last executing test programs: 7.860482341s ago: executing program 0 (id=2881): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000003c0)=[{0xff3e, 0x65, 0x1, 0x40000}]}) 3.822751318s ago: executing program 4 (id=2932): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0xbf23, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48) socket(0x10, 0x4, 0x9) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000097640000000000030000007110ffff000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) timerfd_create(0x0, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x3f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5, 0x0, 0x2, 0x3, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_setup(0xdd4, &(0x7f0000000100)) readv(r1, &(0x7f0000000240)=[{&(0x7f0000000080)=""/147, 0x93}, {0x0}], 0x2) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES16=0x0, @ANYRES32=r4, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000080)="094c6b3b9fc068be82a405f112c0b1cc", 0x10) syz_read_part_table(0x5be, &(0x7f00000005c0)="$eJzs2z9I3GcYB/DnTI5AMmTJlC5NhgwlSyRjbmjCeUmIrVzqElpIaEIIuekCgQs9COigNyjeII4uItzin8nzBidFwVnEwSI4uLQoBcHFK+LbXesfCHw+8PLwvu/37vk9w2/8Bd+0jvi73W5nIqJ97fS/7m3ku5593/Nj8ZeITPwWEb93fvfP0U0mJf7717tpv5n2E+PXW4N7T7ONjZf7914v1jrS/de0bkw2e888HBduKrd0s6+/XBiq5D6sF6rbA2ur3dO7+WLzRa0+8zz75G3KLad6NdVPUYkv8THeRClK8S7K59R/rLH14PB2oTH3/tFBV2t4oTPles4450n7f74z8qpefXx/9tbow8r8SnHnynGu9D/eLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALt9UbulmX3+5MFTJfVgvVLcH1la7p3fzxeaLWn3mefbJ25RbTvVqqp+iEl/iY7yJUpTiXZTPqf9YY+vB4e1CY+79o4Ou1vBCZ8r1nHHOk/b/fGfkVb36+P7srdGHlfmV4s6V41zp2gU9AAAAAAAAAAAAAAAAAAAAAETEs8JPPxfz3fmITPwaET/89UfH0Xk7fe+eSbm7qW6m84nx663BvafZxsbL/XuvF2t/pvOvad2YbPZe+jCc2r8BAAD//1Z7laY=") mkdir(&(0x7f0000000000)='./file0\x00', 0x0) creat(&(0x7f0000000040)='./file0/file1\x00', 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080), &(0x7f0000000040)=0x8) socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000002f40)={0x0, @dev, @broadcast}, &(0x7f0000002f80)=0xc) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r8, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000a020000000000000001000005000000000000000001"], &(0x7f0000001f40)=""/4089, 0x3e, 0xff9, 0xa}, 0x20) r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) recvmmsg(r7, &(0x7f0000008f80)=[{{0x0, 0x0, &(0x7f0000000c40)}}], 0x1, 0x0, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r9, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0) 3.426771428s ago: executing program 0 (id=2882): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x5, 0x40, 0x6, 0x8}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xc, 0x4, 0x4, 0x1, 0x0, r3}, 0x48) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x5, 0x5, &(0x7f00000000c0)=@framed={{0x2d, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r4}]}, &(0x7f0000000000)='GPL\x00'}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r6 = socket(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ALPHA={0x8}, @TCA_FQ_PIE_BETA={0x8}]}}]}, 0x44}}, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0x3, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r9 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r9, 0x400, 0x0) r10 = socket$kcm(0xa, 0x2, 0x0) sendmsg$kcm(r10, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e27, 0x0, @mcast1}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x5c8, 0x29, 0x3, "43b6a6b2aa6470440cf5fbb80cf0ed8b009f0ee0d2f9bcbd77341a94eb9b137867dc3118c2beb60753ecbadb15787b9dd2231417c3c69737aa81d63253a0c33dc0766143b9fc47150f7d3a4d06ef892c1ee3f5fa7950fe76848b97eda3a7ffabb77742d15d76eb3ebdc71d453765271c713a8cd60467930969dd45ec07fcbe0094ed6e2345bf991ccb50168d088cda1216c05fdaec64f788e6722e66e05f3256460763696ac643da6b889503566ca73b719a1045fccd8c03cc206b36137dce4e9ba7f3a5e05a2e8ce050366357e710a6b6055475dd82b2bd74c403e4de4155ba454253a4adf5559ab468e2edbea964ec4669fb486d8c5b18472fa072dea946009053b1e15140e82cc5948cf930014a87c4db296dbe76bcf37ce44cb546aad0d7653720f98f3e5a0d06081b728f62ea070b8441f86ad2c45e085e0f1f24121c1784d222f9fd41ec92e3d5a7a7e881212cfca3236b2e31855c96cf07b0b51afe3bfa61e7fae1cc7d16d15ecdc0cc80ab9442dd8e7c2ac8e74cd7045899e58f9cdd16ece2469bb37ef8ddc79a766611d067cdfb50cdc6672d707160cde9a1bc20b9c4839c2efc93c289cf58b66c7e45d66ffdab0ad89abfbd5d3781b39fd306a2d1158475aae10156688f0b41e966822dc028afd2d0f3016f967046d1077ac43e5165da2a3454a2a2e67c58f0d2c68e696c81050b7c75418527e64530e4c27ad335fc3c12701f35ae234304813649c986f11839962bbbdce29fb79fe7bce6463a28bf29d32d6db48ef4bfff8effce17d83c1bf31f7a36a1c7ea344fcf2deec357be1dc5a297e99ff0997c313b67b968fe7ecf971a109fb6e7c662ddcce04e98aa65e3a256cdd09e769251928813a1a3a6fedb0841baf49e89f44becf2b85bdff9127174f6503be0cf3b3892df6e12612c6f002b04a60c33eb297ab3f9ee16294e90dd2f3e09ca0d7d3cedabaed4d82be93f9cba7e157ffb0a4715664659147df18de6407c684e85fe7b2454c6ea05fa23140ba15a7a11750bbf45d5f848e62582c2ad96d218908d1e3ae686d3d99355d65411c4b516984b2b8859aabed132f8e5b074e46e7543b81cf1af7b48865169b644cf0c810f3eac387b43ae3b94b3171722980cdf7685e969c3f0ed033fa4f7edf12e149fb0b0207203b8c2e46d4023d21e7e6e98cc6f8c3b7b53163d8ed652b09d27180d0f2444b738c81da4191000698fd280786c5188e3ac5aefd7fce299206e410d1015448c92f3769d48cebe717a0b36fb01d1f94fac90fd665e821b45e70497b36d6123003fd89948b204802e78b141232402e7f9c5cefe215ae26f38564b34009b6d3a5069130cf45c63efd666e3a184b560e2fc12dca5e22612dabf12336b75bda73035d2d67f7deeab7aa1d73901eee8f62e906de887e04b5e59b68c50bdfe64987fbdfd8f9ab4707596b40e9bd8adf3b2aa5bd5fae10f173c160868e35c7ebc083501155372631b1c8df43accc945b663109414c8878498a216e1d840d26bddd278f47fd909c1f57e03e24852cc5849f3535206ee5ba895aafcaa90532389eb0d0ef5b321c183fbff08aa87acda39892d44d267fa3c4a53ede397f182c868ac334833279b4c42acbd431dc2df97143a7dc9d28151f2059d16e697ae95ff55753873c039e0e0cc944c46720404c9394b56001499bb09d4b06b6d7ead47485c34c4b9cfbf28accb02a97a199e39ee8bce6b0bb1e2bba69508fe0795d541ece33ea9ff6cf15ec9979b82f2d3d284a761c6f88800710b685feb000ca711d8650695f42919bae79b81ce6288a847697ffc072ea6fdfaea3b488849a080f3ab5657c372aeb5a2ea6127692bba08964f23d9e70a8e337c3aa7384e2016b008466e24c0c8d81b535a9e7fcd7ec799a486d6a4836d60972f6660dc9b88d3da365917826fe13f7fdb60991a79c7a2e25b043792ff2ec62ae6639d0a0a4d68bfee56b85b49c8d97d4daaa978de0705fbba8a8fa8df311db2f718894f8150b5300ef0f437c5eb9e3bd53a13d672dd3ab8b52c039722e5c5ae3c8cf71e5a6b9ef6102b1d"}], 0x5c8}, 0x0) r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) renameat2(r11, &(0x7f0000000140)='./file1\x00', r11, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000040)=0x8, 0x4) 3.358166302s ago: executing program 0 (id=2937): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r2) getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000) r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(r4, 0x2283, &(0x7f0000000000)=0xde) r5 = fcntl$dupfd(r4, 0x0, r4) write$sndseq(r5, &(0x7f0000000200)=[{}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}], 0x38) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) close(r6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendmsg$SOCK_DESTROY(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x3) tkill(0x0, 0x34) 3.069337724s ago: executing program 0 (id=2944): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1845000000000000001100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r0}, 0x10) open(&(0x7f0000000140)='./file0\x00', 0xa63c0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) r5 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="17c137c3733d66642c7266646e6e3d", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',k']) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000418110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x90) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000250001000000000000000000030100800c000000000000000000000014000100fe80000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43db0200115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c00"], 0x114}], 0x1}, 0x0) 2.902016746s ago: executing program 4 (id=2948): r0 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r0, 0x2) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100000620702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$inet6(0xa, 0x806, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) r2 = perf_event_open(&(0x7f00000003c0)={0x2, 0xd5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x58000, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffe}, 0x0, 0x1000000, r2, 0x10) readv(r3, &(0x7f0000000140)=[{&(0x7f00000002c0)=""/134, 0x86}], 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000f80)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r6}, 0x10) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x12c}}, 0x0) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r8, &(0x7f0000000000)="e7", 0x1, 0x0, 0x0, 0x0) r9 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r9, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x91) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socket$netlink(0x10, 0x3, 0x0) r10 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000300)={0x44, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}]}]}, 0x44}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 2.895837867s ago: executing program 0 (id=2949): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0) 2.809617723s ago: executing program 0 (id=2951): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) close(r3) 2.013368991s ago: executing program 4 (id=2968): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = syz_clone(0x1000, &(0x7f0000000200)="5e48428dd03df184143f4778d178e873c3992bc7143ae0865a93afd177e8d49942cdbff9637a3f3e6a89043563b8c3d8235f0b07e839ec270023438949212793188ae6920dbaee2f2f24392b12133ba71322e113af152e45e4ef059eb4597192ca0089e22646dbff2c26738e80c94c27d19e79cc0a58aac61ce5845008799d96d8cdea0f91f90d3832b8d12cb8c90a1e8e86cfc905368fcaa19a4f5d185f43cfb9bcc6384bc93202031a4493157401da86575f565fc9cc6e5386b31e2fffa25091c08344fddceb2a69870906", 0xcc, &(0x7f0000000080), &(0x7f0000000300), &(0x7f0000000340)="065aedeea0193c27c7a10fd9ae8115dc0b36e386fb877484599615df63bff167a115e03df5aff967ba6a16cc2f7ae873d1375ed0c819653a2924b324ea71fac971991dbbdc6bcc85fc160f709b8879fb489ea179b8034d4600e3fa2fea11728b384901f800ff05aeb1fc83d1b4b3a345ac6c940cd893bcd160ba4f32f53249a3b35ae2fab001442b6ed8bfc1a0ca6710db1e7841c9ce394d2eb2d3c35438f0540b98d9db098a5ec8d9964cbfb169f0d551318755995cb6dd73c1300d") r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r3) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000) r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(r5, 0x2283, &(0x7f0000000000)=0xde) r6 = fcntl$dupfd(r5, 0x0, r5) write$sndseq(r6, &(0x7f0000000200)=[{}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}], 0x38) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendmsg$SOCK_DESTROY(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x3) tkill(r1, 0x34) 1.808182057s ago: executing program 4 (id=2977): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x20, r2, 0xe1527b0cf4b1ab9f, 0x0, 0x0, {{}, {@void, @val={0x9}}}}, 0x20}}, 0x0) io_submit(0x0, 0x1, &(0x7f0000000a40)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0}]) getpgrp(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x10) r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r8, 0x8946, &(0x7f0000000900)={'veth1_virt_wifi\x00', @random='\x00\x00\x00 \x00'}) 1.652485168s ago: executing program 2 (id=2980): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000250001000000000000000000030100800c000000000000000000000014000100fe80000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43db0200115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c00"], 0x114}], 0x1}, 0x0) 1.447536623s ago: executing program 3 (id=2982): r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x10, 0x3, 0x9) connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f00000006c0)={&(0x7f0000000a00), 0xc, &(0x7f0000000100)={&(0x7f0000000400)={0x1c, 0x0, 0x4}, 0x1c}}, 0x0) r2 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r2) sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f0000000340)={&(0x7f0000000080), 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0xc4, r3, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x7}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x68, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pimreg0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3ff}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x36}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3c}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4048051}, 0x85) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x20, 0x10, 0x581}, 0x20}}, 0x0) r6 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={r7, 0x2}, 0x8) connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(0xffffffffffffffff, 0x8) r8 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, &(0x7f0000000040)=0x8) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10) r10 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b87033a0000001f030000ef000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fc", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x68, r3, 0xa4c8f77cb70e32a, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xf7b4}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x80000001}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wg2\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010102}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x408d1}, 0x40040) r11 = socket$inet6_tcp(0xa, 0x1, 0x0) r12 = dup(r11) fcntl$dupfd(r12, 0x0, r12) setsockopt$inet6_tcp_TLS_TX(r12, 0x6, 0x1, &(0x7f0000000240)=@ccm_128={{0x303}, "394a0cc6b906c279", "64bc46a8d7fdf999728a44e91c06a1e8", "7a2bee35", "fad0fde2de835a1c"}, 0x28) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x5}}) 1.420023375s ago: executing program 1 (id=2983): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_clone(0x1000, &(0x7f0000000200)="5e48428dd03df184143f4778d178e873c3992bc7143ae0865a93afd177e8d49942cdbff9637a3f3e6a89043563b8c3d8235f0b07e839ec270023438949212793188ae6920dbaee2f2f24392b12133ba71322e113af152e45e4ef059eb4597192ca0089e22646dbff2c26738e80c94c27d19e79cc0a58aac61ce5845008799d96d8cdea0f91f90d3832b8d12cb8c90a1e8e86cfc905368fcaa19a4f5d185f43cfb9bcc6384bc93202031a4493157401da86575f565fc9cc6e5386b31e2fffa25091c08344fddceb2a69870906", 0xcc, &(0x7f0000000080), &(0x7f0000000300), &(0x7f0000000340)="065aedeea0193c27c7a10fd9ae8115dc0b36e386fb877484599615df63bff167a115e03df5aff967ba6a16cc2f7ae873d1375ed0c819653a2924b324ea71fac971991dbbdc6bcc85fc160f709b8879fb489ea179b8034d4600e3fa2fea11728b384901f800ff05aeb1fc83d1b4b3a345ac6c940cd893bcd160ba4f32f53249a3b35ae2fab001442b6ed8bfc1a0ca6710db1e7841c9ce394d2eb2d3c35438f0540b98d9db098a5ec8d9964cbfb169f0d551318755995cb6dd73c1300d") r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r3) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000) r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(r5, 0x2283, &(0x7f0000000000)=0xde) fcntl$dupfd(r5, 0x0, r5) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) close(r6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendmsg$SOCK_DESTROY(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x3) tkill(r1, 0x34) 1.155297165s ago: executing program 3 (id=2984): r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000001811", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 1.126864797s ago: executing program 2 (id=2985): r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, 0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 984.145717ms ago: executing program 3 (id=2986): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) fsopen(&(0x7f0000000000)='bpf\x00', 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000680), 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180a1100000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000020b705000a0800000085000000a500000000"], &(0x7f0000000300)='GPL\x00', 