Warning: Permanently added '[localhost]:23811' (ED25519) to the list of known hosts.
2026/05/11 23:01:59 parsed 1 programs
syzkaller login: [   55.198164][ T5612] cgroup: Unknown subsys name 'net'
[   55.314515][ T5612] cgroup: Unknown subsys name 'cpuset'
[   55.318472][ T5612] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   56.995808][ T5612] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   59.339123][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.339537][ T5624] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   59.352199][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.416335][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.422326][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.002709][ T5699] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.008460][ T5699] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.013531][ T5699] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.018174][ T5699] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.020737][ T5699] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.206735][ T5658] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.215542][ T5658] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.222755][ T5658] bridge_slave_0: entered allmulticast mode
[   61.239492][ T5658] bridge_slave_0: entered promiscuous mode
[   61.265986][ T5658] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.269105][ T5658] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.272319][ T5658] bridge_slave_1: entered allmulticast mode
[   61.276255][ T5658] bridge_slave_1: entered promiscuous mode
[   61.336534][ T5658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.349075][ T5658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.411087][ T5658] team0: Port device team_slave_0 added
[   61.426239][ T5658] team0: Port device team_slave_1 added
[   61.471426][ T5658] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.474433][ T5658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   61.484904][ T5658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.492994][ T5658] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.496385][ T5658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   61.505157][ T5658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.543124][ T5658] hsr_slave_0: entered promiscuous mode
[   61.545891][ T5658] hsr_slave_1: entered promiscuous mode
[   61.743160][ T5658] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   61.750925][ T5658] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   61.754228][ T5658] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.760414][ T5658] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   61.763892][ T5658] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.767962][ T5658] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   61.770805][ T5658] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.776919][ T5658] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   62.038029][ T5658] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.068504][ T5658] 8021q: adding VLAN 0 to HW filter on device team0
[   62.086788][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.089617][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.106801][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.109091][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.432169][ T5658] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.463046][ T5658] veth0_vlan: entered promiscuous mode
[   62.470564][ T5658] veth1_vlan: entered promiscuous mode
[   62.492423][ T5658] veth0_macvtap: entered promiscuous mode
[   62.497688][ T5658] veth1_macvtap: entered promiscuous mode
[   62.508411][ T5658] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.515251][ T5658] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.528330][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.532921][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.537155][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.540872][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/05/11 23:02:08 executed programs: 0
[   62.681216][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   62.685778][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.689698][ T5741] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   62.693328][ T5741] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.696445][ T5741] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   62.697459][ T5743] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.704671][ T5741] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   62.709730][ T5741] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.712236][ T5741] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   62.715916][ T5741] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   62.718864][ T5741] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.723207][ T5741] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   62.726033][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   62.730198][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   62.744661][ T5746] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.001947][ T5630] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.074858][ T5630] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.271897][ T5744] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.274402][ T5744] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.276709][ T5744] bridge_slave_0: entered allmulticast mode
[   63.279438][ T5744] bridge_slave_0: entered promiscuous mode
[   63.286799][ T5744] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.289345][ T5744] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.291830][ T5744] bridge_slave_1: entered allmulticast mode
[   63.294526][ T5744] bridge_slave_1: entered promiscuous mode
[   63.350525][ T5744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.356158][ T5744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.397360][ T5737] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.400428][ T5737] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.403178][ T5737] bridge_slave_0: entered allmulticast mode
[   63.406229][ T5737] bridge_slave_0: entered promiscuous mode
[   63.424659][ T5737] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.427509][ T5737] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.430293][ T5737] bridge_slave_1: entered allmulticast mode
[   63.433744][ T5737] bridge_slave_1: entered promiscuous mode
[   63.437714][ T5744] team0: Port device team_slave_0 added
[   63.444421][ T5739] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.446795][ T5739] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.449117][ T5739] bridge_slave_0: entered allmulticast mode
[   63.452676][ T5739] bridge_slave_0: entered promiscuous mode
[   63.456142][ T5739] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.458454][ T5739] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.460861][ T5739] bridge_slave_1: entered allmulticast mode
[   63.464062][ T5739] bridge_slave_1: entered promiscuous mode
[   63.473703][ T5744] team0: Port device team_slave_1 added
[   63.510417][ T5744] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.513261][ T5744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.523271][ T5744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.538446][ T5739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.543519][ T5737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.547940][ T5737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.553719][ T5744] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.555991][ T5744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.564899][ T5744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.577392][ T5739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.616824][ T5739] team0: Port device team_slave_0 added
[   63.619996][ T5737] team0: Port device team_slave_0 added
[   63.624821][ T5737] team0: Port device team_slave_1 added
[   63.635578][ T5739] team0: Port device team_slave_1 added
[   63.649320][ T5744] hsr_slave_0: entered promiscuous mode
[   63.652247][ T5744] hsr_slave_1: entered promiscuous mode
[   63.655299][ T5744] debugfs: 'hsr0' already exists in 'hsr'
[   63.657522][ T5744] Cannot create hsr debugfs directory
[   63.679461][ T5739] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.682260][ T5739] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.689911][ T5739] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.693691][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.695848][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.703701][ T5737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.707863][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.710592][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.719498][ T5737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.732644][ T5739] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.735690][ T5739] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.744635][ T5739] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.840134][ T5737] hsr_slave_0: entered promiscuous mode
[   63.842460][ T5737] hsr_slave_1: entered promiscuous mode
[   63.844584][ T5737] debugfs: 'hsr0' already exists in 'hsr'
[   63.846546][ T5737] Cannot create hsr debugfs directory
[   63.853516][ T5739] hsr_slave_0: entered promiscuous mode
[   63.855818][ T5739] hsr_slave_1: entered promiscuous mode
[   63.857939][ T5739] debugfs: 'hsr0' already exists in 'hsr'
[   63.859778][ T5739] Cannot create hsr debugfs directory
[   64.098563][ T5630] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.782132][ T5746] Bluetooth: hci2: command tx timeout
[   64.782164][ T5743] Bluetooth: hci0: command tx timeout
[   64.784775][ T5746] Bluetooth: hci1: command tx timeout
[   65.199902][ T5630] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.560530][ T5630] bridge_slave_1: left allmulticast mode
[   65.563699][ T5630] bridge_slave_1: left promiscuous mode
[   65.566275][ T5630] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.572868][ T5630] bridge_slave_0: left allmulticast mode
[   65.574629][ T5630] bridge_slave_0: left promiscuous mode
[   65.577118][ T5630] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.716265][ T5630] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   65.722610][ T5630] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   65.726313][ T5630] bond0 (unregistering): Released all slaves
[   65.744628][ T5355] 8021q: adding VLAN 0 to HW filter on device eth1
[   65.806513][ T5630] hsr_slave_0: left promiscuous mode
[   65.814393][ T5630] hsr_slave_1: left promiscuous mode
[   65.817253][ T5630] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.820241][ T5630] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.826509][ T5630] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.833689][ T5630] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.846114][ T5630] veth1_macvtap: left promiscuous mode
[   65.848452][ T5630] veth0_macvtap: left promiscuous mode
[   65.851178][ T5630] veth1_vlan: left promiscuous mode
[   65.853732][ T5630] veth0_vlan: left promiscuous mode
[   66.020087][ T5630] team0 (unregistering): Port device team_slave_1 removed
[   66.028265][ T5630] team0 (unregistering): Port device team_slave_0 removed
[   66.127152][ T5355] 8021q: adding VLAN 0 to HW filter on device eth2
[   66.379276][ T5737] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   66.387440][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   66.391359][ T5737] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.397200][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   66.407517][ T5737] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.413347][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   66.428283][ T5737] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.432788][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   66.475175][ T5739] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   66.480719][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   66.494172][ T5739] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   66.503240][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   66.518579][ T5739] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   66.528065][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   66.546569][ T5739] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   66.553102][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   66.585444][ T5744] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   66.589747][ T5744] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   66.595503][ T5744] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   66.600508][ T5744] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   66.608940][ T5744] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   66.614461][ T5744] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   66.617229][ T5744] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   66.620827][ T5744] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   66.656045][ T5737] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.669829][ T5737] 8021q: adding VLAN 0 to HW filter on device team0
