last executing test programs:

458.395538ms ago: executing program 1 (id=241):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_RATE={0x6, 0x5, {0x1, 0x80}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

328.692854ms ago: executing program 1 (id=243):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040)=0x6, 0x4)

328.356582ms ago: executing program 1 (id=246):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000080)=0x3, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x800, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}, 0x1c)

247.992751ms ago: executing program 1 (id=248):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000000000061118f000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)

182.453251ms ago: executing program 1 (id=251):
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000140)="6d527cd53870164a3a0d4b64fb0d7bebad2dce076e7768215970e33adf15173c9e665cff10727f6273ef2aace367c13b8e834788d7da2d60077ebc24a796b221a2f39fd294dc01861206b499138d02ebf3cfc3b11f0e18858568476bac483df9c4d0a61da2d2f9b7c4cb601c0141f209fc9e06d9457920a9a749a23ccd52eb91db50189627774719cf91bd6e63a2b8a3b657c0e438ffc3e275b03ef0f384a0c1f20143b7b87f2e34729b000000805e0ad338423d4200f349c545516c46bb9f104a3816b12950faa20fab5827bc62a8d4cc12c4c8954308a933d63aa66cdb3646a37626de7361b5338c197dd3e6844dafcb4338dce0b79ee41da150eca12fbd36b4873ce8e4747b63e8830ee6c32f254d37792053e2b77cc86279ea843600"/297, 0x3accf8d5)
vmsplice(r1, &(0x7f0000000440)=[{&(0x7f00000000c0)='7', 0x1}], 0x1, 0x100000000000000)
close(r0)

182.092407ms ago: executing program 2 (id=253):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r2}, @IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x6}, @IFLA_BR_VLAN_DEFAULT_PVID={0x6}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)

145.425777ms ago: executing program 0 (id=255):
unshare(0x40600)

145.299418ms ago: executing program 0 (id=256):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000005400e5012cbd70000000000007000000", @ANYRES32, @ANYBLOB="100001"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x20044050)

140.2881ms ago: executing program 2 (id=257):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000030000000400000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

83.010087ms ago: executing program 0 (id=258):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x8, 0x8, 0x17}, @IFLA_IPTUN_FLOWINFO={0x8, 0x7, 0x7}]}}}]}, 0x44}}, 0x0)

82.756417ms ago: executing program 2 (id=259):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000001c0)={0x1, 0xfff, 0x0, 0x8, 0x9, 0xd, 0x4, 0x5, r1}, 0x20)

82.482841ms ago: executing program 0 (id=260):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x39, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

82.259594ms ago: executing program 1 (id=261):
unshare(0x2c020400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)

82.024077ms ago: executing program 2 (id=262):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x38, r2, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_FLAGS={0x10, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_AUTHENTICATED={0x4}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c0}, 0x4)

374.406µs ago: executing program 0 (id=263):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8991, &(0x7f0000000180)={'gretap0\x00', 0x1000})

158.12µs ago: executing program 2 (id=264):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a3200000000440005800800024000000002080001"], 0x2d4}}, 0x4048010)

60.008µs ago: executing program 2 (id=265):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x3f}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)

