Warning: Permanently added '10.128.0.150' (ED25519) to the list of known hosts. 2024/04/03 07:40:14 fuzzer started 2024/04/03 07:40:14 dialing manager at 10.128.0.169:30010 [ 58.206736][ T5068] cgroup: Unknown subsys name 'net' [ 58.343518][ T5068] cgroup: Unknown subsys name 'rlimit' 2024/04/03 07:40:16 syscalls: 3513 2024/04/03 07:40:16 code coverage: enabled 2024/04/03 07:40:16 comparison tracing: enabled 2024/04/03 07:40:16 extra coverage: enabled 2024/04/03 07:40:16 delay kcov mmap: enabled 2024/04/03 07:40:16 setuid sandbox: enabled 2024/04/03 07:40:16 namespace sandbox: enabled 2024/04/03 07:40:16 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/03 07:40:16 fault injection: enabled 2024/04/03 07:40:16 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/03 07:40:16 net packet injection: enabled 2024/04/03 07:40:16 net device setup: enabled 2024/04/03 07:40:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/03 07:40:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/03 07:40:16 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/03 07:40:16 USB emulation: enabled 2024/04/03 07:40:16 hci packet injection: enabled 2024/04/03 07:40:16 wifi device emulation: enabled 2024/04/03 07:40:16 802.15.4 emulation: enabled 2024/04/03 07:40:16 swap file: enabled [ 59.855430][ T5068] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/03 07:40:16 starting 5 executor processes [ 60.848160][ T5081] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 60.857838][ T5081] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 60.882970][ T5089] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 60.893036][ T5087] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 60.894112][ T5089] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 60.902316][ T5087] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 60.909619][ T5089] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 60.917861][ T5087] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 60.933801][ T5087] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 60.934509][ T5089] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 60.942503][ T5087] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 60.950203][ T5090] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 60.964046][ T5089] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 60.964346][ T5087] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 60.973085][ T5089] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 60.980455][ T5090] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 60.986957][ T5089] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 60.994881][ T5087] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 61.003051][ T5089] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 61.009067][ T5090] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 61.019093][ T5089] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 61.023277][ T5090] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 61.030183][ T5092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.048770][ T5092] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 61.065838][ T52] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 61.073889][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.081760][ T5090] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 61.088153][ T5092] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 61.102223][ T5090] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 61.110836][ T5092] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 61.617407][ T5093] chnl_net:caif_netlink_parms(): no params data found [ 61.702219][ T5098] chnl_net:caif_netlink_parms(): no params data found [ 61.771022][ T5096] chnl_net:caif_netlink_parms(): no params data found [ 61.898330][ T5093] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.907896][ T5093] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.916336][ T5093] bridge_slave_0: entered allmulticast mode [ 61.923675][ T5093] bridge_slave_0: entered promiscuous mode [ 61.940828][ T5095] chnl_net:caif_netlink_parms(): no params data found [ 61.976295][ T5093] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.984146][ T5093] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.994532][ T5093] bridge_slave_1: entered allmulticast mode [ 62.001817][ T5093] bridge_slave_1: entered promiscuous mode [ 62.021296][ T5094] chnl_net:caif_netlink_parms(): no params data found [ 62.073629][ T5093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.093526][ T5093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.143658][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.151678][ T5098] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.160453][ T5098] bridge_slave_0: entered allmulticast mode [ 62.167846][ T5098] bridge_slave_0: entered promiscuous mode [ 62.212271][ T5096] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.220678][ T5096] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.230049][ T5096] bridge_slave_0: entered allmulticast mode [ 62.238945][ T5096] bridge_slave_0: entered promiscuous mode [ 62.247152][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.255666][ T5098] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.263891][ T5098] bridge_slave_1: entered allmulticast mode [ 62.272259][ T5098] bridge_slave_1: entered promiscuous mode [ 62.320693][ T5096] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.328526][ T5096] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.337897][ T5096] bridge_slave_1: entered allmulticast mode [ 62.345272][ T5096] bridge_slave_1: entered promiscuous mode [ 62.365980][ T5098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.390000][ T5093] team0: Port device team_slave_0 added [ 62.422984][ T5098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.460583][ T5093] team0: Port device team_slave_1 added [ 62.482930][ T5096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.518265][ T5095] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.528541][ T5095] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.536643][ T5095] bridge_slave_0: entered allmulticast mode [ 62.543616][ T5095] bridge_slave_0: entered promiscuous mode [ 62.553233][ T5095] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.562664][ T5095] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.570572][ T5095] bridge_slave_1: entered allmulticast mode [ 62.578497][ T5095] bridge_slave_1: entered promiscuous mode [ 62.597140][ T5096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.662932][ T5093] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.670358][ T5093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.699380][ T5093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.737168][ T5098] team0: Port device team_slave_0 added [ 62.746403][ T5098] team0: Port device team_slave_1 added [ 62.752407][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.759896][ T5094] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.768017][ T5094] bridge_slave_0: entered allmulticast mode [ 62.775593][ T5094] bridge_slave_0: entered promiscuous mode [ 62.791916][ T5095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.806084][ T5095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.816354][ T5093] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.823686][ T5093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.850733][ T5093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.875439][ T5096] team0: Port device team_slave_0 added [ 62.892647][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.900906][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.910187][ T5094] bridge_slave_1: entered allmulticast mode [ 62.918053][ T5094] bridge_slave_1: entered promiscuous mode [ 62.959989][ T5096] team0: Port device team_slave_1 added [ 63.002309][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.039763][ T5093] hsr_slave_0: entered promiscuous mode [ 63.046853][ T5093] hsr_slave_1: entered promiscuous mode [ 63.068267][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.075716][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.103270][ T5096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.106498][ T5081] Bluetooth: hci2: command tx timeout [ 63.117089][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.120091][ T5092] Bluetooth: hci1: command tx timeout [ 63.127532][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.160408][ T5098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.174007][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.186745][ T5092] Bluetooth: hci4: command tx timeout [ 63.186762][ T5090] Bluetooth: hci3: command tx timeout [ 63.194751][ T5081] Bluetooth: hci0: command tx timeout [ 63.209710][ T5095] team0: Port device team_slave_0 added [ 63.224515][ T5095] team0: Port device team_slave_1 added [ 63.232472][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.240029][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.268144][ T5096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.280274][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.288062][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.315814][ T5098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.396516][ T5094] team0: Port device team_slave_0 added [ 63.407742][ T5094] team0: Port device team_slave_1 added [ 63.416101][ T5095] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.423997][ T5095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.452677][ T5095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.468196][ T5095] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.476497][ T5095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.503127][ T5095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.573472][ T5096] hsr_slave_0: entered promiscuous mode [ 63.581107][ T5096] hsr_slave_1: entered promiscuous mode [ 63.588214][ T5096] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.597151][ T5096] Cannot create hsr debugfs directory [ 63.654496][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.663004][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.691340][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.725424][ T5098] hsr_slave_0: entered promiscuous mode [ 63.732379][ T5098] hsr_slave_1: entered promiscuous mode [ 63.739927][ T5098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.747971][ T5098] Cannot create hsr debugfs directory [ 63.771798][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.779390][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.807092][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.834495][ T5095] hsr_slave_0: entered promiscuous mode [ 63.843519][ T5095] hsr_slave_1: entered promiscuous mode [ 63.850460][ T5095] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.858925][ T5095] Cannot create hsr debugfs directory [ 64.052485][ T5094] hsr_slave_0: entered promiscuous mode [ 64.059367][ T5094] hsr_slave_1: entered promiscuous mode [ 64.066484][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.074323][ T5094] Cannot create hsr debugfs directory [ 64.340350][ T5093] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.352295][ T5093] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.371498][ T5093] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.381451][ T5093] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.498868][ T5096] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 64.509914][ T5096] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 64.529148][ T5096] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 64.559963][ T5096] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.617755][ T5098] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 64.630184][ T5098] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 64.652601][ T5098] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 64.681775][ T5098] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 64.779741][ T5094] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 64.800685][ T5094] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 64.813679][ T5094] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 64.863037][ T5093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.872066][ T5094] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 64.963706][ T5095] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 64.978670][ T5095] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 64.990989][ T5095] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 65.013920][ T5093] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.026979][ T5095] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 65.074102][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.081683][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.129705][ T2947] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.137085][ T2947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.157854][ T5096] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.173668][ T5098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.184784][ T5081] Bluetooth: hci2: command tx timeout [ 65.185051][ T5092] Bluetooth: hci1: command tx timeout [ 65.265395][ T5092] Bluetooth: hci4: command tx timeout [ 65.265926][ T5090] Bluetooth: hci3: command tx timeout [ 65.277693][ T5081] Bluetooth: hci0: command tx timeout [ 65.297135][ T5096] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.326701][ T5098] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.406493][ T5093] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.419097][ T2947] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.426339][ T2947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.439857][ T2947] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.447766][ T2947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.462858][ T2947] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.470271][ T2947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.481982][ T2947] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.489139][ T2947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.533154][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.593716][ T5094] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.651890][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.659539][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.676907][ T5095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.711096][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.719219][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.789580][ T5096] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.809857][ T5095] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.832386][ T5093] veth0_vlan: entered promiscuous mode [ 65.866465][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.873573][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.903099][ T5098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.928882][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.936429][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.951300][ T5094] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.000685][ T5093] veth1_vlan: entered promiscuous mode [ 66.062853][ T5096] veth0_vlan: entered promiscuous mode [ 66.121722][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.143128][ T5098] veth0_vlan: entered promiscuous mode [ 66.168703][ T5096] veth1_vlan: entered promiscuous mode [ 66.182221][ T5093] veth0_macvtap: entered promiscuous mode [ 66.198770][ T5093] veth1_macvtap: entered promiscuous mode [ 66.243009][ T5098] veth1_vlan: entered promiscuous mode [ 66.263466][ T5093] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.308250][ T5093] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.337329][ T5094] veth0_vlan: entered promiscuous mode [ 66.344462][ T5093] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.359904][ T5093] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.369725][ T5093] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.379604][ T5093] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.414032][ T5096] veth0_macvtap: entered promiscuous mode [ 66.442089][ T5096] veth1_macvtap: entered promiscuous mode [ 66.453368][ T5095] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.476918][ T5098] veth0_macvtap: entered promiscuous mode [ 66.487096][ T5094] veth1_vlan: entered promiscuous mode [ 66.529731][ T5098] veth1_macvtap: entered promiscuous mode [ 66.628735][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.642161][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.657885][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.671008][ T5094] veth0_macvtap: entered promiscuous mode [ 66.691883][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.693007][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.707415][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.718208][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.732319][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.743401][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.757930][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.770055][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.782024][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.799264][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.819271][ T5098] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.828648][ T5098] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.838486][ T5098] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.848189][ T5098] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.861522][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.873081][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.883645][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.895444][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.908188][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.932578][ T5094] veth1_macvtap: entered promiscuous mode [ 66.951710][ T5096] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.961664][ T5096] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.971386][ T5096] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.980757][ T5096] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.013168][ T5095] veth0_vlan: entered promiscuous mode [ 67.021311][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.031192][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.063052][ T5095] veth1_vlan: entered promiscuous mode [ 67.107244][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.123804][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.136596][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.148473][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.158848][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.169532][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.182286][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.233333][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.249111][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.260241][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.271421][ T5081] Bluetooth: hci1: command tx timeout 07:40:23 executing program 0: syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @val, {@ipv6}}, 0x0) [ 67.271482][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.278395][ T5081] Bluetooth: hci2: command tx timeout [ 67.295728][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.307936][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.326859][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.345006][ T5081] Bluetooth: hci0: command tx timeout [ 67.345186][ T5090] Bluetooth: hci3: command tx timeout [ 67.350620][ T5081] Bluetooth: hci4: command tx timeout 07:40:24 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_mballoc_prealloc\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_mballoc_prealloc\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r3, &(0x7f0000000180), 0x2000) [ 67.396392][ T5132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.413805][ T5132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 07:40:24 executing program 0: syz_emit_ethernet(0x36, &(0x7f0000000300)={@broadcast, @local, @val, {@ipv6}}, 0x0) [ 67.458210][ T5094] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.481588][ T5094] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.494536][ T5094] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.530329][ T5094] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 07:40:24 executing program 0: syz_emit_ethernet(0x2e, &(0x7f0000000000)={@broadcast, @broadcast, @val, {@ipv4}}, 0x0) [ 67.555215][ T5095] veth0_macvtap: entered promiscuous mode [ 67.596929][ T5095] veth1_macvtap: entered promiscuous mode [ 67.636250][ T5132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 07:40:24 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/134, 0x86}, {&(0x7f0000000180)=""/27, 0x1b}], 0x2, 0x0, 0x0) sendmmsg(r0, &(0x7f0000000000), 0xffffffffffffffe6, 0x0) [ 67.665624][ T5132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.724441][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.746906][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.758513][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 07:40:24 executing program 0: r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) r4 = dup3(r3, r2, 0x0) write$binfmt_script(r4, 0x0, 0x0) [ 