last executing test programs:

994.329864ms ago: executing program 0 (id=1012):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x24, 0x0, 0x9, 0x3, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x20008000)
accept4(r0, 0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, 0x0, 0x8)
setsockopt$inet6_int(r3, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
r5 = socket(0x10, 0x3, 0xc)
write(r5, &(0x7f0000000040)="effd00001000ff00fd4344c007110000f3050a00dbfd010000000001ffdf00", 0xfe00)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="01050400000000003c0012800b00010067726574617000002c00028008000100", @ANYRES32], 0x64}}, 0x0)

907.611804ms ago: executing program 0 (id=1017):
unshare(0x400)
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x8, 0x32, 0xffffffffffffffff, 0x2d75000)

845.835887ms ago: executing program 0 (id=1019):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000e4ef1f00810000007f00000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440), &(0x7f0000000040), 0x6, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r0, &(0x7f0000001600), &(0x7f0000001680)=""/227}, 0x20)

796.22553ms ago: executing program 2 (id=1022):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000001580), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000015c0)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_TP_METER_CANCEL(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)={0x1c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

733.411584ms ago: executing program 0 (id=1024):
bpf$OBJ_GET_PROG(0x9, &(0x7f00000000c0)=@generic={0x0, 0x33}, 0x18)

733.112368ms ago: executing program 2 (id=1025):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@getpolicy={0x5c, 0x15, 0x1, 0x70bd28, 0x25dfdbfb, {{@in=@dev={0xac, 0x14, 0x14, 0x3c}, @in=@multicast1, 0x4e23, 0x6, 0x4e23, 0x9, 0x2, 0x20, 0x20, 0x4}, 0x6e6bb5, 0x2}, [@mark={0xc, 0x15, {0x35075d, 0xfff}}]}, 0x5c}}, 0x0)

731.570298ms ago: executing program 0 (id=1027):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt(r0, 0xff, 0xfff, &(0x7f0000000640)="5cb80adb", 0x4)

646.341971ms ago: executing program 2 (id=1029):
r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write(r0, 0x0, 0x2b)

646.178738ms ago: executing program 0 (id=1030):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x14, r1, 0x1, 0x0, 0x0, {0x1c}}, 0x14}}, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
listen(r2, 0x6)
recvmsg(r2, &(0x7f0000001440)={&(0x7f00000001c0)=@rc={0x1f, @fixed}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000380)=""/152, 0x98}], 0x1, &(0x7f0000000440)=""/4096, 0x1000}, 0x40000121)
close(0xffffffffffffffff)

596.451387ms ago: executing program 2 (id=1032):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="08000002"], 0xdc)

505.420373ms ago: executing program 2 (id=1035):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, 0x0, 0x0)

425.633171ms ago: executing program 2 (id=1037):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbf6, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

364.552497ms ago: executing program 1 (id=1040):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x4, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000006000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r1, 0x2f000000, 0x138, 0x4c, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x4000, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x8000000, 0x13}, 0x22)

364.286404ms ago: executing program 1 (id=1041):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x1}, 0x2})
write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="000000000000000000000300000000008100"], 0x3a)

241.858066ms ago: executing program 1 (id=1042):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0xf}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0)

166.487102ms ago: executing program 1 (id=1043):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0xac, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @broadcast}}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @private0}]}]}, 0xac}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="c00000000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff02000000020000000000000000000114000400fc00000000000000000000000000000108000740000000012c00068014000500fe800000000000000000000400000031140004"], 0xc0}, 0x1, 0x0, 0x0, 0x4040081}, 0x0)

166.1279ms ago: executing program 1 (id=1044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), r0)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)={0x11c, r4, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x9}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x7c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_batadv\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pim6reg\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xc}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x84}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast1}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0xf, 0x4, 0x8, 0xb}, 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000001f0000540000000e0001"], 0x34}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@map=r5, 0xffffffffffffffff, 0x7}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x6, 0x20000000ec071, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$inet(r8, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="1f003300d00000000802110000010802110000"], 0x3c}}, 0x10)