0s ago: executing program 0 (id=266):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080"], 0x6f4}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:32308' (ED25519) to the list of known hosts.
syzkaller login: [   40.527736][ T5757] cgroup: Unknown subsys name 'net'
[   40.648862][ T5757] cgroup: Unknown subsys name 'cpuset'
[   40.652940][ T5757] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   41.919258][ T5757] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   48.479891][ T5858] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   50.082242][ T5219] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   50.087916][ T5219] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   50.090670][ T5219] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   50.093756][ T5219] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   50.096595][ T5219] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   50.183967][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   50.188738][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   50.191820][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   50.200593][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   50.203230][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   50.215181][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   50.218860][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   50.222410][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   50.227107][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   50.229809][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   50.298746][ T5867] chnl_net:caif_netlink_parms(): no params data found
[   50.402284][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.405270][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.408545][ T5867] bridge_slave_0: entered allmulticast mode
[   50.411250][ T5867] bridge_slave_0: entered promiscuous mode
[   50.422154][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.424589][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.427582][ T5867] bridge_slave_1: entered allmulticast mode
[   50.430695][ T5867] bridge_slave_1: entered promiscuous mode
[   50.464780][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.469936][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.495156][ T5867] team0: Port device team_slave_0 added
[   50.500226][ T5867] team0: Port device team_slave_1 added
[   50.574713][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0
[   50.577359][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.585162][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   50.590054][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1
[   50.592234][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.601736][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   50.621457][ T5871] chnl_net:caif_netlink_parms(): no params data found
[   50.647110][ T5873] chnl_net:caif_netlink_parms(): no params data found
[   50.684850][ T5867] hsr_slave_0: entered promiscuous mode
[   50.688332][ T5867] hsr_slave_1: entered promiscuous mode
[   50.717131][ T5871] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.719379][ T5871] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.721799][ T5871] bridge_slave_0: entered allmulticast mode
[   50.724446][ T5871] bridge_slave_0: entered promiscuous mode
[   50.728419][ T5871] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.730939][ T5871] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.733397][ T5871] bridge_slave_1: entered allmulticast mode
[   50.736323][ T5871] bridge_slave_1: entered promiscuous mode
[   50.793347][ T5871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.809025][ T5871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.844984][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.848424][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.850682][ T5873] bridge_slave_0: entered allmulticast mode
[   50.853380][ T5873] bridge_slave_0: entered promiscuous mode
[   50.859968][ T5871] team0: Port device team_slave_0 added
[   50.862096][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.864278][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.866961][ T5873] bridge_slave_1: entered allmulticast mode
[   50.869531][ T5873] bridge_slave_1: entered promiscuous mode
[   50.888950][ T5871] team0: Port device team_slave_1 added
[   50.913583][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.938246][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.949008][ T5871] batman_adv: batadv0: Adding interface: batadv_slave_0
[   50.951211][ T5871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.960563][ T5871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   50.975123][ T5871] batman_adv: batadv0: Adding interface: batadv_slave_1
[   50.980110][ T5871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.989049][ T5871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.000553][ T5873] team0: Port device team_slave_0 added
[   51.003544][ T5873] team0: Port device team_slave_1 added
[   51.031497][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.033682][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.041798][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   51.060448][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1
[   51.062648][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.072935][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.092317][ T5871] hsr_slave_0: entered promiscuous mode