67.770400][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.781689][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.797555][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.813520][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.832371][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.852350][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_0 07:40:24 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000013007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x2, 0x300) bind$packet(r2, &(0x7f00000001c0)={0x11, 0x1a, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) [ 67.881027][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.893082][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.912164][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 07:40:24 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) sendmmsg$inet(r1, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000100)="95", 0x7ffff000}, {&(0x7f0000000180)="10322e8d572377b7fbaa8dc8f35ec8c1ecd3ca56262712cbfe04df13dc88e21b06b99555568d2762d2482bb7886f9834d61d30fff3f238eb2b967634ec9914d7cbed0bd7c409e3a93edc9dcd0068c44b80e97653ca49b28d98992ecc9cee86b434bb2a1051a5205bae307d3edaad4e5cfbe37c31e228f740d8a1fad419e169229e8f9ed748b7415d8b23f32c9499542db82cc59c786433aae69d2a63ccd4d2f4e1cf0573a7de8b9aef75e7b576c936a05524c93e6e4363c6a07d605688568fca4f6de4c8b4c946c3fa54addb139322a13399dab6abbae06e1d4c0a0bdc02be99a7744277e6af4e8aa9cbf9eb13a4f951fc1abebd07f53a727742529ccac4bb5f9e7ef43bc7be743d2015655766c7769aabfb2dddb3d7aa3266524b48e78744b795eb8636c4ec5dfdf3e8a5034ffc95f982bc52baa4b88de5e99638a68baeabed92a11c961392c18eb96ce2618ff7432ecea196d1fc83d8e0a6fe6d26b85cc70411b324e371d2e446e84acf8993e29b999fd6ef21d17d1265104939a5561774caa5fd7677d515f8671cd86bccce2323d67b288a2c5045ffec83cb225ad05bb5d83264592c2702f4318ee194e8282dd1b46dae0685c55cc27f08ac43fcbadadc19dbe7e946ca064df715824163087d458aa7efcdb16462b058534a85dac780833fd073b5a85ac3de22085253ff61e6b4c6ca60bd2730eb6ec16afd1905ae77d7e68d3ef51214616487d750ccd6b3832a9dbc8cfe8b72844be017c5a24370a8ec28c791b747a776e944e51a3bb2ac94d989e927601781359328605484a963318dbaf8648215b853d06e57e49b9f492ca52f9bea87fb0d621280ce666d78ea437a5361fd2eedf5733bd38b33c76085811db3d7dc094b0a839de24ac85eab1275fda153342b46aff9dfe4ae3b01c114ee4c4ae8d5fc6a690d0023fe930d5765e3faefc387ff4f3634ee3ec9219923c394a635c1a9b82476d98f8dcbbcad30d7aee1056f98bf572be5b871b085ea1da90937d7fd5818cc6ec147269810565b4471a0e41a45c61668a6bf3c7b477719741cad3c6b950f2e0d8e6ec4c032b620d334da9696d0d46406bc855d3652b28fcfe5182d0a567d63557827040538a6552d424e790ba054b355b9484634c4a1b5d7934a20c2a147620188e50691f02517b46b2d81fd2c9f47c6cfc03cf45a40984d5d838ad5b6218a0bf3c547b1a9816664058b44ad90264eb9819f329633bdd34061de254e8fdae2c59fa6a126d77baee8c938b39f5e12ce37678190cbf0cbada8a86e805ea5efd0fe3ddfc97ae7e28c6fc0dcdeeb046b10fc2b9bba90e0f59c4fa912c9905959fbd30e15943d364851808b99b7e9e58c29f65a2078d89a464013724781dc5fba91d53e4bc9bbe92a40351dd3dcd473d0ede1672864ff04dc247e68471b0ca572175b689343089da2487429f4e0a0c5c2373002c0fca5541bde4da4e948449c5699c1c93c8d0a7a4e6d6aabfef414f39c476aa36f3c86469bafd372cdf568d851b91506119c91ba9f68355ad21a93784aa226dfabed59e4ef87fe6931f8e1ba54d03234912a3a0d60ef0f254310c8cac836eb6f7a9d977e8034e98ea247d0ac1b98d30561b6f838762e7c2c8aa5b606d78259aee48bbb61892842c15221db00759404ca90e2e550992fdf356367e4e0baa823ceac36ad16862cb915ef78c872ff78720fac6a20fd58e0e0c9fc73c6bf474f6f0ee2a0c80497cdd29e3e7193f23097ad933d6a40364659b611149ab608a5698ab423fa05bcaa3f2f8167bbb1d1dd3afbe28b27f80c5b420878570ba30bf5a84b49a65c64a1c165dd1b5fb58959e93911bf908bb95384f28c2faa58e004f4817f7a3aec13f497f876a283fc4c2dbf0b09b1c9084cdda1e0207357e83a2feeb95fd5428ce408d31384e3973eb0a3a6583194a46b201004c2bbd8ffc8c8b51f5a8cb892c87dec9d2fd428524e67452e1eae12747fd53ed3ad773808aee7245f70511c4c967b99ed4dc1c64c4c47fe68d80a3eb5757ce0783e937042504e7a473c64c407843c25e9e78c62bf381d066bc59be9155de02f7dea3145599d08eec1b9fa1242429eded19841bfef4b03a1a20dee15af087844b37f970b51decfa6c168ff2f24095a0be3ee012591723fa5d8a3a7697e9ee1e74919ff0b5f53bf1de2da65969c1b07eda9abeb1a42e864fd07c8b761dee493adf341f076d2489b1683df9331386826ff949764d4b087b79a95c9bfca43f6d63e35cd154a7e586f1d1aa1723116c90c28012048678f638dac464921f3194a2a8651483d79c3370373dad75af1904abf3cee5267a52144651e4ee124c9459c42cc5a08dbd31c6642048c98c21e4efbc671eda620452d718738dd757663b8dd501b0223a893e1e0c491a08fb8b52c0f5a6b6776a7c569230ba24a7971f5ef41929d15f80cd0738802e63c57351686addb61646778d48c2a49238794bf5cc93a7a140c4dc5cb64a551da23fbbbd2a16b6a026df641ea2d2cde453ac5328f110959f43ac224648c7653fa4efc7253a02cb46714022fef8427c5bf9555e91201bd1860cd8974e88e08a7ac4c77d79902a7e92a7ac6df2fe8663bccae3173d19c789f6c594aa8786e668f5d04207ee3c548b2807d644e7d05302a4d571584fe590ed5686b0a99a072336f82559293c84f7debebec2e649c2f4d91ecaceb96eb7d4a9d442f7b8112fd014859a0ce5b5fb65991dac4d0aa5ecf6994010f954a8c269bd868520d19772d68a075f23d4ab8ef9de6242e87063fd191836bead1235c214d1f5f2d234fa68d32d92bfdd73103be6c2e2fccea215e1edacd3105eb69a9955cebae0edb9f8182744ea994d9b00bf244d46862cd141118aca3bab32d3a71481d4be2400067833a7ba625819f8a39144e2f42dbc725e49da97cbec0e9e588b0805b32524647888d8c16867990672b549f9beaf80f48643492a94ab93b8c86a27aec9caa11d1300eb80dfc34ad6097daf684825b5a703aebae0c6801ab89fc81a630fb9a7d70add1c54d0c28bdac211960fc7e135625db88d730774a0cf372ace32bde2cdda536e4ca6414cc401dcf53a44932dc944f3299b59bde2260999f558c97c6a7da1b29b73f86aea382c7605532c3da889b75a9dbba15e7bf143063031a24376c6c00c977d5045e4244c3b4a7e1890eb195c870ebf251280c21a077a000398838a7bd3dc560df5ac9c70ab8a45bcdd9552f20cdf209ad2c1e0a3c69e9425fd78b0b60f5f1dc3e44496be36681a288b359e8c6d0a7451df19ff294797aa7eb443be797986ca090b916f5ff6b358ce1bf99cb1ad4b3d6b09d1b38ec3066ceb4a737bddaad09866ccd46750e2ef20c7c5992ebfbfe5dedfd48c1663d71a034ebbf457fbffcb03ea95b6473fe2928350d45fec96df4d59684e36212cfaede32c0ca08883fb3e430847dee21a5f61a950da5a40c0d8d9d1f9712454011b947f210a27c850cbe9929139ffea1435ee8070d142bf558205ae18dddc42781206f2a9b2ee4213be8dc4a3c6a7a53dc80e1ee061065d008301708c2b049d92f41fe4525b98932a7c672334bf1f6688057d031dbfd59e2068da65962eff0135330547dc420e66fa64d36927f9f6a68c32c06cf668e5e924b3286754828166dc804b4a101b6d7a88f530280701ac8d1f653e6a8d6b82f5d45b67339d195a5809f95c7213bf09b384c9d48027f4476cc43de753a3717744bcff25aad401ffa81e7564b3defbd5af96f367903127fe74ba051c0d077c6866a635ca62dfd694449fbafaa8468608b4652fa81eb1dfd73c93e234d791cb9d951ec73458d7b3db87ba848700632b8b7753c1b45ab1cccbfa5d7ebb0cb756cfdedbff86da591144b879dc4041903a7919ba329e6a8eeb59a71489a816ba9ae8509fdc4bf0cc287776ec689630ccd33ee0a07edfa7b1c8ef067a883e54877024dd964407c0d116e528f07d5e367f882d7740cbdcc2c080672b774a86318574cbb5c1881084b7a3fb39acbc6462a07d3fa5f5bc3088bd38a6cd9226fe53eafb34ba0197a4653a87d3c694896531f310f5fec9a0b1752949a5caf3844f195fa9020bb063ea7f52e9d4eb2352c21d511c223d541c1cf98f28a8bdee868f9d4f148a520ca167b97f5b2717bc51af8ab15b3ad1e03d0fc37e7135f44b5313b8c43012ba51a06d03188393660faa4f202205476b4fff6f9b25ac1b3c6a99a54ed5fc5a3b3749a0843f3de33fc17781f9b8bbbecbce970371601f6874ab1c6fa125e0171ff9079c06b8b50c76a2026cd4235b137c4bde1f54389b0a91d64e01f71b2713ffb98a50d928d62cf0220ef76f6ebf3875998fe6990ad0f0f95eef0ddf07c23783095669e590acd2df3d8e3d3fe473b6ef644f4cc45b6f493901badb44d3b6ca4028f73cbca3c1d639c1b20b40bf739e5f3678bad92459fe5bcc019c82f1d8af1667a41647a4184aeb0e08dc1b5b5e1ffc6093cd12795990612de3cfc876370546e07c83618c008f753e29c09fb8bc9f13474cc97ecb2bd8368cfacc3cf644410f3d5760acdcc8c93feda7c52777ddf3a774363085075ff05793e6fdf291995a046a759a43ad155429a1df5d844abb9bf12e9ed9d1bc2da2ad34ed748966211265019909d3480453f83f95b4a6272e948c4f91264dd69ff19058d6da0eafb0e022438026f7081422b5265d5e7512969e77c17de5029", 0xd00}], 0x2}}], 0x3e, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002d40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}], 0x20}}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) ppoll(&(0x7f0000000040)=[{r0}], 0x1, 0x0, 0x0, 0x0) [ 67.928229][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.940836][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.952938][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.981049][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.994400][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.005514][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 07:40:24 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$sock_linger(r1, 0xffff, 0x80, &(0x7f0000000500)={0x9, 0x5}, 0x8) dup2(r0, r1) [ 68.024977][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.042634][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_1 07:40:24 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in={0x10, 0x2}, 0x10, 0x0, 0x0, &(0x7f0000000300)=[@authinfo={0x10}, @authinfo={0x10}, @sndrcv={0x2c}, @dstaddrv4={0x10, 0x84, 0x9, @multicast1}], 0x5c}, 0x0) [ 68.116763][ T5095] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.144638][ T5095] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.154002][ T5095] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 07:40:24 executing program 1: timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) r1 = dup(r0) write$FUSE_WRITE(r1, &(0x7f0000000100)={0xfffffeec}, 0xffffffd1) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000140)=0x0) write$FUSE_DIRENTPLUS(r1, &(0x7f0000002780)={0x10}, 0x10) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r2, 0x1, &(0x7f0000000200)={{0x0, 0x3938700}, {r3, r4+60000000}}, 0x0) close(r1) socket$unix(0x1, 0x2, 0x0) timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x3938700}, {0x0, 0x9}}, 0x0) [ 68.170711][ T5095] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.227479][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.238788][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.311013][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.320805][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.380377][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.392070][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 07:40:25 executing program 3: r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) unlinkat(r0, &(0x7f0000000200)='.