last executing test programs:

942.158991ms ago: executing program 2 (id=818):
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "d57e190d001e6e1d16c1711bbd8adbf65bd846957b378a02340c68117aa1b390", "b0b4e2d8157cddfb9792c8e37bafb99e319950347e93f4d34870ee24c0ea06d56270e45c8d3e7d708161ba81dd33c54b", "01acae6f69ea1443db8d53af54944d4894a87f20c65bfb8e0c8cfb67", {"38f5e54b3dc7c070b4d66f0f9565df74", "d2653a13d554fee0e7be27c873db314d"}}}}}}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000080)={r2}, &(0x7f00000000c0)=0x8)

941.785412ms ago: executing program 2 (id=819):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000084000000060a010400000000000000000100000008000b40000000005c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000240001800a0001007265646972000000140002800800014000000012080002400000000e0900010073797a30"], 0xf8}}, 0x0)

882.185253ms ago: executing program 2 (id=820):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x0, {0xc}}, 0x14}}, 0x0)

882.059314ms ago: executing program 2 (id=821):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7fe})

881.908395ms ago: executing program 2 (id=822):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)

322.097339ms ago: executing program 1 (id=828):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a2b0300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

272.249128ms ago: executing program 1 (id=829):
r0 = socket$kcm(0x29, 0x2, 0x0)
close(r0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
close(r1)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x2cb)
close(r1)

272.024531ms ago: executing program 1 (id=830):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0x81, 0x43)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'ip6gretap0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b036800e0ff64000200475400f6a13bb1000000080088a84803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)

210.415354ms ago: executing program 1 (id=832):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x240048d0)

210.282937ms ago: executing program 0 (id=833):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000280)={r1}, 0xc)

152.475892ms ago: executing program 0 (id=834):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x7a)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000001400)=""/4096, 0x1000}], 0x2}, 0x0)

152.034591ms ago: executing program 0 (id=835):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea61", 0x2}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0xc800)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)

139.01463ms ago: executing program 1 (id=836):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000002000000000000000000000a000000000000000000000011"], 0x0, 0x32}, 0x20)

62.163815ms ago: executing program 1 (id=837):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000380)={'vcan0\x00'})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r4=>0x0})
sendmsg$can_j1939(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x1d, r4, 0x2, {0x2}}, 0x18, &(0x7f00000001c0)={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x4008001}, 0x10)
pipe(&(0x7f0000000340)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x20, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="fb12ca2f33d63308000000000000000079100c00a70000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
write(r6, &(0x7f0000000140)="6d527cd53870164a3a0d4b64fb0d7bebad2dce076e7768215970e33adf15173c9e665cff10727f6273ef2aace367c13b8e834788d7da2d60077ebc24a796b221a2f39fd294dc01861206b499138d02ebf3cfc3b11f0e18858568476bac483df9c4d0a61da2d2f9b7c4cb601c0141f209fc9e06d9457920a9a749a23ccd52eb91db50189627774719cf91bd6e63a2b8a3b657c0e438ffc3e275b03ef0f384a0c1f20143b7b87f2e34729b000000805e0ad338423d4200f349c545516c46bb9f104a3816b12950faa20fab5827bc62a8d4cc12c4c8954308a933d63aa66cdb3646a37626de7361b5338c197dd3e6844dafcb4338dce0b79ee41da150eca12fbd36b4873ce8e4747b63e8830ee6c32f254d37792053e2b77cc86279ea843600"/297, 0x3accf8d5)
vmsplice(r6, &(0x7f0000000440)=[{&(0x7f00000000c0)='7', 0x1}], 0x1, 0x100000000000000)
close(r5)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
r8 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r8, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={'nr', 0x0}, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]})
sendmmsg$inet6(r7, &(0x7f0000003a00)=[{{&(0x7f0000000580)={0xa, 0x20, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000200)="c5df6a", 0x3}], 0x1}}, {{&(0x7f0000000b40)={0xa, 0x4e21, 0x900000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000e40)="af", 0x1}], 0x1}}], 0x2, 0xc0c0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010025bd7000fcdbdf25010005000000000007410000004c00180000000762726f6164636173742d6c696e6b00"/98], 0x68}, 0x1, 0x0, 0x0, 0x810}, 0x4000000)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
sendfile(r8, 0xffffffffffffffff, &(0x7f0000000000), 0x8000000000000000)
r11 = socket$inet6(0xa, 0x80003, 0xff)
r12 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r12, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r11, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
close(0x3)
recvmmsg$unix(r0, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1}}, {{0x0, 0x0, &(0x7f0000002bc0)}}], 0x2, 0x0, 0x0)

