last executing test programs: 5m56.139375981s ago: executing program 1 (id=2): bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8946, &(0x7f0000000040)={'syz_tun\x00', @random='\x00\x00\x00\x00\x00 '}) 5m55.759672543s ago: executing program 1 (id=31): r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r1, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1541, 0x3a, '!+\xf0!\\+', 0x3a, '\x8aV\x87\xdf&$\x03\xd1\x89{\xb4I\x90q\x16F\x19\x10\xe6q\xb5\xc9Y\a\xd0\xce\xc95\xe0\x04\f\xf7H\xb8\xb4w\x9b\xe9N\x8cbX(\xeehy\xfb\t\x9b\xe2\xfb\x1ab\x84*\xf7K4\x8c~\f\xf6\x9d\x9a\xcf[\x1aS\\xc1E\xe2\xcf\x9d\x1eJ4\x1ePA\xa7\xeb.', 0x3a, './file0'}, 0x82) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) close(0x3) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000040007b8af8ff00000000bfa20000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000340)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0xc2, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, '\a\x00'}, @mss={0x2, 0x4, 0x2}, @mss={0x2, 0x4, 0x7}, @window={0x3, 0x3, 0x1}, @eol, @nop]}}}}}}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) 5m55.280091254s ago: executing program 1 (id=36): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x3ab1019, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) open_tree(0xffffffffffffff9c, &(0x7f0000000500)='./file0/../file0\x00', 0x89901) mount$fuse(0x0, &(0x7f00000005c0)='./file0/file0\x00', 0x0, 0x88000, 0x0) 5m54.948597525s ago: executing program 1 (id=39): r0 = socket(0x400000000010, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850) sendmsg$nl_route_sched(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000940)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r4, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route_sched(r0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20000800) 5m54.110901861s ago: executing program 1 (id=49): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f000000040000000800000042"], 0x50) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000000340)=""/201, 0xc9, 0x0, &(0x7f0000000000)=""/11, 0xb}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xd, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x102}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x640040, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) r5 = dup(r4) sendmsg$inet_sctp(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB=' '], 0x50, 0x4855}, 0x8850) shutdown(r3, 0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000440)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x400040, 0x80, 0x2, 0xfffffffb, 0x2, 0x0, 0x0, 0x0, 0x3}}, 0x50) r7 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3) ioctl$TIOCGPTPEER(r7, 0x4004092b, 0x5) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 5m53.825994964s ago: executing program 32 (id=49): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f000000040000000800000042"], 0x50) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000000340)=""/201, 0xc9, 0x0, &(0x7f0000000000)=""/11, 0xb}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xd, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x102}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x640040, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) r5 = dup(r4) sendmsg$inet_sctp(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB=' '], 0x50, 0x4855}, 0x8850) shutdown(r3, 0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000440)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x400040, 0x80, 0x2, 0xfffffffb, 0x2, 0x0, 0x0, 0x0, 0x3}}, 0x50) r7 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3) ioctl$TIOCGPTPEER(r7, 0x4004092b, 0x5) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 5m28.483644341s ago: executing program 4 (id=240): r0 = socket$packet(0x11, 0x3, 0x300) sendmmsg(r0, &(0x7f0000009140)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000900)="0f37d386c1a7048f64d62196c431", 0xe}], 0x1}}], 0x1, 0x44804) 5m28.144606871s ago: executing program 4 (id=244): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2e}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000200)={0x1, 0x7}, 0x8) listen(r1, 0x5) accept4(r1, &(0x7f0000000240)=@x25, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) 5m26.517275731s ago: executing program 4 (id=252): r0 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000001000370401000000b8dbdf2500000000", @ANYRES32=r1, @ANYBLOB="05cc060000000000180012800900010069706970"], 0x38}}, 0x0) r3 = socket$inet(0x2, 0x2, 0x0) sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @empty, @loopback}}}], 0x20}}], 0x1, 0x4040880) 5m26.192479104s ago: executing program 4 (id=256): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x3ab1019, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000500)='./file0/../file0\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000480)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0/../file0\x00', 0x0, 0xa1c08, 0x0) mount$fuse(0x0, &(0x7f00000005c0)='./file0/file0\x00', 0x0, 0x88000, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x400, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0]) 5m25.737711213s ago: executing program 4 (id=260): bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x1c, 0x20000000000000bb, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50) 5m22.488188981s ago: executing program 4 (id=274): r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r1, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1541, 0x3a, '!+\xf0!\\+', 0x3a, '\x8aV\x87\xdf&$\x03\xd1\x89{\xb4I\x90q\x16F\x19\x10\xe6q\xb5\xc9Y\a\xd0\xce\xc95\xe0\x04\f\xf7H\xb8\xb4w\x9b\xe9N\x8cbX(\xeehy\xfb\t\x9b\xe2\xfb\x1ab\x84*\xf7K4\x8c~\f\xf6\x9d\x9a\xcf[\x1aS\\xc1E\xe2\xcf\x9d\x1eJ4\x1ePA\xa7\xeb.', 0x3a, './file0'}, 0x82) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) close(0x3) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94) close(0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000040007b8af8ff00000000bfa20000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000340)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0xc2, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, '\a\x00'}, @mss={0x2, 0x4, 0x2}, @mss={0x2, 0x4, 0x7}, @window={0x3, 0x3, 0x1}, @eol, @nop]}}}}}}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) 5m21.542941816s ago: executing program 33 (id=274): r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r1, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1541, 0x3a, '!+\xf0!\\+', 0x3a, '\x8aV\x87\xdf&$\x03\xd1\x89{\xb4I\x90q\x16F\x19\x10\xe6q\xb5\xc9Y\a\xd0\xce\xc95\xe0\x04\f\xf7H\xb8\xb4w\x9b\xe9N\x8cbX(\xeehy\xfb\t\x9b\xe2\xfb\x1ab\x84*\xf7K4\x8c~\f\xf6\x9d\x9a\xcf[\x1aS\\xc1E\xe2\xcf\x9d\x1eJ4\x1ePA\xa7\xeb.', 0x3a, './file0'}, 0x82) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) close(0x3) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94) close(0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000040007b8af8ff00000000bfa20000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000340)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0xc2, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, '\a\x00'}, @mss={0x2, 0x4, 0x2}, @mss={0x2, 0x4, 0x7}, @window={0x3, 0x3, 0x1}, @eol, @nop]}}}}}}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) 2m46.696187308s ago: executing program 6 (id=1204): r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c40)=ANY=[@ANYBLOB="bf16000000000000b7070000ff030000487000000000000050000000000000009500000000000000e83d24a394a293b3bd23212fb56fa54f0b71d0e6adfefc41d86b60717142fa9ea4318123741c0a0f168c1886bf0fccf8d56ccb659427cf8593dbe3a2a3ad358061011fbc5ba1f07318988e6e01a41cc0990d0dc840a23f72eca0b2d89fc474c2a10000000077beee1cebf45fab73962fa8f6296b32a8343881dcc7b1b85f3c3da4cd36414e90a61965c3de4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d0054ce21fa41181a9580cfca031e5388ee5c9a7ddd04201f5200001fcadf95e5a4725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f588cb211624f40401691721715f46e0500000000000000a663739a190a4e825c908c0abc85d457ec5a57cb706eef32a3ed12d63c9c4c508530e173650a8a8f2a9c81bcffe437bccbe158024d8d4939e6fd9adc43f0f4b049218db92bf466e934330ed79bc9f626d68b0000600057d14854eef851bc8c30f5d0df6b94ea0b852d495085ff4eabaac9606f0497958c2c357a7124a69f6770ea6702bc53896a15fad5e55c64efd217450a975221b20d78e445e3da74a3c1e59bae44546bde4ac6de55a480f3ad5dc0f2d1818b696492285f60d914283f8d687b0bdb46261277671bba2c550bfef679bddf38ab35eaaf0268c4efa45b56a188a9195044a222ec06bb49784d5608d87c4832e4305bf8889e5db2a70f6a83d4b3cdc12546d2e9f6720dec489b6276856de6d895704ba3e8ee12c8121ffc4f5d2ae03f0227dcc4f38699d3db16f69ed45e918b07ce58bf576e253364fe0000000084f897400d4f5503a6e9ea4a480e3221f3c247ee8c55e487eaa25a7689689c9c305da4b0181f0f653fec399fcc0cc800e82bde039cc29c19b538c76e65642875bddbef61e5985751d9ebd37d2f32375357b5d2b4dc24baa6a7010038380f7029a292f1ad05000000e4e801a819aef69d081e2cacaa8ad1b4ca6df5dc37962ebc5337379e00645b6d2bec249c0612510000000000a7060d8d9b9ad109b62d1dab0eec6beabc76d765b9caf70900000399772ddfe89be4338e70d0ecfed537780a31fcaf4acaf9bd3711a4359d68ec71b0693ede07e7d18e797697901fbae4a9d9966b68eadae75ef1b8931b0818a57e5136fb8c61d73b17d8fd55c2b8d321a6cba8743114fcff01e5c10200c512000800009a021d377e477ea807cc00919ee8bfbd090034f67609cfde8877b5bb072572b421d6b1fdae83e5e250190628d02d01f978323fe36685e652ceb218a9cc9e125a4880faccaf5ac2345f20b1ee403885790500d0bc75c7e95d23904dc446e0201aafea0d3f4cc0cf285ccd000000000100005aee4199a34686905441c1fa62ed20328a10690432f59a4d3e05bd00997ea2b6f5213cb883d05b620f31869f6cce80f1ae09009ed7e3c5f3aa61bfd240cb9726bc512ba0eb1f68579c76144feb0100809f12bcf79c4d57f66703c2aee08e52de3eff160623e1af555dc7481128ed0bab22dcb6e5b6ac5e4010eaf2510fa440aabfdc80c77108c769ed2d666c555c6c38b30899a688d96a6c6dc0dd4309f6548765d3f53261b4890aa004e7f667a230b22bc6e248bf56b219d9a547b6e1c5077c9ba463329323b53910e7358b4d0c6882c590cf25e4d044a6afb10a070f285e3c94ed405aa8dc41718dd3f4bf474868538aad9a23f85a707e325c10a9f22e37c4213d0ca2910726de8e62d2e3ae7f64e40c7af3dc00bab70cf607869c5a11a03bce8aa43fa010348bc2fb420ba5e344fcdcb302548e571157d323f5fd535800284d32ffff000088ccd685f07309101a3196b705479897f4c9d97c4c7b77db7b15bfb4305d5e954a34385418e665af882a7d505323070929b228bc94b70300000066dab8c4e63debff174621a0ac7dd85b14cb7616ca23f044bd0ccd1c79292c3aa8f6e4a1c27315ef8d55781edbe368f72aeb2f48256131aaab707451c14747dfa3bb5f8725a98f6d3c797573f18810bf378e38107ece5cb7cf3b98975e9254248af60de2f04e2429d9b6eba525fd1b1b665f77710fa494e2b619c975acd535fc78696fc980573c35e9916f0000000000002c8ee5ec55faffffffffffffffcd59cc0600000053d0a1f4ea4477022c9f376b3191efeb46be3c174fb24009379bbc949fd2923715540556450f12d1645177ce3eca0d65d17deff51a024f0180000000006100499e829bda469048c70e5968375feb39e6918e591a384851ba3079ad9c376bdaf0650e212eb4185cbbb6c0dc0e699afc34ca3b9a307cd2519cd9b192d678492ea2228ff0817d68f97b18402d271036067c141b911c4e0207e2c9d37ac203f440e1a065a2d227c6ec860c0104000000000000fe7144ec680c0dac7b5906a6197c8173080c9ab3ecb72820f04a42e4a43ee3f325f93edb3a204b9c9dc8953375e37c83876f248d91f166676b54781c6855c5e067ab2c2c6d22b20a703d68d77312333deff80883cb5a25c738f4e7cbb075e10f5c36396156abb221adebb9303342bfa2b745a5e045d5db847e4810270ed1c5bbb1548ec3184ff9b8ed1687333d0e0412d452ba6b390199bd684ff458d6c8114833efde87215e5f9569d92d24579f3ef473bce24e61eb21336ad441eea93cbcb69d2156b9b6e3000000000000000000fc411d2eadcadc7c0a2c12410e4b9d634807f2a6f1c3a13508e274ecef5cfccb707a1640973973fd2d1d60138d9b7a778827fd07fbd093a0ba779dcd32556613e1fac161825da91acde7fa964c689b1f0ea96047a98260270c3a3ccb2142b074db79aa88614663ff33f9966502a2361e49aabe58eb086c5827dd9d92fa4ff0c0e8b949d585f2cbc111de478905cb37f3cbfb019c6daace508b926718506a577234468f9279a52360d1a80b88b4eb1cda949ca77b6ec43bdf5f5a400989705746b86b400947891b33d591ec5ea9ae45983273f62027998d72f83625021a72e27e0449fa154ade55071546d4000000000000000000000000000000002f907c5db9c967a1f86c57bb5062fed7c37ec16a7e62b6e370c3c5a32adee9032367814394a7a7fd12c44b81fb5ac2ad92220a72aa3355e894cbefe344a6b5eb4c25128d5427a640faae401eccf3aca4294410461e946010c50f9ee556b38eae0b252ef288397672bbbd17e5306589f93dc130b6be5b19dfb2462348355ef24762509cf29becacf8515abe299b8a7dfd585f5dbf7578bfdbfa37deeb872c3291b59349238add315cd18e6f4196b404e48955657d680511c7ba7f5e0f9d97d649583190c78015aaf4db05aa2a6cc9d00084ce958406e09fe508a0ee5feb2d34f48d87000000000000001108780004ec696f618c20771a7ae436d733f603f20c9189567b63d47fae002e616969d888a418d139a25b11c0da7aecb8c14f1a879f7b985ab634b0f5cdb2090ad2c336e9a28289247ef4f3cfcafa393927d27711ed0543a5e8ec6c1c62082549791f75fccd54582f990234496954e6e54bcbb90f2756912ab7e511a55a9e0512e5c1c10bcd76ee4799af611179a39bd0c0323cae1aaaaaa8dafb55bca104ada3252c5d9de5b9cdb6217c35ca3d28b1d8b9d2fa79376c13167a9ef1b1f4b7509debbeacc153ca8bea4a0a65ee1d1d20a9106499f0bf7f416b051e835d790ac978b90143d9125224f74b6167f7a967c7e33eb5f43570b9f3c91371968a30e528968b233d0396db424e5fd73d380318e9676d074dd5ce552a222e250f9f6d0bdd9e46e7f22d9abfd4573b57e3b52d407b464b0146ea15560a2ce034b1623fecc84842928223d17ce4ab31ef4c2a9f9caebf65341fa3da1bbae7972097e24603b9db8edc25a152bd39af179eab23ed555040c2bbb89ea22c08b97264b3616a41abfad0ab12a79574c60cf1841ea45f10e9438e55e1e0eb645200993b08833bb14517b0d0e5ba72bdacd92d57b6029129c95ab0a93857c7205e8450b27aee5e684ece77f53112873f40247a998cc896ab4d55573c7a7ef2936a29425cab46cd4fdd1452ea8429c63c74d5673f5e4d47d1b001d0d3a9e1d5c840ab37a69cb30d17ff7591f01549e552dc43b672e0feff94408171d682565dc2d84476297c6901040000cb9f7f2eb690d7a032c09f0a3d48663fe5ece30f592d71755dd6cbfac96016a2ecd4e499ce9adce6e59db0494fa25117a2bc13275c9a94a3532c1b8417e9ed5e6cd5f51f8ccc878ba73305ad19b0cf05625439cdf688d33c8fd6cf52c5c5685444b65eb918884727d3a780bdac17d447745e4accd85d3aca4d63127bb3a58095cffa08a6cecae329dd5f47552c40b560b05e962363e99300d61931ddd97444c2bae02edb26383cb96ee7d2742d24dc7e9b6dac831674ae09b7d180ebb30b9221480ad78706dadf7ca3540eb6c6c43dc7e31b2c8d188f28d6ab10d3c0c97b9f6b5feb9abeb6a801975c0bbab0b1fed7485f2fca1730906a6dc1914386118646dab2618582c4ce0a8ce7a1a3ca7d56f6ca8c7d43cad0116c70751a0db051d9adc4ab34dafbca31fecd9191d38fa011a4c1fc19df0b9aac3a0de17dc01b413c4d4eccf9eb1cd90569508fc6479111544807f11dad193a170ac290f28d3e7f702c5bced7ed90c3251897446fdbb1195136d9092168e2deedb3e0afdf0f543363fbf8759df07270981c0bd7260998963e45a2c84e8b82ddfa98dab68a23cfb2ffa4fcc4ebcd38f273e9bdb240f77eb51e259bb88dc383b19107af39ffcc708a1278b3e53c2130a9c7150593794f8f22ae9b2ff0d46c8d175bf9ff227870f1dcecd5b564d20230ac32a10982cf1bbe5ca15ed6d85b2c447f3fb0872ea6170352fd4c76c75941d1c3684a466c81a5892e9f56c0b512be586381c2390aaf93347d318aa5de4322b11088435730c69bc1cfd96d869803a3"], &(0x7f0000000140)='GPL\x00'}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4) r2 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) sendto$inet6(r2, &(0x7f0000000040), 0x3000, 0x0, 0x0, 0x0) 2m44.24347442s ago: executing program 6 (id=1212): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0xfffd, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0xe, 0x9}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) syz_emit_ethernet(0x2b, &(0x7f0000000540)={@random="e90c6306aca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0x0, 0x1d, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x9, 0x0, @opaque="cd"}}}}}, 0x0) 2m41.131145391s ago: executing program 6 (id=1217): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x33}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x90}, 0x0) 2m39.476573718s ago: executing program 6 (id=1225): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x27c}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ftruncate(r1, 0x8008976) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) unshare(0x26020400) ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0) 2m34.665696942s ago: executing program 6 (id=1232): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x19, 0x4, 0x4, 0x7ff, 0x0, 0xffffffffffffffff, 0x7f}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) 2m31.673012748s ago: executing program 6 (id=1237): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socket(0x2, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f00000005c0)=ANY=[@ANYBLOB="010001"]) r3 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x8000004) 2m14.924836942s ago: executing program 34 (id=1237): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socket(0x2, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f00000005c0)=ANY=[@ANYBLOB="010001"]) r3 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x8000004) 1m28.2752795s ago: executing program 0 (id=1349): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000300)='%pB \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8a", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r2, 0x18000000000002a0, 0x48, 0x62, &(0x7f0000000600)="b9ff03075fe9008cb89e08e086dd", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x28) 1m26.039073391s ago: executing program 0 (id=1351): r0 = socket(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f00000000c0)=0x85, 0x4) syz_emit_ethernet(0x4e, &(0x7f00000020c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe80000000000000000000"], 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002240)=""/17, 0x15}, 0x8e0f}], 0x400029c, 0x40010142, 0x0) 1m22.135063213s ago: executing program 0 (id=1356): socket$unix(0x1, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0x17, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200009d000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xb, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$xdp(0x2c, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1m17.324030828s ago: executing program 0 (id=1360): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000300)='%pB \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8a", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r2, 0x18000000000002a0, 0x48, 0x62, &(0x7f0000000600)="b9ff03075fe9008cb89e08e086dd", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x28) 1m14.037238624s ago: executing program 0 (id=1361): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp', 0x5) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x23) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000300)='bbr', 0x3) sendmmsg$inet(r0, &(0x7f0000002c00)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000200)="9d82", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000009c0)="ea1747ee24b86a34d6d5c2e1a5c3fa9bed5f96120d23943a47f115bec6dc08286796f83a316ba76165d3827b631e77dc07a55a6cde8915a691dd4fc768ddd8c53468317c75a269a9928b524cf62f19d7ef3c0a0b030c0d185464d4ba8418d407ef29fc1e4761bcb5a68fcd2317bbfb4eb98caa0d3e2e006a251e095ed496a5552fbf256eb2f643df539bad7e9d72146c7ac03fdba4ce87cb39600feede00000000000000000000000000000616e811ea5c31696a5bc384e7f0005667204385829db5b25119eb84592478e1c5030e645c3ad26abd9cb62b92d0876b6ebb6c44de8a27cf8575d0e5724cbfa75bc98e7bac4fd80f14fd764bf6aa102ed97bc293ba79240ab1bb4d8b3175792ebce969fa7f39e3811c81b9b56d103e3ad326c56a7f968f32c3e4", 0x125}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="f0", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000640)="251740f4cdcf13168deac77792adbc6555eef609a91b863c0fbfdc0c10b60e2b6c9cf50a4ca2fce585be8ef3ed8b030dc1ac5dafef2ccf99841337770ed3d23be7ec9d98d666206d5cc498d5b541cd3283b342f5002a29ea5e1ea6b54ef3b4ad039aa3f18e36140de7c31e6740", 0x6d}], 0x1}}], 0x4, 0x400c0) 1m12.017787829s ago: executing program 0 (id=1365): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x8001, @empty, 0xffffff5d}, 0x1c) listen(r0, 0x50) r1 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e23, 0x5, @empty, 0x4}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unshare(0x64000600) listen(r1, 0x50) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000003590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 55.500159274s ago: executing program 35 (id=1365): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x8001, @empty, 0xffffff5d}, 0x1c) listen(r0, 0x50) r1 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e23, 0x5, @empty, 0x4}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unshare(0x64000600) listen(r1, 0x50) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000003590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 20.881285742s ago: executing program 2 (id=1428): socket$unix(0x1, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x2, 0x300) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0x17, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200009d000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xb, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$xdp(0x2c, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 16.166640153s ago: executing program 2 (id=1430): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfd9fb, {0x0, 0x0, 0x0, 0x0, 0x2017, 0x2021}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000002) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'macvlan1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000010025bd7100fddbdf2500000000", @ANYRES32=r2], 0x48}, 0x1, 0x0, 0x0, 0x4004855}, 0x4840) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) 14.718564459s ago: executing program 5 (id=1431): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a000000"], 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b8000000190001000000001300000000e00000020000000000200000000000000000000000000000000002000000000000000000000000000a"], 0xb8}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a0000002900", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000900000000000000000000000000000000000000000000000200000000000000ffffff00000000000000000000000000000000000000000000000000ffffffffffffffff070000000000000000000000000101"], 0xb8}}, 0x10) 9.653688132s ago: executing program 5 (id=1433): socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) epoll_create1(0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) r2 = socket$inet_sctp(0x2, 0x1, 0x84) dup(r2) socket$nl_netfilter(0x10, 0x3, 0xc) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r3, 0x6d, 0x3, 0xfffffffffffffffe}) writev(r3, 0x0, 0x0) 9.647811306s ago: executing program 3 (id=1434): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000d80)="b8", 0x1}], 0x1}, 0xc080) r0 = socket$kcm(0xa, 0x3, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) close(0x3) socket$kcm(0xa, 0x3, 0x87) sendmsg$kcm(r0, &(0x7f00000005c0)={&(0x7f0000000380)=@l2tp6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000080), 0x1}, 0x0) 7.297485606s ago: executing program 3 (id=1435): syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x10) 6.473491937s ago: executing program 2 (id=1436): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000003440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x40}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_POLICY={0x8}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x9}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xc2}]}], {0x14}}, 0x70}, 0x1, 0x0, 0x0, 0x40080c0}, 0x0) 6.002487644s ago: executing program 5 (id=1437): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0)={0xffffffffffffffff}, 0x13f, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000300)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r3, 0x4000}}, 0x20) 6.002011788s ago: executing program 3 (id=1438): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x19, 0x4, 0x4, 0x7ff, 0x0, 0xffffffffffffffff, 0x7f}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) 4.650761281s ago: executing program 2 (id=1439): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000400)=0x1, 0xa) connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x58}}, 0x10) sendto(r2, &(0x7f0000000140)='A', 0xfffff, 0x40008c1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x4898, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 4.356306027s ago: executing program 5 (id=1440): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94) 3.347168944s ago: executing program 3 (id=1441): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0xd0}]}, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) 2.233369246s ago: executing program 3 (id=1442): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) connect$inet6(r0, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup3(r0, r1, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xfffffffffffffecd, 0x0, 0x0}, &(0x7f0000001380)=0x40) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000400)=0x40) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 2.199811454s ago: executing program 5 (id=1443): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r0, 0x7ff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='dctcp', 0x5) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r1, &(0x7f0000000300), 0x0, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c) 2.120526842s ago: executing program 2 (id=1444): read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) socket(0x2c, 0x3, 0x0) epoll_create1(0x0) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="ff", 0xfffffe8e}], 0x1, 0x40e7f, 0x7, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x133042, 