[   51.094510][ T5871] hsr_slave_1: entered promiscuous mode
[   51.097789][ T5871] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   51.100221][ T5871] Cannot create hsr debugfs directory
[   51.121194][ T5867] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   51.126852][ T5867] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   51.131531][ T5867] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   51.160449][ T5867] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   51.168140][ T5873] hsr_slave_0: entered promiscuous mode
[   51.170412][ T5873] hsr_slave_1: entered promiscuous mode
[   51.172518][ T5873] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   51.174922][ T5873] Cannot create hsr debugfs directory
[   51.253779][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.256119][ T5867] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.258983][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.261317][ T5867] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.320740][ T2998] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.323931][ T2998] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.353668][ T5871] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   51.363132][ T5871] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   51.378368][ T5871] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   51.390833][ T5871] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   51.405087][ T5873] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   51.410879][ T5873] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   51.421194][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.423629][ T5873] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   51.429878][ T5873] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   51.479182][ T5867] 8021q: adding VLAN 0 to HW filter on device team0
[   51.492176][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.494437][ T1087] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.508322][  T728] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.510628][  T728] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.525641][ T5871] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.548734][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.566337][ T5871] 8021q: adding VLAN 0 to HW filter on device team0
[   51.571480][ T5873] 8021q: adding VLAN 0 to HW filter on device team0
[   51.580720][  T728] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.583001][  T728] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.587920][  T728] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.590487][  T728] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.600381][ T2998] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.602731][ T2998] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.605906][ T2998] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.608234][ T2998] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.679898][ T5871] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   51.736154][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0
[   51.781044][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0
[   51.790509][ T5867] veth0_vlan: entered promiscuous mode
[   51.800152][ T5867] veth1_vlan: entered promiscuous mode
[   51.807720][ T5871] 8021q: adding VLAN 0 to HW filter on device batadv0
[   51.830222][ T5867] veth0_macvtap: entered promiscuous mode
[   51.841136][ T5867] veth1_macvtap: entered promiscuous mode
[   51.848297][ T5873] veth0_vlan: entered promiscuous mode
[   51.857002][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0
[   51.861565][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1
[   51.869206][ T5873] veth1_vlan: entered promiscuous mode
[   51.874469][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.882691][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.889462][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.892557][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.913554][ T5871] veth0_vlan: entered promiscuous mode
[   51.925223][ T5871] veth1_vlan: entered promiscuous mode
[   51.952672][  T728] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.956364][ T5873] veth0_macvtap: entered promiscuous mode
[   51.961802][  T728] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   51.963504][ T5871] veth0_macvtap: entered promiscuous mode
[   51.972223][ T5873] veth1_macvtap: entered promiscuous mode
[   51.987717][ T5871] veth1_macvtap: entered promiscuous mode
[   51.996209][ T1087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.000699][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_0
[   52.004839][ T1087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.008060][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_1
[   52.011332][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0
[   52.022881][ T5874] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.025912][ T5874] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.048819][ T5874] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.051524][ T5874] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.056243][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1
[   52.082475][ T5700] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.086114][ T5700] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.091662][ T5700] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.094533][ T5700] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.119407][ T5219] Bluetooth: hci0: command tx timeout