62.04271ms ago: executing program 0 (id=838):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000001c0)=0x1, 0x4)

487.298µs ago: executing program 0 (id=839):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_coalesce={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}})

149.931µs ago: executing program 2 (id=840):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockname$inet(r0, 0x0, &(0x7f0000000240))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r4, 0x0, 0xdc0, 0x4000, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x22)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x6, 0x6, 0x0, 0x0, 0x280}, 0x48)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r2, 0x0, 0x0, 0x800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x100}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
syz_emit_ethernet(0x86, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x1b59, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "0000000108653904030405ffffff09c56a3000", "9384bbeb3018ad591b661fe808b21b77", {"694c875dfb1be5d2a0057a62022a1564", "a329d3a13bd5b6cc6a9471314a1d8c69"}}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000dfff000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e65766530000000000000000000140001006c6f0000000000000000000000000000080002"], 0xb4}}, 0x0)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b3f2219d205e81f4a7f71c1926aae1ef0300054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7c331926b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000680)=[@iv={0x40, 0x117, 0x2, 0x27, "9933f880fa9a8179fe69e3dce07412fed77321376826e5a06dda5cf18eff25b4b413c31931fff6"}], 0x90}], 0x1, 0x40800)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945d7430008", 0x0, 0x501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x25, &(0x7f0000001500)={0x0, @in6={{0xa, 0x4e20, 0x2, @dev={0xfe, 0x80, '\x00', 0x28}, 0xfff}}, 0x0, 0x200}, 0x90)

