last executing test programs:

29.437040773s ago: executing program 2 (id=296):
r0 = accept4$ax25(0xffffffffffffffff, &(0x7f0000000240)={{}, [@null, @netrom, @remote, @default, @netrom, @bcast, @remote, @rose]}, &(0x7f0000000180)=0x48, 0x80000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000840), &(0x7f0000000480), 0x20000802, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), 0xffffffffffffffff, 0x6c, r1}, 0x38)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000001300)={&(0x7f0000ffa000/0x3000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/203, 0x87, 0x0, &(0x7f0000001200), 0xfffffff3}, &(0x7f0000001340)=0x24)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f00000010c0)=0x8)
recvfrom$ax25(r0, &(0x7f0000000400)=""/163, 0xa3, 0x40, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000080)='GPL\x00', 0xa}, 0x94)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={<r7=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
sendmsg$NFT_BATCH(r2, &(0x7f00000005c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000840)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x4d}, [@NFTA_SET_TIMEOUT={0xc}]}, @NFT_MSG_NEWFLOWTABLE={0x34, 0x16, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x534, 0xc, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4cc, 0x3, 0x0, 0x1, [{0x4c8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xc7, 0x6, 0x1, 0x0, "10e94aa69cc889aaaef2cb46b03831dbda0396f2b482047bb13be198807cf4cd1855b46ed28f1a59e7416839936d1eadb4643cbbbaa60be6221fb45597fc6ee3b8f8701a358173c0a12c1d897c542db3ffd8f7592bac29fd27fc5cde6df01ed0f2f2b3b62ef9a5fda79642bf57eb789e4786bec913bd4c7be0a6e5044eece677121d5bb9c5d2c82b5a2cc8bc5427287d4daf93e8e9ce4598c0a83743e18af87f7ca1bf6a60866ebb728a2a529f13c8469990674c009118fee238b9d5c43708637af335"}, @NFTA_SET_ELEM_EXPRESSIONS={0xa0, 0xb, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_DIR={0x5, 0x3, 0x2}]}}}, {0x4c, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0x1c, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_NG_TYPE={0x8}]}}}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x78, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}, {0x40, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x10, 0x1, 0x0, 0x1, @socket={{0xb}, @void}}, {0x14, 0x1, 0x0, 0x1, @immediate={{0xe}, @void}}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x2c, 0xb, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x9}, @NFTA_QUOTA_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_KEY={0x1fc, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VALUE={0x56, 0x1, "55f6195bd514efc73a3661a70c2b20a179db5c165b30ceec68344c2f7ff5e845bdec90ced2fc8a9ae9c207a02193006e72dfe3f7c628e5d01f129819b05eaae4a82e35f00edb6e904df7bfd043e88e85a344"}, @NFTA_DATA_VALUE={0xf7, 0x1, "8675e0166bf3f334bf7e5d5ea80168677b519b331ec5edf80455d6ef38a3593ba9b0e64b79d66d7ededed8fb1e6c3955db0119393bb2eb5241b16412f3598605b56ef67c2c91d3e9fcc4c50f06a911f3eda367e66779ff24faa2f4b291674a397aafb4cf6a5fdfead06e4fbfaee51c1e4837e1464180a2eb3a30f9aecfb0df0d5b67f57ee9859b81efa2695875b5572a7f44c345bbe37773872aefca0a1299ecfb731f1b5a6e99ba1b1c6a848560e1305552b17d7a123f59f168bf60f5657c3cc7cb4f608944e5f566b0e3c0914f66b2357bd1eae4eefaa89b7f22e5e96f0eb08b715715cf95ce3220ec9d728ae6e67b9f7685"}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}, @NFTA_SET_ELEM_EXPRESSIONS={0xb4, 0xb, 0x0, 0x1, [{0x60, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x8000}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0xe}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x6}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0xa}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x101}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}}}, {0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}, {0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}, {0x1c, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_FLAGS={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x5d0}, 0x1, 0x0, 0x0, 0x4004014}, 0x44800)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r5, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
select(0x40, &(0x7f00000002c0)={0x8821, 0x2, 0x4, 0x3, 0x5, 0xad, 0x8, 0x800000000000000}, &(0x7f0000000300)={0x4, 0x8, 0x100000001, 0x8000, 0xffffffffffffff93, 0x1, 0x9, 0x8000000000000000}, &(0x7f00000004c0)={0x5, 0x0, 0xd64c, 0x258, 0x4, 0x400, 0x0, 0x6}, &(0x7f0000000500))
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6, &(0x7f0000000080)={r7, @in6={{0xa, 0x4e21, 0x793, @ipv4={'\x00', '\xff\xff', @remote}, 0x2}}}, &(0x7f0000000000)=0x84)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2f}, 0x50)

29.20370064s ago: executing program 2 (id=297):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x13, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000840}, 0x10804)

23.160680204s ago: executing program 2 (id=297):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x13, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000840}, 0x10804)

17.494354118s ago: executing program 2 (id=297):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x13, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000840}, 0x10804)

11.533167773s ago: executing program 2 (id=297):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x13, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000840}, 0x10804)

5.843513606s ago: executing program 0 (id=605):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f0000000140)=ANY=[@ANYBLOB='b 75:*\tw'], 0xa)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00/H\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r6, @ANYBLOB="0c00990000000000000000000800a000c215000008009f000d000000080026000816"], 0x40}}, 0x0)

5.794780529s ago: executing program 0 (id=606):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000001540)={0x1c, r1, 0x7, 0x70bd29, 0x25dfdbfb}, 0x1c}, 0x1, 0xffffffea}, 0x240008c0)

5.794490863s ago: executing program 0 (id=607):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
close(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r1, r2, 0x2, 0x2}, 0x10)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2}, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r5, r0, 0x2, 0x0, 0x4000}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000001000010400004000fedbdf2501f80000", @ANYRES32=0x0, @ANYBLOB="01020400000000002800128008000100736974001c00028008000200c6120001060008001900000005000a00fd000000080004000100010008000a00fa"], 0x58}}, 0x0)

5.664492585s ago: executing program 0 (id=608):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

5.483487977s ago: executing program 0 (id=614):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x4001, 0x1, 0x0, 0x9}, 0x10) (async, rerun: 32)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async, rerun: 32)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x16, 0x0, 0x4, 0x7, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r3}, 0x10) (async)
r4 = openat$cgroup_pressure(r1, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r4, &(0x7f0000000080)={'some', 0x20, 0x2000000005, 0x20, 0x10000000fffff}, 0x2f) (async)
close(r4) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="20000000160001002bbd7000fbdbdf250a40"], 0x20}, 0x1, 0x0, 0x0, 0x20040000}, 0x10)

5.249921909s ago: executing program 2 (id=297):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x13, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000840}, 0x10804)

569.776181ms ago: executing program 0 (id=614):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x4001, 0x1, 0x0, 0x9}, 0x10) (async, rerun: 32)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async, rerun: 32)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x16, 0x0, 0x4, 0x7, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r3}, 0x10) (async)
r4 = openat$cgroup_pressure(r1, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r4, &(0x7f0000000080)={'some', 0x20, 0x2000000005, 0x20, 0x10000000fffff}, 0x2f) (async)
close(r4) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="20000000160001002bbd7000fbdbdf250a40"], 0x20}, 0x1, 0x0, 0x0, 0x20040000}, 0x10)

444.302216ms ago: executing program 1 (id=665):
pwritev(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000040)="41601461691cc15d5daab6852caff9952fef0759a93d0b36e6450f0665cc208ca12a5e5460cb7aa86a1e5c54020645094b5b6e7ace4cbe07", 0x38}], 0x1, 0xfffffffd, 0x9)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x40201, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc82b00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="a549000009009ea72bf67f0c9070e557de91b19858", @ANYRES16=0x0, @ANYBLOB="000325bd7000fbdbdf25050000000c00098008000200060000000c0002800400010000000000"], 0x2c}}, 0x4004)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r4)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f00000000c0)={<r7=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000000100005ff04000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x85, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0xff, 0x3}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000840)={r7, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="4d7e00c30000001155c24573292df56954a63263888500002556000000080002"], 0x1c}, 0x4, 0x700000000000000}, 0x0)
sendmsg$IEEE802154_SCAN_REQ(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="4411000076f4dfecfc1ebbc885e220964d8da2", @ANYRES16=r5, @ANYBLOB="00042cbd7000fedbdf250900000005001500fb000000050013000000000005001500ff0000000800140004000000080014000700000005001d000b000000"], 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x4c40)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}, @TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x1, 0xffffffffffffffff}}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x7}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x440c0}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
sendmmsg$unix(r10, &(0x7f00000017c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000080)="fe0a338e", 0x4}, {0x0}, {&(0x7f0000000280)="8a4b46df379cd044b5f708d550db863eaba750d96bab70cb80b8ad61f2bfe0a3ac5342c597b0eee569357a6245f77d940c90269a2b8a6e829d0277", 0x3b}, {&(0x7f00000002c0)="e55106308d2668a60083f2faa4d593", 0xf}], 0x4, 0x0, 0x0, 0x400d0}}, {{&(0x7f0000000380)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000400)="c8df70", 0x3}], 0x1, 0x0, 0x0, 0x4000044}}], 0x2, 0x4841)
sendmsg$nl_route_sched(r2, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x51b, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc}, {0xc, 0x6}}}, @m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0xa0}}, 0x0)
r11 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$EXT4_IOC_GROUP_ADD(r11, 0x89e1, 0x0)
r12 = socket$inet(0x2, 0x6, 0xfffffffc)
setsockopt$inet_tcp_TCP_REPAIR(r12, 0x6, 0x2e, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e0001"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)

162.898684ms ago: executing program 1 (id=666):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x43)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x42a, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x1c}}, 0x4040)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r3, 0x28, 0x1, &(0x7f0000000240)=0x1c00000000000000, 0x8)
connect$vsock_stream(r3, &(0x7f0000001c80)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r3, &(0x7f0000000000), 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000001880)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002b40), r4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000240)='kfree_skb\x00', r7, 0x0, 0x8}, 0x18)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r8, &(0x7f0000000300)={{0x6, @rose, 0xffffffff}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r4, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000002bc0)={&(0x7f0000002b80)={0x1c, r6, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x40000)
sendmsg$NL80211_CMD_AUTHENTICATE(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r6, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @random="ee1dee87c94d"}]}, 0x28}}, 0x40000)
socket(0xa, 0x3, 0x3a) (async)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x43) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x42a, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x1c}}, 0x4040) (async)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) (async)
socket$tipc(0x1e, 0x5, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) (async)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r3, 0x28, 0x1, &(0x7f0000000240)=0x1c00000000000000, 0x8) (async)
connect$vsock_stream(r3, &(0x7f0000001c80)={0x28, 0x0, 0x0, @local}, 0x10) (async)
connect$vsock_stream(r3, &(0x7f0000000000), 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000001880)={'wlan0\x00'}) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002b40), r4) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000240)='kfree_skb\x00', r7, 0x0, 0x8}, 0x18) (async)
syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async)
connect$netrom(r8, &(0x7f0000000300)={{0x6, @rose, 0xffffffff}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48) (async)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r4, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000002bc0)={&(0x7f0000002b80)={0x1c, r6, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x40000) (async)
sendmsg$NL80211_CMD_AUTHENTICATE(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r6, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @random="ee1dee87c94d"}]}, 0x28}}, 0x40000) (async)

162.7487ms ago: executing program 1 (id=667):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="2600000022000900000000000000000001000000100001800c000000bcb3000000000000"], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xa9}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x2a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x12, 0x0, 0xd, "f42a97b96d025891dd3f75fdda"}})

72.910016ms ago: executing program 1 (id=668):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB='&'], 0x10)
socketpair(0x2b, 0xa, 0x5, &(0x7f0000000000))
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014008000008080002"], 0x1ec}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x50) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80) (async)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10) (async)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB='&'], 0x10) (async)
socketpair(0x2b, 0xa, 0x5, &(0x7f0000000000)) (async)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014008000008080002"], 0x1ec}, 0x1, 0x0, 0x0, 0x4040}, 0x0) (async)

487.503µs ago: executing program 1 (id=669):
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
close(r0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000000)=0x5)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000040)={0x0, ""/256, <r1=>0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r2=>0x0, <r3=>0x0, <r4=>0x0, <r5=>0x0})
r6 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080), &(0x7f00000000c0)=0x1)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[@ANYRES8=r1, @ANYBLOB="e0fc42741e78cfba1f4083357adfba6dc2ba6e1f04141f850b50a6c3d6208e629e28059a00c79c4c9e9826e409d8c8950b99d1df202b4d0c", @ANYRESHEX=r5, @ANYRES64=r2, @ANYRESOCT=r4, @ANYRESDEC=0x0, @ANYRES32=r3], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r7, &(0x7f0000000080), 0x0}, 0x20)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000240)={{r0}, r2, 0x1a, @unused=[0x0, 0x1, 0xcf6e, 0xff], @subvolid=0x5})

