last executing test programs: 4.885331162s ago: executing program 3 (id=283): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)='u', 0x1}], 0x1}, 0x4040001) recvmsg$unix(r2, &(0x7f00000038c0)={0x0, 0x0, 0x0}, 0x1) recvmsg$unix(r2, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x10100) 4.653604214s ago: executing program 2 (id=286): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x6e, &(0x7f0000000400)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60828bf700382900fc020000000000000000000000000000ff020000000000000000000000000001"], 0x0) 4.491673643s ago: executing program 2 (id=289): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) 3.915299205s ago: executing program 3 (id=292): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 3.429197851s ago: executing program 2 (id=294): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0) 3.42905181s ago: executing program 3 (id=295): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = openat$cgroup_procs(r0, &(0x7f0000001a80)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000380), 0x12) 3.304922245s ago: executing program 3 (id=296): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb96f37538e486dd637208"], 0xe) 3.177511021s ago: executing program 2 (id=298): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) write$cgroup_subtree(r2, 0x0, 0xfdef) 3.149967899s ago: executing program 4 (id=299): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000100)=0x5, 0x4) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000000)=0xb2, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @local}, 0x1c) 2.897442924s ago: executing program 4 (id=301): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000011c0)='signal_generate\x00', r2}, 0x18) 2.794807143s ago: executing program 1 (id=302): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x8, 0x1}, 0xe) 2.768880115s ago: executing program 4 (id=303): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'}) 2.593452744s ago: executing program 1 (id=304): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x1) bind$inet(r1, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x61) connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0) 1.874519706s ago: executing program 1 (id=308): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x12, &(0x7f0000001100)=0x4, 0x4) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000040), 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c) 1.235580544s ago: executing program 0 (id=314): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c) listen(r1, 0x3) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0) 1.155547549s ago: executing program 0 (id=315): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) close(r1) 1.04942258s ago: executing program 0 (id=316): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000500), 0xffffffffffffffff) 993.889017ms ago: executing program 0 (id=317): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x11, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0) 914.515505ms ago: executing program 1 (id=318): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$xdp(0x2c, 0x3, 0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'}) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) 833.299316ms ago: executing program 0 (id=319): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00') ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) 778.451443ms ago: executing program 0 (id=320): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000d00008500000083000000bf090000000000005509010000000000950020d000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[], 0xfdef) 372.386148ms ago: executing program 3 (id=321): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @any, 0x4, 0x1}, 0xe) 293.380778ms ago: executing program 1 (id=322): r0 = socket(0x2, 0x3, 0x9) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x30, 0x0, 0x7, {[@noop, @timestamp_addr={0x7, 0x15, 0x15, 0x3, 0x0, [{@local}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast}]}]}}}], 0x30}}], 0x2, 0x0) 293.218098ms ago: executing program 4 (id=323): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), 0xffffffffffffffff) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000d0000000c00018008"], 0x20}}, 0x0) 252.341824ms ago: executing program 3 (id=324): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080200000806000805"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r2}, 0x38) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0xfd, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r3}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, &(0x7f0000000040)=""/141, &(0x7f0000000500), &(0x7f0000000280), 0x4, r3}, 0x38) 200.806622ms ago: executing program 1 (id=325): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_START_REQ(r0, 0x0, 0x20000083) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x7, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r0, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x0, 0x400, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40004084}, 0x1) r1 = socket$netlink(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x8, 0x8}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$nl_route(r1, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0) 125.557407ms ago: executing program 4 (id=326): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{@in=@private=0xa010100, 0x0, 0x6c}, 0x0, @in6=@dev, 0x0, 0x4, 0x0, 0x0, 0xb7b0}}, 0xe8) syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0) 125.24435ms ago: executing program 2 (id=327): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r3}, 0x10) write$cgroup_int(r0, &(0x7f0000000200), 0x43451) 82.821516ms ago: executing program 4 (id=328): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x9) r3 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e"], 0x44}}, 0x0) 0s ago: executing program 2 (id=329): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket(0x200000100000011, 0x3, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='signal_generate\x00'}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) socket$vsock_stream(0x28, 0x1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00'}) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'xfrm0\x00'}) setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000480)=0x102, 0x4) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.85' (ED25519) to the list of known hosts. [ 86.154845][ T5821] cgroup: Unknown subsys name 'net' [ 86.307218][ T5821] cgroup: Unknown subsys name 'cpuset' [ 86.315766][ T5821] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 88.078761][ T5821] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 90.421229][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.424752][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.437901][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.446881][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.454617][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.463099][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.463376][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.478948][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.479366][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.492698][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.494151][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.501223][ T5843] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 90.511989][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.517037][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.526003][ T5839] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.534409][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.535982][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.547089][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.551452][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.559260][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.564117][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.571794][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.586867][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.595444][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.596183][ T5843] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 90.604515][ T5839] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 90.610183][ T5843] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.617710][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.633994][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.644103][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.056982][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 91.075636][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 91.132316][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 91.257176][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 91.336282][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 91.350570][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.358636][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.366580][ T5831] bridge_slave_0: entered allmulticast mode [ 91.373883][ T5831] bridge_slave_0: entered promiscuous mode [ 91.439188][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.446451][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.454379][ T5831] bridge_slave_1: entered allmulticast mode [ 91.461176][ T5831] bridge_slave_1: entered promiscuous mode [ 91.468481][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.475842][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.483227][ T5833] bridge_slave_0: entered allmulticast mode [ 91.490161][ T5833] bridge_slave_0: entered promiscuous mode [ 91.497305][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.504676][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.511932][ T5841] bridge_slave_0: entered allmulticast mode [ 91.519045][ T5841] bridge_slave_0: entered promiscuous mode [ 91.531066][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.538287][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.545590][ T5841] bridge_slave_1: entered allmulticast mode [ 91.552293][ T5841] bridge_slave_1: entered promiscuous mode [ 91.593684][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.600824][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.613412][ T5833] bridge_slave_1: entered allmulticast mode [ 91.620244][ T5833] bridge_slave_1: entered promiscuous mode [ 91.666783][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.674113][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.681304][ T5847] bridge_slave_0: entered allmulticast mode [ 91.689194][ T5847] bridge_slave_0: entered promiscuous mode [ 91.697156][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.704657][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.711859][ T5847] bridge_slave_1: entered allmulticast mode [ 91.719142][ T5847] bridge_slave_1: entered promiscuous mode [ 91.728346][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.740063][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.774949][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.812530][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.837584][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.858853][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.888419][ T5831] team0: Port device team_slave_0 added [ 91.897134][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.926725][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.948248][ T5841] team0: Port device team_slave_0 added [ 91.956590][ T5831] team0: Port device team_slave_1 added [ 91.964626][ T5841] team0: Port device team_slave_1 added [ 91.989367][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.997178][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.005085][ T5832] bridge_slave_0: entered allmulticast mode [ 92.011981][ T5832] bridge_slave_0: entered promiscuous mode [ 92.033242][ T5847] team0: Port device team_slave_0 added [ 92.066507][ T5833] team0: Port device team_slave_0 added [ 92.073927][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.080921][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.107675][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.132769][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.140608][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.148260][ T5832] bridge_slave_1: entered allmulticast mode [ 92.155573][ T5832] bridge_slave_1: entered promiscuous mode [ 92.165619][ T25] cfg80211: failed to load regulatory.db [ 92.180216][ T5847] team0: Port device team_slave_1 added [ 92.196970][ T5833] team0: Port device team_slave_1 added [ 92.203628][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.210660][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.240274][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.282367][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.289820][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.316091][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.356161][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.368185][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.378267][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.386251][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.412835][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.425530][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.432679][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.458684][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.470289][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.477579][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.504233][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.516255][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.523317][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.549958][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.562283][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.569672][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.596008][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.633977][ T5843] Bluetooth: hci2: command tx timeout [ 92.673962][ T5847] hsr_slave_0: entered promiscuous mode [ 92.680939][ T5847] hsr_slave_1: entered promiscuous mode [ 92.698778][ T5832] team0: Port device team_slave_0 added [ 92.711716][ T5832] team0: Port device team_slave_1 added [ 92.717457][ T5843] Bluetooth: hci1: command tx timeout [ 92.717827][ T5843] Bluetooth: hci3: command tx timeout [ 92.723284][ T54] Bluetooth: hci4: command tx timeout [ 92.729039][ T5843] Bluetooth: hci0: command tx timeout [ 92.754331][ T5841] hsr_slave_0: entered promiscuous mode [ 92.761230][ T5841] hsr_slave_1: entered promiscuous mode [ 92.769907][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.778258][ T5841] Cannot create hsr debugfs directory [ 92.807596][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.814770][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.840977][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.868219][ T5831] hsr_slave_0: entered promiscuous mode [ 92.875484][ T5831] hsr_slave_1: entered promiscuous mode [ 92.881801][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.889453][ T5831] Cannot create hsr debugfs directory [ 92.913349][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.920435][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.950634][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.014993][ T5833] hsr_slave_0: entered promiscuous mode [ 93.021421][ T5833] hsr_slave_1: entered promiscuous mode [ 93.027997][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.036195][ T5833] Cannot create hsr debugfs directory [ 93.183296][ T5832] hsr_slave_0: entered promiscuous mode [ 93.189728][ T5832] hsr_slave_1: entered promiscuous mode [ 93.196718][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.204731][ T5832] Cannot create hsr debugfs directory [ 93.438909][ T5841] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 93.450164][ T5841] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 93.480468][ T5841] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.506060][ T5841] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.545520][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.571971][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.590461][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.608320][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.644704][ T5847] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 93.668353][ T5847] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 93.692159][ T5847] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 93.704196][ T5847] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 93.779912][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.789316][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.811041][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.846897][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.898549][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.922455][ T5832] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.931845][ T5832] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.955741][ T5832] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.978477][ T5832] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 94.008716][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.035219][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.042582][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.052351][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.059488][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.077690][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.172492][ T5841] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 94.192761][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.210689][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.227345][ T3058] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.234521][ T3058] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.310513][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.317827][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.351542][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.377269][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.427323][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.434506][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.488758][ T3605] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.495972][ T3605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.510161][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.526039][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.558848][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.577717][ T3605] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.584881][ T3605] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.604600][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.634472][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.641593][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.708610][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.715788][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.724121][ T5843] Bluetooth: hci2: command tx timeout [ 94.728010][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.736868][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.789281][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.796939][ T5843] Bluetooth: hci4: command tx timeout [ 94.802399][ T5838] Bluetooth: hci3: command tx timeout [ 94.802432][ T5839] Bluetooth: hci0: command tx timeout [ 94.814352][ T54] Bluetooth: hci1: command tx timeout [ 94.851644][ T5841] veth0_vlan: entered promiscuous mode [ 94.930316][ T5841] veth1_vlan: entered promiscuous mode [ 95.021595][ T5831] veth0_vlan: entered promiscuous mode [ 95.057013][ T5831] veth1_vlan: entered promiscuous mode [ 95.072104][ T5841] veth0_macvtap: entered promiscuous mode [ 95.124908][ T5841] veth1_macvtap: entered promiscuous mode [ 95.171779][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.225931][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.244787][ T5831] veth0_macvtap: entered promiscuous mode [ 95.276216][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.292998][ T5831] veth1_macvtap: entered promiscuous mode [ 95.311834][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.326131][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.337568][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.358146][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.367584][ T5841] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.382789][ T5841] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.395127][ T5841] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.406804][ T5841] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.449066][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.470026][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.482832][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.500747][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.526605][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.536759][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.545794][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.555841][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.648832][ T5833] veth0_vlan: entered promiscuous mode [ 95.698631][ T5833] veth1_vlan: entered promiscuous mode [ 95.795084][ T3460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.802501][ T5847] veth0_vlan: entered promiscuous mode [ 95.803627][ T3460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.857336][ T3058] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.862032][ T5847] veth1_vlan: entered promiscuous mode [ 95.873459][ T1011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.887017][ T3058] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.887723][ T1011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.909909][ T5832] veth0_vlan: entered promiscuous mode [ 95.955826][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 96.012799][ T5833] veth0_macvtap: entered promiscuous mode [ 96.024401][ T5832] veth1_vlan: entered promiscuous mode [ 96.048509][ T5847] veth0_macvtap: entered promiscuous mode [ 96.055648][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.058962][ T5833] veth1_macvtap: entered promiscuous mode [ 96.092565][ T5847] veth1_macvtap: entered promiscuous mode [ 96.093999][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.172603][ T5832] veth0_macvtap: entered promiscuous mode [ 96.185725][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.202489][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.222801][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.245039][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.263586][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.283368][ T5832] veth1_macvtap: entered promiscuous mode [ 96.290586][ T5914] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4'. [ 