[   66.681546][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.683963][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.695700][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.698031][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.734431][ T5739] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.756105][ T5739] 8021q: adding VLAN 0 to HW filter on device team0
[   66.764823][ T5744] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.771397][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.773969][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.777496][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.779871][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.794297][ T5744] 8021q: adding VLAN 0 to HW filter on device team0
[   66.808857][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.811192][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.815157][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.817499][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.862248][ T5743] Bluetooth: hci1: command tx timeout
[   66.862876][   T54] Bluetooth: hci2: command tx timeout
[   66.872055][   T54] Bluetooth: hci0: command tx timeout
[   67.032325][ T5737] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.066008][ T5737] veth0_vlan: entered promiscuous mode
[   67.075389][ T5737] veth1_vlan: entered promiscuous mode
[   67.099689][ T5739] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.116734][ T5737] veth0_macvtap: entered promiscuous mode
[   67.126244][ T5737] veth1_macvtap: entered promiscuous mode
[   67.132412][ T5744] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.154261][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.159481][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.168582][ T5791] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.171806][ T5791] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.179106][ T5791] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.183425][ T5791] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.214380][ T5739] veth0_vlan: entered promiscuous mode
[   67.226460][ T5744] veth0_vlan: entered promiscuous mode
[   67.238886][ T5739] veth1_vlan: entered promiscuous mode
[   67.257635][ T5744] veth1_vlan: entered promiscuous mode
[   67.264321][  T192] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.269467][  T192] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.314408][ T5739] veth0_macvtap: entered promiscuous mode
[   67.321932][  T192] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.326503][  T192] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.330618][ T5739] veth1_macvtap: entered promiscuous mode
[   67.340256][ T5744] veth0_macvtap: entered promiscuous mode
[   67.357378][ T5744] veth1_macvtap: entered promiscuous mode
[   67.372305][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.374944][ T5875] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.17/5875
[   67.378202][ T5875] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   67.379951][ T5875] CPU: 0 UID: 0 PID: 5875 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   67.379966][ T5875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   67.379971][ T5875] Call Trace:
[   67.379975][ T5875]  <TASK>
[   67.379979][ T5875]  dump_stack_lvl+0xe8/0x150
[   67.379992][ T5875]  check_preemption_disabled+0xd3/0xe0
[   67.380006][ T5875]  tcp_v4_do_rcv+0xb4a/0x13e0
[   67.380018][ T5875]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   67.380027][ T5875]  __release_sock+0x265/0x3a0
[   67.380042][ T5875]  release_sock+0x190/0x260
[   67.380052][ T5875]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   67.380071][ T5875]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   67.380084][ T5875]  ? __pfx___nla_validate_parse+0x10/0x10
[   67.380096][ T5875]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.380112][ T5875]  ? rcu_is_watching+0x15/0xb0
[   67.380229][ T5875]  ? trace_kmalloc+0x2a/0xf0
[   67.380247][ T5875]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   67.380257][ T5875]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   67.380267][ T5875]  genl_family_rcv_msg_doit+0x22a/0x330
[   67.380276][ T5875]  ? __asan_memcpy+0x40/0x70
[   67.380287][ T5875]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   67.380299][ T5875]  ? bpf_lsm_capable+0x9/0x20
[   67.380308][ T5875]  ? security_capable+0x7e/0x2c0
[   67.380320][ T5875]  genl_rcv_msg+0x61c/0x7a0
[   67.380330][ T5875]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.380337][ T5875]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.380353][ T5875]  ? __pfx_ref_tracker_free+0x10/0x10
[   67.380363][ T5875]  ? __asan_memcpy+0x40/0x70
[   67.380371][ T5875]  ? __skb_clone+0x63/0x7a0
[   67.380385][ T5875]  netlink_rcv_skb+0x232/0x4b0
[   67.380395][ T5875]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.380403][ T5875]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   67.380418][ T5875]  ? down_read+0x270/0x2e0
[   67.380424][ T5875]  ? genl_rcv+0xd/0x40
[   67.380432][ T5875]  genl_rcv+0x28/0x40
[   67.380438][ T5875]  netlink_unicast+0x75c/0x8e0
[   67.380451][ T5875]  netlink_sendmsg+0x813/0xb40
[   67.380464][ T5875]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.380475][ T5875]  ? aa_sock_msg_perm+0xf1/0x1b0
[   67.380487][ T5875]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   67.380499][ T5875]  ____sys_sendmsg+0x972/0x9f0
[   67.380509][ T5875]  ? __might_fault+0xaf/0x130
[   67.380522][ T5875]  ? __pfx_____sys_sendmsg+0x10/0x10
[   67.380535][ T5875]  ? import_iovec+0x73/0xa0
[   67.380548][ T5875]  ___sys_sendmsg+0x2a5/0x360
[   67.380558][ T5875]  ? __lock_acquire+0x6b5/0x2cf0
[   67.380568][ T5875]  ? __pfx____sys_sendmsg+0x10/0x10
[   67.380580][ T5875]  ? futex_wake+0x4ac/0x580
[   67.380599][ T5875]  ? __fget_files+0x2a/0x420
[   67.380607][ T5875]  ? __fget_files+0x3a0/0x420
[   67.380619][ T5875]  __x64_sys_sendmsg+0x1bd/0x2a0
[   67.380681][ T5875]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   67.380702][ T5875]  ? rcu_is_watching+0x15/0xb0
[   67.380718][ T5875]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.380727][ T5875]  do_syscall_64+0x15f/0xf80
[   67.380738][ T5875]  ? trace_irq_disable+0x3b/0x140
[   67.380751][ T5875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.380759][ T5875] RIP: 0033:0x7f6847f9cdd9
[   67.380768][ T5875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   67.380774][ T5875] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.380784][ T5875] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   67.380789][ T5875] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   67.380794][ T5875] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   67.380799][ T5875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   67.380803][ T5875] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   67.380814][ T5875]  </TASK>
[   67.389974][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.423426][ T5877] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.20/5877
[   67.442288][ T5630] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.443358][ T5877] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   67.443379][ T5877] CPU: 0 UID: 0 PID: 5877 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT(full) 
[   67.443389][ T5877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   67.443394][ T5877] Call Trace:
[   67.443398][ T5877]  <TASK>
[   67.443401][ T5877]  dump_stack_lvl+0xe8/0x150
[   67.443413][ T5877]  check_preemption_disabled+0xd3/0xe0
[   67.443427][ T5877]  tcp_v4_do_rcv+0xb4a/0x13e0
[   67.443438][ T5877]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   67.443447][ T5877]  __release_sock+0x265/0x3a0
[   67.443463][ T5877]  release_sock+0x190/0x260
[   67.443472][ T5877]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   67.443492][ T5877]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   67.443504][ T5877]  ? __pfx___nla_validate_parse+0x10/0x10
[   67.443517][ T5877]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.443532][ T5877]  ? rcu_is_watching+0x15/0xb0
[   67.443542][ T5877]  ? trace_kmalloc+0x2a/0xf0
[   67.443558][ T5877]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   67.443566][ T5877]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   67.443577][ T5877]  genl_family_rcv_msg_doit+0x22a/0x330
[   67.443585][ T5877]  ? __asan_memcpy+0x40/0x70
[   67.443595][ T5877]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   67.443607][ T5877]  ? bpf_lsm_capable+0x9/0x20
[   67.443615][ T5877]  ? security_capable+0x7e/0x2c0
[   67.443649][ T5877]  genl_rcv_msg+0x61c/0x7a0
[   67.443659][ T5877]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.443683][ T5877]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.443693][ T5877]  ? __pfx_ref_tracker_free+0x10/0x10
[   67.443703][ T5877]  ? __asan_memcpy+0x40/0x70
[   67.443711][ T5877]  ? __skb_clone+0x63/0x7a0
[   67.443724][ T5877]  netlink_rcv_skb+0x232/0x4b0
[   67.443734][ T5877]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.443742][ T5877]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   67.443757][ T5877]  ? down_read+0x270/0x2e0
[   67.443763][ T5877]  ? genl_rcv+0xd/0x40
[   67.443770][ T5877]  genl_rcv+0x28/0x40
[   67.443777][ T5877]  netlink_unicast+0x75c/0x8e0
[   67.443789][ T5877]  netlink_sendmsg+0x813/0xb40
[   67.443802][ T5877]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.443813][ T5877]  ? aa_sock_msg_perm+0xf1/0x1b0
[   67.443825][ T5877]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   67.443838][ T5877]  ____sys_sendmsg+0x972/0x9f0
[   67.443849][ T5877]  ? __might_fault+0xaf/0x130
[   67.443863][ T5877]  ? __pfx_____sys_sendmsg+0x10/0x10
[   67.443876][ T5877]  ? import_iovec+0x73/0xa0
[   67.443889][ T5877]  ___sys_sendmsg+0x2a5/0x360
[   67.443898][ T5877]  ? __lock_acquire+0x6b5/0x2cf0
[   67.443909][ T5877]  ? __pfx____sys_sendmsg+0x10/0x10
[   67.443921][ T5877]  ? futex_wake+0x4ac/0x580
[   67.443940][ T5877]  ? __fget_files+0x2a/0x420
[   67.443949][ T5877]  ? __fget_files+0x3a0/0x420
[   67.443961][ T5877]  __x64_sys_sendmsg+0x1bd/0x2a0
[   67.443972][ T5877]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   67.443985][ T5877]  ? rcu_is_watching+0x15/0xb0
[   67.443996][ T5877]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.444005][ T5877]  do_syscall_64+0x15f/0xf80
[   67.444015][ T5877]  ? trace_irq_disable+0x3b/0x140
[   67.444028][ T5877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.444036][ T5877] RIP: 0033:0x7f6847f9cdd9
[   67.444044][ T5877] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   67.444051][ T5877] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.444061][ T5877] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   67.444066][ T5877] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   67.444071][ T5877] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   67.444075][ T5877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   67.444080][ T5877] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   67.444091][ T5877]  </TASK>
[   67.480979][ T5879] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.21/5879
[   67.652557][ T5879] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   67.654699][ T5879] CPU: 0 UID: 0 PID: 5879 Comm: syz.0.21 Not tainted syzkaller #0 PREEMPT(full) 
[   67.654714][ T5879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   67.654721][ T5879] Call Trace:
[   67.654727][ T5879]  <TASK>
[   67.654732][ T5879]  dump_stack_lvl+0xe8/0x150
[   67.654750][ T5879]  check_preemption_disabled+0xd3/0xe0
[   67.654770][ T5879]  tcp_v4_do_rcv+0xb4a/0x13e0