0s ago: executing program 1 (id=670):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0x1, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x8100, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x10000}}]}}]}, 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:54218' (ED25519) to the list of known hosts.
syzkaller login: [   41.805636][ T5750] cgroup: Unknown subsys name 'net'
[   41.926123][ T5750] cgroup: Unknown subsys name 'cpuset'
[   41.930667][ T5750] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   43.338024][ T5750] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   47.022258][ T5818] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   47.025617][ T5818] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   47.028216][ T5818] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   47.033136][ T5818] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   47.036046][ T5818] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   47.083910][ T5203] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   47.086811][ T5203] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   47.089393][ T5203] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   47.092310][ T5203] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   47.095264][ T5203] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   47.117069][ T5203] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   47.119891][ T5203] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   47.122581][ T5203] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   47.128108][ T5203] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   47.130996][ T5203] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   47.312992][ T5816] chnl_net:caif_netlink_parms(): no params data found
[   47.359445][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   47.379786][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   47.414744][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.417627][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.420096][ T5816] bridge_slave_0: entered allmulticast mode
[   47.422917][ T5816] bridge_slave_0: entered promiscuous mode
[   47.428302][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.430627][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.433223][ T5816] bridge_slave_1: entered allmulticast mode
[   47.436039][ T5816] bridge_slave_1: entered promiscuous mode
[   47.482898][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.504196][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.507296][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.509774][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.512325][ T5823] bridge_slave_0: entered allmulticast mode
[   47.515257][ T5823] bridge_slave_0: entered promiscuous mode
[   47.533378][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.535796][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.538152][ T5823] bridge_slave_1: entered allmulticast mode
[   47.540999][ T5823] bridge_slave_1: entered promiscuous mode
[   47.559108][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.561501][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.564851][ T5821] bridge_slave_0: entered allmulticast mode
[   47.567554][ T5821] bridge_slave_0: entered promiscuous mode
[   47.580809][ T5816] team0: Port device team_slave_0 added
[   47.584230][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.586591][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.588923][ T5821] bridge_slave_1: entered allmulticast mode
[   47.591704][ T5821] bridge_slave_1: entered promiscuous mode
[   47.609918][ T5816] team0: Port device team_slave_1 added
[   47.620886][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.634111][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.638378][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.649864][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.652104][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.661226][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.666742][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.670176][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.672368][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.680913][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.710925][ T5823] team0: Port device team_slave_0 added
[   47.724320][ T5821] team0: Port device team_slave_0 added
[   47.727539][ T5821] team0: Port device team_slave_1 added
[   47.730433][ T5823] team0: Port device team_slave_1 added
[   47.767413][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.769646][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.778425][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.791100][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.794074][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.802272][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.808050][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.810372][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.818654][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.825944][ T5816] hsr_slave_0: entered promiscuous mode
[   47.828308][ T5816] hsr_slave_1: entered promiscuous mode
[   47.831282][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.835244][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.844481][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.906514][ T5823] hsr_slave_0: entered promiscuous mode
[   47.909210][ T5823] hsr_slave_1: entered promiscuous mode
[   47.912242][ T5823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.915763][ T5823] Cannot create hsr debugfs directory
[   47.920868][ T5821] hsr_slave_0: entered promiscuous mode
[   47.923820][ T5821] hsr_slave_1: entered promiscuous mode
[   47.925968][ T5821] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.928387][ T5821] Cannot create hsr debugfs directory
[   48.127123][ T5823] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   48.145324][ T5823] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   48.155398][ T5823] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   48.164485][ T5823] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   48.170826][ T5821] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   48.190380][ T5821] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   48.214017][ T5821] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   48.219743][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.222104][ T5823] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.224851][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.227106][ T5823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.237523][ T5821] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   48.241768][ T5816] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   48.246986][ T5816] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   48.255652][ T5816] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   48.266071][ T5816] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   48.294641][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.297052][ T5821] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.299441][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.301750][ T5821] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.311537][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.314005][ T5816] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.316499][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.318879][ T5816] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.327833][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.330936][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.334986][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.337520][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.340948][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.344442][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.383730][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.416603][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.421603][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.426876][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   48.438371][  T717] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.440711][  T717] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.446280][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   48.455781][ T5816] 8021q: adding VLAN 0 to HW filter on device team0
[   48.459767][  T717] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.462022][  T717] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.469254][  T717] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.471553][  T717] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.478583][  T717] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.480869][  T717] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.489816][  T717] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.492104][  T717] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.496162][  T717] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.498434][  T717] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.660385][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.677575][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.704437][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.709977][ T5816] veth0_vlan: entered promiscuous mode
[   48.726496][ T5816] veth1_vlan: entered promiscuous mode
[   48.738588][ T5821] veth0_vlan: entered promiscuous mode
[   48.757775][ T5823] veth0_vlan: entered promiscuous mode
[   48.760505][ T5821] veth1_vlan: entered promiscuous mode
[   48.765839][ T5816] veth0_macvtap: entered promiscuous mode
[   48.770126][ T5816] veth1_macvtap: entered promiscuous mode
[   48.775568][ T5823] veth1_vlan: entered promiscuous mode
[   48.789399][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.800133][ T5821] veth0_macvtap: entered promiscuous mode
[   48.805840][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.812542][ T5821] veth1_macvtap: entered promiscuous mode
[   48.821049][ T5816] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.825463][ T5816] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.828222][ T5816] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.830888][ T5816] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.847498][ T5823] veth0_macvtap: entered promiscuous mode
[   48.855526][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.860857][ T5823] veth1_macvtap: entered promiscuous mode
[   48.865698][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.879259][ T5821] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.882117][ T5821] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.891318][ T5821] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.894606][ T5821] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.919605][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.922191][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.927580][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.967118][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.974428][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.976974][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.994142][ T5823] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.997944][ T5823] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.001607][ T5823] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.005497][ T5823] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.048670][   T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.050882][ T5816] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   49.051327][   T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.089931][   T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.094817][   T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.114882][ T5203] Bluetooth: hci1: command tx timeout
[   49.114885][ T5818] Bluetooth: hci0: command tx timeout
[   49.140725][   T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.146070][   T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.192477][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.195257][ T5818] Bluetooth: hci2: command tx timeout
[   49.202479][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.250177][ T5887] lo speed is unknown, defaulting to 1000
[   49.264795][ T5887] lo speed is unknown, defaulting to 1000
[   49.267583][ T5887] lo speed is unknown, defaulting to 1000
[   49.271911][ T5887] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   49.285265][ T5890] 8021q: VLANs not supported on ip_vti0
[   49.288257][ T5887] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   49.328057][ T5884] Zero length message leads to an empty skb
[   49.328791][ T5887] lo speed is unknown, defaulting to 1000
[   49.342259][ T5887] lo speed is unknown, defaulting to 1000
[   49.345300][ T5887] lo speed is unknown, defaulting to 1000
[   49.454763][ T5903] tipc: Started in network mode
[   49.456587][ T5903] tipc: Node identity 8e55b7e41d, cluster identity 4711
[   49.458893][ T5903] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   49.479303][ T5903] syzkaller0: entered promiscuous mode
[   49.481369][ T5903] syzkaller0: entered allmulticast mode
[   49.489417][ T5907] vlan2: entered promiscuous mode
[   49.491140][ T5907] bridge0: entered promiscuous mode
[   50.269946][ T5928] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11'.
[   50.277898][ T5902] tipc: Resetting bearer <eth:syzkaller0>
[   50.302959][ T5930] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12'.
[   50.310805][ T5902] tipc: Disabling bearer <eth:syzkaller0>
[   50.357491][ T5932] lo speed is unknown, defaulting to 1000
[   50.413277][ T5934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13'.
[   50.471918][ T5942] netlink: 'syz.1.14': attribute type 23 has an invalid length.
[   50.569992][ T5948] bond0: entered promiscuous mode
[   50.571707][ T5948] bond_slave_0: entered promiscuous mode
[   50.574949][ T5948] bond_slave_1: entered promiscuous mode
[   50.578859][ T5948] batadv_slave_0: entered promiscuous mode
[   50.581641][ T5948] hsr1: entered promiscuous mode
[   50.599144][ T5946] lo speed is unknown, defaulting to 1000
[   50.653364][ T5952] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.671062][ T5946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   50.746820][ T5946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   50.751665][ T5946] netlink: 'syz.0.15': attribute type 3 has an invalid length.
[   50.755515][ T5946] netlink: 'syz.0.15': attribute type 1 has an invalid length.
[   50.758079][ T5946] netlink: 185308 bytes leftover after parsing attributes in process `syz.0.15'.
[   50.762006][ T5945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   51.193285][ T5818] Bluetooth: hci1: command tx timeout
[   51.193326][ T5203] Bluetooth: hci0: command tx timeout
[   51.273237][ T5203] Bluetooth: hci2: command tx timeout
[   51.418397][ T5960] netlink: 'syz.0.18': attribute type 6 has an invalid length.
[   52.035725][ T5998] netlink: 8 bytes leftover after parsing attributes in process `syz.2.25'.
[   52.046916][ T5948] Set syz1 is full, maxelem 65536 reached
[   52.114202][ T6004] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   52.116956][ T6004] syzkaller0: entered promiscuous mode
[   52.118701][ T6004] syzkaller0: entered allmulticast mode
