last executing test programs: 41.68476147s ago: executing program 3 (id=4): syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f911, 0x8000, '\x00', @string=&(0x7f00000000c0)}}) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB=' '], 0x9) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000180)='cdg\x00', 0x4) r1 = syz_usb_connect(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002d3d6a08c6050592ac29000000010902240003000000000904020000ff4f9b000904"], 0x0) r2 = getpid() syz_usb_control_io(r1, &(0x7f0000000380)={0x2c, &(0x7f0000000240)={0x0, 0x22, 0x3b, {0x3b, 0x4, "2161bc4e3d2c55973696e355c223e2a04177a27ca333b4fd3c6b79a0f1108183070605818069946b29dd19be2938ffe00d2c8f8c7f2fca8736"}}, &(0x7f00000001c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1c6769868b7724b3}}, &(0x7f00000002c0)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000300)={0x20, 0x29, 0xf, {0xf, 0x29, 0x9, 0x0, 0xa, 0x8, "761d0eea", "a98ff66b"}}, &(0x7f0000000340)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x9, 0x3, 0x8, 0x8, 0x89, 0x8000, 0xfffe}}}, &(0x7f00000008c0)={0x84, &(0x7f0000000440)={0x0, 0x10, 0xb, "cac1f381c10c2d64c23a7c"}, &(0x7f0000000480)={0x0, 0xa, 0x1}, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000000540)={0x20, 0x0, 0x4, {0x3, 0x1}}, &(0x7f0000000580)={0x20, 0x0, 0x8, {0x100, 0x1, [0xf0]}}, &(0x7f00000005c0)={0x40, 0x7, 0x2, 0x3}, &(0x7f0000000640)={0x40, 0x9, 0x1, 0xf}, &(0x7f0000000680)={0x40, 0xb, 0x2, "d077"}, &(0x7f00000006c0)={0x40, 0xf, 0x2, 0x9}, &(0x7f0000000700)={0x40, 0x13, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}}, &(0x7f0000000740)={0x40, 0x17, 0x6, @broadcast}, &(0x7f0000000780)={0x40, 0x19, 0x2, "c10a"}, &(0x7f00000007c0)={0x40, 0x1a, 0x2, 0x3}, &(0x7f0000000800)={0x40, 0x1c, 0x1, 0x5}, &(0x7f0000000840)={0x40, 0x1e, 0x1, 0x1}, &(0x7f0000000880)={0x40, 0x21, 0x1}}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB=' '], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x13, r3, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000a00)={0x2020, 0x0, 0x0, 0x0}, 0x2020) mount$9p_fd(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f00000009c0), 0x10000, &(0x7f0000002a40)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@nodevmap}, {@access_any}, {@version_L}, {@version_u}, {@cache_readahead}, {@afid={'afid', 0x3d, 0x4}}], [{@euid_gt={'euid>', r4}}, {@seclabel}, {@permit_directio}, {@context={'context', 0x3d, 'unconfined_u'}}, {@subj_role={'subj_role', 0x3d, '/dev/radio#\x00'}}, {@obj_role={'obj_role', 0x3d, '/dev/dri/card#\x00'}}]}}) sched_setscheduler(r2, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x28}, "dbaf8a5adb0b85512836dcbf19fd8ce485179cc8b9912027a89248a6cd79d2e7b4af418d40cc3bf8"}, 0x2c) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = syz_io_uring_setup(0xec4, &(0x7f00000003c0)={0x0, 0xfffffffc, 0x2, 0x3, 0x34b}, &(0x7f0000000500)=0x0, &(0x7f0000000600)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r7, 0x28c2, 0xe876, 0x3, &(0x7f0000000040)={[0xfffffffffffffffc]}, 0x8) connect$vsock_stream(r5, &(0x7f00000000c0)={0x28, 0x0, 0x0, @local}, 0x10) socket$inet6_mptcp(0xa, 0x1, 0x106) r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r9) ptrace$setregs(0x1a, r9, 0xb, 0x0) 41.577286073s ago: executing program 2 (id=3): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001140)={{0x12, 0x1, 0x0, 0xbd, 0xf7, 0x13, 0x8, 0x2770, 0x930c, 0x8d6a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2a, 0xc5, 0x98}}]}}]}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x8000002, 0x0, @private0}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x3a, &(0x7f00000003c0)=0xe03, 0x4) sendto$inet6(r1, 0x0, 0x0, 0x2200c041, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x10) sendto$inet6(r1, &(0x7f0000000080)="44f9", 0x2, 0x1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x24, &(0x7f00000000c0)={0x0, 0x13, 0x6, "fc19d02303f6"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 40.684778726s ago: executing program 0 (id=1): sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="50000000000118040000000000000000020000001800018014000180080001000000000008000200ac141400260002800c0002800500010000000000140001"], 0x50}}, 0x0) syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x3000000000002}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x40) r1 = syz_open_procfs(0x0, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_int(r2, 0x1, 0x25, 0x0, 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000280)=0x1) semctl$IPC_RMID(0x0, 0x0, 0x0) read$qrtrtun(r1, 0x0, 0x0) openat$cgroup_ro(r1, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x100}}) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@map, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x24, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK={0x4}]}, 0x24}}, 0x4004) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x51b, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc}, {0xc, 0x6}}}, @m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0xa0}}, 0x0) 39.465384871s ago: executing program 0 (id=6): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = syz_io_uring_setup(0x2312, &(0x7f0000000100)={0x0, 0x8bae, 0x8, 0x2, 0x27b, 0x0, r0}, &(0x7f0000000040), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_IOWQ_AFF(r1, 0x11, &(0x7f00000001c0)="15fbd48bd20e1722c244335cd82d5abe023d8829bdbc710d7b", 0x19) r2 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x34, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048c03}, 0x20004004) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x8, 0x0, 0x0, @vifc_lcl_ifindex=r3, @dev={0xac, 0x14, 0x14, 0x2f}}, 0x10) syz_init_net_socket$llc(0x1a, 0x3, 0x0) setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x1, 0x86, 0x1, @vifc_lcl_addr=@loopback, @local}, 0x10) 39.438943114s ago: executing program 1 (id=2): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) write$binfmt_format(r4, &(0x7f0000000300)='-1\x00', 0x1) r5 = syz_open_dev$swradio(0x0, 0x1, 0x2) ioctl$VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f00000002c0)={0xf0f044, 0x800}) r6 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r6, 0x107, 0xa, &(0x7f0000002040)=0x6, 0x4) r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r10 = dup(r9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r10, 