96.310668][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.333014][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.351028][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.364582][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.374925][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.386814][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.401240][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.431895][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.443498][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.467129][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.489535][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.500306][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.510938][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.521536][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.532757][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.545084][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.555577][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.569564][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.580687][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.592143][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.604399][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.614139][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.624775][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.636784][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.647777][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.657874][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.668541][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.680013][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.726149][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.742268][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.752767][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.770019][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.780032][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.791732][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.813030][ T5839] Bluetooth: hci2: command tx timeout [ 96.819185][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.836090][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.849957][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.863893][ T5847] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.872835][ T5847] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.874091][ T5839] Bluetooth: hci0: command tx timeout [ 96.888471][ T54] Bluetooth: hci1: command tx timeout [ 96.888632][ T5843] Bluetooth: hci4: command tx timeout [ 96.900106][ T5838] Bluetooth: hci3: command tx timeout [ 96.933044][ T5847] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.949624][ T5847] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.995700][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.005406][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.022070][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.046075][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.067212][ T5832] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.081310][ T5832] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.111155][ T5832] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.120607][ T5832] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.338805][ T3460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.354622][ T3460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.379337][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.391203][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.535077][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.580683][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.615230][ T5932] sctp: [Deprecated]: syz.0.9 (pid 5932) Use of int in maxseg socket option. [ 97.615230][ T5932] Use struct sctp_assoc_value instead [ 97.647736][ T1011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.673140][ T1011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.718939][ T3058] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.745948][ T3058] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.782218][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.828092][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.011639][ T5937] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.131188][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 98.165321][ T5939] xt_SECMARK: invalid mode: 0 [ 98.375409][ T5941] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 98.482334][ T5947] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.785337][ T5937] vxcan3: entered allmulticast mode [ 98.874953][ T5843] Bluetooth: hci2: command tx timeout [ 98.954951][ T5843] Bluetooth: hci1: command tx timeout [ 98.961187][ T5838] Bluetooth: hci0: command tx timeout [ 98.967849][ T5838] Bluetooth: hci4: command tx timeout [ 98.973114][ T54] Bluetooth: hci3: command tx timeout [ 100.551075][ T5976] bond_slave_0: entered promiscuous mode [ 100.557415][ T5976] bond_slave_1: entered promiscuous mode [ 100.573202][ T5976] macsec1: entered promiscuous mode [ 100.578501][ T5976] bond0: entered promiscuous mode [ 100.592325][ T5976] macsec1: entered allmulticast mode [ 100.623462][ T5976] bond0: entered allmulticast mode [ 100.628687][ T5976] bond_slave_0: entered allmulticast mode [ 100.643347][ T5976] bond_slave_1: entered allmulticast mode [ 100.664145][ T5976] bond0: left allmulticast mode [ 100.669082][ T5976] bond_slave_0: left allmulticast mode [ 100.680993][ T5976] bond_slave_1: left allmulticast mode [ 100.688452][ T5976] bond0: left promiscuous mode [ 100.694548][ T5976] bond_slave_0: left promiscuous mode [ 100.700050][ T5976] bond_slave_1: left promiscuous mode [ 101.026998][ T6001] FAULT_INJECTION: forcing a failure. [ 101.026998][ T6001] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 101.129932][ T6001] CPU: 0 UID: 0 PID: 6001 Comm: syz.0.25 Not tainted 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 [ 101.140511][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 101.150799][ T6001] Call Trace: [ 101.154112][ T6001] [ 101.157078][ T6001] dump_stack_lvl+0x241/0x360 [ 101.161823][ T6001] ? __pfx_dump_stack_lvl+0x10/0x10 [ 101.167068][ T6001] ? __pfx__printk+0x10/0x10 [ 101.171714][ T6001] ? __pfx_lock_release+0x10/0x10 [ 101.176878][ T6001] should_fail_ex+0x3b0/0x4e0 [ 101.181636][ T6001] _copy_from_user+0x2f/0xc0 [ 101.186418][ T6001] do_ipt_set_ctl+0x731/0x1250 [ 101.191247][ T6001] ? __pfx___mutex_trylock_common+0x10/0x10 [ 101.197201][ T6001] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 101.202460][ T6001] ? __pfx_lock_release+0x10/0x10 [ 101.207541][ T6001] ? rcu_is_watching+0x15/0xb0 [ 101.212377][ T6001] ? trace_contention_end+0x3c/0x120 [ 101.217743][ T6001] ? __mutex_unlock_slowpath+0x21e/0x790 [ 101.223435][ T6001] ? __pfx___mutex_lock+0x10/0x10 [ 101.228520][ T6001] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 101.234561][ T6001] ? aa_sk_perm+0x96d/0xab0 [ 101.239131][ T6001] ? vfs_write+0x730/0xd30 [ 101.243608][ T6001] ? __pfx_aa_sk_perm+0x10/0x10 [ 101.248522][ T6001] nf_setsockopt+0x295/0x2c0 [ 101.253182][ T6001] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 101.259132][ T6001] do_sock_setsockopt+0x3af/0x720 [ 101.264208][ T6001] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 101.269813][ T6001] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 101.275861][ T6001] __x64_sys_setsockopt+0x1ee/0x280 [ 101.281559][ T6001] do_syscall_64+0xf3/0x230 [ 101.286112][ T6001] ? clear_bhb_loop+0x35/0x90 [ 101.290840][ T6001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.296870][ T6001] RIP: 0033:0x7fc49137ff19 [ 101.301337][ T6001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.304585][ T6012] netlink: 12 bytes leftover after parsing attributes in process `syz.4.28'. [ 101.320983][ T6001] RSP: 002b:00007fc49214d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 101.321021][ T6001] RAX: ffffffffffffffda RBX: 00007fc491545fa0 RCX: 00007fc49137ff19 [ 101.321040][ T6001] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004 [ 101.321054][ T6001] RBP: 00007fc49214d0a0 R08: 00000000000002d8 R09: 0000000000000000 [ 101.321069][ T6001] R10: 0000000020000740 R11: 0000000000000246 R12: 0000000000000001 [ 101.321084][ T6001] R13: 0000000000000000 R14: 00007fc491545fa0 R15: 00007ffe810fb9f8 [ 101.321115][ T6001] [ 102.210512][ T6036] xt_SECMARK: invalid mode: 0 [ 102.480994][ T6043] vxcan3: entered allmulticast mode [ 102.674381][ T6051] netlink: 24 bytes leftover after parsing attributes in process `syz.2.43'. [ 102.684915][ T6053] netlink: 'syz.4.44': attribute type 2 has an invalid length. [ 102.725105][ T6050] netlink: 12 bytes leftover after parsing attributes in process `syz.0.45'. [ 102.743198][ T6050] netlink: 7 bytes leftover after parsing attributes in process `syz.0.45'. [ 102.816303][ T6050] mac80211_hwsim hwsim3 wlan0: entered promiscuous mode [ 103.204177][ T6070] netlink: 52 bytes leftover after parsing attributes in process `syz.2.51'. [ 103.281534][ T6072] netlink: 60 bytes leftover after parsing attributes in process `syz.2.51'. [ 103.670994][ T6073] Zero length message leads to an empty skb [ 104.427892][ T6068] bridge1: entered allmulticast mode [ 104.618519][ T6078] netlink: 'syz.1.53': attribute type 10 has an invalid length. [ 104.736907][ T6078] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.780987][ T6078] bond0: (slave team0): Enslaving as an active interface with an up link [ 104.821720][ T6083] netlink: 28 bytes leftover after parsing attributes in process `syz.2.55'. [ 104.849340][ T6083] netlink: 28 bytes leftover after parsing attributes in process `syz.2.55'. [ 104.920531][ T6081] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:bc3a:abff:fe21:1f3a error=-28 [ 104.988453][ T6088] xt_SECMARK: invalid mode: 0 [ 105.170334][ T6093] vxcan3: entered allmulticast mode [ 105.262647][ T6081] infiniband syz1: set active [ 105.269291][ T6081] infiniband syz1: added team_slave_0 [ 105.309107][ T6099] netlink: 'syz.3.61': attribute type 1 has an invalid length. [ 105.349383][ T6081] RDS/IB: syz1: added [ 105.350467][ T6099] veth2: entered allmulticast mode [ 105.355960][ T6081] smc: adding ib device syz1 with port count 1 [ 105.373395][ T6081] smc: ib device syz1 port 1 has pnetid [ 105.662590][ T6109] Unsupported ieee802154 address type: 0 [ 106.960781][ T6102] batadv1: entered promiscuous mode [ 106.966266][ T6102] batadv1: entered allmulticast mode [ 107.149786][ T6132] Cannot find del_set index 4 as target [ 107.318752][ T6142] ip6gretap0: entered promiscuous mode [ 107.353284][ T6142] macsec1: entered promiscuous mode [ 107.369017][ T6142] macsec1: entered allmulticast mode [ 107.384955][ T6142] ip6gretap0: entered allmulticast mode [ 107.423363][ T6142] ip6gretap0: left allmulticast mode [ 107.429530][ T6142] ip6gretap0: left promiscuous mode [ 107.435177][ T6146] netlink: 'syz.4.76': attribute type 10 has an invalid length. [ 107.480407][ T6144] vcan0: entered promiscuous mode [ 107.492281][ T6144] vcan0: left promiscuous mode [ 107.841627][ T6156] netlink: 60 bytes leftover after parsing attributes in process `syz.2.81'. [ 108.098825][ T6167] FAULT_INJECTION: forcing a failure. [ 108.098825][ T6167] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 108.126910][ T6167] CPU: 1 UID: 0 PID: 6167 Comm: syz.2.84 Not tainted 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 [ 108.137660][ T6167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 108.147860][ T6167] Call Trace: [ 108.151189][ T6167] [ 108.154157][ T6167] dump_stack_lvl+0x241/0x360 [ 108.158993][ T6167] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.164253][ T6167] ? __pfx__printk+0x10/0x10 [ 108.168919][ T6167] ? snprintf+0xda/0x120 [ 108.173195][ T6167] should_fail_ex+0x3b0/0x4e0 [ 108.177956][ T6167] _copy_to_user+0x31/0xb0 [ 108.182462][ T6167] simple_read_from_buffer+0xca/0x150 [ 108.187885][ T6167] proc_fail_nth_read+0x1e9/0x250 [ 108.193210][ T6167] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 108.198830][ T6167] ? rw_verify_area+0x55e/0x6f0 [ 108.203719][ T6167] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 108.209293][ T6167] vfs_read+0x1fc/0xb70 [ 108.213576][ T6167] ? do_sock_setsockopt+0x3e2/0x720 [ 108.218815][ T6167] ? __pfx_vfs_read+0x10/0x10 [ 108.223691][ T6167] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 108.229647][ T6167] ? do_sock_setsockopt+0x3e2/0x720 [ 108.234972][ T6167] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 108.240671][ T6167] ksys_read+0x18f/0x2b0 [ 108.244936][ T6167] ? __pfx_ksys_read+0x10/0x10 [ 108.249819][ T6167] ? do_syscall_64+0x100/0x230 [ 108.254605][ T6167] ? do_syscall_64+0xb6/0x230 [ 108.259318][ T6167] do_syscall_64+0xf3/0x230 [ 108.263867][ T6167] ? clear_bhb_loop+0x35/0x90 [ 108.268592][ T6167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.274784][ T6167] RIP: 0033:0x7f3e6117e92c [ 108.279233][ T6167] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 108.299322][ T6167] RSP: 002b:00007f3e61ece050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 108.307945][ T6167] RAX: ffffffffffffffda RBX: 00007f3e61345fa0 RCX: 00007f3e6117e92c [ 108.315937][ T6167] RDX: 000000000000000f RSI: 00007f3e61ece0b0 RDI: 0000000000000005 [ 108.323941][ T6167] RBP: 00007f3e61ece0a0 R08: 0000000000000000 R09: 0000000000000000 [ 108.332060][ T6167] R10: 0000000020000740 R11: 0000000000000246 R12: 0000000000000001 [ 108.340042][ T6167] R13: 0000000000000000 R14: 00007f3e61345fa0 R15: 00007ffe772130e8 [ 108.348123][ T6167] [ 108.509400][ T6168] GUP no longer grows the stack in syz.4.85 (6168): 20006000-2000a000 (20005000) [ 108.537779][ T6170] netlink: 'syz.1.86': attribute type 39 has an invalid length. [ 108.556577][ T6168] CPU: 0 UID: 0 PID: 6168 Comm: syz.4.85 Not tainted 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 [ 108.567276][ T6168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 108.577735][ T6168] Call Trace: [ 108.581266][ T6168] [ 108.585056][ T6168] dump_stack_lvl+0x241/0x360 [ 108.590334][ T6168] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.595898][ T6168] ? __pfx__printk+0x10/0x10 [ 108.600843][ T6168] ? find_vma+0xf9/0x170 [ 108.605885][ T6168] ? vma_is_secretmem+0xd/0x50 [ 108.610857][ T6168] ? check_vma_flags+0x52b/0x5a0 [ 108.616122][ T6168] __get_user_pages+0x4385/0x49e0 [ 108.621434][ T6168] ? 