0s ago: executing program 0 (id=841):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x12, 0x4, 0x4, 0x12}, 0x48)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:37395' (ED25519) to the list of known hosts.
syzkaller login: [   40.429587][ T5756] cgroup: Unknown subsys name 'net'
[   40.570389][ T5756] cgroup: Unknown subsys name 'cpuset'
[   40.574725][ T5756] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   41.942786][ T5756] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   51.543506][ T5863] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   51.546074][ T5863] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   51.570368][ T5862] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   51.573197][ T5863] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   51.575445][ T5862] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   51.578638][ T5862] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   51.581930][ T5862] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   51.585257][ T5862] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   51.588243][ T5862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   51.588594][ T5869] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   51.590834][ T5862] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   51.594491][ T5869] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   51.595373][ T5862] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   51.598777][ T5869] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   51.602095][ T5869] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   51.891149][ T5859] chnl_net:caif_netlink_parms(): no params data found
[   51.919055][ T5867] chnl_net:caif_netlink_parms(): no params data found
[   51.949569][ T5860] chnl_net:caif_netlink_parms(): no params data found
[   52.010723][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.013516][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.015795][ T5859] bridge_slave_0: entered allmulticast mode
[   52.019115][ T5859] bridge_slave_0: entered promiscuous mode
[   52.047463][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.050158][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.052376][ T5859] bridge_slave_1: entered allmulticast mode
[   52.054927][ T5859] bridge_slave_1: entered promiscuous mode
[   52.069362][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.072193][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.074900][ T5867] bridge_slave_0: entered allmulticast mode
[   52.077980][ T5867] bridge_slave_0: entered promiscuous mode
[   52.095353][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.097797][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.100335][ T5867] bridge_slave_1: entered allmulticast mode
[   52.104104][ T5867] bridge_slave_1: entered promiscuous mode
[   52.110076][ T5859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.136765][ T5859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.147170][ T5860] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.150338][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.153069][ T5860] bridge_slave_0: entered allmulticast mode
[   52.155730][ T5860] bridge_slave_0: entered promiscuous mode
[   52.183112][ T5859] team0: Port device team_slave_0 added
[   52.186348][ T5859] team0: Port device team_slave_1 added
[   52.188649][ T5860] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.190951][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.193189][ T5860] bridge_slave_1: entered allmulticast mode
[   52.195833][ T5860] bridge_slave_1: entered promiscuous mode
[   52.201300][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.238015][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.241500][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_0
[   52.244266][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.253108][ T5859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   52.260910][ T5860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.274456][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_1
[   52.276619][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.285321][ T5859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   52.295502][ T5860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.323259][ T5867] team0: Port device team_slave_0 added
[   52.334232][ T5867] team0: Port device team_slave_1 added
[   52.357909][ T5860] team0: Port device team_slave_0 added
[   52.376490][ T5860] team0: Port device team_slave_1 added
[   52.388594][ T5859] hsr_slave_0: entered promiscuous mode
[   52.390843][ T5859] hsr_slave_1: entered promiscuous mode
[   52.393577][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0
[   52.395798][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.405436][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   52.418600][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_0
[   52.420917][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.429646][ T5860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   52.433945][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1
[   52.436534][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.445247][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   52.462182][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_1
[   52.464329][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.473335][ T5860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   52.526839][ T5867] hsr_slave_0: entered promiscuous mode
[   52.529165][ T5867] hsr_slave_1: entered promiscuous mode
[   52.531344][ T5867] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   52.533735][ T5867] Cannot create hsr debugfs directory
[   52.553827][ T5860] hsr_slave_0: entered promiscuous mode