\x00', 0x8) [ 68.460392][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 07:40:25 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000140)='proc\x00', 0x0, 0x0) syz_usb_connect(0x0, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b24b4a10e60407007501000000010902"], 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/mnt\x00') 07:40:25 executing program 2: socketpair(0x1e, 0x0, 0x1, 0x0) [ 68.512259][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 07:40:25 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7, &(0x7f0000000080), &(0x7f0000000140)=0x84) 07:40:25 executing program 2: socket$inet6_sctp(0x1c, 0x0, 0x84) r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0x1c, 0x5, 0x84) r2 = dup2(r0, r1) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x25, &(0x7f0000000940)=ANY=[@ANYBLOB="ff", @ANYRES32=0x0], &(0x7f0000000900)=0x8) [ 68.656055][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.692132][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 07:40:25 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000300)={&(0x7f0000000140)=@in={0x10, 0x2}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)="e9", 0x1}], 0x1, &(0x7f0000000240)=[@init={0x14, 0x84, 0x1, {0x101, 0x0, 0x0, 0x5}}], 0x14}, 0x0) 07:40:25 executing program 4: r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000240)='./file2\x00', r0, &(0x7f0000000280)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x1c0) symlinkat(&(0x7f0000000080)='./file2\x00', r0, &(0x7f00000000c0)='./file0/file0\x00') mkdirat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0) 07:40:25 executing program 0: r0 = socket(0x1c, 0x10000001, 0x84) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x19, &(0x7f0000000300), 0x8) [ 68.976772][ T2947] usb 2-1: new high-speed USB device number 2 using dummy_hcd 07:40:25 executing program 2: r0 = open(&(0x7f00000000c0)='./file1\x00', 0x64bf730fadf8ae22, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x2010, r0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r1, 0x0) 07:40:25 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) r2 = dup2(r0, r1) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x901, &(0x7f0000000080)=ANY=[], 0xa) 07:40:25 executing program 4: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @remote, @val, {@ipv4}}, 0x0) 07:40:25 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x23, &(0x7f0000000100), 0x90) 07:40:25 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xd, &(0x7f00000000c0), &(0x7f0000000100)=0x4) [ 69.255245][ T2947] usb 2-1: Using ep0 maxpacket: 16 07:40:25 executing program 4: syz_emit_ethernet(0x134, &(0x7f0000000880)=ANY=[@ANYBLOB="e90bac51aaaaaaaaaaaaaabb86dd640000000000000000000000010000000002000000000012ed"], 0x0) 07:40:25 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000000), 0x88) [ 69.359022][ T5081] Bluetooth: hci1: command tx timeout [ 69.359038][ T5090] Bluetooth: hci2: command tx timeout [ 69.400101][ T5194] sctp: [Deprecated]: syz-executor.2 (pid 5194) Use of int in maxseg socket option. [ 69.400101][ T5194] Use struct sctp_assoc_value instead [ 69.425846][ T2947] usb 2-1: config 0 has no interfaces? [ 69.431997][ T5090] Bluetooth: hci3: command tx timeout [ 69.438184][ T5090] Bluetooth: hci0: command tx timeout [ 69.441306][ T5081] Bluetooth: hci4: command tx timeout 07:40:26 executing program 2: writev(0xffffffffffffffff, &(0x7f0000000380)=[{0x0, 0xfffffffffffffe81}, {0x0, 0xfffffe26}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="d877f8ed59ea396e8952a43ffdcbb6e6b48d22f71bd561a4cfc99118181a01ae773f4263de0bd93d318f68e019d884955c0636ad5e683704deb44e410b"}, {&(0x7f00000001c0)="7e7b78d38d2f53285c105e87d9dbb54cd148d4c72f8626dccc13fb27ad2225ccd4b704e44b3d5311f49a7a0e9bba97dc9cf70fa9fb5e55ab96ba1f87c8a59730609bd63af2127f14993315196cb5f99acd04a7bf502bf0344e91c4ba6fa7aff0811d8389d38a144fc0ec9cc62fc42f432032c4327f61e00c6db83b2c0433e09ebc76e87dc7df413e5a7fa330a3f5f2cab1b1442b8167a0a7e62076b0197456a9b40c430120dd0c51a9dc95ad52ec983b79c9c6f0566f38dbf43b"}], 0x4) 07:40:26 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000280)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@sndinfo={0x1c, 0x84, 0x4, {0x0, 0x2240}}], 0x1c}, 0x0) [ 69.454831][ T2947] usb 2-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75 [ 69.491430][ T2947] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 07:40:26 executing program 4: socket$inet6_sctp(0x1c, 0x0, 0x84) r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) sendto$inet6(r0, &(0x7f0000000000)="97", 0x1, 0x20080, &(0x7f0000000040)={0x20, 0x1c, 0x3}, 0x1c) [ 69.572743][ T2947] usb 2-1: config 0 descriptor?? 07:40:26 executing program 0: dup2(0xffffffffffffffff, 0xffffffffffffffff) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x2}, 0x10) chdir(0x0) 07:40:26 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x10, 0x2}, 0x10) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x29, &(0x7f0000000200), &(0x7f0000000280)=0x8) 07:40:26 executing program 3: r0 = socket$inet6_sctp(0x1c, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0x1}, 0x1c) 07:40:26 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7, &(0x7f0000000200), 0x88) 07:40:26 executing program 2: r0 = open(&(0x7f00000000c0)='./file0\x00', 0x80000000000209, 0xfffffffffffffffc) close(r0) truncate(&(0x7f0000000040)='./file0\x00', 0x3) getgroups(0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0]) setregid(0x0, r1) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000001480)=[&(0x7f0000001440)='\x00'], 0x0) 07:40:26 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0x100, &(0x7f0000000300), &(0x7f00000003c0)=0xb0) 07:40:26 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0xffff, 0x1022, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) setregid(0xffffffffffffffff, r1) setregid(0x0, 0x0) [ 69.902348][ T5133] usb 2-1: USB disconnect, device number 2 07:40:26 executing program 3: bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x10, 0x2}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) connect$inet6(r0, &(0x7f0000000140)={0x1c, 0x1c, 0x2}, 0x1c) 07:40:26 executing program 2: socket$inet6_sctp(0x1c, 0x0, 0x84) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x23, &(0x7f0000000140), 0x90) 07:40:26 executing program 4: madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3) 07:40:26 executing program 0: setuid(0xffffffffffffffff) r0 = getuid() r1 = getuid() setreuid(r0, r1) 07:40:26 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = socket$inet_sctp(0x2, 0x5, 0x84) connect$inet(r1, &(0x7f0000000100)={0x10, 0x2}, 0x10) r2 = socket$inet6_sctp(0x1c, 0x5, 0x84) r3 = dup2(r1, r2) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x105, &(0x7f0000000080)={0x1, [0x0]}, &(0x7f0000000000)=0x8) connect$inet(r0, &(0x7f0000000000)={0x10, 0x2}, 0x10) r4 = socket(0x2, 0x1, 0x0) dup(r4) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x21, &(0x7f0000000240)={0x0, 0x4220, 0x2}, 0x10) 07:40:26 executing program 3: syz_clone(0x4009080, 0x0, 0x0, 0x0, 0x0, 0x0) 07:40:27 executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000880)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d800000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7cc957d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f3273299e693e028bb51cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6df2aed4afe1f44ccb19e810879b70a70000000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbe43a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24291c25449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320080066f472a97214d0b2874df30ed5eb1affb873a55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c3508af50babccf908f66eca332f87909d32940f19dff00ffffffff08000000e1ff003853e59de762ff8d8955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8aee9f569435ea9e3217eff89309e190a1fb5a315f8347fb0379659500000000000000000000000000000000a614a5af8650f913058e015bbaf3451f88ba54ece08b332f7a542f8587f2fd973b9aa8269be75569e3471094035c83808103aa9ca15e2f59f49864210e94eae0553ca73d8dca89f312e7a5c3c339244dba20f6056fc98e42d9580b12fa99c92ef65970a07b3c4fbb487fa027cd381f4d7ddc9ea56d4a3d1127a25c1d8bb4680c844db962bb9201122fd49d3f194a6e23c45805253a8a1734d6e950a65dcd6988ce7ceb412d8d43d269d2d6e07a21392f008972868f5138ab98fc37cd38c3da84a8f1629132942f0515327846fed99b58db8f473afa18767ea5cbc173d1ac4dda0e0368250c623f8c4a0fdb1d2f29960b358d5c369a177d874289b6a67a080b1a7a08a1c13d874fc634d87fd5816f024113a443edc62ed6c816"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d40c9fc564e0bbfc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f603ff0e80677eeba68562eb8ae2bcd87cef900c9421c4276508e0000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf89ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb424cfd8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 07:40:27 executing program 0: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='./file0\x00', r0, &(0x7f00000000c0)='./file0\x00') readlinkat(r0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=""/199, 0xc7) 07:40:27 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0x34, &(0x7f00000000c0), 0x4) 07:40:27 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='environ\x00') ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x8901, &(0x7f0000000180)={0x3}) 07:40:27 executing program 3: mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x9) 07:40:27 executing program 1: munmap(&(0x7f0000ff8000/0x4000)=nil, 0x4000) r0 = open(&(0x7f00000000c0)='./file1\x00', 0x64bf730fadf8ae22, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 07:40:27 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0xffff, 0x1022, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) setregid(0xffffffffffffffff, r1) 07:40:27 executing program 0: r0 = socket$inet6(0x18, 0x1, 0x0) shutdown(r0, 0x1) close(r0) 07:40:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000002a00)="b3e05f7295f14f45fc411a9dd9aa62e77fabdf1e1c98cf0c390d71756f0721a29403bdfa7fc0fb6151c4309e0e617f7f268a19eb05c0067673fcf2e541f0266f112baca3e416c300b0b32a0c276cf57580a8a3828f5300b0315282235c4cec922729f7d9a70587adf2f62d990e8bad61e1bd33c21888fb576fb26d477b1c013701fcee080b0946548c9f57756858e3333a", 0x91}], 0x1, &(0x7f0000002d40)=[@rights], 0x10}, 0x1) 07:40:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002980)) 07:40:27 executing program 1: syz_emit_ethernet(0x2a, &(0x7f0000000800)={@broadcast, @remote, @val, {@ipv4}}, 0x0) 07:40:27 executing program 0: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) truncate(&(0x7f0000000080)='./file0/../file0\x00', 0x0) 07:40:27 executing program 4: munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000) munlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) 07:40:27 executing program 2: sendmsg$unix(0xffffffffffffff9c, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x0) 07:40:27 executing program 3: r0 = socket$inet(0x2, 0x3, 0x0) setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000), 0x4) 07:40:27 executing program 0: fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6) 07:40:27 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x10, r0, 0x0) 07:40:27 executing program 4: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file1\x00', r0, &(0x7f00000000c0)='./file0\x00') 07:40:27 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000002dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d40)=[@rights], 0x10}, 0x0) 07:40:27 executing program 0: r0 = open(&(0x7f00000000c0)='./file1\x00', 0x64bf730fadf8ae22, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x2010, r0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r1, 0x0) 07:40:27 