[   52.128321][ T6003] tipc: Resetting bearer <eth:syzkaller0>
[   52.136274][ T6003] tipc: Disabling bearer <eth:syzkaller0>
[   52.158924][ T6010] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   52.168819][ T6010] vxcan1: tx address claim with different name
[   52.240963][ T6019] netlink: 'syz.0.32': attribute type 23 has an invalid length.
[   52.615361][ T6035] netlink: 'syz.2.36': attribute type 1 has an invalid length.
[   52.998892][ T6040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.38'.
[   53.026359][ T6044] siw: device registration error -23
[   53.079646][ T6048] netlink: 'syz.1.41': attribute type 23 has an invalid length.
[   53.241466][ T6063] warning: `syz.0.46' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   53.269270][ T6067] netlink: 20 bytes leftover after parsing attributes in process `syz.1.45'.
[   53.272975][ T6067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.45'.
[   53.276780][ T5203] Bluetooth: hci0: command tx timeout
[   53.283179][ T5203] Bluetooth: hci1: command tx timeout
[   53.316302][ T6067] team0: Port device team_slave_0 removed
[   53.353267][ T5203] Bluetooth: hci2: command tx timeout
[   53.382275][ T6074] netlink: 24 bytes leftover after parsing attributes in process `syz.0.48'.
[   53.499075][ T6087] netlink: 12 bytes leftover after parsing attributes in process `syz.0.52'.
[   53.502012][ T6087] netlink: 'syz.0.52': attribute type 1 has an invalid length.
[   53.505506][ T6087] netlink: 'syz.0.52': attribute type 2 has an invalid length.
[   53.509419][ T6087] netlink: 'syz.0.52': attribute type 1 has an invalid length.
[   53.642003][ T6099] bond0: entered promiscuous mode
[   53.644716][ T6099] bond_slave_0: entered promiscuous mode
[   53.646715][ T6099] bond_slave_1: entered promiscuous mode
[   54.032003][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88801fc10400: rx timeout, send abort
[   54.037133][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88801fc10400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[   54.838409][ T6159] dummy0: entered promiscuous mode
[   54.916260][ T6165] bridge1: entered promiscuous mode
[   54.918129][ T6165] bridge1: entered allmulticast mode
[   54.977871][ T6168] trusted_key: syz.2.78 sent an empty control message without MSG_MORE.
[   55.329871][ T6210] syz.2.90 uses obsolete (PF_INET,SOCK_PACKET)
[   55.353145][ T5203] Bluetooth: hci1: command tx timeout
[   55.354728][ T5818] Bluetooth: hci0: command tx timeout
[   55.427263][ T6218] __nla_validate_parse: 11 callbacks suppressed
[   55.427274][ T6218] netlink: 248 bytes leftover after parsing attributes in process `syz.1.93'.
[   55.434663][ T5818] Bluetooth: hci2: command tx timeout
[   55.500348][ T6225] validate_nla: 2 callbacks suppressed
[   55.500359][ T6225] netlink: 'syz.1.95': attribute type 5 has an invalid length.
[   55.622311][ T6234] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.684139][ T6234] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.806426][ T6234] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.961110][ T6234] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.037665][ T6234] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.050384][ T6234] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.059487][ T6234] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.071131][ T6234] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.095103][ T6254] netlink: 'syz.0.100': attribute type 1 has an invalid length.
[   56.101086][ T6254] netlink: 'syz.0.100': attribute type 2 has an invalid length.
[   56.204039][ T6257] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0
[   56.217668][ T6266] netlink: 12 bytes leftover after parsing attributes in process `syz.0.101'.
[   56.228578][ T6266] netlink: 16 bytes leftover after parsing attributes in process `syz.0.101'.
[   56.272029][ T6268] tipc: Started in network mode
[   56.275255][ T6268] tipc: Node identity 6edf0c2cf387, cluster identity 4711
[   56.277601][ T6268] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   56.282274][ T6268] syzkaller0: entered promiscuous mode
[   56.286549][ T6268] syzkaller0: entered allmulticast mode
[   56.306505][ T6267] tipc: Resetting bearer <eth:syzkaller0>
[   56.337666][ T6267] tipc: Disabling bearer <eth:syzkaller0>
[   56.508519][ T6296] netlink: 'syz.2.106': attribute type 23 has an invalid length.
[   56.517406][ T6294] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   56.585612][ T6300] netlink: 36 bytes leftover after parsing attributes in process `syz.1.107'.
[   56.589310][ T6300] netlink: 44 bytes leftover after parsing attributes in process `syz.1.107'.
[   56.622913][ T6300] netlink: 32 bytes leftover after parsing attributes in process `syz.1.107'.
[   56.626207][ T6300] netlink: 44 bytes leftover after parsing attributes in process `syz.1.107'.
[   56.742859][ T6320] netlink: 'syz.1.115': attribute type 23 has an invalid length.
[   57.063647][ T6330] netlink: 24 bytes leftover after parsing attributes in process `syz.2.118'.
[   57.083142][ T6330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.118'.
[   57.085985][ T6330] netlink: 'syz.2.118': attribute type 5 has an invalid length.
[   57.217833][ T6340] netlink: 4 bytes leftover after parsing attributes in process `syz.2.122'.
[   57.351367][ T6345] netlink: 'syz.1.124': attribute type 12 has an invalid length.
[   57.597269][ T6359] vlan3: entered promiscuous mode
[   57.599036][ T6359] bridge0: entered promiscuous mode
[   57.600823][ T6361] netlink: 'syz.1.130': attribute type 23 has an invalid length.
[   57.751068][ T6376] netlink: 'syz.0.136': attribute type 1 has an invalid length.
[   58.414734][ T6401] netlink: 'syz.0.146': attribute type 23 has an invalid length.
[   58.521039][ T6408] hsr0: entered promiscuous mode
[   58.525720][ T6408] hsr_slave_0: left promiscuous mode
[   58.528047][ T6408] hsr_slave_1: left promiscuous mode
[   58.537214][ T6408] hsr0 (unregistering): left promiscuous mode
[   58.541570][ T6404] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present
[   58.546039][ T6404] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9)
[   59.362941][ T6424] dvmrp1: entered allmulticast mode
[   59.784699][ T6451] lo speed is unknown, defaulting to 1000
[   59.786851][ T6451] lo speed is unknown, defaulting to 1000
[   59.789250][ T6451] lo speed is unknown, defaulting to 1000
[   59.797738][ T6451] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   59.811590][ T6451] lo speed is unknown, defaulting to 1000
[   59.816081][ T6451] lo speed is unknown, defaulting to 1000
[   59.818720][ T6451] lo speed is unknown, defaulting to 1000
[   59.978774][ T6460] bridge0: port 3(gretap0) entered blocking state
[   59.981039][ T6460] bridge0: port 3(gretap0) entered disabled state
[   59.983367][ T6460] gretap0: entered allmulticast mode
[   59.986301][ T6460] gretap0: entered promiscuous mode
[   59.988667][ T6460] bridge0: port 3(gretap0) entered blocking state
[   59.990836][ T6460] bridge0: port 3(gretap0) entered forwarding state
[   60.068953][ T6464] openvswitch: netlink: Flow key attr not present in new flow.
[   60.181264][ T6464] sctp: [Deprecated]: syz.0.166 (pid 6464) Use of int in max_burst socket option deprecated.
[   60.181264][ T6464] Use struct sctp_assoc_value instead
[   60.320650][ T6494] lo speed is unknown, defaulting to 1000
[   60.322547][ T6494] lo speed is unknown, defaulting to 1000
[   60.328242][ T6494] lo speed is unknown, defaulting to 1000
[   60.338298][ T6494] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   60.362769][ T6498] sit1: entered promiscuous mode
[   60.372892][ T6494] lo speed is unknown, defaulting to 1000
[   60.379899][ T6494] lo speed is unknown, defaulting to 1000
[   60.386367][ T6494] lo speed is unknown, defaulting to 1000
[   60.394439][ T6501] siw: device registration error -23
[   60.542232][ T6520] siw: device registration error -23
[   60.598287][ T6529] validate_nla: 3 callbacks suppressed
[   60.598299][ T6529] netlink: 'syz.0.190': attribute type 10 has an invalid length.
[   60.602807][ T6529] bridge0: port 3(gretap0) entered disabled state
[   60.605017][ T6529] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.608048][ T6529] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.631725][ T6529] bridge0: port 3(gretap0) entered blocking state
[   60.634247][ T6529] bridge0: port 3(gretap0) entered forwarding state
[   60.636503][ T6529] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.638752][ T6529] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.641149][ T6529] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.643430][ T6529] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.656284][ T6529] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   60.681250][ T6529] syz.0.190 (6529) used greatest stack depth: 19768 bytes left
[   60.707930][ T6535] __nla_validate_parse: 18 callbacks suppressed
[   60.707941][ T6535] netlink: 12 bytes leftover after parsing attributes in process `syz.0.193'.
[   60.712999][ T6535] netlink: 'syz.0.193': attribute type 2 has an invalid length.
[   60.716803][ T6535] netlink: 16 bytes leftover after parsing attributes in process `syz.0.193'.
[   60.789846][ T6541] netlink: 'syz.1.195': attribute type 2 has an invalid length.
[   60.836970][ T6543] siw: device registration error -23
[   60.920204][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz.0.199'.
[   60.923554][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz.0.199'.
[   60.927114][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.1.200'.
[   60.973335][ T6558] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.201'.
[   61.044078][ T6563] netlink: 'syz.0.203': attribute type 4 has an invalid length.
[   61.203163][    C1] af_packet: tpacket_rcv: packet too big, clamped from 26 to 4294967286. macoff=82
[   61.449357][ T6588] netlink: 'syz.0.210': attribute type 142 has an invalid length.
[   61.610179][ T6592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.213'.
[   61.647477][ T6594] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   61.844491][ T6602] openvswitch: netlink: Port -1156311892 exceeds max allowable 65535
[   61.895471][ T6604] netlink: 12 bytes leftover after parsing attributes in process `syz.0.218'.
[   61.897239][ T6606] siw: device registration error -23
[   61.906210][ T6604] syz_tun: entered promiscuous mode
[   62.041164][ T6619] netlink: 'syz.0.225': attribute type 3 has an invalid length.
[   62.045923][ T6619] netlink: 'syz.0.225': attribute type 1 has an invalid length.
[   62.048391][ T6619] netlink: 192 bytes leftover after parsing attributes in process `syz.0.225'.
[   62.051656][ T6619] NCSI netlink: No device for ifindex 0
[   62.167269][ T6630] syzkaller1: entered promiscuous mode
[   62.169083][ T6630] syzkaller1: entered allmulticast mode
[   62.177753][ T6630] netlink: 16 bytes leftover after parsing attributes in process `syz.2.227'.
[   62.506263][ T6669] netlink: 'syz.2.238': attribute type 1 has an invalid length.
[   62.510212][ T6669] netlink: 'syz.2.238': attribute type 1 has an invalid length.
[   62.892636][ T6713] netlink: 'syz.1.254': attribute type 1 has an invalid length.
[   63.093923][   T10] IPVS: starting estimator thread 0...
[   63.097426][ T6728] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   63.183635][ T6732] IPVS: using max 81 ests per chain, 194400 per kthread
[   63.395130][ T6763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   63.398745][ T6764] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   64.719062][ T6819] 8021q: adding VLAN 0 to HW filter on device bond2
[   64.745712][ T6818] bond2: (slave veth3): Enslaving as an active interface with a down link
[   65.096490][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.138480][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.202498][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.266915][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.371504][ T5203] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   65.376653][ T5203] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   65.380226][ T5203] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   65.383217][ T5203] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   65.386038][ T5203] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   65.390817][   T12] bridge_slave_1: left allmulticast mode
[   65.392985][   T12] bridge_slave_1: left promiscuous mode
[   65.399216][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.409957][   T12] bridge_slave_0: left allmulticast mode
[   65.411879][   T12] bridge_slave_0: left promiscuous mode
[   65.415136][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.511278][   T12] dvmrp1 (unregistering): left allmulticast mode
[   65.648171][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   65.652900][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   65.656948][   T12] bond0 (unregistering): Released all slaves
[   65.663389][   T12] bond1 (unregistering): Released all slaves
[   65.709738][   T12] bond2 (unregistering): (slave veth3): Releasing active interface
[   65.714282][   T12] bond2 (unregistering): Released all slaves
[   65.739014][ T6839] lo speed is unknown, defaulting to 1000
[   65.788916][ T6844] validate_nla: 4 callbacks suppressed
[   65.788928][ T6844] netlink: 'syz.0.300': attribute type 10 has an invalid length.
[   65.800833][ T6844] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.804050][ T6844] bridge_slave_1: left allmulticast mode
[   65.805960][ T6844] bridge_slave_1: left promiscuous mode
[   65.807808][ T6844] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.816489][   T12] tipc: Left network mode
[   65.820058][ T6844] bridge_slave_1: entered promiscuous mode
[   65.825326][ T6844] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[   66.021857][ T6839] chnl_net:caif_netlink_parms(): no params data found
[   66.336396][ T6859] netlink: 'syz.1.302': attribute type 1 has an invalid length.
[   66.377966][   T12] hsr_slave_0: left promiscuous mode
[   66.384367][   T12] hsr_slave_1: left promiscuous mode
[   66.386831][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.404547][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   66.452697][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.455881][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   66.529768][   T12] veth1_macvtap: left promiscuous mode
[   66.548532][   T12] veth0_macvtap: left promiscuous mode
[   66.563496][   T12] veth1_vlan: left promiscuous mode
[   66.576080][   T12] veth0_vlan: left promiscuous mode
[   66.929734][   T12] team0 (unregistering): Port device team_slave_1 removed
[   66.949653][   T12] team0 (unregistering): Port device team_slave_0 removed
[   67.142620][ T6859] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[   67.202960][ T6839] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.210085][ T6839] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.212434][ T6839] bridge_slave_0: entered allmulticast mode
[   67.227298][ T6839] bridge_slave_0: entered promiscuous mode
[   67.243952][ T6839] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.246307][ T6839] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.248822][ T6839] bridge_slave_1: entered allmulticast mode
[   67.260887][ T6839] bridge_slave_1: entered promiscuous mode