[   67.654782][ T5879]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   67.654791][ T5879]  __release_sock+0x265/0x3a0
[   67.654806][ T5879]  release_sock+0x190/0x260
[   67.654815][ T5879]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   67.654835][ T5879]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   67.654848][ T5879]  ? __pfx___nla_validate_parse+0x10/0x10
[   67.654866][ T5879]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.654881][ T5879]  ? rcu_is_watching+0x15/0xb0
[   67.654891][ T5879]  ? trace_kmalloc+0x2a/0xf0
[   67.654906][ T5879]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   67.654916][ T5879]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   67.654926][ T5879]  genl_family_rcv_msg_doit+0x22a/0x330
[   67.654934][ T5879]  ? __asan_memcpy+0x40/0x70
[   67.654944][ T5879]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   67.654956][ T5879]  ? bpf_lsm_capable+0x9/0x20
[   67.654964][ T5879]  ? security_capable+0x7e/0x2c0
[   67.654976][ T5879]  genl_rcv_msg+0x61c/0x7a0
[   67.654986][ T5879]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.654993][ T5879]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.655003][ T5879]  ? __pfx_ref_tracker_free+0x10/0x10
[   67.655013][ T5879]  ? __asan_memcpy+0x40/0x70
[   67.655021][ T5879]  ? __skb_clone+0x63/0x7a0
[   67.655034][ T5879]  netlink_rcv_skb+0x232/0x4b0
[   67.655044][ T5879]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.655052][ T5879]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   67.655066][ T5879]  ? down_read+0x270/0x2e0
[   67.655073][ T5879]  ? genl_rcv+0xd/0x40
[   67.655080][ T5879]  genl_rcv+0x28/0x40
[   67.655087][ T5879]  netlink_unicast+0x75c/0x8e0
[   67.655099][ T5879]  netlink_sendmsg+0x813/0xb40
[   67.655113][ T5879]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.655124][ T5879]  ? aa_sock_msg_perm+0xf1/0x1b0
[   67.655135][ T5879]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   67.655146][ T5879]  ____sys_sendmsg+0x972/0x9f0
[   67.655156][ T5879]  ? __might_fault+0xaf/0x130
[   67.655168][ T5879]  ? __pfx_____sys_sendmsg+0x10/0x10
[   67.655181][ T5879]  ? import_iovec+0x73/0xa0
[   67.655193][ T5879]  ___sys_sendmsg+0x2a5/0x360
[   67.655202][ T5879]  ? __lock_acquire+0x6b5/0x2cf0
[   67.655212][ T5879]  ? __pfx____sys_sendmsg+0x10/0x10
[   67.655224][ T5879]  ? futex_wake+0x4ac/0x580
[   67.655244][ T5879]  ? __fget_files+0x2a/0x420
[   67.655253][ T5879]  ? __fget_files+0x3a0/0x420
[   67.655265][ T5879]  __x64_sys_sendmsg+0x1bd/0x2a0
[   67.655276][ T5879]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   67.655288][ T5879]  ? rcu_is_watching+0x15/0xb0
[   67.655300][ T5879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.655308][ T5879]  do_syscall_64+0x15f/0xf80
[   67.655320][ T5879]  ? trace_irq_disable+0x3b/0x140
[   67.655332][ T5879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.655340][ T5879] RIP: 0033:0x7f6847f9cdd9
[   67.655349][ T5879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   67.655355][ T5879] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.655364][ T5879] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   67.655370][ T5879] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   67.655375][ T5879] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   67.655379][ T5879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   67.655384][ T5879] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   67.655394][ T5879]  </TASK>
[   67.830705][ T5881] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.22/5881
[   67.831086][ T5791] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.834275][ T5881] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   67.838730][ T5791] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.839165][ T5881] CPU: 1 UID: 0 PID: 5881 Comm: syz.0.22 Not tainted syzkaller #0 PREEMPT(full) 
[   67.839180][ T5881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   67.839186][ T5881] Call Trace:
[   67.839192][ T5881]  <TASK>
[   67.839197][ T5881]  dump_stack_lvl+0xe8/0x150
[   67.839216][ T5881]  check_preemption_disabled+0xd3/0xe0
[   67.839242][ T5881]  tcp_v4_do_rcv+0xb4a/0x13e0
[   67.839257][ T5881]  ? __local_bh_enable_ip+0xd0/0x130
[   67.839270][ T5881]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   67.839281][ T5881]  __release_sock+0x265/0x3a0
[   67.839305][ T5881]  release_sock+0x190/0x260
[   67.839321][ T5881]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   67.839353][ T5881]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   67.839370][ T5881]  ? __pfx___nla_validate_parse+0x10/0x10
[   67.839388][ T5881]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.839413][ T5881]  ? rcu_is_watching+0x15/0xb0
[   67.839427][ T5881]  ? trace_kmalloc+0x2a/0xf0
[   67.839452][ T5881]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   67.839464][ T5881]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   67.839477][ T5881]  genl_family_rcv_msg_doit+0x22a/0x330
[   67.839490][ T5881]  ? __asan_memcpy+0x40/0x70
[   67.839507][ T5881]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   67.839526][ T5881]  ? bpf_lsm_capable+0x9/0x20
[   67.839538][ T5881]  ? security_capable+0x7e/0x2c0
[   67.839557][ T5881]  genl_rcv_msg+0x61c/0x7a0
[   67.839569][ T5881]  ? __pfx_genl_rcv_msg+0x10/0x10
2026/05/11 23:02:13 executed programs: 9
[   67.839604][ T5881]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.839620][ T5881]  ? __pfx_ref_tracker_free+0x10/0x10
[   67.839635][ T5881]  ? __asan_memcpy+0x40/0x70
[   67.839647][ T5881]  ? __skb_clone+0x63/0x7a0
[   67.839667][ T5881]  netlink_rcv_skb+0x232/0x4b0
[   67.839679][ T5881]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.839692][ T5881]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   67.839717][ T5881]  ? down_read+0x270/0x2e0
[   67.839727][ T5881]  ? genl_rcv+0xd/0x40
[   67.839739][ T5881]  genl_rcv+0x28/0x40
[   67.839749][ T5881]  netlink_unicast+0x75c/0x8e0
[   67.839767][ T5881]  netlink_sendmsg+0x813/0xb40
[   67.839785][ T5881]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.839809][ T5881]  ? aa_sock_msg_perm+0xf1/0x1b0
[   67.839826][ T5881]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   67.839843][ T5881]  ____sys_sendmsg+0x972/0x9f0
[   67.839858][ T5881]  ? __might_fault+0xaf/0x130
[   67.839872][ T5881]  ? __pfx_____sys_sendmsg+0x10/0x10
[   67.839893][ T5881]  ? import_iovec+0x73/0xa0
[   67.839913][ T5881]  ___sys_sendmsg+0x2a5/0x360
[   67.839927][ T5881]  ? __lock_acquire+0x6b5/0x2cf0
[   67.839944][ T5881]  ? __pfx____sys_sendmsg+0x10/0x10
[   67.839963][ T5881]  ? futex_wake+0x4ac/0x580
[   67.839991][ T5881]  ? __fget_files+0x2a/0x420
[   67.840004][ T5881]  ? __fget_files+0x3a0/0x420
[   67.840024][ T5881]  __x64_sys_sendmsg+0x1bd/0x2a0
[   67.840041][ T5881]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   67.840062][ T5881]  ? rcu_is_watching+0x15/0xb0
[   67.840081][ T5881]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.840094][ T5881]  do_syscall_64+0x15f/0xf80
[   67.840105][ T5881]  ? trace_irq_disable+0x3b/0x140
[   67.840126][ T5881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.840137][ T5881] RIP: 0033:0x7f6847f9cdd9
[   67.840149][ T5881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   67.840158][ T5881] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.840171][ T5881] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   67.840180][ T5881] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   67.840187][ T5881] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   67.840193][ T5881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   67.840198][ T5881] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   67.840215][ T5881]  </TASK>
[   67.963971][ T5883] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.23/5883
[   67.972332][ T5883] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   67.974919][ T5883] CPU: 1 UID: 0 PID: 5883 Comm: syz.0.23 Not tainted syzkaller #0 PREEMPT(full) 
[   67.974931][ T5883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   67.974935][ T5883] Call Trace:
[   67.974939][ T5883]  <TASK>
[   67.974942][ T5883]  dump_stack_lvl+0xe8/0x150
[   67.974956][ T5883]  check_preemption_disabled+0xd3/0xe0
[   67.974970][ T5883]  tcp_v4_do_rcv+0xb4a/0x13e0
[   67.974981][ T5883]  ? __local_bh_enable_ip+0xd0/0x130
[   67.974991][ T5883]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   67.974999][ T5883]  __release_sock+0x265/0x3a0
[   67.975014][ T5883]  release_sock+0x190/0x260
[   67.975025][ T5883]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   67.975047][ T5883]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   67.975059][ T5883]  ? __pfx___nla_validate_parse+0x10/0x10
[   67.975072][ T5883]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.975087][ T5883]  ? rcu_is_watching+0x15/0xb0
[   67.975097][ T5883]  ? trace_kmalloc+0x2a/0xf0
[   67.975112][ T5883]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   67.975121][ T5883]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   67.975132][ T5883]  genl_family_rcv_msg_doit+0x22a/0x330
[   67.975140][ T5883]  ? __asan_memcpy+0x40/0x70
[   67.975151][ T5883]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   67.975163][ T5883]  ? bpf_lsm_capable+0x9/0x20
[   67.975171][ T5883]  ? security_capable+0x7e/0x2c0
[   67.975184][ T5883]  genl_rcv_msg+0x61c/0x7a0
[   67.975193][ T5883]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.975200][ T5883]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   67.975210][ T5883]  ? __pfx_ref_tracker_free+0x10/0x10
[   67.975220][ T5883]  ? __asan_memcpy+0x40/0x70
[   67.975228][ T5883]  ? __skb_clone+0x63/0x7a0
[   67.975241][ T5883]  netlink_rcv_skb+0x232/0x4b0
[   67.975251][ T5883]  ? __pfx_genl_rcv_msg+0x10/0x10
[   67.975259][ T5883]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   67.975273][ T5883]  ? down_read+0x270/0x2e0
[   67.975280][ T5883]  ? genl_rcv+0xd/0x40
[   67.975287][ T5883]  genl_rcv+0x28/0x40
[   67.975294][ T5883]  netlink_unicast+0x75c/0x8e0
[   67.975306][ T5883]  netlink_sendmsg+0x813/0xb40
[   67.975319][ T5883]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.975330][ T5883]  ? aa_sock_msg_perm+0xf1/0x1b0
[   67.975342][ T5883]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   67.975355][ T5883]  ____sys_sendmsg+0x972/0x9f0
[   67.975366][ T5883]  ? __might_fault+0xaf/0x130
[   67.975378][ T5883]  ? __pfx_____sys_sendmsg+0x10/0x10
[   67.975391][ T5883]  ? import_iovec+0x73/0xa0
[   67.975404][ T5883]  ___sys_sendmsg+0x2a5/0x360
[   67.975413][ T5883]  ? __lock_acquire+0x6b5/0x2cf0
[   67.975423][ T5883]  ? __pfx____sys_sendmsg+0x10/0x10
[   67.975435][ T5883]  ? futex_wake+0x4ac/0x580
[   67.975455][ T5883]  ? __fget_files+0x2a/0x420
[   67.975464][ T5883]  ? __fget_files+0x3a0/0x420
[   67.975476][ T5883]  __x64_sys_sendmsg+0x1bd/0x2a0
[   67.975487][ T5883]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   67.975500][ T5883]  ? rcu_is_watching+0x15/0xb0
[   67.975512][ T5883]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.975520][ T5883]  do_syscall_64+0x15f/0xf80
[   67.975531][ T5883]  ? trace_irq_disable+0x3b/0x140
[   67.975544][ T5883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.975551][ T5883] RIP: 0033:0x7f6847f9cdd9
[   67.975580][ T5883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   67.975587][ T5883] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.975596][ T5883] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   67.975602][ T5883] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   67.975607][ T5883] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   67.975611][ T5883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   67.975616][ T5883] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   67.975627][ T5883]  </TASK>
[   67.980800][ T5744] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.105199][ T5791] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.133524][ T5744] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.140926][ T5791] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.147117][ T5791] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.156912][ T5791] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.160291][ T5791] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.183111][ T5885] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.24/5885
