last executing test programs:

1.120663724s ago: executing program 0 (id=1009):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x10, 0x6, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18020000040000000000000000000002180000000100008000000000060000003c2200f10000000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x1f00, 0x3}, 0x94)

1.01209883s ago: executing program 0 (id=1013):
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'bond0\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x8fdff, {0x0, 0x0, 0x0, r1, {0x0, 0xffed}, {0xf, 0xb}, {0xd, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8021}, 0x4008000)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000071401000000000000000000050060"], 0x18}}, 0x0)

1.011568545s ago: executing program 0 (id=1015):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x1, @local, 'ip_vti0\x00'}}, 0x1e)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xc3ff, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848010000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x4058880)

945.085631ms ago: executing program 0 (id=1017):
r0 = socket(0x23, 0x80002, 0x0)
bind$inet(r0, &(0x7f0000000300)={0x2, 0x4e21, @broadcast}, 0x10)

942.048311ms ago: executing program 0 (id=1019):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f00000005c0)='%pi6   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000800)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x0, 0xe, 0x48000000, &(0x7f0000000300)="40f0538ef047b21fb60068305500", 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

842.853671ms ago: executing program 0 (id=1025):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r3, &(0x7f0000000400)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x6e24, @empty}}, 0x24)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r4, &(0x7f0000000200)={@val={0xa}, @void, @eth={@multicast, @remote, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \x00', 0x10, 0x11, 0x0, @empty, @mcast2, {[], {0x4f14, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x1, 0x6, 0x100}}}}}}}}}, 0x4a)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="7800000018002507b9409b14e7ff0b7a0204be04020714056406040c5c0009003f0006160a0000000d0085a168d0bf46d32345653610648d270005000a06024e49935ade4a460c89b6ec0cff3959547f", 0x50, 0x40800, 0x0, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r5, &(0x7f0000000000)=@abs={0x1}, 0x6e)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000024c0), r7)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r7, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000002500)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r8, @ANYBLOB="a793255a000000dbbe251f0000000c0006000100000001800000"], 0x20}, 0x1, 0x0, 0x0, 0x20000080}, 0x40000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000400000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='qdisc_reset\x00', r9}, 0x18)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)="2e00000010008188040f80ec59acbc0413a1f848290000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x400c084)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000140)=r6)
listen(r3, 0x0)
r11 = accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x81800)
ioctl$SIOCX25SCAUSEDIAG(r11, 0x89ec, &(0x7f0000000040)={0x5, 0x3})
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r12=>0x0}, &(0x7f00000004c0)=0x27)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000040)=r12, 0x4)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000002010102000000000000000002000000240002800c000280040001003a00000014000180080001007f000001080002"], 0x44}}, 0x0)

272.880661ms ago: executing program 1 (id=1046):
unshare(0x22020400)
r0 = socket(0x2, 0x2, 0x1)
bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6e)

202.89877ms ago: executing program 1 (id=1048):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007112bb000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

202.723887ms ago: executing program 2 (id=1049):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000200000000000000fdffffff85000000bc000000850000005000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4de7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="c1f7f8462d4e1400542ce82df717", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

150.250103ms ago: executing program 1 (id=1050):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="170000005400e5012dbd7000ffffffff07"], 0x38}}, 0x40c8480)

150.054295ms ago: executing program 2 (id=1051):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x1c)

149.905998ms ago: executing program 1 (id=1052):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x64, r1, 0x1, 0xffffffff, 0x0, {0x37}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}]}, 0x64}}, 0x0)

68.917916ms ago: executing program 2 (id=1053):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0x1, 0x7)

68.588783ms ago: executing program 1 (id=1054):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x0, 0xe, 0x0, &(0x7f0000000680)="00882bd0269cd8209319417b6ca6", 0x0, 0x0, 0x0, 0xb9, 0x0, &(0x7f0000000a40)="d580a67cd67831c9f16041b021b29fb3183fff11edb3d73df0548a9ca5d9bdf23cadf9255b0689c039f35371fe0f709b536d0b0901193c19d3c0a1b38c7fd63ebb2b20d9ae7b403f05ca637e344c29200f863c642d3fb488450c0e4d4a8b5b529d647e44c68cd9758b79a36622ac8d49c011ec34f60ba673d8626fc1f1669b6a47a02a79eb6c8bb7d05007d6ed2467d7173a2f5207599a9d0c255ab64ea1bc8cd350db318477bbcb01c58945f1a0220f05349d8b024e5e8d65", 0x0}, 0x50)

67.481724ms ago: executing program 2 (id=1055):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000440)={0x2, 0xe20, @empty}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)

1.54995ms ago: executing program 2 (id=1056):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1d, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0xb5}, @exit], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x21700, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)

1.284265ms ago: executing program 1 (id=1057):
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000ffffffffffff", 0x58}], 0x1)