[   67.301038][ T6839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.309293][ T6839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.351744][ T6839] team0: Port device team_slave_0 added
[   67.371667][ T6839] team0: Port device team_slave_1 added
[   67.406786][ T6839] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.408998][ T6839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.417188][ T6839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.421755][ T6839] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.424763][ T6839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.432794][ T6839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.436904][ T5203] Bluetooth: hci2: command tx timeout
[   67.505807][ T6839] hsr_slave_0: entered promiscuous mode
[   67.517217][ T6839] hsr_slave_1: entered promiscuous mode
[   67.770328][ T6905] netlink: 'syz.1.312': attribute type 1 has an invalid length.
[   67.838190][ T6905] 8021q: adding VLAN 0 to HW filter on device bond2
[   67.867820][ T6909] bond2: (slave veth3): Enslaving as an active interface with a down link
[   67.960933][ T6915] netlink: 'syz.1.314': attribute type 1 has an invalid length.
[   68.011669][ T6920] __nla_validate_parse: 15 callbacks suppressed
[   68.011705][ T6920] netlink: 76 bytes leftover after parsing attributes in process `syz.1.314'.
[   68.031456][ T6915] bond3: (slave ip6gretap1): making interface the new active one
[   68.035308][ T6915] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[   68.040151][ T6915] netlink: 28 bytes leftover after parsing attributes in process `syz.1.314'.
[   68.067732][ T6915] 8021q: adding VLAN 0 to HW filter on device bond3
[   68.278864][ T6839] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   68.285796][ T6839] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   68.294239][ T6839] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   68.308080][ T6839] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   68.407093][ T6839] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.425763][ T6839] 8021q: adding VLAN 0 to HW filter on device team0
[   68.435507][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.438347][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.441111][ T6948] netlink: 'syz.1.320': attribute type 21 has an invalid length.
[   68.445554][ T6948] netlink: 156 bytes leftover after parsing attributes in process `syz.1.320'.
[   68.454098][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.456501][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.492765][ T6839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   68.638515][ T6968] IPVS: length: 175 != 8
[   68.706421][ T6973] netlink: 14 bytes leftover after parsing attributes in process `syz.1.326'.
[   68.714763][ T6839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.779580][ T6973] bond0 (unregistering): left promiscuous mode
[   68.781534][ T6973] bond_slave_0: left promiscuous mode
[   68.784338][ T6973] bond_slave_1: left promiscuous mode
[   68.787951][ T6973] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.797720][ T6973] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   68.804397][ T6973] bond0 (unregistering): Released all slaves
[   68.841780][ T6978] netlink: 'syz.1.326': attribute type 10 has an invalid length.
[   68.902195][ T6839] veth0_vlan: entered promiscuous mode
[   68.915946][ T6839] veth1_vlan: entered promiscuous mode
[   68.929670][ T6985] netlink: 'syz.1.327': attribute type 1 has an invalid length.
[   68.938160][ T6839] veth0_macvtap: entered promiscuous mode
[   68.941931][ T6839] veth1_macvtap: entered promiscuous mode
[   68.964263][ T6839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.970582][ T6839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.982250][ T6839] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.989442][ T6839] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.995628][ T6839] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.001757][ T6839] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.068148][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.078668][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.096890][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.099299][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.256424][ T7012] siw: device registration error -23
[   70.376953][ T7036] netlink: 4 bytes leftover after parsing attributes in process `syz.1.342'.
[   70.386635][ T7036] gtp0: entered promiscuous mode
[   70.589381][ T7042] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.595959][ T7045] netlink: 224 bytes leftover after parsing attributes in process `syz.0.346'.
[   70.702400][ T7051] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[   70.708100][ T7051] CPU: 0 UID: 0 PID: 7051 Comm: syz.1.349 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   70.708113][ T7051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   70.708120][ T7051] Call Trace:
[   70.708124][ T7051]  <TASK>
[   70.708128][ T7051]  dump_stack_lvl+0x189/0x250
[   70.708147][ T7051]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.708160][ T7051]  ? __pfx__printk+0x10/0x10
[   70.708170][ T7051]  ? kernfs_path_from_node+0x2c/0x260
[   70.708181][ T7051]  ? kernfs_path_from_node+0x2c/0x260
[   70.708191][ T7051]  ? kernfs_path_from_node+0x2c/0x260
[   70.708200][ T7051]  ? kernfs_path_from_node+0x22c/0x260
[   70.708209][ T7051]  ? kernfs_path_from_node+0x2c/0x260
[   70.708220][ T7051]  sysfs_warn_dup+0x8e/0xa0
[   70.708230][ T7051]  sysfs_do_create_link_sd+0xc0/0x110
[   70.708239][ T7051]  device_add_class_symlinks+0x1cf/0x240
[   70.708249][ T7051]  device_add+0x475/0xb50
[   70.708259][ T7051]  wiphy_register+0x199a/0x26b0
[   70.708276][ T7051]  ? __pfx_wiphy_register+0x10/0x10
[   70.708283][ T7051]  ? minstrel_ht_alloc+0x6dd/0x7e0
[   70.708296][ T7051]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[   70.708309][ T7051]  ieee80211_register_hw+0x33e1/0x4120
[   70.708328][ T7051]  ? ieee80211_register_hw+0x14b1/0x4120
[   70.708342][ T7051]  ? __pfx_ieee80211_register_hw+0x10/0x10
[   70.708354][ T7051]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   70.708369][ T7051]  ? __hrtimer_setup+0x187/0x210
[   70.708380][ T7051]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[   70.708391][ T7051]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[   70.708415][ T7051]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[   70.708426][ T7051]  ? trace_kmalloc+0x1f/0xd0
[   70.708432][ T7051]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[   70.708439][ T7051]  ? kstrndup+0xbf/0x160
[   70.708452][ T7051]  hwsim_new_radio_nl+0xea4/0x1b10
[   70.708460][ T7051]  ? __pfx___nla_validate_parse+0x10/0x10
[   70.708477][ T7051]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   70.708489][ T7051]  ? __nla_parse+0x40/0x60
[   70.708500][ T7051]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[   70.708515][ T7051]  genl_family_rcv_msg_doit+0x215/0x300
[   70.708528][ T7051]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   70.708544][ T7051]  ? bpf_lsm_capable+0x9/0x20
[   70.708551][ T7051]  ? security_capable+0x7e/0x2e0
[   70.708563][ T7051]  genl_rcv_msg+0x60e/0x790
[   70.708576][ T7051]  ? __pfx_genl_rcv_msg+0x10/0x10
[   70.708585][ T7051]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   70.708598][ T7051]  netlink_rcv_skb+0x208/0x470
[   70.708607][ T7051]  ? __pfx_genl_rcv_msg+0x10/0x10
[   70.708618][ T7051]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   70.708633][ T7051]  ? down_read+0x1ad/0x2e0
[   70.708641][ T7051]  genl_rcv+0x28/0x40
[   70.708651][ T7051]  netlink_unicast+0x75b/0x8d0
[   70.708662][ T7051]  netlink_sendmsg+0x805/0xb30
[   70.708702][ T7051]  ? __pfx_netlink_sendmsg+0x10/0x10
[   70.708715][ T7051]  ? aa_sock_msg_perm+0x94/0x160
[   70.708728][ T7051]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   70.708739][ T7051]  ? __pfx_netlink_sendmsg+0x10/0x10
[   70.708749][ T7051]  __sock_sendmsg+0x21c/0x270
[   70.708766][ T7051]  ____sys_sendmsg+0x505/0x830
[   70.708777][ T7051]  ? __pfx_____sys_sendmsg+0x10/0x10
[   70.708792][ T7051]  ? import_iovec+0x74/0xa0
[   70.708801][ T7051]  ___sys_sendmsg+0x21f/0x2a0
[   70.708812][ T7051]  ? __pfx____sys_sendmsg+0x10/0x10
[   70.708837][ T7051]  ? __fget_files+0x2a/0x420
[   70.708845][ T7051]  ? __fget_files+0x3a0/0x420
[   70.708857][ T7051]  __x64_sys_sendmsg+0x19b/0x260
[   70.708867][ T7051]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   70.708880][ T7051]  ? rcu_is_watching+0x15/0xb0
[   70.708893][ T7051]  ? do_syscall_64+0xbe/0x3b0
[   70.708901][ T7051]  do_syscall_64+0xfa/0x3b0
[   70.708907][ T7051]  ? lockdep_hardirqs_on+0x9c/0x150
[   70.708922][ T7051]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.708930][ T7051]  ? exc_page_fault+0x9f/0xf0
[   70.708940][ T7051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.708948][ T7051] RIP: 0033:0x7f616f98e929
[   70.708956][ T7051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.708964][ T7051] RSP: 002b:00007f6170819038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.708974][ T7051] RAX: ffffffffffffffda RBX: 00007f616fbb5fa0 RCX: 00007f616f98e929
[   70.708980][ T7051] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[   70.708985][ T7051] RBP: 00007f616fa10b39 R08: 0000000000000000 R09: 0000000000000000
[   70.708991][ T7051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   70.708996][ T7051] R13: 0000000000000000 R14: 00007f616fbb5fa0 R15: 00007ffd5d36b1b8
[   70.709009][ T7051]  </TASK>
[   70.716882][ T7054] 8021q: VLANs not supported on ip_vti0
[   70.878410][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[   70.880516][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[   71.078287][ T7082] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   71.137562][ T7085] nbd: must specify a size in bytes for the device
[   71.227565][ T5826] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.371891][ T7095] netlink: 'syz.1.362': attribute type 42 has an invalid length.
[   71.409260][ T7095] netlink: 16 bytes leftover after parsing attributes in process `syz.1.362'.
[   71.549532][ T5818] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   71.552517][ T5818] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   71.555852][ T5818] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   71.569081][ T5818] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   71.572391][ T5818] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.601170][ T7121] netlink: 8 bytes leftover after parsing attributes in process `syz.1.365'.
[   71.610020][ T7117] lo speed is unknown, defaulting to 1000
[   71.656467][ T7121] netlink: 8 bytes leftover after parsing attributes in process `syz.1.365'.
[   71.739575][ T7117] chnl_net:caif_netlink_parms(): no params data found
[   71.758187][ T7133] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   71.822670][ T7117] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.827817][ T7117] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.830564][ T7117] bridge_slave_0: entered allmulticast mode
[   71.834455][ T7117] bridge_slave_0: entered promiscuous mode
[   71.842185][ T7117] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.847497][ T7117] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.850012][ T7117] bridge_slave_1: entered allmulticast mode
[   71.852716][ T7117] bridge_slave_1: entered promiscuous mode
[   71.894661][ T7117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.906628][ T7117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.942633][ T7117] team0: Port device team_slave_0 added
[   71.954109][ T7146] netlink: 104 bytes leftover after parsing attributes in process `syz.0.371'.
[   71.960223][ T7117] team0: Port device team_slave_1 added
[   71.977819][ T7117] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.979985][ T7117] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.993393][ T7117] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.998277][ T7117] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.000553][ T7117] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.008749][ T7117] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.056791][ T7117] hsr_slave_0: entered promiscuous mode
[   72.059194][ T7117] hsr_slave_1: entered promiscuous mode
[   72.061288][ T7117] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.067698][ T7117] Cannot create hsr debugfs directory
[   72.477526][ T7170] vlan0: entered promiscuous mode
[   72.479230][ T7170] hsr_slave_1: entered promiscuous mode
[   72.481068][ T7170] vlan0: entered allmulticast mode
[   72.482794][ T7170] hsr_slave_1: entered allmulticast mode
[   72.740149][ T7143] syz.0.371 (7143) used greatest stack depth: 19576 bytes left
[   72.760636][ T7184] 8021q: VLANs not supported on ip_vti0
[   72.803402][ T7186] netlink: 'syz.0.386': attribute type 29 has an invalid length.
[   72.923957][ T5826] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.980927][ T5826] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.022250][ T7202] __nla_validate_parse: 3 callbacks suppressed
[   73.022262][ T7202] netlink: 8 bytes leftover after parsing attributes in process `syz.0.392'.
[   73.039543][ T5826] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.158588][ T5826] bridge_slave_1: left allmulticast mode
[   73.160376][ T5826] bridge_slave_1: left promiscuous mode
[   73.162499][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.166604][ T5826] bridge_slave_0: left allmulticast mode
[   73.168496][ T5826] bridge_slave_0: left promiscuous mode
[   73.170349][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.363290][ T5826] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   73.368767][ T5826] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   73.372658][ T5826] bond0 (unregistering): Released all slaves
[   73.594431][ T5818] Bluetooth: hci2: command tx timeout
[   73.612028][ T5826] hsr_slave_0: left promiscuous mode
[   73.614866][ T5826] hsr_slave_1: left promiscuous mode
[   73.616986][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.619278][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_0
[   73.622085][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.626040][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_1
[   73.641138][ T5826] veth1_macvtap: left promiscuous mode
[   73.642941][ T5826] veth0_macvtap: left promiscuous mode
[   73.646250][ T5826] veth1_vlan: left promiscuous mode
[   73.647935][ T5826] veth0_vlan: left promiscuous mode
[   73.970822][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.397'.
[   74.006984][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.397'.
[   74.030568][ T5826] team0 (unregistering): Port device team_slave_1 removed
[   74.052824][ T5826] team0 (unregistering): Port device team_slave_0 removed
[   74.349783][ T7117] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   74.355037][ T7117] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   74.366439][ T7117] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   74.382086][ T7117] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   74.400720][ T7248] netlink: 68 bytes leftover after parsing attributes in process `syz.1.401'.
[   74.434956][ T7248] netlink: 80 bytes leftover after parsing attributes in process `syz.1.401'.