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) unlinkat(0xffffffffffffffff, &(0x7f0000000340)='./file0/file0\x00', 0x0) recvmmsg(r0, &(0x7f0000000240), 0x10, 0x0, 0x0) 07:40:27 executing program 1: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = open$dir(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='./file0/file0\x00', r0, &(0x7f00000001c0)='./file0\x00') open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0) 07:40:27 executing program 4: munmap(&(0x7f0000400000/0xc00000)=nil, 0xc00000) 07:40:27 executing program 0: r0 = open(&(0x7f00000000c0)='./file1\x00', 0x8ffa6c0eb608eaa9, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x811, r0, 0x0) 07:40:28 executing program 1: r0 = socket$inet6(0x18, 0x3, 0x0) connect(r0, &(0x7f0000000040)=@un=@abs={0x0, 0x0, 0x3}, 0x8) 07:40:28 executing program 3: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0xffff, 0x1022, &(0x7f00000012c0)={0x0, 0x0, 0x0}, &(0x7f0000001300)=0xc) chown(&(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, r1) 07:40:28 executing program 2: socket(0x0, 0x6d8dfb7c0971584, 0x0) 07:40:28 executing program 4: lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 07:40:28 executing program 3: r0 = socket$inet6(0x18, 0x1, 0x0) connect(r0, &(0x7f0000000000)=@in, 0xc) 07:40:28 executing program 1: r0 = socket$inet6(0x18, 0x1, 0x0) getsockopt$sock_int(r0, 0xffff, 0x100, 0x0, 0x0) 07:40:28 executing program 2: setrlimit(0x4, &(0x7f0000000080)={0x0, 0x1}) 07:40:28 executing program 0: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, &(0x7f0000000140)={0x2, 0x2, @empty}, 0x10) r2 = accept4$inet6(r0, 0x0, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0x5450, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0) accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0x5450, 0x0) 07:40:28 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) getpeername(r0, 0x0, 0x0) r1 = mq_open(&(0x7f0000000000)='}*\xf3\\\x00', 0x40, 0x1, &(0x7f0000000040)={0x0, 0x68e7, 0x1, 0xffffffffffffff99}) ioctl$TIOCSPGRP(r1, 0x5451, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0x5451, 0x0) sync_file_range(r1, 0xc3, 0xf32, 0x2) ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0x2]}, 0x8, 0x80000) ioctl$TCSETA(r1, 0x5451, 0x0) 07:40:28 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) dup2(r0, r1) setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, 0x0, 0x0) 07:40:28 executing program 2: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f000000ad80)={0x0, 0x0, 0x0}, 0x0) recvmsg(r0, &(0x7f0000002080)={0x0, 0x0, 0x0}, 0x0) recvmsg(r0, &(0x7f000000a380)={0x0, 0x0, &(0x7f000000a2c0)=[{&(0x7f0000009080)=""/4096, 0x101d}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f000000a140)=""/68, 0x44}, {&(0x7f000000a1c0)=""/191, 0xbf}], 0x4}, 0x0) [ 71.668688][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. 07:40:28 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x88) sendmsg$kcm(r0, &(0x7f0000000340)={&(0x7f00000002c0)=@in6={0xa, 0x4e22, 0x0, @dev}, 0x80, 0x0}, 0x200ce0c0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffffffffffff15, &(0x7f00000000c0)=[{&(0x7f0000000040)="bbf4796ce8c49f94dc7bb5719846f95319288c24141020604a46eeee8086d839a962499f21c9c87df4411804b555de18040485f72226d09331ee34d893d0bcc1933bc6bc64a1159a3dbe6b2225f635c5ee917f7a31141e82e436d6d240b99a48ec", 0x604}], 0x33}, 0x20000801) 07:40:28 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'nicvf0\x00'}) [ 71.835785][ T5314] netlink: 'syz-executor.2': attribute type 29 has an invalid length. 07:40:28 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f00000000c0)=[{0x4c}, {0x6, 0x0, 0x0, 0x7fff7ffe}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000000)=[{0x48, 0x0, 0x0, 0x9}, {0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x2, &(0x7f0000000000)=[{0x64}, {0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]}) 07:40:28 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000004c0)=[{0x6}]}) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ppoll(&(0x7f0000000100)=[{r1}, {r0}, {r2}], 0x3, 0x0, 0x0, 0x0) 07:40:28 executing program 3: io_setup(0x7f, &(0x7f0000000100)=0x0) io_getevents(r0, 0x8000000000000001, 0x1, &(0x7f0000000380)=[{}], 0x0) ioctl$BTRFS_IOC_RM_DEV(0xffffffffffffffff, 0x5000940b, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000017c0)='net/protocols\x00') io_submit(r0, 0x1, &(0x7f0000003f00)=[&(0x7f0000001900)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}]) [ 71.879606][ T5314] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 71.903744][ T5323] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 07:40:28 executing program 0: openat(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0xb1, 0x0, 0x0, 0x8}, {0x6, 0x0, 0x0, 0xffff30cc}]}) mount(&(0x7f00000027c0)=ANY=[], &(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000100)='cgroup\x00', 0x0, 0x0) [ 71.971206][ T28] audit: type=1326 audit(1712130028.592:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf72e3579 code=0x0 07:40:28 executing program 4: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, &(0x7f0000000140)={0x2, 0x2, @empty}, 0x10) r2 = accept4$inet6(r0, 0x0, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0x5450, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0) accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0x5450, 0x0) [ 72.020399][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.034711][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.054830][ T5321] netlink: 'syz-executor.2': attribute type 29 has an invalid length. 07:40:28 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/tcp6\x00') r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0) r2 = signalfd4(r1, &(0x7f00000001c0), 0x8, 0x0) sendfile(r2, r0, 0x0, 0xc76) [ 72.094840][ T5324] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 72.112740][ T28] audit: type=1326 audit(1712130028.682:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5328 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf72ba579 code=0x0 [ 72.134173][ T5314] netlink: 'syz-executor.2': attribute type 29 has an invalid length. 07:40:28 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10042, 0x0) pwrite64(r0, &(0x7f0000000100)="1d06322d5964373db9c764414c456f48173b82a7d643e95e8c49590b111f65892f6e00dda6329378ef42480a52b61bf1de404dc073cefc7f306e11861f13318ac621f76bd941de2a450a799b556a67d06c4e3d25acd316014af302414a86a64071a48b94990090f74ecd08e96e07c2a53e70561d604d09f8f8121dde126770fc8dd38580844b8c49a36d4092820ed84843f0cb7521c7119a616dc163d80c63b5172cbd1df0662cd60c252bc39a9dcabe05da3502b6336f4c0f18e2f03adabe30", 0xfffffd1d, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000e80), 0x301, 0x0) ioctl$TCSETSW(r1, 0x5403, &(0x7f00000000c0)={0xffff, 0x0, 0x0, 0x6, 0x0, "1a5a4c00"}) socket$inet(0x2, 0x0, 0x0) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile(r1, r0, 0x0, 0x1000000000006) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)) 07:40:28 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f00000000c0)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1, 0x0, 0x3, 0xfffffffffffffffd}) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) close(r0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000ac0)=ANY=[], 0xfffffcdd) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='io\x00') sendfile(r2, r3, 0x0, 0x37) [ 72.242362][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. 07:40:29 executing program 0: setrlimit(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) utime(&(0x7f0000000300)='./bus\x00', 0x0) r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x1008, 0x0, 0x0) rt_sigreturn() utime(0x0, 0x0) mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x1) creat(&(0x7f0000001a00)='./file1\x00', 0x0) msgsnd(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='w'], 0x1008, 0x0) 07:40:29 executing program 2: getresgid(0x0, 0x0, 0x0) write$P9_RREAD(0xffffffffffffffff, 0x0, 0xb) eventfd(0x0) r0 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x6e93ebbbcc0884ee, 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) 07:40:29 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f000000a300)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=@framed={{}, [@call, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"}) 07:40:29 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180400cc0c00000000000000000000009500000000000000"], &(0x7f00000001c0)='GPL\x00'}, 0x80) [ 72.870443][ T5355] warning: `syz-executor.2' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 07:40:29 executing program 2: bpf$PROG_LOAD(0x12, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000038000000bca3000000000000550300002dfeffff630af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061140800000000001d430000000000007a0a00fe0000001f6114000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a0acf30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d37500d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64364939bbf52d2105bd901128c7e0e01000000204a1deeed4155617572652d950ad31928b0b036dc2869f478b41d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d859f49cee383dc5049076b98fb6853ab39a21514da60d2ae20ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2ccb0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f982c91ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f098b6367917888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee1ee17da1900004c1011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f01ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864eeb6511004c1d44d90da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f8bc90addbc4b3093c91b8068c5adfcb0d7fd849904568b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b8243266888400000000000000000000000000006acccbc48d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf799b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d29000000003e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbf3633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa63264648225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4db8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc351bc8a7c040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9dce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd637c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac42218301009bbf61e4bba695a41e2109eba8e40c3702bd15cafc97a4d3edfd09005729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843ff3fd404f535be474f456778b5ef85afb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca78fa04d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f00000000000000003f1c0483706db2cb51a9439c2bf24fce70bb9ef9c150397aa1458d9045e9a066c4c07dcb5d3fd47532e6400d78e799e33dda64665388d543741c7440ebdd551ee967b6e2d14a1cc096f18779bc4e34f7de607ec7cbb28efa359d13683d5ef3adc614110f4d8610ebbb5e2d404be76418a0008f12850c49024211b4ea30dc07a52d95989123702f