0s ago: executing program 1 (id=1045):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:59979' (ED25519) to the list of known hosts.
syzkaller login: [   49.190432][ T5747] cgroup: Unknown subsys name 'net'
[   49.283453][ T5747] cgroup: Unknown subsys name 'cpuset'
[   49.292053][ T5747] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   50.718446][ T5747] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   59.678428][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   59.681442][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   59.684008][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   59.687055][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   59.690645][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   59.761004][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   59.763724][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   59.766361][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   59.769443][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   59.771991][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   59.797295][ T5210] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   59.801766][ T5210] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   59.804882][ T5210] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   59.808231][ T5210] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   59.811030][ T5210] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   59.960580][ T5844] chnl_net:caif_netlink_parms(): no params data found
[   60.086325][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.090698][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.093156][ T5844] bridge_slave_0: entered allmulticast mode
[   60.095853][ T5844] bridge_slave_0: entered promiscuous mode
[   60.105001][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.107535][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.111619][ T5844] bridge_slave_1: entered allmulticast mode
[   60.115501][ T5844] bridge_slave_1: entered promiscuous mode
[   60.216060][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.219638][ T5848] chnl_net:caif_netlink_parms(): no params data found
[   60.227747][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.275390][ T5844] team0: Port device team_slave_0 added
[   60.289962][ T5844] team0: Port device team_slave_1 added
[   60.320663][ T5850] chnl_net:caif_netlink_parms(): no params data found
[   60.329466][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.332275][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.341386][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.366686][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.369234][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.378890][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.446095][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.449048][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.451659][ T5848] bridge_slave_0: entered allmulticast mode
[   60.455147][ T5848] bridge_slave_0: entered promiscuous mode
[   60.485536][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.490310][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.493258][ T5848] bridge_slave_1: entered allmulticast mode
[   60.497202][ T5848] bridge_slave_1: entered promiscuous mode
[   60.523225][ T5844] hsr_slave_0: entered promiscuous mode
[   60.526350][ T5844] hsr_slave_1: entered promiscuous mode
[   60.543043][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.546271][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.549568][ T5850] bridge_slave_0: entered allmulticast mode
[   60.552883][ T5850] bridge_slave_0: entered promiscuous mode
[   60.568489][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.572022][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.574686][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.577124][ T5850] bridge_slave_1: entered allmulticast mode
[   60.581065][ T5850] bridge_slave_1: entered promiscuous mode
[   60.585858][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.636222][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.663243][ T5848] team0: Port device team_slave_0 added
[   60.667101][ T5848] team0: Port device team_slave_1 added
[   60.671996][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.725152][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.729425][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.740306][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.753743][ T5850] team0: Port device team_slave_0 added
[   60.757289][ T5850] team0: Port device team_slave_1 added
[   60.763217][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.766006][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.776362][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.812953][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.815747][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.827235][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.849090][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.851793][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.863498][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.894999][ T5848] hsr_slave_0: entered promiscuous mode
[   60.897703][ T5848] hsr_slave_1: entered promiscuous mode
[   60.902501][ T5848] debugfs: 'hsr0' already exists in 'hsr'
[   60.904960][ T5848] Cannot create hsr debugfs directory
[   60.987669][ T5850] hsr_slave_0: entered promiscuous mode
[   60.991523][ T5850] hsr_slave_1: entered promiscuous mode
[   60.994492][ T5850] debugfs: 'hsr0' already exists in 'hsr'
[   60.996776][ T5850] Cannot create hsr debugfs directory
[   61.124460][ T5844] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.135328][ T5844] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.155412][ T5844] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.173875][ T5844] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   61.235410][ T5848] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   61.244574][ T5848] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   61.254456][ T5848] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   61.263261][ T5848] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   61.317024][ T5850] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   61.323294][ T5850] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.332448][ T5850] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.339123][ T5850] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.381327][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.426269][ T5844] 8021q: adding VLAN 0 to HW filter on device team0
[   61.452111][ T1193] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.455170][ T1193] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.464579][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.482974][  T992] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.485569][  T992] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.514285][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   61.529012][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.531377][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.547182][ T5844] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   61.551781][ T5844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.570872][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.573582][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.585671][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.626324][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   61.637690][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.640740][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.681121][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.684115][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.708487][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.722330][ T5850] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   61.725758][ T5850] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.750051][ T5210] Bluetooth: hci0: command tx timeout
[   61.801554][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.812429][ T5844] veth0_vlan: entered promiscuous mode
[   61.825885][ T5844] veth1_vlan: entered promiscuous mode
[   61.829008][ T5210] Bluetooth: hci2: command tx timeout
[   61.831557][ T5210] Bluetooth: hci1: command tx timeout
[   61.865653][ T5848] veth0_vlan: entered promiscuous mode
[   61.873714][ T5848] veth1_vlan: entered promiscuous mode
[   61.881155][ T5844] veth0_macvtap: entered promiscuous mode
[   61.887751][ T5844] veth1_macvtap: entered promiscuous mode
[   61.922897][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.925603][ T5848] veth0_macvtap: entered promiscuous mode
[   61.932193][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.940050][ T5848] veth1_macvtap: entered promiscuous mode
[   61.950263][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.971537][ T5860] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.980161][ T5860] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.990559][ T5860] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.993872][ T5860] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.007301][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.014860][ T5850] veth0_vlan: entered promiscuous mode
[   62.027553][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.051411][ T5850] veth1_vlan: entered promiscuous mode
[   62.058733][ T5860] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.073761][ T5860] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.102958][ T5860] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.107233][ T5860] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.139396][ T1204] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.142400][ T1204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.185049][ T5850] veth0_macvtap: entered promiscuous mode
[   62.188313][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.191432][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.200854][ T5850] veth1_macvtap: entered promiscuous mode
[   62.232101][  T992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.232437][ T1193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.235305][  T992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.246892][ T1193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.255089][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.267721][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   62.270232][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.311966][ T5860] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.339989][ T5860] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.356748][ T5860] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.367486][ T5860] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.454042][ T1204] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.460762][ T1204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.504838][ T1204] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.510307][ T1204] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.760406][ T5936] syz_tun: entered promiscuous mode