[   52.556059][ T5860] hsr_slave_1: entered promiscuous mode
[   52.559203][ T5860] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   52.561513][ T5860] Cannot create hsr debugfs directory
[   52.735396][ T5859] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   52.745729][ T5859] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   52.751616][ T5859] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   52.761062][ T5859] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   52.790506][ T5867] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   52.810773][ T5867] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   52.815444][ T5867] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   52.832261][ T5867] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   52.840571][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.842999][ T5859] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.845814][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.848289][ T5859] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.854340][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.857309][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.872930][ T5860] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   52.886192][ T5860] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   52.899534][ T5860] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   52.908111][ T5860] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   52.955536][ T5859] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.987492][ T5859] 8021q: adding VLAN 0 to HW filter on device team0
[   52.994322][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.001050][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.003359][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.017207][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.019539][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.025214][ T5867] 8021q: adding VLAN 0 to HW filter on device team0
[   53.051620][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.053857][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.057071][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.059361][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.066627][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.102814][ T5860] 8021q: adding VLAN 0 to HW filter on device team0
[   53.110031][ T5867] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   53.127190][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.129543][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.134409][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.136589][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.180873][ T5860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   53.249012][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.255570][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.300213][ T5859] veth0_vlan: entered promiscuous mode
[   53.304616][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.313616][ T5867] veth0_vlan: entered promiscuous mode
[   53.317477][ T5859] veth1_vlan: entered promiscuous mode
[   53.334057][ T5867] veth1_vlan: entered promiscuous mode
[   53.352434][ T5860] veth0_vlan: entered promiscuous mode
[   53.362808][ T5860] veth1_vlan: entered promiscuous mode
[   53.367251][ T5859] veth0_macvtap: entered promiscuous mode
[   53.376780][ T5859] veth1_macvtap: entered promiscuous mode
[   53.392609][ T5867] veth0_macvtap: entered promiscuous mode
[   53.400179][ T5860] veth0_macvtap: entered promiscuous mode
[   53.411167][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0
[   53.415389][ T5867] veth1_macvtap: entered promiscuous mode
[   53.421526][ T5860] veth1_macvtap: entered promiscuous mode
[   53.429537][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1
[   53.440148][ T5859] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.442871][ T5859] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.445681][ T5859] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.449225][ T5859] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.464083][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0
[   53.476174][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0
[   53.482628][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1
[   53.485893][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1
[   53.509388][ T5867] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.514574][ T5867] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.517387][ T5867] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.521217][ T5867] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.525173][ T5860] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.528502][ T5860] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.531141][ T5860] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.533917][ T5860] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.574843][ T1198] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   53.577395][ T1198] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   53.620049][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   53.622599][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   53.638350][ T5863] Bluetooth: hci0: command tx timeout
[   53.638506][ T5870] Bluetooth: hci2: command tx timeout
[   53.640299][ T5863] Bluetooth: hci1: command tx timeout
[   53.648452][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   53.650877][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   53.662101][ T5859] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   53.669368][ T3628] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   53.671807][ T3628] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   53.693209][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   53.695649][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   53.716704][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   53.724242][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   53.839761][ T5936] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.116052][ T5965] netlink: 'syz.2.36': attribute type 2 has an invalid length.