0x4, 0x14, &(0x7f0000001e00)=""/4088}, 0x90) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) ptrace(0x8, r2) r3 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x4c, 0x0, 0x800, 0x1280, 0xffffffffffffffff, 0x10, '\x00', 0x0, r0, 0x0, 0x1, 0x5, 0x8}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r6) r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r7, &(0x7f0000000300)=""/104, 0x68) getdents(r7, &(0x7f0000001fc0)=""/184, 0xb8) socket$tipc(0x1e, 0x0, 0x0) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r8, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r8, 0x8000) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x5, 0x1, 0x3, 0x5, 0x0, 0x1}, 0xffffffffffffff10) ioprio_set$pid(0x2, 0x0, 0x0) 885.925455ms ago: executing program 2 (id=2988): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = syz_clone(0x1000, &(0x7f0000000200)="5e48428dd03df184143f4778d178e873c3992bc7143ae0865a93afd177e8d49942cdbff9637a3f3e6a89043563b8c3d8235f0b07e839ec270023438949212793188ae6920dbaee2f2f24392b12133ba71322e113af152e45e4ef059eb4597192ca0089e22646dbff2c26738e80c94c27d19e79cc0a58aac61ce5845008799d96d8cdea0f91f90d3832b8d12cb8c90a1e8e86cfc905368fcaa19a4f5d185f43cfb9bcc6384bc93202031a4493157401da86575f565fc9cc6e5386b31e2fffa25091c08344fddceb2a69870906", 0xcc, &(0x7f0000000080), &(0x7f0000000300), &(0x7f0000000340)="065aedeea0193c27c7a10fd9ae8115dc0b36e386fb877484599615df63bff167a115e03df5aff967ba6a16cc2f7ae873d1375ed0c819653a2924b324ea71fac971991dbbdc6bcc85fc160f709b8879fb489ea179b8034d4600e3fa2fea11728b384901f800ff05aeb1fc83d1b4b3a345ac6c940cd893bcd160ba4f32f53249a3b35ae2fab001442b6ed8bfc1a0ca6710db1e7841c9ce394d2eb2d3c35438f0540b98d9db098a5ec8d9964cbfb169f0d551318755995cb6dd73c1300d") r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r3) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000) r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(r5, 0x2283, &(0x7f0000000000)=0xde) r6 = fcntl$dupfd(r5, 0x0, r5) write$sndseq(r6, &(0x7f0000000200)=[{}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}], 0x38) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendmsg$SOCK_DESTROY(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x3) tkill(r1, 0x34) 885.344445ms ago: executing program 4 (id=2989): unshare(0x20020000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000008c0)=[{0x16}]}) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x1ffffffffffffeba, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESDEC], 0x0}, 0x90) getsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a09040000000000000000020000000900020073797a32000000000900010073797a300000000028000480240081800b0001007470726f787900001400028008000240000000050800014000000002140000001100010000000000000000000000000a"], 0x7c}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 796.531961ms ago: executing program 3 (id=2990): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff) r4 = gettid() sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r4}}]}, 0x3c}}, 0x0) 761.089853ms ago: executing program 2 (id=2991): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e) r1 = syz_io_uring_setup(0xe42, 0x0, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x18}) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 675.27049ms ago: executing program 2 (id=2992): pipe(0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb010018"], 0x0, 0x5a}, 0x20) r0 = socket(0x29, 0x803, 0x800) r1 = socket(0x1, 0x803, 0x0) syz_emit_ethernet(0x5e, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet(0x2, 0x3, 0x6) ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @remote}, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xee1dab1405b353e2}}, 0x0, {0x2, 0x0, @remote}}) ioctl$sock_inet_SIOCSARP(r5, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @broadcast}, 'syz_tun\x00'}) r6 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0x13) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x800, 0x70bd2d, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x4040) ioctl$TIOCL_GETMOUSEREPORTING(r6, 0x5412, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x9, 0x4, &(0x7f0000001880)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socket$packet(0x11, 0x3, 0x300) r8 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r8, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) 664.718421ms ago: executing program 1 (id=2993): r0 = socket(0x26, 0x1, 0xe989) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) 320.497326ms ago: executing program 1 (id=2994): r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) syz_io_uring_submit(r1, r2, 0x0) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 287.829369ms ago: executing program 2 (id=2995): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x911}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x6}]}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 263.24815ms ago: executing program 1 (id=2996): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1845000000000000001100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r0}, 0x10) open(&(0x7f0000000140)='./file0\x00', 0xa63c0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) r5 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="17c137c3733d66642c7266646e6e3d", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',k']) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000418110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000250001000000000000000000030100800c000000000000000000000014000100fe80000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43db0200115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c00"], 0x114}], 0x1}, 0x0) 107.257622ms ago: executing program 1 (id=2997): r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000000000000000181100", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 89.435063ms ago: executing program 3 (id=2998): r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, 0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 8.594569ms ago: executing program 3 (id=2999): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, 0x0, 0x0) r1 = syz_io_uring_setup(0xe42, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x18}) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 7.885079ms ago: executing program 1 (id=3009): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) close(r3) 0s ago: executing program 4 (id=3000): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000400)='netfs_rreq_ref\x00', r0}, 0x3) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = socket(0x1e, 0x1, 0x0) connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) recvmmsg(r1, &(0x7f0000001ec0)=[{{0x0, 0xa00, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/64, 0x40}], 0x1, &(0x7f0000000540)=""/27, 0x1b}}], 0x1, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2000011a) kernel console output (not intermixed with test programs): 16][T10047] RDX: 00007f07b9116ef0 RSI: 0000000000000000 RDI: 00007f07ba508131 [ 170.529116][T10047] RBP: 0000000020000cc0 R08: 00007f07b9116bb7 R09: 00007f07b9116e40 [ 170.537206][T10047] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000740 [ 170.545232][T10047] R13: 00007f07b9116ef0 R14: 00007f07b9116eb0 R15: 0000000020000080 [ 170.553311][T10047] [ 170.642492][ T29] audit: type=1400 audit(1725278023.614:6841): avc: denied { module_load } for pid=10052 comm="syz.3.2307" path="/90/bus" dev="tmpfs" ino=499 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 170.643505][T10053] Invalid ELF header magic: != ELF [ 170.676667][T10055] netlink: 'syz.2.2308': attribute type 10 has an invalid length. [ 170.684596][T10055] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2308'. [ 170.699891][T10057] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10057 comm=syz.3.2309 [ 170.700671][T10055] bridge0: port 3(ipvlan0) entered blocking state [ 170.719040][T10055] bridge0: port 3(ipvlan0) entered disabled state [ 170.726067][T10055] ipvlan0: entered allmulticast mode [ 170.731418][T10055] veth0_vlan: entered allmulticast mode [ 170.734345][T10060] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10060 comm=syz.2.2308 [ 170.737592][T10055] ipvlan0: left allmulticast mode [ 170.754768][T10055] veth0_vlan: left allmulticast mode [ 170.760721][T10055] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 170.779226][T10061] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10061 comm=syz.3.2309 [ 170.779727][T10057] netlink: 'syz.3.2309': attribute type 10 has an invalid length. [ 170.799676][T10057] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2309'. [ 170.812349][T10057] bridge0: port 3(ipvlan0) entered blocking state [ 170.818856][T10057] bridge0: port 3(ipvlan0) entered disabled state [ 170.826425][T10057] ipvlan0: entered allmulticast mode [ 170.828379][T10064] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2311'. [ 170.832422][T10057] veth0_vlan: entered allmulticast mode [ 170.849048][T10057] ipvlan0: left allmulticast mode [ 170.854330][T10057] veth0_vlan: left allmulticast mode [ 170.862155][T10057] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 170.885813][T10059] pim6reg1: entered promiscuous mode [ 170.891324][T10059] pim6reg1: entered allmulticast mode [ 170.928276][T10071] netlink: 'syz.2.2314': attribute type 1 has an invalid length. [ 170.936190][T10071] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2314'. [ 170.977117][T10075] tipc: Enabling of bearer rejected, failed to enable media [ 170.989052][ T29] audit: type=1326 audit(1725278023.954:6842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.025859][ T29] audit: type=1326 audit(1725278023.954:6843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.044195][T10069] pim6reg: entered allmulticast mode [ 171.049427][ T29] audit: type=1326 audit(1725278023.954:6844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.078325][ T29] audit: type=1326 audit(1725278023.954:6845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.101993][ T29] audit: type=1326 audit(1725278023.954:6846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.125515][ T29] audit: type=1326 audit(1725278023.954:6847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.149252][ T29] audit: type=1326 audit(1725278023.984:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.172842][ T29] audit: type=1326 audit(1725278023.984:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 171.227303][T10078] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2316'. [ 171.247839][T10085] Invalid ELF header magic: != ELF [ 171.332838][T10092] netlink: 'syz.1.2322': attribute type 10 has an invalid length. [ 171.340842][T10092] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2322'. [ 171.369927][T10092] bridge0: port 4(ipvlan0) entered blocking state [ 171.376732][T10092] bridge0: port 4(ipvlan0) entered disabled state [ 171.383413][T10095] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10095 comm=syz.1.2322 [ 171.386089][T10096] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10096 comm=syz.2.2323 [ 171.408859][T10092] ipvlan0: entered allmulticast mode [ 171.414298][T10092] veth0_vlan: entered allmulticast mode [ 171.422500][T10092] ipvlan0: left allmulticast mode [ 171.427733][T10092] veth0_vlan: left allmulticast mode [ 171.438853][T10092] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 171.457584][T10096] netlink: 'syz.2.2323': attribute type 10 has an invalid length. [ 171.465663][T10096] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2323'. [ 171.479511][T10096] bridge0: port 3(ipvlan0) entered blocking state [ 171.486143][T10096] bridge0: port 3(ipvlan0) entered disabled state [ 171.500061][T10098] netlink: 'syz.3.2324': attribute type 20 has an invalid length. [ 171.508334][T10099] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10099 comm=syz.2.2323 [ 171.521855][T10096] ipvlan0: entered allmulticast mode [ 171.527283][T10096] veth0_vlan: entered allmulticast mode [ 171.546219][T10096] ipvlan0: left allmulticast mode [ 171.551386][T10096] veth0_vlan: left allmulticast mode [ 171.559567][T10096] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 171.590087][T10103] loop3: detected capacity change from 0 to 512 [ 171.600249][T10103] EXT4-fs: Invalid want_extra_isize 1 [ 171.606942][T10105] netlink: 'syz.1.2327': attribute type 1 has an invalid length. [ 171.621292][T10103] loop3: detected capacity change from 0 to 512 [ 171.659646][T10103] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2326: casefold flag without casefold feature [ 171.682582][T10103] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2326: couldn't read orphan inode 15 (err -117) [ 171.707942][T10103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 171.733348][T10103] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2326: Directory hole found for htree leaf block 0 [ 171.763494][T10103] tipc: Enabling of bearer rejected, failed to enable media [ 171.790656][T10124] __nla_validate_parse: 1 callbacks suppressed [ 171.790672][T10124] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2334'. [ 171.794093][T10127] FAULT_INJECTION: forcing a failure. [ 171.794093][T10127] name failslab, interval 1, probability 0, space 0, times 0 [ 171.818652][T10127] CPU: 0 UID: 0 PID: 10127 Comm: syz.2.2335 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 171.829694][T10127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 171.839778][T10127] Call Trace: [ 171.843075][T10127] [ 171.846151][T10127] dump_stack_lvl+0xf2/0x150 [ 171.850761][T10127] dump_stack+0x15/0x20 [ 171.855001][T10127] should_fail_ex+0x229/0x230 [ 171.859741][T10127] ? build_skb+0x33/0x210 [ 171.864161][T10127] should_failslab+0x8f/0xb0 [ 171.868794][T10127] kmem_cache_alloc_noprof+0x4c/0x290 [ 171.874261][T10127] ? alloc_pages_mpol_noprof+0xd5/0x1e0 [ 171.879921][T10127] build_skb+0x33/0x210 [ 171.884127][T10127] __tun_build_skb+0x2b/0x1b0 [ 171.888908][T10127] ? tun_get_user+0x1474/0x24b0 [ 171.893800][T10127] tun_get_user+0x1494/0x24b0 [ 171.898624][T10127] ? kstrtoull+0x110/0x140 [ 171.903117][T10127] ? ref_tracker_alloc+0x1f5/0x2f0 [ 171.908357][T10127] tun_chr_write_iter+0x18e/0x240 [ 171.913419][T10127] vfs_write+0x78f/0x900 [ 171.917678][T10127] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 171.923373][T10127] ksys_write+0xeb/0x1b0 [ 171.927658][T10127] __x64_sys_write+0x42/0x50 [ 171.932317][T10127] x64_sys_call+0x27dd/0x2d60 [ 171.937061][T10127] do_syscall_64+0xc9/0x1c0 [ 171.941691][T10127] ? clear_bhb_loop+0x55/0xb0 [ 171.946406][T10127] ? clear_bhb_loop+0x55/0xb0 [ 171.951177][T10127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.957187][T10127] RIP: 0033:0x7f644fb2899f [ 171.961696][T10127] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 171.981748][T10127] RSP: 002b:00007f644e7a7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 171.990188][T10127] RAX: ffffffffffffffda RBX: 00007f644fcc5f80 RCX: 00007f644fb2899f [ 171.998258][T10127] RDX: 0000000000000066 RSI: 0000000020000780 RDI: 00000000000000c8 [ 172.006260][T10127] RBP: 00007f644e7a7090 R08: 0000000000000000 R09: 0000000000000000 [ 172.014236][T10127] R10: 0000000000000066 R11: 0000000000000293 R12: 0000000000000001 [ 172.022279][T10127] R13: 0000000000000000 R14: 00007f644fcc5f80 R15: 00007ffe7db1ba18 [ 172.030298][T10127] [ 172.045109][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.085975][T10133] netlink: 'syz.2.2337': attribute type 20 has an invalid length. [ 172.095138][T10131] netlink: 'syz.3.2336': attribute type 10 has an invalid length. [ 172.103047][T10131] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2336'. [ 172.130891][T10131] bridge0: port 3(ipvlan0) entered blocking state [ 172.137473][T10131] bridge0: port 3(ipvlan0) entered disabled state [ 