0s ago: executing program 2 (id=1058):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000180), 0x4)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:33490' (ED25519) to the list of known hosts.
syzkaller login: [   49.663045][ T5772] cgroup: Unknown subsys name 'net'
[   49.717974][ T5772] cgroup: Unknown subsys name 'cpuset'
[   49.721814][ T5772] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   51.101699][ T5772] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   56.469517][ T5876] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   56.540820][ T5875] chnl_net:caif_netlink_parms(): no params data found
[   56.728671][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.731459][ T5875] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.736573][ T5875] bridge_slave_0: entered allmulticast mode
[   56.739710][ T5875] bridge_slave_0: entered promiscuous mode
[   56.768734][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.771801][ T5875] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.774405][ T5875] bridge_slave_1: entered allmulticast mode
[   56.777147][ T5875] bridge_slave_1: entered promiscuous mode
[   56.805860][ T5875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.812283][ T5875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.848610][ T5875] team0: Port device team_slave_0 added
[   56.851872][ T5875] team0: Port device team_slave_1 added
[   56.898459][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.900803][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.909784][ T5875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.919512][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.921823][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.930405][ T5875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.955364][ T5875] hsr_slave_0: entered promiscuous mode
[   56.957772][ T5875] hsr_slave_1: entered promiscuous mode
[   57.041759][ T5875] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   57.047901][ T5875] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   57.051886][ T5875] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   57.056557][ T5875] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.072847][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.075365][ T5875] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.078097][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.080463][ T5875] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.109037][ T5875] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.117851][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.120732][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.130114][ T5875] 8021q: adding VLAN 0 to HW filter on device team0
[   57.136170][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.138564][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.146300][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.148709][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.232265][ T5875] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.275666][ T5875] veth0_vlan: entered promiscuous mode
[   57.283289][ T5875] veth1_vlan: entered promiscuous mode
[   57.300190][ T5875] veth0_macvtap: entered promiscuous mode
[   57.304912][ T5875] veth1_macvtap: entered promiscuous mode
[   57.313507][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.322150][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.330113][ T5877] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.334106][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.338295][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.341535][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.035647][ T5877] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.146410][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   58.149773][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   58.152434][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   58.155880][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   58.158567][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   58.217333][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   58.220874][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   58.224174][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   58.228320][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   58.231379][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   58.285926][ T5877] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.333980][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   58.337148][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   58.340064][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   58.343563][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   58.354843][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   58.362181][ T5877] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.428906][ T5877] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.587853][ T5918] chnl_net:caif_netlink_parms(): no params data found
[   58.621236][ T5921] chnl_net:caif_netlink_parms(): no params data found
[   58.721099][ T5918] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.724345][ T5918] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.727383][ T5918] bridge_slave_0: entered allmulticast mode
[   58.731109][ T5918] bridge_slave_0: entered promiscuous mode
[   58.735162][ T5918] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.737831][ T5918] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.740684][ T5918] bridge_slave_1: entered allmulticast mode
[   58.743335][ T5918] bridge_slave_1: entered promiscuous mode
[   58.795735][ T5921] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.798798][ T5921] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.801869][ T5921] bridge_slave_0: entered allmulticast mode
[   58.806352][ T5921] bridge_slave_0: entered promiscuous mode
[   58.825653][ T5921] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.828509][ T5921] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.831026][ T5921] bridge_slave_1: entered allmulticast mode
[   58.834489][ T5921] bridge_slave_1: entered promiscuous mode
[   58.849514][ T5918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.858196][ T5918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.861269][ T5923] chnl_net:caif_netlink_parms(): no params data found
[   58.896691][ T5921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.923188][ T5921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.935799][ T5918] team0: Port device team_slave_0 added
[   58.952188][ T5918] team0: Port device team_slave_1 added
[   59.001713][ T5921] team0: Port device team_slave_0 added
[   59.018333][ T5921] team0: Port device team_slave_1 added
[   59.021075][ T5923] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.024146][ T5923] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.026768][ T5923] bridge_slave_0: entered allmulticast mode
[   59.030100][ T5923] bridge_slave_0: entered promiscuous mode