[   54.121965][ T5965] netlink: 'syz.2.36': attribute type 1 has an invalid length.
[   54.124705][ T5965] netlink: 224 bytes leftover after parsing attributes in process `syz.2.36'.
[   54.192369][ T5973] netlink: 'syz.2.39': attribute type 3 has an invalid length.
[   54.195002][ T5973] netlink: 666 bytes leftover after parsing attributes in process `syz.2.39'.
[   54.300433][ T5981] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.425635][ T5993] netlink: 'syz.1.50': attribute type 11 has an invalid length.
[   54.581853][ T6005] xt_hashlimit: overflow, try lower: 72057594037927936/255
[   54.674636][ T6013] xt_CT: No such helper "netbios-ns"
[   54.897903][ T6038] netlink: 36 bytes leftover after parsing attributes in process `syz.2.68'.
[   54.954684][ T6041] netlink: 'syz.0.69': attribute type 3 has an invalid length.
[   55.086265][ T6050] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.73'.
[   55.180835][ T6061] bridge1: entered promiscuous mode
[   55.366634][ T6080] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.369086][ T6080] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.493885][ T6094] IPv4: Oversized IP packet from 127.202.26.0
[   55.717870][ T5866] Bluetooth: hci0: command tx timeout
[   55.717943][ T5870] Bluetooth: hci1: command tx timeout
[   55.719673][ T5863] Bluetooth: hci2: command tx timeout
[   55.809233][ T6118] netlink: 'syz.1.106': attribute type 3 has an invalid length.
[   55.922429][ T6125] netlink: 52 bytes leftover after parsing attributes in process `syz.0.109'.
[   55.928977][ T6125] netlink: 52 bytes leftover after parsing attributes in process `syz.0.109'.
[   55.931853][ T6125] netlink: 52 bytes leftover after parsing attributes in process `syz.0.109'.
[   56.089463][ T6133] netlink: 'syz.1.113': attribute type 3 has an invalid length.
[   56.178281][ T6145] netlink: 16 bytes leftover after parsing attributes in process `syz.0.117'.
[   56.214890][ T6151] netlink: 'syz.0.122': attribute type 13 has an invalid length.
[   56.218230][ T6151] netlink: 16 bytes leftover after parsing attributes in process `syz.0.122'.
[   56.219479][ T6149] netlink: 16 bytes leftover after parsing attributes in process `syz.1.120'.
[   56.244873][ T6151] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (6)
[   56.287459][ T6157] Zero length message leads to an empty skb
[   56.565736][ T6194] syz.0.138 uses obsolete (PF_INET,SOCK_PACKET)
[   56.614414][ T6199] warning: `syz.1.139' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   57.132215][ T6238] unsupported nlmsg_type 40
[   57.326409][ T6257] netlink: 'syz.2.167': attribute type 4 has an invalid length.
[   57.797854][ T5863] Bluetooth: hci1: command tx timeout
[   57.798659][ T5870] Bluetooth: hci2: command tx timeout
[   57.799705][ T5866] Bluetooth: hci0: command tx timeout
[   57.978435][ T6293] netlink: 'syz.2.184': attribute type 13 has an invalid length.
[   59.479454][ T6363] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   59.662888][ T6394] __nla_validate_parse: 9 callbacks suppressed
[   59.662901][ T6394] netlink: 248 bytes leftover after parsing attributes in process `syz.2.228'.
[   59.749718][ T6400] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[   59.879830][ T5866] Bluetooth: hci1: command tx timeout
[   59.881672][ T5866] Bluetooth: hci0: command tx timeout
[   59.883478][ T5863] Bluetooth: hci2: command tx timeout
[   59.910329][ T6418] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[   59.928310][ T6418] netlink: 12 bytes leftover after parsing attributes in process `syz.2.234'.
[   59.942077][ T6409] bridge2: entered promiscuous mode
[   59.943930][ T6409] bridge2: entered allmulticast mode
[   59.952114][ T6409] team0: Port device bridge2 added
[   60.756965][ T6504] netlink: 300 bytes leftover after parsing attributes in process `syz.0.268'.
[   60.776473][ T6508] tipc: Started in network mode
[   60.778270][ T6508] tipc: Node identity defa4997ec5f, cluster identity 4711
[   60.781035][ T6508] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   60.784878][ T6508] syzkaller0: entered promiscuous mode
[   60.786706][ T6508] syzkaller0: entered allmulticast mode
[   60.798027][ T6508] tipc: Resetting bearer <eth:syzkaller0>
[   60.807795][ T6506] tipc: Resetting bearer <eth:syzkaller0>
[   60.833124][ T6506] tipc: Disabling bearer <eth:syzkaller0>
[   60.841613][ T6512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.273'.
[   60.846501][ T6510] net veth1_virt_wifi : renamed from virt_wifi0
[   60.940019][ T6523] netlink: 'syz.2.277': attribute type 1 has an invalid length.
[   60.965670][ T6526] netlink: 'syz.1.279': attribute type 1 has an invalid length.
[   60.969539][ T6526] netlink: 'syz.1.279': attribute type 4 has an invalid length.
[   60.972326][ T6526] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.279'.
[   61.022163][ T6534] netlink: 8 bytes leftover after parsing attributes in process `syz.1.283'.
[   61.157196][ T6552] netlink: 830 bytes leftover after parsing attributes in process `syz.2.292'.
[   61.286318][ T6572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.302'.
[   61.290314][ T6572] netlink: 84 bytes leftover after parsing attributes in process `syz.0.302'.
[   61.350098][ T6577] netlink: 20 bytes leftover after parsing attributes in process `syz.0.304'.
[   61.933650][ T6584] netlink: 'syz.2.308': attribute type 1 has an invalid length.
[   61.936328][ T6584] netlink: 'syz.2.308': attribute type 2 has an invalid length.