0x2000) ioctl$KVM_PRE_FAULT_MEMORY(r8, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000}) 39.110901493s ago: executing program 4 (id=5): sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="50000000000118040000000000000000020000001800018014000180080001000000000008000200ac141400260002800c0002800500010000000000140001"], 0x50}}, 0x0) syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x3000000000002}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x40) r1 = syz_open_procfs(0x0, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_int(r2, 0x1, 0x25, 0x0, 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000280)=0x1) semctl$IPC_RMID(0x0, 0x0, 0x0) read$qrtrtun(r1, 0x0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80882) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x100}}) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@map, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x24, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK={0x4}]}, 0x24}}, 0x4004) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x51b, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc}, {0xc, 0x6}}}, @m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0xa0}}, 0x0) 38.996670978s ago: executing program 0 (id=7): socket$inet6_tcp(0xa, 0x1, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) close(0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') unshare(0x6a040000) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80) r1 = epoll_create1(0x0) r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r2, r0, 0x11, 0x0, r2}, 0x14) 38.557511897s ago: executing program 2 (id=8): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0xd2, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "5a8874", 0x9c, 0x88, 0x0, @private2, @mcast2, {[], {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "1102a8887a2c9305895b8cb59331cdffdf8e04142a112e9e8a24dbc3ec49d3a4", "2db6a193bcc7961b3d7ffdd654edbf06b88768a543517e85683cba3eacfc34c915f14e6909b49f9237345255b67d8e45", "381da35b3b5c874ffc044f7e6bdb47fd7e6379a64c0cc354322238af", {"a263753d250cfb21bd9221645c29f7d3", "432c3aac2290feba17bfa3643cdcbbfd"}}}}}}}}, 0x0) 37.486423849s ago: executing program 2 (id=9): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='dctcp\x00', 0x6) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f00000010c0)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000007c0)="02999344565d9c61d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e432bcb0330483c0604", 0x43}, {&(0x7f0000000f00)="ec75d081fcb70000000000000000bb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d5761910df91e34b3b98e2f71054226c3b00b9ee6ae29f0b07bc6fe7981126ca8e32b991faed3b0293e4004c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d401fe", 0x99}], 0x2}}], 0x1, 0x20008000) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x40, 0x2, {{0x0, 0xfc, 0x0, 0x1, 0xffffffff}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x7fff, 0x8, 0x5, 0xab272d79, 0x3}}]}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x70}}, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 37.415080066s ago: executing program 4 (id=10): rseq(&(0x7f0000000600)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) r0 = socket$kcm(0x2a, 0x2, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001200)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffd], [0x0, 0x8, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x5, 0x10, 0x4]}}]}}]}, 0x8c}}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$vhost_vsock(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001400070010000800130008000300080012"], 0x44}}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) socket$l2tp6(0xa, 0x2, 0x73) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000032680)=""/102400, 0x19000) fstat(0xffffffffffffffff, &(0x7f0000000200)) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c) sendto$inet6(r7, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000580)={0x41, 0x80}, 0xe) recvmmsg(r7, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f00000000c0), 0x1, &(0x7f00000003c0)=""/21, 0xfffffffffffffd7d}, 0x7}], 0x73d, 0x40000040, 0x0) r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000840)=[@text64={0x40, &(0x7f0000000080)="460f01f82ef30f09f3c11202656467660f3881b78e4a0000c42275bab10e000000b805000000b9000001000f01d9b8010000000f01c166450f38252eb9f30800000f320f2120", 0x46}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TCSETSW2(r3, 0x5408, 0x0) 36.936378442s ago: executing program 3 (id=11): shmctl$IPC_STAT(0x0, 0x2, 0x0) r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x10}, 0x18) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f0000000500)=""/85, 0x55, 0x0, &(0x7f0000000580)=""/147, 0x93}}, 0x10) bpf$TOKEN_CREATE(0x24, &(0x7f0000000780)={0x0, r0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x6, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, r0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x50) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, 0xffffffffffffffff, 0x2000) syz_io_uring_setup(0x470, &(0x7f00000008c0)={0x0, 0xcc6b, 0x800, 0x1, 0x10d}, &(0x7f0000000340)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r7 = socket$inet6(0xa, 0x1, 0x8010000000000084) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x1}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x64, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xfff9}, {0x5}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0xe895}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xfffffff7}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xff2}, @qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x8}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x0) close_range(r2, r5, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='p'], 0x70}, 0x1, 0x0, 0x0, 0x4000080}, 0x20048004) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r8, 0x6, 0x23, &(0x7f0000000480)={&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, &(0x7f0000000040)=0x40) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) r9 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0) 0s ago: executing program 32 (id=7): socket$inet6_tcp(0xa, 0x1, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) close(0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') unshare(0x6a040000) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80) r1 = epoll_create1(0x0) r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r2, r0, 0x11, 0x0, r2}, 0x14) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.206' (ED25519) to the list of known hosts. [ 95.517061][ T5824] cgroup: Unknown subsys name 'net' [ 95.652650][ T5824] cgroup: Unknown subsys name 'cpuset' [ 95.662202][ T5824] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 97.500908][ T982] cfg80211: failed to load regulatory.db [ 97.557143][ T5824] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 100.556722][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 100.566427][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 100.576010][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 100.584653][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 100.594273][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 100.602795][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 100.611316][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 100.629074][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 100.635523][ T5853] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 100.637291][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 100.653474][ T5853] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 100.662397][ T5853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 100.672677][ T5853] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 100.679253][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 100.681762][ T5853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 100.696640][ T5853] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 100.702518][ T5855] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 100.710025][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 100.714270][ T5855] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 100.719921][ T5853] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 100.727140][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 100.743642][ T5855] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 100.763199][ T5855] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 100.779477][ T5855] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 100.798836][ T5855] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 101.647121][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 101.669594][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 101.693010][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 101.723471][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 101.862546][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 102.052218][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.060813][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.070358][ T5844] bridge_slave_0: entered allmulticast mode [ 102.079163][ T5844] bridge_slave_0: entered promiscuous mode [ 102.111245][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.120472][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.128792][ T5842] bridge_slave_0: entered allmulticast mode [ 102.136344][ T5842] bridge_slave_0: entered promiscuous mode [ 102.156026][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.164279][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.172378][ T5844] bridge_slave_1: entered allmulticast mode [ 102.180953][ T5844] bridge_slave_1: entered promiscuous mode [ 102.221439][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.229187][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.237043][ T5842] bridge_slave_1: entered allmulticast mode [ 102.245681][ T5842] bridge_slave_1: entered promiscuous mode [ 102.312831][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.320886][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.328830][ T5848] bridge_slave_0: entered allmulticast mode [ 102.336194][ T5848] bridge_slave_0: entered promiscuous mode [ 102.360928][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.368750][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.376113][ T5839] bridge_slave_0: entered allmulticast mode [ 102.384479][ T5839] bridge_slave_0: entered promiscuous mode [ 102.407840][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.415979][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.424505][ T5843] bridge_slave_0: entered allmulticast mode [ 102.432588][ T5843] bridge_slave_0: entered promiscuous mode [ 102.456251][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.465031][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.473023][ T5848] bridge_slave_1: entered allmulticast mode [ 102.480746][ T5848] bridge_slave_1: entered promiscuous mode [ 102.489174][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.496997][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.505396][ T5839] bridge_slave_1: entered allmulticast mode [ 102.515088][ T5839] bridge_slave_1: entered promiscuous mode [ 102.525624][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.540797][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.550651][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.558193][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.566604][ T5843] bridge_slave_1: entered allmulticast mode [ 102.574573][ T5843] bridge_slave_1: entered promiscuous mode [ 102.586599][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.656506][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.758242][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.774348][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.786222][ T51] Bluetooth: hci0: command tx timeout [ 102.789975][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.805630][ T5842] team0: Port device team_slave_0 added [ 102.815904][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.831885][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.844704][ T5844] team0: Port device team_slave_0 added [ 102.854740][ T5844] team0: Port device team_slave_1 added [ 102.861199][ T5849] Bluetooth: hci3: command tx timeout [ 102.861275][ T5855] Bluetooth: hci2: command tx timeout [ 102.867093][ T5849] Bluetooth: hci1: command tx timeout [ 102.878584][ T51] Bluetooth: hci4: command tx timeout [ 102.900218][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.912492][ T5842] team0: Port device team_slave_1 added [ 