last executing test programs: 3.725092569s ago: executing program 0 (id=237): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400adfd8a987e40da", 0xd}], 0x1) r3 = socket$inet6(0xa, 0x1, 0x100) sendto$inet6(r3, 0x0, 0x0, 0x20004840, 0x0, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x4) write$binfmt_misc(r1, &(0x7f0000000280), 0xff36) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) 3.490322862s ago: executing program 0 (id=242): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000300008385"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000480)={0x38, r1, 0x10ada85e65c25349, 0x0, 0x8000000, {{0x6b}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}]}]}]}]}, 0x38}}, 0x0) 3.45915741s ago: executing program 0 (id=244): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x6, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x4, [{0x0, 0x1}]}, @typedef={0x0, 0x0, 0x0, 0x5}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) 3.419440124s ago: executing program 0 (id=245): rt_sigaction(0x40000d, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000300)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) io_setup(0x9, &(0x7f0000000080)=0x0) eventfd2(0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000e40)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}]) 3.196038361s ago: executing program 4 (id=250): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800000000000045, 0x0) r4 = socket(0x10, 0x803, 0x0) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x381, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x5032}) io_setup(0x11, &(0x7f0000000180)=0x0) io_submit(r7, 0x2, &(0x7f00000006c0)=[&(0x7f00000000c0)={0x20000000, 0x0, 0x7, 0x8, 0x0, r6, &(0x7f0000000080)='\x00', 0x1}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0xc99e, r5, &(0x7f0000000000)="8d98bc", 0x3, 0xb, 0x0, 0xd97393af9ce72a1d}]) sendmsg$nl_route(r4, 0x0, 0x0) 2.299642939s ago: executing program 4 (id=260): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x34, 0x16, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x44, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_hsr\x00'}, {0x14, 0x1, 'caif0\x00'}, {0x14, 0x1, 'veth1\x00'}]}]}]}], {0x14, 0x10}}, 0xec}, 0x1, 0x0, 0x0, 0x804}, 0x40000) 2.172626001s ago: executing program 4 (id=261): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x40, 0x0, 0x0, 0x204}, {0x6, 0x0, 0x0, 0x6}]}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendmmsg$inet(r1, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r1, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0) 2.157761311s ago: executing program 3 (id=262): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 2.028619314s ago: executing program 4 (id=264): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x0, 0x600000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x9}, 0x10, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xb9ff}) write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r2 = syz_open_pts(r1, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x70a5d578eea689e3, 0x100) r4 = dup3(r2, r3, 0x0) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17) 1.987690074s ago: executing program 3 (id=265): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0) 1.754073018s ago: executing program 3 (id=267): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="01004863a4fa9646ecf32e75"], 0x15) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 1.623870149s ago: executing program 3 (id=268): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)={0x18, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x4}]}, 0x18}}, 0x0) 1.440632848s ago: executing program 3 (id=269): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) statfs(&(0x7f0000000180)='./bus\x00', &(0x7f00000065c0)=""/123) 1.202242423s ago: executing program 3 (id=270): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800000000000045, 0x0) r3 = socket(0x10, 0x803, 0x0) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x381, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x5032}) io_setup(0x11, &(0x7f0000000180)=0x0) io_submit(r6, 0x2, &(0x7f00000006c0)=[&(0x7f00000000c0)={0x20000000, 0x0, 0x7, 0x8, 0x0, r5, &(0x7f0000000080)='\x00', 0x1}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0xc99e, r4, &(0x7f0000000000)="8d98bc", 0x3, 0xb, 0x0, 0xd97393af9ce72a1d}]) sendmsg$nl_route(r3, 0x0, 0x0) 1.177529083s ago: executing program 2 (id=271): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a700000008000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f00000000c0), 0xfffffff4) 1.027448085s ago: executing program 2 (id=272): syz_io_uring_submit(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(0xffffffffffffffff, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@mask_cswp={0x58, 0x114, 0x9, {{0x4c, 0x1}, 0x0, 0x0, 0x6, 0x7, 0x55, 0x3, 0x51, 0x7fffffffffffffff}}], 0x58}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="3989a13630365c61a84114d264aea1790b16a629339f6b33f5051b7353990335f55b01dcb324508e62ff29c69255603980fbff4193672fcc6d3cbaad8ff80a0bcc5fc9f0e73f290c386773f6558dcb9fc2699032b4b3686034e6", @ANYRES32=0x0, @ANYBLOB], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00'}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001c40)="d80000001c0081064e81f782db44b9040a1d08041100000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) 849.956575ms ago: executing program 4 (id=274): setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x40, 0x0, 0x0, 0x204}, {0x6, 0x0, 0x0, 0x6}]}, 0x10) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendmmsg$inet(r0, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r0, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0) 762.176133ms ago: executing program 1 (id=275): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 738.111877ms ago: executing program 2 (id=276): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x1, 0x803, 0x0) pipe(&(0x7f0000000100)) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x50}}, 0x0) 717.913001ms ago: executing program 0 (id=277): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x300000b, 0x10012, r1, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/74, 0x32a000, 0x800}, 0x20) 701.762455ms ago: executing program 1 (id=278): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="01004863a4fa9646ecf32e75"], 0x15) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 664.09818ms ago: executing program 4 (id=279): unshare(0x68040200) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) socket(0x10, 0x803, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f00000006c0), &(0x7f0000000700)='%pS \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) futex(&(0x7f000000cffc)=0x25a, 0x800000000006, 0x0, 0x0, 0x0, 0x0) r3 = socket$inet6(0xa, 