[   61.957992][ T5863] Bluetooth: hci2: command 0x0405 tx timeout
[   62.226850][ T6612] netlink: 'syz.2.321': attribute type 1 has an invalid length.
[   62.280483][   T56] block nbd0: Receive control failed (result -107)
[   63.165529][ T6670] netlink: 'syz.2.349': attribute type 10 has an invalid length.
[   63.172000][ T6670] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[   63.776275][ T6732] netlink: ct family unspecified
[   63.778361][ T6732] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   63.846997][ T6742] x9: renamed from bridge_slave_0 (while UP)
[   64.040122][ T5870] Bluetooth: hci2: command 0x0405 tx timeout
[   64.711561][ T6788] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (6)
[   65.038333][ T6833] netlink: 'syz.2.424': attribute type 1 has an invalid length.
[   65.040868][ T6833] __nla_validate_parse: 8 callbacks suppressed
[   65.040874][ T6833] netlink: 16 bytes leftover after parsing attributes in process `syz.2.424'.
[   65.096343][ T6842] netlink: 'syz.2.428': attribute type 83 has an invalid length.
[   65.166313][ T6845] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.173245][ T6853] netlink: 'syz.1.434': attribute type 1 has an invalid length.
[   65.175979][ T6853] netlink: 112 bytes leftover after parsing attributes in process `syz.1.434'.
[   65.180308][ T6852] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   65.206625][ T6856] netlink: 8 bytes leftover after parsing attributes in process `syz.2.435'.
[   65.278268][ T6845] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.341611][ T6845] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.405654][ T6875] netlink: 128 bytes leftover after parsing attributes in process `syz.2.444'.
[   65.423564][ T6845] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.491260][ T6845] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.500432][ T6845] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.520136][ T6845] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.534136][ T6845] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.634169][ T6894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.453'.
[   65.713030][ T6902] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   66.033483][ T6935] netlink: 72 bytes leftover after parsing attributes in process `syz.0.473'.
[   66.144207][ T6947] netlink: 8 bytes leftover after parsing attributes in process `syz.1.479'.
[   66.147257][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.479'.
[   66.358062][ T6963] netlink: 'syz.2.486': attribute type 1 has an invalid length.
[   66.361438][ T6963] netlink: 'syz.2.486': attribute type 2 has an invalid length.
[   66.368825][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.486'.
[   66.777125][ T7011] tipc: Started in network mode
[   66.778965][ T7011] tipc: Node identity ee05c608d1f8, cluster identity 4711
[   66.781604][ T7011] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   66.784594][ T7011] syzkaller0: entered promiscuous mode
[   66.786629][ T7011] syzkaller0: entered allmulticast mode
[   66.797261][ T7011] sch_fq: defrate 257 ignored.
[   66.802302][ T7011] tipc: Resetting bearer <eth:syzkaller0>
[   66.806603][ T7010] tipc: Resetting bearer <eth:syzkaller0>
[   66.814395][ T7010] tipc: Disabling bearer <eth:syzkaller0>
[   66.882980][ T7013] netlink: 12 bytes leftover after parsing attributes in process `syz.1.511'.
[   67.238961][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   67.830642][ T7056] netlink: 'syz.1.532': attribute type 2 has an invalid length.
[   68.196568][ T7095] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[   68.733393][ T7133] IPVS: length: 8 != 446622349272
[   68.806399][ T7137] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   69.025139][ T7143] netlink: 'syz.1.573': attribute type 4 has an invalid length.
[   69.277413][ T7162] netlink: 'syz.1.582': attribute type 1 has an invalid length.
[   69.280877][ T7162] netlink: 'syz.1.582': attribute type 3 has an invalid length.
[   69.645303][ T7204] netlink: 'syz.0.603': attribute type 21 has an invalid length.
[   69.658321][ T7204] IPv6: NLM_F_CREATE should be specified when creating new route
[   69.812197][ T7222] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.870835][ T7222] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.924509][ T7222] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.987920][ T7222] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.106740][ T7222] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.135030][ T7222] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.161808][ T7242] tipc: Failed to remove unknown binding: 66,1,1/0:3912073311/3912073313
[   70.164685][ T7222] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.166994][ T7242] tipc: Failed to remove unknown binding: 66,1,1/0:3912073311/3912073313
[   70.172129][ T7242] tipc: Failed to remove unknown binding: 66,1,1/0:3912073311/3912073313
[   70.182967][ T7222] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.255364][    T9] IPVS: starting estimator thread 0...
[   70.347755][ T7245] IPVS: using max 79 ests per chain, 189600 per kthread
[   70.625940][ T7258] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551607)
[   70.629501][ T7258] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[   70.702333][ T7261] __nla_validate_parse: 8 callbacks suppressed
[   70.702344][ T7261] netlink: 8 bytes leftover after parsing attributes in process `syz.1.622'.
[   70.758762][ T7267] netlink: 56 bytes leftover after parsing attributes in process `syz.0.625'.
[   70.761745][ T7271] netlink: 'syz.1.626': attribute type 2 has an invalid length.
[   70.764250][ T7267] netlink: 24 bytes leftover after parsing attributes in process `syz.0.625'.
