last executing test programs: 27.939307851s ago: executing program 3 (id=4725): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18ffe00000000000000000000000000085002000430000009500000053000000"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x1e, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff10, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff96}, 0x94) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0x1, 0x1}, 0x50) (async) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0x1, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000080000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000010000000000000000000000850000002200000085000000a000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000010000000000000000000000850000002200000085000000a000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x28, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 27.866571445s ago: executing program 3 (id=4727): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94) r0 = socket$kcm(0x1e, 0x1, 0x0) sendmsg$kcm(r0, &(0x7f00000014c0)={&(0x7f0000001540)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, 0x0}, 0x0) recvmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/5, 0x63}], 0x1, 0xfffffffffffffffe, 0x19}, 0x0) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)="ff", 0x25}], 0x1, &(0x7f00000015c0)=ANY=[], 0x11f0}, 0x10008014) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=[@ip_retopts={{0x4c, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0x4, [@remote]}, @rr={0x7, 0xb, 0x9, [@local, @multicast1]}, @timestamp={0x44, 0x28, 0xe2, 0x0, 0xb, [0x5, 0x7fff, 0x6, 0x2, 0x4963, 0x6, 0x10001, 0x0, 0x1]}]}}}], 0x50}, 0x40010) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8946, &(0x7f0000000080)) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfd, 0x0, 0xffffffffffffffff, 0x800a, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf50a43945a8ef38c}, 0x408, 0x800000000000ca, 0x0, 0x9, 0xfffffffffffffffc}, 0x0, 0x2, 0xffffffffffffffff, 0xd) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0100, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2}) r6 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x100000, 0x8, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r6) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffffffffffff9151, 0x7}, 0x2200, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a00000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB="00000000000000ab0000000000000000000000009258098c0e3b16b84d3943cbad62a5296200c3f41bf2723c115fbd83d5f096030f934f5d4f53824bd117bd3f83a72ada811b6acd2ea0031a89054f21964aae7185049f70fb1a78e1adc499e171dffb4de5403e8cf11062d29326b619862a30a9260627a2fb864b5b64d3ee745b7cdf424803d5d196738bc6a613bd9d985a343b6b97a955adde832f4d4e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) syz_open_procfs$namespace(0x0, &(0x7f0000001000)='ns/pid_for_children\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000240)='ns/pid\x00') perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x100e68, 0x0, 0x4000, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100003a00702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000006c8"], 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x0, r8}, 0x94) write$cgroup_subtree(r8, &(0x7f0000000200)=ANY=[@ANYRES8=r3, @ANYRES8=r7], 0x12) 25.728448519s ago: executing program 3 (id=4733): setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040), 0xcf) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40e00}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 25.593919097s ago: executing program 3 (id=4736): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r0) r1 = socket$kcm(0x2, 0x200000000000001, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x101, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000300), 0x207}, 0x38) close(0x3) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) 25.455524065s ago: executing program 3 (id=4739): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000300)="d2ffdd934517f3e145f228e086dd", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 25.324775342s ago: executing program 3 (id=4740): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_pid(r1, &(0x7f0000000080), 0x12) r2 = socket$kcm(0x2a, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, 0x0}, 0x0) recvmsg(r2, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40002182) r3 = socket$kcm(0x2, 0x1, 0x84) openat$cgroup_type(r0, &(0x7f0000000340), 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x84, 0x18, 0x0, 0x0) recvmsg(r2, &(0x7f0000001c40)={0x0, 0x0, 0x0}, 0x63) r4 = socket$kcm(0x2a, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000300), 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000100)=0x1, 0x12) sendmsg$sock(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000140)="194dae9a5f1e6f2fe6c37878d3b45fd434782189e9b724de0b4084ea93af4235a60e85cb9e22f9d69421cc527c1e096d9da47701d354ca55329ae29b61412a1b7d03cd8370ec6997785ba5b28a51e16cbfae789ae0409f437985ed69716d52dbcebd98dcae7f9a46491bf926", 0x6c}, {&(0x7f00000000c0)="98abf58ea2800f772838e9f076e842", 0xf}, {&(0x7f00000001c0)="494c332e00dcb7feab895432c85ca40f5845615e401f0a5923419ea2c84510887e701e25e623e8fab8a2be51713f4abcd4c9225271e65340448f462e820ac198a9d32cfcb459d20d69c8f15658fe8906ae96c78c8d4521717d693f70a9789fca91f1a9cb4a0dac4bd6d06529ba62ab529a83a7f4aa050e52faf238968bc1b2ad0be5881a4603ab45c852d96fd965a1ad3868cf80aa1b5ba7dce14a51d454f610157124ca517b66248187585dfa570f7daacbcde4b4ea6e3ecb549463597291e7", 0xc0}], 0x3}, 0x44841) r5 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc) sendmsg$inet(r5, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080) sendmsg$inet(r5, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="cd", 0x1}], 0x1}, 0x240448c4) r6 = socket$kcm(0x2, 0x1, 0x84) setsockopt$sock_attach_bpf(r6, 0x84, 0x82, &(0x7f0000000000), 0x8) 20.113164314s ago: executing program 2 (id=4791): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000300)="d2ffdd934517f3e145f228e086dd", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 20.044652088s ago: executing program 2 (id=4792): r0 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000240)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000280)='0', 0x1}], 0x1}, 0x45) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x2, 0x0, 0x0, 0x7}], 0x10, 0x3}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) setsockopt$sock_attach_bpf(r0, 0x84, 0x76, &(0x7f0000000000), 0x8) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x88, 0x67, &(0x7f00000002c0), 0x4) sendmsg$inet(r3, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x10}, @dev={0xac, 0x14, 0x14, 0x3a}}}}], 0x20}, 0x8840) sendmsg$inet(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000006c0)="930eaf9ca2", 0x5}], 0x1}, 0x20000840) 19.783236743s ago: executing program 2 (id=4794): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8b19, 0x0) 19.6650799s ago: executing program 2 (id=4796): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={0xffffffffffffffff, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xe, 0x0, &(0x7f0000000200)="259a86c690cf2723463fbce83146", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 19.524408488s ago: executing program 2 (id=4797): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) 19.285333702s ago: executing program 0 (id=4799): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000300)="d2ffdd934517f3e145f228e086dd", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 19.283389352s ago: executing program 2 (id=4800): socket$kcm(0x1e, 0x5, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='cpu\t&0|f\xdbV\xef\xc7\xf0\xc8$\xe1x\xad&&\t') socketpair$unix(0x1, 0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef400000000e3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0) 19.086948204s ago: executing program 0 (id=4801): r0 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000240)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000280)='0', 0x1}], 0x1}, 0x45) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x2, 0x0, 0x0, 0x7}], 0x10, 0x3}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) setsockopt$sock_attach_bpf(r0, 0x84, 0x76, &(0x7f0000000000), 0x8) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x88, 0x67, &(0x7f00000002c0), 0x4) sendmsg$inet(r3, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x10}, @dev={0xac, 0x14, 0x14, 0x3a}}}}], 0x20}, 0x8840) sendmsg$inet(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000006c0)="930eaf9ca2", 0x5}], 0x1}, 0x20000840) 19.071466355s ago: executing program 0 (id=4802): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x50) close(0x3) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) r0 = socket$kcm(0x2, 0x1000000000000002, 0x0) sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10, 0x0}, 0xfffe) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000180)='GPL\x00'}, 0x94) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x5, 0x20082, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x6, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x2) r1 = socket$kcm(0xa, 0x1, 0x0) setsockopt$sock_attach_bpf(r1, 0x29, 0x23, &(0x7f0000000040), 0xcf) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xa, 0x1, 0x0, 0x0, 0x0, 0x9, 0x60019, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x6, 0x0, 0x40000004, 0xa1a5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, @perf_config_ext={0x10001, 0x80000000}, 0x0, 0xa7, 0xffffffff, 0xd, 0x8, 0x20008, 0x0, 0x0, 0x0, 0x0, 0x2000000a}, 0x0, 0xd, r2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r5, 0x2000012, 0x0, 0x0, &(0x7f0000000c40), 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) r6 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r6, 0x1, 0x3e, &(0x7f00000002c0), 0x161) sendmsg$inet(r6, &(0x7f0000000280)={&(0x7f0000000080)={0x2, 0x4e1f, @local}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x20, 0x5}, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000020000000000000000000095"], &(0x7f0000000340)='GPL\x00', 0x1}, 0x94) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x406, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0}, 0x31) close(r1) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfe1b) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000640)={@cgroup, 0x24, 0x0, 0xd8, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x25, 0x1, 0x0, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)}, 0x0) 18.933922223s ago: executing program 0 (id=4803): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8b19, 0x0) 18.882318386s ago: executing program 0 (id=4805): socket$kcm(0x2, 0x5, 0x84) perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xfffffffffffffff8, 0x3}, 0x0, 0x0, 0x2, 0xc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0xf, 0x0, 0x0) sendmsg$inet(r3, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x31, &(0x7f0000000640)=r2, 0x4) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@o_path={&(0x7f00000001c0)='./file0\x00', 0x0, 0x0, r2}, 0x19) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x9) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) sendmsg$unix(0xffffffffffffffff, 0x0, 0x4004801) r4 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000035000b63d25a80648c2594f90724fc60", 0x14}], 0x1}, 0x0) (fail_nth: 2) 18.422993342s ago: executing program 0 (id=4807): perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) (async) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0xc48}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async, rerun: 64) close(r0) (async, rerun: 64) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x8982, 0x20000000) (async) r1 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) (async) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xe}, 0x100904, 0x0, 0x0, 0x5, 0x200000, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) (async) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703010000001f00000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) (async) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r4, &(0x7f0000000140)='cpuset.cpus\x00', 0x2, 0x0) (async) openat$cgroup_procs(r4, &(0x7f0000000400)='cgroup.threads\x00', 0x2, 0x0) (async, rerun: 32) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) (rerun: 32) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x7}, 0x22c0, 0x6, 0x0, 0x0, 0x1ff, 0x100, 0x0, 0x0, 0x5ff}, 0x0, 0x4, 0xffffffffffffffff, 0x1) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)) (async) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x9) (async) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1ff, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xaffffffffffffffc, 0xffffffffffffffff, 0x0) (async) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07276702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) (async) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="d8000000210081044e81f782db44b90402000000008000000000000009000d2000000401a80016000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8db52b49816277cf4090000001fb791643a101ecec9456d6845dfe1d9db22f3d233de7929623df5c74ffe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40deee4edef3d939acd92954b43370e", 0xd8}], 0x1}, 0x0) 17.204249863s ago: executing program 1 (id=4813): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_pid(r1, &(0x7f0000000080), 0x12) r2 = socket$kcm(0x2a, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, 0x0}, 0x0) recvmsg(r2, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40002182) r3 = socket$kcm(0x2, 0x1, 0x84) openat$cgroup_type(r0, &(0x7f0000000340), 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x84, 0x18, 0x0, 0x0) recvmsg(r2, &(0x7f0000001c40)={0x0, 0x0, 0x0}, 0x63) r4 = socket$kcm(0x2a, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000300), 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000100)=0x1, 0x12) sendmsg$sock(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000140)="194dae9a5f1e6f2fe6c37878d3b45fd434782189e9b724de0b4084ea93af4235a60e85cb9e22f9d69421cc527c1e096d9da47701d354ca55329ae29b61412a1b7d03cd8370ec6997785ba5b28a51e16cbfae789ae0409f437985ed69716d52dbcebd98dcae7f9a46491bf926", 0x6c}, {&(0x7f00000000c0)="98abf58ea2800f772838e9f076e842", 0xf}, {&(0x7f00000001c0)="494c332e00dcb7feab895432c85ca40f5845615e401f0a5923419ea2c84510887e701e25e623e8fab8a2be51713f4abcd4c9225271e65340448f462e820ac198a9d32cfcb459d20d69c8f15658fe8906ae96c78c8d4521717d693f70a9789fca91f1a9cb4a0dac4bd6d06529ba62ab529a83a7f4aa050e52faf238968bc1b2ad0be5881a4603ab45c852d96fd965a1ad3868cf80aa1b5ba7dce14a51d454f610157124ca517b66248187585dfa570f7daacbcde4b4ea6e3ecb549463597291e7", 0xc0}], 0x3}, 0x44841) r5 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc) sendmsg$inet(r5, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080) sendmsg$inet(r5, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="cd", 0x1}], 0x1}, 0x240448c4) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000000), 0x8) sendmsg$inet(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001100)=[{&(0x7f0000000080)='x', 0x1}], 0x1}, 0xfc) 16.324511214s ago: executing program 1 (id=4814): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], 0x0, 0x26, &(0x7f0000000340)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x41, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x5, 0xf, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xea, 0x0, 0x0, 0x0, 0x2000007}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100ff}, 0x94) r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r4, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0xf, &(0x7f0000000940)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', r5}, 0x94) 15.484068012s ago: executing program 1 (id=4815): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f0000000200)="259a86c690cf2723463fbce83146", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 15.322033952s ago: executing program 1 (id=4816): r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000100)="1f7a149fc15afde5b3403f50018bf3a8", 0x44c6}], 0x1}, 0x20040000) (fail_nth: 2) 15.023031809s ago: executing program 1 (id=4817): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000300)="d2ffdd934517f3e145f228e086dd", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 15.022608269s ago: executing program 1 (id=4818): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000140)=r1) 4.030183787s ago: executing program 32 (id=4800): socket$kcm(0x1e, 0x5, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='cpu\t&0|f\xdbV\xef\xc7\xf0\xc8$\xe1x\xad&&\t') socketpair$unix(0x1, 0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef400000000e3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0) 3.034912034s ago: executing program 33 (id=4807): perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) (async) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0xc48}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async, rerun: 64) close(r0) (async, rerun: 64) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x8982, 0x20000000) (async) r1 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) (async) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xe}, 0x100904, 0x0, 0x0, 0x5, 0x200000, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) (async) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703010000001f00000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) (async) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r4, &(0x7f0000000140)='cpuset.cpus\x00', 0x2, 0x0) (async) openat$cgroup_procs(r4, &(0x7f0000000400)='cgroup.threads\x00', 0x2, 0x0) (async, rerun: 32) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) (rerun: 32) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x7}, 0x22c0, 0x6, 0x0, 0x0, 0x1ff, 0x100, 0x0, 0x0, 0x5ff}, 0x0, 0x4, 0xffffffffffffffff, 0x1) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)) (async) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x9) (async) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1ff, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xaffffffffffffffc, 0xffffffffffffffff, 0x0) (async) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07276702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) (async) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="d8000000210081044e81f782db44b90402000000008000000000000009000d2000000401a80016000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8db52b49816277cf4090000001fb791643a101ecec9456d6845dfe1d9db22f3d233de7929623df5c74ffe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40deee4edef3d939acd92954b43370e", 0xd8}], 0x1}, 0x0) 0s ago: executing program 34 (id=4818): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000140)=r1) kernel console output (not intermixed with test programs): gle 02/12/2026 [ 967.519720][T19769] Call Trace: [ 967.523212][T19769] [ 967.526171][T19769] dump_stack_lvl+0x18c/0x250 [ 967.531070][T19769] ? show_regs_print_info+0x20/0x20 [ 967.536304][T19769] ? load_image+0x400/0x400 [ 967.540845][T19769] ? __might_fault+0xaa/0x120 [ 967.545680][T19769] ? __lock_acquire+0x7d40/0x7d40 [ 967.550835][T19769] should_fail_ex+0x39d/0x4d0 [ 967.555565][T19769] _copy_from_user+0x2f/0xe0 [ 967.560203][T19769] ___sys_sendmsg+0x1c7/0x360 [ 967.565105][T19769] ? __sys_sendmsg+0x2a0/0x2a0 [ 967.570199][T19769] ? __lock_acquire+0x7d40/0x7d40 [ 967.575297][T19769] __se_sys_sendmsg+0x1c2/0x2b0 [ 967.580188][T19769] ? __x64_sys_sendmsg+0x80/0x80 [ 967.585177][T19769] ? lockdep_hardirqs_on+0x98/0x150 [ 967.590465][T19769] do_syscall_64+0x55/0xa0 [ 967.595046][T19769] ? clear_bhb_loop+0x40/0x90 [ 967.599779][T19769] ? clear_bhb_loop+0x40/0x90 [ 967.604666][T19769] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 967.610764][T19769] RIP: 0033:0x7f9153d9bf79 [ 967.615321][T19769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 967.635319][T19769] RSP: 002b:00007f9154cf7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 967.644043][T19769] RAX: ffffffffffffffda RBX: 00007f9154015fa0 RCX: 00007f9153d9bf79 [ 967.652134][T19769] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 967.660449][T19769] RBP: 00007f9154cf7090 R08: 0000000000000000 R09: 0000000000000000 [ 967.668541][T19769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 967.676801][T19769] R13: 00007f9154016038 R14: 00007f9154015fa0 R15: 00007ffe5060ce98 [ 967.684997][T19769] [ 967.800365][T19770] wg2: entered allmulticast mode [ 967.916223][T19757] netlink: 'syz.3.4076': attribute type 10 has an invalid length. [ 968.106090][T19776] netlink: 'syz.1.4082': attribute type 10 has an invalid length. [ 968.131272][T19776] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4082'. [ 