0x5, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10) write$cgroup_int(r2, &(0x7f0000000000)=0xfe8e, 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37438e486dd63"], 0xfdef) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 584.911152ms ago: executing program 1 (id=280): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x2, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x4, [{0x0, 0x1}]}, @typedef={0x0, 0x0, 0x0, 0x5}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}]}}, 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) 453.282566ms ago: executing program 2 (id=281): fsopen(&(0x7f00000000c0)='nfsd\x00', 0x0) 428.509553ms ago: executing program 0 (id=282): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a700000008000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f00000000c0), 0xfffffff4) 382.268996ms ago: executing program 1 (id=283): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x80000) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 290.203667ms ago: executing program 2 (id=284): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141602089f034d2f87e5440c0cab845013f2325f1a39010702038da1880525181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 227.843156ms ago: executing program 1 (id=285): socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f00005c1000/0x1000)=nil, 0x1000, 0x13, 0x810, 0xffffffffffffffff, 0xa2bcc000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1c, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18aa0000000100"/18], &(0x7f0000000300)='GPL\x00', 0xa, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) socket$inet(0x2, 0x2, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001500)=ANY=[@ANYBLOB="38010000100033060000000000000000ffffffff000000000000000000000000e000000200000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000032000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018836c3f4b0c0a5f0000000000000000000000000000000000000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) 55.856979ms ago: executing program 2 (id=286): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b6fffec850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}}, 0x0) 0s ago: executing program 1 (id=287): rt_sigaction(0x40000d, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000300)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) io_setup(0x9, &(0x7f0000000080)=0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000e40)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}]) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.235' (ED25519) to the list of known hosts. [ 52.884016][ T5815] cgroup: Unknown subsys name 'net' [ 52.997463][ T5815] cgroup: Unknown subsys name 'cpuset' [ 53.005667][ T5815] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 54.295270][ T5815] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.407101][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 56.407974][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 56.420289][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 56.431257][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 56.439534][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 56.442427][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 56.447320][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 56.456997][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 56.462481][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 56.467662][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 56.476140][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 56.483940][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 56.490120][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.496558][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 56.503143][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 56.512312][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 56.519341][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 56.523542][ T5842] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 56.531371][ T5845] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 56.545970][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 56.546105][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 56.553205][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.563542][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 56.576662][ T5845] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 56.577192][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 56.593039][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 56.600874][ T5842] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 56.608713][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 56.616251][ T5845] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 56.624515][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 57.027651][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 57.054603][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 57.151433][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 57.168602][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 57.237838][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 57.270223][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.278399][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.285959][ T5833] bridge_slave_0: entered allmulticast mode [ 57.292570][ T5833] bridge_slave_0: entered promiscuous mode [ 57.318892][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.326292][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.333448][ T5825] bridge_slave_0: entered allmulticast mode [ 57.340388][ T5825] bridge_slave_0: entered promiscuous mode [ 57.348714][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.355901][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.363106][ T5825] bridge_slave_1: entered allmulticast mode [ 57.370221][ T5825] bridge_slave_1: entered promiscuous mode [ 57.380442][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.388039][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.395388][ T5833] bridge_slave_1: entered allmulticast mode [ 57.402120][ T5833] bridge_slave_1: entered promiscuous mode [ 57.468705][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.494650][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.517186][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.526916][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.534833][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.541994][ T5843] bridge_slave_0: entered allmulticast mode [ 57.549187][ T5843] bridge_slave_0: entered promiscuous mode [ 57.559086][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.603255][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.610583][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.618226][ T5843] bridge_slave_1: entered allmulticast mode [ 57.625083][ T5843] bridge_slave_1: entered promiscuous mode [ 57.640342][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.647616][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.655529][ T5826] bridge_slave_0: entered allmulticast mode [ 57.662076][ T5826] bridge_slave_0: entered promiscuous mode [ 57.689971][ T5833] team0: Port device team_slave_0 added [ 57.705818][ T5825] team0: Port device team_slave_0 added [ 57.721506][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.729688][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.737193][ T5826] bridge_slave_1: entered allmulticast mode [ 57.743740][ T5826] bridge_slave_1: entered promiscuous mode [ 57.750524][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.757718][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.764995][ T5831] bridge_slave_0: entered allmulticast mode [ 57.771527][ T5831] bridge_slave_0: entered promiscuous mode [ 57.780520][ T5833] team0: Port device team_slave_1 added [ 57.796778][ T5825] team0: Port device team_slave_1 added [ 57.813773][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.840787][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.850874][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.858331][ T5831] bridge_slave_1: entered allmulticast mode [ 57.868121][ T5831] bridge_slave_1: entered promiscuous mode [ 57.881244][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.888283][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.914307][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.928921][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.936014][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.962180][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.986819][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.997971][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.009608][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.042619][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.049875][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.076133][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.122482][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.135165][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.145378][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.152343][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.178412][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.213121][ T5826] team0: Port device team_slave_0 added [ 58.221973][ T5826] team0: Port device team_slave_1 added [ 58.257557][ T5833] hsr_slave_0: entered promiscuous mode [ 58.264915][ T5833] hsr_slave_1: entered promiscuous mode [ 58.277986][ T5843] team0: Port device team_slave_0 added [ 58.307724][ T5825] hsr_slave_0: entered promiscuous mode [ 58.314104][ T5825] hsr_slave_1: entered promiscuous mode [ 58.320106][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.328321][ T5825] Cannot create hsr debugfs directory [ 58.335855][ T5843] team0: Port device team_slave_1 added [ 58.341928][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.349389][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.375801][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.389548][ T5831] team0: Port device team_slave_0 added [ 58.397515][ T5831] team0: Port device team_slave_1 added [ 58.426391][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.433380][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.459816][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.491740][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.498862][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.525000][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.537589][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.544617][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.570736][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.604672][ T5830] Bluetooth: hci4: command tx timeout [ 58.604677][ T5845] Bluetooth: hci1: command tx timeout [ 58.638534][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.645877][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.672993][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.684814][ T5830] Bluetooth: hci0: command tx timeout [ 58.689384][ T5842] Bluetooth: hci3: command tx timeout [ 58.692529][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.696231][ T5845] Bluetooth: hci2: command tx timeout [ 58.702946][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.734916][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.804860][ T5826] hsr_slave_0: entered promiscuous mode [ 58.811736][ T5826] hsr_slave_1: entered promiscuous mode [ 58.818276][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.826143][ T5826] Cannot create hsr debugfs directory [ 58.875604][ T5843] hsr_slave_0: entered promiscuous mode [ 58.881847][ T5843] hsr_slave_1: entered promiscuous mode [ 58.888301][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.896738][ T5843] Cannot create hsr debugfs directory [ 58.909680][ T5831] hsr_slave_0: entered promiscuous mode [ 58.916103][ T5831] hsr_slave_1: entered promiscuous mode [ 58.922077][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.929892][ T5831] Cannot create hsr debugfs directory [ 59.192280][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.226284][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.238508][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.250781][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.296003][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 59.310521][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 59.323624][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 59.346318][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 59.395554][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 59.418750][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 59.431344][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 59.441640][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 59.500085][ T5831] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 59.510211][ T5831] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 59.550701][ T5831] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 59.559986][ T5831] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 59.575529][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.617407][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.639489][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.668433][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.679026][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.710417][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.751498][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.758824][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.791118][ T3106] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.798286][ T3106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.817315][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.891127][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.902881][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.922505][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.937329][ T3106] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.944510][ T3106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.956341][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.980275][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.987500][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.002855][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.048768][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.055949][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.091757][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.098981][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.130279][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.137475][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.157684][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.164867][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.253350][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.310643][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.387320][ T5833] veth0_vlan: entered promiscuous mode [ 60.421826][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.460121][ T5833] veth1_vlan: entered promiscuous mode [ 60.529822][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.537014][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.559391][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.566634][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.613672][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.653214][ T5833] veth0_macvtap: entered promiscuous mode [ 60.663579][ T5833] veth1_macvtap: entered promiscuous mode [ 60.685519][ T5845] Bluetooth: hci1: command tx timeout [ 60.687423][ T5842] Bluetooth: hci4: command tx timeout [ 60.707489][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.722388][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.745123][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.774646][ T5842] Bluetooth: hci2: command tx timeout [ 60.775348][ T5845] Bluetooth: hci3: command tx timeout [ 60.780085][ T5842] Bluetooth: hci0: command tx timeout [ 60.816402][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.838429][ T5825] veth0_vlan: entered promiscuous mode [ 60.885107][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.913661][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.922721][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.943992][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.982639][ T5825] veth1_vlan: entered promiscuous mode [ 61.045510][ T5826] veth0_vlan: entered promiscuous mode [ 61.096395][ T5826] veth1_vlan: entered promiscuous mode [ 61.120640][ T5825] veth0_macvtap: entered promiscuous mode [ 61.149885][ T5825] veth1_macvtap: entered promiscuous mode [ 61.160859][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.180473][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.199963][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.239549][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.252393][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.265340][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.290095][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.302463][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.313626][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.334485][ T3106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.342423][ T3106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.358071][ T5825] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.368096][ T5825] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.377036][ T5825] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.388597][ T5825] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.400777][ T5843] veth0_vlan: entered promiscuous mode [ 61.413069][ T5831] veth0_vlan: entered promiscuous mode [ 61.430405][ T5826] veth0_macvtap: entered promiscuous mode [ 61.442364][ T5843] veth1_vlan: entered promiscuous mode [ 61.458767][ T5826] veth1_macvtap: entered promiscuous mode [ 61.467118][ T5831] veth1_vlan: entered promiscuous mode [ 61.488468][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 61.500593][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.518152][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.528048][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.539612][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.552329][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.580277][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.596334][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.624352][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.640099][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.657552][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.679682][ T5831] veth0_macvtap: entered promiscuous mode [ 61.712439][ T5831] veth1_macvtap: entered promiscuous mode [ 61.731142][ T5826] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.746690][ T5826] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.756215][ T5826] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.766447][ T5826] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.813493][ T5843] veth0_macvtap: entered promiscuous mode [ 61.856772][ T5843] veth1_macvtap: entered promiscuous mode [ 61.906103][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.917744][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.932050][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.944162][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.955210][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.965859][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.977772][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.001210][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.021681][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.031811][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.049331][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.060531][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.071583][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.082051][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.093972][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.105298][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.133713][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.146837][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.157216][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.169136][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.179849][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.190465][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.201782][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.215831][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.227416][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.246053][ T5831] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.266856][ T5831] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.299631][ T5831] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.309709][ T5831] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.370574][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.371033][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.402465][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.412589][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.414253][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.423124][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.441005][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.459715][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.470036][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.487061][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.500909][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.519525][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.535811][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.560310][ T5843] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.572744][ T5843] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.590611][ T5843] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.600530][ T5843] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.631684][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.657273][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.777493][ T5842] Bluetooth: hci4: command tx timeout [ 62.782980][ T5842] Bluetooth: hci1: command tx timeout [ 62.845797][ T5842] Bluetooth: hci0: command tx timeout [ 62.851371][ T5842] Bluetooth: hci3: command tx timeout [ 62.857707][ T5830] Bluetooth: hci2: command tx timeout [ 62.860575][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.904905][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.986366][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.005433][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.235280][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.239404][ T3106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.252784][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.366363][ T3106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.121788][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.131843][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.143513][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.481145][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.500563][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.540143][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.770340][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.794331][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.810422][ T5935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12'. [ 64.845247][ T5830] Bluetooth: hci1: command tx timeout [ 64.850858][ T5842] Bluetooth: hci4: command tx timeout [ 64.924469][ T5842] Bluetooth: hci2: command tx timeout [ 64.930628][ T5842] Bluetooth: hci3: command tx timeout [ 64.930720][ T5830] Bluetooth: hci0: command tx timeout [ 65.045758][ T5958] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 65.106441][ T5962] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17'. [ 65.138283][ T5962] bridge_slave_1: left allmulticast mode [ 65.154240][ T5962] bridge_slave_1: left promiscuous mode [ 65.162160][ T5962] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.196306][ T5962] bridge_slave_0: left allmulticast mode [ 65.202011][ T5962] bridge_slave_0: left promiscuous mode [ 65.296857][ T5962] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.418023][ T5967] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 65.951028][ T29] audit: type=1326 audit(1731169318.427:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 66.005527][ T29] audit: type=1326 audit(1731169318.427:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 66.026863][ T5988] capability: warning: `syz.2.30' uses deprecated v2 capabilities in a way that may be insecure [ 66.040142][ T29] audit: type=1326 audit(1731169318.427:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 66.062909][ T29] audit: type=1326 audit(1731169318.427:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 66.085695][ T29] audit: type=1326 audit(1731169318.427:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff1a657d0b0 code=0x7ffc0000 [ 66.187649][ T29] audit: type=1326 audit(1731169318.437:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 66.218153][ T5991] ip_vti0: entered promiscuous mode [ 66.237303][ T5991] vlan2: entered promiscuous mode [ 66.297019][ T29] audit: type=1326 audit(1731169318.437:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 66.379058][ T29] audit: type=1326 audit(1731169318.437:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 66.422977][ T5973] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 66.445733][ T5973] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 66.963586][ T29] audit: type=1326 audit(1731169318.437:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 67.047445][ T5973] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 67.112171][ T29] audit: type=1326 audit(1731169318.437:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5986 comm="syz.2.