[   70.767144][ T7271] netlink: 224 bytes leftover after parsing attributes in process `syz.1.626'.
[   70.888929][ T7284] netlink: 20 bytes leftover after parsing attributes in process `syz.0.633'.
[   71.061420][ T7306] sctp: [Deprecated]: syz.0.640 (pid 7306) Use of int in max_burst socket option.
[   71.061420][ T7306] Use struct sctp_assoc_value instead
[   71.081294][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.083485][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   71.100494][ T7312] netlink: 83 bytes leftover after parsing attributes in process `syz.2.643'.
[   71.123799][ T7315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.645'.
[   71.127798][ T7315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.645'.
[   71.303459][ T7343] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   71.305960][ T7343] IPv6: NLM_F_CREATE should be set when creating new route
[   71.315242][ T7345] netlink: 'syz.0.657': attribute type 17 has an invalid length.
[   71.330806][ T7345] netlink: 2 bytes leftover after parsing attributes in process `syz.0.657'.
[   71.333939][ T7345] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   71.431356][ T7356] netlink: 'syz.2.662': attribute type 1 has an invalid length.
[   71.433913][ T7356] netlink: 136 bytes leftover after parsing attributes in process `syz.2.662'.
[   71.436822][ T7356] netlink: 'syz.2.662': attribute type 2 has an invalid length.
[   71.441199][ T7356] netlink: 'syz.2.662': attribute type 1 has an invalid length.
[   71.447832][ T7358] netlink: 'syz.0.663': attribute type 12 has an invalid length.
[   71.885539][ T7405] netlink: 'syz.0.685': attribute type 15 has an invalid length.
[   72.038546][ T7424] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   72.169015][ T7429] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.171783][ T7429] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.297350][ T7429] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.320233][ T7429] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   72.420744][ T7429] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.424037][ T7429] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.426993][ T7429] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.430066][ T7429] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.761555][ T7483] Driver unsupported XDP return value 0 on prog  (id 89) dev N/A, expect packet loss!
[   73.277061][ T7535] geneve2: entered promiscuous mode
[   73.297308][ T7541] netlink: 'syz.1.742': attribute type 1 has an invalid length.
[   73.301262][ T7541] netlink: 'syz.1.742': attribute type 4 has an invalid length.
[   73.332074][ T7544] ip6t_REJECT: TCP_RESET illegal for non-tcp
[   73.445420][ T7557] bridge_slave_1: left allmulticast mode
[   73.447364][ T7557] bridge_slave_1: left promiscuous mode
[   73.456176][ T7557] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.472760][ T7557] bridge_slave_0: left allmulticast mode
[   73.474602][ T7557] bridge_slave_0: left promiscuous mode
[   73.479550][ T7557] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.936342][ T7604] bond0: (slave bond_slave_0): Releasing backup interface
[   74.031292][ T7612] netlink: 'syz.1.775': attribute type 3 has an invalid length.
[   74.392290][ T7651] syzkaller0: entered promiscuous mode
[   74.394079][ T7651] syzkaller0: entered allmulticast mode
[   75.306321][ T7714] Bluetooth: MGMT ver 1.23
[   75.378357][ T7721] IPv6: Can't replace route, no match found
[   75.530766][ T7733] xt_hashlimit: size too large, truncated to 1048576
[   75.746464][ T7755] __nla_validate_parse: 21 callbacks suppressed
[   75.746474][ T7755] netlink: 20 bytes leftover after parsing attributes in process `syz.0.841'.
[   75.770068][ T7755] nbd: socks must be embedded in a SOCK_ITEM attr
[   75.788142][ T5843] block nbd64: NBD_DISCONNECT
[   75.807558][   T32] 
[   75.808488][   T32] ======================================================
[   75.810756][   T32] WARNING: possible circular locking dependency detected
[   75.813028][   T32] 6.16.0-rc5-syzkaller-00212-g9f735b6f8a77-dirty #0 Not tainted
[   75.816097][   T32] ------------------------------------------------------
[   75.818458][   T32] kworker/u10:1/32 is trying to acquire lock:
[   75.820385][   T32] ffff888123ede358 (&disk->open_mutex){+.+.}-{4:4}, at: __del_gendisk+0x129/0x9e0
[   75.823385][   T32] 
[   75.823385][   T32] but task is already holding lock:
[   75.823454][ T7760] netlink: 92 bytes leftover after parsing attributes in process `syz.0.842'.
[   75.825771][   T32] ffff8881245d6188 (&set->update_nr_hwq_lock){++++}-{4:4}, at: del_gendisk+0xe0/0x160
[   75.831773][   T32] 
[   75.831773][   T32] which lock already depends on the new lock.
[   75.831773][   T32] 
[   75.834998][   T32] 
[   75.834998][   T32] the existing dependency chain (in reverse order) is:
[   75.837772][   T32] 
[   75.837772][   T32] -> #2 (&set->update_nr_hwq_lock){++++}-{4:4}:
[   75.840390][   T32]        lock_acquire+0x120/0x360
[   75.842014][   T32]        down_write+0x96/0x1f0
[   75.843547][   T32]        blk_mq_update_nr_hw_queues+0x3b/0x14c0
[   75.845511][   T32]        nbd_start_device+0x16c/0xac0
[   75.847178][   T32]        nbd_genl_connect+0x1250/0x1930
[   75.848884][   T32]        genl_family_rcv_msg_doit+0x215/0x300
[   75.850767][   T32]        genl_rcv_msg+0x60e/0x790
[   75.852362][   T32]        netlink_rcv_skb+0x208/0x470
[   75.854093][   T32]        genl_rcv+0x28/0x40
[   75.855542][   T32]        netlink_unicast+0x75c/0x8e0
[   75.857211][   T32]        netlink_sendmsg+0x805/0xb30
[   75.858843][   T32]        __sock_sendmsg+0x21c/0x270
[   75.860446][   T32]        ____sys_sendmsg+0x505/0x830
[   75.862178][   T32]        ___sys_sendmsg+0x21f/0x2a0
