last executing test programs: 17.448590886s ago: executing program 3 (id=4): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x50) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0x400, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00'}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff086dd1fffffe100004000632177fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 17.240001227s ago: executing program 3 (id=6): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x12, &(0x7f0000000240)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x11, 0x30}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x76}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) (async) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000200)=0xc) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="440000002c00000200000000fcdbdf253400f2800c0018000bac0f00000000001400010000000000000000000000ffffac1414aa0800f400", @ANYRES32=r1, @ANYBLOB="08004500bbf583826064f12e962a3f300cd7c71899934a030f2aee0fe09ab4009670fcb6"], 0x44}], 0x1, 0x0, 0x0, 0x1}, 0x0) 17.18539845s ago: executing program 0 (id=1): r0 = socket$inet6(0xa, 0x2, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000002, 0x42073, 0xffffffffffffffff, 0xaba00000) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000ac0)={0x5c, 0x2, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @padn, @enc_lim={0x4, 0x1, 0x7f}, @calipso={0x7, 0x8, {0x1, 0x0, 0xd3, 0x27ce}}]}, 0x20) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14, 0x11}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x3c}}, 0x0) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r5], 0x1c}}, 0x0) write$nci(r2, &(0x7f0000000700)=ANY=[@ANYBLOB="710505cd030606018be8a1976e193c27010466dc77f0b1b54773ee6a19222755d2deac4f088f76bf3c93682f07d04b7bdccfa9d3d690cc68a8388ff2dfc30c6b960d016f65f015a1f19d83de68de15d94d698293bddfc4a2c323752cbeabab060f"], 0x61) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00'}) socket(0x10, 0x80002, 0x0) r7 = socket(0x400000000010, 0x3, 0x0) r8 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x7, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x4, 0xffffff00, 0x6, 0xc31, 0x7}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x70}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000014}, 0x20000000) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000010000000000007000100", @ANYRES32, @ANYBLOB="00000000000000001c001a80080002800800e500080000003e120000080002001040e5"], 0x44}}, 0x20000800) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190) syz_emit_ethernet(0x46, &(0x7f0000000a80)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000086dd6000000000103a00fe8000000000000000000000000000bbff02000000000000000000000000000182"], 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) socket$xdp(0x2c, 0x3, 0x0) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r11, 0x40305828, &(0x7f00000003c0)={0x0, 0x4}) sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3f}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x8}, @IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x3, 0x3}}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x50}}, 0x0) 17.100528506s ago: executing program 4 (id=5): r0 = socket(0x10, 0x803, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_emit_ethernet(0x2e, &(0x7f00000004c0)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @broadcast}, {0x0, 0x883e, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x7, 0x0, @void}}}}}}}, 0x0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000) getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$netlink(0x10, 0x3, 0xf) setsockopt$CAIFSO_REQ_PARAM(r3, 0x116, 0x80, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x1114}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="000100009bc104001c0012800b000100697036746e6c00000c00028008000800350008008fd8184f9eeb8ed2d251b28d62f9a41e614d687084d5d13e5540f43faacf4579ae60fa019f0fe33b0f92bee9fc49c4d1757aaf006e418d86eac317416dd8fe0e0533cfb30ed54e23eab9cebcba19ee0fb323bd4037eb246ac40feffaae49"], 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090) 16.998877249s ago: executing program 3 (id=7): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYRES64], 0x0, 0x4a, 0x0, 0x1}, 0x28) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000ee567b40821479cff60600000000000000"], 0x50) (async, rerun: 64) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0}, 0x50) (rerun: 64) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async, rerun: 32) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[], 0x0, 0x3}, 0x94) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (async) close(0x3) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48) r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_IDLE(r6, 0x103, 0x7, &(0x7f0000000000)=0x8, 0x4) bind$netrom(r6, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48) (async) listen(r6, 0x80) (async, rerun: 64) accept$netrom(r6, 0x0, 0x0) (rerun: 64) sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r8 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r8, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) (async) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000900)={'team0\x00', 0x0}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x26, &(0x7f0000000780)=@raw=[@jmp={0x5, 0x1, 0x9, 0x8, 0x8, 0x10, 0xfffffffffffffffc}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}, @call={0x85, 0x0, 0x0, 0x5e}, @cb_func={0x18, 0x8, 0x4, 0x0, 0x1000}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x9}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xffffffffffffffff}], &(0x7f00000008c0)='GPL\x00', 0x5, 0xa6, &(0x7f00000009c0)=""/166, 0x41100, 0x50, '\x00', r9, 0x0, r0, 0x8, &(0x7f0000000a80)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000ac0)={0x3, 0x8, 0x9, 0xbf08}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000b00)=[r3, r1, r7, r3, r1, r3, r1], &(0x7f0000000b40)=[{0x3, 0x4, 0x9, 0x8}, {0x2, 0x2, 0x2, 0xa}, {0x0, 0x4, 0x5, 0x2}, {0x5, 0x3, 0x9, 0xb}, {0x2, 0x3, 0x10, 0xc}], 0x10, 0x4}, 0x94) listen(r8, 0x2) r10 = socket$alg(0x26, 0x5, 0x0) bind$alg(r10, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) (async) setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4) (async) r11 = accept4(r10, 0x0, 0x0, 0x800) sendmmsg$alg(r11, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) 16.781395862s ago: executing program 4 (id=8): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000090000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x10) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x114, 0x20, 0x301, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x7}, @generic="f400a489160a11", @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb47d96219c08c029d1608a487f26fbe816b89f7cb81bff81a8b7a82565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875cf0d972df9e99f07976773f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fdc2f4393c05a007d12b505a84dfdb98d568175b62421d726d1e5331e1ddfd4d", @typed={0x8, 0x0, 0x0, 0x0, @pid}]}]}, 0x114}], 0x1}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r0], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 16.600545785s ago: executing program 2 (id=3): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_pressure(r0, &(0x7f0000000140)='cpu.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r1, &(0x7f0000000040)={'some', 0x20, 0x1, 0x20, 0xffffffffffffff3c}, 0x2f) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r2) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x12, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c00000052000100000000000000000002"], 0x1c}}, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f00000003c0)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0) r8 = syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r5) sendmsg$GTP_CMD_ECHOREQ(r5, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r8, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@GTPA_O_TEI={0x8, 0x9, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004084}, 0x10000000) sendfile(r7, r7, 0x0, 0x8) sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={0x34, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, {0xaaaaaaaaaaaa0102}}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x0) 16.042689416s ago: executing program 3 (id=9): syz_emit_ethernet(0xd3, &(0x7f0000006500)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, 'P#\x00', 0x9d, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0xc2, 0x0, 0x0, 0x0, {[@generic={0x5, 