[   52.120471][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.123678][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.170169][ T1087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.172652][ T1087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.215866][ T1086] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.230405][ T1086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.256809][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.259316][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.276905][ T5219] Bluetooth: hci2: command tx timeout
[   52.279099][ T5219] Bluetooth: hci1: command tx timeout
[   52.552671][ T5973] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   52.669648][ T5983] syz.2.49 uses obsolete (PF_INET,SOCK_PACKET)
[   52.930155][ T6011] netlink: 16 bytes leftover after parsing attributes in process `syz.2.63'.
[   52.948767][ T6011] Bluetooth: MGMT ver 1.23
[   53.032282][ T6019] netlink: 16 bytes leftover after parsing attributes in process `syz.2.67'.
[   53.137486][ T6031] Zero length message leads to an empty skb
[   53.273208][ T6045] tap0: tun_chr_ioctl cmd 1074025677
[   53.275082][ T6045] tap0: linktype set to 804
[   53.350424][ T6050] netlink: 280 bytes leftover after parsing attributes in process `syz.1.83'.
[   53.381877][ T6053] netlink: 'syz.2.84': attribute type 1 has an invalid length.
[   53.384713][ T6053] netlink: 244 bytes leftover after parsing attributes in process `syz.2.84'.
[   53.513173][ T6065] netlink: 4 bytes leftover after parsing attributes in process `syz.2.90'.
[   53.651390][ T6082] geneve2: entered promiscuous mode
[   53.653236][ T6082] geneve2: entered allmulticast mode
[   53.656328][ T5700] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 53731 - 0
[   53.664683][ T5700] netdevsim netdevsim0 netdevsim0: set [1, 2] type 2 family 0 port 57186 - 0
[   53.689250][ T5700] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 53731 - 0
[   53.693064][ T5700] netdevsim netdevsim0 netdevsim1: set [1, 2] type 2 family 0 port 57186 - 0
[   53.696207][ T5700] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 53731 - 0
[   53.699785][ T5700] netdevsim netdevsim0 netdevsim2: set [1, 2] type 2 family 0 port 57186 - 0
[   53.713270][ T6092] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   53.728315][ T6089] batadv1: entered allmulticast mode
[   53.731127][ T6089] 8021q: adding VLAN 0 to HW filter on device batadv1
[   53.735942][ T5700] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 53731 - 0
[   53.741730][ T5700] netdevsim netdevsim0 netdevsim3: set [1, 2] type 2 family 0 port 57186 - 0
[   53.779513][ T6094] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.101'.
[   53.991062][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.2.109'.
[   54.197047][   T55] Bluetooth: hci0: command tx timeout
[   54.232855][ T6146] netlink: 'syz.1.118': attribute type 1 has an invalid length.
[   54.368091][   T55] Bluetooth: hci1: command tx timeout
[   54.369839][   T55] Bluetooth: hci2: command tx timeout
[   54.525856][ T6183] netlink: 12 bytes leftover after parsing attributes in process `syz.0.132'.
[   54.550404][ T6183] 8021q: adding VLAN 0 to HW filter on device bond2
[   54.561531][ T6183] bond2: (slave batadv1): Opening slave failed
[   54.978689][ T6218] netlink: 20 bytes leftover after parsing attributes in process `syz.0.148'.
[   55.088605][ T6228] netlink: 'syz.0.153': attribute type 2 has an invalid length.
[   55.295374][ T6248] tipc: Started in network mode
[   55.299425][ T6248] tipc: Node identity 32c205feb516, cluster identity 4711
[   55.304024][ T6248] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   55.307468][ T6248] syzkaller0: entered promiscuous mode
[   55.309263][ T6248] syzkaller0: entered allmulticast mode
[   55.323224][ T6248] tipc: Resetting bearer <eth:syzkaller0>
[   55.335474][ T6247] tipc: Resetting bearer <eth:syzkaller0>
[   55.343400][ T6252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.165'.
[   55.343508][ T6247] tipc: Disabling bearer <eth:syzkaller0>
[   55.348035][ T6252] openvswitch: netlink: nsh attribute has 2338 unknown bytes.
[   55.350763][ T6252] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   55.547982][ T6268] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   55.559819][ T6268] syzkaller0: entered promiscuous mode
[   55.561640][ T6268] syzkaller0: entered allmulticast mode
[   55.580233][ T6268] tipc: Resetting bearer <eth:syzkaller0>
[   55.585204][ T6267] tipc: Resetting bearer <eth:syzkaller0>
[   55.593085][ T6267] tipc: Disabling bearer <eth:syzkaller0>
[   55.724483][ T6285] netlink: 'syz.2.182': attribute type 1 has an invalid length.
[   55.743548][ T6285] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.757561][ T6285] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.760197][ T6285] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   55.764269][ T6285] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   55.809306][ T6292] netlink: 'syz.1.183': attribute type 1 has an invalid length.
[   55.820858][ T6290] veth3: entered promiscuous mode
[   55.838163][ T6290] bond1: (slave veth3): Enslaving as an active interface with a down link
[   55.858691][ T6285] erspan0: entered allmulticast mode
[   55.871561][ T6285] bond1: (slave erspan0): making interface the new active one
[   55.874704][ T6285] bond1: (slave erspan0): Enslaving as an active interface with an up link