103.023350][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.031344][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.061058][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.108954][ T5848] team0: Port device team_slave_0 added [ 103.120765][ T5839] team0: Port device team_slave_0 added [ 103.128741][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.135821][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.165755][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.191810][ T5843] team0: Port device team_slave_0 added [ 103.202791][ T5843] team0: Port device team_slave_1 added [ 103.210110][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.217989][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.246142][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.260745][ T5848] team0: Port device team_slave_1 added [ 103.267911][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.275582][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.304114][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.319143][ T5839] team0: Port device team_slave_1 added [ 103.425668][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.434177][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.465483][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.495655][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.503690][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.530961][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.555895][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.566180][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.595252][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.615491][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.623956][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.654374][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.682957][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.690218][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.718255][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.743491][ T5842] hsr_slave_0: entered promiscuous mode [ 103.750992][ T5842] hsr_slave_1: entered promiscuous mode [ 103.778026][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.785495][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.813626][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.924649][ T5844] hsr_slave_0: entered promiscuous mode [ 103.932817][ T5844] hsr_slave_1: entered promiscuous mode [ 103.940791][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.958618][ T5844] Cannot create hsr debugfs directory [ 104.033835][ T5839] hsr_slave_0: entered promiscuous mode [ 104.044599][ T5839] hsr_slave_1: entered promiscuous mode [ 104.052355][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.061216][ T5839] Cannot create hsr debugfs directory [ 104.141524][ T5848] hsr_slave_0: entered promiscuous mode [ 104.150659][ T5848] hsr_slave_1: entered promiscuous mode [ 104.157339][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.165878][ T5848] Cannot create hsr debugfs directory [ 104.202461][ T5843] hsr_slave_0: entered promiscuous mode [ 104.210026][ T5843] hsr_slave_1: entered promiscuous mode [ 104.216916][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.226210][ T5843] Cannot create hsr debugfs directory [ 104.817043][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 104.832934][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 104.847611][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 104.858971][ T5849] Bluetooth: hci0: command tx timeout [ 104.883227][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 104.947272][ T5849] Bluetooth: hci1: command tx timeout [ 104.953454][ T51] Bluetooth: hci4: command tx timeout [ 104.954706][ T5856] Bluetooth: hci3: command tx timeout [ 104.965857][ T5855] Bluetooth: hci2: command tx timeout [ 104.981707][ T5844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 105.005834][ T5844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 105.026184][ T5844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 105.041342][ T5844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 105.165452][ T5839] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 105.196207][ T5839] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 105.224456][ T5839] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 105.253840][ T5839] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 105.352330][ T5848] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.368128][ T5848] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.397190][ T5848] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.437258][ T5848] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.463576][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.571403][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.583342][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 105.601293][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.625729][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 105.636969][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 105.652541][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 105.684347][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.697087][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.739023][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.746500][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.796671][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.852159][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.860128][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.871316][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.879636][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.001256][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.092774][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.192922][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.200869][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.246609][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.254029][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.314565][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.386509][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.418951][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.472746][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.480267][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.493048][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.500919][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.566078][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.639976][ T1340] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.647726][ T1340] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.726380][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.734069][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.778136][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.805607][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.939307][ T5855] Bluetooth: hci0: command tx timeout [ 107.021324][ T5855] Bluetooth: hci4: command tx timeout [ 107.027734][ T5855] Bluetooth: hci1: command tx timeout [ 107.035438][ T5856] Bluetooth: hci2: command tx timeout [ 107.035868][ T51] Bluetooth: hci3: command tx timeout [ 107.095985][ T5842] veth0_vlan: entered promiscuous mode [ 107.127489][ T5842] veth1_vlan: entered promiscuous mode [ 107.197655][ T5844] veth0_vlan: entered promiscuous mode [ 107.244912][ T5844] veth1_vlan: entered promiscuous mode [ 107.325996][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.399530][ T5842] veth0_macvtap: entered promiscuous mode [ 107.474221][ T5842] veth1_macvtap: entered promiscuous mode [ 107.556252][ T5844] veth0_macvtap: entered promiscuous mode [ 107.574047][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.597551][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.607621][ T5844] veth1_macvtap: entered promiscuous mode [ 107.630787][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.687984][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.735245][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.748107][ T5842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.763703][ T5842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.774460][ T5842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.785599][ T5842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.854414][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.950349][ T5844] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.960913][ T5844] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.977601][ T5844] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.989464][ T5844] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.087390][ T5848] veth0_vlan: entered promiscuous mode [ 108.136116][ T5848] veth1_vlan: entered promiscuous mode [ 108.150005][ T5843] veth0_vlan: entered promiscuous mode [ 108.244321][ T5843] veth1_vlan: entered promiscuous mode [ 108.275638][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.288253][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.332391][ T1340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.342384][ T1340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.388373][ T1340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.400413][ T1340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.467357][ T5839] veth0_vlan: entered promiscuous mode [ 108.516088][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.523394][ T5844] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 108.548054][ T5848] veth0_macvtap: entered promiscuous mode [ 108.556103][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.567369][ T5848] veth1_macvtap: entered promiscuous mode [ 108.582963][ T5839] veth1_vlan: entered promiscuous mode [ 108.657502][ T5843] veth0_macvtap: entered promiscuous mode [ 108.686627][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.702805][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.738048][ T5843] veth1_macvtap: entered promiscuous mode [ 108.785297][ T5848] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.798688][ T5848] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.807728][ T5848] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.837025][ T5848] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.916864][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.953159][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.977654][ T5839] veth0_macvtap: entered promiscuous mode [ 108.994212][ T5843] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.006836][ T5843] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.020087][ T51] Bluetooth: hci0: command tx timeout [ 109.027688][ T5843] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.041063][ T5843] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.079891][ T5839] veth1_macvtap: entered promiscuous mode [ 109.100298][ T51] Bluetooth: hci3: command tx timeout [ 109.100379][ T5849] Bluetooth: hci2: command tx timeout [ 109.107873][ T5855] Bluetooth: hci4: command tx timeout [ 109.119204][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 109.125891][ T5856] Bluetooth: hci1: command tx timeout [ 109.134272][ T5905] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 109.188653][ T1340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.198134][ T1340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.293308][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.307004][ T1340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.310829][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.327346][ T1340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.328990][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 109.344340][ T5905] usb 4-1: Using ep0 maxpacket: 8 [ 109.358272][ T5905] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 109.386391][ T5905] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 3 [ 109.398261][ T5905] usb 4-1: config 0 has no interface number 1 [ 109.401234][ T5839] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.412363][ T5905] usb 4-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 109.432305][ T5839] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.436766][ T5905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.443997][ T5839] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.444038][ T5839] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.468330][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.496904][ T9] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 109.516248][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.525785][ T9] usb 3-1: Product: syz [ 109.531561][ T9] usb 3-1: Manufacturer: syz [ 109.545261][ T9] usb 3-1: SerialNumber: syz [ 109.551772][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.564241][ T5905] usb 4-1: config 0 descriptor?? [ 109.574040][ T9] usb 3-1: config 0 descriptor?? [ 109.600485][ T5905] usb 4-1: unknown number of interfaces: 2 [ 109.621271][ T9] gspca_main: sq930x-2.14.0 probing 2770:930c [ 109.718644][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.765542][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.888537][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 110.338464][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 110.392008][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 110.494603][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 110.539080][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 110.648075][ T9] gspca_sq930x: ucbus_write failed -71 [ 110.657654][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.670742][ T9] sq930x 3-1:0.0: probe with driver sq930x failed with error -71 [ 110.677433][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.727947][ T9] usb 3-1: USB disconnect, device number 2 [ 110.922954][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.978442][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.106442][ T5968] ip6tnl0: entered allmulticast mode [ 111.139791][ T5968] ip6tnl0: left allmulticast mode [ 111.519671][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 111.530960][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 111.825689][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 112.133656][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 112.591108][ T5974] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 112.645607][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 112.804659][ T5898] usb 4-1: USB disconnect, device number 2 [ 117.051443][ T5848] sched: DL replenish lagged too much [ 134.948228][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 135.540903][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.992269][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 258.128354][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 258.137235][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5970/1:b..l P5824/1:b..l [ 258.148146][ C0] rcu: (detected by 0, t=10503 jiffies, g=12449, q=856383 ncpus=2) [ 258.156948][ C0] task:syz-executor state:R running task stack:21544 pid:5824 tgid:5824 ppid:5823 task_flags:0x400100 flags:0x00004002 [ 258.174368][ C0] Call Trace: [ 258.177999][ C0] [ 258.181899][ C0] __schedule+0x16aa/0x4c90 [ 258.187401][ C0] ? preempt_schedule_irq+0xb5/0x150 [ 258.193834][ C0] ? __pfx___schedule+0x10/0x10 [ 258.200282][ C0] ? __lock_acquire+0xab9/0xd20 [ 258.205562][ C0] ? preempt_schedule_irq+0xaa/0x150 [ 258.211746][ C0] preempt_schedule_irq+0xb5/0x150 [ 258.217497][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 258.224159][ C0] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 258.230469][ C0] irqentry_exit+0x6f/0x90 [ 258.235424][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 258.242830][ C0] RIP: 0010:unwind_next_frame+0x131c/0x2390 [ 258.249145][ C0] Code: 00 00 00 00 49 01 ef 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 75 27 49 63 07 4c 01 f8 49 8d 4f 04 <4c> 39 e0 48 0f 46 e9 49 8d 47 fc 48 0f 47 d8 4d 0f 46 ef 48 39 dd [ 258.270808][ C0] RSP: 0018:ffffc9000434f738 EFLAGS: 00000283 [ 258.278105][ C0] RAX: ffffffff82201eea RBX: ffffffff8fbd1fb0 RCX: ffffffff8fbd1fb4 [ 258.287512][ C0] RDX: ffffffff8fbd1fb0 RSI: ffffffff903d0734 RDI: ffffffff8be1b9e0 [ 258.297242][ C0] RBP: ffffffff8fbd1fb0 R08: 0000000000000001 R09: ffffffff8172aae5 [ 258.305889][ C0] R10: ffffc9000434f858 R11: ffffffff81acfd40 R12: ffffffff82201f76 [ 258.314459][ C0] R13: ffffffff8fbd1fb0 R14: ffffc9000434f808 R15: ffffffff8fbd1fb0 [ 258.322819][ C0] ? qlist_free_all+0x96/0x140 [ 258.328880][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 258.335788][ C0] ? unwind_next_frame+0xa5/0x2390 [ 258.341238][ C0] ? qlist_free_all+0xa/0x140 [ 258.346763][ C0] ? unwind_next_frame+0xd4/0x2390 [ 258.352372][ C0] ? unwind_next_frame+0xa5/0x2390 [ 258.357875][ C0] ? qlist_free_all+0x97/0x140 [ 258.363052][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 258.371091][ C0] arch_stack_walk+0x11c/0x150 [ 258.376883][ C0] ? qlist_free_all+0x97/0x140 [ 258.382232][ C0] stack_trace_save+0x9c/0xe0 [ 258.387056][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 258.393576][ C0] save_stack+0xf7/0x1f0 [ 258.398620][ C0] ? __pfx_save_stack+0x10/0x10 [ 258.404919][ C0] ? __free_frozen_pages+0xc65/0xe60 [ 258.410963][ C0] ? __put_partials+0x161/0x1c0 [ 258.417771][ C0] ? put_cpu_partial+0x17c/0x250 [ 258.424881][ C0] ? __slab_free+0x2f7/0x400 [ 258.430156][ C0] ? qlist_free_all+0x97/0x140 [ 258.435965][ C0] ? page_ext_put+0x97/0xc0 [ 258.441592][ C0] __reset_page_owner+0x71/0x1f0 [ 258.447611][ C0] __free_frozen_pages+0xc65/0xe60 [ 258.453504][ C0] __put_partials+0x161/0x1c0 [ 258.458947][ C0] put_cpu_partial+0x17c/0x250 [ 258.464306][ C0] ? put_cpu_partial+0x6d/0x250 [ 258.469758][ C0] __slab_free+0x2f7/0x400 [ 258.476739][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 258.483902][ C0] ? __phys_addr+0xd3/0x180 [ 258.488730][ C0] qlist_free_all+0x97/0x140 [ 258.493917][ C0] kasan_quarantine_reduce+0x148/0x160 [ 258.499797][ C0] __kasan_slab_alloc+0x22/0x80 [ 258.505322][ C0] __kmalloc_cache_noprof+0x1be/0x3d0 [ 258.511468][ C0] ? alloc_pipe_info+0xe9/0x4d0 [ 258.516739][ C0] alloc_pipe_info+0xe9/0x4d0 [ 258.522706][ C0] create_pipe_files+0x8a/0x760 [ 258.528466][ C0] ? rcu_is_watching+0x15/0xb0 [ 258.533831][ C0] __do_pipe_flags+0x4c/0x2d0 [ 258.538750][ C0] do_pipe2+0x9c/0x170 [ 258.543235][ C0] ? __pfx_do_pipe2+0x10/0x10 [ 258.548790][ C0] __x64_sys_pipe2+0x5a/0x70 [ 258.553970][ C0] do_syscall_64+0xfa/0x3b0 [ 258.559373][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 258.565346][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.572020][ C0] ? clear_bhb_loop+0x60/0xb0 [ 258.577505][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.583900][ C0] RIP: 0033:0x7fd5c2d8d889 [ 258.588698][ C0] RSP: 002b:00007ffdbe3ed498 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 258.598874][ C0] RAX: ffffffffffffffda RBX: 0000555561a6bad0 RCX: 00007fd5c2d8d889 [ 258.607339][ C0] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 