[   62.762753][ T5936] syz_tun: entered allmulticast mode
[   62.940721][ T5950] netlink: 'syz.0.37': attribute type 21 has an invalid length.
[   62.943812][ T5950] netlink: 128 bytes leftover after parsing attributes in process `syz.0.37'.
[   62.948936][ T5950] netlink: 'syz.0.37': attribute type 4 has an invalid length.
[   62.956614][ T5950] netlink: 'syz.0.37': attribute type 3 has an invalid length.
[   62.967990][ T5950] netlink: 3 bytes leftover after parsing attributes in process `syz.0.37'.
[   63.206364][ T5967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.43'.
[   63.602908][ T5994] netlink: 8 bytes leftover after parsing attributes in process `syz.2.57'.
[   63.605760][ T5994] netlink: 32 bytes leftover after parsing attributes in process `syz.2.57'.
[   63.828336][ T5846] Bluetooth: hci0: command tx timeout
[   63.908353][ T5846] Bluetooth: hci1: command tx timeout
[   63.910792][ T5210] Bluetooth: hci2: command tx timeout
[   64.715539][ T6042] netlink: 12 bytes leftover after parsing attributes in process `syz.2.81'.
[   64.763506][ T6046] tipc: Started in network mode
[   64.767175][ T6046] tipc: Node identity 6a1bbc5f7a58, cluster identity 4711
[   64.783646][ T6046] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   64.814100][ T6046] syzkaller0: entered promiscuous mode
[   64.816503][ T6046] syzkaller0: entered allmulticast mode
[   64.826510][ T6046] tipc: Resetting bearer <eth:syzkaller0>
[   64.835600][ T6045] tipc: Resetting bearer <eth:syzkaller0>
[   64.861574][ T6045] tipc: Disabling bearer <eth:syzkaller0>
[   64.977624][ T6059] netlink: 256 bytes leftover after parsing attributes in process `syz.0.89'.
[   65.227173][ T6071] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   65.340681][ T6077] netlink: 104 bytes leftover after parsing attributes in process `syz.2.96'.
[   65.450562][ T6091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   65.604073][ T6106] Driver unsupported XDP return value 0 on prog  (id 13) dev N/A, expect packet loss!
[   65.852642][ T6120] bond1: entered promiscuous mode
[   65.855022][ T6120] 8021q: adding VLAN 0 to HW filter on device bond1
[   65.894519][ T6125] netlink: 'syz.2.113': attribute type 8 has an invalid length.
[   65.913014][ T5210] Bluetooth: hci0: command tx timeout
[   65.999659][ T5210] Bluetooth: hci2: command tx timeout
[   66.001966][ T5210] Bluetooth: hci1: command tx timeout
[   66.042962][ T6137] warning: `syz.1.119' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   66.227407][ T6149] Zero length message leads to an empty skb
[   66.405319][ T6163] netlink: 'syz.1.130': attribute type 1 has an invalid length.
[   66.410431][ T6163] geneve0: entered promiscuous mode
[   66.412423][ T6163] geneve0: entered allmulticast mode
[   66.694551][ T6182] netlink: 28 bytes leftover after parsing attributes in process `syz.0.139'.
[   66.700910][ T6182] netlink: 28 bytes leftover after parsing attributes in process `syz.0.139'.
[   66.912614][ T6192] netlink: 'syz.0.143': attribute type 1 has an invalid length.
[   66.943869][ T6194] openvswitch: netlink: Flow key attr not present in new flow.
[   67.997410][ T5846] Bluetooth: hci0: command tx timeout
[   68.068316][ T5846] Bluetooth: hci1: command tx timeout
[   68.070293][ T5846] Bluetooth: hci2: command tx timeout
[   68.441786][ T6229] syz.0.159 uses obsolete (PF_INET,SOCK_PACKET)
[   68.710452][ T6244] netlink: 'syz.0.166': attribute type 27 has an invalid length.
[   68.921407][ T5669] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   68.933957][ T5669] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   68.948212][  T788] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   69.041435][ T6175] Set syz1 is full, maxelem 65536 reached
[   69.160608][  T788] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   69.383469][ T6287] netdevsim netdevsim2: Direct firmware load for 2Q failed with error -2
[   69.387267][ T6287] netdevsim netdevsim2: Falling back to sysfs fallback for: 2Q
[   69.553064][ T6291] __nla_validate_parse: 3 callbacks suppressed
[   69.553079][ T6291] netlink: 24 bytes leftover after parsing attributes in process `syz.1.187'.
[   69.829459][  T788] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   70.050692][ T6317] sctp: Trying to GSO but underlying device doesn't support it.
[   70.188253][ T6327] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.523748][ T6343] Bluetooth: MGMT ver 1.23
[   70.700711][ T6356] netlink: 12 bytes leftover after parsing attributes in process `syz.2.213'.
[   70.704615][ T6356] netlink: 'syz.2.213': attribute type 1 has an invalid length.
[   70.746440][ T6356] netlink: 20 bytes leftover after parsing attributes in process `syz.2.213'.
[   70.750660][ T6356] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[   70.989599][ T6366] nbd2: detected capacity change from 0 to 63
[   70.995361][ T6373] block nbd2: NBD_DISCONNECT
[   71.001655][ T6373] block nbd2: Disconnected due to user request.
[   71.004450][ T6373] block nbd2: shutting down sockets
[   71.005658][ T5819] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.018325][ T5819] Buffer I/O error on dev nbd2, logical block 2, async page read
[   71.021586][    C1] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.021658][   T61] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.024713][    C1] Buffer I/O error on dev nbd2, logical block 0, async page read
[   71.024750][    C1] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.024758][    C1] Buffer I/O error on dev nbd2, logical block 1, async page read
[   71.039830][   T61] Buffer I/O error on dev nbd2, logical block 3, async page read
[   71.043324][ T5819] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.046312][ T5819] Buffer I/O error on dev nbd2, logical block 0, async page read
[   71.063582][ T5819] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.074894][ T5819] Buffer I/O error on dev nbd2, logical block 1, async page read
[   71.081116][ T5819] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.084134][ T5819] Buffer I/O error on dev nbd2, logical block 2, async page read
[   71.086699][ T5819] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.100800][ T5819] Buffer I/O error on dev nbd2, logical block 3, async page read
[   71.104377][ T5819] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.108361][ T5819] Buffer I/O error on dev nbd2, logical block 0, async page read
[   71.111465][ T5819] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   71.117681][ T5819] Buffer I/O error on dev nbd2, logical block 1, async page read
[   71.127248][ T5819] ldm_validate_partition_table(): Disk read failed.
[   71.130952][ T5819] Dev nbd2: unable to read RDB block 0
[   71.134269][ T5819]  nbd2: unable to read partition table
[   71.144866][ T5819] ldm_validate_partition_table(): Disk read failed.
[   71.149884][ T5819] Dev nbd2: unable to read RDB block 0
[   71.153775][ T5819]  nbd2: unable to read partition table
[   71.193260][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[   71.195412][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[   71.924632][ T6431] netlink: 12 bytes leftover after parsing attributes in process `syz.1.246'.
[   71.931070][ T6431] netlink: 8 bytes leftover after parsing attributes in process `syz.1.246'.
[   71.965368][ T6435] unknown channel width for channel at 909000KHz?
[   72.127733][ T6447] vcan0: tx drop: invalid sa for name 0x0000000000000003
[   72.272401][ T6456] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.275571][ T6456] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.365460][ T6456] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.385417][ T6456] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   72.500746][ T6469] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551607)
[   72.504759][ T6469] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[   72.510513][ T5669] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.519349][ T5669] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.532956][ T5669] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.546700][ T5669] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.607070][ T6472] IPVS: length: 148 != 24
[   73.051051][ T6506] netlink: 28 bytes leftover after parsing attributes in process `syz.0.281'.
[   73.054540][ T6506] netlink: 'syz.0.281': attribute type 7 has an invalid length.
[   73.057313][ T6506] netlink: 'syz.0.281': attribute type 8 has an invalid length.
[   73.061584][ T6506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.281'.
[   73.113896][ T6514] netlink: 'syz.2.285': attribute type 21 has an invalid length.
[   73.116469][ T6514] netlink: 132 bytes leftover after parsing attributes in process `syz.2.285'.
[   73.119870][ T6512] netlink: 36 bytes leftover after parsing attributes in process `syz.0.284'.
[   73.133790][ T6512] netlink: 16 bytes leftover after parsing attributes in process `syz.0.284'.
[   73.186947][ T6518] bridge2: entered allmulticast mode
[   73.447140][ T6535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.452702][ T6535] batadv_slave_1: entered promiscuous mode
[   73.512187][ T5846] Bluetooth: hci2: command 0x0405 tx timeout
[   73.637115][ T6549] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   73.640449][ T6549] syzkaller0: entered promiscuous mode
[   73.642289][ T6549] syzkaller0: entered allmulticast mode
[   73.652769][ T6549] tipc: Resetting bearer <eth:syzkaller0>
[   73.656419][ T6546] tipc: Resetting bearer <eth:syzkaller0>
[   73.667720][ T6546] tipc: Disabling bearer <eth:syzkaller0>
[   73.907445][ T6567] netlink: 'syz.1.312': attribute type 1 has an invalid length.
[   73.922225][ T6569] netlink: 'syz.0.311': attribute type 4 has an invalid length.
[   74.565040][ T6628] openvswitch: netlink: Geneve opt len 11 is not a multiple of 4.
[   74.747164][ T6644] netlink: 'syz.0.343': attribute type 21 has an invalid length.
[   74.783357][ T6646] netlink: 'syz.2.346': attribute type 12 has an invalid length.
[   74.897582][ T6656] __nla_validate_parse: 10 callbacks suppressed
[   74.897598][ T6656] netlink: 28 bytes leftover after parsing attributes in process `syz.0.350'.