0xffffffffa0001dd0 [ 108.625639][ T6168] ? __pfx___get_user_pages+0x10/0x10 [ 108.631048][ T6168] __gup_longterm_locked+0x49a/0x17f0 [ 108.636634][ T6168] ? __pfx___might_resched+0x10/0x10 [ 108.642076][ T6168] ? __pfx___gup_longterm_locked+0x10/0x10 [ 108.647926][ T6168] ? down_read+0x82b/0xa40 [ 108.652386][ T6168] ? is_valid_gup_args+0x124/0x200 [ 108.657577][ T6168] pin_user_pages+0x137/0x1f0 [ 108.662847][ T6168] ? __pfx_pin_user_pages+0x10/0x10 [ 108.668206][ T6168] ? trace_kmalloc+0x1f/0xd0 [ 108.672953][ T6168] xdp_umem_create+0x978/0xf30 [ 108.677806][ T6168] xsk_setsockopt+0x732/0x950 [ 108.682529][ T6168] ? __pfx_xsk_setsockopt+0x10/0x10 [ 108.687883][ T6168] ? __pfx_lock_acquire+0x10/0x10 [ 108.693047][ T6168] ? aa_sock_opt_perm+0x79/0x120 [ 108.698191][ T6168] ? __pfx_xsk_setsockopt+0x10/0x10 [ 108.703869][ T6168] do_sock_setsockopt+0x3af/0x720 [ 108.709013][ T6168] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 108.714853][ T6168] ? __fget_files+0x395/0x410 [ 108.719722][ T6168] ? __fget_files+0x2a/0x410 [ 108.724339][ T6168] __x64_sys_setsockopt+0x1ee/0x280 [ 108.729732][ T6168] do_syscall_64+0xf3/0x230 [ 108.734249][ T6168] ? clear_bhb_loop+0x35/0x90 [ 108.738944][ T6168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.744885][ T6168] RIP: 0033:0x7ff5f837ff19 [ 108.749322][ T6168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.769121][ T6168] RSP: 002b:00007ff5f9138058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 108.777653][ T6168] RAX: ffffffffffffffda RBX: 00007ff5f8545fa0 RCX: 00007ff5f837ff19 [ 108.785649][ T6168] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000008 [ 108.793659][ T6168] RBP: 00007ff5f83f3cc8 R08: 0000000000000020 R09: 0000000000000000 [ 108.801925][ T6168] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000 [ 108.810126][ T6168] R13: 0000000000000000 R14: 00007ff5f8545fa0 R15: 00007ffca4c45078 [ 108.818248][ T6168] [ 109.104245][ T6180] netlink: 'syz.0.90': attribute type 1 has an invalid length. [ 109.114268][ T6180] netlink: 224 bytes leftover after parsing attributes in process `syz.0.90'. [ 109.151152][ T6182] netlink: 24 bytes leftover after parsing attributes in process `syz.3.89'. [ 109.319478][ T6184] syz.2.91 uses obsolete (PF_INET,SOCK_PACKET) [ 109.376141][ T6190] netlink: 8 bytes leftover after parsing attributes in process `syz.3.94'. [ 109.400531][ T6190] netlink: 20 bytes leftover after parsing attributes in process `syz.3.94'. [ 109.657810][ T6199] netlink: 12 bytes leftover after parsing attributes in process `syz.3.98'. [ 110.395552][ T6230] IPVS: set_ctl: invalid protocol: 33 0.0.0.0:20000 [ 110.492813][ T6232] netlink: 'syz.2.110': attribute type 21 has an invalid length. [ 110.551054][ T6232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.110'. [ 110.882423][ T6232] team0 (unregistering): Port device team_slave_0 removed [ 110.899987][ T6232] team0 (unregistering): Port device team_slave_1 removed [ 110.940241][ T6240] netlink: 8 bytes leftover after parsing attributes in process `syz.0.112'. [ 111.210804][ T6252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.118'. [ 111.266709][ T6254] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.117'. [ 111.300104][ T6254] openvswitch: netlink: Message has 8 unknown bytes. [ 111.803882][ T6269] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 112.101167][ T6281] xt_SECMARK: invalid mode: 0 [ 112.462755][ T6281] vxcan3: entered allmulticast mode [ 112.651392][ T6293] tipc: Started in network mode [ 112.689685][ T6293] tipc: Node identity e0000001, cluster identity 4711 [ 112.699048][ T6293] tipc: Enabling of bearer rejected, failed to enable media [ 112.841549][ T6302] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 112.912517][ T6302] x_tables: duplicate underflow at hook 2 [ 114.128315][ T6296] netlink: 'syz.0.128': attribute type 4 has an invalid length. [ 114.309283][ T6315] Unsupported ieee802154 address type: 0 [ 114.485414][ T6321] netlink: 'syz.0.137': attribute type 10 has an invalid length. [ 114.515448][ T6325] Cannot find del_set index 0 as target [ 114.564127][ T6321] team0: Failed to send options change via netlink (err -105) [ 114.594666][ T6332] netlink: 'syz.0.137': attribute type 10 has an invalid length. [ 114.635379][ T6321] team0: Port device netdevsim0 added [ 114.657930][ T6332] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 114.669738][ T6335] __nla_validate_parse: 2 callbacks suppressed [ 114.669759][ T6335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.142'. [ 114.689362][ T6332] team0: Failed to send options change via netlink (err -105) [ 114.697733][ T6332] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 114.708152][ T6332] team0: Port device netdevsim0 removed [ 115.069498][ T6349] netlink: 'syz.0.148': attribute type 7 has an invalid length. [ 115.210000][ T6358] xt_hashlimit: overflow, rate too high: 0 [ 115.222504][ T6359] netlink: 'syz.1.150': attribute type 4 has an invalid length. [ 115.486686][ T6378] netlink: zone id is out of range [ 115.507023][ T6378] netlink: zone id is out of range [ 115.522743][ T6378] netlink: zone id is out of range [ 115.531900][ T6380] FAULT_INJECTION: forcing a failure. [ 115.531900][ T6380] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 115.532990][ T6378] netlink: set zone limit has 4 unknown bytes [ 115.568119][ T6380] CPU: 0 UID: 0 PID: 6380 Comm: syz.0.156 Not tainted 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 [ 115.578787][ T6380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 115.588885][ T6380] Call Trace: [ 115.592205][ T6380] [ 115.595180][ T6380] dump_stack_lvl+0x241/0x360 [ 115.599920][ T6380] ? __pfx_dump_stack_lvl+0x10/0x10 [ 115.605175][ T6380] ? __pfx__printk+0x10/0x10 [ 115.609822][ T6380] ? __pfx_lock_release+0x10/0x10 [ 115.614911][ T6380] should_fail_ex+0x3b0/0x4e0 [ 115.618386][ T6370] gtp0: entered promiscuous mode [ 115.619614][ T6380] _copy_from_user+0x2f/0xc0 [ 115.629260][ T6380] copy_msghdr_from_user+0xae/0x680 [ 115.634492][ T6380] ? __pfx___might_resched+0x10/0x10 [ 115.639799][ T6380] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 115.645638][ T6380] ? do_recvmmsg+0x44e/0xab0 [ 115.650252][ T6380] ? __might_fault+0xaa/0x120 [ 115.654956][ T6380] do_recvmmsg+0x3bd/0xab0 [ 115.659404][ T6380] ? __pfx_do_recvmmsg+0x10/0x10 [ 115.664381][ T6380] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 115.670306][ T6380] ? ksys_write+0x22a/0x2b0 [ 115.674829][ T6380] ? __pfx_lock_release+0x10/0x10 [ 115.680083][ T6380] ? vfs_write+0x730/0xd30 [ 115.684528][ T6380] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 115.690520][ T6380] ? __fget_files+0x2a/0x410 [ 115.695147][ T6380] __x64_sys_recvmmsg+0x199/0x250 [ 115.700215][ T6380] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 115.705957][ T6380] ? do_syscall_64+0x100/0x230 [ 115.710750][ T6380] ? do_syscall_64+0xb6/0x230 [ 115.715454][ T6380] do_syscall_64+0xf3/0x230 [ 115.719986][ T6380] ? clear_bhb_loop+0x35/0x90 [ 115.724703][ T6380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.730627][ T6380] RIP: 0033:0x7fc49137ff19 [ 115.735067][ T6380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.754721][ T6380] RSP: 002b:00007fc49214d058 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 115.763159][ T6380] RAX: ffffffffffffffda RBX: 00007fc491545fa0 RCX: 00007fc49137ff19 [ 115.771228][ T6380] RDX: 03ffffffffffff62 RSI: 00000000200005c0 RDI: 0000000000000006 [ 115.779211][ T6380] RBP: 00007fc49214d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 115.787203][ T6380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 115.795182][ T6380] R13: 0000000000000000 R14: 00007fc491545fa0 R15: 00007ffe810fb9f8 [ 115.803181][ T6380] [ 115.863613][ T6385] sctp: [Deprecated]: syz.4.158 (pid 6385) Use of int in max_burst socket option. [ 115.863613][ T6385] Use struct sctp_assoc_value instead [ 116.048252][ T6393] xt_CONNSECMARK: invalid mode: 0 [ 116.074343][ T6396] netlink: 'syz.1.162': attribute type 7 has an invalid length. [ 116.098876][ T6395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.160'. [ 116.490626][ T6410] geneve2: entered promiscuous mode [ 116.497394][ T6410] geneve2: entered allmulticast mode [ 116.514502][ T6414] netlink: 'syz.4.167': attribute type 4 has an invalid length. [ 116.541341][ T6414] netlink: 'syz.4.167': attribute type 4 has an invalid length. [ 116.560121][ T6416] geneve2: entered promiscuous mode [ 116.566158][ T6416] geneve2: entered allmulticast mode [ 116.604313][ T6418] netlink: 