[   59.033587][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.036481][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.046655][ T5918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.077836][ T5923] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.080779][ T5923] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.084671][ T5923] bridge_slave_1: entered allmulticast mode
[   59.088451][ T5923] bridge_slave_1: entered promiscuous mode
[   59.092261][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.097638][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.108516][ T5918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.114698][ T5921] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.117588][ T5921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.129559][ T5921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.156828][ T5921] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.159156][ T5921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.168721][ T5921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.178806][ T5923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.195021][ T5923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.258201][ T5923] team0: Port device team_slave_0 added
[   59.263393][ T5918] hsr_slave_0: entered promiscuous mode
[   59.266931][ T5918] hsr_slave_1: entered promiscuous mode
[   59.270001][ T5918] debugfs: 'hsr0' already exists in 'hsr'
[   59.272076][ T5918] Cannot create hsr debugfs directory
[   59.290091][ T5921] hsr_slave_0: entered promiscuous mode
[   59.292913][ T5921] hsr_slave_1: entered promiscuous mode
[   59.295634][ T5921] debugfs: 'hsr0' already exists in 'hsr'
[   59.297618][ T5921] Cannot create hsr debugfs directory
[   59.317290][ T5923] team0: Port device team_slave_1 added
[   59.399127][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.401698][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.412324][ T5923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.419117][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.421834][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.431420][ T5923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.512894][ T5923] hsr_slave_0: entered promiscuous mode
[   59.515614][ T5923] hsr_slave_1: entered promiscuous mode
[   59.518308][ T5923] debugfs: 'hsr0' already exists in 'hsr'
[   59.520433][ T5923] Cannot create hsr debugfs directory
[   60.224644][ T5237] Bluetooth: hci0: command tx timeout
[   60.303980][ T5237] Bluetooth: hci1: command tx timeout
[   60.384229][ T5237] Bluetooth: hci2: command tx timeout
[   60.908655][ T5877] bridge_slave_1: left allmulticast mode
[   60.911940][ T5877] bridge_slave_1: left promiscuous mode
[   60.915008][ T5877] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.926273][ T5877] bridge_slave_0: left allmulticast mode
[   60.928321][ T5877] bridge_slave_0: left promiscuous mode
[   60.930254][ T5877] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.123170][ T5877] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   61.130488][ T5877] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   61.135858][ T5877] bond0 (unregistering): Released all slaves
[   61.242637][ T5877] hsr_slave_0: left promiscuous mode
[   61.247419][ T5877] hsr_slave_1: left promiscuous mode
[   61.250615][ T5877] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   61.253096][ T5877] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.259187][ T5877] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   61.261629][ T5877] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.272647][ T5877] veth1_macvtap: left promiscuous mode
[   61.277974][ T5877] veth0_macvtap: left promiscuous mode
[   61.280420][ T5877] veth1_vlan: left promiscuous mode
[   61.282755][ T5877] veth0_vlan: left promiscuous mode
[   61.592107][ T5877] team0 (unregistering): Port device team_slave_1 removed
[   61.618247][ T5877] team0 (unregistering): Port device team_slave_0 removed
[   61.994830][ T5918] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   62.015555][ T5918] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   62.026773][ T5918] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   62.040494][ T5918] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   62.063467][ T5921] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   62.105080][ T5921] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   62.117167][ T5921] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   62.135575][ T5921] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   62.258761][ T5923] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   62.265215][ T5923] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   62.278571][ T5923] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   62.289729][ T5923] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   62.304183][ T5237] Bluetooth: hci0: command tx timeout
[   62.335983][ T5918] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.360286][ T5918] 8021q: adding VLAN 0 to HW filter on device team0
[   62.377147][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.380144][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.384704][ T5237] Bluetooth: hci1: command tx timeout
[   62.391564][ T5921] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.410973][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.414017][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.433538][ T5921] 8021q: adding VLAN 0 to HW filter on device team0
[   62.456066][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.459132][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.465971][ T5237] Bluetooth: hci2: command tx timeout
[   62.497142][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.500085][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.537648][ T5923] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.571959][ T5923] 8021q: adding VLAN 0 to HW filter on device team0
[   62.585691][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.588542][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.612981][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.616195][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.658568][ T5918] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.672971][ T5923] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   62.679789][ T5923] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   62.767104][ T5918] veth0_vlan: entered promiscuous mode
[   62.780905][ T5918] veth1_vlan: entered promiscuous mode
[   62.792171][ T5921] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.828903][ T5918] veth0_macvtap: entered promiscuous mode
[   62.837788][ T5918] veth1_macvtap: entered promiscuous mode
[   62.873674][ T5923] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.884587][ T5921] veth0_vlan: entered promiscuous mode
[   62.901224][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.911760][ T5921] veth1_vlan: entered promiscuous mode
[   62.920529][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.937067][ T5909] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.952726][ T5909] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.956923][ T5909] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.959827][ T5909] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.964350][ T5923] veth0_vlan: entered promiscuous mode