3caab2060f0dbd693ebcf0d5d32b4b76c473d668d63643a162bb4705764fd5656b033c4e49c28c9df7e20bb73ee59205520ad1e2ad93e22231f8251bba43534818baf226082d7d94e9544fe721af383b271d36a43e429ac976ce49ca182f6fcf5f5d1bc6388247669bb217af8c314cf5df36729c23cbcbab2fc7a2fdff67bf87c2651d0c1d87409d1dbef5457ba659111a23ebf03f9b876a03c00ee6b3e29f85321e9b47702f12e3eba8395cbbf7e5e67acc4d20a78ba87899884be807834578d1f2818140ba9facdb716cc8e744c17e5e66ca54b9a243067f85bf63ab86a7bd3bdc7bfd27a5be263205a1f8e2c650e88495fa4b3b6f7176c21c8dc81c9843479f4b14b9a13d8c0fc238e7500a399195373514c3b82efafcc261cfa53944f187ba7ea751a3437c3d4116399d5b65ddf8a641441086bbd30307adc59be211373873ef0fdb10d2c585e07dfd366f256f4b14f7db958cefc154f46bba0893f51acf2f8dd8a19055ffe12661932ac9a648e50683df90d17809e0bd5ec0e0c43f73e85cdc4912ad91b0753bd4561d79906588f9f5d09f56464cc2f56684d287b262b57c23ec78d2eaf96fb17c64f11ead4430c265c28ec02dca4ba38ecfecd4561855adeb2412430abcfa1e0391d0653567bf10827ccc1961743e096dcf2cc2e380b106491ae16d2a1a668de060f838408fbb60bbf017ad4d8dbd7a762c3c0705839f15a3c9f77ebe36bebbd27d98b519f36b12f5153905ed31453958c8c46cb8f974197eb01c819439fd43f43a15920fc1977f2f2a4bdd5d079283e1d6308251a5ae0461e2bd8190284f93f60244101ef8b6541a717a832ddf8aeed5455ed90bdeb9b03dae5481f6cbbf176321fff5e1aeb29840466177af699e84e49d3f9254e557e31a19bbfe55b62e20439710a75bcfa5c8c5f69f5b6cadddfc811fb73b78477688935b00f2f4971ba8c4c7c930e24d9f2fbcc9dc0bd2bf64294e47f02f69b0a84bdd4c0fedac562c7274d74bf367ca6c5441e177fbfc95a56d9490731b1aa1af08aeebb5a9e56d1b50bad5fc3f3ba8eb3095adba4ac1f236580000000000000000000000000000000000000000002e7ec9df3c71f02bb6d639855e3584aafd546739b880ffac40b1292971abc7faa153f90ec46f8c707fdb5b603ce64c155d76aeb8115f54ac9cb6eca976f8026a8bc56392b233a5a661d2e7ee1bbb701109c99d330cef4da2ec20a4bc1249e45a3c69742ec706a8924bb3ed655137690e951b66fbafe688d98f898fcd545555ed60b3173dc2600f1c6f025dde0629055074e01f79751ba93da933a503a6b928ee43ced85e63996abd88f535bbd6eb7a1f613d2b1bb278341a9a3ed1f0cc81a2b39213ddad2e1e8e94ef639ec16f1d4ba1b89172e8036529d96cb07b409420b8c523103faeadb52341e2adbee1fc90e82924b64e948aea9bf810eb8623263c1dd4d8cc2eef8464f2554a4494a505ef204232f44665eb41c30ad2305056a89255734b3121849af8f601000000c13c76d285d701c2c07803202ee88630bd30d6377380e1454c00000000000000000000009355e100fd97c3214075e1ccb3530000000000000000000000000000000000000000631313d11c3f3c834b644c79db9cacb4eb880a34eae30238c879522fe37f7f2fabc12520cabbfb76bbb92fad43d70c8bb6856d06988f6bf27435517c0fd9ded5ad98e8a5c0b7ed38dfe4c53ead0f217ecc92cbf9727f1640f92a4d8e8eeba39a6a8aed25388bb4f31facc6365060e2dd5ee61403a1be77f6a6b1197575300d7f512ddb9b233e2914"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48) 07:40:29 executing program 3: bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000a00)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x90) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8b15, &(0x7f0000000040)={'wlan1\x00', @dev}) 07:40:29 executing program 1: r0 = memfd_create(&(0x7f0000000600)='\xc0\x87:*\x18\xc1k\x06\x87[\xa0o84I\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HO\x00\x00\x00\x00R\xfc\xcb%u3\xec\xde%\x9d\xe4\x1d\rD\x82S\x17?\xd6\xb1\x9aF\xe2\xba[\xc7QR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\xa5\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\xae\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x93\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94\xfe2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[z\xb6>\xd3\xe7Q*\xdb\xa7h\nt\xddP\n\xc5\xeb\xb1ux\x94@\x00\x00g\x02D9\x83\xa7\x97\xf4\xb25wL\x97\xfb\xb9\xccj\xb3\x96\xc1@\xee`{\x87\xa8]\x96\x9cjF^+\xcc1l\xcbmA,5\xc4J\xcab\xa6\x91\xa0\xeaU\x92\x01\x1f,\xfa\x10\"+\x01\x00\x91\xe9\x1cz\xd1f\x901\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00o\"\x85Np\xba\x0e<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb8V\xe4\xa1C\x90\x17\xcc{\x9d\xf1\xbd\xb0\xca\x03\x96\x85h}\x8f\x1c)X\xc83rA\x90r\xb6\xba!;\x95\xaf\xe0\xcb\xec\xcd$\x02f\x8c4\x1aH\x8fC\xbfr\xd39\x92\x1fShu\x9e\b\xd4m\xa8\x16\xa6\xd5\xae\xcb\x03oFQ\"\xf7F\xb7\vp\xb6\xe5\x92\xe2O}.\x95A\x9bH\x8d\xa1\x80\x1b\x14u\xfdK\xce\xaf\x94i\xf1s\xf7\xb8Jq\xcb3=M\x84\x7f\x181/\x9bQ|4\xaf\xcf\r\xcfz Z\x19\xad_\x13\x99\xf7\xfdOD\xd3\x9d\x9d\xb8d5g\xf1\x84\xbd\xe5\xa2\xb3\xda\x82\x10n1\xed\xba\xe3\x96\x85\"\xb6\xa6n\xe7\xfd\xd4\a\x97\x85\x810/\xc4o\x11\xc8\x1b\xc0\f\xeec\xa4\x7f|P\x00\x00\x00\x000p\xaf\xfdk\xac\xcc\xac`\xc9\a<\xadIt\x9b\xeb\x8a\xfe\x9b\aO\xa5?h\xe1B\xa8C\x8e;/\xa8\x94\x1bs\xf0\xa9>\x9e\xff\xc9\xd2@h\xcb\xfb\xb6Y\xbfp\xd8\x90\x96\xec\x83N\x8bNnx\xb6\x16Y\xf8sU\xae\xa0\b\x8cLq\n\x1f\x99t\xb6\xffozu\xa0B(\xe9?\xcdA\xba\xa8\x13Qc\xda\x16?\xe8z\x8f\x862!\xbf\xa4\xb8\x9bC\xe9Od\xe8\xd32m\x06RX\x7f\xf7\xc2\n\x94\xe5P:l\xd9\xd5\xbd\rH6-\x8a\x12m\xff\xe9\xa0\r\tk\xda\xa4q(\xae\\\xb6\x14I\xf7\xe0z\xf10xffffffffffffffff}) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') r3 = dup3(r2, r1, 0x0) fchdir(r3) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 07:40:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0x5451, 0x0) 07:40:29 executing program 1: setresuid(0xee00, 0xee00, 0xee01) msgget(0x3, 0x231) 07:40:29 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x28, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0xc2, 0x0, 0x0, 0x0, {[@generic={0x13, 0x9, "7b091c4c0b83ea"}, @window={0x3, 0x3}, @eol, @window={0x3, 0x3}, @nop]}}}}}}}}, 0x0) 07:40:29 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x3, &(0x7f0000000100), 0x8) 07:40:30 executing program 2: r0 = open(&(0x7f0000000080)='./bus\x00', 0x105042, 0x0) setrlimit(0x1, &(0x7f0000000100)={0xffffffff, 0xffffffffffffffff}) fallocate(r0, 0x0, 0x0, 0x7fffffff) utime(&(0x7f0000000340)='./bus\x00', 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) write$P9_RLOPEN(r1, 0x0, 0x0) close(r1) rt_sigreturn() mknodat$loop(r0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0) socket$inet(0x2, 0x801, 0x0) setxattr$incfs_metadata(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000240), 0x0, 0x0, 0x0) utimes(&(0x7f0000000140)='./bus\x00', 0x0) open(&(0x7f0000000180)='./file0\x00', 0x80943, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000300)=0x0) timer_settime(r2, 0x0, &(0x7f00000010c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) 07:40:30 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000)="03", 0x1, 0x0, 0x0, 0x0) writev(r0, &(0x7f0000001b40)=[{&(0x7f0000000180)="1c7de346965adfef309bb8162cb729450908886c11367068b9d7743d86d0f7b108685809e0cb2009b4370c849bfcc38b60300e9c273edb5263d36988a5b828e85edb516b298d036e108f1b2aee73f7f96e7d88c179e88e8cb749208ef04ad91ea11fe4c0f76e78b34d8ebba90c581b65baa91bc5891841a2f45fcb68b04280170b8b86dc74db95efe595f79c67f11446bde7ed4181f65cbc21345d24bd29f57b1534fc80", 0xa4}, {&(0x7f0000000740)="505f465ea6e738664cff2d801715f417bee6a0e4b7e3bdee093de3b88cc9dde7601e3cd77efc9e878d747ac1e3eeb54ad196a17b78922ce7f7fe510bf461353ec547bb6e9f8a57bd2e8e32fb158efe6d2dca9d78b81e244a61109ddc88ca337fd736e33fdcf31242232709", 0x6b}, {&(0x7f00000007c0)="93410da7cb229019bc0ece730114c8796fa69212c29c741ae45eeb05dc488436eecefd67ea54cfed062f7e0c70504e413f9d0c3ec73377ccbf4da0efdac10e42e1b69d37be3ab89eb6a4813d25fb9e743a533d2d5aa8fdb57386585f555583ae794b264a4d8c8b5678b2e2c78736007a33ceb234ec89a1215416676dfcaec066df9abf7af1e2390fdeb63782fb92d9b2df6452ffb9668a7480d1f12a056fe3a52ecbaa2b70688cd59c56e0aef9894ef9c5ea17b35691b3426720b27d32883c885322e80f1dddfd31859a5f8f20e30ff3ba9af0d0187864", 0xd7}, {&(0x7f0000000040)="378fdb2f83c28e452f9dab3f0b2a37ec10", 0x11}, {&(0x7f00000008c0)="df26b8e4a7ddc5d9f3d3938b3252849f8b48eaf8658419e2498caa3a3a291e476707c17460cd812daeee8894885ba102", 0x30}], 0x5) 07:40:30 executing program 3: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f00000000c0)=""/29, 0x1d) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f00000001c0), 0x12) socket(0x0, 0x0, 0x0) 07:40:30 executing program 1: pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = dup(r0) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) r3 = dup3(r2, r1, 0x0) write$P9_RLERROR(r3, 0x0, 0x0) write$P9_RATTACH(r3, 0x0, 0x0) 07:40:30 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, "1e2a37", 0x20, 0x21, 0x0, @rand_addr=' \x01\x00', @mcast2, {[@fragment, @routing={0xb}], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "079f20", 0x0, '#\fR'}}}}}}}, 0x0) 07:40:30 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) getrlimit(0x0, 0x0) [ 74.011566][ T5385] dccp_invalid_packet: P.Data Offset(0) too small 07:40:30 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0xe8f}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffff000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) connect$inet6(r2, &(0x7f00000014c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendto$inet6(r2, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0) sendto$inet6(r2, &(0x7f00000017c0)="ec", 0x1, 0x0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) dup3(r2, r3, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/4096, 0xfffffffffffffeea, 0x0, 0x0}, &(0x7f0000000280)=0x40) r4 = fcntl$dupfd(r3, 0x0, r3) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000021c0)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xfffffecf, 0x0, 0x0}, &(0x7f0000000340)=0x40) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r5, 0x0, 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r5, 0x0, 0x20000000}, 0x20) r6 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r6, 0x5421, &(0x7f0000000240)=0x2) connect$vsock_stream(r6, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000080)) shutdown(0xffffffffffffffff, 0x0) 07:40:30 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000dfffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) preadv(r3, &(0x7f00000004c0)=[{&(0x7f0000000280)=""/240, 0xf3}], 0x1, 0x0, 0x0) 07:40:31 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x1a, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) 07:40:31 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x0, 0x401}, 0x48) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={0x0, 0x0}) close(r2) setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x127) close(r3) 07:40:31 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='./file0\x00') r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) connect$netlink(r1, &(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS(r1, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000002c0)={&(0x7f0000000080)={0x14, 0x5, 0x1, 0x101}, 0x14}}, 0x0) readlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000012c0)=""/168, 0xa8) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x1, 0x16, 0x8, 0xd3d, 0x89}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r3}], {0x95, 0x0, 0x0, 0x7100}}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0xee, &(0x7f0000000340)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x22) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x20}, 