last executing test programs: 1.91097473s ago: executing program 2 (id=3222): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x1000004, 0x8, 0x7, 0x2090, 0xffffffffffffffff, 0x3fffffc}, 0x48) socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x2, 0x3a) r0 = getpid() syz_open_procfs$namespace(r0, &(0x7f0000000000)) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000001, 0x1}, 0x0, 0xffff, 0x200000, 0x0, 0x0, 0x0, 0x3}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1004c}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8948, &(0x7f0000000000)='lo:\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x00 \'Y\x17]\x15c\xcaR\xdd\x98OGK\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\xf5\a\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'5\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\x06\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf1\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5\xdcZ\xb9\xd7Z\x88\x9b\xdff[\x90\xfa\x9a{b\xf4Dq') r1 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe0000240013"], 0xfe33) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x6, 0xa}, 0x48) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000), 0x8) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$kcm(0xa, 0x2, 0x0) 1.748022642s ago: executing program 0 (id=3224): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xa9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b27c105d25a806c8c6f94f90424fc6004", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0) openat$cgroup_ro(r2, 0x0, 0x7a05, 0x1700) sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) recvmsg$kcm(r2, &(0x7f0000002940)={0x0, 0x0, 0x0, 0x7cbad08df9b8f0fb, 0x0, 0xfffffffffffffe79}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20004808) sendmsg$sock(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000)=[@timestamping={{0x14}}], 0x18}, 0x100080c0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000004000000200000000000950000000000000096950d3cca3010466743a7ca047cdaafdbaf85633764ce1d8b66c036d2a5fab31fb496080000009af6cd502ae96522cbf8c0add5fabe861cc620906b68c447cd7d9a77f352927de1d805e5c59a54625c9d414e689f1e944987a4f2465ef2e0d8d4a9e0be64610c2b4403fab4fa62754ef0e17bc12d0ae7c695f016b24a0e808ad385e4b4e904cf2972744c82bc16d579b8bd83b5d6cc1219495b71b7ab075f4c95197135435e5181a683ae6924d23cb8addc09854dba84aca56ace6711b5e6869ac4283a716bc2d9431055c6df97e096e347bdd97dc6193ad3643b6ce42a6e0bf1580124c33dae1339"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r4, 0x400454d9, 0x0) 1.568511615s ago: executing program 2 (id=3227): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)}, 0x0) 1.436861865s ago: executing program 2 (id=3231): perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x7602}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000280), 0x9) r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000c40), 0x12) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f0000000080), 0x12) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1.346904172s ago: executing program 0 (id=3235): r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="a8832c90653739a5f7cb825da60290"], &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x1}, 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r3 = socket$kcm(0xa, 0x2, 0x88) sendmsg$inet(r3, &(0x7f0000001600)={&(0x7f0000000280)={0x2, 0x4e21, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x33}, @multicast1}}}], 0x20}, 0x8000) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="6464faacc237eec22e35f208f1548f9a8eb3ae4a41188b551ff0b17793fc95451d7bf7292f59b73100de36b0d83316a8aba97fe2ab463c2d0141349f7f713a32666ec36d744e485ff16d9df6b2798f0f355992f50b6a02bd7cda29d01f8cfd41ad460158a941fe3d4965d4f3db454adb4358abe9fd35a2a1cf00e09baebbbd274cd896fd2d37250557403e7ca163e4efbedd817c939cc462f7ae", 0x9a}, {&(0x7f0000000580)="553d8fd084e8fcd9269719c4bb46e4dbc0666565558a0e4f6ef1b4f4b61f748bd2e36ae3d9616881bd2bf0a5804b399043ab2d69eb3d9fe0ae04b6931fc4cf59ac0817fdfb8417c138fd03498fed1ba8a71f14196e3161e7a36a43d93943f151527a654b0ddd8bd8a70bf39f59201e73bd78e0bd1a9ef66df12ab6e50d83f42030a7cac15c80f1af756cdecd23c32584d644f93f48248dedd077e66a1aa5da66c4a851488d54fdd057c25203daf5773dc0593a9255372444be7ed56eba7208ad0ed50d2d005e40afba", 0xc9}, {&(0x7f0000000380)="4e5ddce9967d322fd72c76cc1cf9df1ca1283402e96fd3d4a1c36145158d578463273b2b33acfdf11594c7e22c611935b46a54a2b54d48e70667af064efe5d5adbd4211ebc61f51c7587ad49595ee4dfe065b33848d124cb89992a51898f830140eb175055f661eb9ec3b21e7cc64710ea55b5f3f705ef4a1002227507b6c44e00ad58c376db0b", 0x87}, {&(0x7f0000003000)="8ead69a706710a6c13821f1d0031f367f96619bc8d748da2faa4633b88e765cd1e187d755205e0538ed1fd751de5bb2e90183c417cc4265041dc124a2573dbf7706eb437f6079c576d1542614896a0a29f945233818244172c3e11d0a234bcbdfec611e43a6bf54c4283a9c7bfd2722d1fafd2fe5ecdfe8785c0fcf385cd35a7bfbca8150dea75b3e308db04a8a104560e21135827e15ed6c8b47323a23a436430d6935dec49f1ff1deea5c3bb324aa789d34d2f1e950fdd39742eb28ff62e07c059474d3ba684fd62a263063c39752170aa7ffb00b3e0c10061f306f971a320965888ae94db417e68b9b43ae51fc8203f45ba40293fbe32b09d3448590a98e2ad672fd10b01ded13140c04f02a2211c98d49245676cd76fc29e916f8cf1e6e81e18dba58f70de717c5c0ce5f8b4d70a4e69510db8fe33493ecc70de24219b4f4e55e796ee85dc244cc5f4d483237625875e895cdf151bb5c59e772904b2d979dce286a485fbe78f240acae978ad285c171fe485a1b34bb366e17a17b8ea89573ba3a3f22e0597c0e305b1ac69f2ac02cb82e22dec52e3b4fc0795c9d520886f70b3fc7a1cd032a6631cb1447b648d463e264dd01e468384555413e9813a08b861fcdcfa3df4a23ddd97b4de6c3e8bba561d3530e4b9d9b4a550a25a611366ebed8ca45e18a1dc14c3ead0c7da9b350565ace5e032f6027daa9c65b12bfbb490026ba6d476dda813d465ea7c30607148e8fb658cf13470a5efeda1b66c7729cf66f233762448d28aa80b6fb53aa6cf5cf6c2d2526dd097778a28cb2f991da353e83c35d25f283524bec4560bace4ef3234e7c2a1ffdcda0104d3f0058fcde9822f38e5bb775bf819d3e0f59f1318139ee133884653d1dd7b47749494378a8106da85645798fc73181a6f77e520b75556d99df550d71f44ea1c707fbad83488a950c93e68de5f75c32703c3e77dfc60e85fe574ed537938218c0d500b883c1493c608ff1bd2bcf368286834fb3ac73c7b28feda8b3aaba2e64a77ff32431a596dbcbc81544bfc666a750d01e5cc3f7677a4c8370e72021d0065dbf909d22924f6206b505f20e475a23e634f9ac576a4ee9146a93f835e911bd367e58add6986bae187031779725e6831a13049a1327631d34852f3def0e1989a79e5ee332a0409d2eb9b116927dd36226ac2553d3ae84ec5af760c388d98b7b6cfe30b59d8dcd50385717e2b6ac117d125f32817aec2c06374a711a3a2fdf799d965366dfca45945cdc954476942e037ecbb9a2e84f7851b3d406d3f07a9e7c9b0c5a24d36bdca44a6f5427bba98c2676f570dd3a69479a29f91cad3fb966a717afadc99ee503d6eef40686d9039ef9f0a8a676d", 0x3cd}], 0x4}, 0x0) 1.253603219s ago: executing program 4 (id=3236): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xa9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b27c105d25a806c8c6f94f90424fc6004", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0) openat$cgroup_ro(r2, 0x0, 0x7a05, 0x1700) sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) recvmsg$kcm(r2, &(0x7f0000002940)={0x0, 0x0, 0x0, 0x7cbad08df9b8f0fb, 0x0, 0xfffffffffffffe79}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20004808) sendmsg$sock(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000)=[@timestamping={{0x14}}], 0x18}, 0x100080c0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000004000000200000000000950000000000000096950d3cca3010466743a7ca047cdaafdbaf85633764ce1d8b66c036d2a5fab31fb496080000009af6cd502ae96522cbf8c0add5fabe861cc620906b68c447cd7d9a77f352927de1d805e5c59a54625c9d414e689f1e944987a4f2465ef2e0d8d4a9e0be64610c2b4403fab4fa62754ef0e17bc12d0ae7c695f016b24a0e808ad385e4b4e904cf2972744c82bc16d579b8bd83b5d6cc1219495b71b7ab075f4c95197135435e5181a683ae6924d23cb8addc09854dba84aca56ace6711b5e6869ac4283a716bc2d9431055c6df97e096e347bdd97dc6193ad3643b6ce42a6e0bf1580124c33dae1339"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r4, 0x400454d9, 0x0) 1.248952909s ago: executing program 1 (id=3237): perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0) syz_clone(0x1100, 0x0, 0x0, 0x0, 0x0, 0x0) 1.248515729s ago: executing program 2 (id=3238): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xa9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b27c105d25a806c8c6f94f90424fc6004", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0) openat$cgroup_ro(r2, 0x0, 0x7a05, 0x1700) sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) recvmsg$kcm(r2, &(0x7f0000002940)={0x0, 0x0, 0x0, 0x7cbad08df9b8f0fb, 0x0, 0xfffffffffffffe79}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20004808) sendmsg$sock(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000)=[@timestamping={{0x14}}], 0x18}, 0x100080c0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000004000000200000000000950000000000000096950d3cca3010466743a7ca047cdaafdbaf85633764ce1d8b66c036d2a5fab31fb496080000009af6cd502ae96522cbf8c0add5fabe861cc620906b68c447cd7d9a77f352927de1d805e5c59a54625c9d414e689f1e944987a4f2465ef2e0d8d4a9e0be64610c2b4403fab4fa62754ef0e17bc12d0ae7c695f016b24a0e808ad385e4b4e904cf2972744c82bc16d579b8bd83b5d6cc1219495b71b7ab075f4c95197135435e5181a683ae6924d23cb8addc09854dba84aca56ace6711b5e6869ac4283a716bc2d9431055c6df97e096e347bdd97dc6193ad3643b6ce42a6e0bf1580124c33dae1339"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r4, 0x400454d9, 0x0) 1.163635475s ago: executing program 0 (id=3239): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x11}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x202, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000003800)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb01001800000000000000200000002000000002000000000000000100000d000000000000000002000000000000000000000a02000000000068c31f3e23098c3d24c8a055ba060dca62ef6f3b4b1a71c7b0cc4ca542b708e29b211a9943a1f0a5653886ca6990878c5a1539f6a5cc265b9fea79d1aa2285fd686c1bded29bc7be4d2173e4fdd726b6501983655bd1bb8d64b807b8400253adfd698d68809a44ac4d08090b4c9d6496363c7c3123fdcfc53dd917c6883571542c563f185f8eaa276e"], &(0x7f0000003740)=""/138, 0x3a, 0x8a, 0x1}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r4, 0x0, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x21, &(0x7f0000000540), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) sendmsg$tipc(r4, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$tipc(r3, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x2, 0x5, 0x84) r5 = socket$kcm(0xa, 0x2, 0x0) sendmsg$inet(r5, 0x0, 0xaf67) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7040000080000008500000049000000"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r7, 0x18000000000002a0, 0xb, 0x0, &(0x7f0000000040)="76389e6a65585578f830e9", 0x0, 0x7fffffff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.163278605s ago: executing program 3 (id=3240): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x400}, 0x0, 0xfffffffffffbffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r2, &(0x7f0000000640)=ANY=[@ANYRES64], 0xfdef) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82ff0800000000a6020000f8ffffffb703000008000000b70300000000000085000000330000009509ac5cf55a420233ed7dd1488d338c788b5a16199b3a3402122d982b4a035a9065514738131d5237319d1693446e737de6a937cac36175c2e206c90cf935198328544d0de5bf9012a8da785decf4e709"], &(0x7f0000000180)='GPL\x00', 0x0, 0x2e, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x3}, 0x8}, 0x90) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r4, 0xffffffffffffffff}, 0x4) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="00000000a50000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x39}, 0xff32, 0x0}, 0xe07e872420dfefca) recvmsg(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000500)}, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0xe, 0x3, &(0x7f0000000500)=ANY=[@ANYRESOCT=r5, @ANYBLOB="850000000000009500000000000000b4a8b1541206000000e9c79077fa15baa61299de54cf77c9062c30bc068829afff36b3000000000000000000"], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r8, 0x2000000, 0x16, 0x0, &(0x7f00000004c0)="5cdd30", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r9 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="d80000001800eb054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00060004010c00080008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cb8b4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e002c2a73ae028d1b34ff4f8cc430bb5a360db598262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d930000", 0xd8}], 0x1}, 0x0) socket$kcm(0x2, 0x200000000000001, 0x0) 834.877619ms ago: executing program 4 (id=3241): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x13, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="deaa00000000000071106900000000009500080000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x80) sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="350400002d000511d25a80648c63940d0324dc60040335400c00020001a6092035153e370cc5263f0b5cf0690401", 0x2e}, {&(0x7f0000000a40)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319129c48853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f329d71fe6e291fb2eaa59b9636cb6a74d0deb46a18c77f37abf0894a7083e0e4c237ff7c24872668ac40e307569a975b2765af8d3268d11b473d5d7544edd1ed0e507c319e128daf7e75c349c9b3de603580d52a6c118acf924216130364bfab8d59969e4dbee0a9208adb7bfa855556be06a666334a0612e4ff3fc6f4ddb9a0c209301081f34824496480d688ae9bd0c3c28ea8ecfe01a2b86dcb3750686a89891d9abf0d584c854b4bc6096293fbc8707312f424996361ef9261ef3ba7cd2ddffb0e3c81e6b962d680e02f7a672dc2643cc24ad64d86fb4780827ca784a8af3376c2567bfde74dc50e16c81b71450af026459e2c37d94b8461b56ff944edc1a8cd93d0258fcc2f094615c152be66884103af11ff46315cdc9f", 0x407}], 0x2}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) r3 = socket$kcm(0x11, 0x200000000000002, 0x300) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cgroup.controllers\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r3, 0x107, 0x12, &(0x7f00000001c0)=r4, 0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c411055585b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec82ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff000000009d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a85430600f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00"/2248], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x18000000000002a0, 0x4c, 0x0, &(0x7f0000000080)="b9bf03076808268cb89e14f089061be0ffff00fe4000632f77fbac141416e000004062079f4bb316c4ec720504bb1b7d3cc8adee0c8e6f26775219849f4eedd339a066446eaf655d1525f7a1", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="d80000001c0081064e81f782db44b9040a1d08040000000000000aa1180015000600142603600e1208000f0000810401a8001600200001400300000007600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a08400e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112}) ioctl$TUNATTACHFILTER(r6, 0x401054d5, &(0x7f00000000c0)={0x2, &(0x7f00000002c0)=[{0x20, 0x0, 0x0, 0xfffff008}, {0x6}]}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x11, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb010018000000001800000018000000000000000000a6"], 0x0, 0x32}, 0x20) socket$kcm(0x10, 0x400000002, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r7, &(0x7f0000000080)=ANY=[], 0xfe33) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x0, 0x0, 0x0, 0x5}, 0x90) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 834.645679ms ago: executing program 1 (id=3242): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)}, 0x0) 834.149129ms ago: executing program 2 (id=3243): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0x54}, 0x20) 834.039479ms ago: executing program 3 (id=3244): r0 = socket$kcm(0x10, 0x2, 0x4) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file0\x00', 0x0, 0x4018, r0}, 0x18) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000000c0)={r0, r1}) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x300, &(0x7f0000000900)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000017f03e3f700000fff6ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010004080c00bdad01409bbc7a46e39a54cbbda812176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0x7}, 0x0) 688.81356ms ago: executing program 1 (id=3245): r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="a8832c90653739a5f7cb825da60290"], &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x1}, 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r3 = socket$kcm(0xa, 0x2, 0x88) sendmsg$inet(r3, &(0x7f0000001600)={&(0x7f0000000280)={0x2, 0x4e21, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x33}, @multicast1}}}], 0x20}, 0x8000) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="6464faacc237eec22e35f208f1548f9a8eb3ae4a41188b551ff0b17793fc95451d7bf7292f59b73100de36b0d83316a8aba97fe2ab463c2d0141349f7f713a32666ec36d744e485ff16d9df6b2798f0f355992f50b6a02bd7cda29d01f8cfd41ad460158a941fe3d4965d4f3db454adb4358abe9fd35a2a1cf00e09baebbbd274cd896fd2d37250557403e7ca163e4efbedd817c939cc462f7ae485be74051531a4ed1aa", 0xa4}, {&(0x7f0000000580)="553d8fd084e8fcd9269719c4bb46e4dbc0666565558a0e4f6ef1b4f4b61f748bd2e36ae3d9616881bd2bf0a5804b399043ab2d69eb3d9fe0ae04b6931fc4cf59ac0817fdfb8417c138fd03498fed1ba8a71f14196e3161e7a36a43d93943f151527a654b0ddd8bd8a70bf39f59201e73bd78e0bd1a9ef66df12ab6e50d83f42030a7cac15c80f1af756cdecd23c32584d644f93f48248dedd077e66a1aa5da66c4a851488d54fdd057c25203daf5773dc0593a9255372444be7ed56eba7208ad0ed50d2d005e40af", 0xc8}, {&(0x7f0000000380)="4e5ddce9967d322fd72c76cc1cf9df1ca1283402e96fd3d4a1c36145158d578463273b2b33acfdf11594c7e22c611935b46a54a2b54d48e70667af064efe5d5adbd4211ebc61f51c7587ad49595ee4dfe065b33848d124cb89992a51898f830140eb175055f661eb9ec3b21e7cc64710ea55b5f3f705ef4a1002227507b6c44e00ad58c376db0b", 0x87}, {&(0x7f0000003000)="8ead69a706710a6c13821f1d0031f367f96619bc8d748da2faa4633b88e765cd1e187d755205e0538ed1fd751de5bb2e90183c417cc4265041dc124a2573dbf7706eb437f6079c576d1542614896a0a29f945233818244172c3e11d0a234bcbdfec611e43a6bf54c4283a9c7bfd2722d1fafd2fe5ecdfe8785c0fcf385cd35a7bfbca8150dea75b3e308db04a8a104560e21135827e15ed6c8b47323a23a436430d6935dec49f1ff1deea5c3bb324aa789d34d2f1e950fdd39742eb28ff62e07c059474d3ba684fd62a263063c39752170aa7ffb00b3e0c10061f306f971a320965888ae94db417e68b9b43ae51fc8203f45ba40293fbe32b09d3448590a98e2ad672fd10b01ded13140c04f02a2211c98d49245676cd76fc29e916f8cf1e6e81e18dba58f70de717c5c0ce5f8b4d70a4e69510db8fe33493ecc70de24219b4f4e55e796ee85dc244cc5f4d483237625875e895cdf151bb5c59e772904b2d979dce286a485fbe78f240acae978ad285c171fe485a1b34bb366e17a17b8ea89573ba3a3f22e0597c0e305b1ac69f2ac02cb82e22dec52e3b4fc0795c9d520886f70b3fc7a1cd032a6631cb1447b648d463e264dd01e468384555413e9813a08b861fcdcfa3df4a23ddd97b4de6c3e8bba561d3530e4b9d9b4a550a25a611366ebed8ca45e18a1dc14c3ead0c7da9b350565ace5e032f6027daa9c65b12bfbb490026ba6d476dda813d465ea7c30607148e8fb658cf13470a5efeda1b66c7729cf66f233762448d28aa80b6fb53aa6cf5cf6c2d2526dd097778a28cb2f991da353e83c35d25f283524bec4560bace4ef3234e7c2a1ffdcda0104d3f0058fcde9822f38e5bb775bf819d3e0f59f1318139ee133884653d1dd7b47749494378a8106da85645798fc73181a6f77e520b75556d99df550d71f44ea1c707fbad83488a950c93e68de5f75c32703c3e77dfc60e85fe574ed537938218c0d500b883c1493c608ff1bd2bcf368286834fb3ac73c7b28feda8b3aaba2e64a77ff32431a596dbcbc81544bfc666a750d01e5cc3f7677a4c8370e72021d0065dbf909d22924f6206b505f20e475a23e634f9ac576a4ee9146a93f835e911bd367e58add6986bae187031779725e6831a13049a1327631d34852f3def0e1989a79e5ee332a0409d2eb9b116927dd36226ac2553d3ae84ec5af760c388d98b7b6cfe30b59d8dcd50385717e2b6ac117d125f32817aec2c06374a711a3a2fdf799d965366dfca45945cdc954476942e037ecbb9a2e84f7851b3d406d3f07a9e7c9b0c5a24d36bdca44a6f5427bba98c2676f570dd3a69479a29f91cad3fb966a717afadc99ee503d6eef40686d9039ef9f0a8a676d", 0x3cd}], 0x4}, 0x0) 688.46548ms ago: executing program 2 (id=3246): perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x7602}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000280), 0x9) r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000c40), 0x12) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f0000000080), 