[   55.923245][ T6300] pim6reg1: entered promiscuous mode
[   55.925110][ T6300] pim6reg1: entered allmulticast mode
[   56.016246][ T6304] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   56.066184][ T6310] netlink: 'syz.1.190': attribute type 15 has an invalid length.
[   56.172835][ T6320] netlink: zone id is out of range
[   56.174628][ T6320] netlink: zone id is out of range
[   56.176270][ T6320] netlink: set zone limit has 4 unknown bytes
[   56.278285][ T5219] Bluetooth: hci0: command tx timeout
[   56.447808][ T5219] Bluetooth: hci2: command tx timeout
[   56.448581][   T55] Bluetooth: hci1: command tx timeout
[   56.929004][ T6405] batman_adv: batadv0: Adding interface: ipvlan2
[   56.935765][ T6405] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.946714][ T6405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.950201][ T6405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.953413][ T6405] batman_adv: batadv0: Not using interface ipvlan2 (retrying later): interface not active
[   56.981607][ T6411] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   57.310678][ T6425] netlink: 'syz.0.236': attribute type 11 has an invalid length.
[   57.361840][ T6427] tipc: Started in network mode
[   57.363489][ T6427] tipc: Node identity 1e6ad58d4bc1, cluster identity 4711
[   57.365995][ T6427] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   57.402304][ T6427] syzkaller0: entered promiscuous mode
[   57.404047][ T6427] syzkaller0: entered allmulticast mode
[   57.409030][ T6427] tipc: Resetting bearer <eth:syzkaller0>
[   57.428625][ T6426] tipc: Resetting bearer <eth:syzkaller0>
[   57.545563][ T6433] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   58.057536][ T6426] tipc: Disabling bearer <eth:syzkaller0>
[   58.151511][ T6433] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   58.155996][ T6433] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   58.160678][ T6433] bond0 (unregistering): Released all slaves
[   58.356831][   T55] Bluetooth: hci0: command tx timeout
[   58.373014][ T6463] netlink: 'syz.2.253': attribute type 1 has an invalid length.
[   58.407232][ T6463] bond0: (slave bridge1): making interface the new active one
[   58.410125][ T6463] bond0: (slave bridge1): Enslaving as an active interface with an up link
[   58.517836][   T55] Bluetooth: hci1: command tx timeout
[   58.528626][   T55] Bluetooth: hci2: command tx timeout
[   58.540967][ T6490] __nla_validate_parse: 2 callbacks suppressed
[   58.540977][ T6490] netlink: 48 bytes leftover after parsing attributes in process `syz.2.264'.
Connection to localhost closed by remote host.
[   58.989323][ T5700] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.035099][ T5700] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.086914][ T5700] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.154440][ T5700] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.231278][ T5700] bridge_slave_1: left allmulticast mode
[   59.233217][ T5700] bridge_slave_1: left promiscuous mode
[   59.235795][ T5700] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.241030][ T5700] bridge_slave_0: left allmulticast mode
[   59.242925][ T5700] bridge_slave_0: left promiscuous mode
[   59.244969][ T5700] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.472098][ T5700] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   59.476166][ T5700] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   59.480972][ T5700] bond0 (unregistering): Released all slaves
[   59.675971][ T5700] hsr_slave_0: left promiscuous mode
[   59.678158][ T5700] hsr_slave_1: left promiscuous mode
[   59.680289][ T5700] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   59.682752][ T5700] batman_adv: batadv0: Removing interface: batadv_slave_0
[   59.685510][ T5700] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   59.689018][ T5700] batman_adv: batadv0: Removing interface: batadv_slave_1
[   59.697060][ T5700] veth1_macvtap: left promiscuous mode
[   59.698947][ T5700] veth0_macvtap: left promiscuous mode
[   59.700863][ T5700] veth1_vlan: left promiscuous mode
[   59.702695][ T5700] veth0_vlan: left promiscuous mode
[   59.900283][ T5700] team0 (unregistering): Port device team_slave_1 removed
[   59.921111][ T5700] team0 (unregistering): Port device team_slave_0 removed
[   60.346640][ T5700] ------------[ cut here ]------------
[   60.348525][ T5700] WARNING: CPU: 1 PID: 5700 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x270/0x2f0
[   60.351649][ T5700] Modules linked in:
[   60.353115][ T5700] CPU: 1 UID: 0 PID: 5700 Comm: kworker/u8:2 Not tainted 6.16.0-rc7-syzkaller-01993-ge3f96b3556e4-dirty #0 PREEMPT(full) 
[   60.358071][ T5700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   60.361544][ T5700] Workqueue: netns cleanup_net
[   60.363155][ T5700] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[   60.364979][ T5700] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 48 5e 0c f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 36 2c ed f7 e8 91 4e aa f7 90 <0f> 0b 90 e9 fd fd ff ff e8 83 4e aa f7 90 0f 0b 90 e9 60 fe ff ff
[   60.371281][ T5700] RSP: 0018:ffffc90002dbf898 EFLAGS: 00010293
[   60.373293][ T5700] RAX: ffffffff8a15d99f RBX: ffff8880393a2440 RCX: ffff888021bc3980
[   60.376237][ T5700] RDX: 0000000000000000 RSI: ffffffff8db87667 RDI: ffff888021bc3980
[   60.379081][ T5700] RBP: ffffc90002dbf9b0 R08: ffffffff8fa1f6f7 R09: 1ffffffff1f43ede