[   62.982146][ T5923] veth1_vlan: entered promiscuous mode
[   62.990657][ T5921] veth0_macvtap: entered promiscuous mode
[   63.000131][ T5921] veth1_macvtap: entered promiscuous mode
[   63.026352][ T5921] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.053172][ T5923] veth0_macvtap: entered promiscuous mode
[   63.058567][ T5921] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.062713][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.070740][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.072655][ T5923] veth1_macvtap: entered promiscuous mode
[   63.090093][ T5909] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.116574][ T5909] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.120280][ T5909] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.133914][ T5909] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.139150][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.142392][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.144243][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.172445][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.197230][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.201266][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.224415][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.228142][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.250667][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.256737][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.317924][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.320958][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.353343][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.357783][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.368689][ T6001] syz.0.33 uses obsolete (PF_INET,SOCK_PACKET)
[   63.409439][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.412612][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.545979][ T6008] netlink: 36 bytes leftover after parsing attributes in process `syz.1.34'.
[   63.549673][ T6008] netlink: 5 bytes leftover after parsing attributes in process `syz.1.34'.
[   63.553350][ T6008] netlink: 5 bytes leftover after parsing attributes in process `syz.1.34'.
[   63.781643][ T6023] tipc: Started in network mode
[   63.800351][ T6023] tipc: Node identity ba24218a13ad, cluster identity 4711
[   63.804538][ T6023] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   63.817270][ T6023] syzkaller0: entered promiscuous mode
[   63.819498][ T6023] syzkaller0: entered allmulticast mode
[   63.852767][ T6023] tipc: Resetting bearer <eth:syzkaller0>
[   63.861105][ T6022] tipc: Resetting bearer <eth:syzkaller0>
[   63.878200][ T6022] tipc: Disabling bearer <eth:syzkaller0>
[   64.182228][ T6051] pim6reg1: entered promiscuous mode
[   64.192242][ T6051] pim6reg1: entered allmulticast mode
[   64.385285][ T5237] Bluetooth: hci0: command tx timeout
[   64.465399][ T5237] Bluetooth: hci1: command tx timeout
[   64.544226][ T5237] Bluetooth: hci2: command tx timeout
[   64.606882][ T6079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.66'.
[   65.408945][ T6086] netlink: 508 bytes leftover after parsing attributes in process `syz.0.69'.
[   66.467164][ T5237] Bluetooth: hci0: command tx timeout
[   66.544475][ T5237] Bluetooth: hci1: command tx timeout
[   66.567043][ T6159] netlink: 'syz.0.94': attribute type 2 has an invalid length.
[   66.624579][ T5237] Bluetooth: hci2: command tx timeout
[   66.651016][ T6169] netlink: 'syz.1.100': attribute type 26 has an invalid length.
[   66.724373][ T6177] netlink: 4 bytes leftover after parsing attributes in process `syz.0.104'.
[   66.791445][ T6181] sit0: entered promiscuous mode
[   66.797061][ T6181] netlink: 'syz.0.106': attribute type 1 has an invalid length.
[   66.800426][ T6181] netlink: 1 bytes leftover after parsing attributes in process `syz.0.106'.
[   67.541571][ T6227] raw_sendmsg: syz.0.126 forgot to set AF_INET. Fix it!
[   67.603670][ T6231] netlink: 'syz.2.128': attribute type 12 has an invalid length.
[   67.636485][ T6233] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   67.640192][ T6233] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   67.721856][ T6238] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   67.762617][ T6233] syz.1.130 (6233) used greatest stack depth: 19960 bytes left
[   67.786875][ T6242] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   67.859614][ T6244] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.134'.
[   67.877015][ T6244] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   68.118140][ T6264] netlink: 'syz.2.143': attribute type 1 has an invalid length.
[   68.183031][ T6264] vlan2: entered allmulticast mode
[   68.188592][ T6264] veth1: entered allmulticast mode
[   68.707290][ T6282] Zero length message leads to an empty skb
[   68.833511][ T6290] veth0_to_bond: entered promiscuous mode
[   69.112176][ T6315] netlink: 76 bytes leftover after parsing attributes in process `syz.1.167'.
[   69.118049][ T6315] netlink: 12 bytes leftover after parsing attributes in process `syz.1.167'.
[   69.122277][ T6316] netlink: 'syz.2.166': attribute type 10 has an invalid length.
[   69.131012][ T6315] netlink: 40 bytes leftover after parsing attributes in process `syz.1.167'.
[   69.135137][ T6316] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[   69.270439][ T6323] IPVS: Scheduler module ip_vs_sip not found
[   69.287521][ T6329] netlink: 20 bytes leftover after parsing attributes in process `syz.2.173'.
[   69.292834][ T6329] block nbd0: not configured, cannot reconfigure
[   69.418570][ T6336] netlink: 'syz.2.176': attribute type 83 has an invalid length.
[   69.583256][ T6350] netlink: 8 bytes leftover after parsing attributes in process `syz.2.183'.
[   70.338253][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.187'.
[   70.352840][ T6361] netlink: 12 bytes leftover after parsing attributes in process `syz.2.187'.
[   70.387710][ T6361] netlink: 3 bytes leftover after parsing attributes in process `syz.2.187'.
[   70.392538][ T6367] netlink: 24 bytes leftover after parsing attributes in process `syz.0.191'.
[   70.405638][ T6367] netlink: 'syz.0.191': attribute type 1 has an invalid length.
[   70.408761][ T6367] netlink: 28 bytes leftover after parsing attributes in process `syz.0.191'.
[   70.902569][ T6393] syzkaller1: entered promiscuous mode
[   70.908569][ T6393] syzkaller1: entered allmulticast mode
[   71.199063][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.201996][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   72.299129][ T6444] tipc: New replicast peer: 0.0.0.0
[   72.302335][ T6444] tipc: Enabled bearer <udp:syz2>, priority 10
[   72.317196][ T6444] tipc: New replicast peer: 255.255.255.255
[   73.223302][ T6445] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   73.295536][   T24] tipc: Node number set to 2844336522
[   73.643338][ T6481] macvlan2: entered allmulticast mode
[   73.645878][ T6481] veth1_vlan: entered allmulticast mode
[   73.650343][ T6481] veth1_vlan: left allmulticast mode
[   75.184567][ T6539] Bluetooth: MGMT ver 1.23
[   75.240570][ T6540] af_packet: tpacket_rcv: packet too big, clamped from 64989 to 3952. macoff=96