0x19) write$P9_RREADLINK(r3, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r4, &(0x7f0000000200)={0xa, 0x4e22, 0x2, @empty, 0x8}, 0x1c) listen(r4, 0x204) r5 = socket$netlink(0x10, 0x3, 0x4) writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b4560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a09000000ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) shutdown(r6, 0x1) gettid() 896.521722ms ago: executing program 5 (id=1445): socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) epoll_create1(0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) r2 = socket$inet_sctp(0x2, 0x1, 0x84) dup(r2) socket$nl_netfilter(0x10, 0x3, 0xc) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r3, 0x6d, 0x3, 0xfffffffffffffffe}) writev(r3, &(0x7f00000000c0), 0x0) 469.480972ms ago: executing program 3 (id=1446): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x9, 0x3, &(0x7f0000000000)=@framed, 0x0}, 0x94) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r2, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x0) 0s ago: executing program 2 (id=1447): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000003440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x40}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_POLICY={0x8}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x9}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xc2}]}], {0x14}}, 0x70}, 0x1, 0x0, 0x0, 0x40080c0}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts. [ 82.022145][ T5786] cgroup: Unknown subsys name 'net' [ 82.273767][ T5786] cgroup: Unknown subsys name 'cpuset' [ 82.348760][ T5786] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.140021][ T5786] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.182266][ T991] cfg80211: failed to load regulatory.db [ 88.575618][ T5800] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.578458][ T5800] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.579244][ T5800] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.581345][ T5800] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.582161][ T5800] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.653825][ T5803] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.666783][ T5803] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.677128][ T5803] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.685790][ T5803] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.686597][ T5803] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.764933][ T5803] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.767734][ T5803] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.772725][ T5803] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.773959][ T5803] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.774767][ T5803] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.830477][ T5803] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.834907][ T5803] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.835796][ T5803] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.837098][ T5803] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.837969][ T5803] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.866306][ T61] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.869240][ T61] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.870012][ T61] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.871188][ T61] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.871923][ T61] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.623504][ T5798] chnl_net:caif_netlink_parms(): no params data found [ 89.633008][ T5797] chnl_net:caif_netlink_parms(): no params data found [ 90.030335][ T5805] chnl_net:caif_netlink_parms(): no params data found [ 90.048569][ T5808] chnl_net:caif_netlink_parms(): no params data found [ 90.168422][ T5806] chnl_net:caif_netlink_parms(): no params data found [ 90.609732][ T5798] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.610015][ T5798] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.610370][ T5798] bridge_slave_0: entered allmulticast mode [ 90.612106][ T5798] bridge_slave_0: entered promiscuous mode [ 90.620400][ T61] Bluetooth: hci0: command tx timeout [ 90.654626][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.654843][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.655422][ T5797] bridge_slave_0: entered allmulticast mode [ 90.662672][ T5797] bridge_slave_0: entered promiscuous mode [ 90.683587][ T5798] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.683739][ T5798] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.683925][ T5798] bridge_slave_1: entered allmulticast mode [ 90.687411][ T5798] bridge_slave_1: entered promiscuous mode [ 90.778275][ T61] Bluetooth: hci1: command tx timeout [ 90.809031][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.809133][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.809236][ T5797] bridge_slave_1: entered allmulticast mode [ 90.810738][ T5797] bridge_slave_1: entered promiscuous mode [ 90.859555][ T5803] Bluetooth: hci3: command tx timeout [ 90.859550][ T61] Bluetooth: hci2: command tx timeout [ 90.938224][ T5803] Bluetooth: hci4: command tx timeout [ 91.342737][ T5798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.428860][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.511474][ T5798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.511724][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.511912][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.512018][ T5805] bridge_slave_0: entered allmulticast mode [ 91.513501][ T5805] bridge_slave_0: entered promiscuous mode [ 91.575394][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.575613][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.575742][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.575909][ T5808] bridge_slave_0: entered allmulticast mode [ 91.585781][ T5808] bridge_slave_0: entered promiscuous mode [ 91.699293][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.699428][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.699537][ T5805] bridge_slave_1: entered allmulticast mode [ 91.701118][ T5805] bridge_slave_1: entered promiscuous mode [ 91.859011][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.859132][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.859237][ T5808] bridge_slave_1: entered allmulticast mode [ 91.860717][ T5808] bridge_slave_1: entered promiscuous mode [ 92.209500][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.209608][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.209811][ T5806] bridge_slave_0: entered allmulticast mode [ 92.211420][ T5806] bridge_slave_0: entered promiscuous mode [ 92.361159][ T5798] team0: Port device team_slave_0 added [ 92.419159][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.419305][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.419472][ T5806] bridge_slave_1: entered allmulticast mode [ 92.421443][ T5806] bridge_slave_1: entered promiscuous mode [ 92.425025][ T5797] team0: Port device team_slave_0 added [ 92.511630][ T5798] team0: Port device team_slave_1 added [ 92.515171][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.610624][ T5797] team0: Port device team_slave_1 added [ 92.613786][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.698225][ T5803] Bluetooth: hci0: command tx timeout [ 92.701944][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.821234][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.858358][ T5803] Bluetooth: hci1: command tx timeout [ 92.938391][ T5803] Bluetooth: hci2: command tx timeout [ 92.938415][ T61] Bluetooth: hci3: command tx timeout [ 92.972214][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.018317][ T5803] Bluetooth: hci4: command tx timeout [ 93.120306][ T5798] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.120321][ T5798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.120335][ T5798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.451773][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.452452][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.452461][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.452474][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.560846][ T5798] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.560864][ T5798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.560889][ T5798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.563508][ T5805] team0: Port device team_slave_0 added [ 93.639689][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.639703][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.639716][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.650441][ T5808] team0: Port device team_slave_0 added [ 93.654790][ T5805] team0: Port device team_slave_1 added [ 93.752214][ T5808] team0: Port device team_slave_1 added [ 93.850473][ T5806] team0: Port device team_slave_0 added [ 94.011687][ T5806] team0: Port device team_slave_1 added [ 94.145401][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.145418][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.145443][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.549729][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.549747][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.549761][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.550892][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.550905][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.550928][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.775806][ T5798] hsr_slave_0: entered promiscuous mode [ 94.777191][ T5798] hsr_slave_1: entered promiscuous mode [ 94.781670][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.781685][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.781708][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.788317][ T5803] Bluetooth: hci0: command tx timeout [ 94.805212][ T5797] hsr_slave_0: entered promiscuous mode [ 94.806583][ T5797] hsr_slave_1: entered promiscuous mode [ 94.807757][ T5797] debugfs: 'hsr0' already exists in 'hsr' [ 94.807872][ T5797] Cannot create hsr debugfs directory [ 94.811708][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.811721][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.811744][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.832344][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.832360][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.832383][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.938266][ T5803] Bluetooth: hci1: command tx timeout [ 95.018249][ T61] Bluetooth: hci3: command tx timeout [ 95.018370][ T5803] Bluetooth: hci2: command tx timeout [ 95.098305][ T5803] Bluetooth: hci4: command tx timeout [ 95.334615][ T5805] hsr_slave_0: entered promiscuous mode [ 95.335453][ T5805] hsr_slave_1: entered promiscuous mode [ 95.336031][ T5805] debugfs: 'hsr0' already exists in 'hsr' [ 95.336049][ T5805] Cannot create hsr debugfs directory [ 95.563022][ T5808] hsr_slave_0: entered promiscuous mode [ 95.563961][ T5808] hsr_slave_1: entered promiscuous mode [ 95.564524][ T5808] debugfs: 'hsr0' already exists in 'hsr' [ 95.564541][ T5808] Cannot create hsr debugfs directory [ 95.749364][ T5806] hsr_slave_0: entered promiscuous mode [ 95.750183][ T5806] hsr_slave_1: entered promiscuous mode [ 95.750766][ T5806] debugfs: 'hsr0' already exists in 'hsr' [ 95.750784][ T5806] Cannot create hsr debugfs directory [ 96.858194][ T5803] Bluetooth: hci0: command tx timeout [ 97.019267][ T5803] Bluetooth: hci1: command tx timeout [ 97.032680][ T5798] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.064534][ T5798] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.094823][ T5798] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.099413][ T61] Bluetooth: hci3: command tx timeout [ 97.099464][ T5803] Bluetooth: hci2: command tx timeout [ 97.155365][ T5798] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.178521][ T5803] Bluetooth: hci4: command tx timeout [ 97.273964][ T5805] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.315941][ T5805] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.333996][ T5805] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.393311][ T5805] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.518715][ T5797] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.544944][ T5797] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.585612][ T5797] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.642803][ T5797] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.791871][ T5808] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 97.835997][ T5808] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 97.867193][ T5808] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 97.921761][ T5808] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 98.043893][ T5798] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.072129][ T5806] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.114086][ T5806] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.150281][ T5806] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.184943][ T5806] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.271430][ T5798] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.296200][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.313800][ T1217] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.314306][ T1217] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.363115][ T1217] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.363271][ T1217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.425152][ T5805] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.464053][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.464187][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.471832][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.511010][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.511212][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.568885][ T5797] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.607783][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.607929][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.629931][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.663288][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.665481][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.766583][ T5808] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.825239][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.826158][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.842900][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.879420][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.879563][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.981917][ T5806] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.026186][ T1164] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.027123][ T1164] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.093505][ T1164] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.094281][ T1164] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.152142][ T5798] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.335978][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.539483][ T5798] veth0_vlan: entered promiscuous mode [ 99.601538][ T5798] veth1_vlan: entered promiscuous mode [ 99.653867][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.684672][ T5805] veth0_vlan: entered promiscuous mode [ 99.694180][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.754520][ T5805] veth1_vlan: entered promiscuous mode [ 99.824626][ T5798] veth0_macvtap: entered promiscuous mode [ 99.857421][ T5798] veth1_macvtap: entered promiscuous mode [ 99.887693][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.971671][ T5797] veth0_vlan: entered promiscuous mode [ 99.992591][ T5798] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.996595][ T5805] veth0_macvtap: entered promiscuous mode [ 100.027229][ T5798] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.034949][ T5805] veth1_macvtap: entered promiscuous mode [ 100.045730][ T5797] veth1_vlan: entered promiscuous mode [ 100.094390][ T1238] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.124708][ T1238] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.133871][ T1238] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.152164][ T1238] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.232708][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.293192][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.360270][ T5806] veth0_vlan: entered promiscuous mode [ 100.403425][ T1238] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.406797][ T1238] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.427173][ T5797] veth0_macvtap: entered promiscuous mode [ 100.434369][ T1238] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.459776][ T1238] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.485923][ T5797] veth1_macvtap: entered promiscuous mode [ 100.496034][ T5806] veth1_vlan: entered promiscuous mode [ 100.563381][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.563408][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.686696][ T5808] veth0_vlan: entered promiscuous mode [ 100.784777][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.784800][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.791195][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.860407][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.876566][ T5808] veth1_vlan: entered promiscuous mode [ 100.905436][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.905459][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.934248][ T4558] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.953168][ T4558] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.969500][ T4558] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.984900][ T4558] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.995042][ T5806] veth0_macvtap: entered promiscuous mode [ 101.066755][ T4558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.066778][ T4558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.083133][ T5806] veth1_macvtap: entered promiscuous mode [ 101.336911][ T5808] veth0_macvtap: entered promiscuous mode [ 101.398775][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.400494][ T5808] veth1_macvtap: entered promiscuous mode [ 101.429193][ T4558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.429264][ T4558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.472171][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.626766][ T1164] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.652265][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.652408][ T1164] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.677722][ T1164] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.687018][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.687040][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.713646][ T1164] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.767649][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.218885][ T1164] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.228784][ T1164] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.240529][ T1164] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.300393][ T1164] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.842349][ T1238] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.842388][ T1238] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.989843][ T5952] netlink: 24 bytes leftover after parsing attributes in process `syz.2.18'. [ 113.039735][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.039759][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.855755][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.855778][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.386030][ T1164] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.386055][ T1164] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.516628][ T6007] syz.0.37 (6007) used greatest stack depth: 17800 bytes left [ 116.907636][ T1164] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.193043][ T6056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.59'. [ 117.193077][ T6056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.59'. [ 117.407499][ T61] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 117.422815][ T61] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 117.426676][ T61] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 117.430319][ T61] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 117.433066][ T61] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 117.501325][ T6064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.62'. [ 117.814889][ T1164] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.060612][ T1164] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.494743][ T1164] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.498193][ T61] Bluetooth: hci3: command tx timeout [ 119.992825][ T6122] netlink: 24 bytes leftover after parsing attributes in process `syz.3.87'. [ 120.183684][ T6123] overlayfs: failed to clone lowerpath [ 121.200631][ T6140] fuse: Bad value for 'fd' [ 121.541316][ T6156] fuse: Bad value for 'fd' [ 121.580911][ T61] Bluetooth: hci3: command tx timeout [ 121.862779][ T6059] chnl_net:caif_netlink_parms(): no params data found [ 121.899515][ T1164] bridge_slave_1: left allmulticast mode [ 121.899732][ T1164] bridge_slave_1: left promiscuous mode [ 121.902467][ T1164] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.996230][ T1164] bridge_slave_0: left allmulticast mode [ 121.996265][ T1164] bridge_slave_0: left promiscuous mode [ 122.002330][ T1164] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.241086][ T6174] fuse: Bad value for 'fd' [ 123.401012][ T6193] netlink: 72 bytes leftover after parsing attributes in process `syz.0.114'. [ 123.478402][ T6195] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 123.644376][ T6200] fuse: Bad value for 'fd' [ 123.658213][ T61] Bluetooth: hci3: command tx timeout [ 124.038950][ T1164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 124.133096][ T1164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 124.171896][ T1164] bond0 (unregistering): Released all slaves [ 124.333278][ T6194] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 125.740861][ T61] Bluetooth: hci3: command tx timeout [ 126.226119][ T6059] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.226334][ T6059] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.226547][ T6059] bridge_slave_0: entered allmulticast mode [ 126.260627][ T6059] bridge_slave_0: entered promiscuous mode [ 126.274985][ T6059] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.275122][ T6059] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.275369][ T6059] bridge_slave_1: entered allmulticast mode [ 126.293795][ T37] audit: type=1326 audit(1760495773.931:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.306638][ T37] audit: type=1326 audit(1760495773.961:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315633][ T37] audit: type=1326 audit(1760495773.961:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315690][ T37] audit: type=1326 audit(1760495773.961:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315730][ T37] audit: type=1326 audit(1760495773.971:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315770][ T37] audit: type=1326 audit(1760495773.971:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315809][ T37] audit: type=1326 audit(1760495773.971:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315849][ T37] audit: type=1326 audit(1760495773.971:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315889][ T37] audit: type=1326 audit(1760495773.971:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.315929][ T37] audit: type=1326 audit(1760495773.971:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8258eec9 code=0x7fc00000 [ 126.525670][ T6059] bridge_slave_1: entered promiscuous mode [ 127.958069][ T1164] hsr_slave_0: left promiscuous mode [ 128.628461][ T6273] netlink: 24 bytes leftover after parsing attributes in process `syz.0.149'. [ 128.838187][ T1164] hsr_slave_1: left promiscuous mode [ 128.839494][ T1164] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 128.839597][ T1164] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 128.904382][ T1164] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 128.904410][ T1164] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 128.989188][ T1164] veth1_macvtap: left promiscuous mode [ 128.989442][ T1164] veth0_macvtap: left promiscuous mode [ 128.989745][ T1164] veth1_vlan: left promiscuous mode [ 128.990048][ T1164] veth0_vlan: left promiscuous mode [ 131.090153][ T1164] team0 (unregistering): Port device team_slave_1 removed [ 131.299480][ T1164] team0 (unregistering): Port device team_slave_0 removed [ 133.282661][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.282761][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.332537][ T6320] fuse: Unknown parameter 'grou00000000000000000000' [ 133.970314][ T6343] fuse: Unknown parameter 'grou00000000000000000000' [ 134.552260][ T6059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 134.852728][ T6059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.749670][ T6362] netlink: 24 bytes leftover after parsing attributes in process `syz.3.183'. [ 136.304446][ T6059] team0: Port device team_slave_0 added [ 136.363092][ T6059] team0: Port device team_slave_1 added [ 136.984856][ T6391] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 137.048982][ T6403] netlink: 24 bytes leftover after parsing attributes in process `syz.3.201'. [ 137.431376][ T6059] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 137.431393][ T6059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 137.431417][ T6059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 137.519110][ T6059] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 137.519128][ T6059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 137.519153][ T6059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.054089][ T6059] hsr_slave_0: entered promiscuous mode [ 138.078879][ T6059] hsr_slave_1: entered promiscuous mode [ 138.081067][ T6059] debugfs: 'hsr0' already exists in 'hsr' [ 138.081110][ T6059] Cannot create hsr debugfs directory [ 141.900497][ T6059] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 142.045301][ T6059] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 142.144977][ T6059] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 142.246707][ T6059] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 143.516798][ T6059] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.635972][ T6059] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.708607][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.709105][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.810213][ T1443] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.817957][ T1443] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.112304][ T6570] netlink: 8 bytes leftover after parsing attributes in process `syz.4.252'. [ 144.358964][ T6581] fuse: Unknown parameter 'group_id00000000000000000000' [ 144.518471][ T6583] mmap: syz.3.258 (6583) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 145.621594][ T6059] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 149.026568][ T6658] netlink: 32 bytes leftover after parsing attributes in process `syz.0.277'. [ 149.094218][ T6659] netlink: 32 bytes leftover after parsing attributes in process `syz.0.277'. [ 149.310386][ T6668] fuse: Bad value for 'user_id' [ 149.310408][ T6668] fuse: Bad value for 'user_id' [ 149.329761][ T6659] Zero length message leads to an empty skb [ 149.399440][ T5803] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 149.407254][ T5803] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 149.426845][ T5803] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 149.446773][ T5803] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 149.447544][ T5803] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 151.317478][ T6080] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.439074][ T6059] veth0_vlan: entered promiscuous mode [ 151.483513][ T6059] veth1_vlan: entered promiscuous mode [ 151.498688][ T5803] Bluetooth: hci4: command tx timeout [ 151.770677][ T6700] fuse: Bad value for 'user_id' [ 151.770699][ T6700] fuse: Bad value for 'user_id' [ 152.266513][ T6080] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.195223][ T6059] veth0_macvtap: entered promiscuous mode [ 153.578241][ T5803] Bluetooth: hci4: command tx timeout [ 154.540307][ T6080] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.633375][ T6059] veth1_macvtap: entered promiscuous mode [ 154.859166][ T6746] fuse: Bad value for 'user_id' [ 154.859188][ T6746] fuse: Bad value for 'user_id' [ 155.963303][ T5803] Bluetooth: hci4: command tx timeout [ 156.004338][ T6080] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.145966][ T6059] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.264404][ T6059] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.294050][ T1164] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.294937][ T1164] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.295310][ T1164] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.295553][ T1164] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.425035][ T6670] chnl_net:caif_netlink_parms(): no params data found [ 157.478865][ T6780] fuse: Bad value for 'fd' [ 157.979435][ T5803] Bluetooth: hci4: command tx timeout [ 159.797756][ T188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 159.797794][ T188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.115474][ T6080] bridge_slave_1: left allmulticast mode [ 160.115508][ T6080] bridge_slave_1: left promiscuous mode [ 160.115764][ T6080] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.401317][ T6829] netlink: 20 bytes leftover after parsing attributes in process `syz.2.329'. [ 160.420327][ T6080] bridge_slave_0: left allmulticast mode [ 160.420363][ T6080] bridge_slave_0: left promiscuous mode [ 160.424800][ T6080] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.648662][ T6840] netlink: 'syz.3.331': attribute type 8 has an invalid length. [ 166.319123][ T6080] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 166.388835][ T6080] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 166.434263][ T6080] bond0 (unregistering): Released all slaves [ 166.498617][ T6670] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.498726][ T6670] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.498982][ T6670] bridge_slave_0: entered allmulticast mode [ 166.501118][ T6670] bridge_slave_0: entered promiscuous mode [ 166.590876][ T6670] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.591018][ T6670] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.591312][ T6670] bridge_slave_1: entered allmulticast mode [ 166.594421][ T6670] bridge_slave_1: entered promiscuous mode [ 166.596022][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.596038][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.154092][ T6898] netlink: 24 bytes leftover after parsing attributes in process `syz.0.351'. [ 168.280224][ T6900] capability: warning: `syz.3.352' uses deprecated v2 capabilities in a way that may be insecure [ 168.417307][ T6906] fuse: Invalid rootmode [ 168.486345][ T6670] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 168.533756][ T6670] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.146328][ T6921] sit0: entered promiscuous mode [ 169.155128][ T6921] netlink: 'syz.3.362': attribute type 1 has an invalid length. [ 169.155144][ T6921] netlink: 1 bytes leftover after parsing attributes in process `syz.3.362'. [ 169.177198][ T6922] gretap1: entered promiscuous mode [ 169.254210][ T6670] team0: Port device team_slave_0 added [ 169.270402][ T6670] team0: Port device team_slave_1 added [ 169.438208][ T6080] hsr_slave_0: left promiscuous mode [ 169.490453][ T6080] hsr_slave_1: left promiscuous mode [ 169.491587][ T6080] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 169.491613][ T6080] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 169.539242][ T6080] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 169.539271][ T6080] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 169.731221][ T6080] veth1_macvtap: left promiscuous mode [ 169.731341][ T6080] veth0_macvtap: left promiscuous mode [ 169.731593][ T6080] veth1_vlan: left promiscuous mode [ 169.731777][ T6080] veth0_vlan: left promiscuous mode [ 173.293175][ T6080] team0 (unregistering): Port device team_slave_1 removed [ 173.618797][ T6080] team0 (unregistering): Port device team_slave_0 removed [ 174.714788][ T7009] netlink: 36 bytes leftover after parsing attributes in process `syz.0.388'. [ 175.301930][ T7015] ======================================================= [ 175.301930][ T7015] WARNING: The mand mount option has been deprecated and [ 175.301930][ T7015] and is ignored by this kernel. Remove the mand [ 175.301930][ T7015] option from the mount to silence this warning. [ 175.301930][ T7015] ======================================================= [ 175.306553][ T7015] overlayfs: failed to clone lowerpath [ 176.617479][ T6670] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 176.617498][ T6670] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 176.617519][ T6670] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.717945][ T6670] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 176.717964][ T6670] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 176.717989][ T6670] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.591644][ T6670] hsr_slave_0: entered promiscuous mode [ 178.604429][ T6670] hsr_slave_1: entered promiscuous mode [ 178.605489][ T6670] debugfs: 'hsr0' already exists in 'hsr' [ 178.605511][ T6670] Cannot create hsr debugfs directory [ 182.354663][ T7134] fuse: Unknown parameter 'use00000000000000000000' [ 182.910664][ T6670] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 182.991248][ T6670] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 183.020226][ T7155] netlink: 24 bytes leftover after parsing attributes in process `syz.2.438'. [ 183.088215][ T6670] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 183.148191][ T6670] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 183.391329][ T7171] netlink: 4 bytes leftover after parsing attributes in process `syz.5.441'. [ 184.068531][ T7171] bond0: (slave bond_slave_0): Releasing backup interface [ 184.561975][ T6670] 8021q: adding VLAN 0 to HW filter on device bond0 [ 184.636568][ T6670] 8021q: adding VLAN 0 to HW filter on device team0 [ 184.662522][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.682066][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 184.735079][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.735236][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 184.895763][ T7214] netlink: 'syz.3.455': attribute type 3 has an invalid length. [ 184.895789][ T7214] netlink: 'syz.3.455': attribute type 1 has an invalid length. [ 184.895802][ T7214] netlink: 60387 bytes leftover after parsing attributes in process `syz.3.455'. [ 186.585812][ T7229] syzkaller0: entered promiscuous mode [ 186.585843][ T7229] syzkaller0: entered allmulticast mode [ 187.393960][ T6670] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.513110][ T7263] netlink: 'syz.0.471': attribute type 3 has an invalid length. [ 187.513138][ T7263] netlink: 'syz.0.471': attribute type 1 has an invalid length. [ 187.513151][ T7263] netlink: 60387 bytes leftover after parsing attributes in process `syz.0.471'. [ 188.782471][ T6670] veth0_vlan: entered promiscuous mode [ 188.805406][ T6670] veth1_vlan: entered promiscuous mode [ 189.013956][ T6670] veth0_macvtap: entered promiscuous mode [ 189.039524][ T6670] veth1_macvtap: entered promiscuous mode [ 189.153518][ T6670] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 189.195642][ T6670] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 189.315937][ T188] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.346201][ T188] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.367431][ T188] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.367957][ T188] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.721057][ T7329] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.724448][ T7329] team0: Port device bond0 added [ 190.836067][ T7332] team0: Port device bond0 removed [ 192.602777][ T1443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.602797][ T1443] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.884427][ T1443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.884447][ T1443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.004609][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.004682][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.308832][ T7424] fuse: Bad value for 'fd' [ 195.821620][ T7440] netlink: 24 bytes leftover after parsing attributes in process `syz.0.529'. [ 197.046906][ T7462] fuse: Bad value for 'fd' [ 199.871247][ T7535] fuse: Unknown parameter '0x0000000000000003' [ 201.235389][ T7558] overlayfs: missing 'workdir' [ 202.522211][ T7579] fuse: Unknown parameter '0x0000000000000003' [ 203.006270][ T7596] overlayfs: missing 'lowerdir' [ 204.253260][ T7618] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 