0x9, "3f09c45b5d9fcb"}]}}, {"b2606ad7de234627903961e757499de589e5b617e956c121f88654630a7afd9f0bf2fc9fa3ae4a7314f0d64c58d3e229f3c191777a0859261632a66ddeb26e8ab59ec55dadc47fa3467332fc8660660da9f3d42b2175a6173bc59b2185b001f62286a2d069ae6e198f464bda7bdf9d600fc38ac8a7b5ce76b262531259"}}}}}}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x4, 0x8, 0xd, 0x5, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x700, 0x26, 0x80000000, 0x71800000}}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000040), 0x6) ioctl$sock_bt_hci(r1, 0x400448e6, &(0x7f0000000080)="fc") r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000074c0)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) clock_gettime(0x0, &(0x7f0000006840)={0x0, 0x0}) recvmmsg(r1, &(0x7f0000006600)=[{{&(0x7f00000001c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000001540)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000005700)=""/33, 0x21}, {&(0x7f0000001280)=""/48, 0x30}, {&(0x7f00000012c0)=""/179, 0xb3}, {&(0x7f0000001380)=""/132, 0x84}, {&(0x7f0000001440)=""/216, 0xd8}], 0x6, &(0x7f00000015c0)=""/191, 0xbf}, 0x1}, {{&(0x7f0000001680), 0x80, &(0x7f00000017c0)=[{&(0x7f0000001700)=""/132, 0x6e}], 0x1}, 0x3f04}, {{&(0x7f0000001800)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001880)=""/162, 0xa2}, {&(0x7f0000001940)=""/251, 0xfb}, {&(0x7f0000001a40)=""/175, 0xaf}, {&(0x7f0000001b00)=""/166, 0xa6}, {&(0x7f0000001bc0)=""/193, 0xc1}], 0x5, &(0x7f0000001d40)=""/186, 0xba}, 0x82}, {{&(0x7f0000001e00)=@hci, 0x80, &(0x7f0000003080)=[{&(0x7f0000001e80)=""/184, 0xb8}, {&(0x7f0000001f40)=""/41, 0x29}, {&(0x7f0000001f80)=""/4096, 0x1000}, {&(0x7f0000002f80)=""/255, 0xff}], 0x4, &(0x7f00000030c0)=""/228, 0xe4}, 0x2}, {{&(0x7f00000031c0)=@l2, 0x80, &(0x7f0000005740)=[{&(0x7f0000003240)=""/4096, 0x1000}, {&(0x7f0000004240)=""/240, 0xf0}, {&(0x7f0000004340)=""/4096, 0x1000}, {&(0x7f0000001240)=""/6, 0x6}, {&(0x7f0000005380)=""/179, 0xb3}, {&(0x7f0000005440)=""/244, 0xf4}, {&(0x7f0000005540)=""/153, 0x99}, {&(0x7f0000005600)=""/142, 0x8e}, {&(0x7f00000056c0)=""/10, 0xa}, {&(0x7f0000005700)}], 0xa, &(0x7f0000005800)=""/220, 0xdc}, 0xd}, {{0x0, 0x0, &(0x7f0000005c40)=[{&(0x7f0000005900)=""/247, 0xf7}, {&(0x7f0000005a00)=""/135, 0x87}, {&(0x7f0000005ac0)=""/93, 0x5d}, {&(0x7f0000005b40)=""/221, 0xdd}], 0x4, &(0x7f0000005c80)=""/137, 0x89}, 0x6}, {{&(0x7f0000005d40)=@ieee802154={0x24, @short}, 0x80, &(0x7f0000005fc0)=[{&(0x7f0000005dc0)=""/230, 0xe6}, {&(0x7f0000005ec0)=""/208, 0xd0}], 0x2, &(0x7f0000006000)=""/241, 0xf1}, 0x3}, {{&(0x7f0000006100)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000006240)=[{&(0x7f0000006180)=""/134, 0x86}], 0x1, &(0x7f0000006280)=""/174, 0xae}, 0x7}, {{0x0, 0x0, &(0x7f00000065c0)}, 0x9}], 0x9, 0x20000000, &(0x7f0000006880)={r9, r10+10000000}) r12 = accept4(r1, &(0x7f0000006340)=@alg, &(0x7f0000005340)=0x80, 0x800) setsockopt$MRT6_ADD_MIF(r12, 0x29, 0xca, &(0x7f00000063c0)={0x0, 0x0, 0x3, r11, 0x1}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x0, 0x2, 0xccc, 0x40004, 0x1, 0x9, '\x00', r0, 0xffffffffffffffff, 0x3, 0x3, 0x2, 0x2}, 0x50) 15.105683314s ago: executing program 3 (id=10): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4) shutdown(r1, 0x0) recvmmsg(r1, &(0x7f0000000900)=[{{&(0x7f0000000500)=@x25, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/31, 0xdacca170ed1d3557}, {&(0x7f0000000740)=""/184}, {&(0x7f0000000580)=""/128}, {&(0x7f0000000800)=""/123}], 0x0, &(0x7f0000000880)=""/108}}], 0x542, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x4, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xa0, r0, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x81}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x5}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x10000}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x9}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8}, 0x20000001) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000071120a000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13314}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0xba01}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000001000010000000000fddbdf2500000000", @ANYRES32=r6, @ANYBLOB="4000000010800000280012800e0001006970366772657461700000001400028006000e"], 0x48}}, 0x0) 2.072640898s ago: executing program 32 (id=1): r0 = socket$inet6(0xa, 0x2, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000002, 0x42073, 0xffffffffffffffff, 0xaba00000) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000ac0)={0x5c, 0x2, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @padn, @enc_lim={0x4, 0x1, 0x7f}, @calipso={0x7, 0x8, {0x1, 0x0, 0xd3, 0x27ce}}]}, 0x20) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14, 0x11}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x3c}}, 0x0) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r5], 0x1c}}, 0x0) write$nci(r2, &(0x7f0000000700)=ANY=[@ANYBLOB="710505cd030606018be8a1976e193c27010466dc77f0b1b54773ee6a19222755d2deac4f088f76bf3c93682f07d04b7bdccfa9d3d690cc68a8388ff2dfc30c6b960d016f65f015a1f19d83de68de15d94d698293bddfc4a2c323752cbeabab060f"], 0x61) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00'}) socket(0x10, 0x80002, 0x0) r7 = socket(0x400000000010, 0x3, 0x0) r8 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x7, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x4, 0xffffff00, 0x6, 0xc31, 0x7}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x70}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000014}, 0x20000000) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000010000000000007000100", @ANYRES32, @ANYBLOB="00000000000000001c001a80080002800800e500080000003e120000080002001040e5"], 0x44}}, 0x20000800) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190) syz_emit_ethernet(0x46, &(0x7f0000000a80)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000086dd6000000000103a00fe8000000000000000000000000000bbff02000000000000000000000000000182"], 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) socket$xdp(0x2c, 0x3, 0x0) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r11, 0x40305828, &(0x7f00000003c0)={0x0, 0x4}) sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3f}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x8}, @IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x3, 0x3}}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x50}}, 0x0) 1.045299463s ago: executing program 33 (id=3): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_pressure(r0, &(0x7f0000000140)='cpu.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r1, &(0x7f0000000040)={'some', 0x20, 0x1, 0x20, 0xffffffffffffff3c}, 0x2f) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r2) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x12, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c00000052000100000000000000000002"], 0x1c}}, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f00000003c0)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0) r8 = syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r5) sendmsg$GTP_CMD_ECHOREQ(r5, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r8, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@GTPA_O_TEI={0x8, 0x9, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004084}, 0x10000000) sendfile(r7, r7, 0x0, 0x8) sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={0x34, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, {0xaaaaaaaaaaaa0102}}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x0) 1.023143669s ago: executing program 34 (id=8): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000090000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x10) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x114, 0x20, 0x301, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x7}, @generic="f400a489160a11", @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb47d96219c08c029d1608a487f26fbe816b89f7cb81bff81a8b7a82565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875cf0d972df9e99f07976773f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fdc2f4393c05a007d12b505a84dfdb98d568175b62421d726d1e5331e1ddfd4d", @typed={0x8, 0x0, 0x0, 0x0, @pid}]}]}, 0x114}], 0x1}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r0], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 0s ago: executing program 35 (id=10): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4) shutdown(r1, 0x0) recvmmsg(r1, &(0x7f0000000900)=[{{&(0x7f0000000500)=@x25, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/31, 0xdacca170ed1d3557}, {&(0x7f0000000740)=""/184}, {&(0x7f0000000580)=""/128}, {&(0x7f0000000800)=""/123}], 