[   68.186464][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.186949][ T5885] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   68.191149][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.191271][ T5885] CPU: 1 UID: 0 PID: 5885 Comm: syz.0.24 Not tainted syzkaller #0 PREEMPT(full) 
[   68.191282][ T5885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   68.191287][ T5885] Call Trace:
[   68.191291][ T5885]  <TASK>
[   68.191295][ T5885]  dump_stack_lvl+0xe8/0x150
[   68.191309][ T5885]  check_preemption_disabled+0xd3/0xe0
[   68.191323][ T5885]  tcp_v4_do_rcv+0xb4a/0x13e0
[   68.191336][ T5885]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   68.191345][ T5885]  __release_sock+0x265/0x3a0
[   68.191361][ T5885]  release_sock+0x190/0x260
[   68.191371][ T5885]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   68.191390][ T5885]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   68.191403][ T5885]  ? __pfx___nla_validate_parse+0x10/0x10
[   68.191416][ T5885]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.191430][ T5885]  ? rcu_is_watching+0x15/0xb0
[   68.191440][ T5885]  ? trace_kmalloc+0x2a/0xf0
[   68.191456][ T5885]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   68.191465][ T5885]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   68.191475][ T5885]  genl_family_rcv_msg_doit+0x22a/0x330
[   68.191483][ T5885]  ? __asan_memcpy+0x40/0x70
[   68.191494][ T5885]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   68.191506][ T5885]  ? bpf_lsm_capable+0x9/0x20
[   68.191514][ T5885]  ? security_capable+0x7e/0x2c0
[   68.191526][ T5885]  genl_rcv_msg+0x61c/0x7a0
[   68.191556][ T5885]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.191564][ T5885]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.191574][ T5885]  ? __pfx_ref_tracker_free+0x10/0x10
[   68.191584][ T5885]  ? __asan_memcpy+0x40/0x70
[   68.191592][ T5885]  ? __skb_clone+0x63/0x7a0
[   68.191605][ T5885]  netlink_rcv_skb+0x232/0x4b0
[   68.191616][ T5885]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.191624][ T5885]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   68.191638][ T5885]  ? down_read+0x270/0x2e0
[   68.191645][ T5885]  ? genl_rcv+0xd/0x40
[   68.191653][ T5885]  genl_rcv+0x28/0x40
[   68.191659][ T5885]  netlink_unicast+0x75c/0x8e0
[   68.191671][ T5885]  netlink_sendmsg+0x813/0xb40
[   68.191684][ T5885]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.191695][ T5885]  ? aa_sock_msg_perm+0xf1/0x1b0
[   68.191707][ T5885]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   68.191719][ T5885]  ____sys_sendmsg+0x972/0x9f0
[   68.191730][ T5885]  ? __might_fault+0xaf/0x130
[   68.191742][ T5885]  ? __pfx_____sys_sendmsg+0x10/0x10
[   68.191760][ T5885]  ? import_iovec+0x73/0xa0
[   68.191773][ T5885]  ___sys_sendmsg+0x2a5/0x360
[   68.191783][ T5885]  ? __lock_acquire+0x6b5/0x2cf0
[   68.191793][ T5885]  ? __pfx____sys_sendmsg+0x10/0x10
[   68.191805][ T5885]  ? futex_wake+0x4ac/0x580
[   68.191825][ T5885]  ? __fget_files+0x2a/0x420
[   68.191835][ T5885]  ? __fget_files+0x3a0/0x420
[   68.191847][ T5885]  __x64_sys_sendmsg+0x1bd/0x2a0
[   68.191858][ T5885]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   68.191871][ T5885]  ? rcu_is_watching+0x15/0xb0
[   68.191882][ T5885]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.191891][ T5885]  do_syscall_64+0x15f/0xf80
[   68.191901][ T5885]  ? trace_irq_disable+0x3b/0x140
[   68.191915][ T5885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.191923][ T5885] RIP: 0033:0x7f6847f9cdd9
[   68.191931][ T5885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.191937][ T5885] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.191947][ T5885] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   68.191952][ T5885] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   68.191957][ T5885] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   68.191962][ T5885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.191966][ T5885] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   68.191978][ T5885]  </TASK>
[   68.248456][ T5887] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.25/5887
[   68.321574][ T5887] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   68.323329][ T5887] CPU: 1 UID: 0 PID: 5887 Comm: syz.0.25 Not tainted syzkaller #0 PREEMPT(full) 
[   68.323340][ T5887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   68.323345][ T5887] Call Trace:
[   68.323349][ T5887]  <TASK>
[   68.323353][ T5887]  dump_stack_lvl+0xe8/0x150
[   68.323366][ T5887]  check_preemption_disabled+0xd3/0xe0
[   68.323380][ T5887]  tcp_v4_do_rcv+0xb4a/0x13e0
[   68.323393][ T5887]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   68.323401][ T5887]  __release_sock+0x265/0x3a0
[   68.323417][ T5887]  release_sock+0x190/0x260
[   68.323426][ T5887]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   68.323446][ T5887]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   68.323458][ T5887]  ? __pfx___nla_validate_parse+0x10/0x10
[   68.323471][ T5887]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.323486][ T5887]  ? rcu_is_watching+0x15/0xb0
[   68.323496][ T5887]  ? trace_kmalloc+0x2a/0xf0
[   68.323512][ T5887]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   68.323546][ T5887]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   68.323557][ T5887]  genl_family_rcv_msg_doit+0x22a/0x330
[   68.323565][ T5887]  ? __asan_memcpy+0x40/0x70
[   68.323577][ T5887]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   68.323588][ T5887]  ? bpf_lsm_capable+0x9/0x20
[   68.323596][ T5887]  ? security_capable+0x7e/0x2c0
[   68.323609][ T5887]  genl_rcv_msg+0x61c/0x7a0
[   68.323618][ T5887]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.323625][ T5887]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.323636][ T5887]  ? __pfx_ref_tracker_free+0x10/0x10
[   68.323646][ T5887]  ? __asan_memcpy+0x40/0x70
[   68.323654][ T5887]  ? __skb_clone+0x63/0x7a0
[   68.323667][ T5887]  netlink_rcv_skb+0x232/0x4b0
[   68.323677][ T5887]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.323685][ T5887]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   68.323700][ T5887]  ? down_read+0x270/0x2e0
[   68.323707][ T5887]  ? genl_rcv+0xd/0x40
[   68.323714][ T5887]  genl_rcv+0x28/0x40
[   68.323721][ T5887]  netlink_unicast+0x75c/0x8e0
[   68.323739][ T5887]  netlink_sendmsg+0x813/0xb40
[   68.323752][ T5887]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.323763][ T5887]  ? aa_sock_msg_perm+0xf1/0x1b0
[   68.323775][ T5887]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   68.323787][ T5887]  ____sys_sendmsg+0x972/0x9f0
[   68.323798][ T5887]  ? __might_fault+0xaf/0x130
[   68.323810][ T5887]  ? __pfx_____sys_sendmsg+0x10/0x10
[   68.323823][ T5887]  ? import_iovec+0x73/0xa0
[   68.323836][ T5887]  ___sys_sendmsg+0x2a5/0x360
[   68.323846][ T5887]  ? __lock_acquire+0x6b5/0x2cf0
[   68.323861][ T5887]  ? __pfx____sys_sendmsg+0x10/0x10
[   68.323878][ T5887]  ? futex_wake+0x4ac/0x580
[   68.323898][ T5887]  ? __fget_files+0x2a/0x420
[   68.323907][ T5887]  ? __fget_files+0x3a0/0x420
[   68.323919][ T5887]  __x64_sys_sendmsg+0x1bd/0x2a0
[   68.323930][ T5887]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   68.323943][ T5887]  ? rcu_is_watching+0x15/0xb0
[   68.323955][ T5887]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.323963][ T5887]  do_syscall_64+0x15f/0xf80
[   68.323974][ T5887]  ? trace_irq_disable+0x3b/0x140
[   68.323989][ T5887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.323997][ T5887] RIP: 0033:0x7f6847f9cdd9
[   68.324006][ T5887] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.324013][ T5887] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.324022][ T5887] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   68.324028][ T5887] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   68.324033][ T5887] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   68.324037][ T5887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.324042][ T5887] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   68.324053][ T5887]  </TASK>
[   68.515283][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.519599][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.543124][ T5892] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.27/5892
[   68.546142][ T5892] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   68.548360][ T5892] CPU: 0 UID: 0 PID: 5892 Comm: syz.0.27 Not tainted syzkaller #0 PREEMPT(full) 
[   68.548370][ T5892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   68.548375][ T5892] Call Trace:
[   68.548379][ T5892]  <TASK>
[   68.548383][ T5892]  dump_stack_lvl+0xe8/0x150
[   68.548396][ T5892]  check_preemption_disabled+0xd3/0xe0
[   68.548410][ T5892]  tcp_v4_do_rcv+0xb4a/0x13e0
[   68.548420][ T5892]  ? __local_bh_enable_ip+0xd0/0x130
[   68.548430][ T5892]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   68.548438][ T5892]  __release_sock+0x265/0x3a0
[   68.548454][ T5892]  release_sock+0x190/0x260
[   68.548464][ T5892]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   68.548483][ T5892]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   68.548521][ T5892]  ? __pfx___nla_validate_parse+0x10/0x10
[   68.548535][ T5892]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.548550][ T5892]  ? rcu_is_watching+0x15/0xb0
[   68.548560][ T5892]  ? trace_kmalloc+0x2a/0xf0
[   68.548576][ T5892]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   68.548585][ T5892]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   68.548595][ T5892]  genl_family_rcv_msg_doit+0x22a/0x330
[   68.548603][ T5892]  ? __asan_memcpy+0x40/0x70
[   68.548614][ T5892]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   68.548626][ T5892]  ? bpf_lsm_capable+0x9/0x20
[   68.548638][ T5892]  ? security_capable+0x7e/0x2c0
[   68.548651][ T5892]  genl_rcv_msg+0x61c/0x7a0
[   68.548660][ T5892]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.548667][ T5892]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.548677][ T5892]  ? __pfx_ref_tracker_free+0x10/0x10
[   68.548688][ T5892]  ? __asan_memcpy+0x40/0x70
[   68.548696][ T5892]  ? __skb_clone+0x63/0x7a0
[   68.548708][ T5892]  netlink_rcv_skb+0x232/0x4b0
[   68.548719][ T5892]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.548728][ T5892]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   68.548742][ T5892]  ? down_read+0x270/0x2e0
[   68.548749][ T5892]  ? genl_rcv+0xd/0x40
[   68.548757][ T5892]  genl_rcv+0x28/0x40
[   68.548763][ T5892]  netlink_unicast+0x75c/0x8e0
[   68.548775][ T5892]  netlink_sendmsg+0x813/0xb40
[   68.548789][ T5892]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.548799][ T5892]  ? aa_sock_msg_perm+0xf1/0x1b0
[   68.548811][ T5892]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   68.548823][ T5892]  ____sys_sendmsg+0x972/0x9f0
[   68.548834][ T5892]  ? __might_fault+0xaf/0x130
[   68.548846][ T5892]  ? __pfx_____sys_sendmsg+0x10/0x10
[   68.548859][ T5892]  ? import_iovec+0x73/0xa0
[   68.548872][ T5892]  ___sys_sendmsg+0x2a5/0x360
[   68.548881][ T5892]  ? __lock_acquire+0x6b5/0x2cf0
[   68.548891][ T5892]  ? __pfx____sys_sendmsg+0x10/0x10
[   68.548903][ T5892]  ? futex_wake+0x4ac/0x580
[   68.548922][ T5892]  ? __fget_files+0x2a/0x420
[   68.548930][ T5892]  ? __fget_files+0x3a0/0x420
[   68.548942][ T5892]  __x64_sys_sendmsg+0x1bd/0x2a0
[   68.548953][ T5892]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   68.548966][ T5892]  ? rcu_is_watching+0x15/0xb0
[   68.548982][ T5892]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.548990][ T5892]  do_syscall_64+0x15f/0xf80
[   68.549001][ T5892]  ? trace_irq_disable+0x3b/0x140
[   68.549013][ T5892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.549021][ T5892] RIP: 0033:0x7f6847f9cdd9
[   68.549029][ T5892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.549036][ T5892] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.549045][ T5892] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   68.549050][ T5892] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   68.549055][ T5892] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   68.549060][ T5892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.549064][ T5892] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   68.549075][ T5892]  </TASK>
[   68.682049][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.684561][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.717410][ T5894] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.28/5894