172.146288][T10136] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10136 comm=syz.3.2336 [ 172.152310][T10131] ipvlan0: entered allmulticast mode [ 172.164137][T10131] veth0_vlan: entered allmulticast mode [ 172.193743][T10131] ipvlan0: left allmulticast mode [ 172.198886][T10131] veth0_vlan: left allmulticast mode [ 172.220609][T10131] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 172.280826][T10140] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10140 comm=syz.3.2340 [ 172.307073][T10140] netlink: 'syz.3.2340': attribute type 10 has an invalid length. [ 172.315069][T10140] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2340'. [ 172.347572][T10140] bridge0: port 3(ipvlan0) entered blocking state [ 172.354133][T10140] bridge0: port 3(ipvlan0) entered disabled state [ 172.358450][T10146] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10146 comm=syz.3.2340 [ 172.378285][T10140] ipvlan0: entered allmulticast mode [ 172.383650][T10140] veth0_vlan: entered allmulticast mode [ 172.394352][T10140] ipvlan0: left allmulticast mode [ 172.399516][T10140] veth0_vlan: left allmulticast mode [ 172.405772][T10140] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 172.690830][T10160] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 172.701840][T10161] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 172.877050][T10165] loop3: detected capacity change from 0 to 164 [ 172.884307][T10165] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 172.920369][T10168] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2351'. [ 172.929481][T10168] bridge0: port 3(ipvlan0) entered blocking state [ 172.936065][T10168] bridge0: port 3(ipvlan0) entered disabled state [ 172.942901][T10168] ipvlan0: entered allmulticast mode [ 172.948193][T10168] veth0_vlan: entered allmulticast mode [ 172.954649][T10168] ipvlan0: left allmulticast mode [ 172.959821][T10168] veth0_vlan: left allmulticast mode [ 172.965986][T10168] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 172.982283][T10169] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10169 comm=syz.3.2351 [ 173.031259][T10176] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10176 comm=syz.3.2354 [ 173.045851][T10176] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2354'. [ 173.055295][T10176] bridge0: port 3(ipvlan0) entered blocking state [ 173.061867][T10176] bridge0: port 3(ipvlan0) entered disabled state [ 173.069503][T10176] ipvlan0: entered allmulticast mode [ 173.075052][T10176] veth0_vlan: entered allmulticast mode [ 173.082195][T10176] ipvlan0: left allmulticast mode [ 173.087253][T10176] veth0_vlan: left allmulticast mode [ 173.093474][T10176] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 173.110061][T10185] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10185 comm=syz.3.2354 [ 173.148103][T10189] loop3: detected capacity change from 0 to 512 [ 173.155408][T10189] EXT4-fs: Invalid want_extra_isize 1 [ 173.166222][T10189] loop3: detected capacity change from 0 to 512 [ 173.183294][T10189] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2359: casefold flag without casefold feature [ 173.202488][T10189] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2359: couldn't read orphan inode 15 (err -117) [ 173.285341][T10188] pim6reg: entered allmulticast mode [ 173.316297][T10189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.329526][T10189] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2359: Directory hole found for htree leaf block 0 [ 173.346881][T10189] tipc: Enabling of bearer rejected, failed to enable media [ 173.479611][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.305121][T10203] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2364'. [ 174.314462][T10203] bridge0: port 3(ipvlan0) entered blocking state [ 174.321060][T10203] bridge0: port 3(ipvlan0) entered disabled state [ 174.328879][T10203] ipvlan0: entered allmulticast mode [ 174.334263][T10203] veth0_vlan: entered allmulticast mode [ 174.340756][T10203] ipvlan0: left allmulticast mode [ 174.345816][T10203] veth0_vlan: left allmulticast mode [ 174.351938][T10203] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 174.372901][T10208] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10208 comm=syz.3.2364 [ 174.478379][T10215] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2369'. [ 174.515412][T10219] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=40291 sclass=netlink_route_socket pid=10219 comm=syz.2.2370 [ 174.583315][T10226] tipc: Enabling of bearer rejected, failed to enable media [ 174.592429][T10228] loop3: detected capacity change from 0 to 512 [ 174.621027][T10228] /dev/loop3: Can't open blockdev [ 174.665683][T10233] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2376'. [ 174.730860][T10228] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 174.750208][T10239] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10239 comm=syz.2.2377 [ 174.779627][T10239] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2377'. [ 174.791161][T10239] bridge0: port 3(ipvlan0) entered blocking state [ 174.797642][T10239] bridge0: port 3(ipvlan0) entered disabled state [ 174.804677][T10239] ipvlan0: entered allmulticast mode [ 174.810144][T10239] veth0_vlan: entered allmulticast mode [ 174.817526][T10239] ipvlan0: left allmulticast mode [ 174.822617][T10239] veth0_vlan: left allmulticast mode [ 174.832800][T10244] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10244 comm=syz.2.2377 [ 175.068697][ T9917] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.132918][T10242] pim6reg1: entered promiscuous mode [ 175.138296][T10242] pim6reg1: entered allmulticast mode [ 175.200401][ T9917] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.213186][T10257] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2381'. [ 175.239152][ T9917] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.267201][ T9917] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.332544][ T29] kauditd_printk_skb: 248 callbacks suppressed [ 175.332597][ T29] audit: type=1326 audit(1725278028.304:7098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.370537][ T29] audit: type=1326 audit(1725278028.304:7099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.394142][ T29] audit: type=1326 audit(1725278028.304:7100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.418081][ T29] audit: type=1326 audit(1725278028.304:7101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.441861][ T29] audit: type=1326 audit(1725278028.304:7102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.469819][ T29] audit: type=1326 audit(1725278028.394:7103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.493504][ T29] audit: type=1326 audit(1725278028.394:7104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.517097][ T29] audit: type=1326 audit(1725278028.394:7105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.540840][ T29] audit: type=1326 audit(1725278028.394:7106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.564466][ T29] audit: type=1326 audit(1725278028.394:7107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 175.681138][T10277] loop7: detected capacity change from 0 to 16384 [ 175.695257][T10274] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 175.698616][T10281] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 175.719422][T10282] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 175.750266][T10277] Invalid logical block size (65532) [ 175.819654][ T46] blk_print_req_error: 6 callbacks suppressed [ 175.819675][ T46] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 [ 175.871033][T10291] tipc: Started in network mode [ 175.876054][T10291] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 175.883688][T10291] tipc: Enabled bearer , priority 10 [ 175.901331][T10297] validate_nla: 7 callbacks suppressed [ 175.901349][T10297] netlink: 'syz.2.2395': attribute type 1 has an invalid length. [ 175.908338][T10291] tipc: Resetting bearer [ 175.970570][T10291] tipc: Disabling bearer [ 176.133088][T10321] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 176.148294][T10324] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 176.155166][T10323] loop3: detected capacity change from 0 to 1024 [ 176.212899][T10323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.349413][T10329] pim6reg: entered allmulticast mode [ 176.642163][T10358] syzkaller0: tun_chr_ioctl cmd 1074812117 [ 176.784455][T10367] pim6reg1: entered promiscuous mode [ 176.789915][T10367] pim6reg1: entered allmulticast mode [ 177.237421][T10394] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 177.281201][T10402] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 177.315009][T10394] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=10394 comm=syz.0.2433 [ 177.456603][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.572965][T10420] tipc: Started in network mode [ 177.577926][T10420] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 177.585236][T10420] tipc: Enabled bearer , priority 10 [ 177.629282][T10420] tipc: Resetting bearer [ 177.666330][T10420] tipc: Disabling bearer [ 177.703892][T10431] netlink: 'syz.4.2448': attribute type 10 has an invalid length. [ 177.711879][T10431] __nla_validate_parse: 4 callbacks suppressed [ 177.711898][T10431] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2448'. [ 177.766997][T10431] bridge0: port 3(ipvlan0) entered blocking state [ 177.767474][T10434] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10434 comm=syz.4.2448 [ 177.773732][T10431] bridge0: port 3(ipvlan0) entered disabled state [ 177.827320][T10435] netlink: 'syz.2.2450': attribute type 1 has an invalid length. [ 177.835270][T10435] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2450'. [ 177.845582][T10431] ipvlan0: entered allmulticast mode [ 177.851250][T10431] veth0_vlan: entered allmulticast mode [ 177.860666][T10431] ipvlan0: left allmulticast mode [ 177.865829][T10431] veth0_vlan: left allmulticast mode [ 177.882311][T10431] net_ratelimit: 2 callbacks suppressed [ 177.882395][T10431] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 178.369972][T10465] FAULT_INJECTION: forcing a failure. [ 178.369972][T10465] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 178.383137][T10465] CPU: 1 UID: 0 PID: 10465 Comm: syz.1.2462 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 178.393932][T10465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 178.404063][T10465] Call Trace: [ 178.407370][T10465] [ 178.410414][T10465] dump_stack_lvl+0xf2/0x150 [ 178.415167][T10465] dump_stack+0x15/0x20 [ 178.419358][T10465] should_fail_ex+0x229/0x230 [ 178.424054][T10465] should_fail+0xb/0x10 [ 178.428220][T10465] should_fail_usercopy+0x1a/0x20 [ 178.433372][T10465] _copy_from_iter+0xd3/0xb00 [ 178.438342][T10465] ? kmalloc_reserve+0x16e/0x190 [ 178.443351][T10465] ? __build_skb_around+0x196/0x1f0 [ 178.448589][T10465] ? __alloc_skb+0x21f/0x310 [ 178.453186][T10465] ? __virt_addr_valid+0x1ed/0x250 [ 178.458349][T10465] ? __check_object_size+0x35b/0x510 [ 178.463753][T10465] netlink_sendmsg+0x460/0x6e0 [ 178.468567][T10465] ? __pfx_netlink_sendmsg+0x10/0x10 [ 178.473879][T10465] __sock_sendmsg+0x140/0x180 [ 178.478781][T10465] ____sys_sendmsg+0x312/0x410 [ 178.483605][T10465] __sys_sendmsg+0x1e9/0x280 [ 178.488281][T10465] __x64_sys_sendmsg+0x46/0x50 [ 178.493121][T10465] x64_sys_call+0x2689/0x2d60 [ 178.498113][T10465] do_syscall_64+0xc9/0x1c0 [ 178.502629][T10465] ? clear_bhb_loop+0x55/0xb0 [ 178.507342][T10465] ? clear_bhb_loop+0x55/0xb0 [ 178.512243][T10465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.518303][T10465] RIP: 0033:0x7f093d7e9eb9 [ 178.522921][T10465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.542713][T10465] RSP: 002b:00007f093c467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 178.551142][T10465] RAX: ffffffffffffffda RBX: 00007f093d985f80 RCX: 00007f093d7e9eb9 [ 178.559268][T10465] RDX: 0000000044000000 RSI: 0000000020000240 RDI: 0000000000000005 [ 178.567251][T10465] RBP: 00007f093c467090 R08: 0000000000000000 R09: 0000000000000000 [ 178.575224][T10465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.583211][T10465] R13: 0000000000000000 R14: 00007f093d985f80 R15: 00007ffe23d20a68 [ 178.591285][T10465] [ 178.653365][T10469] loop3: detected capacity change from 0 to 512 [ 178.658227][T10472] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10472 comm=syz.1.2465 [ 178.686652][T10469] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.702634][T10472] netlink: 'syz.1.2465': attribute type 10 has an invalid length. [ 178.710515][T10472] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2465'. [ 178.729504][T10472] bridge0: port 4(ipvlan0) entered blocking state [ 178.736136][T10472] bridge0: port 4(ipvlan0) entered disabled state [ 178.750053][T10469] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.790358][T10475] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10475 comm=syz.1.2465 [ 178.842748][T10472] ipvlan0: entered allmulticast mode [ 178.848174][T10472] veth0_vlan: entered allmulticast mode [ 178.879590][T10469] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2464: Directory hole found for htree leaf block 0 [ 178.893111][T10472] ipvlan0: left allmulticast mode [ 178.898148][T10472] veth0_vlan: left allmulticast mode [ 178.928534][T10472] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 179.016090][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.026933][T10490] syz.2.2472[10490] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 179.027027][T10490] syz.2.2472[10490] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 179.064964][T10492] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10492 comm=syz.4.2473 [ 179.092210][T10490] netlink: 220 bytes leftover after parsing attributes in process `syz.2.2472'. [ 179.140689][T10495] pim6reg1: entered promiscuous mode [ 179.146032][T10495] pim6reg1: entered allmulticast mode [ 179.212035][T10499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10499 comm=syz.4.2473 [ 179.248126][T10492] netlink: 'syz.4.2473': attribute type 10 has an invalid length. [ 179.256058][T10492] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2473'. [ 179.281783][T10492] bridge0: port 3(ipvlan0) entered blocking state [ 179.288376][T10492] bridge0: port 3(ipvlan0) entered disabled state [ 179.311928][T10492] ipvlan0: entered allmulticast mode [ 179.317310][T10492] veth0_vlan: entered allmulticast mode [ 179.353800][T10492] ipvlan0: left allmulticast mode [ 179.358897][T10492] veth0_vlan: left allmulticast mode [ 179.384743][T10492] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 179.417430][T10514] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10514 comm=syz.1.2482 [ 179.455151][T10514] netlink: 'syz.1.2482': attribute type 10 has an invalid length. [ 179.463786][T10514] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2482'. [ 179.489819][T10514] bridge0: port 4(ipvlan0) entered blocking state [ 179.496509][T10514] bridge0: port 4(ipvlan0) entered disabled state [ 179.511036][T10525] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10525 comm=syz.1.2482 [ 179.513713][T10514] ipvlan0: entered allmulticast mode [ 179.528981][T10514] veth0_vlan: entered allmulticast mode [ 179.576658][T10514] ipvlan0: left allmulticast mode [ 179.581870][T10514] veth0_vlan: left allmulticast mode [ 179.599304][T10514] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 179.649153][T10528] pim6reg1: entered promiscuous mode [ 179.654633][T10528] pim6reg1: entered allmulticast mode [ 179.946698][T10556] netlink: 'syz.4.2501': attribute type 10 has an invalid length. [ 179.954697][T10556] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2501'. [ 179.974465][T10558] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10558 comm=syz.1.2502 [ 180.000422][T10556] bridge0: port 3(ipvlan0) entered blocking state [ 180.007038][T10556] bridge0: port 3(ipvlan0) entered disabled state [ 180.017101][T10559] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10559 comm=syz.4.2501 [ 180.030548][T10556] ipvlan0: entered allmulticast mode [ 180.035887][T10556] veth0_vlan: entered allmulticast mode [ 180.067660][T10556] ipvlan0: left allmulticast mode [ 180.072944][T10556] veth0_vlan: left allmulticast mode [ 180.079005][T10556] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 180.097732][T10563] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10563 comm=syz.1.2502 [ 180.143759][T10558] netlink: 'syz.1.2502': attribute type 10 has an invalid length. [ 180.151652][T10558] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2502'. [ 180.160928][T10558] bridge0: port 4(ipvlan0) entered blocking state [ 180.167510][T10558] bridge0: port 4(ipvlan0) entered disabled state [ 180.174588][T10558] ipvlan0: entered allmulticast mode [ 180.180047][T10558] veth0_vlan: entered allmulticast mode [ 180.186368][T10558] ipvlan0: left allmulticast mode [ 180.191495][T10558] veth0_vlan: left allmulticast mode [ 180.197905][T10558] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 180.525170][T10584] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 180.590716][T10587] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=10587 comm=syz.4.2512 [ 180.645858][T10590] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 180.675432][T10593] netlink: 'syz.1.2515': attribute type 10 has an invalid length. [ 180.683455][T10593] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2515'. [ 180.693409][T10593] bridge0: port 4(ipvlan0) entered blocking state [ 180.699931][T10593] bridge0: port 4(ipvlan0) entered disabled state [ 180.706887][T10593] ipvlan0: entered allmulticast mode [ 180.712464][T10593] veth0_vlan: entered allmulticast mode [ 180.718780][T10593] ipvlan0: left allmulticast mode [ 180.723943][T10593] veth0_vlan: left allmulticast mode [ 180.730755][T10593] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 180.748149][T10599] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 180.768084][T10599] netlink: zone id is out of range [ 180.773276][T10599] netlink: zone id is out of range [ 180.778500][T10599] netlink: zone id is out of range [ 180.789298][ T29] kauditd_printk_skb: 343 callbacks suppressed [ 180.789315][ T29] audit: type=1400 audit(1725278033.754:7451): avc: denied { mounton } for pid=10598 comm="syz.4.2518" path="/proc/95/cgroup" dev="proc" ino=32690 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 180.875277][T10616] netlink: 'syz.2.2525': attribute type 1 has an invalid length. [ 180.883252][T10616] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2525'. [ 181.024846][T10630] FAULT_INJECTION: forcing a failure. [ 181.024846][T10630] name failslab, interval 1, probability 0, space 0, times 0 [ 181.037848][T10630] CPU: 0 UID: 0 PID: 10630 Comm: syz.3.2531 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 181.048689][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 181.058773][T10630] Call Trace: [ 181.062058][T10630] [ 181.064994][T10630] dump_stack_lvl+0xf2/0x150 [ 181.069827][T10630] dump_stack+0x15/0x20 [ 181.074009][T10630] should_fail_ex+0x229/0x230 [ 181.078763][T10630] ? __alloc_skb+0x10b/0x310 [ 181.083389][T10630] should_failslab+0x8f/0xb0 [ 181.088009][T10630] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 181.093834][T10630] __alloc_skb+0x10b/0x310 [ 181.098376][T10630] netlink_alloc_large_skb+0xad/0xe0 [ 181.103783][T10630] netlink_sendmsg+0x3b4/0x6e0 [ 181.108729][T10630] ? __pfx_netlink_sendmsg+0x10/0x10 [ 181.114053][T10630] __sock_sendmsg+0x140/0x180 [ 181.118905][T10630] ____sys_sendmsg+0x312/0x410 [ 181.123728][T10630] __sys_sendmsg+0x1e9/0x280 [ 181.128526][T10630] __x64_sys_sendmsg+0x46/0x50 [ 181.133313][T10630] x64_sys_call+0x2689/0x2d60 [ 181.138011][T10630] do_syscall_64+0xc9/0x1c0 [ 181.142535][T10630] ? clear_bhb_loop+0x55/0xb0 [ 181.147274][T10630] ? clear_bhb_loop+0x55/0xb0 [ 181.151975][T10630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.157898][T10630] RIP: 0033:0x7f83f9619eb9 [ 181.162359][T10630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.182064][T10630] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 181.190534][T10630] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9 [ 181.198513][T10630] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 181.206626][T10630] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000 [ 181.214604][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.222580][T10630] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558 [ 181.230652][T10630] [ 181.240295][T10625] pim6reg1: entered promiscuous mode [ 181.245776][T10625] pim6reg1: entered allmulticast mode [ 181.273038][T10638] syz.4.2534[10638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.273127][T10638] syz.4.2534[10638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.289901][T10638] FAULT_INJECTION: forcing a failure. [ 181.289901][T10638] name failslab, interval 1, probability 0, space 0, times 0 [ 181.314338][T10638] CPU: 0 UID: 0 PID: 10638 Comm: syz.4.2534 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 181.325278][T10638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 181.335412][T10638] Call Trace: [ 181.338701][T10638] [ 181.341638][T10638] dump_stack_lvl+0xf2/0x150 [ 181.346396][T10638] dump_stack+0x15/0x20 [ 181.350641][T10638] should_fail_ex+0x229/0x230 [ 181.355599][T10638] ? wpan_phy_new+0x2a/0x190 [ 181.360202][T10638] should_failslab+0x8f/0xb0 [ 181.364874][T10638] __kmalloc_noprof+0xa5/0x370 [ 181.369712][T10638] wpan_phy_new+0x2a/0x190 [ 181.374260][T10638] ieee802154_alloc_hw+0xbd/0x5b0 [ 181.379566][T10638] hwsim_add_one+0x48/0xa80 [ 181.384079][T10638] ? genl_family_rcv_msg_attrs_parse+0x148/0x1a0 [ 181.390493][T10638] ? genl_family_rcv_msg_attrs_parse+0x182/0x1a0 [ 181.396960][T10638] hwsim_new_radio_nl+0x2e/0x40 [ 181.401817][T10638] genl_rcv_msg+0x61b/0x6c0 [ 181.406425][T10638] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 181.412044][T10638] ? __rcu_read_unlock+0x4e/0x70 [ 181.417002][T10638] netlink_rcv_skb+0x12c/0x230 [ 181.422242][T10638] ? __pfx_genl_rcv_msg+0x10/0x10 [ 181.427343][T10638] genl_rcv+0x28/0x40 [ 181.431446][T10638] netlink_unicast+0x599/0x670 [ 181.436257][T10638] netlink_sendmsg+0x5cc/0x6e0 [ 181.441216][T10638] ? __pfx_netlink_sendmsg+0x10/0x10 [ 181.446520][T10638] __sock_sendmsg+0x140/0x180 [ 181.451486][T10638] ____sys_sendmsg+0x312/0x410 [ 181.456356][T10638] __sys_sendmsg+0x1e9/0x280 [ 181.460991][T10638] __x64_sys_sendmsg+0x46/0x50 [ 181.466037][T10638] x64_sys_call+0x2689/0x2d60 [ 181.470751][T10638] do_syscall_64+0xc9/0x1c0 [ 181.475275][T10638] ? clear_bhb_loop+0x55/0xb0 [ 181.480043][T10638] ? clear_bhb_loop+0x55/0xb0 [ 181.485098][T10638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.491089][T10638] RIP: 0033:0x7f07ba499eb9 [ 181.495548][T10638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.515384][T10638] RSP: 002b:00007f07b9117038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 181.523883][T10638] RAX: ffffffffffffffda RBX: 00007f07ba635f80 RCX: 00007f07ba499eb9 [ 181.531999][T10638] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006 [ 181.540025][T10638] RBP: 00007f07b9117090 R08: 0000000000000000 R09: 0000000000000000 [ 181.548090][T10638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.556093][T10638] R13: 0000000000000000 R14: 00007f07ba635f80 R15: 00007fff887615e8 [ 181.564369][T10638] [ 181.567724][T10638] failure to allocate master IEEE802.15.4 device [ 181.662081][ T29] audit: type=1326 audit(1725278034.604:7452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10646 comm="syz.2.2539" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x0 [ 181.685911][ T29] audit: type=1326 audit(1725278034.614:7453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000 [ 181.709477][ T29] audit: type=1326 audit(1725278034.614:7454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000 [ 181.733733][ T29] audit: type=1326 audit(1725278034.614:7455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000 [ 181.757601][ T29] audit: type=1326 audit(1725278034.614:7456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000 [ 181.781675][ T29] audit: type=1326 audit(1725278034.614:7457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07ba499ef3 code=0x7ffc0000 [ 181.805298][ T29] audit: type=1326 audit(1725278034.614:7458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07ba499ef3 code=0x7ffc0000 [ 181.828890][ T29] audit: type=1326 audit(1725278034.614:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000 [ 181.852635][ T29] audit: type=1326 audit(1725278034.614:7460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000 [ 181.884714][T10650] netlink: 'syz.1.2541': attribute type 1 has an invalid length. [ 182.535698][T10673] pim6reg: entered allmulticast mode [ 182.571409][T10677] pim6reg1: entered promiscuous mode [ 182.576763][T10677] pim6reg1: entered allmulticast mode [ 182.577437][T10681] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 182.623484][T10684] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 182.652775][T10686] netlink: 'syz.2.2554': attribute type 1 has an invalid length. [ 182.699076][T10691] tipc: Enabling of bearer rejected, failed to enable media [ 182.809166][T10701] __nla_validate_parse: 4 callbacks suppressed [ 182.809220][T10701] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2560'. [ 182.892236][T10699] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2559'. [ 182.926737][T10716] loop3: detected capacity change from 0 to 1024 [ 182.975174][T10716] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.157054][T10725] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 183.170950][T10727] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 183.227770][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.309867][T10726] pim6reg1: entered promiscuous mode [ 183.315392][T10726] pim6reg1: entered allmulticast mode [ 183.391329][T10738] tipc: Enabling of bearer rejected, failed to enable media [ 183.402617][T10743] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2575'. [ 183.496392][T10749] 9pnet_fd: Insufficient options for proto=fd [ 183.652074][T10757] 9pnet_fd: Insufficient options for proto=fd [ 183.690866][T10751] FAULT_INJECTION: forcing a failure. [ 183.690866][T10751] name failslab, interval 1, probability 0, space 0, times 0 [ 183.703609][T10751] CPU: 0 UID: 0 PID: 10751 Comm: syz.1.2580 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 183.714455][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 183.724805][T10751] Call Trace: [ 183.728151][T10751] [ 183.731143][T10751] dump_stack_lvl+0xf2/0x150 [ 183.735840][T10751] dump_stack+0x15/0x20 [ 183.740019][T10751] should_fail_ex+0x229/0x230 [ 183.744741][T10751] ? __d_alloc+0x3d/0x340 [ 183.749095][T10751] should_failslab+0x8f/0xb0 [ 183.753735][T10751] kmem_cache_alloc_lru_noprof+0x51/0x2a0 [ 183.759628][T10751] __d_alloc+0x3d/0x340 [ 183.764074][T10751] d_alloc_pseudo+0x1e/0x80 [ 183.768720][T10751] alloc_file_pseudo+0x70/0x140 [ 183.773770][T10751] __shmem_file_setup+0x1bb/0x1f0 [ 183.778855][T10751] shmem_file_setup+0x3b/0x50 [ 183.783585][T10751] __se_sys_memfd_create+0x31d/0x600 [ 183.788909][T10751] __x64_sys_memfd_create+0x31/0x40 [ 183.794149][T10751] x64_sys_call+0x2891/0x2d60 [ 183.798878][T10751] do_syscall_64+0xc9/0x1c0 [ 183.803699][T10751] ? clear_bhb_loop+0x55/0xb0 [ 183.808476][T10751] ? clear_bhb_loop+0x55/0xb0 [ 183.813179][T10751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.819216][T10751] RIP: 0033:0x7f093d7e9eb9 [ 183.823751][T10751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.843414][T10751] RSP: 002b:00007f093c466e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 183.852039][T10751] RAX: ffffffffffffffda RBX: 000000000000060e RCX: 00007f093d7e9eb9 [ 183.860108][T10751] RDX: 00007f093c466ef0 RSI: 0000000000000000 RDI: 00007f093d858131 [ 183.868159][T10751] RBP: 0000000020001080 R08: 00007f093c466bb7 R09: 00007f093c466e40 [ 183.876591][T10751] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000000 [ 183.884594][T10751] R13: 00007f093c466ef0 R14: 00007f093c466eb0 R15: 0000000020000680 [ 183.892792][T10751] [ 183.928482][T10761] xt_l2tp: v2 sid > 0xffff: 16777216 [ 183.986127][T10765] selinux_netlink_send: 3 callbacks suppressed [ 183.986145][T10765] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10765 comm=syz.4.2586 [ 184.020274][T10767] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2588'. [ 184.029878][T10769] tipc: Enabling of bearer rejected, failed to enable media [ 184.042980][T10765] netlink: 'syz.4.2586': attribute type 10 has an invalid length. [ 184.051022][T10765] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2586'. [ 184.066048][T10765] bridge0: port 3(ipvlan0) entered blocking state [ 184.072642][T10765] bridge0: port 3(ipvlan0) entered disabled state [ 184.092059][T10765] ipvlan0: entered allmulticast mode [ 184.097462][T10765] veth0_vlan: entered allmulticast mode [ 184.106001][T10771] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10771 comm=syz.4.2586 [ 184.119763][T10765] ipvlan0: left allmulticast mode [ 184.124984][T10765] veth0_vlan: left allmulticast mode [ 184.134688][T10765] net_ratelimit: 8 callbacks suppressed [ 184.134708][T10765] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 184.174197][T10774] loop3: detected capacity change from 0 to 256 [ 184.202158][T10774] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 184.245549][T10783] netlink: 'syz.4.2594': attribute type 10 has an invalid length. [ 184.253628][T10783] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2594'. [ 184.272924][T10783] bridge0: port 3(ipvlan0) entered blocking state [ 184.279439][T10783] bridge0: port 3(ipvlan0) entered disabled state [ 184.291186][T10783] ipvlan0: entered allmulticast mode [ 184.296532][T10783] veth0_vlan: entered allmulticast mode [ 184.310882][T10787] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10787 comm=syz.4.2594 [ 184.331939][T10783] ipvlan0: left allmulticast mode [ 184.337112][T10783] veth0_vlan: left allmulticast mode [ 184.357613][T10783] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 184.423460][T10795] netlink: 'syz.3.2599': attribute type 1 has an invalid length. [ 184.431426][T10795] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2599'. [ 184.472475][T10799] netlink: 'syz.4.2600': attribute type 1 has an invalid length. [ 184.480371][T10799] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2600'. [ 184.510409][T10808] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10808 comm=syz.3.2604 [ 184.564826][T10808] netlink: 'syz.3.2604': attribute type 10 has an invalid length. [ 184.572853][T10808] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2604'. [ 184.583987][T10808] bridge0: port 3(ipvlan0) entered blocking state [ 184.590669][T10808] bridge0: port 3(ipvlan0) entered disabled state [ 184.597516][T10808] ipvlan0: entered allmulticast mode [ 184.602967][T10808] veth0_vlan: entered allmulticast mode [ 184.610412][T10823] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10823 comm=syz.3.2604 [ 184.647581][T10808] ipvlan0: left allmulticast mode [ 184.652723][T10808] veth0_vlan: left allmulticast mode [ 184.662416][T10808] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 184.684052][T10824] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2607'. [ 184.755418][T10832] netlink: 'syz.3.2611': attribute type 10 has an invalid length. [ 184.775509][T10832] bridge0: port 3(ipvlan0) entered blocking state [ 184.782188][T10832] bridge0: port 3(ipvlan0) entered disabled state [ 184.799883][T10832] ipvlan0: entered allmulticast mode [ 184.805303][T10832] veth0_vlan: entered allmulticast mode [ 