[   74.908059][ T6656] netlink: 28 bytes leftover after parsing attributes in process `syz.0.350'.
[   74.930637][ T6658] netlink: 'syz.1.349': attribute type 13 has an invalid length.
[   74.946080][ T6658] netlink: 'syz.1.349': attribute type 17 has an invalid length.
[   75.020003][ T6658] syz_tun: left promiscuous mode
[   75.022030][ T6658] syz_tun: left allmulticast mode
[   75.074134][ T6658] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   75.119396][ T6669] netlink: 'syz.2.352': attribute type 30 has an invalid length.
[   75.243728][ T6677] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   75.246972][ T6677] syzkaller0: entered promiscuous mode
[   75.250739][ T6677] syzkaller0: entered allmulticast mode
[   75.271226][ T6652] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   75.276030][ T6677] sch_fq: defrate 257 ignored.
[   75.282532][ T6677] tipc: Resetting bearer <eth:syzkaller0>
[   75.283730][ T6680] netlink: 'syz.2.357': attribute type 5 has an invalid length.
[   75.289360][ T6675] tipc: Resetting bearer <eth:syzkaller0>
[   75.301616][ T6675] tipc: Disabling bearer <eth:syzkaller0>
[   75.743621][ T6700] netlink: 4 bytes leftover after parsing attributes in process `syz.2.366'.
[   77.122216][ T6752] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   77.227285][ T6756] netlink: 32 bytes leftover after parsing attributes in process `syz.2.392'.
[   77.235006][ T6760] netlink: 'syz.0.394': attribute type 83 has an invalid length.
[   77.512303][ T6785] netlink: 4 bytes leftover after parsing attributes in process `syz.0.407'.
[   77.562273][ T6790] batman_adv: batadv0: Adding interface: gretap1
[   77.564882][ T6790] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.576103][ T6790] batman_adv: batadv0: Interface activated: gretap1
[   77.980126][ T6813] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   78.219422][ T6824] C: renamed from lo
[   78.228828][ T6824] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   78.364902][ T6832] netlink: 'syz.2.429': attribute type 3 has an invalid length.
[   78.765049][ T5891] IPVS: starting estimator thread 0...
[   78.848102][ T6864] IPVS: using max 49 ests per chain, 117600 per kthread
[   79.104970][ T6878] netlink: 8 bytes leftover after parsing attributes in process `syz.2.450'.
[   79.185704][ T6886] netlink: 'syz.2.454': attribute type 1 has an invalid length.
[   79.211648][ T6886] 8021q: adding VLAN 0 to HW filter on device bond1
[   79.450171][ T6907] netlink: 12 bytes leftover after parsing attributes in process `syz.0.465'.
[   79.606853][ T6917] netlink: 380 bytes leftover after parsing attributes in process `syz.0.470'.
[   79.640704][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.469'.
[   79.675384][ T6923] netlink: 4 bytes leftover after parsing attributes in process `syz.1.472'.
[   79.835108][ T6938] netlink: 'syz.2.476': attribute type 13 has an invalid length.
[   79.841406][ T6938] netlink: 'syz.2.476': attribute type 17 has an invalid length.
[   79.951437][ T6938] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.955662][ T6938] 8021q: adding VLAN 0 to HW filter on device team0
[   79.963664][ T6946] netlink: 8 bytes leftover after parsing attributes in process `syz.2.476'.
[   79.973566][ T6938] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   80.099368][ T6938] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   81.429847][   T24] cfg80211: failed to load regulatory.db
[   81.481601][ T7006] ieee802154 phy0 wpan0: encryption failed: -22
[   81.599850][ T7017] nbd: must specify at least one socket
[   81.602598][ T7017] netlink: 324 bytes leftover after parsing attributes in process `syz.0.513'.
[   81.606200][ T7017] netlink: 36 bytes leftover after parsing attributes in process `syz.0.513'.
[   81.622619][ T7017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.513'.
[   81.647009][ T7017] netlink: 9896 bytes leftover after parsing attributes in process `syz.0.513'.
[   81.671593][ T7017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.513'.
[   81.675352][ T7017] netlink: 84 bytes leftover after parsing attributes in process `syz.0.513'.
[   81.821884][ T7032] netlink: 'syz.1.520': attribute type 10 has an invalid length.
[   81.851169][ T7032] batman_adv: batadv0: Adding interface: netdevsim0
[   81.853786][ T7032] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.877951][ T7032] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[   82.125290][ T7050] batman_adv: batadv0: Adding interface: ip6gretap1
[   82.128046][ T7050] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.137290][ T7050] batman_adv: batadv0: Interface activated: ip6gretap1
[   82.231469][ T7057] netlink: 201916 bytes leftover after parsing attributes in process `syz.1.527'.
[   82.277669][ T7059] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.528'.
[   82.491836][ T7063] syz.1.530 (7063) used greatest stack depth: 17624 bytes left
[   82.754508][ T7071] netlink: 20 bytes leftover after parsing attributes in process `syz.2.534'.
[   82.880432][ T7077] smc: net device bond0 applied user defined pnetid SYZ2
[   82.883459][ T7077] smc: net device bond0 erased user defined pnetid SYZ2
[   82.914116][ T7079] netlink: 'syz.1.536': attribute type 1 has an invalid length.
[   83.200888][ T7113] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   83.209789][ T7115] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   83.481878][ T7140] netlink: 'syz.2.565': attribute type 12 has an invalid length.
[   83.592020][ T7154] af_packet: tpacket_rcv: packet too big, clamped from 28 to 4294967272. macoff=96
[   83.681731][ T7161] netlink: 'syz.1.575': attribute type 1 has an invalid length.
[   83.706453][ T7161] 8021q: adding VLAN 0 to HW filter on device bond2
[   83.733988][ T7161] bond2: entered promiscuous mode
[   84.019978][  T788] IPVS: starting estimator thread 0...
[   84.083235][ T7186] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.086847][ T7186] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.117975][ T7191] IPVS: using max 79 ests per chain, 189600 per kthread
[   84.163414][ T7186] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   84.173265][ T7186] batadv_slave_1: left promiscuous mode
[   84.303744][ T5860] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.307748][ T5860] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.327219][ T5860] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.333959][ T5860] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   85.303338][ T7224] netlink: 'syz.0.602': attribute type 11 has an invalid length.
[   85.306666][ T7224] __nla_validate_parse: 6 callbacks suppressed
[   85.306678][ T7224] netlink: 36 bytes leftover after parsing attributes in process `syz.0.602'.
[   85.335397][ T7228] netlink: 32 bytes leftover after parsing attributes in process `syz.1.604'.
[   85.376584][ T7230] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.403111][ T7230] netlink: 'syz.0.605': attribute type 4 has an invalid length.
[   85.434615][ T7234] mac80211_hwsim hwsim3 wlan0: entered promiscuous mode
[   85.441263][ T7234] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[   85.543284][ T7243] netlink: 92 bytes leftover after parsing attributes in process `syz.1.611'.
[   85.586371][ T7248] netlink: 36 bytes leftover after parsing attributes in process `syz.1.614'.
[   85.589765][ T7248] netlink: 36 bytes leftover after parsing attributes in process `syz.1.614'.
[   85.816329][ T7272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.626'.
[   85.820408][ T7272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.626'.
[   86.023352][ T7284] netlink: 'syz.0.632': attribute type 12 has an invalid length.
[   86.026603][ T7284] netlink: 'syz.0.632': attribute type 29 has an invalid length.
[   86.041008][ T7284] netlink: 148 bytes leftover after parsing attributes in process `syz.0.632'.
[   86.044650][ T7284] netlink: 'syz.0.632': attribute type 2 has an invalid length.
[   86.074570][ T7284] netlink: 23 bytes leftover after parsing attributes in process `syz.0.632'.
[   86.088277][ T7289] netlink: 'syz.0.632': attribute type 12 has an invalid length.
[   86.091531][ T7289] netlink: 'syz.0.632': attribute type 29 has an invalid length.
[   86.094267][ T7289] netlink: 148 bytes leftover after parsing attributes in process `syz.0.632'.
[   86.097379][ T7289] netlink: 'syz.0.632': attribute type 2 has an invalid length.
[   86.364813][ T7310] bridge_slave_0: left allmulticast mode
[   86.367644][ T7310] bridge_slave_0: left promiscuous mode
[   86.370831][ T7310] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.377146][ T7310] bridge_slave_1: left allmulticast mode
[   86.387184][ T7310] bridge_slave_1: left promiscuous mode
[   86.395488][ T7310] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.420335][ T7310] bond0: (slave bond_slave_0): Releasing backup interface
[   86.434264][ T7310] bond0: (slave bond_slave_1): Releasing backup interface
[   86.464172][ T7310] team0: Port device team_slave_0 removed
[   86.481016][ T7310] team0: Port device team_slave_1 removed
[   86.490441][ T7310] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.493586][ T7310] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.499706][ T7310] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.502252][ T7310] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.516748][ T7310] batman_adv: batadv0: Removing interface: netdevsim0
[   86.528998][ T7310] batman_adv: batadv0: Interface deactivated: ip6gretap1
[   86.531631][ T7310] batman_adv: batadv0: Removing interface: ip6gretap1
[   86.596869][ T7310] team0: Mode changed to "activebackup"
[   86.764888][ T7344] netlink: 'syz.1.656': attribute type 13 has an invalid length.
[   86.767557][ T7344] netlink: 'syz.1.656': attribute type 17 has an invalid length.
[   86.776940][ T7344] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   86.937612][ T7344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   87.014274][ T7358] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   87.016972][ T7358] syzkaller0: entered promiscuous mode
[   87.020098][ T7358] syzkaller0: entered allmulticast mode
[   87.025012][ T7358] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[   87.041658][ T7358] tipc: Resetting bearer <eth:syzkaller0>
[   87.046569][ T7357] tipc: Resetting bearer <eth:syzkaller0>
[   87.057226][ T7357] tipc: Disabling bearer <eth:syzkaller0>
[   87.184853][ T7367] ip6_vti0: entered promiscuous mode
[   87.187218][ T7367] ip6_vti0: entered allmulticast mode
[   87.284322][   T33] audit: type=1800 audit(1755200136.582:2): pid=7374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.671" name=449D06 dev="tmpfs" ino=1160 res=0 errno=0
