last executing test programs: 9.422603238s ago: executing program 0: mkdir(0x0, 0x0) r0 = socket$kcm(0x11, 0x200000000000002, 0x300) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000140)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x01\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x11\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x04.\x9aL\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc50xffffffffffffffff}) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'bridge_slave_0\x00', @random="4f33e363a4b1"}) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xa3}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.stat\x00', 0x60ff, 0x8cffffff) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='jbd2_handle_stats\x00', r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) 4.898665314s ago: executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec472db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc626b424da1e8c825357861aa50054686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf4d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b0100000000000000b0255f347160ac83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff7020000eea2ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072913152c845cf572cf39310d522a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8abafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e5251aae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b6588f6008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda34536020000fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bf8d9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177c16810fae053349609000000000000009a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f8100257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33384253af570f4ef9c0254afdd89c73943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b70304669c447c71ca4d54c82395a3958d576c42c08a4d5adfb58306164cc7d870b881f8084a3d185a63c6b05292186095c1f407ce74297d16470988f1647f7b6f6cdc6ab8be3cacc325df963c2cb80cfe07ded6d55f556be0a3dfa85f0a0ace879b0a0a95cd07b66fbbc73d0945beebe87a21dd46fd5804cd63c01199c78b1d774b17686fe3aeadebc4f3d2e6af1110466fecf41384f1b5c96531700db5aefa1a5c17a9ebcaf334110ed582999208cc7ef977ceb2f8a5aa7d00000000000000"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) mkdir(0x0, 0x0) write$cgroup_int(r2, &(0x7f00000000c0), 0xfffffff4) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) socket$kcm(0xf, 0x3, 0x2) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r8, &(0x7f0000000200), 0xa000) write$cgroup_int(r7, &(0x7f0000000200), 0x42400) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x6628, 0x0) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) socketpair(0x27, 0x80000, 0xffffffff, &(0x7f00000002c0)) write$cgroup_int(r10, &(0x7f0000000200), 0x15000) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r11}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001540)={{r5}, &(0x7f00000014c0), &(0x7f0000001500)='%-5lx \x00'}, 0x20) 2.534051224s ago: executing program 3: r0 = socket$kcm(0x29, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0xa, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xf3, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) r6 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000800)=@o_path={&(0x7f00000007c0)='./file0\x00', 0x0, 0x8, r0}, 0x18) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000840)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x4}, 0x48) r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000900)=@generic={&(0x7f00000008c0)='./file0\x00', 0x0, 0x18}, 0x18) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2}, 0x48) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a00)=@generic={&(0x7f00000009c0)='./file0\x00', 0x0, 0x8}, 0x18) r11 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a40)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x2}, 0x48) r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x1a, &(0x7f0000000240)=@raw=[@map_idx_val={0x18, 0x2, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x5}, @generic={0xf7, 0x8, 0x4, 0x6, 0xffffff47}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @call={0x85, 0x0, 0x0, 0x65}, @call={0x85, 0x0, 0x0, 0x67}, @map_idx={0x18, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8adc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}], &(0x7f0000000340)='syzkaller\x00', 0x7, 0x8a, &(0x7f0000000380)=""/138, 0x41000, 0x1, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x3, 0x0, 0x4f}, 0x10, r5, r6, 0x9, &(0x7f0000000ac0)=[r7, r8, r0, r9, 0x1, 0xffffffffffffffff, r10, r11], &(0x7f0000000b00)=[{0x5, 0x5, 0x1, 0xa}, {0x1, 0x4, 0xc, 0x6}, {0x0, 0x1, 0x2, 0x7}, {0x4, 0x5, 0x9, 0x3}, {0x3, 0x4, 0xa, 0x5}, {0x5, 0x1, 0x8, 0x6}, {0x0, 0x2, 0x8, 0xa}, {0x1, 0x5, 0x9, 0x3}, {0x5, 0x5, 0xf, 0x1}], 0x10, 0x6}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000f80)={r8, 0x58, &(0x7f0000000f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r14 = bpf$ITER_CREATE(0x21, &(0x7f0000000fc0), 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000010c0)={0x11, 0x29, &(0x7f0000000c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10001}, [@map_fd={0x18, 0x1, 0x1, 0x0, 0x1}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7ff}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r10}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}, @cb_func={0x18, 0x8, 0x4, 0x0, 0x1}]}, &(0x7f0000000e00)='GPL\x00', 0x4, 0xaa, &(0x7f0000000e40)=""/170, 0x41000, 0x20, '\x00', r13, 0x0, r14, 0x8, &(0x7f0000001000)={0x5, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001040)=[r9, r1, r11], &(0x7f0000001080)=[{0x5, 0x2, 0xd, 0x5}, {0x5, 0x5, 0x6, 0x2}], 0x10, 0x102000}, 0x90) r15 = openat$cgroup_ro(r14, &(0x7f0000001180)='pids.events\x00', 0x0, 0x0) ioctl$SIOCSIFHWADDR(r14, 0x8924, &(0x7f00000011c0)={'wlan0\x00', @multicast}) close(r3) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001200)={r15}, 0x4) setsockopt$sock_attach_bpf(r14, 0x1, 0x32, &(0x7f0000001240)=r14, 0x4) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001380)={@cgroup=r14, 0x2b, 0x0, 0xca2, &(0x7f0000001280)=[0x0], 0x1, 0x0, &(0x7f00000012c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001300)=[0x0], &(0x7f0000001340)=[0x0, 0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000013c0)={@map, r12, 0x3, 0x24, r15, @prog_id=r4, r16}, 0x20) sendmsg$inet(r14, &(0x7f0000001900)={&(0x7f0000001400)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000001880)=[{&(0x7f0000001440)="1bf183e2ebe9af77796498516561b2bdf67971dbacf8fd10cb938dc58540c60a7dd8244889b15ff4b7670b319d655c40d1542f8302d49ee06e9c77734fb4bcddf3c8df8fb906f52558113b8e78db13a6bc58e75182be4f0f00d84d073bb7b018911b8ec808fcabf495393af448db4d4b3375e2", 0x73}, {&(0x7f00000014c0)="a1b0725ad965c76005e43ad15447b53118261f9f41639773da92424f91cf44e37afa8814af217f6d3d6f9bfc5abe3d30f3807f43e92e9ddabd12470334fe0f4b2b57c2205a86c765f63cf2ebdd5a0abf1d945e2333c487f3833bdbdeee3beaa95560fbaf1d7473cd94ac6162c9d7209c54bebfcb22265b36487a82bc1514a9508412d4f3ceb7a2d80886", 0x8a}, {&(0x7f0000001580)="0ad2b314206e93c4d18c2c9827302769758e1f1e7fa7bd15014256556b458efc67857dc1171fedc11f2482c1792ead6a3cb15829ce26aa5259a48e2aacff5fbe17281e49cceb9f3ad319debc6ea8e5f569a3e705254cd5c10174ef2aed4165c553cad30a40d87255e81a2e53b667ec7c9fdc7f71d30467376e617a3fff6997234681fed40d49c5be38c1410d1e58f0b8f018453f4993b22080318fa930f8f3fc08af9903cc1fdce714d882d2610aad1f", 0xb0}, {&(0x7f0000001640)="625e15eb212c41507295ab62f55c79408942f8d7c4be3eca8ee3f9e8e890a354a4eae44fd2999ea2b45a23dc04d1fa0c936fb6f801fb4dc89215443f96367992ab541f32ca1880c96c01cddb7b19fd56c26a1b8cf822f51d630bd3500f3bd8e90134c9360038a0538703346a58c080355fe12fe64a3a47ef50f6718a15e4e1577a7faf6f02061934ef89f4275bf022a4d7197dcc0904f4be275b5a0109be574067a4072a99e37f7851d75f2cc8e053535f7f89e526266327ad2066b241714cc7e4d5d36537db28", 0xc7}, {&(0x7f0000001740)="8f8c3505503b73283a0f99d5d3beba1153991a261b1fdf43aac1390eed7e1e01e6378072f70e6a975bcf40985c44356689df457ec6ffa803a46ce323cc889b637d997528a4f2bcf89850df6a078e9ca50b8ec8cbe61af0fc9cd23c8b1f43afc8b54e309dc1bb7bc38925b2690c7834f6a9b5ac49b474061b83651980688b382e129efed4666c132a97096068f23ddbb30401d98b6428ae848a7612bf87ec5a56f6b0aa1afbf57e6057fcfb882c248f63e223a54369d6955b914d5abe07db9bb1583b6136813516394bd2955e3c62af7245", 0xd1}, {&(0x7f0000001840)="41a7b6ac0c", 0x5}], 0x6}, 0x1) openat$tun(0xffffffffffffff9c, &(0x7f0000001940), 0x100, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x2400, 0x5) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001a00)={{r10}, &(0x7f0000001980), &(0x7f00000019c0)='%-5lx \x00'}, 0x20) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001b40)={@map=r3, 0x15, 0x0, 0x844, &(0x7f0000001a40)=[0x0], 0x1, 0x0, &(0x7f0000001a80)=[0x0, 0x0, 0x0], &(0x7f0000001ac0)=[0x0, 0x0], &(0x7f0000001b00)=[0x0, 0x0, 0x0, 0x0]}, 0x40) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001c80)={r10, &(0x7f0000001b80)="a715c6c060d0be41e5468e053d2ed54acabb283ac25b0afecc2d6107b86e3e49e301050e76a9a5e4f9b6a92ceaa5bd5ce2b74025f76b7af1033aec43dc3146459bc9ca2915b935a2b865d28716fa5e52ccee", &(0x7f0000001c00)=""/92}, 0x20) r17 = gettid() perf_event_open(&(0x7f0000001cc0)={0xa, 0x80, 0x1f, 0x0, 0xeb, 0x1, 0x0, 0x7, 0x3, 0x8, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x345, 0x1, @perf_config_ext={0x0, 0x5}, 0x0, 0x0, 0x1000, 0x1, 0x6f, 0xd999, 0x4, 0x0, 0x6, 0x0, 0xfffffffffffffff8}, r17, 0x9, 0xffffffffffffffff, 0xf407019bcbffa993) 2.202709106s ago: executing program 4: ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='&,[\x17$)!\x00') perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x4) r1 = socket$kcm(0x2, 0x200000000000006, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x8}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) sendmsg$kcm(r1, &(0x7f0000002880)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa31086b8703240000007ea60264160af365040014000d0f0a000e0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 2.072390531s ago: executing program 4: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) r0 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x8902, &(0x7f0000000040)) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x8901, &(0x7f00000005c0)) r1 = perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4bc, 0x2, @perf_config_ext={0x73a, 0x3}, 0x0, 0x0, 0x2d, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000013c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d649379071c33390e418ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b969590631e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204b"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0xffffffffffffffff, 0x0, r1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="0000010018000000000000002400000024004dd4030000000000000002000013a7000000edff00010000000000000000000000002e00000000000000000000d38d33e0a868751cc279a5c7b031288c12d400008b2ab93652a796efcd97cff7f727eba2f32a1c0e87607af7b3af6d3ab88499bd206e8ddcc20c86cbfbfc982c25323191908eef2d9ce41f2e5a7585e2c477e79a3e8cbfde6a3e45802dfe032ff3d630bcbf1eda6ac5d82649d9e5894671629a985a77b81c29a0f14e8e1efac95b6fdd7a13cd116d5ecd2efca03c21229474614e94ad46169f76bd6b845eb5801c36ba523f61b13aa53f7152d4c0bd5853419700a297764b547b136df9a0f70000000000"], 0x0, 0x3f, 0x0, 0x2}, 0x20) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000000), 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000007c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d0a4f00000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866907dc6751dfb265a0e3ccd1550400000000000000649c5cfd6587d452d46ba91ea6bd7578f4c3523559c3421eed73d56601000000c66c54c3b3ffe1b4ce25d7c983c044c03bf3a48d010026e7a23129d6606f8a6b989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234710596b696418f163d1a13ed38ae89d24e1cebfba2f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6df2aed4afe1f44ccb19e81087d7900a820b6327944e9a217b9800e02a92895614cd50cbe48dddea37688148004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0add7b474d31bc0180faf15d73f7d87297aec773713a66b223fa8b148871c8d31d24291c25449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bccdcd10c4ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb873a55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff08000000e1ff003853e59de7621e348955735264f34b1046a1813668297a7eda1d74ef106ae7fcbb25090f17d0baadeb9aee9f569435ea9e3217eff89309e190a1fb5a315f8347fb037965950000000000000022000000000000000000000099a614a5af8650f913058e015bbaf36ab388ba54ece08b332f7a542f8587f2fd973b9aa8269be75569e3471094035c8380816fb68d7e073bfdb0fab0b244ddf13300ed5c3408ead8d722084cefb39cadbeb00fa6d9b611b61ac380e6c32405666738e05e08542d0f6533e5072d4d185c9abf65cdd0d791f685cb150b0759468a8100000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='kfree\x00'}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)}, 0x0) close(0xffffffffffffffff) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r6 = openat$cgroup_ro(r5, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f00000002c0)=0x6d59) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{}, &(0x7f0000000000), &(0x7f0000000040)=r6}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x18, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x1}, 0x90) r7 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f00000007c0)={'vlan1\x00', @multicast}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000140)={'caif0\x00', @local}) 1.670362901s ago: executing program 3: r0 = socket$kcm(0xa, 0x922000000003, 0x11) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x220080, 0x0) ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000880)=@l2tp6={0xa, 0x1100, 0x0, @mcast2, 0x41}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000780)="000000dc000000ad6e811b51818462b400"/40, 0x28}], 0x1}, 0x0) r2 = socket$kcm(0xa, 0x922000000003, 0x11) sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5d4d}, 0x80, 0x0}, 0x0) 1.553225678s ago: executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce220000000000000000000000000000000000000001"], 0xfdef) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) socket$kcm(0x11, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x90) close(r1) r2 = socket$kcm(0x10, 0x2, 0x0) r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000004a40)=0xffffffffffffffff, 