[   68.720069][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.720269][ T5894] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   68.722853][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.724527][ T5894] CPU: 1 UID: 0 PID: 5894 Comm: syz.0.28 Not tainted syzkaller #0 PREEMPT(full) 
[   68.724538][ T5894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   68.724542][ T5894] Call Trace:
[   68.724546][ T5894]  <TASK>
[   68.724550][ T5894]  dump_stack_lvl+0xe8/0x150
[   68.724563][ T5894]  check_preemption_disabled+0xd3/0xe0
[   68.724576][ T5894]  tcp_v4_do_rcv+0xb4a/0x13e0
[   68.724586][ T5894]  ? __local_bh_enable_ip+0xd0/0x130
[   68.724596][ T5894]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   68.724605][ T5894]  __release_sock+0x265/0x3a0
[   68.724620][ T5894]  release_sock+0x190/0x260
[   68.724630][ T5894]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   68.724649][ T5894]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   68.724661][ T5894]  ? __pfx___nla_validate_parse+0x10/0x10
[   68.724674][ T5894]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.724689][ T5894]  ? rcu_is_watching+0x15/0xb0
[   68.724704][ T5894]  ? trace_kmalloc+0x2a/0xf0
[   68.724719][ T5894]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   68.724728][ T5894]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   68.724739][ T5894]  genl_family_rcv_msg_doit+0x22a/0x330
[   68.724746][ T5894]  ? __asan_memcpy+0x40/0x70
[   68.724757][ T5894]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   68.724769][ T5894]  ? bpf_lsm_capable+0x9/0x20
[   68.724777][ T5894]  ? security_capable+0x7e/0x2c0
[   68.724789][ T5894]  genl_rcv_msg+0x61c/0x7a0
[   68.724798][ T5894]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.724805][ T5894]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.724815][ T5894]  ? __pfx_ref_tracker_free+0x10/0x10
[   68.724826][ T5894]  ? __asan_memcpy+0x40/0x70
[   68.724834][ T5894]  ? __skb_clone+0x63/0x7a0
[   68.724847][ T5894]  netlink_rcv_skb+0x232/0x4b0
[   68.724857][ T5894]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.724865][ T5894]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   68.724879][ T5894]  ? down_read+0x270/0x2e0
[   68.724886][ T5894]  ? genl_rcv+0xd/0x40
[   68.724893][ T5894]  genl_rcv+0x28/0x40
[   68.724899][ T5894]  netlink_unicast+0x75c/0x8e0
[   68.724912][ T5894]  netlink_sendmsg+0x813/0xb40
[   68.724924][ T5894]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.724935][ T5894]  ? aa_sock_msg_perm+0xf1/0x1b0
[   68.724947][ T5894]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   68.724959][ T5894]  ____sys_sendmsg+0x972/0x9f0
[   68.724969][ T5894]  ? __might_fault+0xaf/0x130
[   68.724981][ T5894]  ? __pfx_____sys_sendmsg+0x10/0x10
[   68.724994][ T5894]  ? import_iovec+0x73/0xa0
[   68.725007][ T5894]  ___sys_sendmsg+0x2a5/0x360
[   68.725016][ T5894]  ? __lock_acquire+0x6b5/0x2cf0
[   68.725026][ T5894]  ? __pfx____sys_sendmsg+0x10/0x10
[   68.725039][ T5894]  ? futex_wait+0x2a2/0x390
[   68.725058][ T5894]  ? __fget_files+0x2a/0x420
[   68.725066][ T5894]  ? __fget_files+0x3a0/0x420
[   68.725078][ T5894]  __x64_sys_sendmsg+0x1bd/0x2a0
[   68.725089][ T5894]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   68.725102][ T5894]  ? rcu_is_watching+0x15/0xb0
[   68.725114][ T5894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.725122][ T5894]  do_syscall_64+0x15f/0xf80
[   68.725132][ T5894]  ? trace_irq_disable+0x3b/0x140
[   68.725144][ T5894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.725151][ T5894] RIP: 0033:0x7f6847f9cdd9
[   68.725159][ T5894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.725166][ T5894] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.725175][ T5894] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   68.725180][ T5894] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   68.725185][ T5894] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   68.725189][ T5894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.725194][ T5894] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   68.725205][ T5894]  </TASK>
[   68.779890][ T5898] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.29/5898
[   68.853949][ T5898] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   68.855962][ T5898] CPU: 1 UID: 0 PID: 5898 Comm: syz.0.29 Not tainted syzkaller #0 PREEMPT(full) 
[   68.855972][ T5898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   68.855977][ T5898] Call Trace:
[   68.855981][ T5898]  <TASK>
[   68.855985][ T5898]  dump_stack_lvl+0xe8/0x150
[   68.855998][ T5898]  check_preemption_disabled+0xd3/0xe0
[   68.856015][ T5898]  tcp_v4_do_rcv+0xb4a/0x13e0
[   68.856028][ T5898]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   68.856037][ T5898]  __release_sock+0x265/0x3a0
[   68.856052][ T5898]  release_sock+0x190/0x260
[   68.856061][ T5898]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   68.856081][ T5898]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   68.856093][ T5898]  ? __pfx___nla_validate_parse+0x10/0x10
[   68.856107][ T5898]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.856121][ T5898]  ? rcu_is_watching+0x15/0xb0
[   68.856132][ T5898]  ? trace_kmalloc+0x2a/0xf0
[   68.856147][ T5898]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   68.856157][ T5898]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   68.856167][ T5898]  genl_family_rcv_msg_doit+0x22a/0x330
[   68.856175][ T5898]  ? __asan_memcpy+0x40/0x70
[   68.856186][ T5898]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   68.856198][ T5898]  ? bpf_lsm_capable+0x9/0x20
[   68.856206][ T5898]  ? security_capable+0x7e/0x2c0
[   68.856218][ T5898]  genl_rcv_msg+0x61c/0x7a0
[   68.856227][ T5898]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.856234][ T5898]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   68.856244][ T5898]  ? __pfx_ref_tracker_free+0x10/0x10
[   68.856254][ T5898]  ? __asan_memcpy+0x40/0x70
[   68.856262][ T5898]  ? __skb_clone+0x63/0x7a0
[   68.856275][ T5898]  netlink_rcv_skb+0x232/0x4b0
[   68.856285][ T5898]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.856293][ T5898]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   68.856307][ T5898]  ? down_read+0x270/0x2e0
[   68.856314][ T5898]  ? genl_rcv+0xd/0x40
[   68.856322][ T5898]  genl_rcv+0x28/0x40
[   68.856328][ T5898]  netlink_unicast+0x75c/0x8e0
[   68.856340][ T5898]  netlink_sendmsg+0x813/0xb40
[   68.856353][ T5898]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.856364][ T5898]  ? aa_sock_msg_perm+0xf1/0x1b0
[   68.856375][ T5898]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   68.856388][ T5898]  ____sys_sendmsg+0x972/0x9f0
[   68.856399][ T5898]  ? __might_fault+0xaf/0x130
[   68.856411][ T5898]  ? __pfx_____sys_sendmsg+0x10/0x10
[   68.856424][ T5898]  ? import_iovec+0x73/0xa0
[   68.856436][ T5898]  ___sys_sendmsg+0x2a5/0x360
[   68.856446][ T5898]  ? __lock_acquire+0x6b5/0x2cf0
[   68.856482][ T5898]  ? __pfx____sys_sendmsg+0x10/0x10
[   68.856496][ T5898]  ? futex_wake+0x4ac/0x580
[   68.856516][ T5898]  ? __fget_files+0x2a/0x420
[   68.856525][ T5898]  ? __fget_files+0x3a0/0x420
[   68.856537][ T5898]  __x64_sys_sendmsg+0x1bd/0x2a0
[   68.856548][ T5898]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   68.856561][ T5898]  ? rcu_is_watching+0x15/0xb0
[   68.856573][ T5898]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.856581][ T5898]  do_syscall_64+0x15f/0xf80
[   68.856592][ T5898]  ? trace_irq_disable+0x3b/0x140
[   68.856605][ T5898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.856613][ T5898] RIP: 0033:0x7f6847f9cdd9
[   68.856621][ T5898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.856628][ T5898] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.856637][ T5898] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   68.856643][ T5898] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   68.856648][ T5898] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   68.856652][ T5898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.856657][ T5898] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   68.856668][ T5898]  </TASK>
[   68.985484][   T54] Bluetooth: hci1: command tx timeout
[   68.987699][   T54] Bluetooth: hci0: command tx timeout
[   68.989433][   T54] Bluetooth: hci2: command tx timeout
[   71.024607][   T54] Bluetooth: hci2: command tx timeout
[   71.024704][ T5743] Bluetooth: hci0: command tx timeout
[   71.027332][   T54] Bluetooth: hci1: command tx timeout
[   72.382515][ T6593] check_preemption_disabled: 346 callbacks suppressed
[   72.382527][ T6593] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.2.375/6593
[   72.388660][ T6593] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   72.390757][ T6593] CPU: 0 UID: 0 PID: 6593 Comm: syz.2.375 Not tainted syzkaller #0 PREEMPT(full) 
[   72.390767][ T6593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.390772][ T6593] Call Trace:
[   72.390776][ T6593]  <TASK>
[   72.390780][ T6593]  dump_stack_lvl+0xe8/0x150
[   72.390793][ T6593]  check_preemption_disabled+0xd3/0xe0
[   72.390808][ T6593]  tcp_v4_do_rcv+0xb4a/0x13e0
[   72.390821][ T6593]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   72.390829][ T6593]  __release_sock+0x265/0x3a0
[   72.390845][ T6593]  release_sock+0x190/0x260
[   72.390855][ T6593]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   72.390874][ T6593]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   72.390886][ T6593]  ? __pfx___nla_validate_parse+0x10/0x10
[   72.390899][ T6593]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.390914][ T6593]  ? rcu_is_watching+0x15/0xb0
[   72.390924][ T6593]  ? trace_kmalloc+0x2a/0xf0
[   72.390939][ T6593]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   72.390948][ T6593]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   72.390958][ T6593]  genl_family_rcv_msg_doit+0x22a/0x330
[   72.390982][ T6593]  ? __asan_memcpy+0x40/0x70
[   72.390995][ T6593]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   72.391007][ T6593]  ? bpf_lsm_capable+0x9/0x20
[   72.391014][ T6593]  ? security_capable+0x7e/0x2c0
[   72.391026][ T6593]  genl_rcv_msg+0x61c/0x7a0
[   72.391036][ T6593]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.391043][ T6593]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.391079][ T6593]  ? __pfx_ref_tracker_free+0x10/0x10
[   72.391092][ T6593]  ? __asan_memcpy+0x40/0x70
[   72.391100][ T6593]  ? __skb_clone+0x63/0x7a0
[   72.391112][ T6593]  netlink_rcv_skb+0x232/0x4b0
[   72.391123][ T6593]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.391131][ T6593]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   72.391146][ T6593]  ? down_read+0x270/0x2e0
[   72.391153][ T6593]  ? genl_rcv+0xd/0x40
[   72.391160][ T6593]  genl_rcv+0x28/0x40
[   72.391167][ T6593]  netlink_unicast+0x75c/0x8e0
[   72.391179][ T6593]  netlink_sendmsg+0x813/0xb40
[   72.391192][ T6593]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.391203][ T6593]  ? aa_sock_msg_perm+0xf1/0x1b0
[   72.391215][ T6593]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   72.391227][ T6593]  ____sys_sendmsg+0x972/0x9f0
[   72.391238][ T6593]  ? __might_fault+0xaf/0x130
[   72.391251][ T6593]  ? __pfx_____sys_sendmsg+0x10/0x10
[   72.391281][ T6593]  ? import_iovec+0x73/0xa0
[   72.391293][ T6593]  ___sys_sendmsg+0x2a5/0x360
[   72.391303][ T6593]  ? __lock_acquire+0x6b5/0x2cf0
[   72.391313][ T6593]  ? __pfx____sys_sendmsg+0x10/0x10
[   72.391325][ T6593]  ? futex_wait+0x2a2/0x390
[   72.391350][ T6593]  ? __fget_files+0x2a/0x420
[   72.391360][ T6593]  ? __fget_files+0x3a0/0x420
[   72.391372][ T6593]  __x64_sys_sendmsg+0x1bd/0x2a0
[   72.391383][ T6593]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   72.391400][ T6593]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.391408][ T6593]  do_syscall_64+0x15f/0xf80
[   72.391419][ T6593]  ? trace_irq_disable+0x3b/0x140
[   72.391433][ T6593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.391440][ T6593] RIP: 0033:0x7f2556b9cdd9
[   72.391448][ T6593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   72.391455][ T6593] RSP: 002b:00007f25579e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.391465][ T6593] RAX: ffffffffffffffda RBX: 00007f2556e15fa0 RCX: 00007f2556b9cdd9
[   72.391470][ T6593] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   72.391475][ T6593] RBP: 00007f2556c32d69 R08: 0000000000000000 R09: 0000000000000000