[   88.313642][ T7405] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   88.316980][ T7405] syzkaller0: entered promiscuous mode
[   88.318992][ T7405] syzkaller0: entered allmulticast mode
[   88.334067][ T7405] tipc: Resetting bearer <eth:syzkaller0>
[   88.339098][ T7404] tipc: Resetting bearer <eth:syzkaller0>
[   88.346010][ T7404] tipc: Disabling bearer <eth:syzkaller0>
[   88.599031][ T7410] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.604029][ T7410] 8021q: adding VLAN 0 to HW filter on device team0
[   88.615279][ T7410] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   88.641427][ T5269] udevd[5269]: worker [5819] terminated by signal 33 (Unknown signal 33)
[   88.644664][ T5269] udevd[5269]: worker [5819] failed while handling '/fs/nfs/net/nfs_client'
[   88.740811][ T7410] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   88.894162][ T7423] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[   88.897629][ T7423] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   90.056212][ T7476] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[   90.592938][ T7521] pimreg: entered allmulticast mode
[   90.824281][ T7536] lo speed is unknown, defaulting to 1000
[   90.827040][ T7536] lo speed is unknown, defaulting to 1000
[   90.831242][ T7536] lo speed is unknown, defaulting to 1000
[   90.837329][ T7536] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   90.845112][ T7536] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   90.865250][ T7536] lo speed is unknown, defaulting to 1000
[   90.869829][ T7536] lo speed is unknown, defaulting to 1000
[   90.874364][ T7536] lo speed is unknown, defaulting to 1000
[   91.007308][ T7545] siw: device registration error -23
[   91.043150][ T7547] syz_tun: entered allmulticast mode
[   91.052659][ T7547] dvmrp8: entered allmulticast mode
[   91.059447][ T7546] syz_tun: left allmulticast mode
[   91.061521][ T7546] dvmrp8: left allmulticast mode
[   91.216224][ T7553] pim6reg1: entered promiscuous mode
[   91.219569][ T7553] pim6reg1: entered allmulticast mode
[   91.701126][ T7584] ieee802154 phy0 wpan0: encryption failed: -22
[   91.727225][ T7586] __nla_validate_parse: 10 callbacks suppressed
[   91.727239][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz.1.764'.
[   91.915627][ T7595] validate_nla: 3 callbacks suppressed
[   91.915643][ T7595] netlink: 'syz.1.768': attribute type 3 has an invalid length.
[   91.930661][ T7595] netlink: 'syz.1.768': attribute type 3 has an invalid length.
[   91.990931][ T7599] lo speed is unknown, defaulting to 1000
[   92.033567][ T7601] openvswitch: netlink: Missing valid actions attribute.
[   92.036637][ T7601] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   92.175127][ T7607] netlink: 596 bytes leftover after parsing attributes in process `syz.2.773'.
[   92.432094][ T7611] openvswitch: netlink: Message has 4 unknown bytes.
[   92.442276][ T7611] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   92.457964][ T7611] netlink: 36 bytes leftover after parsing attributes in process `syz.2.775'.
[   92.476523][ T5860] bond0: (slave bond_slave_0): interface is now down
[   92.483438][ T7611] netlink: 'syz.2.775': attribute type 10 has an invalid length.
[   92.488512][ T5860] bond0: (slave bond_slave_1): interface is now down
[   92.496830][ T7611] syz_tun: entered promiscuous mode
[   92.510389][ T5860] bond0: (slave bond_slave_0): interface is now down
[   92.511526][ T7611] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   92.518210][ T5860] bond0: (slave bond_slave_1): interface is now down
[   92.523667][ T5860] bond0: (slave syz_tun): interface is now down
[   92.533944][ T7611] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   92.539792][ T5860] bond0: now running without any active interface!
[   92.672512][ T7617] netlink: 'syz.2.778': attribute type 5 has an invalid length.
[   92.880142][ T7632] netlink: 8 bytes leftover after parsing attributes in process `syz.0.785'.
[   92.888782][ T7632] tipc: Enabled bearer <eth:vlan0>, priority 18
[   93.050808][ T7641] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   93.054355][ T7641] syzkaller0: entered promiscuous mode
[   93.056842][ T7641] syzkaller0: entered allmulticast mode
[   93.073390][ T7641] tipc: Resetting bearer <eth:syzkaller0>
[   93.080780][ T7640] tipc: Resetting bearer <eth:syzkaller0>
[   93.089679][ T7640] tipc: Disabling bearer <eth:syzkaller0>
[   93.314357][ T7657] netlink: 'syz.1.795': attribute type 13 has an invalid length.
[   93.319952][ T7657] netlink: 'syz.1.795': attribute type 17 has an invalid length.
[   93.546497][ T7660] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   93.607566][ T7660] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   94.115055][ T7657] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   94.125822][   T24] lo speed is unknown, defaulting to 1000
[   94.148733][   T10] tipc: Node number set to 272874591
[   94.185356][ T7656] lo speed is unknown, defaulting to 1000
[   94.612239][ T7693] netlink: 24 bytes leftover after parsing attributes in process `syz.0.811'.
[   94.640572][ T7695] netlink: 248 bytes leftover after parsing attributes in process `syz.0.812'.
[   94.786944][ T7703] netlink: 16 bytes leftover after parsing attributes in process `syz.0.816'.
[   94.866094][ T7708] tun0: tun_chr_ioctl cmd 1074025672
[   94.868797][ T7708] tun0: ignored: set checksum disabled
[   95.054706][ T7721] netlink: 'syz.1.824': attribute type 1 has an invalid length.
[   95.060434][ T7721] netlink: 'syz.1.824': attribute type 10 has an invalid length.
[   95.064016][ T7721] netlink: 236 bytes leftover after parsing attributes in process `syz.1.824'.
[   95.291180][ T7729] netlink: 20 bytes leftover after parsing attributes in process `syz.1.828'.
[   95.371321][ T7733] macvlan0: entered allmulticast mode
[   95.373211][ T7733] veth1_vlan: entered allmulticast mode
[   95.456958][ T7739] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.833'.
[   95.650301][ T7747] netlink: 'syz.1.837': attribute type 11 has an invalid length.
[   95.889429][ T7767] netlink: 'syz.2.844': attribute type 10 has an invalid length.
[   95.902167][ T7767] team0: Port device dummy0 added
[   96.444081][ T7810] tipc: Failed to remove unknown binding: 66,1,1/0:2372594857/2372594859
[   96.452574][ T7810] tipc: Failed to remove unknown binding: 66,1,1/0:2372594857/2372594859
[   96.459302][ T7810] tipc: Failed to remove unknown binding: 66,1,1/0:2372594857/2372594859
[   96.907206][ T7853] __nla_validate_parse: 2 callbacks suppressed
[   96.907221][ T7853] netlink: 92 bytes leftover after parsing attributes in process `syz.1.885'.
[   96.973388][ T7855] sctp: [Deprecated]: syz.0.886 (pid 7855) Use of int in max_burst socket option deprecated.
[   96.973388][ T7855] Use struct sctp_assoc_value instead
[   97.046557][ T7862] netlink: 4 bytes leftover after parsing attributes in process `syz.0.886'.
[   97.259803][ T7868] netlink: 'syz.1.892': attribute type 15 has an invalid length.
[   97.263308][ T7868] netlink: 666 bytes leftover after parsing attributes in process `syz.1.892'.
[   97.401171][ T7874] netlink: 132 bytes leftover after parsing attributes in process `syz.1.895'.
[   97.472075][ T7878] netlink: 3 bytes leftover after parsing attributes in process `syz.1.897'.
[   97.475839][ T7878] 0X: renamed from caif0
[   97.479675][ T7878] 0X: entered allmulticast mode
[   97.481669][ T7878] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check.
[   97.600752][   T57] block nbd0: Wrong magic (0x0)
[   97.713698][ T7898] netlink: 'syz.2.906': attribute type 3 has an invalid length.
[   97.939773][ T7920] netlink: 'syz.2.910': attribute type 4 has an invalid length.
[   98.702820][ T7937] netlink: 244 bytes leftover after parsing attributes in process `syz.1.921'.
[   98.806262][ T7947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.923'.
[   99.028408][ T7952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.928'.
[   99.046852][ T7954] netlink: 248 bytes leftover after parsing attributes in process `syz.1.929'.
[   99.135195][ T7960] netlink: 32 bytes leftover after parsing attributes in process `syz.2.931'.
[  100.609201][ T8024] tipc: Started in network mode
[  100.611029][ T8024] tipc: Node identity , cluster identity 4711
[  100.613288][ T8024] tipc: Failed to obtain node identity
[  100.615213][ T8024] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  100.620115][ T8024] syzkaller0: entered promiscuous mode
[  100.622425][ T8024] syzkaller0: entered allmulticast mode
[  101.857244][ T8070] netlink: zone id is out of range
[  101.864532][ T8070] netlink: zone id is out of range
[  101.866757][ T8070] netlink: zone id is out of range
[  101.870558][ T8070] netlink: get zone limit has 8 unknown bytes
[  101.919790][ T8072] syz.1.982: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  101.925475][ T8072] CPU: 0 UID: 0 PID: 8072 Comm: syz.1.982 Not tainted 6.16.0-syzkaller-06620-gae633388cae3-dirty #0 PREEMPT(full) 
[  101.925493][ T8072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  101.925501][ T8072] Call Trace:
[  101.925507][ T8072]  <TASK>
[  101.925513][ T8072]  dump_stack_lvl+0x189/0x250
[  101.925533][ T8072]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.925548][ T8072]  ? __pfx__printk+0x10/0x10
[  101.925563][ T8072]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  101.925577][ T8072]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  101.925592][ T8072]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  101.925608][ T8072]  warn_alloc+0x214/0x310
[  101.925622][ T8072]  ? stack_depot_save_flags+0x40/0x900
[  101.925637][ T8072]  ? __pfx_warn_alloc+0x10/0x10
[  101.925652][ T8072]  ? kasan_save_track+0x4f/0x80
[  101.925670][ T8072]  ? xskq_create+0x56/0x170
[  101.925687][ T8072]  ? xsk_init_queue+0xb0/0x110
[  101.925701][ T8072]  ? xsk_setsockopt+0x4dc/0x8d0
[  101.925714][ T8072]  ? do_sock_setsockopt+0x17c/0x1b0
[  101.925726][ T8072]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  101.925737][ T8072]  ? do_syscall_64+0xfa/0x3b0
[  101.925754][ T8072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.925773][ T8072]  __vmalloc_node_range_noprof+0x125/0x12f0
[  101.925817][ T8072]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  101.925835][ T8072]  ? __kasan_kmalloc+0x93/0xb0
[  101.925856][ T8072]  vmalloc_user_noprof+0xad/0xf0
[  101.925869][ T8072]  ? xskq_create+0xbf/0x170
[  101.925888][ T8072]  xskq_create+0xbf/0x170
[  101.925937][ T8072]  xsk_init_queue+0xb0/0x110
[  101.925956][ T8072]  xsk_setsockopt+0x4dc/0x8d0
[  101.925974][ T8072]  ? __pfx_xsk_setsockopt+0x10/0x10