0x0, &(0x7f0000000880)=""/108}}], 0x542, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x4, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xa0, r0, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x81}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x5}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x10000}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x9}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8}, 0x20000001) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000071120a000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13314}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0xba01}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000001000010000000000fddbdf2500000000", @ANYRES32=r6, @ANYBLOB="4000000010800000280012800e0001006970366772657461700000001400028006000e"], 0x48}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.214' (ED25519) to the list of known hosts. [ 65.831429][ T5817] cgroup: Unknown subsys name 'net' [ 65.959662][ T5817] cgroup: Unknown subsys name 'cpuset' [ 65.968817][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 67.352293][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 69.742034][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.751426][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 69.760147][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 69.761551][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.768287][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.779995][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.782677][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.791115][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.796532][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.803713][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.811390][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.824918][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 69.825032][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.833500][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.840351][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.847147][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.856192][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 69.861068][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.867869][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 69.896171][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.903424][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.911937][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.924500][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.932084][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.940253][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.441227][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 70.553492][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 70.741032][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 70.766286][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 70.788344][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.796115][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.803721][ T5839] bridge_slave_0: entered allmulticast mode [ 70.811021][ T5839] bridge_slave_0: entered promiscuous mode [ 70.857078][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.864235][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.871640][ T5839] bridge_slave_1: entered allmulticast mode [ 70.878656][ T5839] bridge_slave_1: entered promiscuous mode [ 70.893433][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 70.981236][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.989137][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.996303][ T5829] bridge_slave_0: entered allmulticast mode [ 71.004533][ T5829] bridge_slave_0: entered promiscuous mode [ 71.018850][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.044041][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.051532][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.058971][ T5829] bridge_slave_1: entered allmulticast mode [ 71.065922][ T5829] bridge_slave_1: entered promiscuous mode [ 71.085202][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.160421][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.167658][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.175694][ T5828] bridge_slave_0: entered allmulticast mode [ 71.183111][ T5828] bridge_slave_0: entered promiscuous mode [ 71.229036][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.238631][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.245750][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.253332][ T5828] bridge_slave_1: entered allmulticast mode [ 71.260360][ T5828] bridge_slave_1: entered promiscuous mode [ 71.268634][ T5839] team0: Port device team_slave_0 added [ 71.274423][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.282106][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.289516][ T5827] bridge_slave_0: entered allmulticast mode [ 71.296822][ T5827] bridge_slave_0: entered promiscuous mode [ 71.315684][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.345422][ T5839] team0: Port device team_slave_1 added [ 71.351367][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.359326][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.366609][ T5827] bridge_slave_1: entered allmulticast mode [ 71.373767][ T5827] bridge_slave_1: entered promiscuous mode [ 71.443135][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.443863][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.450871][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.457013][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.463912][ T5832] bridge_slave_0: entered allmulticast mode [ 71.478077][ T5832] bridge_slave_0: entered promiscuous mode [ 71.486773][ T5829] team0: Port device team_slave_0 added [ 71.494698][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.523995][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.531422][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.538938][ T5832] bridge_slave_1: entered allmulticast mode [ 71.546022][ T5832] bridge_slave_1: entered promiscuous mode [ 71.554201][ T5829] team0: Port device team_slave_1 added [ 71.561945][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.572093][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.579360][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 71.605625][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.619870][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.661871][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.668945][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 71.695613][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.708627][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.772130][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.782137][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.789321][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 71.815474][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.828376][ T5828] team0: Port device team_slave_0 added [ 71.837483][ T5828] team0: Port device team_slave_1 added [ 71.855586][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.865961][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.873272][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 71.899335][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.917245][ T5841] Bluetooth: hci2: command tx timeout [ 71.925996][ T5827] team0: Port device team_slave_0 added [ 71.927051][ T5841] Bluetooth: hci4: command tx timeout [ 71.973084][ T5827] team0: Port device team_slave_1 added [ 71.991292][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.998429][ T5841] Bluetooth: hci3: command tx timeout [ 71.998721][ T5841] Bluetooth: hci0: command tx timeout [ 72.004261][ T5840] Bluetooth: hci1: command tx timeout [ 72.015509][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.041701][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.075630][ T5832] team0: Port device team_slave_0 added [ 72.084310][ T5832] team0: Port device team_slave_1 added [ 72.090733][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.098256][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.124985][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.139964][ T5839] hsr_slave_0: entered promiscuous mode [ 72.147354][ T5839] hsr_slave_1: entered promiscuous mode [ 