0x12) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) 674.601891ms ago: executing program 3 (id=3247): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) socket$kcm(0xa, 0x2, 0x88) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x2, 0x200000000000001, 0x106) r3 = socket$kcm(0x29, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48) r5 = socket$kcm(0x2, 0x1, 0x0) socket$kcm(0xa, 0x2, 0x73) sendmsg$inet(r5, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000040)={r5, r4}) sendmsg$kcm(r3, &(0x7f0000002080)={0x0, 0x12, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair(0x0, 0x2, 0x0, &(0x7f0000000000)={0x0, 0x0}) socket$kcm(0x2, 0x0, 0x84) close(0xffffffffffffffff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b502000014000000b70300000000000085000000d2000000bf0900000000000055090100"], &(0x7f0000000100)='syzkaller\x00'}, 0x90) 635.797144ms ago: executing program 0 (id=3248): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, @perf_bp={&(0x7f0000000300), 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) perf_event_open(&(0x7f0000000500)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0xfffffffffffffffe, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000006c000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x7e) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0) 469.893086ms ago: executing program 1 (id=3249): r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="a8832c90653739a5f7cb825da60290"], &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x1}, 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r3 = socket$kcm(0xa, 0x2, 0x88) sendmsg$inet(r3, &(0x7f0000001600)={&(0x7f0000000280)={0x2, 0x4e21, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x33}, @multicast1}}}], 0x20}, 0x8000) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="6464faacc237eec22e35f208f1548f9a8eb3ae4a41188b551ff0b17793fc95451d7bf7292f59b73100de36b0d83316a8aba97fe2ab463c2d0141349f7f713a32666ec36d744e485ff16d9df6b2798f0f355992f50b6a02bd7cda29d01f8cfd41ad460158a941fe3d4965d4f3db454adb4358abe9fd35a2a1cf00e09baebbbd274cd896fd2d37250557403e7ca163e4efbedd817c939cc462f7ae", 0x9a}, {&(0x7f0000000580)="553d8fd084e8fcd9269719c4bb46e4dbc0666565558a0e4f6ef1b4f4b61f748bd2e36ae3d9616881bd2bf0a5804b399043ab2d69eb3d9fe0ae04b6931fc4cf59ac0817fdfb8417c138fd03498fed1ba8a71f14196e3161e7a36a43d93943f151527a654b0ddd8bd8a70bf39f59201e73bd78e0bd1a9ef66df12ab6e50d83f42030a7cac15c80f1af756cdecd23c32584d644f93f48248dedd077e66a1aa5da66c4a851488d54fdd057c25203daf5773dc0593a9255372444be7ed56eba7208ad0ed50d2d005e40afba", 0xc9}, {&(0x7f0000000380)="4e5ddce9967d322fd72c76cc1cf9df1ca1283402e96fd3d4a1c36145158d578463273b2b33acfdf11594c7e22c611935b46a54a2b54d48e70667af064efe5d5adbd4211ebc61f51c7587ad49595ee4dfe065b33848d124cb89992a51898f830140eb175055f661eb9ec3b21e7cc64710ea55b5f3f705ef4a1002227507b6c44e00ad58c376db0b", 0x87}, {&(0x7f0000003000)="8ead69a706710a6c13821f1d0031f367f96619bc8d748da2faa4633b88e765cd1e187d755205e0538ed1fd751de5bb2e90183c417cc4265041dc124a2573dbf7706eb437f6079c576d1542614896a0a29f945233818244172c3e11d0a234bcbdfec611e43a6bf54c4283a9c7bfd2722d1fafd2fe5ecdfe8785c0fcf385cd35a7bfbca8150dea75b3e308db04a8a104560e21135827e15ed6c8b47323a23a436430d6935dec49f1ff1deea5c3bb324aa789d34d2f1e950fdd39742eb28ff62e07c059474d3ba684fd62a263063c39752170aa7ffb00b3e0c10061f306f971a320965888ae94db417e68b9b43ae51fc8203f45ba40293fbe32b09d3448590a98e2ad672fd10b01ded13140c04f02a2211c98d49245676cd76fc29e916f8cf1e6e81e18dba58f70de717c5c0ce5f8b4d70a4e69510db8fe33493ecc70de24219b4f4e55e796ee85dc244cc5f4d483237625875e895cdf151bb5c59e772904b2d979dce286a485fbe78f240acae978ad285c171fe485a1b34bb366e17a17b8ea89573ba3a3f22e0597c0e305b1ac69f2ac02cb82e22dec52e3b4fc0795c9d520886f70b3fc7a1cd032a6631cb1447b648d463e264dd01e468384555413e9813a08b861fcdcfa3df4a23ddd97b4de6c3e8bba561d3530e4b9d9b4a550a25a611366ebed8ca45e18a1dc14c3ead0c7da9b350565ace5e032f6027daa9c65b12bfbb490026ba6d476dda813d465ea7c30607148e8fb658cf13470a5efeda1b66c7729cf66f233762448d28aa80b6fb53aa6cf5cf6c2d2526dd097778a28cb2f991da353e83c35d25f283524bec4560bace4ef3234e7c2a1ffdcda0104d3f0058fcde9822f38e5bb775bf819d3e0f59f1318139ee133884653d1dd7b47749494378a8106da85645798fc73181a6f77e520b75556d99df550d71f44ea1c707fbad83488a950c93e68de5f75c32703c3e77dfc60e85fe574ed537938218c0d500b883c1493c608ff1bd2bcf368286834fb3ac73c7b28feda8b3aaba2e64a77ff32431a596dbcbc81544bfc666a750d01e5cc3f7677a4c8370e72021d0065dbf909d22924f6206b505f20e475a23e634f9ac576a4ee9146a93f835e911bd367e58add6986bae187031779725e6831a13049a1327631d34852f3def0e1989a79e5ee332a0409d2eb9b116927dd36226ac2553d3ae84ec5af760c388d98b7b6cfe30b59d8dcd50385717e2b6ac117d125f32817aec2c06374a711a3a2fdf799d965366dfca45945cdc954476942e037ecbb9a2e84f7851b3d406d3f07a9e7c9b0c5a24d36bdca44a6f5427bba98c2676f570dd3a69479a29f91cad3fb966a717afadc99ee503d6eef40686d9039ef9f0a8a676d", 0x3cd}], 0x4}, 0x0) 462.895336ms ago: executing program 4 (id=3250): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b27c105d25a806c8c6f94f90424fc6004", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) 450.763227ms ago: executing program 0 (id=3251): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xa9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b27c105d25a806c8c6f94f90424fc6004", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0) openat$cgroup_ro(r2, 0x0, 0x7a05, 0x1700) sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) recvmsg$kcm(r2, &(0x7f0000002940)={0x0, 0x0, 0x0, 0x7cbad08df9b8f0fb, 0x0, 0xfffffffffffffe79}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20004808) sendmsg$sock(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000)=[@timestamping={{0x14}}], 0x18}, 0x100080c0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000004000000200000000000950000000000000096950d3cca3010466743a7ca047cdaafdbaf85633764ce1d8b66c036d2a5fab31fb496080000009af6cd502ae96522cbf8c0add5fabe861cc620906b68c447cd7d9a77f352927de1d805e5c59a54625c9d414e689f1e944987a4f2465ef2e0d8d4a9e0be64610c2b4403fab4fa62754ef0e17bc12d0ae7c695f016b24a0e808ad385e4b4e904cf2972744c82bc16d579b8bd83b5d6cc1219495b71b7ab075f4c95197135435e5181a683ae6924d23cb8addc09854dba84aca56ace6711b5e6869ac4283a716bc2d9431055c6df97e096e347bdd97dc6193ad3643b6ce42a6e0bf1580124c33dae1339"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r4, 0x400454d9, 0x0) 362.038654ms ago: executing program 4 (id=3252): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff0000000003000000000000000000000002000000000000000000000000000002030000000000000000000002"], 0x0, 0x56}, 0x20) r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000280)=@generic={&(0x7f0000000240)='./file0\x00', 0x0, 0x10}, 0x18) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x26e1, 0x0) close(r3) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001400) write$cgroup_subtree(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="80fd", @ANYRES64=r2], 0x9) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="d80000001a0081044e81f782db4cb9041c1d0800f6007c05e8fe55a108000100ff0300000000034004020000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090008001fb791643a5ee4ce1b141993c034e665725cfa693c53ee8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5d4ee6ccd40dd6e4edef3d93452a92954b43370ed7778b10136e8eb585", 0xd8}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xbc780a08ba868d87, 0x3c, &(0x7f00000005c0)=ANY=[@ANYRESHEX, @ANYRESDEC=r1, @ANYRES8=r1, @ANYRESHEX=r1, @ANYRESDEC=r1, @ANYRES16=r4, @ANYRES8=r3, @ANYRES8=r2], 0x0, 0x2000005, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0xffddfff8}, 0x90) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x48040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x19, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc020662a, &(0x7f0000000040)=0xfff) write$cgroup_type(r5, &(0x7f0000000200), 0x9) perf_event_open(0x0, 0x0, 0x2, 0xffffffffffffffff, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) socketpair$unix(0x1, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000400)) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e80)=@bpf_lsm={0x1d, 0x4, &(0x7f0000000040)=@framed={{}, [@generic]}, 0x0}, 0x90) r7 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f95f24fc60040f03", 0x17}], 0x1}, 0x0) write$cgroup_subtree(r7, &(0x7f0000000040)=ANY=[@ANYBLOB="934300005a0033d4"], 0xfe33) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000015fa972e00000000000071122900009500"/32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x80) sendmsg$sock(r6, &(0x7f00000001c0)={&(0x7f0000000040)=@generic={0x1, "ba795bf7542c899a8cdb2f86a496676ece46dc88bb9315e9f6f726154b0c4378bcd6e07d3e64d41e2f918cc7eedc7e1360385caad83fc97de7ae5c7ee46bfaf58f94a380eb2ca56ffb02dfc46b1fed9795d1d8d91c16b6e5f5c31745444757df1c5684aa58075ab6fc6b34d345b63359c923893115eb4e5f3d12019f4fb7"}, 0x80, 0x0}, 0x0) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x4, 0x0}, 0x8) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r8, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x16, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="feff000000000000000000000000000061109600000000009500000afe731400000000003f60fcf94edb603b0207ba0eb697a8fe5f93fe182be31c59a04181824c674b83468689e82ddc8312fafe9d4cd200f61abc2c5bea8875ef76bdc3b16ac0c641c520cf6baa5a297b0c9686d4dba98bf77fed45847451d5386c32cad3e55d51a7251037ec790c8857cc1ca6091de99cff6e1b2ce07b876fda2b21d2ac20b7308baa27ed9c1ddd7988265c9e051f36bc5605a79ad0331faffb7f2a2cf850ed9d54bdae32e9f074748324b276fe9b06abfb29db40b42178eb3210d9f191b687a9b72d2b609e4e8096d990280d6c840675c1f247fe28635e226e128d5876d38cb2a74a2f787f2a2a4a28570000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) 344.864075ms ago: executing program 1 (id=3253): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xfffffffffffffff8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0) 242.262852ms ago: executing program 3 (id=3254): sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x3a}, 0x80, &(0x7f0000001880)=[{&(0x7f00000013c0)="27042700ea0e00000000002f8808", 0xe}], 0x1}, 0x0) 161.535888ms ago: executing program 0 (id=3255): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x400}, 0x0, 0xfffffffffffbffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r2, &(0x7f0000000640)=ANY=[@ANYRES64], 0xfdef) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82ff0800000000a6020000f8ffffffb703000008000000b70300000000000085000000330000009509ac5cf55a420233ed7dd1488d338c788b5a16199b3a3402122d982b4a035a9065514738131d5237319d1693446e737de6a937cac36175c2e206c90cf935198328544d0de5bf9012a8da785decf4e709"], &(0x7f0000000180)='GPL\x00', 0x0, 0x2e, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x3}, 0x8}, 0x90) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r4, 0xffffffffffffffff}, 0x4) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="00000000a50000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x39}, 0xff32, 0x0}, 0xe07e872420dfefca) recvmsg(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000500)}, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0xe, 0x3, &(0x7f0000000500)=ANY=[@ANYRESOCT=r5, @ANYBLOB="850000000000009500000000000000b4a8b1541206000000e9c79077fa15baa61299de54cf77c9062c30bc068829afff36b3000000000000000000"], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r8, 0x2000000, 0x16, 0x0, &(0x7f00000004c0)="5cdd30", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r9 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="d80000001800eb054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00060004010c00080008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cb8b4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e002c2a73ae028d1b34ff4f8cc430bb5a360db598262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d930000", 0xd8}], 0x1}, 0x0) socket$kcm(0x2, 0x200000000000001, 0x0) 161.314598ms ago: executing program 4 (id=3256): perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0) syz_clone(0x1100, 0x0, 0x0, 0x0, 0x0, 0x0) 160.106469ms ago: executing program 1 (id=3265): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xa9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b27c105d25a806c8c6f94f90424fc6004", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0) openat$cgroup_ro(r2, 0x0, 0x7a05, 0x1700) sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) recvmsg$kcm(r2, &(0x7f0000002940)={0x0, 0x0, 0x0, 0x7cbad08df9b8f0fb, 0x0, 0xfffffffffffffe79}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20004808) sendmsg$sock(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000)=[@timestamping={{0x14}}], 0x18}, 0x100080c0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000004000000200000000000950000000000000096950d3cca3010466743a7ca047cdaafdbaf85633764ce1d8b66c036d2a5fab31fb496080000009af6cd502ae96522cbf8c0add5fabe861cc620906b68c447cd7d9a77f352927de1d805e5c59a54625c9d414e689f1e944987a4f2465ef2e0d8d4a9e0be64610c2b4403fab4fa62754ef0e17bc12d0ae7c695f016b24a0e808ad385e4b4e904cf2972744c82bc16d579b8bd83b5d6cc1219495b71b7ab075f4c95197135435e5181a683ae6924d23cb8addc09854dba84aca56ace6711b5e6869ac4283a716bc2d9431055c6df97e096e347bdd97dc6193ad3643b6ce42a6e0bf1580124c33dae1339"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r4, 0x400454d9, 0x0) 112.868762ms ago: executing program 3 (id=3257): perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2c, 0x3, 0x0) write$cgroup_netprio_ifpriomap(r0, 0x0, 0xf) r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000040000"], 0x0, 0x66}, 0x20) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file0\x00', 0x0, 0x4018, r2}, 0x18) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x25, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8a9, 0x0, 0x0, 0x0, 0x5}, {}, {}, [@printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @call={0x85, 0x0, 0x0, 0x75}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffa}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='GPL\x00', 0x0, 0xb1, &(0x7f0000000500)=""/177, 0x100, 0x4, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000440)={0x2, 0x2}, 0x8, 0x10, &(0x7f00000005c0)={0x1, 0x8, 0x9, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000780)=[r0, 0x1, 0x1, 0x1], &(0x7f00000007c0)=[{0x0, 0x4, 0xc, 0x5}, {0x3, 0x2, 0x8, 0x8}, {0x2, 0x4, 0xf, 0x9}, {0x0, 0x3, 0x3}, {0x1, 0x1, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9}, {0x0, 0x5, 0x3, 0x9}], 0x10, 0x12bf3461}, 0x90) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000940)={r1, r4}) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x300, &(0x7f0000000900)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000017f03e3f700000fff6ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010004080c00bdad01409bbc7a46e39a54cbbda812176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0x7}, 0x0) 25.608498ms ago: executing program 4 (id=3258): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)}, 0x0) 0s ago: executing program 3 (id=3259): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x0, 0x54}, 0x20) kernel console output (not intermixed with test programs): HighMem/MovableOnly [ 439.778353][T10379] 413093 pages reserved [ 439.783601][T10379] 0 pages cma reserved [ 439.814629][T10425] veth0: mtu less than device minimum [ 439.961157][T10438] bridge0: port 1(bridge_slave_0) entered disabled state [ 440.004429][ T1394] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.010818][ T1394] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.244177][T10456] netlink: 'syz.2.2375': attribute type 21 has an invalid length. [ 440.259606][T10456] netlink: 'syz.2.2375': attribute type 2 has an invalid length. [ 440.322793][T10453] netlink: 4079 bytes leftover after parsing attributes in process `syz.3.2374'. [ 440.461542][T10461] FAULT_INJECTION: forcing a failure. [ 440.461542][T10461] name failslab, interval 1, probability 0, space 0, times 0 [ 440.475309][T10461] CPU: 0 PID: 10461 Comm: syz.4.2376 Not tainted 5.15.165-syzkaller #0 [ 440.483584][T10461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 440.493663][T10461] Call Trace: [ 440.496958][T10461] [ 440.499902][T10461] dump_stack_lvl+0x1e3/0x2d0 [ 440.504608][T10461] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 440.510261][T10461] ? panic+0x860/0x860 [ 440.514364][T10461] should_fail+0x38a/0x4c0 [ 440.518807][T10461] should_failslab+0x5/0x20 [ 440.523328][T10461] slab_pre_alloc_hook+0x53/0xc0 [ 440.528286][T10461] kmem_cache_alloc_node_trace+0x4e/0x2e0 [ 440.534023][T10461] ? __get_vm_area_node+0x11f/0x2f0 [ 440.539250][T10461] __get_vm_area_node+0x11f/0x2f0 [ 440.544301][T10461] __vmalloc_node_range+0xe3/0x8c0 [ 440.549431][T10461] ? netlink_sendmsg+0x644/0xd60 [ 440.554511][T10461] ? netlink_data_ready+0x10/0x10 [ 440.559587][T10461] ? netlink_sendmsg+0x644/0xd60 [ 440.564554][T10461] vmalloc+0x75/0x80 [ 440.568470][T10461] ? netlink_sendmsg+0x644/0xd60 [ 440.573424][T10461] netlink_sendmsg+0x644/0xd60 [ 440.578225][T10461] ? netlink_getsockopt+0x5b0/0x5b0 [ 440.583448][T10461] ? aa_sock_msg_perm+0x91/0x150 [ 440.588403][T10461] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 440.593710][T10461] ? security_socket_sendmsg+0x7d/0xa0 [ 440.599201][T10461] ? netlink_getsockopt+0x5b0/0x5b0 [ 440.604445][T10461] sock_write_iter+0x39b/0x530 [ 440.609290][T10461] ? sock_read_iter+0x480/0x480 [ 440.614168][T10461] ? common_file_perm+0x17d/0x1d0 [ 440.619237][T10461] ? iov_iter_init+0x4a/0x170 [ 440.623937][T10461] vfs_write+0xacd/0xe50 [ 440.628225][T10461] ? file_end_write+0x250/0x250 [ 440.633098][T10461] ? __fget_files+0x413/0x480 [ 440.637810][T10461] ? __fdget_pos+0x1e9/0x380 [ 440.642421][T10461] ? ksys_write+0x77/0x2c0 [ 440.646859][T10461] ksys_write+0x1a2/0x2c0 [ 440.651202][T10461] ? print_irqtrace_events+0x210/0x210 [ 440.656736][T10461] ? __ia32_sys_read+0x80/0x80 [ 440.661521][T10461] ? syscall_enter_from_user_mode+0x2e/0x240 [ 440.667518][T10461] ? lockdep_hardirqs_on+0x94/0x130 [ 440.672739][T10461] ? syscall_enter_from_user_mode+0x2e/0x240 [ 440.678741][T10461] do_syscall_64+0x3b/0xb0 [ 440.683172][T10461] ? clear_bhb_loop+0x15/0x70 [ 440.687876][T10461] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 440.693792][T10461] RIP: 0033:0x7f6826bf9eb9 [ 440.698227][T10461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.717852][T10461] RSP: 002b:00007f6825055038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 440.726297][T10461] RAX: ffffffffffffffda RBX: 00007f6826d96058 RCX: 00007f6826bf9eb9 [ 440.734298][T10461] RDX: 000000000000fe33 RSI: 00000000200004c0 RDI: 0000000000000005 [ 440.742292][T10461] RBP: 00007f6825055090 R08: 0000000000000000 R09: 0000000000000000 [ 440.750285][T10461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 440.758273][T10461] R13: 0000000000000000 R14: 00007f6826d96058 R15: 00007ffc4c107be8 [ 440.766287][T10461] [ 443.335115][T10479] veth0: mtu less than device minimum [ 443.345313][T10476] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.2380'. [ 443.485458][T10483] netlink: 'syz.3.2383': attribute type 10 has an invalid length. [ 443.539404][T10483] team0: Device veth0_macvtap failed to register rx_handler [ 443.809003][T10501] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.2391'. [ 443.927069][T10503] device syzkaller0 entered promiscuous mode [ 444.216538][T10513] veth0: mtu less than device minimum [ 444.701684][T10532] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.2402'. [ 444.741922][T10536] netlink: 'syz.1.2403': attribute type 2 has an invalid length. [ 444.755149][T10536] netlink: 'syz.1.2403': attribute type 8 has an invalid length. [ 444.763030][T10536] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2403'. [ 444.775431][T10535] netlink: 'syz.1.2403': attribute type 2 has an invalid length. [ 444.799257][T10535] netlink: 'syz.1.2403': attribute type 8 has an invalid length. [ 444.817796][T10535] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2403'. [ 