968.807905][T19797] netlink: 'syz.2.4092': attribute type 1 has an invalid length. [ 968.817238][T19798] FAULT_INJECTION: forcing a failure. [ 968.817238][T19798] name failslab, interval 1, probability 0, space 0, times 0 [ 968.832795][T19797] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.4092'. [ 968.845677][T19798] CPU: 0 PID: 19798 Comm: syz.3.4090 Not tainted syzkaller #0 [ 968.853203][T19798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 968.863565][T19798] Call Trace: [ 968.866878][T19798] [ 968.869925][T19798] dump_stack_lvl+0x18c/0x250 [ 968.874658][T19798] ? show_regs_print_info+0x20/0x20 [ 968.880104][T19798] ? load_image+0x400/0x400 [ 968.884636][T19798] ? __might_sleep+0xe0/0xe0 [ 968.889358][T19798] ? __lock_acquire+0x7d40/0x7d40 [ 968.894488][T19798] should_fail_ex+0x39d/0x4d0 [ 968.899248][T19798] should_failslab+0x9/0x20 [ 968.903873][T19798] slab_pre_alloc_hook+0x59/0x310 [ 968.908959][T19798] ? tomoyo_encode+0x28b/0x540 [ 968.913755][T19798] ? tomoyo_encode+0x28b/0x540 [ 968.918638][T19798] __kmem_cache_alloc_node+0x53/0x250 [ 968.924124][T19798] ? tomoyo_encode+0x28b/0x540 [ 968.929252][T19798] __kmalloc+0xa4/0x230 [ 968.933525][T19798] tomoyo_encode+0x28b/0x540 [ 968.938219][T19798] tomoyo_realpath_from_path+0x592/0x5d0 [ 968.943963][T19798] tomoyo_path_number_perm+0x248/0x620 [ 968.949442][T19798] ? tomoyo_path_number_perm+0x217/0x620 [ 968.955095][T19798] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 968.960588][T19798] ? ksys_write+0x1c4/0x260 [ 968.965483][T19798] ? __fget_files+0x28/0x4b0 [ 968.970172][T19798] ? __fget_files+0x28/0x4b0 [ 968.974812][T19798] security_file_ioctl+0x70/0xa0 [ 968.979805][T19798] __se_sys_ioctl+0x48/0x170 [ 968.984439][T19798] do_syscall_64+0x55/0xa0 [ 968.988974][T19798] ? clear_bhb_loop+0x40/0x90 [ 968.993671][T19798] ? clear_bhb_loop+0x40/0x90 [ 968.998547][T19798] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 969.004538][T19798] RIP: 0033:0x7f3e5399bf79 [ 969.009056][T19798] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 969.028847][T19798] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 969.037279][T19798] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 969.045263][T19798] RDX: 0000200000000100 RSI: 000000000000890b RDI: 0000000000000003 [ 969.053243][T19798] RBP: 00007f3e54854090 R08: 0000000000000000 R09: 0000000000000000 [ 969.061227][T19798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 969.069222][T19798] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 969.077266][T19798] [ 969.115762][T19798] ERROR: Out of memory at tomoyo_realpath_from_path. [ 969.286859][T19801] netlink: 'syz.2.4093': attribute type 3 has an invalid length. [ 969.304961][T19801] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.4093'. [ 969.443256][T19803] syz.3.4101[19803] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 969.443417][T19803] syz.3.4101[19803] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 969.530103][T19806] netlink: 65051 bytes leftover after parsing attributes in process `syz.0.4094'. [ 969.649977][T19807] netlink: 'syz.3.4101': attribute type 10 has an invalid length. [ 969.663550][T19807] veth0_vlan: left promiscuous mode [ 969.693566][T19807] veth0_vlan: entered promiscuous mode [ 969.794399][T19807] team0: Device veth0_vlan failed to register rx_handler [ 970.756771][T19823] syz.1.4098[19823] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 970.756927][T19823] syz.1.4098[19823] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 970.943014][T19809] netlink: 'syz.0.4094': attribute type 10 has an invalid length. [ 971.632314][T19832] netlink: set zone limit has 8 unknown bytes [ 972.458318][T19851] netlink: 65051 bytes leftover after parsing attributes in process `syz.2.4110'. [ 972.855186][T19852] FAULT_INJECTION: forcing a failure. [ 972.855186][T19852] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 972.951479][T19852] CPU: 1 PID: 19852 Comm: syz.0.4109 Not tainted syzkaller #0 [ 972.959029][T19852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 972.969122][T19852] Call Trace: [ 972.972435][T19852] [ 972.975395][T19852] dump_stack_lvl+0x18c/0x250 [ 972.980121][T19852] ? show_regs_print_info+0x20/0x20 [ 972.985461][T19852] ? load_image+0x400/0x400 [ 972.990032][T19852] ? __lock_acquire+0x7d40/0x7d40 [ 972.995198][T19852] ? __might_fault+0x22/0x120 [ 972.999923][T19852] should_fail_ex+0x39d/0x4d0 [ 973.004909][T19852] _copy_from_user+0x2f/0xe0 [ 973.009533][T19852] __copy_msghdr+0x3bb/0x580 [ 973.014259][T19852] ___sys_sendmsg+0x214/0x360 [ 973.018973][T19852] ? __sys_sendmsg+0x2a0/0x2a0 [ 973.023882][T19852] ? trace_call_bpf+0xc3/0x6c0 [ 973.028689][T19852] ? seqcount_lockdep_reader_access+0x17b/0x1d0 [ 973.035089][T19852] __se_sys_sendmsg+0x1c2/0x2b0 [ 973.040068][T19852] ? __x64_sys_sendmsg+0x80/0x80 [ 973.045056][T19852] ? lockdep_hardirqs_on+0x98/0x150 [ 973.050295][T19852] do_syscall_64+0x55/0xa0 [ 973.054771][T19852] ? clear_bhb_loop+0x40/0x90 [ 973.059488][T19852] ? clear_bhb_loop+0x40/0x90 [ 973.064201][T19852] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 973.070129][T19852] RIP: 0033:0x7f74efd9bf79 [ 973.074686][T19852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 973.094467][T19852] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 973.102944][T19852] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 973.110957][T19852] RDX: 00000000000480d1 RSI: 0000200000000140 RDI: 0000000000000003 [ 973.119139][T19852] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 973.127322][T19852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 973.135531][T19852] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 973.143577][T19852] [ 973.554967][T19851] netlink: 'syz.2.4110': attribute type 10 has an invalid length. [ 973.733402][T19863] syz.0.4113[19863] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 973.733578][T19863] syz.0.4113[19863] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 974.022419][T19870] netlink: 'syz.0.4113': attribute type 10 has an invalid length. [ 974.763726][T19870] veth0_vlan: left promiscuous mode [ 974.812520][T19870] veth0_vlan: entered promiscuous mode [ 974.820444][T19870] team0: Device veth0_vlan failed to register rx_handler [ 975.913328][T19891] FAULT_INJECTION: forcing a failure. [ 975.913328][T19891] name failslab, interval 1, probability 0, space 0, times 0 [ 975.996022][T19891] CPU: 1 PID: 19891 Comm: syz.3.4122 Not tainted syzkaller #0 [ 976.003703][T19891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 976.013970][T19891] Call Trace: [ 976.017276][T19891] [ 976.020335][T19891] dump_stack_lvl+0x18c/0x250 [ 976.025057][T19891] ? __sctp_connect+0x5b7/0xd80 [ 976.030036][T19891] ? do_sock_setsockopt+0x175/0x1a0 [ 976.035283][T19891] ? show_regs_print_info+0x20/0x20 [ 976.040518][T19891] ? load_image+0x400/0x400 [ 976.045096][T19891] should_fail_ex+0x39d/0x4d0 [ 976.049835][T19891] should_failslab+0x9/0x20 [ 976.054393][T19891] slab_pre_alloc_hook+0x59/0x310 [ 976.059558][T19891] ? sctp_add_bind_addr+0x8c/0x360 [ 976.065064][T19891] __kmem_cache_alloc_node+0x53/0x250 [ 976.070487][T19891] ? sctp_add_bind_addr+0x8c/0x360 [ 976.075737][T19891] kmalloc_trace+0x2a/0xe0 [ 976.080222][T19891] sctp_add_bind_addr+0x8c/0x360 [ 976.085301][T19891] sctp_copy_local_addr_list+0x315/0x4f0 [ 976.091010][T19891] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 976.096981][T19891] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 976.103113][T19891] ? sctp_v4_is_any+0x35/0x60 [ 976.107958][T19891] ? sctp_copy_one_addr+0x8c/0x350 [ 976.113142][T19891] sctp_bind_addr_copy+0x189/0x3c0 [ 976.118333][T19891] sctp_connect_new_asoc+0x2f9/0x6a0 [ 976.123678][T19891] ? __sctp_connect+0xd80/0xd80 [ 976.128766][T19891] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 976.134793][T19891] ? sctp_endpoint_lookup_assoc+0xd1/0x260 [ 976.140657][T19891] __sctp_connect+0x5b7/0xd80 [ 976.145410][T19891] ? sctp_send_asconf+0x170/0x170 [ 976.150562][T19891] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 976.156175][T19891] ? sctp_setsockopt_connectx_old+0xbc/0x150 [ 976.162236][T19891] sctp_setsockopt+0x458/0x11e0 [ 976.167143][T19891] ? sock_common_recvmsg+0x190/0x190 [ 976.172540][T19891] do_sock_setsockopt+0x175/0x1a0 [ 976.177710][T19891] ? __fdget+0x180/0x210 [ 976.182024][T19891] __x64_sys_setsockopt+0x182/0x200 [ 976.187290][T19891] do_syscall_64+0x55/0xa0 [ 976.191854][T19891] ? clear_bhb_loop+0x40/0x90 [ 976.196841][T19891] ? clear_bhb_loop+0x40/0x90 [ 976.201588][T19891] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 976.207623][T19891] RIP: 0033:0x7f3e5399bf79 [ 976.212093][T19891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 976.232013][T19891] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 976.240575][T19891] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 976.248859][T19891] RDX: 000000000000006b RSI: 0000000000000084 RDI: 0000000000000003 [ 976.256928][T19891] RBP: 00007f3e54854090 R08: 0000000000000010 R09: 0000000000000000 [ 976.264966][T19891] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002 [ 976.273088][T19891] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 976.281240][T19891] [ 976.990422][ T49] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 978.396326][T19909] syz.0.4128[19909] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 978.396492][T19909] syz.0.4128[19909] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 978.584051][T19911] netlink: 'syz.0.4128': attribute type 10 has an invalid length. [ 978.622208][T19911] veth0_vlan: left promiscuous mode [ 978.646403][T19911] veth0_vlan: entered promiscuous mode [ 978.677165][T19911] team0: Device veth0_vlan failed to register rx_handler [ 979.692694][T19933] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.4134'. [ 980.192270][T19937] netlink: 'syz.3.4137': attribute type 21 has an invalid length. [ 980.765440][T19937] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4137'. [ 982.197363][T19953] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4141'. [ 982.342337][T19953] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 982.361319][T19953] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 983.206864][T19963] netlink: 'syz.1.4144': attribute type 21 has an invalid length. [ 983.243348][T19963] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4144'. [ 983.362102][T19967] FAULT_INJECTION: forcing a failure. [ 983.362102][T19967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 983.401380][T19967] CPU: 0 PID: 19967 Comm: syz.2.4145 Not tainted syzkaller #0 [ 983.409005][T19967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 983.419286][T19967] Call Trace: [ 983.422604][T19967] [ 983.425571][T19967] dump_stack_lvl+0x18c/0x250 [ 983.430310][T19967] ? show_regs_print_info+0x20/0x20 [ 983.435557][T19967] ? load_image+0x400/0x400 [ 983.440117][T19967] ? __lock_acquire+0x7d40/0x7d40 [ 983.445202][T19967] should_fail_ex+0x39d/0x4d0 [ 983.449940][T19967] _copy_from_user+0x2f/0xe0 [ 983.454663][T19967] __copy_msghdr+0x3bb/0x580 [ 983.459321][T19967] ___sys_sendmsg+0x214/0x360 [ 983.464209][T19967] ? get_pid_task+0x20/0x1e0 [ 983.468940][T19967] ? __sys_sendmsg+0x2a0/0x2a0 [ 983.473769][T19967] ? __lock_acquire+0x7d40/0x7d40 [ 983.478873][T19967] __se_sys_sendmsg+0x1c2/0x2b0 [ 983.483766][T19967] ? __x64_sys_sendmsg+0x80/0x80 [ 983.488947][T19967] ? lockdep_hardirqs_on+0x98/0x150 [ 983.494205][T19967] do_syscall_64+0x55/0xa0 [ 983.498671][T19967] ? clear_bhb_loop+0x40/0x90 [ 983.503403][T19967] ? clear_bhb_loop+0x40/0x90 [ 983.508215][T19967] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 983.514238][T19967] RIP: 0033:0x7f9153d9bf79 [ 983.519131][T19967] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 983.538873][T19967] RSP: 002b:00007f9154cf7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 983.547426][T19967] RAX: ffffffffffffffda RBX: 00007f9154015fa0 RCX: 00007f9153d9bf79 [ 983.555529][T19967] RDX: 00000000000480d1 RSI: 0000200000000140 RDI: 0000000000000003 [ 983.563549][T19967] RBP: 00007f9154cf7090 R08: 0000000000000000 R09: 0000000000000000 [ 983.571569][T19967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 983.579587][T19967] R13: 00007f9154016038 R14: 00007f9154015fa0 R15: 00007ffe5060ce98 [ 983.587626][T19967] [ 983.669728][T19972] netlink: 'syz.3.4147': attribute type 8 has an invalid length. [ 983.707394][T19972] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.4147'. [ 983.741939][T19973] netlink: 61883 bytes leftover after parsing attributes in process `syz.3.4147'. [ 984.787103][T19981] syz.3.4152[19981] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 984.787255][T19981] syz.3.4152[19981] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 985.118935][T19981] netlink: 'syz.3.4152': attribute type 10 has an invalid length. [ 985.212572][T19989] syz.2.4153[19989] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 985.212737][T19989] syz.2.4153[19989] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 985.283623][T19981] veth0_vlan: left promiscuous mode [ 985.650316][T19981] veth0_vlan: entered promiscuous mode [ 985.713746][T19981] team0: Device veth0_vlan failed to register rx_handler [ 985.820818][T19990] netlink: 'syz.2.4153': attribute type 10 has an invalid length. [ 985.973503][T19990] veth0_vlan: left allmulticast mode [ 986.454680][T19990] veth0_vlan: left promiscuous mode [ 986.473545][T19990] veth0_vlan: entered promiscuous mode [ 986.495264][T19990] team0: Device veth0_vlan failed to register rx_handler [ 986.562944][T19999] netlink: 'syz.1.4157': attribute type 10 has an invalid length. [ 987.415310][T20012] netlink: 668 bytes leftover after parsing attributes in process `syz.3.4160'. [ 987.444614][T20012] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 987.749542][T20010] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4159'. [ 987.753641][T20012] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 987.818864][T20010] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 987.828270][T20010] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 987.933488][T20024] syz.0.4164[20024] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 987.933682][T20024] syz.0.4164[20024] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 988.094477][T20020] netlink: 763 bytes leftover after parsing attributes in process `syz.2.4162'. [ 988.122567][T20024] netlink: 'syz.0.4164': attribute type 10 has an invalid length. [ 988.152664][T20024] veth0_vlan: left promiscuous mode [ 988.211789][T20024] veth0_vlan: entered promiscuous mode [ 988.225446][T20024] team0: Device veth0_vlan failed to register rx_handler [ 988.328793][T20030] pim6reg: tun_chr_ioctl cmd 2147767521 [ 988.337675][ T4491] wlan1: Created IBSS using preconfigured BSSID 00:8d:8d:ff:00:00 [ 988.355652][ T4491] wlan1: Creating new IBSS network, BSSID 00:8d:8d:ff:00:00 [ 988.928790][T20038] syz.2.4174[20038] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 988.928959][T20038] syz.2.4174[20038] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 988.969384][T20039] syz.3.4168[20039] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 989.131397][T20042] netlink: 'syz.2.4174': attribute type 10 has an invalid length. [ 989.164461][T20039] syz.3.4168[20039] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 989.176240][T20042] veth0_vlan: left promiscuous mode [ 989.214464][T20042] veth0_vlan: entered promiscuous mode [ 989.676636][T20042] team0: Device veth0_vlan failed to register rx_handler [ 989.686092][T20049] FAULT_INJECTION: forcing a failure. [ 989.686092][T20049] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 989.686303][T20049] CPU: 0 PID: 20049 Comm: syz.0.4169 Not tainted syzkaller #0 [ 989.686324][T20049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 989.686336][T20049] Call Trace: [ 989.686345][T20049] [ 989.686354][T20049] dump_stack_lvl+0x18c/0x250 [ 989.686392][T20049] ? show_regs_print_info+0x20/0x20 [ 989.686423][T20049] ? load_image+0x400/0x400 [ 989.686451][T20049] ? __might_fault+0xaa/0x120 [ 989.686475][T20049] ? __lock_acquire+0x7d40/0x7d40 [ 989.686506][T20049] should_fail_ex+0x39d/0x4d0 [ 989.686543][T20049] _copy_from_user+0x2f/0xe0 [ 989.686580][T20049] get_user_ifreq+0x6b/0x180 [ 989.686607][T20049] sock_ioctl+0x6f1/0x7e0 [ 989.686632][T20049] ? sock_poll+0x3e0/0x3e0 [ 989.686665][T20049] ? bpf_lsm_file_ioctl+0x9/0x10 [ 989.686687][T20049] ? security_file_ioctl+0x80/0xa0 [ 989.686717][T20049] ? sock_poll+0x3e0/0x3e0 [ 989.686738][T20049] __se_sys_ioctl+0xfd/0x170 [ 989.686769][T20049] do_syscall_64+0x55/0xa0 [ 989.686795][T20049] ? clear_bhb_loop+0x40/0x90 [ 989.686817][T20049] ? clear_bhb_loop+0x40/0x90 [ 989.686841][T20049] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 989.686862][T20049] RIP: 0033:0x7f74efd9bf79 [ 989.686883][T20049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 989.686901][T20049] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 989.686926][T20049] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 989.686942][T20049] RDX: 0000200000000080 RSI: 00000000000089f2 RDI: 0000000000000007 [ 989.686957][T20049] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 989.686971][T20049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 989.686985][T20049] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 989.687017][T20049] [ 990.179500][T20039] netlink: 'syz.3.4168': attribute type 10 has an invalid length. [ 990.201531][T20039] veth0_vlan: left promiscuous mode [ 990.208163][T20039] veth0_vlan: entered promiscuous mode [ 990.222095][T20039] team0: Device veth0_vlan failed to register rx_handler [ 990.966088][T20063] syz.1.4175[20063] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 990.966267][T20063] syz.1.4175[20063] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 991.211993][T20055] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4172'. [ 991.247703][T20065] syz.0.4176[20065] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 991.247856][T20065] syz.0.4176[20065] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 991.264177][T20055] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 991.316838][T20055] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 991.414492][T20066] netlink: 'syz.1.4175': attribute type 10 has an invalid length. [ 991.837690][T20073] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4177'. [ 992.501635][T20066] veth0_vlan: left promiscuous mode [ 992.659890][T20066] veth0_vlan: entered promiscuous mode [ 992.856593][T20082] syz.2.4181[20082] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 992.856867][T20082] syz.2.4181[20082] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 992.871501][T20066] team0: Device veth0_vlan failed to register rx_handler [ 993.070618][T20083] netlink: 'syz.2.4181': attribute type 10 has an invalid length. [ 993.134388][T20083] veth0_vlan: left promiscuous mode [ 993.478960][T20083] veth0_vlan: entered promiscuous mode [ 993.727727][T20083] team0: Device veth0_vlan failed to register rx_handler [ 993.789444][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.798937][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.965470][T20086] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4182'. [ 993.982344][T20086] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 994.001391][T20086] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 994.024024][T20093] syz.0.4183[20093] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 994.024207][T20093] syz.0.4183[20093] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 994.190310][T20096] netlink: 'syz.0.4183': attribute type 10 has an invalid length. [ 994.310894][T20096] veth0_vlan: left promiscuous mode [ 994.475861][T20096] veth0_vlan: entered promiscuous mode [ 994.712957][T20096] team0: Device veth0_vlan failed to register rx_handler [ 994.960825][T20101] netlink: 763 bytes leftover after parsing attributes in process `syz.1.4186'. [ 995.139942][T20114] syz.0.4190[20114] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 995.140093][T20114] syz.0.4190[20114] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 995.315853][T20119] netlink: 'syz.0.4190': attribute type 10 has an invalid length. [ 995.408510][T20119] veth0_vlan: left promiscuous mode [ 995.625092][T20119] veth0_vlan: entered promiscuous mode [ 995.795568][T20118] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4192'. [ 995.818012][T20118] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 995.835480][T20118] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 996.083847][T20119] team0: Device veth0_vlan failed to register rx_handler [ 