00007ffdbe3ed4a8 [ 258.615975][ C0] RBP: 00007ffdbe3ed860 R08: 0000000000000007 R09: 0000555561a6def0 [ 258.624192][ C0] R10: be8dc1ba389931ff R11: 0000000000000246 R12: 00007ffdbe3ed8c0 [ 258.632312][ C0] R13: 0000555561a704e0 R14: 00007ffdbe3ed5e0 R15: 0000555561a6e4a8 [ 258.640983][ C0] [ 258.644839][ C0] task:syz.1.2 state:R running task stack:24952 pid:5970 tgid:5967 ppid:5843 task_flags:0x40044c flags:0x00004006 [ 258.659812][ C0] Call Trace: [ 258.663585][ C0] [ 258.667078][ C0] __schedule+0x16aa/0x4c90 [ 258.675071][ C0] ? free_pages_and_swap_cache+0x4be/0x520 [ 258.682556][ C0] ? preempt_schedule_common+0x83/0xd0 [ 258.689647][ C0] ? __pfx___schedule+0x10/0x10 [ 258.695914][ C0] ? do_raw_spin_lock+0x121/0x290 [ 258.701652][ C0] ? preempt_schedule+0xae/0xc0 [ 258.707002][ C0] preempt_schedule_common+0x83/0xd0 [ 258.712591][ C0] preempt_schedule+0xae/0xc0 [ 258.717652][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 258.723704][ C0] preempt_schedule_thunk+0x16/0x30 [ 258.729430][ C0] _raw_spin_unlock+0x3f/0x50 [ 258.734635][ C0] unmap_page_range+0x3842/0x41c0 [ 258.740827][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 258.746803][ C0] ? unmap_vmas+0x144/0x580 [ 258.751629][ C0] unmap_vmas+0x399/0x580 [ 258.756401][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 258.761972][ C0] exit_mmap+0x248/0xb50 [ 258.766814][ C0] ? uprobe_clear_state+0x20f/0x290 [ 258.772872][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 258.778051][ C0] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 258.784193][ C0] ? __pfx_exit_aio+0x10/0x10 [ 258.789020][ C0] ? uprobe_clear_state+0x274/0x290 [ 258.794327][ C0] ? mm_update_next_owner+0xa7/0x870 [ 258.800041][ C0] __mmput+0x118/0x410 [ 258.804561][ C0] exit_mm+0x1da/0x2c0 [ 258.808983][ C0] ? __pfx_exit_mm+0x10/0x10 [ 258.814082][ C0] ? rcu_is_watching+0x15/0xb0 [ 258.819445][ C0] do_exit+0x648/0x22e0 [ 258.823775][ C0] ? do_raw_spin_lock+0x121/0x290 [ 258.829630][ C0] ? __pfx_do_exit+0x10/0x10 [ 258.835115][ C0] do_group_exit+0x21c/0x2d0 [ 258.840791][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 258.846299][ C0] get_signal+0x125e/0x1310 [ 258.851170][ C0] arch_do_signal_or_restart+0x9a/0x750 [ 258.857063][ C0] ? count_memcg_event_mm+0x21/0x260 [ 258.862795][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 258.869437][ C0] ? exit_to_user_mode_loop+0x40/0x110 [ 258.875666][ C0] exit_to_user_mode_loop+0x75/0x110 [ 258.881280][ C0] do_syscall_64+0x2bd/0x3b0 [ 258.886549][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 258.892061][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.898613][ C0] ? clear_bhb_loop+0x60/0xb0 [ 258.903531][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.909997][ C0] RIP: 0033:0x7f502878eb69 [ 258.914534][ C0] RSP: 002b:00007f50295a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 258.923701][ C0] RAX: 0000000000009f8d RBX: 00007f50289b6080 RCX: 00007f502878eb69 [ 258.931829][ C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 258.940334][ C0] RBP: 00007f5028811df1 R08: 0000000000000000 R09: 0000000000000000 [ 258.949410][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 258.958494][ C0] R13: 0000000000000001 R14: 00007f50289b6080 R15: 00007ffdfdff02b8 [ 258.970416][ C0] [ 258.973883][ C0] rcu: rcu_preempt kthread starved for 4239 jiffies! g12449 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 258.990680][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 259.001577][ C0] rcu: RCU grace-period kthread stack dump: [ 259.008905][ C0] task:rcu_preempt state:R running task stack:27128 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 259.023520][ C0] Call Trace: [ 259.027467][ C0] [ 259.031860][ C0] __schedule+0x16aa/0x4c90 [ 259.036947][ C0] ? preempt_schedule_irq+0xb5/0x150 [ 259.043066][ C0] ? __pfx___schedule+0x10/0x10 [ 259.048632][ C0] ? __lock_acquire+0xab9/0xd20 [ 259.054070][ C0] ? __lock_acquire+0xab9/0xd20 [ 259.059592][ C0] ? preempt_schedule_irq+0xaa/0x150 [ 259.065343][ C0] preempt_schedule_irq+0xb5/0x150 [ 259.071571][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 259.077634][ C0] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 259.083788][ C0] irqentry_exit+0x6f/0x90 [ 259.088331][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 259.094895][ C0] RIP: 0010:rcu_gp_fqs_loop+0x280/0x1540 [ 259.101326][ C0] Code: 00 00 48 8b 84 24 88 00 00 00 80 3c 30 00 4c 8d b4 24 c8 00 00 00 74 12 4c 89 f7 e8 1a a0 77 00 48 be 00 00 00 00 00 fc ff df <4c> 89 b4 24 c8 00 00 00 48 8b 84 24 80 00 00 00 80 3c 30 00 74 0d [ 259.123279][ C0] RSP: 0018:ffffc90000157b60 EFLAGS: 00000246 [ 259.130640][ C0] RAX: 1ffff9200002af85 RBX: 0000000000000001 RCX: 0000000000000002 [ 259.139044][ C0] RDX: 0000000000000001 RSI: dffffc0000000000 RDI: ffffffff8be1ba40 [ 259.148483][ C0] RBP: ffffc90000157cb0 R08: ffffffff8fa0b3f7 R09: 1ffffffff1f4167e [ 259.157998][ C0] R10: dffffc0000000000 R11: fffffbfff1f4167f R12: ffffffff8e144980 [ 259.166904][ C0] R13: ffffffff8e144530 R14: ffffc90000157c28 R15: 0000000000000000 [ 259.178298][ C0] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 259.185656][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 259.192498][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 259.198919][ C0] rcu_gp_kthread+0x99/0x390 [ 259.203949][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 259.209818][ C0] ? __kthread_parkme+0x7b/0x200 [ 259.215270][ C0] ? __kthread_parkme+0x1a1/0x200 [ 259.220987][ C0] kthread+0x70e/0x8a0 [ 259.226510][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 259.235368][ C0] ? __pfx_kthread+0x10/0x10 [ 259.243913][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 259.251289][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 259.258491][ C0] ? __pfx_kthread+0x10/0x10 [ 259.263691][ C0] ret_from_fork+0x3fc/0x770 [ 259.268521][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 259.274210][ C0] ? __switch_to_asm+0x39/0x70 [ 259.279216][ C0] ? __switch_to_asm+0x33/0x70 [ 259.284467][ C0] ? __pfx_kthread+0x10/0x10 [ 259.289554][ C0] ret_from_fork_asm+0x1a/0x30 [ 259.294741][ C0] [ 259.298062][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 259.304958][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 259.315235][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 