[  101.925989][ T8072]  ? __pfx_aa_sk_perm+0x10/0x10
[  101.926008][ T8072]  ? aa_sock_opt_perm+0x74/0x110
[  101.926025][ T8072]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  101.926038][ T8072]  ? __pfx_xsk_setsockopt+0x10/0x10
[  101.926054][ T8072]  do_sock_setsockopt+0x17c/0x1b0
[  101.926070][ T8072]  __x64_sys_setsockopt+0x13f/0x1b0
[  101.926086][ T8072]  do_syscall_64+0xfa/0x3b0
[  101.926103][ T8072]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.926119][ T8072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.926131][ T8072]  ? exc_page_fault+0x9f/0xf0
[  101.926149][ T8072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.926161][ T8072] RIP: 0033:0x7f299898ebe9
[  101.926173][ T8072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.926183][ T8072] RSP: 002b:00007f29997e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  101.926197][ T8072] RAX: ffffffffffffffda RBX: 00007f2998bb5fa0 RCX: 00007f299898ebe9
[  101.926205][ T8072] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  101.926213][ T8072] RBP: 00007f2998a11e19 R08: 0000000000000004 R09: 0000000000000000
[  101.926220][ T8072] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  101.926228][ T8072] R13: 00007f2998bb6038 R14: 00007f2998bb5fa0 R15: 00007ffe94c5ddf8
[  101.926249][ T8072]  </TASK>
[  101.926254][ T8072] Mem-Info:
[  102.055034][ T8072] active_anon:4198 inactive_anon:0 isolated_anon:0
[  102.055034][ T8072]  active_file:1129 inactive_file:38229 isolated_file:0
[  102.055034][ T8072]  unevictable:1768 dirty:384 writeback:0
[  102.055034][ T8072]  slab_reclaimable:9609 slab_unreclaimable:93829
[  102.055034][ T8072]  mapped:18091 shmem:2447 pagetables:877
[  102.055034][ T8072]  sec_pagetables:0 bounce:0
[  102.055034][ T8072]  kernel_misc_reclaimable:0
[  102.055034][ T8072]  free:257498 free_pcp:23444 free_cma:0
[  102.073357][ T8072] Node 0 active_anon:11284kB inactive_anon:0kB active_file:2944kB inactive_file:76512kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:31976kB dirty:1272kB writeback:0kB shmem:5120kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8444kB pagetables:2376kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  102.086876][ T8072] Node 1 active_anon:5508kB inactive_anon:0kB active_file:1572kB inactive_file:76404kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:40388kB dirty:264kB writeback:0kB shmem:4668kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3140kB pagetables:1132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  102.099970][ T8072] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  102.112055][ T8072] lowmem_reserve[]: 0 814 814 814 814
[  102.113940][ T8072] Node 0 DMA32 free:223836kB boost:0kB min:33720kB low:42148kB high:50576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:11284kB inactive_anon:0kB active_file:2944kB inactive_file:76512kB unevictable:3536kB writepending:1272kB present:1556484kB managed:834028kB mlocked:0kB bounce:0kB free_pcp:56056kB local_pcp:35592kB free_cma:0kB
[  102.125154][ T8072] lowmem_reserve[]: 0 0 0 0 0
[  102.126723][ T8072] Node 1 DMA32 free:458492kB boost:0kB min:19168kB low:23960kB high:28752kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:116kB local_pcp:0kB free_cma:0kB
[  102.137956][ T8072] lowmem_reserve[]: 0 0 854 854 854
[  102.140051][ T8072] Node 1 Normal free:332304kB boost:0kB min:36576kB low:45720kB high:54864kB reserved_highatomic:0KB free_highatomic:0KB active_anon:5508kB inactive_anon:0kB active_file:1572kB inactive_file:76404kB unevictable:3536kB writepending:264kB present:1048576kB managed:875016kB mlocked:0kB bounce:0kB free_pcp:37624kB local_pcp:19120kB free_cma:0kB
[  102.151641][ T8072] lowmem_reserve[]: 0 0 0 0 0
[  102.153379][ T8072] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  102.158139][ T8072] Node 0 DMA32: 499*4kB (UME) 312*8kB (ME) 131*16kB (ME) 85*32kB (M) 116*64kB (UM) 56*128kB (UM) 27*256kB (UM) 15*512kB (UME) 7*1024kB (ME) 3*2048kB (UME) 42*4096kB (M) = 223836kB
[  102.165247][ T8072] Node 1 DMA32: 3*4kB (UM) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 2*128kB (UM) 3*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 109*4096kB (M) = 458492kB
[  102.171843][ T8072] Node 1 Normal: 912*4kB (UM) 714*8kB (UME) 666*16kB (UME) 391*32kB (UME) 192*64kB (UME) 46*128kB (UME) 18*256kB (UME) 9*512kB (UME) 6*1024kB (UME) 4*2048kB (ME) 63*4096kB (UM) = 332304kB
[  102.178556][ T8072] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  102.181590][ T8072] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  102.184551][ T8072] 41805 total pagecache pages
[  102.186196][ T8072] 0 pages in swap cache
[  102.187964][ T8072] Free swap  = 124996kB
[  102.189785][ T8072] Total swap = 124996kB
[  102.191396][ T8072] 786301 pages RAM
[  102.192831][ T8072] 0 pages HighMem/MovableOnly
[  102.194488][ T8072] 240546 pages reserved
[  102.195890][ T8072] 0 pages cma reserved
[  102.262134][ T8076] __nla_validate_parse: 3 callbacks suppressed
[  102.262143][ T8076] netlink: 4 bytes leftover after parsing attributes in process `syz.1.984'.
[  102.267733][ T8076] netlink: 4 bytes leftover after parsing attributes in process `syz.1.984'.
[  102.451290][ T8090] wg1: entered promiscuous mode
[  102.453423][ T8090] wg1: entered allmulticast mode
[  102.516175][ T8094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.993'.
[  102.742754][ T8126] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1009'.
[  102.745724][ T8126] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[  102.756779][ T8126] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  102.776571][ T8130] openvswitch: netlink: Actions may not be safe on all matching packets
[  102.846376][ T8132] netlink: 'syz.0.1012': attribute type 1 has an invalid length.
[  102.850385][ T8132] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1012'.
[  102.853330][ T8132] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1012'.
[  102.869333][ T8132] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  102.873150][ T8132] gretap1: entered promiscuous mode
[  102.942083][ T8149] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1018'.
[  103.186036][ T8172] lo speed is unknown, defaulting to 1000
[  103.212180][ T8175] syzkaller1: entered promiscuous mode
[  103.214544][ T8175] syzkaller1: entered allmulticast mode
[  103.575056][ T8188] infiniband syz1: set down
[  103.578479][ T8188] infiniband syz1: added bond0
[  103.580986][ T8198] netlink: 'syz.1.1042': attribute type 15 has an invalid length.
[  103.608921][ T8188] RDS/IB: syz1: added
[  103.611345][ T8188] smc: adding ib device syz1 with port count 1
[  103.614128][ T8188] smc:    ib device syz1 port 1 has pnetid 
[  103.874497][ T8210] ==================================================================
[  103.877406][ T8210] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  103.880056][ T8210] Read of size 4 at addr ffff888020b9c0c4 by task syz.1.1047/8210
[  103.883462][ T8210] 
[  103.884280][ T8210] CPU: 1 UID: 0 PID: 8210 Comm: syz.1.1047 Not tainted 6.16.0-syzkaller-06620-gae633388cae3-dirty #0 PREEMPT(full) 
[  103.884291][ T8210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  103.884296][ T8210] Call Trace:
[  103.884300][ T8210]  <TASK>
[  103.884304][ T8210]  dump_stack_lvl+0x189/0x250
[  103.884315][ T8210]  ? __kasan_check_byte+0x12/0x40
[  103.884327][ T8210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.884334][ T8210]  ? lock_release+0x4b/0x3e0
[  103.884345][ T8210]  ? __virt_addr_valid+0x4a5/0x5c0
[  103.884354][ T8210]  print_report+0xca/0x240
[  103.884366][ T8210]  ? xfrm_alloc_spi+0x570/0xf30
[  103.884374][ T8210]  kasan_report+0x118/0x150
[  103.884384][ T8210]  ? xfrm_alloc_spi+0x570/0xf30
[  103.884393][ T8210]  xfrm_alloc_spi+0x570/0xf30
[  103.884400][ T8210]  ? xfrm_alloc_spi+0x2a0/0xf30
[  103.884410][ T8210]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  103.884417][ T8210]  ? xfrm_find_acq+0x87/0xa0
[  103.884426][ T8210]  xfrm_alloc_userspi+0x70b/0xc90
[  103.884435][ T8210]  ? __pfx_aa_get_newest_label+0x10/0x10
[  103.884446][ T8210]  ? apparmor_capable+0x137/0x1b0
[  103.884453][ T8210]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  103.884461][ T8210]  ? __nla_parse+0x40/0x60
[  103.884470][ T8210]  xfrm_user_rcv_msg+0x7a3/0xab0
[  103.884479][ T8210]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  103.884493][ T8210]  ? __pfx___mutex_trylock_common+0x10/0x10
[  103.884501][ T8210]  ? rcu_is_watching+0x15/0xb0
[  103.884511][ T8210]  ? trace_contention_end+0x39/0x120
[  103.884518][ T8210]  ? __mutex_lock+0x335/0x1340
[  103.884529][ T8210]  netlink_rcv_skb+0x208/0x470
[  103.884540][ T8210]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  103.884548][ T8210]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  103.884560][ T8210]  ? netlink_deliver_tap+0x2e/0x1b0
[  103.884570][ T8210]  ? netlink_deliver_tap+0x2e/0x1b0
[  103.884579][ T8210]  xfrm_netlink_rcv+0x79/0x90
[  103.884593][ T8210]  netlink_unicast+0x82f/0x9e0
[  103.884603][ T8210]  ? __pfx_netlink_unicast+0x10/0x10
[  103.884612][ T8210]  ? netlink_sendmsg+0x642/0xb30
[  103.884622][ T8210]  ? skb_put+0x11b/0x210
[  103.884629][ T8210]  netlink_sendmsg+0x805/0xb30
[  103.884640][ T8210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.884651][ T8210]  ? aa_sock_msg_perm+0x94/0x160
[  103.884661][ T8210]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  103.884670][ T8210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.884680][ T8210]  __sock_sendmsg+0x21c/0x270
[  103.884691][ T8210]  ____sys_sendmsg+0x505/0x830
[  103.884699][ T8210]  ? __pfx_____sys_sendmsg+0x10/0x10
[  103.884708][ T8210]  ? import_iovec+0x74/0xa0
[  103.884718][ T8210]  ___sys_sendmsg+0x21f/0x2a0
[  103.884725][ T8210]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.884738][ T8210]  ? __fget_files+0x2a/0x420
[  103.884745][ T8210]  ? __fget_files+0x3a0/0x420
[  103.884753][ T8210]  __x64_sys_sendmsg+0x19b/0x260
[  103.884760][ T8210]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  103.884769][ T8210]  ? rcu_is_watching+0x15/0xb0
[  103.884785][ T8210]  ? do_syscall_64+0xbe/0x3b0
[  103.884800][ T8210]  do_syscall_64+0xfa/0x3b0
[  103.884814][ T8210]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.884829][ T8210]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.884839][ T8210]  ? exc_page_fault+0x9f/0xf0
[  103.884849][ T8210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.884856][ T8210] RIP: 0033:0x7f299898ebe9
[  103.884864][ T8210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.884870][ T8210] RSP: 002b:00007f29997e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.884879][ T8210] RAX: ffffffffffffffda RBX: 00007f2998bb5fa0 RCX: 00007f299898ebe9