445.246658][T10553] veth0: mtu less than device minimum [ 445.443581][T10555] FAULT_INJECTION: forcing a failure. [ 445.443581][T10555] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 445.574119][T10555] CPU: 0 PID: 10555 Comm: syz.4.2409 Not tainted 5.15.165-syzkaller #0 [ 445.582499][T10555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 445.592574][T10555] Call Trace: [ 445.595865][T10555] [ 445.598812][T10555] dump_stack_lvl+0x1e3/0x2d0 [ 445.603509][T10555] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 445.609156][T10555] ? panic+0x860/0x860 [ 445.613246][T10555] ? snprintf+0xd6/0x120 [ 445.617515][T10555] should_fail+0x38a/0x4c0 [ 445.621961][T10555] _copy_to_user+0x2d/0x130 [ 445.626487][T10555] simple_read_from_buffer+0xc6/0x150 [ 445.631910][T10555] proc_fail_nth_read+0x1a3/0x210 [ 445.636953][T10555] ? proc_fault_inject_write+0x390/0x390 [ 445.642602][T10555] ? fsnotify_perm+0x442/0x590 [ 445.647380][T10555] ? proc_fault_inject_write+0x390/0x390 [ 445.653033][T10555] vfs_read+0x2fc/0xe10 [ 445.657210][T10555] ? kernel_read+0x1f0/0x1f0 [ 445.661819][T10555] ? __fget_files+0x413/0x480 [ 445.666515][T10555] ? mutex_lock_nested+0x17/0x20 [ 445.671461][T10555] ? __fdget_pos+0x2cb/0x380 [ 445.676068][T10555] ? ksys_read+0x77/0x2c0 [ 445.680410][T10555] ksys_read+0x1a2/0x2c0 [ 445.684666][T10555] ? print_irqtrace_events+0x210/0x210 [ 445.690141][T10555] ? vfs_write+0xe50/0xe50 [ 445.694568][T10555] ? syscall_enter_from_user_mode+0x2e/0x240 [ 445.700564][T10555] ? lockdep_hardirqs_on+0x94/0x130 [ 445.705774][T10555] ? syscall_enter_from_user_mode+0x2e/0x240 [ 445.711768][T10555] do_syscall_64+0x3b/0xb0 [ 445.716196][T10555] ? clear_bhb_loop+0x15/0x70 [ 445.720886][T10555] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 445.726794][T10555] RIP: 0033:0x7f6826bf88fc [ 445.731235][T10555] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 445.750851][T10555] RSP: 002b:00007f6825076030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 445.759280][T10555] RAX: ffffffffffffffda RBX: 00007f6826d95f80 RCX: 00007f6826bf88fc [ 445.767259][T10555] RDX: 000000000000000f RSI: 00007f68250760a0 RDI: 0000000000000009 [ 445.775238][T10555] RBP: 00007f6825076090 R08: 0000000000000000 R09: 0000000000000000 [ 445.783304][T10555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.791280][T10555] R13: 0000000000000000 R14: 00007f6826d95f80 R15: 00007ffc4c107be8 [ 445.799279][T10555] [ 447.505004][T10586] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.2418'. [ 447.540387][T10587] veth0: mtu less than device minimum [ 447.878077][T10612] FAULT_INJECTION: forcing a failure. [ 447.878077][T10612] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 447.900755][T10612] CPU: 1 PID: 10612 Comm: syz.0.2430 Not tainted 5.15.165-syzkaller #0 [ 447.909039][T10612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 447.919114][T10612] Call Trace: [ 447.922399][T10612] [ 447.925333][T10612] dump_stack_lvl+0x1e3/0x2d0 [ 447.930032][T10612] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 447.935675][T10612] ? panic+0x860/0x860 [ 447.939766][T10612] ? snprintf+0xd6/0x120 [ 447.944028][T10612] should_fail+0x38a/0x4c0 [ 447.948459][T10612] _copy_to_user+0x2d/0x130 [ 447.953010][T10612] simple_read_from_buffer+0xc6/0x150 [ 447.958405][T10612] proc_fail_nth_read+0x1a3/0x210 [ 447.963444][T10612] ? proc_fault_inject_write+0x390/0x390 [ 447.969090][T10612] ? fsnotify_perm+0x442/0x590 [ 447.973865][T10612] ? proc_fault_inject_write+0x390/0x390 [ 447.979514][T10612] vfs_read+0x2fc/0xe10 [ 447.983691][T10612] ? kernel_read+0x1f0/0x1f0 [ 447.988300][T10612] ? __fget_files+0x413/0x480 [ 447.992995][T10612] ? mutex_lock_nested+0x17/0x20 [ 447.997941][T10612] ? __fdget_pos+0x2cb/0x380 [ 448.002540][T10612] ? ksys_read+0x77/0x2c0 [ 448.006882][T10612] ksys_read+0x1a2/0x2c0 [ 448.011137][T10612] ? print_irqtrace_events+0x210/0x210 [ 448.016608][T10612] ? vfs_write+0xe50/0xe50 [ 448.021039][T10612] ? syscall_enter_from_user_mode+0x2e/0x240 [ 448.027147][T10612] ? lockdep_hardirqs_on+0x94/0x130 [ 448.032358][T10612] ? syscall_enter_from_user_mode+0x2e/0x240 [ 448.038354][T10612] do_syscall_64+0x3b/0xb0 [ 448.042777][T10612] ? clear_bhb_loop+0x15/0x70 [ 448.047484][T10612] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 448.053388][T10612] RIP: 0033:0x7f46d2ded8fc [ 448.057814][T10612] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 448.077527][T10612] RSP: 002b:00007f46d126b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 448.085959][T10612] RAX: ffffffffffffffda RBX: 00007f46d2f8af80 RCX: 00007f46d2ded8fc [ 448.093944][T10612] RDX: 000000000000000f RSI: 00007f46d126b0a0 RDI: 0000000000000004 [ 448.101924][T10612] RBP: 00007f46d126b090 R08: 0000000000000000 R09: 0000000000000000 [ 448.109902][T10612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 448.117901][T10612] R13: 0000000000000000 R14: 00007f46d2f8af80 R15: 00007ffd7cc98a98 [ 448.125916][T10612] [ 448.332080][T10622] veth0: mtu less than device minimum [ 448.350996][T10624] FAULT_INJECTION: forcing a failure. [ 448.350996][T10624] name failslab, interval 1, probability 0, space 0, times 0 [ 448.379141][T10625] netlink: 134780 bytes leftover after parsing attributes in process `syz.4.2434'. [ 448.431467][T10624] CPU: 1 PID: 10624 Comm: syz.2.2435 Not tainted 5.15.165-syzkaller #0 [ 448.439763][T10624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 448.449848][T10624] Call Trace: [ 448.453148][T10624] [ 448.456102][T10624] dump_stack_lvl+0x1e3/0x2d0 [ 448.460814][T10624] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 448.466486][T10624] ? panic+0x860/0x860 [ 448.470595][T10624] ? __might_sleep+0xc0/0xc0 [ 448.475205][T10624] should_fail+0x38a/0x4c0 [ 448.479632][T10624] should_failslab+0x5/0x20 [ 448.484136][T10624] slab_pre_alloc_hook+0x53/0xc0 [ 448.489084][T10624] __kmalloc+0x6e/0x300 [ 448.493254][T10624] ? kernfs_fop_write_iter+0x157/0x4f0 [ 448.498717][T10624] ? end_current_label_crit_section+0x147/0x170 [ 448.504962][T10624] kernfs_fop_write_iter+0x157/0x4f0 [ 448.510252][T10624] vfs_write+0xacd/0xe50 [ 448.514499][T10624] ? file_end_write+0x250/0x250 [ 448.519355][T10624] ? __fget_files+0x413/0x480 [ 448.524046][T10624] ? mutex_lock_nested+0x17/0x20 [ 448.528984][T10624] ? __fdget_pos+0x2cb/0x380 [ 448.533569][T10624] ? ksys_write+0x77/0x2c0 [ 448.537983][T10624] ksys_write+0x1a2/0x2c0 [ 448.542308][T10624] ? print_irqtrace_events+0x210/0x210 [ 448.547765][T10624] ? __ia32_sys_read+0x80/0x80 [ 448.552531][T10624] ? syscall_enter_from_user_mode+0x2e/0x240 [ 448.558520][T10624] ? lockdep_hardirqs_on+0x94/0x130 [ 448.563723][T10624] ? syscall_enter_from_user_mode+0x2e/0x240 [ 448.569702][T10624] do_syscall_64+0x3b/0xb0 [ 448.574114][T10624] ? clear_bhb_loop+0x15/0x70 [ 448.578832][T10624] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 448.584722][T10624] RIP: 0033:0x7fd67599beb9 [ 448.589135][T10624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.608736][T10624] RSP: 002b:00007fd673e18038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 448.617234][T10624] RAX: ffffffffffffffda RBX: 00007fd675b37f80 RCX: 00007fd67599beb9 [ 448.625228][T10624] RDX: 0000000000000012 RSI: 0000000020000100 RDI: 0000000000000004 [ 448.633264][T10624] RBP: 00007fd673e18090 R08: 0000000000000000 R09: 0000000000000000 [ 448.641235][T10624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 448.649215][T10624] R13: 0000000000000000 R14: 00007fd675b37f80 R15: 00007ffc31ea72a8 [ 448.657195][T10624] [ 448.775585][T10638] FAULT_INJECTION: forcing a failure. [ 448.775585][T10638] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 448.849464][T10638] CPU: 0 PID: 10638 Comm: syz.2.2440 Not tainted 5.15.165-syzkaller #0 [ 448.857754][T10638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 448.867834][T10638] Call Trace: [ 448.871131][T10638] [ 448.874078][T10638] dump_stack_lvl+0x1e3/0x2d0 [ 448.878794][T10638] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 448.884448][T10638] ? panic+0x860/0x860 [ 448.888534][T10638] ? __lock_acquire+0x1ff0/0x1ff0 [ 448.893578][T10638] should_fail+0x38a/0x4c0 [ 448.898014][T10638] _copy_from_iter+0x243/0xe90 [ 448.902805][T10638] ? copy_mc_pipe_to_iter+0x760/0x760 [ 448.908192][T10638] ? __virt_addr_valid+0x3bb/0x460 [ 448.913309][T10638] ? 0xffffffff81000000 [ 448.917467][T10638] ? __check_object_size+0x300/0x410 [ 448.922770][T10638] netlink_sendmsg+0x800/0xd60 [ 448.927554][T10638] ? netlink_getsockopt+0x5b0/0x5b0 [ 448.932765][T10638] ? aa_sock_msg_perm+0x91/0x150 [ 448.937712][T10638] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 448.943004][T10638] ? security_socket_sendmsg+0x7d/0xa0 [ 448.948469][T10638] ? netlink_getsockopt+0x5b0/0x5b0 [ 448.953681][T10638] ____sys_sendmsg+0x59e/0x8f0 [ 448.958453][T10638] ? iovec_from_user+0x300/0x390 [ 448.963408][T10638] ? __sys_sendmsg_sock+0x30/0x30 [ 448.968455][T10638] ___sys_sendmsg+0x252/0x2e0 [ 448.973159][T10638] ? __sys_sendmsg+0x260/0x260 [ 448.977969][T10638] ? __fdget+0x191/0x220 [ 448.982221][T10638] __se_sys_sendmsg+0x19a/0x260 [ 448.987080][T10638] ? __x64_sys_sendmsg+0x80/0x80 [ 448.992031][T10638] ? syscall_enter_from_user_mode+0x2e/0x240 [ 448.998019][T10638] ? lockdep_hardirqs_on+0x94/0x130 [ 449.003245][T10638] ? syscall_enter_from_user_mode+0x2e/0x240 [ 449.009236][T10638] do_syscall_64+0x3b/0xb0 [ 449.013657][T10638] ? clear_bhb_loop+0x15/0x70 [ 449.018341][T10638] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 449.024328][T10638] RIP: 0033:0x7fd67599beb9 [ 449.028752][T10638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.048362][T10638] RSP: 002b:00007fd673e18038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 449.056781][T10638] RAX: ffffffffffffffda RBX: 00007fd675b37f80 RCX: 00007fd67599beb9 [ 449.064762][T10638] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 449.073005][T10638] RBP: 00007fd673e18090 R08: 0000000000000000 R09: 0000000000000000 [ 449.080977][T10638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 449.088950][T10638] R13: 0000000000000000 R14: 00007fd675b37f80 R15: 00007ffc31ea72a8 [ 449.096940][T10638] [ 449.121000][T10641] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2441'. [ 450.008505][T10661] veth0: mtu less than device minimum [ 450.456349][T10665] netlink: 10 bytes leftover after parsing attributes in process `syz.4.2449'. [ 450.519154][T10675] FAULT_INJECTION: forcing a failure. [ 450.519154][T10675] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 450.542065][T10675] CPU: 0 PID: 10675 Comm: syz.2.2454 Not tainted 5.15.165-syzkaller #0 [ 450.550359][T10675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 450.560445][T10675] Call Trace: [ 450.563744][T10675] [ 450.566694][T10675] dump_stack_lvl+0x1e3/0x2d0 [ 450.571402][T10675] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 450.577145][T10675] ? panic+0x860/0x860 [ 450.581244][T10675] ? snprintf+0xd6/0x120 [ 450.585493][T10675] should_fail+0x38a/0x4c0 [ 450.589919][T10675] _copy_to_user+0x2d/0x130 [ 450.594423][T10675] simple_read_from_buffer+0xc6/0x150 [ 450.599798][T10675] proc_fail_nth_read+0x1a3/0x210 [ 450.604821][T10675] ? proc_fault_inject_write+0x390/0x390 [ 450.610454][T10675] ? fsnotify_perm+0x442/0x590 [ 450.615216][T10675] ? proc_fault_inject_write+0x390/0x390 [ 450.620847][T10675] vfs_read+0x2fc/0xe10 [ 450.625006][T10675] ? kernel_read+0x1f0/0x1f0 [ 450.629603][T10675] ? __fget_files+0x413/0x480 [ 450.634287][T10675] ? mutex_lock_nested+0x17/0x20 [ 450.639251][T10675] ? __fdget_pos+0x2cb/0x380 [ 450.643842][T10675] ? ksys_read+0x77/0x2c0 [ 450.648176][T10675] ksys_read+0x1a2/0x2c0 [ 450.652418][T10675] ? print_irqtrace_events+0x210/0x210 [ 450.657878][T10675] ? vfs_write+0xe50/0xe50 [ 450.662295][T10675] ? syscall_enter_from_user_mode+0x2e/0x240 [ 450.668356][T10675] ? lockdep_hardirqs_on+0x94/0x130 [ 450.673551][T10675] ? syscall_enter_from_user_mode+0x2e/0x240 [ 450.679552][T10675] do_syscall_64+0x3b/0xb0 [ 450.683960][T10675] ? clear_bhb_loop+0x15/0x70 [ 450.688644][T10675] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 450.694538][T10675] RIP: 0033:0x7fd67599a8fc [ 450.698950][T10675] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 450.718550][T10675] RSP: 002b:00007fd673e18030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 450.726961][T10675] RAX: ffffffffffffffda RBX: 00007fd675b37f80 RCX: 00007fd67599a8fc [ 450.734927][T10675] RDX: 000000000000000f RSI: 00007fd673e180a0 RDI: 0000000000000004 [ 450.742892][T10675] RBP: 00007fd673e18090 R08: 0000000000000000 R09: 0000000000000000 [ 450.750856][T10675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 450.758818][T10675] R13: 0000000000000000 R14: 00007fd675b37f80 R15: 00007ffc31ea72a8 [ 450.766820][T10675] [ 450.910841][T10685] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.2457'. [ 450.976548][T10692] veth0: mtu less than device minimum [ 450.994537][T10689] netlink: 'syz.0.2459': attribute type 2 has an invalid length. [ 451.054304][T10696] FAULT_INJECTION: forcing a failure. [ 451.054304][T10696] name failslab, interval 1, probability 0, space 0, times 0 [ 451.162065][T10696] CPU: 0 PID: 10696 Comm: syz.3.2460 Not tainted 5.15.165-syzkaller #0 [ 451.170360][T10696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 451.180431][T10696] Call Trace: [ 451.183719][T10696] [ 451.186653][T10696] dump_stack_lvl+0x1e3/0x2d0 [ 451.191441][T10696] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 451.197084][T10696] ? panic+0x860/0x860 [ 451.201164][T10696] ? __might_sleep+0xc0/0xc0 [ 451.205771][T10696] should_fail+0x38a/0x4c0 [ 451.210207][T10696] should_failslab+0x5/0x20 [ 451.214720][T10696] slab_pre_alloc_hook+0x53/0xc0 [ 451.219729][T10696] kmem_cache_alloc_trace+0x49/0x290 [ 451.225034][T10696] ? getname_kernel+0xe7/0x2d0 [ 451.229828][T10696] getname_kernel+0xe7/0x2d0 [ 451.234618][T10696] kern_path+0x1f/0x180 [ 451.238796][T10696] create_local_trace_uprobe+0xa2/0x6b0 [ 451.244466][T10696] ? bpf_get_uprobe_info+0x520/0x520 [ 451.249778][T10696] ? __might_fault+0xb4/0x110 [ 451.254486][T10696] ? _copy_from_user+0x10f/0x170 [ 451.259457][T10696] perf_uprobe_init+0xed/0x190 [ 451.264253][T10696] perf_uprobe_event_init+0xff/0x180 [ 451.269576][T10696] perf_try_init_event+0x135/0x3e0 [ 451.274712][T10696] ? perf_event_alloc+0x1169/0x2180 [ 451.279939][T10696] perf_event_alloc+0x1175/0x2180 [ 451.285010][T10696] __se_sys_perf_event_open+0xb27/0x4510 [ 451.290672][T10696] ? __context_tracking_exit+0x4c/0x80 [ 451.296151][T10696] ? __x64_sys_perf_event_open+0xc0/0xc0 [ 451.301814][T10696] ? syscall_enter_from_user_mode+0x2e/0x240 [ 451.307823][T10696] ? lockdep_hardirqs_on+0x94/0x130 [ 451.313035][T10696] ? __x64_sys_perf_event_open+0x1c/0xc0 [ 451.318691][T10696] do_syscall_64+0x3b/0xb0 [ 451.323121][T10696] ? clear_bhb_loop+0x15/0x70 [ 451.327836][T10696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 451.333763][T10696] RIP: 0033:0x7fd130a7ceb9 [ 451.338198][T10696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.357822][T10696] RSP: 002b:00007fd12eef9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 451.366259][T10696] RAX: ffffffffffffffda RBX: 00007fd130c18f80 RCX: 00007fd130a7ceb9 [ 451.374450][T10696] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001080 [ 451.382556][T10696] RBP: 00007fd12eef9090 R08: 0000000000000009 R09: 0000000000000000 [ 451.390553][T10696] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 451.398538][T10696] R13: 0000000000000000 R14: 00007fd130c18f80 R15: 00007ffefff29fd8 [ 451.406545][T10696] [ 451.552513][T10713] FAULT_INJECTION: forcing a failure. [ 451.552513][T10713] name failslab, interval 1, probability 0, space 0, times 0 [ 451.576395][T10713] CPU: 1 PID: 10713 Comm: syz.1.2467 Not tainted 5.15.165-syzkaller #0 [ 451.584783][T10713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 451.594865][T10713] Call Trace: [ 451.598252][T10713] [ 451.601199][T10713] dump_stack_lvl+0x1e3/0x2d0 [ 451.605915][T10713] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 451.611596][T10713] ? panic+0x860/0x860 [ 451.615713][T10713] ? __might_sleep+0xc0/0xc0 [ 451.620350][T10713] ? radix_tree_node_alloc+0x8b/0x3b0 [ 451.625735][T10713] should_fail+0x38a/0x4c0 [ 451.630158][T10713] should_failslab+0x5/0x20 [ 451.634658][T10713] slab_pre_alloc_hook+0x53/0xc0 [ 451.639594][T10713] ? __d_alloc+0x2a/0x700 [ 451.643951][T10713] kmem_cache_alloc+0x3f/0x280 [ 451.648726][T10713] __d_alloc+0x2a/0x700 [ 451.652875][T10713] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 451.658868][T10713] d_alloc_pseudo+0x19/0x70 [ 451.663374][T10713] alloc_file_pseudo+0x131/0x2f0 [ 451.668328][T10713] ? alloc_empty_file_noaccount+0x80/0x80 [ 451.674137][T10713] ? __lock_acquire+0x1ff0/0x1ff0 [ 451.679159][T10713] ? __local_bh_enable_ip+0x164/0x1f0 [ 451.684533][T10713] ? bpf_link_prime+0x78/0x290 [ 451.689305][T10713] anon_inode_getfile+0xc4/0x180 [ 451.694251][T10713] bpf_link_prime+0x126/0x290 [ 451.698932][T10713] bpf_raw_tracepoint_open+0x4a7/0x750 [ 451.704395][T10713] ? bpf_obj_get_info_by_fd+0x3e10/0x3e10 [ 451.710111][T10713] ? __lock_acquire+0x1ff0/0x1ff0 [ 451.715140][T10713] ? __might_fault+0xb4/0x110 [ 451.719818][T10713] ? bpf_lsm_bpf+0x5/0x10 [ 451.724154][T10713] ? security_bpf+0x7d/0xa0 [ 451.728654][T10713] __sys_bpf+0x468/0x670 [ 451.732905][T10713] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 451.738285][T10713] ? syscall_enter_from_user_mode+0x2e/0x240 [ 451.744260][T10713] ? lockdep_hardirqs_on+0x94/0x130 [ 451.749459][T10713] __x64_sys_bpf+0x78/0x90 [ 451.753871][T10713] do_syscall_64+0x3b/0xb0 [ 451.758282][T10713] ? clear_bhb_loop+0x15/0x70 [ 451.762957][T10713] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 451.768850][T10713] RIP: 0033:0x7f01bf873eb9 [ 451.773265][T10713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.792869][T10713] RSP: 002b:00007f01bdcf0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 451.801278][T10713] RAX: ffffffffffffffda RBX: 00007f01bfa0ff80 RCX: 00007f01bf873eb9 [ 451.809244][T10713] RDX: 0000000000000010 RSI: 00000000200004c0 RDI: 0000000000000011 [ 451.817211][T10713] RBP: 00007f01bdcf0090 R08: 0000000000000000 R09: 0000000000000000 [ 451.825177][T10713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 451.833156][T10713] R13: 0000000000000000 R14: 00007f01bfa0ff80 R15: 00007ffedc133ea8 [ 451.841134][T10713] [ 451.959789][T10726] veth0: mtu less than device minimum [ 452.245447][T10737] FAULT_INJECTION: forcing a failure. [ 452.245447][T10737] name failslab, interval 1, probability 0, space 0, times 0 [ 452.258516][T10737] CPU: 0 PID: 10737 Comm: syz.3.2474 Not tainted 5.15.165-syzkaller #0 [ 452.266983][T10737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 452.277074][T10737] Call Trace: [ 452.280367][T10737] [ 452.283398][T10737] dump_stack_lvl+0x1e3/0x2d0 [ 452.288203][T10737] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 452.293867][T10737] ? panic+0x860/0x860 [ 452.297968][T10737] should_fail+0x38a/0x4c0 [ 452.302405][T10737] should_failslab+0x5/0x20 [ 452.306921][T10737] slab_pre_alloc_hook+0x53/0xc0 [ 452.311876][T10737] __kmalloc_node+0x71/0x390 [ 452.316482][T10737] ? _raw_spin_lock_irqsave+0xac/0x120 [ 452.321950][T10737] ? bpf_map_kmalloc_node+0xdb/0x160 [ 452.327333][T10737] ? lockdep_hardirqs_off+0x70/0x100 [ 452.332723][T10737] bpf_map_kmalloc_node+0xdb/0x160 [ 452.337851][T10737] __dev_map_alloc_node+0x56/0x4c0 [ 452.343063][T10737] ? dev_map_hash_update_elem+0x144/0x7a0 [ 452.348802][T10737] dev_map_hash_update_elem+0x2d1/0x7a0 [ 452.354379][T10737] ? dev_map_hash_lookup_elem+0x180/0x180 [ 452.360134][T10737] bpf_map_update_value+0x5d7/0x6c0 [ 452.365384][T10737] map_update_elem+0x6a0/0x7c0 [ 452.370171][T10737] __sys_bpf+0x2fd/0x670 [ 