'syz.1.169': attribute type 4 has an invalid length. [ 116.667720][ T6416] netlink: 'syz.1.169': attribute type 4 has an invalid length. [ 117.036328][ T6428] netlink: 8 bytes leftover after parsing attributes in process `syz.3.174'. [ 117.381827][ T6449] netlink: 12 bytes leftover after parsing attributes in process `syz.0.182'. [ 117.441159][ T6441] xt_SECMARK: invalid mode: 0 [ 117.493381][ T6449] x_tables: ip_tables: osf match: only valid for protocol 6 [ 117.621602][ T6441] vxcan3: entered allmulticast mode [ 119.888089][ T6506] validate_nla: 2 callbacks suppressed [ 119.888134][ T6506] netlink: 'syz.1.201': attribute type 7 has an invalid length. [ 120.311616][ T6530] netlink: 'syz.1.212': attribute type 10 has an invalid length. [ 120.349136][ T6530] team0: Failed to send options change via netlink (err -105) [ 120.370642][ T6530] team0: Port device netdevsim0 added [ 120.370905][ T6532] netlink: 'syz.1.212': attribute type 10 has an invalid length. [ 120.416382][ T6532] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 120.442712][ T6532] team0: Failed to send options change via netlink (err -105) [ 120.452355][ T6532] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 120.464113][ T6532] team0: Port device netdevsim0 removed [ 120.470575][ T6536] netlink: 'syz.3.214': attribute type 7 has an invalid length. [ 120.680317][ T6542] netlink: 'syz.0.217': attribute type 3 has an invalid length. [ 120.822357][ T6550] tipc: Started in network mode [ 120.827417][ T6550] tipc: Node identity 1, cluster identity 4711 [ 120.860878][ T6550] tipc: Node number set to 1 [ 120.868155][ T6550] tipc: Cannot configure node identity twice [ 121.018192][ T6562] netlink: 'syz.0.225': attribute type 7 has an invalid length. [ 121.486736][ T6582] netlink: 'syz.1.231': attribute type 1 has an invalid length. [ 121.531512][ T6584] veth1_macvtap: left promiscuous mode [ 121.544727][ T6583] macsec0: entered allmulticast mode [ 121.791870][ T6591] FAULT_INJECTION: forcing a failure. [ 121.791870][ T6591] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 121.819859][ T6591] CPU: 0 UID: 0 PID: 6591 Comm: syz.0.233 Not tainted 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 [ 121.830608][ T6591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 121.840718][ T6591] Call Trace: [ 121.844019][ T6591] [ 121.846978][ T6591] dump_stack_lvl+0x241/0x360 [ 121.851703][ T6591] ? __pfx_dump_stack_lvl+0x10/0x10 [ 121.856985][ T6591] ? __pfx__printk+0x10/0x10 [ 121.861608][ T6591] ? __pfx_lock_release+0x10/0x10 [ 121.866764][ T6591] should_fail_ex+0x3b0/0x4e0 [ 121.871489][ T6591] _copy_from_user+0x2f/0xc0 [ 121.876140][ T6591] do_ipt_set_ctl+0x731/0x1250 [ 121.880958][ T6591] ? __pfx___mutex_trylock_common+0x10/0x10 [ 121.886902][ T6591] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 121.892169][ T6591] ? __pfx_lock_release+0x10/0x10 [ 121.897380][ T6591] ? rcu_is_watching+0x15/0xb0 [ 121.902183][ T6591] ? trace_contention_end+0x3c/0x120 [ 121.907526][ T6591] ? __mutex_unlock_slowpath+0x21e/0x790 [ 121.913215][ T6591] ? __pfx___mutex_lock+0x10/0x10 [ 121.918388][ T6591] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 121.924411][ T6591] ? aa_sk_perm+0x96d/0xab0 [ 121.928963][ T6591] ? vfs_write+0x730/0xd30 [ 121.933423][ T6591] ? __pfx_aa_sk_perm+0x10/0x10 [ 121.938334][ T6591] nf_setsockopt+0x295/0x2c0 [ 121.942983][ T6591] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 121.948923][ T6591] do_sock_setsockopt+0x3af/0x720 [ 121.953986][ T6591] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 121.959569][ T6591] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 121.965599][ T6591] __x64_sys_setsockopt+0x1ee/0x280 [ 121.970855][ T6591] do_syscall_64+0xf3/0x230 [ 121.975397][ T6591] ? clear_bhb_loop+0x35/0x90 [ 121.980114][ T6591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.986141][ T6591] RIP: 0033:0x7fc49137ff19 [ 121.990602][ T6591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.010246][ T6591] RSP: 002b:00007fc49214d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 122.018808][ T6591] RAX: ffffffffffffffda RBX: 00007fc491545fa0 RCX: 00007fc49137ff19 [ 122.026820][ T6591] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005 [ 122.034832][ T6591] RBP: 00007fc49214d0a0 R08: 00000000000002d8 R09: 0000000000000000 [ 122.042842][ T6591] R10: 0000000020000740 R11: 0000000000000246 R12: 0000000000000001 [ 122.050844][ T6591] R13: 0000000000000000 R14: 00007fc491545fa0 R15: 00007ffe810fb9f8 [ 122.058851][ T6591] [ 122.218448][ T6600] netlink: 'syz.3.237': attribute type 7 has an invalid length. [ 122.254785][ T6602] FAULT_INJECTION: forcing a failure. [ 122.254785][ T6602] name failslab, interval 1, probability 0, space 0, times 1 [ 122.284561][ T6602] CPU: 0 UID: 0 PID: 6602 Comm: syz.4.238 Not tainted 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 [ 122.295327][ T6602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 122.305435][ T6602] Call Trace: [ 122.308760][ T6602] [ 122.311730][ T6602] dump_stack_lvl+0x241/0x360 [ 122.316469][ T6602] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.321720][ T6602] ? __pfx__printk+0x10/0x10 [ 122.326364][ T6602] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 122.332398][ T6602] ? __pfx___might_resched+0x10/0x10 [ 122.337751][ T6602] should_fail_ex+0x3b0/0x4e0 [ 122.342474][ T6602] should_failslab+0xac/0x100 [ 122.347377][ T6602] kmem_cache_alloc_node_noprof+0x77/0x380 [ 122.353661][ T6602] ? __alloc_skb+0x1c3/0x440 [ 122.358298][ T6602] ? __mutex_unlock_slowpath+0x21e/0x790 [ 122.363949][ T6602] __alloc_skb+0x1c3/0x440 [ 122.368401][ T6602] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 122.374433][ T6602] ? __pfx___alloc_skb+0x10/0x10 [ 122.379412][ T6602] ? pfkey_broadcast+0x20/0x400 [ 122.384317][ T6602] ? pfkey_broadcast+0x3e3/0x400 [ 122.389294][ T6602] pfkey_sendmsg+0xce4/0x1050 [ 122.394027][ T6602] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 122.399288][ T6602] ? __pfx_aa_sk_perm+0x10/0x10 [ 122.404179][ T6602] ? __pfx_lock_release+0x10/0x10 [ 122.409220][ T6602] ? __import_iovec+0x590/0x870 [ 122.414105][ T6602] ? aa_sock_msg_perm+0x91/0x160 [ 122.419064][ T6602] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 122.424193][ T6602] __sock_sendmsg+0x221/0x270 [ 122.428908][ T6602] ____sys_sendmsg+0x52a/0x7e0 [ 122.433694][ T6602] ? __pfx_____sys_sendmsg+0x10/0x10 [ 122.438992][ T6602] ? __fget_files+0x2a/0x410 [ 122.443599][ T6602] ? __sys_sendmmsg+0x392/0x720 [ 122.448469][ T6602] ? __might_fault+0xaa/0x120 [ 122.453173][ T6602] __sys_sendmmsg+0x36a/0x720 [ 122.457871][ T6602] ? __pfx___sys_sendmmsg+0x10/0x10 [ 122.463094][ T6602] ? __pfx_lock_release+0x10/0x10 [ 122.468142][ T6602] ? kstrtouint_from_user+0x128/0x190 [ 122.473545][ T6602] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 122.479458][ T6602] ? ksys_write+0x22a/0x2b0 [ 122.483985][ T6602] ? __pfx_lock_release+0x10/0x10 [ 122.489114][ T6602] ? vfs_write+0x730/0xd30 [ 122.493642][ T6602] ? __mutex_unlock_slowpath+0x21e/0x790 [ 122.499321][ T6602] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 122.505326][ T6602] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 122.511671][ T6602] ? do_syscall_64+0x100/0x230 [ 122.516448][ T6602] __x64_sys_sendmmsg+0xa0/0xb0 [ 122.521321][ T6602] do_syscall_64+0xf3/0x230 [ 122.525834][ T6602] ? clear_bhb_loop+0x35/0x90 [ 122.530529][ T6602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.536440][ T6602] RIP: 0033:0x7ff5f837ff19 [ 122.540866][ T6602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.560588][ T6602] RSP: 002b:00007ff5f9138058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 