[   74.471333][ T7117] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.492202][ T7117] 8021q: adding VLAN 0 to HW filter on device team0
[   74.498935][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.501379][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.517238][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.519651][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.597048][ T7265] syzkaller1: entered promiscuous mode
[   74.599136][ T7265] syzkaller1: entered allmulticast mode
[   74.603524][ T7265] PF_CAN: dropped non conform CAN skbuff: dev type 779, len 324
[   74.606306][ T7117] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   74.710451][ T7117] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.740699][ T7117] veth0_vlan: entered promiscuous mode
[   74.745459][ T7117] veth1_vlan: entered promiscuous mode
[   74.769286][ T7277] netlink: 'syz.0.409': attribute type 11 has an invalid length.
[   74.776586][ T7277] netlink: 'syz.0.409': attribute type 11 has an invalid length.
[   74.778646][ T7117] veth0_macvtap: entered promiscuous mode
[   74.782727][ T7277] netlink: 224 bytes leftover after parsing attributes in process `syz.0.409'.
[   74.797109][ T7117] veth1_macvtap: entered promiscuous mode
[   74.813959][ T7117] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.818459][ T7117] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.822837][ T7117] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.827459][ T7117] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.830401][ T7117] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.835642][ T7117] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.914731][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.917920][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.958770][   T84] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.961237][   T84] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.055486][ T7297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.415'.
[   75.177749][ T7311] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   75.230286][ T7315] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[   75.232793][ T7315] CPU: 0 UID: 0 PID: 7315 Comm: syz.1.421 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   75.232805][ T7315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   75.232810][ T7315] Call Trace:
[   75.232815][ T7315]  <TASK>
[   75.232819][ T7315]  dump_stack_lvl+0x189/0x250
[   75.232838][ T7315]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.232851][ T7315]  ? __pfx__printk+0x10/0x10
[   75.232861][ T7315]  ? kernfs_path_from_node+0x2c/0x260
[   75.232873][ T7315]  ? kernfs_path_from_node+0x2c/0x260
[   75.232881][ T7315]  ? kernfs_path_from_node+0x2c/0x260
[   75.232890][ T7315]  ? kernfs_path_from_node+0x22c/0x260
[   75.232898][ T7315]  ? kernfs_path_from_node+0x2c/0x260
[   75.232907][ T7315]  sysfs_warn_dup+0x8e/0xa0
[   75.232917][ T7315]  sysfs_do_create_link_sd+0xc0/0x110
[   75.232926][ T7315]  device_add_class_symlinks+0x1cf/0x240
[   75.232936][ T7315]  device_add+0x475/0xb50
[   75.232945][ T7315]  wiphy_register+0x199a/0x26b0
[   75.232960][ T7315]  ? __pfx_wiphy_register+0x10/0x10
[   75.232967][ T7315]  ? minstrel_ht_alloc+0x6dd/0x7e0
[   75.232986][ T7315]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[   75.232997][ T7315]  ieee80211_register_hw+0x33e1/0x4120
[   75.233033][ T7315]  ? ieee80211_register_hw+0x14b1/0x4120
[   75.233047][ T7315]  ? __pfx_ieee80211_register_hw+0x10/0x10
[   75.233059][ T7315]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.233074][ T7315]  ? __hrtimer_setup+0x187/0x210
[   75.233085][ T7315]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[   75.233095][ T7315]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[   75.233119][ T7315]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[   75.233129][ T7315]  ? trace_kmalloc+0x1f/0xd0
[   75.233135][ T7315]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[   75.233142][ T7315]  ? kstrndup+0xbf/0x160
[   75.233155][ T7315]  hwsim_new_radio_nl+0xea4/0x1b10
[   75.233163][ T7315]  ? __pfx___nla_validate_parse+0x10/0x10
[   75.233181][ T7315]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   75.233194][ T7315]  ? __nla_parse+0x40/0x60
[   75.233206][ T7315]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[   75.233221][ T7315]  genl_family_rcv_msg_doit+0x215/0x300
[   75.233234][ T7315]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   75.233250][ T7315]  ? bpf_lsm_capable+0x9/0x20
[   75.233258][ T7315]  ? security_capable+0x7e/0x2e0
[   75.233270][ T7315]  genl_rcv_msg+0x60e/0x790
[   75.233282][ T7315]  ? __pfx_genl_rcv_msg+0x10/0x10
[   75.233292][ T7315]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   75.233305][ T7315]  netlink_rcv_skb+0x208/0x470
[   75.233313][ T7315]  ? __pfx_genl_rcv_msg+0x10/0x10
[   75.233323][ T7315]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   75.233338][ T7315]  ? down_read+0x1ad/0x2e0
[   75.233347][ T7315]  genl_rcv+0x28/0x40
[   75.233356][ T7315]  netlink_unicast+0x75b/0x8d0
[   75.233368][ T7315]  netlink_sendmsg+0x805/0xb30
[   75.233380][ T7315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.233390][ T7315]  ? aa_sock_msg_perm+0x94/0x160
[   75.233400][ T7315]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   75.233408][ T7315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.233417][ T7315]  __sock_sendmsg+0x21c/0x270
[   75.233429][ T7315]  ____sys_sendmsg+0x505/0x830
[   75.233440][ T7315]  ? __pfx_____sys_sendmsg+0x10/0x10
[   75.233453][ T7315]  ? import_iovec+0x74/0xa0
[   75.233464][ T7315]  ___sys_sendmsg+0x21f/0x2a0
[   75.233473][ T7315]  ? __pfx____sys_sendmsg+0x10/0x10
[   75.233498][ T7315]  ? __fget_files+0x2a/0x420
[   75.233505][ T7315]  ? __fget_files+0x3a0/0x420
[   75.233518][ T7315]  __x64_sys_sendmsg+0x19b/0x260
[   75.233528][ T7315]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   75.233541][ T7315]  ? rcu_is_watching+0x15/0xb0
[   75.233554][ T7315]  ? do_syscall_64+0xbe/0x3b0
[   75.233563][ T7315]  do_syscall_64+0xfa/0x3b0
[   75.233568][ T7315]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.233578][ T7315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.233585][ T7315]  ? exc_page_fault+0x9f/0xf0
[   75.233596][ T7315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.233603][ T7315] RIP: 0033:0x7f616f98e929
[   75.233611][ T7315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.233617][ T7315] RSP: 002b:00007f6170819038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.233626][ T7315] RAX: ffffffffffffffda RBX: 00007f616fbb5fa0 RCX: 00007f616f98e929
[   75.233631][ T7315] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[   75.233636][ T7315] RBP: 00007f616fa10b39 R08: 0000000000000000 R09: 0000000000000000
[   75.233640][ T7315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.233644][ T7315] R13: 0000000000000000 R14: 00007f616fbb5fa0 R15: 00007ffd5d36b1b8
[   75.233656][ T7315]  </TASK>
[   75.428588][ T7317] netlink: 'syz.1.422': attribute type 1 has an invalid length.
[   75.452538][ T7317] 8021q: adding VLAN 0 to HW filter on device bond4
[   75.470631][ T7317] bond4: (slave veth5): Enslaving as an active interface with a down link
[   75.488010][ T7317] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link
[   75.502185][ T7317] vlan5: entered allmulticast mode
[   75.504743][ T7317] veth1: entered allmulticast mode
[   75.507974][ T7317] veth1: entered promiscuous mode
[   75.510746][ T7317] veth1: left promiscuous mode
[   75.513771][ T7317] bond4: (slave vlan5): making interface the new active one
[   75.517065][ T7317] veth1: entered promiscuous mode
[   75.519090][ T7317] vlan5: entered promiscuous mode
[   75.520903][ T7317] bond4: (slave vlan5): Enslaving as an active interface with an up link
[   75.865466][ T7342] netlink: 'syz.1.429': attribute type 10 has an invalid length.
[   76.827573][ T5826] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.956816][ T7366] netlink: 12 bytes leftover after parsing attributes in process `syz.0.438'.
[   77.064503][ T5203] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   77.067500][ T5203] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   77.070597][ T5203] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   77.073482][ T5203] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   77.076003][ T5203] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.097660][ T7371] lo speed is unknown, defaulting to 1000
[   77.209730][ T7371] chnl_net:caif_netlink_parms(): no params data found
[   77.339335][ T7371] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.341767][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.354349][ T7371] bridge_slave_0: entered allmulticast mode
[   77.357080][ T7371] bridge_slave_0: entered promiscuous mode
[   77.396974][ T7371] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.399309][ T7371] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.409912][ T7371] bridge_slave_1: entered allmulticast mode
[   77.413241][ T7371] bridge_slave_1: entered promiscuous mode
[   77.465403][ T7371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.470095][ T7371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.506204][ T7371] team0: Port device team_slave_0 added
[   77.520709][ T7371] team0: Port device team_slave_1 added
[   77.571067][ T7371] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.573785][ T7371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.582799][ T7371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.591578][ T7371] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.595620][ T7371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.605126][ T7371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.665089][ T7371] hsr_slave_0: entered promiscuous mode
[   77.675934][ T7371] hsr_slave_1: entered promiscuous mode
[   77.858269][ T7425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'.
[   77.861182][ T7425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.453'.
[   77.870719][ T7425] netlink: 'syz.1.453': attribute type 14 has an invalid length.
[   77.875381][ T7425] netlink: 'syz.1.453': attribute type 11 has an invalid length.
[   77.891793][ T7431] netlink: 'syz.0.455': attribute type 23 has an invalid length.
[   78.165957][ T7459] syzkaller1: entered promiscuous mode
[   78.167870][ T7459] syzkaller1: entered allmulticast mode
[   78.330818][ T7465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.466'.
[   78.365284][ T7467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.467'.
[   78.369032][ T7468] netlink: 76 bytes leftover after parsing attributes in process `syz.1.467'.
[   78.398530][ T7470] netlink: 8 bytes leftover after parsing attributes in process `syz.1.468'.
[   78.547984][    T9] hid-generic 0005:046D:FFF9.0001: item fetching failed at offset 0/1
[   78.552357][    T9] hid-generic 0005:046D:FFF9.0001: probe with driver hid-generic failed with error -22
[   78.637498][ T5826] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.695258][ T5826] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.770627][ T5826] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.848444][ T7493] netlink: 16 bytes leftover after parsing attributes in process `syz.1.478'.
[   78.953867][ T5826] bridge_slave_1: left allmulticast mode
[   78.956227][ T5826] bridge_slave_1: left promiscuous mode
[   78.958720][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.967315][ T5826] bridge_slave_0: left allmulticast mode
[   78.969716][ T5826] bridge_slave_0: left promiscuous mode
[   78.972264][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.005231][ T7508] netlink: 28 bytes leftover after parsing attributes in process `syz.1.485'.
[   79.008297][ T7508] netlink: 8 bytes leftover after parsing attributes in process `syz.1.485'.
[   79.115726][ T5203] Bluetooth: hci2: command tx timeout
[   79.152120][ T5826] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   79.157074][ T5826] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   79.160540][ T5826] bond0 (unregistering): Released all slaves
[   79.421845][ T7532] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[   79.428978][ T7532] CPU: 0 UID: 0 PID: 7532 Comm: syz.1.491 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   79.428991][ T7532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   79.428997][ T7532] Call Trace:
[   79.429002][ T7532]  <TASK>
[   79.429006][ T7532]  dump_stack_lvl+0x189/0x250
[   79.429025][ T7532]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.429037][ T7532]  ? __pfx__printk+0x10/0x10
[   79.429047][ T7532]  ? kernfs_path_from_node+0x2c/0x260
[   79.429059][ T7532]  ? kernfs_path_from_node+0x2c/0x260
[   79.429067][ T7532]  ? kernfs_path_from_node+0x2c/0x260
[   79.429076][ T7532]  ? kernfs_path_from_node+0x22c/0x260
[   79.429084][ T7532]  ? kernfs_path_from_node+0x2c/0x260
[   79.429094][ T7532]  sysfs_warn_dup+0x8e/0xa0
[   79.429104][ T7532]  sysfs_do_create_link_sd+0xc0/0x110
[   79.429113][ T7532]  device_add_class_symlinks+0x1cf/0x240
[   79.429123][ T7532]  device_add+0x475/0xb50
[   79.429132][ T7532]  wiphy_register+0x199a/0x26b0
[   79.429149][ T7532]  ? __pfx_wiphy_register+0x10/0x10
[   79.429157][ T7532]  ? minstrel_ht_alloc+0x6dd/0x7e0
[   79.429169][ T7532]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[   79.429181][ T7532]  ieee80211_register_hw+0x33e1/0x4120
[   79.429200][ T7532]  ? ieee80211_register_hw+0x14b1/0x4120
[   79.429213][ T7532]  ? __pfx_ieee80211_register_hw+0x10/0x10
[   79.429225][ T7532]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   79.429241][ T7532]  ? __hrtimer_setup+0x187/0x210
[   79.429253][ T7532]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[   79.429264][ T7532]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[   79.429287][ T7532]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[   79.429298][ T7532]  ? trace_kmalloc+0x1f/0xd0
[   79.429304][ T7532]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[   79.429311][ T7532]  ? kstrndup+0xbf/0x160
[   79.429324][ T7532]  hwsim_new_radio_nl+0xea4/0x1b10
[   79.429332][ T7532]  ? __pfx___nla_validate_parse+0x10/0x10
[   79.429349][ T7532]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   79.429362][ T7532]  ? __nla_parse+0x40/0x60
[   79.429374][ T7532]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[   79.429390][ T7532]  genl_family_rcv_msg_doit+0x215/0x300
[   79.429403][ T7532]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   79.429418][ T7532]  ? bpf_lsm_capable+0x9/0x20
[   79.429425][ T7532]  ? security_capable+0x7e/0x2e0
[   79.429438][ T7532]  genl_rcv_msg+0x60e/0x790
[   79.429450][ T7532]  ? __pfx_genl_rcv_msg+0x10/0x10
[   79.429460][ T7532]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   79.429472][ T7532]  netlink_rcv_skb+0x208/0x470
[   79.429481][ T7532]  ? __pfx_genl_rcv_msg+0x10/0x10
[   79.429492][ T7532]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   79.429507][ T7532]  ? down_read+0x1ad/0x2e0
[   79.429515][ T7532]  genl_rcv+0x28/0x40
[   79.429525][ T7532]  netlink_unicast+0x75b/0x8d0
[   79.429536][ T7532]  netlink_sendmsg+0x805/0xb30
[   79.429548][ T7532]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.429558][ T7532]  ? aa_sock_msg_perm+0x94/0x160