452.374432][T10737] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 452.379836][T10737] ? trace_hardirqs_on+0x30/0x80 [ 452.384791][T10737] ? syscall_enter_from_user_mode+0x37/0x240 [ 452.390790][T10737] __x64_sys_bpf+0x78/0x90 [ 452.395352][T10737] do_syscall_64+0x3b/0xb0 [ 452.399796][T10737] ? clear_bhb_loop+0x15/0x70 [ 452.404492][T10737] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 452.410420][T10737] RIP: 0033:0x7fd130a7ceb9 [ 452.414864][T10737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.434484][T10737] RSP: 002b:00007fd12eef9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 452.442915][T10737] RAX: ffffffffffffffda RBX: 00007fd130c18f80 RCX: 00007fd130a7ceb9 [ 452.450908][T10737] RDX: 0000000000000020 RSI: 0000000020000400 RDI: 0000000000000002 [ 452.459166][T10737] RBP: 00007fd12eef9090 R08: 0000000000000000 R09: 0000000000000000 [ 452.467164][T10737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 452.475146][T10737] R13: 0000000000000000 R14: 00007fd130c18f80 R15: 00007ffefff29fd8 [ 452.483150][T10737] [ 453.253020][T10761] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2480'. [ 453.528921][T10769] veth0: mtu less than device minimum [ 453.661419][T10774] netlink: 1033 bytes leftover after parsing attributes in process `syz.2.2486'. [ 454.008264][T10791] netlink: 1033 bytes leftover after parsing attributes in process `syz.2.2491'. [ 454.053397][T10791] FAULT_INJECTION: forcing a failure. [ 454.053397][T10791] name failslab, interval 1, probability 0, space 0, times 0 [ 454.105790][T10791] CPU: 0 PID: 10791 Comm: syz.2.2491 Not tainted 5.15.165-syzkaller #0 [ 454.114186][T10791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 454.124272][T10791] Call Trace: [ 454.127584][T10791] [ 454.130547][T10791] dump_stack_lvl+0x1e3/0x2d0 [ 454.135265][T10791] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 454.140967][T10791] ? panic+0x860/0x860 [ 454.145083][T10791] ? string+0x26a/0x2b0 [ 454.149273][T10791] ? widen_string+0x3a/0x310 [ 454.153913][T10791] should_fail+0x38a/0x4c0 [ 454.158375][T10791] should_failslab+0x5/0x20 [ 454.162907][T10791] slab_pre_alloc_hook+0x53/0xc0 [ 454.167892][T10791] kmem_cache_alloc_trace+0x49/0x290 [ 454.173215][T10791] ? __request_module+0x30a/0x9b0 [ 454.178281][T10791] __request_module+0x30a/0x9b0 [ 454.183161][T10791] ? capable+0x74/0xe0 [ 454.187263][T10791] ? umd_cleanup+0x110/0x110 [ 454.191884][T10791] ? aa_get_newest_label+0xf9/0x6c0 [ 454.197121][T10791] ? end_current_label_crit_section+0x170/0x170 [ 454.203424][T10791] ? apparmor_capable+0x12e/0x190 [ 454.208481][T10791] ? bpf_lsm_capable+0x5/0x10 [ 454.213191][T10791] ? security_capable+0x86/0xb0 [ 454.218092][T10791] dev_load+0x156/0x1b0 [ 454.222276][T10791] dev_ioctl+0x593/0xf60 [ 454.226552][T10791] sock_ioctl+0x68f/0x770 [ 454.230912][T10791] ? sock_poll+0x410/0x410 [ 454.235381][T10791] ? bpf_lsm_file_ioctl+0x5/0x10 [ 454.240345][T10791] ? security_file_ioctl+0x7d/0xa0 [ 454.245479][T10791] ? sock_poll+0x410/0x410 [ 454.250073][T10791] __se_sys_ioctl+0xf1/0x160 [ 454.254713][T10791] do_syscall_64+0x3b/0xb0 [ 454.259162][T10791] ? clear_bhb_loop+0x15/0x70 [ 454.263879][T10791] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 454.269810][T10791] RIP: 0033:0x7fd67599beb9 [ 454.274260][T10791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.293896][T10791] RSP: 002b:00007fd673e18038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 454.302355][T10791] RAX: ffffffffffffffda RBX: 00007fd675b37f80 RCX: 00007fd67599beb9 [ 454.310361][T10791] RDX: 0000000020000080 RSI: 00000000000089f2 RDI: 000000000000000b [ 454.318366][T10791] RBP: 00007fd673e18090 R08: 0000000000000000 R09: 0000000000000000 [ 454.326368][T10791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 454.334362][T10791] R13: 0000000000000000 R14: 00007fd675b37f80 R15: 00007ffc31ea72a8 [ 454.342393][T10791] [ 454.601033][T10800] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.2495'. [ 454.652118][T10802] veth0: mtu less than device minimum [ 454.874831][T10813] netlink: 'syz.4.2499': attribute type 10 has an invalid length. [ 455.138692][T10817] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2500'. [ 455.368090][T10830] FAULT_INJECTION: forcing a failure. [ 455.368090][T10830] name failslab, interval 1, probability 0, space 0, times 0 [ 455.484380][T10830] CPU: 1 PID: 10830 Comm: syz.0.2505 Not tainted 5.15.165-syzkaller #0 [ 455.492670][T10830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 455.502743][T10830] Call Trace: [ 455.506044][T10830] [ 455.509019][T10830] dump_stack_lvl+0x1e3/0x2d0 [ 455.513725][T10830] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 455.519401][T10830] ? panic+0x860/0x860 [ 455.523502][T10830] ? __might_sleep+0xc0/0xc0 [ 455.528117][T10830] ? __hw_addr_add_ex+0x473/0x770 [ 455.533372][T10830] should_fail+0x38a/0x4c0 [ 455.537827][T10830] should_failslab+0x5/0x20 [ 455.542361][T10830] slab_pre_alloc_hook+0x53/0xc0 [ 455.547327][T10830] __kmalloc_node+0x71/0x390 [ 455.551960][T10830] ? kvmalloc_node+0x80/0x140 [ 455.556661][T10830] kvmalloc_node+0x80/0x140 [ 455.561185][T10830] alloc_netdev_mqs+0x611/0xc10 [ 455.566062][T10830] ? tun_not_capable+0x1e0/0x1e0 [ 455.571232][T10830] tun_set_iff+0x522/0xdc0 [ 455.575805][T10830] __tun_chr_ioctl+0x7ec/0x2270 [ 455.580877][T10830] ? tun_flow_create+0x310/0x310 [ 455.585864][T10830] ? security_file_ioctl+0x71/0xa0 [ 455.591010][T10830] ? bpf_lsm_file_ioctl+0x5/0x10 [ 455.595965][T10830] ? security_file_ioctl+0x7d/0xa0 [ 455.601092][T10830] ? tun_chr_poll+0x620/0x620 [ 455.605788][T10830] __se_sys_ioctl+0xf1/0x160 [ 455.610408][T10830] do_syscall_64+0x3b/0xb0 [ 455.614844][T10830] ? clear_bhb_loop+0x15/0x70 [ 455.619543][T10830] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 455.625453][T10830] RIP: 0033:0x7f46d2deeeb9 [ 455.629880][T10830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.649507][T10830] RSP: 002b:00007f46d126b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 455.657943][T10830] RAX: ffffffffffffffda RBX: 00007f46d2f8af80 RCX: 00007f46d2deeeb9 [ 455.665944][T10830] RDX: 0000000020000200 RSI: 00000000400454ca RDI: 0000000000000006 [ 455.673921][T10830] RBP: 00007f46d126b090 R08: 0000000000000000 R09: 0000000000000000 [ 455.682075][T10830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 455.690052][T10830] R13: 0000000000000000 R14: 00007f46d2f8af80 R15: 00007ffd7cc98a98 [ 455.698082][T10830] [ 455.869335][T10844] veth0: mtu less than device minimum [ 456.037203][T10847] netlink: 'syz.0.2509': attribute type 21 has an invalid length. [ 456.117716][T10849] FAULT_INJECTION: forcing a failure. [ 456.117716][T10849] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 456.180717][T10853] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.2511'. [ 456.182899][T10849] CPU: 1 PID: 10849 Comm: syz.1.2510 Not tainted 5.15.165-syzkaller #0 [ 456.198294][T10849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 456.208353][T10849] Call Trace: [ 456.211629][T10849] [ 456.214554][T10849] dump_stack_lvl+0x1e3/0x2d0 [ 456.219230][T10849] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 456.224857][T10849] ? panic+0x860/0x860 [ 456.228930][T10849] ? __lock_acquire+0x1ff0/0x1ff0 [ 456.234133][T10849] should_fail+0x38a/0x4c0 [ 456.238577][T10849] strncpy_from_user+0x32/0x370 [ 456.243435][T10849] getname_flags+0xf5/0x4e0 [ 456.247952][T10849] do_sys_openat2+0xd2/0x4f0 [ 456.252561][T10849] ? do_sys_open+0x220/0x220 [ 456.257338][T10849] ? perf_trace_context_tracking_user+0x2f9/0x3d0 [ 456.263767][T10849] __x64_sys_openat+0x243/0x290 [ 456.268624][T10849] ? __ia32_sys_open+0x270/0x270 [ 456.273564][T10849] ? syscall_enter_from_user_mode+0x2e/0x240 [ 456.279563][T10849] ? lockdep_hardirqs_on+0x94/0x130 [ 456.284776][T10849] ? syscall_enter_from_user_mode+0x2e/0x240 [ 456.290757][T10849] do_syscall_64+0x3b/0xb0 [ 456.295172][T10849] ? clear_bhb_loop+0x15/0x70 [ 456.299846][T10849] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 456.305738][T10849] RIP: 0033:0x7f01bf873eb9 [ 456.310151][T10849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 456.329748][T10849] RSP: 002b:00007f01bdcf0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 456.338163][T10849] RAX: ffffffffffffffda RBX: 00007f01bfa0ff80 RCX: 00007f01bf873eb9 [ 456.346131][T10849] RDX: 00000000000026e1 RSI: 0000000020000880 RDI: ffffffffffffff9c [ 456.354114][T10849] RBP: 00007f01bdcf0090 R08: 0000000000000000 R09: 0000000000000000 [ 456.362084][T10849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 456.370124][T10849] R13: 0000000000000000 R14: 00007f01bfa0ff80 R15: 00007ffedc133ea8 [ 456.378103][T10849] [ 456.870228][T10872] FAULT_INJECTION: forcing a failure. [ 456.870228][T10872] name failslab, interval 1, probability 0, space 0, times 0 [ 456.920029][T10872] CPU: 0 PID: 10872 Comm: syz.3.2519 Not tainted 5.15.165-syzkaller #0 [ 456.928333][T10872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 456.938424][T10872] Call Trace: [ 456.941729][T10872] [ 456.944680][T10872] dump_stack_lvl+0x1e3/0x2d0 [ 456.949397][T10872] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 456.955172][T10872] ? panic+0x860/0x860 [ 456.959290][T10872] ? __might_sleep+0xc0/0xc0 [ 456.963942][T10872] should_fail+0x38a/0x4c0 [ 456.968403][T10872] should_failslab+0x5/0x20 [ 456.972935][T10872] slab_pre_alloc_hook+0x53/0xc0 [ 456.977932][T10872] kmem_cache_alloc_trace+0x49/0x290 [ 456.983250][T10872] ? sctp_association_new+0x86/0x2360 [ 456.988689][T10872] sctp_association_new+0x86/0x2360 [ 456.993931][T10872] ? sctp_do_bind+0x69f/0x970 [ 456.998683][T10872] sctp_connect_new_asoc+0x2ca/0x6a0 [ 457.004008][T10872] ? __sctp_connect+0xe10/0xe10 [ 457.008908][T10872] ? sctp_sendmsg+0xb21/0x3370 [ 457.013724][T10872] ? bpf_lsm_sctp_bind_connect+0x5/0x10 [ 457.019314][T10872] ? security_sctp_bind_connect+0x86/0xb0 [ 457.025096][T10872] sctp_sendmsg+0x1cd9/0x3370 [ 457.029949][T10872] ? sctp_getsockopt+0x7f0/0x7f0 [ 457.034933][T10872] ? aa_af_perm+0x350/0x350 [ 457.039464][T10872] ? perf_swevent_get_recursion_context+0xdf/0x150 [ 457.046016][T10872] ? inet_sendmsg+0xfc/0x310 [ 457.050644][T10872] ? inet_send_prepare+0x250/0x250 [ 457.055796][T10872] ____sys_sendmsg+0x59e/0x8f0 [ 457.060598][T10872] ? iovec_from_user+0x300/0x390 [ 457.065580][T10872] ? __sys_sendmsg_sock+0x30/0x30 [ 457.070674][T10872] ___sys_sendmsg+0x252/0x2e0 [ 457.075400][T10872] ? __sys_sendmsg+0x260/0x260 [ 457.080251][T10872] ? __bpf_trace_bpf_trace_printk+0x20/0x20 [ 457.086226][T10872] ? __fdget+0x191/0x220 [ 457.090511][T10872] __se_sys_sendmsg+0x19a/0x260 [ 457.095422][T10872] ? __x64_sys_sendmsg+0x80/0x80 [ 457.100633][T10872] ? syscall_enter_from_user_mode+0x2e/0x240 [ 457.106657][T10872] ? lockdep_hardirqs_on+0x94/0x130 [ 457.111902][T10872] ? syscall_enter_from_user_mode+0x2e/0x240 [ 457.117931][T10872] do_syscall_64+0x3b/0xb0 [ 457.122380][T10872] ? clear_bhb_loop+0x15/0x70 [ 457.127093][T10872] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 457.133018][T10872] RIP: 0033:0x7fd130a7ceb9 [ 457.137466][T10872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.157103][T10872] RSP: 002b:00007fd12eef9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 457.165553][T10872] RAX: ffffffffffffffda RBX: 00007fd130c18f80 RCX: 00007fd130a7ceb9 [ 457.173557][T10872] RDX: 00000000000003e8 RSI: 00000000200004c0 RDI: 0000000000000006 [ 457.181563][T10872] RBP: 00007fd12eef9090 R08: 0000000000000000 R09: 0000000000000000 [ 457.189567][T10872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 457.197568][T10872] R13: 0000000000000000 R14: 00007fd130c18f80 R15: 00007ffefff29fd8 [ 457.205628][T10872] [ 457.243381][T10878] veth0: mtu less than device minimum [ 458.281989][T10899] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.2527'. [ 458.620208][T10910] netlink: 'syz.0.2531': attribute type 17 has an invalid length. [ 458.643384][T10910] netlink: 'syz.0.2531': attribute type 16 has an invalid length. [ 458.677886][T10910] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2531'. [ 459.114457][T10918] veth0: mtu less than device minimum [ 460.921373][T10933] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2541'. [ 461.301887][T10941] FAULT_INJECTION: forcing a failure. [ 461.301887][T10941] name failslab, interval 1, probability 0, space 0, times 0 [ 461.359008][T10941] CPU: 0 PID: 10941 Comm: syz.0.2542 Not tainted 5.15.165-syzkaller #0 [ 461.367322][T10941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 461.377439][T10941] Call Trace: [ 461.380765][T10941] [ 461.383744][T10941] dump_stack_lvl+0x1e3/0x2d0 [ 461.388486][T10941] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 461.394175][T10941] ? panic+0x860/0x860 [ 461.398320][T10941] ? __might_sleep+0xc0/0xc0 [ 461.402946][T10941] ? ____kasan_kmalloc+0xd1/0xf0 [ 461.407930][T10941] ? kmem_cache_alloc_trace+0x143/0x290 [ 461.413521][T10941] ? sta_set_sinfo+0x22cc/0x4470 [ 461.418535][T10941] ? __sta_info_destroy_part2+0x2cf/0x400 [ 461.424311][T10941] ? __sta_info_flush+0x42a/0x4d0 [ 461.429410][T10941] should_fail+0x38a/0x4c0 [ 461.433913][T10941] should_failslab+0x5/0x20 [ 461.438467][T10941] slab_pre_alloc_hook+0x53/0xc0 [ 461.443477][T10941] kmem_cache_alloc_node+0x49/0x2c0 [ 461.448730][T10941] ? __alloc_skb+0xdd/0x590 [ 461.453302][T10941] __alloc_skb+0xdd/0x590 [ 461.457704][T10941] cfg80211_del_sta_sinfo+0x18e/0x4c0 [ 461.463151][T10941] ? nl80211_send_station+0x3a40/0x3a40 [ 461.468840][T10941] __sta_info_destroy_part2+0x30c/0x400 [ 461.474425][T10941] __sta_info_flush+0x42a/0x4d0 [ 461.479348][T10941] ? sta_info_stop+0x30/0x30 [ 461.483961][T10941] ? do_raw_spin_unlock+0x137/0x8b0 [ 461.489233][T10941] ieee80211_ibss_disconnect+0x259/0x6f0 [ 461.494922][T10941] ieee80211_ibss_leave+0x21/0x130 [ 461.500059][T10941] __cfg80211_leave_ibss+0x1cd/0x400 [ 461.505372][T10941] cfg80211_ibss_wext_siwap+0x3b6/0x660 [ 461.511033][T10941] __cfg80211_wext_siwap+0xd5/0x120 [ 461.516252][T10941] ioctl_standard_call+0xdb/0x280 [ 461.521288][T10941] ? __cfg80211_wext_giwrange+0x30/0x30 [ 461.526884][T10941] ? __cfg80211_wext_giwrange+0x30/0x30 [ 461.532439][T10941] wext_ioctl_dispatch+0x16f/0x460 [ 461.537562][T10941] ? wext_ioctl_dispatch+0x460/0x460 [ 461.542855][T10941] ? iw_handler_get_private+0x1e0/0x1e0 [ 461.548425][T10941] wext_handle_ioctl+0x15b/0x260 [ 461.553385][T10941] ? call_commit_handler+0xf0/0xf0 [ 461.558556][T10941] sock_ioctl+0x13b/0x770 [ 461.562906][T10941] ? sock_poll+0x410/0x410 [ 461.567337][T10941] ? __fget_files+0x413/0x480 [ 461.572064][T10941] ? bpf_lsm_file_ioctl+0x5/0x10 [ 461.577011][T10941] ? security_file_ioctl+0x7d/0xa0 [ 461.582131][T10941] ? sock_poll+0x410/0x410 [ 461.586590][T10941] __se_sys_ioctl+0xf1/0x160 [ 461.591209][T10941] do_syscall_64+0x3b/0xb0 [ 461.595640][T10941] ? clear_bhb_loop+0x15/0x70 [ 461.600337][T10941] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 461.606240][T10941] RIP: 0033:0x7f46d2deeeb9 [ 461.610668][T10941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.630293][T10941] RSP: 002b:00007f46d126b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 461.638723][T10941] RAX: ffffffffffffffda RBX: 00007f46d2f8af80 RCX: 00007f46d2deeeb9 [ 461.646706][T10941] RDX: 0000000020000000 RSI: 0000000000008b14 RDI: 000000000000000c [ 461.654869][T10941] RBP: 00007f46d126b090 R08: 0000000000000000 R09: 0000000000000000 [ 461.662849][T10941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 461.670825][T10941] R13: 0000000000000000 R14: 00007f46d2f8af80 R15: 00007ffd7cc98a98 [ 461.678849][T10941] [ 461.895879][T10956] veth0: mtu less than device minimum [ 462.801010][T10978] netlink: 'syz.4.2556': attribute type 1 has an invalid length. [ 462.823210][T10978] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.2556'. [ 462.923388][T10986] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.2557'. [ 463.061047][T10993] FAULT_INJECTION: forcing a failure. [ 463.061047][T10993] name failslab, interval 1, probability 0, space 0, times 0 [ 463.086920][T10993] CPU: 0 PID: 10993 Comm: syz.4.2558 Not tainted 5.15.165-syzkaller #0 [ 463.095313][T10993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 463.105501][T10993] Call Trace: [ 463.108817][T10993] [ 463.111764][T10993] dump_stack_lvl+0x1e3/0x2d0 [ 463.116494][T10993] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 463.122162][T10993] ? panic+0x860/0x860 [ 463.126276][T10993] ? __might_sleep+0xc0/0xc0 [ 463.130919][T10993] should_fail+0x38a/0x4c0 [ 463.135389][T10993] should_failslab+0x5/0x20 [ 463.139937][T10993] slab_pre_alloc_hook+0x53/0xc0 [ 463.144909][T10993] __kmalloc_node_track_caller+0x6b/0x390 [ 463.150653][T10993] ? __ip_append_data+0x2640/0x3ad0 [ 463.155876][T10993] ? kmem_cache_alloc_node+0x154/0x2c0 [ 463.161369][T10993] ? __alloc_skb+0xdd/0x590 [ 463.165919][T10993] ? __ip_append_data+0x2640/0x3ad0 [ 463.171146][T10993] __alloc_skb+0x12c/0x590 [ 463.175609][T10993] __ip_append_data+0x2640/0x3ad0 [ 463.180748][T10993] ? raw_send_hdrinc+0x1430/0x1430 [ 463.185903][T10993] ? print_irqtrace_events+0x210/0x210 [ 463.191397][T10993] ? lockdep_hardirqs_on_prepare+0x7a0/0x7a0 [ 463.197418][T10993] ? ip_setup_cork+0x860/0x860 [ 463.202237][T10993] ? ipv4_mtu+0x2a4/0x3c0 [ 463.206623][T10993] ? ip_setup_cork+0x4a2/0x860 [ 463.211436][T10993] ip_append_data+0x12c/0x1a0 [ 463.216158][T10993] ? raw_send_hdrinc+0x1430/0x1430 [ 463.221311][T10993] raw_sendmsg+0x18e6/0x2450 [ 463.226004][T10993] ? compat_raw_ioctl+0x60/0x60 [ 463.230933][T10993] ? aa_sk_perm+0x8fc/0xa30 [ 463.235484][T10993] ? aa_af_perm+0x350/0x350 [ 463.240007][T10993] ? sock_rps_record_flow+0x19/0x3c0 [ 463.245324][T10993] ? inet_sendmsg+0x81/0x310 [ 463.249950][T10993] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 463.255239][T10993] ? security_socket_sendmsg+0x7d/0xa0 [ 463.260709][T10993] ? inet_send_prepare+0x250/0x250 [ 463.265825][T10993] ____sys_sendmsg+0x59e/0x8f0 [ 463.270603][T10993] ? iovec_from_user+0x300/0x390 [ 463.275562][T10993] ? __sys_sendmsg_sock+0x30/0x30 [ 463.280623][T10993] ___sys_sendmsg+0x252/0x2e0 [ 463.285330][T10993] ? __sys_sendmsg+0x260/0x260 [ 463.290170][T10993] ? __fdget+0x191/0x220 [ 463.294421][T10993] __se_sys_sendmsg+0x19a/0x260 [ 463.299279][T10993] ? __x64_sys_sendmsg+0x80/0x80 [ 463.304241][T10993] ? syscall_enter_from_user_mode+0x2e/0x240 [ 463.310226][T10993] ? lockdep_hardirqs_on+0x94/0x130 [ 463.315430][T10993] ? syscall_enter_from_user_mode+0x2e/0x240 [ 463.321416][T10993] do_syscall_64+0x3b/0xb0 [ 463.325830][T10993] ? clear_bhb_loop+0x15/0x70 [ 463.330511][T10993] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 463.336406][T10993] RIP: 0033:0x7f6826bf9eb9 [ 463.340826][T10993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.360436][T10993] RSP: 002b:00007f6825076038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 463.368858][T10993] RAX: ffffffffffffffda RBX: 00007f6826d95f80 RCX: 00007f6826bf9eb9 [ 463.376831][T10993] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000007 [ 463.384799][T10993] RBP: 00007f6825076090 R08: 0000000000000000 R09: 0000000000000000 [ 463.392770][T10993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 463.400868][T10993] R13: 0000000000000000 R14: 00007f6826d95f80 R15: 00007ffc4c107be8 [ 463.408920][T10993] [ 463.467000][T10998] veth0: mtu less than device minimum [ 469.605819][T11023] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.2570'. [ 470.677142][T11028] veth0: mtu less than device minimum [ 470.906679][ T1202] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.025212][T11038] FAULT_INJECTION: forcing a failure. [ 471.025212][T11038] name failslab, interval 1, probability 0, space 0, times 0 [ 471.053482][ T1202] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.084468][T11038] CPU: 0 PID: 11038 Comm: syz.0.2574 Not