[   60.381698][ T5700] R10: dffffc0000000000 R11: fffffbfff1f43edf R12: ffffffff8f6182e0
[   60.384199][ T5700] R13: 1ffff920005b7f40 R14: ffff8880393a38c0 R15: dffffc0000000000
[   60.386778][ T5700] FS:  0000000000000000(0000) GS:ffff8881a3c23000(0000) knlGS:0000000000000000
[   60.389668][ T5700] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   60.391797][ T5700] CR2: 000000110c33ac28 CR3: 0000000027e40000 CR4: 00000000000006f0
[   60.394401][ T5700] Call Trace:
[   60.395540][ T5700]  <TASK>
[   60.396662][ T5700]  xfrm_net_exit+0x2d/0x70
[   60.398121][ T5700]  ops_undo_list+0x49a/0x990
[   60.399666][ T5700]  ? __pfx_ops_undo_list+0x10/0x10
[   60.401317][ T5700]  ? do_raw_spin_unlock+0x4d/0x240
[   60.403019][ T5700]  cleanup_net+0x4c5/0x800
[   60.404499][ T5700]  ? __pfx_cleanup_net+0x10/0x10
[   60.406163][ T5700]  ? _raw_spin_unlock_irq+0x23/0x50
[   60.407942][ T5700]  ? process_scheduled_works+0x9ef/0x17b0
[   60.409793][ T5700]  ? process_scheduled_works+0x9ef/0x17b0
[   60.411671][ T5700]  process_scheduled_works+0xae1/0x17b0
[   60.413506][ T5700]  ? __pfx_process_scheduled_works+0x10/0x10
[   60.415478][ T5700]  worker_thread+0x8a0/0xda0
[   60.417059][ T5700]  kthread+0x711/0x8a0
[   60.418439][ T5700]  ? __pfx_worker_thread+0x10/0x10
[   60.420093][ T5700]  ? __pfx_kthread+0x10/0x10
[   60.421580][ T5700]  ? _raw_spin_unlock_irq+0x23/0x50
[   60.423287][ T5700]  ? lockdep_hardirqs_on+0x9c/0x150
[   60.424941][ T5700]  ? __pfx_kthread+0x10/0x10
[   60.426444][ T5700]  ret_from_fork+0x3fc/0x770
[   60.427936][ T5700]  ? __pfx_ret_from_fork+0x10/0x10
[   60.429640][ T5700]  ? __switch_to_asm+0x39/0x70
[   60.431223][ T5700]  ? __switch_to_asm+0x33/0x70
[   60.432835][ T5700]  ? __pfx_kthread+0x10/0x10
[   60.434387][ T5700]  ret_from_fork_asm+0x1a/0x30
[   60.436001][ T5700]  </TASK>
[   60.437175][ T5700] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   60.439539][ T5700] CPU: 1 UID: 0 PID: 5700 Comm: kworker/u8:2 Not tainted 6.16.0-rc7-syzkaller-01993-ge3f96b3556e4-dirty #0 PREEMPT(full) 
[   60.443543][ T5700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   60.446841][ T5700] Workqueue: netns cleanup_net
[   60.448395][ T5700] Call Trace:
[   60.449523][ T5700]  <TASK>
[   60.450522][ T5700]  dump_stack_lvl+0x99/0x250
[   60.452034][ T5700]  ? __asan_memcpy+0x40/0x70
[   60.453588][ T5700]  ? __pfx_dump_stack_lvl+0x10/0x10
[   60.455314][ T5700]  ? __pfx__printk+0x10/0x10
[   60.456866][ T5700]  panic+0x2db/0x790
[   60.458176][ T5700]  ? __pfx_panic+0x10/0x10
[   60.459670][ T5700]  ? ret_from_fork_asm+0x1a/0x30
[   60.461309][ T5700]  __warn+0x31b/0x4b0
[   60.462641][ T5700]  ? xfrm_state_fini+0x270/0x2f0
[   60.464281][ T5700]  ? xfrm_state_fini+0x270/0x2f0
[   60.465925][ T5700]  report_bug+0x2be/0x4f0
[   60.467368][ T5700]  ? xfrm_state_fini+0x270/0x2f0
[   60.468997][ T5700]  ? xfrm_state_fini+0x270/0x2f0
[   60.470637][ T5700]  ? xfrm_state_fini+0x272/0x2f0
[   60.472279][ T5700]  handle_bug+0x84/0x160
[   60.473700][ T5700]  exc_invalid_op+0x1a/0x50
[   60.475190][ T5700]  asm_exc_invalid_op+0x1a/0x20
[   60.476787][ T5700] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[   60.478623][ T5700] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 48 5e 0c f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 36 2c ed f7 e8 91 4e aa f7 90 <0f> 0b 90 e9 fd fd ff ff e8 83 4e aa f7 90 0f 0b 90 e9 60 fe ff ff
[   60.484842][ T5700] RSP: 0018:ffffc90002dbf898 EFLAGS: 00010293
[   60.486832][ T5700] RAX: ffffffff8a15d99f RBX: ffff8880393a2440 RCX: ffff888021bc3980
[   60.489296][ T5700] RDX: 0000000000000000 RSI: ffffffff8db87667 RDI: ffff888021bc3980
[   60.491903][ T5700] RBP: ffffc90002dbf9b0 R08: ffffffff8fa1f6f7 R09: 1ffffffff1f43ede
[   60.494404][ T5700] R10: dffffc0000000000 R11: fffffbfff1f43edf R12: ffffffff8f6182e0
[   60.496886][ T5700] R13: 1ffff920005b7f40 R14: ffff8880393a38c0 R15: dffffc0000000000
[   60.499360][ T5700]  ? xfrm_state_fini+0x26f/0x2f0
[   60.500994][ T5700]  ? xfrm_state_fini+0x26f/0x2f0
[   60.502645][ T5700]  xfrm_net_exit+0x2d/0x70
[   60.504083][ T5700]  ops_undo_list+0x49a/0x990
[   60.505748][ T5700]  ? __pfx_ops_undo_list+0x10/0x10
[   60.507438][ T5700]  ? do_raw_spin_unlock+0x4d/0x240
[   60.509099][ T5700]  cleanup_net+0x4c5/0x800
[   60.510594][ T5700]  ? __pfx_cleanup_net+0x10/0x10
[   60.512232][ T5700]  ? _raw_spin_unlock_irq+0x23/0x50
[   60.513957][ T5700]  ? process_scheduled_works+0x9ef/0x17b0
[   60.515738][ T5700]  ? process_scheduled_works+0x9ef/0x17b0
[   60.517616][ T5700]  process_scheduled_works+0xae1/0x17b0
[   60.519392][ T5700]  ? __pfx_process_scheduled_works+0x10/0x10
[   60.521332][ T5700]  worker_thread+0x8a0/0xda0
[   60.522878][ T5700]  kthread+0x711/0x8a0
[   60.524231][ T5700]  ? __pfx_worker_thread+0x10/0x10
[   60.525901][ T5700]  ? __pfx_kthread+0x10/0x10
[   60.527376][ T5700]  ? _raw_spin_unlock_irq+0x23/0x50
[   60.529075][ T5700]  ? lockdep_hardirqs_on+0x9c/0x150
[   60.530796][ T5700]  ? __pfx_kthread+0x10/0x10
[   60.532346][ T5700]  ret_from_fork+0x3fc/0x770
[   60.533794][ T5700]  ? __pfx_ret_from_fork+0x10/0x10
[   60.535390][ T5700]  ? __switch_to_asm+0x39/0x70
[   60.536935][ T5700]  ? __switch_to_asm+0x33/0x70
[   60.538533][ T5700]  ? __pfx_kthread+0x10/0x10
[   60.539986][ T5700]  ret_from_fork_asm+0x1a/0x30
[   60.541580][ T5700]  </TASK>
[   60.543262][ T5700] Kernel Offset: disabled
[   60.544720][ T5700] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:49:52  Registers:
info registers vcpu 0