0x4) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000004a80)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x0, 0x3}, 0x48) sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000440)=""/172, 0xac}, {&(0x7f00000016c0)=""/4110, 0x100e}], 0x2}, 0x0) recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1a00}, 0x0) 1.542106846s ago: executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb01001800000000c28200480000004800000007000000080000000500000400000000e83102000000030000001a1e00000400000001000000090000000400000002000000ff0f00000800000000000000c8080000005f5f30301000"], &(0x7f0000000380)=""/12, 0x67, 0xc, 0x1}, 0x20) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x100002, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xd, 0x4, 0x0, 0x8, 0xa, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000040)='syzkaller\x00'}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xd, &(0x7f0000000a40)=@framed={{0x18, 0x8}, [@printk, @map_idx_val={0x18, 0xc, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400}]}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xb5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1b, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10001}, 0x90) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90724fc600d00030005000100ff3582c137153e370248018010000000d1bd", 0x33fe0}], 0x1}, 0x0) bpf$ENABLE_STATS(0x20, &(0x7f00000001c0), 0x4) r2 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004081) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000500)=r0, 0x4) sendmsg(r2, &(0x7f0000002b80)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000380)="01", 0x1}], 0x1}, 0x40001) sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x7000014, &(0x7f0000000800)=[{&(0x7f0000000340)="fc", 0x7c70}], 0x5}, 0x1b8a) 1.525994649s ago: executing program 1: r0 = socket$kcm(0xa, 0x5, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x3e, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0x4, &(0x7f00000005c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0x4, &(0x7f00000005c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.432427705s ago: executing program 2: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000f00)=""/229, 0xe5}, {&(0x7f0000000a00)=""/242, 0xf2}, {&(0x7f0000001140)=""/4055, 0xfd7}, {&(0x7f00000006c0)=""/235, 0xeb}, {&(0x7f00000007c0)=""/191, 0xbf}, {&(0x7f0000000c00)=""/217, 0xd9}, {&(0x7f0000000340)=""/128, 0x80}], 0x7, 0x0, 0x0, 0x1a000}, 0x0) 1.34163725s ago: executing program 1: bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map=0x1, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@map, 0xffffffffffffffff, 0x2b, 0x0, 0xffffffffffffffff, @link_id, r0}, 0x20) 1.099818752s ago: executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec472db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc626b424da1e8c825357861aa50054686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf4d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b0100000000000000b0255f347160ac83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff7020000eea2ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072913152c845cf572cf39310d522a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8abafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e5251aae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b6588f6008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda34536020000fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bf8d9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177c16810fae053349609000000000000009a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f8100257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33384253af570f4ef9c0254afdd89c73943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b70304669c447c71ca4d54c82395a3958d576c42c08a4d5adfb58306164cc7d870b881f8084a3d185a63c6b05292186095c1f407ce74297d16470988f1647f7b6f6cdc6ab8be3cacc325df963c2cb80cfe07ded6d55f556be0a3dfa85f0a0ace879b0a0a95cd07b66fbbc73d0945beebe87a21dd46fd5804cd63c01199c78b1d774b17686fe3aeadebc4f3d2e6af1110466fecf41384f1b5c96531700db5aefa1a5c17a9ebcaf334110ed582999208cc7ef977ceb2f8a5aa7d00000000000000"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) mkdir(0x0, 0x0) write$cgroup_int(r2, &(0x7f00000000c0), 0xfffffff4) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) socket$kcm(0xf, 0x3, 0x2) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r8, &(0x7f0000000200), 0xa000) write$cgroup_int(r7, &(0x7f0000000200), 0x42400) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x6628, 0x0) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) socketpair(0x27, 0x80000, 0xffffffff, &(0x7f00000002c0)) write$cgroup_int(r10, &(0x7f0000000200), 0x15000) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r11}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001540)={{r5}, &(0x7f00000014c0), &(0x7f0000001500)='%-5lx \x00'}, 0x20) 1.027595718s ago: executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) close(0xffffffffffffffff) socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2a, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x10, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071123a00000000009500003d0ed24580d8847dfd219e6a600000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x4, 0x2b22}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00'}, 0x10) mkdir(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000300)}}, 0x0, 0x4, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x2f, &(0x7f0000000700)=ANY=[@ANYBLOB="0008fffffcffffffb7080000000000007b8af8ff00000000b7080000890200000000000000000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff07000085000000060000000d601800ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000185000000e00"/40], &(0x7f0000000280)='GPL\x00', 0x0, 0x2c, &(0x7f00000002c0)=""/44, 0x41000, 0x9, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000400), &(0x7f0000000440), 0x10, 0x7f}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x20, 0xd9e6, 0xfffffff9, 0x0, 0x0, 0xffffffffffffffff, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x2, 0x8, 0x40, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r1}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4025, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 910.966984ms ago: executing program 2: perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0xff01, @mcast1}, 0xcd, &(0x7f0000000340)=[{&(0x7f0000000100)="6c22d14866f373688926f2307a8dd756a559ba52a18366bba58b02a6dc5c222664d22b7ed43f7bdef95f24fb92de3c156fd77c1db3be16e6310845b8dee9d8b3af1f4aa0caaf44d72e568367beb3d76ec50965d397e21c3e93f177ada7235fcb5d"}, {&(0x7f0000000180)="68139a401504da1b93cd812697836a1671574e0d737d3750017e743b3243260fae25523f5bdbe8703f4f2a7e6b3f8944204c053d331f92a3197642734c7d952edf"}, {&(0x7f0000000080)="79f4f5992012b64e4b32e9eea930818008497cccaa6e"}], 0x12}, 0x0) 712.596891ms ago: executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x40000, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0xe4ffffff00000000, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90124fc60100c064002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb01001800000000000000a3000000a300000007000000100000000000000b050000000e0000000100000f030000000500000003000000f9e10000935dee0000000000000003000000000200000001000000ac95ffff0b00000000000001000000006a001a02070000000000000a05000000000000000600000d0000000010000000050000000a0000000100000003000000040000000b000000000000000900000003000000040000000200000008000000000000070000000000002e5f30130e00"], &(0x7f00000002c0)=""/140, 0xc3, 0x8c, 0x0, 0x81}, 0x20) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x5, 0x0, r1, 0x9, '\x00', 0x0, r3, 0x1, 0x4, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000600)={r4, 0x58, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r6 = bpf$ITER_CREATE(0x21, &(0x7f0000000640)={r0}, 0x8) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000009c0)={0xffffffffffffffff, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x8, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x66, &(0x7f00000007c0)=[{}], 0x8, 0x10, &(0x7f0000000800), &(0x7f0000000840), 0x8, 0x58, 0x8, 0x8, &(0x7f0000000880)}}, 0x10) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)=@generic={&(0x7f0000000a00)='./file0\x00', 0x0, 0x18}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x2, 0x1b, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @call={0x85, 0x0, 0x0, 0x53}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='GPL\x00', 0x9, 0x69, &(0x7f0000000500)=""/105, 0x41100, 0xc, '\x00', r5, 0x16, r6, 0x8, &(0x7f0000000680)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000006c0)={0x0, 0xe, 0x7, 0x2}, 0x10, r7, r8, 0x5, 0x0, &(0x7f0000000a80)=[{0x3, 0x1, 0xc, 0xa}, {0x4, 0x2, 0x1}, {0x3, 0x5, 0xf, 0x9}, {0x5, 0x2, 0xf, 0x2}, {0x3, 0x3, 0x0, 0x2}], 0x10, 0x9}, 0x90) 599.906284ms ago: executing program 3: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="250a0000000000006111a000000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) r0 = socket$kcm(0x10, 0x400000002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4) sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="f94df812521399ef781ac9ccd72f712688c6b219a0614b7ac3de8bcaf74bebb3b0", 0x33fe0}], 0x1}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfd, 0xfd, 0x9, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x7, 0x2}, {}, {0xb, 0x3}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0x7, 0x4}, {0x5, 0x4}, {0xf, 0x5}, {0xd, 0x5}, {0xd}, {0x8, 0x5}, {0x5}]}, @func={0xa, 0x0, 0x0, 0xc, 0x1}, @func={0x1, 0x0, 0x0, 0xc, 0x5}, @datasec={0xe, 0x5, 0x0, 0xf, 0x1, [{0x4, 0x9, 0x643}, {0x3, 0x90d5feb, 0x40}, {0x1, 0x5, 0x40}, {0x1, 0x332, 0x7}, {0x5, 0x4, 0x7}], "04"}, @volatile={0x4, 0x0, 0x0, 0x9, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2, 0x81}}, @int={0x4, 0x0, 0x0, 0x1, 0x0, 0x35, 0x0, 0x2a, 0x1}]}, {0x0, [0x30, 0x30, 0x61, 0x5f, 0x30, 0x61, 0x5f]}}, &(0x7f00000002c0)=""/41, 0x121, 0x29, 0x1, 0x1177}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1c, 0x8, 0x2, 0x20, 0x2032, r3, 0x3, '\x00', 0x0, r6, 0x0, 0x4}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1818128ed3", @ANYRES32, @ANYBLOB="0000000000000000b7030000006c534dfef08b3eb2000000b707000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r8) recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r9, &(0x7f0000000040)=ANY=[], 0x17) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r5, 0xffffffffffffffff}, &(0x7f0000000480), &(0x7f0000000140)}, 0x59) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r11}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r12 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) write$cgroup_subtree(r12, &(0x7f0000000280)=ANY=[@ANYRES8=r0], 0xfe33) 582.980059ms ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000a40)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f9b080476ee7b8004469564262d81f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cf8b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb79a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ecce12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c493831121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0177a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0d995bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725bd6a59b4f16c203f2e152c6131bf1098d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d621919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee64b00000000000008ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b74c516647652bfb6e93002494a5cd74e2a9a4734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb1edc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d504bdfba2e0bb24d117ed0388afd37affbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c3868000000000012bad81a38aa32bc0a04eb19ed758df325bcd974807f86b0f0c100e78ee3381c23d7465dadbc6cd672548e7bb04a23042f073a0cca24baace7a0fca3f49e632b598fe1d2ac52adf7347c5b7f815a3ebe1cbc55c77e78609c13b55ae1b7e18aa73b28b472568f85400ecb8196cc47556bc0391b5f221a19c73d603aa411a1756ff453226affa4f242486d3a21a0ebdd42b00b5395932a8037f192dae2052a09baf97d8a801405b189b4ca96"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9", 0x10}], 0x1}, 0x200000000000000) 467.954797ms ago: executing program 2: close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec472db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc626b424da1e8c825357861aa50054686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf4d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b0100000000000000b0255f347160ac83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff7020000eea2ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072913152c845cf572cf39310d522a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8abafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e5251aae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b6588f6008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda34536020000fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bf8d9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177c16810fae053349609000000000000009a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f8100257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33384253af570f4ef9c0254afdd89c73943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b70304669c447c71ca4d54c82395a3958d576c42c08a4d5adfb58306164cc7d870b881f8084a3d185a63c6b05292186095c1f407ce74297d16470988f1647f7b6f6cdc6ab8be3cacc325df963c2cb80cfe07ded6d55f556be0a3dfa85f0a0ace879b0a0a95cd07b66fbbc73d0945beebe87a21dd46fd5804cd63c01199c78b1d774b17686fe3aeadebc4f3d2e6af1110466fecf41384f1b5c96531700db5aefa1a5c17a9ebcaf334110ed582999208cc7ef977ceb2f8a5aa7d"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000280), 0x4) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)='9', 0x1}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5c00000014006b03000003d86e6c1d0010ffff0af32c6e0201000000000000000f00000017d3a705251e6182949a369f3d3b48dfd8cd3f9367c1fa51f60a64c9f4d4938037e786a6d0bdd7000000000000eaffffffb3d59256a5a2fd", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)) 