last executing test programs: 1m35.048858957s ago: executing program 0 (id=123): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = getpid() r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpid() r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, r1, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) recvmsg(r4, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2400, 0x80ffff) 1m34.167298378s ago: executing program 0 (id=133): write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b400000000000003dd0a00000000000073013900000000009500000000000000b38a595efa0578208e8354bb546620e3690771f5bf003326913779cfaf84efb8b3f976c934b3"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x140}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x36) 1m33.764987925s ago: executing program 0 (id=139): r0 = socket$kcm(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10) socketpair$unix(0x1, 0x2, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x2, 0x1, 0x84) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x11, &(0x7f0000000000)=r1, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003d000b12d25a80648c2594f90124fc60100c024002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB='1'], 0x23) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00'}) socketpair(0x1, 0x5, 0x0, 0x0) r2 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x29, 0xb, &(0x7f00000000c0), 0xb9) r3 = socket$kcm(0xa, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0x0, @mcast2}, 0x80, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="18001000000000002900000008e43e040000004300000000000000"], 0x18}, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = socket$kcm(0x10, 0x2, 0x4) close(r5) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)}], 0x1, 0x0, 0x0, 0x7400}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 1m33.128097394s ago: executing program 0 (id=145): perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="0200000004000000080000000100000080", @ANYBLOB, @ANYRES32=0x0], 0x48) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000001000)=@o_path={0x0}, 0x18) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x36}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 1m32.765056956s ago: executing program 0 (id=148): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x401, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x5, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f00000001c0)=[0x0], &(0x7f0000000200), 0x0, 0x79, &(0x7f0000000240)=[{}], 0x8, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0x3a, 0x8, 0x8, &(0x7f0000000300)}}, 0x39) bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x1f, 0x401, 0x5, 0x2, 0x300, r0, 0xbb00, '\x00', r1, 0xffffffffffffffff, 0x1, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f9, &(0x7f0000000080)) 1m32.147102423s ago: executing program 0 (id=152): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x1e, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x18}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{}, {0x74}, {0x6}]}) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0) perf_event_open(&(0x7f0000000900)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) write$cgroup_pid(r3, &(0x7f00000001c0), 0x12) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='jbd2_end_commit\x00', r0, 0x0, 0x1}, 0x18) 1m22.681168394s ago: executing program 4 (id=223): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xfdef) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 1m22.587281493s ago: executing program 4 (id=226): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x12, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000000000000000000000000008500000050000000180000000000000000000000001000009500000000000000846bdab3ee67f88bffb73826c5f82839a2756bd52b2f8f914b1ba42e6b0e7ed0388f8c5818adb3c980afb3f8a6efbb9ddbf3aab033ba3bd652d837bb47636b061a9b03d254b0bd9626b583eccafdb033f6"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) 1m22.516547169s ago: executing program 4 (id=228): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = getpid() r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpid() r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, r1, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) recvmsg(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2400, 0x80ffff) 1m21.553210528s ago: executing program 4 (id=235): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xfdef) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 1m21.365868395s ago: executing program 4 (id=239): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x401, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x5, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f00000001c0)=[0x0], &(0x7f0000000200), 0x0, 0x79, &(0x7f0000000240)=[{}], 0x8, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0x3a, 0x8, 0x8, &(0x7f0000000300)}}, 0x39) bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x1f, 0x401, 0x5, 0x2, 0x300, r0, 0xbb00, '\x00', r1, 0xffffffffffffffff, 0x1, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f9, &(0x7f0000000080)) 1m21.176312693s ago: executing program 4 (id=241): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x1e, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x18}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{}, {0x74}, {0x6}]}) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0) perf_event_open(&(0x7f0000000900)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) write$cgroup_pid(r3, &(0x7f00000001c0), 0x12) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='jbd2_end_commit\x00', r0, 0x0, 0x1}, 0x18) 1m11.875361278s ago: executing program 1 (id=307): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0}, 0x10) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="f0f605748a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000080)) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000), 0x10) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) 1m9.57834071s ago: executing program 1 (id=310): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000500)=ANY=[@ANYBLOB="18080000c8000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca9000000000000350901d0ff000000950000000000000075090300020000007b9a00fe00000000b509000000000000c39a04fee1000000bf8700000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 1m9.477691029s ago: executing program 1 (id=312): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000ff9018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 1m9.293178976s ago: executing program 1 (id=314): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xfdef) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 1m9.186086406s ago: executing program 1 (id=317): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000080)) 1m9.13324527s ago: executing program 1 (id=319): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x1e, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x18}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{}, {0x74}, {0x6}]}) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0) perf_event_open(&(0x7f0000000900)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) write$cgroup_pid(r3, &(0x7f00000001c0), 0x12) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='jbd2_end_commit\x00', r0, 0x0, 0x1}, 0x18) 537.070011ms ago: executing program 3 (id=1011): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61106800000000006113740000000000bfa00000000000000700000008ffffffd503010017740040950000000000000069163a0000000004bf67000000000000350607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004d83dde4c375000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369226066812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20ceddf4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a1f37302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a1a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4c6ea9604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a09d8be0fc5beecf153236c19740be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c7476"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 501.864074ms ago: executing program 3 (id=1013): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe) r1 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x107, 0x17, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, 0x0}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}], 0x10, 0x0, @void, @value}, 0x90) r2 = socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r4) close(r2) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) socket$kcm(0xa, 0x5, 0x0) setsockopt$sock_attach_bpf(r2, 0x84, 0x64, &(0x7f0000000000)=r5, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x0, 0x0}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xa3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='ishtp_dump\x00', r6, 0x0, 0x8002}, 0x18) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 380.462645ms ago: executing program 2 (id=1015): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0) write$cgroup_int(r0, &(0x7f0000000600), 0x12) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48c8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025641d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) close(r3) openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x141, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'}) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001080)=ANY=[@ANYBLOB="61106800000000006113740000000000bfa00000000000000700000008ffffffd50301001774004095000000000000006916500000000000bf67000000000000350607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004d83dde4c375000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369226066812b8e007e733a9a48c9eaf3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71c206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20ceddf4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b134000000000000000962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a1f37302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a1a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e64316d1eab5d067a183f064b060a8ec12725d42ef832863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4c6ea9604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc37dc4a29b9cba8ded5de8206c812439ab129ae818837ee155d0789c524b3baf49a09d8be0fc5beecf153236c19740be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c7476", @ANYRESHEX], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0xfd9b, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58, &(0x7f0000000180)}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=@framed={{}, [@printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x10}}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20) 380.143045ms ago: executing program 3 (id=1016): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0}, 0x10) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="851000000000000018100000", @ANYRES32, @ANYBLOB="f0f60574"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000080)) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000), 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48) 286.209434ms ago: executing program 3 (id=1017): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8) openat$cgroup_ro(r0, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x5, &(0x7f0000002500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$kcm(0x29, 0x2, 0x0) r1 = socket$kcm(0x2b, 0x1, 0x0) close(r1) r2 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r2, 0x0, 0x30004081) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='+\x00') syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000018160700000fff07003506000002000000170600000ee50000bf250000000000003d350000000000006507000002000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff3d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa130c7267c2de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d726eae098804de25df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6aae6a2213f4bb7b72ee19baaa6496c921b500fab987b62bbfd769664875469f58151b5ba0e4b84ea6500aeae078084123b254aeed0055787c01db742ed418ff76ee08d6fe0cc780a1005da7b778501e12cd7a0bb3780196d1fb84e6c12dddc60addc75a1f880bd58e7d1056a4d177e0067aa7c5ec09e1b762390a4f38d15794e698611b97a1bc9bc62513ad5ba767998919ccb61028200000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300}, 0x0) 257.187696ms ago: executing program 2 (id=1018): bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) (async) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="d8000000190081054e81f783db4cb9040a1d080006007c02cdfc55a10a0017000600a42603600e12080006ba0474f701a8000100fe80ffff7f6f94007134cf6efb8000a007a290457f01890500277ce06bbaceac3c2fb14c2ee5a7a3aab62f00001fb71b14d6d930dfe1d9d322fe7c2e8771820d16a4683f5aeb4edbb5952a0f536ffd77500db798262f3d409c1f40cb9f92b74f51fad9e3bb9ad809d5e1cace0d81ed0b764434a19789bf0cffece0b4129ecbee5de6ccd4e1ffffffffc2c9b627430600007c388b0dd6e4edef3d93000020000000000000", 0xd8}], 0x1}, 0x0) (async) write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='-9'], 0x27) (async) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) (async) r3 = openat$cgroup_int(r0, &(0x7f0000000240)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_int(r3, &(0x7f00000001c0), 0x12) (async, rerun: 64) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) (async, rerun: 64) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async, rerun: 64) close(0xffffffffffffffff) (async, rerun: 64) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) (async, rerun: 32) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @multicast}) (async, rerun: 32) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) close(r5) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r7}, 0x8) (async, rerun: 64) ioctl$SIOCSIFHWADDR(r6, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'}) (async, rerun: 64) ioctl$TUNSETLINK(r4, 0x400454cd, 0x207) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) (async, rerun: 32) bpf$ENABLE_STATS(0x20, 0x0, 0x0) (rerun: 32) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async, rerun: 64) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (rerun: 64) 189.167373ms ago: executing program 2 (id=1019): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000500)=ANY=[@ANYBLOB="18080000c8000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100d0000000950000000000000075090300020000007b9a00fe00000000b509000000000000c39a04fee1000000bf8700000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 171.952414ms ago: executing program 2 (id=1020): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x107, 0x13, 0x0, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x11, 0x10, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x2, 0x1, 0x84) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0x1, 0x58, &(0x7f0000000380)}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @dev}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0xff, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x4}, 0x7000, 0x3, 0x0, 0x0, 0x10000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x17, 0x10, &(0x7f0000001140)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 108.29406ms ago: executing program 3 (id=1021): perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000ec0)=ANY=[@ANYBLOB="8500000061000000350000000000002085000000080000009500000000000000f4670880271e3503200ffa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa3b4b87b3e0cc7444a2391511c97fabd5f9810e81ae0b737136ea6f7be39e434d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8761b30d64b741a226de7bad76402320e13822c45c0f8612c10b1f3c075ff1ebb755a2dd5760903000000000000006c6386d7ec7209d031f40f3012e9576e51a7f578602f5807785b92e544fc46c744aeeee4418d6af3e4195cc03710212436a4ff3274cac948d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f99ab1e394ab800f4104dbffff0000000000005c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de93d928cf95846be6277c04b4c5324812696aa89e393c941d9541cc6238d0703394a90231ccca9c3499c9a4cd3cd8a4f8070000000b1b2d2747c45b0c52087b5efabf84960ba0e3c4c00322de328c10752a42dca52fb98c1452b6518a6ef7297f8e2744419a2f238f173d0cd46daf2fcb5500f53e7309ec91d83cf4fbf975d9c0e65760ff000000b78863e629b3b200000000000000000000000000008b0000000a449c810d3174cc7ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa8ea63e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae2f7967546c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca30000f2ffffff000000000396e7b6e1aa007018f6d93e79fce95d405b809638cca421c82c96f10dfa978bee51f581d124216e8bd9b1855f77138e438bdc037865f07f98c068be4c6155ec27365410866059475714844a3ea4cbe37e0000000000ef6dc4dd63bb928ff58b3bd2a600089d172a884dcdb8b9f9050297815a371deec596838e38068b5e438cbcd585a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1ca5e3a833f8f65429845bc3c3092af2bc4ee7263d3cbd9cab24eafd961a2d0c7bbfca952475c7e6158bfbb32f187d18f977117101076bad4167d5559ac12ff1473fa0ac0c0e71925a25933bfe309a040034b0cc8f69074670efc8101b89477d23823605dfa8e5945c71a0225b50d18a010ecf3c349cbac4d5191c3d78726b9ab4bff5e05027ca5b338a62e955e514da8ca2846919b7b56c192bb43f7032e485cc664921b7f9133bdbc2ba3cd845997b0dd103c784a53ad0243624566e0dacfe4029ffbe59e7e7751b3a9e619107bde39bfa81791ff0e4577055528aef46891c3c49afda8137d03cf6893db7b0f1fe95f8a096159869db71853b6bb5c08ce5fc61353f1e659d7ac53f54a7e2c94cba21994930a423ac7f84ed873a76b0dda0a4b4c5f87eef3164a0c03bc2a7f08290ddf300b298de3fd9167fb8b9c2f26e27f97cf5e90586ea50b85eb5b420eebe171893782b8326148ef5f5174e7ea5dd7f1caa699e4a241291c2f43e9edbf44c0ffb8ee32a18b6e8f0b61836146e2eab9a767800c2c91190c96cf88466adf775b4cf517dc5e39be99c4ab471f381c3915203cd2f27466c8943a80ba03150699c787696de272affa4e4940e59d8b7c69f804d425e77976c00ca6d3fa7543176a4df033532e5053d72521d097dda0c7a70bd1278c61513c1b87b01d9a9ec4de14693096dab53d3224f245fd5d87984d58dc09d11ba0094ba8c39942be41f362e29bba1cdcf8068a4d8d67d2d6d79aa2d089bc4d475097d7523860ec41dab4fa4b0cfe674c163ad419753bd73882336d42036a179bb33162b31f2a58436ea88fba598fad987a60b1847cc63a77c2bb30477ecbeaaa590cde56be4102d0365987eed64bdf01bbd9aaeb77dde491845e612557fde64b3a185122ff97a365844582ef9086aa0b74bf8a1ba90a8daf3c716f1e7d7d2b20c878027b2f15cb8576d4cbac85aee331a7e38473a91027daec042fc1e2e7665bf3d3e79aed63b521a1541b2e302c9cf222a86ba7a3889861aa18a3104d657a3a5eeac42d91fbaa4188500000000e732041a58e8be0c2054b4eaf9270be8610f5f9c92474cd9df36a714a252d0d0bcc59f1007ca05d66dea7ac139a9314099904979e227830b516c637213faa91fe557e1d4e92738deb36769cea3854fba7fa36d9e49350e9f29c768dba0067caa7c53ab0dac26ed7ede7ec78c0b4b2a37109c39af2d50fe13e313ae92a79412b17d972a3e017f901e618b9bc7e8446ef4fbdcc912de4f4f7647ccd68adbc439ad75e558"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000900)=""/153, 0x0, 0x68, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r0, 0x18000000000002a0, 0xffffffd4, 0x0, &(0x7f00000002c0)="b9ffef6003008c020008f086dd00", 0x0, 