184.842739][T10839] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10839 comm=syz.3.2611 [ 184.870583][T10832] ipvlan0: left allmulticast mode [ 184.876076][T10832] veth0_vlan: left allmulticast mode [ 184.886486][T10842] netlink: 'syz.4.2615': attribute type 1 has an invalid length. [ 184.901436][T10832] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 184.999312][T10850] tipc: Enabling of bearer rejected, failed to enable media [ 185.103496][T10858] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=10858 comm=syz.4.2621 [ 185.128992][T10860] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10860 comm=syz.1.2622 [ 185.186311][T10860] netlink: 'syz.1.2622': attribute type 10 has an invalid length. [ 185.218205][T10860] bridge0: port 4(ipvlan0) entered blocking state [ 185.224770][T10860] bridge0: port 4(ipvlan0) entered disabled state [ 185.236217][T10860] ipvlan0: entered allmulticast mode [ 185.241691][T10860] veth0_vlan: entered allmulticast mode [ 185.247836][T10865] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10865 comm=syz.1.2622 [ 185.266141][T10860] ipvlan0: left allmulticast mode [ 185.271348][T10860] veth0_vlan: left allmulticast mode [ 185.290323][T10860] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 185.366669][T10871] 9pnet_fd: Insufficient options for proto=fd [ 185.580518][T10875] veth7: entered promiscuous mode [ 185.585629][T10875] veth7: entered allmulticast mode [ 185.775438][T10791] syz.2.2596 (10791) used greatest stack depth: 6288 bytes left [ 185.918067][T10906] FAULT_INJECTION: forcing a failure. [ 185.918067][T10906] name failslab, interval 1, probability 0, space 0, times 0 [ 185.931259][T10906] CPU: 1 UID: 0 PID: 10906 Comm: syz.0.2641 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 185.942072][T10906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 185.952250][T10906] Call Trace: [ 185.955551][T10906] [ 185.958597][T10906] dump_stack_lvl+0xf2/0x150 [ 185.963744][T10906] dump_stack+0x15/0x20 [ 185.968009][T10906] should_fail_ex+0x229/0x230 [ 185.972811][T10906] ? __alloc_skb+0x10b/0x310 [ 185.977453][T10906] should_failslab+0x8f/0xb0 [ 185.982133][T10906] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 185.988150][T10906] __alloc_skb+0x10b/0x310 [ 185.992601][T10906] netlink_alloc_large_skb+0xad/0xe0 [ 185.998015][T10906] netlink_sendmsg+0x3b4/0x6e0 [ 186.002828][T10906] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.008184][T10906] __sock_sendmsg+0x140/0x180 [ 186.012578][ T29] kauditd_printk_skb: 515 callbacks suppressed [ 186.012596][ T29] audit: type=1326 audit(1725278038.954:7976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.012892][T10906] ____sys_sendmsg+0x312/0x410 [ 186.019070][ T29] audit: type=1326 audit(1725278038.954:7977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.042785][T10906] __sys_sendmmsg+0x269/0x500 [ 186.042919][T10906] __x64_sys_sendmmsg+0x57/0x70 [ 186.047676][ T29] audit: type=1326 audit(1725278038.954:7978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.071281][T10906] x64_sys_call+0xa49/0x2d60 [ 186.071320][T10906] do_syscall_64+0xc9/0x1c0 [ 186.071346][T10906] ? clear_bhb_loop+0x55/0xb0 [ 186.076039][ T29] audit: type=1326 audit(1725278038.954:7979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.080875][T10906] ? clear_bhb_loop+0x55/0xb0 [ 186.080903][T10906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.104466][ T29] audit: type=1326 audit(1725278038.954:7980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.109070][T10906] RIP: 0033:0x7f4a20579eb9 [ 186.113703][ T29] audit: type=1326 audit(1725278038.964:7981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.118316][T10906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.224193][T10906] RSP: 002b:00007f4a1f1f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 186.232620][T10906] RAX: ffffffffffffffda RBX: 00007f4a20715f80 RCX: 00007f4a20579eb9 [ 186.240650][T10906] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000006 [ 186.248629][T10906] RBP: 00007f4a1f1f7090 R08: 0000000000000000 R09: 0000000000000000 [ 186.256636][T10906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.264750][T10906] R13: 0000000000000000 R14: 00007f4a20715f80 R15: 00007fff0d189bb8 [ 186.272788][T10906] [ 186.309996][ T29] audit: type=1326 audit(1725278039.114:7982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.333535][ T29] audit: type=1326 audit(1725278039.114:7983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.357204][ T29] audit: type=1326 audit(1725278039.114:7984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.380880][ T29] audit: type=1326 audit(1725278039.114:7985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000 [ 186.586393][T10936] loop3: detected capacity change from 0 to 512 [ 186.628633][T10944] 9pnet_fd: Insufficient options for proto=fd [ 186.644517][T10944] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2050 sclass=netlink_route_socket pid=10944 comm=syz.0.2654 [ 186.663921][T10936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.680999][T10951] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 186.691775][T10952] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 186.709198][T10936] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 186.732389][T10936] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2650: Directory hole found for htree leaf block 0 [ 186.752884][T10956] pim6reg1: entered promiscuous mode [ 186.758400][T10956] pim6reg1: entered allmulticast mode [ 186.775921][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.873450][T10963] pim6reg1: entered promiscuous mode [ 186.878899][T10963] pim6reg1: entered allmulticast mode [ 186.942362][T10969] loop3: detected capacity change from 0 to 512 [ 186.950881][T10967] pim6reg1: entered promiscuous mode [ 186.956217][T10967] pim6reg1: entered allmulticast mode [ 186.971083][T10969] EXT4-fs: Invalid want_extra_isize 1 [ 186.983281][T10969] loop3: detected capacity change from 0 to 512 [ 187.006293][T10969] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2663: casefold flag without casefold feature [ 187.068667][T10969] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2663: couldn't read orphan inode 15 (err -117) [ 187.093745][T10976] tipc: Enabling of bearer rejected, failed to enable media [ 187.109739][T10977] FAULT_INJECTION: forcing a failure. [ 187.109739][T10977] name failslab, interval 1, probability 0, space 0, times 0 [ 187.122564][T10977] CPU: 1 UID: 0 PID: 10977 Comm: syz.1.2666 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 187.133614][T10977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 187.138456][T10969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.143687][T10977] Call Trace: [ 187.143699][T10977] [ 187.143709][T10977] dump_stack_lvl+0xf2/0x150 [ 187.143744][T10977] dump_stack+0x15/0x20 [ 187.171133][T10977] should_fail_ex+0x229/0x230 [ 187.174098][T10969] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2663: Directory hole found for htree leaf block 0 [ 187.176015][T10977] ? __alloc_skb+0x10b/0x310 [ 187.193462][T10977] should_failslab+0x8f/0xb0 [ 187.198171][T10977] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 187.203254][T10969] tipc: Enabling of bearer rejected, failed to enable media [ 187.204040][T10977] __alloc_skb+0x10b/0x310 [ 187.216849][T10977] audit_log_start+0x368/0x6b0 [ 187.221661][T10977] audit_seccomp+0x4b/0x130 [ 187.226298][T10977] __seccomp_filter+0x6fa/0x1180 [ 187.231358][T10977] ? proc_fail_nth_write+0x130/0x160 [ 187.236758][T10977] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 187.242456][T10977] ? vfs_write+0x5a5/0x900 [ 187.246907][T10977] ? __fget_files+0x1da/0x210 [ 187.251662][T10977] __secure_computing+0x9f/0x1c0 [ 187.256650][T10977] syscall_trace_enter+0xd1/0x1f0 [ 187.261726][T10977] ? fpregs_assert_state_consistent+0x83/0xa0 [ 187.268002][T10977] do_syscall_64+0xaa/0x1c0 [ 187.272624][T10977] ? clear_bhb_loop+0x55/0xb0 [ 187.277372][T10977] ? clear_bhb_loop+0x55/0xb0 [ 187.282170][T10977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.288204][T10977] RIP: 0033:0x7f093d7e9eb9 [ 187.292640][T10977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.312517][T10977] RSP: 002b:00007f093c467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 187.321115][T10977] RAX: ffffffffffffffda RBX: 00007f093d985f80 RCX: 00007f093d7e9eb9 [ 187.329347][T10977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.337555][T10977] RBP: 00007f093c467090 R08: 0000000000000000 R09: 0000000000000000 [ 187.345633][T10977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 187.353660][T10977] R13: 0000000000000000 R14: 00007f093d985f80 R15: 00007ffe23d20a68 [ 187.361760][T10977] [ 187.396234][T10979] validate_nla: 2 callbacks suppressed [ 187.396253][T10979] netlink: 'syz.0.2668': attribute type 10 has an invalid length. [ 187.413694][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.415605][T10979] bridge0: port 3(ipvlan0) entered blocking state [ 187.429412][T10979] bridge0: port 3(ipvlan0) entered disabled state [ 187.436610][T10979] ipvlan0: entered allmulticast mode [ 187.441974][T10979] veth0_vlan: entered allmulticast mode [ 187.448611][T10979] ipvlan0: left allmulticast mode [ 187.453982][T10979] veth0_vlan: left allmulticast mode [ 187.460626][T10979] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 187.536210][T10988] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 187.544541][T10992] 9pnet_fd: Insufficient options for proto=fd [ 187.623629][T11003] loop3: detected capacity change from 0 to 512 [ 187.660305][T11003] EXT4-fs: Invalid want_extra_isize 1 [ 187.670760][T11008] netlink: 'syz.0.2680': attribute type 5 has an invalid length. [ 187.690512][T11003] loop3: detected capacity change from 0 to 512 [ 187.713558][T11003] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2677: casefold flag without casefold feature [ 187.740320][T11003] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2677: couldn't read orphan inode 15 (err -117) [ 187.807941][T11003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.873372][T11003] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2677: Directory hole found for htree leaf block 0 [ 187.884452][T11012] __nla_validate_parse: 14 callbacks suppressed [ 187.884487][T11012] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2681'. [ 187.917861][T11003] tipc: Enabling of bearer rejected, failed to enable media [ 187.971677][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.052272][T11026] syz.3.2685[11026] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.052343][T11026] syz.3.2685[11026] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.057769][T11025] netlink: 'syz.2.2687': attribute type 10 has an invalid length. [ 188.083308][T11025] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2687'. [ 188.190062][T11025] bridge0: port 3(ipvlan0) entered blocking state [ 188.196649][T11025] bridge0: port 3(ipvlan0) entered disabled state [ 188.231051][T11025] ipvlan0: entered allmulticast mode [ 188.236498][T11025] veth0_vlan: entered allmulticast mode [ 188.242663][T11025] ipvlan0: left allmulticast mode [ 188.247704][T11025] veth0_vlan: left allmulticast mode [ 188.253766][T11025] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 188.326373][T11033] netlink: 'syz.2.2688': attribute type 10 has an invalid length. [ 188.334295][T11033] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2688'. [ 188.369406][T11033] bridge0: port 3(ipvlan0) entered blocking state [ 188.376032][T11033] bridge0: port 3(ipvlan0) entered disabled state [ 188.390413][T11033] ipvlan0: entered allmulticast mode [ 188.395900][T11033] veth0_vlan: entered allmulticast mode [ 188.410683][T11033] ipvlan0: left allmulticast mode [ 188.415845][T11033] veth0_vlan: left allmulticast mode [ 188.430669][T11033] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 188.588818][T11052] netlink: 'syz.2.2696': attribute type 1 has an invalid length. [ 188.596654][T11052] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2696'. [ 188.615609][T11051] tipc: Enabling of bearer rejected, failed to enable media [ 188.636004][T11046] FAULT_INJECTION: forcing a failure. [ 188.636004][T11046] name failslab, interval 1, probability 0, space 0, times 0 [ 188.652968][T11046] CPU: 1 UID: 0 PID: 11046 Comm: syz.4.2692 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 188.663852][T11046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 188.673958][T11046] Call Trace: [ 188.677242][T11046] [ 188.680220][T11046] dump_stack_lvl+0xf2/0x150 [ 188.684993][T11046] dump_stack+0x15/0x20 [ 188.689187][T11046] should_fail_ex+0x229/0x230 [ 188.693966][T11046] ? __alloc_skb+0x10b/0x310 [ 188.698604][T11046] should_failslab+0x8f/0xb0 [ 188.703221][T11046] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 188.709162][T11046] __alloc_skb+0x10b/0x310 [ 188.713669][T11046] netlink_alloc_large_skb+0xad/0xe0 [ 188.718966][T11046] netlink_sendmsg+0x3b4/0x6e0 [ 188.723752][T11046] ? __pfx_netlink_sendmsg+0x10/0x10 [ 188.729059][T11046] __sock_sendmsg+0x140/0x180 [ 188.733819][T11046] ____sys_sendmsg+0x312/0x410 [ 188.738687][T11046] __sys_sendmsg+0x1e9/0x280 [ 188.743312][T11046] __x64_sys_sendmsg+0x46/0x50 [ 188.748150][T11046] x64_sys_call+0x2689/0x2d60 [ 188.752956][T11046] do_syscall_64+0xc9/0x1c0 [ 188.757547][T11046] ? clear_bhb_loop+0x55/0xb0 [ 188.762248][T11046] ? clear_bhb_loop+0x55/0xb0 [ 188.766937][T11046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.772905][T11046] RIP: 0033:0x7f07ba499eb9 [ 188.777369][T11046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.797075][T11046] RSP: 002b:00007f07b9117038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 188.805513][T11046] RAX: ffffffffffffffda RBX: 00007f07ba635f80 RCX: 00007f07ba499eb9 [ 188.813583][T11046] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 188.821653][T11046] RBP: 00007f07b9117090 R08: 0000000000000000 R09: 0000000000000000 [ 188.829779][T11046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 188.837931][T11046] R13: 0000000000000000 R14: 00007f07ba635f80 R15: 00007fff887615e8 [ 188.846067][T11046] [ 188.900691][T11062] FAULT_INJECTION: forcing a failure. [ 188.900691][T11062] name failslab, interval 1, probability 0, space 0, times 0 [ 188.914025][T11062] CPU: 1 UID: 0 PID: 11062 Comm: syz.2.2699 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 188.925079][T11062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 188.935228][T11062] Call Trace: [ 188.938624][T11062] [ 188.941807][T11062] dump_stack_lvl+0xf2/0x150 [ 188.946449][T11062] dump_stack+0x15/0x20 [ 188.950645][T11062] should_fail_ex+0x229/0x230 [ 188.955445][T11062] ? copy_mm+0xe0/0x10e0 [ 188.959975][T11062] should_failslab+0x8f/0xb0 [ 188.964644][T11062] kmem_cache_alloc_noprof+0x4c/0x290 [ 188.970147][T11062] copy_mm+0xe0/0x10e0 [ 188.974262][T11062] ? kmem_cache_alloc_noprof+0x1a6/0x290 [ 188.979985][T11062] ? hrtimer_init+0x104/0x1f0 [ 188.984842][T11062] ? __init_rwsem+0x5d/0x70 [ 188.989482][T11062] ? copy_signal+0x339/0x370 [ 188.994109][T11062] copy_process+0xee1/0x1f90 [ 188.998837][T11062] kernel_clone+0x167/0x5e0 [ 189.003409][T11062] ? vfs_write+0x5a5/0x900 [ 189.007953][T11062] __x64_sys_clone+0xe8/0x120 [ 189.012723][T11062] x64_sys_call+0x2d23/0x2d60 [ 189.017463][T11062] do_syscall_64+0xc9/0x1c0 [ 189.022128][T11062] ? clear_bhb_loop+0x55/0xb0 [ 189.026836][T11062] ? clear_bhb_loop+0x55/0xb0 [ 189.031540][T11062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.037615][T11062] RIP: 0033:0x7f644fb29eb9 [ 189.042047][T11062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.061946][T11062] RSP: 002b:00007f644e7a6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 189.070818][T11062] RAX: ffffffffffffffda RBX: 00007f644fcc5f80 RCX: 00007f644fb29eb9 [ 189.078806][T11062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 