122.569025][ T6602] RAX: ffffffffffffffda RBX: 00007ff5f8545fa0 RCX: 00007ff5f837ff19 [ 122.577009][ T6602] RDX: 032bc45944b084a6 RSI: 0000000020000180 RDI: 0000000000000003 [ 122.585001][ T6602] RBP: 00007ff5f91380a0 R08: 0000000000000000 R09: 0000000000000000 [ 122.592991][ T6602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 122.600985][ T6602] R13: 0000000000000000 R14: 00007ff5f8545fa0 R15: 00007ffca4c45078 [ 122.608981][ T6602] [ 125.198150][ T6724] netlink: 4 bytes leftover after parsing attributes in process `syz.4.272'. [ 125.755155][ T6750] netlink: 172 bytes leftover after parsing attributes in process `syz.0.281'. [ 125.789010][ T6750] netlink: 16 bytes leftover after parsing attributes in process `syz.0.281'. [ 126.096209][ T6760] netlink: 'syz.4.288': attribute type 27 has an invalid length. [ 126.257668][ T6760] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.266519][ T6760] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.708745][ T6771] netlink: 'syz.3.292': attribute type 4 has an invalid length. [ 126.715648][ T6760] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 126.746939][ T6760] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.842681][ T6760] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.852699][ T6760] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.861926][ T6760] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.874267][ T6760] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.442400][ T6854] netlink: 'syz.1.325': attribute type 27 has an invalid length. [ 130.531712][ T6852] [ 130.534105][ T6852] ============================================ [ 130.540288][ T6852] WARNING: possible recursive locking detected [ 130.546463][ T6852] 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 Not tainted [ 130.553603][ T6852] -------------------------------------------- [ 130.560207][ T6852] syz.3.324/6852 is trying to acquire lock: [ 130.566115][ T6852] ffff88807d079a00 (&trie->lock){..-.}-{3:3}, at: trie_delete_elem+0x96/0x6a0 [ 130.575404][ T6852] [ 130.575404][ T6852] but task is already holding lock: [ 130.582779][ T6852] ffff88807c6d8200 (&trie->lock){..-.}-{3:3}, at: trie_update_elem+0xc8/0xc00 [ 130.591688][ T6852] [ 130.591688][ T6852] other info that might help us debug this: [ 130.599771][ T6852] Possible unsafe locking scenario: [ 130.599771][ T6852] [ 130.607388][ T6852] CPU0 [ 130.610762][ T6852] ---- [ 130.614051][ T6852] lock(&trie->lock); [ 130.618136][ T6852] lock(&trie->lock); [ 130.622221][ T6852] [ 130.622221][ T6852] *** DEADLOCK *** [ 130.622221][ T6852] [ 130.630462][ T6852] May be due to missing lock nesting notation [ 130.630462][ T6852] [ 130.638790][ T6852] 3 locks held by syz.3.324/6852: [ 130.643843][ T6852] #0: ffffffff8e937aa0 (rcu_read_lock){....}-{1:3}, at: bpf_map_update_value+0x433/0x5c0 [ 130.653814][ T6852] #1: ffff88807c6d8200 (&trie->lock){..-.}-{3:3}, at: trie_update_elem+0xc8/0xc00 [ 130.663153][ T6852] #2: ffffffff8e937aa0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1fc/0x540 [ 130.672617][ T6852] [ 130.672617][ T6852] stack backtrace: [ 130.678511][ T6852] CPU: 1 UID: 0 PID: 6852 Comm: syz.3.324 Not tainted 6.13.0-rc1-syzkaller-00373-gc0b8980e6041 #0 [ 130.689109][ T6852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 130.699353][ T6852] Call Trace: [ 130.702725][ T6852] [ 130.705661][ T6852] dump_stack_lvl+0x241/0x360 [ 130.710454][ T6852] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.715677][ T6852] ? __pfx__printk+0x10/0x10 [ 130.720368][ T6852] ? lockdep_unlock+0x16a/0x300 [ 130.725232][ T6852] print_deadlock_bug+0x483/0x620 [ 130.730270][ T6852] validate_chain+0x15e2/0x5920 [ 130.735152][ T6852] ? __pfx_validate_chain+0x10/0x10 [ 130.740467][ T6852] ? validate_chain+0x11e/0x5920 [ 130.745419][ T6852] ? __pfx_lock_release+0x10/0x10 [ 130.750459][ T6852] ? __pfx_validate_chain+0x10/0x10 [ 130.755677][ T6852] ? mark_lock+0x9a/0x360 [ 130.760022][ T6852] __lock_acquire+0x1397/0x2100 [ 130.764898][ T6852] lock_acquire+0x1ed/0x550 [ 130.769414][ T6852] ? trie_delete_elem+0x96/0x6a0 [ 130.774369][ T6852] ? __pfx_lock_acquire+0x10/0x10 [ 130.779410][ T6852] ? __lock_acquire+0x1397/0x2100 [ 130.784539][ T6852] _raw_spin_lock_irqsave+0xd5/0x120 [ 130.789842][ T6852] ? trie_delete_elem+0x96/0x6a0 [ 130.794796][ T6852] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 130.800744][ T6852] ? __pfx_lock_acquire+0x10/0x10 [ 130.805792][ T6852] trie_delete_elem+0x96/0x6a0 [ 130.810653][ T6852] ? __pfx___cant_migrate+0x10/0x10 [ 130.815860][ T6852] ? bpf_trace_run2+0x1fc/0x540 [ 130.820718][ T6852] bpf_prog_294a51305bb63f88+0x46/0x4a [ 130.826193][ T6852] bpf_trace_run2+0x2ec/0x540 [ 130.830965][ T6852] ? __pfx_bpf_trace_run2+0x10/0x10 [ 130.836516][ T6852] ? trie_update_elem+0x26c/0xc00 [ 130.841729][ T6852] ? _raw_spin_lock_irqsave+0xe1/0x120 [ 130.847199][ T6852] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 130.853103][ T6852] ? trie_update_elem+0x26c/0xc00 [ 130.858156][ T6852] ? trie_update_elem+0x26c/0xc00 [ 130.863227][ T6852] kfree+0x382/0x430 [ 130.867140][ T6852] trie_update_elem+0x26c/0xc00 [ 130.872005][ T6852] ? __pfx___might_resched+0x10/0x10 [ 130.877299][ T6852] ? __pfx_bpf_obj_pin_uptrs+0x10/0x10 [ 130.882778][ T6852] bpf_map_update_value+0x533/0x5c0 [ 130.887992][ T6852] generic_map_update_batch+0x60d/0x900 [ 130.893638][ T6852] ? __pfx_generic_map_update_batch+0x10/0x10 [ 130.899770][ T6852] ? __fget_files+0x395/0x410 [ 130.904469][ T6852] ? __fget_files+0x2a/0x410 [ 130.909162][ T6852] ? __pfx_generic_map_update_batch+0x10/0x10 [ 130.915267][ T6852] bpf_map_do_batch+0x39a/0x660 [ 130.920139][ T6852] __sys_bpf+0x377/0x810 [ 130.924393][ T6852] ? __pfx___sys_bpf+0x10/0x10 [ 130.929173][ T6852] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 130.935254][ T6852] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 130.941591][ T6852] ? do_syscall_64+0x100/0x230 [ 130.946372][ T6852] __x64_sys_bpf+0x7c/0x90 [ 130.950890][ T6852] do_syscall_64+0xf3/0x230 [ 130.955400][ T6852] ? clear_bhb_loop+0x35/0x90 [ 130.960089][ T6852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.965989][ T6852] RIP: 0033:0x7fca4f37ff19 [ 130.970500][ T6852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.990137][ T6852] RSP: 002b:00007fca5016b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 130.998577][ T6852] RAX: ffffffffffffffda RBX: 00007fca4f545fa0 RCX: 00007fca4f37ff19 [ 131.006568][ T6852] RDX: 0000000000000038 RSI: 0000000020000000 RDI: 000000000000001a [ 131.014778][ T6852] RBP: 00007fca4f3f3cc8 R08: 0000000000000000 R09: 0000000000000000 [ 131.022792][ T6852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.030787][ T6852] R13: 0000000000000000 R14: 00007fca4f545fa0 R15: 00007ffc0d10f668 [ 131.038791][ T6852] [ 132.179538][ T6854] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.186929][ T6854] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.238144][ T6854] infiniband syz1: set down [ 132.247751][ T6854] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.258691][ T6854] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.293937][ T6854] macsec0: left allmulticast mode [ 132.300906][ T6854] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.309964][ T6854] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.319674][ T6854] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.330137][ T6854] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.356007][ T6860] wg2: entered promiscuous mode [ 132.361129][ T6860] wg2: entered allmulticast mode [ 133.114875][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.121232][ T1297] ieee802154 phy1 wpan1: encryption failed: -22