204.255461][ T7618] netlink: 4 bytes leftover after parsing attributes in process `syz.0.593'. [ 205.122139][ T7645] overlayfs: missing 'lowerdir' [ 206.747517][ T7679] overlayfs: missing 'lowerdir' [ 210.464661][ T7741] netlink: 24 bytes leftover after parsing attributes in process `syz.2.636'. [ 210.580436][ T7753] netlink: 40 bytes leftover after parsing attributes in process `syz.0.639'. [ 212.170687][ T7731] Bluetooth: hci0: command 0x0406 tx timeout [ 212.170726][ T7731] Bluetooth: hci1: command 0x0406 tx timeout [ 212.174472][ T7731] Bluetooth: hci2: command 0x0406 tx timeout [ 213.816354][ T7832] overlayfs: failed to clone upperpath [ 213.985062][ T7833] syz.3.666 (7833) used greatest stack depth: 17512 bytes left [ 214.776449][ T7868] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 214.776504][ T7868] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 216.367754][ T7892] erspan1: entered promiscuous mode [ 216.367782][ T7892] erspan1: entered allmulticast mode [ 216.900449][ T7915] overlayfs: missing 'lowerdir' [ 217.833755][ T7947] syz.5.708 (7947) used greatest stack depth: 16632 bytes left [ 217.953866][ T7959] overlayfs: missing 'lowerdir' [ 218.743501][ T7987] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.722'. [ 218.796730][ T7989] netlink: 'syz.0.723': attribute type 3 has an invalid length. [ 218.796759][ T7989] netlink: 'syz.0.723': attribute type 1 has an invalid length. [ 218.796771][ T7989] netlink: 60387 bytes leftover after parsing attributes in process `syz.0.723'. [ 218.962756][ T7994] overlayfs: missing 'lowerdir' [ 219.355864][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.0.731'. [ 219.499760][ T8014] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 219.500584][ T8014] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 219.772998][ T8021] netlink: 55631 bytes leftover after parsing attributes in process `syz.5.735'. [ 219.840828][ T8032] overlayfs: missing 'workdir' [ 221.965643][ T8078] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.751'. [ 224.378868][ T8136] netlink: 64 bytes leftover after parsing attributes in process `syz.2.770'. [ 224.378915][ T8136] team0: No ports can be present during mode change [ 226.305707][ T8178] netlink: 'syz.6.788': attribute type 3 has an invalid length. [ 226.305733][ T8178] netlink: 'syz.6.788': attribute type 1 has an invalid length. [ 226.305746][ T8178] netlink: 60387 bytes leftover after parsing attributes in process `syz.6.788'. [ 227.376958][ T8208] netlink: 4 bytes leftover after parsing attributes in process `syz.2.802'. [ 227.437787][ T8211] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.803'. [ 228.464306][ T8247] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.816'. [ 228.544953][ T8251] netlink: 40 bytes leftover after parsing attributes in process `syz.5.818'. [ 229.211374][ T8287] netlink: 61967 bytes leftover after parsing attributes in process `syz.5.831'. [ 229.305197][ T8289] netlink: 40 bytes leftover after parsing attributes in process `syz.5.832'. [ 229.471584][ T8297] Illegal XDP return value 4294967274 on prog (id 144) dev syz_tun, expect packet loss! [ 230.317121][ T8313] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.843'. [ 230.483817][ T8319] netlink: 40 bytes leftover after parsing attributes in process `syz.6.845'. [ 231.048331][ T8347] process 'syz.2.857' launched '/dev/fd/3' with NULL argv: empty string added [ 234.150729][ T8431] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.895'. [ 237.804413][ T8502] netlink: 40 bytes leftover after parsing attributes in process `syz.3.922'. [ 238.579000][ T8522] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 239.328706][ T8537] netlink: 'syz.2.935': attribute type 3 has an invalid length. [ 239.328736][ T8537] netlink: 61211 bytes leftover after parsing attributes in process `syz.2.935'. [ 240.361519][ T8562] netlink: 40 bytes leftover after parsing attributes in process `syz.3.947'. [ 240.604030][ T8568] netlink: 'syz.3.951': attribute type 3 has an invalid length. [ 240.604058][ T8568] netlink: 61211 bytes leftover after parsing attributes in process `syz.3.951'. [ 240.932777][ T8577] netlink: 61967 bytes leftover after parsing attributes in process `syz.5.955'. [ 241.410799][ T8593] netlink: 40 bytes leftover after parsing attributes in process `syz.3.962'. [ 242.464429][ T8607] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.968'. [ 250.918419][ T8760] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1037'. [ 253.098133][ T61] Bluetooth: hci3: command 0x0406 tx timeout [ 254.948594][ T991] kernel write not supported for file bpf-prog (pid: 991 comm: kworker/1:2) [ 256.154040][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.154116][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.668232][ T991] kernel write not supported for file bpf-prog (pid: 991 comm: kworker/1:2) [ 259.775672][ T8857] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1080'. [ 267.807598][ T8951] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1119'. [ 268.170100][ T8954] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1118'. [ 270.412637][ T9003] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1138'. [ 276.844618][ T9049] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1154'. [ 285.729932][ T9090] netlink: 'syz.5.1172': attribute type 3 has an invalid length. [ 285.729953][ T9090] netlink: 61211 bytes leftover after parsing attributes in process `syz.5.1172'. [ 296.585205][ T9126] netlink: 'syz.0.1186': attribute type 3 has an invalid length. [ 296.585234][ T9126] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.1186'. [ 303.538758][ T9159] netlink: 'syz.3.1200': attribute type 3 has an invalid length. [ 303.538787][ T9159] netlink: 61211 bytes leftover after parsing attributes in process `syz.3.1200'. [ 307.084329][ T9186] fuse: Bad value for 'fd' [ 312.655039][ T9220] fuse: Bad value for 'fd' [ 317.788872][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.788946][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.445234][ T9235] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1233'. [ 324.778585][ T5117] Bluetooth: hci4: command 0x0406 tx timeout [ 335.962091][ T9328] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1262'. [ 345.196331][ T5117] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 345.219895][ T5117] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 345.227159][ T5117] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 345.253465][ T5117] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 345.254351][ T5117] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 346.006789][ T9371] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.1279'. [ 347.418634][ T5117] Bluetooth: hci5: command tx timeout [ 349.498149][ T5117] Bluetooth: hci5: command tx timeout [ 350.035274][ T9391] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1286'. [ 351.578163][ T5117] Bluetooth: hci5: command tx timeout [ 353.145442][ T9401] fuse: Unknown parameter 'use00000000000000000000' [ 353.660503][ T5117] Bluetooth: hci5: command tx timeout [ 354.342135][ T9360] chnl_net:caif_netlink_parms(): no params data found [ 355.171964][ T9418] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1299'. [ 357.382641][ T9425] netlink: 61775 bytes leftover after parsing attributes in process `syz.3.1303'. [ 361.810794][ T9458] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.1315'. [ 361.818348][ T9360] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.818497][ T9360] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.818817][ T9360] bridge_slave_0: entered allmulticast mode [ 361.852445][ T9360] bridge_slave_0: entered promiscuous mode [ 361.999123][ T9360] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.004282][ T9360] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.004920][ T9360] bridge_slave_1: entered allmulticast mode [ 362.007794][ T9360] bridge_slave_1: entered promiscuous mode [ 368.799969][ T9360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 369.749264][ T9360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 375.582039][ T9360] team0: Port device team_slave_0 added [ 375.700431][ T9360] team0: Port device team_slave_1 added [ 377.169986][ T9525] 9pnet_fd: Insufficient options for proto=fd [ 379.028149][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.028225][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.913118][ T9360] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 382.913138][ T9360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 382.913162][ T9360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 383.023889][ T9360] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 383.023909][ T9360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 383.023934][ T9360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 396.214177][ T9360] hsr_slave_0: entered promiscuous mode [ 396.215576][ T9360] hsr_slave_1: entered promiscuous mode [ 396.216361][ T9360] debugfs: 'hsr0' already exists in 'hsr' [ 396.216381][ T9360] Cannot create hsr debugfs directory [ 407.361411][ T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 407.376291][ T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 407.377516][ T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 407.379450][ T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 407.413350][ T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 407.513917][ T9634] fuse: Bad value for 'fd' [ 409.498291][ T5117] Bluetooth: hci6: command tx timeout [ 411.608248][ T5117] Bluetooth: hci6: command tx timeout [ 413.658134][ T5117] Bluetooth: hci6: command tx timeout [ 415.794028][ T5117] Bluetooth: hci6: command tx timeout [ 416.577572][ T9672] fuse: Bad value for 'fd' [ 419.366191][ T61] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 419.938362][ T61] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 419.970030][ T61] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 420.693526][ T61] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 420.694443][ T61] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 422.928213][ T5117] Bluetooth: hci5: command tx timeout [ 425.028905][ T5117] Bluetooth: hci5: command tx timeout [ 427.174772][ T5117] Bluetooth: hci5: command tx timeout [ 429.179022][ T5117] Bluetooth: hci5: command tx timeout [ 432.262546][ T9730] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1408'. [ 434.333456][ T9628] chnl_net:caif_netlink_parms(): no params data found [ 434.735847][ T9678] chnl_net:caif_netlink_parms(): no params data found [ 440.583777][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.607547][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 456.830170][ T9804] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1430'. [ 463.755352][ T9678] bridge0: port 1(bridge_slave_0) entered blocking state [ 463.755549][ T9678] bridge0: port 1(bridge_slave_0) entered disabled state [ 463.755871][ T9678] bridge_slave_0: entered allmulticast mode [ 463.882972][ T9678] bridge_slave_0: entered promiscuous mode [ 464.468387][ T9678] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.468535][ T9678] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.468870][ T9678] bridge_slave_1: entered allmulticast mode [ 464.471848][ T9678] bridge_slave_1: entered promiscuous mode [ 467.262194][ T61] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 467.281322][ T61] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 467.283104][ T61] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 467.315309][ T61] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 467.336344][ T61] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 470.238181][ T61] Bluetooth: hci7: command tx timeout [ 471.178850][ T38] INFO: task kworker/u8:8:1217 blocked for more than 143 seconds. [ 471.178884][ T38] Not tainted syzkaller #0 [ 471.178895][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 471.178904][ T38] task:kworker/u8:8 state:D stack:17064 pid:1217 tgid:1217 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 471.178965][ T38] Workqueue: events_unbound bpf_map_free_deferred [ 471.179008][ T38] Call Trace: [ 471.179019][ T38] [ 471.179035][ T38] __schedule+0x16f3/0x4c20 [ 471.179080][ T38] ? __init_swait_queue_head+0xa9/0x150 [ 471.179122][ T38] ? __pfx___schedule+0x10/0x10 [ 471.179168][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 471.179199][ T38] rt_mutex_schedule+0x77/0xf0 [ 