CPU#0
RAX=e2a10f1d10d5e400 RBX=ffffffff81976a18 RCX=e2a10f1d10d5e400 RDX=0000000000000001
RSI=ffffffff8d999894 RDI=ffffffff8be28d00 RBP=ffffffff8de07ea8 RSP=ffffffff8de07d80
R8 =ffff88804b032f5b R9 =1ffff110096065eb R10=dffffc0000000000 R11=ffffed10096065ec
R12=ffffffff8fa1f6f0 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a50
RIP=ffffffff8b6d24f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8623000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f131b2e7d60 CR3=000000000df38000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffff ff00000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=ffffffffffffffff ffffffffffffffff XMM03=ffffffffffffffff ffffffffffffffff
XMM04=00007f811c6ed100 00007f811bb87460 XMM05=00007f811bb87478 00007f811bb874c0
XMM06=00007f811bb874b8 00007f811bb874b0 XMM07=00007f811bb874a8 00007f811bb874a0
XMM08=0000000000000000 00007f811ba12eab XMM09=0000000000000000 00007f811ba12f89
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff33bec60 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=0000000000000000 RDI=0000000000000020 RBP=ffffffff99df6750 RSP=ffffc90002dbefd0
R8 =ffff8881084e8237 R9 =1ffff1102109d046 R10=dffffc0000000000 R11=ffffffff85464590
R12=dffffc0000000000 R13=0000000000000000 R14=ffffffff99df64c0 R15=0000000000000000
RIP=ffffffff85464607 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c23000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c33ac28 CR3=0000000027e40000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000ff 0000000000000000 XMM01=6f6c2f7261762f00 6469756e69676f6c
XMM02=0000ffffffffff00 0000000000000000 XMM03=0000000000000000 000000000000002f
XMM04=74772f676f6c2f72 61762f00706d7475 XMM05=3f3f3f3f3f3f3f3f 3f3f3f3f3f3f3f3f
XMM06=9999999999999999 9999999999999999 XMM07=2020202020202020 2020202020202020
XMM08=0020202000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
