last executing test programs: 8.692519746s ago: executing program 1 (id=55): r0 = socket(0x2, 0x3, 0x6) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x6, 0x4) sendto$inet(r0, 0x0, 0x0, 0x48800, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendto$inet(r0, &(0x7f00000023c0)="8ce2ad4d4f95e087a7846d3f", 0xc, 0x0, &(0x7f0000002400)={0x2, 0x0, @multicast2}, 0x10) 7.776716839s ago: executing program 1 (id=58): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x8044) 7.086215644s ago: executing program 4 (id=61): bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) r2 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r2, 0x107, 0x8, &(0x7f0000000500), 0x4) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000500)={'syzkaller1\x00', @link_local}) write$tun(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000d05001400080014"], 0xfdef) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f00000aa000/0x3000)=nil, 0x3000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) recvmsg$kcm(r2, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000340), 0x4) 6.863940567s ago: executing program 1 (id=62): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18) add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x1) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000), 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x0, 0x0}) sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000000)={{}, {0x0, 0x989680}}, 0x0) timer_create(0x3, 0x0, &(0x7f00000000c0)=0x0) r3 = epoll_create1(0x80000) epoll_pwait2(r3, &(0x7f0000000340)=[{}], 0x1, &(0x7f0000000380)={0x77359400}, &(0x7f0000000500)={[0x8000]}, 0x8) timer_delete(r2) timer_getoverrun(r2) 5.963356949s ago: executing program 3 (id=65): socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x840}, 0x4000881) r0 = accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x800) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'ip6erspan0\x00', &(0x7f0000000040)=@ethtool_eeprom={0xb, 0x1, 0x1b}}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0xbfb, 0x2) r2 = dup2(r1, r1) ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f00000000c0)={0xf0f03f, 0x6e}) 5.452490835s ago: executing program 2 (id=66): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001200010003950000000000000a"], 0x4c}}, 0x0) 5.42289151s ago: executing program 1 (id=67): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, 0x0) 5.080143162s ago: executing program 3 (id=69): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket(0xa, 0x80805, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000082"], 0x34}}, 0x0) r0 = syz_io_uring_setup(0x4a60, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0xfffffffe, 0x1b3}, &(0x7f00000004c0)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000000}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 4.761703122s ago: executing program 2 (id=70): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) openat$autofs(0xffffffffffffff9c, &(0x7f0000010400), 0x121c41, 0x0) 4.646813288s ago: executing program 0 (id=71): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(0x3) 4.620305816s ago: executing program 1 (id=72): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300, 0x28}}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x8044) 4.320447623s ago: executing program 3 (id=73): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000900, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x80000000, 0x0, 0x0, 0x6, 0x0, 0x3ff, 0x4}) 4.320165438s ago: executing program 4 (id=74): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 4.159923379s ago: executing program 2 (id=75): r0 = socket$inet6(0xa, 0x5, 0x7d) r1 = signalfd4(r0, 0x0, 0x0, 0x80000) setsockopt$inet_int(r1, 0x0, 0x14, &(0x7f0000000380)=0xffff2eee, 0x4) syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16) r2 = syz_open_procfs(0x0, &(0x7f0000002100)='smaps\x00') ioctl$SIOCGETVIFCNT(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={0x1}) preadv2(r0, &(0x7f0000000300)=[{&(0x7f00000003c0)=""/232, 0xe8}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000100)=""/15, 0xf}, {&(0x7f0000000680)=""/170, 0xaa}], 0x6, 0x401, 0x80000000, 0x1e) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xf, 0x8b}, 0x0) r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000880), 0x2, 0x0) ioctl$VIDIOC_QUERYCTRL(r3, 0xc0445624, &(0x7f00000008c0)={0x0, 0x3, "0730d800ac3d4fcf4b3b82a2ae264023d7d9b66f47ded42c289c65cac310bb5f", 0x1, 0x9, 0x2, 0xf56, 0x200}) read$FUSE(r2, &(0x7f0000002140)={0x2020}, 0x2020) 4.095526097s ago: executing program 0 (id=76): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x800) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000240)={0xfff, 0x5, 0x5, 0x2, '\x00', '\x00', '\x00', 0x100, 0x2, 0x2, 0x0, "682cdaf842e0bd5f36d3b0c71829dd04"}) 3.981636118s ago: executing program 1 (id=77): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0) readv(r2, &(0x7f0000000380)=[{&(0x7f0000000940)=""/128, 0x80}], 0x1) r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r3, 0x0, 0x400000000000000, 0x7) 3.680398329s ago: executing program 3 (id=78): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000240)=[@dead_binder_done], 0x0, 0x0, 0x0}) 3.463363491s ago: executing program 0 (id=79): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0) r4 = socket(0x10, 0x803, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtfilter={0xac, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x80, 0x2, [@TCA_U32_SEL={0x74, 0x5, {0x7, 0x6, 0x6, 0x9, 0x401, 0x1000, 0x8a0, 0xd7, [{0x9, 0x9, 0x1, 0x3}, {0x2, 0x4, 0x7e, 0x8}, {0x100006, 0x9, 0xfffffffd, 0x4}, {0x1, 0x0, 0x91a1, 0x7d}, {0x2, 0xc2, 0x97, 0x2}, {0x6, 0xa4, 0x7, 0x7}]}}, @TCA_U32_LINK={0x8, 0x3, 0x8}]}}]}, 0xac}, 0x1, 0x0, 0x0, 0x80}, 0x800) 2.992306986s ago: executing program 4 (id=80): syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) io_setup(0x2, &(0x7f0000000180)=0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r1, 0x0}]) 2.896061932s ago: executing program 3 (id=81): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x9) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r3, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x80) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x0) 2.753623348s ago: executing program 2 (id=82): r0 = socket(0x2, 0x3, 0x6) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x6, 0x4) sendto$inet(r0, 0x0, 0x0, 0x48800, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendto$inet(r0, &(0x7f00000023c0)="8ce2ad4d4f95e087a7846d3f81", 0xd, 0x0, 0x0, 0x0) 2.603304365s ago: executing program 0 (id=83): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket(0xa, 0x80805, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000082"], 0x34}}, 0x0) r0 = syz_io_uring_setup(0x4a60, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0xfffffffe, 0x1b3}, &(0x7f00000004c0)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000000}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 2.356258511s ago: executing program 4 (id=84): r0 = socket$nl_generic(0x10, 0x3, 0x10) open_by_handle_at(r0, &(0x7f0000000000)=ANY=[], 0x8000) 2.264405319s ago: executing program 2 (id=85): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) openat$autofs(0xffffffffffffff9c, &(0x7f0000010400), 0x121c41, 0x0) 2.011726666s ago: executing program 3 (id=86): bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) r2 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r2, 0x107, 0x8, &(0x7f0000000500), 0x4) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000500)={'syzkaller1\x00', @link_local}) write$tun(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000d05001400080014"], 0xfdef) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f00000aa000/0x3000)=nil, 0x3000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) recvmsg$kcm(r2, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000340), 0x4) 1.850893583s ago: executing program 0 (id=87): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300, 0x28}}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x8044) 1.79391095s ago: executing program 4 (id=88): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000900, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x80000000, 0x0, 0x0, 0x6, 0x0, 0x3ff, 0x4}) 1.790852274s ago: executing program 2 (id=89): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_int(r1, 0x29, 0x35, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000000580)=""/102392, 0x18ff8) r4 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) writev(r4, 0x0, 0x0) r5 = mq_open(0x0, 0x42, 0x0, 0x0) mq_notify(r5, 0x0) mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0) unshare(0x80) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_SYMLINKAT={0x26, 0x40, 0x0, 0xffffffffffffffff, 0x0, 0x0}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240) r6 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNGETVNETHDRSZ(r6, 0x800454d7, &(0x7f00000003c0)) ioctl$TCFLSH(r0, 0x8925, 0xffffffffffff7ffe) 1.220536843s ago: executing program 0 (id=90): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000880)="b90103600057f008009e0ff008001f", 0x0, 0x102, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 4 (id=91): socket$vsock_stream(0x28, 0x1, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33", 0x35}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a00000000180000000000000017010000040000000602000000400000180000000000000017010000030000000100000000000079240809000000ac87448793609bd8299d6dfc465829b711ce28eb8f568438917ebd0699be96bd1485f6aaa8486e00000000e301f2e09aebda6eeb1c61f96b6d3f91c0f8c1ffbb85cfdd5b8b437a3720ba4cdfb681516c3a240207b6bbdfb37747cc7411886fdba55bcbfa68226644556e8117f9f9fc5be3b7095b2ab7c19b0c6fada03a7f9b9172f0cc960ee263e82e3232edea82b9736d65309e"], 0x60}], 0x1, 0x8001) recvmmsg(r1, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000001c0)=""/156, 0x9c}], 0x1}}], 0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.155' (ED25519) to the list of known hosts. [ 173.141074][ T5768] cgroup: Unknown subsys name 'net' [ 173.265094][ T5768] cgroup: Unknown subsys name 'cpuset' [ 173.278728][ T5768] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 218.458030][ T5768] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 222.425673][ T5788] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 222.451234][ T5793] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 222.460576][ T5793] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 222.470315][ T5793] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 222.480822][ T5793] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 222.495130][ T5793] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 222.497625][ T5797] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 222.505329][ T5793] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 222.512532][ T5801] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 222.519041][ T5793] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 222.533454][ T5793] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 222.546187][ T5793] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 222.550063][ T5801] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 222.556475][ T5793] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 222.567364][ T5801] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 222.573655][ T5801] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 222.576765][ T5797] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 222.587481][ T5801] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 222.591282][ T5797] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 