last executing test programs: 673.151554ms ago: executing program 2 (id=3): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x8) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000) r2 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r3, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r4], 0x5c}}, 0x40) 334.488552ms ago: executing program 0 (id=1): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040064) sendfile(r0, r1, 0x0, 0x20000023896) 178.378396ms ago: executing program 2 (id=6): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffff274}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 0s ago: executing program 3 (id=4): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x80000001, 0x30}, 0xc) r1 = dup(r0) write$cgroup_subtree(r1, &(0x7f00000005c0)=ANY=[], 0x32600) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000280)={0x0, 0x1}, 0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x7, 0x5404, 0x204, 0x5, 0x4, 0x1, 0x1, 0x80000001}, 0x20) write$P9_RRENAME(r1, &(0x7f0000000040)={0x7, 0x15, 0x1}, 0x34000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.151' (ED25519) to the list of known hosts. [ 81.122130][ T5787] cgroup: Unknown subsys name 'net' [ 81.342849][ T5787] cgroup: Unknown subsys name 'cpuset' [ 81.378683][ T5787] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.177109][ T5787] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.760305][ T10] cfg80211: failed to load regulatory.db [ 87.433793][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.437377][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.455021][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.466413][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.467301][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.472683][ T5811] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.481247][ T5118] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.482662][ T5118] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.483459][ T5118] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.484481][ T5118] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.485214][ T5118] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.494832][ T5118] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.508753][ T5811] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.529882][ T5811] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.539530][ T5811] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.712579][ T5811] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.715412][ T5811] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.715445][ T5810] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.716562][ T5811] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.725795][ T5811] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.727595][ T5811] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.731047][ T5810] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.740884][ T61] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.742800][ T61] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.743548][ T61] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.383224][ T5814] chnl_net:caif_netlink_parms(): no params data found [ 88.461576][ T5805] chnl_net:caif_netlink_parms(): no params data found [ 88.816092][ T5806] chnl_net:caif_netlink_parms(): no params data found [ 88.939518][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 88.945103][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 89.159978][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.160065][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.160412][ T5814] bridge_slave_0: entered allmulticast mode [ 89.162187][ T5814] bridge_slave_0: entered promiscuous mode [ 89.299367][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.299560][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.299738][ T5814] bridge_slave_1: entered allmulticast mode [ 89.301546][ T5814] bridge_slave_1: entered promiscuous mode [ 89.470290][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.470404][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.470886][ T5805] bridge_slave_0: entered allmulticast mode [ 89.472385][ T5805] bridge_slave_0: entered promiscuous mode [ 89.549768][ T5118] Bluetooth: hci2: command tx timeout [ 89.582341][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.582443][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.582547][ T5805] bridge_slave_1: entered allmulticast mode [ 89.584006][ T5805] bridge_slave_1: entered promiscuous mode [ 89.628376][ T5118] Bluetooth: hci0: command tx timeout [ 89.628383][ T61] Bluetooth: hci1: command tx timeout [ 89.788289][ T5118] Bluetooth: hci4: command tx timeout [ 89.788451][ T61] Bluetooth: hci3: command tx timeout [ 89.842147][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.981293][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.981542][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.981633][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.981740][ T5806] bridge_slave_0: entered allmulticast mode [ 89.983239][ T5806] bridge_slave_0: entered promiscuous mode [ 90.113905][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.189049][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.189144][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.189258][ T5806] bridge_slave_1: entered allmulticast mode [ 90.190779][ T5806] bridge_slave_1: entered promiscuous mode [ 90.327049][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.469016][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.469131][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.469241][ T5819] bridge_slave_0: entered allmulticast mode [ 90.470727][ T5819] bridge_slave_0: entered promiscuous mode [ 90.472361][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.472483][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.472639][ T5820] bridge_slave_0: entered allmulticast mode [ 90.474517][ T5820] bridge_slave_0: entered promiscuous mode [ 90.550378][ T5814] team0: Port device team_slave_0 added [ 90.609226][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.609374][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.609619][ T5819] bridge_slave_1: entered allmulticast mode [ 90.611282][ T5819] bridge_slave_1: entered promiscuous mode [ 90.612106][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.612225][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.612332][ T5820] bridge_slave_1: entered allmulticast mode [ 90.613763][ T5820] bridge_slave_1: entered promiscuous mode [ 90.840860][ T5814] team0: Port device team_slave_1 added [ 90.844284][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.971022][ T5805] team0: Port device team_slave_0 added [ 91.040964][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.161064][ T5805] team0: Port device team_slave_1 added [ 91.281697][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.284623][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.371023][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.371034][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.371047][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.451238][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.453368][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.539732][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.539748][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.539771][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.541716][ T5806] team0: Port device team_slave_0 added [ 91.628367][ T5118] Bluetooth: hci2: command tx timeout [ 91.708249][ T5118] Bluetooth: hci1: command tx timeout [ 91.709524][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.709534][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.709546][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.720176][ T5806] team0: Port device team_slave_1 added [ 91.720588][ T5118] Bluetooth: hci0: command tx timeout [ 91.868272][ T5118] Bluetooth: hci4: command tx timeout [ 91.878869][ T5118] Bluetooth: hci3: command tx timeout [ 92.089646][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.089662][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.089685][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.170150][ T5819] team0: Port device team_slave_0 added [ 92.172148][ T5820] team0: Port device team_slave_0 added [ 92.271114][ T5819] team0: Port device team_slave_1 added [ 92.272854][ T5820] team0: Port device team_slave_1 added [ 92.339462][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.339473][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.339486][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.569853][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.569868][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.569892][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.784658][ T5814] hsr_slave_0: entered promiscuous mode [ 92.785647][ T5814] hsr_slave_1: entered promiscuous mode [ 92.797162][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.797176][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.797199][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.802568][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.802581][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.802604][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.952162][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.952172][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.952185][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.953076][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.953084][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.953104][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.959720][ T5805] hsr_slave_0: entered promiscuous mode [ 92.961085][ T5805] hsr_slave_1: entered promiscuous mode [ 92.962159][ T5805] debugfs: 'hsr0' already exists in 'hsr' [ 92.962278][ T5805] Cannot create hsr debugfs directory [ 93.274096][ T5806] hsr_slave_0: entered promiscuous mode [ 93.274955][ T5806] hsr_slave_1: entered promiscuous mode [ 93.275480][ T5806] debugfs: 'hsr0' already exists in 'hsr' [ 93.275503][ T5806] Cannot create hsr debugfs directory [ 93.708358][ T5118] Bluetooth: hci2: command tx timeout [ 93.784674][ T5819] hsr_slave_0: entered promiscuous mode [ 93.785461][ T5819] hsr_slave_1: entered promiscuous mode [ 93.786055][ T5819] debugfs: 'hsr0' already exists in 'hsr' [ 93.786072][ T5819] Cannot create hsr debugfs directory [ 93.794737][ T5820] hsr_slave_0: entered promiscuous mode [ 93.796089][ T5820] hsr_slave_1: entered promiscuous mode [ 93.796967][ T5820] debugfs: 'hsr0' already exists in 'hsr' [ 93.796988][ T5820] Cannot create hsr debugfs directory [ 93.798960][ T5118] Bluetooth: hci0: command tx timeout [ 93.798987][ T5118] Bluetooth: hci1: command tx timeout [ 93.948391][ T61] Bluetooth: hci3: command tx timeout [ 93.948424][ T61] Bluetooth: hci4: command tx timeout [ 95.142171][ T5814] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.177051][ T5814] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 95.202494][ T5814] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.254655][ T5814] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.359362][ T5805] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.395309][ T5805] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.424134][ T5805] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.455239][ T5805] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.579896][ T5806] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.617780][ T5806] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 95.654821][ T5806] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 95.706808][ T5806] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 95.788767][ T5118] Bluetooth: hci2: command tx timeout [ 95.835941][ T5819] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.866953][ T5819] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.868910][ T61] Bluetooth: hci0: command tx timeout [ 95.870651][ T5118] Bluetooth: hci1: command tx timeout [ 95.917075][ T5819] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.950824][ T5819] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 96.017778][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.030517][ T5118] Bluetooth: hci4: command tx timeout [ 96.030543][ T5118] Bluetooth: hci3: command tx timeout [ 96.116084][ T5820] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 96.150112][ T5820] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 96.185801][ T5820] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 96.226298][ T5814] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.236420][ T5820] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 96.290566][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.292064][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.303609][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.331485][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.331634][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.400625][ T5805] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.430122][ T1181] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.430323][ T1181] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.455255][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.473891][ T1181] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.474011][ T1181] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.553714][ T5806] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.600333][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.606075][ T150] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.606288][ T150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.644281][ T139] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.651186][ T139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.720784][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.770388][ T1285] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.770599][ T1285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.803525][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.817789][ T1181] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.819969][ T1181] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.907981][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.961388][ T1514] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.961521][ T1514] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.015896][ T139] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.016038][ T139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.125729][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.300441][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.407079][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.453848][ T5814] veth0_vlan: entered promiscuous mode [ 97.501301][ T5814] veth1_vlan: entered promiscuous mode [ 97.561289][ T5805] veth0_vlan: entered promiscuous mode [ 97.630694][ T5805] veth1_vlan: entered promiscuous mode [ 97.665786][ T5806] veth0_vlan: entered promiscuous mode [ 97.675593][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.679571][ T5814] veth0_macvtap: entered promiscuous mode [ 97.707444][ T5814] veth1_macvtap: entered promiscuous mode [ 97.722633][ T5806] veth1_vlan: entered promiscuous mode [ 97.741335][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.797390][ T5805] veth0_macvtap: entered promiscuous mode [ 97.807662][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.830718][ T5805] veth1_macvtap: entered promiscuous mode [ 97.836642][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.887067][ T1181] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.905552][ T1181] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.922829][ T1181] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.947538][ T1181] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.958988][ T5806] veth0_macvtap: entered promiscuous mode [ 97.983552][ T5819] veth0_vlan: entered promiscuous mode [ 98.043305][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.047539][ T5806] veth1_macvtap: entered promiscuous mode [ 98.120018][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.150615][ T5819] veth1_vlan: entered promiscuous mode [ 98.222251][ T1119] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.227452][ T1119] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.243631][ T1119] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.254373][ T1119] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.261457][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.335561][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.364195][ T150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.364219][ T150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.415805][ T150] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.424977][ T150] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.481143][ T150] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.520388][ T1119] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.549532][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.549549][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.649513][ T5819] veth0_macvtap: entered promiscuous mode [ 98.693862][ T5820] veth0_vlan: entered promiscuous mode [ 98.700419][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.700437][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.723771][ T5819] veth1_macvtap: entered promiscuous mode [ 98.844251][ T5820] veth1_vlan: entered promiscuous mode [ 98.861297][ T1181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.861316][ T1181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.973220][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.980338][ T139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.980357][ T139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.015858][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.062968][ T5917] netlink: 'syz.2.3': attribute type 1 has an invalid length. [ 99.064075][ T1181] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.086133][ T1181] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.178613][ T1181] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.201415][ T1181] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.226633][ T1285] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.226653][ T1285] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.259553][ T5820] veth0_macvtap: entered promiscuous mode [ 99.348852][ T5820] veth1_macvtap: entered promiscuous mode [ 99.563714][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.583847][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.736744][ T5922] ================================================================== [ 99.736761][ T5922] BUG: KASAN: slab-use-after-free in gro_cells_receive+0x51d/0x690 [ 99.736792][ T5922] Write of size 8 at addr ffff88805a35a500 by task syz.2.6/5922 [ 99.736807][ T5922] [ 99.736829][ T5922] CPU: 0 UID: 0 PID: 5922 Comm: syz.2.6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 99.736851][ T5922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 99.736869][ T5922] Call Trace: [ 99.736880][ T5922] [ 99.736888][ T5922] dump_stack_lvl+0x189/0x250 [ 99.736912][ T5922] ? __virt_addr_valid+0x1c8/0x5c0 [ 99.736933][ T5922] ? rcu_is_watching+0x15/0xb0 [ 99.736954][ T5922] ? __kasan_check_byte+0x12/0x40 [ 99.736974][ T5922] ? __pfx_dump_stack_lvl+0x10/0x10 [ 99.736995][ T5922] ? rcu_is_watching+0x15/0xb0 [ 99.737017][ T5922] ? lock_release+0x4b/0x3e0 [ 99.737039][ T5922] ? __virt_addr_valid+0x1c8/0x5c0 [ 99.737060][ T5922] ? __virt_addr_valid+0x4a5/0x5c0 [ 99.737083][ T5922] print_report+0xca/0x240 [ 99.737107][ T5922] ? gro_cells_receive+0x51d/0x690 [ 99.737128][ T5922] kasan_report+0x118/0x150 [ 99.737149][ T5922] ? gro_cells_receive+0x51d/0x690 [ 99.737173][ T5922] ? gro_cells_receive+0x50/0x690 [ 99.737195][ T5922] gro_cells_receive+0x51d/0x690 [ 99.737225][ T5922] ? gro_cells_receive+0x50/0x690 [ 99.737253][ T5922] ip6_tnl_rcv+0x7c/0xa0 [ 99.737280][ T5922] gre_rcv+0xbfa/0x11e0 [ 99.737303][ T5922] ? ip6_pol_route+0x162/0x1180 [ 99.737322][ T5922] ? ip6_pol_route+0x547/0x1180 [ 99.737343][ T5922] ? __pfx_gre_rcv+0x10/0x10 [ 99.737366][ T5922] ? __pfx_raw6_local_deliver+0x10/0x10 [ 99.737390][ T5922] ? nf_conntrack_in+0x1346/0x15d0 [ 99.737410][ T5922] ? xfrm6_policy_check+0x42b/0x870 [ 99.737434][ T5922] ? __pfx_gre_rcv+0x10/0x10 [ 99.737458][ T5922] ip6_protocol_deliver_rcu+0xe0b/0x15c0 [ 99.737494][ T5922] ip6_input_finish+0x191/0x370 [ 99.737517][ T5922] NF_HOOK+0x30c/0x3a0 [ 99.737540][ T5922] ? __pfx_ip6_input_finish+0x10/0x10 [ 99.737560][ T5922] ? NF_HOOK+0x9a/0x3a0 [ 99.737577][ T5922] ? __pfx_NF_HOOK+0x10/0x10 [ 99.737597][ T5922] ? __pfx_ip6_input_finish+0x10/0x10 [ 99.737620][ T5922] ip6_input+0x16a/0x270 [ 99.737637][ T5922] ? ip6_input+0x23/0x270 [ 99.737655][ T5922] ip6_sublist_rcv_finish+0x1c8/0x2a0 [ 99.737678][ T5922] ip6_sublist_rcv+0xb11/0xdd0 [ 99.737704][ T5922] ? __pfx_ip6_sublist_rcv+0x10/0x10 [ 99.737724][ T5922] ? skb_orphan+0xaf/0xd0 [ 99.737746][ T5922] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 99.737765][ T5922] ? ip6_rcv_core+0x9e/0x1590 [ 99.737790][ T5922] ipv6_list_rcv+0x3e5/0x430 [ 99.737815][ T5922] ? __pfx_ipv6_list_rcv+0x10/0x10 [ 99.737839][ T5922] ? __pfx_ipv6_list_rcv+0x10/0x10 [ 99.737859][ T5922] __netif_receive_skb_list_core+0x5f4/0x800 [ 99.737887][ T5922] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 99.737908][ T5922] netif_receive_skb_list_internal+0x96f/0xcb0 [ 99.737927][ T5922] ? netif_receive_skb_list_internal+0x4fd/0xcb0 [ 99.737945][ T5922] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 99.737964][ T5922] ? __phys_addr+0xd3/0x180 [ 99.737981][ T5922] ? build_skb_around+0x133/0x280 [ 99.738003][ T5922] ? __xdp_build_skb_from_frame+0x34b/0x730 [ 99.738019][ T5922] netif_receive_skb_list+0x54/0x450 [ 99.738036][ T5922] bpf_test_run_xdp_live+0x1790/0x1b20 [ 99.738061][ T5922] ? bpf_test_run_xdp_live+0x398/0x1b20 [ 99.738088][ T5922] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 99.738118][ T5922] ? 0xffffffffa0202f14 [ 99.738154][ T5922] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 99.738181][ T5922] ? _copy_from_user+0x94/0xb0 [ 99.738207][ T5922] ? bpf_test_init+0x113/0x150 [ 99.738227][ T5922] ? xdp_convert_md_to_buff+0x5b/0x330 [ 99.738248][ T5922] bpf_prog_test_run_xdp+0x75b/0x10e0 [ 99.738278][ T5922] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 99.738302][ T5922] ? __fget_files+0x2a/0x420 [ 99.738322][ T5922] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 99.738345][ T5922] bpf_prog_test_run+0x2cd/0x340 [ 99.738367][ T5922] __sys_bpf+0x562/0x860 [ 99.738386][ T5922] ? __pfx___sys_bpf+0x10/0x10 [ 99.738412][ T5922] ? __pfx___se_sys_futex+0x10/0x10 [ 99.738442][ T5922] __x64_sys_bpf+0x7c/0x90 [ 99.738465][ T5922] do_syscall_64+0xfa/0xfa0 [ 99.738486][ T5922] ? lockdep_hardirqs_on+0x9c/0x150 [ 99.738506][ T5922] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.738521][ T5922] ? clear_bhb_loop+0x60/0xb0 [ 99.738537][ T5922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.738551][ T5922] RIP: 0033:0x7fa7344eeec9 [ 99.738566][ T5922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.738578][ T5922] RSP: 002b:00007fa732756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 99.738596][ T5922] RAX: ffffffffffffffda RBX: 00007fa734745fa0 RCX: 00007fa7344eeec9 [ 99.738609][ T5922] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 