996.560226][T20126] netlink: 'syz.2.4194': attribute type 10 has an invalid length. [ 996.574399][T20126] veth0_vlan: left promiscuous mode [ 996.581866][T20126] veth0_vlan: entered promiscuous mode [ 996.590005][T20126] team0: Device veth0_vlan failed to register rx_handler [ 997.319736][T20149] bpf_get_probe_write_proto: 2 callbacks suppressed [ 997.319754][T20149] syz.1.4200[20149] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.328027][T20149] syz.1.4200[20149] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.485031][T20149] netlink: 'syz.1.4200': attribute type 10 has an invalid length. [ 997.540891][T20149] veth0_vlan: left promiscuous mode [ 997.582152][T20149] veth0_vlan: entered promiscuous mode [ 997.614387][T20149] team0: Device veth0_vlan failed to register rx_handler [ 997.800326][T20161] syz.1.4206[20161] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.800510][T20161] syz.1.4206[20161] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.825330][T20159] syz.0.4205[20159] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.877144][T20159] syz.0.4205[20159] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 997.966288][T20157] netlink: 668 bytes leftover after parsing attributes in process `syz.3.4204'. [ 998.057444][T20164] netlink: 'syz.1.4206': attribute type 10 has an invalid length. [ 998.061228][T20164] veth0_vlan: left promiscuous mode [ 998.144133][T20167] syz.2.4207[20167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 998.144299][T20167] syz.2.4207[20167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 998.184571][T20164] veth0_vlan: entered promiscuous mode [ 998.489629][T20164] team0: Device veth0_vlan failed to register rx_handler [ 998.505192][T20157] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 998.514856][T20157] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 999.047915][T20167] netlink: 'syz.2.4207': attribute type 10 has an invalid length. [ 999.057483][T20167] veth0_vlan: left promiscuous mode [ 999.064632][T20167] veth0_vlan: entered promiscuous mode [ 999.082161][T20167] team0: Device veth0_vlan failed to register rx_handler [ 999.113914][T20166] netlink: 'syz.0.4205': attribute type 10 has an invalid length. [ 999.132262][T20166] veth0_vlan: left promiscuous mode [ 999.143573][T20166] veth0_vlan: entered promiscuous mode [ 999.160640][T20166] team0: Device veth0_vlan failed to register rx_handler [ 999.175661][T20178] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.4210'. [ 1000.885465][T20201] syz.1.4220[20201] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1000.885628][T20201] syz.1.4220[20201] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1000.927337][T20204] netlink: 763 bytes leftover after parsing attributes in process `syz.3.4219'. [ 1001.047270][T20207] netlink: 'syz.1.4220': attribute type 10 has an invalid length. [ 1001.097983][T20207] veth0_vlan: left promiscuous mode [ 1001.247331][T20207] veth0_vlan: entered promiscuous mode [ 1001.366055][T20207] team0: Device veth0_vlan failed to register rx_handler [ 1001.934747][T20217] netlink: 'syz.3.4221': attribute type 10 has an invalid length. [ 1002.001617][T20217] veth0_vlan: left promiscuous mode [ 1002.142609][T20217] veth0_vlan: entered promiscuous mode [ 1002.188327][T20217] team0: Device veth0_vlan failed to register rx_handler [ 1002.204328][T20219] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4223'. [ 1002.264901][T20219] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1002.275193][T20219] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1002.613806][T20238] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.4230'. [ 1002.628862][T20236] tun0: tun_chr_ioctl cmd 1074025675 [ 1002.634897][T20236] tun0: persist enabled [ 1002.639703][T20236] tun0: tun_chr_ioctl cmd 2147767517 [ 1002.646042][T20236] tun0: tun_chr_ioctl cmd 1074025677 [ 1002.652185][T20236] tun0: linktype set to 65534 [ 1002.920522][T20241] tun0: tun_chr_ioctl cmd 1074025675 [ 1002.987071][T20241] tun0: persist disabled [ 1003.135440][T20236] tun0: tun_chr_ioctl cmd 2147767511 [ 1003.949739][T20256] FAULT_INJECTION: forcing a failure. [ 1003.949739][T20256] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1003.967303][T20256] CPU: 1 PID: 20256 Comm: syz.3.4237 Not tainted syzkaller #0 [ 1003.974917][T20256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1003.985207][T20256] Call Trace: [ 1003.988569][T20256] [ 1003.991719][T20256] dump_stack_lvl+0x18c/0x250 [ 1003.996571][T20256] ? show_regs_print_info+0x20/0x20 [ 1004.002008][T20256] ? load_image+0x400/0x400 [ 1004.006596][T20256] ? __might_fault+0xaa/0x120 [ 1004.011319][T20256] ? __lock_acquire+0x7d40/0x7d40 [ 1004.016404][T20256] should_fail_ex+0x39d/0x4d0 [ 1004.021234][T20256] _copy_from_user+0x2f/0xe0 [ 1004.026050][T20256] generic_map_update_batch+0x54b/0x810 [ 1004.031773][T20256] ? rcu_read_unlock+0xa0/0xa0 [ 1004.036591][T20256] ? __fdget+0x180/0x210 [ 1004.040886][T20256] ? rcu_read_unlock+0xa0/0xa0 [ 1004.045781][T20256] bpf_map_do_batch+0x3d7/0x610 [ 1004.050700][T20256] __sys_bpf+0x381/0x890 [ 1004.055107][T20256] ? bpf_link_show_fdinfo+0x390/0x390 [ 1004.060767][T20256] ? lock_chain_count+0x20/0x20 [ 1004.065795][T20256] __x64_sys_bpf+0x7c/0x90 [ 1004.070279][T20256] do_syscall_64+0x55/0xa0 [ 1004.074839][T20256] ? clear_bhb_loop+0x40/0x90 [ 1004.079566][T20256] ? clear_bhb_loop+0x40/0x90 [ 1004.084294][T20256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1004.090771][T20256] RIP: 0033:0x7f3e5399bf79 [ 1004.095236][T20256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1004.101317][T20252] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4236'. [ 1004.115135][T20256] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1004.115173][T20256] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 1004.115188][T20256] RDX: 0000000000000038 RSI: 00002000000000c0 RDI: 000000000000001a [ 1004.115202][T20256] RBP: 00007f3e54854090 R08: 0000000000000000 R09: 0000000000000000 [ 1004.115217][T20256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1004.115232][T20256] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 1004.115287][T20256] [ 1004.183469][T20252] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1004.196690][T20252] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1004.806421][T20269] bpf_get_probe_write_proto: 2 callbacks suppressed [ 1004.806438][T20269] syz.1.4244[20269] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1004.821879][T20269] syz.1.4244[20269] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1004.921961][T20271] syz.0.4243[20271] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1005.035642][T20271] syz.0.4243[20271] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1005.108538][T20272] netlink: 'syz.1.4244': attribute type 10 has an invalid length. [ 1005.277212][T20272] veth0_vlan: left promiscuous mode [ 1005.459341][T20272] veth0_vlan: entered promiscuous mode [ 1005.774904][T20272] team0: Device veth0_vlan failed to register rx_handler [ 1006.182811][T20271] netlink: 'syz.0.4243': attribute type 10 has an invalid length. [ 1006.221468][T20271] veth0_vlan: left promiscuous mode [ 1006.227716][T20271] veth0_vlan: entered promiscuous mode [ 1006.263049][T20271] team0: Device veth0_vlan failed to register rx_handler [ 1008.207918][T20304] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4253'. [ 1008.437986][T20296] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4249'. [ 1008.471347][T20296] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1008.479937][T20296] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1008.883721][T20316] syz.1.4257[20316] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1008.883908][T20316] syz.1.4257[20316] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1009.264582][T20318] netlink: 'syz.1.4257': attribute type 10 has an invalid length. [ 1009.378237][T20323] netlink: 212912 bytes leftover after parsing attributes in process `syz.2.4258'. [ 1009.402305][T20318] veth0_vlan: left promiscuous mode [ 1009.410447][T20318] veth0_vlan: entered promiscuous mode [ 1009.528540][T20323] openvswitch: netlink: IP tunnel dst address not specified [ 1009.547387][T20318] team0: Device veth0_vlan failed to register rx_handler [ 1010.534951][T20317] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1013.855182][T20351] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4267'. [ 1013.867904][T20351] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1013.876604][T20351] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1019.886176][T20374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1020.363744][T20389] syz.3.4278[20389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1020.363969][T20389] syz.3.4278[20389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1020.553947][T20392] syz.1.4279[20392] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1020.595897][T20392] syz.1.4279[20392] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1020.741941][T20395] netlink: 'syz.3.4278': attribute type 10 has an invalid length. [ 1020.911771][T20395] veth0_vlan: left promiscuous mode [ 1021.033630][T20395] veth0_vlan: entered promiscuous mode [ 1021.159767][T20395] team0: Device veth0_vlan failed to register rx_handler [ 1022.062568][T20410] netlink: 'syz.3.4285': attribute type 9 has an invalid length. [ 1022.070479][T20410] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4285'. [ 1022.560224][T20410] netlink: 'syz.3.4285': attribute type 9 has an invalid length. [ 1022.583998][T20410] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4285'. [ 1024.496175][T20436] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4290'. [ 1024.512189][T20436] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1024.531948][T20436] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1025.841876][T20458] can: request_module (can-proto-0) failed. [ 1026.537580][T20477] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4304'. [ 1026.547137][T20477] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1026.556196][T20477] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1028.033930][T20512] syz.3.4316[20512] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1028.034091][T20512] syz.3.4316[20512] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1028.719034][T20516] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4318'. [ 1028.782240][T20516] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1028.802525][T20516] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1028.956996][T20523] FAULT_INJECTION: forcing a failure. [ 1028.956996][T20523] name failslab, interval 1, probability 0, space 0, times 0 [ 1029.051563][T20523] CPU: 0 PID: 20523 Comm: syz.2.4320 Not tainted syzkaller #0 [ 1029.059123][T20523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1029.069227][T20523] Call Trace: [ 1029.072546][T20523] [ 1029.075512][T20523] dump_stack_lvl+0x18c/0x250 [ 1029.080249][T20523] ? show_regs_print_info+0x20/0x20 [ 1029.085519][T20523] ? load_image+0x400/0x400 [ 1029.090084][T20523] ? __might_sleep+0xe0/0xe0 [ 1029.094727][T20523] ? __lock_acquire+0x7d40/0x7d40 [ 1029.099809][T20523] should_fail_ex+0x39d/0x4d0 [ 1029.104595][T20523] should_failslab+0x9/0x20 [ 1029.109365][T20523] slab_pre_alloc_hook+0x59/0x310 [ 1029.114474][T20523] ? sctp_transport_hold+0x149/0x1d0 [ 1029.120075][T20523] ? sctp_datamsg_from_user+0x88/0xee0 [ 1029.125680][T20523] __kmem_cache_alloc_node+0x53/0x250 [ 1029.131188][T20523] ? sctp_datamsg_from_user+0x88/0xee0 [ 1029.136780][T20523] kmalloc_trace+0x2a/0xe0 [ 1029.141246][T20523] sctp_datamsg_from_user+0x88/0xee0 [ 1029.146676][T20523] ? __sk_mem_raise_allocated+0xa29/0x1340 [ 1029.152621][T20523] ? sctp_prsctp_prune+0x5d/0x790 [ 1029.157792][T20523] ? __sk_mem_schedule+0x7f/0xf0 [ 1029.162777][T20523] sctp_sendmsg_to_asoc+0x107f/0x1830 [ 1029.168304][T20523] ? jhash+0x740/0x740 [ 1029.172417][T20523] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 1029.178273][T20523] ? sctp_sendmsg_check_sflags+0x2d0/0x2d0 [ 1029.184311][T20523] ? __local_bh_enable_ip+0x13a/0x1c0 [ 1029.189729][T20523] ? _local_bh_enable+0xa0/0xa0 [ 1029.194701][T20523] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 1029.200638][T20523] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 1029.206678][T20523] ? sctp_sendmsg_check_sflags+0x18d/0x2d0 [ 1029.212978][T20523] sctp_sendmsg+0x1b83/0x28c0 [ 1029.217795][T20523] ? sctp_getsockopt+0xb60/0xb60 [ 1029.222790][T20523] ? aa_sk_perm+0x83c/0x970 [ 1029.227440][T20523] ? aa_af_perm+0x330/0x330 [ 1029.232009][T20523] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 1029.238488][T20523] ? sock_rps_record_flow+0x19/0x3f0 [ 1029.243831][T20523] ? inet_sendmsg+0x7c/0x2f0 [ 1029.248461][T20523] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1029.253879][T20523] ? security_socket_sendmsg+0x80/0xa0 [ 1029.259375][T20523] ? inet_send_prepare+0x260/0x260 [ 1029.264537][T20523] ____sys_sendmsg+0x5ba/0x960 [ 1029.269620][T20523] ? __lock_acquire+0x7d40/0x7d40 [ 1029.274977][T20523] ? __asan_memset+0x22/0x40 [ 1029.279620][T20523] ? __sys_sendmsg_sock+0x30/0x30 [ 1029.284788][T20523] ? __import_iovec+0x5f2/0x850 [ 1029.290499][T20523] ? import_iovec+0x73/0xa0 [ 1029.295151][T20523] ___sys_sendmsg+0x2a6/0x360 [ 1029.299865][T20523] ? get_pid_task+0x20/0x1e0 [ 1029.304524][T20523] ? __sys_sendmsg+0x2a0/0x2a0 [ 1029.309346][T20523] ? __lock_acquire+0x7d40/0x7d40 [ 1029.314443][T20523] __se_sys_sendmsg+0x1c2/0x2b0 [ 1029.319335][T20523] ? __x64_sys_sendmsg+0x80/0x80 [ 1029.324330][T20523] ? lockdep_hardirqs_on+0x98/0x150 [ 1029.329580][T20523] do_syscall_64+0x55/0xa0 [ 1029.334240][T20523] ? clear_bhb_loop+0x40/0x90 [ 1029.339064][T20523] ? clear_bhb_loop+0x40/0x90 [ 1029.343794][T20523] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1029.350000][T20523] RIP: 0033:0x7f9153d9bf79 [ 1029.354552][T20523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1029.374471][T20523] RSP: 002b:00007f9154cf7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1029.383036][T20523] RAX: ffffffffffffffda RBX: 00007f9154015fa0 RCX: 00007f9153d9bf79 [ 1029.391046][T20523] RDX: 00000000000480d1 RSI: 0000200000000140 RDI: 0000000000000003 [ 1029.399316][T20523] RBP: 00007f9154cf7090 R08: 0000000000000000 R09: 0000000000000000 [ 1029.407323][T20523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1029.415346][T20523] R13: 00007f9154016038 R14: 00007f9154015fa0 R15: 00007ffe5060ce98 [ 1029.423387][T20523] [ 1030.157187][T20546] syz.0.4327[20546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1030.157360][T20546] syz.0.4327[20546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1030.460594][T20549] netlink: 'syz.0.4327': attribute type 10 has an invalid length. [ 1030.515546][T20549] veth0_vlan: left promiscuous mode [ 1030.591009][T20549] veth0_vlan: entered promiscuous mode [ 1030.623291][T20554] syz.2.4330[20554] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1030.623472][T20554] syz.2.4330[20554] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1030.927264][T20549] team0: Device veth0_vlan failed to register rx_handler [ 1032.315324][T20541] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1034.451842][T20592] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4343'. [ 1034.494820][T20592] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1034.521310][T20592] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1035.110572][T20604] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4348'. [ 1035.125043][T20604] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1035.138423][T20604] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1036.236716][T20618] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4354'. [ 1036.685147][T20628] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4357'. [ 1036.697059][T20628] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1036.706622][T20628] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1037.124140][T20633] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4358'. [ 1037.142188][T20633] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1037.164308][T20633] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1039.598158][T20650] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4367'. [ 1039.631379][T20650] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1039.646063][T20650] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1039.796987][T20655] syz.1.4369[20655] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1039.797157][T20655] syz.1.4369[20655] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1040.123690][T20666] FAULT_INJECTION: forcing a failure. [ 1040.123690][T20666] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1040.170414][T20666] CPU: 0 PID: 20666 Comm: syz.3.4373 Not tainted syzkaller #0 [ 1040.178047][T20666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1040.188245][T20666] Call Trace: [ 1040.191561][T20666] [ 1040.194527][T20666] dump_stack_lvl+0x18c/0x250 [ 1040.199479][T20666] ? show_regs_print_info+0x20/0x20 [ 1040.204816][T20666] ? load_image+0x400/0x400 [ 1040.209466][T20666] ? __might_fault+0xaa/0x120 [ 1040.214361][T20666] ? __lock_acquire+0x7d40/0x7d40 [ 1040.219519][T20666] should_fail_ex+0x39d/0x4d0 [ 1040.224243][T20666] _copy_from_user+0x2f/0xe0 [ 1040.228874][T20666] ___sys_recvmsg+0x176/0x590 [ 1040.233593][T20666] ? __sys_recvmsg+0x2a0/0x2a0 [ 1040.238392][T20666] ? ksys_write+0x1c4/0x260 [ 1040.242947][T20666] ? __fget_files+0x43d/0x4b0 [ 1040.247676][T20666] __x64_sys_recvmsg+0x20c/0x2e0 [ 1040.252650][T20666] ? perf_trace_preemptirq_template+0x269/0x330 [ 1040.258946][T20666] ? ___sys_recvmsg+0x590/0x590 [ 1040.263952][T20666] ? lockdep_hardirqs_on+0x98/0x150 [ 1040.269208][T20666] do_syscall_64+0x55/0xa0 [ 1040.273672][T20666] ? clear_bhb_loop+0x40/0x90 [ 1040.278669][T20666] ? clear_bhb_loop+0x40/0x90 [ 1040.283407][T20666] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1040.289391][T20666] RIP: 0033:0x7f3e5399bf79 [ 1040.293885][T20666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1040.313983][T20666] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1040.322798][T20666] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 1040.330900][T20666] RDX: 0000000000002000 RSI: 0000200000000500 RDI: 0000000000000004 [ 1040.339126][T20666] RBP: 00007f3e54854090 R08: 0000000000000000 R09: 0000000000000000 [ 1040.347242][T20666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1040.355581][T20666] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 1040.363633][T20666] [ 1040.655148][T20670] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4374'. [ 1040.768610][T20677] netlink: 668 bytes leftover after parsing attributes in process `syz.3.4377'. [ 1040.782022][T20677] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1040.797231][T20677] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1043.537299][T20695] netlink: 105120 bytes leftover after parsing attributes in process `syz.3.4384'. [ 1043.558492][T20695] netlink: 'syz.3.4384': attribute type 2 has an invalid length. [ 1044.532643][T20709] syz.1.4391[20709] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1044.532799][T20709] syz.1.4391[20709] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1045.506079][T20723] syz.0.4396[20723] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1045.527937][T20723] syz.0.4396[20723] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1047.786490][T20739] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.4400'. [ 1048.006463][T20750] netlink: 668 bytes leftover after parsing attributes in process `syz.3.4404'. [ 1048.044643][T20750] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1048.079712][T20750] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1048.236130][T20754] syz.2.4406[20754] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1048.236291][T20754] syz.2.4406[20754] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1048.373509][T20762] FAULT_INJECTION: forcing a failure. [ 1048.373509][T20762] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1048.491309][T20762] CPU: 0 PID: 20762 Comm: syz.3.4407 Not tainted syzkaller #0 [ 1048.499002][T20762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1048.509194][T20762] Call Trace: [ 1048.512506][T20762] [ 1048.515466][T20762] dump_stack_lvl+0x18c/0x250 [ 1048.520199][T20762] ? show_regs_print_info+0x20/0x20 [ 1048.525442][T20762] ? load_image+0x400/0x400 [ 1048.530082][T20762] ? __might_fault+0xaa/0x120 [ 1048.534799][T20762] ? __lock_acquire+0x7d40/0x7d40 [ 1048.539867][T20762] should_fail_ex+0x39d/0x4d0 [ 1048.544590][T20762] _copy_from_user+0x2f/0xe0 [ 1048.549220][T20762] ___sys_sendmsg+0x1c7/0x360 [ 1048.553941][T20762] ? get_pid_task+0x20/0x1e0 [ 1048.558586][T20762] ? __sys_sendmsg+0x2a0/0x2a0 [ 1048.563420][T20762] ? __lock_acquire+0x7d40/0x7d40 [ 1048.568519][T20762] __se_sys_sendmsg+0x1c2/0x2b0 [ 1048.573426][T20762] ? __x64_sys_sendmsg+0x80/0x80 [ 1048.578427][T20762] ? lockdep_hardirqs_on+0x98/0x150 [ 1048.583770][T20762] do_syscall_64+0x55/0xa0 [ 1048.588471][T20762] ? clear_bhb_loop+0x40/0x90 [ 1048.593197][T20762] ? clear_bhb_loop+0x40/0x90 [ 1048.598005][T20762] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1048.603941][T20762] RIP: 0033:0x7f3e5399bf79 [ 1048.608484][T20762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1048.609324][T20755] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4405'. [ 1048.628293][T20762] RSP: 002b:00007f3e54812028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1048.628326][T20762] RAX: ffffffffffffffda RBX: 00007f3e53c16180 RCX: 00007f3e5399bf79 [ 1048.628341][T20762] RDX: 0000000020000800 RSI: 0000200000000640 RDI: 0000000000000003 [ 1048.628353][T20762] RBP: 00007f3e54812090 R08: 0000000000000000 R09: 0000000000000000 [ 1048.628366][T20762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1048.628378][T20762] R13: 00007f3e53c16218 R14: 00007f3e53c16180 R15: 00007ffe1e8dcba8 [ 1048.628411][T20762] [ 1050.013305][T20787] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4416'. [ 1050.023847][T20787] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1050.042231][T20787] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1050.410893][T20792] syz.3.4419[20792] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1050.411055][T20792] syz.3.4419[20792] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1051.138599][T20796] FAULT_INJECTION: forcing a failure. [ 1051.138599][T20796] name failslab, interval 1, probability 0, space 0, times 0 [ 1051.163534][T20796] CPU: 0 PID: 20796 Comm: syz.3.4420 Not tainted syzkaller #0 [ 1051.171129][T20796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1051.181241][T20796] Call Trace: [ 1051.184585][T20796] [ 1051.187563][T20796] dump_stack_lvl+0x18c/0x250 [ 1051.192321][T20796] ? show_regs_print_info+0x20/0x20 [ 1051.197572][T20796] ? load_image+0x400/0x400 [ 1051.202146][T20796] ? __might_sleep+0xe0/0xe0 [ 1051.206968][T20796] ? __lock_acquire+0x7d40/0x7d40 [ 1051.212048][T20796] should_fail_ex+0x39d/0x4d0 [ 1051.216871][T20796] should_failslab+0x9/0x20 [ 1051.221507][T20796] slab_pre_alloc_hook+0x59/0x310 [ 1051.226761][T20796] kmem_cache_alloc_node+0x60/0x320 [ 1051.232009][T20796] ? __alloc_skb+0x103/0x2c0 [ 1051.236648][T20796] __alloc_skb+0x103/0x2c0 [ 1051.241114][T20796] netlink_sendmsg+0x66a/0xbf0 [ 1051.245934][T20796] ? netlink_getsockopt+0x590/0x590 [ 1051.251272][T20796] ? aa_sock_msg_perm+0x94/0x150 [ 1051.256337][T20796] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1051.261846][T20796] ? security_socket_sendmsg+0x80/0xa0 [ 1051.267434][T20796] ? netlink_getsockopt+0x590/0x590 [ 1051.272762][T20796] ____sys_sendmsg+0x5ba/0x960 [ 1051.277737][T20796] ? __asan_memset+0x22/0x40 [ 1051.282563][T20796] ? __sys_sendmsg_sock+0x30/0x30 [ 1051.287616][T20796] ? __import_iovec+0x5f2/0x850 [ 1051.292698][T20796] ? import_iovec+0x73/0xa0 [ 1051.297523][T20796] ___sys_sendmsg+0x2a6/0x360 [ 1051.302244][T20796] ? get_pid_task+0x20/0x1e0 [ 1051.307082][T20796] ? __sys_sendmsg+0x2a0/0x2a0 [ 1051.312143][T20796] ? __lock_acquire+0x7d40/0x7d40 [ 1051.317209][T20796] __se_sys_sendmsg+0x1c2/0x2b0 [ 1051.322084][T20796] ? __x64_sys_sendmsg+0x80/0x80 [ 1051.327218][T20796] ? lockdep_hardirqs_on+0x98/0x150 [ 1051.332604][T20796] do_syscall_64+0x55/0xa0 [ 1051.337113][T20796] ? clear_bhb_loop+0x40/0x90 [ 1051.341802][T20796] ? clear_bhb_loop+0x40/0x90 [ 1051.346600][T20796] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1051.352589][T20796] RIP: 0033:0x7f3e5399bf79 [ 1051.357626][T20796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1051.377865][T20796] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1051.386645][T20796] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 1051.394810][T20796] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000003 [ 1051.402883][T20796] RBP: 00007f3e54854090 R08: 0000000000000000 R09: 0000000000000000 [ 1051.411064][T20796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1051.419152][T20796] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 1051.427370][T20796] [ 1051.582654][T20798] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.4421'. [ 1053.235997][T20790] netlink: 'syz.2.4418': attribute type 10 has an invalid length. [ 1053.244174][T20798] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.4421'. [ 1053.455190][T20810] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4425'. [ 1053.468359][T20810] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1053.482749][T20810] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1053.694052][T20817] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4427'. [ 1053.705786][T20817] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1053.723747][T20817] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1053.848758][T20825] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4428'. [ 1053.918016][T20824] netlink: 15999 bytes leftover after parsing attributes in process `syz.0.4430'. [ 1053.930812][T20825] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4428'. [ 1053.944088][T20828] netlink: 'syz.0.4430': attribute type 10 has an invalid length. [ 1053.958415][T20829] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4428'. [ 1053.966680][T20826] delete_channel: no stack [ 1054.026084][T20820] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4428'. [ 1054.244400][T20837] syz.0.4435[20837] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1054.244569][T20837] syz.0.4435[20837] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1054.470158][T20846] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4437'. [ 1054.536747][T20845] netlink: 668 bytes leftover after parsing attributes in process `syz.3.4438'. [ 1054.551914][T20846] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1054.561118][T20845] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1054.583008][T20846] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1054.594431][T20845] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1054.950218][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.960071][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.979693][T20853] delete_channel: no stack [ 1055.151598][T20868] FAULT_INJECTION: forcing a failure. [ 1055.151598][T20868] name failslab, interval 1, probability 0, space 0, times 0 [ 1055.164467][T20868] CPU: 0 PID: 20868 Comm: syz.0.4447 Not tainted syzkaller #0 [ 1055.171980][T20868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1055.182171][T20868] Call Trace: [ 1055.185599][T20868] [ 1055.188655][T20868] dump_stack_lvl+0x18c/0x250 [ 1055.193479][T20868] ? show_regs_print_info+0x20/0x20 [ 1055.198739][T20868] ? load_image+0x400/0x400 [ 1055.203657][T20868] ? __might_sleep+0xe0/0xe0 [ 1055.208394][T20868] ? __lock_acquire+0x7d40/0x7d40 [ 1055.213605][T20868] should_fail_ex+0x39d/0x4d0 [ 1055.218338][T20868] should_failslab+0x9/0x20 [ 1055.222893][T20868] slab_pre_alloc_hook+0x59/0x310 [ 1055.227979][T20868] kmem_cache_alloc_lru+0x4d/0x2d0 [ 1055.233144][T20868] ? __d_alloc+0x31/0x730 [ 1055.237544][T20868] __d_alloc+0x31/0x730 [ 1055.241762][T20868] d_alloc_pseudo+0x1d/0x70 [ 1055.246412][T20868] alloc_file_pseudo+0xe4/0x210 [ 1055.251671][T20868] ? alloc_empty_backing_file+0xe0/0xe0 [ 1055.257281][T20868] ? __lock_acquire+0x7d40/0x7d40 [ 1055.262355][T20868] ? __local_bh_enable_ip+0x13a/0x1c0 [ 1055.267868][T20868] ? _local_bh_enable+0xa0/0xa0 [ 1055.272972][T20868] anon_inode_getfile+0xc5/0x1a0 [ 1055.278137][T20868] bpf_link_prime+0xa6/0x1d0 [ 1055.282867][T20868] bpf_xdp_link_attach+0x260/0x730 [ 1055.288215][T20868] ? dev_xdp_prog+0x100/0x100 [ 1055.293124][T20868] ? __lock_acquire+0x7d40/0x7d40 [ 1055.298390][T20868] ? __fget_files+0x43d/0x4b0 [ 1055.303225][T20868] ? attach_type_to_prog_type+0x330/0x3a0 [ 1055.309168][T20868] ? bpf_prog_attach_check_attach_type+0x2d8/0x440 [ 1055.315798][T20868] link_create+0x3ff/0x720 [ 1055.320364][T20868] __sys_bpf+0x4d7/0x890 [ 1055.324645][T20868] ? bpf_link_show_fdinfo+0x390/0x390 [ 1055.330062][T20868] ? lock_chain_count+0x20/0x20 [ 1055.335071][T20868] __x64_sys_bpf+0x7c/0x90 [ 1055.339502][T20868] do_syscall_64+0x55/0xa0 [ 1055.344480][T20868] ? clear_bhb_loop+0x40/0x90 [ 1055.349197][T20868] ? clear_bhb_loop+0x40/0x90 [ 1055.353895][T20868] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1055.359890][T20868] RIP: 0033:0x7f74efd9bf79 [ 1055.364532][T20868] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1055.384344][T20868] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1055.392807][T20868] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 1055.400793][T20868] RDX: 0000000000000040 RSI: 0000200000000240 RDI: 000000000000001c [ 1055.408863][T20868] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 1055.416846][T20868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1055.424829][T20868] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 1055.432912][T20868] [ 1055.476057][T20872] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1055.494507][T20872] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1055.682184][T20884] FAULT_INJECTION: forcing a failure. [ 1055.682184][T20884] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1055.695740][T20884] CPU: 1 PID: 20884 Comm: syz.0.4453 Not tainted syzkaller #0 [ 1055.703244][T20884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1055.713343][T20884] Call Trace: [ 1055.716667][T20884] [ 1055.719632][T20884] dump_stack_lvl+0x18c/0x250 [ 1055.724539][T20884] ? show_regs_print_info+0x20/0x20 [ 1055.729876][T20884] ? load_image+0x400/0x400 [ 1055.734433][T20884] ? __might_fault+0xaa/0x120 [ 1055.739238][T20884] ? __lock_acquire+0x7d40/0x7d40 [ 1055.744574][T20884] should_fail_ex+0x39d/0x4d0 [ 1055.749737][T20884] _copy_from_user+0x2f/0xe0 [ 1055.754375][T20884] kstrtouint_from_user+0xde/0x170 [ 1055.759536][T20884] ? kstrtol_from_user+0x190/0x190 [ 1055.764972][T20884] proc_fail_nth_write+0x8f/0x250 [ 1055.770150][T20884] ? proc_fail_nth_read+0x260/0x260 [ 1055.775417][T20884] ? proc_fail_nth_read+0x260/0x260 [ 1055.780665][T20884] vfs_write+0x296/0x990 [ 1055.784966][T20884] ? file_end_write+0x250/0x250 [ 1055.789882][T20884] ? __fget_files+0x28/0x4b0 [ 1055.794601][T20884] ? __fget_files+0x28/0x4b0 [ 1055.799332][T20884] ? __fget_files+0x43d/0x4b0 [ 1055.804063][T20884] ? __fdget_pos+0x2a3/0x330 [ 1055.808677][T20884] ? ksys_write+0x75/0x260 [ 1055.813207][T20884] ksys_write+0x150/0x260 [ 1055.817555][T20884] ? __ia32_sys_read+0x90/0x90 [ 1055.822340][T20884] ? lockdep_hardirqs_on+0x98/0x150 [ 1055.827553][T20884] do_syscall_64+0x55/0xa0 [ 1055.831984][T20884] ? clear_bhb_loop+0x40/0x90 [ 1055.836671][T20884] ? clear_bhb_loop+0x40/0x90 [ 1055.841360][T20884] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1055.847439][T20884] RIP: 0033:0x7f74efd5c84e [ 1055.851880][T20884] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1055.871850][T20884] RSP: 002b:00007f74f0c8afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1055.880286][T20884] RAX: ffffffffffffffda RBX: 00007f74f0c8b6c0 RCX: 00007f74efd5c84e [ 1055.888358][T20884] RDX: 0000000000000001 RSI: 00007f74f0c8b0a0 RDI: 0000000000000004 [ 1055.896341][T20884] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 1055.904323][T20884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1055.913350][T20884] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 1055.921523][T20884] [ 1055.954325][T20889] syz.2.4456[20889] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1055.954493][T20889] syz.2.4456[20889] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1056.370583][T20894] netlink: 'syz.1.4458': attribute type 29 has an invalid length. [ 1056.452673][T20894] netlink: 'syz.1.4458': attribute type 29 has an invalid length. [ 1056.459083][T20903] FAULT_INJECTION: forcing a failure. [ 1056.459083][T20903] name failslab, interval 1, probability 0, space 0, times 0 [ 1056.488312][T20896] netlink: 'syz.1.4458': attribute type 29 has an invalid length. [ 1056.488603][T20903] CPU: 1 PID: 20903 Comm: syz.0.4460 Not tainted syzkaller #0 [ 1056.503932][T20903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1056.514381][T20903] Call Trace: [ 1056.517697][T20903] [ 1056.520657][T20903] dump_stack_lvl+0x18c/0x250 [ 1056.525641][T20903] ? show_regs_print_info+0x20/0x20 [ 1056.530889][T20903] ? load_image+0x400/0x400 [ 1056.535610][T20903] ? __might_sleep+0xe0/0xe0 [ 1056.540327][T20903] ? __lock_acquire+0x7d40/0x7d40 [ 1056.545490][T20903] should_fail_ex+0x39d/0x4d0 [ 1056.550311][T20903] should_failslab+0x9/0x20 [ 1056.554851][T20903] slab_pre_alloc_hook+0x59/0x310 [ 1056.559924][T20903] ? lock_chain_count+0x20/0x20 [ 1056.565436][T20903] ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 1056.571388][T20903] __kmem_cache_alloc_node+0x53/0x250 [ 1056.576823][T20903] ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 1056.582804][T20903] kmalloc_trace+0x2a/0xe0 [ 1056.587268][T20903] sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 1056.593028][T20903] sctp_association_new+0x15d3/0x25c0 [ 1056.598458][T20903] sctp_connect_new_asoc+0x2de/0x6a0 [ 1056.603765][T20903] ? __sctp_connect+0xd80/0xd80 [ 1056.608630][T20903] ? _local_bh_enable+0xa0/0xa0 [ 1056.613494][T20903] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 1056.619317][T20903] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 1056.625135][T20903] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 1056.630695][T20903] ? security_sctp_bind_connect+0x89/0xb0 [ 1056.636432][T20903] sctp_sendmsg+0x1575/0x28c0 [ 1056.641323][T20903] ? sctp_getsockopt+0xb60/0xb60 [ 1056.646274][T20903] ? aa_sk_perm+0x83c/0x970 [ 1056.651066][T20903] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1056.657251][T20903] ? lockdep_hardirqs_on+0x98/0x150 [ 1056.662738][T20903] ? aa_af_perm+0x330/0x330 [ 1056.667352][T20903] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 1056.674476][T20903] ? sock_rps_record_flow+0x19/0x3f0 [ 1056.679777][T20903] ? inet_sendmsg+0x7c/0x2f0 [ 1056.684384][T20903] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1056.689773][T20903] ? security_socket_sendmsg+0x80/0xa0 [ 1056.695250][T20903] ? inet_send_prepare+0x260/0x260 [ 1056.700493][T20903] ____sys_sendmsg+0x5ba/0x960 [ 1056.705470][T20903] ? __lock_acquire+0x7d40/0x7d40 [ 1056.710563][T20903] ? __asan_memset+0x22/0x40 [ 1056.715268][T20903] ? __sys_sendmsg_sock+0x30/0x30 [ 1056.720304][T20903] ? __import_iovec+0x5f2/0x850 [ 1056.725280][T20903] ? import_iovec+0x73/0xa0 [ 1056.730030][T20903] ___sys_sendmsg+0x2a6/0x360 [ 1056.734814][T20903] ? __sys_sendmsg+0x2a0/0x2a0 [ 1056.739614][T20903] ? seqcount_lockdep_reader_access+0x17b/0x1d0 [ 1056.745889][T20903] __se_sys_sendmsg+0x1c2/0x2b0 [ 1056.750839][T20903] ? __x64_sys_sendmsg+0x80/0x80 [ 1056.755886][T20903] ? syscall_enter_from_user_mode+0x2e/0x80 [ 1056.761798][T20903] do_syscall_64+0x55/0xa0 [ 1056.766312][T20903] ? clear_bhb_loop+0x40/0x90 [ 1056.770998][T20903] ? clear_bhb_loop+0x40/0x90 [ 1056.775694][T20903] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1056.781595][T20903] RIP: 0033:0x7f74efd9bf79 [ 1056.786026][T20903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1056.806090][T20903] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1056.814697][T20903] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 1056.822868][T20903] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000008 [ 1056.831029][T20903] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 1056.839364][T20903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1056.847529][T20903] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 1056.855614][T20903] [ 1057.271273][T20924] FAULT_INJECTION: forcing a failure. [ 1057.271273][T20924] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1057.284929][T20924] CPU: 0 PID: 20924 Comm: syz.3.4469 Not tainted syzkaller #0 [ 1057.293043][T20924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1057.303320][T20924] Call Trace: [ 1057.306821][T20924] [ 1057.309875][T20924] dump_stack_lvl+0x18c/0x250 [ 1057.314600][T20924] ? show_regs_print_info+0x20/0x20 [ 1057.320031][T20924] ? load_image+0x400/0x400 [ 1057.324744][T20924] ? __might_fault+0xaa/0x120 [ 1057.329548][T20924] ? __lock_acquire+0x7d40/0x7d40 [ 1057.334970][T20924] should_fail_ex+0x39d/0x4d0 [ 1057.339695][T20924] _copy_to_user+0x2f/0xa0 [ 1057.344324][T20924] finalize_log+0xe4/0x160 [ 1057.348880][T20924] ? btf_parse_struct_metas+0xe40/0xe40 [ 1057.354466][T20924] ? btf_check_type_tags+0x674/0x680 [ 1057.359797][T20924] btf_new_fd+0x768/0x9f0 [ 1057.364179][T20924] ? bpf_btf_show_fdinfo+0x80/0x80 [ 1057.369361][T20924] ? capable+0x88/0xe0 [ 1057.373505][T20924] __sys_bpf+0x670/0x890 [ 1057.377885][T20924] ? bpf_link_show_fdinfo+0x390/0x390 [ 1057.383407][T20924] ? lock_chain_count+0x20/0x20 [ 1057.388602][T20924] __x64_sys_bpf+0x7c/0x90 [ 1057.393249][T20924] do_syscall_64+0x55/0xa0 [ 1057.397794][T20924] ? clear_bhb_loop+0x40/0x90 [ 1057.402689][T20924] ? clear_bhb_loop+0x40/0x90 [ 1057.407497][T20924] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1057.413598][T20924] RIP: 0033:0x7f3e5399bf79 [ 1057.418140][T20924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1057.438225][T20924] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1057.446959][T20924] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 1057.455231][T20924] RDX: 0000000000000028 RSI: 0000200000000140 RDI: 0000000000000012 [ 1057.463763][T20924] RBP: 00007f3e54854090 R08: 0000000000000000 R09: 0000000000000000 [ 1057.471958][T20924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1057.480057][T20924] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 1057.488176][T20924] [ 1057.513581][T20920] veth0_to_bond: entered promiscuous mode [ 1057.657073][T20929] netlink: 'syz.3.4470': attribute type 10 has an invalid length. [ 1057.676650][T20929] hsr0: entered promiscuous mode [ 1057.832562][T20933] syz.3.4473[20933] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1057.832717][T20933] syz.3.4473[20933] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1058.295380][T20939] __nla_validate_parse: 5 callbacks suppressed [ 1058.295420][T20939] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4474'. [ 1058.398647][T20931] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4472'. [ 1058.426474][T20936] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4472'. [ 1058.524849][T20934] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4472'. [ 1058.894180][T20952] FAULT_INJECTION: forcing a failure. [ 1058.894180][T20952] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.921419][T20952] CPU: 0 PID: 20952 Comm: syz.3.4479 Not tainted syzkaller #0 [ 1058.929047][T20952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1058.939118][T20952] Call Trace: [ 1058.942411][T20952] [ 1058.945356][T20952] dump_stack_lvl+0x18c/0x250 [ 1058.950236][T20952] ? show_regs_print_info+0x20/0x20 [ 1058.955630][T20952] ? load_image+0x400/0x400 [ 1058.960242][T20952] ? __might_sleep+0xe0/0xe0 [ 1058.965025][T20952] ? __lock_acquire+0x7d40/0x7d40 [ 1058.970091][T20952] ? __lock_acquire+0x1273/0x7d40 [ 1058.975157][T20952] should_fail_ex+0x39d/0x4d0 [ 1058.980052][T20952] should_failslab+0x9/0x20 [ 1058.984611][T20952] slab_pre_alloc_hook+0x59/0x310 [ 1058.989786][T20952] kmem_cache_alloc_node+0x60/0x320 [ 1058.995201][T20952] ? __alloc_skb+0x103/0x2c0 [ 1059.000063][T20952] __alloc_skb+0x103/0x2c0 [ 1059.004504][T20952] alloc_skb_with_frags+0xca/0x7b0 [ 1059.009811][T20952] ? trace_event_raw_event_lock+0x250/0x250 [ 1059.015727][T20952] ? __ipv6_dev_get_saddr+0x404/0x430 [ 1059.021295][T20952] sock_alloc_send_pskb+0x883/0x9a0 [ 1059.026528][T20952] ? sock_kzfree_s+0x50/0x50 [ 1059.031319][T20952] ? ip6_dst_lookup_tail+0xbf9/0x1530 [ 1059.036890][T20952] rawv6_send_hdrinc+0x2fc/0x1640 [ 1059.042114][T20952] ? txopt_get+0x7a/0x3f0 [ 1059.046461][T20952] ? txopt_get+0x3f0/0x3f0 [ 1059.050887][T20952] ? txopt_get+0x344/0x3f0 [ 1059.055319][T20952] ? fl6_sock_lookup+0xc0/0xc0 [ 1059.060108][T20952] rawv6_sendmsg+0x12cc/0x1770 [ 1059.064902][T20952] ? compat_rawv6_ioctl+0x70/0x70 [ 1059.069980][T20952] ? aa_sk_perm+0x83c/0x970 [ 1059.074638][T20952] ? tomoyo_socket_sendmsg_permission+0x216/0x2f0 [ 1059.081279][T20952] ? inet_sendmsg+0x7c/0x2f0 [ 1059.085890][T20952] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1059.091223][T20952] ? security_socket_sendmsg+0x80/0xa0 [ 1059.096722][T20952] ? inet_send_prepare+0x260/0x260 [ 1059.101962][T20952] ____sys_sendmsg+0x5ba/0x960 [ 1059.106773][T20952] ? __lock_acquire+0x7d40/0x7d40 [ 1059.111911][T20952] ? __asan_memset+0x22/0x40 [ 1059.116695][T20952] ? __sys_sendmsg_sock+0x30/0x30 [ 1059.121815][T20952] ? __import_iovec+0x5f2/0x850 [ 1059.126782][T20952] ? import_iovec+0x73/0xa0 [ 1059.131404][T20952] ___sys_sendmsg+0x2a6/0x360 [ 1059.136099][T20952] ? __sys_sendmsg+0x2a0/0x2a0 [ 1059.140979][T20952] ? __lock_acquire+0x7d40/0x7d40 [ 1059.146133][T20952] __se_sys_sendmsg+0x1c2/0x2b0 [ 1059.150998][T20952] ? __x64_sys_sendmsg+0x80/0x80 [ 1059.156051][T20952] ? lockdep_hardirqs_on+0x98/0x150 [ 1059.161269][T20952] do_syscall_64+0x55/0xa0 [ 1059.165700][T20952] ? clear_bhb_loop+0x40/0x90 [ 1059.170389][T20952] ? clear_bhb_loop+0x40/0x90 [ 1059.175077][T20952] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1059.180982][T20952] RIP: 0033:0x7f3e5399bf79 [ 1059.185499][T20952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1059.205397][T20952] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1059.213920][T20952] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 1059.222099][T20952] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004 [ 1059.230216][T20952] RBP: 00007f3e54854090 R08: 0000000000000000 R09: 0000000000000000 [ 1059.238313][T20952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1059.246409][T20952] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 1059.254510][T20952] [ 1059.362581][T20956] -: renamed from syzkaller0 [ 1059.382761][T20955] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4480'. [ 1059.405618][T20955] net_ratelimit: 4 callbacks suppressed [ 1059.405660][T20955] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1059.438428][T20955] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1059.666893][T20965] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4484'. [ 1059.679686][T20965] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1059.696046][T20965] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1059.798376][T20974] netlink: 149044 bytes leftover after parsing attributes in process `syz.0.4488'. [ 1059.926880][T20978] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4497'. [ 1059.934992][T20974] syzkaller0: entered promiscuous mode [ 1059.938508][T20978] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1059.959955][T20978] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1059.968880][T20974] netlink: 'syz.0.4488': attribute type 10 has an invalid length. [ 1060.129635][T20987] FAULT_INJECTION: forcing a failure. [ 1060.129635][T20987] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1060.154301][T20987] CPU: 0 PID: 20987 Comm: syz.2.4491 Not tainted syzkaller #0 [ 1060.161847][T20987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1060.171955][T20987] Call Trace: [ 1060.175271][T20987] [ 1060.178229][T20987] dump_stack_lvl+0x18c/0x250 [ 1060.182974][T20987] ? show_regs_print_info+0x20/0x20 [ 1060.188300][T20987] ? load_image+0x400/0x400 [ 1060.192839][T20987] ? __lock_acquire+0x7d40/0x7d40 [ 1060.197938][T20987] ? snprintf+0xe9/0x140 [ 1060.202224][T20987] should_fail_ex+0x39d/0x4d0 [ 1060.207037][T20987] _copy_to_user+0x2f/0xa0 [ 1060.211489][T20987] simple_read_from_buffer+0xe7/0x150 [ 1060.217169][T20987] proc_fail_nth_read+0x1e8/0x260 [ 1060.222363][T20987] ? proc_fault_inject_write+0x360/0x360 [ 1060.228228][T20987] ? fsnotify_perm+0x271/0x5e0 [ 1060.233119][T20987] ? proc_fault_inject_write+0x360/0x360 [ 1060.238794][T20987] vfs_read+0x28b/0x970 [ 1060.242999][T20987] ? kernel_read+0x1e0/0x1e0 [ 1060.247715][T20987] ? __fget_files+0x28/0x4b0 [ 1060.252336][T20987] ? __fget_files+0x28/0x4b0 [ 1060.257051][T20987] ? __fget_files+0x43d/0x4b0 [ 1060.261772][T20987] ? __fdget_pos+0x2a3/0x330 [ 1060.266396][T20987] ? ksys_read+0x75/0x260 [ 1060.270774][T20987] ksys_read+0x150/0x260 [ 1060.275148][T20987] ? vfs_write+0x990/0x990 [ 1060.279603][T20987] ? lockdep_hardirqs_on+0x98/0x150 [ 1060.284840][T20987] do_syscall_64+0x55/0xa0 [ 1060.289303][T20987] ? clear_bhb_loop+0x40/0x90 [ 1060.294163][T20987] ? clear_bhb_loop+0x40/0x90 [ 1060.298966][T20987] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1060.304906][T20987] RIP: 0033:0x7f9153d5c84e [ 1060.309527][T20987] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1060.329447][T20987] RSP: 002b:00007f9154cd5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1060.337899][T20987] RAX: ffffffffffffffda RBX: 00007f9154cd66c0 RCX: 00007f9153d5c84e [ 1060.345925][T20987] RDX: 000000000000000f RSI: 00007f9154cd60a0 RDI: 0000000000000005 [ 1060.353930][T20987] RBP: 00007f9154cd6090 R08: 0000000000000000 R09: 0000000000000000 [ 1060.362104][T20987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1060.370103][T20987] R13: 00007f9154016128 R14: 00007f9154016090 R15: 00007ffe5060ce98 [ 1060.378149][T20987] [ 1060.638773][T20991] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4493'. [ 1060.666446][T20991] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1060.687249][T20991] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1061.676235][T21011] netlink: 668 bytes leftover after parsing attributes in process `syz.3.4502'. [ 1061.716987][T21011] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1061.727422][T21011] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1063.906569][T21003] netlink: 63503 bytes leftover after parsing attributes in process `syz.2.4500'. [ 1064.145703][T21042] netlink: 64535 bytes leftover after parsing attributes in process `syz.1.4512'. [ 1064.654746][T21060] syz.1.4517[21060] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1064.654911][T21060] syz.1.4517[21060] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1064.714495][T21061] netlink: 830 bytes leftover after parsing attributes in process `syz.3.4516'. [ 1064.738226][T21061] veth0_to_bond: entered promiscuous mode [ 1065.261368][T21073] syzkaller0: entered promiscuous mode [ 1065.300331][T21073] syzkaller0: entered allmulticast mode [ 1065.807047][T21084] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4526'. [ 1065.818889][T21084] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1065.830259][T21084] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1065.990756][T21097] syz.0.4532[21097] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1065.990915][T21097] syz.0.4532[21097] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1068.730194][T21115] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4541'. [ 1068.786648][T21115] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1068.830614][T21120] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4535'. [ 1068.847347][T21115] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1068.874276][T21120] netlink: 196 bytes leftover after parsing attributes in process `syz.2.4535'. [ 1069.593040][T21125] netlink: 830 bytes leftover after parsing attributes in process `syz.1.4533'. [ 1069.605597][T21125] veth0_to_bond: entered promiscuous mode [ 1069.823627][T21143] syz.3.4543[21143] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1069.823792][T21143] syz.3.4543[21143] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1069.870041][T21146] syz.0.4544[21146] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1069.879235][T21144] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.4542'. [ 1069.882109][T21146] syz.0.4544[21146] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1071.110939][T21175] syz.0.4555[21175] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1071.206328][T21175] syz.0.4555[21175] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1072.321096][T21203] syz.3.4563[21203] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1072.342575][T21203] syz.3.4563[21203] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1072.479654][T21209] syz.2.4564[21209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1072.523120][T21209] syz.2.4564[21209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1072.870239][T21217] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4567'. [ 1072.935486][T21217] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1072.950936][T21217] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1073.146934][T21223] FAULT_INJECTION: forcing a failure. [ 1073.146934][T21223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1073.168399][T21223] CPU: 1 PID: 21223 Comm: syz.0.4569 Not tainted syzkaller #0 [ 1073.176038][T21223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1073.186319][T21223] Call Trace: [ 1073.189639][T21223] [ 1073.192613][T21223] dump_stack_lvl+0x18c/0x250 [ 1073.197382][T21223] ? show_regs_print_info+0x20/0x20 [ 1073.202981][T21223] ? load_image+0x400/0x400 [ 1073.207624][T21223] ? __might_fault+0xaa/0x120 [ 1073.212610][T21223] ? __lock_acquire+0x7d40/0x7d40 [ 1073.217868][T21223] should_fail_ex+0x39d/0x4d0 [ 1073.222779][T21223] _copy_to_user+0x2f/0xa0 [ 1073.227330][T21223] btf_new_fd+0x5c0/0x9f0 [ 1073.231890][T21223] ? bpf_btf_show_fdinfo+0x80/0x80 [ 1073.237150][T21223] ? capable+0x88/0xe0 [ 1073.241368][T21223] __sys_bpf+0x670/0x890 [ 1073.245663][T21223] ? bpf_link_show_fdinfo+0x390/0x390 [ 1073.251367][T21223] ? lock_chain_count+0x20/0x20 [ 1073.256280][T21223] __x64_sys_bpf+0x7c/0x90 [ 1073.260765][T21223] do_syscall_64+0x55/0xa0 [ 1073.265331][T21223] ? clear_bhb_loop+0x40/0x90 [ 1073.270058][T21223] ? clear_bhb_loop+0x40/0x90 [ 1073.274883][T21223] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1073.280921][T21223] RIP: 0033:0x7f74efd9bf79 [ 1073.285378][T21223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1073.305382][T21223] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1073.313844][T21223] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 1073.321954][T21223] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 0000000000000012 [ 1073.329991][T21223] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 1073.338195][T21223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1073.346305][T21223] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 1073.354525][T21223] [ 1074.859770][T21241] FAULT_INJECTION: forcing a failure. [ 1074.859770][T21241] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1074.903935][T21241] CPU: 0 PID: 21241 Comm: syz.2.4577 Not tainted syzkaller #0 [ 1074.911492][T21241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1074.921754][T21241] Call Trace: [ 1074.925058][T21241] [ 1074.928025][T21241] dump_stack_lvl+0x18c/0x250 [ 1074.932836][T21241] ? show_regs_print_info+0x20/0x20 [ 1074.938073][T21241] ? load_image+0x400/0x400 [ 1074.942615][T21241] ? __lock_acquire+0x7d40/0x7d40 [ 1074.947669][T21241] ? snprintf+0xe9/0x140 [ 1074.951952][T21241] should_fail_ex+0x39d/0x4d0 [ 1074.956682][T21241] _copy_to_user+0x2f/0xa0 [ 1074.961147][T21241] simple_read_from_buffer+0xe7/0x150 [ 1074.966565][T21241] proc_fail_nth_read+0x1e8/0x260 [ 1074.971629][T21241] ? proc_fault_inject_write+0x360/0x360 [ 1074.977300][T21241] ? fsnotify_perm+0x271/0x5e0 [ 1074.982102][T21241] ? proc_fault_inject_write+0x360/0x360 [ 1074.987788][T21241] vfs_read+0x28b/0x970 [ 1074.992020][T21241] ? kernel_read+0x1e0/0x1e0 [ 1074.996831][T21241] ? __fget_files+0x28/0x4b0 [ 1075.001623][T21241] ? __fget_files+0x28/0x4b0 [ 1075.006233][T21241] ? __fget_files+0x43d/0x4b0 [ 1075.011017][T21241] ? __fdget_pos+0x2a3/0x330 [ 1075.015717][T21241] ? ksys_read+0x75/0x260 [ 1075.020064][T21241] ksys_read+0x150/0x260 [ 1075.024349][T21241] ? vfs_write+0x990/0x990 [ 1075.028785][T21241] ? lockdep_hardirqs_on+0x98/0x150 [ 1075.034199][T21241] do_syscall_64+0x55/0xa0 [ 1075.038651][T21241] ? clear_bhb_loop+0x40/0x90 [ 1075.043443][T21241] ? clear_bhb_loop+0x40/0x90 [ 1075.048230][T21241] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1075.054134][T21241] RIP: 0033:0x7f9153d5c84e [ 1075.058562][T21241] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1075.078444][T21241] RSP: 002b:00007f9154cf6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1075.086876][T21241] RAX: ffffffffffffffda RBX: 00007f9154cf76c0 RCX: 00007f9153d5c84e [ 1075.094952][T21241] RDX: 000000000000000f RSI: 00007f9154cf70a0 RDI: 0000000000000004 [ 1075.102929][T21241] RBP: 00007f9154cf7090 R08: 0000000000000000 R09: 0000000000000000 [ 1075.111032][T21241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1075.119109][T21241] R13: 00007f9154016038 R14: 00007f9154015fa0 R15: 00007ffe5060ce98 [ 1075.127377][T21241] [ 1075.623753][T21246] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4579'. [ 1075.653396][T21246] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1075.664067][T21246] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1075.833427][T21253] netlink: 'syz.3.4581': attribute type 11 has an invalid length. [ 1075.842611][T21253] netlink: 'syz.3.4581': attribute type 1 has an invalid length. [ 1075.850527][T21253] netlink: 'syz.3.4581': attribute type 2 has an invalid length. [ 1075.858946][T21253] netlink: 198048 bytes leftover after parsing attributes in process `syz.3.4581'. [ 1075.882267][T21255] bpf_get_probe_write_proto: 2 callbacks suppressed [ 1075.882286][T21255] syz.2.4580[21255] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1075.891777][T21255] syz.2.4580[21255] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1076.238572][T21257] syzkaller0: entered promiscuous mode [ 1076.249053][T21263] syz.1.4583[21263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1076.256357][T21263] syz.1.4583[21263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1076.287199][T21257] syzkaller0: entered allmulticast mode [ 1076.463465][T21261] syzkaller0: tun_net_xmit 1280 [ 1077.246675][T21280] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4589'. [ 1077.259712][T21280] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1077.274076][T21280] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1077.430154][T21289] netlink: 16410 bytes leftover after parsing attributes in process `syz.1.4591'. [ 1079.552656][T21313] syz.3.4604[21313] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1079.552836][T21313] syz.3.4604[21313] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1079.581568][T21311] syz.0.4603[21311] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1079.585947][T21315] syz.1.4596[21315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1079.606976][T21311] syz.0.4603[21311] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1079.657863][T21315] syz.1.4596[21315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1080.723002][T21317] syzkaller0: entered promiscuous mode [ 1080.749670][T21317] syzkaller0: entered allmulticast mode [ 1080.898884][T21327] syz.0.4599[21327] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1080.899052][T21327] syz.0.4599[21327] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1081.929553][T21337] syz.0.4602[21337] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1081.941810][T21337] syz.0.4602[21337] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1082.983987][T21346] FAULT_INJECTION: forcing a failure. [ 1082.983987][T21346] name failslab, interval 1, probability 0, space 0, times 0 [ 1083.009324][T21346] CPU: 0 PID: 21346 Comm: syz.0.4607 Not tainted syzkaller #0 [ 1083.016886][T21346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1083.027051][T21346] Call Trace: [ 1083.030424][T21346] [ 1083.033362][T21346] dump_stack_lvl+0x18c/0x250 [ 1083.038057][T21346] ? show_regs_print_info+0x20/0x20 [ 1083.043266][T21346] ? load_image+0x400/0x400 [ 1083.047949][T21346] ? verify_lock_unused+0x140/0x140 [ 1083.053248][T21346] should_fail_ex+0x39d/0x4d0 [ 1083.057937][T21346] should_failslab+0x9/0x20 [ 1083.062451][T21346] slab_pre_alloc_hook+0x59/0x310 [ 1083.067483][T21346] kmem_cache_alloc+0x5a/0x2d0 [ 1083.072267][T21346] ? skb_clone+0x1eb/0x370 [ 1083.076695][T21346] skb_clone+0x1eb/0x370 [ 1083.080952][T21346] __netlink_deliver_tap+0x41c/0x830 [ 1083.086342][T21346] ? netlink_deliver_tap+0x2e/0x1b0 [ 1083.091636][T21346] netlink_deliver_tap+0x19c/0x1b0 [ 1083.096793][T21346] netlink_unicast+0x72c/0x8d0 [ 1083.101597][T21346] netlink_sendmsg+0x8d0/0xbf0 [ 1083.106574][T21346] ? netlink_getsockopt+0x590/0x590 [ 1083.111965][T21346] ? aa_sock_msg_perm+0x94/0x150 [ 1083.117001][T21346] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1083.122484][T21346] ? security_socket_sendmsg+0x80/0xa0 [ 1083.128015][T21346] ? netlink_getsockopt+0x590/0x590 [ 1083.133234][T21346] ____sys_sendmsg+0x5ba/0x960 [ 1083.138202][T21346] ? __asan_memset+0x22/0x40 [ 1083.142800][T21346] ? __sys_sendmsg_sock+0x30/0x30 [ 1083.147828][T21346] ? __import_iovec+0x5f2/0x850 [ 1083.152813][T21346] ? import_iovec+0x73/0xa0 [ 1083.157465][T21346] ___sys_sendmsg+0x2a6/0x360 [ 1083.162245][T21346] ? get_pid_task+0x20/0x1e0 [ 1083.166852][T21346] ? __sys_sendmsg+0x2a0/0x2a0 [ 1083.171629][T21346] ? __lock_acquire+0x7d40/0x7d40 [ 1083.176669][T21346] __se_sys_sendmsg+0x1c2/0x2b0 [ 1083.181637][T21346] ? __x64_sys_sendmsg+0x80/0x80 [ 1083.186859][T21346] ? lockdep_hardirqs_on+0x98/0x150 [ 1083.192071][T21346] do_syscall_64+0x55/0xa0 [ 1083.196603][T21346] ? clear_bhb_loop+0x40/0x90 [ 1083.201287][T21346] ? clear_bhb_loop+0x40/0x90 [ 1083.206416][T21346] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1083.212406][T21346] RIP: 0033:0x7f74efd9bf79 [ 1083.217019][T21346] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1083.236893][T21346] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1083.245318][T21346] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 1083.253407][T21346] RDX: 0000000000000044 RSI: 0000200000000240 RDI: 0000000000000003 [ 1083.261387][T21346] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 1083.269460][T21346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1083.277618][T21346] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 1083.285897][T21346] [ 1083.875983][T21356] syz.1.4610[21356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1083.876169][T21356] syz.1.4610[21356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1084.059956][T21362] syz.3.4612[21362] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1084.073658][T21362] syz.3.4612[21362] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1084.386166][T21371] syz.0.4614[21371] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1084.414002][T21371] syz.0.4614[21371] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1086.293746][T21433] bpf_get_probe_write_proto: 4 callbacks suppressed [ 1086.293764][T21433] syz.3.4637[21433] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1086.312949][T21433] syz.3.4637[21433] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1086.319941][T21435] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4638'. [ 1086.370449][T21435] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1086.404661][T21435] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1086.724171][T21450] FAULT_INJECTION: forcing a failure. [ 1086.724171][T21450] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1086.861521][T21450] CPU: 1 PID: 21450 Comm: syz.2.4644 Not tainted syzkaller #0 [ 1086.869068][T21450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1086.879245][T21450] Call Trace: [ 1086.882726][T21450] [ 1086.885681][T21450] dump_stack_lvl+0x18c/0x250 [ 1086.890413][T21450] ? show_regs_print_info+0x20/0x20 [ 1086.895740][T21450] ? load_image+0x400/0x400 [ 1086.900280][T21450] ? __might_fault+0xaa/0x120 [ 1086.905073][T21450] ? __lock_acquire+0x7d40/0x7d40 [ 1086.910220][T21450] should_fail_ex+0x39d/0x4d0 [ 1086.914940][T21450] _copy_to_iter+0x1ce/0x1120 [ 1086.919652][T21450] ? _copy_to_iter+0x131/0x1120 [ 1086.924545][T21450] ? __virt_addr_valid+0x18c/0x540 [ 1086.929894][T21450] ? iov_iter_init+0x1e0/0x1e0 [ 1086.934687][T21450] ? __virt_addr_valid+0x18c/0x540 [ 1086.939922][T21450] ? __virt_addr_valid+0x469/0x540 [ 1086.945066][T21450] ? __phys_addr_symbol+0x2f/0x70 [ 1086.950118][T21450] ? __check_object_size+0x506/0xa20 [ 1086.955537][T21450] __skb_datagram_iter+0xdb/0x780 [ 1086.960603][T21450] ? skb_copy_datagram_iter+0x200/0x200 [ 1086.966190][T21450] __skb_datagram_iter+0x561/0x780 [ 1086.971340][T21450] ? skb_copy_datagram_iter+0x200/0x200 [ 1086.976925][T21450] skb_copy_datagram_iter+0xb1/0x200 [ 1086.982245][T21450] tipc_recvmsg+0x7cc/0x1400 [ 1086.986883][T21450] ? tipc_send_packet+0x90/0x90 [ 1086.991885][T21450] ? aa_sock_msg_perm+0x94/0x150 [ 1086.996858][T21450] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 