259.327507][ C0] RIP: 0010:lock_is_held_type+0x137/0x190 [ 259.334432][ C0] Code: 01 75 44 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 4c 41 f7 c4 00 02 00 00 74 01 fb 65 48 8b 05 f9 02 36 07 <48> 3b 44 24 08 75 43 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f [ 259.356873][ C0] RSP: 0018:ffffc90000006c28 EFLAGS: 00000206 [ 259.363596][ C0] RAX: 1a51038c9f649500 RBX: 0000000000000000 RCX: 1a51038c9f649500 [ 259.372840][ C0] RDX: 0000000000000100 RSI: ffffffff8db6fcc6 RDI: ffffffff8be1ba40 [ 259.381673][ C0] RBP: 00000000ffffffff R08: 0000000000000000 R09: ffffffff89d4ca86 [ 259.389964][ C0] R10: ffffc90000006da0 R11: fffff52000000dba R12: 0000000000000246 [ 259.398776][ C0] R13: ffffffff8de95280 R14: ffffffff8f509f08 R15: 0000000000000004 [ 259.407665][ C0] FS: 0000000000000000(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000 [ 259.417970][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 259.425735][ C0] CR2: 000020000027e430 CR3: 0000000027318000 CR4: 00000000003526f0 [ 259.435526][ C0] Call Trace: [ 259.439367][ C0] [ 259.442343][ C0] lockdep_rtnl_is_held+0x1b/0x40 [ 259.447764][ C0] fib_lookup+0x17e/0x440 [ 259.453198][ C0] ? fib_lookup+0x76/0x440 [ 259.458550][ C0] ip_route_output_key_hash_rcu+0x2fb/0x23a0 [ 259.464869][ C0] ? ip_route_output_key_hash+0xde/0x2e0 [ 259.471312][ C0] ? ip_route_output_key_hash+0xde/0x2e0 [ 259.477810][ C0] ip_route_output_key_hash+0x1b9/0x2e0 [ 259.484897][ C0] ? __lock_acquire+0xab9/0xd20 [ 259.490368][ C0] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 259.497244][ C0] ? ip_route_me_harder+0x494/0xfe0 [ 259.502956][ C0] ip_route_output_flow+0x2a/0x150 [ 259.508410][ C0] ? ip_route_me_harder+0x6a7/0xfe0 [ 259.514098][ C0] ip_route_me_harder+0x6b9/0xfe0 [ 259.519626][ C0] ? __pfx_ip_route_me_harder+0x10/0x10 [ 259.525746][ C0] synproxy_send_tcp+0x359/0x6c0 [ 259.531052][ C0] synproxy_send_client_synack+0x8bb/0xe20 [ 259.537563][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 259.544395][ C0] ? nft_xfrm_get_dump+0xa8/0x280 [ 259.550196][ C0] ? synproxy_pernet+0x45/0x270 [ 259.557295][ C0] nft_synproxy_eval_v4+0x36e/0x560 [ 259.563462][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 259.570729][ C0] ? nf_ip_checksum+0x13c/0x510 [ 259.576468][ C0] nft_synproxy_do_eval+0x345/0x570 [ 259.582643][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 259.588953][ C0] ? queue_work_on+0x115/0x270 [ 259.595009][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 259.600617][ C0] ? queue_work_on+0x1ed/0x270 [ 259.605573][ C0] nft_do_chain+0x409/0x1920 [ 259.611005][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 259.616530][ C0] ? __local_bh_enable_ip+0x12d/0x1c0 [ 259.622474][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 259.629589][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 259.635680][ C0] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 259.642396][ C0] nft_do_chain_inet+0x25d/0x340 [ 259.648920][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 259.656185][ C0] ? ipt_do_table+0x2a3/0x1630 [ 259.661883][ C0] ? nf_nat_ipv4_local_in+0x223/0x720 [ 259.668483][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 259.674693][ C0] nf_hook_slow+0xc5/0x220 [ 259.679624][ C0] NF_HOOK+0x206/0x3a0 [ 259.684372][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 259.692243][ C0] ? NF_HOOK+0x9a/0x3a0 [ 259.697435][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 259.704016][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 259.710557][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 259.716976][ C0] ? skb_dst+0x4f/0xd0 [ 259.721637][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 259.727775][ C0] NF_HOOK+0x30c/0x3a0 [ 259.732441][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 259.738320][ C0] ? NF_HOOK+0x9a/0x3a0 [ 259.743467][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 259.748768][ C0] ? ip_rcv_core+0x7f7/0xd00 [ 259.755474][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 259.762111][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 259.767063][ C0] __netif_receive_skb+0x143/0x380 [ 259.772960][ C0] ? process_backlog+0x2d5/0x14f0 [ 259.778738][ C0] process_backlog+0x60e/0x14f0 [ 259.785552][ C0] ? __pfx_process_backlog+0x10/0x10 [ 259.792488][ C0] ? do_raw_spin_lock+0x121/0x290 [ 259.797858][ C0] __napi_poll+0xc4/0x480 [ 259.802618][ C0] ? net_rx_action+0x46d/0xe30 [ 259.807975][ C0] net_rx_action+0x707/0xe30 [ 259.813508][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 259.820216][ C0] handle_softirqs+0x283/0x870 [ 259.825322][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 259.831780][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 259.837870][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 259.843765][ C0] __irq_exit_rcu+0xca/0x1f0 [ 259.848851][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 259.854570][ C0] irq_exit_rcu+0x9/0x30 [ 259.859191][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 259.865391][ C0] [ 259.868558][ C0] [ 259.871785][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 259.878076][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 259.884553][ C0] Code: 53 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 ad 21 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 259.907060][ C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2 [ 259.914077][ C0] RAX: 1a51038c9f649500 RBX: ffffffff81976918 RCX: 1a51038c9f649500 [ 259.923415][ C0] RDX: 0000000000000001 RSI: ffffffff8d982fba RDI: ffffffff8be1ba40 [ 259.932943][ C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb [ 259.943437][ C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa0b3f0 [ 259.952620][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50 [ 259.963474][ C0] ? do_idle+0x1e8/0x510 [ 259.968934][ C0] default_idle+0x13/0x20 [ 259.975768][ C0] default_idle_call+0x74/0xb0 [ 259.981492][ C0] do_idle+0x1e8/0x510 [ 259.987147][ C0] ? __pfx_do_idle+0x10/0x10 [ 259.993679][ C0] cpu_startup_entry+0x44/0x60 [ 260.001368][ C0] rest_init+0x2de/0x300 [ 260.006956][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 260.013107][ C0] start_kernel+0x47d/0x500 [ 260.020301][ C0] x86_64_start_reservations+0x24/0x30 [ 260.027138][ C0] x86_64_start_kernel+0x143/0x1c0 [ 260.033178][ C0] common_startup_64+0x13e/0x147 [ 260.038913][ C0]