99.738619][ T5922] RBP: 00007fa734571f91 R08: 0000000000000000 R09: 0000000000000000 [ 99.738631][ T5922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.738641][ T5922] R13: 00007fa734746038 R14: 00007fa734745fa0 R15: 00007ffc421de278 [ 99.738662][ T5922] [ 99.738668][ T5922] [ 99.738679][ T5922] Allocated by task 5922: [ 99.738688][ T5922] kasan_save_track+0x3e/0x80 [ 99.738702][ T5922] __kasan_slab_alloc+0x6c/0x80 [ 99.738715][ T5922] kmem_cache_alloc_bulk_noprof+0x413/0x620 [ 99.738731][ T5922] bpf_test_run_xdp_live+0x15fb/0x1b20 [ 99.738750][ T5922] bpf_prog_test_run_xdp+0x75b/0x10e0 [ 99.738768][ T5922] bpf_prog_test_run+0x2cd/0x340 [ 99.738785][ T5922] __sys_bpf+0x562/0x860 [ 99.738799][ T5922] __x64_sys_bpf+0x7c/0x90 [ 99.738818][ T5922] do_syscall_64+0xfa/0xfa0 [ 99.738837][ T5922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.738851][ T5922] [ 99.738854][ T5922] Freed by task 5920: [ 99.738861][ T5922] kasan_save_track+0x3e/0x80 [ 99.738872][ T5922] __kasan_save_free_info+0x46/0x50 [ 99.738891][ T5922] __kasan_slab_free+0x5c/0x80 [ 99.738902][ T5922] kmem_cache_free+0x19a/0x910 [ 99.738913][ T5922] __netif_receive_skb_core+0x3d5f/0x4380 [ 99.738929][ T5922] __netif_receive_skb_list_core+0x23f/0x800 [ 99.738944][ T5922] netif_receive_skb_list_internal+0x96f/0xcb0 [ 99.738963][ T5922] napi_complete_done+0x2f2/0x7c0 [ 99.738979][ T5922] gro_cell_poll+0x19f/0x1d0 [ 99.738996][ T5922] __napi_poll+0xb6/0x540 [ 99.739011][ T5922] net_rx_action+0x5f7/0xda0 [ 99.739028][ T5922] handle_softirqs+0x22f/0x710 [ 99.739050][ T5922] __local_bh_enable_ip+0x1a0/0x2e0 [ 99.739071][ T5922] irq_forced_thread_fn+0xe9/0x120 [ 99.739089][ T5922] irq_thread+0x427/0x690 [ 99.739103][ T5922] kthread+0x711/0x8a0 [ 99.739118][ T5922] ret_from_fork+0x4bc/0x870 [ 99.739139][ T5922] ret_from_fork_asm+0x1a/0x30 [ 99.739160][ T5922] [ 99.739165][ T5922] The buggy address belongs to the object at ffff88805a35a500 [ 99.739165][ T5922] which belongs to the cache skbuff_head_cache of size 240 [ 99.739179][ T5922] The buggy address is located 0 bytes inside of [ 99.739179][ T5922] freed 240-byte region [ffff88805a35a500, ffff88805a35a5f0) [ 99.739198][ T5922] [ 99.739210][ T5922] The buggy address belongs to the physical page: [ 99.739228][ T5922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5a35a [ 99.739244][ T5922] flags: 0x80000000000000(node=0|zone=1) [ 99.739264][ T5922] page_type: f5(slab) [ 99.739280][ T5922] raw: 0080000000000000 ffff8881416ac8c0 dead000000000122 0000000000000000 [ 99.739296][ T5922] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 99.739305][ T5922] page dumped because: kasan: bad access detected [ 99.739318][ T5922] page_owner tracks the page as allocated [ 99.739325][ T5922] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 58, tgid 58 (kworker/u8:3), ts 99732351868, free_ts 0 [ 99.739355][ T5922] post_alloc_hook+0x240/0x2a0 [ 99.739372][ T5922] get_page_from_freelist+0x28c0/0x2960 [ 99.739392][ T5922] __alloc_frozen_pages_noprof+0x181/0x370 [ 99.739412][ T5922] alloc_pages_mpol+0xd1/0x380 [ 99.739431][ T5922] allocate_slab+0x96/0x3a0 [ 99.739452][ T5922] ___slab_alloc+0xb12/0x13f0 [ 99.739470][ T5922] __slab_alloc+0xc6/0x1f0 [ 99.739488][ T5922] kmem_cache_alloc_node_noprof+0x1ac/0x6e0 [ 99.739509][ T5922] __alloc_skb+0x112/0x2d0 [ 99.739526][ T5922] nsim_dev_trap_report_work+0x29f/0xbc0 [ 99.739542][ T5922] process_scheduled_works+0xae1/0x17b0 [ 99.739562][ T5922] worker_thread+0x8a0/0xda0 [ 99.739572][ T5922] kthread+0x711/0x8a0 [ 99.739586][ T5922] ret_from_fork+0x4bc/0x870 [ 99.739604][ T5922] ret_from_fork_asm+0x1a/0x30 [ 99.739621][ T5922] page_owner free stack trace missing [ 99.739626][ T5922] [ 99.739630][ T5922] Memory state around the buggy address: [ 99.739637][ T5922] ffff88805a35a400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 99.739646][ T5922] ffff88805a35a480: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc [ 99.739655][ T5922] >ffff88805a35a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 99.739662][ T5922] ^ [ 99.739670][ T5922] ffff88805a35a580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 99.739679][ T5922] ffff88805a35a600: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 99.739687][ T5922] ================================================================== [ 99.756900][ T5922] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 99.756919][ T5922] CPU: 0 UID: 0 PID: 5922 Comm: syz.2.6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 99.756941][ T5922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 99.756952][ T5922] Call Trace: [ 99.756959][ T5922] [ 99.756966][ T5922] dump_stack_lvl+0x99/0x250 [ 99.756992][ T5922] ? __asan_memcpy+0x40/0x70 [ 