[   79.429568][ T7532]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   79.429577][ T7532]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.429585][ T7532]  __sock_sendmsg+0x21c/0x270
[   79.429598][ T7532]  ____sys_sendmsg+0x505/0x830
[   79.429609][ T7532]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.429622][ T7532]  ? import_iovec+0x74/0xa0
[   79.429630][ T7532]  ___sys_sendmsg+0x21f/0x2a0
[   79.429640][ T7532]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.429664][ T7532]  ? __fget_files+0x2a/0x420
[   79.429705][ T7532]  ? __fget_files+0x3a0/0x420
[   79.429720][ T7532]  __x64_sys_sendmsg+0x19b/0x260
[   79.429730][ T7532]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   79.429743][ T7532]  ? rcu_is_watching+0x15/0xb0
[   79.429760][ T7532]  ? do_syscall_64+0xbe/0x3b0
[   79.429769][ T7532]  do_syscall_64+0xfa/0x3b0
[   79.429775][ T7532]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.429786][ T7532]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.429793][ T7532]  ? exc_page_fault+0x9f/0xf0
[   79.429805][ T7532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.429812][ T7532] RIP: 0033:0x7f616f98e929
[   79.429820][ T7532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.429827][ T7532] RSP: 002b:00007f6170819038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.429836][ T7532] RAX: ffffffffffffffda RBX: 00007f616fbb5fa0 RCX: 00007f616f98e929
[   79.429841][ T7532] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[   79.429846][ T7532] RBP: 00007f616fa10b39 R08: 0000000000000000 R09: 0000000000000000
[   79.429850][ T7532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   79.429854][ T7532] R13: 0000000000000000 R14: 00007f616fbb5fa0 R15: 00007ffd5d36b1b8
[   79.429866][ T7532]  </TASK>
[   79.616482][ T5826] hsr_slave_0: left promiscuous mode
[   79.619122][ T5826] hsr_slave_1: left promiscuous mode
[   79.621590][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.632447][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_0
[   79.641501][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.644112][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_1
[   79.656194][ T5826] veth1_macvtap: left promiscuous mode
[   79.658900][ T5826] veth0_macvtap: left promiscuous mode
[   79.660769][ T5826] veth1_vlan: left promiscuous mode
[   79.663507][ T5826] veth0_vlan: left promiscuous mode
[   79.921812][ T5826] team0 (unregistering): Port device team_slave_1 removed
[   79.941196][ T5826] team0 (unregistering): Port device team_slave_0 removed
[   80.186197][ T7371] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   80.201376][ T7371] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   80.208591][ T7371] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   80.213692][ T7544] bridge0: port 3(gretap0) entered blocking state
[   80.216148][ T7544] bridge0: port 3(gretap0) entered disabled state
[   80.218274][ T7544] gretap0: entered allmulticast mode
[   80.220667][ T7544] gretap0: entered promiscuous mode
[   80.222626][ T7544] bridge0: port 3(gretap0) entered blocking state
[   80.224808][ T7544] bridge0: port 3(gretap0) entered forwarding state
[   80.228962][ T7371] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   80.322523][ T7371] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.336603][ T7371] 8021q: adding VLAN 0 to HW filter on device team0
[   80.341279][  T717] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.343640][  T717] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.365919][  T717] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.368336][  T717] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.443519][ T7566] netlink: 830 bytes leftover after parsing attributes in process `syz.1.502'.
[   80.447906][ T7566] sctp: [Deprecated]: syz.1.502 (pid 7566) Use of int in maxseg socket option.
[   80.447906][ T7566] Use struct sctp_assoc_value instead
[   80.490874][ T7371] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.517614][ T7371] veth0_vlan: entered promiscuous mode
[   80.524538][ T7371] veth1_vlan: entered promiscuous mode
[   80.546272][ T7371] veth0_macvtap: entered promiscuous mode
[   80.550831][ T7371] veth1_macvtap: entered promiscuous mode
[   80.557736][ T7572] netlink: 'syz.0.503': attribute type 11 has an invalid length.
[   80.561704][ T7371] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.564840][ T7572] netlink: 224 bytes leftover after parsing attributes in process `syz.0.503'.
[   80.575158][ T7371] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.579132][ T7371] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.581976][ T7371] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.586592][ T7371] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.589405][ T7371] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.642434][  T717] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.645192][  T717] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.660947][  T717] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.664543][  T717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.774117][ T7583] netlink: 12 bytes leftover after parsing attributes in process `syz.1.509'.
[   81.127510][  T790] cfg80211: failed to load regulatory.db
[   82.025396][ T7618] 8021q: VLANs not supported on ip_vti0
[   82.318312][ T7635] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[   82.321587][ T7635] CPU: 1 UID: 0 PID: 7635 Comm: syz.1.531 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   82.321600][ T7635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   82.321605][ T7635] Call Trace:
[   82.321610][ T7635]  <TASK>
[   82.321614][ T7635]  dump_stack_lvl+0x189/0x250
[   82.321634][ T7635]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.321646][ T7635]  ? __pfx__printk+0x10/0x10
[   82.321655][ T7635]  ? kernfs_path_from_node+0x2c/0x260
[   82.321667][ T7635]  ? kernfs_path_from_node+0x2c/0x260
[   82.321714][ T7635]  ? kernfs_path_from_node+0x2c/0x260
[   82.321724][ T7635]  ? kernfs_path_from_node+0x22c/0x260
[   82.321732][ T7635]  ? kernfs_path_from_node+0x2c/0x260
[   82.321742][ T7635]  sysfs_warn_dup+0x8e/0xa0
[   82.321752][ T7635]  sysfs_do_create_link_sd+0xc0/0x110
[   82.321763][ T7635]  device_add_class_symlinks+0x1cf/0x240
[   82.321775][ T7635]  device_add+0x475/0xb50
[   82.321784][ T7635]  wiphy_register+0x199a/0x26b0
[   82.321801][ T7635]  ? __pfx_wiphy_register+0x10/0x10
[   82.321809][ T7635]  ? minstrel_ht_alloc+0x6dd/0x7e0
[   82.321821][ T7635]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[   82.321834][ T7635]  ieee80211_register_hw+0x33e1/0x4120
[   82.321852][ T7635]  ? ieee80211_register_hw+0x14b1/0x4120
[   82.321866][ T7635]  ? __pfx_ieee80211_register_hw+0x10/0x10
[   82.321878][ T7635]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   82.321893][ T7635]  ? __hrtimer_setup+0x187/0x210
[   82.321904][ T7635]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[   82.321915][ T7635]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[   82.321942][ T7635]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[   82.321952][ T7635]  ? trace_kmalloc+0x1f/0xd0
[   82.321958][ T7635]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[   82.321966][ T7635]  ? kstrndup+0xbf/0x160
[   82.321980][ T7635]  hwsim_new_radio_nl+0xea4/0x1b10
[   82.321989][ T7635]  ? __pfx___nla_validate_parse+0x10/0x10
[   82.322005][ T7635]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   82.322017][ T7635]  ? __nla_parse+0x40/0x60
[   82.322028][ T7635]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[   82.322042][ T7635]  genl_family_rcv_msg_doit+0x215/0x300
[   82.322055][ T7635]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   82.322070][ T7635]  ? bpf_lsm_capable+0x9/0x20
[   82.322077][ T7635]  ? security_capable+0x7e/0x2e0
[   82.322089][ T7635]  genl_rcv_msg+0x60e/0x790
[   82.322101][ T7635]  ? __pfx_genl_rcv_msg+0x10/0x10
[   82.322111][ T7635]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   82.322123][ T7635]  netlink_rcv_skb+0x208/0x470
[   82.322132][ T7635]  ? __pfx_genl_rcv_msg+0x10/0x10
[   82.322143][ T7635]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   82.322158][ T7635]  ? down_read+0x1ad/0x2e0
[   82.322183][ T7635]  genl_rcv+0x28/0x40
[   82.322195][ T7635]  netlink_unicast+0x75b/0x8d0
[   82.322207][ T7635]  netlink_sendmsg+0x805/0xb30
[   82.322219][ T7635]  ? __pfx_netlink_sendmsg+0x10/0x10
[   82.322228][ T7635]  ? aa_sock_msg_perm+0x94/0x160
[   82.322238][ T7635]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   82.322247][ T7635]  ? __pfx_netlink_sendmsg+0x10/0x10
[   82.322256][ T7635]  __sock_sendmsg+0x21c/0x270
[   82.322269][ T7635]  ____sys_sendmsg+0x505/0x830
[   82.322282][ T7635]  ? __pfx_____sys_sendmsg+0x10/0x10
[   82.322296][ T7635]  ? import_iovec+0x74/0xa0
[   82.322307][ T7635]  ___sys_sendmsg+0x21f/0x2a0
[   82.322318][ T7635]  ? __pfx____sys_sendmsg+0x10/0x10
[   82.322343][ T7635]  ? __fget_files+0x2a/0x420
[   82.322350][ T7635]  ? __fget_files+0x3a0/0x420
[   82.322363][ T7635]  __x64_sys_sendmsg+0x19b/0x260
[   82.322372][ T7635]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   82.322385][ T7635]  ? rcu_is_watching+0x15/0xb0
[   82.322399][ T7635]  ? do_syscall_64+0xbe/0x3b0
[   82.322408][ T7635]  do_syscall_64+0xfa/0x3b0
[   82.322413][ T7635]  ? lockdep_hardirqs_on+0x9c/0x150
[   82.322423][ T7635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.322431][ T7635]  ? exc_page_fault+0x9f/0xf0
[   82.322441][ T7635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.322448][ T7635] RIP: 0033:0x7f616f98e929
[   82.322456][ T7635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.322462][ T7635] RSP: 002b:00007f6170819038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.322471][ T7635] RAX: ffffffffffffffda RBX: 00007f616fbb5fa0 RCX: 00007f616f98e929
[   82.322476][ T7635] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[   82.322481][ T7635] RBP: 00007f616fa10b39 R08: 0000000000000000 R09: 0000000000000000
[   82.322485][ T7635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   82.322489][ T7635] R13: 0000000000000000 R14: 00007f616fbb5fa0 R15: 00007ffd5d36b1b8
[   82.322501][ T7635]  </TASK>
[   82.732923][ T7653] netlink: 'syz.1.540': attribute type 21 has an invalid length.
[   82.822530][ T5844] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.477027][ T5818] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.481756][ T5818] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.485898][ T5818] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.489879][ T5818] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.495607][ T5818] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.522792][ T7663] lo speed is unknown, defaulting to 1000
[   83.615573][ T7663] chnl_net:caif_netlink_parms(): no params data found
[   83.680283][ T7663] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.685391][ T7663] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.688276][ T7663] bridge_slave_0: entered allmulticast mode
[   83.691549][ T7663] bridge_slave_0: entered promiscuous mode
[   83.696192][ T7663] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.698515][ T7663] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.700818][ T7663] bridge_slave_1: entered allmulticast mode
[   83.705014][ T7663] bridge_slave_1: entered promiscuous mode
[   83.728802][ T7663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.734363][ T7663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.760039][ T7663] team0: Port device team_slave_0 added
[   83.767422][ T7663] team0: Port device team_slave_1 added
[   83.788611][ T7663] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.791479][ T7663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.800148][ T7663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.804803][ T7663] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.807017][ T7663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.815951][ T7663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.865204][ T7663] hsr_slave_0: entered promiscuous mode
[   83.867614][ T7663] hsr_slave_1: entered promiscuous mode
[   83.874014][ T7663] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   83.876457][ T7663] Cannot create hsr debugfs directory
[   83.912116][ T7688] IPVS: persistence engine module ip_vs_pe_ not found
[   83.970315][ T7696] __nla_validate_parse: 5 callbacks suppressed
[   83.970327][ T7696] netlink: 16 bytes leftover after parsing attributes in process `syz.1.550'.
[   83.998779][ T7696] netlink: 12 bytes leftover after parsing attributes in process `syz.1.550'.
[   84.079916][ T7706] netlink: 'syz.1.555': attribute type 10 has an invalid length.
[   84.082400][ T7706] netlink: 40 bytes leftover after parsing attributes in process `syz.1.555'.
[   84.087596][ T7706] bridge0: port 4(dummy0) entered blocking state
[   84.089734][ T7706] bridge0: port 4(dummy0) entered disabled state
[   84.093547][ T7706] dummy0: entered allmulticast mode
[   84.097107][ T7706] dummy0: entered promiscuous mode
[   84.100359][ T7706] bridge0: port 4(dummy0) entered blocking state
[   84.102808][ T7706] bridge0: port 4(dummy0) entered forwarding state
[   84.744451][ T5844] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.792495][ T5844] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.855782][ T5844] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.926144][ T7711] netlink: 'syz.0.556': attribute type 23 has an invalid length.
[   85.000367][ T5844] bridge_slave_1: left allmulticast mode
[   85.014848][ T5844] bridge_slave_1: left promiscuous mode
[   85.016829][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.020852][ T5844] bridge_slave_0: left allmulticast mode
[   85.022704][ T5844] bridge_slave_0: left promiscuous mode
[   85.035488][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.332601][ T5844] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   85.336887][ T5844] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   85.340417][ T5844] bond0 (unregistering): Released all slaves
[   85.514501][ T5203] Bluetooth: hci2: command tx timeout
[   85.658778][ T5844] hsr_slave_0: left promiscuous mode
[   85.666898][ T5844] hsr_slave_1: left promiscuous mode
[   85.675647][ T5844] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   85.678023][ T5844] batman_adv: batadv0: Removing interface: batadv_slave_0
[   85.681915][ T5844] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   85.685157][ T7754] netlink: 8 bytes leftover after parsing attributes in process `syz.1.567'.
[   85.688199][ T5844] batman_adv: batadv0: Removing interface: batadv_slave_1
[   85.703622][ T5844] veth1_macvtap: left promiscuous mode
[   85.705408][ T5844] veth0_macvtap: left promiscuous mode
[   85.707233][ T5844] veth1_vlan: left promiscuous mode
[   85.708911][ T5844] veth0_vlan: left promiscuous mode
[   85.740241][ T7754] netlink: 8 bytes leftover after parsing attributes in process `syz.1.567'.
[   85.970044][ T5844] team0 (unregistering): Port device team_slave_1 removed
[   85.990431][ T5844] team0 (unregistering): Port device team_slave_0 removed
[   86.308208][ T7663] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   86.333122][ T7770] netlink: 68 bytes leftover after parsing attributes in process `syz.1.571'.