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 67.357506][ T5973] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 67.378818][ T5973] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 67.446000][ T5973] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 67.478988][ T5973] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 67.552884][ T5973] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 67.603782][ T5973] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 67.673202][ T5973] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 67.695132][ T5973] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 67.726785][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 67.735011][ T5973] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 67.882424][ T5973] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 67.894732][ T5973] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 67.915358][ T5973] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 69.076036][ T6050] ip_vti0: entered promiscuous mode [ 69.082846][ T6050] vlan2: entered promiscuous mode [ 69.405077][ T6064] __nla_validate_parse: 3 callbacks suppressed [ 69.405097][ T6064] netlink: 24 bytes leftover after parsing attributes in process `syz.0.64'. [ 69.421217][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 69.565009][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 69.727371][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 69.804535][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 69.886267][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 70.804892][ T6103] netlink: 132 bytes leftover after parsing attributes in process `syz.0.78'. [ 70.821622][ T6103] netlink: 'syz.0.78': attribute type 10 has an invalid length. [ 70.859823][ T6103] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 71.057668][ T29] kauditd_printk_skb: 71 callbacks suppressed [ 71.057687][ T29] audit: type=1326 audit(1731169323.537:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6109 comm="syz.1.82" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 71.117980][ T29] audit: type=1326 audit(1731169323.567:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6109 comm="syz.1.82" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 71.176297][ T29] audit: type=1326 audit(1731169323.567:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6109 comm="syz.1.82" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 71.252854][ T29] audit: type=1326 audit(1731169323.567:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6109 comm="syz.1.82" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 71.288249][ T29] audit: type=1326 audit(1731169323.567:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6109 comm="syz.1.82" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 71.485931][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 71.774403][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 71.779417][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.799469][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.807191][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 71.884268][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 71.976980][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 72.090637][ T6136] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 72.098381][ T6136] IPv6: NLM_F_CREATE should be set when creating new route [ 72.105703][ T6136] IPv6: NLM_F_CREATE should be set when creating new route [ 72.175748][ T6140] netlink: 132 bytes leftover after parsing attributes in process `syz.4.94'. [ 72.185714][ T6140] netlink: 'syz.4.94': attribute type 10 has an invalid length. [ 72.494275][ T6140] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 73.094469][ T6162] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0 [ 73.120420][ T6161] netlink: 100 bytes leftover after parsing attributes in process `syz.0.103'. [ 73.274293][ T6164] ip_vti0: entered promiscuous mode [ 73.289859][ T6164] vlan2: entered promiscuous mode [ 73.558915][ T6173] netlink: 'syz.0.108': attribute type 10 has an invalid length. [ 73.588763][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 73.624057][ T6173] netlink: 2 bytes leftover after parsing attributes in process `syz.0.108'. [ 73.701648][ T6173] team0: entered promiscuous mode [ 73.755383][ T6173] team_slave_0: entered promiscuous mode [ 73.795211][ T6173] team_slave_1: entered promiscuous mode [ 73.804005][ T29] audit: type=1326 audit(1731169326.277:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6178 comm="syz.4.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a67d7e719 code=0x7ffc0000 [ 73.818814][ T6173] bridge0: port 3(team0) entered blocking state [ 73.825428][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 73.854348][ T6173] bridge0: port 3(team0) entered disabled state [ 73.860809][ T6173] team0: entered allmulticast mode [ 73.866257][ T6173] team_slave_0: entered allmulticast mode [ 73.872015][ T6173] team_slave_1: entered allmulticast mode [ 73.884953][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 73.935961][ T6183] netlink: 100 bytes leftover after parsing attributes in process `syz.4.115'. [ 73.955072][ T29] audit: type=1326 audit(1731169326.277:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6178 comm="syz.4.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a67d7e719 code=0x7ffc0000 [ 73.986100][ T6173] bridge0: port 3(team0) entered blocking state [ 73.992852][ T6173] bridge0: port 3(team0) entered forwarding state [ 74.028201][ T29] audit: type=1326 audit(1731169326.277:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6178 comm="syz.4.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f4a67d7e719 code=0x7ffc0000 [ 74.049871][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 74.208898][ T29] audit: type=1326 audit(1731169326.277:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6178 comm="syz.4.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a67d7e719 code=0x7ffc0000 [ 74.461487][ T6199] netlink: 132 bytes leftover after parsing attributes in process `syz.2.119'. [ 74.472144][ T6199] netlink: 'syz.2.119': attribute type 10 has an invalid length. [ 74.498535][ T6199] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 75.208708][ T6214] netlink: 100 bytes leftover after parsing attributes in process `syz.4.126'. [ 76.786147][ T973] cfg80211: failed to load regulatory.db [ 76.792770][ T6247] netlink: 100 bytes leftover after parsing attributes in process `syz.1.138'. [ 76.946759][ T6252] Zero length message leads to an empty skb [ 78.594217][ T29] audit: type=1326 audit(1731169331.077:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.617087][ T29] audit: type=1326 audit(1731169331.077:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.639352][ T29] audit: type=1326 audit(1731169331.077:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.672358][ T29] audit: type=1326 audit(1731169331.077:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.709703][ T29] audit: type=1326 audit(1731169331.077:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.735473][ T29] audit: type=1326 audit(1731169331.077:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.797633][ T29] audit: type=1326 audit(1731169331.077:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.873449][ T29] audit: type=1326 audit(1731169331.077:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 78.941655][ T29] audit: type=1326 audit(1731169331.077:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 79.011329][ T29] audit: type=1326 audit(1731169331.077:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6278 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b397e719 