[   75.370173][ T6549] netlink: 'syz.0.272': attribute type 1 has an invalid length.
[   75.381079][ T6549] netlink: 76 bytes leftover after parsing attributes in process `syz.0.272'.
[   76.429229][ T6620] netlink: 104 bytes leftover after parsing attributes in process `syz.2.305'.
[   76.690256][ T6627] warning: `syz.2.308' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   76.846296][ T6634] netlink: 'syz.0.310': attribute type 21 has an invalid length.
[   76.852091][ T6634] netlink: 132 bytes leftover after parsing attributes in process `syz.0.310'.
[   77.264161][ T5237] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   77.267808][ T5237] Bluetooth: hci0: command 0x0c1a tx timeout
[   77.312474][ T6645] netlink: 'syz.0.315': attribute type 83 has an invalid length.
[   77.435749][ T6647] netlink: 'syz.0.316': attribute type 1 has an invalid length.
[   77.927086][ T6672] tipc: Started in network mode
[   77.929407][ T6672] tipc: Node identity 1e490a6c6a22, cluster identity 4711
[   77.940246][ T6672] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.946501][ T6672] syzkaller0: entered promiscuous mode
[   77.948359][ T6672] syzkaller0: entered allmulticast mode
[   77.964749][ T6672] tipc: Resetting bearer <eth:syzkaller0>
[   77.970125][ T6671] tipc: Resetting bearer <eth:syzkaller0>
[   77.996440][ T6671] tipc: Disabling bearer <eth:syzkaller0>
[   78.015107][ T6678] netlink: 1 bytes leftover after parsing attributes in process `syz.1.329'.
[   78.113454][ T6683] sctp: [Deprecated]: syz.0.332 (pid 6683) Use of int in maxseg socket option.
[   78.113454][ T6683] Use struct sctp_assoc_value instead
[   78.153204][ T6689] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   78.298253][ T6708] netlink: 'syz.2.343': attribute type 1 has an invalid length.
[   78.800053][ T6754] ieee802154 phy0 wpan0: encryption failed: -90
[   79.435314][ T6798] netlink: 16 bytes leftover after parsing attributes in process `syz.2.382'.
[   79.556011][ T6815] trusted_key: syz.0.388 sent an empty control message without MSG_MORE.
[   79.610441][ T6821] netlink: 40 bytes leftover after parsing attributes in process `syz.1.391'.
[   79.718477][ T6832] dvmrp1: tun_chr_ioctl cmd 1074025677
[   79.720947][ T6832] dvmrp1: linktype set to 805
[   80.310299][ T6869] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   80.700794][ T6883] netlink: 'syz.2.417': attribute type 1 has an invalid length.
[   80.709280][ T6883] netlink: 24 bytes leftover after parsing attributes in process `syz.2.417'.
[   81.177161][ T6929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.440'.
[   81.435784][   T10] cfg80211: failed to load regulatory.db
[   81.946640][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.950823][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.954044][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.957568][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.961031][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.968220][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.971656][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.978586][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   81.981840][ T6981] netlink: 'syz.1.464': attribute type 29 has an invalid length.
[   82.042367][ T6990] netlink: 12 bytes leftover after parsing attributes in process `syz.0.469'.
[   82.829327][ T7028] veth1_to_bond: entered allmulticast mode
[   82.833261][ T7028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.485'.
[   82.991178][ T7028] bond0: (slave bond_slave_1): Releasing backup interface
[   83.025862][ T7028] veth1_to_bond (unregistering): left allmulticast mode
[   83.029016][ T7030] netlink: 56 bytes leftover after parsing attributes in process `syz.2.486'.
[   83.221155][ T7042] tipc: Can't bind to reserved service type 1
[   83.290433][ T7044] netlink: 8 bytes leftover after parsing attributes in process `syz.1.493'.
[   83.300609][ T7044] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   83.567145][ T7058] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.570318][ T7058] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.726834][ T7058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   83.746259][ T7058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   83.912711][   T13] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.925327][   T13] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.929105][   T13] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.932994][   T13] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.270841][ T7107] netlink: 280 bytes leftover after parsing attributes in process `syz.0.523'.
[   84.427143][ T7121] erspan0: entered promiscuous mode
[   84.432709][ T7121] netlink: 8 bytes leftover after parsing attributes in process `syz.2.530'.
[   84.532550][ T7129] netlink: 20 bytes leftover after parsing attributes in process `syz.2.534'.
[   84.702769][ T7142] netlink: 159784 bytes leftover after parsing attributes in process `syz.0.538'.
[   84.973572][ T7161] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[   84.997689][ T7161] sit0: left promiscuous mode
[   85.050874][ T7161] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   85.093902][ T7161] syz.0.547 (7161) used greatest stack depth: 19832 bytes left
[   86.321160][ T7270] validate_nla: 20 callbacks suppressed
[   86.321174][ T7270] netlink: 'syz.1.593': attribute type 13 has an invalid length.
[   86.339065][ T7270] netlink: 'syz.1.593': attribute type 17 has an invalid length.
[   86.403208][ T7270] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.408548][ T7270] 8021q: adding VLAN 0 to HW filter on device team0
[   86.418923][ T7270] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   86.491406][ T7282] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[   86.657406][ T7265] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   86.939944][ T7312] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   86.946257][ T7312] syzkaller0: entered promiscuous mode
[   86.948350][ T7312] syzkaller0: entered allmulticast mode
[   86.970575][ T7312] tipc: Resetting bearer <eth:syzkaller0>
[   86.975743][ T7311] tipc: Resetting bearer <eth:syzkaller0>
[   86.984705][ T7311] tipc: Disabling bearer <eth:syzkaller0>
[   87.047212][ T7320] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   87.051675][ T7320] macsec1: entered allmulticast mode
[   87.057616][ T7320] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[   87.246600][ T7337] __nla_validate_parse: 3 callbacks suppressed
[   87.246613][ T7337] netlink: 20 bytes leftover after parsing attributes in process `syz.0.622'.
[   87.326077][ T7343] netlink: 172 bytes leftover after parsing attributes in process `syz.2.625'.
[   87.407485][ T7349] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.411359][ T7349] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.422039][ T7349] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   87.449059][ T7351] netlink: 32 bytes leftover after parsing attributes in process `syz.1.630'.
[   87.605678][ T7365] netlink: 'syz.1.634': attribute type 10 has an invalid length.