[   72.391480][ T6593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   72.391484][ T6593] R13: 00007f2556e16038 R14: 00007f2556e15fa0 R15: 00007ffe983a83a8
[   72.391496][ T6593]  </TASK>
[   72.537696][ T6602] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.2.378/6602
[   72.541136][ T6602] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   72.543541][ T6602] CPU: 0 UID: 0 PID: 6602 Comm: syz.2.378 Not tainted syzkaller #0 PREEMPT(full) 
[   72.543552][ T6602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.543557][ T6602] Call Trace:
[   72.543561][ T6602]  <TASK>
[   72.543564][ T6602]  dump_stack_lvl+0xe8/0x150
[   72.543578][ T6602]  check_preemption_disabled+0xd3/0xe0
[   72.543593][ T6602]  tcp_v4_do_rcv+0xb4a/0x13e0
[   72.543605][ T6602]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   72.543614][ T6602]  __release_sock+0x265/0x3a0
[   72.543629][ T6602]  release_sock+0x190/0x260
[   72.543639][ T6602]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   72.543658][ T6602]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   72.543670][ T6602]  ? __pfx___nla_validate_parse+0x10/0x10
[   72.543683][ T6602]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.543698][ T6602]  ? rcu_is_watching+0x15/0xb0
[   72.543709][ T6602]  ? trace_kmalloc+0x2a/0xf0
[   72.543725][ T6602]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   72.543734][ T6602]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   72.543744][ T6602]  genl_family_rcv_msg_doit+0x22a/0x330
[   72.543752][ T6602]  ? __asan_memcpy+0x40/0x70
[   72.543763][ T6602]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   72.543774][ T6602]  ? bpf_lsm_capable+0x9/0x20
[   72.543782][ T6602]  ? security_capable+0x7e/0x2c0
[   72.543793][ T6602]  genl_rcv_msg+0x61c/0x7a0
[   72.543802][ T6602]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.543809][ T6602]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.543819][ T6602]  ? __pfx_ref_tracker_free+0x10/0x10
[   72.543830][ T6602]  ? __asan_memcpy+0x40/0x70
[   72.543839][ T6602]  ? __skb_clone+0x63/0x7a0
[   72.543858][ T6602]  netlink_rcv_skb+0x232/0x4b0
[   72.543873][ T6602]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.543882][ T6602]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   72.543896][ T6602]  ? down_read+0x270/0x2e0
[   72.543903][ T6602]  ? genl_rcv+0xd/0x40
[   72.543910][ T6602]  genl_rcv+0x28/0x40
[   72.543917][ T6602]  netlink_unicast+0x75c/0x8e0
[   72.543929][ T6602]  netlink_sendmsg+0x813/0xb40
[   72.543948][ T6602]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.543965][ T6602]  ? aa_sock_msg_perm+0xf1/0x1b0
[   72.543981][ T6602]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   72.543994][ T6602]  ____sys_sendmsg+0x972/0x9f0
[   72.544004][ T6602]  ? __might_fault+0xaf/0x130
[   72.544016][ T6602]  ? __pfx_____sys_sendmsg+0x10/0x10
[   72.544028][ T6602]  ? import_iovec+0x73/0xa0
[   72.544071][ T6602]  ___sys_sendmsg+0x2a5/0x360
[   72.544085][ T6602]  ? __lock_acquire+0x6b5/0x2cf0
[   72.544101][ T6602]  ? __pfx____sys_sendmsg+0x10/0x10
[   72.544117][ T6602]  ? futex_wait+0x2a2/0x390
[   72.544138][ T6602]  ? __fget_files+0x2a/0x420
[   72.544147][ T6602]  ? __fget_files+0x3a0/0x420
[   72.544165][ T6602]  __x64_sys_sendmsg+0x1bd/0x2a0
[   72.544183][ T6602]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   72.544203][ T6602]  ? rcu_is_watching+0x15/0xb0
[   72.544222][ T6602]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.544234][ T6602]  do_syscall_64+0x15f/0xf80
[   72.544250][ T6602]  ? trace_irq_disable+0x3b/0x140
[   72.544264][ T6602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.544272][ T6602] RIP: 0033:0x7f2556b9cdd9
[   72.544283][ T6602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   72.544293][ T6602] RSP: 002b:00007f25579e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.544307][ T6602] RAX: ffffffffffffffda RBX: 00007f2556e15fa0 RCX: 00007f2556b9cdd9
[   72.544315][ T6602] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   72.544322][ T6602] RBP: 00007f2556c32d69 R08: 0000000000000000 R09: 0000000000000000
[   72.544335][ T6602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   72.544341][ T6602] R13: 00007f2556e16038 R14: 00007f2556e15fa0 R15: 00007ffe983a83a8
[   72.544356][ T6602]  </TASK>
[   72.593779][ T6604] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.1.379/6604
[   72.700958][ T6604] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   72.703784][ T6604] CPU: 1 UID: 0 PID: 6604 Comm: syz.1.379 Not tainted syzkaller #0 PREEMPT(full) 
[   72.703800][ T6604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.703807][ T6604] Call Trace:
[   72.703815][ T6604]  <TASK>
[   72.703820][ T6604]  dump_stack_lvl+0xe8/0x150
[   72.703836][ T6604]  check_preemption_disabled+0xd3/0xe0
[   72.703850][ T6604]  tcp_v4_do_rcv+0xb4a/0x13e0
[   72.703861][ T6604]  ? __local_bh_enable_ip+0xd0/0x130
[   72.703871][ T6604]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   72.703880][ T6604]  __release_sock+0x265/0x3a0
[   72.703895][ T6604]  release_sock+0x190/0x260
[   72.703905][ T6604]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   72.703924][ T6604]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   72.703936][ T6604]  ? __pfx___nla_validate_parse+0x10/0x10
[   72.703949][ T6604]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.703964][ T6604]  ? rcu_is_watching+0x15/0xb0
[   72.703973][ T6604]  ? trace_kmalloc+0x2a/0xf0
[   72.703989][ T6604]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   72.703998][ T6604]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   72.704008][ T6604]  genl_family_rcv_msg_doit+0x22a/0x330
[   72.704016][ T6604]  ? __asan_memcpy+0x40/0x70
[   72.704059][ T6604]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   72.704071][ T6604]  ? bpf_lsm_capable+0x9/0x20
[   72.704079][ T6604]  ? security_capable+0x7e/0x2c0
[   72.704091][ T6604]  genl_rcv_msg+0x61c/0x7a0
[   72.704101][ T6604]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.704108][ T6604]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.704118][ T6604]  ? __pfx_ref_tracker_free+0x10/0x10
[   72.704129][ T6604]  ? __asan_memcpy+0x40/0x70
[   72.704137][ T6604]  ? __skb_clone+0x63/0x7a0
[   72.704149][ T6604]  netlink_rcv_skb+0x232/0x4b0
[   72.704160][ T6604]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.704168][ T6604]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   72.704182][ T6604]  ? down_read+0x270/0x2e0
[   72.704189][ T6604]  ? genl_rcv+0xd/0x40
[   72.704197][ T6604]  genl_rcv+0x28/0x40
[   72.704203][ T6604]  netlink_unicast+0x75c/0x8e0
[   72.704215][ T6604]  netlink_sendmsg+0x813/0xb40
[   72.704228][ T6604]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.704240][ T6604]  ? aa_sock_msg_perm+0xf1/0x1b0
[   72.704252][ T6604]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   72.704265][ T6604]  ____sys_sendmsg+0x972/0x9f0
[   72.704276][ T6604]  ? __might_fault+0xaf/0x130
[   72.704288][ T6604]  ? __pfx_____sys_sendmsg+0x10/0x10
[   72.704301][ T6604]  ? import_iovec+0x73/0xa0
[   72.704313][ T6604]  ___sys_sendmsg+0x2a5/0x360
[   72.704324][ T6604]  ? __lock_acquire+0x6b5/0x2cf0
[   72.704339][ T6604]  ? __pfx____sys_sendmsg+0x10/0x10
[   72.704356][ T6604]  ? futex_wake+0x4ac/0x580
[   72.704381][ T6604]  ? __fget_files+0x2a/0x420
[   72.704390][ T6604]  ? __fget_files+0x3a0/0x420
[   72.704401][ T6604]  __x64_sys_sendmsg+0x1bd/0x2a0
[   72.704413][ T6604]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   72.704426][ T6604]  ? rcu_is_watching+0x15/0xb0
[   72.704438][ T6604]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.704446][ T6604]  do_syscall_64+0x15f/0xf80
[   72.704457][ T6604]  ? trace_irq_disable+0x3b/0x140
[   72.704471][ T6604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.704478][ T6604] RIP: 0033:0x7f1058d9cdd9
[   72.704492][ T6604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   72.704498][ T6604] RSP: 002b:00007f1059c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.704508][ T6604] RAX: ffffffffffffffda RBX: 00007f1059015fa0 RCX: 00007f1058d9cdd9
[   72.704513][ T6604] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   72.704518][ T6604] RBP: 00007f1058e32d69 R08: 0000000000000000 R09: 0000000000000000
[   72.704523][ T6604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   72.704527][ T6604] R13: 00007f1059016038 R14: 00007f1059015fa0 R15: 00007ffc91577358
[   72.704538][ T6604]  </TASK>
[   72.707439][ T6605] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.380/6605
[   72.859103][ T6605] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   72.861247][ T6605] CPU: 0 UID: 0 PID: 6605 Comm: syz.0.380 Not tainted syzkaller #0 PREEMPT(full) 
[   72.861276][ T6605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.861281][ T6605] Call Trace:
[   72.861286][ T6605]  <TASK>
[   72.861290][ T6605]  dump_stack_lvl+0xe8/0x150
[   72.861302][ T6605]  check_preemption_disabled+0xd3/0xe0
[   72.861317][ T6605]  tcp_v4_do_rcv+0xb4a/0x13e0
[   72.861331][ T6605]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   72.861339][ T6605]  __release_sock+0x265/0x3a0
[   72.861355][ T6605]  release_sock+0x190/0x260
[   72.861364][ T6605]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   72.861384][ T6605]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   72.861396][ T6605]  ? __pfx___nla_validate_parse+0x10/0x10
[   72.861409][ T6605]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.861424][ T6605]  ? rcu_is_watching+0x15/0xb0
[   72.861435][ T6605]  ? trace_kmalloc+0x2a/0xf0
[   72.861452][ T6605]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   72.861461][ T6605]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   72.861473][ T6605]  genl_family_rcv_msg_doit+0x22a/0x330
[   72.861481][ T6605]  ? __asan_memcpy+0x40/0x70
[   72.861492][ T6605]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   72.861504][ T6605]  ? bpf_lsm_capable+0x9/0x20
[   72.861512][ T6605]  ? security_capable+0x7e/0x2c0
[   72.861524][ T6605]  genl_rcv_msg+0x61c/0x7a0
[   72.861533][ T6605]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.861540][ T6605]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   72.861551][ T6605]  ? __pfx_ref_tracker_free+0x10/0x10
[   72.861560][ T6605]  ? __asan_memcpy+0x40/0x70
[   72.861569][ T6605]  ? __skb_clone+0x63/0x7a0
[   72.861582][ T6605]  netlink_rcv_skb+0x232/0x4b0
[   72.861592][ T6605]  ? __pfx_genl_rcv_msg+0x10/0x10
[   72.861600][ T6605]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   72.861614][ T6605]  ? down_read+0x270/0x2e0
[   72.861621][ T6605]  ? genl_rcv+0xd/0x40
[   72.861628][ T6605]  genl_rcv+0x28/0x40
[   72.861635][ T6605]  netlink_unicast+0x75c/0x8e0
[   72.861647][ T6605]  netlink_sendmsg+0x813/0xb40
[   72.861661][ T6605]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.861672][ T6605]  ? aa_sock_msg_perm+0xf1/0x1b0
[   72.861683][ T6605]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   72.861695][ T6605]  ____sys_sendmsg+0x972/0x9f0
[   72.861706][ T6605]  ? __might_fault+0xaf/0x130
[   72.861718][ T6605]  ? __pfx_____sys_sendmsg+0x10/0x10
[   72.861731][ T6605]  ? import_iovec+0x73/0xa0
[   72.861743][ T6605]  ___sys_sendmsg+0x2a5/0x360
[   72.861752][ T6605]  ? __lock_acquire+0x6b5/0x2cf0
[   72.861762][ T6605]  ? __pfx____sys_sendmsg+0x10/0x10
[   72.861775][ T6605]  ? futex_wait+0x2a2/0x390
[   72.861794][ T6605]  ? __fget_files+0x2a/0x420
[   72.861803][ T6605]  ? __fget_files+0x3a0/0x420
[   72.861815][ T6605]  __x64_sys_sendmsg+0x1bd/0x2a0
[   72.861826][ T6605]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   72.861839][ T6605]  ? rcu_is_watching+0x15/0xb0
[   72.861850][ T6605]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.861858][ T6605]  do_syscall_64+0x15f/0xf80
[   72.861869][ T6605]  ? trace_irq_disable+0x3b/0x140
[   72.861882][ T6605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.861889][ T6605] RIP: 0033:0x7f6847f9cdd9
[   72.861897][ T6605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   72.861904][ T6605] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.861913][ T6605] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   72.861919][ T6605] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   72.861924][ T6605] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   72.861928][ T6605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   72.861933][ T6605] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   72.861944][ T6605]  </TASK>
