcp_data_ready+0x40/0x10c [ 151.084032][ C0] sp : ffff800082ddb990 [ 151.084264][ C0] x29: ffff800082ddb990 x28: f4f0000006f802e8 x27: fdf0000006856e00 [ 151.084821][ C0] x26: fbf000000b308000 x25: 0000000000000000 x24: 0000000000000000 [ 151.085705][ C0] x23: f4f0000006f802e8 x22: 0000000000000000 x21: f4f0000006f80310 [ 151.086348][ C0] x20: f6f0000007088000 x19: fdf0000006856e00 x18: 0000000000000000 [ 151.086743][ C0] x17: fff07ffffcf04000 x16: f1f000000b63a800 x15: f1f000000b63a840 [ 151.087118][ C0] x14: 0000000000000000 x13: 0000000000000028 x12: f1f0000005eac420 [ 151.087786][ C0] x11: f1f000000b63ab10 x10: f1f000000b63a810 x9 : f4f0000005efe730 [ 151.088347][ C0] x8 : 0000000000000000 x7 : 0000000000000010 x6 : f6f0000004506300 [ 151.088741][ C0] x5 : ffff8000829f45f0 x4 : f2f00000070e2b60 x3 : f2f00000070e2a00 [ 151.089154][ C0] x2 : 0000000000000000 x1 : 0000000000040041 x0 : 000000000000000b [ 151.089761][ C0] Call trace: [ 151.090280][ C0] subflow_data_ready+0xa0/0x124 (P) [ 151.090918][ C0] tcp_data_ready+0x40/0x10c [ 151.091221][ C0] tcp_data_queue+0x8c0/0xed8 [ 151.091438][ C0] tcp_rcv_state_process+0x3e4/0x13d4 [ 151.091662][ C0] tcp_v4_do_rcv+0x198/0x3d0 [ 151.091880][ C0] tcp_v4_rcv+0xbfc/0x111c [ 151.092091][ C0] ip_protocol_deliver_rcu+0x38/0x1e0 [ 151.092328][ C0] ip_local_deliver_finish+0xa0/0x164 [ 151.092567][ C0] ip_local_deliver+0x7c/0x124 [ 151.092785][ C0] ip_rcv_finish+0x90/0xb0 [ 151.093020][ C0] ip_rcv+0xec/0xf8 [ 151.093228][ C0] __netif_receive_skb_one_core+0x58/0x84 [ 151.093528][ C0] __netif_receive_skb+0x18/0x60 [ 151.093787][ C0] process_backlog+0x8c/0x150 [ 151.094020][ C0] __napi_poll+0x38/0x1a8 [ 151.094251][ C0] net_rx_action+0x31c/0x388 [ 151.094494][ C0] handle_softirqs+0x108/0x240 [ 151.094759][ C0] __do_softirq+0x14/0x20 [ 151.095054][ C0] ____do_softirq+0x10/0x1c [ 151.095588][ C0] call_on_irq_stack+0x30/0x48 [ 151.095972][ C0] do_softirq_own_stack+0x1c/0x2c [ 151.096233][ C0] do_softirq+0x54/0x6c [ 151.096443][ C0] __local_bh_enable_ip+0x8c/0x98 [ 151.096701][ C0] __dev_queue_xmit+0x1f4/0x1010 [ 151.096984][ C0] ip_finish_output2+0x2f8/0x648 [ 151.097241][ C0] __ip_finish_output+0xa4/0x1a0 [ 151.097485][ C0] ip_finish_output+0x34/0x120 [ 151.097726][ C0] ip_output+0x6c/0x10c [ 151.097941][ C0] __ip_queue_xmit+0x180/0x47c [ 151.098174][ C0] ip_queue_xmit+0x14/0x20 [ 151.098398][ C0] __tcp_transmit_skb+0x524/0xe98 [ 151.098635][ C0] tcp_write_xmit+0x6e8/0x1548 [ 151.098860][ C0] __tcp_push_pending_frames+0x3c/0xcc [ 151.099115][ C0] tcp_send_fin+0x68/0x2b0 [ 151.099338][ C0] __tcp_close+0x464/0x540 [ 151.099578][ C0] tcp_close+0x2c/0xd0 [ 151.099792][ C0] inet_release+0x50/0xa4 [ 151.100013][ C0] inet6_release+0x34/0x4c [ 151.100242][ C0] sock_release+0x24/0x78 [ 151.100471][ C0] rds_tcp_accept_one+0x1d4/0x35c [ 151.100723][ C0] rds_tcp_accept_worker+0x20/0x34 [ 151.100981][ C0] process_one_work+0x178/0x2cc [ 151.101207][ C0] worker_thread+0x24c/0x354 [ 151.101417][ C0] kthread+0x130/0x1fc [ 151.101618][ C0] ret_from_fork+0x10/0x20 [ 151.102727][ C0] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 151.658276][ T1196] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.782901][ T1196] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.859830][ T1196] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.950178][ T1196] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.740182][ T1196] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 152.788936][ T1196] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 152.829414][ T1196] bond0 (unregistering): Released all slaves [ 152.973256][ T1196] hsr_slave_0: left promiscuous mode [ 153.011575][ T1196] veth1_macvtap: left promiscuous mode [ 153.014054][ T1196] veth0_macvtap: left promiscuous mode [ 153.019088][ T1196] veth1_vlan: left promiscuous mode [ 153.020059][ T1196] veth0_vlan: left promiscuous mode [ 154.347949][ T1196] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.453605][ T1196] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.521343][ T1196] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.611908][ T1196] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.510273][ T1196] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 155.558418][ T1196] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 155.602392][ T1196] bond0 (unregistering): Released all slaves [ 155.774383][ T1196] hsr_slave_0: left promiscuous mode [ 155.781502][ T1196] hsr_slave_1: left promiscuous mode [ 155.801974][ T1196] veth1_macvtap: left promiscuous mode [ 155.803370][ T1196] veth0_macvtap: left promiscuous mode [ 155.804740][ T1196] veth1_vlan: left promiscuous mode [ 155.807303][ T1196] veth0_vlan: left promiscuous mode