[  103.884884][ T8210] RDX: 0000000024000014 RSI: 0000200000000200 RDI: 0000000000000003
[  103.884889][ T8210] RBP: 00007f2998a11e19 R08: 0000000000000000 R09: 0000000000000000
[  103.884922][ T8210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  103.884930][ T8210] R13: 00007f2998bb6038 R14: 00007f2998bb5fa0 R15: 00007ffe94c5ddf8
[  103.884945][ T8210]  </TASK>
[  103.884949][ T8210] 
[  104.022065][ T8210] Allocated by task 6313:
[  104.023513][ T8210]  kasan_save_track+0x3e/0x80
[  104.025282][ T8210]  __kasan_slab_alloc+0x6c/0x80
[  104.026974][ T8210]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  104.028846][ T8210]  xfrm_state_alloc+0x24/0x2f0
[  104.030824][ T8210]  __find_acq_core+0x8a7/0x1c00
[  104.032848][ T8210]  xfrm_find_acq+0x78/0xa0
[  104.034691][ T8210]  xfrm_alloc_userspi+0x6b3/0xc90
[  104.036573][ T8210]  xfrm_user_rcv_msg+0x7a3/0xab0
[  104.038262][ T8210]  netlink_rcv_skb+0x208/0x470
[  104.039949][ T8210]  xfrm_netlink_rcv+0x79/0x90
[  104.041612][ T8210]  netlink_unicast+0x82f/0x9e0
[  104.043369][ T8210]  netlink_sendmsg+0x805/0xb30
[  104.045079][ T8210]  __sock_sendmsg+0x21c/0x270
[  104.046674][ T8210]  ____sys_sendmsg+0x505/0x830
[  104.048301][ T8210]  ___sys_sendmsg+0x21f/0x2a0
[  104.049893][ T8210]  __x64_sys_sendmsg+0x19b/0x260
[  104.051765][ T8210]  do_syscall_64+0xfa/0x3b0
[  104.053613][ T8210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.055750][ T8210] 
[  104.056569][ T8210] Freed by task 5906:
[  104.057915][ T8210]  kasan_save_track+0x3e/0x80
[  104.059479][ T8210]  kasan_save_free_info+0x46/0x50
[  104.061162][ T8210]  __kasan_slab_free+0x62/0x70
[  104.062795][ T8210]  kmem_cache_free+0x18f/0x400
[  104.064509][ T8210]  xfrm_state_gc_task+0x518/0x6a0
[  104.066214][ T8210]  process_scheduled_works+0xae1/0x17b0
[  104.068091][ T8210]  worker_thread+0x8a0/0xda0
[  104.069628][ T8210]  kthread+0x711/0x8a0
[  104.071020][ T8210]  ret_from_fork+0x3fc/0x770
[  104.072600][ T8210]  ret_from_fork_asm+0x1a/0x30
[  104.074199][ T8210] 
[  104.075005][ T8210] The buggy address belongs to the object at ffff888020b9c000
[  104.075005][ T8210]  which belongs to the cache xfrm_state of size 928
[  104.079462][ T8210] The buggy address is located 196 bytes inside of
[  104.079462][ T8210]  freed 928-byte region [ffff888020b9c000, ffff888020b9c3a0)
[  104.083912][ T8210] 
[  104.084717][ T8210] The buggy address belongs to the physical page:
[  104.086982][ T8210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888020b9d680 pfn:0x20b9c
[  104.090387][ T8210] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  104.093149][ T8210] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  104.095755][ T8210] page_type: f5(slab)
[  104.097145][ T8210] raw: 00fff00000000040 ffff888105548a00 dead000000000122 0000000000000000
[  104.100093][ T8210] raw: ffff888020b9d680 00000000800e000d 00000000f5000000 0000000000000000
[  104.102994][ T8210] head: 00fff00000000040 ffff888105548a00 dead000000000122 0000000000000000
[  104.106036][ T8210] head: ffff888020b9d680 00000000800e000d 00000000f5000000 0000000000000000
[  104.109127][ T8210] head: 00fff00000000002 ffffea000082e701 00000000ffffffff 00000000ffffffff
[  104.112229][ T8210] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  104.115236][ T8210] page dumped because: kasan: bad access detected
[  104.117475][ T8210] page_owner tracks the page as allocated
[  104.119474][ T8210] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6313, tgid 6312 (syz.1.193), ts 69945672651, free_ts 69817322459
[  104.126621][ T8210]  post_alloc_hook+0x240/0x2a0
[  104.128267][ T8210]  get_page_from_freelist+0x21e4/0x22c0
[  104.130197][ T8210]  __alloc_frozen_pages_noprof+0x181/0x370
[  104.132221][ T8210]  alloc_pages_mpol+0x232/0x4a0
[  104.133913][ T8210]  allocate_slab+0x8a/0x3b0
[  104.135465][ T8210]  ___slab_alloc+0xbfc/0x1480
[  104.137161][ T8210]  kmem_cache_alloc_noprof+0x283/0x3c0
[  104.139193][ T8210]  xfrm_state_alloc+0x24/0x2f0
[  104.140847][ T8210]  __find_acq_core+0x8a7/0x1c00
[  104.142535][ T8210]  xfrm_find_acq+0x78/0xa0
[  104.144133][ T8210]  xfrm_alloc_userspi+0x6b3/0xc90
[  104.145811][ T8210]  xfrm_user_rcv_msg+0x7a3/0xab0
[  104.147486][ T8210]  netlink_rcv_skb+0x208/0x470
[  104.149055][ T8210]  xfrm_netlink_rcv+0x79/0x90
[  104.150872][ T8210]  netlink_unicast+0x82f/0x9e0
[  104.152767][ T8210]  netlink_sendmsg+0x805/0xb30
[  104.154525][ T8210] page last free pid 6301 tgid 6301 stack trace:
[  104.156601][ T8210]  __free_frozen_pages+0xc71/0xe70
[  104.158289][ T8210]  stack_depot_save_flags+0x445/0x900
[  104.160086][ T8210]  kasan_save_track+0x4f/0x80
[  104.161833][ T8210]  __kasan_kmalloc+0x93/0xb0
[  104.163707][ T8210]  __kmalloc_cache_noprof+0x230/0x3d0
[  104.165614][ T8210]  __request_module+0x2b5/0x5e0
[  104.167278][ T8210]  crypto_alg_mod_lookup+0xa5/0x5f0
[  104.169027][ T8210]  crypto_grab_spawn+0x7d/0x390
[  104.170822][ T8210]  crypto_ccm_create_common+0x21c/0x950
[  104.173135][ T8210]  crypto_ccm_create+0x187/0x1e0
[  104.175149][ T8210]  cryptomgr_probe+0x86/0x220
[  104.176945][ T8210]  kthread+0x711/0x8a0
[  104.178257][ T8210]  ret_from_fork+0x3fc/0x770
[  104.179732][ T8210]  ret_from_fork_asm+0x1a/0x30
[  104.181300][ T8210] 
[  104.182119][ T8210] Memory state around the buggy address:
[  104.183987][ T8210]  ffff888020b9bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  104.186953][ T8210]  ffff888020b9c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.190227][ T8210] >ffff888020b9c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.193072][ T8210]                                            ^
[  104.195076][ T8210]  ffff888020b9c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.197828][ T8210]  ffff888020b9c180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.200502][ T8210] ==================================================================
[  104.203434][ T8210] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  104.205942][ T8210] CPU: 1 UID: 0 PID: 8210 Comm: syz.1.1047 Not tainted 6.16.0-syzkaller-06620-gae633388cae3-dirty #0 PREEMPT(full) 
[  104.209986][ T8210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  104.213793][ T8210] Call Trace:
[  104.215005][ T8210]  <TASK>
[  104.216086][ T8210]  dump_stack_lvl+0x99/0x250
[  104.217704][ T8210]  ? __asan_memcpy+0x40/0x70
[  104.219290][ T8210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.221101][ T8210]  ? __pfx__printk+0x10/0x10
[  104.222686][ T8210]  panic+0x2db/0x790
[  104.224045][ T8210]  ? __pfx_panic+0x10/0x10
[  104.225713][ T8210]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  104.227803][ T8210]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  104.230103][ T8210]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  104.232741][ T8210]  ? print_memory_metadata+0x314/0x400
[  104.235016][ T8210]  ? xfrm_alloc_spi+0x570/0xf30
[  104.237042][ T8210]  check_panic_on_warn+0x89/0xb0
[  104.239131][ T8210]  ? xfrm_alloc_spi+0x570/0xf30
[  104.241179][ T8210]  end_report+0x78/0x160
[  104.242978][ T8210]  kasan_report+0x129/0x150
[  104.244878][ T8210]  ? xfrm_alloc_spi+0x570/0xf30
[  104.246641][ T8210]  xfrm_alloc_spi+0x570/0xf30
[  104.248420][ T8210]  ? xfrm_alloc_spi+0x2a0/0xf30
[  104.250151][ T8210]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  104.251720][ T8210]  ? xfrm_find_acq+0x87/0xa0
[  104.253480][ T8210]  xfrm_alloc_userspi+0x70b/0xc90
[  104.255537][ T8210]  ? __pfx_aa_get_newest_label+0x10/0x10
[  104.257590][ T8210]  ? apparmor_capable+0x137/0x1b0
[  104.259375][ T8210]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  104.261647][ T8210]  ? __nla_parse+0x40/0x60
[  104.263383][ T8210]  xfrm_user_rcv_msg+0x7a3/0xab0
[  104.265188][ T8210]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  104.267469][ T8210]  ? __pfx___mutex_trylock_common+0x10/0x10
[  104.269490][ T8210]  ? rcu_is_watching+0x15/0xb0
[  104.271170][ T8210]  ? trace_contention_end+0x39/0x120
[  104.272935][ T8210]  ? __mutex_lock+0x335/0x1340
[  104.274827][ T8210]  netlink_rcv_skb+0x208/0x470
[  104.276659][ T8210]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  104.278464][ T8210]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  104.280271][ T8210]  ? netlink_deliver_tap+0x2e/0x1b0
[  104.282134][ T8210]  ? netlink_deliver_tap+0x2e/0x1b0
[  104.284076][ T8210]  xfrm_netlink_rcv+0x79/0x90
[  104.286070][ T8210]  netlink_unicast+0x82f/0x9e0
[  104.287781][ T8210]  ? __pfx_netlink_unicast+0x10/0x10
[  104.289547][ T8210]  ? netlink_sendmsg+0x642/0xb30
[  104.291226][ T8210]  ? skb_put+0x11b/0x210
[  104.292629][ T8210]  netlink_sendmsg+0x805/0xb30
[  104.294240][ T8210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.296012][ T8210]  ? aa_sock_msg_perm+0x94/0x160
[  104.297647][ T8210]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  104.299416][ T8210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.301191][ T8210]  __sock_sendmsg+0x21c/0x270
[  104.302794][ T8210]  ____sys_sendmsg+0x505/0x830
[  104.304544][ T8210]  ? __pfx_____sys_sendmsg+0x10/0x10
[  104.306692][ T8210]  ? import_iovec+0x74/0xa0
[  104.308317][ T8210]  ___sys_sendmsg+0x21f/0x2a0
[  104.310064][ T8210]  ? __pfx____sys_sendmsg+0x10/0x10
[  104.312200][ T8210]  ? __fget_files+0x2a/0x420
[  104.313990][ T8210]  ? __fget_files+0x3a0/0x420
[  104.315693][ T8210]  __x64_sys_sendmsg+0x19b/0x260
[  104.317497][ T8210]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  104.319673][ T8210]  ? rcu_is_watching+0x15/0xb0
[  104.321649][ T8210]  ? do_syscall_64+0xbe/0x3b0
[  104.323616][ T8210]  do_syscall_64+0xfa/0x3b0
[  104.325348][ T8210]  ? lockdep_hardirqs_on+0x9c/0x150
[  104.327338][ T8210]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.329349][ T8210]  ? exc_page_fault+0x9f/0xf0
[  104.331047][ T8210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.333036][ T8210] RIP: 0033:0x7f299898ebe9
[  104.334832][ T8210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.341918][ T8210] RSP: 002b:00007f29997e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.344645][ T8210] RAX: ffffffffffffffda RBX: 00007f2998bb5fa0 RCX: 00007f299898ebe9
[  104.347782][ T8210] RDX: 0000000024000014 RSI: 0000200000000200 RDI: 0000000000000003
[  104.351108][ T8210] RBP: 00007f2998a11e19 R08: 0000000000000000 R09: 0000000000000000
[  104.354505][ T8210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.357689][ T8210] R13: 00007f2998bb6038 R14: 00007f2998bb5fa0 R15: 00007ffe94c5ddf8
[  104.360864][ T8210]  </TASK>
[  104.362891][ T8210] Kernel Offset: disabled
[  104.364762][ T8210] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:35:53  Registers:
info registers vcpu 0