431.558567ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b1af8ff00000000bfa10000000000000701000000ffffffb702000008000000b7030000000000008500000006000000850000002a00000095"], &(0x7f0000000200)='GPL\x00'}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r0}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000ac0)='consume_skb\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) 356.043524ms ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="2e00006c10008188040f6fec59acbc0435a181003f00000000010000000000000e000d000d6ed60012801900121f", 0x2e}], 0x1}, 0x0) 232.546235ms ago: executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f0000000000)=@framed={{}, [@ldst, @ldst={0x0, 0x0, 0x3, 0x0, 0x0, 0x2}]}, 0x0}, 0x90) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 142.618004ms ago: executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xe1589, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x401, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r1, &(0x7f0000000200), 0x43451) 54.148065ms ago: executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0x0, 0x0, &(0x7f00000005c0)='GPL\x00'}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r0 = socket$kcm(0x2, 0x200000000000001, 0x106) setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000340), 0xff2b) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x1}, 0x0) (fail_nth: 3) 0s ago: executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x3, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0xc0506617, &(0x7f0000000040)=0x2) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x1c, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000d200850000008200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000f9ffffff8500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000001580)=ANY=[@ANYBLOB="8500000080000000760000000000000027000000000000009500000000465b454d9d227d6303f75758db071b0edc452ea02497f7f3000c3687a31eed6e31c3e9299726d28b99a0cb4894523212776ab0b167c1b38cf600"/101], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c0000000a000000000000000000000b02000000000000000300000d000000000000000003000000000000000300000004000000030000000000000000000005000000000000005f5f6e302e"], &(0x7f0000000b80)=""/4090, 0x5e, 0xffa, 0x1}, 0x20) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.113' (ED25519) to the list of known hosts. 2024/06/01 23:50:50 fuzzer started 2024/06/01 23:50:50 dialing manager at 10.128.0.169:30014 [ 53.824589][ T5088] cgroup: Unknown subsys name 'net' [ 54.025863][ T5088] cgroup: Unknown subsys name 'rlimit' 2024/06/01 23:50:52 starting 5 executor processes [ 55.074362][ T5091] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.013553][ T5122] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 56.019341][ T5124] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 56.022146][ T5122] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 56.036179][ T5122] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 56.044377][ T5122] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 56.046043][ T5125] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 56.059464][ T5124] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 56.062711][ T5125] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 56.067052][ T5122] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 56.074089][ T5125] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 56.081399][ T5122] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 56.089389][ T5125] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.095298][ T5122] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 56.102860][ T5125] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.108438][ T5122] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 56.115917][ T5126] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 56.131124][ T5126] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 56.134106][ T5127] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 56.139577][ T5126] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 56.145288][ T5122] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 56.153482][ T5126] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 56.159779][ T5127] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 56.166873][ T5126] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 56.181035][ T5127] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 56.181357][ T5126] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 56.188492][ T5127] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 56.196381][ T5126] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 56.209239][ T5127] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 56.213859][ T5126] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 56.216597][ T5127] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 56.757205][ T5116] chnl_net:caif_netlink_parms(): no params data found [ 56.878402][ T5109] chnl_net:caif_netlink_parms(): no params data found [ 56.912415][ T5111] chnl_net:caif_netlink_parms(): no params data found [ 56.950956][ T5120] chnl_net:caif_netlink_parms(): no params data found [ 56.978336][ T5116] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.986304][ T5116] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.993614][ T5116] bridge_slave_0: entered allmulticast mode [ 57.000424][ T5116] bridge_slave_0: entered promiscuous mode [ 57.040339][ T5116] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.047646][ T5116] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.055391][ T5116] bridge_slave_1: entered allmulticast mode [ 57.062604][ T5116] bridge_slave_1: entered promiscuous mode [ 57.138463][ T5111] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.145701][ T5111] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.152908][ T5111] bridge_slave_0: entered allmulticast mode [ 57.161391][ T5111] bridge_slave_0: entered promiscuous mode [ 57.168262][ T5110] chnl_net:caif_netlink_parms(): no params data found [ 57.179171][ T5111] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.186911][ T5111] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.194085][ T5111] bridge_slave_1: entered allmulticast mode [ 57.200725][ T5111] bridge_slave_1: entered promiscuous mode [ 57.252683][ T5116] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.265622][ T5116] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.335332][ T5109] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.342557][ T5109] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.350359][ T5109] bridge_slave_0: entered allmulticast mode [ 57.357229][ T5109] bridge_slave_0: entered promiscuous mode [ 57.382391][ T5111] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.395363][ T5111] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.407463][ T5116] team0: Port device team_slave_0 added [ 57.416724][ T5116] team0: Port device team_slave_1 added [ 57.430135][ T5109] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.437575][ T5109] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.444791][ T5109] bridge_slave_1: entered allmulticast mode [ 57.451543][ T5109] bridge_slave_1: entered promiscuous mode [ 57.527747][ T5109] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.542383][ T5120] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.550048][ T5120] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.558325][ T5120] bridge_slave_0: entered allmulticast mode [ 57.565237][ T5120] bridge_slave_0: entered promiscuous mode [ 57.572654][ T5120] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.579895][ T5120] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.587182][ T5120] bridge_slave_1: entered allmulticast mode [ 57.594487][ T5120] bridge_slave_1: entered promiscuous mode [ 57.604008][ T5111] team0: Port device team_slave_0 added [ 57.610738][ T5116] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.618167][ T5116] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.644118][ T5116] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.657757][ T5116] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.664772][ T5116] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.690734][ T5116] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.704803][ T5109] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.748159][ T5111] team0: Port device team_slave_1 added [ 57.784014][ T5110] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.791097][ T5110] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.798333][ T5110] bridge_slave_0: entered allmulticast mode [ 57.805230][ T5110] bridge_slave_0: entered promiscuous mode [ 57.827848][ T5120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.872723][ T5109] team0: Port device team_slave_0 added [ 57.879095][ T5110] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.886630][ T5110] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.894644][ T5110] bridge_slave_1: entered allmulticast mode [ 57.901892][ T5110] bridge_slave_1: entered promiscuous mode [ 57.920728][ T5120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.930179][ T5111] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.937467][ T5111] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.963535][ T5111] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.976551][ T5111] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.983569][ T5111] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.009532][ T5111] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.028304][ T5109] team0: Port device team_slave_1 added [ 58.112155][ T5110] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.127466][ T5110] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.139834][ T5120] team0: Port device team_slave_0 added [ 58.148824][ T5120] team0: Port device team_slave_1 added [ 58.170696][ T5116] hsr_slave_0: entered promiscuous mode [ 58.177676][ T5116] hsr_slave_1: entered promiscuous mode [ 58.197209][ T5109] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.204425][ T5109] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.230468][ T5109] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.254671][ T5127] Bluetooth: hci1: command tx timeout [ 58.254685][ T53] Bluetooth: hci2: command tx timeout [ 58.254971][ T53] Bluetooth: hci4: command tx timeout [ 58.269877][ T5126] Bluetooth: hci0: command tx timeout [ 58.299945][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.307293][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.333576][ T5126] Bluetooth: hci3: command tx timeout [ 58.338916][ T5120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.358056][ T5109] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.365076][ T5109] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.391000][ T5109] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.414790][ T5111] hsr_slave_0: entered promiscuous mode [ 58.421027][ T5111] hsr_slave_1: entered promiscuous mode [ 58.427664][ T5111] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.435730][ T5111] Cannot create hsr debugfs directory [ 58.441861][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.449358][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.475682][ T5120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.512791][ T5110] team0: Port device team_slave_0 added [ 58.522336][ T5110] team0: Port device team_slave_1 added [ 58.637278][ T5109] hsr_slave_0: entered promiscuous mode [ 58.643842][ T5109] hsr_slave_1: entered promiscuous mode [ 58.649952][ T5109] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.657731][ T5109] Cannot create hsr debugfs directory [ 58.678756][ T5110] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.688870][ T5110] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.715023][ T5110] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.734466][ T5120] hsr_slave_0: entered promiscuous mode [ 58.740693][ T5120] hsr_slave_1: entered promiscuous mode [ 58.748289][ T5120] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.756110][ T5120] Cannot create hsr debugfs directory [ 58.787613][ T5110] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.794776][ T5110] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.821295][ T5110] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.990841][ T5110] hsr_slave_0: entered promiscuous mode [ 58.997302][ T5110] hsr_slave_1: entered promiscuous mode [ 59.004223][ T5110] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.011795][ T5110] Cannot create hsr debugfs directory [ 59.198354][ T5116] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.209129][ T5116] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.224967][ T5116] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.244368][ T5116] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.340915][ T5109] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.356290][ T5109] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.367230][ T5109] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.377084][ T5109] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.448454][ T5120] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 59.481348][ T5120] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 59.491602][ T5120] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 59.519976][ T5120] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 59.562383][ T5111] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 59.575408][ T5111] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 59.585854][ T5111] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 59.622862][ T5111] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 59.694446][ T5110] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 59.722795][ T5110] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 59.747496][ T5110] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 59.767596][ T5110] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 59.820438][ T5116] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.881755][ T5109] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.930971][ T5116] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.957074][ T5120] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.978215][ T5163] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.985495][ T5163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.002476][ T5109] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.029425][ T5111] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.056156][ T5164] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.063307][ T5164] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.074689][ T5164] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.081755][ T5164] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.118957][ T5120] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.136292][ T5111] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.164430][ T5110] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.179694][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.186841][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.200006][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.207123][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.234419][ T5163] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.241573][ T5163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.259098][ T5163] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.266241][ T5163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.305135][ T5110] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.317038][ T5163] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.324191][ T5163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.334330][ T5126] Bluetooth: hci4: command tx timeout [ 60.339784][ T5126] Bluetooth: hci0: command tx timeout [ 60.346622][ T53] Bluetooth: hci1: command tx timeout [ 60.352045][ T53] Bluetooth: hci2: command tx timeout [ 60.409319][ T5163] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.416583][ T5163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.424520][ T53] Bluetooth: hci3: command tx timeout [ 60.443882][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.451013][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.517157][ T5116] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.777476][ T5109] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.951444][ T5109] veth0_vlan: entered promiscuous mode [ 60.970554][ T5111] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.008380][ T5109] veth1_vlan: entered promiscuous mode [ 61.040627][ T5116] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.122391][ T5120] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.161057][ T5110] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.183537][ T5111] veth0_vlan: entered promiscuous mode [ 61.200994][ T5109] veth0_macvtap: entered promiscuous mode [ 61.239263][ T5111] veth1_vlan: entered promiscuous mode [ 61.288248][ T5109] veth1_macvtap: entered promiscuous mode [ 61.329413][ T5116] veth0_vlan: entered promiscuous mode [ 61.363054][ T5109] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.430441][ T5109] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.443073][ T5111] veth0_macvtap: entered promiscuous mode [ 61.460635][ T5110] veth0_vlan: entered promiscuous mode [ 61.472648][ T5109] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.482660][ T5109] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.492232][ T5109] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.501378][ T5109] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.515177][ T5116] veth1_vlan: entered promiscuous mode [ 61.522301][ T5111] veth1_macvtap: entered promiscuous mode [ 61.560758][ T5110] veth1_vlan: entered promiscuous mode [ 61.610472][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.633037][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.647342][ T5111] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.666946][ T5120] veth0_vlan: entered promiscuous mode [ 61.691379][ T5120] veth1_vlan: entered promiscuous mode [ 61.702638][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.713836][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.724938][ T5111] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.736834][ T5111] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.745876][ T5111] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.755299][ T5111] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.764069][ T5111] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.822268][ T2457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.825102][ T5116] veth0_macvtap: entered promiscuous mode [ 61.845364][ T2457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.877380][ T5110] veth0_macvtap: entered promiscuous mode [ 61.895506][ T5110] veth1_macvtap: entered promiscuous mode [ 61.905693][ T5116] veth1_macvtap: entered promiscuous mode [ 61.949769][ T5120] veth0_macvtap: entered promiscuous mode [ 61.965661][ T5120] veth1_macvtap: entered promiscuous mode [ 61.982564][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.991185][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.041386][ T5116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.062741][ T5116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.072695][ T5116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.083619][ T5116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.097722][ T5116] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.106836][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.118691][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.128791][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.139502][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.149832][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.160463][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.172797][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.188833][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.199650][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.210030][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.220521][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.230406][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.240968][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.251105][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.262507][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.274508][ T5110] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.292333][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.303168][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.313343][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.324489][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.337477][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.374940][ T5116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.396074][ T5116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.397850][ T5195] netlink: 'syz-executor.1': attribute type 9 has an invalid length. [ 62.407412][ T5116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.422958][ T5195] netlink: 399 bytes leftover after parsing attributes in process `syz-executor.1'. [ 62.426399][ T53] Bluetooth: hci2: command tx timeout [ 62.440665][ T5126] Bluetooth: hci1: command tx timeout [ 62.440928][ T5123] Bluetooth: hci4: command tx timeout [ 62.446580][ T5116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.452357][ T5127] Bluetooth: hci0: command tx timeout [ 62.461396][ T5116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.461419][ T5116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.463079][ T5116] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.495587][ T5127] Bluetooth: hci3: command tx timeout [ 62.514728][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.530178][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.540103][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.551351][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.561217][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.571719][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.587170][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.597672][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.608838][ T5110] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.632370][ T5120] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.643826][ T5120] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.652523][ T5120] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.662960][ T5120] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.680839][ T5110] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.689947][ T5110] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.698759][ T5110] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.707639][ T5110] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.719282][ T2457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.729015][ T5116] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.739154][ T2457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.743058][ T5116] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.763262][ T5116] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.771960][ T5116] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.899333][ T5167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.916603][ T5167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.044293][ T5167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.071821][ T5167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.118186][ T5204] FAULT_INJECTION: forcing a failure. [ 63.118186][ T5204] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 63.146766][ T5204] CPU: 0 PID: 5204 Comm: syz-executor.2 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 63.156790][ T5204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 63.166868][ T5204] Call Trace: [ 63.170144][ T5204] [ 63.173071][ T5204] dump_stack_lvl+0x241/0x360 [ 63.177779][ T5204] ? __pfx_dump_stack_lvl+0x10/0x10 [ 63.182979][ T5204] ? __pfx__printk+0x10/0x10 [ 63.187563][ T5204] ? __pfx_lock_release+0x10/0x10 [ 63.192587][ T5204] should_fail_ex+0x3b0/0x4e0 [ 63.197270][ T5204] _copy_from_user+0x2f/0xe0 [ 63.201858][ T5204] generic_map_update_batch+0x567/0x900 [ 63.207409][ T5204] ? __pfx_generic_map_update_batch+0x10/0x10 [ 63.213485][ T5204] ? __pfx_generic_map_update_batch+0x10/0x10 [ 63.219550][ T5204] bpf_map_do_batch+0x3e0/0x690 [ 63.224397][ T5204] __sys_bpf+0x377/0x810 [ 63.228639][ T5204] ? __pfx___sys_bpf+0x10/0x10 [ 63.233418][ T5204] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 63.239412][ T5204] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 63.245734][ T5204] ? do_syscall_64+0x100/0x230 [ 63.250493][ T5204] __x64_sys_bpf+0x7c/0x90 [ 63.254903][ T5204] do_syscall_64+0xf3/0x230 [ 63.259397][ T5204] ? clear_bhb_loop+0x35/0x90 [ 63.264069][ T5204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.269963][ T5204] RIP: 0033:0x7f950a27cee9 [ 63.274376][ T5204] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 63.293969][ T5204] RSP: 002b:00007f950afcf0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 63.302374][ T5204] RAX: ffffffffffffffda RBX: 00007f950a3b3fa0 RCX: 00007f950a27cee9 [ 63.310337][ T5204] RDX: 0000000000000038 RSI: 00000000200006c0 RDI: 000000000000001a [ 63.318299][ T5204] RBP: 00007f950afcf120 R08: 0000000000000000 R09: 0000000000000000 [ 63.326259][ T5204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 63.334223][ T5204] R13: 000000000000000b R14: 00007f950a3b3fa0 R15: 00007ffca45fb328 [ 63.342197][ T5204] [ 63.378085][ T25] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.378593][ T1056] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.418419][ T1056] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.419830][ T25] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.505167][ C0] hrtimer: interrupt took 123815 ns [ 63.644003][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.665915][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.755899][ T5206] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 63.770881][ T5206] netlink: 149172 bytes leftover after parsing attributes in process `syz-executor.1'. [ 63.799028][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.811769][ T1056] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.823736][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.839003][ T1056] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.310594][ T5220] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'. [ 64.476909][ T5225] Driver unsupported XDP return value 0 on prog (id 5) dev N/A, expect packet loss! [ 64.504143][ T5127] Bluetooth: hci2: command tx timeout [ 64.509886][ T5127] Bluetooth: hci1: command tx timeout [ 64.515614][ T5127] Bluetooth: hci0: command tx timeout [ 64.521312][ T5123] Bluetooth: hci4: command tx timeout [ 64.573526][ T5123] Bluetooth: hci3: command tx timeout [ 65.676518][ T5247] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET) [ 65.966321][ T5255] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 65.979257][ T5255] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.1'. [ 66.037758][ T5266] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 66.082653][ T5266] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 66.118129][ T5266] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.4'. [ 66.504469][ T5288] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 66.859701][ T5299] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 66.907497][ T5299] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.3'. [ 66.983518][ T5299] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 67.045416][ T5306] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 67.227139][ T5311] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 67.244155][ T5311] netlink: 101600 bytes leftover after parsing attributes in process `syz-executor.1'. [ 67.901532][ T5334] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 67.925354][ T5334] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.933642][ T5334] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.116495][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.124103][ T5334] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.132516][ T5334] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.140276][ T5334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.211753][ T5334] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 68.704934][ T5336] syzkaller0: entered promiscuous mode [ 68.721702][ T5346] tap0: tun_chr_ioctl cmd 1074812118 [ 69.815099][ T5351] netlink: 16402 bytes leftover after parsing attributes in process `syz-executor.2'. [ 69.832529][ T5364] sit0: entered promiscuous mode [ 69.863453][ T5364] sit0: entered allmulticast mode [ 70.072853][ T5372] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 70.074327][ T5367] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.4'. [ 70.097592][ T5373] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 70.124415][ T5373] team0: Device veth1_macvtap is up. Set it down before adding it as a team port [ 70.144105][ T5372] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 70.182814][ T5376] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 70.261727][ T5377] netlink: 'syz-executor.4': attribute type 21 has an invalid length. [ 70.442729][ T5379] warning: `syz-executor.3' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 70.877403][ T5397] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 70.894487][ T5397] netlink: 17267 bytes leftover after parsing attributes in process `syz-executor.3'. [ 70.917887][ T5399] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 70.964889][ T5404] netlink: 203516 bytes leftover after parsing attributes in process `syz-executor.0'. [ 70.981753][ T5404] net_ratelimit: 2 callbacks suppressed [ 70.981768][ T5404] netlink: zone id is out of range [ 71.006553][ T5404] netlink: zone id is out of range [ 71.024981][ T5404] netlink: zone id is out of range [ 71.030433][ T5404] netlink: zone id is out of range [ 71.040396][ T5404] netlink: zone id is out of range [ 71.048035][ T5404] netlink: zone id is out of range [ 71.068381][ T5404] netlink: zone id is out of range [ 71.080586][ T5404] netlink: zone id is out of range [ 71.091740][ T5404] netlink: zone id is out of range [ 71.113109][ T5404] netlink: zone id is out of range [ 71.542628][ T5438] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 71.579841][ T5438] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 71.611521][ T5438] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 71.649682][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.656376][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.084945][ T5457] netlink: 128636 bytes leftover after parsing attributes in process `syz-executor.4'. [ 72.195121][ T5463] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 72.223883][ T5468] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.2'. [ 72.251203][ T5468] bond_slave_0: entered promiscuous mode [ 72.257121][ T5468] bond_slave_1: entered promiscuous mode [ 72.765565][ T5481] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 72.791767][ T5481] ipvlan1: entered promiscuous mode [ 72.804211][ T5481] ipvlan1: entered allmulticast mode [ 72.818147][ T5481] veth0_vlan: entered allmulticast mode [ 72.880888][ T5481] bridge0: port 3(ipvlan1) entered blocking state [ 72.936678][ T5481] bridge0: port 3(ipvlan1) entered disabled state [ 73.405509][ T5495] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 74.451471][ T5551] validate_nla: 5 callbacks suppressed [ 74.451490][ T5551] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 74.473893][ T5541] FAULT_INJECTION: forcing a failure. [ 74.473893][ T5541] name failslab, interval 1, probability 0, space 0, times 1 [ 74.493161][ T5541] CPU: 0 PID: 5541 Comm: syz-executor.2 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 74.503172][ T5541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 74.513238][ T5541] Call Trace: [ 74.516532][ T5541] [ 74.519476][ T5541] dump_stack_lvl+0x241/0x360 [ 74.524181][ T5541] ? __pfx_dump_stack_lvl+0x10/0x10 [ 74.529396][ T5541] ? __pfx__printk+0x10/0x10 [ 74.534003][ T5541] ? __pfx___might_resched+0x10/0x10 [ 74.539318][ T5541] should_fail_ex+0x3b0/0x4e0 [ 74.544012][ T5541] ? ext4_mb_new_blocks+0xfff/0x4e30 [ 74.549297][ T5541] should_failslab+0x9/0x20 [ 74.553800][ T5541] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 74.559175][ T5541] ext4_mb_new_blocks+0xfff/0x4e30 [ 74.564289][ T5541] ? rcu_is_watching+0x15/0xb0 [ 74.569046][ T5541] ? trace_kmalloc+0x1f/0xd0 [ 74.573633][ T5541] ? __kmalloc_noprof+0x217/0x400 [ 74.578654][ T5541] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 74.584191][ T5541] ? ext4_find_extent+0xc45/0xe20 [ 74.589206][ T5541] ? ext4_ext_search_right+0x394/0x860 [ 74.594659][ T5541] ? ext4_ext_check_overlap+0x37e/0x5b0 [ 74.600202][ T5541] ? ext4_ext_find_goal+0xec/0x1d0 [ 74.605322][ T5541] ext4_ext_map_blocks+0x1c74/0x77b0 [ 74.610607][ T5541] ? mark_lock+0x9a/0x350 [ 74.614978][ T5541] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 74.620630][ T5541] ? __down_write_common+0x162/0x200 [ 74.625915][ T5541] ? ext4_es_lookup_extent+0x61a/0xa90 [ 74.631377][ T5541] ext4_map_blocks+0xa5e/0x1d20 [ 74.636239][ T5541] ? trace_jbd2_handle_start+0x9c/0x250 [ 74.641787][ T5541] ? __pfx_ext4_map_blocks+0x10/0x10 [ 74.647094][ T5541] ext4_iomap_begin+0x8e6/0xd30 [ 74.651955][ T5541] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 74.657323][ T5541] ? iomap_dio_bio_iter+0x1376/0x1670 [ 74.662703][ T5541] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 74.668069][ T5541] iomap_iter+0x691/0xf60 [ 74.672405][ T5541] __iomap_dio_rw+0x16e1/0x2370 [ 74.677252][ T5541] ? do_syscall_64+0xf3/0x230 [ 74.681921][ T5541] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.688004][ T5541] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 74.693980][ T5541] ? __pfx___iomap_dio_rw+0x10/0x10 [ 74.699193][ T5541] ? jbd2_journal_stop+0x902/0xd80 [ 74.704310][ T5541] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 74.709764][ T5541] ? __pfx_ext4_orphan_add+0x10/0x10 [ 74.715048][ T5541] iomap_dio_rw+0x46/0xa0 [ 74.719379][ T5541] ext4_file_write_iter+0x15e5/0x1a10 [ 74.724763][ T5541] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 74.730485][ T5541] vfs_write+0xa72/0xc90 [ 74.734731][ T5541] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 74.740444][ T5541] ? __pfx_vfs_write+0x10/0x10 [ 74.745221][ T5541] ksys_write+0x1a0/0x2c0 [ 74.749551][ T5541] ? __pfx_ksys_write+0x10/0x10 [ 74.754482][ T5541] ? do_syscall_64+0x100/0x230 [ 74.759241][ T5541] ? do_syscall_64+0xb6/0x230 [ 74.764012][ T5541] do_syscall_64+0xf3/0x230 [ 74.768513][ T5541] ? clear_bhb_loop+0x35/0x90 [ 74.773186][ T5541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.779080][ T5541] RIP: 0033:0x7f950a27cee9 [ 74.783488][ T5541] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 74.803087][ T5541] RSP: 002b:00007f950afcf0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 74.811502][ T5541] RAX: ffffffffffffffda RBX: 00007f950a3b3fa0 RCX: 00007f950a27cee9 [ 74.819474][ T5541] RDX: 0000000000248800 RSI: 0000000020000000 RDI: 0000000000000004 [ 74.827448][ T5541] RBP: 00007f950afcf120 R08: 0000000000000000 R09: 0000000000000000 [ 74.835414][ T5541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 74.843375][ T5541] R13: 000000000000000b R14: 00007f950a3b3fa0 R15: 00007ffca45fb328 [ 74.851350][ T5541] [ 74.942227][ T5559] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 74.952295][ T5559] __nla_validate_parse: 7 callbacks suppressed [ 74.952312][ T5559] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 75.067433][ T5562] FAULT_INJECTION: forcing a failure. [ 75.067433][ T5562] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 75.085130][ T5562] CPU: 1 PID: 5562 Comm: syz-executor.2 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 75.095151][ T5562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 75.105234][ T5562] Call Trace: [ 75.108687][ T5562] [ 75.112446][ T5562] dump_stack_lvl+0x241/0x360 [ 75.117249][ T5562] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.122482][ T5562] ? __pfx__printk+0x10/0x10 [ 75.127115][ T5562] ? snprintf+0xda/0x120 [ 75.131397][ T5562] should_fail_ex+0x3b0/0x4e0 [ 75.136116][ T5562] _copy_to_user+0x2f/0xb0 [ 75.140572][ T5562] simple_read_from_buffer+0xca/0x150 [ 75.145974][ T5562] proc_fail_nth_read+0x1e9/0x250 [ 75.151013][ T5562] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 75.156571][ T5562] ? rw_verify_area+0x514/0x6b0 [ 75.161423][ T5562] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 75.166969][ T5562] vfs_read+0x204/0xbd0 [ 75.171127][ T5562] ? __pfx_lock_release+0x10/0x10 [ 75.176160][ T5562] ? __pfx_vfs_read+0x10/0x10 [ 75.180841][ T5562] ? __fget_files+0x29/0x470 [ 75.185435][ T5562] ? __fget_files+0x3f6/0x470 [ 75.190128][ T5562] ksys_read+0x1a0/0x2c0 [ 75.194383][ T5562] ? __pfx_ksys_read+0x10/0x10 [ 75.199148][ T5562] ? do_syscall_64+0x100/0x230 [ 75.203917][ T5562] ? do_syscall_64+0xb6/0x230 [ 75.208606][ T5562] do_syscall_64+0xf3/0x230 [ 75.213119][ T5562] ? clear_bhb_loop+0x35/0x90 [ 75.217805][ T5562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.223701][ T5562] RIP: 0033:0x7f950a27bb8c [ 75.228116][ T5562] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 59 81 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 af 81 02 00 48 [ 75.247723][ T5562] RSP: 002b:00007f950afcf0c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 75.256148][ T5562] RAX: ffffffffffffffda RBX: 00007f950a3b3fa0 RCX: 00007f950a27bb8c [ 75.264122][ T5562] RDX: 000000000000000f RSI: 00007f950afcf130 RDI: 0000000000000007 [ 75.272092][ T5562] RBP: 00007f950afcf120 R08: 0000000000000000 R09: 0000000000000000 [ 75.280061][ T5562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.288031][ T5562] R13: 000000000000000b R14: 00007f950a3b3fa0 R15: 00007ffca45fb328 [ 75.296028][ T5562] [ 75.339021][ T5566] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.0'. [ 75.354680][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.401168][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.459664][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.476084][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.502556][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.524542][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.537091][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.564514][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.592924][ T5566] batadv_slave_1: entered promiscuous mode [ 75.609205][ T5569] syzkaller1: entered promiscuous mode [ 75.621068][ T5569] syzkaller1: entered allmulticast mode [ 75.817689][ T5589] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 76.386087][ T5604] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 76.401708][ T5604] team0: Device batadv0 is up. Set it down before adding it as a team port [ 76.683984][ T5631] raw_sendmsg: syz-executor.1 forgot to set AF_INET. Fix it! [ 76.758078][ T784] cfg80211: failed to load regulatory.db [ 76.854924][ T5631] »»»»»»: renamed from vlan1 (while UP) [ 76.894512][ T5639] netlink: 'syz-executor.0': attribute type 28 has an invalid length. [ 76.911178][ T5639] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 76.941024][ T5639] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 77.050205][ T5639] Zero length message leads to an empty skb [ 77.493000][ T5649] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'. [ 77.745481][ T5659] netlink: 'syz-executor.2': attribute type 33 has an invalid length. [ 77.813679][ T5659] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 77.821918][ T5659] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.2'. [ 77.851396][ T5659] net_ratelimit: 171 callbacks suppressed [ 77.851415][ T5659] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 78.724357][ T5671] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 78.736927][ T5671] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 79.045448][ T5683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 79.132732][ T5686] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'. [ 79.168355][ T5686] openvswitch: netlink: Flow key attribute not present in set flow. [ 79.862352][ T5710] netlink: 'syz-executor.1': attribute type 33 has an invalid length. [ 79.870691][ T5710] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 79.879135][ T5710] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.1'. [ 79.901926][ T5710] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 80.613664][ T5748] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'. [ 80.885039][ T5756] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.0'. [ 81.263543][ T5773] netlink: 'syz-executor.4': attribute type 9 has an invalid length. [ 81.271787][ T5773] netlink: 134780 bytes leftover after parsing attributes in process `syz-executor.4'. [ 81.330160][ T5771] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.712098][ T5811] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'. [ 82.746635][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.157029][ T5834] netlink: 'syz-executor.1': attribute type 12 has an invalid length. [ 83.173523][ T5834] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'. [ 83.217934][ T5838] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 83.355256][ T5844] netlink: 203452 bytes leftover after parsing attributes in process `syz-executor.4'. [ 84.185495][ T5874] netlink: 67 bytes leftover after parsing attributes in process `syz-executor.0'. [ 84.217494][ T5874] IPv6: NLM_F_CREATE should be specified when creating new route [ 84.238340][ T5874] IPv6: Can't replace route, no match found [ 84.254746][ T5883] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.0'. [ 84.591576][ T5897] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'. [ 84.890285][ T5912] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 85.440511][ T5933] FAULT_INJECTION: forcing a failure. [ 85.440511][ T5933] name failslab, interval 1, probability 0, space 0, times 0 [ 85.465446][ T5933] CPU: 1 PID: 5933 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 85.475454][ T5933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 85.485501][ T5933] Call Trace: [ 85.488784][ T5933] [ 85.491728][ T5933] dump_stack_lvl+0x241/0x360 [ 85.496401][ T5933] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.501601][ T5933] ? __pfx__printk+0x10/0x10 [ 85.506199][ T5933] ? nl80211_dump_wiphy+0x50/0x790 [ 85.511302][ T5933] should_fail_ex+0x3b0/0x4e0 [ 85.515973][ T5933] ? nl80211_dump_wiphy+0xc4/0x790 [ 85.521068][ T5933] should_failslab+0x9/0x20 [ 85.525578][ T5933] kmalloc_trace_noprof+0x6c/0x2c0 [ 85.530722][ T5933] nl80211_dump_wiphy+0xc4/0x790 [ 85.535668][ T5933] ? __pfx___alloc_skb+0x10/0x10 [ 85.540609][ T5933] genl_dumpit+0x107/0x1a0 [ 85.545029][ T5933] netlink_dump+0x6ff/0xe50 [ 85.549534][ T5933] ? __pfx_netlink_dump+0x10/0x10 [ 85.554567][ T5933] ? __asan_memset+0x23/0x50 [ 85.559149][ T5933] ? genl_start+0x4a8/0x6d0 [ 85.563656][ T5933] __netlink_dump_start+0x59d/0x780 [ 85.568856][ T5933] genl_rcv_msg+0x88c/0xec0 [ 85.573359][ T5933] ? mark_lock+0x9a/0x350 [ 85.577703][ T5933] ? __pfx_genl_rcv_msg+0x10/0x10 [ 85.582746][ T5933] ? __pfx_genl_start+0x10/0x10 [ 85.587598][ T5933] ? __pfx_genl_dumpit+0x10/0x10 [ 85.592535][ T5933] ? __pfx_genl_done+0x10/0x10 [ 85.597307][ T5933] ? __pfx_lock_acquire+0x10/0x10 [ 85.602320][ T5933] ? __pfx_nl80211_dump_wiphy+0x10/0x10 [ 85.607861][ T5933] ? __pfx_nl80211_dump_wiphy_done+0x10/0x10 [ 85.613835][ T5933] ? __pfx___might_resched+0x10/0x10 [ 85.619126][ T5933] netlink_rcv_skb+0x1e3/0x430 [ 85.623885][ T5933] ? __pfx_genl_rcv_msg+0x10/0x10 [ 85.628907][ T5933] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 85.634200][ T5933] ? __netlink_deliver_tap+0x77e/0x7c0 [ 85.639671][ T5933] genl_rcv+0x28/0x40 [ 85.643650][ T5933] netlink_unicast+0x7ea/0x980 [ 85.648425][ T5933] ? __pfx_netlink_unicast+0x10/0x10 [ 85.653707][ T5933] ? __virt_addr_valid+0x183/0x520 [ 85.658824][ T5933] ? __check_object_size+0x49c/0x900 [ 85.664107][ T5933] ? bpf_lsm_netlink_send+0x9/0x10 [ 85.669222][ T5933] netlink_sendmsg+0x8db/0xcb0 [ 85.673993][ T5933] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.679271][ T5933] ? __import_iovec+0x536/0x820 [ 85.684114][ T5933] ? aa_sock_msg_perm+0x91/0x160 [ 85.689045][ T5933] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 85.694319][ T5933] ? security_socket_sendmsg+0x87/0xb0 [ 85.699775][ T5933] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.705049][ T5933] __sock_sendmsg+0x221/0x270 [ 85.709726][ T5933] ____sys_sendmsg+0x525/0x7d0 [ 85.714493][ T5933] ? __pfx_____sys_sendmsg+0x10/0x10 [ 85.719788][ T5933] __sys_sendmsg+0x2b0/0x3a0 [ 85.724378][ T5933] ? __pfx___sys_sendmsg+0x10/0x10 [ 85.729512][ T5933] ? perf_trace_preemptirq_template+0x2d2/0x3f0 [ 85.735754][ T5933] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 85.742072][ T5933] ? do_syscall_64+0x100/0x230 [ 85.746829][ T5933] ? do_syscall_64+0xb6/0x230 [ 85.751499][ T5933] do_syscall_64+0xf3/0x230 [ 85.756002][ T5933] ? clear_bhb_loop+0x35/0x90 [ 85.760688][ T5933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.766573][ T5933] RIP: 0033:0x7f6c3a27cee9 [ 85.770980][ T5933] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 85.790577][ T5933] RSP: 002b:00007f6c3af700c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 85.798988][ T5933] RAX: ffffffffffffffda RBX: 00007f6c3a3b3fa0 RCX: 00007f6c3a27cee9 [ 85.806950][ T5933] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 85.814913][ T5933] RBP: 00007f6c3af70120 R08: 0000000000000000 R09: 0000000000000000 [ 85.822875][ T5933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 85.830838][ T5933] R13: 000000000000000b R14: 00007f6c3a3b3fa0 R15: 00007ffe65e3c2c8 [ 85.838816][ T5933] [ 86.875491][ T5984] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 86.884845][ T5981] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'. [ 86.903280][ T5984] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 86.931937][ T5989] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 86.978154][ T5984] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 87.025594][ T5984] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 87.052565][ T5984] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 87.081642][ T5993] netlink: 128636 bytes leftover after parsing attributes in process `syz-executor.3'. [ 87.092982][ T5984] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 87.950001][ T6022] syz-executor.4[6022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.950279][ T6022] syz-executor.4[6022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.951923][ T6020] syz-executor.4[6020] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.003517][ T6020] syz-executor.4[6020] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.147143][ T6031] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 88.171326][ T6031] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.1'. [ 88.220322][ T6029] bridge0: entered promiscuous mode [ 88.275971][ T6029] bridge0: entered allmulticast mode [ 88.345198][ T6029] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 88.413679][ T6029] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 88.845849][ T6053] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.4'. [ 89.046283][ T6068] netlink: 74 bytes leftover after parsing attributes in process `syz-executor.3'. [ 89.049122][ T6066] netlink: 149380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 89.090769][ T6070] pim6reg1: entered promiscuous mode [ 89.104119][ T6070] pim6reg1: entered allmulticast mode [ 89.207598][ T6066] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'. [ 89.251400][ T6074] IPv6: NLM_F_CREATE should be specified when creating new route [ 89.275032][ T6074] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'. [ 90.156411][ T6102] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.3'. [ 90.242540][ T6105] netlink: 149380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 90.448952][ T6109] mac80211_hwsim hwsim10 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 92.884011][ T6171] validate_nla: 10 callbacks suppressed [ 92.884056][ T6171] netlink: 'syz-executor.0': attribute type 25 has an invalid length. [ 92.934864][ T6171] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 93.130587][ T6190] __nla_validate_parse: 4 callbacks suppressed [ 93.130605][ T6190] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.1'. [ 93.187947][ T6192] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.0'. [ 93.227183][ T6192] openvswitch: netlink: Duplicate key (type 0). [ 94.407413][ T6223] FAULT_INJECTION: forcing a failure. [ 94.407413][ T6223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.435232][ T6223] CPU: 0 PID: 6223 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 94.445270][ T6223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 94.455368][ T6223] Call Trace: [ 94.458689][ T6223] [ 94.461664][ T6223] dump_stack_lvl+0x241/0x360 [ 94.466414][ T6223] ? __pfx_dump_stack_lvl+0x10/0x10 [ 94.471668][ T6223] ? __pfx__printk+0x10/0x10 [ 94.476320][ T6223] ? __pfx_lock_release+0x10/0x10 [ 94.481432][ T6223] should_fail_ex+0x3b0/0x4e0 [ 94.486182][ T6223] _copy_from_iter+0x1f6/0x1960 [ 94.491100][ T6223] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 94.496613][ T6223] ? dev_get_by_index+0x23/0x2d0 [ 94.501633][ T6223] ? __pfx__copy_from_iter+0x10/0x10 [ 94.506999][ T6223] ? trace_call_bpf+0x613/0x8a0 [ 94.511934][ T6223] ? dev_get_by_index+0x23/0x2d0 [ 94.517002][ T6223] packet_sendmsg+0x3977/0x6710 [ 94.521917][ T6223] ? __pfx_trace_call_bpf+0x10/0x10 [ 94.527169][ T6223] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 94.532667][ T6223] ? __pfx___might_resched+0x10/0x10 [ 94.538014][ T6223] ? __pfx_perf_trace_lock+0x10/0x10 [ 94.543406][ T6223] ? aa_sk_perm+0x967/0xab0 [ 94.547991][ T6223] ? __pfx_packet_sendmsg+0x10/0x10 [ 94.553269][ T6223] ? __import_iovec+0x536/0x820 [ 94.558165][ T6223] ? aa_sock_msg_perm+0x91/0x160 [ 94.563160][ T6223] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 94.568488][ T6223] ? security_socket_sendmsg+0x87/0xb0 [ 94.574007][ T6223] ? __pfx_packet_sendmsg+0x10/0x10 [ 94.579247][ T6223] __sock_sendmsg+0x221/0x270 [ 94.583996][ T6223] ____sys_sendmsg+0x525/0x7d0 [ 94.588853][ T6223] ? __pfx_____sys_sendmsg+0x10/0x10 [ 94.594256][ T6223] __sys_sendmsg+0x2b0/0x3a0 [ 94.598916][ T6223] ? __pfx___sys_sendmsg+0x10/0x10 [ 94.604077][ T6223] ? trace_call_bpf+0x613/0x8a0 [ 94.609091][ T6223] ? perf_trace_preemptirq_template+0x2d2/0x3f0 [ 94.615421][ T6223] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 94.621803][ T6223] ? do_syscall_64+0x100/0x230 [ 94.626637][ T6223] ? do_syscall_64+0xb6/0x230 [ 94.631381][ T6223] do_syscall_64+0xf3/0x230 [ 94.635937][ T6223] ? clear_bhb_loop+0x35/0x90 [ 94.640677][ T6223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.646627][ T6223] RIP: 0033:0x7f6c3a27cee9 [ 94.651094][ T6223] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 94.670750][ T6223] RSP: 002b:00007f6c3af700c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.679231][ T6223] RAX: ffffffffffffffda RBX: 00007f6c3a3b3fa0 RCX: 00007f6c3a27cee9 [ 94.687245][ T6223] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 94.695261][ T6223] RBP: 00007f6c3af70120 R08: 0000000000000000 R09: 0000000000000000 [ 94.703276][ T6223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.711284][ T6223] R13: 000000000000000b R14: 00007f6c3a3b3fa0 R15: 00007ffe65e3c2c8 [ 94.719360][ T6223] [ 95.672235][ T6241] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 95.722309][ T6241] netlink: 196700 bytes leftover after parsing attributes in process `syz-executor.3'. [ 95.885123][ T6246] netlink: 209840 bytes leftover after parsing attributes in process `syz-executor.4'. [ 95.959201][ T6251] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.0'. [ 95.971496][ T6250] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 95.977473][ T6250] pim6reg0: linktype set to 0 [ 96.161435][ T6258] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 96.203652][ T6258] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 97.274906][ T6274] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.0'. [ 97.592786][ T6299] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 97.616630][ T6299] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.4'. [ 98.632511][ T6307] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 98.651756][ T6307] netlink: 196520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 98.855934][ T6321] netlink: 191416 bytes leftover after parsing attributes in process `syz-executor.2'. [ 98.865919][ T6322] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 98.866016][ T6322] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.1'. [ 99.061612][ T6336] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.1'. [ 99.444715][ T6346] netlink: 144220 bytes leftover after parsing attributes in process `syz-executor.1'. [ 103.469017][ T6346] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 103.477743][ T6346] tipc: Started in network mode [ 103.482604][ T6346] tipc: Node identity a, cluster identity 4711 [ 103.488942][ T6346] tipc: Node number set to 10 [ 103.770618][ T6366] syzkaller0: refused to change device tx_queue_len [ 103.815513][ T6366] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 103.856928][ T6366] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.3'. [ 104.025330][ T6378] FAULT_INJECTION: forcing a failure. [ 104.025330][ T6378] name failslab, interval 1, probability 0, space 0, times 0 [ 104.104097][ T6378] CPU: 0 PID: 6378 Comm: syz-executor.4 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 104.114178][ T6378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 104.124311][ T6378] Call Trace: [ 104.127660][ T6378] [ 104.130659][ T6378] dump_stack_lvl+0x241/0x360 [ 104.135425][ T6378] ? __pfx_dump_stack_lvl+0x10/0x10 [ 104.140669][ T6378] ? __pfx__printk+0x10/0x10 [ 104.145310][ T6378] ? lockdep_init_map_type+0xa1/0x910 [ 104.150741][ T6378] ? __asan_memset+0x23/0x50 [ 104.155385][ T6378] should_fail_ex+0x3b0/0x4e0 [ 104.160119][ T6378] ? security_inode_alloc+0x28/0x120 [ 104.165443][ T6378] should_failslab+0x9/0x20 [ 104.169989][ T6378] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 104.175429][ T6378] security_inode_alloc+0x28/0x120 [ 104.180589][ T6378] inode_init_always+0x947/0xc70 [ 104.185578][ T6378] ? __pfx_sock_alloc_inode+0x10/0x10 [ 104.191007][ T6378] new_inode_pseudo+0x9e/0x1e0 [ 104.195830][ T6378] __sock_create+0x123/0x920 [ 104.200509][ T6378] mptcp_subflow_create_socket+0x132/0xdf0 [ 104.206419][ T6378] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 104.212810][ T6378] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 104.218849][ T6378] __mptcp_nmpc_sk+0x178/0x800 [ 104.223691][ T6378] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 104.229023][ T6378] ? __local_bh_enable_ip+0x168/0x200 [ 104.234437][ T6378] ? mptcp_sendmsg+0x153/0x1b10 [ 104.239343][ T6378] mptcp_sendmsg_fastopen+0xc3/0x530 [ 104.244702][ T6378] mptcp_sendmsg+0x1884/0x1b10 [ 104.249567][ T6378] ? aa_sk_perm+0x967/0xab0 [ 104.254156][ T6378] ? __pfx_aa_sk_perm+0x10/0x10 [ 104.259045][ T6378] ? iovec_from_user+0x61/0x240 [ 104.263942][ T6378] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 104.269091][ T6378] ? sock_rps_record_flow+0x1a/0x400 [ 104.274434][ T6378] ? inet_sendmsg+0x330/0x390 [ 104.279174][ T6378] __sock_sendmsg+0x1a6/0x270 [ 104.283916][ T6378] ____sys_sendmsg+0x525/0x7d0 [ 104.288767][ T6378] ? __pfx_____sys_sendmsg+0x10/0x10 [ 104.294184][ T6378] __sys_sendmsg+0x2b0/0x3a0 [ 104.298833][ T6378] ? __pfx___sys_sendmsg+0x10/0x10 [ 104.303981][ T6378] ? vfs_write+0x7c4/0xc90 [ 104.308591][ T6378] ? perf_trace_preemptirq_template+0xf8/0x3f0 [ 104.314831][ T6378] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 104.321203][ T6378] ? do_syscall_64+0x100/0x230 [ 104.326024][ T6378] ? do_syscall_64+0xb6/0x230 [ 104.330756][ T6378] do_syscall_64+0xf3/0x230 [ 104.335303][ T6378] ? clear_bhb_loop+0x35/0x90 [ 104.340031][ T6378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.345959][ T6378] RIP: 0033:0x7f527987cee9 [ 104.350415][ T6378] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 104.370053][ T6378] RSP: 002b:00007f527a6730c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 104.378513][ T6378] RAX: ffffffffffffffda RBX: 00007f52799b3fa0 RCX: 00007f527987cee9 [ 104.386518][ T6378] RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000005 [ 104.394523][ T6378] RBP: 00007f527a673120 R08: 0000000000000000 R09: 0000000000000000 [ 104.402523][ T6378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 104.410529][ T6378] R13: 000000000000000b R14: 00007f52799b3fa0 R15: 00007ffd215f15f8 [ 104.418615][ T6378] [ 104.434622][ T6378] socket: no more sockets [ 104.659203][ T6387] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 