72.191718][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.198773][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.225305][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.260175][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.267379][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.293845][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.309540][ T5829] hsr_slave_0: entered promiscuous mode [ 72.315758][ T5829] hsr_slave_1: entered promiscuous mode [ 72.322969][ T5829] debugfs: 'hsr0' already exists in 'hsr' [ 72.328811][ T5829] Cannot create hsr debugfs directory [ 72.335011][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.342213][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.368469][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.409477][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.416485][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.442763][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.475766][ T5828] hsr_slave_0: entered promiscuous mode [ 72.482784][ T5828] hsr_slave_1: entered promiscuous mode [ 72.488995][ T5828] debugfs: 'hsr0' already exists in 'hsr' [ 72.494723][ T5828] Cannot create hsr debugfs directory [ 72.642121][ T5827] hsr_slave_0: entered promiscuous mode [ 72.648773][ T5827] hsr_slave_1: entered promiscuous mode [ 72.654803][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 72.660902][ T5827] Cannot create hsr debugfs directory [ 72.686805][ T5832] hsr_slave_0: entered promiscuous mode [ 72.693062][ T5832] hsr_slave_1: entered promiscuous mode [ 72.699378][ T5832] debugfs: 'hsr0' already exists in 'hsr' [ 72.705117][ T5832] Cannot create hsr debugfs directory [ 73.103005][ T5839] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 73.115141][ T5839] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 73.132639][ T5839] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 73.144122][ T5839] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 73.197406][ T5829] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.213333][ T5829] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.231323][ T5829] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.245608][ T5829] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.312660][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.322876][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.334962][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.345699][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.454721][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 73.472994][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 73.498137][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 73.509854][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 73.593117][ T5828] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 73.603963][ T5828] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 73.614037][ T5828] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.625097][ T5828] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.655867][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.723504][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.740135][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.772817][ T1308] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.780097][ T1308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.790694][ T1308] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.797809][ T1308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.817968][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.831302][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.885198][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.892361][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.911089][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.930832][ T1308] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.938011][ T1308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.960589][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.967720][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.996908][ T5840] Bluetooth: hci2: command tx timeout [ 74.007614][ T5840] Bluetooth: hci4: command tx timeout [ 74.025715][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.032931][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.052782][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.077605][ T5840] Bluetooth: hci0: command tx timeout [ 74.081003][ T52] Bluetooth: hci3: command tx timeout [ 74.090414][ T5841] Bluetooth: hci1: command tx timeout [ 74.168027][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.188206][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.225571][ T3511] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.232798][ T3511] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.273541][ T1003] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.280769][ T1003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.338860][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.368017][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.389210][ T1003] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.396440][ T1003] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.454078][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.461313][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.556228][ T5827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 74.690155][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.828188][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.922672][ T5832] veth0_vlan: entered promiscuous mode [ 75.004943][ T5832] veth1_vlan: entered promiscuous mode [ 75.036202][ T5829] veth0_vlan: entered promiscuous mode [ 75.050057][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.082101][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.094050][ T5829] veth1_vlan: entered promiscuous mode [ 75.115502][ T5839] veth0_vlan: entered promiscuous mode [ 75.152801][ T5832] veth0_macvtap: entered promiscuous mode [ 75.163064][ T5832] veth1_macvtap: entered promiscuous mode [ 75.174363][ T5839] veth1_vlan: entered promiscuous mode [ 75.228965][ T5829] veth0_macvtap: entered promiscuous mode [ 75.238384][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.271259][ T5827] veth0_vlan: entered promiscuous mode [ 75.281167][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.290531][ T5829] veth1_macvtap: entered promiscuous mode [ 75.305921][ T5828] veth0_vlan: entered promiscuous mode [ 75.328656][ T1003] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.338468][ T1003] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.350216][ T5839] veth0_macvtap: entered promiscuous mode [ 75.360264][ T1003] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.370047][ T1003] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.380388][ T5828] veth1_vlan: entered promiscuous mode [ 75.388509][ T5827] veth1_vlan: entered promiscuous mode [ 75.407108][ T5839] veth1_macvtap: entered promiscuous mode [ 75.417875][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.456013][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.482600][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.511516][ T60] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.526210][ T60] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.541550][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.551086][ T60] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.566415][ T5828] veth0_macvtap: entered promiscuous mode [ 75.573602][ T60] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.595419][ T5828] veth1_macvtap: entered promiscuous mode [ 75.621529][ T60] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.631095][ T60] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.653636][ T60] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.662862][ T60] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.674954][ T3464] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.685695][ T3464] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.698372][ T5827] veth0_macvtap: entered promiscuous mode [ 75.755708][ T5827] veth1_macvtap: entered promiscuous mode [ 75.770862][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.797746][ T3511] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.805616][ T3511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.824480][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.869502][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.887759][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.915395][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 75.931663][ T60] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.940749][ T60] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.951632][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.975060][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.987154][ T60] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.998326][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.000044][ T60] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.039008][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.082985][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.091082][ T52] Bluetooth: hci2: command tx timeout [ 76.091166][ T5841] Bluetooth: hci4: command tx timeout [ 76.104594][ T1003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.113684][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.115705][ T1003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.141372][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.152672][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.157218][ T52] Bluetooth: hci3: command tx timeout [ 76.162079][ T5840] Bluetooth: hci0: command tx timeout [ 76.167588][ T5841] Bluetooth: hci1: command tx timeout [ 76.206188][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.234062][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.414646][ T5950] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 76.488605][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.520335][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.582636][ T1003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.594237][ T1003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.770526][ T3511] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.809117][ T3511] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.091191][ T5983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'. [ 77.785368][ T5976] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 77.793231][ T5976] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 77.812231][ T5976] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 77.821473][ T5976] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 77.832850][ T5976] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 77.850048][ T5976] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 77.863487][ T5976] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 77.872216][ T5976] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 77.892660][ T5976] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 77.900838][ T5976] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 78.488235][ T6058] bridge1: entered promiscuous mode [ 78.493570][ T6058] bridge1: entered allmulticast mode [ 78.530723][ T6060] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10'. [ 86.805139][ T106] cfg80211: failed to load regulatory.db [ 132.880009][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.886735][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.326796][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.333313][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 229.518565][ T31] INFO: task syz-executor:5827 blocked for more than 143 seconds. [ 229.528512][ T31] Not tainted syzkaller #0 [ 229.533452][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 229.542269][ T31] task:syz-executor state:D stack:20952 pid:5827 tgid:5827 ppid:1 task_flags:0x400140 flags:0x00080002 [ 229.554544][ T31] Call Trace: [ 229.558122][ T31] [ 229.561073][ T31] __schedule+0x14bc/0x5000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 229.565641][ T31] ? __pfx___schedule+0x10/0x10 [ 229.570721][ T31] ? schedule+0x91/0x360 [ 229.586330][ T31] schedule+0x165/0x360 [ 229.590551][ T31] schedule_preempt_disabled+0x13/0x30 [ 229.596022][ T31] __mutex_lock+0x7e6/0x1350 [ 229.600737][ T31] ? rcu_is_watching+0x15/0xb0 [ 229.646339][ T31] ? __mutex_lock+0x5bb/0x1350 [ 229.651176][ T31] ? rfkill_register+0x37/0x8e0 [ 229.656045][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 229.671835][ T31] ? netdev_run_todo+0xe1b/0xea0 [ 229.677035][ T31] ? lockdep_hardirqs_on+0x98/0x140 [ 229.682245][ T31] ? __pfx_netdev_run_todo+0x10/0x10 [ 229.687655][ T31] ? __pfx_mod_delayed_work_on+0x10/0x10 [ 229.693294][ T31] rfkill_register+0x37/0x8e0 [ 229.698104][ T31] wiphy_register+0x246a/0x2d20 [ 229.702976][ T31] ? __pfx_wiphy_register+0x10/0x10 [ 229.708220][ T31] ? __pfx_netdev_run_todo+0x10/0x10 [ 229.713510][ T31] ? minstrel_ht_alloc+0x6e0/0x7e0 [ 229.718677][ T31] ? ieee80211_init_rate_ctrl_alg+0x55d/0x5d0 [ 229.724757][ T31] ieee80211_register_hw+0x3473/0x40d0 [ 229.730277][ T31] ? ieee80211_register_hw+0x1401/0x40d0 [ 229.735929][ T31] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 229.741828][ T31] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 229.747854][ T31] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 229.753822][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 229.761092][ T31] ? __hrtimer_setup+0x181/0x200 [ 229.766039][ T31] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 229.772023][ T31] mac80211_hwsim_new_radio+0x2f8b/0x5240 [ 229.777811][ T31] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 229.783868][ T31] ? __nla_validate_parse+0x2400/0x2d40 [ 229.789586][ T31] ? do_syscall_64+0xfa/0xf80 [ 229.794284][ T31] hwsim_new_radio_nl+0xf5b/0x1bd0 [ 229.799442][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 229.805265][ T31] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 229.810869][ T31] ? rcu_is_watching+0x15/0xb0 [ 229.815645][ T31] ? __nla_parse+0x40/0x60 [ 229.820098][ T31] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 229.826513][ T31] genl_family_rcv_msg_doit+0x215/0x300 [ 229.832712][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 229.839982][ T31] ? bpf_lsm_capable+0x9/0x20 [ 229.844693][ T31] ? security_capable+0x7e/0x2e0 [ 229.849812][ T31] genl_rcv_msg+0x60e/0x790 [ 229.854349][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 229.859630][ T31] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 229.865208][ T31] netlink_rcv_skb+0x208/0x470 [ 229.870042][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 229.875074][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 229.880563][ T31] ? down_read+0x274/0x2e0 [ 229.884990][ T31] ? genl_rcv+0xd/0x40 [ 229.889113][ T31] genl_rcv+0x28/0x40 [ 229.893204][ T31] netlink_unicast+0x82f/0x9e0 [ 229.898125][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 229.903427][ T31] ? netlink_sendmsg+0x642/0xb30 [ 229.908404][ T31] ? skb_put+0x11b/0x210 [ 229.912656][ T31] netlink_sendmsg+0x805/0xb30 [ 229.917588][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 229.922878][ T31] ? aa_sock_msg_perm+0xf1/0x1b0 [ 229.927857][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 229.933149][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 229.938466][ T31] __sock_sendmsg+0x21c/0x270 [ 229.943148][ T31] __sys_sendto+0x3bd/0x520 [ 229.947708][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 229.952835][ T31] __x64_sys_sendto+0xde/0x100 [ 229.957928][ T31] do_syscall_64+0xfa/0xf80 [ 229.962455][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.968577][ T31] ? clear_bhb_loop+0x60/0xb0 [ 229.973260][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.979224][ T31] RIP: 0033:0x7f60d31915dc [ 229.983649][ T31] RSP: 002b:00007fffb00b1c00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 229.992218][ T31] RAX: ffffffffffffffda RBX: 00007f60d3f14620 RCX: 00007f60d31915dc [ 230.000281][ T31] RDX: 0000000000000024 RSI: 00007f60d3f14670 RDI: 0000000000000003 [ 230.008408][ T31] RBP: 0000000000000000 R08: 00007fffb00b1c54 R09: 000000000000000c [ 230.016501][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 230.024460][ T31] R13: 0000000000000000 R14: 00007f60d3f14670 R15: 0000000000000000 [ 230.032487][ T31] [ 230.035548][ T31] INFO: task kworker/0:5:5914 blocked for more than 143 seconds. [ 230.043371][ T31] Not tainted syzkaller #0 [ 230.048332][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 230.057138][ T31] task:kworker/0:5 state:D stack:24792 pid:5914 tgid:5914 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 230.069181][ T31] Workqueue: events rfkill_global_led_trigger_worker [ 230.075851][ T31] Call Trace: [ 230.079307][ T31] [ 230.082252][ T31] __schedule+0x14bc/0x5000 [ 230.086851][ T31] ? __pfx___schedule+0x10/0x10 [ 230.091728][ T31] ? schedule+0x91/0x360 [ 230.095984][ T31] schedule+0x165/0x360 [ 230.100318][ T31] schedule_preempt_disabled+0x13/0x30 [ 230.105806][ T31] __mutex_lock+0x7e6/0x1350 [ 230.110449][ T31] ? __mutex_lock+0x5bb/0x1350 [ 230.115308][ T31] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 