99.757018][ T5922] ? __pfx_dump_stack_lvl+0x10/0x10 [ 99.757039][ T5922] ? __pfx__printk+0x10/0x10 [ 99.757066][ T5922] vpanic+0x237/0x6d0 [ 99.757084][ T5922] ? __pfx_vpanic+0x10/0x10 [ 99.757100][ T5922] ? preempt_schedule_common+0x83/0xd0 [ 99.757126][ T5922] ? preempt_schedule+0xae/0xc0 [ 99.757153][ T5922] panic+0xb9/0xc0 [ 99.757170][ T5922] ? __pfx_panic+0x10/0x10 [ 99.757191][ T5922] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 99.757226][ T5922] ? gro_cells_receive+0x51d/0x690 [ 99.757248][ T5922] check_panic_on_warn+0x89/0xb0 [ 99.757271][ T5922] ? gro_cells_receive+0x51d/0x690 [ 99.757291][ T5922] end_report+0x78/0x160 [ 99.757310][ T5922] kasan_report+0x129/0x150 [ 99.757330][ T5922] ? gro_cells_receive+0x51d/0x690 [ 99.757353][ T5922] ? gro_cells_receive+0x50/0x690 [ 99.757375][ T5922] gro_cells_receive+0x51d/0x690 [ 99.757396][ T5922] ? gro_cells_receive+0x50/0x690 [ 99.757418][ T5922] ip6_tnl_rcv+0x7c/0xa0 [ 99.757444][ T5922] gre_rcv+0xbfa/0x11e0 [ 99.757468][ T5922] ? ip6_pol_route+0x162/0x1180 [ 99.757486][ T5922] ? ip6_pol_route+0x547/0x1180 [ 99.757508][ T5922] ? __pfx_gre_rcv+0x10/0x10 [ 99.757531][ T5922] ? __pfx_raw6_local_deliver+0x10/0x10 [ 99.757555][ T5922] ? nf_conntrack_in+0x1346/0x15d0 [ 99.757575][ T5922] ? xfrm6_policy_check+0x42b/0x870 [ 99.757600][ T5922] ? __pfx_gre_rcv+0x10/0x10 [ 99.757619][ T5922] ip6_protocol_deliver_rcu+0xe0b/0x15c0 [ 99.757654][ T5922] ip6_input_finish+0x191/0x370 [ 99.757678][ T5922] NF_HOOK+0x30c/0x3a0 [ 99.757701][ T5922] ? __pfx_ip6_input_finish+0x10/0x10 [ 99.757723][ T5922] ? NF_HOOK+0x9a/0x3a0 [ 99.757743][ T5922] ? __pfx_NF_HOOK+0x10/0x10 [ 99.757765][ T5922] ? __pfx_ip6_input_finish+0x10/0x10 [ 99.757792][ T5922] ip6_input+0x16a/0x270 [ 99.757815][ T5922] ? ip6_input+0x23/0x270 [ 99.757838][ T5922] ip6_sublist_rcv_finish+0x1c8/0x2a0 [ 99.757864][ T5922] ip6_sublist_rcv+0xb11/0xdd0 [ 99.757893][ T5922] ? __pfx_ip6_sublist_rcv+0x10/0x10 [ 99.757917][ T5922] ? skb_orphan+0xaf/0xd0 [ 99.757942][ T5922] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 99.757965][ T5922] ? ip6_rcv_core+0x9e/0x1590 [ 99.757993][ T5922] ipv6_list_rcv+0x3e5/0x430 [ 99.758021][ T5922] ? __pfx_ipv6_list_rcv+0x10/0x10 [ 99.758048][ T5922] ? __pfx_ipv6_list_rcv+0x10/0x10 [ 99.758073][ T5922] __netif_receive_skb_list_core+0x5f4/0x800 [ 99.758104][ T5922] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 99.758135][ T5922] netif_receive_skb_list_internal+0x96f/0xcb0 [ 99.758158][ T5922] ? netif_receive_skb_list_internal+0x4fd/0xcb0 [ 99.758179][ T5922] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 99.758207][ T5922] ? __phys_addr+0xd3/0x180 [ 99.758226][ T5922] ? build_skb_around+0x133/0x280 [ 99.758251][ T5922] ? __xdp_build_skb_from_frame+0x34b/0x730 [ 99.758271][ T5922] netif_receive_skb_list+0x54/0x450 [ 99.758293][ T5922] bpf_test_run_xdp_live+0x1790/0x1b20 [ 99.758324][ T5922] ? bpf_test_run_xdp_live+0x398/0x1b20 [ 99.758352][ T5922] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 99.758387][ T5922] ? 0xffffffffa0202f14 [ 99.758414][ T5922] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 99.758444][ T5922] ? _copy_from_user+0x94/0xb0 [ 99.758464][ T5922] ? bpf_test_init+0x113/0x150 [ 99.758485][ T5922] ? xdp_convert_md_to_buff+0x5b/0x330 [ 99.758511][ T5922] bpf_prog_test_run_xdp+0x75b/0x10e0 [ 99.758544][ T5922] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 99.758571][ T5922] ? __fget_files+0x2a/0x420 [ 99.758593][ T5922] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 99.758619][ T5922] bpf_prog_test_run+0x2cd/0x340 [ 99.758642][ T5922] __sys_bpf+0x562/0x860 [ 99.758662][ T5922] ? __pfx___sys_bpf+0x10/0x10 [ 99.758690][ T5922] ? __pfx___se_sys_futex+0x10/0x10 [ 99.758722][ T5922] __x64_sys_bpf+0x7c/0x90 [ 99.758750][ T5922] do_syscall_64+0xfa/0xfa0 [ 99.758776][ T5922] ? lockdep_hardirqs_on+0x9c/0x150 [ 99.758802][ T5922] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.758822][ T5922] ? clear_bhb_loop+0x60/0xb0 [ 99.758842][ T5922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.758861][ T5922] RIP: 0033:0x7fa7344eeec9 [ 99.758876][ T5922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.758893][ T5922] RSP: 002b:00007fa732756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 99.758913][ T5922] RAX: ffffffffffffffda RBX: 00007fa734745fa0 RCX: 00007fa7344eeec9 [ 99.758928][ T5922] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 99.758941][ T5922] RBP: 00007fa734571f91 R08: 0000000000000000 R09: 0000000000000000 [ 99.758953][ T5922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.758965][ T5922] R13: 00007fa734746038 R14: 00007fa734745fa0 R15: 00007ffc421de278 [ 99.758988][ T5922] [ 99.759240][ T5922] Kernel Offset: disabled