[   86.337053][ T7663] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   86.347727][ T7663] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   86.400744][ T7663] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   86.400955][ T7776] netlink: 32 bytes leftover after parsing attributes in process `syz.1.573'.
[   86.508502][ T7663] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.541354][ T7663] 8021q: adding VLAN 0 to HW filter on device team0
[   86.570173][ T7796] vlan1: entered allmulticast mode
[   86.572303][ T7796] veth0_vlan: entered allmulticast mode
[   86.578204][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.580438][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.613883][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.616207][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.810879][ T7663] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.855236][ T7663] veth0_vlan: entered promiscuous mode
[   86.867828][ T7663] veth1_vlan: entered promiscuous mode
[   86.880168][ T7821] netlink: 24 bytes leftover after parsing attributes in process `syz.1.580'.
[   86.900139][ T7663] veth0_macvtap: entered promiscuous mode
[   86.916080][ T7663] veth1_macvtap: entered promiscuous mode
[   86.932979][ T7663] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.951214][ T7663] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.956035][ T7727] vlan5: left promiscuous mode
[   86.963598][ T7663] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.975024][ T7663] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.977845][ T7663] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.980563][ T7663] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.021901][ T7826] 8021q: VLANs not supported on ip_vti0
[   87.057383][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.059898][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.065791][ T7828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.583'.
[   87.095364][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.097904][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.107808][ T7828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.583'.
[   87.161285][ T7834] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[   87.165400][ T7834] CPU: 0 UID: 0 PID: 7834 Comm: syz.0.582 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   87.165412][ T7834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   87.165418][ T7834] Call Trace:
[   87.165422][ T7834]  <TASK>
[   87.165426][ T7834]  dump_stack_lvl+0x189/0x250
[   87.165445][ T7834]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.165456][ T7834]  ? __pfx__printk+0x10/0x10
[   87.165467][ T7834]  ? kernfs_path_from_node+0x2c/0x260
[   87.165477][ T7834]  ? kernfs_path_from_node+0x2c/0x260
[   87.165485][ T7834]  ? kernfs_path_from_node+0x2c/0x260
[   87.165494][ T7834]  ? kernfs_path_from_node+0x22c/0x260
[   87.165501][ T7834]  ? kernfs_path_from_node+0x2c/0x260
[   87.165511][ T7834]  sysfs_warn_dup+0x8e/0xa0
[   87.165520][ T7834]  sysfs_do_create_link_sd+0xc0/0x110
[   87.165530][ T7834]  device_add_class_symlinks+0x1cf/0x240
[   87.165540][ T7834]  device_add+0x475/0xb50
[   87.165549][ T7834]  wiphy_register+0x199a/0x26b0
[   87.165566][ T7834]  ? __pfx_wiphy_register+0x10/0x10
[   87.165573][ T7834]  ? minstrel_ht_alloc+0x6dd/0x7e0
[   87.165586][ T7834]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[   87.165597][ T7834]  ieee80211_register_hw+0x33e1/0x4120
[   87.165616][ T7834]  ? ieee80211_register_hw+0x14b1/0x4120
[   87.165629][ T7834]  ? __pfx_ieee80211_register_hw+0x10/0x10
[   87.165641][ T7834]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   87.165655][ T7834]  ? __hrtimer_setup+0x187/0x210
[   87.165697][ T7834]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[   87.165712][ T7834]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[   87.165737][ T7834]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[   87.165749][ T7834]  ? trace_kmalloc+0x1f/0xd0
[   87.165756][ T7834]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[   87.165764][ T7834]  ? kstrndup+0xbf/0x160
[   87.165777][ T7834]  hwsim_new_radio_nl+0xea4/0x1b10
[   87.165786][ T7834]  ? __pfx___nla_validate_parse+0x10/0x10
[   87.165803][ T7834]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   87.165812][ T7834]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[   87.165826][ T7834]  ? __nla_parse+0x40/0x60
[   87.165837][ T7834]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[   87.165850][ T7834]  genl_family_rcv_msg_doit+0x215/0x300
[   87.165863][ T7834]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   87.165878][ T7834]  ? bpf_lsm_capable+0x9/0x20
[   87.165885][ T7834]  ? security_capable+0x7e/0x2e0
[   87.165897][ T7834]  genl_rcv_msg+0x60e/0x790
[   87.165910][ T7834]  ? __pfx_genl_rcv_msg+0x10/0x10
[   87.165919][ T7834]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   87.165932][ T7834]  netlink_rcv_skb+0x208/0x470
[   87.165940][ T7834]  ? __pfx_genl_rcv_msg+0x10/0x10
[   87.165950][ T7834]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   87.165965][ T7834]  ? down_read+0x1ad/0x2e0
[   87.165973][ T7834]  genl_rcv+0x28/0x40
[   87.165982][ T7834]  netlink_unicast+0x75b/0x8d0
[   87.165994][ T7834]  netlink_sendmsg+0x805/0xb30
[   87.166006][ T7834]  ? __pfx_netlink_sendmsg+0x10/0x10
[   87.166015][ T7834]  ? aa_sock_msg_perm+0x94/0x160
[   87.166025][ T7834]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   87.166034][ T7834]  ? __pfx_netlink_sendmsg+0x10/0x10
[   87.166043][ T7834]  __sock_sendmsg+0x21c/0x270
[   87.166056][ T7834]  ____sys_sendmsg+0x505/0x830
[   87.166067][ T7834]  ? __pfx_____sys_sendmsg+0x10/0x10
[   87.166079][ T7834]  ? import_iovec+0x74/0xa0
[   87.166088][ T7834]  ___sys_sendmsg+0x21f/0x2a0
[   87.166098][ T7834]  ? __pfx____sys_sendmsg+0x10/0x10
[   87.166121][ T7834]  ? __fget_files+0x2a/0x420
[   87.166129][ T7834]  ? __fget_files+0x3a0/0x420
[   87.166141][ T7834]  __x64_sys_sendmsg+0x19b/0x260
[   87.166151][ T7834]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   87.166164][ T7834]  ? rcu_is_watching+0x15/0xb0
[   87.166177][ T7834]  ? do_syscall_64+0xbe/0x3b0
[   87.166185][ T7834]  do_syscall_64+0xfa/0x3b0
[   87.166190][ T7834]  ? lockdep_hardirqs_on+0x9c/0x150
[   87.166200][ T7834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.166209][ T7834]  ? exc_page_fault+0x9f/0xf0
[   87.166220][ T7834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.166227][ T7834] RIP: 0033:0x7f86c798e929
[   87.166235][ T7834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.166241][ T7834] RSP: 002b:00007f86c87d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.166251][ T7834] RAX: ffffffffffffffda RBX: 00007f86c7bb5fa0 RCX: 00007f86c798e929
[   87.166256][ T7834] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[   87.166261][ T7834] RBP: 00007f86c7a10b39 R08: 0000000000000000 R09: 0000000000000000
[   87.166265][ T7834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.166269][ T7834] R13: 0000000000000000 R14: 00007f86c7bb5fa0 R15: 00007ffe07daaab8
[   87.166281][ T7834]  </TASK>
[   87.394957][ T7844] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (34)
[   87.642473][ T7848] No such timeout policy "syz0"
[   87.774267][ T7858] netlink: 'syz.1.592': attribute type 39 has an invalid length.
[   88.031779][ T7867] netlink: 'syz.1.594': attribute type 23 has an invalid length.
[   88.196031][ T7879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   88.365939][ T7885] netlink: 'syz.0.601': attribute type 6 has an invalid length.
[   88.558663][ T7899] IPv6: sit1: Disabled Multicast RS
[   88.561743][ T7899] sit1: entered allmulticast mode
[   88.875846][ T5826] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.969146][ T5826] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.014118][ T5826] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.042516][ T7920] __nla_validate_parse: 6 callbacks suppressed
[   89.042528][ T7920] netlink: 24 bytes leftover after parsing attributes in process `syz.1.618'.
[   89.092039][ T5826] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.098062][ T5818] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   89.101276][ T5818] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   89.106535][ T5818] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   89.110800][ T5818] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   89.116229][ T5818] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   89.146401][ T7923] lo speed is unknown, defaulting to 1000
[   89.284899][ T5826] gretap0: left allmulticast mode
[   89.286565][ T5826] gretap0: left promiscuous mode
[   89.288292][ T5826] bridge0: port 3(gretap0) entered disabled state
[   89.291645][ T5826] bridge_slave_0: left allmulticast mode
[   89.303583][ T5826] bridge_slave_0: left promiscuous mode
[   89.305532][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.420561][ T5826] bond0 (unregistering): (slave bridge0): Releasing backup interface
[   89.552497][ T5826] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.555747][ T5826] bond_slave_0: left promiscuous mode
[   89.558640][ T5826] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   89.561583][ T5826] bond_slave_1: left promiscuous mode
[   89.565528][ T5826] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[   89.568516][ T5826] bridge_slave_1: left promiscuous mode
[   89.570932][ T5826] bond0 (unregistering): Released all slaves
[   89.577143][ T7923] chnl_net:caif_netlink_parms(): no params data found
[   89.632163][ T5826] tipc: Left network mode
[   89.645197][ T7923] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.647502][ T7923] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.649766][ T7923] bridge_slave_0: entered allmulticast mode
[   89.652414][ T7923] bridge_slave_0: entered promiscuous mode
[   89.655790][ T7923] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.658112][ T7923] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.660391][ T7923] bridge_slave_1: entered allmulticast mode
[   89.664147][ T7923] bridge_slave_1: entered promiscuous mode
[   89.724844][ T7923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.740535][ T7923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.782034][ T7923] team0: Port device team_slave_0 added
[   89.786151][ T7923] team0: Port device team_slave_1 added
[   89.802122][ T7923] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.804716][ T7923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.812998][ T7923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.819508][ T7923] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.821719][ T7923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.830401][ T7923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.894952][ T5826] hsr_slave_0: left promiscuous mode
[   89.897490][ T7941] netlink: 'syz.1.621': attribute type 39 has an invalid length.
[   89.903099][ T5826] hsr_slave_1: left promiscuous mode
[   89.905164][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.907494][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.914007][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.916330][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.929842][ T5826] veth1_macvtap: left promiscuous mode
[   89.931917][ T5826] veth0_macvtap: left promiscuous mode
[   89.934403][ T5826] veth1_vlan: left promiscuous mode
[   89.936390][ T5826] veth0_vlan: left promiscuous mode
[   89.989612][ T5818] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   89.996856][ T5818] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   90.000772][ T5818] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   90.008158][ T5818] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   90.017061][ T5818] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   90.217258][ T5826] team0 (unregistering): Port device team_slave_1 removed
[   90.236835][ T5826] team0 (unregistering): Port device team_slave_0 removed
[   90.444148][ T7923] hsr_slave_0: entered promiscuous mode
[   90.447406][ T7923] hsr_slave_1: entered promiscuous mode
[   90.471861][    T9] lo speed is unknown, defaulting to 1000
[   90.482445][    T9] infiniband syz2: ib_query_port failed (-19)
[   90.687380][ T7954] netlink: 8 bytes leftover after parsing attributes in process `syz.1.622'.
[   90.751550][ T7943] chnl_net:caif_netlink_parms(): no params data found
[   90.842571][ T7943] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.845132][ T7943] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.847421][ T7943] bridge_slave_0: entered allmulticast mode
[   90.850203][ T7943] bridge_slave_0: entered promiscuous mode
[   90.853749][ T7943] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.856064][ T7943] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.858323][ T7943] bridge_slave_1: entered allmulticast mode
[   90.861026][ T7943] bridge_slave_1: entered promiscuous mode
[   90.887990][ T7943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.892493][ T7943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.913595][ T7943] team0: Port device team_slave_0 added
[   90.919099][ T7943] team0: Port device team_slave_1 added
[   90.947456][ T7969] netlink: 596 bytes leftover after parsing attributes in process `syz.1.627'.
[   90.970258][ T5826] IPVS: stop unused estimator thread 0...
[   90.973532][ T7943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.975833][ T7943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.984535][ T7943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.994434][ T7943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.997963][ T7943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.009658][ T7943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.060026][ T5826] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.092559][ T7943] hsr_slave_0: entered promiscuous mode
[   91.095468][ T7943] hsr_slave_1: entered promiscuous mode
[   91.099300][ T7943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.101661][ T7943] Cannot create hsr debugfs directory
[   91.138479][ T7923] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.139867][ T7976] netlink: 'syz.1.630': attribute type 3 has an invalid length.
[   91.155107][ T7923] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.171299][ T5826] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.182640][ T7923] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.193401][ T5818] Bluetooth: hci1: command tx timeout
[   91.194008][ T7923] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.240494][ T5826] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.296038][ T5826] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.306614][ T7923] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.320883][ T7923] 8021q: adding VLAN 0 to HW filter on device team0
[   91.326111][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.328511][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.338461][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.340881][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.395018][ T5826] bridge_slave_1: left allmulticast mode
[   91.398324][ T5826] bridge_slave_1: left promiscuous mode
[   91.400968][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.405810][ T5826] bridge_slave_0: left allmulticast mode
[   91.408105][ T5826] bridge_slave_0: left promiscuous mode