222.598540][ T5801] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 222.613735][ T5801] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 222.614882][ T5788] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 222.630241][ T5801] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 222.640399][ T5797] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 222.644064][ T5801] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 222.661540][ T5801] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 222.676643][ T5801] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 222.685796][ T5801] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 222.711298][ T5801] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 222.721121][ T5801] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 223.696711][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 224.101129][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 224.429453][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.430843][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 224.436080][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 224.667715][ T5790] Bluetooth: hci2: command tx timeout [ 224.673598][ T5790] Bluetooth: hci3: command tx timeout [ 224.688435][ T5794] chnl_net:caif_netlink_parms(): no params data found [ 224.749330][ T5790] Bluetooth: hci0: command tx timeout [ 224.749442][ T5801] Bluetooth: hci1: command tx timeout [ 224.903364][ T5801] Bluetooth: hci4: command tx timeout [ 225.074429][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 225.094775][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.102423][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.117852][ T5787] bridge_slave_0: entered allmulticast mode [ 225.126643][ T5787] bridge_slave_0: entered promiscuous mode [ 225.201298][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.209569][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.217467][ T5787] bridge_slave_1: entered allmulticast mode [ 225.226746][ T5787] bridge_slave_1: entered promiscuous mode [ 225.236218][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.245509][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.253455][ T5789] bridge_slave_0: entered allmulticast mode [ 225.262257][ T5789] bridge_slave_0: entered promiscuous mode [ 225.400982][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.411606][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.419531][ T5789] bridge_slave_1: entered allmulticast mode [ 225.428485][ T5789] bridge_slave_1: entered promiscuous mode [ 225.466262][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.563521][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.715964][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.723832][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.731516][ T5784] bridge_slave_0: entered allmulticast mode [ 225.743813][ T5784] bridge_slave_0: entered promiscuous mode [ 225.842842][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.850708][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.858540][ T5784] bridge_slave_1: entered allmulticast mode [ 225.867480][ T5784] bridge_slave_1: entered promiscuous mode [ 225.882425][ T5787] team0: Port device team_slave_0 added [ 225.898803][ T5787] team0: Port device team_slave_1 added [ 225.959223][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.969565][ T5794] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.977460][ T5794] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.985309][ T5794] bridge_slave_0: entered allmulticast mode [ 225.994462][ T5794] bridge_slave_0: entered promiscuous mode [ 226.116775][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.127978][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.135205][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.161665][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.176650][ T5794] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.184800][ T5794] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.192619][ T5794] bridge_slave_1: entered allmulticast mode [ 226.201839][ T5794] bridge_slave_1: entered promiscuous mode [ 226.262325][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.382080][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.390676][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.417666][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.441891][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.559997][ T5789] team0: Port device team_slave_0 added [ 226.654601][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.662236][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.670236][ T5785] bridge_slave_0: entered allmulticast mode [ 226.679079][ T5785] bridge_slave_0: entered promiscuous mode [ 226.695660][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.703402][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.711019][ T5785] bridge_slave_1: entered allmulticast mode [ 226.722163][ T5785] bridge_slave_1: entered promiscuous mode [ 226.737540][ T5789] team0: Port device team_slave_1 added [ 226.773243][ T5801] Bluetooth: hci2: command tx timeout [ 226.777333][ T5790] Bluetooth: hci3: command tx timeout [ 226.789118][ T5784] team0: Port device team_slave_0 added [ 226.805265][ T5794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.821240][ T5784] team0: Port device team_slave_1 added [ 226.823498][ T5790] Bluetooth: hci1: command tx timeout [ 226.830101][ T5801] Bluetooth: hci0: command tx timeout [ 226.995075][ T5801] Bluetooth: hci4: command tx timeout [ 227.047332][ T5794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.058747][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.066074][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.092342][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 