[   87.617793][ T7365] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   87.627212][ T7365] netlink: 4 bytes leftover after parsing attributes in process `syz.1.634'.
[   87.630843][ T7365] bridge_slave_1: left allmulticast mode
[   87.633153][ T7365] bridge_slave_1: left promiscuous mode
[   87.636025][ T7365] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.646155][ T7365] bridge_slave_0: left allmulticast mode
[   87.648482][ T7365] bridge_slave_0: left promiscuous mode
[   87.651782][ T7365] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.673566][ T7365] bond0: (slave bridge0): Releasing backup interface
[   88.067393][ T7390] netlink: 20 bytes leftover after parsing attributes in process `syz.0.645'.
[   88.073455][ T7390] vlan0: entered promiscuous mode
[   88.075707][ T7390] gretap0: entered promiscuous mode
[   88.316585][ T7402] netlink: 830 bytes leftover after parsing attributes in process `syz.0.650'.
[   88.406518][ T7410] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   88.729342][ T7432] netlink: 4 bytes leftover after parsing attributes in process `syz.1.664'.
[   88.812359][ T7435] netlink: 204 bytes leftover after parsing attributes in process `syz.1.665'.
[   89.357472][ T7461] netlink: 'syz.1.677': attribute type 13 has an invalid length.
[   89.360464][ T7461] netlink: 'syz.1.677': attribute type 17 has an invalid length.
[   89.367090][ T7461] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   89.581479][ T7474] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[   89.586186][   T54] Bluetooth: hci2: command 0x0405 tx timeout
[   89.605513][ T7471] IPVS: stopping backup sync thread 7474 ...
[   89.626622][ T7471] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'.
[   90.238077][ T7513] bridge_slave_0: left allmulticast mode
[   90.240653][ T7513] bridge_slave_0: left promiscuous mode
[   90.243306][ T7513] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.289443][ T7514] netlink: 24 bytes leftover after parsing attributes in process `syz.2.697'.
[   90.296159][ T7513] bridge_slave_1: left allmulticast mode
[   90.298753][ T7513] bridge_slave_1: left promiscuous mode
[   90.301237][ T7513] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.389253][ T7513] bond0: (slave bond_slave_0): Releasing backup interface
[   90.723317][ T7513] bond0: (slave bond_slave_1): Releasing backup interface
[   90.738750][ T7513] team0: Failed to send options change via netlink (err -105)
[   90.742538][ T7513] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[   90.751035][ T7513] team0: Port device team_slave_0 removed
[   90.756770][ T7513] team0: Failed to send options change via netlink (err -105)
[   90.760031][ T7513] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[   90.763596][ T7513] team0: Port device team_slave_1 removed
[   90.767666][ T7513] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.770468][ T7513] batman_adv: batadv0: Removing interface: batadv_slave_0
[   90.774941][ T7513] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.777985][ T7513] batman_adv: batadv0: Removing interface: batadv_slave_1
[   90.781861][ T7513] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   90.798669][ T7514] team0: Failed to send options change via netlink (err -105)
[   90.802021][ T7514] team0: Mode changed to "loadbalance"
[   91.014693][ T7536] netlink: 'syz.2.705': attribute type 13 has an invalid length.
[   91.017994][ T7536] netlink: 'syz.2.705': attribute type 17 has an invalid length.
[   91.033304][ T7536] erspan0: left promiscuous mode
[   91.051550][  T793] IPVS: starting estimator thread 0...
[   91.075521][ T7536] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   91.143853][ T7539] IPVS: using max 82 ests per chain, 196800 per kthread
[   91.175704][ T7543] netlink: 'syz.0.710': attribute type 1 has an invalid length.
[   91.179842][ T7543] netlink: 'syz.0.710': attribute type 2 has an invalid length.
[   91.413472][ T7551] netlink: 'syz.2.713': attribute type 1 has an invalid length.
[   91.418037][ T7551] netlink: 'syz.2.713': attribute type 1 has an invalid length.
[   91.503917][ T7555] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   91.538547][ T7555] Illegal XDP return value 16128 on prog  (id 119) dev syz_tun, expect packet loss!
[   91.696295][ T7564] pim6reg: entered allmulticast mode
[   91.701429][ T7563] pim6reg: left allmulticast mode
[   91.993018][ T7573] team0: Device macvtap1 is already an upper device of the team interface
[   92.143878][   T54] Bluetooth: hci2: command 0x0405 tx timeout
[   92.742368][ T7593] __nla_validate_parse: 1 callbacks suppressed
[   92.742383][ T7593] netlink: 20 bytes leftover after parsing attributes in process `syz.2.731'.
[   93.001084][ T7609] netlink: 116 bytes leftover after parsing attributes in process `syz.1.738'.
[   93.573494][ T7648] netlink: 20 bytes leftover after parsing attributes in process `syz.0.757'.
[   93.582852][ T7648] batadv0: entered promiscuous mode
[   93.588021][ T7648] 8021q: adding VLAN 0 to HW filter on device macvlan0
[   93.592657][ T7648] batadv0: left promiscuous mode
[   93.777371][ T7666] netlink: 'syz.1.766': attribute type 11 has an invalid length.
[   94.142151][ T7705] netlink: 'syz.0.779': attribute type 13 has an invalid length.
[   94.148798][ T7705] netlink: 'syz.0.779': attribute type 17 has an invalid length.
[   94.199816][ T7705] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   94.303555][ T7718] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[   94.933889][ T7751] netlink: 16 bytes leftover after parsing attributes in process `syz.0.800'.
[   95.286488][ T7776] netlink: 'syz.0.812': attribute type 1 has an invalid length.
[   95.292780][ T7778] netlink: 8 bytes leftover after parsing attributes in process `syz.2.813'.
[   95.296838][ T7778] netlink: 4 bytes leftover after parsing attributes in process `syz.2.813'.
[   95.300481][ T7778] netlink: 'syz.2.813': attribute type 1 has an invalid length.
[   95.306025][ T7778] netlink: 10 bytes leftover after parsing attributes in process `syz.2.813'.
[   95.344741][ T7778] nbd: socks must be embedded in a SOCK_ITEM attr
[   95.347737][ T7778] block nbd0: shutting down sockets
[   95.776063][ T7799] netlink: 24 bytes leftover after parsing attributes in process `syz.2.821'.
[   96.043192][ T7813] xt_l2tp: missing protocol rule (udp|l2tpip)
[   96.376631][ T7846] netlink: 68 bytes leftover after parsing attributes in process `syz.1.843'.
[   96.607839][ T7872] netlink: 'syz.1.854': attribute type 12 has an invalid length.
[   96.675999][ T7876] netlink: 24 bytes leftover after parsing attributes in process `syz.0.858'.
[   97.484146][ T7904] netlink: 'syz.1.869': attribute type 13 has an invalid length.
[   97.487447][ T7904] netlink: 'syz.1.869': attribute type 17 has an invalid length.
[   97.494548][ T7904] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   97.940530][ T7933] netlink: 144 bytes leftover after parsing attributes in process `syz.1.882'.
[   98.289126][ T7971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.903'.
[   98.291856][ T7971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.903'.
[   98.295735][ T7973] IPv6: NLM_F_CREATE should be specified when creating new route