[   73.008280][ T6614] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.1.384/6614
[   73.011625][ T6614] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   73.013975][ T6614] CPU: 1 UID: 0 PID: 6614 Comm: syz.1.384 Not tainted syzkaller #0 PREEMPT(full) 
[   73.014012][ T6614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   73.014018][ T6614] Call Trace:
[   73.014022][ T6614]  <TASK>
[   73.014025][ T6614]  dump_stack_lvl+0xe8/0x150
[   73.014039][ T6614]  check_preemption_disabled+0xd3/0xe0
[   73.014053][ T6614]  tcp_v4_do_rcv+0xb4a/0x13e0
[   73.014065][ T6614]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   73.014074][ T6614]  __release_sock+0x265/0x3a0
[   73.014090][ T6614]  release_sock+0x190/0x260
[   73.014099][ T6614]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   73.014118][ T6614]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   73.014131][ T6614]  ? __pfx___nla_validate_parse+0x10/0x10
[   73.014144][ T6614]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
2026/05/11 23:02:18 executed programs: 372
[   73.014159][ T6614]  ? rcu_is_watching+0x15/0xb0
[   73.014169][ T6614]  ? trace_kmalloc+0x2a/0xf0
[   73.014186][ T6614]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   73.014194][ T6614]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   73.014209][ T6614]  genl_family_rcv_msg_doit+0x22a/0x330
[   73.014217][ T6614]  ? __asan_memcpy+0x40/0x70
[   73.014228][ T6614]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   73.014240][ T6614]  ? bpf_lsm_capable+0x9/0x20
[   73.014248][ T6614]  ? security_capable+0x7e/0x2c0
[   73.014259][ T6614]  genl_rcv_msg+0x61c/0x7a0
[   73.014269][ T6614]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.014276][ T6614]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.014287][ T6614]  ? __pfx_ref_tracker_free+0x10/0x10
[   73.014297][ T6614]  ? __asan_memcpy+0x40/0x70
[   73.014305][ T6614]  ? __skb_clone+0x63/0x7a0
[   73.014317][ T6614]  netlink_rcv_skb+0x232/0x4b0
[   73.014329][ T6614]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.014337][ T6614]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.014351][ T6614]  ? down_read+0x270/0x2e0
[   73.014358][ T6614]  ? genl_rcv+0xd/0x40
[   73.014365][ T6614]  genl_rcv+0x28/0x40
[   73.014372][ T6614]  netlink_unicast+0x75c/0x8e0
[   73.014384][ T6614]  netlink_sendmsg+0x813/0xb40
[   73.014397][ T6614]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.014407][ T6614]  ? aa_sock_msg_perm+0xf1/0x1b0
[   73.014419][ T6614]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   73.014431][ T6614]  ____sys_sendmsg+0x972/0x9f0
[   73.014442][ T6614]  ? __might_fault+0xaf/0x130
[   73.014456][ T6614]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.014469][ T6614]  ? import_iovec+0x73/0xa0
[   73.014482][ T6614]  ___sys_sendmsg+0x2a5/0x360
[   73.014491][ T6614]  ? __lock_acquire+0x6b5/0x2cf0
[   73.014501][ T6614]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.014513][ T6614]  ? futex_wake+0x4ac/0x580
[   73.014533][ T6614]  ? __fget_files+0x2a/0x420
[   73.014542][ T6614]  ? __fget_files+0x3a0/0x420
[   73.014553][ T6614]  __x64_sys_sendmsg+0x1bd/0x2a0
[   73.014564][ T6614]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   73.014577][ T6614]  ? rcu_is_watching+0x15/0xb0
[   73.014588][ T6614]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.014597][ T6614]  do_syscall_64+0x15f/0xf80
[   73.014607][ T6614]  ? trace_irq_disable+0x3b/0x140
[   73.014620][ T6614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.014627][ T6614] RIP: 0033:0x7f1058d9cdd9
[   73.014635][ T6614] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.014642][ T6614] RSP: 002b:00007f1059c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.014651][ T6614] RAX: ffffffffffffffda RBX: 00007f1059015fa0 RCX: 00007f1058d9cdd9
[   73.014657][ T6614] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   73.014661][ T6614] RBP: 00007f1058e32d69 R08: 0000000000000000 R09: 0000000000000000
[   73.014666][ T6614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.014670][ T6614] R13: 00007f1059016038 R14: 00007f1059015fa0 R15: 00007ffc91577358
[   73.014681][ T6614]  </TASK>
[   73.017095][ T6617] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.383/6617
[   73.138477][ T6617] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   73.140169][ T6617] CPU: 0 UID: 0 PID: 6617 Comm: syz.0.383 Not tainted syzkaller #0 PREEMPT(full) 
[   73.140179][ T6617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   73.140189][ T6617] Call Trace:
[   73.140193][ T6617]  <TASK>
[   73.140197][ T6617]  dump_stack_lvl+0xe8/0x150
[   73.140209][ T6617]  check_preemption_disabled+0xd3/0xe0
[   73.140223][ T6617]  tcp_v4_do_rcv+0xb4a/0x13e0
[   73.140234][ T6617]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   73.140243][ T6617]  __release_sock+0x265/0x3a0
[   73.140259][ T6617]  release_sock+0x190/0x260
[   73.140269][ T6617]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   73.140289][ T6617]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   73.140302][ T6617]  ? __pfx___nla_validate_parse+0x10/0x10
[   73.140315][ T6617]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.140330][ T6617]  ? rcu_is_watching+0x15/0xb0
[   73.140340][ T6617]  ? trace_kmalloc+0x2a/0xf0
[   73.140356][ T6617]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   73.140365][ T6617]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   73.140375][ T6617]  genl_family_rcv_msg_doit+0x22a/0x330
[   73.140383][ T6617]  ? __asan_memcpy+0x40/0x70
[   73.140394][ T6617]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   73.140405][ T6617]  ? bpf_lsm_capable+0x9/0x20
[   73.140413][ T6617]  ? security_capable+0x7e/0x2c0
[   73.140425][ T6617]  genl_rcv_msg+0x61c/0x7a0
[   73.140435][ T6617]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.140442][ T6617]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.140452][ T6617]  ? __pfx_ref_tracker_free+0x10/0x10
[   73.140462][ T6617]  ? __asan_memcpy+0x40/0x70
[   73.140470][ T6617]  ? __skb_clone+0x63/0x7a0
[   73.140483][ T6617]  netlink_rcv_skb+0x232/0x4b0
[   73.140494][ T6617]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.140501][ T6617]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.140516][ T6617]  ? down_read+0x270/0x2e0
[   73.140523][ T6617]  ? genl_rcv+0xd/0x40
[   73.140530][ T6617]  genl_rcv+0x28/0x40
[   73.140537][ T6617]  netlink_unicast+0x75c/0x8e0
[   73.140549][ T6617]  netlink_sendmsg+0x813/0xb40
[   73.140563][ T6617]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.140574][ T6617]  ? aa_sock_msg_perm+0xf1/0x1b0
[   73.140585][ T6617]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   73.140597][ T6617]  ____sys_sendmsg+0x972/0x9f0
[   73.140609][ T6617]  ? __might_fault+0xaf/0x130
[   73.140620][ T6617]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.140633][ T6617]  ? import_iovec+0x73/0xa0
[   73.140646][ T6617]  ___sys_sendmsg+0x2a5/0x360
[   73.140655][ T6617]  ? __lock_acquire+0x6b5/0x2cf0
[   73.140666][ T6617]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.140678][ T6617]  ? futex_wait+0x2a2/0x390
[   73.140698][ T6617]  ? __fget_files+0x2a/0x420
[   73.140707][ T6617]  ? __fget_files+0x3a0/0x420
[   73.140719][ T6617]  __x64_sys_sendmsg+0x1bd/0x2a0
[   73.140730][ T6617]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   73.140743][ T6617]  ? rcu_is_watching+0x15/0xb0
[   73.140754][ T6617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.140762][ T6617]  do_syscall_64+0x15f/0xf80
[   73.140772][ T6617]  ? trace_irq_disable+0x3b/0x140
[   73.140786][ T6617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.140793][ T6617] RIP: 0033:0x7f6847f9cdd9
[   73.140802][ T6617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.140808][ T6617] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.140817][ T6617] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   73.140822][ T6617] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   73.140827][ T6617] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   73.140832][ T6617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.140836][ T6617] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   73.140847][ T6617]  </TASK>
[   73.295418][ T6624] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.1.387/6624
[   73.298274][ T6624] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   73.299969][ T6624] CPU: 0 UID: 0 PID: 6624 Comm: syz.1.387 Not tainted syzkaller #0 PREEMPT(full) 
[   73.299979][ T6624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   73.299984][ T6624] Call Trace:
[   73.299989][ T6624]  <TASK>
[   73.299992][ T6624]  dump_stack_lvl+0xe8/0x150
[   73.300004][ T6624]  check_preemption_disabled+0xd3/0xe0
[   73.300018][ T6624]  tcp_v4_do_rcv+0xb4a/0x13e0
[   73.300027][ T6624]  ? __local_bh_enable_ip+0xd0/0x130
[   73.300037][ T6624]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   73.300046][ T6624]  __release_sock+0x265/0x3a0
[   73.300060][ T6624]  release_sock+0x190/0x260
[   73.300070][ T6624]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   73.300089][ T6624]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   73.300101][ T6624]  ? __pfx___nla_validate_parse+0x10/0x10
[   73.300114][ T6624]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.300129][ T6624]  ? rcu_is_watching+0x15/0xb0
[   73.300139][ T6624]  ? trace_kmalloc+0x2a/0xf0
[   73.300169][ T6624]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   73.300178][ T6624]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   73.300188][ T6624]  genl_family_rcv_msg_doit+0x22a/0x330
[   73.300196][ T6624]  ? __asan_memcpy+0x40/0x70
[   73.300207][ T6624]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   73.300219][ T6624]  ? bpf_lsm_capable+0x9/0x20
[   73.300227][ T6624]  ? security_capable+0x7e/0x2c0
[   73.300239][ T6624]  genl_rcv_msg+0x61c/0x7a0
[   73.300249][ T6624]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.300256][ T6624]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.300266][ T6624]  ? __pfx_ref_tracker_free+0x10/0x10
[   73.300275][ T6624]  ? __asan_memcpy+0x40/0x70
[   73.300284][ T6624]  ? __skb_clone+0x63/0x7a0
[   73.300296][ T6624]  netlink_rcv_skb+0x232/0x4b0
[   73.300307][ T6624]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.300315][ T6624]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.300329][ T6624]  ? down_read+0x270/0x2e0
[   73.300336][ T6624]  ? genl_rcv+0xd/0x40
[   73.300343][ T6624]  genl_rcv+0x28/0x40
[   73.300350][ T6624]  netlink_unicast+0x75c/0x8e0
[   73.300362][ T6624]  netlink_sendmsg+0x813/0xb40
[   73.300375][ T6624]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.300386][ T6624]  ? aa_sock_msg_perm+0xf1/0x1b0
[   73.300397][ T6624]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   73.300409][ T6624]  ____sys_sendmsg+0x972/0x9f0
[   73.300419][ T6624]  ? __might_fault+0xaf/0x130
[   73.300431][ T6624]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.300444][ T6624]  ? import_iovec+0x73/0xa0
[   73.300456][ T6624]  ___sys_sendmsg+0x2a5/0x360
[   73.300466][ T6624]  ? __lock_acquire+0x6b5/0x2cf0
[   73.300475][ T6624]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.300488][ T6624]  ? futex_wait+0x2a2/0x390
[   73.300506][ T6624]  ? __fget_files+0x2a/0x420
[   73.300515][ T6624]  ? __fget_files+0x3a0/0x420
[   73.300527][ T6624]  __x64_sys_sendmsg+0x1bd/0x2a0
[   73.300538][ T6624]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   73.300555][ T6624]  ? rcu_is_watching+0x15/0xb0
[   73.300566][ T6624]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.300574][ T6624]  do_syscall_64+0x15f/0xf80
[   73.300585][ T6624]  ? trace_irq_disable+0x3b/0x140
[   73.300599][ T6624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.300606][ T6624] RIP: 0033:0x7f1058d9cdd9
[   73.300615][ T6624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.300621][ T6624] RSP: 002b:00007f1059c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.300630][ T6624] RAX: ffffffffffffffda RBX: 00007f1059015fa0 RCX: 00007f1058d9cdd9
[   73.300636][ T6624] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   73.300641][ T6624] RBP: 00007f1058e32d69 R08: 0000000000000000 R09: 0000000000000000
[   73.300645][ T6624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.300650][ T6624] R13: 00007f1059016038 R14: 00007f1059015fa0 R15: 00007ffc91577358