code=0x7ffc0000 [ 80.788852][ T6336] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 80.843497][ T6342] syz.1.175 uses obsolete (PF_INET,SOCK_PACKET) [ 81.111480][ T6353] netlink: 132 bytes leftover after parsing attributes in process `syz.0.180'. [ 81.134361][ T6353] netlink: 'syz.0.180': attribute type 10 has an invalid length. [ 82.260679][ T6392] ip_vti0: entered promiscuous mode [ 82.277997][ T6392] vlan2: entered promiscuous mode [ 84.133393][ T6441] netlink: 12 bytes leftover after parsing attributes in process `syz.2.217'. [ 84.267285][ T6438] netlink: 132 bytes leftover after parsing attributes in process `syz.1.216'. [ 84.287862][ T6440] netlink: 'syz.1.216': attribute type 10 has an invalid length. [ 84.350988][ T6440] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 84.574773][ T29] kauditd_printk_skb: 112 callbacks suppressed [ 84.574790][ T29] audit: type=1326 audit(1731169337.057:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 84.663586][ T29] audit: type=1326 audit(1731169337.087:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 84.773506][ T29] audit: type=1326 audit(1731169337.087:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 84.815131][ T6456] x_tables: duplicate underflow at hook 2 [ 84.881956][ T29] audit: type=1326 audit(1731169337.087:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 84.950190][ T29] audit: type=1326 audit(1731169337.087:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 85.042642][ T29] audit: type=1326 audit(1731169337.087:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 85.076919][ T29] audit: type=1326 audit(1731169337.087:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 85.150036][ T29] audit: type=1326 audit(1731169337.087:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 85.192778][ T29] audit: type=1326 audit(1731169337.087:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 85.424497][ T29] audit: type=1326 audit(1731169337.087:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6447 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1a657e719 code=0x7ffc0000 [ 85.669689][ T6475] netlink: 132 bytes leftover after parsing attributes in process `syz.4.232'. [ 85.731649][ T6475] netlink: 'syz.4.232': attribute type 10 has an invalid length. [ 86.046371][ T6489] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 87.816910][ T6550] netlink: 100 bytes leftover after parsing attributes in process `syz.3.265'. [ 88.576801][ T6565] mmap: syz.2.271 (6565) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 88.761532][ T6568] netlink: 132 bytes leftover after parsing attributes in process `syz.2.272'. [ 88.793254][ T6568] netlink: 'syz.2.272': attribute type 10 has an invalid length. [ 89.791995][ T6600] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 89.841026][ T6600] [ 89.843403][ T6600] ====================================================== [ 89.850435][ T6600] WARNING: possible circular locking dependency detected [ 89.857470][ T6600] 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0 Not tainted [ 89.864586][ T6600] ------------------------------------------------------ [ 89.871615][ T6600] syz.2.286/6600 is trying to acquire lock: [ 89.877524][ T6600] ffff88807acdc5d8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sock_set_reuseaddr+0x17/0x60 [ 89.886985][ T6600] [ 89.886985][ T6600] but task is already holding lock: [ 89.894357][ T6600] ffffffff8fa51588 (lock#7){+.+.}-{3:3}, at: cma_add_one+0x6bc/0xcd0 [ 89.902499][ T6600] [ 89.902499][ T6600] which lock already depends on the new lock. [ 89.902499][ T6600] [ 89.913446][ T6600] [ 89.913446][ T6600] the existing dependency chain (in reverse order) is: [ 89.922470][ T6600] [ 89.922470][ T6600] -> #3 (lock#7){+.+.}-{3:3}: [ 89.929378][ T6600] lock_acquire+0x1ed/0x550 [ 89.934439][ T6600] __mutex_lock+0x136/0xd70 [ 89.939483][ T6600] cma_init+0x1e/0x140 [ 89.944102][ T6600] do_one_initcall+0x248/0x880 [ 89.949406][ T6600] do_initcall_level+0x157/0x210 [ 89.954883][ T6600] do_initcalls+0x3f/0x80 [ 89.959751][ T6600] kernel_init_freeable+0x435/0x5d0 [ 89.965491][ T6600] kernel_init+0x1d/0x2b0 [ 89.970357][ T6600] ret_from_fork+0x4b/0x80 [ 89.975316][ T6600] ret_from_fork_asm+0x1a/0x30 [ 89.980631][ T6600] [ 89.980631][ T6600] -> #2 (rtnl_mutex){+.+.}-{3:3}: [ 89.987879][ T6600] lock_acquire+0x1ed/0x550 [ 89.992934][ T6600] __mutex_lock+0x136/0xd70 [ 89.997984][ T6600] start_sync_thread+0xdc/0x2dc0 [ 90.003477][ T6600] do_ip_vs_set_ctl+0x442/0x13d0 [ 90.008957][ T6600] nf_setsockopt+0x295/0x2c0 [ 90.014096][ T6600] smc_setsockopt+0x275/0xe50 [ 90.019315][ T6600] do_sock_setsockopt+0x3af/0x720 [ 90.024877][ T6600] __sys_setsockopt+0x1a2/0x250 [ 90.030266][ T6600] __x64_sys_setsockopt+0xb5/0xd0 [ 90.035826][ T6600] do_syscall_64+0xf3/0x230 [ 90.041389][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.047821][ T6600] [ 90.047821][ T6600] -> #1 (&smc->clcsock_release_lock){+.+.}-{3:3}: [ 90.056452][ T6600] lock_acquire+0x1ed/0x550 [ 90.061502][ T6600] __mutex_lock+0x136/0xd70 [ 90.066542][ T6600] smc_switch_to_fallback+0x35/0xdb0 [ 90.072364][ T6600] smc_sendmsg+0x11f/0x530 [ 90.077321][ T6600] __sock_sendmsg+0x221/0x270 [ 90.082544][ T6600] __sys_sendto+0x39b/0x4f0 [ 90.087583][ T6600] __x64_sys_sendto+0xde/0x100 [ 90.092886][ T6600] do_syscall_64+0xf3/0x230 [ 90.097925][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.104337][ T6600] [ 90.104337][ T6600] -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 90.112063][ T6600] validate_chain+0x18ef/0x5920 [ 90.117424][ T6600] __lock_acquire+0x1384/0x2050 [ 90.122786][ T6600] lock_acquire+0x1ed/0x550 [ 90.127798][ T6600] lock_sock_nested+0x48/0x100 [ 90.133071][ T6600] sock_set_reuseaddr+0x17/0x60 [ 90.138428][ T6600] siw_create_listen+0x196/0xfe0 [ 90.143884][ T6600] iw_cm_listen+0x15e/0x230 [ 90.148907][ T6600] rdma_listen+0x941/0xd60 [ 90.153836][ T6600] cma_listen_on_dev+0x3e3/0x6f0 [ 90.159288][ T6600] cma_add_one+0x7d7/0xcd0 [ 90.164217][ T6600] add_client_context+0x536/0x8b0 [ 90.169750][ T6600] enable_device_and_get+0x1e6/0x440 [ 90.175545][ T6600] ib_register_device+0x10d4/0x13e0 [ 90.181259][ T6600] siw_newlink+0x9d9/0xe50 [ 90.186193][ T6600] nldev_newlink+0x5c0/0x640 [ 90.191306][ T6600] rdma_nl_rcv+0x6dd/0x9e0 [ 90.196242][ T6600] netlink_unicast+0x7f6/0x990 [ 90.201518][ T6600] netlink_sendmsg+0x8e4/0xcb0 [ 90.206792][ T6600] __sock_sendmsg+0x221/0x270 [ 90.211977][ T6600] ____sys_sendmsg+0x52a/0x7e0 [ 90.217251][ T6600] __sys_sendmsg+0x292/0x380 [ 90.222349][ T6600] do_syscall_64+0xf3/0x230 [ 90.227362][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.233762][ T6600] [ 90.233762][ T6600] other info that might help us debug this: [ 90.233762][ T6600] [ 90.243981][ T6600] Chain exists of: [ 90.243981][ T6600] sk_lock-AF_INET6 --> rtnl_mutex --> lock#7 [ 90.243981][ T6600] [ 90.255917][ T6600] Possible unsafe locking scenario: [ 90.255917][ T6600] [ 90.263355][ T6600] CPU0 CPU1 [ 90.268708][ T6600] ---- ---- [ 90.274058][ T6600] lock(lock#7); [ 90.277692][ T6600] lock(rtnl_mutex); [ 90.284187][ T6600] lock(lock#7); [ 90.290337][ T6600] lock(sk_lock-AF_INET6); [ 90.294832][ T6600] [ 90.294832][ T6600] *** DEADLOCK *** [ 90.294832][ T6600] [ 90.302961][ T6600] 6 locks held by syz.2.286/6600: [ 90.307969][ T6600] #0: ffffffff9a75d1f8 (&rdma_nl_types[idx].sem){.