[   98.303827][ T7971] netlink: 124 bytes leftover after parsing attributes in process `syz.2.903'.
[   98.388602][ T7978] tipc: Started in network mode
[   98.390713][ T7978] tipc: Node identity b6feb1eb2375, cluster identity 4711
[   98.395938][ T7978] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   98.401104][ T7981] syzkaller0: entered promiscuous mode
[   98.403511][ T7981] syzkaller0: entered allmulticast mode
[   98.407476][ T7978] syzkaller0: entered promiscuous mode
[   98.409405][ T7978] syzkaller0: entered allmulticast mode
[   98.415389][ T7978] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[   98.488183][ T7978] tipc: Resetting bearer <eth:syzkaller0>
[   98.492622][ T7975] tipc: Resetting bearer <eth:syzkaller0>
[   98.512787][ T7975] tipc: Disabling bearer <eth:syzkaller0>
[   98.799423][ T8012] netlink: 'syz.2.919': attribute type 19 has an invalid length.
[   98.811788][ T8012] netlink: 4 bytes leftover after parsing attributes in process `syz.2.919'.
[   98.848656][ T5946] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   98.855983][ T8012] netlink: 'syz.2.919': attribute type 19 has an invalid length.
[   98.857391][ T5946] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   98.862929][ T8012] netlink: 4 bytes leftover after parsing attributes in process `syz.2.919'.
[   98.871681][ T5946] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   98.887931][ T5946] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   99.189769][ T8045] syz_tun: entered promiscuous mode
[   99.269344][ T8052] delete_channel: no stack
[   99.576758][ T8077] netlink: 'syz.0.948': attribute type 10 has an invalid length.
[   99.580236][ T8077] netlink: 2 bytes leftover after parsing attributes in process `syz.0.948'.
[   99.582988][ T8077] team0: entered promiscuous mode
[   99.585842][ T8077] team_slave_0: entered promiscuous mode
[   99.588155][ T8077] team_slave_1: entered promiscuous mode
[   99.590531][ T8077] bridge0: port 3(team0) entered blocking state
[   99.593328][ T8077] bridge0: port 3(team0) entered disabled state
[   99.597000][ T8077] team0: entered allmulticast mode
[   99.599229][ T8077] team_slave_0: entered allmulticast mode
[   99.606813][ T8077] team_slave_1: entered allmulticast mode
[   99.617109][ T8077] bridge0: port 3(team0) entered blocking state
[   99.620095][ T8077] bridge0: port 3(team0) entered forwarding state
[   99.679309][ T8085] netlink: 16 bytes leftover after parsing attributes in process `syz.1.954'.
[   99.683128][ T8085] netlink: 16 bytes leftover after parsing attributes in process `syz.1.954'.
[   99.687780][ T8085] netlink: 40 bytes leftover after parsing attributes in process `syz.1.954'.
[   99.830498][ T8096] netlink: 'syz.0.958': attribute type 64 has an invalid length.
[  100.873681][ T8172] syz.0.990 (8172) used greatest stack depth: 18968 bytes left
[  101.078084][ T8180] netlink: 'syz.0.994': attribute type 10 has an invalid length.
[  101.092359][ T8180] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  101.727564][ T8212] netlink: 'syz.2.1010': attribute type 5 has an invalid length.
[  101.820237][ T8223] netlink: 'syz.0.1015': attribute type 10 has an invalid length.
[  101.836409][ T8223] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  102.017216][ T8247] netlink: 'syz.2.1026': attribute type 4 has an invalid length.
[  102.067586][ T8250] netlink: 'syz.0.1025': attribute type 10 has an invalid length.
[  102.070659][ T8250] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.077970][ T8250] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.090688][ T8250] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  102.101355][ T8250] netlink: 'syz.0.1025': attribute type 1 has an invalid length.
[  102.388230][ T8276] syzkaller1: entered promiscuous mode
[  102.390887][ T8276] syzkaller1: entered allmulticast mode
Connection to localhost closed by remote host.
[  102.955299][ T8320] __nla_validate_parse: 6 callbacks suppressed
[  102.955311][ T8320] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1061'.
[  103.237966][ T5946] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.242273][ T5946] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.333996][ T5946] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.338260][ T5946] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.415318][ T5946] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.419471][ T5946] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.488486][ T5946] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  103.504801][ T5946] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.508913][ T5946] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.017483][ T5946] bond0 (unregistering): Released all slaves
[  104.108188][ T5946] tipc: Disabling bearer <udp:syz2>
[  104.114085][ T5946] tipc: Left network mode
[  104.406203][ T5946] hsr_slave_0: left promiscuous mode
[  104.409154][ T5946] hsr_slave_1: left promiscuous mode
[  104.422695][ T5946] veth1_macvtap: left promiscuous mode
[  104.425184][ T5946] veth0_macvtap: left promiscuous mode
[  104.428377][ T5946] veth1_vlan: left promiscuous mode
[  104.430640][ T5946] veth0_vlan: left promiscuous mode
[  105.813579][ T5946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  105.818748][ T5946] bond0 (unregistering): Released all slaves
[  105.890141][ T5946] tipc: Left network mode
[  106.083419][ T5946] hsr_slave_0: left promiscuous mode
[  106.086452][ T5946] hsr_slave_1: left promiscuous mode
[  106.090227][ T5946] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.093364][ T5946] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.372315][ T5946] team0 (unregistering): Port device team_slave_1 removed
[  106.399263][ T5946] team0 (unregistering): Port device team_slave_0 removed
[  106.829777][ T5946] ------------[ cut here ]------------
[  106.832158][ T5946] WARNING: CPU: 0 PID: 5946 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x26d/0x2f0
[  106.836227][ T5946] Modules linked in:
[  106.838118][ T5946] CPU: 0 UID: 0 PID: 5946 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) 
[  106.842603][ T5946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  106.846905][ T5946] Workqueue: netns cleanup_net
[  106.848898][ T5946] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  106.851311][ T5946] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 7b 3d 00 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 39 f8 e0 f7 e8 84 c9 9c f7 90 <0f> 0b 90 e9 fd fd ff ff e8 76 c9 9c f7 90 0f 0b 90 e9 60 fe ff ff
[  106.859301][ T5946] RSP: 0018:ffffc90002f7f898 EFLAGS: 00010293
[  106.861896][ T5946] RAX: ffffffff8a22e4cc RBX: ffff88811d96a440 RCX: ffff8880221d1cc0
[  106.865363][ T5946] RDX: 0000000000000000 RSI: ffffffff8dba8f87 RDI: ffff8880221d1cc0
[  106.868713][ T5946] RBP: ffffc90002f7f9b0 R08: ffffffff8fa39037 R09: 1ffffffff1f47206
[  106.872381][ T5946] R10: dffffc0000000000 R11: fffffbfff1f47207 R12: ffffffff8f632340
[  106.876191][ T5946] R13: 1ffff920005eff40 R14: ffff88811d96b8c0 R15: dffffc0000000000
[  106.879436][ T5946] FS:  0000000000000000(0000) GS:ffff8880b8614000(0000) knlGS:0000000000000000
[  106.883033][ T5946] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  106.885761][ T5946] CR2: 000055d852e99000 CR3: 0000000027054000 CR4: 00000000000006f0