104.690262][ T6387] netlink: 'syz-executor.4': attribute type 291 has an invalid length. [ 105.110610][ T6407] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 105.209979][ T6410] netlink: 193500 bytes leftover after parsing attributes in process `syz-executor.2'. [ 105.248603][ T6412] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.3'. [ 105.405269][ T6416] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.2'. [ 105.728283][ T6405] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.1'. [ 105.842535][ T6421] netlink: 208840 bytes leftover after parsing attributes in process `syz-executor.4'. [ 105.860638][ T6421] netlink: 1012 bytes leftover after parsing attributes in process `syz-executor.4'. [ 105.900889][ T5123] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 105.914499][ T6424] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 105.932431][ T6424] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 105.939045][ T6419] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.1'. [ 105.971378][ T6419] team_slave_0: entered allmulticast mode [ 105.987588][ T6419] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 106.039921][ T6427] EXT4-fs warning (device sda1): ext4_group_extend:1869: need to use ext2online to resize further [ 106.062671][ T6425] syzkaller0: refused to change device tx_queue_len [ 106.104451][ T6425] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 106.370980][ T6445] FAULT_INJECTION: forcing a failure. [ 106.370980][ T6445] name failslab, interval 1, probability 0, space 0, times 0 [ 106.425562][ T6445] CPU: 1 PID: 6445 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 106.435581][ T6445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 106.445630][ T6445] Call Trace: [ 106.448898][ T6445] [ 106.451817][ T6445] dump_stack_lvl+0x241/0x360 [ 106.456492][ T6445] ? __pfx_dump_stack_lvl+0x10/0x10 [ 106.461679][ T6445] ? __pfx__printk+0x10/0x10 [ 106.466259][ T6445] ? ref_tracker_alloc+0x332/0x490 [ 106.471384][ T6445] should_fail_ex+0x3b0/0x4e0 [ 106.476071][ T6445] ? skb_clone+0x20c/0x390 [ 106.480479][ T6445] should_failslab+0x9/0x20 [ 106.484977][ T6445] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 106.490362][ T6445] skb_clone+0x20c/0x390 [ 106.494612][ T6445] __netlink_deliver_tap+0x3cc/0x7c0 [ 106.499899][ T6445] ? netlink_deliver_tap+0x2e/0x1b0 [ 106.505088][ T6445] netlink_deliver_tap+0x19d/0x1b0 [ 106.510191][ T6445] netlink_unicast+0x7b8/0x980 [ 106.514956][ T6445] ? __pfx_netlink_unicast+0x10/0x10 [ 106.520233][ T6445] ? __virt_addr_valid+0x183/0x520 [ 106.525343][ T6445] ? __check_object_size+0x49c/0x900 [ 106.530627][ T6445] ? bpf_lsm_netlink_send+0x9/0x10 [ 106.535742][ T6445] netlink_sendmsg+0x8db/0xcb0 [ 106.540515][ T6445] ? __pfx_netlink_sendmsg+0x10/0x10 [ 106.545806][ T6445] ? __import_iovec+0x536/0x820 [ 106.550653][ T6445] ? aa_sock_msg_perm+0x91/0x160 [ 106.555585][ T6445] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 106.560859][ T6445] ? security_socket_sendmsg+0x87/0xb0 [ 106.566312][ T6445] ? __pfx_netlink_sendmsg+0x10/0x10 [ 106.571586][ T6445] __sock_sendmsg+0x221/0x270 [ 106.576261][ T6445] ____sys_sendmsg+0x525/0x7d0 [ 106.581028][ T6445] ? __pfx_____sys_sendmsg+0x10/0x10 [ 106.586320][ T6445] __sys_sendmsg+0x2b0/0x3a0 [ 106.590906][ T6445] ? __pfx___sys_sendmsg+0x10/0x10 [ 106.596009][ T6445] ? vfs_write+0x7c4/0xc90 [ 106.600440][ T6445] ? perf_trace_preemptirq_template+0xf8/0x3f0 [ 106.606589][ T6445] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 106.612907][ T6445] ? do_syscall_64+0x100/0x230 [ 106.617662][ T6445] ? do_syscall_64+0xb6/0x230 [ 106.622327][ T6445] do_syscall_64+0xf3/0x230 [ 106.626821][ T6445] ? clear_bhb_loop+0x35/0x90 [ 106.631492][ T6445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.637374][ T6445] RIP: 0033:0x7f6c3a27cee9 [ 106.641787][ T6445] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 106.661386][ T6445] RSP: 002b:00007f6c3af700c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 106.669793][ T6445] RAX: ffffffffffffffda RBX: 00007f6c3a3b3fa0 RCX: 00007f6c3a27cee9 [ 106.677756][ T6445] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 106.685716][ T6445] RBP: 00007f6c3af70120 R08: 0000000000000000 R09: 0000000000000000 [ 106.693676][ T6445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 106.701634][ T6445] R13: 000000000000000b R14: 00007f6c3a3b3fa0 R15: 00007ffe65e3c2c8 [ 106.709606][ T6445] [ 106.799950][ T6445] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 107.622450][ T6453] syzkaller0: entered promiscuous mode [ 107.745010][ T6474] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 108.445086][ T6482] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 108.641244][ T6485] FAULT_INJECTION: forcing a failure. [ 108.641244][ T6485] name failslab, interval 1, probability 0, space 0, times 0 [ 108.665804][ T6485] CPU: 0 PID: 6485 Comm: syz-executor.0 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 108.675814][ T6485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 108.685863][ T6485] Call Trace: [ 108.689131][ T6485] [ 108.692053][ T6485] dump_stack_lvl+0x241/0x360 [ 108.696733][ T6485] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.701929][ T6485] ? __wake_up_klogd+0xcc/0x110 [ 108.706783][ T6485] should_fail_ex+0x3b0/0x4e0 [ 108.711455][ T6485] ? __xdp_reg_mem_model+0x1e0/0x650 [ 108.716733][ T6485] should_failslab+0x9/0x20 [ 108.721232][ T6485] kmalloc_trace_noprof+0x6c/0x2c0 [ 108.726337][ T6485] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 108.732315][ T6485] __xdp_reg_mem_model+0x1e0/0x650 [ 108.737576][ T6485] ? __pfx___xdp_reg_mem_model+0x10/0x10 [ 108.746425][ T6485] ? page_pool_list+0x232/0x280 [ 108.751302][ T6485] xdp_reg_mem_model+0x22/0x40 [ 108.756059][ T6485] bpf_test_run_xdp_live+0x33b/0x1e60 [ 108.761423][ T6485] ? __pfx_autoremove_wake_function+0x10/0x10 [ 108.767483][ T6485] ? __mutex_unlock_slowpath+0x21d/0x750 [ 108.773115][ T6485] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 108.779092][ T6485] ? __pfx___static_call_update+0x10/0x10 [ 108.784811][ T6485] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 108.790607][ T6485] ? 0xffffffffa0003b40 [ 108.794755][ T6485] ? 0xffffffffa0003b40 [ 108.798933][ T6485] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 108.804840][ T6485] ? _copy_from_user+0xa6/0xe0 [ 108.809599][ T6485] ? bpf_test_init+0x15a/0x180 [ 108.814360][ T6485] ? xdp_convert_md_to_buff+0x5b/0x330 [ 108.819810][ T6485] bpf_prog_test_run_xdp+0x80e/0x11b0 [ 108.825176][ T6485] ? __pfx_lock_release+0x10/0x10 [ 108.830200][ T6485] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 108.836003][ T6485] ? __fget_files+0x29/0x470 [ 108.840596][ T6485] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 108.846392][ T6485] bpf_prog_test_run+0x33a/0x3b0 [ 108.851328][ T6485] __sys_bpf+0x48d/0x810 [ 108.855573][ T6485] ? __pfx___sys_bpf+0x10/0x10 [ 108.860342][ T6485] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 108.866314][ T6485] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 108.872632][ T6485] ? do_syscall_64+0x100/0x230 [ 108.877389][ T6485] __x64_sys_bpf+0x7c/0x90 [ 108.881799][ T6485] do_syscall_64+0xf3/0x230 [ 108.886296][ T6485] ? clear_bhb_loop+0x35/0x90 [ 108.890964][ T6485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.896847][ T6485] RIP: 0033:0x7f1e4247cee9 [ 108.901258][ T6485] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 108.920861][ T6485] RSP: 002b:00007f1e431230c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 108.929281][ T6485] RAX: ffffffffffffffda RBX: 00007f1e425b3fa0 RCX: 00007f1e4247cee9 [ 108.937243][ T6485] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a [ 108.945208][ T6485] RBP: 00007f1e43123120 R08: 0000000000000000 R09: 0000000000000000 [ 108.953168][ T6485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 108.961132][ T6485] R13: 000000000000000b R14: 00007f1e425b3fa0 R15: 00007fffb5e0c498 [ 108.969105][ T6485] [ 109.550639][ T6495] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 109.565198][ T6495] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 109.574115][ T6495] __nla_validate_parse: 5 callbacks suppressed [ 109.574129][ T6495] netlink: 128512 bytes leftover after parsing attributes in process `syz-executor.4'. [ 109.842040][ T6471] syzkaller0: refused to change device tx_queue_len [ 109.849890][ T6479] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.3'. [ 109.859557][ T6479] bond_slave_0: entered promiscuous mode [ 109.865302][ T6479] bond_slave_1: entered promiscuous mode [ 110.100515][ T6509] FAULT_INJECTION: forcing a failure. [ 110.100515][ T6509] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 110.111586][ T6512] netlink: 'syz-executor.1': attribute type 39 has an invalid length. [ 110.125954][ T6509] CPU: 1 PID: 6509 Comm: syz-executor.4 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 110.135961][ T6509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 110.146025][ T6509] Call Trace: [ 110.149309][ T6509] [ 110.152230][ T6509] dump_stack_lvl+0x241/0x360 [ 110.156907][ T6509] ? __pfx_dump_stack_lvl+0x10/0x10 [ 110.162107][ T6509] ? __pfx__printk+0x10/0x10 [ 110.166709][ T6509] should_fail_ex+0x3b0/0x4e0 [ 110.171376][ T6509] _copy_from_user+0x2f/0xe0 [ 110.175972][ T6509] bpf_test_init+0x11f/0x180 [ 110.180590][ T6509] bpf_prog_test_run_skb+0x2a0/0x13a0 [ 110.185986][ T6509] ? __pfx_lock_release+0x10/0x10 [ 110.191049][ T6509] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 110.196881][ T6509] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 110.202707][ T6509] bpf_prog_test_run+0x33a/0x3b0 [ 110.207658][ T6509] __sys_bpf+0x48d/0x810 [ 110.211910][ T6509] ? __pfx___sys_bpf+0x10/0x10 [ 110.216698][ T6509] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 110.222682][ T6509] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 110.229032][ T6509] ? do_syscall_64+0x100/0x230 [ 110.233808][ T6509] __x64_sys_bpf+0x7c/0x90 [ 110.238235][ T6509] do_syscall_64+0xf3/0x230 [ 110.242747][ T6509] ? clear_bhb_loop+0x35/0x90 [ 110.247428][ T6509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.253323][ T6509] RIP: 0033:0x7f527987cee9 [ 110.257743][ T6509] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 110.277346][ T6509] RSP: 002b:00007f527a6730c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 110.285766][ T6509] RAX: ffffffffffffffda RBX: 00007f52799b3fa0 RCX: 00007f527987cee9 [ 110.293740][ T6509] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a [ 110.302148][ T6509] RBP: 00007f527a673120 R08: 0000000000000000 R09: 0000000000000000 [ 110.310139][ T6509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.318124][ T6509] R13: 000000000000000b R14: 00007f52799b3fa0 R15: 00007ffd215f15f8 [ 110.326115][ T6509] [ 110.378317][ T6508] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 110.400322][ T6508] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'. [ 110.596034][ T6528] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 110.605854][ T6528] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 110.695020][ T6536] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 110.709218][ T6536] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 110.712527][ T6537] netlink: 17861 bytes leftover after parsing attributes in process `syz-executor.4'. [ 110.748970][ T6537] netlink: 17861 bytes leftover after parsing attributes in process `syz-executor.4'. [ 110.759326][ T6534] netlink: 17861 bytes leftover after parsing attributes in process `syz-executor.4'. [ 110.793552][ T6532] syzkaller0: refused to change device tx_queue_len [ 110.832117][ T6532] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 110.863376][ T6532] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.2'. [ 110.894341][ T6542] FAULT_INJECTION: forcing a failure. [ 110.894341][ T6542] name failslab, interval 1, probability 0, space 0, times 0 [ 110.919593][ T6542] CPU: 0 PID: 6542 Comm: syz-executor.4 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 110.929589][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 110.939647][ T6542] Call Trace: [ 110.942934][ T6542] [ 110.945968][ T6542] dump_stack_lvl+0x241/0x360 [ 110.950658][ T6542] ? __pfx_dump_stack_lvl+0x10/0x10 [ 110.955851][ T6542] ? __pfx__printk+0x10/0x10 [ 110.960433][ T6542] ? __pfx___might_resched+0x10/0x10 [ 110.965734][ T6542] should_fail_ex+0x3b0/0x4e0 [ 110.970439][ T6542] should_failslab+0x9/0x20 [ 110.974971][ T6542] __kmalloc_node_noprof+0xdf/0x440 [ 110.980204][ T6542] ? kvmalloc_node_noprof+0x72/0x190 [ 110.985519][ T6542] kvmalloc_node_noprof+0x72/0x190 [ 110.990652][ T6542] bpf_test_run_xdp_live+0x2a4/0x1e60 [ 110.996045][ T6542] ? __pfx___might_resched+0x10/0x10 [ 111.001350][ T6542] ? __mutex_unlock_slowpath+0x21d/0x750 [ 111.007006][ T6542] ? __pfx_autoremove_wake_function+0x10/0x10 [ 111.013099][ T6542] ? __mutex_unlock_slowpath+0x21d/0x750 [ 111.018768][ T6542] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 111.024779][ T6542] ? __pfx___static_call_update+0x10/0x10 [ 111.030515][ T6542] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 111.036313][ T6542] ? 0xffffffffa0003b40 [ 111.040458][ T6542] ? 