230.121700][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 230.126763][ T31] ? process_scheduled_works+0x9ef/0x1770 [ 230.132482][ T31] ? process_scheduled_works+0x9ef/0x1770 [ 230.138240][ T31] rfkill_global_led_trigger_worker+0x27/0xd0 [ 230.144318][ T31] ? process_scheduled_works+0x9ef/0x1770 [ 230.150090][ T31] process_scheduled_works+0xad1/0x1770 [ 230.155725][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 230.162211][ T31] worker_thread+0x8a0/0xda0 [ 230.167143][ T31] ? __kthread_parkme+0x7b/0x200 [ 230.172094][ T31] kthread+0x711/0x8a0 [ 230.176155][ T31] ? __pfx_worker_thread+0x10/0x10 [ 230.181309][ T31] ? __pfx_kthread+0x10/0x10 [ 230.185909][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 230.191159][ T31] ? lockdep_hardirqs_on+0x98/0x140 [ 230.196388][ T31] ? __pfx_kthread+0x10/0x10 [ 230.200966][ T31] ret_from_fork+0x599/0xb30 [ 230.205546][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 230.210869][ T31] ? __switch_to_asm+0x39/0x70 [ 230.215647][ T31] ? __switch_to_asm+0x33/0x70 [ 230.220478][ T31] ? __pfx_kthread+0x10/0x10 [ 230.225078][ T31] ret_from_fork_asm+0x1a/0x30 [ 230.230082][ T31] [ 230.233129][ T31] INFO: task syz.0.1:5949 blocked for more than 144 seconds. [ 230.240666][ T31] Not tainted syzkaller #0 [ 230.245603][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 230.254393][ T31] task:syz.0.1 state:D stack:24408 pid:5949 tgid:5949 ppid:5829 task_flags:0x400040 flags:0x00080002 [ 230.266479][ T31] Call Trace: [ 230.269760][ T31] [ 230.272679][ T31] __schedule+0x14bc/0x5000 [ 230.277234][ T31] ? __pfx___schedule+0x10/0x10 [ 230.282091][ T31] ? schedule+0x91/0x360 [ 230.286393][ T31] schedule+0x165/0x360 [ 230.290549][ T31] schedule_preempt_disabled+0x13/0x30 [ 230.295991][ T31] __mutex_lock+0x7e6/0x1350 [ 230.300644][ T31] ? __mutex_lock+0x5bb/0x1350 [ 230.305414][ T31] ? rfkill_unregister+0xc8/0x220 [ 230.310545][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 230.315577][ T31] ? __pfx_device_del+0x10/0x10 [ 230.320806][ T31] ? __cancel_work_sync+0x5c/0x110 [ 230.325945][ T31] rfkill_unregister+0xc8/0x220 [ 230.330839][ T31] nfc_unregister_device+0x96/0x2a0 [ 230.336043][ T31] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 230.341896][ T31] virtual_ncidev_close+0x56/0x90 [ 230.346949][ T31] __fput+0x44c/0xa70 [ 230.350943][ T31] task_work_run+0x1d4/0x260 [ 230.355521][ T31] ? __pfx_task_work_run+0x10/0x10 [ 230.360788][ T31] ? __se_sys_close_range+0x4ed/0x650 [ 230.366180][ T31] ? exit_to_user_mode_loop+0x55/0x4f0 [ 230.371728][ T31] exit_to_user_mode_loop+0xff/0x4f0 [ 230.377036][ T31] ? rcu_is_watching+0x15/0xb0 [ 230.381820][ T31] do_syscall_64+0x2e3/0xf80 [ 230.386725][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.392881][ T31] ? clear_bhb_loop+0x60/0xb0 [ 230.398186][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.404096][ T31] RIP: 0033:0x7f78e9d8f749 [ 230.408544][ T31] RSP: 002b:00007ffe4a2bad08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 230.417000][ T31] RAX: 0000000000000000 RBX: 00007f78e9fe7da0 RCX: 00007f78e9d8f749 [ 230.424957][ T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 230.433118][ T31] RBP: 00007f78e9fe7da0 R08: 0000000000000200 R09: 0000001d4a2bafff [ 230.441135][ T31] R10: 00007f78e9fe7cb0 R11: 0000000000000246 R12: 0000000000012d72 [ 230.449236][ T31] R13: 00007f78e9fe6270 R14: ffffffffffffffff R15: 00007ffe4a2bae20 [ 230.457243][ T31] [ 230.460263][ T31] INFO: task syz.4.8:5971 blocked for more than 144 seconds. [ 230.470639][ T31] Not tainted syzkaller #0 [ 230.475575][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 230.484667][ T31] task:syz.4.8 state:D stack:26456 pid:5971 tgid:5970 ppid:5839 task_flags:0x400140 flags:0x00080002 [ 230.497206][ T31] Call Trace: [ 230.500503][ T31] [ 230.503422][ T31] __schedule+0x14bc/0x5000 [ 230.507980][ T31] ? __pfx___schedule+0x10/0x10 [ 230.512847][ T31] ? schedule+0x91/0x360 [ 230.517152][ T31] schedule+0x165/0x360 [ 230.521312][ T31] schedule_preempt_disabled+0x13/0x30 [ 230.526921][ T31] __mutex_lock+0x7e6/0x1350 [ 230.531606][ T31] ? __mutex_lock+0x5bb/0x1350 [ 230.536513][ T31] ? genl_rcv_msg+0x10d/0x790 [ 230.541192][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 230.546203][ T31] ? stack_trace_save+0x9c/0xe0 [ 230.551116][ T31] ? __lock_acquire+0x6b6/0x2cf0 [ 230.556042][ T31] ? radix_tree_lookup+0x240/0x290 [ 230.561304][ T31] genl_rcv_msg+0x10d/0x790 [ 230.565893][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 230.570956][ T31] ? __lock_acquire+0x6b6/0x2cf0 [ 230.575904][ T31] netlink_rcv_skb+0x208/0x470 [ 230.580696][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 230.585726][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 230.591082][ T31] ? down_read+0x274/0x2e0 [ 230.595513][ T31] ? genl_rcv+0xd/0x40 [ 230.599619][ T31] genl_rcv+0x28/0x40 [ 230.603610][ T31] netlink_unicast+0x82f/0x9e0 [ 230.608450][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 230.613746][ T31] ? netlink_sendmsg+0x642/0xb30 [ 230.618724][ T31] ? skb_put+0x11b/0x210 [ 230.622985][ T31] netlink_sendmsg+0x805/0xb30 [ 230.627813][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 230.633113][ T31] ? aa_sock_msg_perm+0xf1/0x1b0 [ 230.638118][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 230.643418][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 230.648905][ T31] __sock_sendmsg+0x21c/0x270 [ 230.653593][ T31] ____sys_sendmsg+0x505/0x820 [ 230.658392][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 230.663688][ T31] ? import_iovec+0x74/0xa0 [ 230.668425][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 230.673106][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 230.678345][ T31] ? futex_wake+0x4b2/0x560 [ 230.682865][ T31] ? __fget_files+0x2a/0x420 [ 230.687479][ T31] ? __fget_files+0x3a0/0x420 [ 230.692165][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 230.697160][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 230.702635][ T31] ? do_syscall_64+0xbe/0xf80 [ 230.707365][ T31] do_syscall_64+0xfa/0xf80 [ 230.711872][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.718019][ T31] ? clear_bhb_loop+0x60/0xb0 [ 230.722701][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.728609][ T31] RIP: 0033:0x7fdf8ff8f749 [ 230.733022][ T31] RSP: 002b:00007fdf90d4a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 230.741478][ T31] RAX: ffffffffffffffda RBX: 00007fdf901e5fa0 RCX: 00007fdf8ff8f749 [ 230.749513][ T31] RDX: 0000000000000000 RSI: 0000200000001ac0 RDI: 0000000000000005 [ 230.757705][ T31] RBP: 00007fdf90013f91 R08: 0000000000000000 R09: 0000000000000000 [ 230.765687][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.773816][ T31] R13: 00007fdf901e6038 R14: 00007fdf901e5fa0 R15: 00007ffdb22b9a38 [ 230.781914][ T31] [ 230.785095][ T31] INFO: task syz.2.3:5976 blocked for more than 144 seconds. [ 230.792529][ T31] Not tainted syzkaller #0 [ 230.798066][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 230.806992][ T31] task:syz.2.3 state:D stack:24680 pid:5976 tgid:5975 ppid:5828 task_flags:0x400140 flags:0x00080002 [ 230.818941][ T31] Call Trace: [ 230.822219][ T31] [ 230.825132][ T31] __schedule+0x14bc/0x5000 [ 230.829705][ T31] ? __pfx___schedule+0x10/0x10 [ 230.834561][ T31] ? schedule+0x91/0x360 [ 230.838857][ T31] schedule+0x165/0x360 [ 230.843022][ T31] schedule_preempt_disabled+0x13/0x30 [ 230.848597][ T31] __mutex_lock+0x7e6/0x1350 [ 230.853197][ T31] ? __mutex_lock+0x5bb/0x1350 [ 230.858009][ T31] ? nfc_rfkill_set_block+0x50/0x2e0 [ 230.863310][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 230.868566][ T31] ? lockdep_hardirqs_on+0x98/0x140 [ 230.873896][ T31] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 230.879999][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 230.886466][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 230.892187][ T31] nfc_rfkill_set_block+0x50/0x2e0 [ 230.897342][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 230.903071][ T31] rfkill_set_block+0x1d2/0x440 [ 230.908038][ T31] rfkill_fop_write+0x44b/0x570 [ 230.912894][ T31] ? __pfx_rfkill_fop_write+0x10/0x10 [ 230.918301][ T31] ? security_kernfs_init_security+0x270/0x290 [ 230.924480][ T31] ? rw_verify_area+0x255/0x4d0 [ 230.929358][ T31] ? __pfx_rfkill_fop_write+0x10/0x10 [ 230.934741][ T31] vfs_write+0x27e/0xb30 [ 230.939038][ T31] ? __pfx_vfs_write+0x10/0x10 [ 230.943805][ T31] ? __fget_files+0x2a/0x420 [ 230.948467][ T31] ? __fget_files+0x2a/0x420 [ 230.953056][ T31] ? __fget_files+0x3a0/0x420 [ 230.957797][ T31] ? __fget_files+0x2a/0x420 [ 230.962394][ T31] ksys_write+0x145/0x250 [ 230.966766][ T31] ? __pfx_ksys_write+0x10/0x10 [ 230.972237][ T31] ? do_syscall_64+0xbe/0xf80 [ 230.977155][ T31] do_syscall_64+0xfa/0xf80 [ 230.981671][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.987795][ T31] ? clear_bhb_loop+0x60/0xb0 [ 230.992476][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.998511][ T31] RIP: 0033:0x7f33b7d8f749 [ 231.002930][ T31] RSP: 002b:00007f33b8c7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 231.011385][ T31] RAX: ffffffffffffffda RBX: 00007f33b7fe5fa0 RCX: 00007f33b7d8f749 [ 231.019442][ T31] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000005 [ 231.027449][ T31] RBP: 00007f33b7e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 231.035432][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 231.043632][ T31] R13: 00007f33b7fe6038 R14: 00007f33b7fe5fa0 R15: 00007ffe1d206dc8 [ 231.051659][ T31] [ 231.054690][ T31] INFO: task syz.2.3:5980 blocked for more than 144 seconds. [ 231.062088][ T31] Not tainted syzkaller #0 [ 231.067042][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 231.075759][ T31] task:syz.2.3 state:D stack:28616 pid:5980 tgid:5975 ppid:5828 task_flags:0x400040 flags:0x00080002 [ 231.087821][ T31] Call Trace: [ 231.091103][ T31] [ 231.094022][ T31] __schedule+0x14bc/0x5000 [ 231.098574][ T31] ? __pfx___schedule+0x10/0x10 [ 231.103439][ T31] ? schedule+0x91/0x360 [ 231.107827][ T31] schedule+0x165/0x360 [ 231.111991][ T31] schedule_preempt_disabled+0x13/0x30 [ 231.117560][ T31] __mutex_lock+0x7e6/0x1350 [ 231.122161][ T31] ? __mutex_lock+0x5bb/0x1350 [ 231.126978][ T31] ? genl_rcv_msg+0x10d/0x790 [ 231.131666][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 231.136716][ T31] ? stack_trace_save+0x9c/0xe0 [ 231.141592][ T31] ? __lock_acquire+0x6b6/0x2cf0 [ 231.146564][ T31] ? radix_tree_lookup+0x240/0x290 [ 231.151682][ T31] genl_rcv_msg+0x10d/0x790 [ 231.156188][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 231.161279][ T31] ? __lock_acquire+0x6b6/0x2cf0 [ 231.166274][ T31] netlink_rcv_skb+0x208/0x470 [ 231.171042][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 231.176051][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 231.181483][ T31] ? down_read+0x274/0x2e0 [ 231.185909][ T31] ? genl_rcv+0xd/0x40 [ 231.190044][ T31] genl_rcv+0x28/0x40 [ 231.194028][ T31] netlink_unicast+0x82f/0x9e0 [ 231.199274][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 231.204584][ T31] ? netlink_sendmsg+0x642/0xb30 [ 231.209555][ T31] ? skb_put+0x11b/0x210 [ 231.213805][ T31] netlink_sendmsg+0x805/0xb30 [ 231.218697][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.223987][ T31] ? aa_sock_msg_perm+0xf1/0x1b0 [ 231.229005][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 231.234302][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.239643][ T31] __sock_sendmsg+0x21c/0x270 [ 231.244341][ T31] __sys_sendto+0x3bd/0x520 [ 231.248909][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 231.253943][ T31] ? count_memcg_event_mm+0x21/0x260 [ 231.259272][ T31] ? exc_page_fault+0x82/0x100 [ 231.264057][ T31] __x64_sys_sendto+0xde/0x100 [ 231.268967][ T31] do_syscall_64+0xfa/0xf80 [ 231.273481][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.279577][ T31] ? clear_bhb_loop+0x60/0xb0 [ 231.284345][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.290279][ T31] RIP: 0033:0x7f33b7d915dc [ 231.294789][ T31] RSP: 002b:00007f33b8c5aec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 231.303237][ T31] RAX: ffffffffffffffda RBX: 00007f33b8c5afc0 RCX: 00007f33b7d915dc [ 231.311346][ T31] RDX: 0000000000000024 RSI: 00007f33b8c5b010 RDI: 0000000000000006 [ 231.319357][ T31] RBP: 0000000000000000 R08: 00007f33b8c5af14 R09: 000000000000000c [ 231.327430][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006 [ 231.335389][ T31] R13: 00007f33b8c5af68 R14: 00007f33b8c5b010 R15: 0000000000000000 [ 231.343420][ T31] [ 231.346632][ T31] INFO: task syz.3.10:6053 blocked for more than 145 seconds. [ 231.354083][ T31] Not tainted syzkaller #0 [ 231.359132][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 231.368070][ T31] task:syz.3.10 state:D stack:26888 pid:6053 tgid:6052 ppid:5832 task_flags:0x400040 flags:0x00080002 [ 231.380072][ T31] Call Trace: [ 231.383472][ T31] [ 231.386441][ T31] __schedule+0x14bc/0x5000 [ 231.390973][ T31] ? __pfx___schedule+0x10/0x10 [ 231.395817][ T31] ? schedule+0x91/0x360 [ 231.400170][ T31] schedule+0x165/0x360 [ 231.404340][ T31] schedule_preempt_disabled+0x13/0x30 [ 231.409867][ T31] __mutex_lock+0x7e6/0x1350 [ 231.414474][ T31] ? __mutex_lock+0x5bb/0x1350 [ 231.419572][ T31] ? genl_rcv_msg+0x10d/0x790 [ 231.424261][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 231.429415][ T31] ? radix_tree_lookup+0x240/0x290 [ 231.434529][ T31] genl_rcv_msg+0x10d/0x790 [ 231.439544][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 231.444588][ T31] ? __lock_acquire+0x6b6/0x2cf0 [ 231.449571][ T31] netlink_rcv_skb+0x208/0x470 [ 231.454354][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 231.459416][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 231.464717][ T31] ? down_read+0x274/0x2e0 [ 231.469152][ T31] ? genl_rcv+0xd/0x40 [ 231.473229][ T31] genl_rcv+0x28/0x40 [ 231.477248][ T31] netlink_unicast+0x82f/0x9e0 [ 231.482028][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 231.487480][ T31] ? netlink_sendmsg+0x642/0xb30 [ 231.492422][ T31] ? skb_put+0x11b/0x210 [ 231.496727][ T31] netlink_sendmsg+0x805/0xb30 [ 231.501512][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.506828][ T31] ? aa_sock_msg_perm+0xf1/0x1b0 [ 231.511776][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 231.521809][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.527253][ T31] __sock_sendmsg+0x21c/0x270 [ 231.531948][ T31] __sys_sendto+0x3bd/0x520 [ 231.536502][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 231.541534][ T31] ? count_memcg_event_mm+0x21/0x260 [ 231.546975][ T31] ? exc_page_fault+0x82/0x100 [ 231.551760][ T31] __x64_sys_sendto+0xde/0x100 [ 231.556590][ T31] do_syscall_64+0xfa/0xf80 [ 231.561103][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.567190][ T31] ? clear_bhb_loop+0x60/0xb0 [ 231.571871][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.577792][ T31] RIP: 0033:0x7f815c5915dc [ 231.582208][ T31] RSP: 002b:00007f815d481ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 231.590757][ T31] RAX: ffffffffffffffda RBX: 00007f815d481fc0 RCX: 00007f815c5915dc [ 231.598844][ T31] RDX: 0000000000000020 RSI: 00007f815d482010 RDI: 0000000000000003 [ 231.606855][ T31] RBP: 0000000000000000 R08: 00007f815d481f14 R09: 000000000000000c [ 231.614838][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 231.622882][ T31] R13: 00007f815d481f68 R14: 00007f815d482010 R15: 0000000000000000 [ 231.630985][ T31] [ 231.634170][ T31] [ 231.634170][ T31] Showing all locks held in the system: [ 231.642055][ T31] 1 lock held by khungtaskd/31: [ 231.646938][ T31] #0: ffffffff8df41cc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 231.658148][ T31] 2 locks held by getty/5593: [ 231.662906][ T31] #0: ffff8880334570a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 231.672729][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 231.683023][ T31] 3 locks held by syz-executor/5827: [ 231.688349][ T31] #0: ffffffff8f35d270 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 231.696660][ T31] #1: ffffffff8f35d088 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 231.705614][ T31] #2: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 231.715922][ T31] 3 locks held by kworker/0:5/5914: [ 231.721236][ T31] #0: ffff88801a055948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 231.732344][ T31] #1: ffffc9000504fb80 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 231.745915][ T31] #2: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 231.757763][ T31] 2 locks held by syz.0.1/5949: [ 231.762626][ T31] #0: ffff88802fe89100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0 [ 231.772560][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220 [ 231.782780][ T31] 2 locks held by syz.4.8/5971: [ 231.787750][ T31] #0: ffffffff8f35d270 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 231.796054][ T31] #1: ffffffff8f35d088 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 231.805144][ T31] 2 locks held by syz.2.3/5976: [ 231.810070][ T31] #0: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x191/0x570 [ 231.820266][ T31] #1: ffff88802fe89100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 231.830017][ T31] 2 locks held by syz.2.3/5980: [ 231.834855][ T31] #0: ffffffff8f35d270 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 231.843689][ T31] #1: ffffffff8f35d088 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 231.852757][ T31] 2 locks held by syz.3.10/6053: [ 231.857759][ T31] #0: ffffffff8f35d270 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 231.866739][ T31] #1: ffffffff8f35d088 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 231.875702][ T31] 2 locks held by syz-executor/6093: [ 231.881118][ T31] #0: ffff888077b5d918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 231.891304][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 231.901805][ T31] 2 locks held by syz-executor/6096: [ 231.907182][ T31] #0: ffff888075a6e918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 231.917393][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 231.927664][ T31] 2 locks held by syz-executor/6097: [ 231.932965][ T31] #0: ffff888075a6a918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 231.943079][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 231.953178][ T31] 2 locks held by syz-executor/6099: [ 231.958497][ T31] #0: ffff888056a44918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 231.968579][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 231.978675][ T31] 2 locks held by syz-executor/6112: [ 231.983963][ T31] #0: ffff888029913918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 231.994210][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.004318][ T31] 2 locks held by syz-executor/6115: [ 232.009751][ T31] #0: ffff888027159918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.019828][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.029800][ T31] 2 locks held by syz-executor/6119: [ 232.035089][ T31] #0: ffff88805446b118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.045164][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.055190][ T31] 2 locks held by syz-executor/6120: [ 232.060529][ T31] #0: ffff88805446d118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.070600][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.080770][ T31] 2 locks held by syz-executor/6122: [ 232.086074][ T31] #0: ffff888075a6b918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.096653][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.107155][ T31] 2 locks held by syz-executor/6128: [ 232.112459][ T31] #0: ffff8880570bc118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.122603][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.132633][ T31] 2 locks held by syz-executor/6131: [ 232.137973][ T31] #0: ffff8880227b2118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.148047][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.158135][ T31] 2 locks held by syz-executor/6135: [ 232.163417][ T31] #0: ffff888028677118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.173471][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.183651][ T31] 2 locks held by syz-executor/6136: [ 232.188976][ T31] #0: ffff88802962b118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.199087][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.209530][ T31] 2 locks held by syz-executor/6138: [ 232.214837][ T31] #0: ffff888055adf918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650 [ 232.224923][ T31] #1: ffffffff8f5e1768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 232.234909][ T31] [ 232.237354][ T31] ============================================= [ 232.237354][ T31] [ 232.245945][ T31] NMI backtrace for cpu 1 [ 232.245972][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 232.245988][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 232.245996][ T31] Call Trace: [ 232.246003][ T31] [ 232.246010][ T31] dump_stack_lvl+0x189/0x250 [ 232.246034][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 232.246047][ T31] ? __pfx__printk+0x10/0x10 [ 232.246068][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 232.246080][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 232.246090][ T31] ? __pfx__printk+0x10/0x10 [ 232.246104][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 232.246119][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 232.246130][ T31] watchdog+0xf3c/0xf80 [ 232.246144][ T31] ? watchdog+0x1e2/0xf80 [ 232.246158][ T31] kthread+0x711/0x8a0 [ 232.246171][ T31] ? __pfx_watchdog+0x10/0x10 [ 232.246182][ T31] ? __pfx_kthread+0x10/0x10 [ 232.246194][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 232.246204][ T31] ? lockdep_hardirqs_on+0x98/0x140 [ 232.246215][ T31] ? __pfx_kthread+0x10/0x10 [ 232.246236][ T31] ret_from_fork+0x599/0xb30 [ 232.246258][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 232.246287][ T31] ? __switch_to_asm+0x39/0x70 [ 232.246302][ T31] ? __switch_to_asm+0x33/0x70 [ 232.246337][ T31] ? __pfx_kthread+0x10/0x10 [ 232.246356][ T31] ret_from_fork_asm+0x1a/0x30 [ 232.246389][ T31] [ 232.386526][ T31] Sending NMI from CPU 1 to CPUs 0: [ 232.391947][ C0] NMI backtrace for cpu 0 [ 232.392045][ C0] CPU: 0 UID: 0 PID: 5992 Comm: kworker/u8:16 Not tainted syzkaller #0 PREEMPT(full) [ 232.392064][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 232.392075][ C0] Workqueue: events_unbound toggle_allocation_gate [ 232.392103][ C0] RIP: 0010:choose_new_asid+0x2/0x2c0 [ 232.392129][ C0] Code: 0b 90 eb a0 e8 cf 6f d3 09 90 0f 0b 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 <41> 56 41 55 41 54 53 b8 00 00 01 00 e9 38 02 00 00 f3 0f 1e fa 48 [ 232.392148][ C0] RSP: 0018:ffffc900050ff4d0 EFLAGS: 00000046 [ 232.392161][ C0] RAX: 1ffff1100340b117 RBX: dffffc0000000000 RCX: ffffffff8175cb45 [ 232.392173][ C0] RDX: 0000000000000000 RSI: 0000000000020457 RDI: ffff88801a058000 [ 232.392183][ C0] RBP: ffffc900050ff5b0 R08: ffff88801a0588bf R09: 1ffff1100340b117 [ 232.392195][ C0] R10: dffffc0000000000 R11: ffffed100340b118 R12: 0000000000020457 [ 232.392206][ C0] R13: ffff88801a058000 R14: ffff88801a0588b8 R15: ffff88801a058b80 [ 232.392218][ C0] FS: 0000000000000000(0000) GS:ffff8881260b0000(0000) knlGS:0000000000000000 [ 232.392231][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.392241][ C0] CR2: 000055a4d7099000 CR3: 000000000dd3a000 CR4: 00000000003526f0 [ 232.392256][ C0] Call Trace: [ 232.392262][ C0] [ 232.392269][ C0] switch_mm_irqs_off+0x3ec/0x7b0 [ 232.392292][ C0] ? __pfx_switch_mm_irqs_off+0x10/0x10 [ 232.392310][ C0] ? do_raw_spin_lock+0x121/0x290 [ 232.392330][ C0] ? __pte_offset_map_lock+0x13e/0x210 [ 232.392348][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 232.392369][ C0] use_temporary_mm+0x12f/0x220 [ 232.392389][ C0] ? __pfx_use_temporary_mm+0x10/0x10 [ 232.392408][ C0] ? __pte_offset_map_lock+0x1b1/0x210 [ 232.392426][ C0] ? __page_table_check_ptes_set+0x277/0x2f0 [ 232.392449][ C0] __text_poke+0x656/0x9f0 [ 232.392469][ C0] ? __pfx_text_poke_memcpy+0x10/0x10 [ 232.392485][ C0] ? perf_event_text_poke+0x13d/0x190 [ 232.392504][ C0] ? __kvmalloc_node_noprof+0x170/0x910 [ 232.392524][ C0] ? __pfx___text_poke+0x10/0x10 [ 232.392541][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 232.392568][ C0] smp_text_poke_batch_finish+0xd0f/0x1130 [ 232.392591][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 232.392612][ C0] ? arch_jump_label_transform_queue+0x97/0x110 [ 232.392637][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 232.392658][ C0] static_key_enable_cpuslocked+0x128/0x240 [ 232.392678][ C0] static_key_enable+0x1a/0x20 [ 232.392694][ C0] toggle_allocation_gate+0xad/0x240 [ 232.392715][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 232.392735][ C0] ? process_scheduled_works+0x9ef/0x1770 [ 232.392762][ C0] ? process_scheduled_works+0x9ef/0x1770 [ 232.392785][ C0] ? process_scheduled_works+0x9ef/0x1770 [ 232.392807][ C0] process_scheduled_works+0xad1/0x1770 [ 232.392842][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 232.392872][ C0] worker_thread+0x8a0/0xda0 [ 232.392893][ C0] ? __kthread_parkme+0x7b/0x200 [ 232.392913][ C0] kthread+0x711/0x8a0 [ 232.392932][ C0] ? __pfx_worker_thread+0x10/0x10 [ 232.392946][ C0] ? __pfx_kthread+0x10/0x10 [ 232.392964][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 232.392982][ C0] ? lockdep_hardirqs_on+0x98/0x140 [ 232.393000][ C0] ? __pfx_kthread+0x10/0x10 [ 232.393018][ C0] ret_from_fork+0x599/0xb30 [ 232.393041][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 232.393067][ C0] ? __switch_to_asm+0x39/0x70 [ 232.393084][ C0] ? __switch_to_asm+0x33/0x70 [ 232.393101][ C0] ? __pfx_kthread+0x10/0x10 [ 232.393119][ C0] ret_from_fork_asm+0x1a/0x30 [ 232.393150][ C0]