227.117215][ T5787] hsr_slave_0: entered promiscuous mode [ 227.126896][ T5787] hsr_slave_1: entered promiscuous mode [ 227.177870][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.259448][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 227.266763][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.293181][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 227.325237][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.332462][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.359125][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 227.378844][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.390234][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 227.397619][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.423933][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 227.444645][ T5794] team0: Port device team_slave_0 added [ 227.543536][ T5794] team0: Port device team_slave_1 added [ 227.748267][ T5785] team0: Port device team_slave_0 added [ 227.858721][ T5785] team0: Port device team_slave_1 added [ 227.880510][ T5784] hsr_slave_0: entered promiscuous mode [ 227.890159][ T5784] hsr_slave_1: entered promiscuous mode [ 227.898539][ T5784] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.906344][ T5784] Cannot create hsr debugfs directory [ 227.942495][ T5789] hsr_slave_0: entered promiscuous mode [ 227.951561][ T5789] hsr_slave_1: entered promiscuous mode [ 227.959700][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.967520][ T5789] Cannot create hsr debugfs directory [ 227.976659][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.984086][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.010408][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 228.084093][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 228.091247][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.117692][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 228.269336][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 228.276564][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.302969][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 228.386505][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 228.394010][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.421582][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 228.652781][ T5794] hsr_slave_0: entered promiscuous mode [ 228.662416][ T5794] hsr_slave_1: entered promiscuous mode [ 228.670944][ T5794] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 228.678817][ T5794] Cannot create hsr debugfs directory [ 228.831572][ T5801] Bluetooth: hci2: command tx timeout [ 228.837457][ T5790] Bluetooth: hci3: command tx timeout [ 228.892472][ T5785] hsr_slave_0: entered promiscuous mode [ 228.902113][ T5785] hsr_slave_1: entered promiscuous mode [ 228.903492][ T5801] Bluetooth: hci1: command tx timeout [ 228.910558][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 228.913427][ T5801] Bluetooth: hci0: command tx timeout [ 228.926708][ T5785] Cannot create hsr debugfs directory [ 229.073980][ T5790] Bluetooth: hci4: command tx timeout [ 229.201403][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 229.309195][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 229.434363][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 229.454650][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 229.880941][ T5789] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 229.902532][ T5789] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 229.925965][ T5789] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 230.011331][ T5789] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 230.168995][ T5784] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 230.199766][ T5784] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 230.264103][ T5784] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 230.302542][ T5784] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 230.451492][ T5794] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 230.494856][ T5794] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 230.520576][ T5794] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 230.551851][ T5794] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 230.701787][ T5785] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 230.765818][ T5785] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 230.866651][ T5785] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 230.913674][ T5790] Bluetooth: hci2: command tx timeout [ 230.919300][ T5790] Bluetooth: hci3: command tx timeout [ 230.968307][ T5785] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 230.990266][ T5790] Bluetooth: hci0: command tx timeout [ 230.996486][ T5801] Bluetooth: hci1: command tx timeout [ 231.071962][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.143237][ T5790] Bluetooth: hci4: command tx timeout [ 231.283948][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.372502][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.380283][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.517225][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.524981][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.751509][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.802219][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.992198][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.022388][ T5794] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.107073][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.159848][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.167672][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.184609][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.192211][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.266364][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.307707][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.419614][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.427340][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.442739][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.450509][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.474947][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.482678][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.543635][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.699418][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.707148][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.722268][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.729975][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.753343][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.760969][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.938646][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.460851][ T5787] veth0_vlan: entered promiscuous mode [ 234.541503][ T5787] veth1_vlan: entered promiscuous mode [ 234.831494][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.946866][ T5787] veth0_macvtap: entered promiscuous mode [ 234.975867][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.997074][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.047829][ T5787] veth1_macvtap: entered promiscuous mode [ 235.265894][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.320858][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.359875][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.478779][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.489405][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.499127][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.508261][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.533217][ T5784] veth0_vlan: entered promiscuous mode [ 235.624169][ T5784] veth1_vlan: entered promiscuous mode [ 235.651402][ T5789] veth0_vlan: entered promiscuous mode [ 235.794901][ T5789] veth1_vlan: entered promiscuous mode [ 235.819079][ T5794] veth0_vlan: entered promiscuous mode [ 235.962266][ T5784] veth0_macvtap: entered promiscuous mode [ 235.978723][ T5794] veth1_vlan: entered promiscuous mode [ 236.098919][ T5784] veth1_macvtap: entered promiscuous mode [ 236.179268][ T5789] veth0_macvtap: entered promiscuous mode [ 236.292612][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.305155][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.319670][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 236.338548][ T5794] veth0_macvtap: entered promiscuous mode [ 236.353658][ T5789] veth1_macvtap: entered promiscuous mode [ 236.440960][ T5794] veth1_macvtap: entered promiscuous mode [ 236.469576][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.482039][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.498594][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 236.531520][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.542269][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.552595][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.563335][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.577895][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 236.658205][ T5784] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.669696][ T5784] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.680299][ T5784] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.689778][ T5784] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.739622][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.750488][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.760686][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.771527][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.781754][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.792544][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.807539][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 236.824994][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.835745][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.845817][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.856554][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.871063][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 236.918841][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.929859][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.940190][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.950954][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.961096][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.971889][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.988147][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 237.044222][ T5789] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.053400][ T5789] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.062380][ T5789] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.072539][ T5789] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.197153][ T5794] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.208052][ T5794] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.218708][ T5794] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.231341][ T5794] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.838716][ T5785] veth0_vlan: entered promiscuous mode [ 237.939985][ T5785] veth1_vlan: entered promiscuous mode [ 238.280357][ T5785] veth0_macvtap: entered promiscuous mode [ 238.345287][ T5785] veth1_macvtap: entered promiscuous mode [ 