189.086828][T11062] RBP: 00007f644e7a7090 R08: 0000000000000000 R09: 0000000000000000 [ 189.094897][T11062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 189.102894][T11062] R13: 0000000000000000 R14: 00007f644fcc5f80 R15: 00007ffe7db1ba18 [ 189.110983][T11062] [ 189.180787][T11067] selinux_netlink_send: 6 callbacks suppressed [ 189.180805][T11067] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11067 comm=syz.3.2701 [ 189.206352][T11067] netlink: 'syz.3.2701': attribute type 10 has an invalid length. [ 189.214370][T11067] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2701'. [ 189.224644][T11067] bridge0: port 3(ipvlan0) entered blocking state [ 189.231175][T11067] bridge0: port 3(ipvlan0) entered disabled state [ 189.237901][T11067] ipvlan0: entered allmulticast mode [ 189.243549][T11067] veth0_vlan: entered allmulticast mode [ 189.250273][T11067] ipvlan0: left allmulticast mode [ 189.255333][T11067] veth0_vlan: left allmulticast mode [ 189.261827][T11070] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11070 comm=syz.3.2701 [ 189.264729][T11046] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11046 comm=syz.4.2692 [ 189.285385][T11067] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 189.372944][T11079] FAULT_INJECTION: forcing a failure. [ 189.372944][T11079] name failslab, interval 1, probability 0, space 0, times 0 [ 189.385710][T11079] CPU: 0 UID: 0 PID: 11079 Comm: syz.3.2706 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 189.396610][T11079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 189.407036][T11079] Call Trace: [ 189.408246][T11081] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 189.410408][T11079] [ 189.410419][T11079] dump_stack_lvl+0xf2/0x150 [ 189.410459][T11079] dump_stack+0x15/0x20 [ 189.421017][T11082] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 189.425114][T11079] should_fail_ex+0x229/0x230 [ 189.431104][T11081] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11081 comm=syz.0.2707 [ 189.436438][T11079] ? sg_read+0x5d4/0xc70 [ 189.458078][T11079] should_failslab+0x8f/0xb0 [ 189.458835][T11084] netlink: 'syz.0.2708': attribute type 1 has an invalid length. [ 189.462743][T11079] __kmalloc_cache_noprof+0x4b/0x2a0 [ 189.462786][T11079] sg_read+0x5d4/0xc70 [ 189.470603][T11084] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2708'. [ 189.475864][T11079] ? __pfx_sg_read+0x10/0x10 [ 189.493608][T11079] vfs_read+0x1a2/0x6e0 [ 189.497858][T11079] ? __rcu_read_unlock+0x4e/0x70 [ 189.502830][T11079] ? __fget_files+0x1da/0x210 [ 189.507640][T11079] ksys_read+0xeb/0x1b0 [ 189.512161][T11079] __x64_sys_read+0x42/0x50 [ 189.516668][T11079] x64_sys_call+0x27d3/0x2d60 [ 189.521366][T11079] do_syscall_64+0xc9/0x1c0 [ 189.525953][T11079] ? clear_bhb_loop+0x55/0xb0 [ 189.530841][T11079] ? clear_bhb_loop+0x55/0xb0 [ 189.535526][T11079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.541666][T11079] RIP: 0033:0x7f83f9619eb9 [ 189.546120][T11079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.565758][T11079] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 189.574179][T11079] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9 [ 189.582200][T11079] RDX: 00000000ffffffbf RSI: 0000000000000000 RDI: 0000000000000004 [ 189.590711][T11079] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000 [ 189.598692][T11079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.606779][T11079] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558 [ 189.615072][T11079] [ 189.650448][T11090] netlink: 'syz.3.2710': attribute type 1 has an invalid length. [ 189.658227][T11090] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2710'. [ 189.695017][T11094] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.759898][T11094] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.824395][T11103] loop3: detected capacity change from 0 to 8192 [ 189.857864][T11094] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.908316][T11094] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.950992][T11110] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.978341][T11094] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.992664][T11094] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.003274][T11110] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.017879][T11094] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.030615][T11094] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.042272][T11110] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.092911][T11110] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.113728][T11112] FAULT_INJECTION: forcing a failure. [ 190.113728][T11112] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.127024][T11112] CPU: 0 UID: 0 PID: 11112 Comm: syz.2.2718 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 190.137906][T11112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 190.148010][T11112] Call Trace: [ 190.151303][T11112] [ 190.154300][T11112] dump_stack_lvl+0xf2/0x150 [ 190.158904][T11112] dump_stack+0x15/0x20 [ 190.163154][T11112] should_fail_ex+0x229/0x230 [ 190.167983][T11112] should_fail+0xb/0x10 [ 190.172321][T11112] should_fail_usercopy+0x1a/0x20 [ 190.177540][T11112] _copy_to_user+0x1e/0xa0 [ 190.182010][T11112] simple_read_from_buffer+0xa0/0x110 [ 190.187467][T11112] proc_fail_nth_read+0xff/0x140 [ 190.192502][T11112] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 190.198071][T11112] vfs_read+0x1a2/0x6e0 [ 190.202251][T11112] ? __rcu_read_unlock+0x4e/0x70 [ 190.207212][T11112] ? __fget_files+0x1da/0x210 [ 190.211901][T11112] ksys_read+0xeb/0x1b0 [ 190.216074][T11112] __x64_sys_read+0x42/0x50 [ 190.221013][T11112] x64_sys_call+0x27d3/0x2d60 [ 190.225889][T11112] do_syscall_64+0xc9/0x1c0 [ 190.230497][T11112] ? clear_bhb_loop+0x55/0xb0 [ 190.235297][T11112] ? clear_bhb_loop+0x55/0xb0 [ 190.240768][T11112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.246862][T11112] RIP: 0033:0x7f644fb288fc [ 190.251332][T11112] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 190.271040][T11112] RSP: 002b:00007f644e7a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 190.279572][T11112] RAX: ffffffffffffffda RBX: 00007f644fcc5f80 RCX: 00007f644fb288fc [ 190.287698][T11112] RDX: 000000000000000f RSI: 00007f644e7a70a0 RDI: 0000000000000004 [ 190.295758][T11112] RBP: 00007f644e7a7090 R08: 0000000000000000 R09: 0000000000000000 [ 190.303907][T11112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.311891][T11112] R13: 0000000000000000 R14: 00007f644fcc5f80 R15: 00007ffe7db1ba18 [ 190.319945][T11112] [ 190.338168][T11110] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.349892][T11110] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.361867][T11110] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.373566][T11110] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.427898][T11123] 9pnet_fd: Insufficient options for proto=fd [ 190.558312][T11135] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2728'. [ 190.792764][T11148] 9pnet_fd: Insufficient options for proto=fd [ 190.856309][T11152] netlink: 'syz.1.2736': attribute type 1 has an invalid length. [ 190.864232][T11152] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2736'. [ 190.911098][T11156] loop3: detected capacity change from 0 to 512 [ 190.958312][T11156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.965148][T11160] can: request_module (can-proto-5) failed. [ 190.988423][T11156] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 191.022966][T11156] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2731: Directory hole found for htree leaf block 0 [ 191.294032][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.354044][T11171] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 191.503936][ T29] kauditd_printk_skb: 278 callbacks suppressed [ 191.503951][ T29] audit: type=1400 audit(1725278044.474:8262): avc: granted { setsecparam } for pid=11180 comm="syz.2.2745" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 191.639244][ T29] audit: type=1326 audit(1725278044.564:8263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.3.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f9619eb9 code=0x7ffc0000 [ 191.663040][ T29] audit: type=1326 audit(1725278044.564:8264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.3.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f9619eb9 code=0x7ffc0000 [ 191.839825][T11189] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2748'. [ 191.993765][ T29] audit: type=1326 audit(1725278044.964:8265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 192.020044][ T29] audit: type=1326 audit(1725278044.964:8266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 192.043717][ T29] audit: type=1326 audit(1725278044.964:8267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 192.067629][ T29] audit: type=1326 audit(1725278044.964:8268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 192.091564][ T29] audit: type=1326 audit(1725278044.964:8269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 192.115291][ C0] vcan0: j1939_tp_rxtimer: 0xffff888116000000: rx timeout, send abort [ 192.115343][ C0] vcan0: j1939_tp_rxtimer: 0xffff888116000600: rx timeout, send abort [ 192.123841][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888116000000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 192.123938][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888116000600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 192.160943][ T29] audit: type=1326 audit(1725278044.964:8270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 192.184771][ T29] audit: type=1326 audit(1725278045.044:8271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 192.286403][T11204] netlink: 'syz.4.2753': attribute type 1 has an invalid length. [ 192.302372][T11203] veth0_vlan: entered allmulticast mode [ 192.364539][T11209] 9pnet_fd: Insufficient options for proto=fd [ 192.393475][T11207] veth0_vlan: left promiscuous mode [ 192.443051][T11207] veth0_vlan: entered promiscuous mode [ 192.492360][T11211] veth0_vlan: entered allmulticast mode [ 192.600456][T11211] FAULT_INJECTION: forcing a failure. [ 192.600456][T11211] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 192.613674][T11211] CPU: 0 UID: 0 PID: 11211 Comm: syz.0.2756 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 192.624644][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 192.634788][T11211] Call Trace: [ 192.638150][T11211] [ 192.641160][T11211] dump_stack_lvl+0xf2/0x150 [ 192.645969][T11211] dump_stack+0x15/0x20 [ 192.650170][T11211] should_fail_ex+0x229/0x230 [ 192.655023][T11211] should_fail+0xb/0x10 [ 192.659207][T11211] should_fail_usercopy+0x1a/0x20 [ 192.664470][T11211] _copy_to_user+0x1e/0xa0 [ 192.668908][T11211] simple_read_from_buffer+0xa0/0x110 [ 192.674363][T11211] proc_fail_nth_read+0xff/0x140 [ 192.679309][T11211] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 192.684979][T11211] vfs_read+0x1a2/0x6e0 [ 192.689223][T11211] ? __rcu_read_unlock+0x4e/0x70 [ 192.694302][T11211] ? __fget_files+0x1da/0x210 [ 192.699091][T11211] ksys_read+0xeb/0x1b0 [ 192.703291][T11211] __x64_sys_read+0x42/0x50 [ 192.707908][T11211] x64_sys_call+0x27d3/0x2d60 [ 192.712611][T11211] do_syscall_64+0xc9/0x1c0 [ 192.717183][T11211] ? clear_bhb_loop+0x55/0xb0 [ 192.721878][T11211] ? clear_bhb_loop+0x55/0xb0 [ 192.726588][T11211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.732616][T11211] RIP: 0033:0x7f4a205788fc [ 192.737038][T11211] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 192.756773][T11211] RSP: 002b:00007f4a1f1f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 192.765555][T11211] RAX: ffffffffffffffda RBX: 00007f4a20715f80 RCX: 00007f4a205788fc [ 192.773532][T11211] RDX: 000000000000000f RSI: 00007f4a1f1f70a0 RDI: 000000000000000c [ 192.781603][T11211] RBP: 00007f4a1f1f7090 R08: 0000000000000000 R09: 0000000000000000 [ 192.789643][T11211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.797641][T11211] R13: 0000000000000000 R14: 00007f4a20715f80 R15: 00007fff0d189bb8 [ 192.805643][T11211] [ 192.834571][T11216] veth0_vlan: left promiscuous mode [ 192.858963][T11216] veth0_vlan: entered promiscuous mode [ 193.068095][T11231] __nla_validate_parse: 1 callbacks suppressed [ 193.068115][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2764'. [ 193.108451][T11243] netlink: 'syz.3.2766': attribute type 1 has an invalid length. [ 193.116377][T11243] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2766'. [ 193.250204][T11252] 9pnet_fd: Insufficient options for proto=fd [ 193.575986][T11259] loop3: detected capacity change from 0 to 512 [ 193.600255][T11259] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 193.619317][T11259] ext4 filesystem being mounted at /177/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 193.635023][T11259] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.2772: corrupted inode contents [ 193.650143][T11259] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #2: comm syz.3.2772: mark_inode_dirty error [ 193.680097][T11259] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.2772: corrupted inode contents [ 193.739917][T11276] rdma_op ffff8881160fb580 conn xmit_rdma 0000000000000000 [ 193.795356][T11283] 9pnet_fd: Insufficient options for proto=fd [ 193.829274][T11286] SELinux: Context system_u:object_r:wtmp_t:s0 is not valid (left unmapped). [ 193.860331][T11290] netlink: 'syz.4.2783': attribute type 1 has an invalid length. [ 193.868237][T11290] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2783'. [ 193.885692][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.918051][T11296] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11296 comm=syz.3.2785 [ 193.972923][T11296] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11296 comm=syz.3.2785 [ 193.986393][T11301] pim6reg1: entered promiscuous mode [ 193.991855][T11301] pim6reg1: entered allmulticast mode [ 194.059106][T11309] loop3: detected capacity change from 0 to 512 [ 194.067663][T11309] EXT4-fs: Invalid want_extra_isize 1 [ 194.088375][T11309] loop3: detected capacity change from 0 to 512 [ 194.098599][T11315] 9pnet_fd: Insufficient options for proto=fd [ 194.099410][T11309] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2790: casefold flag without casefold feature [ 194.121488][T11309] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2790: couldn't read orphan inode 15 (err -117) [ 194.135513][T11309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.152314][T11309] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2790: Directory hole found for htree leaf block 0 [ 194.188836][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.444448][T11327] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2797'. [ 194.745072][T11334] netlink: 'syz.4.2798': attribute type 1 has an invalid length. [ 194.753127][T11334] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2798'. [ 194.898822][T11342] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11342 comm=syz.4.2800 [ 194.928646][T11344] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 194.960765][T11342] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11342 comm=syz.4.2800 [ 194.962063][T11347] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 194.996483][T11344] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11344 comm=syz.2.2802 [ 195.020990][T11351] pim6reg1: entered promiscuous mode [ 195.026370][T11351] pim6reg1: entered allmulticast mode [ 195.141906][T11358] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11358 comm=syz.0.2806 [ 195.224153][T11360] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2809'. [ 195.292167][T11366] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 195.322212][T11367] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 195.325257][T11366] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11366 