[   73.300661][ T6624]  </TASK>
[   73.303185][ T6628] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.389/6628
[   73.449309][ T6628] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   73.451613][ T6628] CPU: 1 UID: 0 PID: 6628 Comm: syz.0.389 Not tainted syzkaller #0 PREEMPT(full) 
[   73.451629][ T6628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   73.451638][ T6628] Call Trace:
[   73.451644][ T6628]  <TASK>
[   73.451650][ T6628]  dump_stack_lvl+0xe8/0x150
[   73.451670][ T6628]  check_preemption_disabled+0xd3/0xe0
[   73.451692][ T6628]  tcp_v4_do_rcv+0xb4a/0x13e0
[   73.451713][ T6628]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   73.451727][ T6628]  __release_sock+0x265/0x3a0
[   73.451752][ T6628]  release_sock+0x190/0x260
[   73.451767][ T6628]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   73.451801][ T6628]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   73.451822][ T6628]  ? __pfx___nla_validate_parse+0x10/0x10
[   73.451842][ T6628]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.451869][ T6628]  ? rcu_is_watching+0x15/0xb0
[   73.451885][ T6628]  ? trace_kmalloc+0x2a/0xf0
[   73.451911][ T6628]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   73.451925][ T6628]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   73.451969][ T6628]  genl_family_rcv_msg_doit+0x22a/0x330
[   73.451984][ T6628]  ? __asan_memcpy+0x40/0x70
[   73.452002][ T6628]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   73.452023][ T6628]  ? bpf_lsm_capable+0x9/0x20
[   73.452036][ T6628]  ? security_capable+0x7e/0x2c0
[   73.452056][ T6628]  genl_rcv_msg+0x61c/0x7a0
[   73.452073][ T6628]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.452086][ T6628]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.452103][ T6628]  ? __pfx_ref_tracker_free+0x10/0x10
[   73.452118][ T6628]  ? __asan_memcpy+0x40/0x70
[   73.452137][ T6628]  ? __skb_clone+0x63/0x7a0
[   73.452159][ T6628]  netlink_rcv_skb+0x232/0x4b0
[   73.452177][ T6628]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.452191][ T6628]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.452218][ T6628]  ? down_read+0x270/0x2e0
[   73.452228][ T6628]  ? genl_rcv+0xd/0x40
[   73.452241][ T6628]  genl_rcv+0x28/0x40
[   73.452252][ T6628]  netlink_unicast+0x75c/0x8e0
[   73.452275][ T6628]  netlink_sendmsg+0x813/0xb40
[   73.452299][ T6628]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.452317][ T6628]  ? aa_sock_msg_perm+0xf1/0x1b0
[   73.452336][ T6628]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   73.452355][ T6628]  ____sys_sendmsg+0x972/0x9f0
[   73.452373][ T6628]  ? __might_fault+0xaf/0x130
[   73.452392][ T6628]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.452415][ T6628]  ? import_iovec+0x73/0xa0
[   73.452436][ T6628]  ___sys_sendmsg+0x2a5/0x360
[   73.452452][ T6628]  ? __lock_acquire+0x6b5/0x2cf0
[   73.452469][ T6628]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.452490][ T6628]  ? futex_wake+0x4ac/0x580
[   73.452524][ T6628]  ? __fget_files+0x2a/0x420
[   73.452538][ T6628]  ? __fget_files+0x3a0/0x420
[   73.452560][ T6628]  __x64_sys_sendmsg+0x1bd/0x2a0
[   73.452577][ T6628]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   73.452598][ T6628]  ? rcu_is_watching+0x15/0xb0
[   73.452619][ T6628]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.452632][ T6628]  do_syscall_64+0x15f/0xf80
[   73.452649][ T6628]  ? trace_irq_disable+0x3b/0x140
[   73.452672][ T6628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.452684][ T6628] RIP: 0033:0x7f6847f9cdd9
[   73.452697][ T6628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.452707][ T6628] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.452722][ T6628] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   73.452730][ T6628] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   73.452739][ T6628] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   73.452746][ T6628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.452753][ T6628] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   73.452774][ T6628]  </TASK>
[   73.599298][ T6631] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.1.390/6631
[   73.602684][ T6631] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   73.605017][ T6631] CPU: 0 UID: 0 PID: 6631 Comm: syz.1.390 Not tainted syzkaller #0 PREEMPT(full) 
[   73.605028][ T6631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   73.605032][ T6631] Call Trace:
[   73.605036][ T6631]  <TASK>
[   73.605040][ T6631]  dump_stack_lvl+0xe8/0x150
[   73.605051][ T6631]  check_preemption_disabled+0xd3/0xe0
[   73.605065][ T6631]  tcp_v4_do_rcv+0xb4a/0x13e0
[   73.605077][ T6631]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   73.605085][ T6631]  __release_sock+0x265/0x3a0
[   73.605111][ T6631]  release_sock+0x190/0x260
[   73.605120][ T6631]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   73.605140][ T6631]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   73.605152][ T6631]  ? __pfx___nla_validate_parse+0x10/0x10
[   73.605165][ T6631]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.605180][ T6631]  ? rcu_is_watching+0x15/0xb0
[   73.605190][ T6631]  ? trace_kmalloc+0x2a/0xf0
[   73.605206][ T6631]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   73.605216][ T6631]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   73.605227][ T6631]  genl_family_rcv_msg_doit+0x22a/0x330
[   73.605234][ T6631]  ? __asan_memcpy+0x40/0x70
[   73.605245][ T6631]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   73.605257][ T6631]  ? bpf_lsm_capable+0x9/0x20
[   73.605265][ T6631]  ? security_capable+0x7e/0x2c0
[   73.605277][ T6631]  genl_rcv_msg+0x61c/0x7a0
[   73.605286][ T6631]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.605293][ T6631]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.605303][ T6631]  ? __pfx_ref_tracker_free+0x10/0x10
[   73.605313][ T6631]  ? __asan_memcpy+0x40/0x70
[   73.605322][ T6631]  ? __skb_clone+0x63/0x7a0
[   73.605334][ T6631]  netlink_rcv_skb+0x232/0x4b0
[   73.605344][ T6631]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.605352][ T6631]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.605367][ T6631]  ? down_read+0x270/0x2e0
[   73.605373][ T6631]  ? genl_rcv+0xd/0x40
[   73.605384][ T6631]  genl_rcv+0x28/0x40
[   73.605391][ T6631]  netlink_unicast+0x75c/0x8e0
[   73.605403][ T6631]  netlink_sendmsg+0x813/0xb40
[   73.605417][ T6631]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.605427][ T6631]  ? aa_sock_msg_perm+0xf1/0x1b0
[   73.605440][ T6631]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   73.605451][ T6631]  ____sys_sendmsg+0x972/0x9f0
[   73.605461][ T6631]  ? __might_fault+0xaf/0x130
[   73.605472][ T6631]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.605485][ T6631]  ? import_iovec+0x73/0xa0
[   73.605499][ T6631]  ___sys_sendmsg+0x2a5/0x360
[   73.605508][ T6631]  ? __lock_acquire+0x6b5/0x2cf0
[   73.605518][ T6631]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.605531][ T6631]  ? futex_wait+0x2a2/0x390
[   73.605550][ T6631]  ? __fget_files+0x2a/0x420
[   73.605559][ T6631]  ? __fget_files+0x3a0/0x420
[   73.605570][ T6631]  __x64_sys_sendmsg+0x1bd/0x2a0
[   73.605581][ T6631]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   73.605595][ T6631]  ? rcu_is_watching+0x15/0xb0
[   73.605606][ T6631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.605614][ T6631]  do_syscall_64+0x15f/0xf80
[   73.605625][ T6631]  ? trace_irq_disable+0x3b/0x140
[   73.605639][ T6631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.605646][ T6631] RIP: 0033:0x7f1058d9cdd9
[   73.605654][ T6631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.605660][ T6631] RSP: 002b:00007f1059c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.605670][ T6631] RAX: ffffffffffffffda RBX: 00007f1059015fa0 RCX: 00007f1058d9cdd9
[   73.605675][ T6631] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   73.605680][ T6631] RBP: 00007f1058e32d69 R08: 0000000000000000 R09: 0000000000000000
[   73.605684][ T6631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.605689][ T6631] R13: 00007f1059016038 R14: 00007f1059015fa0 R15: 00007ffc91577358
[   73.605700][ T6631]  </TASK>
[   73.612639][ T6633] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.0.391/6633
[   73.734990][ T6633] caller is tcp_v4_do_rcv+0xb4a/0x13e0
[   73.736838][ T6633] CPU: 1 UID: 0 PID: 6633 Comm: syz.0.391 Not tainted syzkaller #0 PREEMPT(full) 
[   73.736848][ T6633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   73.736853][ T6633] Call Trace:
[   73.736857][ T6633]  <TASK>
[   73.736861][ T6633]  dump_stack_lvl+0xe8/0x150
[   73.736874][ T6633]  check_preemption_disabled+0xd3/0xe0
[   73.736888][ T6633]  tcp_v4_do_rcv+0xb4a/0x13e0
[   73.736922][ T6633]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[   73.736932][ T6633]  __release_sock+0x265/0x3a0
[   73.736949][ T6633]  release_sock+0x190/0x260
[   73.736959][ T6633]  mptcp_pm_rm_addr_or_subflow+0x472/0x9d0
[   73.736979][ T6633]  mptcp_pm_nl_del_addr_doit+0x503/0x1430
[   73.736992][ T6633]  ? __pfx___nla_validate_parse+0x10/0x10
[   73.737005][ T6633]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.737020][ T6633]  ? rcu_is_watching+0x15/0xb0
[   73.737031][ T6633]  ? trace_kmalloc+0x2a/0xf0
[   73.737053][ T6633]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[   73.737063][ T6633]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[   73.737073][ T6633]  genl_family_rcv_msg_doit+0x22a/0x330
[   73.737082][ T6633]  ? __asan_memcpy+0x40/0x70
[   73.737097][ T6633]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   73.737109][ T6633]  ? bpf_lsm_capable+0x9/0x20
[   73.737117][ T6633]  ? security_capable+0x7e/0x2c0
[   73.737129][ T6633]  genl_rcv_msg+0x61c/0x7a0
[   73.737139][ T6633]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.737146][ T6633]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[   73.737156][ T6633]  ? __pfx_ref_tracker_free+0x10/0x10
[   73.737166][ T6633]  ? __asan_memcpy+0x40/0x70
[   73.737180][ T6633]  ? __skb_clone+0x63/0x7a0
[   73.737193][ T6633]  netlink_rcv_skb+0x232/0x4b0
[   73.737204][ T6633]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.737211][ T6633]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.737226][ T6633]  ? down_read+0x270/0x2e0
[   73.737233][ T6633]  ? genl_rcv+0xd/0x40
[   73.737246][ T6633]  genl_rcv+0x28/0x40
[   73.737253][ T6633]  netlink_unicast+0x75c/0x8e0
[   73.737266][ T6633]  netlink_sendmsg+0x813/0xb40
[   73.737279][ T6633]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.737290][ T6633]  ? aa_sock_msg_perm+0xf1/0x1b0
[   73.737301][ T6633]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   73.737314][ T6633]  ____sys_sendmsg+0x972/0x9f0
[   73.737325][ T6633]  ? __might_fault+0xaf/0x130
[   73.737337][ T6633]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.737352][ T6633]  ? import_iovec+0x73/0xa0
[   73.737365][ T6633]  ___sys_sendmsg+0x2a5/0x360
[   73.737374][ T6633]  ? __lock_acquire+0x6b5/0x2cf0
[   73.737384][ T6633]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.737397][ T6633]  ? futex_wait+0x2a2/0x390
[   73.737424][ T6633]  ? __fget_files+0x2a/0x420
[   73.737437][ T6633]  ? __fget_files+0x3a0/0x420
[   73.737456][ T6633]  __x64_sys_sendmsg+0x1bd/0x2a0
[   73.737475][ T6633]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   73.737498][ T6633]  ? rcu_is_watching+0x15/0xb0
[   73.737518][ T6633]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.737542][ T6633]  do_syscall_64+0x15f/0xf80
[   73.737558][ T6633]  ? trace_irq_disable+0x3b/0x140
[   73.737571][ T6633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.737579][ T6633] RIP: 0033:0x7f6847f9cdd9
[   73.737588][ T6633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.737594][ T6633] RSP: 002b:00007f6848e95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.737604][ T6633] RAX: ffffffffffffffda RBX: 00007f6848215fa0 RCX: 00007f6847f9cdd9
[   73.737609][ T6633] RDX: 0000000024000800 RSI: 0000200000000140 RDI: 0000000000000004
[   73.737614][ T6633] RBP: 00007f6848032d69 R08: 0000000000000000 R09: 0000000000000000
[   73.737619][ T6633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.737623][ T6633] R13: 00007f6848216038 R14: 00007f6848215fa0 R15: 00007ffe50763178
[   73.737634][ T6633]  </TASK>
[   76.546510][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[   76.548973][ T1380] ieee802154 phy1 wpan1: encryption failed: -22