0x20}}, 0x0) r4 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) r5 = memfd_create(0x0, 0x0) pwritev(r5, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf", 0x14a}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {0x0}], 0x6, 0x0, 0x0) sendfile(r4, r4, 0x0, 0x24002de8) 07:40:31 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) mincore(&(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/177) 07:40:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}, 0x0) 07:40:31 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r3 = socket(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$TIPC_NL_NET_SET(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x214}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2}}) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c0000001000014400eeffffffff071af7000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="6000000024000b0e000000000080000000000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff0000004508000100746266003400020008000600a4230000280001"], 0x60}}, 0x0) bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev}, 0x14) sendto$inet6(r2, &(0x7f0000000280)="41032c1ef21d480407020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0x5c13, 0x806, 0x0, 0x2f) [ 74.700693][ T28] audit: type=1326 audit(1712130031.322:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5399 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf72e3579 code=0x7ffc0000 [ 74.786527][ T28] audit: type=1326 audit(1712130031.352:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5399 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf72e3579 code=0x7ffc0000 07:40:31 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000407b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) statfs(&(0x7f0000000540)='./file1\x00', &(0x7f0000000580)=""/153) 07:40:31 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0) fallocate(r1, 0x0, 0x0, 0x8006) r2 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0) ftruncate(r2, 0x2007ffb) r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) fallocate(r3, 0x8, 0x2000, 0x7000) [ 74.877166][ T28] audit: type=1326 audit(1712130031.352:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5399 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf72e3579 code=0x7ffc0000 [ 74.915529][ T5404] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 74.969664][ T28] audit: type=1326 audit(1712130031.352:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5399 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf72e3579 code=0x7ffc0000 [ 75.013973][ C1] ================================================================== [ 75.022625][ C1] BUG: KASAN: slab-use-after-free in ip_skb_dst_mtu+0x830/0x9b0 [ 75.030460][ C1] Read of size 1 at addr ffff88807b09c012 by task syz-executor.4/5405 [ 75.038731][ C1] [ 75.041085][ C1] CPU: 1 PID: 5405 Comm: syz-executor.4 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 75.051378][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 75.061978][ T28] audit: type=1326 audit(1712130031.352:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5399 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf72e3579 code=0x7ffc0000 [ 75.062265][ C1] Call Trace: [ 75.062280][ C1] [ 75.094320][ C1] dump_stack_lvl+0x241/0x360 [ 75.099168][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.104850][ C1] ? __pfx__printk+0x10/0x10 [ 75.109573][ C1] ? _printk+0xd5/0x120 [ 75.113831][ C1] ? __virt_addr_valid+0x183/0x520 [ 75.114951][ T28] audit: type=1326 audit(1712130031.352:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5399 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf72e3579 code=0x7ffc0000 [ 75.119372][ C1] ? __virt_addr_valid+0x183/0x520 [ 75.119409][ C1] print_report+0x169/0x550 [ 75.119434][ C1] ? __virt_addr_valid+0x183/0x520 [ 75.119458][ C1] ? __virt_addr_valid+0x183/0x520 [ 75.162120][ C1] ? __virt_addr_valid+0x44e/0x520 [ 75.167529][ C1] ? __phys_addr+0xba/0x170 [ 75.172099][ C1] ? ip_skb_dst_mtu+0x830/0x9b0 [ 75.177237][ C1] kasan_report+0x143/0x180 [ 75.182178][ C1] ? ip_skb_dst_mtu+0x830/0x9b0 [ 75.187157][ C1] ip_skb_dst_mtu+0x830/0x9b0 [ 75.191954][ C1] __ip_finish_output+0x12b/0x400 [ 75.197002][ C1] ipvlan_process_v4_outbound+0x3ef/0x700 [ 75.202748][ C1] ? __pfx_ipvlan_process_v4_outbound+0x10/0x10 [ 75.209208][ C1] ? rcu_lockdep_current_cpu_online+0x37/0x120 [ 75.215908][ C1] ? ipvlan_get_L3_hdr+0x4dd/0xc30 [ 75.221415][ C1] ? skb_pull+0xc1/0x1e0 [ 75.225661][ C1] ipvlan_queue_xmit+0xaa2/0x11f0 [ 75.230774][ C1] ? __pfx_ipvlan_queue_xmit+0x10/0x10 [ 75.236253][ C1] ? netif_skb_features+0x866/0xbb0 [ 75.241723][ C1] ? validate_xmit_skb+0xa04/0x1120 [ 75.247126][ C1] ipvlan_start_xmit+0x4a/0x150 [ 75.252066][ C1] dev_hard_start_xmit+0x26a/0x790 [ 75.257188][ C1] sch_direct_xmit+0x2b6/0x5f0 [ 75.262420][ C1] ? __pfx_sch_direct_xmit+0x10/0x10 [ 75.267751][ C1] __qdisc_run+0xbed/0x2150 [ 75.272264][ C1] qdisc_run+0xda/0x270 [ 75.276917][ C1] net_tx_action+0x877/0xa30 [ 75.281592][ C1] ? net_tx_action+0x6e3/0xa30 [ 75.286536][ C1] ? __pfx_net_tx_action+0x10/0x10 [ 75.291730][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 75.298074][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 75.303819][ C1] __do_softirq+0x2bc/0x943 [ 75.308347][ C1] ? __irq_exit_rcu+0xf2/0x1c0 [ 75.313125][ C1] ? __pfx___do_softirq+0x10/0x10 [ 75.318239][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 75.323504][ C1] __irq_exit_rcu+0xf2/0x1c0 [ 75.328114][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 75.333315][ C1] irq_exit_rcu+0x9/0x30 [ 75.337755][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 75.343753][ C1] [ 75.346702][ C1] [ 75.349641][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 75.355721][ C1] RIP: 0010:deref_stack_reg+0x15/0x260 [ 75.361188][ C1] Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 49 89 d6 48 89 34 24 <48> 89 fb 49 bf 00 00 00 00 00 fc ff df e8 69 38 54 00 48 8d 6b 08 [ 75.381070][ C1] RSP: 0000:ffffc90013a0edc8 EFLAGS: 00000292 [ 75.387290][ C1] RAX: fffffffffffffff0 RBX: ffffffff900d22dc RCX: 0000000000000000 [ 75.395272][ C1] RDX: ffffc90013a0ef40 RSI: ffffc90013a0f070 RDI: ffffc90013a0ef00 [ 75.403513][ C1] RBP: ffffc90013a0ef00 R08: 0000000000000005 R09: ffffffff8140a8df [ 75.411699][ C1] R10: 0000000000000003 R11: ffff88805d6c0000 R12: ffffc90013a0f078 [ 75.419901][ C1] R13: dffffc0000000000 R14: ffffc90013a0ef40 R15: 1ffff92002741de0 [ 75.428548][ C1] ? unwind_next_frame+0x196f/0x2a00 [ 75.434048][ C1] unwind_next_frame+0x1ab8/0x2a00 [ 75.439548][ C1] ? stack_trace_save+0x118/0x1d0 [ 75.444662][ C1] ? stack_trace_save+0x118/0x1d0 [ 75.449793][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 75.456155][ C1] arch_stack_walk+0x151/0x1b0 [ 75.461204][ C1] ? save_stack+0xfb/0x1f0 [ 75.465805][ C1] stack_trace_save+0x118/0x1d0 [ 75.470954][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 75.476328][ C1] ? mark_lock+0x9a/0x350 [ 75.480705][ C1] save_stack+0xfb/0x1f0 [ 75.485053][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 75.491404][ C1] ? __pfx_save_stack+0x10/0x10 [ 75.496490][ C1] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 75.503117][ C1] ? __pfx_lock_release+0x10/0x10 [ 75.508311][ C1] __set_page_owner+0x29/0x380 [ 75.513247][ C1] post_alloc_hook+0x1ea/0x210 [ 75.518017][ C1] get_page_from_freelist+0x33ea/0x3580 [ 75.523649][ C1] ? __pfx___might_resched+0x10/0x10 [ 75.529107][ C1] ? __pfx_get_page_from_freelist+0x10/0x10 [ 75.535312][ C1] ? prepare_alloc_pages+0x362/0x5b0 [ 75.540898][ C1] __alloc_pages+0x256/0x680 [ 75.545717][ C1] ? __pfx___alloc_pages+0x10/0x10 [ 75.550826][ C1] ? policy_nodemask+0x1ec/0x720 [ 75.555844][ C1] ? __pfx_validate_chain+0x10/0x10 [ 75.561410][ C1] ? mark_lock+0x9a/0x350 [ 75.565754][ C1] alloc_pages_mpol+0x3de/0x650 [ 75.570741][ C1] ? mark_lock+0x9a/0x350 [ 75.575080][ C1] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 75.581160][ C1] vma_alloc_folio+0xf3/0x3f0 [ 75.585841][ C1] ? __pfx_vma_alloc_folio+0x10/0x10 [ 75.591281][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 75.596781][ C1] folio_prealloc+0x31/0x170 [ 75.601382][ C1] do_wp_page+0x1222/0x4c90 [ 75.605887][ C1] ? __pfx_do_wp_page+0x10/0x10 [ 75.610945][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 75.616554][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 75.621825][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 75.627033][ C1] __handle_mm_fault+0x26ad/0x72d0 [ 75.632349][ C1] ? reacquire_held_locks+0x3eb/0x690 [ 75.637759][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 75.643243][ C1] ? __pfx_reacquire_held_locks+0x10/0x10 [ 75.649014][ C1] ? mtree_range_walk+0x6fd/0x8e0 [ 75.654394][ C1] ? lock_vma_under_rcu+0x18a/0x730 [ 75.659674][ C1] ? __pfx_lock_release+0x10/0x10 [ 75.664692][ C1] ? lock_vma_under_rcu+0x2f9/0x730 [ 75.670002][ C1] ? lock_vma_under_rcu+0x18a/0x730 [ 75.675404][ C1] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 75.681661][ C1] handle_mm_fault+0x3c2/0x8a0 [ 75.686711][ C1] exc_page_fault+0x446/0x890 [ 75.691840][ C1] asm_exc_page_fault+0x26/0x30 [ 75.696693][ C1] RIP: 0023:0xf7304fea [ 75.700758][ C1] Code: 75 ee 8b 44 24 48 89 28 83 c4 2c 5b 5e 5f 5d c3 8b 7c 24 10 89 ee e9 a8 fd ff ff 8d 74 26 00 90 8b 44 24 08 8b 7c 24 10 89 ee <89> 1c 88 e9 91 fe ff ff 8d b6 00 00 00 00 39 f5 74 9d 8d 7e 10 39 [ 75.720588][ C1] RSP: 002b:00000000f7584a40 EFLAGS: 00010246 [ 75.727981][ C1] RAX: 00000000f7455000 RBX: 0000000081a4e937 RCX: 0000000000000937 [ 75.736155][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000081a4e05d [ 75.744585][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 75.752586][ C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 75.760558][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 75.769403][ C1] [ 75.772533][ C1] [ 75.774863][ C1] Allocated by task 5404: [ 75.779272][ C1] kasan_save_track+0x3f/0x80 [ 75.784240][ C1] __kasan_kmalloc+0x98/0xb0 [ 75.789473][ C1] __kmalloc+0x233/0x4a0 [ 75.793864][ C1] sk_prot_alloc+0xe0/0x210 [ 75.798409][ C1] sk_alloc+0x38/0x370 [ 75.802603][ C1] packet_create+0x104/0x790 [ 75.807236][ C1] __sock_create+0x490/0x920 [ 75.811836][ C1] __sys_socket+0x150/0x3c0 [ 75.816423][ C1] __ia32_sys_socket+0x7a/0x90 [ 75.821892][ C1] __do_fast_syscall_32+0xbe/0x120 [ 75.827013][ C1] do_fast_syscall_32+0x34/0x80 [ 75.831989][ C1] entry_SYSENTER_compat_after_hwframe+0x7a/0x84 [ 75.838368][ C1] [ 75.840776][ C1] Freed by task 5405: [ 75.844853][ C1] kasan_save_track+0x3f/0x80 [ 75.849559][ C1] kasan_save_free_info+0x40/0x50 [ 75.854683][ C1] poison_slab_object+0xa6/0xe0 [ 75.859620][ C1] __kasan_slab_free+0x37/0x60 [ 75.864747][ C1] kfree+0x14a/0x380 [ 75.868935][ C1] __sk_destruct+0x476/0x5f0 [ 75.873639][ C1] ip_defrag+0x20a/0x26b0 [ 75.878299][ C1] ipv4_conntrack_defrag+0x3de/0x5a0 [ 75.883640][ C1] nf_hook_slow+0xc3/0x220 [ 75.888079][ C1] nf_hook+0x2c4/0x450 [ 75.892332][ C1] __ip_local_out+0x3d9/0x4e0 [ 75.897029][ C1] ip_local_out+0x26/0x70 [ 75.901718][ C1] ipvlan_process_v4_outbound+0x3ef/0x700 [ 75.907530][ C1] ipvlan_queue_xmit+0xaa2/0x11f0 [ 75.913090][ C1] ipvlan_start_xmit+0x4a/0x150 [ 75.918544][ C1] dev_hard_start_xmit+0x26a/0x790 [ 75.923825][ C1] sch_direct_xmit+0x2b6/0x5f0 [ 75.928871][ C1] __qdisc_run+0xbed/0x2150 [ 75.933368][ C1] qdisc_run+0xda/0x270 [ 75.937604][ C1] net_tx_action+0x877/0xa30 [ 75.943486][ C1] __do_softirq+0x2bc/0x943 [ 75.947980][ C1] [ 75.950293][ C1] The buggy address belongs to the object at ffff88807b09c000 [ 75.950293][ C1] which belongs to the cache kmalloc-4k of size 4096 [ 75.964483][ C1] The buggy address is located 18 bytes inside of [ 75.964483][ C1] freed 4096-byte region [ffff88807b09c000, ffff88807b09d000) [ 75.978546][ C1] [ 75.980946][ C1] The buggy address belongs to the physical page: [ 75.987712][ C1] page:ffffea0001ec2600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b098 [ 75.998401][ C1] head:ffffea0001ec2600 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 76.007944][ C1] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 76.016483][ C1] page_type: 0xffffffff() [ 76.021122][ C1] raw: 00fff00000000840 ffff888014c42140 dead000000000122 0000000000000000 [ 76.030012][ C1] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 76.038872][ C1] page dumped because: kasan: bad access detected [ 76.046817][ C1] page_owner tracks the page as allocated [ 76.052703][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5098, tgid 5098 (syz-executor.1), ts 74873330040, free_ts 74855963274 [ 76.075823][ C1] post_alloc_hook+0x1ea/0x210 [ 76.080808][ C1] get_page_from_freelist+0x33ea/0x3580 [ 76.086435][ C1] __alloc_pages+0x256/0x680 [ 76.091058][ C1] alloc_slab_page+0x5f/0x160 [ 76.095901][ C1] new_slab+0x84/0x2f0 [ 76.100398][ C1] ___slab_alloc+0xc73/0x1260 [ 76.105421][ C1] __kmalloc+0x2e5/0x4a0 [ 76.109756][ C1] tomoyo_realpath_from_path+0xcf/0x5e0 [ 76.115383][ C1] tomoyo_check_open_permission+0x255/0x500 [ 76.121467][ C1] security_file_open+0x69/0x570 [ 76.126408][ C1] do_dentry_open+0x327/0x15a0 [ 76.131528][ C1] path_openat+0x2860/0x3240 [ 76.136411][ C1] do_filp_open+0x235/0x490 [ 76.141740][ C1] do_sys_openat2+0x13e/0x1d0 [ 76.146526][ C1] __ia32_compat_sys_openat+0x23f/0x290 [ 76.152255][ C1] __do_fast_syscall_32+0xbe/0x120 [ 76.157546][ C1] page last free pid 5057 tgid 5057 stack trace: [ 76.164035][ C1] free_unref_page_prepare+0x968/0xa90 [ 76.169583][ C1] free_unref_page+0x37/0x3f0 [ 76.174455][ C1] __put_partials+0xeb/0x130 [ 76.179209][ C1] put_cpu_partial+0x17c/0x250 [ 76.184495][ C1] __slab_free+0x2ea/0x3d0 [ 76.189013][ C1] qlist_free_all+0x5e/0xc0 [ 76.193508][ C1] kasan_quarantine_reduce+0x14f/0x170 [ 76.199099][ C1] __kasan_slab_alloc+0x23/0x80 [ 76.204030][ C1] kmem_cache_alloc_node+0x194/0x380 [ 76.209481][ C1] __alloc_skb+0x1c3/0x440 [ 76.214259][ C1] tcp_stream_alloc_skb+0x3d/0x310 [ 76.219487][ C1] tcp_sendmsg_locked+0xd94/0x4d00 [ 76.224795][ C1] tcp_sendmsg+0x30/0x50 [ 76.229252][ C1] __sock_sendmsg+0x1a6/0x270 [ 76.234107][ C1] sock_write_iter+0x2dd/0x400 [ 76.239999][ C1] vfs_write+0xa84/0xcb0 [ 76.245326][ C1] [ 76.247681][ C1] Memory state around the buggy address: [ 76.253303][ C1] ffff88807b09bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.261974][ C1] ffff88807b09bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.270514][ C1] >ffff88807b09c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.278746][ C1] ^ [ 76.283549][ C1] ffff88807b09c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.291692][ C1] ffff88807b09c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.300205][ C1] ================================================================== [ 76.308562][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 76.315954][ C1] CPU: 1 PID: 5405 Comm: syz-executor.4 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 76.326230][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 76.339813][ C1] Call Trace: [ 76.343388][ C1] [ 76.347033][ C1] dump_stack_lvl+0x241/0x360 [ 76.352892][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.358413][ C1] ? __pfx__printk+0x10/0x10 [ 76.363058][ C1] ? vscnprintf+0x5d/0x90 [ 76.367426][ C1] panic+0x349/0x860 [ 76.371370][ C1] ? check_panic_on_warn+0x21/0xb0 [ 76.376510][ C1] ? __pfx_panic+0x10/0x10 [ 76.381396][ C1] ? mark_lock+0x9a/0x350 [ 76.385931][ C1] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 76.392669][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 76.398781][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 76.405599][ C1] ? print_report+0x502/0x550 [ 76.410470][ C1] check_panic_on_warn+0x86/0xb0 [ 76.415585][ C1] ? ip_skb_dst_mtu+0x830/0x9b0 [ 76.420574][ C1] end_report+0x6e/0x140 [ 76.424880][ C1] kasan_report+0x154/0x180 [ 76.429432][ C1] ? ip_skb_dst_mtu+0x830/0x9b0 [ 76.434430][ C1] ip_skb_dst_mtu+0x830/0x9b0 [ 76.439248][ C1] __ip_finish_output+0x12b/0x400 [ 76.444324][ C1] ipvlan_process_v4_outbound+0x3ef/0x700 [ 76.450344][ C1] ? __pfx_ipvlan_process_v4_outbound+0x10/0x10 [ 76.456815][ C1] ? rcu_lockdep_current_cpu_online+0x37/0x120 [ 76.463543][ C1] ? ipvlan_get_L3_hdr+0x4dd/0xc30 [ 76.468784][ C1] ? skb_pull+0xc1/0x1e0 [ 76.473223][ C1] ipvlan_queue_xmit+0xaa2/0x11f0 [ 76.478304][ C1] ? __pfx_ipvlan_queue_xmit+0x10/0x10 [ 76.484251][ C1] ? netif_skb_features+0x866/0xbb0 [ 76.489588][ C1] ? validate_xmit_skb+0xa04/0x1120 [ 76.495809][ C1] ipvlan_start_xmit+0x4a/0x150 [ 76.500822][ C1] dev_hard_start_xmit+0x26a/0x790 [ 76.506519][ C1] sch_direct_xmit+0x2b6/0x5f0 [ 76.511700][ C1] ? __pfx_sch_direct_xmit+0x10/0x10 [ 76.517327][ C1] __qdisc_run+0xbed/0x2150 [ 76.521963][ C1] qdisc_run+0xda/0x270 [ 76.526243][ C1] net_tx_action+0x877/0xa30 [ 76.530970][ C1] ? net_tx_action+0x6e3/0xa30 [ 76.535772][ C1] ? __pfx_net_tx_action+0x10/0x10 [ 76.541181][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 76.547670][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 76.553183][ C1] __do_softirq+0x2bc/0x943 [ 76.557905][ C1] ? __irq_exit_rcu+0xf2/0x1c0 [ 76.562879][ C1] ? __pfx___do_softirq+0x10/0x10 [ 76.568507][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 76.573858][ C1] __irq_exit_rcu+0xf2/0x1c0 [ 76.578538][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 76.584690][ C1] irq_exit_rcu+0x9/0x30 [ 76.589182][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 76.600281][ C1] [ 76.603204][ C1] [ 76.606127][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 76.612426][ C1] RIP: 0010:deref_stack_reg+0x15/0x260 [ 76.618196][ C1] Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 49 89 d6 48 89 34 24 <48> 89 fb 49 bf 00 00 00 00 00 fc ff df e8 69 38 54 00 48 8d 6b 08 [ 76.637916][ C1] RSP: 0000:ffffc90013a0edc8 EFLAGS: 00000292 [ 76.644085][ C1] RAX: fffffffffffffff0 RBX: ffffffff900d22dc RCX: 0000000000000000 [ 76.652662][ C1] RDX: ffffc90013a0ef40 RSI: ffffc90013a0f070 RDI: ffffc90013a0ef00 [ 76.660842][ C1] RBP: ffffc90013a0ef00 R08: 0000000000000005 R09: ffffffff8140a8df [ 76.669393][ C1] R10: 0000000000000003 R11: ffff88805d6c0000 R12: ffffc90013a0f078 [ 76.677919][ C1] R13: dffffc0000000000 R14: ffffc90013a0ef40 R15: 1ffff92002741de0 [ 76.686472][ C1] ? unwind_next_frame+0x196f/0x2a00 [ 76.692306][ C1] unwind_next_frame+0x1ab8/0x2a00 [ 76.698226][ C1] ? stack_trace_save+0x118/0x1d0 [ 76.703441][ C1] ? stack_trace_save+0x118/0x1d0 [ 76.708642][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 76.714894][ C1] arch_stack_walk+0x151/0x1b0 [ 76.719916][ C1] ? save_stack+0xfb/0x1f0 [ 76.724503][ C1] stack_trace_save+0x118/0x1d0 [ 76.729548][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 76.735015][ C1] ? mark_lock+0x9a/0x350 [ 76.739356][ C1] save_stack+0xfb/0x1f0 [ 76.743858][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 76.750265][ C1] ? __pfx_save_stack+0x10/0x10 [ 76.755374][ C1] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 76.762139][ C1] ? __pfx_lock_release+0x10/0x10 [ 76.767478][ C1] __set_page_owner+0x29/0x380 [ 76.772327][ C1] post_alloc_hook+0x1ea/0x210 [ 76.777172][ C1] get_page_from_freelist+0x33ea/0x3580 [ 76.783112][ C1] ? __pfx___might_resched+0x10/0x10 [ 76.788492][ C1] ? __pfx_get_page_from_freelist+0x10/0x10 [ 76.794559][ C1] ? prepare_alloc_pages+0x362/0x5b0 [ 76.800483][ C1] __alloc_pages+0x256/0x680 [ 76.805352][ C1] ? __pfx___alloc_pages+0x10/0x10 [ 76.810602][ C1] ? policy_nodemask+0x1ec/0x720 [ 76.815641][ C1] ? __pfx_validate_chain+0x10/0x10 [ 76.820862][ C1] ? mark_lock+0x9a/0x350 [ 76.825278][ C1] alloc_pages_mpol+0x3de/0x650 [ 76.830305][ C1] ? mark_lock+0x9a/0x350 [ 76.834916][ C1] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 76.840307][ C1] vma_alloc_folio+0xf3/0x3f0 [ 76.845186][ C1] ? __pfx_vma_alloc_folio+0x10/0x10 [ 76.850464][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 76.855689][ C1] folio_prealloc+0x31/0x170 [ 76.860385][ C1] do_wp_page+0x1222/0x4c90 [ 76.865057][ C1] ? __pfx_do_wp_page+0x10/0x10 [ 76.869898][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 76.874914][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 76.879960][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 76.885329][ C1] __handle_mm_fault+0x26ad/0x72d0 [ 76.890793][ C1] ? reacquire_held_locks+0x3eb/0x690 [ 76.896242][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 76.901794][ C1] ? __pfx_reacquire_held_locks+0x10/0x10 [ 76.907688][ C1] ? mtree_range_walk+0x6fd/0x8e0 [ 76.912733][ C1] ? lock_vma_under_rcu+0x18a/0x730 [ 76.918010][ C1] ? __pfx_lock_release+0x10/0x10 [ 76.923445][ C1] ? lock_vma_under_rcu+0x2f9/0x730 [ 76.928729][ C1] ? lock_vma_under_rcu+0x18a/0x730 [ 76.934015][ C1] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 76.939649][ C1] handle_mm_fault+0x3c2/0x8a0 [ 76.944449][ C1] exc_page_fault+0x446/0x890 [ 76.949276][ C1] asm_exc_page_fault+0x26/0x30 [ 76.954363][ C1] RIP: 0023:0xf7304fea [ 76.958426][ C1] Code: 75 ee 8b 44 24 48 89 28 83 c4 2c 5b 5e 5f 5d c3 8b 7c 24 10 89 ee e9 a8 fd ff ff 8d 74 26 00 90 8b 44 24 08 8b 7c 24 10 89 ee <89> 1c 88 e9 91 fe ff ff 8d b6 00 00 00 00 39 f5 74 9d 8d 7e 10 39 [ 76.979847][ C1] RSP: 002b:00000000f7584a40 EFLAGS: 00010246 [ 76.986036][ C1] RAX: 00000000f7455000 RBX: 0000000081a4e937 RCX: 0000000000000937 [ 76.994130][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000081a4e05d [ 77.002407][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 77.010601][ C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 77.018760][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 77.027021][ C1] [ 77.030544][ C1] Kernel Offset: disabled [ 77.035038][ C1] Rebooting in 86400 seconds..