238.539104][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.551235][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.561465][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.572254][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.582555][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.594724][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.605861][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.616684][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.631405][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 238.764917][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.776878][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.789411][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.803125][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.813360][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.825823][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.838405][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.849315][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.864146][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 239.120866][ T5785] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.130186][ T5785] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.140775][ T5785] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.150662][ T5785] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.551928][ T3589] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.560150][ T3589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.726503][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.735277][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.255045][ T5787] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 243.889024][ T3691] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.898626][ T3691] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.063436][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.071576][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.112580][ T4122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.120800][ T4122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.397709][ T4122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.406811][ T4122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.481997][ T4122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.490153][ T4122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.770171][ T3589] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.778514][ T3589] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.984307][ T5971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'. [ 244.993453][ T5971] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3'. [ 245.115103][ T5971] Zero length message leads to an empty skb [ 245.766339][ T4122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.775645][ T4122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.020397][ T3589] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.028699][ T3589] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.363523][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 247.707475][ T5999] netlink: 'syz.4.5': attribute type 1 has an invalid length. [ 247.715402][ T5999] netlink: 244 bytes leftover after parsing attributes in process `syz.4.5'. [ 254.236361][ T6027] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 257.650679][ T6055] warning: `syz.0.28' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 263.874352][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 264.004485][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 265.615232][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 265.871297][ T25] IPVS: starting estimator thread 0... [ 265.963414][ T6107] IPVS: using max 240 ests per chain, 12000 per kthread [ 266.539722][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 266.593872][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 266.744265][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 266.846842][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 269.617424][ T6141] fuse: Bad value for 'fd' [ 269.668987][ T6141] sctp: [Deprecated]: syz.0.64 (pid 6141) Use of int in max_burst socket option deprecated. [ 269.668987][ T6141] Use struct sctp_assoc_value instead [ 269.789165][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 269.813374][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 275.992537][ T6212] ===================================================== [ 275.999959][ T6212] BUG: KMSAN: uninit-value in batadv_get_vid+0x215/0x360 [ 276.007376][ T6212] batadv_get_vid+0x215/0x360 [ 276.012219][ T6212] batadv_interface_tx+0x31c/0x1db0 [ 276.017702][ T6212] dev_hard_start_xmit+0x247/0xa20 [ 276.023116][ T6212] __dev_queue_xmit+0x366a/0x57d0 [ 276.028361][ T6212] __bpf_redirect+0x1511/0x1690 [ 276.033495][ T6212] bpf_clone_redirect+0x37e/0x500 [ 276.038714][ T6212] ___bpf_prog_run+0x13fe/0xe0f0 [ 276.043982][ T6212] __bpf_prog_run512+0xc5/0xf0 [ 276.048905][ T6212] bpf_test_run+0x546/0xd20 [ 276.053667][ T6212] bpf_prog_test_run_skb+0x18fa/0x25a0 [ 276.059323][ T6212] bpf_prog_test_run+0x5e5/0xa30 [ 276.064513][ T6212] __sys_bpf+0x6aa/0xd90 [ 276.068943][ T6212] __x64_sys_bpf+0xa0/0xe0 [ 276.073633][ T6212] x64_sys_call+0x329c/0x3c30 [ 276.078484][ T6212] do_syscall_64+0xcd/0x1e0 [ 276.083272][ T6212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.089363][ T6212] [ 276.091771][ T6212] Uninit was created at: [ 276.096348][ T6212] kmem_cache_alloc_node_noprof+0x907/0xe00 [ 276.102426][ T6212] kmalloc_reserve+0x13d/0x4a0 [ 276.107489][ T6212] pskb_expand_head+0x226/0x1a60 [ 276.112577][ T6212] skb_ensure_writable+0x496/0x520 [ 276.117978][ T6212] bpf_clone_redirect+0x1c5/0x500 [ 276.123282][ T6212] ___bpf_prog_run+0x13fe/0xe0f0 [ 276.128435][ T6212] __bpf_prog_run512+0xc5/0xf0 [ 276.133446][ T6212] bpf_test_run+0x546/0xd20 [ 276.138139][ T6212] bpf_prog_test_run_skb+0x18fa/0x25a0 [ 276.143878][ T6212] bpf_prog_test_run+0x5e5/0xa30 [ 276.148975][ T6212] __sys_bpf+0x6aa/0xd90 [ 276.153502][ T6212] __x64_sys_bpf+0xa0/0xe0 [ 276.158097][ T6212] x64_sys_call+0x329c/0x3c30 [ 276.162943][ T6212] do_syscall_64+0xcd/0x1e0 [ 276.167745][ T6212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.173972][ T6212] [ 276.176414][ T6212] CPU: 1 UID: 0 PID: 6212 Comm: syz.0.90 Not tainted 6.13.0-syzkaller-07632-gaa22f4da2a46 #0 [ 276.186835][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 276.197218][ T6212] ===================================================== [ 276.204349][ T6212] Disabling lock debugging due to kernel taint [ 276.210620][ T6212] Kernel panic - not syncing: kmsan.panic set ... [ 276.217163][ T6212] CPU: 1 UID: 0 PID: 6212 Comm: syz.0.90 Tainted: G B 6.13.0-syzkaller-07632-gaa22f4da2a46 #0 [ 276.229012][ T6212] Tainted: [B]=BAD_PAGE [ 276.233364][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 276.243565][ T6212] Call Trace: [ 276.246943][ T6212] [ 276.249973][ T6212] dump_stack_lvl+0x216/0x2d0 [ 276.254827][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.261034][ T6212] dump_stack+0x1e/0x24 [ 276.265337][ T6212] panic+0x4e2/0xcf0 [ 276.269453][ T6212] ? kmsan_get_metadata+0x51/0x1c0 [ 276.274787][ T6212] kmsan_report+0x2c7/0x2d0 [ 276.279487][ T6212] ? filter_irq_stacks+0x60/0x1a0 [ 276.284727][ T6212] ? stack_depot_save_flags+0x2c/0x750 [ 276.290394][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.295798][ T6212] ? __msan_warning+0x95/0x120 [ 276.300744][ T6212] ? batadv_get_vid+0x215/0x360 [ 276.305761][ T6212] ? batadv_interface_tx+0x31c/0x1db0 [ 276.311314][ T6212] ? dev_hard_start_xmit+0x247/0xa20 [ 276.316801][ T6212] ? __dev_queue_xmit+0x366a/0x57d0 [ 276.322195][ T6212] ? __bpf_redirect+0x1511/0x1690 [ 276.327420][ T6212] ? bpf_clone_redirect+0x37e/0x500 [ 276.332807][ T6212] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 276.338125][ T6212] ? __bpf_prog_run512+0xc5/0xf0 [ 276.343231][ T6212] ? bpf_test_run+0x546/0xd20 [ 276.348079][ T6212] ? bpf_prog_test_run_skb+0x18fa/0x25a0 [ 276.353892][ T6212] ? bpf_prog_test_run+0x5e5/0xa30 [ 276.359166][ T6212] ? __sys_bpf+0x6aa/0xd90 [ 276.363789][ T6212] ? __x64_sys_bpf+0xa0/0xe0 [ 276.368571][ T6212] ? x64_sys_call+0x329c/0x3c30 [ 276.373771][ T6212] ? do_syscall_64+0xcd/0x1e0 [ 276.378633][ T6212] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.384912][ T6212] ? kmem_cache_free+0x401/0xdf0 [ 276.390032][ T6212] ? __kfree_skb+0x1f6/0x250 [ 276.394824][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.400242][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.406272][ T6212] ? batadv_interface_tx+0xc6/0x1db0 [ 276.411758][ T6212] ? filter_irq_stacks+0x60/0x1a0 [ 276.417003][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.422409][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.428441][ T6212] __msan_warning+0x95/0x120 [ 276.433223][ T6212] batadv_get_vid+0x215/0x360 [ 276.438078][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.444119][ T6212] batadv_interface_tx+0x31c/0x1db0 [ 276.449533][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.454957][ T6212] ? __pfx_batadv_interface_tx+0x10/0x10 [ 276.460787][ T6212] ? __pfx_batadv_interface_tx+0x10/0x10 [ 276.466637][ T6212] dev_hard_start_xmit+0x247/0xa20 [ 276.471976][ T6212] __dev_queue_xmit+0x366a/0x57d0 [ 276.477243][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.482748][ T6212] ? __dev_queue_xmit+0x3d6/0x57d0 [ 276.488097][ T6212] __bpf_redirect+0x1511/0x1690 [ 276.493170][ T6212] bpf_clone_redirect+0x37e/0x500 [ 276.498425][ T6212] ___bpf_prog_run+0x13fe/0xe0f0 [ 276.503613][ T6212] __bpf_prog_run512+0xc5/0xf0 [ 276.508550][ T6212] ? __schedule+0x203a/0x6a00 [ 276.513398][ T6212] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 276.519374][ T6212] ? stack_depot_save_flags+0x6db/0x750 [ 276.525138][ T6212] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 276.531675][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.537089][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.543135][ T6212] ? ktime_get+0x4c4/0x520 [ 276.547749][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.553162][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.559214][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.565241][ T6212] ? __pfx___bpf_prog_run512+0x10/0x10 [ 276.570881][ T6212] bpf_test_run+0x546/0xd20 [ 276.575548][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.580954][ T6212] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 276.587489][ T6212] ? kmsan_get_metadata+0x13e/0x1c0 [ 276.592891][ T6212] ? bpf_test_run+0x3af/0xd20 [ 276.597752][ T6212] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.603779][ T6212] bpf_prog_test_run_skb+0x18fa/0x25a0 [ 276.609454][ T6212] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 276.615526][ T6212] bpf_prog_test_run+0x5e5/0xa30 [ 276.620652][ T6212] __sys_bpf+0x6aa/0xd90 [ 276.625134][ T6212] __x64_sys_bpf+0xa0/0xe0 [ 276.629751][ T6212] x64_sys_call+0x329c/0x3c30 [ 276.634607][ T6212] do_syscall_64+0xcd/0x1e0 [ 276.639307][ T6212] ? clear_bhb_loop+0x25/0x80 [ 276.644179][ T6212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.650298][ T6212] RIP: 0033:0x7f4798d8cd29 [ 276.654843][ T6212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.674651][ T6212] RSP: 002b:00007f4799b90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 276.683274][ T6212] RAX: ffffffffffffffda RBX: 00007f4798fa5fa0 RCX: 00007f4798d8cd29 [ 276.691406][ T6212] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a [ 276.699522][ T6212] RBP: 00007f4798e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 276.707635][ T6212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.715751][ T6212] R13: 0000000000000000 R14: 00007f4798fa5fa0 R15: 00007ffe3bb878c8 [ 276.724082][ T6212] [ 276.727375][ T6212] Kernel Offset: disabled [ 276.731759][ T6212] Rebooting in 86400 seconds..