471.179224][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 471.179248][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 471.179290][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 471.179317][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 471.179341][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 471.179361][ T38] ? __lock_acquire+0xab9/0xd20 [ 471.179402][ T38] ? rcu_barrier+0x4c/0x570 [ 471.179443][ T38] ? rcu_barrier+0x4c/0x570 [ 471.179464][ T38] mutex_lock_nested+0x16a/0x1d0 [ 471.179486][ T38] ? synchronize_rcu+0x11a/0x310 [ 471.179512][ T38] rcu_barrier+0x4c/0x570 [ 471.179541][ T38] ? rt_spin_unlock+0x161/0x200 [ 471.179567][ T38] dev_map_free+0x11f/0x6a0 [ 471.179587][ T38] ? kfree+0x51/0x950 [ 471.179612][ T38] ? bpf_map_free+0x86/0x3f0 [ 471.179636][ T38] bpf_map_free+0x19b/0x3f0 [ 471.179655][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 471.179687][ T38] process_scheduled_works+0xae1/0x17b0 [ 471.179747][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 471.179794][ T38] worker_thread+0x8a0/0xda0 [ 471.179843][ T38] kthread+0x711/0x8a0 [ 471.179870][ T38] ? __pfx_worker_thread+0x10/0x10 [ 471.179888][ T38] ? __pfx_kthread+0x10/0x10 [ 471.179906][ T38] ? rt_spin_unlock+0x150/0x200 [ 471.179934][ T38] ? rt_spin_unlock+0x161/0x200 [ 471.179955][ T38] ? __pfx_kthread+0x10/0x10 [ 471.179984][ T38] ret_from_fork+0x4bc/0x870 [ 471.180015][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 471.180050][ T38] ? __switch_to_asm+0x39/0x70 [ 471.180074][ T38] ? __switch_to_asm+0x33/0x70 [ 471.180096][ T38] ? __pfx_kthread+0x10/0x10 [ 471.180119][ T38] ret_from_fork_asm+0x1a/0x30 [ 471.180163][ T38] [ 471.180260][ T38] INFO: task kworker/u8:11:4558 blocked for more than 143 seconds. [ 471.180274][ T38] Not tainted syzkaller #0 [ 471.180284][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 471.180293][ T38] task:kworker/u8:11 state:D stack:18776 pid:4558 tgid:4558 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 471.180340][ T38] Workqueue: events_unbound bpf_map_free_deferred [ 471.180358][ T38] Call Trace: [ 471.180364][ T38] [ 471.180377][ T38] __schedule+0x16f3/0x4c20 [ 471.180425][ T38] ? __init_swait_queue_head+0xa9/0x150 [ 471.180464][ T38] ? __pfx___schedule+0x10/0x10 [ 471.180508][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 471.180539][ T38] rt_mutex_schedule+0x77/0xf0 [ 471.180559][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 471.180580][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 471.180620][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 471.180644][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 471.180668][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 471.180689][ T38] ? __lock_acquire+0xab9/0xd20 [ 471.180722][ T38] ? rcu_barrier+0x4c/0x570 [ 471.180761][ T38] ? rcu_barrier+0x4c/0x570 [ 471.180782][ T38] mutex_lock_nested+0x16a/0x1d0 [ 471.180803][ T38] ? synchronize_rcu+0x11a/0x310 [ 471.180830][ T38] rcu_barrier+0x4c/0x570 [ 471.180859][ T38] ? rt_spin_unlock+0x161/0x200 [ 471.180885][ T38] dev_map_free+0x11f/0x6a0 [ 471.180904][ T38] ? kfree+0x51/0x950 [ 471.180928][ T38] ? bpf_map_free+0x86/0x3f0 [ 471.180952][ T38] bpf_map_free+0x19b/0x3f0 [ 471.180971][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 471.181001][ T38] process_scheduled_works+0xae1/0x17b0 [ 471.181061][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 471.181108][ T38] worker_thread+0x8a0/0xda0 [ 471.181127][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 471.181163][ T38] ? __kthread_parkme+0x7b/0x200 [ 471.181194][ T38] kthread+0x711/0x8a0 [ 471.181220][ T38] ? __pfx_worker_thread+0x10/0x10 [ 471.181238][ T38] ? __pfx_kthread+0x10/0x10 [ 471.181256][ T38] ? rt_spin_unlock+0x150/0x200 [ 471.181283][ T38] ? rt_spin_unlock+0x161/0x200 [ 471.181304][ T38] ? __pfx_kthread+0x10/0x10 [ 471.181327][ T38] ret_from_fork+0x4bc/0x870 [ 471.181358][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 471.181403][ T38] ? __switch_to_asm+0x39/0x70 [ 471.181425][ T38] ? __switch_to_asm+0x33/0x70 [ 471.181447][ T38] ? __pfx_kthread+0x10/0x10 [ 471.181470][ T38] ret_from_fork_asm+0x1a/0x30 [ 471.181514][ T38] [ 471.181606][ T38] INFO: task syz.6.1237:9249 blocked for more than 143 seconds. [ 471.181620][ T38] Not tainted syzkaller #0 [ 471.181629][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 471.181638][ T38] task:syz.6.1237 state:D stack:24040 pid:9249 tgid:9249 ppid:6670 task_flags:0x400040 flags:0x00080003 [ 471.181687][ T38] Call Trace: [ 471.181694][ T38] [ 471.181705][ T38] __schedule+0x16f3/0x4c20 [ 471.181761][ T38] ? __pfx___schedule+0x10/0x10 [ 471.181807][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 471.181837][ T38] rt_mutex_schedule+0x77/0xf0 [ 471.181860][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 471.181882][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 471.181925][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 471.181950][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 471.181975][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 471.181995][ T38] ? __lock_acquire+0xab9/0xd20 [ 471.182027][ T38] ? rcu_barrier+0x4c/0x570 [ 471.182065][ T38] ? rcu_barrier+0x4c/0x570 [ 471.182086][ T38] mutex_lock_nested+0x16a/0x1d0 [ 471.182107][ T38] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 471.182132][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 471.182157][ T38] rcu_barrier+0x4c/0x570 [ 471.182184][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 471.182207][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 471.182229][ T38] netdev_run_todo+0x327/0xea0 [ 471.182255][ T38] ? __pfx_netif_state_change+0x10/0x10 [ 471.182280][ T38] ? __pfx_netdev_run_todo+0x10/0x10 [ 471.182299][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 471.182337][ T38] ? netdev_state_change+0x1ca/0x220 [ 471.182364][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 471.182386][ T38] tun_chr_close+0x13f/0x1c0 [ 471.182417][ T38] __fput+0x45b/0xa80 [ 471.182455][ T38] task_work_run+0x1d4/0x260 [ 471.182483][ T38] ? __pfx_task_work_run+0x10/0x10 [ 471.182511][ T38] ? exit_to_user_mode_loop+0x40/0x130 [ 471.182536][ T38] exit_to_user_mode_loop+0xe9/0x130 [ 471.182557][ T38] do_syscall_64+0x2bd/0xfa0 [ 471.182583][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 471.182609][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.182629][ T38] ? clear_bhb_loop+0x60/0xb0 [ 471.182653][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.182672][ T38] RIP: 0033:0x7f7f16aeeec9 [ 471.182698][ T38] RSP: 002b:00007ffddb9eff48 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 471.182717][ T38] RAX: 0000000000000000 RBX: 00007f7f16d47da0 RCX: 00007f7f16aeeec9 [ 471.182731][ T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 471.182743][ T38] RBP: 00007f7f16d47da0 R08: 000000000000a860 R09: 0000000bdb9f023f [ 471.182756][ T38] R10: 00000000005f25c4 R11: 0000000000000246 R12: 000000000004e361 [ 471.182769][ T38] R13: 00007f7f16d45fa0 R14: ffffffffffffffff R15: 00007ffddb9f0060 [ 471.182805][ T38] [ 471.182854][ T38] [ 471.182854][ T38] Showing all locks held in the system: [ 471.182869][ T38] 3 locks held by kworker/u8:1/13: [ 471.182880][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.182940][ T38] #1: ffffc90000127ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.182992][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.183043][ T38] 2 locks held by rcuc/0/20: [ 471.183055][ T38] 3 locks held by rcuc/1/28: [ 471.183067][ T38] 1 lock held by khungtaskd/38: [ 471.183077][ T38] #0: ffffffff8d7aa4c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 471.183125][ T38] 3 locks held by kworker/u8:2/43: [ 471.183136][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.183191][ T38] #1: ffffc90000b47ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.183242][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.183293][ T38] 3 locks held by kworker/u8:3/58: [ 471.183304][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.183360][ T38] #1: ffffc9000124fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.183417][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.183466][ T38] 3 locks held by kworker/u8:4/69: [ 471.183477][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.183533][ T38] #1: ffffc9000154fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.183585][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.183640][ T38] 3 locks held by kworker/u8:5/188: [ 471.183651][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.184194][ T38] #1: ffffc90003c67ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.184257][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.184336][ T38] 3 locks held by kworker/u8:6/1164: [ 471.184347][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.184404][ T38] #1: ffffc90004bd7ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.184451][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.184500][ T38] 3 locks held by kworker/u8:7/1173: [ 471.184510][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.184563][ T38] #1: ffffc90004d27ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.184614][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.184673][ T38] 3 locks held by kworker/u8:8/1217: [ 471.184684][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.184738][ T38] #1: ffffc90004e67ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.184789][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.184838][ T38] 3 locks held by kworker/u8:9/1238: [ 471.184849][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.184904][ T38] #1: ffffc90004f67ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.184955][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.185007][ T38] 3 locks held by kworker/u8:10/1443: [ 471.185018][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.185074][ T38] #1: ffffc90005407ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.185125][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.185204][ T38] 3 locks held by kworker/u8:11/4558: [ 471.185216][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.185274][ T38] #1: ffffc9000ecf7ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.185324][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.185376][ T38] 2 locks held by getty/5558: [ 471.185387][ T38] #0: ffff88823bf540a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 471.185433][ T38] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400 [ 471.185486][ T38] 1 lock held by syz-executor/5797: [ 471.185504][ T38] 3 locks held by kworker/1:5/5888: [ 471.185516][ T38] 3 locks held by kworker/u8:12/6080: [ 471.185527][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.185581][ T38] #1: ffffc900058f7ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.185647][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.185692][ T38] 3 locks held by kworker/u8:13/6832: [ 471.185701][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.185754][ T38] #1: ffffc90005bd7ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.185815][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.185864][ T38] 3 locks held by kworker/u8:14/6833: [ 471.185875][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.185928][ T38] #1: ffffc90007c8fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.185980][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.186033][ T38] 1 lock held by syz.6.1237/9249: [ 471.186043][ T38] #0: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.186091][ T38] 1 lock held by syz-executor/9360: [ 471.186102][ T38] #0: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.186150][ T38] 3 locks held by kworker/u8:15/9441: [ 471.186161][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.186217][ T38] #1: ffffc9000f73fba0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.186269][ T38] #2: ffffffff8ea778f8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 471.186315][ T38] 3 locks held by kworker/u8:16/9447: [ 471.186326][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.186382][ T38] #1: ffffc9000f76fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.186435][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.186485][ T38] 3 locks held by kworker/u8:17/9469: [ 471.186495][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.186552][ T38] #1: ffffc9000f74fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.186602][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.186657][ T38] 