+.+}-{3:3}, at: rdma_nl_rcv+0x32d/0x9e0 [ 90.317973][ T6600] #1: ffffffff8fa3d7f0 (link_ops_rwsem){++++}-{3:3}, at: nldev_newlink+0x42a/0x640 [ 90.327363][ T6600] #2: ffffffff8fa30410 (devices_rwsem){++++}-{3:3}, at: enable_device_and_get+0x12e/0x440 [ 90.337364][ T6600] #3: ffffffff8fa30710 (clients_rwsem){++++}-{3:3}, at: enable_device_and_get+0x196/0x440 [ 90.347972][ T6600] #4: ffff888035e885d0 (&device->client_data_rwsem){++++}-{3:3}, at: add_client_context+0x4f4/0x8b0 [ 90.358841][ T6600] #5: ffffffff8fa51588 (lock#7){+.+.}-{3:3}, at: cma_add_one+0x6bc/0xcd0 [ 90.367372][ T6600] [ 90.367372][ T6600] stack backtrace: [ 90.373266][ T6600] CPU: 0 UID: 0 PID: 6600 Comm: syz.2.286 Not tainted 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0 [ 90.383841][ T6600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 90.393906][ T6600] Call Trace: [ 90.397183][ T6600] [ 90.400106][ T6600] dump_stack_lvl+0x241/0x360 [ 90.404780][ T6600] ? __pfx_dump_stack_lvl+0x10/0x10 [ 90.409970][ T6600] ? __pfx__printk+0x10/0x10 [ 90.414554][ T6600] print_circular_bug+0x13a/0x1b0 [ 90.419582][ T6600] check_noncircular+0x36a/0x4a0 [ 90.424514][ T6600] ? __lock_acquire+0x1384/0x2050 [ 90.429532][ T6600] ? __pfx_check_noncircular+0x10/0x10 [ 90.434982][ T6600] ? lockdep_lock+0x123/0x2b0 [ 90.439655][ T6600] validate_chain+0x18ef/0x5920 [ 90.444502][ T6600] ? __pfx_validate_chain+0x10/0x10 [ 90.449695][ T6600] ? mark_lock+0x9a/0x360 [ 90.454014][ T6600] ? mark_lock+0x9a/0x360 [ 90.458328][ T6600] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 90.464679][ T6600] ? look_up_lock_class+0x77/0x170 [ 90.469782][ T6600] ? register_lock_class+0x102/0x980 [ 90.475063][ T6600] ? __pfx_register_lock_class+0x10/0x10 [ 90.480688][ T6600] ? mark_lock+0x9a/0x360 [ 90.485006][ T6600] __lock_acquire+0x1384/0x2050 [ 90.489857][ T6600] lock_acquire+0x1ed/0x550 [ 90.494354][ T6600] ? sock_set_reuseaddr+0x17/0x60 [ 90.499374][ T6600] ? __pfx_lock_acquire+0x10/0x10 [ 90.504391][ T6600] ? tcp_init_sock+0x604/0x950 [ 90.509146][ T6600] ? tcp_v6_init_sock+0x21/0x80 [ 90.513997][ T6600] ? smack_socket_post_create+0xdc/0x190 [ 90.519625][ T6600] ? security_socket_post_create+0x83/0x2f0 [ 90.525513][ T6600] ? __sock_create+0x337/0x940 [ 90.530267][ T6600] lock_sock_nested+0x48/0x100 [ 90.535018][ T6600] ? sock_set_reuseaddr+0x17/0x60 [ 90.540030][ T6600] sock_set_reuseaddr+0x17/0x60 [ 90.544872][ T6600] siw_create_listen+0x196/0xfe0 [ 90.549806][ T6600] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 90.555689][ T6600] ? __pfx_siw_create_listen+0x10/0x10 [ 90.561144][ T6600] iw_cm_listen+0x15e/0x230 [ 90.565642][ T6600] rdma_listen+0x941/0xd60 [ 90.570052][ T6600] ? __pfx_rdma_listen+0x10/0x10 [ 90.574983][ T6600] ? rdma_restrack_add+0x288/0x7b0 [ 90.580089][ T6600] ? _cma_attach_to_dev+0x295/0x490 [ 90.585284][ T6600] cma_listen_on_dev+0x3e3/0x6f0 [ 90.590220][ T6600] cma_add_one+0x7d7/0xcd0 [ 90.594650][ T6600] ? __pfx_cma_add_one+0x10/0x10 [ 90.599582][ T6600] ? _raw_spin_unlock+0x28/0x50 [ 90.604420][ T6600] add_client_context+0x536/0x8b0 [ 90.609439][ T6600] ? __pfx_add_client_context+0x10/0x10 [ 90.614974][ T6600] ? __pfx_ib_setup_port_attrs+0x10/0x10 [ 90.620682][ T6600] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 90.626654][ T6600] enable_device_and_get+0x1e6/0x440 [ 90.631954][ T6600] ? __pfx_enable_device_and_get+0x10/0x10 [ 90.637753][ T6600] ? device_add+0x460/0xbf0 [ 90.642248][ T6600] ib_register_device+0x10d4/0x13e0 [ 90.647443][ T6600] ? __pfx_ib_register_device+0x10/0x10 [ 90.652983][ T6600] ? xa_load+0x2dd/0x350 [ 90.657215][ T6600] ? xa_load+0x147/0x350 [ 90.661446][ T6600] ? __asan_memset+0x23/0x50 [ 90.666028][ T6600] ? lockdep_init_map_type+0xa1/0x910 [ 90.671394][ T6600] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 90.677192][ T6600] ? ib_device_set_netdev+0x5b6/0x6b0 [ 90.682586][ T6600] ? __raw_spin_lock_init+0x45/0x100 [ 90.687894][ T6600] siw_newlink+0x9d9/0xe50 [ 90.692315][ T6600] nldev_newlink+0x5c0/0x640 [ 90.696909][ T6600] ? __pfx_nldev_newlink+0x10/0x10 [ 90.702044][ T6600] ? down_read+0x82b/0xa40 [ 90.706451][ T6600] ? __lock_acquire+0x1384/0x2050 [ 90.711485][ T6600] ? cap_capable+0x1b4/0x250 [ 90.716069][ T6600] ? bpf_lsm_capable+0x9/0x10 [ 90.720744][ T6600] ? security_capable+0x7e/0x2d0 [ 90.725678][ T6600] ? __pfx_nldev_newlink+0x10/0x10 [ 90.730789][ T6600] rdma_nl_rcv+0x6dd/0x9e0 [ 90.735197][ T6600] ? __pfx_rdma_nl_rcv+0x10/0x10 [ 90.740131][ T6600] ? netlink_deliver_tap+0x2e/0x1b0 [ 90.745338][ T6600] netlink_unicast+0x7f6/0x990 [ 90.750118][ T6600] ? __pfx_netlink_unicast+0x10/0x10 [ 90.755400][ T6600] ? __virt_addr_valid+0x183/0x530 [ 90.760511][ T6600] ? __check_object_size+0x48e/0x900 [ 90.765797][ T6600] netlink_sendmsg+0x8e4/0xcb0 [ 90.770560][ T6600] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.775844][ T6600] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.781117][ T6600] __sock_sendmsg+0x221/0x270 [ 90.785783][ T6600] ____sys_sendmsg+0x52a/0x7e0 [ 90.790550][ T6600] ? __pfx_____sys_sendmsg+0x10/0x10 [ 90.795836][ T6600] __sys_sendmsg+0x292/0x380 [ 90.800422][ T6600] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.805545][ T6600] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 90.811870][ T6600] ? do_syscall_64+0x100/0x230 [ 90.816629][ T6600] ? do_syscall_64+0xb6/0x230 [ 90.821299][ T6600] do_syscall_64+0xf3/0x230 [ 90.825796][ T6600] ? clear_bhb_loop+0x35/0x90 [ 90.830462][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.836358][ T6600] RIP: 0033:0x7ff1a657e719 [ 90.840771][ T6600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.860389][ T6600] RSP: 002b:00007ff1a734e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.868802][ T6600] RAX: ffffffffffffffda RBX: 00007ff1a6735f80 RCX: 00007ff1a657e719 [ 90.876765][ T6600] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000007 [ 90.884724][ T6600] RBP: 00007ff1a65f139e R08: 0000000000000000 R09: 0000000000000000 [ 90.892686][ T6600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 90.900656][ T6600] R13: 0000000000000000 R14: 00007ff1a6735f80 R15: 00007ffd4588dbb8 [ 90.908634][ T6600] [ 90.972085][ T6600] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98