CPU#0
RAX=0000000083204117 RBX=0000000000000006 RCX=00000000ad61b96c RDX=000000006f6f81c8
RSI=000000007508aa98 RDI=ffff888036579cc0 RBP=0000000000000000 RSP=ffffc90006e26648
R8 =0000000000000000 R9 =ffffffff825c8e9c R10=dffffc0000000000 R11=ffffed100365ef25
R12=00000000a7b8d45e R13=ffff88803657a7b0 R14=ffff88803657a8a0 R15=1b317738ad61b96c
RIP=ffffffff819d7c50 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7cf19dc6c0 ffffffff 00c00000
GS =0000 ffff8880b8680000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fbe31be99d8 CR3=0000000036eea000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007f7cf0c12e53
XMM06=0000000000000000 00007f7cf0c12e4d XMM07=0000000000000000 00007f7cf0c12e61
XMM08=0000000000000000 00007f7cf0c12ee7 XMM09=0000000000000000 00007f7cf0c12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000062 RBX=0000000000000062 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001146 RDI=0000000000001147 RBP=00000000000003f8 RSP=ffffc90006c069f0
R8 =ffff888106f00237 R9 =1ffff11020de0046 R10=dffffc0000000000 R11=ffffffff854c1d90
R12=dffffc0000000000 R13=ffffffff99a95919 R14=ffffffff99d9a4e0 R15=0000000000000000
RIP=ffffffff854c1e0c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f29997e16c0 ffffffff 00c00000
GS =0000 ffff8881a3c80000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000200 CR3=000000010a334000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f2998b87498 00007f2998b87470 XMM03=00007f2998b874a8 00007f2998b874a0
XMM04=00007f29996ed100 00007f2998b87460 XMM05=00007f2998b87478 00007f2998b874c0
XMM06=00007f2998b874b8 00007f2998b874b0 XMM07=00007f2998b874a8 00007f2998b874a0
XMM08=0000000000000000 00007f2998a12ee7 XMM09=0000000000000000 00007f2998a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