tainted 5.15.165-syzkaller #0 [ 471.092772][T11038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 471.102867][T11038] Call Trace: [ 471.106166][T11038] [ 471.109244][T11038] dump_stack_lvl+0x1e3/0x2d0 [ 471.113969][T11038] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 471.119652][T11038] ? panic+0x860/0x860 [ 471.123823][T11038] ? __might_sleep+0xc0/0xc0 [ 471.128472][T11038] should_fail+0x38a/0x4c0 [ 471.132936][T11038] should_failslab+0x5/0x20 [ 471.137469][T11038] slab_pre_alloc_hook+0x53/0xc0 [ 471.142446][T11038] __kmalloc_node+0x71/0x390 [ 471.147069][T11038] ? kvmalloc_node+0x80/0x140 [ 471.151789][T11038] kvmalloc_node+0x80/0x140 [ 471.156422][T11038] map_update_elem+0x348/0x7c0 [ 471.161247][T11038] __sys_bpf+0x2fd/0x670 [ 471.165536][T11038] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 471.170985][T11038] ? syscall_enter_from_user_mode+0x2e/0x240 [ 471.177092][T11038] ? lockdep_hardirqs_on+0x94/0x130 [ 471.182341][T11038] __x64_sys_bpf+0x78/0x90 [ 471.186807][T11038] do_syscall_64+0x3b/0xb0 [ 471.191260][T11038] ? clear_bhb_loop+0x15/0x70 [ 471.196064][T11038] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 471.202000][T11038] RIP: 0033:0x7f46d2deeeb9 [ 471.206450][T11038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 471.226346][T11038] RSP: 002b:00007f46d126b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 471.234901][T11038] RAX: ffffffffffffffda RBX: 00007f46d2f8af80 RCX: 00007f46d2deeeb9 [ 471.242909][T11038] RDX: 0000000000000020 RSI: 00000000200002c0 RDI: 0000000000000002 [ 471.250917][T11038] RBP: 00007f46d126b090 R08: 0000000000000000 R09: 0000000000000000 [ 471.258932][T11038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 471.266938][T11038] R13: 0000000000000000 R14: 00007f46d2f8af80 R15: 00007ffd7cc98a98 [ 471.275019][T11038] [ 471.302364][T11044] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 471.355138][ T1202] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.527023][ T1202] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.575653][T11056] veth0: mtu less than device minimum [ 471.646084][T11025] chnl_net:caif_netlink_parms(): no params data found [ 471.667795][T11059] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2582'. [ 471.774383][T11063] netlink: 72944 bytes leftover after parsing attributes in process `syz.3.2583'. [ 471.927988][T11066] netlink: 'syz.3.2583': attribute type 2 has an invalid length. [ 472.000877][T11066] device 0 entered promiscuous mode [ 472.137074][T11079] FAULT_INJECTION: forcing a failure. [ 472.137074][T11079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 472.151107][T11079] CPU: 1 PID: 11079 Comm: syz.3.2586 Not tainted 5.15.165-syzkaller #0 [ 472.159388][T11079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 472.169466][T11079] Call Trace: [ 472.172760][T11079] [ 472.175699][T11079] dump_stack_lvl+0x1e3/0x2d0 [ 472.180397][T11079] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 472.186060][T11079] ? panic+0x860/0x860 [ 472.190167][T11079] should_fail+0x38a/0x4c0 [ 472.194620][T11079] _copy_from_user+0x2d/0x170 [ 472.199324][T11079] sctp_setsockopt+0xc6/0x10d0 [ 472.204123][T11079] ? sock_common_recvmsg+0x240/0x240 [ 472.209434][T11079] __sys_setsockopt+0x57e/0x990 [ 472.214317][T11079] ? __ia32_sys_recv+0xb0/0xb0 [ 472.219116][T11079] ? syscall_enter_from_user_mode+0x2e/0x240 [ 472.225125][T11079] __x64_sys_setsockopt+0xb1/0xc0 [ 472.230187][T11079] do_syscall_64+0x3b/0xb0 [ 472.234634][T11079] ? clear_bhb_loop+0x15/0x70 [ 472.239348][T11079] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 472.245273][T11079] RIP: 0033:0x7fd130a7ceb9 [ 472.249745][T11079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.269373][T11079] RSP: 002b:00007fd12eef9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 472.277803][T11079] RAX: ffffffffffffffda RBX: 00007fd130c18f80 RCX: 00007fd130a7ceb9 [ 472.285785][T11079] RDX: 0000000000000025 RSI: 0000000000000084 RDI: 0000000000000003 [ 472.293761][T11079] RBP: 00007fd12eef9090 R08: 0000000020000010 R09: 0000000000000000 [ 472.301729][T11079] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 472.309693][T11079] R13: 0000000000000000 R14: 00007fd130c18f80 R15: 00007ffefff29fd8 [ 472.317673][T11079] [ 472.321970][ T5446] Bluetooth: hci4: command 0x0409 tx timeout [ 472.425154][T11083] netlink: 'syz.4.2587': attribute type 21 has an invalid length. [ 472.446796][T11083] netlink: 'syz.4.2587': attribute type 6 has an invalid length. [ 472.460281][T11083] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2587'. [ 472.537534][T11025] bridge0: port 1(bridge_slave_0) entered blocking state [ 472.555047][T11025] bridge0: port 1(bridge_slave_0) entered disabled state [ 472.573824][T11025] device bridge_slave_0 entered promiscuous mode [ 472.619159][T11025] bridge0: port 2(bridge_slave_1) entered blocking state [ 472.632943][T11025] bridge0: port 2(bridge_slave_1) entered disabled state [ 472.641246][T11025] device bridge_slave_1 entered promiscuous mode [ 472.806145][T11025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 472.840263][T11025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 472.881749][T11103] veth0: mtu less than device minimum [ 473.066570][T11025] team0: Port device team_slave_0 added [ 473.165238][T11025] team0: Port device team_slave_1 added [ 473.275956][T11114] netlink: 'syz.0.2597': attribute type 21 has an invalid length. [ 473.293597][T11114] netlink: 'syz.0.2597': attribute type 6 has an invalid length. [ 473.301370][T11114] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2597'. [ 473.327714][T11025] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 473.335515][T11025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 473.388980][T11025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 473.438996][T11025] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 473.480093][T11025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 473.581223][T11025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 473.607144][ C1] eth0: bad gso: type: 1, size: 1408 [ 473.662982][T11123] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.2599'. [ 473.986609][T11025] device hsr_slave_0 entered promiscuous mode [ 474.047731][T11025] device hsr_slave_1 entered promiscuous mode [ 474.068338][T11025] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 474.086064][T11025] Cannot create hsr debugfs directory [ 474.291432][T11162] veth0: mtu less than device minimum [ 474.433000][ T5147] Bluetooth: hci4: command 0x041b tx timeout [ 474.718871][ T1202] device hsr_slave_0 left promiscuous mode [ 474.806443][ T1202] device hsr_slave_1 left promiscuous mode [ 474.833934][ T1202] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 474.873435][ T1202] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 474.898294][ T1202] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 474.933540][ T1202] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 475.006722][ T1202] device veth0_to_hsr left promiscuous mode [ 475.024977][ T1202] bridge0: port 3(veth0_to_hsr) entered disabled state [ 475.110961][ T1202] device bridge_slave_1 left promiscuous mode [ 475.145418][ T1202] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.251928][ T1202] device bridge_slave_0 left promiscuous mode [ 475.263489][ T1202] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.288839][ T1202] device veth1_macvtap left promiscuous mode [ 475.334301][ T1202] device veth0_macvtap left promiscuous mode [ 475.340621][ T1202] device veth1_vlan left promiscuous mode [ 475.360982][ T1202] device veth0_vlan left promiscuous mode [ 475.809081][ T1202] team0 (unregistering): Port device team_slave_1 removed [ 475.834992][ T1202] team0 (unregistering): Port device team_slave_0 removed [ 475.848358][ T1202] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 475.863635][ T1202] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 475.947377][ T1202] bond0 (unregistering): Released all slaves [ 476.033154][T11200] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2618'. [ 476.217136][T11217] veth0: mtu less than device minimum [ 476.501055][ T5142] Bluetooth: hci4: command 0x040f tx timeout [ 476.582589][T11233] netlink: 'syz.4.2624': attribute type 4 has an invalid length. [ 476.599702][T11233] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.2624'. [ 477.151854][T11025] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 477.239380][T11025] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 477.283577][T11025] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 477.327005][T11025] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 477.385895][T11257] netlink: 'syz.3.2630': attribute type 1 has an invalid length. [ 477.413021][T11257] netlink: 112865 bytes leftover after parsing attributes in process `syz.3.2630'. [ 477.473658][T11259] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2631'. [ 477.499678][T11261] veth0: mtu less than device minimum [ 477.691807][T11025] 8021q: adding VLAN 0 to HW filter on device bond0 [ 477.780429][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 477.823332][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 477.906910][T11273] FAULT_INJECTION: forcing a failure. [ 477.906910][T11273] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 477.928493][T11273] CPU: 0 PID: 11273 Comm: syz.3.2636 Not tainted 5.15.165-syzkaller #0 [ 477.936973][T11273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 477.947044][T11273] Call Trace: [ 477.950336][T11273] [ 477.953275][T11273] dump_stack_lvl+0x1e3/0x2d0 [ 477.957075][T11025] 8021q: adding VLAN 0 to HW filter on device team0 [ 477.957979][T11273] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 477.970187][T11273] ? panic+0x860/0x860 [ 477.974304][T11273] ? snprintf+0xd6/0x120 [ 477.978562][T11273] should_fail+0x38a/0x4c0 [ 477.982997][T11273] _copy_to_user+0x2d/0x130 [ 477.987513][T11273] simple_read_from_buffer+0xc6/0x150 [ 477.992907][T11273] proc_fail_nth_read+0x1a3/0x210 [ 477.997946][T11273] ? proc_fault_inject_write+0x390/0x390 [ 478.003595][T11273] ? fsnotify_perm+0x442/0x590 [ 478.008368][T11273] ? proc_fault_inject_write+0x390/0x390 [ 478.014035][T11273] vfs_read+0x2fc/0xe10 [ 478.018230][T11273] ? kernel_read+0x1f0/0x1f0 [ 478.022842][T11273] ? __fget_files+0x413/0x480 [ 478.027537][T11273] ? mutex_lock_nested+0x17/0x20 [ 478.032513][T11273] ? __fdget_pos+0x2cb/0x380 [ 478.037111][T11273] ? ksys_read+0x77/0x2c0 [ 478.041454][T11273] ksys_read+0x1a2/0x2c0 [ 478.045707][T11273] ? print_irqtrace_events+0x210/0x210 [ 478.051180][T11273] ? vfs_write+0xe50/0xe50 [ 478.055610][T11273] ? syscall_enter_from_user_mode+0x2e/0x240 [ 478.061601][T11273] ? lockdep_hardirqs_on+0x94/0x130 [ 478.066814][T11273] ? syscall_enter_from_user_mode+0x2e/0x240 [ 478.072824][T11273] do_syscall_64+0x3b/0xb0 [ 478.077251][T11273] ? clear_bhb_loop+0x15/0x70 [ 478.081946][T11273] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 478.087849][T11273] RIP: 0033:0x7fd130a7b8fc [ 478.092281][T11273] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 478.111898][T11273] RSP: 002b:00007fd12eef9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 478.120328][T11273] RAX: ffffffffffffffda RBX: 00007fd130c18f80 RCX: 00007fd130a7b8fc [ 478.128309][T11273] RDX: 000000000000000f RSI: 00007fd12eef90a0 RDI: 0000000000000005 [ 478.136289][T11273] RBP: 00007fd12eef9090 R08: 0000000000000000 R09: 0000000000000000 [ 478.144269][T11273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 478.152248][T11273] R13: 0000000000000000 R14: 00007fd130c18f80 R15: 00007ffefff29fd8 [ 478.160248][T11273] [ 478.176666][T11276] netlink: 'syz.1.2635': attribute type 6 has an invalid length. [ 478.192889][T11276] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2635'. [ 478.244426][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 478.264237][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 478.310961][ T3888] bridge0: port 1(bridge_slave_0) entered blocking state [ 478.318149][ T3888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 478.392216][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 478.427310][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 478.439186][ T3888] bridge0: port 2(bridge_slave_1) entered blocking state [ 478.446369][ T3888] bridge0: port 2(bridge_slave_1) entered forwarding state [ 478.505785][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 478.530266][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 478.553133][ T5142] Bluetooth: hci4: command 0x0419 tx timeout [ 478.588567][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 478.653786][T11285] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2639'. [ 478.719915][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 478.750888][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 478.787845][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 478.849392][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 478.872449][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 478.914626][T11296] veth0: mtu less than device minimum [ 478.926999][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 478.963682][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 478.983367][T11025] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 479.038644][T11025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 479.065973][T11303] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.2645'. [ 479.109609][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 479.119048][T11307] FAULT_INJECTION: forcing a failure. [ 479.119048][T11307] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 479.139431][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 479.163157][T11307] CPU: 0 PID: 11307 Comm: syz.3.2647 Not tainted 5.15.165-syzkaller #0 [ 479.171447][T11307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 479.181521][T11307] Call Trace: [ 479.184818][T11307] [ 479.187760][T11307] dump_stack_lvl+0x1e3/0x2d0 [ 479.192468][T11307] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 479.198161][T11307] ? panic+0x860/0x860 [ 479.202272][T11307] should_fail+0x38a/0x4c0 [ 479.206810][T11307] _copy_from_user+0x2d/0x170 [ 479.211521][T11307] __sys_bpf+0x1d5/0x670 [ 479.215798][T11307] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 479.221213][T11307] ? syscall_enter_from_user_mode+0x2e/0x240 [ 479.227216][T11307] ? lockdep_hardirqs_on+0x94/0x130 [ 479.232464][T11307] __x64_sys_bpf+0x78/0x90 [ 479.236912][T11307] do_syscall_64+0x3b/0xb0 [ 479.241358][T11307] ? clear_bhb_loop+0x15/0x70 [ 479.246197][T11307] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 479.252134][T11307] RIP: 0033:0x7fd130a7ceb9 [ 479.256577][T11307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.276429][T11307] RSP: 002b:00007fd12eef9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 479.284876][T11307] RAX: ffffffffffffffda RBX: 00007fd130c18f80 RCX: 00007fd130a7ceb9 [ 479.292987][T11307] RDX: 0000000000000090 RSI: 00000000200004c0 RDI: 0000000000000005 [ 479.300982][T11307] RBP: 00007fd12eef9090 R08: 0000000000000000 R09: 0000000000000000 [ 479.308978][T11307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 479.316970][T11307] R13: 0000000000000000 R14: 00007fd130c18f80 R15: 00007ffefff29fd8 [ 479.325002][T11307] [ 479.568185][T11323] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2650'. [ 479.725379][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 479.743018][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 479.771812][T11025] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 479.816823][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 479.836043][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 479.877242][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 479.888042][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 479.899897][T11025] device veth0_vlan entered promiscuous mode [ 479.935992][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 479.951812][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 479.971862][T11025] device veth1_vlan entered promiscuous mode [ 480.035860][T11346] veth0: mtu less than device minimum [ 480.085151][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 480.106919][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 480.131911][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 480.161524][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 480.193776][T11025] device veth0_macvtap entered promiscuous mode [ 480.251755][T11025] device veth1_macvtap entered promiscuous mode [ 480.361098][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 480.400454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 480.464302][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.557666][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.590274][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.634504][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.675225][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.721325][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.767363][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.792339][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.809010][T11025] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 480.827562][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 480.870773][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 480.903620][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.924216][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.936706][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.948419][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.968544][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.984970][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.998613][T11025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.011668][T11025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.031305][T11025] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 481.051850][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 481.063240][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 481.084506][T11374] FAULT_INJECTION: forcing a failure. [ 481.084506][T11374] name failslab, interval 1, probability 0, space 0, times 0 [ 481.109798][T11025] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.123525][T11374] CPU: 1 PID: 11374 Comm: syz.4.2662 Not tainted 5.15.165-syzkaller #0 [ 481.131825][T11374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 481.141904][T11374] Call Trace: [ 481.145201][T11374] [ 481.148171][T11374] dump_stack_lvl+0x1e3/0x2d0 [ 481.151869][T11025] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.152865][T11374] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 481.152894][T11374] ? panic+0x860/0x860 [ 481.152931][T11374] should_fail+0x38a/0x4c0 [ 481.172953][T11025] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.175679][T11374] should_failslab+0x5/0x20 [ 481.188855][T11374] slab_pre_alloc_hook+0x53/0xc0 [ 481.193827][T11374] kmem_cache_alloc_node+0x49/0x2c0 [ 481.199066][T11374] ? alloc_vmap_area+0x1ba/0x19a0 [ 481.204138][T11374] alloc_vmap_area+0x1ba/0x19a0 [ 481.207607][T11025] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.209040][T11374] ? vm_map_ram+0xb80/0xb80 [ 481.222318][T11374] ? __get_vm_area_node+0x11f/0x2f0 [ 481.227555][T11374] __get_vm_area_node+0x16e/0x2f0 [ 481.232624][T11374] __vmalloc_node_range+0xe3/0x8c0 [ 481.237771][T11374] ? bpf_check+0x1e8/0x12d00 [ 481.242400][T11374] ? bpf_check+0x1e8/0x12d00 [ 481.247013][T11374] vzalloc+0x75/0x80 [ 481.250945][T11374] ? bpf_check+0x1e8/0x12d00 [ 481.255586][T11374] bpf_check+0x1e8/0x12d00 [ 481.260041][T11374] ? mark_lock+0x98/0x340 [ 481.264403][T11374] ? __lock_acquire+0x1295/0x1ff0 [ 481.269461][T11374] ? validate_chain+0x112/0x5930 [ 481.274443][T11374] ? validate_chain+0x112/0x5930 [ 481.279424][T11374] ? reacquire_held_locks+0x660/0x660 [ 481.284832][T11374] ? rcu_lock_release+0x5/0x20 [ 481.289623][T11374] ? __lock_acquire+0x1ff0/0x1ff0 [ 481.294678][T11374] ? bpf_get_btf_vmlinux+0x10/0x10 [ 481.299827][T11374] ? mark_lock+0x98/0x340 [ 481.304193][T11374] ? __lock_acquire+0x1295/0x1ff0 [ 481.309253][T11374] ? mark_lock+0x98/0x340 [ 481.313615][T11374] ? __lock_acquire+0x1295/0x1ff0 [ 481.318889][T11374] ? ktime_get_with_offset+0x101/0x320 [ 481.324439][T11374] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 481.330458][T11374] ? print_irqtrace_events+0x210/0x210 [ 481.335961][T11374] ? ktime_get_with_offset+0x101/0x320 [ 481.341456][T11374] ? seqcount_lockdep_reader_access+0x153/0x220 [ 481.347724][T11374] ? lockdep_hardirqs_on+0x94/0x130 [ 481.353095][T11374] ? seqcount_lockdep_reader_access+0x1d3/0x220 [ 481.359369][T11374] ? ktime_get_real_ts64+0x460/0x460 [ 481.364680][T11374] ? __might_fault+0xb4/0x110 [ 481.369390][T11374] ? memset+0x1f/0x40 [ 481.373371][T11374] ? bpf_obj_name_cpy+0x186/0x1d0 [ 481.378399][T11374] bpf_prog_load+0x12b3/0x1b60 [ 481.383306][T11374] ? map_freeze+0x360/0x360 [ 481.387843][T11374] ? __might_fault+0xb8/0x110 [ 481.392553][T11374] ? __might_fault+0xb4/0x110 [ 481.397239][T11374] ? bpf_lsm_bpf+0x5/0x10 [ 481.401575][T11374] ? security_bpf+0x7d/0xa0 [ 481.408539][T11374] __sys_bpf+0x343/0x670 [ 481.412813][T11374] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 481.418203][T11374] ? syscall_enter_from_user_mode+0x2e/0x240 [ 481.424211][T11374] ? lockdep_hardirqs_on+0x94/0x130 [ 481.429415][T11374] __x64_sys_bpf+0x78/0x90 [ 481.433835][T11374] do_syscall_64+0x3b/0xb0 [ 481.438254][T11374] ? clear_bhb_loop+0x15/0x70 [ 481.442930][T11374] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 481.448824][T11374] RIP: 0033:0x7f6826bf9eb9 [ 481.453238][T11374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 481.473145][T11374] RSP: 002b:00007f6825076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 481.481565][T11374] RAX: ffffffffffffffda RBX: 00007f6826d95f80 RCX: 00007f6826bf9eb9 [ 481.489535][T11374] RDX: 0000000000000048 RSI: 000000002000e000 RDI: 0000000000000005 [ 481.497502][T11374] RBP: 00007f6825076090 R08: 0000000000000000 R09: 0000000000000000 [ 481.505472][T11374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 481.513558][T11374] R13: 0000000000000000 R14: 00007f6826d95f80 R15: 00007ffc4c107be8 [ 481.521554][T11374] [ 481.585173][T11387] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2663'. [ 481.695083][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.732822][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.769717][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 481.786048][T11374] warn_alloc: 1 callbacks suppressed [ 481.786069][T11374] syz.4.2662: vmalloc error: size 224, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 481.812079][T11374] CPU: 1 PID: 11374 Comm: syz.4.2662 Not tainted 5.15.165-syzkaller #0 [ 481.820500][T11374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 481.830577][T11374] Call Trace: [ 481.833900][T11374] [ 481.836850][T11374] dump_stack_lvl+0x1e3/0x2d0 [ 481.841569][T11374] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 481.847237][T11374] ? panic+0x860/0x860 [ 481.851353][T11374] warn_alloc+0x278/0x3f0 [ 481.855713][T11374] ? slab_free_freelist_hook+0xdd/0x160 [ 481.861293][T11374] ? trace_hardirqs_on+0x30/0x80 [ 481.866266][T11374] ? zone_watermark_ok_safe+0x280/0x280 [ 481.869424][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.871847][T11374] ? __get_vm_area_node+0x183/0x2f0 [ 481.871890][T11374] __vmalloc_node_range+0x2b9/0x8c0 [ 481.880750][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.885074][T11374] ? bpf_check+0x1e8/0x12d00 [ 481.885103][T11374] vzalloc+0x75/0x80 [ 481.885127][T11374] ? bpf_check+0x1e8/0x12d00 [ 481.905322][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 481.906068][T11374] bpf_check+0x1e8/0x12d00 [ 481.922256][T11374] ? mark_lock+0x98/0x340 [ 481.926621][T11374] ? __lock_acquire+0x1295/0x1ff0 [ 481.931675][T11374] ? validate_chain+0x112/0x5930 [ 481.936650][T11374] ? validate_chain+0x112/0x5930 [ 481.941626][T11374] ? reacquire_held_locks+0x660/0x660 [ 481.947027][T11374] ? rcu_lock_release+0x5/0x20 [ 481.951912][T11374] ? __lock_acquire+0x1ff0/0x1ff0 [ 481.956979][T11374] ? bpf_get_btf_vmlinux+0x10/0x10 [ 481.962122][T11374] ? mark_lock+0x98/0x340 [ 481.966485][T11374] ? __lock_acquire+0x1295/0x1ff0 [ 481.971560][T11374] ? mark_lock+0x98/0x340 [ 481.975919][T11374] ? __lock_acquire+0x1295/0x1ff0 [ 481.981018][T11374] ? ktime_get_with_offset+0x101/0x320 [ 481.986531][T11374] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 481.992641][T11374] ? print_irqtrace_events+0x210/0x210 [ 481.998138][T11374] ? ktime_get_with_offset+0x101/0x320 [ 482.003628][T11374] ? seqcount_lockdep_reader_access+0x153/0x220 [ 482.009897][T11374] ? lockdep_hardirqs_on+0x94/0x130 [ 482.015134][T11374] ? seqcount_lockdep_reader_access+0x1d3/0x220 [ 482.021409][T11374] ? ktime_get_real_ts64+0x460/0x460 [ 482.026732][T11374] ? __might_fault+0xb4/0x110 [ 482.027051][T11397] syzkaller0: create flow: hash 3461105102 index 1 [ 482.031433][T11374] ? memset+0x1f/0x40 [ 482.031459][T11374] ? bpf_obj_name_cpy+0x186/0x1d0 [ 482.031488][T11374] bpf_prog_load+0x12b3/0x1b60 [ 482.051766][T11374] ? map_freeze+0x360/0x360 [ 482.056304][T11374] ? __might_fault+0xb8/0x110 [ 482.061027][T11374] ? __might_fault+0xb4/0x110 [ 482.065729][T11374] ? bpf_lsm_bpf+0x5/0x10 [ 482.070089][T11374] ? security_bpf+0x7d/0xa0 [ 482.074628][T11374] __sys_bpf+0x343/0x670 [ 482.078908][T11374] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 482.084335][T11374] ? syscall_enter_from_user_mode+0x2e/0x240 [ 482.090350][T11374] ? lockdep_hardirqs_on+0x94/0x130 [ 482.095583][T11374] __x64_sys_bpf+0x78/0x90 [ 482.100037][T11374] do_syscall_64+0x3b/0xb0 [ 482.104488][T11374] ? clear_bhb_loop+0x15/0x70 [ 482.109207][T11374] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 482.115139][T11374] RIP: 0033:0x7f6826bf9eb9 [ 482.119596][T11374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.139228][T11374] RSP: 002b:00007f6825076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 482.147674][T11374] RAX: ffffffffffffffda RBX: 00007f6826d95f80 RCX: 00007f6826bf9eb9 [ 482.155674][T11374] RDX: 0000000000000048 RSI: 000000002000e000 RDI: 0000000000000005 [ 482.163668][T11374] RBP: 00007f6825076090 R08: 0000000000000000 R09: 0000000000000000 [ 482.171668][T11374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 482.179661][T11374] R13: 0000000000000000 R14: 00007f6826d95f80 R15: 00007ffc4c107be8 [ 482.187702][T11374] [ 482.196675][T11374] Mem-Info: [ 482.199826][T11374] active_anon:267 inactive_anon:4152 isolated_anon:0 [ 482.199826][T11374] active_file:20331 inactive_file:36712 isolated_file:0 [ 482.199826][T11374] unevictable:768 dirty:76 writeback:0 [ 482.199826][T11374] slab_reclaimable:19283 slab_unreclaimable:94007 [ 482.199826][T11374] mapped:21443 shmem:1512 pagetables:579 bounce:0 [ 482.199826][T11374] kernel_misc_reclaimable:0 [ 482.199826][T11374] free:1399915 free_pcp:10338 free_cma:0 [ 482.254937][T11374] Node 0 active_anon:1060kB inactive_anon:16092kB active_file:81248kB inactive_file:146848kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:85772kB dirty:304kB writeback:0kB shmem:3988kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:10112kB pagetables:2216kB all_unreclaimable? no [ 482.339061][T11396] syzkaller0: delete flow: hash 3461105102 index 1 [ 482.414180][T11374] Node 1 active_anon:8kB inactive_anon:516kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2060kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB all_unreclaimable? no [ 482.569893][T11423] veth0: mtu less than device minimum [ 482.582307][T11374] Node 0 DMA free:15360kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 482.602916][T11426] netlink: 'syz.0.2668': attribute type 21 has an invalid length. [ 482.666021][T11426] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2668'. [ 482.686718][T11374] lowmem_reserve[]: 0 2533 2533 2533 2533 [ 482.703204][T11374] Node 0 DMA32 free:1640760kB min:34736kB low:43420kB high:52104kB reserved_highatomic:0KB active_anon:1060kB inactive_anon:15892kB active_file:81248kB inactive_file:146848kB unevictable:1536kB writepending:304kB present:3129332kB managed:2600800kB mlocked:0kB bounce:0kB free_pcp:43088kB local_pcp:21632kB free_cma:0kB [ 482.903570][T11374] lowmem_reserve[]: 0 0 0 0 0 [ 482.908723][T11374] Node 0 Normal free:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:0kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 483.049186][T11444] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.2674'. [ 483.063421][T11374] lowmem_reserve[]: 0 0 0 0 0 [ 483.068282][T11374] Node 1 Normal free:3948912kB min:55164kB low:68952kB high:82740kB reserved_highatomic:0KB active_anon:8kB inactive_anon:516kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4119672kB mlocked:0kB bounce:0kB free_pcp:256kB local_pcp:0kB free_cma:0kB [ 483.278259][T11374] lowmem_reserve[]: 0 0 0 0 0 [ 483.312554][T11374] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 483.450071][T11374] Node 0 DMA32: 2755*4kB (UM) 1339*8kB (UME) 802*16kB (UME) 630*32kB (UME) 271*64kB (UME) 164*128kB (UME) 58*256kB (UM) 31*512kB (UME) 9*1024kB (UE) 6*2048kB (UME) 365*4096kB (M) = 1640324kB [ 483.572187][T11374] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 483.659919][T11374] Node 1 Normal: 162*4kB (UME) 39*8kB (UME) 27*16kB (UME) 194*32kB (UME) 83*64kB (UME) 28*128kB (UME) 13*256kB (UM) 4*512kB (U) 1*1024kB (U) 3*2048kB (UME) 957*4096kB (M) = 3948912kB [ 483.779220][T11374] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 483.816398][T11374] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 483.866361][T11374] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 483.942592][T11374] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 483.959351][T11374] 58559 total pagecache pages [ 483.992249][T11374] 0 pages in swap cache [ 484.000297][T11374] Swap cache stats: add 0, delete 0, find 0/0 [ 484.007691][T11374] Free swap = 124996kB [ 484.012049][T11374] Total swap = 124996kB [ 484.017968][T11374] 2097051 pages RAM [ 484.021936][T11374] 0 pages HighMem/MovableOnly [ 484.027470][T11374] 413093 pages reserved [ 484.049264][T11374] 0 pages cma reserved [ 484.151822][T11463] device syzkaller0 entered promiscuous mode [ 484.171752][T11475] veth0: mtu less than device minimum [ 484.257676][T11487] netlink: 'syz.2.2681': attribute type 8 has an invalid length. [ 484.328138][T11490] netlink: 'syz.1.2682': attribute type 4 has an invalid length. [ 484.339506][T11487] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2681'. [ 484.342920][T11490] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2682'. [ 485.319062][T11520] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.2692'. [ 485.373411][T11521] netlink: 'syz.0.2691': attribute type 17 has an invalid length. [ 485.385045][T11521] netlink: 'syz.0.2691': attribute type 16 has an invalid length. [ 485.430587][T11521] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2691'. [ 485.497338][T11527] veth0: mtu less than device minimum [ 485.694705][T11530] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2694'. [ 485.766999][T11535] netlink: 'syz.1.2696': attribute type 17 has an invalid length. [ 485.777268][T11535] netlink: 'syz.1.2696': attribute type 16 has an invalid length. [ 485.787510][T11535] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2696'. [ 486.290340][T11551] veth0: mtu less than device minimum [ 486.584698][T11559] netlink: 'syz.1.2706': attribute type 17 has an invalid length. [ 486.592580][T11559] netlink: 'syz.1.2706': attribute type 16 has an invalid length. [ 486.668425][T11559] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2706'. [ 487.727730][T11574] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2710'. [ 487.871608][T11582] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.2714'. [ 487.942420][T11584] veth0: mtu less than device minimum [ 488.084395][T11591] veth0: mtu less than device minimum [ 488.174385][T11598] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2720'. [ 488.299789][T11600] netlink: 'syz.2.2721': attribute type 17 has an invalid length. [ 488.335712][T11600] netlink: 'syz.2.2721': attribute type 16 has an invalid length. [ 488.386088][T11600] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2721'. [ 488.516282][T11607] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.2724'. [ 489.358011][T11625] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2732'. [ 489.400445][T11627] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2731'. [ 489.540096][T11634] veth0: mtu less than device minimum [ 489.807487][T11649] netlink: 'syz.4.2740': attribute type 17 has an invalid length. [ 489.909126][T11649] netlink: 'syz.4.2740': attribute type 16 has an invalid length. [ 489.934016][T11649] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2740'. [ 490.082057][T11652] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2741'. [ 492.405994][T11670] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2746'. [ 492.581760][T11680] veth0: mtu less than device minimum [ 493.031695][T11695] netlink: 'syz.3.2753': attribute type 17 has an invalid length. [ 493.086678][T11695] netlink: 'syz.3.2753': attribute type 16 has an invalid length. [ 493.117580][T11695] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2753'. [ 493.164055][T11697] netlink: 64803 bytes leftover after parsing attributes in process `syz.1.2756'. [ 493.749230][T11712] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.2758'. [ 494.296931][T11721] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2761'. [ 494.607886][T11725] FAULT_INJECTION: forcing a failure. [ 494.607886][T11725] name failslab, interval 1, probability 0, space 0, times 0 [ 494.699662][T11725] CPU: 0 PID: 11725 Comm: syz.4.2764 Not tainted 5.15.165-syzkaller #0 [ 494.707959][T11725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 494.718024][T11725] Call Trace: [ 494.721308][T11725] [ 494.724244][T11725] dump_stack_lvl+0x1e3/0x2d0 [ 494.728940][T11725] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 494.734582][T11725] ? panic+0x860/0x860 [ 494.738679][T11725] should_fail+0x38a/0x4c0 [ 494.743111][T11725] should_failslab+0x5/0x20 [ 494.747624][T11725] slab_pre_alloc_hook+0x53/0xc0 [ 494.752578][T11725] kmem_cache_alloc_trace+0x49/0x290 [ 494.757873][T11725] ? sctp_add_bind_addr+0x85/0x3a0 [ 494.763001][T11725] sctp_add_bind_addr+0x85/0x3a0 [ 494.767956][T11725] sctp_copy_local_addr_list+0x2e7/0x4c0 [ 494.773700][T11725] ? sctp_do_8_2_transport_strike+0x810/0x810 [ 494.779797][T11725] ? sctp_v4_is_any+0x31/0x50 [ 494.784500][T11725] sctp_bind_addr_copy+0x172/0x3b0 [ 494.789629][T11725] sctp_connect_new_asoc+0x2e5/0x6a0 [ 494.794928][T11725] ? __sctp_connect+0xe10/0xe10 [ 494.799781][T11725] ? sctp_sendmsg+0xb21/0x3370 [ 494.804562][T11725] ? bpf_lsm_sctp_bind_connect+0x5/0x10 [ 494.810115][T11725] ? security_sctp_bind_connect+0x86/0xb0 [ 494.815862][T11725] sctp_sendmsg+0x1cd9/0x3370 [ 494.820572][T11725] ? sctp_getsockopt+0x7f0/0x7f0 [ 494.825528][T11725] ? aa_af_perm+0x350/0x350 [ 494.830043][T11725] ? validate_chain+0x112/0x5930 [ 494.835008][T11725] ? inet_sendmsg+0xfc/0x310 [ 494.839611][T11725] ? inet_send_prepare+0x250/0x250 [ 494.844733][T11725] ____sys_sendmsg+0x59e/0x8f0 [ 494.849508][T11725] ? iovec_from_user+0x300/0x390 [ 494.854462][T11725] ? __sys_sendmsg_sock+0x30/0x30 [ 494.859516][T11725] ___sys_sendmsg+0x252/0x2e0 [ 494.864212][T11725] ? __sys_sendmsg+0x260/0x260 [ 494.869032][T11725] ? __fdget+0x191/0x220 [ 494.873291][T11725] __se_sys_sendmsg+0x19a/0x260 [ 494.878157][T11725] ? __x64_sys_sendmsg+0x80/0x80 [ 494.883115][T11725] ? syscall_enter_from_user_mode+0x2e/0x240 [ 494.889108][T11725] ? lockdep_hardirqs_on+0x94/0x130 [ 494.894328][T11725] ? syscall_enter_from_user_mode+0x2e/0x240 [ 494.900321][T11725] do_syscall_64+0x3b/0xb0 [ 494.904745][T11725] ? clear_bhb_loop+0x15/0x70 [ 494.909552][T11725] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 494.915458][T11725] RIP: 0033:0x7f6826bf9eb9 [ 494.919912][T11725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 494.939524][T11725] RSP: 002b:00007f6825076038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 494.947951][T11725] RAX: ffffffffffffffda RBX: 00007f6826d95f80 RCX: 00007f6826bf9eb9 [ 494.955929][T11725] RDX: 00000000000003e8 RSI: 00000000200004c0 RDI: 0000000000000004 [ 494.963904][T11725] RBP: 00007f6825076090 R08: 0000000000000000 R09: 0000000000000000 [ 494.971882][T11725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 494.979859][T11725] R13: 0000000000000000 R14: 00007f6826d95f80 R15: 00007ffc4c107be8 [ 494.987856][T11725] [ 495.276550][T11734] veth0: mtu less than device minimum [ 495.538510][T11740] FAULT_INJECTION: forcing a failure. [ 495.538510][T11740] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 495.587601][T11739] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.2768'. [ 495.608880][T11740] CPU: 1 PID: 11740 Comm: syz.1.2769 Not tainted 5.15.165-syzkaller #0 [ 495.617179][T11740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 495.627264][T11740] Call Trace: [ 495.630659][T11740] [ 495.633622][T11740] dump_stack_lvl+0x1e3/0x2d0 [ 495.638334][T11740] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 495.644005][T11740] ? panic+0x860/0x860 [ 495.648140][T11740] should_fail+0x38a/0x4c0 [ 495.652602][T11740] _copy_from_user+0x2d/0x170 [ 495.657317][T11740] iovec_from_user+0x13b/0x390 [ 495.662107][T11740] ? perf_trace_lock_acquire+0x3bf/0x4a0 [ 495.667775][T11740] __import_iovec+0x72/0x4b0 [ 495.672388][T11740] ? __ia32_sys_shutdown+0x60/0x60 [ 495.677549][T11740] import_iovec+0xe6/0x120 [ 495.682011][T11740] ___sys_sendmsg+0x215/0x2e0 [ 495.686732][T11740] ? __sys_sendmsg+0x260/0x260 [ 495.691735][T11740] ? __fdget+0x191/0x220 [ 495.696019][T11740] __se_sys_sendmsg+0x19a/0x260 [ 495.700992][T11740] ? __x64_sys_sendmsg+0x80/0x80 [ 495.706074][T11740] ? syscall_enter_from_user_mode+0x2e/0x240 [ 495.712081][T11740] ? lockdep_hardirqs_on+0x94/0x130 [ 495.717304][T11740] ? syscall_enter_from_user_mode+0x2e/0x240 [ 495.723318][T11740] do_syscall_64+0x3b/0xb0 [ 495.727838][T11740] ? clear_bhb_loop+0x15/0x70 [ 495.732539][T11740] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 495.738454][T11740] RIP: 0033:0x7f01bf873eb9 [ 495.742907][T11740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 495.762534][T11740] RSP: 002b:00007f01bdcf0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 495.770979][T11740] RAX: ffffffffffffffda RBX: 00007f01bfa0ff80 RCX: 00007f01bf873eb9 [ 495.778972][T11740] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000004 [ 495.786962][T11740] RBP: 00007f01bdcf0090 R08: 0000000000000000 R09: 0000000000000000 [ 495.794948][T11740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 495.802936][T11740] R13: 0000000000000000 R14: 00007f01bfa0ff80 R15: 00007ffedc133ea8 [ 495.810968][T11740] [ 496.563179][T11748] netlink: 188 bytes leftover after parsing attributes in process `syz.4.2771'. [ 496.728247][T11753] netlink: 64803 bytes leftover after parsing attributes in process `syz.3.2772'. [ 496.889842][T11756] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.2774'. [ 497.171871][T11765] veth0: mtu less than device minimum [ 497.178526][T11762] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.2775'. [ 497.241017][ C1] eth0: bad gso: type: 1, size: 1408 [ 497.497635][T11779] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.2783'. [ 497.618911][T11786] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2785'. [ 