0xffffffffa0003b40 [ 111.044648][ T6542] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 111.050592][ T6542] bpf_prog_test_run_xdp+0x80e/0x11b0 [ 111.056007][ T6542] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 111.061845][ T6542] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 111.067667][ T6542] bpf_prog_test_run+0x33a/0x3b0 [ 111.072629][ T6542] __sys_bpf+0x48d/0x810 [ 111.076902][ T6542] ? __pfx___sys_bpf+0x10/0x10 [ 111.081674][ T6542] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 111.087675][ T6542] __x64_sys_bpf+0x7c/0x90 [ 111.092097][ T6542] do_syscall_64+0xf3/0x230 [ 111.096625][ T6542] ? clear_bhb_loop+0x35/0x90 [ 111.101309][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.107210][ T6542] RIP: 0033:0x7f527987cee9 [ 111.111632][ T6542] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 111.131271][ T6542] RSP: 002b:00007f527a6730c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 111.139687][ T6542] RAX: ffffffffffffffda RBX: 00007f52799b3fa0 RCX: 00007f527987cee9 [ 111.147675][ T6542] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a [ 111.155666][ T6542] RBP: 00007f527a673120 R08: 0000000000000000 R09: 0000000000000000 [ 111.163662][ T6542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 111.171648][ T6542] R13: 000000000000000b R14: 00007f52799b3fa0 R15: 00007ffd215f15f8 [ 111.179656][ T6542] [ 111.346495][ T6555] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.4'. [ 111.707919][ T6574] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 112.170617][ T6601] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 112.194390][ T6601] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 112.229938][ T6601] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 112.960008][ T6643] batadv0: entered promiscuous mode [ 113.017647][ T6643] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.548398][ T6677] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 114.775753][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.171620][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.400389][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.522282][ T6705] __nla_validate_parse: 14 callbacks suppressed [ 115.522301][ T6705] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.4'. [ 115.542492][ T6703] validate_nla: 2 callbacks suppressed [ 115.542546][ T6703] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 115.587600][ T6705] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.4'. [ 115.615093][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.714885][ T6705] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.4'. [ 115.757258][ T6705] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.4'. [ 115.780162][ T6710] batadv0: entered promiscuous mode [ 115.816935][ T6705] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.4'. [ 115.857976][ T6711] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.943649][ T5127] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 115.952526][ T5127] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 115.961159][ T5127] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 115.993109][ T5127] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 116.002323][ T5127] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 116.013369][ T5127] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 116.132842][ T6721] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 116.151556][ T11] bridge_slave_1: left allmulticast mode [ 116.157653][ T11] bridge_slave_1: left promiscuous mode [ 116.164670][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.205404][ T11] bridge_slave_0: left allmulticast mode [ 116.217646][ T11] bridge_slave_0: left promiscuous mode [ 116.226933][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.879402][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 116.892847][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 116.904259][ T11] bond0 (unregistering): Released all slaves [ 116.917189][ T6722] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.1'. [ 117.442203][ T6753] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 118.101242][ T5123] Bluetooth: hci3: command tx timeout [ 118.212860][ T6757] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 118.245078][ T6757] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 118.286727][ T6759] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 118.371412][ T6757] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 118.403887][ T6759] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 118.472232][ T11] hsr_slave_0: left promiscuous mode [ 118.506247][ T11] hsr_slave_1: left promiscuous mode [ 118.539078][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 118.566502][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 118.591360][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 118.609132][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 118.697914][ T11] veth1_macvtap: left promiscuous mode [ 118.707069][ T11] veth0_macvtap: left promiscuous mode [ 118.721774][ T11] veth1_vlan: left promiscuous mode [ 118.731146][ T11] veth0_vlan: left promiscuous mode [ 119.797541][ T11] team0 (unregistering): Port device team_slave_1 removed [ 119.857432][ T11] team0 (unregistering): Port device team_slave_0 removed [ 120.173487][ T5123] Bluetooth: hci3: command tx timeout [ 120.228134][ T6757] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 120.252639][ T6712] chnl_net:caif_netlink_parms(): no params data found [ 120.328476][ T6778] »»»»»»: renamed from vlan1 (while UP) [ 120.548518][ T6791] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 120.565895][ T6791] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.4'. [ 120.595444][ T6795] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 120.624572][ T6791] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.4'. [ 120.657266][ T6799] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 120.916554][ T6795] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 120.931086][ T6799] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 120.945120][ T6712] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.958702][ T6712] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.973810][ T6712] bridge_slave_0: entered allmulticast mode [ 120.982523][ T6712] bridge_slave_0: entered promiscuous mode [ 121.001716][ T6800] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 121.017979][ T6804] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 121.031171][ T6712] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.043606][ T6712] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.059139][ T6712] bridge_slave_1: entered allmulticast mode [ 121.076265][ T6712] bridge_slave_1: entered promiscuous mode [ 121.113446][ T6813] syz-executor.1[6813] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.113593][ T6813] syz-executor.1[6813] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.162813][ T6803] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 121.256509][ T6806] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 121.278612][ T6712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 121.332065][ T6712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 121.417443][ T6819] netlink: 'syz-executor.2': attribute type 6 has an invalid length. [ 121.440895][ T6819] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 121.518169][ T6712] team0: Port device team_slave_0 added [ 121.566978][ T6712] team0: Port device team_slave_1 added [ 121.694774][ T6712] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 121.702302][ T6712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.748655][ T6712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 121.798947][ T6712] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 121.813245][ T6712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.854855][ T6712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 122.044622][ T6712] hsr_slave_0: entered promiscuous mode [ 122.063734][ T6712] hsr_slave_1: entered promiscuous mode [ 122.142026][ T6840] [ 122.144398][ T6840] ====================================================== [ 122.151428][ T6840] WARNING: possible circular locking dependency detected [ 122.158460][ T6840] 6.9.0-syzkaller-12123-g531876c80004 #0 Not tainted [ 122.165151][ T6840] ------------------------------------------------------ [ 122.172180][ T6840] syz-executor.1/6840 is trying to acquire lock: [ 122.178517][ T6840] ffff88805ba65220 (&stab->lock){+.-.}-{2:2}, at: sock_map_delete_elem+0x175/0x250 [ 122.187876][ T6840] [ 122.187876][ T6840] but task is already holding lock: [ 122.195253][ T6840] ffff88805d9602b0 (&psock->link_lock){+...}-{2:2}, at: sock_map_unref+0xcc/0x5e0 [ 122.204511][ T6840] [ 122.204511][ T6840] which lock already depends on the new lock. [ 122.204511][ T6840] [ 122.214917][ T6840] [ 122.214917][ T6840] the existing dependency chain (in reverse order) is: [ 122.223919][ T6840] [ 122.223919][ T6840] -> #1 (&psock->link_lock){+...}-{2:2}: [ 122.231743][ T6840] lock_acquire+0x1ed/0x550 [ 122.236770][ T6840] _raw_spin_lock_bh+0x35/0x50 [ 122.242048][ T6840] sock_map_update_common+0x31c/0x5b0 [ 122.247932][ T6840] sock_map_update_elem_sys+0x55f/0x910 [ 122.253996][ T6840] map_update_elem+0x53a/0x6f0 [ 122.259282][ T6840] __sys_bpf+0x76f/0x810 [ 122.264049][ T6840] __x64_sys_bpf+0x7c/0x90 [ 122.268977][ T6840] do_syscall_64+0xf3/0x230 [ 122.273991][ T6840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.280399][ T6840] [ 122.280399][ T6840] -> #0 (&stab->lock){+.-.}-{2:2}: [ 122.287697][ T6840] validate_chain+0x18e0/0x5900 [ 122.293071][ T6840] __lock_acquire+0x1346/0x1fd0 [ 122.298435][ T6840] lock_acquire+0x1ed/0x550 [ 122.303467][ T6840] _raw_spin_lock_bh+0x35/0x50 [ 122.308771][ T6840] sock_map_delete_elem+0x175/0x250 [ 122.314504][ T6840] bpf_prog_5f1d5fee127b8728+0x42/0x4b [ 122.320496][ T6840] bpf_trace_run2+0x2ec/0x540 [ 122.325699][ T6840] kfree+0x2bb/0x360 [ 122.330116][ T6840] sock_map_unref+0x3ac/0x5e0 [ 122.335309][ T6840] sock_hash_delete_elem+0x392/0x400 [ 122.341122][ T6840] map_delete_elem+0x464/0x5e0 [ 122.346404][ T6840] __sys_bpf+0x598/0x810 [ 122.351165][ T6840] __x64_sys_bpf+0x7c/0x90 [ 122.356094][ T6840] do_syscall_64+0xf3/0x230 [ 122.361107][ T6840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.367512][ T6840] [ 122.367512][ T6840] other info that might help us debug this: [ 122.367512][ T6840] [ 122.377743][ T6840] Possible unsafe locking scenario: [ 122.377743][ T6840] [ 122.385184][ T6840] CPU0 CPU1 [ 122.390537][ T6840] ---- ---- [ 122.395896][ T6840] lock(&psock->link_lock); [ 122.400481][ T6840] lock(&stab->lock); [ 122.407073][ T6840] lock(&psock->link_lock); [ 122.414191][ T6840] lock(&stab->lock); [ 122.418264][ T6840] [ 122.418264][ T6840] *** DEADLOCK *** [ 122.418264][ T6840] [ 122.426399][ T6840] 4 locks held by syz-executor.1/6840: [ 122.431841][ T6840] #0: ffffffff8e333e60 (rcu_read_lock){....}-{1:2}, at: map_delete_elem+0x388/0x5e0 [ 122.441325][ T6840] #1: ffff88807bd9d568 (&htab->buckets[i].lock){+.-.}-{2:2}, at: sock_hash_delete_elem+0x17c/0x400 [ 122.452111][ T6840] #2: ffff88805d9602b0 (&psock->link_lock){+...}-{2:2}, at: sock_map_unref+0xcc/0x5e0 [ 122.461771][ T6840] #3: ffffffff8e333e60 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x540 [ 122.471168][ T6840] [ 122.471168][ T6840] stack backtrace: [ 122.477043][ T6840] CPU: 0 PID: 6840 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-12123-g531876c80004 #0 [ 122.487009][ T6840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 122.497060][ T6840] Call Trace: [ 122.500445][ T6840] [ 122.503368][ T6840] dump_stack_lvl+0x241/0x360 [ 122.508066][ T6840] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.513261][ T6840] ? print_circular_bug+0x130/0x1a0 [ 122.518455][ T6840] check_noncircular+0x36a/0x4a0 [ 122.523396][ T6840] ? __pfx_check_noncircular+0x10/0x10 [ 122.528848][ T6840] ? lockdep_lock+0x123/0x2b0 [ 122.533522][ T6840] ? _find_first_zero_bit+0xd3/0x100 [ 122.538802][ T6840] validate_chain+0x18e0/0x5900 [ 122.543647][ T6840] ? __pfx_hlock_conflict+0x10/0x10 [ 122.548847][ T6840] ? check_path+0x21/0x40 [ 122.553168][ T6840] ? check_noncircular+0x259/0x4a0 [ 122.558304][ T6840] ? __pfx_validate_chain+0x10/0x10 [ 122.563493][ T6840] ? __bfs+0x368/0x6f0 [ 122.567559][ T6840] ? lockdep_unlock+0x16a/0x300 [ 122.572397][ T6840] ? __pfx_lockdep_unlock+0x10/0x10 [ 122.577589][ T6840] ? __pfx_validate_chain+0x10/0x10 [ 122.582780][ T6840] ? validate_chain+0x15b1/0x5900 [ 122.587817][ T6840] ? mark_lock+0x9a/0x350 [ 122.592140][ T6840] __lock_acquire+0x1346/0x1fd0 [ 122.597009][ T6840] lock_acquire+0x1ed/0x550 [ 122.601516][ T6840] ? sock_map_delete_elem+0x175/0x250 [ 122.606886][ T6840] ? __lock_acquire+0x1346/0x1fd0 [ 122.611910][ T6840] ? __pfx_lock_acquire+0x10/0x10 [ 122.616930][ T6840] ? sock_map_delete_elem+0x175/0x250 [ 122.622298][ T6840] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 122.628105][ T6840] ? sock_map_delete_elem+0x175/0x250 [ 122.633485][ T6840] _raw_spin_lock_bh+0x35/0x50 [ 122.638256][ T6840] ? sock_map_delete_elem+0x175/0x250 [ 122.643632][ T6840] sock_map_delete_elem+0x175/0x250 [ 122.648842][ T6840] ? __pfx_sock_map_delete_elem+0x10/0x10 [ 122.654568][ T6840] ? bpf_trace_run2+0x1fc/0x540 [ 122.659433][ T6840] bpf_prog_5f1d5fee127b8728+0x42/0x4b [ 122.664896][ T6840] bpf_trace_run2+0x2ec/0x540 [ 122.669590][ T6840] ? __pfx_bpf_trace_run2+0x10/0x10 [ 122.674791][ T6840] ? do_raw_spin_lock+0x14f/0x370 [ 122.679813][ T6840] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 122.685611][ T6840] ? sock_map_unref+0x3ac/0x5e0 [ 122.690455][ T6840] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 122.695822][ T6840] ? sock_map_unref+0x3ac/0x5e0 [ 122.700664][ T6840] kfree+0x2bb/0x360 [ 122.704558][ T6840] sock_map_unref+0x3ac/0x5e0 [ 122.709240][ T6840] sock_hash_delete_elem+0x392/0x400 [ 122.714522][ T6840] ? __pfx_sock_hash_delete_elem+0x10/0x10 [ 122.720326][ T6840] map_delete_elem+0x464/0x5e0 [ 122.725084][ T6840] __sys_bpf+0x598/0x810 [ 122.729326][ T6840] ? __pfx___sys_bpf+0x10/0x10 [ 122.734097][ T6840] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 122.740068][ T6840] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 122.746385][ T6840] ? do_syscall_64+0x100/0x230 [ 122.751145][ T6840] __x64_sys_bpf+0x7c/0x90 [ 122.755559][ T6840] do_syscall_64+0xf3/0x230 [ 122.760053][ T6840] ? clear_bhb_loop+0x35/0x90 [ 122.764723][ T6840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.770605][ T6840] RIP: 0033:0x7f6c3a27cee9 [ 122.775018][ T6840] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 122.794615][ T6840] RSP: 002b:00007f6c3af700c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 122.803019][ T6840] RAX: ffffffffffffffda RBX: 00007f6c3a3b3fa0 RCX: 00007f6c3a27cee9 [ 122.810984][ T6840] RDX: 0000000000000020 RSI: 0000000020000080 RDI: 0000000000000003 [ 122.818952][ T6840] RBP: 00007f6c3a2c947f R08: 0000000000000000 R09: 0000000000000000 [ 122.827006][ T6840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.834971][ T6840] R13: 000000000000000b R14: 00007f6c3a3b3fa0 R15: 00007ffe65e3c2c8 2024/06/01 23:51:59 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 122.842941][ T6840] [ 122.863237][ T5123] Bluetooth: hci3: command tx timeout