[   91.410201][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.620697][ T5826] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   91.625929][ T5826] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   91.629555][ T5826] bond0 (unregistering): Released all slaves
[   91.695926][ T7923] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.741594][ T7923] veth0_vlan: entered promiscuous mode
[   91.748600][ T7923] veth1_vlan: entered promiscuous mode
[   91.771570][ T7923] veth0_macvtap: entered promiscuous mode
[   91.791417][ T7923] veth1_macvtap: entered promiscuous mode
[   91.801521][ T7923] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.807959][ T7923] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.814066][ T7923] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.816964][ T7923] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.819825][ T7923] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.822574][ T7923] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.868410][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.871078][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.888593][ T5826] hsr_slave_0: left promiscuous mode
[   91.890826][ T5826] hsr_slave_1: left promiscuous mode
[   91.892982][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   91.896069][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_0
[   91.898872][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   91.901385][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_1
[   91.910738][ T5826] veth1_macvtap: left promiscuous mode
[   91.912646][ T5826] veth0_macvtap: left promiscuous mode
[   91.916621][ T5826] veth1_vlan: left promiscuous mode
[   91.918500][ T5826] veth0_vlan: left promiscuous mode
[   91.992526][ T7989] netlink: 'syz.1.631': attribute type 1 has an invalid length.
[   92.073315][ T5818] Bluetooth: hci2: command tx timeout
[   92.135240][ T5826] team0 (unregistering): Port device team_slave_1 removed
[   92.155164][ T5826] team0 (unregistering): Port device team_slave_0 removed
[   92.369714][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.374253][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.447663][ T7943] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   92.452023][ T7943] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   92.458323][ T7943] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   92.464665][ T7943] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   92.490518][ T7993] netlink: 36 bytes leftover after parsing attributes in process `syz.1.632'.
[   92.502601][ T7993] netlink: 16 bytes leftover after parsing attributes in process `syz.1.632'.
[   92.506746][ T7993] netlink: 36 bytes leftover after parsing attributes in process `syz.1.632'.
[   92.510038][ T7993] netlink: 36 bytes leftover after parsing attributes in process `syz.1.632'.
[   92.530275][ T7943] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.540511][ T7943] 8021q: adding VLAN 0 to HW filter on device team0
[   92.545597][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.548543][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.564547][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.567041][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.678920][ T7943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.702600][ T8013] veth1_to_bridge: entered promiscuous mode
[   92.708179][ T8013] netlink: 4 bytes leftover after parsing attributes in process `syz.1.637'.
[   92.730271][ T8013] veth1_to_bridge (unregistering): left promiscuous mode
[   92.740614][ T8013] bridge_slave_1 (unregistering): left allmulticast mode
[   92.742937][ T8013] bridge_slave_1 (unregistering): left promiscuous mode
[   92.745953][ T8013] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.756641][ T7943] veth0_vlan: entered promiscuous mode
[   92.762503][ T7943] veth1_vlan: entered promiscuous mode
[   92.778344][ T7943] veth0_macvtap: entered promiscuous mode
[   92.782130][ T7943] veth1_macvtap: entered promiscuous mode
[   92.792753][ T7943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.800188][ T7943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.812794][ T7943] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.815941][ T7943] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.818746][ T7943] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.821651][ T7943] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.861243][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.868826][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.882993][   T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.886534][   T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.925469][ T8019] netlink: 'syz.1.640': attribute type 5 has an invalid length.
[   92.932483][ T8019] ip6erspan0: entered allmulticast mode
[   93.089408][ T8029] 8021q: VLANs not supported on ip_vti0
[   93.181964][ T8035] netlink: 40 bytes leftover after parsing attributes in process `syz.1.648'.
[   93.251355][ T8042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.650'.
[   93.307511][ T8046] netlink: 'syz.1.652': attribute type 23 has an invalid length.
[   93.770405][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.960015][ T8086] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   93.964509][ T8086] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   93.968119][ T8086] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   93.970792][ T8086] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   93.974501][ T8086] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   93.984108][ T8085] netlink: 'syz.1.665': attribute type 1 has an invalid length.
[   94.096974][ T8084] chnl_net:caif_netlink_parms(): no params data found
[   94.163234][ T8086] Bluetooth: hci2: command 0x041b tx timeout
[   94.170899][ T8084] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.175641][ T8084] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.178066][ T8084] bridge_slave_0: entered allmulticast mode
[   94.181654][ T8084] bridge_slave_0: entered promiscuous mode
[   94.186718][ T8084] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.189134][ T8084] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.191444][ T8084] bridge_slave_1: entered allmulticast mode
[   94.194373][ T8084] bridge_slave_1: entered promiscuous mode
[   94.224703][ T8084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.225448][ T8102] __nla_validate_parse: 3 callbacks suppressed
[   94.225457][ T8102] netlink: 56 bytes leftover after parsing attributes in process `syz.1.668'.
[   94.229024][ T8084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.229766][ T8102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.668'.
[   94.260944][ T8084] team0: Port device team_slave_0 added
[   94.267283][ T8084] team0: Port device team_slave_1 added
[   94.296782][ T8084] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.299287][ T8084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.309584][ T8084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.316223][ T8084] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.318637][ T8084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.328326][ T8084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.353877][ T8109] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN PTI
[   94.358136][ T8109] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[   94.361518][ T8109] CPU: 0 UID: 0 PID: 8109 Comm: syz.1.670 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   94.365657][ T8109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   94.368725][ T8109] RIP: 0010:__list_del_entry_valid_or_report+0x25/0x190
[   94.370882][ T8109] Code: 90 90 90 90 90 f3 0f 1e fa 41 57 41 56 41 55 41 54 53 48 89 fb 49 bd 00 00 00 00 00 fc ff df 48 83 c7 08 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 9f 2d 5c fd 4c 8b 7b 08 48 89 d8 48 c1 e8
[   94.376815][ T8109] RSP: 0018:ffffc90003b1f0c0 EFLAGS: 00010202
[   94.378738][ T8109] RAX: 000000000000000b RBX: 0000000000000050 RCX: 0000000000080000
[   94.381169][ T8109] RDX: ffffc90003d51000 RSI: 0000000000000385 RDI: 0000000000000058
[   94.383663][ T8109] RBP: dffffc0000000000 R08: ffff888106345640 R09: 0000000000000002
[   94.386168][ T8109] R10: 00000000ffffffff R11: ffffffff897eac80 R12: 0000000000000000
[   94.388631][ T8109] R13: dffffc0000000000 R14: 0000000000000050 R15: ffff88803ae5b000
[   94.391079][ T8109] FS:  00007f61708196c0(0000) GS:ffff8880b8650000(0000) knlGS:0000000000000000
[   94.393815][ T8109] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   94.395888][ T8109] CR2: 00007f6170818fc8 CR3: 000000011e04e000 CR4: 00000000000006f0
[   94.398326][ T8109] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   94.400776][ T8109] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   94.403218][ T8109] Call Trace:
[   94.404462][ T8109]  <TASK>
[   94.405430][ T8109]  drr_qlen_notify+0x2c/0xf0
[   94.407015][ T8109]  qdisc_tree_reduce_backlog+0x29c/0x480
[   94.408762][ T8109]  ? qdisc_tree_reduce_backlog+0x3c/0x480
[   94.410558][ T8109]  hhf_change+0x764/0xad0
[   94.411942][ T8109]  ? __pfx_hhf_change+0x10/0x10
[   94.413495][ T8109]  ? __pfx_hhf_init+0x10/0x10
[   94.415014][ T8109]  hhf_init+0x213/0x950
[   94.416578][ T8109]  ? __pfx_hhf_init+0x10/0x10
[   94.418506][ T8109]  qdisc_create+0x7ac/0xea0
[   94.420384][ T8109]  tc_modify_qdisc+0x1426/0x2010
[   94.422338][ T8109]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   94.424089][ T8109]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   94.425912][ T8109]  rtnetlink_rcv_msg+0x77c/0xb70
[   94.427461][ T8109]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   94.429157][ T8109]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   94.430937][ T8109]  ? ref_tracker_free+0x63a/0x7d0
[   94.432532][ T8109]  ? __copy_skb_header+0xa7/0x550
[   94.434170][ T8109]  ? __pfx_ref_tracker_free+0x10/0x10
[   94.436024][ T8109]  ? __skb_clone+0x63/0x7a0
[   94.437735][ T8109]  netlink_rcv_skb+0x208/0x470
[   94.439228][ T8109]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   94.441131][ T8109]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   94.443264][ T8109]  ? netlink_deliver_tap+0x2e/0x1b0
[   94.445271][ T8109]  ? netlink_deliver_tap+0x2e/0x1b0
[   94.447309][ T8109]  netlink_unicast+0x75b/0x8d0
[   94.448839][ T8109]  netlink_sendmsg+0x805/0xb30
[   94.450580][ T8109]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.452368][ T8109]  ? aa_sock_msg_perm+0x94/0x160
[   94.453942][ T8109]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   94.455789][ T8109]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.457846][ T8109]  __sock_sendmsg+0x21c/0x270
[   94.459409][ T8109]  ____sys_sendmsg+0x505/0x830
[   94.460948][ T8109]  ? __pfx_____sys_sendmsg+0x10/0x10
[   94.462612][ T8109]  ? import_iovec+0x74/0xa0
[   94.464104][ T8109]  ___sys_sendmsg+0x21f/0x2a0
[   94.465986][ T8109]  ? __pfx____sys_sendmsg+0x10/0x10
[   94.468187][ T8109]  ? __fget_files+0x2a/0x420
[   94.470154][ T8109]  ? __fget_files+0x3a0/0x420
[   94.472197][ T8109]  __x64_sys_sendmsg+0x19b/0x260
[   94.474305][ T8109]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   94.476654][ T8109]  ? rcu_is_watching+0x15/0xb0
[   94.478742][ T8109]  ? do_syscall_64+0xbe/0x3b0
[   94.480741][ T8109]  do_syscall_64+0xfa/0x3b0
[   94.482614][ T8109]  ? lockdep_hardirqs_on+0x9c/0x150
[   94.484768][ T8109]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.487118][ T8109]  ? exc_page_fault+0x9f/0xf0
[   94.489105][ T8109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.491615][ T8109] RIP: 0033:0x7f616f98e929
[   94.493527][ T8109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.501383][ T8109] RSP: 002b:00007f6170819038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.504891][ T8109] RAX: ffffffffffffffda RBX: 00007f616fbb5fa0 RCX: 00007f616f98e929
[   94.508124][ T8109] RDX: 0000000004008000 RSI: 0000200000000200 RDI: 0000000000000005
[   94.511359][ T8109] RBP: 00007f616fa10b39 R08: 0000000000000000 R09: 0000000000000000
[   94.514432][ T8109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.517497][ T8109] R13: 0000000000000000 R14: 00007f616fbb5fa0 R15: 00007ffd5d36b1b8
[   94.520487][ T8109]  </TASK>
[   94.521751][ T8109] Modules linked in:
[   94.523555][ T8109] ---[ end trace 0000000000000000 ]---
[   94.525919][ T8109] RIP: 0010:__list_del_entry_valid_or_report+0x25/0x190
[   94.528945][ T8109] Code: 90 90 90 90 90 f3 0f 1e fa 41 57 41 56 41 55 41 54 53 48 89 fb 49 bd 00 00 00 00 00 fc ff df 48 83 c7 08 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 9f 2d 5c fd 4c 8b 7b 08 48 89 d8 48 c1 e8
[   94.537229][ T8109] RSP: 0018:ffffc90003b1f0c0 EFLAGS: 00010202
[   94.539841][ T8109] RAX: 000000000000000b RBX: 0000000000000050 RCX: 0000000000080000
[   94.542417][ T8109] RDX: ffffc90003d51000 RSI: 0000000000000385 RDI: 0000000000000058
[   94.545078][ T8109] RBP: dffffc0000000000 R08: ffff888106345640 R09: 0000000000000002
[   94.547642][ T8109] R10: 00000000ffffffff R11: ffffffff897eac80 R12: 0000000000000000
[   94.550585][ T8109] R13: dffffc0000000000 R14: 0000000000000050 R15: ffff88803ae5b000
[   94.553825][ T8109] FS:  00007f61708196c0(0000) GS:ffff8880b8650000(0000) knlGS:0000000000000000
[   94.556660][ T8109] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   94.558844][ T8109] CR2: 00007f6170818fc8 CR3: 000000011e04e000 CR4: 00000000000006f0
[   94.561419][ T8109] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   94.564013][ T8109] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   94.566524][ T8109] Kernel panic - not syncing: Fatal exception in interrupt
[   94.569536][ T8109] Kernel Offset: disabled
[   94.570995][ T8109] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:50:03  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=0000000000000030 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001044 RDI=0000000000001045 RBP=00000000000003f8 RSP=ffffc90003b1e8f0
R8 =ffff888106400237 R9 =1ffff11020c80046 R10=dffffc0000000000 R11=ffffffff85474610
R12=dffffc0000000000 R13=ffffffff99ac4901 R14=ffffffff99dc9760 R15=0000000000000000
RIP=ffffffff8547468c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f61708196c0 ffffffff 00c00000
GS =0000 ffff8880b8650000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f6170818fc8 CR3=000000011e04e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000ff0000000000 000000000000ff00
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00000000ff000000 0000000000000000 XMM05=0000000000000000 00007f0e87211b1f
XMM06=0000000000000000 00007f0e87211b19 XMM07=0000000000000000 00007f0e87211b2d
XMM08=0000000000000000 00007f0e87211bb3 XMM09=0000000000000000 00007f0e87211c91
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=4c4ea58341586300 RBX=ffffffff81974d58 RCX=4c4ea58341586300 RDX=0000000000000001
RSI=ffffffff8be28d20 RDI=ffffffff81974d58 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f5b R9 =1ffff11026cc65eb R10=dffffc0000000000 R11=ffffed1026cc65ec
R12=ffffffff8fa10cf0 R13=0000000000000001 R14=0000000000000001 R15=1ffff1102001d000
RIP=ffffffff8b66b4a3 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c50000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c26b36d CR3=0000000027b42000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 000000524f525245 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f616fa11c91
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