497.648357][T11785] netlink: 64803 bytes leftover after parsing attributes in process `syz.4.2787'. [ 497.828673][T11794] netlink: 64803 bytes leftover after parsing attributes in process `syz.0.2789'. [ 497.930554][T11797] veth0: mtu less than device minimum [ 498.204297][T11807] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.2798'. [ 498.544014][T11819] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.2803'. [ 498.597138][T11821] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2801'. [ 498.725367][T11823] veth0: mtu less than device minimum [ 498.952127][T11827] netlink: 'syz.2.2805': attribute type 13 has an invalid length. [ 498.973235][T11827] netlink: 24859 bytes leftover after parsing attributes in process `syz.2.2805'. [ 499.086303][T11834] netlink: 64803 bytes leftover after parsing attributes in process `syz.4.2806'. [ 499.145393][T11836] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.2816'. [ 500.385270][T11859] veth0: mtu less than device minimum [ 500.458977][T11864] netlink: 'syz.0.2819': attribute type 10 has an invalid length. [ 500.485163][T11864] device hsr_slave_0 left promiscuous mode [ 500.525839][T11864] device hsr_slave_1 left promiscuous mode [ 501.309276][T11896] veth0: mtu less than device minimum [ 501.434941][ T1394] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.441307][ T1394] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.692360][T11914] netlink: 'syz.4.2838': attribute type 10 has an invalid length. [ 501.702442][T11914] device hsr_slave_0 left promiscuous mode [ 501.721441][T11914] device hsr_slave_1 left promiscuous mode [ 502.254850][T11928] veth0: mtu less than device minimum [ 502.621621][T11942] netlink: 'syz.1.2849': attribute type 21 has an invalid length. [ 502.910617][T11959] veth0: mtu less than device minimum [ 502.919925][T11957] __nla_validate_parse: 7 callbacks suppressed [ 502.919964][T11957] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.2854'. [ 503.027970][T11963] netlink: 'syz.2.2857': attribute type 10 has an invalid length. [ 503.068924][T11963] device hsr_slave_0 left promiscuous mode [ 503.084589][T11963] device hsr_slave_1 left promiscuous mode [ 503.462067][T11978] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.2862'. [ 503.625939][T11995] veth0: mtu less than device minimum [ 503.816483][T12003] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2882'. [ 503.988936][T12007] netlink: 'syz.1.2872': attribute type 10 has an invalid length. [ 503.998528][T12007] device hsr_slave_0 left promiscuous mode [ 504.020825][T12007] device hsr_slave_1 left promiscuous mode [ 504.208848][T12013] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.2876'. [ 504.359393][T12019] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2877'. [ 504.395324][T12023] veth0: mtu less than device minimum [ 504.495127][T12029] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.2883'. [ 505.239847][T12054] netlink: 'syz.3.2890': attribute type 10 has an invalid length. [ 505.284303][T12054] device hsr_slave_0 left promiscuous mode [ 505.304717][T12054] device hsr_slave_1 left promiscuous mode [ 505.460490][T12060] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.2892'. [ 505.510878][T12064] veth0: mtu less than device minimum [ 506.003584][T12090] veth0: mtu less than device minimum [ 507.006006][T12126] veth0: mtu less than device minimum [ 507.376163][T12119] chnl_net:caif_netlink_parms(): no params data found [ 507.561494][ T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.742152][ T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.850825][T12119] bridge0: port 1(bridge_slave_0) entered blocking state [ 507.858855][T12119] bridge0: port 1(bridge_slave_0) entered disabled state [ 507.867560][T12119] device bridge_slave_0 entered promiscuous mode [ 507.963664][ T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.011631][T12119] bridge0: port 2(bridge_slave_1) entered blocking state [ 508.025313][T12119] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.037966][T12119] device bridge_slave_1 entered promiscuous mode [ 508.111789][ T9] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.135793][T12156] veth0: mtu less than device minimum [ 508.585806][T12119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 508.609262][T12119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 508.874465][ T5142] Bluetooth: hci5: command 0x0409 tx timeout [ 509.016815][T12119] team0: Port device team_slave_0 added [ 509.036073][T12119] team0: Port device team_slave_1 added [ 509.278695][T12119] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 509.334638][T12119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 509.361288][T12119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 509.395637][T12119] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 509.448840][T12119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 509.541789][T12119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 509.808300][T12190] veth0: mtu less than device minimum [ 509.887573][T12119] device hsr_slave_0 entered promiscuous mode [ 509.971502][T12119] device hsr_slave_1 entered promiscuous mode [ 510.444226][T12214] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.2948'. [ 510.490895][T12219] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.2950'. [ 510.590616][T12221] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.2951'. [ 510.952995][ T5447] Bluetooth: hci5: command 0x041b tx timeout [ 513.032926][ T5447] Bluetooth: hci5: command 0x040f tx timeout [ 513.821776][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 513.834629][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 513.848323][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 513.858804][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 513.871831][ T9] device bridge_slave_1 left promiscuous mode [ 513.880929][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.896891][ T9] device bridge_slave_0 left promiscuous mode [ 513.903342][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.915541][ T9] device veth1_macvtap left promiscuous mode [ 513.921758][ T9] device veth0_macvtap left promiscuous mode [ 513.928051][ T9] device veth1_vlan left promiscuous mode [ 513.933965][ T9] device veth0_vlan left promiscuous mode [ 514.133415][ T9] team0 (unregistering): Port device team_slave_1 removed [ 514.154898][ T9] team0 (unregistering): Port device team_slave_0 removed [ 514.170941][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 514.187293][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 514.272693][ T9] bond0 (unregistering): Released all slaves [ 514.687495][T12119] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 515.125568][ T21] Bluetooth: hci5: command 0x0419 tx timeout [ 517.317463][T12119] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 517.352402][T12119] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 517.429683][T12119] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 517.506563][T12278] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.2961'. [ 517.677752][T12291] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.2963'. [ 517.861816][T12298] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.2965'. [ 517.878444][T12119] 8021q: adding VLAN 0 to HW filter on device bond0 [ 518.003491][T12119] 8021q: adding VLAN 0 to HW filter on device team0 [ 518.012756][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 518.040600][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 518.069490][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 518.091967][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 518.107742][ T3885] bridge0: port 1(bridge_slave_0) entered blocking state [ 518.114916][ T3885] bridge0: port 1(bridge_slave_0) entered forwarding state [ 518.131704][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 518.166082][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 518.188400][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 518.223102][ T1202] bridge0: port 2(bridge_slave_1) entered blocking state [ 518.230209][ T1202] bridge0: port 2(bridge_slave_1) entered forwarding state [ 518.289821][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 518.379045][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 518.392351][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 518.433274][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 518.451656][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 518.471171][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 518.519385][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 518.555057][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 518.589721][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 518.623631][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 518.643473][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 518.665610][T12119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 519.075331][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 519.111013][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 519.139628][T12119] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 519.646974][T12344] veth0: mtu less than device minimum [ 519.784496][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 519.797860][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 519.909307][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 519.929136][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 520.034800][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 520.063159][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 520.129880][T12119] device veth0_vlan entered promiscuous mode [ 520.191860][T12119] device veth1_vlan entered promiscuous mode [ 520.288117][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 520.303729][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 520.340482][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 520.350493][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 520.394157][T12119] device veth0_macvtap entered promiscuous mode [ 520.414683][T12119] device veth1_macvtap entered promiscuous mode [ 520.461992][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 520.492791][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.512689][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 520.532720][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.542579][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 520.595148][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.622758][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 520.643085][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.664373][T12119] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 520.674661][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 520.699103][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 520.723656][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 520.732529][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 520.756575][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 520.782668][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.792520][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 520.822687][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.832543][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 520.881856][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.908100][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 520.966573][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 520.991472][T12119] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 521.001385][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 521.011653][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 521.039541][T12119] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.060426][T12119] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.081732][T12119] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.101940][T12119] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.307243][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.353209][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 521.374650][ T1202] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 521.417247][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.426980][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 521.466800][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 521.508672][T12358] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.2984'. [ 521.615697][T12362] FAULT_INJECTION: forcing a failure. [ 521.615697][T12362] name failslab, interval 1, probability 0, space 0, times 0 [ 521.634637][T12362] CPU: 0 PID: 12362 Comm: syz.4.2917 Not tainted 5.15.165-syzkaller #0 [ 521.642918][T12362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 521.652969][T12362] Call Trace: [ 521.656253][T12362] [ 521.659177][T12362] dump_stack_lvl+0x1e3/0x2d0 [ 521.663855][T12362] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 521.669482][T12362] ? panic+0x860/0x860 [ 521.673552][T12362] ? __might_sleep+0xc0/0xc0 [ 521.678164][T12362] should_fail+0x38a/0x4c0 [ 521.682581][T12362] should_failslab+0x5/0x20 [ 521.687099][T12362] slab_pre_alloc_hook+0x53/0xc0 [ 521.692125][T12362] __kmalloc+0x6e/0x300 [ 521.696276][T12362] ? tomoyo_realpath_from_path+0xd8/0x5e0 [ 521.701995][T12362] tomoyo_realpath_from_path+0xd8/0x5e0 [ 521.707547][T12362] tomoyo_path_number_perm+0x225/0x810 [ 521.713011][T12362] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 521.718500][T12362] ? __fget_files+0x413/0x480 [ 521.723186][T12362] security_file_ioctl+0x6d/0xa0 [ 521.728125][T12362] __se_sys_ioctl+0x47/0x160 [ 521.732711][T12362] do_syscall_64+0x3b/0xb0 [ 521.737119][T12362] ? clear_bhb_loop+0x15/0x70 [ 521.741880][T12362] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 521.747771][T12362] RIP: 0033:0x7f2b6e8aceb9 [ 521.752268][T12362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 521.771878][T12362] RSP: 002b:00007f2b6cd29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 521.780288][T12362] RAX: ffffffffffffffda RBX: 00007f2b6ea48f80 RCX: 00007f2b6e8aceb9 [ 521.788273][T12362] RDX: 0000000020000080 RSI: 00000000000089f0 RDI: 0000000000000004 [ 521.796255][T12362] RBP: 00007f2b6cd29090 R08: 0000000000000000 R09: 0000000000000000 [ 521.804274][T12362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 521.812237][T12362] R13: 0000000000000000 R14: 00007f2b6ea48f80 R15: 00007ffdb9cb9658 [ 521.820212][T12362] [ 521.827417][T12362] ERROR: Out of memory at tomoyo_realpath_from_path. [ 522.115812][T12373] veth0: mtu less than device minimum [ 522.297486][T12377] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.2991'. [ 523.448793][T12395] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.2996'. [ 523.490097][T12396] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.3008'. [ 524.426071][T12416] veth0: mtu less than device minimum [ 524.458398][T12417] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.3002'. [ 524.718532][T12424] veth0: mtu less than device minimum [ 524.890726][T12430] veth0: mtu less than device minimum [ 525.394767][T12440] netlink: 40227 bytes leftover after parsing attributes in process `syz.2.3013'. [ 525.866200][T12457] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.3034'. [ 525.924262][T12457] netlink: zone id is out of range [ 525.949931][T12457] netlink: zone id is out of range [ 525.980388][T12457] netlink: zone id is out of range [ 525.996266][T12457] netlink: zone id is out of range [ 526.017651][T12457] netlink: zone id is out of range [ 526.055330][T12457] netlink: zone id is out of range [ 526.095666][T12457] netlink: zone id is out of range [ 526.122350][T12457] netlink: zone id is out of range [ 530.060043][T12501] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.3037'. [ 530.115986][T12503] net_ratelimit: 123 callbacks suppressed [ 530.116004][T12503] veth0: mtu less than device minimum [ 530.842363][T12530] veth0: mtu less than device minimum [ 533.631524][T12538] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.3050'. [ 536.795532][T12550] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.3056'. [ 537.115473][T12562] veth0: mtu less than device minimum [ 537.261437][T12569] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.3062'. [ 537.518736][T12556] chnl_net:caif_netlink_parms(): no params data found [ 537.644461][T12586] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.3066'. [ 537.681020][T12556] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.698428][T12556] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.711208][T12556] device bridge_slave_0 entered promiscuous mode [ 537.746288][T12556] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.768601][T12556] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.785875][T12556] device bridge_slave_1 entered promiscuous mode [ 537.843198][T12556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 537.874981][T12556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 537.905028][T12556] team0: Port device team_slave_0 added [ 537.916602][T12556] team0: Port device team_slave_1 added [ 537.942377][T12556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 537.949590][T12556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 537.976622][T12556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 537.989997][T12556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 537.997083][T12556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 538.025161][T12556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 538.062435][ T1202] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.195338][ T1202] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.237833][T12556] device hsr_slave_0 entered promiscuous mode [ 538.253862][T12556] device hsr_slave_1 entered promiscuous mode [ 538.271032][T12556] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 538.290629][T12556] Cannot create hsr debugfs directory [ 538.316258][ T1202] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.417902][T12601] veth0: mtu less than device minimum [ 538.481800][ T1202] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.639855][T12610] netlink: 40227 bytes leftover after parsing attributes in process `syz.2.3078'. [ 538.707912][T12614] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.3077'. [ 538.998623][T12625] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.3081'. [ 539.032888][ T5447] Bluetooth: hci1: command 0x0409 tx timeout [ 539.647148][T12658] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.3089'. [ 539.957683][T12556] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 540.003786][T12556] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 540.048911][T12556] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 540.113799][T12556] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 540.194173][T12675] netlink: 'syz.4.3094': attribute type 10 has an invalid length. [ 540.411174][T12675] team0 (unregistering): Port device team_slave_0 removed [ 540.478572][T12675] team0 (unregistering): Port device team_slave_1 removed [ 540.616847][T12556] 8021q: adding VLAN 0 to HW filter on device bond0 [ 540.637928][T12556] 8021q: adding VLAN 0 to HW filter on device team0 [ 540.665517][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 540.674328][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 540.682372][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 540.698410][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 540.708588][ T3888] bridge0: port 1(bridge_slave_0) entered blocking state [ 540.715684][ T3888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 540.765910][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 540.794455][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 