[  106.888912][ T5946] Call Trace:
[  106.890316][ T5946]  <TASK>
[  106.891545][ T5946]  xfrm_net_exit+0x2d/0x70
[  106.893405][ T5946]  ops_undo_list+0x49a/0x990
[  106.895443][ T5946]  ? __pfx_ops_undo_list+0x10/0x10
[  106.897607][ T5946]  ? do_raw_spin_unlock+0x4d/0x240
[  106.899800][ T5946]  cleanup_net+0x4c5/0x800
[  106.901653][ T5946]  ? __pfx_cleanup_net+0x10/0x10
[  106.903808][ T5946]  ? _raw_spin_unlock_irq+0x23/0x50
[  106.905938][ T5946]  ? process_scheduled_works+0x9ef/0x17b0
[  106.908298][ T5946]  ? process_scheduled_works+0x9ef/0x17b0
[  106.910737][ T5946]  process_scheduled_works+0xae1/0x17b0
[  106.913123][ T5946]  ? __pfx_process_scheduled_works+0x10/0x10
[  106.915771][ T5946]  worker_thread+0x8a0/0xda0
[  106.917604][ T5946]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  106.920466][ T5946]  ? __kthread_parkme+0x7b/0x200
[  106.922551][ T5946]  kthread+0x711/0x8a0
[  106.924454][ T5946]  ? __pfx_worker_thread+0x10/0x10
[  106.926660][ T5946]  ? __pfx_kthread+0x10/0x10
[  106.928667][ T5946]  ? _raw_spin_unlock_irq+0x23/0x50
[  106.930828][ T5946]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.932999][ T5946]  ? __pfx_kthread+0x10/0x10
[  106.934966][ T5946]  ret_from_fork+0x3fc/0x770
[  106.936811][ T5946]  ? __pfx_ret_from_fork+0x10/0x10
[  106.938932][ T5946]  ? __switch_to_asm+0x39/0x70
[  106.940898][ T5946]  ? __switch_to_asm+0x33/0x70
[  106.942808][ T5946]  ? __pfx_kthread+0x10/0x10
[  106.944937][ T5946]  ret_from_fork_asm+0x1a/0x30
[  106.947043][ T5946]  </TASK>
[  106.948361][ T5946] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  106.951266][ T5946] CPU: 0 UID: 0 PID: 5946 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) 
[  106.955144][ T5946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  106.959187][ T5946] Workqueue: netns cleanup_net
[  106.961178][ T5946] Call Trace:
[  106.962376][ T5946]  <TASK>
[  106.963423][ T5946]  dump_stack_lvl+0x99/0x250
[  106.965295][ T5946]  ? __asan_memcpy+0x40/0x70
[  106.967277][ T5946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.969439][ T5946]  ? __pfx__printk+0x10/0x10
[  106.971421][ T5946]  vpanic+0x281/0x750
[  106.973122][ T5946]  ? __pfx__printk+0x10/0x10
[  106.975058][ T5946]  ? __pfx_vpanic+0x10/0x10
[  106.977026][ T5946]  ? is_bpf_text_address+0x292/0x2b0
[  106.979287][ T5946]  panic+0xb9/0xc0
[  106.980898][ T5946]  ? __pfx_panic+0x10/0x10
[  106.982779][ T5946]  __warn+0x31b/0x4b0
[  106.984496][ T5946]  ? xfrm_state_fini+0x26d/0x2f0
[  106.986580][ T5946]  ? xfrm_state_fini+0x26d/0x2f0
[  106.988727][ T5946]  report_bug+0x2be/0x4f0
[  106.990590][ T5946]  ? xfrm_state_fini+0x26d/0x2f0
[  106.992726][ T5946]  ? xfrm_state_fini+0x26d/0x2f0
[  106.994860][ T5946]  ? xfrm_state_fini+0x26f/0x2f0
[  106.997007][ T5946]  handle_bug+0x84/0x160
[  106.998834][ T5946]  exc_invalid_op+0x1a/0x50
[  107.000709][ T5946]  asm_exc_invalid_op+0x1a/0x20
[  107.002786][ T5946] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  107.005149][ T5946] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 7b 3d 00 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 39 f8 e0 f7 e8 84 c9 9c f7 90 <0f> 0b 90 e9 fd fd ff ff e8 76 c9 9c f7 90 0f 0b 90 e9 60 fe ff ff
[  107.013179][ T5946] RSP: 0018:ffffc90002f7f898 EFLAGS: 00010293
[  107.015664][ T5946] RAX: ffffffff8a22e4cc RBX: ffff88811d96a440 RCX: ffff8880221d1cc0
[  107.018942][ T5946] RDX: 0000000000000000 RSI: ffffffff8dba8f87 RDI: ffff8880221d1cc0
[  107.022167][ T5946] RBP: ffffc90002f7f9b0 R08: ffffffff8fa39037 R09: 1ffffffff1f47206
[  107.025380][ T5946] R10: dffffc0000000000 R11: fffffbfff1f47207 R12: ffffffff8f632340
[  107.028542][ T5946] R13: 1ffff920005eff40 R14: ffff88811d96b8c0 R15: dffffc0000000000
[  107.031842][ T5946]  ? xfrm_state_fini+0x26c/0x2f0
[  107.034000][ T5946]  ? xfrm_state_fini+0x26c/0x2f0
[  107.036105][ T5946]  xfrm_net_exit+0x2d/0x70
[  107.037983][ T5946]  ops_undo_list+0x49a/0x990
[  107.039976][ T5946]  ? __pfx_ops_undo_list+0x10/0x10
[  107.042206][ T5946]  ? do_raw_spin_unlock+0x4d/0x240
[  107.044366][ T5946]  cleanup_net+0x4c5/0x800
[  107.046244][ T5946]  ? __pfx_cleanup_net+0x10/0x10
[  107.048378][ T5946]  ? _raw_spin_unlock_irq+0x23/0x50
[  107.050527][ T5946]  ? process_scheduled_works+0x9ef/0x17b0
[  107.052970][ T5946]  ? process_scheduled_works+0x9ef/0x17b0
[  107.055388][ T5946]  process_scheduled_works+0xae1/0x17b0
[  107.057741][ T5946]  ? __pfx_process_scheduled_works+0x10/0x10
[  107.060262][ T5946]  worker_thread+0x8a0/0xda0
[  107.062204][ T5946]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  107.064891][ T5946]  ? __kthread_parkme+0x7b/0x200
[  107.066997][ T5946]  kthread+0x711/0x8a0
[  107.068747][ T5946]  ? __pfx_worker_thread+0x10/0x10
[  107.070820][ T5946]  ? __pfx_kthread+0x10/0x10
[  107.072685][ T5946]  ? _raw_spin_unlock_irq+0x23/0x50
[  107.074859][ T5946]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.077014][ T5946]  ? __pfx_kthread+0x10/0x10
[  107.078952][ T5946]  ret_from_fork+0x3fc/0x770
[  107.080959][ T5946]  ? __pfx_ret_from_fork+0x10/0x10
[  107.083193][ T5946]  ? __switch_to_asm+0x39/0x70
[  107.085208][ T5946]  ? __switch_to_asm+0x33/0x70
[  107.087242][ T5946]  ? __pfx_kthread+0x10/0x10
[  107.089141][ T5946]  ret_from_fork_asm+0x1a/0x30
[  107.091132][ T5946]  </TASK>
[  107.093270][ T5946] Kernel Offset: disabled
[  107.095090][ T5946] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:10:45  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000031 RBX=0000000000000031 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90002f7f030
R8 =ffff888020858237 R9 =1ffff1100410b046 R10=dffffc0000000000 R11=ffffffff854f4b80
R12=dffffc0000000000 R13=ffffffff99b018cc R14=ffffffff99df6420 R15=0000000000000000
RIP=ffffffff854f4bfc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8614000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055d852e99000 CR3=0000000027054000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffff00ffffff00 ffffffffffffffff
XMM02=73616c632f737973 2f002f74656e2f73 XMM03=0000000000000000 0000000000000073
XMM04=7373616c632f7379 732f002f74656e2f XMM05=0000000000000071 0000000000000000
XMM06=ff00000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffffffffffff XMM09=00316e6170772f74 656e2f317968702f
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00007f4ad353e54e RBX=00007f4ad352f480 RCX=0000000000000000 RDX=0000000000000713
RSI=00007f4ad36d7740 RDI=00007f4ad3537110 RBP=0000000000000009 RSP=00007ffc412d6870
R8 =0000000000000000 R9 =0000000000000010 R10=00007f4ad36d7738 R11=0000000000000007
R12=00007f4ad3795b70 R13=00007ffc412d0002 R14=00007f4ad3794500 R15=00007f4ad36d7738
RIP=00007f4ad37a65d2 RFL=00000206 [-----P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4ad3493380 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4ad36878e5 CR3=000000010aae9000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000000000ff00 0000000000ff0000 XMM01=0000000000000100 000000000000ffff
XMM02=6d775f657661736e 755f4f495f006465 XMM03=0000000000000000 0000000000000065
XMM04=6f6f685f65657266 5f5f006469756574 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