1087.002173][T21450] ? security_socket_recvmsg+0x89/0xb0 [ 1087.007660][T21450] ? tipc_send_packet+0x90/0x90 [ 1087.012549][T21450] ____sys_recvmsg+0x2ce/0x5e0 [ 1087.017439][T21450] ? __sys_recvmsg_sock+0x50/0x50 [ 1087.022689][T21450] ? import_iovec+0x73/0xa0 [ 1087.027244][T21450] ___sys_recvmsg+0x216/0x590 [ 1087.031961][T21450] ? __sys_recvmsg+0x2a0/0x2a0 [ 1087.036763][T21450] ? ksys_write+0x1c4/0x260 [ 1087.041310][T21450] ? __fget_files+0x43d/0x4b0 [ 1087.046123][T21450] __x64_sys_recvmsg+0x20c/0x2e0 [ 1087.051182][T21450] ? ___sys_recvmsg+0x590/0x590 [ 1087.056111][T21450] ? lockdep_hardirqs_on+0x98/0x150 [ 1087.061427][T21450] do_syscall_64+0x55/0xa0 [ 1087.066101][T21450] ? clear_bhb_loop+0x40/0x90 [ 1087.070921][T21450] ? clear_bhb_loop+0x40/0x90 [ 1087.075641][T21450] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1087.081572][T21450] RIP: 0033:0x7f9153d9bf79 [ 1087.086026][T21450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1087.105865][T21450] RSP: 002b:00007f9154cf7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1087.114495][T21450] RAX: ffffffffffffffda RBX: 00007f9154015fa0 RCX: 00007f9153d9bf79 [ 1087.122507][T21450] RDX: 0000000000010021 RSI: 0000200000000300 RDI: 0000000000000005 [ 1087.130587][T21450] RBP: 00007f9154cf7090 R08: 0000000000000000 R09: 0000000000000000 [ 1087.138705][T21450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1087.146790][T21450] R13: 00007f9154016038 R14: 00007f9154015fa0 R15: 00007ffe5060ce98 [ 1087.154812][T21450] [ 1087.470400][T21462] FAULT_INJECTION: forcing a failure. [ 1087.470400][T21462] name failslab, interval 1, probability 0, space 0, times 0 [ 1087.486614][T21462] CPU: 0 PID: 21462 Comm: syz.2.4649 Not tainted syzkaller #0 [ 1087.494200][T21462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1087.504354][T21462] Call Trace: [ 1087.507715][T21462] [ 1087.510762][T21462] dump_stack_lvl+0x18c/0x250 [ 1087.515639][T21462] ? show_regs_print_info+0x20/0x20 [ 1087.520962][T21462] ? load_image+0x400/0x400 [ 1087.525562][T21462] ? __might_sleep+0xe0/0xe0 [ 1087.530215][T21462] ? __lock_acquire+0x7d40/0x7d40 [ 1087.535318][T21462] should_fail_ex+0x39d/0x4d0 [ 1087.540064][T21462] should_failslab+0x9/0x20 [ 1087.544704][T21462] slab_pre_alloc_hook+0x59/0x310 [ 1087.549797][T21462] kmem_cache_alloc+0x5a/0x2d0 [ 1087.554794][T21462] ? copy_sighand+0x50/0x230 [ 1087.559567][T21462] copy_sighand+0x50/0x230 [ 1087.564092][T21462] copy_process+0x1657/0x3d80 [ 1087.568833][T21462] ? __might_fault+0xaa/0x120 [ 1087.573606][T21462] ? copy_process+0x96e/0x3d80 [ 1087.578544][T21462] ? get_pid_task+0x20/0x1e0 [ 1087.583214][T21462] ? __pidfd_prepare+0x140/0x140 [ 1087.588245][T21462] kernel_clone+0x24b/0x8a0 [ 1087.592824][T21462] ? create_io_thread+0x190/0x190 [ 1087.597980][T21462] __x64_sys_clone+0x1b7/0x230 [ 1087.602811][T21462] ? __fget_files+0x43d/0x4b0 [ 1087.607569][T21462] ? __ia32_sys_vfork+0x140/0x140 [ 1087.612876][T21462] ? lock_chain_count+0x20/0x20 [ 1087.617860][T21462] ? lockdep_hardirqs_on+0x98/0x150 [ 1087.623301][T21462] do_syscall_64+0x55/0xa0 [ 1087.628027][T21462] ? clear_bhb_loop+0x40/0x90 [ 1087.633271][T21462] ? clear_bhb_loop+0x40/0x90 [ 1087.637996][T21462] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1087.643930][T21462] RIP: 0033:0x7f9153d9bf79 [ 1087.648392][T21462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1087.668509][T21462] RSP: 002b:00007f9154cf6fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1087.676976][T21462] RAX: ffffffffffffffda RBX: 00007f9154015fa0 RCX: 00007f9153d9bf79 [ 1087.685082][T21462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 1087.693093][T21462] RBP: 00007f9154cf7090 R08: 0000000000000000 R09: 0000000000000000 [ 1087.701102][T21462] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 1087.709120][T21462] R13: 00007f9154016038 R14: 00007f9154015fa0 R15: 00007ffe5060ce98 [ 1087.717366][T21462] [ 1087.909360][T21465] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4650'. [ 1087.941649][T21465] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1087.971833][T21465] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1087.983535][T21471] syz.1.4652[21471] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1087.983692][T21471] syz.1.4652[21471] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1087.985078][T21473] syz.3.4653[21473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1088.007909][T21473] syz.3.4653[21473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1088.207487][T21478] syz.0.4656[21478] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1088.233257][T21478] syz.0.4656[21478] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1088.386516][T21486] FAULT_INJECTION: forcing a failure. [ 1088.386516][T21486] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.410995][T21486] CPU: 1 PID: 21486 Comm: syz.3.4659 Not tainted syzkaller #0 [ 1088.418670][T21486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1088.428758][T21486] Call Trace: [ 1088.432041][T21486] [ 1088.435002][T21486] dump_stack_lvl+0x18c/0x250 [ 1088.439890][T21486] ? show_regs_print_info+0x20/0x20 [ 1088.445118][T21486] ? load_image+0x400/0x400 [ 1088.449682][T21486] should_fail_ex+0x39d/0x4d0 [ 1088.454375][T21486] should_failslab+0x9/0x20 [ 1088.458986][T21486] slab_pre_alloc_hook+0x59/0x310 [ 1088.464245][T21486] kmem_cache_alloc+0x5a/0x2d0 [ 1088.469118][T21486] ? sctp_get_port_local+0x6d4/0x1620 [ 1088.474504][T21486] sctp_get_port_local+0x6d4/0x1620 [ 1088.479862][T21486] ? sctp_do_bind+0x990/0x990 [ 1088.484568][T21486] ? sctp_bind_addr_match+0x30/0x2a0 [ 1088.489890][T21486] sctp_do_bind+0x555/0x990 [ 1088.494408][T21486] sctp_connect_new_asoc+0x26a/0x6a0 [ 1088.499960][T21486] ? __sctp_connect+0xd80/0xd80 [ 1088.504829][T21486] ? __local_bh_enable_ip+0x13a/0x1c0 [ 1088.510233][T21486] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 1088.516102][T21486] ? security_sctp_bind_connect+0x89/0xb0 [ 1088.521851][T21486] sctp_sendmsg+0x1575/0x28c0 [ 1088.526570][T21486] ? sctp_getsockopt+0xb60/0xb60 [ 1088.531581][T21486] ? aa_sk_perm+0x83c/0x970 [ 1088.536195][T21486] ? aa_af_perm+0x330/0x330 [ 1088.540792][T21486] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 1088.547217][T21486] ? sock_rps_record_flow+0x19/0x3f0 [ 1088.552601][T21486] ? inet_sendmsg+0xe9/0x2f0 [ 1088.557499][T21486] ? inet_send_prepare+0x260/0x260 [ 1088.563273][T21486] ____sys_sendmsg+0x5ba/0x960 [ 1088.568072][T21486] ? __lock_acquire+0x7d40/0x7d40 [ 1088.573401][T21486] ? __asan_memset+0x22/0x40 [ 1088.578003][T21486] ? __sys_sendmsg_sock+0x30/0x30 [ 1088.583142][T21486] ? __import_iovec+0x5f2/0x850 [ 1088.588201][T21486] ? import_iovec+0x73/0xa0 [ 1088.592761][T21486] ___sys_sendmsg+0x2a6/0x360 [ 1088.597464][T21486] ? get_pid_task+0x20/0x1e0 [ 1088.602076][T21486] ? __sys_sendmsg+0x2a0/0x2a0 [ 1088.606873][T21486] ? __lock_acquire+0x7d40/0x7d40 [ 1088.611922][T21486] __se_sys_sendmsg+0x1c2/0x2b0 [ 1088.617067][T21486] ? __x64_sys_sendmsg+0x80/0x80 [ 1088.622464][T21486] ? lockdep_hardirqs_on+0x98/0x150 [ 1088.627759][T21486] do_syscall_64+0x55/0xa0 [ 1088.632373][T21486] ? clear_bhb_loop+0x40/0x90 [ 1088.637231][T21486] ? clear_bhb_loop+0x40/0x90 [ 1088.642006][T21486] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1088.647993][T21486] RIP: 0033:0x7f3e5399bf79 [ 1088.652431][T21486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1088.672579][T21486] RSP: 002b:00007f3e54854028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1088.681029][T21486] RAX: ffffffffffffffda RBX: 00007f3e53c15fa0 RCX: 00007f3e5399bf79 [ 1088.689193][T21486] RDX: 0000000000040844 RSI: 00002000000000c0 RDI: 0000000000000004 [ 1088.697470][T21486] RBP: 00007f3e54854090 R08: 0000000000000000 R09: 0000000000000000 [ 1088.705461][T21486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1088.713450][T21486] R13: 00007f3e53c16038 R14: 00007f3e53c15fa0 R15: 00007ffe1e8dcba8 [ 1088.721455][T21486] [ 1089.191006][T21500] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4664'. [ 1089.202834][T21500] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1089.212519][T21500] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1091.726830][T21503] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.4665'. [ 1091.736127][T21503] bridge_slave_1: default FDB implementation only supports local addresses [ 1091.838087][T21517] syz.2.4669[21517] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1091.838241][T21517] syz.2.4669[21517] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1091.994240][T21524] syz.0.4671[21524] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1092.022781][T21524] syz.0.4671[21524] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1092.127351][T21531] netlink: 'syz.1.4675': attribute type 1 has an invalid length. [ 1092.156376][T21531] netlink: 'syz.1.4675': attribute type 1 has an invalid length. [ 1094.681787][T21541] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.4679'. [ 1094.691051][T21541] bridge_slave_1: default FDB implementation only supports local addresses [ 1095.090270][T21553] syzkaller0: entered promiscuous mode [ 1095.096191][T21553] syzkaller0: entered allmulticast mode [ 1095.109346][T21562] netlink: 'syz.0.4684': attribute type 1 has an invalid length. [ 1095.124544][T21564] netlink: 'syz.0.4684': attribute type 1 has an invalid length. [ 1095.615567][T21571] syz.1.4689[21571] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1095.615727][T21571] syz.1.4689[21571] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1097.988472][T21578] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.4693'. [ 1098.009633][T21578] bridge_slave_1: default FDB implementation only supports local addresses [ 1098.767589][T21609] syz.2.4704[21609] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1098.767832][T21609] syz.2.4704[21609] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1099.136660][T21616] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4707'. [ 1099.390905][T21619] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4708'. [ 1099.401309][T21619] netlink: del zone limit has 4 unknown bytes [ 1099.417632][T21615] delete_channel: no stack [ 1100.312590][T21651] syz.1.4720[21651] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1100.312750][T21651] syz.1.4720[21651] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1101.085348][ T9015] tipc: Subscription rejected, illegal request [ 1103.231986][T21684] netlink: 'syz.2.4732': attribute type 21 has an invalid length. [ 1103.241542][T21684] netlink: 'syz.2.4732': attribute type 2 has an invalid length. [ 1103.266175][T21684] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4732'. [ 1103.278796][T21689] syz.3.4736[21689] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.278952][T21689] syz.3.4736[21689] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.361622][T21684] netlink: 'syz.2.4732': attribute type 21 has an invalid length. [ 1103.431400][T21684] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4732'. [ 1103.940388][T21714] netlink: 668 bytes leftover after parsing attributes in process `syz.1.4746'. [ 1103.952461][T21714] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1103.965960][T21714] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1104.930547][T21740] netlink: 668 bytes leftover after parsing attributes in process `syz.2.4757'. [ 1104.990310][T21740] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1105.001640][T21740] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1105.565649][T17777] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1105.586494][T17777] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1105.596151][T17777] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1105.614862][T17777] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1105.625454][T17777] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1105.651754][T17777] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1105.974952][ T9015] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.994925][T21757] chnl_net:caif_netlink_parms(): no params data found [ 1106.059638][ T9015] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1106.129382][T21776] netlink: 668 bytes leftover after parsing attributes in process `syz.0.4767'. [ 1106.139703][T21776] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1106.154307][T21776] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1106.158911][ T9015] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1106.197755][T21757] bridge0: port 1(bridge_slave_0) entered blocking state [ 1106.205801][T21757] bridge0: port 1(bridge_slave_0) entered disabled state [ 1106.214083][T21757] bridge_slave_0: entered allmulticast mode [ 1106.224131][T21757] bridge_slave_0: entered promiscuous mode [ 1106.263440][ T9015] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1106.281336][T21757] bridge0: port 2(bridge_slave_1) entered blocking state [ 1106.288591][T21757] bridge0: port 2(bridge_slave_1) entered disabled state [ 1106.298221][T21757] bridge_slave_1: entered allmulticast mode [ 1106.306521][T21757] bridge_slave_1: entered promiscuous mode [ 1106.373120][T21757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1106.400486][T21757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1106.474668][T21757] team0: Port device team_slave_0 added [ 1106.485519][T21757] team0: Port device team_slave_1 added [ 1106.585505][T21757] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1106.601712][T21757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1106.651250][T21757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1106.700003][T21757] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1106.721292][T21757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1106.758412][T21757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1106.896539][T21757] hsr_slave_0: entered promiscuous mode [ 1106.938528][T21757] hsr_slave_1: entered promiscuous mode [ 1106.946044][T21757] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1106.964076][T21757] Cannot create hsr debugfs directory [ 1107.703506][T17777] Bluetooth: hci1: command tx timeout [ 1108.301822][T21844] FAULT_INJECTION: forcing a failure. [ 1108.301822][T21844] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1108.366518][T21844] CPU: 0 PID: 21844 Comm: syz.2.4788 Not tainted syzkaller #0 [ 1108.374157][T21844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1108.384348][T21844] Call Trace: [ 1108.387842][T21844] [ 1108.390841][T21844] dump_stack_lvl+0x18c/0x250 [ 1108.395680][T21844] ? show_regs_print_info+0x20/0x20 [ 1108.401117][T21844] ? load_image+0x400/0x400 [ 1108.405766][T21844] ? __might_fault+0xaa/0x120 [ 1108.410592][T21844] ? __lock_acquire+0x7d40/0x7d40 [ 1108.415732][T21844] should_fail_ex+0x39d/0x4d0 [ 1108.420475][T21844] _copy_from_user+0x2f/0xe0 [ 1108.422747][T21757] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1108.425280][T21844] kstrtouint_from_user+0xde/0x170 [ 1108.437292][T21844] ? kstrtol_from_user+0x190/0x190 [ 1108.443096][T21844] proc_fail_nth_write+0x8f/0x250 [ 1108.448184][T21844] ? proc_fail_nth_read+0x260/0x260 [ 1108.453449][T21844] ? proc_fail_nth_read+0x260/0x260 [ 1108.458893][T21844] vfs_write+0x296/0x990 [ 1108.463303][T21844] ? file_end_write+0x250/0x250 [ 1108.468300][T21844] ? __fget_files+0x28/0x4b0 [ 1108.472942][T21844] ? __fget_files+0x28/0x4b0 [ 1108.477590][T21844] ? __fget_files+0x43d/0x4b0 [ 1108.482334][T21844] ? __fdget_pos+0x2a3/0x330 [ 1108.486976][T21844] ? ksys_write+0x75/0x260 [ 1108.491453][T21844] ksys_write+0x150/0x260 [ 1108.495851][T21844] ? __ia32_sys_read+0x90/0x90 [ 1108.500673][T21844] ? lockdep_hardirqs_on+0x98/0x150 [ 1108.505939][T21844] do_syscall_64+0x55/0xa0 [ 1108.510410][T21844] ? clear_bhb_loop+0x40/0x90 [ 1108.515141][T21844] ? clear_bhb_loop+0x40/0x90 [ 1108.519886][T21844] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1108.525838][T21844] RIP: 0033:0x7f9153d5c84e [ 1108.530309][T21844] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1108.550023][T21844] RSP: 002b:00007f9154cd5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1108.558483][T21844] RAX: ffffffffffffffda RBX: 00007f9154cd66c0 RCX: 00007f9153d5c84e [ 1108.566509][T21844] RDX: 0000000000000001 RSI: 00007f9154cd60a0 RDI: 0000000000000007 [ 1108.574495][T21844] RBP: 00007f9154cd6090 R08: 0000000000000000 R09: 0000000000000000 [ 1108.582649][T21844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1108.590888][T21844] R13: 00007f9154016128 R14: 00007f9154016090 R15: 00007ffe5060ce98 [ 1108.599080][T21844] [ 1108.649535][T21757] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1108.667566][T21757] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1108.715953][T21757] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1109.189504][ T9015] hsr_slave_0: left promiscuous mode [ 1109.236054][ T9015] hsr_slave_1: left promiscuous mode [ 1109.262684][ T9015] veth1_vlan: left allmulticast mode [ 1109.268634][ T9015] veth1_vlan: left promiscuous mode [ 1109.781408][T17777] Bluetooth: hci1: command tx timeout [ 1110.007298][T21899] FAULT_INJECTION: forcing a failure. [ 1110.007298][T21899] name failslab, interval 1, probability 0, space 0, times 0 [ 1110.036985][T21899] CPU: 1 PID: 21899 Comm: syz.0.4805 Not tainted syzkaller #0 [ 1110.044510][T21899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1110.054846][T21899] Call Trace: [ 1110.058238][T21899] [ 1110.061190][T21899] dump_stack_lvl+0x18c/0x250 [ 1110.065909][T21899] ? show_regs_print_info+0x20/0x20 [ 1110.071130][T21899] ? load_image+0x400/0x400 [ 1110.075680][T21899] ? __might_sleep+0xe0/0xe0 [ 1110.080314][T21899] ? __lock_acquire+0x7d40/0x7d40 [ 1110.085389][T21899] should_fail_ex+0x39d/0x4d0 [ 1110.090144][T21899] should_failslab+0x9/0x20 [ 1110.094696][T21899] slab_pre_alloc_hook+0x59/0x310 [ 1110.099765][T21899] ? __lock_acquire+0x7d40/0x7d40 [ 1110.104817][T21899] kmem_cache_alloc_node+0x60/0x320 [ 1110.110125][T21899] ? __alloc_skb+0x103/0x2c0 [ 1110.114838][T21899] __alloc_skb+0x103/0x2c0 [ 1110.119273][T21899] netlink_sendmsg+0x66a/0xbf0 [ 1110.124122][T21899] ? netlink_getsockopt+0x590/0x590 [ 1110.129372][T21899] ? netlink_getsockopt+0x590/0x590 [ 1110.134792][T21899] ____sys_sendmsg+0x5ba/0x960 [ 1110.139571][T21899] ? lockdep_hardirqs_on+0x98/0x150 [ 1110.144883][T21899] ? __asan_memset+0x22/0x40 [ 1110.149492][T21899] ? __sys_sendmsg_sock+0x30/0x30 [ 1110.154537][T21899] ? __import_iovec+0x5f2/0x850 [ 1110.159500][T21899] ? import_iovec+0x73/0xa0 [ 1110.164026][T21899] ___sys_sendmsg+0x2a6/0x360 [ 1110.168809][T21899] ? __sys_sendmsg+0x2a0/0x2a0 [ 1110.173599][T21899] ? trace_call_bpf+0xc3/0x6c0 [ 1110.178375][T21899] ? seqcount_lockdep_reader_access+0x17b/0x1d0 [ 1110.184821][T21899] __se_sys_sendmsg+0x1c2/0x2b0 [ 1110.189682][T21899] ? __x64_sys_sendmsg+0x80/0x80 [ 1110.195083][T21899] ? lockdep_hardirqs_on+0x98/0x150 [ 1110.200389][T21899] do_syscall_64+0x55/0xa0 [ 1110.204822][T21899] ? clear_bhb_loop+0x40/0x90 [ 1110.209509][T21899] ? clear_bhb_loop+0x40/0x90 [ 1110.214206][T21899] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1110.220135][T21899] RIP: 0033:0x7f74efd9bf79 [ 1110.224596][T21899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1110.244333][T21899] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1110.252944][T21899] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 1110.260932][T21899] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000008 [ 1110.269001][T21899] RBP: 00007f74f0c8b090 R08: 0000000000000000 R09: 0000000000000000 [ 1110.276993][T21899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1110.285163][T21899] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 1110.293454][T21899] [ 1111.872204][T17777] Bluetooth: hci1: command tx timeout [ 1113.547840][T21929] FAULT_INJECTION: forcing a failure. [ 1113.547840][T21929] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1113.561720][T21929] CPU: 0 PID: 21929 Comm: syz.1.4816 Not tainted syzkaller #0 [ 1113.569378][T21929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1113.579551][T21929] Call Trace: [ 1113.582931][T21929] [ 1113.585877][T21929] dump_stack_lvl+0x18c/0x250 [ 1113.590570][T21929] ? show_regs_print_info+0x20/0x20 [ 1113.595869][T21929] ? load_image+0x400/0x400 [ 1113.600435][T21929] ? __lock_acquire+0x7d40/0x7d40 [ 1113.605669][T21929] should_fail_ex+0x39d/0x4d0 [ 1113.610692][T21929] _copy_from_user+0x2f/0xe0 [ 1113.615413][T21929] __copy_msghdr+0x3bb/0x580 [ 1113.620079][T21929] ___sys_sendmsg+0x214/0x360 [ 1113.624868][T21929] ? get_pid_task+0x20/0x1e0 [ 1113.629559][T21929] ? __sys_sendmsg+0x2a0/0x2a0 [ 1113.634338][T21929] ? __lock_acquire+0x7d40/0x7d40 [ 1113.639383][T21929] __se_sys_sendmsg+0x1c2/0x2b0 [ 1113.644383][T21929] ? __x64_sys_sendmsg+0x80/0x80 [ 1113.649881][T21929] ? lockdep_hardirqs_on+0x98/0x150 [ 1113.655221][T21929] do_syscall_64+0x55/0xa0 [ 1113.659675][T21929] ? clear_bhb_loop+0x40/0x90 [ 1113.664372][T21929] ? clear_bhb_loop+0x40/0x90 [ 1113.669292][T21929] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1113.675420][T21929] RIP: 0033:0x7f2412d9bf79 [ 1113.679964][T21929] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1113.700565][T21929] RSP: 002b:00007f2413c2d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1113.709022][T21929] RAX: ffffffffffffffda RBX: 00007f2413015fa0 RCX: 00007f2412d9bf79 [ 1113.717203][T21929] RDX: 0000000020040000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1113.725200][T21929] RBP: 00007f2413c2d090 R08: 0000000000000000 R09: 0000000000000000 [ 1113.733196][T21929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1113.741283][T21929] R13: 00007f2413016038 R14: 00007f2413015fa0 R15: 00007ffd694728d8 [ 1113.749394][T21929] [ 1113.941370][T17777] Bluetooth: hci1: command tx timeout [ 1116.345170][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.351775][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1125.073233][ T5779] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1125.082973][ T5779] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1125.093648][ T5779] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1125.102968][ T5779] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1125.110814][ T5779] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1125.118662][ T5779] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1126.064927][ T5779] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1126.074520][ T5779] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1126.083078][ T5779] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1126.092210][ T5779] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1126.101875][ T5779] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1126.109466][ T5779] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1127.151320][T17777] Bluetooth: hci2: command tx timeout [ 1128.181397][T17777] Bluetooth: hci5: command tx timeout [ 1129.095568][ T5779] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1129.104207][ T5779] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1129.113484][ T5779] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1129.122968][ T5779] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1129.131871][ T5779] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1129.140169][ T5779] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1129.221290][T17777] Bluetooth: hci2: command tx timeout [ 1130.261307][T17777] Bluetooth: hci5: command tx timeout [ 1131.221382][T17777] Bluetooth: hci6: command tx timeout [ 1131.301356][T17777] Bluetooth: hci2: command tx timeout [ 1132.351888][T17777] Bluetooth: hci5: command tx timeout [ 1133.311315][T17777] Bluetooth: hci6: command tx timeout [ 1133.382513][T17777] Bluetooth: hci2: command tx timeout [ 1134.421303][T17777] Bluetooth: hci5: command tx timeout [ 1135.381423][T17777] Bluetooth: hci6: command tx timeout [ 1137.463217][T17777] Bluetooth: hci6: command tx timeout [ 1165.170425][ T5779] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1165.184862][ T5779] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1165.194226][ T5779] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1165.205256][ T5779] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1165.213746][ T5779] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1165.221858][ T5779] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1167.311356][ T5779] Bluetooth: hci7: command tx timeout [ 1169.381382][ T5779] Bluetooth: hci7: command tx timeout [ 1171.461345][ T5779] Bluetooth: hci7: command tx timeout [ 1173.541288][ T5779] Bluetooth: hci7: command tx timeout [ 1177.783945][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.790496][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1185.148761][T17777] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1185.159100][T17777] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1185.169080][T17777] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1185.179199][T17777] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1185.187431][T17777] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 1185.195155][T17777] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1186.186781][ T5779] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1186.196223][ T5779] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1186.205094][ T5779] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1186.215659][ T5779] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1186.224085][ T5779] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 1186.232465][ T5779] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1187.221399][ T5779] Bluetooth: hci8: command tx timeout [ 1188.261466][ T5779] Bluetooth: hci9: command tx timeout [ 1189.150583][T17777] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1189.159536][T17777] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1189.169271][T17777] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1189.178047][T17777] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1189.187803][T17777] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 1189.196217][T17777] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1189.301460][ T5779] Bluetooth: hci8: command tx timeout [ 1190.341335][ T5779] Bluetooth: hci9: command tx timeout [ 1191.221436][ T5779] Bluetooth: hci10: command tx timeout [ 1191.391286][ T5779] Bluetooth: hci8: command tx timeout [ 1192.421326][ T5779] Bluetooth: hci9: command tx timeout [ 1193.301302][ T5779] Bluetooth: hci10: command tx timeout [ 1193.471216][ T5779] Bluetooth: hci8: command tx timeout [ 1194.501272][ T5779] Bluetooth: hci9: command tx timeout [ 1195.381250][ T5779] Bluetooth: hci10: command tx timeout [ 1197.471324][ T5779] Bluetooth: hci10: command tx timeout [ 1225.769567][T17777] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1225.779800][T17777] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1225.794622][T17777] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1225.805787][T17777] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1225.815589][T17777] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 1225.823102][T17777] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1227.871382][T17777] Bluetooth: hci11: command tx timeout [ 1229.941298][ T5779] Bluetooth: hci11: command tx timeout [ 1231.061287][ T5779] Bluetooth: hci1: command 0x0406 tx timeout [ 1232.021295][T17777] Bluetooth: hci11: command tx timeout [ 1234.101749][T17777] Bluetooth: hci11: command tx timeout [ 1239.224615][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.231351][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1245.254416][ T5779] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 1245.264972][ T5779] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 1245.275103][ T5779] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 1245.285943][ T5779] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 1245.294482][ T5779] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 1245.303477][ T5779] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 1246.280335][ T5779] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 1246.290462][ T5779] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 1246.299074][ T5779] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 1246.307467][ T5779] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 1246.316467][ T5779] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 1246.324075][ T5779] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 1247.381523][ T5779] Bluetooth: hci12: command tx timeout [ 1248.421382][ T5779] Bluetooth: hci13: command tx timeout [ 1249.301552][T17777] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 1249.312667][T17777] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 1249.321407][T17777] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 1249.330492][T17777] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 1249.340158][T17777] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 1249.348027][T17777] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 1249.463636][T17777] Bluetooth: hci12: command tx timeout [ 1250.501339][T21993] Bluetooth: hci13: command tx timeout [ 1251.381686][T21993] Bluetooth: hci14: command tx timeout [ 1251.543725][T21993] Bluetooth: hci2: command 0x0406 tx timeout [ 1251.544920][T21992] Bluetooth: hci5: command 0x0406 tx timeout [ 1251.549983][T21993] Bluetooth: hci12: command tx timeout [ 1251.558802][T21992] Bluetooth: hci6: command 0x0406 tx timeout [ 1252.581383][T21956] Bluetooth: hci13: command tx timeout [ 1253.461348][T21956] Bluetooth: hci14: command tx timeout [ 1253.621263][T21956] Bluetooth: hci12: command tx timeout [ 1254.671251][T21956] Bluetooth: hci13: command tx timeout [ 1255.541503][T21956] Bluetooth: hci14: command tx timeout [ 1257.621258][T21956] Bluetooth: hci14: command tx timeout [ 1259.061469][ T29] INFO: task kworker/0:1:9 blocked for more than 143 seconds. [ 1259.069206][ T29] Not tainted syzkaller #0 [ 1259.076728][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1259.087356][ T29] task:kworker/0:1 state:D stack:24040 pid:9 ppid:2 flags:0x00004000 [ 1259.099486][ T29] Workqueue: events bpf_prog_free_deferred [ 1259.105635][ T29] Call Trace: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1259.108988][ T29] [ 1259.112230][ T29] __schedule+0x1553/0x45a0 [ 1259.116824][ T29] ? do_raw_spin_lock+0x11f/0x2c0 [ 1259.131320][ T29] ? mark_lock+0x94/0x320 [ 1259.135958][ T29] ? asan.module_dtor+0x20/0x20 [ 1259.141027][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 1259.171152][ T29] schedule+0xbd/0x170 [ 1259.175332][ T29] schedule_preempt_disabled+0x13/0x20 [ 1259.180825][ T29] __mutex_lock+0x6a9/0xcc0 [ 1259.191232][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1259.196069][ T29] ? bpf_prog_dev_bound_destroy+0x76/0x590 [ 1259.221145][ T29] ? mutex_lock_nested+0x20/0x20 [ 1259.226228][ T29] bpf_prog_dev_bound_destroy+0x76/0x590 [ 1259.251357][ T29] ? bpf_prog_offload_remove_insns+0x1d0/0x1d0 [ 1259.257689][ T29] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1259.275865][ T29] ? bpf_prog_free_deferred+0x2d7/0x650 [ 1259.281989][ T29] ? rcu_is_watching+0x15/0xb0 [ 1259.287213][ T29] bpf_prog_free_deferred+0x324/0x650 [ 1259.293119][ T29] ? process_scheduled_works+0x96f/0x15d0 [ 1259.298989][ T29] ? process_scheduled_works+0x96f/0x15d0 [ 1259.304870][ T29] process_scheduled_works+0xa5d/0x15d0 [ 1259.310584][ T29] ? assign_work+0x430/0x430 [ 1259.315405][ T29] ? assign_work+0x3d0/0x430 [ 1259.320031][ T29] worker_thread+0xa55/0xfc0 [ 1259.324912][ T29] kthread+0x2fa/0x390 [ 1259.329209][ T29] ? pr_cont_work+0x560/0x560 [ 1259.334210][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1259.338935][ T29] ret_from_fork+0x48/0x80 [ 1259.343795][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1259.348449][ T29] ret_from_fork_asm+0x11/0x20 [ 1259.353380][ T29] [ 1259.356704][ T29] INFO: task kworker/u4:11:3488 blocked for more than 143 seconds. [ 1259.364881][ T29] Not tainted syzkaller #0 [ 1259.369869][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1259.378845][ T29] task:kworker/u4:11 state:D stack:21704 pid:3488 ppid:2 flags:0x00004000 [ 1259.388583][ T29] Workqueue: ipv6_addrconf addrconf_dad_work [ 1259.394706][ T29] Call Trace: [ 1259.398034][ T29] [ 1259.401002][ T29] __schedule+0x1553/0x45a0 [ 1259.405912][ T29] ? asan.module_dtor+0x20/0x20 [ 1259.410899][ T29] ? __mutex_lock+0x6a4/0xcc0 [ 1259.415664][ T29] ? __mutex_trylock_common+0x8a/0x260 [ 1259.421374][ T29] ? kthread_data+0x4f/0xc0 [ 1259.425933][ T29] ? wq_worker_sleeping+0x63/0x240 [ 1259.431368][ T29] schedule+0xbd/0x170 [ 1259.435669][ T29] schedule_preempt_disabled+0x13/0x20 [ 1259.441575][ T29] __mutex_lock+0x6a9/0xcc0 [ 1259.446408][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1259.451221][ T29] ? addrconf_dad_work+0xd4/0x1530 [ 1259.456479][ T29] ? mutex_lock_nested+0x20/0x20 [ 1259.461585][ T29] addrconf_dad_work+0xd4/0x1530 [ 1259.466757][ T29] ? ipv6_get_saddr_eval+0xee0/0xee0 [ 1259.472585][ T29] ? read_lock_is_recursive+0x20/0x20 [ 1259.478215][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 1259.483872][ T29] ? process_scheduled_works+0x96f/0x15d0 [ 1259.489725][ T29] ? process_scheduled_works+0x96f/0x15d0 [ 1259.495674][ T29] process_scheduled_works+0xa5d/0x15d0 [ 1259.501453][ T29] ? assign_work+0x430/0x430 [ 1259.506188][ T29] ? assign_work+0x3d0/0x430 [ 1259.510917][ T29] worker_thread+0xa55/0xfc0 [ 1259.515728][ T29] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 1259.521938][ T29] ? _raw_spin_unlock+0x40/0x40 [ 1259.526927][ T29] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 1259.533723][ T29] kthread+0x2fa/0x390 [ 1259.537940][ T29] ? pr_cont_work+0x560/0x560 [ 1259.543110][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1259.547745][ T29] ret_from_fork+0x48/0x80 [ 1259.552528][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1259.557304][ T29] ret_from_fork_asm+0x11/0x20 [ 1259.562352][ T29] [ 1259.565685][ T29] INFO: task kworker/u4:14:9016 blocked for more than 143 seconds. [ 1259.573908][ T29] Not tainted syzkaller #0 [ 1259.578879][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1259.587864][ T29] task:kworker/u4:14 state:D stack:21448 pid:9016 ppid:2 flags:0x00004000 [ 1259.597568][ T29] Workqueue: events_unbound linkwatch_event [ 1259.603924][ T29] Call Trace: [ 1259.607425][ T29] [ 1259.610402][ T29] __schedule+0x1553/0x45a0 [ 1259.615159][ T29] ? asan.module_dtor+0x20/0x20 [ 1259.620484][ T29] ? __mutex_lock+0x6a4/0xcc0 [ 1259.625472][ T29] ? __mutex_trylock_common+0x8a/0x260 [ 1259.631029][ T29] ? kthread_data+0x4f/0xc0 [ 1259.635787][ T29] ? wq_worker_sleeping+0x63/0x240 [ 1259.641397][ T29] schedule+0xbd/0x170 [ 1259.645638][ T29] schedule_preempt_disabled+0x13/0x20 [ 1259.651416][ T29] __mutex_lock+0x6a9/0xcc0 [ 1259.655974][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1259.660689][ T29] ? linkwatch_event+0xe/0x60 [ 1259.665761][ T29] ? mutex_lock_nested+0x20/0x20 [ 1259.671068][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 1259.676377][ T29] ? process_scheduled_works+0x96f/0x15d0 [ 1259.682346][ T29] linkwatch_event+0xe/0x60 [ 1259.686896][ T29] process_scheduled_works+0xa5d/0x15d0 [ 1259.692775][ T29] ? assign_work+0x430/0x430 [ 1259.697412][ T29] ? assign_work+0x3d0/0x430 [ 1259.702525][ T29] worker_thread+0xa55/0xfc0 [ 1259.707194][ T29] kthread+0x2fa/0x390 [ 1259.711768][ T29] ? pr_cont_work+0x560/0x560 [ 1259.716487][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1259.721200][ T29] ret_from_fork+0x48/0x80 [ 1259.725746][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1259.730494][ T29] ret_from_fork_asm+0x11/0x20 [ 1259.735742][ T29] [ 1259.738913][ T29] INFO: task syz-executor:21757 blocked for more than 144 seconds. [ 1259.748317][ T29] Not tainted syzkaller #0 [ 1259.753748][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1259.762560][ T29] task:syz-executor state:D stack:22184 pid:21757 ppid:1 flags:0x00004004 [ 1259.771875][ T29] Call Trace: [ 1259.775243][ T29] [ 1259.778298][ T29] __schedule+0x1553/0x45a0 [ 1259.783154][ T29] ? asan.module_dtor+0x20/0x20 [ 1259.788335][ T29] ? __mutex_lock+0x6a4/0xcc0 [ 1259.793200][ T29] ? __mutex_trylock_common+0x8a/0x260 [ 1259.798879][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 1259.805374][ T29] schedule+0xbd/0x170 [ 1259.809506][ T29] schedule_preempt_disabled+0x13/0x20 [ 1259.815102][ T29] __mutex_lock+0x6a9/0xcc0 [ 1259.819705][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1259.824539][ T29] ? rtnetlink_rcv_msg+0x811/0xfa0 [ 1259.829786][ T29] ? mutex_lock_nested+0x20/0x20 [ 1259.834827][ T29] ? rtnetlink_rcv_msg+0x221/0xfa0 [ 1259.840181][ T29] rtnetlink_rcv_msg+0x811/0xfa0 [ 1259.845790][ T29] ? rtnetlink_bind+0x80/0x80 [ 1259.850611][ T29] ? mark_lock+0x94/0x320 [ 1259.855069][ T29] ? __lock_acquire+0x1273/0x7d40 [ 1259.860161][ T29] ? __kernel_text_address+0xd/0x30 [ 1259.865491][ T29] ? mark_lock+0x94/0x320 [ 1259.869957][ T29] ? mark_lock+0x94/0x320 [ 1259.874405][ T29] ? __lock_acquire+0x1273/0x7d40 [ 1259.879579][ T29] ? kmalloc_reserve+0x95/0x240 [ 1259.884544][ T29] ? verify_lock_unused+0x140/0x140 [ 1259.890016][ T29] ? verify_lock_unused+0x140/0x140 [ 1259.895466][ T29] netlink_rcv_skb+0x241/0x4d0 [ 1259.900300][ T29] ? rtnetlink_bind+0x80/0x80 [ 1259.905218][ T29] ? netlink_ack+0x1180/0x1180 [ 1259.910145][ T29] ? __lock_acquire+0x7d40/0x7d40 [ 1259.915645][ T29] ? net_generic+0x1e/0x240 [ 1259.920213][ T29] ? netlink_deliver_tap+0x2e/0x1b0 [ 1259.925722][ T29] netlink_unicast+0x751/0x8d0 [ 1259.930558][ T29] netlink_sendmsg+0x8d0/0xbf0 [ 1259.935516][ T29] ? netlink_getsockopt+0x590/0x590 [ 1259.940862][ T29] ? aa_sock_msg_perm+0x94/0x150 [ 1259.946077][ T29] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1259.951627][ T29] ? security_socket_sendmsg+0x80/0xa0 [ 1259.957173][ T29] __sys_sendto+0x4a9/0x6b0 [ 1259.961935][ T29] ? __ia32_sys_getpeername+0x90/0x90 [ 1259.967561][ T29] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1259.973758][ T29] ? lock_chain_count+0x20/0x20 [ 1259.978716][ T29] __x64_sys_sendto+0xde/0xf0 [ 1259.983512][ T29] do_syscall_64+0x55/0xa0 [ 1259.988230][ T29] ? clear_bhb_loop+0x40/0x90 [ 1259.993007][ T29] ? clear_bhb_loop+0x40/0x90 [ 1259.997929][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1260.003919][ T29] RIP: 0033:0x7fa8df15c84e [ 1260.008458][ T29] RSP: 002b:00007ffe6c005938 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1260.017228][ T29] RAX: ffffffffffffffda RBX: 000055558952d500 RCX: 00007fa8df15c84e [ 1260.025521][ T29] RDX: 0000000000000040 RSI: 00007fa8dff44670 RDI: 0000000000000003 [ 1260.033694][ T29] RBP: 0000000000000001 R08: 00007ffe6c0059b4 R09: 000000000000000c [ 1260.041742][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1260.050423][ T29] R13: 0000000000000000 R14: 00007fa8dff44670 R15: 0000000000000000 [ 1260.058738][ T29] [ 1260.061930][ T29] INFO: task syz.2.4800:21890 blocked for more than 144 seconds. [ 1260.070111][ T29] Not tainted syzkaller #0 [ 1260.075219][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1260.084330][ T29] task:syz.2.4800 state:D stack:25064 pid:21890 ppid:13623 flags:0x00004004 [ 1260.093751][ T29] Call Trace: [ 1260.097103][ T29] [ 1260.100075][ T29] __schedule+0x1553/0x45a0 [ 1260.104900][ T29] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1260.111171][ T29] ? lock_chain_count+0x20/0x20 [ 1260.116082][ T29] ? asan.module_dtor+0x20/0x20 [ 1260.121352][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 1260.126785][ T29] ? do_raw_spin_unlock+0x4d/0x230 [ 1260.132813][ T29] ? do_raw_spin_unlock+0x4d/0x230 [ 1260.138614][ T29] schedule+0xbd/0x170 [ 1260.142988][ T29] schedule_preempt_disabled+0x13/0x20 [ 1260.148945][ T29] __mutex_lock+0x6a9/0xcc0 [ 1260.154183][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1260.158921][ T29] ? rtnetlink_rcv_msg+0x811/0xfa0 [ 1260.164240][ T29] ? mutex_lock_nested+0x20/0x20 [ 1260.169352][ T29] ? rtnetlink_rcv_msg+0x221/0xfa0 [ 1260.175005][ T29] rtnetlink_rcv_msg+0x811/0xfa0 [ 1260.179980][ T29] ? rtnetlink_bind+0x80/0x80 [ 1260.184819][ T29] ? perf_trace_preemptirq_template+0x269/0x330 [ 1260.191413][ T29] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1260.197695][ T29] ? lock_chain_count+0x20/0x20 [ 1260.202825][ T29] ? __local_bh_enable_ip+0x13a/0x1c0 [ 1260.208448][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 1260.213841][ T29] ? __local_bh_enable_ip+0x13a/0x1c0 [ 1260.219245][ T29] ? _local_bh_enable+0xa0/0xa0 [ 1260.224434][ T29] ? __dev_queue_xmit+0x26b/0x36b0 [ 1260.229610][ T29] ? __dev_queue_xmit+0x26b/0x36b0 [ 1260.234899][ T29] ? __dev_queue_xmit+0x124f/0x36b0 [ 1260.240256][ T29] ? __dev_queue_xmit+0x26b/0x36b0 [ 1260.245781][ T29] ? ref_tracker_free+0x690/0x840 [ 1260.250885][ T29] netlink_rcv_skb+0x241/0x4d0 [ 1260.255967][ T29] ? rtnetlink_bind+0x80/0x80 [ 1260.260790][ T29] ? netlink_ack+0x1180/0x1180 [ 1260.267868][ T29] ? __lock_acquire+0x7d40/0x7d40 [ 1260.273034][ T29] ? netlink_deliver_tap+0x2e/0x1b0 [ 1260.278301][ T29] netlink_unicast+0x751/0x8d0 [ 1260.283222][ T29] netlink_sendmsg+0x8d0/0xbf0 [ 1260.288055][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 1260.293411][ T29] ? netlink_getsockopt+0x590/0x590 [ 1260.298668][ T29] ? audit_tree_destroy_watch+0x20/0x20 [ 1260.304366][ T29] ? security_socket_sendmsg+0x80/0xa0 [ 1260.309960][ T29] ? netlink_getsockopt+0x590/0x590 [ 1260.315619][ T29] ____sys_sendmsg+0x5ba/0x960 [ 1260.320520][ T29] ? __asan_memset+0x22/0x40 [ 1260.325313][ T29] ? __sys_sendmsg_sock+0x30/0x30 [ 1260.330653][ T29] ? __import_iovec+0x5f2/0x850 [ 1260.335633][ T29] ? import_iovec+0x73/0xa0 [ 1260.340378][ T29] ___sys_sendmsg+0x2a6/0x360 [ 1260.345649][ T29] ? __sys_sendmsg+0x2a0/0x2a0 [ 1260.350626][ T29] __se_sys_sendmsg+0x1c2/0x2b0 [ 1260.355879][ T29] ? __x64_sys_sendmsg+0x80/0x80 [ 1260.361114][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 1260.366511][ T29] do_syscall_64+0x55/0xa0 [ 1260.371160][ T29] ? clear_bhb_loop+0x40/0x90 [ 1260.376283][ T29] ? clear_bhb_loop+0x40/0x90 [ 1260.381282][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1260.387318][ T29] RIP: 0033:0x7f9153d9bf79 [ 1260.392056][ T29] RSP: 002b:00007f9154cf7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1260.400524][ T29] RAX: ffffffffffffffda RBX: 00007f9154015fa0 RCX: 00007f9153d9bf79 [ 1260.408603][ T29] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000007 [ 1260.416656][ T29] RBP: 00007f9153e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1260.425359][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1260.433546][ T29] R13: 00007f9154016038 R14: 00007f9154015fa0 R15: 00007ffe5060ce98 [ 1260.441792][ T29] [ 1260.444912][ T29] INFO: task syz.0.4807:21903 blocked for more than 144 seconds. [ 1260.453414][ T29] Not tainted syzkaller #0 [ 1260.458652][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1260.468014][ T29] task:syz.0.4807 state:D stack:27112 pid:21903 ppid:14247 flags:0x00004004 [ 1260.477539][ T29] Call Trace: [ 1260.481037][ T29] [ 1260.484166][ T29] __schedule+0x1553/0x45a0 [ 1260.488851][ T29] ? asan.module_dtor+0x20/0x20 [ 1260.493811][ T29] ? __mutex_lock+0x6a4/0xcc0 [ 1260.498720][ T29] ? __mutex_trylock_common+0x8a/0x260 [ 1260.504474][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 1260.510715][ T29] schedule+0xbd/0x170 [ 1260.514976][ T29] schedule_preempt_disabled+0x13/0x20 [ 1260.520489][ T29] __mutex_lock+0x6a9/0xcc0 [ 1260.525287][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1260.530218][ T29] ? __tun_chr_ioctl+0x400/0x2000 [ 1260.535466][ T29] ? mutex_lock_nested+0x20/0x20 [ 1260.540464][ T29] ? __might_fault+0xaa/0x120 [ 1260.545339][ T29] ? __might_fault+0xc6/0x120 [ 1260.550318][ T29] ? __might_fault+0xaa/0x120 [ 1260.555206][ T29] __tun_chr_ioctl+0x400/0x2000 [ 1260.560299][ T29] ? tun_flow_create+0x310/0x310 [ 1260.566063][ T29] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1260.571339][ T29] ? security_file_ioctl+0x80/0xa0 [ 1260.576502][ T29] ? tun_chr_poll+0x630/0x630 [ 1260.581467][ T29] __se_sys_ioctl+0xfd/0x170 [ 1260.586191][ T29] do_syscall_64+0x55/0xa0 [ 1260.590837][ T29] ? clear_bhb_loop+0x40/0x90 [ 1260.595807][ T29] ? clear_bhb_loop+0x40/0x90 [ 1260.600550][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1260.606546][ T29] RIP: 0033:0x7f74efd9bf79 [ 1260.611155][ T29] RSP: 002b:00007f74f0c8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1260.619893][ T29] RAX: ffffffffffffffda RBX: 00007f74f0015fa0 RCX: 00007f74efd9bf79 [ 1260.628298][ T29] RDX: 0000200000000200 RSI: 00000000400454ca RDI: 0000000000000004 [ 1260.636482][ T29] RBP: 00007f74efe327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1260.644694][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1260.653153][ T29] R13: 00007f74f0016038 R14: 00007f74f0015fa0 R15: 00007ffe18d86588 [ 1260.661347][ T29] [ 1260.664416][ T29] INFO: task syz.1.4818:21933 blocked for more than 144 seconds. [ 1260.672718][ T29] Not tainted syzkaller #0 [ 1260.677715][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1260.687058][ T29] task:syz.1.4818 state:D stack:27880 pid:21933 ppid:16136 flags:0x00004004 [ 1260.696555][ T29] Call Trace: [ 1260.699996][ T29] [ 1260.703072][ T29] __schedule+0x1553/0x45a0 [ 1260.707661][ T29] ? asan.module_dtor+0x20/0x20 [ 1260.712697][ T29] ? __mutex_lock+0x6a4/0xcc0 [ 1260.717445][ T29] ? __mutex_trylock_common+0x8a/0x260 [ 1260.723263][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 1260.729491][ T29] schedule+0xbd/0x170 [ 1260.733892][ T29] schedule_preempt_disabled+0x13/0x20 [ 1260.739576][ T29] __mutex_lock+0x6a9/0xcc0 [ 1260.744280][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1260.748997][ T29] ? __tun_chr_ioctl+0x400/0x2000 [ 1260.754208][ T29] ? mutex_lock_nested+0x20/0x20 [ 1260.759196][ T29] ? __might_fault+0xaa/0x120 [ 1260.763952][ T29] ? __might_fault+0xc6/0x120 [ 1260.768941][ T29] ? __might_fault+0xaa/0x120 [ 1260.773784][ T29] __tun_chr_ioctl+0x400/0x2000 [ 1260.778679][ T29] ? tun_flow_create+0x310/0x310 [ 1260.783824][ T29] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1260.788801][ T29] ? security_file_ioctl+0x80/0xa0 [ 1260.794213][ T29] ? tun_chr_poll+0x630/0x630 [ 1260.799014][ T29] __se_sys_ioctl+0xfd/0x170 [ 1260.803773][ T29] do_syscall_64+0x55/0xa0 [ 1260.808313][ T29] ? clear_bhb_loop+0x40/0x90 [ 1260.813168][ T29] ? clear_bhb_loop+0x40/0x90 [ 1260.817958][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1260.824031][ T29] RIP: 0033:0x7f2412d9bf79 [ 1260.828665][ T29] RSP: 002b:00007f2413c2d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1260.837211][ T29] RAX: ffffffffffffffda RBX: 00007f2413015fa0 RCX: 00007f2412d9bf79 [ 1260.845345][ T29] RDX: 0000200000000040 RSI: 00000000400454ca RDI: 0000000000000003 [ 1260.853781][ T29] RBP: 00007f2412e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1260.862062][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1260.870423][ T29] R13: 00007f2413016038 R14: 00007f2413015fa0 R15: 00007ffd694728d8 [ 1260.878786][ T29] [ 1260.882017][ T29] INFO: task syz.1.4818:21934 blocked for more than 145 seconds. [ 1260.889844][ T29] Not tainted syzkaller #0 [ 1260.894996][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1260.904239][ T29] task:syz.1.4818 state:D stack:25768 pid:21934 ppid:16136 flags:0x00004004 [ 1260.913972][ T29] Call Trace: [ 1260.917292][ T29] [ 1260.920327][ T29] __schedule+0x1553/0x45a0 [ 1260.925630][ T29] ? asan.module_dtor+0x20/0x20 [ 1260.930624][ T29] ? __mutex_lock+0x6a4/0xcc0 [ 1260.935605][ T29] ? __mutex_trylock_common+0x8a/0x260 [ 1260.941241][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 1260.947449][ T29] schedule+0xbd/0x170 [ 1260.952046][ T29] schedule_preempt_disabled+0x13/0x20 [ 1260.957574][ T29] __mutex_lock+0x6a9/0xcc0 [ 1260.962725][ T29] ? __mutex_lock+0x4f9/0xcc0 [ 1260.967684][ T29] ? __tun_chr_ioctl+0x400/0x2000 [ 1260.973009][ T29] ? mutex_lock_nested+0x20/0x20 [ 1260.978126][ T29] __tun_chr_ioctl+0x400/0x2000 [ 1260.983354][ T29] ? tun_flow_create+0x310/0x310 [ 1260.988352][ T29] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1260.993406][ T29] ? security_file_ioctl+0x80/0xa0 [ 1260.998853][ T29] ? tun_chr_poll+0x630/0x630 [ 1261.003679][ T29] __se_sys_ioctl+0xfd/0x170 [ 1261.008509][ T29] do_syscall_64+0x55/0xa0 [ 1261.013333][ T29] ? clear_bhb_loop+0x40/0x90 [ 1261.018148][ T29] ? clear_bhb_loop+0x40/0x90 [ 1261.023073][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1261.029189][ T29] RIP: 0033:0x7f2412d9bf79 [ 1261.033835][ T29] RSP: 002b:00007f2413c0c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1261.042516][ T29] RAX: ffffffffffffffda RBX: 00007f2413016090 RCX: 00007f2412d9bf79 [ 1261.050773][ T29] RDX: 0000200000000140 RSI: 00000000800454e1 RDI: 0000000000000003 [ 1261.058809][ T29] RBP: 00007f2412e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1261.067016][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1261.075411][ T29] R13: 00007f2413016128 R14: 00007f2413016090 R15: 00007ffd694728d8 [ 1261.083862][ T29] [ 1261.087032][ T29] [ 1261.087032][ T29] Showing all locks held in the system: [ 1261.094947][ T29] 3 locks held by kworker/0:1/9: [ 1261.100098][ T29] #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.111576][ T29] #1: ffffc900000e7d00 ((work_completion)(&aux->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.124215][ T29] #2: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: bpf_prog_dev_bound_destroy+0x76/0x590 [ 1261.135266][ T29] 1 lock held by khungtaskd/29: [ 1261.140243][ T29] #0: ffffffff8d131fa0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 1261.150399][ T29] 3 locks held by kworker/u4:11/3488: [ 1261.156627][ T29] #0: ffff88802c7d0538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.168704][ T29] #1: ffffc9000cf57d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.182140][ T29] #2: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd4/0x1530 [ 1261.191663][ T29] 2 locks held by getty/5531: [ 1261.196378][ T29] #0: ffff88814c2210a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1261.206405][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390 [ 1261.216618][ T29] 4 locks held by kworker/u4:13/9015: [ 1261.222135][ T29] #0: ffff888017c73938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.233367][ T29] #1: ffffc90003ac7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.244148][ T29] #2: ffffffff8e3b3250 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0 [ 1261.254386][ T29] #3: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xf2/0xa80 [ 1261.264530][ T29] 3 locks held by kworker/u4:14/9016: [ 1261.269983][ T29] #0: ffff888017c71538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.282388][ T29] #1: ffffc90002e77d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1261.293768][ T29] #2: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1261.302988][ T29] 1 lock held by syz-executor/21757: [ 1261.308324][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.318020][ T29] 1 lock held by syz.2.4800/21890: [ 1261.323590][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.333582][ T29] 1 lock held by syz.0.4807/21903: [ 1261.338907][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x400/0x2000 [ 1261.348727][ T29] 1 lock held by syz.1.4818/21933: [ 1261.353943][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x400/0x2000 [ 1261.363774][ T29] 1 lock held by syz.1.4818/21934: [ 1261.369180][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x400/0x2000 [ 1261.378734][ T29] 1 lock held by syz-executor/21936: [ 1261.385056][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.394741][ T29] 1 lock held by syz-executor/21942: [ 1261.400135][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.410125][ T29] 1 lock held by syz-executor/21945: [ 1261.415699][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.425687][ T29] 1 lock held by syz-executor/21954: [ 1261.431340][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.440846][ T29] 1 lock held by syz-executor/21959: [ 1261.446446][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.456323][ T29] 1 lock held by syz-executor/21964: [ 1261.462027][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.471774][ T29] 1 lock held by syz-executor/21967: [ 1261.477207][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.487427][ T29] 1 lock held by syz-executor/21976: [ 1261.492963][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.502795][ T29] 1 lock held by syz-executor/21981: [ 1261.508128][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.517818][ T29] 1 lock held by syz-executor/21986: [ 1261.523168][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.532801][ T29] 1 lock held by syz-executor/21989: [ 1261.538152][ T29] #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0 [ 1261.547819][ T29] [ 1261.550204][ T29] ============================================= [ 1261.550204][ T29] [ 1261.558909][ T29] NMI backtrace for cpu 0 [ 1261.563255][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 1261.570656][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1261.581560][ T29] Call Trace: [ 1261.584880][ T29] [ 1261.587830][ T29] dump_stack_lvl+0x18c/0x250 [ 1261.592561][ T29] ? preempt_count_add+0x91/0x1a0 [ 1261.597709][ T29] ? show_regs_print_info+0x20/0x20 [ 1261.603227][ T29] ? load_image+0x400/0x400 [ 1261.607867][ T29] nmi_cpu_backtrace+0x3a6/0x3e0 [ 1261.613131][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 1261.619506][ T29] ? _printk+0xde/0x130 [ 1261.624099][ T29] ? load_image+0x400/0x400 [ 1261.628707][ T29] ? load_image+0x400/0x400 [ 1261.633226][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 1261.639354][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 1261.645442][ T29] watchdog+0xf3d/0xf80 [ 1261.649935][ T29] ? watchdog+0x1e1/0xf80 [ 1261.654754][ T29] kthread+0x2fa/0x390 [ 1261.659030][ T29] ? hungtask_pm_notify+0x90/0x90 [ 1261.664165][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1261.668776][ T29] ret_from_fork+0x48/0x80 [ 1261.673658][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1261.678377][ T29] ret_from_fork_asm+0x11/0x20 [ 1261.683292][ T29] [ 1261.687075][ T29] Sending NMI from CPU 0 to CPUs 1: [ 1261.692648][ C1] NMI backtrace for cpu 1 [ 1261.692661][ C1] CPU: 1 PID: 5129 Comm: klogd Not tainted syzkaller #0 [ 1261.692677][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1261.692686][ C1] RIP: 0010:lockdep_hardirqs_on_prepare+0x43f/0x770 [ 1261.692713][ C1] Code: ff df b8 ff ff ff ff 65 0f c1 05 84 9d 9a 7e 83 f8 01 48 8b 5c 24 18 75 34 48 c7 44 24 20 0e 36 e0 45 48 c7 04 13 00 00 00 00 <65> 48 8b 04 25 28 00 00 00 48 3b 44 24 60 0f 85 91 01 00 00 48 8d [ 1261.692726][ C1] RSP: 0018:ffffc900032c7060 EFLAGS: 00000046 [ 1261.692742][ C1] RAX: 0000000000000001 RBX: 1ffff92000658e10 RCX: 9b58b5c84d72b900 [ 1261.692754][ C1] RDX: dffffc0000000000 RSI: ffffffff8acada80 RDI: ffffffff8b1c81e0 [ 1261.692765][ C1] RBP: ffffc900032c7110 R08: ffffffff911bf52f R09: 1ffffffff2237ea5 [ 1261.692776][ C1] R10: dffffc0000000000 R11: fffffbfff2237ea6 R12: ffff88807ccc2950 [ 1261.692787][ C1] R13: 0000000000000002 R14: 1ffff1100f99851b R15: ffff88807ccc2930 [ 1261.692797][ C1] FS: 00007f785eaf2c80(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1261.692811][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1261.692822][ C1] CR2: 0000558d20162f70 CR3: 0000000030dd0000 CR4: 00000000003506e0 [ 1261.692838][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1261.692847][ C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 1261.692857][ C1] Call Trace: [ 1261.692863][ C1] [ 1261.692872][ C1] ? lock_chain_count+0x20/0x20 [ 1261.692892][ C1] ? rcu_is_watching+0x15/0xb0 [ 1261.692913][ C1] trace_hardirqs_on+0x28/0x40 [ 1261.692933][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1261.692951][ C1] RIP: 0010:__sanitizer_cov_trace_cmp8+0x0/0x80 [ 1261.692969][ C1] Code: c0 4c 89 01 48 c7 44 11 08 04 00 00 00 48 89 7c 11 10 48 89 74 11 18 48 89 44 11 20 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 0f 1e fa 48 8b 04 24 65 48 8b 0d 00 a0 7c 7e 65 8b 15 01 a0 7c [ 1261.692981][ C1] RSP: 0018:ffffc900032c71d0 EFLAGS: 00000286 [ 1261.692994][ C1] RAX: ffffffff813b37a9 RBX: ffffffff81000000 RCX: ffff88807ccc1e00 [ 1261.693004][ C1] RDX: 0000000000000000 RSI: ffffffff81000000 RDI: ffffffff81df4ae2 [ 1261.693014][ C1] RBP: ffffc900032c72f8 R08: ffffc900032c7370 R09: 0000000000000006 [ 1261.693025][ C1] R10: 0000000000000004 R11: 0000000000000000 R12: ffffc900032c72a8 [ 1261.693035][ C1] R13: dffffc0000000000 R14: ffffc900032c72dd R15: ffffffff81df4ae2 [ 1261.693046][ C1] ? kasan_quarantine_reduce+0x142/0x160 [ 1261.693068][ C1] ? 0xffffffff81000000 [ 1261.693080][ C1] ? unwind_next_frame+0x189/0x2970 [ 1261.693095][ C1] ? 0xffffffff81000000 [ 1261.693104][ C1] ? kasan_quarantine_reduce+0x142/0x160 [ 1261.693126][ C1] unwind_next_frame+0x1c6/0x2970 [ 1261.693146][ C1] ? kasan_quarantine_reduce+0x143/0x160 [ 1261.693166][ C1] ? kasan_quarantine_reduce+0x143/0x160 [ 1261.693186][ C1] ? stack_trace_save+0x100/0x100 [ 1261.693203][ C1] arch_stack_walk+0x144/0x190 [ 1261.693222][ C1] ? kasan_quarantine_reduce+0x143/0x160 [ 1261.693244][ C1] stack_trace_save+0xaa/0x100 [ 1261.693261][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 1261.693283][ C1] save_stack+0x125/0x230 [ 1261.693305][ C1] ? __reset_page_owner+0x190/0x190 [ 1261.693325][ C1] ? free_unref_page_prepare+0x7b2/0x8c0 [ 1261.693345][ C1] ? free_unref_page+0x32/0x2e0 [ 1261.693372][ C1] ? __unfreeze_partials+0x1cf/0x210 [ 1261.693385][ C1] ? put_cpu_partial+0x17c/0x250 [ 1261.693399][ C1] ? __slab_free+0x319/0x400 [ 1261.693412][ C1] ? qlist_free_all+0x75/0xd0 [ 1261.693429][ C1] ? kasan_quarantine_reduce+0x143/0x160 [ 1261.693453][ C1] ? page_ext_get+0x22/0x2b0 [ 1261.693471][ C1] ? page_ext_get+0x1e2/0x2b0 [ 1261.693489][ C1] __reset_page_owner+0x4e/0x190 [ 1261.693513][ C1] free_unref_page_prepare+0x7b2/0x8c0 [ 1261.693536][ C1] free_unref_page+0x32/0x2e0 [ 1261.693558][ C1] __unfreeze_partials+0x1cf/0x210 [ 1261.693575][ C1] put_cpu_partial+0x17c/0x250 [ 1261.693589][ C1] ? put_cpu_partial+0x6e/0x250 [ 1261.693604][ C1] __slab_free+0x319/0x400 [ 1261.693620][ C1] ? _raw_spin_unlock+0x40/0x40 [ 1261.693635][ C1] ? __phys_addr+0xba/0x170 [ 1261.693654][ C1] qlist_free_all+0x75/0xd0 [ 1261.693675][ C1] kasan_quarantine_reduce+0x143/0x160 [ 1261.693696][ C1] __kasan_slab_alloc+0x22/0x80 [ 1261.693714][ C1] slab_post_alloc_hook+0x6e/0x4b0 [ 1261.693738][ C1] kmem_cache_alloc_node+0x14c/0x320 [ 1261.693758][ C1] ? __alloc_skb+0x103/0x2c0 [ 1261.693782][ C1] __alloc_skb+0x103/0x2c0 [ 1261.693804][ C1] alloc_skb_with_frags+0xca/0x7b0 [ 1261.693822][ C1] ? do_syscall_64+0x55/0xa0 [ 1261.693847][ C1] sock_alloc_send_pskb+0x883/0x9a0 [ 1261.693875][ C1] ? sock_kzfree_s+0x50/0x50 [ 1261.693892][ C1] ? do_raw_spin_lock+0x11f/0x2c0 [ 1261.693912][ C1] ? __rwlock_init+0x150/0x150 [ 1261.693933][ C1] ? do_raw_spin_unlock+0x121/0x230 [ 1261.693954][ C1] unix_dgram_sendmsg+0x5a2/0x16d0 [ 1261.693977][ C1] ? syslog_print+0x595/0x630 [ 1261.693996][ C1] ? aa_sk_perm+0x83c/0x970 [ 1261.694021][ C1] ? unix_dgram_poll+0x680/0x680 [ 1261.694040][ C1] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 1261.694059][ C1] ? aa_sock_msg_perm+0x94/0x150 [ 1261.694078][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1261.694096][ C1] ? security_socket_sendmsg+0x80/0xa0 [ 1261.694114][ C1] __sys_sendto+0x4a9/0x6b0 [ 1261.694137][ C1] ? __ia32_sys_getpeername+0x90/0x90 [ 1261.694164][ C1] ? log_buf_vmcoreinfo_setup+0x450/0x450 [ 1261.694186][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1261.694205][ C1] ? lock_chain_count+0x20/0x20 [ 1261.694224][ C1] __x64_sys_sendto+0xde/0xf0 [ 1261.694246][ C1] do_syscall_64+0x55/0xa0 [ 1261.694265][ C1] ? clear_bhb_loop+0x40/0x90 [ 1261.694280][ C1] ? clear_bhb_loop+0x40/0x90 [ 1261.694296][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1261.694312][ C1] RIP: 0033:0x7f785ec42407 [ 1261.694323][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 1261.694335][ C1] RSP: 002b:00007ffd42d3c780 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 1261.694350][ C1] RAX: ffffffffffffffda RBX: 00007f785eaf2c80 RCX: 00007f785ec42407 [ 1261.694368][ C1] RDX: 000000000000006a RSI: 00007ffd42d3c8c0 RDI: 0000000000000003 [ 1261.694378][ C1] RBP: 00007ffd42d3ccf0 R08: 0000000000000000 R09: 0000000000000000 [ 1261.694387][ C1] R10: 0000000000004000 R11: 0000000000000202 R12: 00007ffd42d3cd08 [ 1261.694398][ C1] R13: 00007ffd42d3c8c0 R14: 000000000000004f R15: 00007ffd42d3c8c0 [ 1261.694417][ C1] [ 1261.696822][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 1262.344469][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 1262.351893][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1262.362153][ T29] Call Trace: [ 1262.365533][ T29] [ 1262.368570][ T29] dump_stack_lvl+0x18c/0x250 [ 1262.373360][ T29] ? show_regs_print_info+0x20/0x20 [ 1262.378755][ T29] ? load_image+0x400/0x400 [ 1262.383285][ T29] panic+0x2dc/0x730 [ 1262.387198][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 1262.392934][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 1262.397445][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 1262.403008][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 1262.409268][ T29] watchdog+0xf7c/0xf80 [ 1262.413540][ T29] ? watchdog+0x1e1/0xf80 [ 1262.417917][ T29] kthread+0x2fa/0x390 [ 1262.422055][ T29] ? hungtask_pm_notify+0x90/0x90 [ 1262.427109][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1262.431715][ T29] ret_from_fork+0x48/0x80 [ 1262.436246][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1262.441170][ T29] ret_from_fork_asm+0x11/0x20 [ 1262.445968][ T29] [ 1262.449628][ T29] Kernel Offset: disabled [ 1262.454163][ T29] Rebooting in 86400 seconds..