540.808954][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 540.873591][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 540.880698][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 540.984190][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 541.001843][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 541.021145][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 541.040000][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 541.092752][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 541.116316][ T5447] Bluetooth: hci1: command 0x041b tx timeout [ 541.439381][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 541.457827][ T1138] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 542.559271][ T1202] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 542.567442][ T1202] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 542.576283][ T1202] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 542.584418][ T1202] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 542.620984][ T1202] device bridge_slave_1 left promiscuous mode [ 542.631266][ T1202] bridge0: port 2(bridge_slave_1) entered disabled state [ 542.664686][ T1202] device bridge_slave_0 left promiscuous mode [ 542.670969][ T1202] bridge0: port 1(bridge_slave_0) entered disabled state [ 542.728372][ T1202] device veth1_macvtap left promiscuous mode [ 542.740010][ T1202] device veth0_macvtap left promiscuous mode [ 542.772643][ T1202] device veth1_vlan left promiscuous mode [ 542.791991][ T1202] device veth0_vlan left promiscuous mode [ 543.100272][ T1202] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 543.118422][ T1202] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 543.177681][ T1202] bond0 (unregistering): Released all slaves [ 543.192977][ T2986] Bluetooth: hci1: command 0x040f tx timeout [ 543.241552][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 543.257141][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 543.295674][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 543.319045][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 543.337655][T12556] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 543.401831][T12726] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.3106'. [ 543.784838][T12556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 543.804636][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 543.819623][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 543.860260][T12743] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.3113'. [ 543.888634][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 543.902911][T12743] netlink: zone id is out of range [ 543.918955][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 543.928701][T12743] netlink: zone id is out of range [ 543.980552][T12743] netlink: zone id is out of range [ 544.038682][T12743] netlink: zone id is out of range [ 544.068284][T12743] netlink: zone id is out of range [ 544.092351][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 544.112046][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 544.141369][T12743] netlink: zone id is out of range [ 544.149847][T12743] netlink: zone id is out of range [ 544.175949][T12743] netlink: zone id is out of range [ 544.181103][T12743] netlink: zone id is out of range [ 544.186391][T12743] netlink: zone id is out of range [ 544.217718][T12556] device veth0_vlan entered promiscuous mode [ 544.235926][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 544.254137][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 544.575622][ T5447] Bluetooth: hci0: command 0x0406 tx timeout [ 544.591274][T12556] device veth1_vlan entered promiscuous mode [ 544.700223][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 544.740392][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 544.763664][T12556] device veth0_macvtap entered promiscuous mode [ 544.804682][T12556] device veth1_macvtap entered promiscuous mode [ 544.860033][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.880945][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.907602][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.939461][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.965804][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.998689][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 545.019100][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 545.050517][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 545.084547][T12556] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 545.099693][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 545.113559][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 545.142346][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 545.172443][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 545.195498][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 545.223643][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 545.273228][ T5447] Bluetooth: hci1: command 0x0419 tx timeout [ 545.292065][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 545.311142][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 545.327531][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 545.344762][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 545.361756][T12556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 545.377035][T12556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 545.399173][T12556] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 545.424018][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 545.444294][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 545.486190][T12556] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.526490][T12556] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.551239][T12556] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.583479][T12556] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.883162][ T3629] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.921478][ T3629] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 547.028148][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 547.040033][ T3888] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 547.051129][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 547.101234][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 547.502120][T12792] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.3127'. [ 547.551192][T12794] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.3130'. [ 549.146595][T12828] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.3145'. [ 551.246779][T12889] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.3168'. [ 551.468559][T12894] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.3171'. [ 553.015175][T12904] netlink: 285 bytes leftover after parsing attributes in process `syz.2.3173'. [ 553.069877][T12903] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.3183'. [ 553.313422][T12911] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.3187'. [ 553.408169][T12916] netlink: 'syz.2.3176': attribute type 10 has an invalid length. [ 553.668231][T12916] team0 (unregistering): Port device team_slave_0 removed [ 553.728997][T12916] team0 (unregistering): Port device team_slave_1 removed [ 553.786991][T12919] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.3177'. [ 556.183222][T12948] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.3186'. [ 556.318612][T12951] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.3188'. [ 556.757589][T12969] netlink: 'syz.3.3194': attribute type 10 has an invalid length. [ 556.941862][T12969] team0 (unregistering): Port device team_slave_0 removed [ 556.979887][T12969] team0 (unregistering): Port device team_slave_1 removed [ 557.035363][T12967] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.3198'. [ 557.263651][T12989] netlink: 285 bytes leftover after parsing attributes in process `syz.0.3204'. [ 557.514353][T12995] netlink: 'syz.2.3206': attribute type 21 has an invalid length. [ 557.535664][T12995] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3206'. [ 557.561290][T12999] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.3209'. [ 557.878620][T13018] netlink: 'syz.1.3215': attribute type 10 has an invalid length. [ 558.031583][T13018] team0 (unregistering): Port device team_slave_0 removed [ 558.068993][T13018] team0 (unregistering): Port device team_slave_1 removed [ 559.070955][T13025] netlink: 285 bytes leftover after parsing attributes in process `syz.3.3223'. [ 559.315874][T13034] netlink: 40227 bytes leftover after parsing attributes in process `syz.0.3224'. [ 559.330971][T13035] netlink: 'syz.4.3225': attribute type 21 has an invalid length. [ 559.341168][T13035] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3225'. [ 559.610263][T13048] netlink: 40227 bytes leftover after parsing attributes in process `syz.1.3232'. [ 559.658757][T13050] netlink: 'syz.3.3233': attribute type 10 has an invalid length. [ 559.939848][T13063] netlink: 'syz.3.3240': attribute type 21 has an invalid length. [ 560.667486][T13095] netlink: 'syz.4.3252': attribute type 3 has an invalid length. [ 560.694640][T13098] netlink: 'syz.1.3253': attribute type 10 has an invalid length. [ 560.931429][T13109] netlink: 'syz.0.3255': attribute type 21 has an invalid length. [ 561.593266][ T27] INFO: task syz.3.2133:9785 blocked for more than 143 seconds. [ 561.601291][ T27] Not tainted 5.15.165-syzkaller #0 [ 561.607219][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 561.615958][ T27] task:syz.3.2133 state:D stack:23296 pid: 9785 ppid: 7049 flags:0x00004006 [ 561.625562][ T27] Call Trace: [ 561.628859][ T27] [ 561.631847][ T27] __schedule+0x12c4/0x45b0 [ 561.637588][ T27] ? perf_event_release_kernel+0x5f4/0x900 [ 561.643986][ T27] ? __lock_acquire+0x1ff0/0x1ff0 [ 561.649187][ T27] ? release_firmware_map_entry+0x190/0x190 [ 561.655625][ T27] ? __mutex_unlock_slowpath+0x218/0x750 [ 561.661287][ T27] schedule+0x11b/0x1f0 [ 561.665647][ T27] perf_pending_task_sync+0x13c/0x1c0 [ 561.671168][ T27] _free_event+0x34/0xe60 [ 561.675586][ T27] perf_event_release_kernel+0x873/0x900 [ 561.681309][ T27] ? __might_sleep+0xc0/0xc0 [ 561.686008][ T27] ? calc_timer_values+0x420/0x420 [ 561.691144][ T27] ? ima_file_free+0xeb/0x3c0 [ 561.696064][ T27] perf_release+0x37/0x40 [ 561.700484][ T27] ? perf_mmap+0x1310/0x1310 [ 561.705240][ T27] __fput+0x3fe/0x8e0 [ 561.709263][ T27] task_work_run+0x129/0x1a0 [ 561.713931][ T27] do_exit+0x6a3/0x2480 [ 561.718127][ T27] ? put_task_struct+0x80/0x80 [ 561.723003][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 561.729005][ T27] do_group_exit+0x144/0x310 [ 561.734412][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 561.739991][ T27] get_signal+0xc66/0x14e0 [ 561.744801][ T27] arch_do_signal_or_restart+0xc3/0x1890 [ 561.750471][ T27] ? __mutex_unlock_slowpath+0x218/0x750 [ 561.756432][ T27] ? mutex_unlock+0x10/0x10 [ 561.761049][ T27] ? get_sigframe_size+0x10/0x10 [ 561.766153][ T27] ? ksys_write+0x269/0x2c0 [ 561.770679][ T27] ? print_irqtrace_events+0x210/0x210 [ 561.776289][ T27] ? exit_to_user_mode_loop+0x39/0x130 [ 561.781764][ T27] exit_to_user_mode_loop+0x97/0x130 [ 561.787115][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 561.792792][ T27] syscall_exit_to_user_mode+0x5d/0x240 [ 561.798395][ T27] do_syscall_64+0x47/0xb0 [ 561.802937][ T27] ? clear_bhb_loop+0x15/0x70 [ 561.807664][ T27] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 561.813673][ T27] RIP: 0033:0x7f7ae806ceb9 [ 561.818108][ T27] RSP: 002b:00007f7ae64e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 561.829036][ T27] RAX: 0000000000000012 RBX: 00007f7ae8208f80 RCX: 00007f7ae806ceb9 [ 561.837293][ T27] RDX: 0000000000000012 RSI: 0000000020000c40 RDI: 0000000000000006 [ 561.846234][ T27] RBP: 00007f7ae80da93e R08: 0000000000000000 R09: 0000000000000000 [ 561.854365][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 561.862380][ T27] R13: 0000000000000000 R14: 00007f7ae8208f80 R15: 00007ffe059b3718 [ 561.870418][ T27] [ 561.873683][ T27] [ 561.873683][ T27] Showing all locks held in the system: [ 561.881436][ T27] 1 lock held by khungtaskd/27: [ 561.886401][ T27] #0: ffffffff8c91fbe0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 561.895955][ T27] 2 locks held by getty/3333: [ 561.900640][ T27] #0: ffff88814b3ba098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 561.910628][ T27] #1: ffffc9000249b2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0 [ 561.920854][ T27] [ 561.923280][ T27] ============================================= [ 561.923280][ T27] [ 561.931709][ T27] NMI backtrace for cpu 0 [ 561.936072][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.165-syzkaller #0 [ 561.944048][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 561.954106][ T27] Call Trace: [ 561.957379][ T27] [ 561.960303][ T27] dump_stack_lvl+0x1e3/0x2d0 [ 561.965006][ T27] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 561.970635][ T27] ? panic+0x860/0x860 [ 561.974711][ T27] ? nmi_cpu_backtrace+0x23b/0x4a0 [ 561.979825][ T27] nmi_cpu_backtrace+0x46a/0x4a0 [ 561.984769][ T27] ? __wake_up_klogd+0xd5/0x100 [ 561.989641][ T27] ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0 [ 561.995811][ T27] ? _printk+0xd1/0x120 [ 561.999971][ T27] ? panic+0x860/0x860 [ 562.004071][ T27] ? __wake_up_klogd+0xcc/0x100 [ 562.008920][ T27] ? panic+0x860/0x860 [ 562.012990][ T27] ? __rcu_read_unlock+0x92/0x100 [ 562.018024][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 562.024173][ T27] nmi_trigger_cpumask_backtrace+0x181/0x2a0 [ 562.030170][ T27] watchdog+0xe72/0xeb0 [ 562.034341][ T27] kthread+0x3f6/0x4f0 [ 562.038424][ T27] ? hungtask_pm_notify+0x50/0x50 [ 562.043459][ T27] ? kthread_blkcg+0xd0/0xd0 [ 562.048048][ T27] ret_from_fork+0x1f/0x30 [ 562.052510][ T27] [ 562.056182][ T27] Sending NMI from CPU 0 to CPUs 1: [ 562.061409][ C1] NMI backtrace for cpu 1 [ 562.061419][ C1] CPU: 1 PID: 3558 Comm: syz-executor Not tainted 5.15.165-syzkaller #0 [ 562.061437][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 562.061446][ C1] RIP: 0010:reacquire_held_locks+0x5f8/0x660 [ 562.061470][ C1] Code: b6 04 08 84 c0 75 5d 83 3d 8c 21 86 0c 00 75 82 48 c7 c7 c0 28 8b 8a 48 c7 c6 00 29 8b 8a e8 7f 9f e8 ff 0f 0b e9 68 ff ff ff <48> c7 c1 c0 5f 86 96 80 e1 07 80 c1 03 38 c1 0f 8c 92 fa ff ff 48 [ 562.061484][ C1] RSP: 0018:ffffc900030776a0 EFLAGS: 00000002 [ 562.061499][ C1] RAX: 0000000000000004 RBX: ffff888073d24660 RCX: 1ffff9200060eee4 [ 562.061511][ C1] RDX: 1ffff9200060eee4 RSI: 0000000000000002 RDI: ffff888073d23b80 [ 562.061522][ C1] RBP: ffffc900030777b0 R08: dffffc0000000000 R09: fffffbfff1bd2a56 [ 562.061535][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 562.061547][ C1] R13: ffffc90003077840 R14: 0000000000000002 R15: 0000000000000001 [ 562.061557][ C1] FS: 0000555556593500(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 562.061572][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 562.061584][ C1] CR2: 00007fd130c05f60 CR3: 000000001a1bf000 CR4: 00000000003506e0 [ 562.061598][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 562.061607][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 562.061617][ C1] Call Trace: [ 562.061622][ C1] [ 562.061627][ C1] ? nmi_cpu_backtrace+0x39f/0x4a0 [ 562.061646][ C1] ? read_lock_is_recursive+0x10/0x10 [ 562.061663][ C1] ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0 [ 562.061689][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 562.061706][ C1] ? nmi_handle+0xf7/0x370 [ 562.061723][ C1] ? reacquire_held_locks+0x5f8/0x660 [ 562.061739][ C1] ? default_do_nmi+0x62/0x150 [ 562.061758][ C1] ? exc_nmi+0xa8/0x100 [ 562.061773][ C1] ? end_repeat_nmi+0x16/0x31 [ 562.061796][ C1] ? reacquire_held_locks+0x5f8/0x660 [ 562.061813][ C1] ? reacquire_held_locks+0x5f8/0x660 [ 562.061830][ C1] ? reacquire_held_locks+0x5f8/0x660 [ 562.061847][ C1] [ 562.061851][ C1] [ 562.061861][ C1] ? print_unlock_imbalance_bug+0x2b0/0x2b0 [ 562.061883][ C1] lock_release+0x369/0x9a0 [ 562.061900][ C1] ? tcp_recvmsg+0x25d/0x7f0 [ 562.061919][ C1] ? __lock_acquire+0x1ff0/0x1ff0 [ 562.061936][ C1] ? __local_bh_enable_ip+0x164/0x1f0 [ 562.061952][ C1] ? tcp_recvmsg+0x7f0/0x7f0 [ 562.061969][ C1] ? tcp_recvmsg+0x226/0x7f0 [ 562.061987][ C1] ? release_sock+0x2c/0x1c0 [ 562.062005][ C1] ? tcp_release_cb+0x87/0x350 [ 562.062022][ C1] release_sock+0x114/0x1c0 [ 562.062041][ C1] tcp_recvmsg+0x25d/0x7f0 [ 562.062059][ C1] ? __might_sleep+0xc0/0xc0 [ 562.062078][ C1] ? tcp_recv_timestamp+0x710/0x710 [ 562.062105][ C1] ? aa_sk_perm+0x8fc/0xa30 [ 562.062126][ C1] ? sock_rps_record_flow+0x19/0x3c0 [ 562.062145][ C1] inet_recvmsg+0x157/0x280 [ 562.062164][ C1] ? inet_sendpage+0x360/0x360 [ 562.062182][ C1] ? bpf_lsm_socket_recvmsg+0x5/0x10 [ 562.062198][ C1] ? security_socket_recvmsg+0x86/0xb0 [ 562.062215][ C1] ? inet_sendpage+0x360/0x360 [ 562.062232][ C1] sock_read_iter+0x353/0x480 [ 562.062253][ C1] ? kernel_sock_ip_overhead+0x590/0x590 [ 562.062275][ C1] ? common_file_perm+0x17d/0x1d0 [ 562.062294][ C1] ? iov_iter_init+0x4a/0x170 [ 562.062312][ C1] vfs_read+0xa93/0xe10 [ 562.062335][ C1] ? kernel_read+0x1f0/0x1f0 [ 562.062353][ C1] ? read_lock_is_recursive+0x10/0x10 [ 562.062374][ C1] ? __fdget_pos+0x1e9/0x380 [ 562.062392][ C1] ksys_read+0x1a2/0x2c0 [ 562.062409][ C1] ? print_irqtrace_events+0x210/0x210 [ 562.062426][ C1] ? vfs_write+0xe50/0xe50 [ 562.062443][ C1] ? syscall_enter_from_user_mode+0x2e/0x240 [ 562.062461][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 562.062479][ C1] ? syscall_enter_from_user_mode+0x2e/0x240 [ 562.062499][ C1] do_syscall_64+0x3b/0xb0 [ 562.062514][ C1] ? clear_bhb_loop+0x15/0x70 [ 562.062533][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 562.062552][ C1] RIP: 0033:0x7f5b5215e8bd [ 562.062565][ C1] Code: a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb b5 e8 78 48 00 00 0f 1f 84 00 00 00 00 00 80 3d 81 3c 17 00 00 74 17 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 5b c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec [ 562.062578][ C1] RSP: 002b:00007ffd9c1c7d28 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 562.062594][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5b5215e8bd [ 562.062610][ C1] RDX: 0000000000000004 RSI: 00007ffd9c1c7d3c RDI: 0000000000000003 [ 562.062621][ C1] RBP: 0000000000000000 R08: 00007ffd9c1fa0b0 R09: 0000000000000010 [ 562.062632][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd9c1c8130 [ 562.062643][ C1] R13: 0000000000000004 R14: 00007ffd9c1c7d3c R15: 00007ffd9c1c7dd0 [ 562.062662][ C1] [ 562.065997][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 562.533517][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.165-syzkaller #0 [ 562.541524][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 562.551682][ T27] Call Trace: [ 562.554964][ T27] [ 562.557890][ T27] dump_stack_lvl+0x1e3/0x2d0 [ 562.562584][ T27] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 562.568256][ T27] ? panic+0x860/0x860 [ 562.572382][ T27] panic+0x318/0x860 [ 562.576320][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 562.582041][ T27] ? nmi_trigger_cpumask_backtrace+0x221/0x2a0 [ 562.588221][ T27] ? fb_is_primary_device+0xd0/0xd0 [ 562.593424][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 562.599516][ T27] ? nmi_trigger_cpumask_backtrace+0x221/0x2a0 [ 562.605678][ T27] ? nmi_trigger_cpumask_backtrace+0x281/0x2a0 [ 562.611856][ T27] ? nmi_trigger_cpumask_backtrace+0x286/0x2a0 [ 562.618018][ T27] watchdog+0xeb0/0xeb0 [ 562.622202][ T27] kthread+0x3f6/0x4f0 [ 562.626266][ T27] ? hungtask_pm_notify+0x50/0x50 [ 562.631286][ T27] ? kthread_blkcg+0xd0/0xd0 [ 562.635899][ T27] ret_from_fork+0x1f/0x30 [ 562.640334][ T27] [ 562.643658][ T27] Kernel Offset: disabled [ 562.647997][ T27] Rebooting in 86400 seconds..