comm=syz.3.2811 [ 195.517048][T11374] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2814'. [ 195.569836][T11377] pim6reg: entered allmulticast mode [ 195.703718][T11386] pim6reg1: entered promiscuous mode [ 195.709184][T11386] pim6reg1: entered allmulticast mode [ 195.920943][T11394] loop3: detected capacity change from 0 to 1024 [ 195.941209][T11394] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 195.979180][T11400] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2826'. [ 196.063839][T11410] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11410 comm=syz.1.2831 [ 196.094376][T11410] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11410 comm=syz.1.2831 [ 196.145595][T11413] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11413 comm=syz.2.2832 [ 196.354209][T11422] FAULT_INJECTION: forcing a failure. [ 196.354209][T11422] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 196.369508][T11422] CPU: 0 UID: 0 PID: 11422 Comm: syz.4.2835 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 196.375271][T11426] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 196.380825][T11422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 196.380845][T11422] Call Trace: [ 196.380855][T11422] [ 196.380871][T11422] dump_stack_lvl+0xf2/0x150 [ 196.380924][T11422] dump_stack+0x15/0x20 [ 196.380945][T11422] should_fail_ex+0x229/0x230 [ 196.408938][T11427] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 196.409246][T11422] should_fail+0xb/0x10 [ 196.418617][T11426] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11426 comm=syz.1.2837 [ 196.425413][T11422] should_fail_usercopy+0x1a/0x20 [ 196.425456][T11422] _copy_to_user+0x1e/0xa0 [ 196.425498][T11422] simple_read_from_buffer+0xa0/0x110 [ 196.425527][T11422] proc_fail_nth_read+0xff/0x140 [ 196.425554][T11422] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 196.425578][T11422] vfs_read+0x1a2/0x6e0 [ 196.425637][T11422] ? __rcu_read_unlock+0x4e/0x70 [ 196.425663][T11422] ? __fget_files+0x1da/0x210 [ 196.483285][T11422] ksys_read+0xeb/0x1b0 [ 196.487695][T11422] __x64_sys_read+0x42/0x50 [ 196.492240][T11422] x64_sys_call+0x27d3/0x2d60 [ 196.496956][T11422] do_syscall_64+0xc9/0x1c0 [ 196.501617][T11422] ? clear_bhb_loop+0x55/0xb0 [ 196.506359][T11422] ? clear_bhb_loop+0x55/0xb0 [ 196.511068][T11422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.517058][T11422] RIP: 0033:0x7f07ba4988fc [ 196.521638][T11422] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 196.541410][T11422] RSP: 002b:00007f07b9117030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 196.550000][T11422] RAX: ffffffffffffffda RBX: 00007f07ba635f80 RCX: 00007f07ba4988fc [ 196.558086][T11422] RDX: 000000000000000f RSI: 00007f07b91170a0 RDI: 0000000000000005 [ 196.566206][T11422] RBP: 00007f07b9117090 R08: 0000000000000000 R09: 0000000000000000 [ 196.574204][T11422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 196.582265][T11422] R13: 0000000000000000 R14: 00007f07ba635f80 R15: 00007fff887615e8 [ 196.590362][T11422] [ 196.609103][ T29] kauditd_printk_skb: 446 callbacks suppressed [ 196.609130][ T29] audit: type=1400 audit(1725278049.574:8718): avc: denied { mount } for pid=11430 comm="syz.0.2839" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 196.637659][ T29] audit: type=1400 audit(1725278049.574:8719): avc: denied { mounton } for pid=11430 comm="syz.0.2839" path="/102/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 196.660317][ T29] audit: type=1400 audit(1725278049.574:8720): avc: denied { shutdown } for pid=11430 comm="syz.0.2839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 196.724157][T11433] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2841'. [ 196.733274][ T29] audit: type=1400 audit(1725278049.654:8721): avc: denied { unmount } for pid=9595 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 196.753812][ T29] audit: type=1400 audit(1725278049.694:8722): avc: denied { read } for pid=11428 comm="syz.1.2838" path="socket:[35384]" dev="sockfs" ino=35384 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 196.796001][T11429] tunl0: entered promiscuous mode [ 196.855711][T11429] netlink: 'syz.1.2838': attribute type 1 has an invalid length. [ 196.863785][T11429] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2838'. [ 196.901993][T11448] loop3: detected capacity change from 0 to 1024 [ 196.921722][T11448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.045041][ T29] audit: type=1400 audit(1725278050.014:8723): avc: denied { bind } for pid=11452 comm="syz.4.2848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 197.064820][ T29] audit: type=1400 audit(1725278050.014:8724): avc: denied { connect } for pid=11452 comm="syz.4.2848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 197.206220][T11467] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11467 comm=syz.1.2850 [ 197.312460][ T29] audit: type=1326 audit(1725278050.284:8725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11459 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 197.336282][ T29] audit: type=1326 audit(1725278050.284:8726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11459 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 197.464592][T11475] netlink: 'syz.1.2856': attribute type 1 has an invalid length. [ 197.645522][ T29] audit: type=1326 audit(1725278050.614:8727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11480 comm="syz.4.2859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000 [ 197.707536][T11491] No source specified [ 197.793681][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.892165][T11487] syzkaller0: entered promiscuous mode [ 197.897837][T11487] syzkaller0: entered allmulticast mode [ 197.927920][T11504] loop3: detected capacity change from 0 to 512 [ 197.942629][T11504] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.024039][T11504] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 198.057478][T11504] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.116614][T11513] netlink: 'syz.2.2871': attribute type 1 has an invalid length. [ 198.124851][T11513] __nla_validate_parse: 3 callbacks suppressed [ 198.124864][T11513] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2871'. [ 198.192256][T11519] netlink: 'syz.1.2873': attribute type 1 has an invalid length. [ 198.200087][T11519] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2873'. [ 198.232736][T11521] FAULT_INJECTION: forcing a failure. [ 198.232736][T11521] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 198.246364][T11521] CPU: 1 UID: 0 PID: 11521 Comm: syz.1.2874 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 198.257172][T11521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 198.267307][T11521] Call Trace: [ 198.270689][T11521] [ 198.273663][T11521] dump_stack_lvl+0xf2/0x150 [ 198.278334][T11521] dump_stack+0x15/0x20 [ 198.282527][T11521] should_fail_ex+0x229/0x230 [ 198.287345][T11521] should_fail+0xb/0x10 [ 198.291575][T11521] should_fail_usercopy+0x1a/0x20 [ 198.296703][T11521] _copy_from_user+0x1e/0xd0 [ 198.301426][T11521] copy_msghdr_from_user+0x54/0x2a0 [ 198.306765][T11521] __sys_sendmsg+0x17d/0x280 [ 198.311515][T11521] __x64_sys_sendmsg+0x46/0x50 [ 198.316412][T11521] x64_sys_call+0x2689/0x2d60 [ 198.321211][T11521] do_syscall_64+0xc9/0x1c0 [ 198.325752][T11521] ? clear_bhb_loop+0x55/0xb0 [ 198.330466][T11521] ? clear_bhb_loop+0x55/0xb0 [ 198.335324][T11521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.341368][T11521] RIP: 0033:0x7f093d7e9eb9 [ 198.346075][T11521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.366519][T11521] RSP: 002b:00007f093c467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 198.375062][T11521] RAX: ffffffffffffffda RBX: 00007f093d985f80 RCX: 00007f093d7e9eb9 [ 198.383061][T11521] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003 [ 198.391148][T11521] RBP: 00007f093c467090 R08: 0000000000000000 R09: 0000000000000000 [ 198.399146][T11521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 198.407175][T11521] R13: 0000000000000000 R14: 00007f093d985f80 R15: 00007ffe23d20a68 [ 198.415431][T11521] [ 198.483968][T11527] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.583263][T11527] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.671678][T11527] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.767427][T11527] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.844891][ T4389] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.984447][ T4389] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.125207][ T4389] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.253251][T11546] netlink: 'syz.2.2883': attribute type 1 has an invalid length. [ 199.261247][T11546] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2883'. [ 199.354077][T11527] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.398149][ T4389] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.432474][T11527] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.462903][T11527] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.505869][T11527] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.543405][T11557] batadv0: entered promiscuous mode [ 199.622222][ T4389] bridge_slave_1: left allmulticast mode [ 199.628083][ T4389] bridge_slave_1: left promiscuous mode [ 199.634017][ T4389] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.654995][ T4389] bridge_slave_0: left allmulticast mode [ 199.660738][ T4389] bridge_slave_0: left promiscuous mode [ 199.666615][ T4389] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.797672][ T4389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 199.812767][ T4389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 199.831316][ T4389] bond0 (unregistering): Released all slaves [ 199.892717][ T4389] tipc: Left network mode [ 199.944917][T11540] chnl_net:caif_netlink_parms(): no params data found [ 200.018892][ T4389] hsr_slave_0: left promiscuous mode [ 200.052986][ T4389] hsr_slave_1: left promiscuous mode [ 200.074286][ T4389] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 200.081816][ T4389] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 200.124505][ T4389] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 200.132134][ T4389] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 200.146765][T11592] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 200.158573][ T4389] veth1_macvtap: left promiscuous mode [ 200.164256][ T4389] veth0_macvtap: left promiscuous mode [ 200.170033][ T4389] veth1_vlan: left promiscuous mode [ 200.175254][ T4389] veth0_vlan: left promiscuous mode [ 200.187532][T11595] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 200.207420][T11592] selinux_netlink_send: 5 callbacks suppressed [ 200.207442][T11592] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11592 comm=syz.1.2897 [ 200.297603][ T4389] pim6reg (unregistering): left allmulticast mode [ 200.399461][ T4389] team0 (unregistering): Port device team_slave_1 removed [ 200.414486][ T4389] team0 (unregistering): Port device team_slave_0 removed [ 200.708466][T11540] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.715745][T11540] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.742326][T11606] syz.1.2901[11606] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 200.742412][T11606] syz.1.2901[11606] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 200.746088][T11540] bridge_slave_0: entered allmulticast mode [ 200.790656][T11540] bridge_slave_0: entered promiscuous mode [ 200.804766][T11540] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.806884][T11606] netlink: 220 bytes leftover after parsing attributes in process `syz.1.2901'. [ 200.811994][T11540] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.844060][T11540] bridge_slave_1: entered allmulticast mode [ 200.851027][T11540] bridge_slave_1: entered promiscuous mode [ 200.888967][T11540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.901932][T11540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.902613][T11617] netlink: 'syz.4.2905': attribute type 1 has an invalid length. [ 200.918788][T11617] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2905'. [ 200.946451][T11540] team0: Port device team_slave_0 added [ 200.954919][T11540] team0: Port device team_slave_1 added [ 201.003437][T11629] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 201.014440][T11629] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11629 comm=syz.2.2911 [ 201.030179][T11630] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 201.043291][T11540] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.050341][T11540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.076819][T11540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.104159][T11540] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.111206][T11540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.137560][T11540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.176087][T11639] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2913'. [ 201.224581][T11642] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2915'. [ 201.290711][T11540] hsr_slave_0: entered promiscuous mode [ 201.293856][T11540] hsr_slave_1: entered promiscuous mode [ 201.301092][T11540] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 201.301111][T11540] Cannot create hsr debugfs directory [ 201.397911][T11656] netlink: 'syz.1.2929': attribute type 10 has an invalid length. [ 201.405983][T11656] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2929'. [ 201.406127][T11656] bridge0: port 4(ipvlan0) entered blocking state [ 201.406171][T11656] bridge0: port 4(ipvlan0) entered disabled state [ 201.406402][T11656] ipvlan0: entered allmulticast mode [ 201.406417][T11656] veth0_vlan: entered allmulticast mode [ 201.407007][T11656] ipvlan0: left allmulticast mode [ 201.407021][T11656] veth0_vlan: left allmulticast mode [ 201.407622][T11656] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 201.409283][T11656] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11656 comm=syz.1.2929 [ 201.466869][T11661] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2917'. [ 201.612817][T11668] netlink: 'syz.1.2924': attribute type 1 has an invalid length. [ 201.620749][T11668] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2924'. [ 201.631113][ T29] kauditd_printk_skb: 270 callbacks suppressed [ 201.631128][ T29] audit: type=1400 audit(1725278054.604:8998): avc: denied { read } for pid=11657 comm="syz.2.2921" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 201.643274][T11540] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 201.667656][ T29] audit: type=1400 audit(1725278054.634:8999): avc: denied { open } for pid=11657 comm="syz.2.2921" path="/dev/ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 201.682571][T11673] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 201.691144][ T29] audit: type=1400 audit(1725278054.634:9000): avc: denied { ioctl } for pid=11657 comm="syz.2.2921" path="/dev/ppp" dev="devtmpfs" ino=116 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 201.697403][T11540] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 201.704061][T11674] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 201.724021][T11671] netlink: 'syz.2.2921': attribute type 2 has an invalid length. [ 201.745280][T11673] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11673 comm=syz.1.2925 [ 201.764004][T11540] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 201.776357][T11540] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 201.779715][T11676] netlink: 'syz.1.2926': attribute type 1 has an invalid length. [ 201.866329][T11540] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.889485][T11540] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.905904][ T4400] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.913275][ T4400] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.931151][ T4400] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.938514][ T4400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.050323][T11688] FAULT_INJECTION: forcing a failure. [ 202.050323][T11688] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 202.063568][T11688] CPU: 1 UID: 0 PID: 11688 Comm: syz.1.2928 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 202.074619][T11688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 202.086609][T11688] Call Trace: [ 202.090438][T11688] [ 202.093408][T11688] dump_stack_lvl+0xf2/0x150 [ 202.098173][T11688] dump_stack+0x15/0x20 [ 202.102349][T11688] should_fail_ex+0x229/0x230 [ 202.107183][T11688] should_fail+0xb/0x10 [ 202.111547][T11688] should_fail_usercopy+0x1a/0x20 [ 202.116766][T11688] _copy_from_user+0x1e/0xd0 [ 202.121511][T11688] arp_ioctl+0xad/0x2b0 [ 202.125716][T11688] inet_ioctl+0x1f0/0x3a0 [ 202.130177][T11688] sock_do_ioctl+0x81/0x260 [ 202.134781][T11688] sock_ioctl+0x470/0x640 [ 202.139144][T11688] ? __pfx_sock_ioctl+0x10/0x10 [ 202.144023][T11688] __se_sys_ioctl+0xd3/0x150 [ 202.148707][T11688] __x64_sys_ioctl+0x43/0x50 [ 202.153508][T11688] x64_sys_call+0x15cc/0x2d60 [ 202.158252][T11688] do_syscall_64+0xc9/0x1c0 [ 202.162929][T11688] ? clear_bhb_loop+0x55/0xb0 [ 202.167759][T11688] ? clear_bhb_loop+0x55/0xb0 [ 202.172462][T11688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.178436][T11688] RIP: 0033:0x7f093d7e9eb9 [ 202.182879][T11688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.202514][T11688] RSP: 002b:00007f093c425038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 202.211087][T11688] RAX: ffffffffffffffda RBX: 00007f093d986130 RCX: 00007f093d7e9eb9 [ 202.219101][T11688] RDX: 0000000020000000 RSI: 0000000000008953 RDI: 0000000000000007 [ 202.227169][T11688] RBP: 00007f093c425090 R08: 0000000000000000 R09: 0000000000000000 [ 202.235168][T11688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 202.243157][T11688] R13: 0000000000000000 R14: 00007f093d986130 R15: 00007ffe23d20a68 [ 202.251177][T11688] [ 202.316631][ T29] audit: type=1326 audit(1725278055.284:9001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 202.358269][T11540] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 202.373990][ T29] audit: type=1326 audit(1725278055.314:9002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000 [ 202.554731][T11540] veth0_vlan: entered promiscuous mode [ 202.568527][T11540] veth1_vlan: entered promiscuous mode [ 202.602885][T11540] veth0_macvtap: entered promiscuous mode [ 202.616986][T11540] veth1_macvtap: entered promiscuous mode [ 202.636928][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.647417][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.657449][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.667900][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.677763][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.688298][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.698134][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.708786][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.718692][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.729504][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.739334][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.749944][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.759759][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.770656][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.780626][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.791260][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.801202][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.811802][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.825445][T11540] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 202.848439][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.859214][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.869108][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.879693][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.889682][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.900330][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.910354][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.919704][T11699] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11699 comm=syz.1.2930 [ 202.920959][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.943555][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.954325][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.964312][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.975857][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.985799][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.993466][T11704] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11704 comm=syz.1.2930 [ 202.996270][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.018807][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 203.029502][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.039342][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 203.049990][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.061620][T11540] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.072212][T11699] netlink: 'syz.1.2930': attribute type 10 has an invalid length. [ 203.080983][T11699] bridge0: port 4(ipvlan0) entered blocking state [ 203.087501][T11699] bridge0: port 4(ipvlan0) entered disabled state [ 203.094258][T11699] ipvlan0: entered allmulticast mode [ 203.099644][T11699] veth0_vlan: entered allmulticast mode [ 203.108824][T11699] ipvlan0: left allmulticast mode [ 203.113946][T11699] veth0_vlan: left allmulticast mode [ 203.120842][T11699] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 203.151928][T11540] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.160945][T11540] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.169783][T11540] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.178760][T11540] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.273525][T11713] netlink: 'syz.1.2935': attribute type 1 has an invalid length. [ 203.281596][T11713] __nla_validate_parse: 2 callbacks suppressed [ 203.281612][T11713] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2935'. [ 203.303588][T11716] pim6reg1: entered promiscuous mode [ 203.309103][T11716] pim6reg1: entered allmulticast mode [ 203.336594][ T29] audit: type=1326 audit(1725278056.304:9003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000 [ 203.360359][ T29] audit: type=1326 audit(1725278056.304:9004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000 [ 203.427750][T11722] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2937'. [ 203.480057][ T29] audit: type=1326 audit(1725278056.304:9005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000 [ 203.503865][ T29] audit: type=1326 audit(1725278056.314:9006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000 [ 203.527723][ T29] audit: type=1326 audit(1725278056.314:9007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000 [ 203.576230][T11734] syz.3.2942[11734] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 203.576422][T11734] syz.3.2942[11734] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 203.607382][T11736] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11736 comm=syz.3.2943 [ 203.634081][T11736] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11736 comm=syz.3.2943 [ 203.725962][T11739] netlink: 'syz.0.2944': attribute type 1 has an invalid length. [ 203.733863][T11739] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2944'. [ 203.955288][T11757] pim6reg1: entered promiscuous mode [ 203.960707][T11757] pim6reg1: entered allmulticast mode [ 204.111228][T11763] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 204.129417][T11764] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 204.140864][T11763] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11763 comm=syz.3.2953 [ 204.216332][T11766] FAULT_INJECTION: forcing a failure. [ 204.216332][T11766] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 204.229666][T11766] CPU: 0 UID: 0 PID: 11766 Comm: syz.3.2954 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 204.240555][T11766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 204.250822][T11766] Call Trace: [ 204.254199][T11766] [ 204.257138][T11766] dump_stack_lvl+0xf2/0x150 [ 204.261762][T11766] dump_stack+0x15/0x20 [ 204.265929][T11766] should_fail_ex+0x229/0x230 [ 204.270631][T11766] should_fail+0xb/0x10 [ 204.274875][T11766] should_fail_usercopy+0x1a/0x20 [ 204.279918][T11766] _copy_from_user+0x1e/0xd0 [ 204.284596][T11766] __sys_bpf+0x14e/0x7a0 [ 204.288917][T11766] __x64_sys_bpf+0x43/0x50 [ 204.293428][T11766] x64_sys_call+0x2625/0x2d60 [ 204.298144][T11766] do_syscall_64+0xc9/0x1c0 [ 204.302694][T11766] ? clear_bhb_loop+0x55/0xb0 [ 204.307437][T11766] ? clear_bhb_loop+0x55/0xb0 [ 204.312231][T11766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.318495][T11766] RIP: 0033:0x7f83f9619eb9 [ 204.323055][T11766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.342847][T11766] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 204.351459][T11766] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9 [ 204.360061][T11766] RDX: 0000000000000010 RSI: 00000000200006c0 RDI: 000000000000000f [ 204.368144][T11766] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000 [ 204.376177][T11766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.384190][T11766] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558 [ 204.392429][T11766] [ 204.408040][T11769] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11769 comm=syz.2.2955 [ 204.489213][T11775] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.543857][T11775] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.591335][T11790] loop3: detected capacity change from 0 to 1024 [ 204.599102][T11790] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 204.612266][T11790] JBD2: no valid journal superblock found [ 204.618056][T11790] EXT4-fs (loop3): Could not load journal inode [ 204.627929][T11775] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.672225][T11775] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.673382][T11795] netlink: 'syz.3.2966': attribute type 1 has an invalid length. [ 204.690058][T11795] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2966'. [ 204.739194][T11775] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.754571][T11775] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.795268][T11802] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2968'. [ 204.854560][T11775] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.889227][T11775] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.042371][T11830] FAULT_INJECTION: forcing a failure. [ 205.042371][T11830] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 205.056746][T11830] CPU: 0 UID: 0 PID: 11830 Comm: syz.3.2979 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 205.067666][T11830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 205.077933][T11830] Call Trace: [ 205.081294][T11830] [ 205.084362][T11830] dump_stack_lvl+0xf2/0x150 [ 205.088985][T11830] dump_stack+0x15/0x20 [ 205.093282][T11830] should_fail_ex+0x229/0x230 [ 205.098060][T11830] should_fail+0xb/0x10 [ 205.102427][T11830] should_fail_usercopy+0x1a/0x20 [ 205.107493][T11830] _copy_from_user+0x1e/0xd0 [ 205.112180][T11830] copy_msghdr_from_user+0x54/0x2a0 [ 205.117475][T11830] __sys_sendmsg+0x17d/0x280 [ 205.122129][T11830] __x64_sys_sendmsg+0x46/0x50 [ 205.127094][T11830] x64_sys_call+0x2689/0x2d60 [ 205.131864][T11830] do_syscall_64+0xc9/0x1c0 [ 205.136477][T11830] ? clear_bhb_loop+0x55/0xb0 [ 205.141225][T11830] ? clear_bhb_loop+0x55/0xb0 [ 205.145953][T11830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.151912][T11830] RIP: 0033:0x7f83f9619eb9 [ 205.156353][T11830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.164544][T11823] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 205.176166][T11830] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 205.176196][T11830] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9 [ 205.176212][T11830] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 205.176226][T11830] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000 [ 205.176240][T11830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 205.176253][T11830] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558 [ 205.234994][T11830] [ 205.265409][T11833] netlink: 'syz.2.2980': attribute type 1 has an invalid length. [ 205.273414][T11833] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2980'. [ 205.304746][T11837] selinux_netlink_send: 3 callbacks suppressed [ 205.304766][T11837] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11837 comm=syz.3.2982 [ 205.436101][T11837] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11837 comm=syz.3.2982 [ 205.821000][T11841] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2983'. [ 205.896960][T11852] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2988'. [ 205.982341][T11857] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.081585][T11857] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.240132][T11857] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.404450][T11857] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.492510][T11872] netlink: 'syz.1.2996': attribute type 1 has an invalid length. [ 206.500385][T11872] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2996'. [ 206.537376][T11857] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.575349][T11857] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.600859][T11857] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.613732][T11857] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.793264][T11887] pim6reg1: entered promiscuous mode [ 206.798698][T11887] pim6reg1: entered allmulticast mode [ 206.806936][T11883] ================================================================== [ 206.815077][T11883] BUG: KCSAN: data-race in __dentry_kill / fast_dput [ 206.821981][T11883] [ 206.824320][T11883] write to 0xffff888106802310 of 8 bytes by task 11888 on cpu 1: [ 206.832150][T11883] __dentry_kill+0x13e/0x4c0 [ 206.836864][T11883] dput+0x5c/0xd0 [ 206.840537][T11883] step_into+0x21a/0x810 [ 206.845111][T11883] path_openat+0x14f7/0x1f10 [ 206.849734][T11883] do_filp_open+0xf7/0x200 [ 206.854180][T11883] io_openat2+0x280/0x3a0 [ 206.858633][T11883] io_issue_sqe+0x181/0xcc0 [ 206.863163][T11883] io_wq_submit_work+0x480/0x600 [ 206.868137][T11883] io_worker_handle_work+0x486/0x9d0 [ 206.873530][T11883] io_wq_worker+0x286/0x820 [ 206.878144][T11883] ret_from_fork+0x4b/0x60 [ 206.882687][T11883] ret_from_fork_asm+0x1a/0x30 [ 206.887586][T11883] [ 206.889933][T11883] read to 0xffff888106802310 of 8 bytes by task 11883 on cpu 0: [ 206.897601][T11883] fast_dput+0x65/0x2c0 [ 206.901792][T11883] dput+0x24/0xd0 [ 206.905460][T11883] step_into+0x21a/0x810 [ 206.909870][T11883] path_openat+0x14f7/0x1f10 [ 206.914841][T11883] do_filp_open+0xf7/0x200 [ 206.919278][T11883] io_openat2+0x280/0x3a0 [ 206.923727][T11883] io_issue_sqe+0x181/0xcc0 [ 206.928259][T11883] io_wq_submit_work+0x480/0x600 [ 206.933228][T11883] io_worker_handle_work+0x486/0x9d0 [ 206.938543][T11883] io_wq_worker+0x286/0x820 [ 206.943082][T11883] ret_from_fork+0x4b/0x60 [ 206.947521][T11883] ret_from_fork_asm+0x1a/0x30 [ 206.952384][T11883] [ 206.954809][T11883] value changed: 0xffff8882374a2d38 -> 0x0000000000000000 [ 206.962574][T11883] [ 206.964909][T11883] Reported by Kernel Concurrency Sanitizer on: [ 206.971086][T11883] CPU: 0 UID: 0 PID: 11883 Comm: iou-wrk-11882 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0 [ 206.982129][T11883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 206.992431][T11883] ==================================================================