3 locks held by kworker/u8:18/9476: [ 471.186668][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.186724][ T38] #1: ffffc9000f78fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.186776][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.186825][ T38] 3 locks held by kworker/u8:19/9477: [ 471.186835][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.186891][ T38] #1: ffffc9000f867ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.186943][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.186993][ T38] 3 locks held by kworker/u8:20/9491: [ 471.187003][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.187059][ T38] #1: ffffc9000f8a7ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.187111][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.187160][ T38] 3 locks held by kworker/u8:21/9527: [ 471.187171][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.187229][ T38] #1: ffffc9000fa2fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.187281][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.187330][ T38] 3 locks held by kworker/u8:22/9528: [ 471.187341][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.187397][ T38] #1: ffffc9001da8fba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.187449][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.187499][ T38] 3 locks held by kworker/u8:23/9530: [ 471.187510][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.187565][ T38] #1: ffffc9000f8e7ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.187616][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.187673][ T38] 2 locks held by syz.0.1365/9600: [ 471.187684][ T38] #0: ffffffff8ea6a9e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0 [ 471.187731][ T38] #1: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.187780][ T38] 1 lock held by syz-executor/9628: [ 471.187791][ T38] #0: ffffffff8ea778f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 471.187839][ T38] 3 locks held by kworker/u8:26/9675: [ 471.187849][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.187906][ T38] #1: ffffc90004a97ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.187958][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.307332][ T38] 2 locks held by syz-executor/9678: [ 471.307352][ T38] #0: ffffffff8e202ba0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 471.307417][ T38] #1: ffffffff8ea778f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80 [ 471.307467][ T38] 6 locks held by kworker/u8:27/9702: [ 471.307477][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.307537][ T38] #1: ffffc90005c37ba0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.307590][ T38] #2: ffff88805b316300 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 471.307639][ T38] #3: ffff88805b2e6120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 471.307694][ T38] #4: ffffffff8d7aa4c0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1c1/0x3e0 [ 471.307741][ T38] #5: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: get_partial_node+0x44/0x420 [ 471.307790][ T38] 3 locks held by kworker/u8:28/9732: [ 471.307801][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.307856][ T38] #1: ffffc9000c7afba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.307907][ T38] #2: ffffffff8d7afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 471.307959][ T38] 4 locks held by kworker/u8:30/9793: [ 471.307971][ T38] 6 locks held by kworker/u8:31/9801: [ 471.307981][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.308157][ T38] #1: ffffc90006847ba0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.308209][ T38] #2: ffff88805ccd7300 (&devlink->lock_key#7){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 471.308266][ T38] #3: ffff88805a654d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 471.308312][ T38] #4: ffffffff8d7aa4c0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1c1/0x3e0 [ 471.308358][ T38] #5: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: get_partial_node+0x44/0x420 [ 471.308404][ T38] 5 locks held by kworker/u8:32/9808: [ 471.308416][ T38] 1 lock held by syz-executor/9833: [ 471.308427][ T38] #0: ffffffff8ea778f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80 [ 471.308475][ T38] 2 locks held by udevd/9838: [ 471.308484][ T38] #0: ffffffff8d8ca528 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 471.308536][ T38] #1: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x190/0x370 [ 471.308584][ T38] 3 locks held by kworker/u8:33/9847: [ 471.308594][ T38] #0: ffff88814d219138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.308645][ T38] #1: ffffc90005ea7ba0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.308700][ T38] #2: ffffffff8ea778f8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 471.308749][ T38] 2 locks held by syz.3.1446/9851: [ 471.308759][ T38] #0: ffffffff8d8ca528 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 471.308807][ T38] #1: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x190/0x370 [ 471.308854][ T38] 2 locks held by syz.3.1446/9853: [ 471.308865][ T38] #0: ffffffff8d8ca528 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 471.308928][ T38] #1: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x190/0x370 [ 471.308976][ T38] 2 locks held by syz.3.1446/9854: [ 471.308985][ T38] #0: ffffffff8d8ca528 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 471.309034][ T38] #1: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x190/0x370 [ 471.309092][ T38] 6 locks held by kworker/u8:34/9852: [ 471.309103][ T38] #0: ffff88813fe29938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 471.309163][ T38] #1: ffffc90005db7ba0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 471.309218][ T38] #2: ffff88805bdf5300 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 471.309269][ T38] #3: ffff88803159c520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 471.309315][ T38] #4: ffffffff8d7aa4c0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1c1/0x3e0 [ 471.309360][ T38] #5: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: get_partial_node+0x44/0x420 [ 471.309407][ T38] 3 locks held by syz.5.1445/9855: [ 471.309417][ T38] #0: ffff88813fe23050 (&mm->mmap_lock){++++}-{4:4}, at: do_mprotect_pkey+0x20f/0xcd0 [ 471.309467][ T38] #1: ffffffff8d8ca528 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 471.309527][ T38] #2: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x190/0x370 [ 471.309575][ T38] 2 locks held by syz.5.1445/9856: [ 471.309585][ T38] #0: ffffffff8d8ca528 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 471.309634][ T38] #1: ffff88801c6e3858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x190/0x370 [ 471.309688][ T38] 2 locks held by syz.5.1445/9857: [ 471.309701][ T38] [ 471.309706][ T38] ============================================= [ 471.309706][ T38] [ 471.309728][ T38] NMI backtrace for cpu 1 [ 471.309748][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 471.309768][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 471.309780][ T38] Call Trace: [ 471.309789][ T38] [ 471.309799][ T38] dump_stack_lvl+0x189/0x250 [ 471.309828][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 471.309850][ T38] ? __pfx__printk+0x10/0x10 [ 471.309885][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 471.309912][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 471.309936][ T38] ? __pfx__printk+0x10/0x10 [ 471.309963][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 471.309990][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 471.310015][ T38] watchdog+0xf60/0xfa0 [ 471.310042][ T38] ? watchdog+0x1e2/0xfa0 [ 471.310067][ T38] kthread+0x711/0x8a0 [ 471.310092][ T38] ? __pfx_watchdog+0x10/0x10 [ 471.310110][ T38] ? __pfx_kthread+0x10/0x10 [ 471.310128][ T38] ? rt_spin_unlock+0x150/0x200 [ 471.310154][ T38] ? rt_spin_unlock+0x161/0x200 [ 471.310173][ T38] ? __pfx_kthread+0x10/0x10 [ 471.310195][ T38] ret_from_fork+0x4bc/0x870 [ 471.310225][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 471.310267][ T38] ? __switch_to_asm+0x39/0x70 [ 471.310288][ T38] ? __switch_to_asm+0x33/0x70 [ 471.310309][ T38] ? __pfx_kthread+0x10/0x10 [ 471.310331][ T38] ret_from_fork_asm+0x1a/0x30 [ 471.310371][ T38] [ 471.310377][ T38] Sending NMI from CPU 1 to CPUs 0: [ 471.310402][ C0] NMI backtrace for cpu 0 [ 471.310422][ C0] CPU: 0 UID: 0 PID: 17 Comm: pr/legacy Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 471.310441][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 471.310452][ C0] RIP: 0010:io_serial_in+0x77/0xc0 [ 471.310480][ C0] Code: e8 1e 0a b3 fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 ff bb 14 fd 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f e9 1a 0c be 05 cc 44 89 f9 80 e1 07 [ 471.310495][ C0] RSP: 0018:ffffc90000167870 EFLAGS: 00000202 [ 471.310510][ C0] RAX: 1ffffffff3217d00 RBX: 00000000000003fd RCX: 0000000000000000 [ 471.310523][ C0] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000 [ 471.310534][ C0] RBP: ffffffff990bf190 R08: 0000000000000000 R09: 0000000000000000 [ 471.310545][ C0] R10: dffffc0000000000 R11: ffffffff850be2c0 R12: dffffc0000000000 [ 471.310559][ C0] R13: 0000000000000000 R14: ffffffff990bef00 R15: 0000000000000000 [ 471.310571][ C0] FS: 0000000000000000(0000) GS:ffff888126bc9000(0000) knlGS:0000000000000000 [ 471.310586][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 471.310599][ C0] CR2: 00007f6c51b4dd58 CR3: 0000000040d14000 CR4: 00000000003526f0 [ 471.310614][ C0] Call Trace: [ 471.310621][ C0] [ 471.310629][ C0] wait_for_lsr+0x1aa/0x2f0 [ 471.310658][ C0] serial8250_console_write+0x11bd/0x1b40 [ 471.310690][ C0] ? __pfx_serial8250_console_write+0x10/0x10 [ 471.310712][ C0] ? console_flush_all+0x13a/0xb40 [ 471.310740][ C0] ? console_flush_all+0x476/0xb40 [ 471.310766][ C0] console_flush_all+0x666/0xb40 [ 471.310791][ C0] ? console_flush_all+0x13a/0xb40 [ 471.310817][ C0] ? __pfx_console_flush_all+0x10/0x10 [ 471.310849][ C0] __console_flush_and_unlock+0x9b/0x160 [ 471.310872][ C0] ? legacy_kthread_func+0x136/0x1a0 [ 471.310889][ C0] ? __pfx___console_flush_and_unlock+0x10/0x10 [ 471.310912][ C0] ? schedule+0x91/0x360 [ 471.310940][ C0] legacy_kthread_func+0x13b/0x1a0 [ 471.310957][ C0] ? __pfx_legacy_kthread_func+0x10/0x10 [ 471.310973][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 471.311001][ C0] ? __kthread_parkme+0x7b/0x200 [ 471.311018][ C0] ? __kthread_parkme+0x1a1/0x200 [ 471.311038][ C0] kthread+0x711/0x8a0 [ 471.311058][ C0] ? __pfx_legacy_kthread_func+0x10/0x10 [ 471.311074][ C0] ? __pfx_kthread+0x10/0x10 [ 471.311092][ C0] ? rt_spin_unlock+0x150/0x200 [ 471.311115][ C0] ? rt_spin_unlock+0x161/0x200 [ 471.311134][ C0] ? __pfx_kthread+0x10/0x10 [ 471.311153][ C0] ret_from_fork+0x4bc/0x870 [ 471.311179][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 471.311207][ C0] ? __switch_to_asm+0x39/0x70 [ 471.311228][ C0] ? __switch_to_asm+0x33/0x70 [ 471.311249][ C0] ? __pfx_kthread+0x10/0x10 [ 471.311268][ C0] ret_from_fork_asm+0x1a/0x30 [ 471.311299][ C0] [ 471.311405][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 471.311418][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 471.311437][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 471.311448][ T38] Call Trace: [ 471.311455][ T38] [ 471.311462][ T38] dump_stack_lvl+0x99/0x250 [ 471.311483][ T38] ? __asan_memcpy+0x40/0x70 [ 471.311508][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 471.311530][ T38] ? __pfx__printk+0x10/0x10 [ 471.311563][ T38] vpanic+0x237/0x6d0 [ 471.311582][ T38] ? __pfx_vpanic+0x10/0x10 [ 471.311611][ T38] panic+0xb9/0xc0 [ 471.311628][ T38] ? __pfx_panic+0x10/0x10 [ 471.311649][ T38] ? irq_work_queue+0xc3/0x140 [ 471.311679][ T38] ? nmi_trigger_cpumask_backtrace+0x234/0x300 [ 471.311703][ T38] watchdog+0xf9f/0xfa0 [ 471.311728][ T38] ? watchdog+0x1e2/0xfa0 [ 471.311753][ T38] kthread+0x711/0x8a0 [ 471.311777][ T38] ? __pfx_watchdog+0x10/0x10 [ 471.311796][ T38] ? __pfx_kthread+0x10/0x10 [ 471.311814][ T38] ? rt_spin_unlock+0x150/0x200 [ 471.311840][ T38] ? rt_spin_unlock+0x161/0x200 [ 471.311859][ T38] ? __pfx_kthread+0x10/0x10 [ 471.311882][ T38] ret_from_fork+0x4bc/0x870 [ 471.311910][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 471.311943][ T38] ? __switch_to_asm+0x39/0x70 [ 471.311963][ T38] ? __switch_to_asm+0x33/0x70 [ 471.311985][ T38] ? __pfx_kthread+0x10/0x10 [ 471.312006][ T38] ret_from_fork_asm+0x1a/0x30 [ 471.312043][ T38] [ 471.312301][ T38] Kernel Offset: disabled