0xe4f8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffff1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003640)=ANY=[@ANYBLOB="0100000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB="000000000000000000e0", @ANYRES32=0x0, @ANYBLOB="a8f2bba2", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES16=r1, @ANYRES64, @ANYBLOB="25b6952d597b5344125df3a306a5946a3a206fc39c1023c009cc8cff11e6a35048765e01287bef7de3d417b95584b474391f87cdb8baeba300c5f363506d4665dea1ea366f10229225bcb0ee5093cb6b2277c5abe66262e980d95c714fd066db6e8d31272d4df9ddcb3747b330c32a5b86bf8427bd902d61ad0b635ac6ec7487b59ac6b31d0aa2c340744c1e5869eff3550c668ad4e57ce09e89e0f62f9a045ba667cccc9a75ff6f2fdf169642237a1969c2f65a43a8f792ac64b9103720e92a292ef77ae3eb0003843ff6984658480b919131f54ec06a37077b3a8883ffdfb0d1b623a7821e7122aa697a9de016b8f72fc0292ef70b249a1b49ae9f7a0269b7228dd48872e04cfe57d8edd2a83ef02b957ef8085b031e9eceb35833145d97dadb4261aa71ca38caa6ed3d63877105b80c516bfbeb9aaf87c950ccd864e51cfc254a913fc8542b42422257fbce54dbef48b1a8d9d96c8dc6e9ca8e3badddf281a603bd19852341383bcaf596c7e8e0589e868252c375b539b91c3b944ff95b8283ba6d5705d21abb1f972f50551f8b7fb4dad81460d2f9510cefb9fed7cf5ac691c9deed9af5a85802a1ac77fbe99fdc59f29ffa7430a85a73093ca43d9ac5d7f8b392944dbeae1e26fa16bab84814b70cf044bcea7914da7a01dc48700e76b4d5097a9cf77d45e41f1ba026582d240aa89678f4e3a05237b0c32be4cbed76b02313d013aa6515ed2e18de7a4cd07f53219fc9aed47fd3376e29c79227298fa3f1c0053424650d90654317386f1c3f605c0b8ee92830013d7399a9e062ffa65930cb62187a88d3c153913b238670f95c5af991ccf9f201adf010b9a34b439f01a5dedf01552db19f24dd6e94e041482da116c75a2aa9e44b05c7ca067d6b3929cefc87aaceb2f3990dd1d69018046e95a20a882612f1761b8013fa7fbd9c856a209f10472583651e0dbcde0992a33b7c3e5774c550fdde29325e13fb4761c40e6a8a1acc486d0e7391bbbc6d6867f54b977dda4f247b1f5b298954dca62cd0c952d2a362c68d3d544fc72035b16001ccc03b944f81745de46eff12d0c15d88cb717562126ae3108117c7596d084607e073196e14bca1f8c151e829159b35faa881191aac99d582577765c10eeb6f34203423b654f58f9d140ca0cb9a384fcd111780b311079a52aba7ed3689f61bf6d6195afa5a239f23ef0a0130b625f0271be92e8204ac45f15885dde361e23c6f357f9de73b0574cb7f537c1182f2781c236f03c1392562748b39422b51788223457b39f873457e39bce9daaa3a76350193df3449507a3d34b83dd70ec9d4998bce1cc978eab3b2494ee99bf88be78424e180fc70fae891351af327f5dbe428ba6395ecdddd42fea7c890cd4f0c66c4ea780604d5e0213f363ff259daa9fc32ab85a42ae70434c0df494409c5f7040c2693959f282e4529cc5f861a770db96039e2bd106fd743123d838a546b9708cd1dff9306aebbd36ac01ebb67a2e15eb0ed0799c6d60526aeaffd5953ae321c6123092aafbfadd13b74bc30acc724c85c5976a78f7596b159d2036fd2d202776ccb1ae9ea6ea4c0388c5107e97c7d86a54349bbb3dc5783807d5f814d700a8a71df60f585d20ba1130531c26ab4809f31d9792ffdecea69269fe724e2228e501fdb5411de5172fb193f8d4e25fd30aa6f915b8c710042437ceb24c9f67b5a0d749a30acfccace1765526d2c5730d9cd2fb1c6f848569ba3cddd3be2bd2e72471e52885f1d97ab903597b599665d6711d4598d838e2ae7d2985ab753edd99845819ccc24b5720d8799dfed062212579b3f8965ea0964782b2452ffbe9a16be6f7e6fa36dd8ddb7445185cf3e47c1d4fffd19b47d6e55d336f2c6e9a81044480d2e7a40da3d289c936402ffc4798860921e2ee445befe40212f1fe2bc437c88815128cbeb0aa1df7ac2dbe9cac840da487f4d3f3457fe2a46b8f9de3a30ff17b3814ec563d55f762c06d7f4c5435b5b7abf921484abd9c79a3e2711d28e05edd06c42f1f9e20ef384bcd246d45b6c19a947f5f5ae0b3975111f084a8e7edb2320d28b7a890f75ac8834d47101ac585e967ca91acd9338d042e3e4a5ea3dda2252e95321c9ba817cfd1758177d0e0fa6f56a64cdc25890dd2acaf2808f43a0d39c126838c1ccdfa5250650988f62b6ae31d050b9959ca026c0d1e8c988feaef9dcc0210a615b034d0a613e4626b476fbe729e104904ab61fb5eb19169c8e542898e9761fb9524f77126d32b84382b9407bb9b31f6ac1415d5d72ad46088a718d6cb9b1c3836dec446aee8fa5fd335136e9ba33e6db5ae1e4f1b846653d366048a8657ee045e213d29406d6b545dc125dc8a188e78b39db8624dc033148737577bd9dc9bdc34359ab020efb58bd99b2cd492ae2e9806e79c04d57c04119a75de3867562dfe01caff9ad9d7010330afc61c8641b472e6667f92c059456be72b7e3d076dd9f9f9f9fd9e34714a6109fbe79542c62831fb6a4eba29dfe7cf9a09c5fc5d1be75ac14ca8cf6695740a58d744b432d6ef5a9c10f2321112a1a8e0bbcc322cc01fcb6606bb78b133f1521b9d87b298d871a52b8f6a71ae89c20045426bd1939b2412127f646554da0b27cfaf565fdf277f9aee43a21106c2585a61c1affc21785d8d5ddcfc9f73c5fb4691be20dcdf51e9bcce7e61768bded4d4014f2c0b5585ea0beb9122536778784adfe0b5f46c11afc4e9bb54ac45af07fc68a251f8c42e16224b4d66eea27dbc8abd1d40895eb820e7bc2847bdb21f1b89c3a21331f72f5cdf4224df48228408a0a5981a562d3b59636df46f6b2a77bab413222afe216297f1d8ddc930004fa5a9a19ce31a3628a614b796739170b58e635158c8fe5961d5c662ea929a875e3d3d765b946a7bac76c80e589dbabffb4e6be81b0951dcfa8f8041f6e9758f6822cc6e7695340cce6ce90ee30ad9a6fb82953fbdb2a657daf51d4d434f3be73ff1a2e13fb1c277e077499b205211147ce2ff61dce9278652a38c68e895f276004b5e75cca4bd012d11b7475038f9adf05e8b31714becdee007ff7d035f178a6041401b60fd9ea965cefeb74d9c7114f8d24130127a349bce1d44e9e13c8b8f713330180caa0d940624b24651133e1986de4521d5f40c146ae057c6806ef6a6ac7eeeced710bee5258d128d5073facc88e7ec16ba1290be1b4fa784ab1dbfc895cc1885390eb506bfeb5b8f8140170033543ce0f918bcf6c1f4ea5a52469481363167fe7e3d5b9c8809dcbe0eef78068b7fd7a354940bb099aa78830df36791c0fe7f1bbe378f93816d65e6b189a9ded4c409e7eca39c91e6c856e2fc713f5af16c9c811742f56c800ce0779c0d791bdeff9bacb73c0ede6f3b389633efb8a698774bc6a6812bfe65ad4fad5b2ab70527b93c0a420ed18d10f877be02c8ea3d9f426a18b923e4c54095238ed774fd915c60869287329139dd87d17e2bb2e15b102091e08672495c0b68fb888bf2334dd7db9501b7f8db85f183729f42f0870404cd7ff342a2c36e0e27bed627f6eac57b70702deae26634df3168a3afa3db6344d3b7dcccae8eb26dd03962e957635ec08234bad731c2e32ce226a8e66fe284ccce115a2182777517a9b102920ff8b39cb0051a11b0348af9674c019d4711fc1f3c256fcdaac1370a0d186cf2691def5c85019146bc68f23b733643bff189e9847e65a6caf6d9c547fb7fed569df1f4d954bdf54a05ac6732466fcb1a2684c7590c75f74111b7bb4527399133feafb3f5046f56d0085e168de5ff4686d0aa1f37e427b2af761b9fea0a076ac8dc7fe5b0247227db5f7bbfba6dd276ce136c2d92ff51c64459aa71a11712f1c03cc75e3e1f926ed9bdf89c0f97c1e42e8e784399364161a674f9f8a7a8dac2c84c9e87629ffee14f3f81b365fd94b2254f814b06cb9be12b899bdc03cdf8b63020b8d4458603da47013a4ccfb2ca1aaf64d6d492009a3164e4c5d907ef2887cc2489696301efe74e2d96e2557f70316198a695328b7edc2ac0a56a080be4ac758803aad3fb52df826e68dc76b181b37aa221a3bb750a3aaffbc318dd8702b783c6f1cd4db15f6ecf87edabca2255c233eb2f283641533c32a5a224711ef46eaa822d104720bfca8b4cc25165cdba47849b9070a264101d8e5f9bef83e3dca0c020bf7ee331dc04663c17f25840ed03dc082761425cb5996ac0cbfbcc9ad56e74472f3b2d2e9c08f2532819bce9bd56e188e36fd579e648fff5ac6e395f352d0ed593a00cd530937087f21af12f66dd9bb27a2dd9ccb8b80523f4d248998c7c3722d0edbb9d5e2313bcb36953e53c2469217bd904e7769a5c806d45b5cb3b460ce2b2bea03702422a306ac76c7a7e6b7853388e36d2f5329a019b950a144598385c5e2215a2a969ce9105849b70bf944050fb488e9bc81f7e0110d6bca0246b0aee00f225e02fd17c72deeffb042ff927764bbe8b5f1b70e136fd05557b34f7d23caecbe83b6b74fc6720ab9bcd1081a5cc8e4c5c6c807d754c73dc5e7e2abca0927aecf5b40556c9e751c762ba378ca25a1a33fd58e8a6fb3ff16ffdd83e4391ddfd00c60041ffaf1737fe422c65ef95091e7847a315ed1aaa1e7d40f67ae155913cd86434c0b6414e1c3a542895cbfda8e4cb842487d0099c27ec14f88a2fba0b983a525bf4841780e3bf302b005a9f935063dd0d53a27cce3e648076d70c51308fb9f897464048451c6ced77af59c485364be4f1a8b8c724391260374d36b816da9b2e35b434621bb50192aed66ae7c99764edb193c4f35a7d09529426ffc5093530de82660f20b85de08976cac3dfe1b2a2f2b01194c6324be6cf238bec2db0efbeb07b4659ae88195274c5bc968078d1d14767078635a1c138a780699619b9675237bf3c12ebee28fa9de021a55ed2463651fffea5529d002f5e6571bb43a42767f55cb7a83ee8ebcb82439a722ec1062352193c74a5514ba91d369b0071c2295598f77da129ed0b743afb3e0f8ce601df4c84525f15ed2d902e20d965fcbd27c80d6028ee1c218e802cf1fc6637e16cda8717f55f54d38ca04a05898491bece7d9279164605a4d7eb4e3dcdc88544a05523ded04645f4b355cc22a4ae2f6825332125852930b93f2a31d714d8f92234b467d6edc96856ee0d9b2f2b0d8db8a752f24be4a781b6b3c0ee9eb8901130e23a18552cb28f8e0e03abb4ccc7b6829062da05023bc520f9b8513d9f043f563f1681b5bdd05b4a2d2366ba6df4e2deaae783e0c0c6274b266ca96714b9f70501e5fdffceaa140cb4d5aab25b3c836fc46c1681d16b18217d0b238e6ea9319f52a2c700dda8ef2bfe3136c73b6caedd8cee5ebd8e38ebd5fcd7662dc840dcf00e75b22974f2fdadc959f265b7eea207c3078341db2c4667a4904a55ad8bb016f11510e617242e1d817c586b359e3424f222dad91794768cd1cedcaff51e8da0371620a85630f0241218e1b91f1369b22d0499f4852184523f078e61ee92571423b957a9059eb558955412bc06ced4815c97105c5af55a4c062e28ab79ba90ee2c846045ee6165c01b3447c59b19c090fadad16ea57507abfaeb8b4b1e914cecce756482bdc96ffe4369ff9e74471b19e16d4c45fa1fec104bbfd23d2545be8a3388a917b5c410944488f0d056e9b32c35d078640eef6271ed3e5c65862b1e4602c72c281697ad64183c2ebf7a8c5a115e132e0d6a7c31088e72f6f36dbbe570aec4556643c3daad0ea457cfc3d20a34523624ee3c60d116a8573a140", @ANYRES32=0x0, @ANYRES32=r2], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xfdef) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x505b3e3, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f00000004c0)=0x9, 0x12) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = openat$cgroup_subtree(r5, &(0x7f0000001140), 0x2, 0x0) write$cgroup_subtree(r8, &(0x7f0000000800)=ANY=[@ANYBLOB="2d706572665f6576656e74202d706572665f6576656e74202b667265657a6572202d667265657a6572202b637075202b63707520f3a48444c174dbce5b235ef0567b066e0b6f5d01d9e59701dfba85d141fc89c097b916998ec43ab0eb1e25d3867c7db5f8eec2119809721b043d8c2561f123eb0416bd3bf05bbbfd8d6ec5023a2300b796f6bc0968c1f561ea9b1afffaae9abee82af28753104776d69543a1f5276da1de6eefd4ab2fe65dd35c48dbf377ad4653317b970782aa5664e25a5269e7d608588f3193d3cadaeb8eccc3e63ebc8971c6979cdb"], 0x34) close(r7) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0xfa6, 0x0, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b7020000910c0000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d640500000000006504040001000101040400000b000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000055cdc4b57b0c65752a3ad50000ba7ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafebba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe11cc32a790bc0b801f000000000000009d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f745837bf3cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f60000faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122765c8b7e89eddfc3783f6c9129a7c5f8ee4191dc152f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b9a60fdecb2717e21f8f187b1866108b668c71309c3a3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd756c6643e9146d2478ce31344b554aca78a00000000000000b50a358575422f03fb74d56788fbc624f8015441e552f894973886ee5a6b01a22f55572cb0eca882c464ddade864906f4c056b53232f24819f81b6eeccea325da278970b46282bf0241464565b47876ddd3d5a147a287f7077aed909"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x14) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r9, 0x1f2f, 0x241, 0x3253, &(0x7f00000007c0)="9f44948721919580684010a486dd", 0x0, 0x241, 0x0, 0xffffff2f, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) 53.290345ms ago: executing program 2 (id=1022): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) close(r0) 36.523617ms ago: executing program 2 (id=1023): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000040420f00b7030000000020008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000410000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000001240)=ANY=[@ANYBLOB="8500000061000000350000000000002085000000070000009500000000000000f4670880271e3503200ffa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa3b4b87b3e0cc7444a2391511c97fabd5f9810e81ee0b737136ea6f7be39cd34d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8761b30d64b741a226de7bad76402320e13822c45c0f8612c10b1f3c075ff1ebb755a2dd5760903000000000000006c6386d7ec7209d031f40f3012e9576e51a7f578602f5807785b92e544fc46c744aeeee4418d6af3e4195cc03710212436a4ff3274cac948d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f99ab1e394ab800f4104dbffff0000000000005c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de93d928cf95846be6277c04b4c5324812696aa89e393c941d9541c86238d0703394a90231ccca9c3499c9a4cd3cd8a4f8070000000b1b2d2747c45b0c52087b5efabf84960ba0e3c4c00322de328c10752a42dca52fb98c1452b6518a6ef7297f7b2744419a2f238f173d0cd46daf2fcb5500f53e7309ecc07d8d3c76e65760ff000000b78863e629b3b200000000000000000000000000008b0000000a449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa8ea63e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae2f7967546c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000000000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c82c96f10dfa978bee51f581d124216e8bd9b1855f77138e438bdc037861f07f98c068be4c6155ec27365410866059475714844a3ea4cbe37e0000000000ef6dc4dd63bb928ff58b3bd2a600089d172a884dcdb8b9f9050297815a371deec595838e38068b5e438cbcd585a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1ca5e3a833f8f65429845bc3c3092af2bc4ee7263d3cbd9cab24eafd961a2d0c7bbfca952475c7e6158bfbb32f187d18f977117101076bad4167d5559ac12ff1c14fab5ccf7117a25a25933bfe309a040034b0cc8f69074670efc8101b89477d23823605dfa8e5945c71a0225b50d18a010ecf3c349cbac4d5191c3d78726b9ab4bff5e05027ca5b338a62e955e514da8ca2846919b7b56c192bb43f7032e485cc664921b7f9133bdbc2ba3cd845997b0dd103c784a53ad0243624566e0dacfe4029ffbe59e7e7751b3a9e619107bde39bfa81791ff0e4577055528aef46891c3c49afda8137d03cf6893db7b0f1fe95f8a096159869db71853b6bb5c08ce5fc61353f1e659d7ac53f54a7e2c94cba21994930a423ac7f84ed873a76b0dda0a4b4c5f87eef3164a0c03bc2a7f08290ddf300b298de3fd9167fb8b9c2f26e27f97cf5e90586ea50b85eb5b420eebe171893782b8326148ef5f5174e7ea5dd7f1caa699e4a241291c2f43e9edbf44c0ffb8ee32a18b6e8f0b61836146e2eab9a767800c2c91190c96cf88466adf775b4cf517dc5e39be99c4ab471f381c3915203cd2f27466c8943a80ba03150699c787696de272affa4e4940e59d8b7c69f804d6d3fa7543176a4df033532e5053d72521d097dda0c7a70bd1278c61513c1b87b01d9a9ec4d5ef793096dab53d3224f245fd5d87984d58dc09d11ba0094ba8c39942be41f362e29bba1cdcf8068a4d8d67d2d6d79aa2d089bc4d475097d7523860ec41dab4fa4b0cfe674c163ad419753bd73882336d42036a179bb33162b31f2a58436ea88fba598fad987a60b1847cc63a77c2bb30477ecbeaaa590cde56be4102d0365987eed64bdf01bbd9aaeb77dde491845e612557f"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc9}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 0s ago: executing program 3 (id=1024): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0}, 0x10) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89a0, &(0x7f00000000c0)='%d\xf1\xfa\xbc$j\xfef;q1\x95\xf4\xe4\x13\x95k#Jz.F\xce\xfb\x9c\x19\xf3v\x88\x91\xbct\xb0\x1bLq\x15\x00\xad\t\x13\xf5U\x02\xc9d6q\xc3\xa5\xcf\x01t\r%\xad-\x13\xb0 U\xaaC\xc388\x13\xc6H\x0f \x03\x9e\xa98\xa1\xc3\xe9\x06C\xd4\xb5\x18}4\xa9yA8\x1fQ\xdfN\x8e\xd7m\xee\xb8N\x98\xef\xff\xddR\xec~c\xcb\x93\x84\x7f\\x6\xedZ\x82\xa0\x1by\x17\x1a\xc8\x98\x99\x0f') perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000032000b03d25a806f8c6394f91324fc60", 0x14}], 0x1}, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES8=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f9, &(0x7f0000000080)) socketpair$unix(0x1, 0x1, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000), 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48) kernel console output (not intermixed with test programs): 07ffc358921a8 [ 120.752831][ T5008] [ 120.808599][ T5012] syz.2.492 uses obsolete (PF_INET,SOCK_PACKET) [ 120.826027][ T5012] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.492'. [ 120.840460][ T5013] FAULT_INJECTION: forcing a failure. [ 120.840460][ T5013] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 120.854597][ T5013] CPU: 0 PID: 5013 Comm: syz.3.493 Not tainted 5.15.167-syzkaller #0 [ 120.862695][ T5013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 120.872747][ T5013] Call Trace: [ 120.876207][ T5013] [ 120.879136][ T5013] dump_stack_lvl+0x1e3/0x2d0 [ 120.883828][ T5013] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 120.889472][ T5013] ? panic+0x860/0x860 [ 120.893553][ T5013] ? __lock_acquire+0x1295/0x1ff0 [ 120.898588][ T5013] should_fail+0x38a/0x4c0 [ 120.903010][ T5013] _copy_from_user+0x2d/0x170 [ 120.907696][ T5013] ipip6_tunnel_siocdevprivate+0x520/0x1750 [ 120.913607][ T5013] ? sit_tunnel_xmit+0x26e0/0x26e0 [ 120.918724][ T5013] ? __mutex_trylock_common+0x17e/0x2e0 [ 120.924270][ T5013] ? __might_sleep+0xc0/0xc0 [ 120.928859][ T5013] ? rcu_lock_release+0x20/0x20 [ 120.933692][ T5013] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 120.939654][ T5013] ? __mutex_lock_common+0x444/0x25a0 [ 120.945011][ T5013] ? full_name_hash+0x8f/0xe0 [ 120.949892][ T5013] dev_ifsioc+0xc75/0x10c0 [ 120.954294][ T5013] ? dev_ioctl+0x598/0xf60 [ 120.958701][ T5013] ? dev_ioctl+0xf60/0xf60 [ 120.963106][ T5013] ? strcmp+0x2a/0x90 [ 120.967095][ T5013] dev_ioctl+0x5ab/0xf60 [ 120.971334][ T5013] sock_ioctl+0x68f/0x770 [ 120.975664][ T5013] ? sock_poll+0x410/0x410 [ 120.980071][ T5013] ? bpf_lsm_file_ioctl+0x5/0x10 [ 120.984992][ T5013] ? security_file_ioctl+0x7d/0xa0 [ 120.990099][ T5013] ? sock_poll+0x410/0x410 [ 120.994505][ T5013] __se_sys_ioctl+0xf1/0x160 [ 120.999105][ T5013] do_syscall_64+0x3b/0xb0 [ 121.003522][ T5013] ? clear_bhb_loop+0x15/0x70 [ 121.008206][ T5013] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 121.014174][ T5013] RIP: 0033:0x7f88d933aef9 [ 121.018702][ T5013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.038299][ T5013] RSP: 002b:00007f88d77b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 121.046698][ T5013] RAX: ffffffffffffffda RBX: 00007f88d94f2f80 RCX: 00007f88d933aef9 [ 121.054655][ T5013] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000007 [ 121.062615][ T5013] RBP: 00007f88d77b3090 R08: 0000000000000000 R09: 0000000000000000 [ 121.070587][ T5013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.078550][ T5013] R13: 0000000000000000 R14: 00007f88d94f2f80 R15: 00007ffeb8abcdf8 [ 121.086536][ T5013] [ 121.213700][ T5027] syz.2.497[5027] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.213795][ T5027] syz.2.497[5027] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.316008][ T5033] netlink: 'syz.2.500': attribute type 1 has an invalid length. [ 121.335481][ T5033] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.500'. [ 121.357402][ T5033] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.500'. [ 121.597393][ T5044] netlink: 'syz.2.505': attribute type 32 has an invalid length. [ 121.690525][ T5050] syz.2.507[5050] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.690607][ T5050] syz.2.507[5050] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.932719][ T5065] FAULT_INJECTION: forcing a failure. [ 121.932719][ T5065] name failslab, interval 1, probability 0, space 0, times 0 [ 121.964443][ T5065] CPU: 1 PID: 5065 Comm: syz.3.514 Not tainted 5.15.167-syzkaller #0 [ 121.972526][ T5065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 121.982570][ T5065] Call Trace: [ 121.985831][ T5065] [ 121.988743][ T5065] dump_stack_lvl+0x1e3/0x2d0 [ 121.993412][ T5065] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 121.999028][ T5065] ? panic+0x860/0x860 [ 122.003090][ T5065] ? __might_sleep+0xc0/0xc0 [ 122.007675][ T5065] should_fail+0x38a/0x4c0 [ 122.012088][ T5065] should_failslab+0x5/0x20 [ 122.016574][ T5065] slab_pre_alloc_hook+0x53/0xc0 [ 122.021504][ T5065] __kmalloc+0x6e/0x300 [ 122.025645][ T5065] ? tomoyo_encode+0x26b/0x530 [ 122.030414][ T5065] tomoyo_encode+0x26b/0x530 [ 122.034989][ T5065] ? sock_free_inode+0x20/0x20 [ 122.039819][ T5065] tomoyo_realpath_from_path+0x5a2/0x5e0 [ 122.045465][ T5065] tomoyo_path_number_perm+0x225/0x810 [ 122.050920][ T5065] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 122.056392][ T5065] ? __fget_files+0x413/0x480 [ 122.061061][ T5065] security_file_ioctl+0x6d/0xa0 [ 122.065989][ T5065] __se_sys_ioctl+0x47/0x160 [ 122.070571][ T5065] do_syscall_64+0x3b/0xb0 [ 122.074976][ T5065] ? clear_bhb_loop+0x15/0x70 [ 122.079640][ T5065] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 122.085522][ T5065] RIP: 0033:0x7f88d933aef9 [ 122.089921][ T5065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.109520][ T5065] RSP: 002b:00007f88d77b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 122.117919][ T5065] RAX: ffffffffffffffda RBX: 00007f88d94f2f80 RCX: 00007f88d933aef9 [ 122.125879][ T5065] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 122.133830][ T5065] RBP: 00007f88d77b3090 R08: 0000000000000000 R09: 0000000000000000 [ 122.141782][ T5065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 122.149735][ T5065] R13: 0000000000000000 R14: 00007f88d94f2f80 R15: 00007ffeb8abcdf8 [ 122.157704][ T5065] [ 122.163467][ T5065] ERROR: Out of memory at tomoyo_realpath_from_path. [ 122.355956][ T5081] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.519'. [ 123.112338][ T5096] netlink: 'syz.2.525': attribute type 29 has an invalid length. [ 123.120194][ T5096] netlink: 'syz.2.525': attribute type 3 has an invalid length. [ 123.128184][ T5096] netlink: 132 bytes leftover after parsing attributes in process `syz.2.525'. [ 123.396690][ T5104] FAULT_INJECTION: forcing a failure. [ 123.396690][ T5104] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.411634][ T5104] CPU: 1 PID: 5104 Comm: syz.2.528 Not tainted 5.15.167-syzkaller #0 [ 123.419714][ T5104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 123.429770][ T5104] Call Trace: [ 123.433048][ T5104] [ 123.435979][ T5104] dump_stack_lvl+0x1e3/0x2d0 [ 123.440756][ T5104] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 123.446408][ T5104] ? panic+0x860/0x860 [ 123.450518][ T5104] should_fail+0x38a/0x4c0 [ 123.454953][ T5104] _copy_from_user+0x2d/0x170 [ 123.459646][ T5104] kstrtouint_from_user+0xca/0x2a0 [ 123.464769][ T5104] ? kstrtol_from_user+0x310/0x310 [ 123.469888][ T5104] ? read_lock_is_recursive+0x10/0x10 [ 123.475273][ T5104] proc_fail_nth_write+0xa6/0x290 [ 123.480314][ T5104] ? rcu_read_lock_bh_held+0x110/0x110 [ 123.485775][ T5104] ? proc_fail_nth_read+0x210/0x210 [ 123.490984][ T5104] ? proc_fail_nth_read+0x210/0x210 [ 123.496195][ T5104] vfs_write+0x30c/0xe50 [ 123.500456][ T5104] ? file_end_write+0x250/0x250 [ 123.505319][ T5104] ? __fget_files+0x413/0x480 [ 123.510015][ T5104] ? mutex_lock_nested+0x17/0x20 [ 123.514966][ T5104] ? __fdget_pos+0x2cb/0x380 [ 123.519549][ T5104] ? ksys_write+0x77/0x2c0 [ 123.523959][ T5104] ksys_write+0x1a2/0x2c0 [ 123.528280][ T5104] ? print_irqtrace_events+0x210/0x210 [ 123.533732][ T5104] ? __ia32_sys_read+0x80/0x80 [ 123.538483][ T5104] ? syscall_enter_from_user_mode+0x2e/0x240 [ 123.544450][ T5104] ? lockdep_hardirqs_on+0x94/0x130 [ 123.549635][ T5104] ? syscall_enter_from_user_mode+0x2e/0x240 [ 123.555610][ T5104] do_syscall_64+0x3b/0xb0 [ 123.560010][ T5104] ? clear_bhb_loop+0x15/0x70 [ 123.564699][ T5104] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 123.570584][ T5104] RIP: 0033:0x7f8880d5a9df [ 123.574990][ T5104] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 123.594587][ T5104] RSP: 002b:00007f887f192030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 123.602993][ T5104] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8880d5a9df [ 123.610949][ T5104] RDX: 0000000000000001 RSI: 00007f887f1920a0 RDI: 0000000000000009 [ 123.618901][ T5104] RBP: 00007f887f192090 R08: 0000000000000000 R09: 0000000000000000 [ 123.626858][ T5104] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 123.634819][ T5104] R13: 0000000000000001 R14: 00007f8880f14130 R15: 00007ffc358921a8 [ 123.642786][ T5104] [ 123.684325][ T5111] FAULT_INJECTION: forcing a failure. [ 123.684325][ T5111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.698096][ T5111] CPU: 0 PID: 5111 Comm: syz.2.531 Not tainted 5.15.167-syzkaller #0 [ 123.706177][ T5111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 123.716224][ T5111] Call Trace: [ 123.719491][ T5111] [ 123.722406][ T5111] dump_stack_lvl+0x1e3/0x2d0 [ 123.727078][ T5111] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 123.732706][ T5111] ? panic+0x860/0x860 [ 123.736784][ T5111] ? snprintf+0xd6/0x120 [ 123.741020][ T5111] should_fail+0x38a/0x4c0 [ 123.745425][ T5111] _copy_to_user+0x2d/0x130 [ 123.749910][ T5111] simple_read_from_buffer+0xc6/0x150 [ 123.755273][ T5111] proc_fail_nth_read+0x1a3/0x210 [ 123.760287][ T5111] ? proc_fault_inject_write+0x390/0x390 [ 123.765907][ T5111] ? fsnotify_perm+0x442/0x590 [ 123.770662][ T5111] ? proc_fault_inject_write+0x390/0x390 [ 123.776295][ T5111] vfs_read+0x2fc/0xe10 [ 123.780443][ T5111] ? kernel_read+0x1f0/0x1f0 [ 123.785026][ T5111] ? __fget_files+0x413/0x480 [ 123.789697][ T5111] ? mutex_lock_nested+0x17/0x20 [ 123.794622][ T5111] ? __fdget_pos+0x2cb/0x380 [ 123.799201][ T5111] ? ksys_read+0x77/0x2c0 [ 123.803516][ T5111] ksys_read+0x1a2/0x2c0 [ 123.807744][ T5111] ? print_irqtrace_events+0x210/0x210 [ 123.813195][ T5111] ? vfs_write+0xe50/0xe50 [ 123.817599][ T5111] ? syscall_enter_from_user_mode+0x2e/0x240 [ 123.823571][ T5111] ? lockdep_hardirqs_on+0x94/0x130 [ 123.828759][ T5111] ? syscall_enter_from_user_mode+0x2e/0x240 [ 123.834972][ T5111] do_syscall_64+0x3b/0xb0 [ 123.839390][ T5111] ? clear_bhb_loop+0x15/0x70 [ 123.844061][ T5111] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 123.849952][ T5111] RIP: 0033:0x7f8880d5a93c [ 123.854360][ T5111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 123.873977][ T5111] RSP: 002b:00007f887f1d4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 123.882487][ T5111] RAX: ffffffffffffffda RBX: 00007f8880f13f80 RCX: 00007f8880d5a93c [ 123.890449][ T5111] RDX: 000000000000000f RSI: 00007f887f1d40a0 RDI: 0000000000000004 [ 123.898415][ T5111] RBP: 00007f887f1d4090 R08: 0000000000000000 R09: 0000000000000000 [ 123.906372][ T5111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.914337][ T5111] R13: 0000000000000000 R14: 00007f8880f13f80 R15: 00007ffc358921a8 [ 123.922312][ T5111] [ 123.990281][ T5115] netlink: 1038 bytes leftover after parsing attributes in process `syz.3.532'. [ 124.041870][ T5115] netlink: 'syz.3.532': attribute type 10 has an invalid length. [ 124.059135][ T5115] batman_adv: batadv0: Adding interface: team0 [ 124.066444][ T5115] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.093005][ T5115] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 124.104741][ T5119] FAULT_INJECTION: forcing a failure. [ 124.104741][ T5119] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 124.120035][ T5119] CPU: 1 PID: 5119 Comm: syz.2.535 Not tainted 5.15.167-syzkaller #0 [ 124.128109][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 124.138163][ T5119] Call Trace: [ 124.141431][ T5119] [ 124.144345][ T5119] dump_stack_lvl+0x1e3/0x2d0 [ 124.149013][ T5119] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 124.154635][ T5119] ? panic+0x860/0x860 [ 124.158698][ T5119] ? snprintf+0xd6/0x120 [ 124.162933][ T5119] should_fail+0x38a/0x4c0 [ 124.167343][ T5119] _copy_to_user+0x2d/0x130 [ 124.171840][ T5119] simple_read_from_buffer+0xc6/0x150 [ 124.177302][ T5119] proc_fail_nth_read+0x1a3/0x210 [ 124.182323][ T5119] ? proc_fault_inject_write+0x390/0x390 [ 124.187953][ T5119] ? fsnotify_perm+0x442/0x590 [ 124.192728][ T5119] ? proc_fault_inject_write+0x390/0x390 [ 124.198346][ T5119] vfs_read+0x2fc/0xe10 [ 124.202504][ T5119] ? kernel_read+0x1f0/0x1f0 [ 124.207088][ T5119] ? __fget_files+0x413/0x480 [ 124.211763][ T5119] ? mutex_lock_nested+0x17/0x20 [ 124.216685][ T5119] ? __fdget_pos+0x2cb/0x380 [ 124.221265][ T5119] ? ksys_read+0x77/0x2c0 [ 124.225583][ T5119] ksys_read+0x1a2/0x2c0 [ 124.229811][ T5119] ? print_irqtrace_events+0x210/0x210 [ 124.235261][ T5119] ? vfs_write+0xe50/0xe50 [ 124.239685][ T5119] ? syscall_enter_from_user_mode+0x2e/0x240 [ 124.245655][ T5119] ? lockdep_hardirqs_on+0x94/0x130 [ 124.250844][ T5119] ? syscall_enter_from_user_mode+0x2e/0x240 [ 124.256820][ T5119] do_syscall_64+0x3b/0xb0 [ 124.261226][ T5119] ? clear_bhb_loop+0x15/0x70 [ 124.265892][ T5119] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 124.271778][ T5119] RIP: 0033:0x7f8880d5a93c [ 124.276181][ T5119] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 124.295769][ T5119] RSP: 002b:00007f887f1d4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 124.304177][ T5119] RAX: ffffffffffffffda RBX: 00007f8880f13f80 RCX: 00007f8880d5a93c [ 124.312135][ T5119] RDX: 000000000000000f RSI: 00007f887f1d40a0 RDI: 0000000000000008 [ 124.320109][ T5119] RBP: 00007f887f1d4090 R08: 0000000000000000 R09: 0000000000000000 [ 124.328063][ T5119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.336020][ T5119] R13: 0000000000000000 R14: 00007f8880f13f80 R15: 00007ffc358921a8 [ 124.343991][ T5119] [ 124.477127][ T5122] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 124.483496][ T5122] dvmrp1: linktype set to 769 [ 124.602566][ T5134] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.540'. [ 125.347949][ T5169] netlink: 'syz.2.553': attribute type 6 has an invalid length. [ 125.358323][ T5169] netlink: 134780 bytes leftover after parsing attributes in process `syz.2.553'. [ 125.412381][ T5174] FAULT_INJECTION: forcing a failure. [ 125.412381][ T5174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 125.450592][ T5174] CPU: 0 PID: 5174 Comm: syz.3.554 Not tainted 5.15.167-syzkaller #0 [ 125.458688][ T5174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 125.468847][ T5174] Call Trace: [ 125.472130][ T5174] [ 125.475073][ T5174] dump_stack_lvl+0x1e3/0x2d0 [ 125.479768][ T5174] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 125.485544][ T5174] ? panic+0x860/0x860 [ 125.489627][ T5174] ? __lock_acquire+0x1ff0/0x1ff0 [ 125.494670][ T5174] should_fail+0x38a/0x4c0 [ 125.499103][ T5174] _copy_from_user+0x2d/0x170 [ 125.503781][ T5174] get_user_ifreq+0xbe/0x1f0 [ 125.508357][ T5174] sock_ioctl+0x637/0x770 [ 125.512678][ T5174] ? sock_poll+0x410/0x410 [ 125.517129][ T5174] ? bpf_lsm_file_ioctl+0x5/0x10 [ 125.522066][ T5174] ? security_file_ioctl+0x7d/0xa0 [ 125.527171][ T5174] ? sock_poll+0x410/0x410 [ 125.531596][ T5174] __se_sys_ioctl+0xf1/0x160 [ 125.536189][ T5174] do_syscall_64+0x3b/0xb0 [ 125.540585][ T5174] ? clear_bhb_loop+0x15/0x70 [ 125.545239][ T5174] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 125.551115][ T5174] RIP: 0033:0x7f88d933aef9 [ 125.555508][ T5174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.575098][ T5174] RSP: 002b:00007f88d77b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 125.583507][ T5174] RAX: ffffffffffffffda RBX: 00007f88d94f2f80 RCX: 00007f88d933aef9 [ 125.591462][ T5174] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 125.599414][ T5174] RBP: 00007f88d77b3090 R08: 0000000000000000 R09: 0000000000000000 [ 125.607368][ T5174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 125.615355][ T5174] R13: 0000000000000000 R14: 00007f88d94f2f80 R15: 00007ffeb8abcdf8 [ 125.623510][ T5174] [ 125.884718][ T5197] netlink: 'syz.3.564': attribute type 1 has an invalid length. [ 125.893095][ T5197] netlink: 127868 bytes leftover after parsing attributes in process `syz.3.564'. [ 127.018444][ T5230] raw_sendmsg: syz.2.574 forgot to set AF_INET. Fix it! [ 127.159488][ T5235] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.576'. [ 127.878237][ T5268] syz.2.591[5268] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 127.878325][ T5268] syz.2.591[5268] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 127.916763][ T5270] FAULT_INJECTION: forcing a failure. [ 127.916763][ T5270] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.949213][ T5270] CPU: 0 PID: 5270 Comm: syz.3.592 Not tainted 5.15.167-syzkaller #0 [ 127.957293][ T5270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 127.967336][ T5270] Call Trace: [ 127.970604][ T5270] [ 127.973542][ T5270] dump_stack_lvl+0x1e3/0x2d0 [ 127.978206][ T5270] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 127.983830][ T5270] ? panic+0x860/0x860 [ 127.987901][ T5270] ? __lock_acquire+0x1ff0/0x1ff0 [ 127.992930][ T5270] should_fail+0x38a/0x4c0 [ 127.997341][ T5270] _copy_from_user+0x2d/0x170 [ 128.002015][ T5270] get_user_ifreq+0xbe/0x1f0 [ 128.006614][ T5270] sock_ioctl+0x637/0x770 [ 128.010953][ T5270] ? sock_poll+0x410/0x410 [ 128.015375][ T5270] ? bpf_lsm_file_ioctl+0x5/0x10 [ 128.020307][ T5270] ? security_file_ioctl+0x7d/0xa0 [ 128.025409][ T5270] ? sock_poll+0x410/0x410 [ 128.029845][ T5270] __se_sys_ioctl+0xf1/0x160 [ 128.034432][ T5270] do_syscall_64+0x3b/0xb0 [ 128.038843][ T5270] ? clear_bhb_loop+0x15/0x70 [ 128.043506][ T5270] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 128.049386][ T5270] RIP: 0033:0x7f88d933aef9 [ 128.053995][ T5270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.073592][ T5270] RSP: 002b:00007f88d77b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 128.082020][ T5270] RAX: ffffffffffffffda RBX: 00007f88d94f2f80 RCX: 00007f88d933aef9 [ 128.089997][ T5270] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 128.097959][ T5270] RBP: 00007f88d77b3090 R08: 0000000000000000 R09: 0000000000000000 [ 128.105917][ T5270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.113876][ T5270] R13: 0000000000000000 R14: 00007f88d94f2f80 R15: 00007ffeb8abcdf8 [ 128.121855][ T5270] [ 128.131054][ T5274] netlink: 'syz.2.593': attribute type 10 has an invalid length. [ 128.156241][ T5274] tap0: tun_chr_ioctl cmd 1074812118 [ 128.948902][ T5295] syz.2.600[5295] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.948967][ T5295] syz.2.600[5295] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.358742][ T5315] syz.2.608[5315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.375405][ T5315] syz.2.608[5315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.419445][ T5317] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.609'. [ 129.484780][ T5322] netlink: 'syz.2.611': attribute type 19 has an invalid length. [ 129.494369][ T5322] netlink: 40 bytes leftover after parsing attributes in process `syz.2.611'. [ 129.715770][ T5330] netlink: 14975 bytes leftover after parsing attributes in process `syz.2.614'. [ 129.828253][ T5339] syz.3.617[5339] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.828345][ T5339] syz.3.617[5339] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.996047][ T5350] FAULT_INJECTION: forcing a failure. [ 129.996047][ T5350] name failslab, interval 1, probability 0, space 0, times 0 [ 130.022794][ T5350] CPU: 1 PID: 5350 Comm: syz.2.623 Not tainted 5.15.167-syzkaller #0 [ 130.030874][ T5350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 130.041048][ T5350] Call Trace: [ 130.044308][ T5350] [ 130.047225][ T5350] dump_stack_lvl+0x1e3/0x2d0 [ 130.051932][ T5350] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 130.057550][ T5350] ? panic+0x860/0x860 [ 130.061612][ T5350] ? __might_sleep+0xc0/0xc0 [ 130.066200][ T5350] should_fail+0x38a/0x4c0 [ 130.070609][ T5350] should_failslab+0x5/0x20 [ 130.075099][ T5350] slab_pre_alloc_hook+0x53/0xc0 [ 130.080038][ T5350] kmem_cache_alloc_node+0x49/0x2c0 [ 130.085224][ T5350] ? __alloc_skb+0xdd/0x590 [ 130.089721][ T5350] __alloc_skb+0xdd/0x590 [ 130.094061][ T5350] rtmsg_ifinfo_build_skb+0x81/0x180 [ 130.099352][ T5350] rtmsg_ifinfo+0x71/0x120 [ 130.103789][ T5350] netdev_state_change+0x1be/0x250 [ 130.108906][ T5350] ? netdev_features_change+0x1b0/0x1b0 [ 130.114458][ T5350] ? ipip6_tunnel_update_6rd+0x3b3/0x700 [ 130.120094][ T5350] ipip6_tunnel_update_6rd+0x4b6/0x700 [ 130.125579][ T5350] ? ipip6_tunnel_link+0x1f0/0x1f0 [ 130.130700][ T5350] ? __might_fault+0xb4/0x110 [ 130.135383][ T5350] ipip6_tunnel_siocdevprivate+0x6b4/0x1750 [ 130.141289][ T5350] ? sit_tunnel_xmit+0x26e0/0x26e0 [ 130.146391][ T5350] ? __mutex_trylock_common+0x17e/0x2e0 [ 130.151937][ T5350] ? __might_sleep+0xc0/0xc0 [ 130.156548][ T5350] ? rcu_lock_release+0x20/0x20 [ 130.161429][ T5350] ? __mutex_lock_common+0x444/0x25a0 [ 130.166808][ T5350] ? full_name_hash+0x8f/0xe0 [ 130.171492][ T5350] dev_ifsioc+0xc75/0x10c0 [ 130.175912][ T5350] ? dev_ioctl+0x598/0xf60 [ 130.180330][ T5350] ? dev_ioctl+0xf60/0xf60 [ 130.184728][ T5350] ? full_name_hash+0x8f/0xe0 [ 130.189394][ T5350] dev_ioctl+0x5ab/0xf60 [ 130.193627][ T5350] sock_ioctl+0x68f/0x770 [ 130.197982][ T5350] ? sock_poll+0x410/0x410 [ 130.202390][ T5350] ? bpf_lsm_file_ioctl+0x5/0x10 [ 130.207316][ T5350] ? security_file_ioctl+0x7d/0xa0 [ 130.212416][ T5350] ? sock_poll+0x410/0x410 [ 130.216825][ T5350] __se_sys_ioctl+0xf1/0x160 [ 130.221408][ T5350] do_syscall_64+0x3b/0xb0 [ 130.225832][ T5350] ? clear_bhb_loop+0x15/0x70 [ 130.230506][ T5350] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 130.236381][ T5350] RIP: 0033:0x7f8880d5bef9 [ 130.240801][ T5350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.260385][ T5350] RSP: 002b:00007f887f1d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 130.268780][ T5350] RAX: ffffffffffffffda RBX: 00007f8880f13f80 RCX: 00007f8880d5bef9 [ 130.276730][ T5350] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 130.284701][ T5350] RBP: 00007f887f1d4090 R08: 0000000000000000 R09: 0000000000000000 [ 130.292653][ T5350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.300717][ T5350] R13: 0000000000000000 R14: 00007f8880f13f80 R15: 00007ffc358921a8 [ 130.308694][ T5350] [ 130.425221][ T5362] netlink: 1 bytes leftover after parsing attributes in process `syz.2.626'. [ 130.427129][ T5364] syz.3.627[5364] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.434796][ T5364] syz.3.627[5364] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.614742][ T5372] netlink: 'syz.2.631': attribute type 10 has an invalid length. [ 130.637124][ T5372] device bridge_slave_1 left promiscuous mode [ 130.647280][ T5372] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.661563][ T5372] device bridge_slave_0 left promiscuous mode [ 130.670441][ T5372] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.808348][ T5378] netlink: 105084 bytes leftover after parsing attributes in process `syz.3.633'. [ 130.817781][ T5378] netlink: 31 bytes leftover after parsing attributes in process `syz.3.633'. [ 131.903483][ T5395] netlink: 'syz.3.638': attribute type 10 has an invalid length. [ 131.930922][ T5395] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.956551][ T5395] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 132.159164][ T5406] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.642'. [ 132.452230][ T5420] netlink: 67 bytes leftover after parsing attributes in process `syz.2.647'. [ 132.474684][ T5421] syz_tun: tun_net_xmit 62 [ 132.480163][ T5422] syz_tun: tun_net_xmit 62 [ 132.512286][ T1387] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.519122][ T1387] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.697670][ T5432] FAULT_INJECTION: forcing a failure. [ 132.697670][ T5432] name failslab, interval 1, probability 0, space 0, times 0 [ 132.710824][ T5432] CPU: 0 PID: 5432 Comm: syz.3.652 Not tainted 5.15.167-syzkaller #0 [ 132.718903][ T5432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 132.728944][ T5432] Call Trace: [ 132.732208][ T5432] [ 132.735125][ T5432] dump_stack_lvl+0x1e3/0x2d0 [ 132.739794][ T5432] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 132.745411][ T5432] ? panic+0x860/0x860 [ 132.749490][ T5432] ? __might_sleep+0xc0/0xc0 [ 132.754082][ T5432] should_fail+0x38a/0x4c0 [ 132.758513][ T5432] should_failslab+0x5/0x20 [ 132.763008][ T5432] slab_pre_alloc_hook+0x53/0xc0 [ 132.767951][ T5432] __kmalloc_node_track_caller+0x6b/0x390 [ 132.773660][ T5432] ? rtmsg_ifinfo_build_skb+0x81/0x180 [ 132.779109][ T5432] ? kmem_cache_alloc_node+0x154/0x2c0 [ 132.784550][ T5432] ? __alloc_skb+0xdd/0x590 [ 132.789038][ T5432] ? rtmsg_ifinfo_build_skb+0x81/0x180 [ 132.794479][ T5432] __alloc_skb+0x12c/0x590 [ 132.798883][ T5432] rtmsg_ifinfo_build_skb+0x81/0x180 [ 132.804156][ T5432] rtmsg_ifinfo+0x71/0x120 [ 132.808560][ T5432] netdev_state_change+0x1be/0x250 [ 132.813657][ T5432] ? netdev_features_change+0x1b0/0x1b0 [ 132.819201][ T5432] ? ipip6_tunnel_update_6rd+0x3b3/0x700 [ 132.824836][ T5432] ipip6_tunnel_update_6rd+0x4b6/0x700 [ 132.830286][ T5432] ? ipip6_tunnel_link+0x1f0/0x1f0 [ 132.835382][ T5432] ? __might_fault+0xb4/0x110 [ 132.840050][ T5432] ipip6_tunnel_siocdevprivate+0x6b4/0x1750 [ 132.845934][ T5432] ? sit_tunnel_xmit+0x26e0/0x26e0 [ 132.851033][ T5432] ? __mutex_trylock_common+0x17e/0x2e0 [ 132.856565][ T5432] ? __might_sleep+0xc0/0xc0 [ 132.861142][ T5432] ? rcu_lock_release+0x20/0x20 [ 132.865984][ T5432] ? __mutex_lock_common+0x444/0x25a0 [ 132.871369][ T5432] ? full_name_hash+0x8f/0xe0 [ 132.876052][ T5432] dev_ifsioc+0xc75/0x10c0 [ 132.880453][ T5432] ? dev_ioctl+0x598/0xf60 [ 132.884856][ T5432] ? dev_ioctl+0xf60/0xf60 [ 132.889257][ T5432] ? full_name_hash+0x8f/0xe0 [ 132.893926][ T5432] dev_ioctl+0x5ab/0xf60 [ 132.898159][ T5432] sock_ioctl+0x68f/0x770 [ 132.902476][ T5432] ? sock_poll+0x410/0x410 [ 132.906892][ T5432] ? bpf_lsm_file_ioctl+0x5/0x10 [ 132.911820][ T5432] ? security_file_ioctl+0x7d/0xa0 [ 132.916922][ T5432] ? sock_poll+0x410/0x410 [ 132.921350][ T5432] __se_sys_ioctl+0xf1/0x160 [ 132.925941][ T5432] do_syscall_64+0x3b/0xb0 [ 132.930343][ T5432] ? clear_bhb_loop+0x15/0x70 [ 132.935006][ T5432] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 132.940882][ T5432] RIP: 0033:0x7f88d933aef9 [ 132.945283][ T5432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.964869][ T5432] RSP: 002b:00007f88d77b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 132.973284][ T5432] RAX: ffffffffffffffda RBX: 00007f88d94f2f80 RCX: 00007f88d933aef9 [ 132.981247][ T5432] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 132.989202][ T5432] RBP: 00007f88d77b3090 R08: 0000000000000000 R09: 0000000000000000 [ 132.997156][ T5432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.005115][ T5432] R13: 0000000000000000 R14: 00007f88d94f2f80 R15: 00007ffeb8abcdf8 [ 133.013080][ T5432] [ 133.111118][ T5438] netlink: 'syz.2.655': attribute type 2 has an invalid length. [ 133.118979][ T5438] netlink: 'syz.2.655': attribute type 8 has an invalid length. [ 133.129059][ T5438] netlink: 132 bytes leftover after parsing attributes in process `syz.2.655'. [ 133.264987][ T5443] netlink: 132 bytes leftover after parsing attributes in process `syz.3.657'. [ 133.278676][ T5438] netlink: 'syz.2.655': attribute type 2 has an invalid length. [ 133.290489][ T5438] netlink: 'syz.2.655': attribute type 8 has an invalid length. [ 133.568079][ T5464] bpf_get_probe_write_proto: 2 callbacks suppressed [ 133.568106][ T5464] syz.3.664[5464] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.578215][ T5464] syz.3.664[5464] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.671969][ T5466] netlink: 'syz.3.665': attribute type 17 has an invalid length. [ 133.748422][ T5470] syz.3.666[5470] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.748483][ T5470] syz.3.666[5470] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.767368][ T5470] FAULT_INJECTION: forcing a failure. [ 133.767368][ T5470] name failslab, interval 1, probability 0, space 0, times 0 [ 133.791403][ T5470] CPU: 1 PID: 5470 Comm: syz.3.666 Not tainted 5.15.167-syzkaller #0 [ 133.799447][ T5470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 133.809484][ T5470] Call Trace: [ 133.812756][ T5470] [ 133.815688][ T5470] dump_stack_lvl+0x1e3/0x2d0 [ 133.820357][ T5470] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 133.825976][ T5470] ? panic+0x860/0x860 [ 133.830036][ T5470] should_fail+0x38a/0x4c0 [ 133.834444][ T5470] should_failslab+0x5/0x20 [ 133.838935][ T5470] slab_pre_alloc_hook+0x53/0xc0 [ 133.843859][ T5470] ? __sigqueue_alloc+0x3be/0x4d0 [ 133.848864][ T5470] kmem_cache_alloc+0x3f/0x280 [ 133.853630][ T5470] __sigqueue_alloc+0x3be/0x4d0 [ 133.858470][ T5470] __send_signal+0x21f/0xd40 [ 133.863048][ T5470] force_sig_info_to_task+0x327/0x470 [ 133.868415][ T5470] force_sig+0x114/0x1d0 [ 133.872647][ T5470] ? send_sig+0x1a0/0x1a0 [ 133.876984][ T5470] ? exc_general_protection+0x62/0x4f0 [ 133.882437][ T5470] exc_general_protection+0x122/0x4f0 [ 133.887796][ T5470] ? account_other_time+0x64/0x280 [ 133.892917][ T5470] ? vtime_user_enter+0x1eb/0x2d0 [ 133.897937][ T5470] ? syscall_exit_to_user_mode+0x7b/0x240 [ 133.903651][ T5470] asm_exc_general_protection+0x22/0x30 [ 133.909180][ T5470] RIP: 0033:0x7f88d9313779 [ 133.913589][ T5470] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 [ 133.933192][ T5470] RSP: 002b:00007f88d77b27c8 EFLAGS: 00010283 [ 133.939243][ T5470] RAX: 0000000000000999 RBX: 00007f88d77b2d30 RCX: 00007f88d94b9160 [ 133.947201][ T5470] RDX: 9999999999999999 RSI: 00007f88d93ad934 RDI: 9999999999999999 [ 133.955176][ T5470] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 133.963133][ T5470] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073 [ 133.971113][ T5470] R13: 00007f88d77b2eb0 R14: 9999999999999999 R15: 0000000000000000 [ 133.979078][ T5470] [ 135.318495][ T5500] netlink: 'syz.3.677': attribute type 10 has an invalid length. [ 135.327429][ T5500] netlink: 'syz.3.677': attribute type 4 has an invalid length. [ 135.335196][ T5500] __nla_validate_parse: 3 callbacks suppressed [ 135.335207][ T5500] netlink: 152 bytes leftover after parsing attributes in process `syz.3.677'. [ 135.361037][ T5500] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 135.378203][ T5499] netlink: 'syz.3.677': attribute type 10 has an invalid length. [ 135.387242][ T5499] netlink: 'syz.3.677': attribute type 4 has an invalid length. [ 135.401617][ T5499] netlink: 152 bytes leftover after parsing attributes in process `syz.3.677'. [ 135.410981][ T5499] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 135.598273][ T5508] netlink: 830 bytes leftover after parsing attributes in process `syz.2.680'. [ 135.639720][ T5512] FAULT_INJECTION: forcing a failure. [ 135.639720][ T5512] name failslab, interval 1, probability 0, space 0, times 0 [ 135.655021][ T5512] CPU: 1 PID: 5512 Comm: syz.3.682 Not tainted 5.15.167-syzkaller #0 [ 135.663110][ T5512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 135.673166][ T5512] Call Trace: [ 135.676432][ T5512] [ 135.679348][ T5512] dump_stack_lvl+0x1e3/0x2d0 [ 135.684013][ T5512] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 135.689628][ T5512] ? panic+0x860/0x860 [ 135.693682][ T5512] ? __might_sleep+0xc0/0xc0 [ 135.698261][ T5512] should_fail+0x38a/0x4c0 [ 135.702661][ T5512] should_failslab+0x5/0x20 [ 135.707147][ T5512] slab_pre_alloc_hook+0x53/0xc0 [ 135.712085][ T5512] __kmalloc_node_track_caller+0x6b/0x390 [ 135.717814][ T5512] ? rtmsg_ifinfo_build_skb+0x81/0x180 [ 135.723280][ T5512] ? kmem_cache_alloc_node+0x154/0x2c0 [ 135.728725][ T5512] ? __alloc_skb+0xdd/0x590 [ 135.733213][ T5512] ? rtmsg_ifinfo_build_skb+0x81/0x180 [ 135.738657][ T5512] __alloc_skb+0x12c/0x590 [ 135.743059][ T5512] rtmsg_ifinfo_build_skb+0x81/0x180 [ 135.748328][ T5512] rtmsg_ifinfo+0x71/0x120 [ 135.752754][ T5512] netdev_state_change+0x1be/0x250 [ 135.757876][ T5512] ? netdev_features_change+0x1b0/0x1b0 [ 135.763431][ T5512] ? ipip6_tunnel_update_6rd+0x3b3/0x700 [ 135.769065][ T5512] ipip6_tunnel_update_6rd+0x4b6/0x700 [ 135.774526][ T5512] ? ipip6_tunnel_link+0x1f0/0x1f0 [ 135.779615][ T5512] ? __might_fault+0xb4/0x110 [ 135.784277][ T5512] ipip6_tunnel_siocdevprivate+0x6b4/0x1750 [ 135.790166][ T5512] ? sit_tunnel_xmit+0x26e0/0x26e0 [ 135.795259][ T5512] ? __mutex_trylock_common+0x17e/0x2e0 [ 135.800784][ T5512] ? __might_sleep+0xc0/0xc0 [ 135.805362][ T5512] ? rcu_lock_release+0x20/0x20 [ 135.810198][ T5512] ? __mutex_lock_common+0x444/0x25a0 [ 135.815562][ T5512] ? full_name_hash+0x8f/0xe0 [ 135.820259][ T5512] dev_ifsioc+0xc75/0x10c0 [ 135.824680][ T5512] ? dev_ioctl+0x598/0xf60 [ 135.829096][ T5512] ? dev_ioctl+0xf60/0xf60 [ 135.833503][ T5512] ? full_name_hash+0x8f/0xe0 [ 135.838178][ T5512] dev_ioctl+0x5ab/0xf60 [ 135.842410][ T5512] sock_ioctl+0x68f/0x770 [ 135.846726][ T5512] ? sock_poll+0x410/0x410 [ 135.851151][ T5512] ? bpf_lsm_file_ioctl+0x5/0x10 [ 135.856073][ T5512] ? security_file_ioctl+0x7d/0xa0 [ 135.861173][ T5512] ? sock_poll+0x410/0x410 [ 135.865601][ T5512] __se_sys_ioctl+0xf1/0x160 [ 135.870197][ T5512] do_syscall_64+0x3b/0xb0 [ 135.874603][ T5512] ? clear_bhb_loop+0x15/0x70 [ 135.879268][ T5512] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 135.885162][ T5512] RIP: 0033:0x7f88d933aef9 [ 135.889556][ T5512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.909139][ T5512] RSP: 002b:00007f88d77b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 135.917537][ T5512] RAX: ffffffffffffffda RBX: 00007f88d94f2f80 RCX: 00007f88d933aef9 [ 135.925498][ T5512] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 135.933450][ T5512] RBP: 00007f88d77b3090 R08: 0000000000000000 R09: 0000000000000000 [ 135.941401][ T5512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.949348][ T5512] R13: 0000000000000000 R14: 00007f88d94f2f80 R15: 00007ffeb8abcdf8 [ 135.957398][ T5512] [ 136.493057][ T5543] syz.3.694[5543] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.493174][ T5543] syz.3.694[5543] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.562447][ T5547] syz.3.696[5547] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.574254][ T5547] syz.3.696[5547] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.587671][ T5547] FAULT_INJECTION: forcing a failure. [ 136.587671][ T5547] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 136.612151][ T5547] CPU: 0 PID: 5547 Comm: syz.3.696 Not tainted 5.15.167-syzkaller #0 [ 136.620206][ T5547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 136.630241][ T5547] Call Trace: [ 136.633502][ T5547] [ 136.636415][ T5547] dump_stack_lvl+0x1e3/0x2d0 [ 136.641087][ T5547] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 136.646724][ T5547] ? panic+0x860/0x860 [ 136.650810][ T5547] ? read_lock_is_recursive+0x10/0x10 [ 136.656166][ T5547] should_fail+0x38a/0x4c0 [ 136.660569][ T5547] copy_to_user_nofault+0xdd/0x1c0 [ 136.665673][ T5547] bpf_prog_5cb5524816e22ab1+0x3f/0x6c8 [ 136.671223][ T5547] bpf_trace_run5+0x222/0x3e0 [ 136.675891][ T5547] ? bpf_trace_run4+0x390/0x390 [ 136.680747][ T5547] ? __sigqueue_alloc+0x3be/0x4d0 [ 136.685773][ T5547] ? rcu_is_watching+0x11/0xa0 [ 136.690532][ T5547] ? __sigqueue_alloc+0x3be/0x4d0 [ 136.695536][ T5547] ? __bpf_trace_signal_generate+0x20/0x40 [ 136.701335][ T5547] trace_signal_generate+0x182/0x1f0 [ 136.706623][ T5547] __send_signal+0xadc/0xd40 [ 136.711205][ T5547] force_sig_info_to_task+0x327/0x470 [ 136.716567][ T5547] force_sig+0x114/0x1d0 [ 136.720804][ T5547] ? send_sig+0x1a0/0x1a0 [ 136.725147][ T5547] ? exc_general_protection+0x62/0x4f0 [ 136.730606][ T5547] exc_general_protection+0x122/0x4f0 [ 136.735961][ T5547] ? account_other_time+0x64/0x280 [ 136.741066][ T5547] ? vtime_user_enter+0x1eb/0x2d0 [ 136.746101][ T5547] ? syscall_exit_to_user_mode+0x7b/0x240 [ 136.751826][ T5547] asm_exc_general_protection+0x22/0x30 [ 136.757361][ T5547] RIP: 0033:0x7f88d9313779 [ 136.761770][ T5547] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 [ 136.781374][ T5547] RSP: 002b:00007f88d77b27c8 EFLAGS: 00010283 [ 136.787443][ T5547] RAX: 0000000000000999 RBX: 00007f88d77b2d30 RCX: 00007f88d94b9160 [ 136.795404][ T5547] RDX: 9999999999999999 RSI: 00007f88d93ad934 RDI: 9999999999999999 [ 136.803364][ T5547] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 136.811328][ T5547] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073 [ 136.819283][ T5547] R13: 00007f88d77b2eb0 R14: 9999999999999999 R15: 0000000000000000 [ 136.827275][ T5547] [ 137.364279][ T5568] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.705'. [ 137.742073][ T5577] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 138.157676][ T5591] netlink: 463 bytes leftover after parsing attributes in process `syz.2.713'. [ 138.248095][ T5593] FAULT_INJECTION: forcing a failure. [ 138.248095][ T5593] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 138.261300][ T5593] CPU: 1 PID: 5593 Comm: syz.2.714 Not tainted 5.15.167-syzkaller #0 [ 138.269360][ T5593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 138.279396][ T5593] Call Trace: [ 138.282663][ T5593] [ 138.285576][ T5593] dump_stack_lvl+0x1e3/0x2d0 [ 138.290245][ T5593] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 138.295865][ T5593] ? panic+0x860/0x860 [ 138.299924][ T5593] ? __lock_acquire+0x1ff0/0x1ff0 [ 138.304941][ T5593] should_fail+0x38a/0x4c0 [ 138.309358][ T5593] _copy_to_user+0x2d/0x130 [ 138.313844][ T5593] put_user_ifreq+0xe3/0x130 [ 138.318447][ T5593] sock_ioctl+0x6e0/0x770 [ 138.322770][ T5593] ? sock_poll+0x410/0x410 [ 138.327206][ T5593] ? bpf_lsm_file_ioctl+0x5/0x10 [ 138.332171][ T5593] ? security_file_ioctl+0x7d/0xa0 [ 138.337272][ T5593] ? sock_poll+0x410/0x410 [ 138.341679][ T5593] __se_sys_ioctl+0xf1/0x160 [ 138.346254][ T5593] do_syscall_64+0x3b/0xb0 [ 138.350653][ T5593] ? clear_bhb_loop+0x15/0x70 [ 138.355319][ T5593] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 138.361197][ T5593] RIP: 0033:0x7f8880d5bef9 [ 138.365593][ T5593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.385188][ T5593] RSP: 002b:00007f887f1d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 138.393592][ T5593] RAX: ffffffffffffffda RBX: 00007f8880f13f80 RCX: 00007f8880d5bef9 [ 138.401576][ T5593] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 138.409549][ T5593] RBP: 00007f887f1d4090 R08: 0000000000000000 R09: 0000000000000000 [ 138.417524][ T5593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.425488][ T5593] R13: 0000000000000000 R14: 00007f8880f13f80 R15: 00007ffc358921a8 [ 138.433476][ T5593] [ 138.520986][ T5597] netlink: 'syz.3.716': attribute type 10 has an invalid length. [ 138.607246][ T5602] netlink: 'syz.2.718': attribute type 21 has an invalid length. [ 138.666540][ T5605] netlink: 'syz.3.719': attribute type 8 has an invalid length. [ 138.679054][ T5605] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.719'. [ 138.886087][ T5618] syz.3.724[5618] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 138.886200][ T5618] syz.3.724[5618] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.027053][ T5624] syz.2.726[5624] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.043384][ T5624] syz.2.726[5624] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.056602][ T5624] FAULT_INJECTION: forcing a failure. [ 139.056602][ T5624] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.081217][ T5624] CPU: 0 PID: 5624 Comm: syz.2.726 Not tainted 5.15.167-syzkaller #0 [ 139.089398][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 139.099453][ T5624] Call Trace: [ 139.102735][ T5624] [ 139.105664][ T5624] dump_stack_lvl+0x1e3/0x2d0 [ 139.110356][ T5624] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 139.115980][ T5624] ? panic+0x860/0x860 [ 139.120047][ T5624] ? __lock_acquire+0x1ff0/0x1ff0 [ 139.125057][ T5624] ? __local_bh_enable_ip+0x164/0x1f0 [ 139.130417][ T5624] ? local_bh_enable+0x5/0x20 [ 139.135087][ T5624] should_fail+0x38a/0x4c0 [ 139.139497][ T5624] copy_fpstate_to_sigframe+0x85d/0xb40 [ 139.145041][ T5624] ? fpregs_set+0x700/0x700 [ 139.149538][ T5624] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 139.155538][ T5624] ? print_irqtrace_events+0x210/0x210 [ 139.160987][ T5624] ? get_signal+0x8ac/0x14e0 [ 139.165563][ T5624] ? fpu__alloc_mathframe+0x80/0x140 [ 139.170836][ T5624] get_sigframe+0x378/0x4b0 [ 139.175416][ T5624] ? _raw_spin_unlock_irq+0x1f/0x40 [ 139.180602][ T5624] ? lockdep_hardirqs_on+0x94/0x130 [ 139.185795][ T5624] ? restore_sigcontext+0x710/0x710 [ 139.190997][ T5624] arch_do_signal_or_restart+0x4ac/0x1890 [ 139.196713][ T5624] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 139.202615][ T5624] ? lockdep_hardirqs_on+0x94/0x130 [ 139.207826][ T5624] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 139.213732][ T5624] ? _raw_spin_unlock+0x40/0x40 [ 139.218592][ T5624] ? get_sigframe_size+0x10/0x10 [ 139.223524][ T5624] ? force_sig_info_to_task+0x34a/0x470 [ 139.229072][ T5624] ? force_sig+0x114/0x1d0 [ 139.233481][ T5624] ? send_sig+0x1a0/0x1a0 [ 139.237811][ T5624] ? exit_to_user_mode_loop+0x39/0x130 [ 139.243272][ T5624] exit_to_user_mode_loop+0x97/0x130 [ 139.248560][ T5624] exit_to_user_mode_prepare+0xb1/0x140 [ 139.254094][ T5624] irqentry_exit_to_user_mode+0x5/0x30 [ 139.259556][ T5624] exc_general_protection+0x358/0x4f0 [ 139.264918][ T5624] ? account_other_time+0x64/0x280 [ 139.270017][ T5624] ? vtime_user_enter+0x1eb/0x2d0 [ 139.275034][ T5624] ? syscall_exit_to_user_mode+0x7b/0x240 [ 139.280747][ T5624] asm_exc_general_protection+0x22/0x30 [ 139.286281][ T5624] RIP: 0033:0x7f8880d34779 [ 139.290685][ T5624] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 [ 139.310282][ T5624] RSP: 002b:00007f887f1d37c8 EFLAGS: 00010283 [ 139.316368][ T5624] RAX: 0000000000000999 RBX: 00007f887f1d3d30 RCX: 00007f8880eda160 [ 139.324329][ T5624] RDX: 9999999999999999 RSI: 00007f8880dce934 RDI: 9999999999999999 [ 139.332286][ T5624] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 139.340238][ T5624] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073 [ 139.348193][ T5624] R13: 00007f887f1d3eb0 R14: 9999999999999999 R15: 0000000000000000 [ 139.356165][ T5624] [ 139.948932][ T5645] device syzkaller0 entered promiscuous mode [ 140.262755][ T5651] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.735'. [ 140.429279][ T5656] netlink: 10 bytes leftover after parsing attributes in process `syz.3.737'. [ 140.608323][ T5667] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 140.736060][ T5675] FAULT_INJECTION: forcing a failure. [ 140.736060][ T5675] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 140.752436][ T5675] CPU: 0 PID: 5675 Comm: syz.2.744 Not tainted 5.15.167-syzkaller #0 [ 140.760543][ T5675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 140.770591][ T5675] Call Trace: [ 140.773872][ T5675] [ 140.776806][ T5675] dump_stack_lvl+0x1e3/0x2d0 [ 140.781486][ T5675] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 140.787139][ T5675] ? panic+0x860/0x860 [ 140.791224][ T5675] ? __lock_acquire+0x1ff0/0x1ff0 [ 140.796279][ T5675] should_fail+0x38a/0x4c0 [ 140.800711][ T5675] _copy_to_user+0x2d/0x130 [ 140.805285][ T5675] put_user_ifreq+0xe3/0x130 [ 140.809895][ T5675] sock_ioctl+0x6e0/0x770 [ 140.814225][ T5675] ? sock_poll+0x410/0x410 [ 140.818664][ T5675] ? bpf_lsm_file_ioctl+0x5/0x10 [ 140.823597][ T5675] ? security_file_ioctl+0x7d/0xa0 [ 140.828705][ T5675] ? sock_poll+0x410/0x410 [ 140.833134][ T5675] __se_sys_ioctl+0xf1/0x160 [ 140.837742][ T5675] do_syscall_64+0x3b/0xb0 [ 140.842149][ T5675] ? clear_bhb_loop+0x15/0x70 [ 140.846814][ T5675] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 140.852702][ T5675] RIP: 0033:0x7f8880d5bef9 [ 140.857121][ T5675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.876719][ T5675] RSP: 002b:00007f887f1d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 140.885141][ T5675] RAX: ffffffffffffffda RBX: 00007f8880f13f80 RCX: 00007f8880d5bef9 [ 140.893109][ T5675] RDX: 0000000020000080 RSI: 00000000000089f9 RDI: 0000000000000004 [ 140.901088][ T5675] RBP: 00007f887f1d4090 R08: 0000000000000000 R09: 0000000000000000 [ 140.909082][ T5675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 140.917042][ T5675] R13: 0000000000000000 R14: 00007f8880f13f80 R15: 00007ffc358921a8 [ 140.925013][ T5675] [ 141.732245][ T5689] netlink: 'syz.2.749': attribute type 1 has an invalid length. [ 141.740065][ T5689] netlink: 152 bytes leftover after parsing attributes in process `syz.2.749'. [ 142.134475][ T5702] device veth0_vlan left promiscuous mode [ 142.144832][ T5702] device veth0_vlan entered promiscuous mode [ 142.163402][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 142.174983][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 142.183331][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 142.382713][ T5714] netlink: 1 bytes leftover after parsing attributes in process `syz.2.758'. [ 142.651933][ T5720] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.761'. [ 142.811515][ T5724] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.763'. [ 143.382512][ T5746] FAULT_INJECTION: forcing a failure. [ 143.382512][ T5746] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.399036][ T5746] CPU: 0 PID: 5746 Comm: syz.3.771 Not tainted 5.15.167-syzkaller #0 [ 143.407133][ T5746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 143.417192][ T5746] Call Trace: [ 143.420456][ T5746] [ 143.423373][ T5746] dump_stack_lvl+0x1e3/0x2d0 [ 143.428137][ T5746] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 143.433762][ T5746] ? panic+0x860/0x860 [ 143.437846][ T5746] should_fail+0x38a/0x4c0 [ 143.442270][ T5746] _copy_from_user+0x2d/0x170 [ 143.446958][ T5746] kstrtouint_from_user+0xca/0x2a0 [ 143.452066][ T5746] ? kstrtol_from_user+0x310/0x310 [ 143.457205][ T5746] ? read_lock_is_recursive+0x10/0x10 [ 143.462578][ T5746] proc_fail_nth_write+0xa6/0x290 [ 143.467605][ T5746] ? rcu_read_lock_bh_held+0x110/0x110 [ 143.473065][ T5746] ? proc_fail_nth_read+0x210/0x210 [ 143.478285][ T5746] ? proc_fail_nth_read+0x210/0x210 [ 143.483473][ T5746] vfs_write+0x30c/0xe50 [ 143.487724][ T5746] ? file_end_write+0x250/0x250 [ 143.492574][ T5746] ? __fget_files+0x413/0x480 [ 143.497262][ T5746] ? mutex_lock_nested+0x17/0x20 [ 143.502192][ T5746] ? __fdget_pos+0x2cb/0x380 [ 143.506786][ T5746] ? ksys_write+0x77/0x2c0 [ 143.511201][ T5746] ksys_write+0x1a2/0x2c0 [ 143.515528][ T5746] ? print_irqtrace_events+0x210/0x210 [ 143.520980][ T5746] ? __ia32_sys_read+0x80/0x80 [ 143.525800][ T5746] ? syscall_enter_from_user_mode+0x2e/0x240 [ 143.531775][ T5746] ? lockdep_hardirqs_on+0x94/0x130 [ 143.536982][ T5746] ? syscall_enter_from_user_mode+0x2e/0x240 [ 143.542971][ T5746] do_syscall_64+0x3b/0xb0 [ 143.547426][ T5746] ? clear_bhb_loop+0x15/0x70 [ 143.552110][ T5746] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 143.558013][ T5746] RIP: 0033:0x7f88d93399df [ 143.562429][ T5746] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 143.582045][ T5746] RSP: 002b:00007f88d77b3030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 143.590465][ T5746] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f88d93399df [ 143.598423][ T5746] RDX: 0000000000000001 RSI: 00007f88d77b30a0 RDI: 0000000000000005 [ 143.606426][ T5746] RBP: 00007f88d77b3090 R08: 0000000000000000 R09: 0000000000000000 [ 143.614398][ T5746] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 143.622370][ T5746] R13: 0000000000000000 R14: 00007f88d94f2f80 R15: 00007ffeb8abcdf8 [ 143.630364][ T5746] [ 144.602348][ T5766] Â: renamed from pim6reg1 [ 144.741553][ T5770] netlink: 'syz.3.781': attribute type 39 has an invalid length. [ 145.310024][ T5811] netlink: 'syz.2.796': attribute type 28 has an invalid length. [ 145.327787][ T5811] netlink: 'syz.2.796': attribute type 29 has an invalid length. [ 145.337891][ T5811] netlink: 132 bytes leftover after parsing attributes in process `syz.2.796'. [ 145.359038][ T5811] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.796'. [ 145.408576][ T5813] netlink: 'syz.3.797': attribute type 10 has an invalid length. [ 145.768016][ T5837] : renamed from ipvlan1 [ 146.072508][ T5848] netlink: 134780 bytes leftover after parsing attributes in process `syz.3.811'. [ 146.084290][ T5848] syz.3.811[5848] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 146.084363][ T5848] syz.3.811[5848] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 146.495504][ T5860] netlink: 'syz.2.815': attribute type 29 has an invalid length. [ 146.518352][ T5860] netlink: 'syz.2.815': attribute type 29 has an invalid length. [ 146.527583][ T5860] netlink: 'syz.2.815': attribute type 29 has an invalid length. [ 147.109155][ T5870] chnl_net:caif_netlink_parms(): no params data found [ 147.176372][ T4069] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.289501][ T4069] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.310371][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.319763][ T5870] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.341383][ T5870] device bridge_slave_0 entered promiscuous mode [ 147.378098][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.386671][ T5870] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.429099][ T5870] device bridge_slave_1 entered promiscuous mode [ 147.489583][ T4069] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.562786][ T4069] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.582148][ T5870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 147.593974][ T5870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 147.625358][ T5870] team0: Port device team_slave_0 added [ 147.648953][ T5870] team0: Port device team_slave_1 added [ 147.703630][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 147.710666][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 147.751381][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 147.769594][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 147.777023][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 147.804519][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 147.978095][ T5870] device hsr_slave_0 entered promiscuous mode [ 147.991909][ T5870] device hsr_slave_1 entered promiscuous mode [ 148.236443][ T5923] netlink: 'syz.3.833': attribute type 10 has an invalid length. [ 148.249868][ T5923] netlink: 55 bytes leftover after parsing attributes in process `syz.3.833'. [ 148.487895][ T5928] netlink: 'syz.3.833': attribute type 39 has an invalid length. [ 148.496303][ T5928] device veth0_macvtap left promiscuous mode [ 148.645527][ T5937] syz.2.835[5937] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 148.645617][ T5937] syz.2.835[5937] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 148.829453][ T5951] netlink: 'syz.2.838': attribute type 40 has an invalid length. [ 148.990943][ T3645] Bluetooth: hci2: command 0x0409 tx timeout [ 149.115514][ T5870] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 149.143300][ T5870] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 149.178248][ T5870] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 149.198166][ T5870] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 149.393045][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 149.434489][ T4069] device hsr_slave_0 left promiscuous mode [ 149.452205][ T4069] device hsr_slave_1 left promiscuous mode [ 149.467935][ T4069] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 149.483306][ T4069] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 149.497576][ T4069] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 149.510504][ T4069] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.528052][ T4069] device bridge_slave_1 left promiscuous mode [ 149.542451][ T4069] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.558641][ T4069] device bridge_slave_0 left promiscuous mode [ 149.573367][ T4069] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.620017][ T4069] device veth1_macvtap left promiscuous mode [ 149.642748][ T4069] device veth0_macvtap left promiscuous mode [ 149.648886][ T4069] device veth1_vlan left promiscuous mode [ 149.664342][ T4069] device veth0_vlan left promiscuous mode [ 150.048668][ T4069] team0 (unregistering): Port device team_slave_1 removed [ 150.069802][ T4069] team0 (unregistering): Port device team_slave_0 removed [ 150.093411][ T4069] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 150.117426][ T4069] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 150.216978][ T4069] bond0 (unregistering): Released all slaves [ 150.287699][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 150.298288][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 150.334777][ T5870] 8021q: adding VLAN 0 to HW filter on device team0 [ 150.374760][ T6013] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.847'. [ 150.410330][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 150.425157][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 150.454669][ T2620] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.461787][ T2620] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.473399][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.520024][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 150.531642][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 150.541811][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.548879][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.574085][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.612902][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 150.636469][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 150.662058][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 150.698040][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 150.708788][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 150.719049][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 150.740654][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 150.768612][ T5870] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 150.831898][ T5870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 150.842253][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 150.861719][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 150.900965][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 151.071318][ T3645] Bluetooth: hci2: command 0x041b tx timeout [ 151.193949][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 151.215922][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 151.243196][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 151.281773][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 151.296681][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 151.339835][ T5870] device veth0_vlan entered promiscuous mode [ 151.356710][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 151.375912][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 151.403967][ T5870] device veth1_vlan entered promiscuous mode [ 151.452811][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 151.466774][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 151.495307][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 151.518601][ T6060] netlink: 'syz.3.857': attribute type 10 has an invalid length. [ 151.541649][ T6060] netlink: 55 bytes leftover after parsing attributes in process `syz.3.857'. [ 151.605796][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 151.626181][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 151.654234][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 151.683044][ T5870] device veth0_macvtap entered promiscuous mode [ 151.704444][ T5870] device veth1_macvtap entered promiscuous mode [ 151.762581][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.816494][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.850343][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.881346][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.905066][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.930108][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.959031][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.981515][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.013388][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 152.037221][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.065132][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.091484][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.111323][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.136250][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.157239][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.178504][ T5870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.199459][ T5870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.230792][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 152.252733][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 152.270904][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 152.297602][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 152.327042][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 152.352827][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 152.371842][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 152.412698][ T5870] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.432496][ T5870] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.450784][ T5870] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.469800][ T5870] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.118530][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.135357][ T6074] netlink: 'syz.3.860': attribute type 3 has an invalid length. [ 153.136311][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.151018][ T3645] Bluetooth: hci2: command 0x040f tx timeout [ 153.182132][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 153.189493][ T6074] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.860'. [ 153.213570][ T6077] device syzkaller0 entered promiscuous mode [ 153.229598][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.238300][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.280575][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 154.020013][ T6106] IPv6: Can't replace route, no match found [ 154.146279][ T6110] netlink: 'syz.3.872': attribute type 2 has an invalid length. [ 154.180001][ T6110] device 0 entered promiscuous mode [ 154.342573][ T6113] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.873'. [ 154.368040][ T6113] netlink: 'syz.3.873': attribute type 12 has an invalid length. [ 154.376807][ T6113] netlink: 'syz.3.873': attribute type 22 has an invalid length. [ 154.385799][ T6113] netlink: 4 bytes leftover after parsing attributes in process `syz.3.873'. [ 155.231175][ T3645] Bluetooth: hci2: command 0x0419 tx timeout [ 157.605319][ T6203] sctp: [Deprecated]: syz.2.908 (pid 6203) Use of int in max_burst socket option deprecated. [ 157.605319][ T6203] Use struct sctp_assoc_value instead [ 158.409951][ T6210] chnl_net:caif_netlink_parms(): no params data found [ 158.652654][ T6237] Â: renamed from pim6reg1 [ 158.745720][ T6210] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.755148][ T6210] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.764142][ T6210] device bridge_slave_0 entered promiscuous mode [ 158.787684][ T6210] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.827634][ T6210] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.836872][ T6210] device bridge_slave_1 entered promiscuous mode [ 158.934151][ T6210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.972104][ T6210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 159.108393][ T6210] team0: Port device team_slave_0 added [ 159.131869][ T6210] team0: Port device team_slave_1 added [ 159.160453][ T6252] netlink: 134780 bytes leftover after parsing attributes in process `syz.3.926'. [ 159.190317][ T6210] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 159.209567][ T6210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.300939][ T6210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 159.333894][ T6210] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 159.352412][ T6210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.409580][ T6210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 159.458950][ T6260] netlink: 'syz.2.929': attribute type 2 has an invalid length. [ 159.474223][ T6260] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.929'. [ 159.498260][ T6210] device hsr_slave_0 entered promiscuous mode [ 159.531838][ T6210] device hsr_slave_1 entered promiscuous mode [ 159.548401][ T6210] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 159.559799][ T6210] Cannot create hsr debugfs directory [ 159.657359][ T6265] netlink: 'syz.3.931': attribute type 19 has an invalid length. [ 159.665506][ T6265] netlink: 40 bytes leftover after parsing attributes in process `syz.3.931'. [ 159.693710][ T6267] syz_tun: tun_net_xmit 42 [ 159.845572][ T6210] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.909950][ T6210] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.987868][ T6210] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.033853][ T23] Bluetooth: hci3: command 0x0409 tx timeout [ 160.079249][ T6210] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.300379][ T6210] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 160.320142][ T6210] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 160.357871][ T6210] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 160.394442][ T6210] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 160.624774][ T6210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.640023][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 160.668064][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 160.689489][ T6210] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.732446][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 160.748903][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 160.750782][ C1] syz_tun: tun_net_xmit 42 [ 160.762923][ T1172] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.769989][ T1172] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.852633][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 160.869531][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 160.891442][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 160.908035][ T1172] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.915128][ T1172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.923332][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 160.933319][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 160.951364][ T6292] netlink: 'syz.2.941': attribute type 39 has an invalid length. [ 160.960227][ T6292] netlink: 'syz.2.941': attribute type 4 has an invalid length. [ 160.968912][ T6292] netlink: 152 bytes leftover after parsing attributes in process `syz.2.941'. [ 160.995924][ T6292] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 161.110644][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 161.119771][ T6292] syz.2.941 (6292) used greatest stack depth: 18232 bytes left [ 161.128082][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 161.172083][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 161.180412][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 161.204768][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 161.224178][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 161.254224][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 161.282099][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 161.299891][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 161.316866][ T6210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 161.515431][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 161.541381][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 161.581184][ T6210] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 161.784915][ T154] device hsr_slave_0 left promiscuous mode [ 161.790860][ C1] syz_tun: tun_net_xmit 42 [ 161.806155][ T154] device hsr_slave_1 left promiscuous mode [ 161.813974][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 161.822374][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.829985][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 161.838953][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 161.846870][ T154] device bridge_slave_1 left promiscuous mode [ 161.853103][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.861792][ T154] device bridge_slave_0 left promiscuous mode [ 161.868317][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.881809][ T154] device veth1_macvtap left promiscuous mode [ 161.887835][ T154] device veth0_macvtap left promiscuous mode [ 161.894236][ T154] device veth1_vlan left promiscuous mode [ 161.900045][ T154] device veth0_vlan left promiscuous mode [ 162.093698][ T154] team0 (unregistering): Port device team_slave_1 removed [ 162.109343][ T154] team0 (unregistering): Port device team_slave_0 removed [ 162.111183][ T3645] Bluetooth: hci3: command 0x041b tx timeout [ 162.123421][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.139072][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.207502][ T154] bond0 (unregistering): Released all slaves [ 162.286680][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 162.300061][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 162.318624][ T6332] netlink: 'syz.3.950': attribute type 10 has an invalid length. [ 162.339169][ T6332] bond0: (slave bond_slave_0): Releasing backup interface [ 162.385182][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 162.396288][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 162.410311][ T6210] device veth0_vlan entered promiscuous mode [ 162.418065][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 162.427258][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 162.455680][ T6210] device veth1_vlan entered promiscuous mode [ 162.508425][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 162.517430][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 162.526710][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 162.536989][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 162.559521][ T6210] device veth0_macvtap entered promiscuous mode [ 162.604910][ T6210] device veth1_macvtap entered promiscuous mode [ 162.646974][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.667892][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.683771][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.698890][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.708772][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.719760][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.730313][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.749127][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.761868][ T6210] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 162.771874][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 162.780560][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 162.789486][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 162.803747][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 162.814793][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.825711][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.837529][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.848461][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.859148][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.869648][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.879638][ T6210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.891113][ T6210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.901402][ T6347] syz.2.955[6347] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.901557][ T6347] syz.2.955[6347] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.914196][ T6210] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 162.937638][ T6210] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.946588][ T6210] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.958603][ T6347] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.955'. [ 162.969711][ T6210] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.978986][ T6210] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.009745][ T2646] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 163.024407][ T2646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 163.120538][ T6349] sctp: [Deprecated]: syz.2.956 (pid 6349) Use of struct sctp_assoc_value in delayed_ack socket option. [ 163.120538][ T6349] Use struct sctp_sack_info instead [ 163.146836][ T2646] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.201224][ T2646] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.211626][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 163.233284][ T6352] sctp: [Deprecated]: syz.3.957 (pid 6352) Use of int in maxseg socket option. [ 163.233284][ T6352] Use struct sctp_assoc_value instead [ 163.236186][ T2646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.263981][ T2646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.279311][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 163.339692][ T6356] syz.2.959[6356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 163.339826][ T6356] syz.2.959[6356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 163.659563][ T6362] netlink: 'syz.2.962': attribute type 10 has an invalid length. [ 163.690932][ T6362] netlink: 40 bytes leftover after parsing attributes in process `syz.2.962'. [ 163.716306][ T6362] device hsr0 entered promiscuous mode [ 163.724584][ T6362] A link change request failed with some changes committed already. Interface hsr0 may have been left with an inconsistent configuration, please check. [ 163.786940][ T6367] netlink: 'syz.3.964': attribute type 10 has an invalid length. [ 163.801762][ T6367] netlink: 188 bytes leftover after parsing attributes in process `syz.3.964'. [ 163.855535][ T6369] netlink: 'syz.2.965': attribute type 21 has an invalid length. [ 164.191709][ T3645] Bluetooth: hci3: command 0x040f tx timeout [ 164.869172][ T6404] netlink: 'syz.2.979': attribute type 21 has an invalid length. [ 164.884614][ T6404] netlink: 'syz.2.979': attribute type 6 has an invalid length. [ 164.893585][ T6404] netlink: 156 bytes leftover after parsing attributes in process `syz.2.979'. [ 165.034787][ T6410] netlink: 'syz.2.979': attribute type 21 has an invalid length. [ 165.068964][ T6410] netlink: 'syz.2.979': attribute type 1 has an invalid length. [ 165.100063][ T6410] netlink: 144 bytes leftover after parsing attributes in process `syz.2.979'. [ 165.724820][ T6419] syz.3.984[6419] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 165.724935][ T6419] syz.3.984[6419] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 165.796437][ T6422] netlink: 'syz.3.984': attribute type 2 has an invalid length. [ 165.820824][ T6422] netlink: 'syz.3.984': attribute type 8 has an invalid length. [ 165.828480][ T6422] netlink: 132 bytes leftover after parsing attributes in process `syz.3.984'. [ 166.271013][ T3610] Bluetooth: hci3: command 0x0419 tx timeout [ 166.984147][ T6468] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1004'. [ 167.022599][ T6468] netlink: zone id is out of range [ 167.027855][ T6468] netlink: zone id is out of range [ 167.040060][ T6468] netlink: zone id is out of range [ 167.048393][ T6468] netlink: del zone limit has 4 unknown bytes [ 167.590324][ T6483] netlink: 'syz.3.1009': attribute type 3 has an invalid length. [ 167.611767][ T6483] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.1009'. [ 167.642143][ T6484] netlink: 'syz.3.1009': attribute type 10 has an invalid length. [ 167.650085][ T6484] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1009'. [ 167.694565][ T6484] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 167.977727][ T6490] netlink: 'syz.2.1012': attribute type 28 has an invalid length. [ 167.990565][ T6490] netlink: 'syz.2.1012': attribute type 4 has an invalid length. [ 168.005204][ T6490] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1012'. [ 168.139397][ T6496] device 0 entered promiscuous mode [ 169.841447][ T6520] chnl_net:caif_netlink_parms(): no params data found [ 169.885568][ T6520] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.892698][ T6520] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.900381][ T6520] device bridge_slave_0 entered promiscuous mode [ 169.909240][ T6520] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.916732][ T6520] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.925008][ T6520] device bridge_slave_1 entered promiscuous mode [ 169.947387][ T6520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.959119][ T6520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.990421][ T6520] team0: Port device team_slave_0 added [ 170.004068][ T2646] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.017202][ T6520] team0: Port device team_slave_1 added [ 170.037749][ T6520] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 170.044936][ T6520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.071587][ T6520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 170.089472][ T2646] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.107241][ T6520] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 170.114519][ T6520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.140620][ T6520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 170.175968][ T2646] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.190096][ T6520] device hsr_slave_0 entered promiscuous mode [ 170.197175][ T6520] device hsr_slave_1 entered promiscuous mode [ 170.203928][ T6520] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 170.212412][ T6520] Cannot create hsr debugfs directory [ 170.247661][ T2646] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.136601][ T2646] device hsr_slave_0 left promiscuous mode [ 171.143083][ T2646] device hsr_slave_1 left promiscuous mode [ 171.149468][ T2646] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 171.157116][ T2646] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.166112][ T2646] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.173640][ T2646] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.181191][ T2646] device bridge_slave_1 left promiscuous mode [ 171.188338][ T2646] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.197012][ T2646] device bridge_slave_0 left promiscuous mode [ 171.203490][ T2646] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.216131][ T2646] device veth1_macvtap left promiscuous mode [ 171.222414][ T2646] device veth0_macvtap left promiscuous mode [ 171.228438][ T2646] device veth1_vlan left promiscuous mode [ 171.235453][ T2646] device veth0_vlan left promiscuous mode [ 171.421877][ T2646] team0 (unregistering): Port device team_slave_1 removed [ 171.435546][ T2646] team0 (unregistering): Port device team_slave_0 removed [ 171.447011][ T2646] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 171.464859][ T2646] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 171.527440][ T2646] bond0 (unregistering): Released all slaves [ 171.594414][ T6520] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 171.605617][ T6520] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 171.616192][ T6520] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 171.625555][ T6520] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 171.689784][ T6520] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.705652][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 171.713920][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 171.738778][ T6520] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.751308][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 171.760529][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 171.769323][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.776421][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 171.791293][ T23] Bluetooth: hci0: command 0x0409 tx timeout [ 171.800095][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 171.808800][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 171.819123][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 171.828023][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.835116][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 171.844169][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 171.863071][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 171.872062][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.886415][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.895376][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.904649][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.921138][ T6520] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 171.931616][ T6520] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 171.944404][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 171.953346][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 171.961761][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 171.970180][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 171.980281][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 171.988825][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 172.078271][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 172.085881][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 172.097847][ T6520] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.124228][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 172.134518][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 172.155582][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 172.171333][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 172.191194][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 172.199019][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 172.217997][ T6520] device veth0_vlan entered promiscuous mode [ 172.232396][ T6520] device veth1_vlan entered promiscuous mode [ 172.259606][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 172.271000][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 172.279052][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 172.288547][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 172.303001][ T6520] device veth0_macvtap entered promiscuous mode [ 172.315893][ T6520] device veth1_macvtap entered promiscuous mode [ 172.337130][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.356588][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.366650][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.378564][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.388683][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.399394][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.409863][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.421252][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.433936][ T6520] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 172.443918][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 172.452712][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 172.461272][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 172.470648][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 172.481946][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 172.496342][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.509155][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 172.523790][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.536127][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 172.550221][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.562523][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 172.576212][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.590615][ T6520] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 172.600770][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 172.609746][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 172.622009][ T6520] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.632427][ T6520] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.641842][ T6520] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.650797][ T6520] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.738079][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.760792][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.776220][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 172.786797][ T4069] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.796002][ T4069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.808360][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 173.881809][ T3611] Bluetooth: hci0: command 0x041b tx timeout [ 175.561247][ T3614] Bluetooth: hci1: command 0x0406 tx timeout [ 175.960915][ T3614] Bluetooth: hci0: command 0x040f tx timeout [ 178.031073][ T3610] Bluetooth: hci0: command 0x0419 tx timeout [ 193.962361][ T1387] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.968688][ T1387] ieee802154 phy1 wpan1: encryption failed: -22 [ 207.813268][ T6562] chnl_net:caif_netlink_parms(): no params data found [ 207.858141][ T6562] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.865428][ T6562] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.873756][ T6562] device bridge_slave_0 entered promiscuous mode [ 207.890155][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.903346][ T6562] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.910376][ T6562] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.918523][ T6562] device bridge_slave_1 entered promiscuous mode [ 207.940482][ T6562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.956344][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.969903][ T6562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 207.997974][ T6562] team0: Port device team_slave_0 added [ 208.009076][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.022013][ T6562] team0: Port device team_slave_1 added [ 208.040315][ T6562] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.047989][ T6562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.074092][ T6562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.087430][ T6562] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.094487][ T6562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.120585][ T6562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.144460][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.173257][ T6562] device hsr_slave_0 entered promiscuous mode [ 208.184295][ T6562] device hsr_slave_1 entered promiscuous mode [ 208.191302][ T6562] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 208.198864][ T6562] Cannot create hsr debugfs directory [ 209.096410][ T9] device hsr_slave_0 left promiscuous mode [ 209.102974][ T9] device hsr_slave_1 left promiscuous mode [ 209.109293][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.116925][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.125507][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.132986][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.140501][ T9] device bridge_slave_1 left promiscuous mode [ 209.146710][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.155521][ T9] device bridge_slave_0 left promiscuous mode [ 209.162084][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.175774][ T9] device veth1_macvtap left promiscuous mode [ 209.182267][ T9] device veth0_macvtap left promiscuous mode [ 209.188339][ T9] device veth1_vlan left promiscuous mode [ 209.194783][ T9] device veth0_vlan left promiscuous mode [ 209.355536][ T9] team0 (unregistering): Port device team_slave_1 removed [ 209.368217][ T9] team0 (unregistering): Port device team_slave_0 removed [ 209.385612][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 209.400186][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 209.461090][ T9] bond0 (unregistering): Released all slaves [ 209.558076][ T6562] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 209.566897][ T6562] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 209.576048][ T6562] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 209.585732][ T6562] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 209.657952][ T6562] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.683782][ T6562] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.694984][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 209.703818][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 209.712124][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 209.720599][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 209.729178][ T2620] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.736258][ T2620] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.745347][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 209.758124][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 209.767089][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 209.780225][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.787338][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.796058][ T1745] Bluetooth: hci2: command 0x0409 tx timeout [ 209.822941][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 209.831797][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 209.840314][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 209.849044][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 209.859452][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 209.868484][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 209.878123][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 209.887960][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 209.897072][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 209.914197][ T2646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 209.923241][ T2646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 209.934746][ T6562] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 210.052029][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 210.059553][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 210.086226][ T6562] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 210.109376][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 210.119024][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 210.141862][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 210.150505][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 210.160114][ T6562] device veth0_vlan entered promiscuous mode [ 210.167613][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 210.176043][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 210.190463][ T6562] device veth1_vlan entered promiscuous mode [ 210.230096][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 210.239514][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 210.248697][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 210.257531][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 210.269034][ T6562] device veth0_macvtap entered promiscuous mode [ 210.279853][ T6562] device veth1_macvtap entered promiscuous mode [ 210.297746][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.309485][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.319824][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.336455][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.346309][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.363253][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.376338][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.389308][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.407331][ T6562] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.416008][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 210.424886][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 210.433226][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 210.443306][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 210.455556][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.466755][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.476926][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.488442][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.498547][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.509708][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.520620][ T6562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.531716][ T6562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.542983][ T6562] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.550535][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 210.564504][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 210.579745][ T6562] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.592102][ T6562] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.608605][ T6562] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.619783][ T6562] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.700911][ T2620] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.709417][ T2620] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.735461][ T2646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.739140][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 210.760820][ T2646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.770025][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 211.390898][ T23] Bluetooth: hci5: command 0x0406 tx timeout [ 211.872480][ T3645] Bluetooth: hci2: command 0x041b tx timeout [ 213.951102][ T23] Bluetooth: hci2: command 0x040f tx timeout [ 216.031243][ T3610] Bluetooth: hci2: command 0x0419 tx timeout [ 218.877222][ T6610] chnl_net:caif_netlink_parms(): no params data found [ 218.927234][ T6610] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.934494][ T6610] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.946892][ T6610] device bridge_slave_0 entered promiscuous mode [ 218.955799][ T6610] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.963048][ T6610] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.970765][ T6610] device bridge_slave_1 entered promiscuous mode [ 218.996733][ T6610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.009072][ T6610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.032452][ T154] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.057931][ T6610] team0: Port device team_slave_0 added [ 219.066249][ T6610] team0: Port device team_slave_1 added [ 219.084817][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.091966][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.119497][ T6610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.136509][ T154] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.148765][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.156518][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.182687][ T6610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.218178][ T6610] device hsr_slave_0 entered promiscuous mode [ 219.225555][ T6610] device hsr_slave_1 entered promiscuous mode [ 219.246213][ T154] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.298553][ T154] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.228227][ T154] device hsr_slave_0 left promiscuous mode [ 220.234805][ T154] device hsr_slave_1 left promiscuous mode [ 220.241233][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 220.248643][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 220.256612][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 220.264407][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 220.272691][ T154] device bridge_slave_1 left promiscuous mode [ 220.278842][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.287603][ T154] device bridge_slave_0 left promiscuous mode [ 220.294169][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.307014][ T154] device veth1_macvtap left promiscuous mode [ 220.313114][ T154] device veth0_macvtap left promiscuous mode [ 220.319147][ T154] device veth1_vlan left promiscuous mode [ 220.324982][ T154] device veth0_vlan left promiscuous mode [ 220.490112][ T154] team0 (unregistering): Port device team_slave_1 removed [ 220.506747][ T154] team0 (unregistering): Port device team_slave_0 removed [ 220.520261][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 220.536082][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 220.602023][ T154] bond0 (unregistering): Released all slaves [ 220.695056][ T6610] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 220.704552][ T6610] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 220.714793][ T6610] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 220.723594][ T6610] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 220.795366][ T6610] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.813028][ T6610] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.819875][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 220.828437][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 220.835130][ T23] Bluetooth: hci3: command 0x0409 tx timeout [ 220.850588][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 220.862166][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 220.870465][ T2620] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.877563][ T2620] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.885396][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 220.897419][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 220.907514][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.915938][ T2620] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.923001][ T2620] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.938377][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 220.962481][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 220.973731][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 220.983968][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 220.993608][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 221.002719][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 221.013434][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 221.021831][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 221.033272][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 221.041563][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 221.049965][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 221.062387][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 221.168858][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 221.177069][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 221.191514][ T6610] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.345330][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 221.355403][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 221.380845][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 221.389160][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 221.404139][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 221.415785][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 221.428566][ T6610] device veth0_vlan entered promiscuous mode [ 221.442750][ T6610] device veth1_vlan entered promiscuous mode [ 221.466932][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 221.478281][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 221.490423][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 221.505833][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 221.518814][ T6610] device veth0_macvtap entered promiscuous mode [ 221.529571][ T6610] device veth1_macvtap entered promiscuous mode [ 221.554761][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.566451][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.578110][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.588820][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.598922][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.609641][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.620360][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.633564][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.649817][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.660074][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 221.669537][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 221.678042][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 221.687542][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 221.700173][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.718281][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.729971][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.746881][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.757203][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.769687][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.779802][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.790604][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.802206][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.814685][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 221.826001][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 221.842610][ T6610] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.852449][ T6610] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.861892][ T6610] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.874416][ T6610] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.954926][ T2620] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 221.971022][ T2620] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.995831][ T2646] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 222.007559][ T2646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 222.017155][ T2646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 222.028384][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 222.911119][ T3610] Bluetooth: hci3: command 0x041b tx timeout [ 224.995214][ T3611] Bluetooth: hci3: command 0x040f tx timeout [ 227.071161][ T13] Bluetooth: hci3: command 0x0419 tx timeout [ 229.899797][ T6662] chnl_net:caif_netlink_parms(): no params data found [ 229.942907][ T6662] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.949985][ T6662] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.958113][ T6662] device bridge_slave_0 entered promiscuous mode [ 229.968683][ T6662] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.975835][ T6662] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.983661][ T6662] device bridge_slave_1 entered promiscuous mode [ 229.999422][ T2646] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.027219][ T6662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 230.038964][ T6662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 230.065633][ T6662] team0: Port device team_slave_0 added [ 230.075122][ T2646] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.088100][ T6662] team0: Port device team_slave_1 added [ 230.107007][ T6662] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 230.114796][ T6662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.141130][ T6662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 230.160918][ T2646] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.174321][ T6662] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 230.181419][ T6662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.207635][ T6662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 230.237590][ T6662] device hsr_slave_0 entered promiscuous mode [ 230.244956][ T6662] device hsr_slave_1 entered promiscuous mode [ 230.251818][ T6662] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 230.259345][ T6662] Cannot create hsr debugfs directory [ 230.272866][ T2646] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.244698][ T2646] device hsr_slave_0 left promiscuous mode [ 231.251747][ T2646] device hsr_slave_1 left promiscuous mode [ 231.258248][ T2646] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 231.265697][ T2646] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 231.273669][ T2646] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 231.282601][ T2646] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 231.290301][ T2646] device bridge_slave_1 left promiscuous mode [ 231.301147][ T2646] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.309300][ T2646] device bridge_slave_0 left promiscuous mode [ 231.319904][ T2646] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.333651][ T2646] device veth1_macvtap left promiscuous mode [ 231.339663][ T2646] device veth0_macvtap left promiscuous mode [ 231.345986][ T2646] device veth1_vlan left promiscuous mode [ 231.351866][ T2646] device veth0_vlan left promiscuous mode [ 231.515241][ T2646] team0 (unregistering): Port device team_slave_1 removed [ 231.527833][ T2646] team0 (unregistering): Port device team_slave_0 removed [ 231.540027][ T2646] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 231.556355][ T2646] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 231.618869][ T2646] bond0 (unregistering): Released all slaves [ 231.693092][ T6662] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 231.702523][ T6662] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 231.711539][ T6662] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 231.720910][ T6662] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 231.797264][ T6662] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.815094][ T6662] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.823753][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 231.831803][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 231.842318][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 231.854829][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 231.864546][ T1172] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.871613][ T1172] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.882902][ T3614] Bluetooth: hci0: command 0x0409 tx timeout [ 231.887748][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 231.897423][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 231.906589][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 231.915327][ T1172] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.922410][ T1172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.948927][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 231.958407][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 231.967739][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 231.977077][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 231.985932][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 231.995977][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.004985][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 232.023861][ T6662] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 232.034628][ T6662] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 232.046714][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 232.055312][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 232.064068][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 232.073198][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 232.082388][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 232.180434][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 232.188444][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 232.209236][ T6662] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.232134][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 232.241198][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 232.261208][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 232.269619][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 232.282254][ T6662] device veth0_vlan entered promiscuous mode [ 232.292153][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 232.300279][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 232.310611][ T6662] device veth1_vlan entered promiscuous mode [ 232.345671][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 232.354812][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 232.363823][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 232.372955][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 232.383946][ T6662] device veth0_macvtap entered promiscuous mode [ 232.397225][ T6662] device veth1_macvtap entered promiscuous mode [ 232.418318][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.435506][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.448569][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.463268][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.475347][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.489384][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.502836][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.519318][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.532515][ T6662] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.541364][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 232.550146][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 232.560479][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 232.569323][ T2620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 232.580884][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.592070][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.602705][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.613661][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.624339][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.634999][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.645014][ T6662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.655897][ T6662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.669503][ T6662] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.681181][ T6662] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.689880][ T6662] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.699049][ T6662] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.708468][ T6662] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.719024][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 232.728854][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 232.798632][ T4069] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.811178][ T4069] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.833641][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 232.846336][ T2620] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.857258][ T2620] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.869777][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 233.961143][ T3614] Bluetooth: hci0: command 0x041b tx timeout [ 234.272135][ T27] INFO: task syz.3.135:4025 blocked for more than 143 seconds. [ 234.279701][ T27] Not tainted 5.15.167-syzkaller #0 [ 234.286162][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 234.295230][ T27] task:syz.3.135 state:D stack:25632 pid: 4025 ppid: 3579 flags:0x00004002 [ 234.304976][ T27] Call Trace: [ 234.308260][ T27] [ 234.311439][ T27] __schedule+0x12c4/0x45b0 [ 234.315963][ T27] ? perf_event_release_kernel+0x5f4/0x900 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 234.322163][ T27] ? __lock_acquire+0x1ff0/0x1ff0 [ 234.328202][ T27] ? release_firmware_map_entry+0x190/0x190 [ 234.334425][ T27] ? __mutex_unlock_slowpath+0x218/0x750 [ 234.340080][ T27] schedule+0x11b/0x1f0 [ 234.376580][ T27] perf_pending_task_sync+0x13c/0x1c0 [ 234.402405][ T27] _free_event+0x34/0xe60 [ 234.406783][ T27] perf_event_release_kernel+0x873/0x900 [ 234.425704][ T27] ? __might_sleep+0xc0/0xc0 [ 234.430324][ T27] ? calc_timer_values+0x420/0x420 [ 234.441490][ T27] ? ima_file_free+0xeb/0x3c0 [ 234.446190][ T27] perf_release+0x37/0x40 [ 234.450521][ T27] ? perf_mmap+0x13f0/0x13f0 [ 234.459740][ T27] __fput+0x3fe/0x8e0 [ 234.465537][ T27] task_work_run+0x129/0x1a0 [ 234.470175][ T27] do_exit+0x6a3/0x2480 [ 234.478594][ T27] ? rcu_nmi_exit+0x70/0xf0 [ 234.484569][ T27] ? put_task_struct+0x80/0x80 [ 234.489348][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 234.499654][ T27] do_group_exit+0x144/0x310 [ 234.505430][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 234.517420][ T27] get_signal+0xc66/0x14e0 [ 234.523002][ T27] arch_do_signal_or_restart+0xc3/0x1890 [ 234.528680][ T27] ? sock_do_ioctl+0x365/0x5a0 [ 234.537934][ T27] ? sock_show_fdinfo+0xb0/0xb0 [ 234.544210][ T27] ? get_sigframe_size+0x10/0x10 [ 234.549254][ T27] ? rcu_nmi_exit+0x70/0xf0 [ 234.558002][ T27] ? exit_to_user_mode_loop+0x39/0x130 [ 234.564819][ T27] ? exit_to_user_mode_loop+0x39/0x130 [ 234.575129][ T27] exit_to_user_mode_loop+0x97/0x130 [ 234.580425][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 234.587090][ T27] syscall_exit_to_user_mode+0x5d/0x240 [ 234.593612][ T27] do_syscall_64+0x47/0xb0 [ 234.598049][ T27] ? clear_bhb_loop+0x15/0x70 [ 234.602853][ T27] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 234.608762][ T27] RIP: 0033:0x7fbe9329fef9 [ 234.613342][ T27] RSP: 002b:00007fbe916f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 234.623615][ T27] RAX: ffffffffffffffed RBX: 00007fbe93458058 RCX: 00007fbe9329fef9 [ 234.632001][ T27] RDX: 0000000020000080 RSI: 0000000000008946 RDI: 0000000000000007 [ 234.639975][ T27] RBP: 00007fbe93312b76 R08: 0000000000000000 R09: 0000000000000000 [ 234.648364][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.656590][ T27] R13: 0000000000000000 R14: 00007fbe93458058 R15: 00007ffd524701e8 [ 234.664890][ T27] [ 234.673914][ T27] [ 234.673914][ T27] Showing all locks held in the system: [ 234.729896][ T27] 1 lock held by khungtaskd/27: [ 234.750739][ T27] #0: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 234.760111][ T27] 2 locks held by kworker/1:2/1745: [ 234.790692][ T27] #0: ffff8880b913a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 234.812946][ T27] #1: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x9/0x30 [ 234.828920][ T27] 2 locks held by getty/3339: [ 234.833950][ T27] #0: ffff888029b4c098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 234.845769][ T27] #1: ffffc900024b32e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0 [ 234.860719][ T27] 6 locks held by syz-executor/3568: [ 234.866009][ T27] 3 locks held by kworker/1:4/3610: [ 234.880688][ T27] #0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 234.900672][ T27] #1: ffffc90002e87d20 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 234.926588][ T27] #2: ffff888062c43240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2cd/0x4120 [ 234.942009][ T27] 3 locks held by kworker/0:7/3614: [ 234.947210][ T27] #0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 234.957970][ T27] #1: ffffc90003087d20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 234.972689][ T27] #2: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x350/0x740 [ 234.985099][ T27] 3 locks held by syz-executor/6562: [ 234.990421][ T27] #0: ffff8880609acff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 [ 235.000432][ T27] #1: ffff8880609ac078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 [ 235.010049][ T27] #2: ffffffff8db7b128 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 [ 235.020113][ T27] 3 locks held by syz-executor/6610: [ 235.025458][ T27] #0: ffff88807b940ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 [ 235.035301][ T27] #1: ffff88807b940078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 [ 235.044804][ T27] #2: ffffffff8db7b128 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 [ 235.054943][ T27] 4 locks held by syz-executor/6662: [ 235.060204][ T27] #0: ffff888022ed4ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 [ 235.070047][ T27] #1: ffff888022ed4078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 [ 235.079915][ T27] #2: ffffffff8db7b128 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 [ 235.090186][ T27] #3: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x350/0x740 [ 235.106715][ T27] [ 235.113267][ T27] ============================================= [ 235.113267][ T27] [ 235.122044][ T27] NMI backtrace for cpu 0 [ 235.126368][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0 [ 235.134341][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 235.144377][ T27] Call Trace: [ 235.147639][ T27] [ 235.150555][ T27] dump_stack_lvl+0x1e3/0x2d0 [ 235.155223][ T27] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 235.160853][ T27] ? panic+0x860/0x860 [ 235.164921][ T27] ? nmi_cpu_backtrace+0x23b/0x4a0 [ 235.170018][ T27] nmi_cpu_backtrace+0x46a/0x4a0 [ 235.174939][ T27] ? __wake_up_klogd+0xd5/0x100 [ 235.179774][ T27] ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0 [ 235.185907][ T27] ? _printk+0xd1/0x120 [ 235.190069][ T27] ? panic+0x860/0x860 [ 235.194146][ T27] ? __wake_up_klogd+0xcc/0x100 [ 235.198981][ T27] ? panic+0x860/0x860 [ 235.203035][ T27] ? __rcu_read_unlock+0x92/0x100 [ 235.208059][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 235.214123][ T27] nmi_trigger_cpumask_backtrace+0x181/0x2a0 [ 235.220086][ T27] watchdog+0xe72/0xeb0 [ 235.224314][ T27] kthread+0x3f6/0x4f0 [ 235.228362][ T27] ? hungtask_pm_notify+0x50/0x50 [ 235.233367][ T27] ? kthread_blkcg+0xd0/0xd0 [ 235.237953][ T27] ret_from_fork+0x1f/0x30 [ 235.242384][ T27] [ 235.245855][ T27] Sending NMI from CPU 0 to CPUs 1: [ 235.251234][ C1] NMI backtrace for cpu 1 [ 235.251244][ C1] CPU: 1 PID: 1172 Comm: kworker/u4:3 Not tainted 5.15.167-syzkaller #0 [ 235.251259][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 235.251269][ C1] Workqueue: phy33 ieee80211_iface_work [ 235.251290][ C1] RIP: 0010:validate_chain+0x16c/0x5930 [ 235.251307][ C1] Code: b8 eb 83 b5 80 46 86 c8 61 49 0f af c6 48 c1 e8 2d 48 8d 1c c5 40 20 2d 90 48 89 d8 48 c1 e8 03 48 89 44 24 50 42 80 3c 20 00 <74> 08 48 89 df e8 7a bd 66 00 48 89 5c 24 20 48 8b 1b 48 85 db 74 [ 235.251319][ C1] RSP: 0018:ffffc90004a7eb40 EFLAGS: 00000046 [ 235.251330][ C1] RAX: 1ffffffff20a2630 RBX: ffffffff90513180 RCX: ffffffff816366b2 [ 235.251341][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff907120c0 [ 235.251351][ C1] RBP: ffffc90004a7edf0 R08: dffffc0000000000 R09: fffffbfff20e2419 [ 235.251362][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 235.251372][ C1] R13: ffff8880223029c0 R14: e38fd701c77ee6a1 R15: ffff8880223029c0 [ 235.251383][ C1] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 235.251395][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.251405][ C1] CR2: 00007f05c198fd60 CR3: 00000000289ea000 CR4: 00000000003506e0 [ 235.251418][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 235.251426][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 235.251435][ C1] Call Trace: [ 235.251439][ C1] [ 235.251443][ C1] ? nmi_cpu_backtrace+0x39f/0x4a0 [ 235.251460][ C1] ? read_lock_is_recursive+0x10/0x10 [ 235.251475][ C1] ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0 [ 235.251496][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 235.251511][ C1] ? nmi_handle+0xf7/0x370 [ 235.251526][ C1] ? validate_chain+0x16c/0x5930 [ 235.251540][ C1] ? default_do_nmi+0x62/0x150 [ 235.251556][ C1] ? exc_nmi+0xa8/0x100 [ 235.251570][ C1] ? end_repeat_nmi+0x16/0x31 [ 235.251585][ C1] ? validate_chain+0x112/0x5930 [ 235.251600][ C1] ? validate_chain+0x16c/0x5930 [ 235.251614][ C1] ? validate_chain+0x16c/0x5930 [ 235.251628][ C1] ? validate_chain+0x16c/0x5930 [ 235.251642][ C1] [ 235.251645][ C1] [ 235.251650][ C1] ? validate_chain+0x112/0x5930 [ 235.251669][ C1] ? __lock_acquire+0x1295/0x1ff0 [ 235.251683][ C1] ? reacquire_held_locks+0x660/0x660 [ 235.251697][ C1] ? reacquire_held_locks+0x660/0x660 [ 235.251710][ C1] ? __bfs+0x359/0x6e0 [ 235.251723][ C1] ? check_path+0x40/0x40 [ 235.251736][ C1] ? noop_count+0x30/0x30 [ 235.251752][ C1] ? validate_chain+0x112/0x5930 [ 235.251765][ C1] ? mark_lock+0x98/0x340 [ 235.251779][ C1] ? mark_lock+0x98/0x340 [ 235.251797][ C1] __lock_acquire+0x1295/0x1ff0 [ 235.251816][ C1] lock_acquire+0x1db/0x4f0 [ 235.251828][ C1] ? debug_object_activate+0x63/0x4e0 [ 235.251844][ C1] ? read_lock_is_recursive+0x10/0x10 [ 235.251858][ C1] ? read_lock_is_recursive+0x10/0x10 [ 235.251871][ C1] ? do_raw_spin_lock+0x14a/0x370 [ 235.251888][ C1] ? __rwlock_init+0x140/0x140 [ 235.251901][ C1] ? ret_from_fork+0x1f/0x30 [ 235.251918][ C1] _raw_spin_lock_irqsave+0xd1/0x120 [ 235.251934][ C1] ? debug_object_activate+0x63/0x4e0 [ 235.251947][ C1] ? _raw_spin_lock+0x40/0x40 [ 235.251960][ C1] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 235.251975][ C1] ? _raw_spin_lock+0x40/0x40 [ 235.252010][ C1] debug_object_activate+0x63/0x4e0 [ 235.252023][ C1] ? get_nohz_timer_target+0x1d/0x530 [ 235.252043][ C1] __mod_timer+0x92a/0xeb0 [ 235.252064][ C1] ? mod_timer_pending+0x20/0x20 [ 235.252083][ C1] ? read_lock_is_recursive+0x10/0x10 [ 235.252097][ C1] ? __queue_delayed_work+0x16b/0x210 [ 235.252114][ C1] queue_delayed_work_on+0x156/0x250 [ 235.252131][ C1] ? delayed_work_timer_fn+0x80/0x80 [ 235.252146][ C1] ? __rwlock_init+0x140/0x140 [ 235.252161][ C1] ? kvfree_call_rcu+0x16b/0x8a0 [ 235.252179][ C1] kvfree_call_rcu+0x50e/0x8a0 [ 235.252195][ C1] ? call_rcu+0xa70/0xa70 [ 235.252208][ C1] ? do_raw_spin_lock+0x14a/0x370 [ 235.252228][ C1] cfg80211_update_known_bss+0x16b/0x9e0 [ 235.252249][ C1] cfg80211_bss_update+0x187/0x2280 [ 235.252271][ C1] ? __kmalloc+0x168/0x300 [ 235.252286][ C1] ? cfg80211_inform_bss_frame_data+0x4f8/0x20f0 [ 235.252304][ C1] ? cfg80211_inform_bss_frame_data+0x6e6/0x20f0 [ 235.252323][ C1] cfg80211_inform_bss_frame_data+0xa13/0x20f0 [ 235.252350][ C1] ? cfg80211_parse_mbssid_data+0x3410/0x3410 [ 235.252374][ C1] ? __lock_acquire+0x1ff0/0x1ff0 [ 235.252394][ C1] ieee80211_bss_info_update+0x7a6/0xc80 [ 235.252413][ C1] ? ieee80211_rx_bss_put+0x60/0x60 [ 235.252434][ C1] ieee80211_ibss_rx_queued_mgmt+0x175e/0x2af0 [ 235.252453][ C1] ? mark_lock+0x98/0x340 [ 235.252473][ C1] ? ieee80211_ibss_rx_no_sta+0x720/0x720 [ 235.252489][ C1] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 235.252506][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 235.252523][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 235.252540][ C1] ? _raw_spin_unlock+0x40/0x40 [ 235.252557][ C1] ? kcov_remote_start+0x6f/0x480 [ 235.252575][ C1] ? kcov_remote_start+0xf2/0x480 [ 235.252592][ C1] ieee80211_iface_work+0x78f/0xcc0 [ 235.252613][ C1] process_one_work+0x8a1/0x10c0 [ 235.252634][ C1] ? worker_detach_from_pool+0x260/0x260 [ 235.252653][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 235.252669][ C1] ? kthread_data+0x4e/0xc0 [ 235.252683][ C1] ? wq_worker_running+0x97/0x170 [ 235.252698][ C1] worker_thread+0xaca/0x1280 [ 235.252723][ C1] kthread+0x3f6/0x4f0 [ 235.252737][ C1] ? rcu_lock_release+0x20/0x20 [ 235.252752][ C1] ? kthread_blkcg+0xd0/0xd0 [ 235.252766][ C1] ret_from_fork+0x1f/0x30 [ 235.252787][ C1] [ 235.255808][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 235.814208][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0 [ 235.822169][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 235.832230][ T27] Call Trace: [ 235.835494][ T27] [ 235.838402][ T27] dump_stack_lvl+0x1e3/0x2d0 [ 235.843071][ T27] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 235.848705][ T27] ? panic+0x860/0x860 [ 235.852760][ T27] panic+0x318/0x860 [ 235.856725][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 235.862342][ T27] ? nmi_trigger_cpumask_backtrace+0x221/0x2a0 [ 235.868496][ T27] ? fb_is_primary_device+0xd0/0xd0 [ 235.873683][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 235.879750][ T27] ? nmi_trigger_cpumask_backtrace+0x221/0x2a0 [ 235.885883][ T27] ? nmi_trigger_cpumask_backtrace+0x281/0x2a0 [ 235.892017][ T27] ? nmi_trigger_cpumask_backtrace+0x286/0x2a0 [ 235.898153][ T27] watchdog+0xeb0/0xeb0 [ 235.902307][ T27] kthread+0x3f6/0x4f0 [ 235.906376][ T27] ? hungtask_pm_notify+0x50/0x50 [ 235.911383][ T27] ? kthread_blkcg+0xd0/0xd0 [ 235.915957][ T27] ret_from_fork+0x1f/0x30 [ 235.920365][ T27] [ 235.923717][ T27] Kernel Offset: disabled [ 235.928054][ T27] Rebooting in 86400 seconds..