[   75.863898][   T32]        __x64_sys_sendmsg+0x19b/0x260
[   75.865693][   T32]        do_syscall_64+0xfa/0x3b0
[   75.867345][   T32]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.869332][   T32] 
[   75.869332][   T32] -> #1 (&nbd->config_lock){+.+.}-{4:4}:
[   75.871724][   T32]        lock_acquire+0x120/0x360
[   75.873313][   T32]        __mutex_lock+0x182/0xe80
[   75.874908][   T32]        refcount_dec_and_mutex_lock+0x30/0xa0
[   75.876903][   T32]        nbd_config_put+0x2c/0x790
[   75.878562][   T32]        nbd_release+0xfe/0x140
[   75.880158][   T32]        bdev_release+0x536/0x650
[   75.881747][   T32]        blkdev_release+0x15/0x20
[   75.883378][   T32]        __fput+0x44c/0xa70
[   75.884802][   T32]        fput_close_sync+0x119/0x200
[   75.886435][   T32]        __x64_sys_close+0x7f/0x110
[   75.888070][   T32]        do_syscall_64+0xfa/0x3b0
[   75.889689][   T32]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.891714][   T32] 
[   75.891714][   T32] -> #0 (&disk->open_mutex){+.+.}-{4:4}:
[   75.894170][   T32]        validate_chain+0xb9b/0x2140
[   75.895906][   T32]        __lock_acquire+0xab9/0xd20
[   75.897593][   T32]        lock_acquire+0x120/0x360
[   75.899255][   T32]        __mutex_lock+0x182/0xe80
[   75.900911][   T32]        __del_gendisk+0x129/0x9e0
[   75.902590][   T32]        del_gendisk+0xe8/0x160
[   75.904199][   T32]        nbd_dev_remove_work+0x47/0xe0
[   75.906007][   T32]        process_scheduled_works+0xae1/0x17b0
[   75.907995][   T32]        worker_thread+0x8a0/0xda0
[   75.909674][   T32]        kthread+0x711/0x8a0
[   75.911174][   T32]        ret_from_fork+0x3fc/0x770
[   75.912873][   T32]        ret_from_fork_asm+0x1a/0x30
[   75.914624][   T32] 
[   75.914624][   T32] other info that might help us debug this:
[   75.914624][   T32] 
[   75.917886][   T32] Chain exists of:
[   75.917886][   T32]   &disk->open_mutex --> &nbd->config_lock --> &set->update_nr_hwq_lock
[   75.917886][   T32] 
[   75.922268][   T32]  Possible unsafe locking scenario:
[   75.922268][   T32] 
[   75.924685][   T32]        CPU0                    CPU1
[   75.926404][   T32]        ----                    ----
[   75.928209][   T32]   rlock(&set->update_nr_hwq_lock);
[   75.929985][   T32]                                lock(&nbd->config_lock);
[   75.932456][   T32]                                lock(&set->update_nr_hwq_lock);
[   75.935010][   T32]   lock(&disk->open_mutex);
[   75.936556][   T32] 
[   75.936556][   T32]  *** DEADLOCK ***
[   75.936556][   T32] 
[   75.939254][   T32] 3 locks held by kworker/u10:1/32:
[   75.941095][   T32]  #0: ffff888021a92148 ((wq_completion)nbd-del){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[   75.944674][   T32]  #1: ffffc9000066fbc0 ((work_completion)(&nbd->remove_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[   75.948706][   T32]  #2: ffff8881245d6188 (&set->update_nr_hwq_lock){++++}-{4:4}, at: del_gendisk+0xe0/0x160
[   75.952012][   T32] 
[   75.952012][   T32] stack backtrace:
[   75.953866][   T32] CPU: 1 UID: 0 PID: 32 Comm: kworker/u10:1 Not tainted 6.16.0-rc5-syzkaller-00212-g9f735b6f8a77-dirty #0 PREEMPT(full) 
[   75.953875][   T32] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   75.953881][   T32] Workqueue: nbd-del nbd_dev_remove_work
[   75.953894][   T32] Call Trace:
[   75.953899][   T32]  <TASK>
[   75.953902][   T32]  dump_stack_lvl+0x189/0x250
[   75.953913][   T32]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.953921][   T32]  ? __pfx__printk+0x10/0x10
[   75.953931][   T32]  ? print_lock_name+0xde/0x100
[   75.953945][   T32]  print_circular_bug+0x2ee/0x310
[   75.953955][   T32]  check_noncircular+0x134/0x160
[   75.953964][   T32]  validate_chain+0xb9b/0x2140
[   75.953974][   T32]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   75.953985][   T32]  ? arch_stack_walk+0x11c/0x150
[   75.953995][   T32]  __lock_acquire+0xab9/0xd20
[   75.954003][   T32]  ? __del_gendisk+0x129/0x9e0
[   75.954012][   T32]  lock_acquire+0x120/0x360
[   75.954018][   T32]  ? __del_gendisk+0x129/0x9e0
[   75.954027][   T32]  ? check_path+0x21/0x40
[   75.954036][   T32]  __mutex_lock+0x182/0xe80
[   75.954044][   T32]  ? __del_gendisk+0x129/0x9e0
[   75.954053][   T32]  ? __del_gendisk+0x129/0x9e0
[   75.954062][   T32]  ? __pfx___mutex_lock+0x10/0x10
[   75.954069][   T32]  ? __pfx___might_resched+0x10/0x10
[   75.954078][   T32]  ? __lock_acquire+0xab9/0xd20
[   75.954085][   T32]  ? disk_del_events+0xb5/0x210
[   75.954094][   T32]  ? __del_gendisk+0xc1/0x9e0
[   75.954102][   T32]  __del_gendisk+0x129/0x9e0
[   75.954111][   T32]  ? del_gendisk+0xe0/0x160
[   75.954120][   T32]  ? __pfx___del_gendisk+0x10/0x10
[   75.954129][   T32]  ? down_read+0x1ad/0x2e0
[   75.954137][   T32]  del_gendisk+0xe8/0x160
[   75.954146][   T32]  nbd_dev_remove_work+0x47/0xe0
[   75.954154][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   75.954162][   T32]  process_scheduled_works+0xae1/0x17b0
[   75.954174][   T32]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.954183][   T32]  worker_thread+0x8a0/0xda0
[   75.954195][   T32]  kthread+0x711/0x8a0
[   75.954205][   T32]  ? __pfx_worker_thread+0x10/0x10
[   75.954213][   T32]  ? __pfx_kthread+0x10/0x10
[   75.954222][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.954232][   T32]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.954239][   T32]  ? __pfx_kthread+0x10/0x10
[   75.954248][   T32]  ret_from_fork+0x3fc/0x770
[   75.954256][   T32]  ? __pfx_ret_from_fork+0x10/0x10
[   75.954263][   T32]  ? __switch_to_asm+0x39/0x70
[   75.954272][   T32]  ? __switch_to_asm+0x33/0x70
[   75.954281][   T32]  ? __pfx_kthread+0x10/0x10
[   75.954290][   T32]  ret_from_fork_asm+0x1a/0x30
[   75.954302][   T32]  </TASK>
[   81.332701][ T1271] cfg80211: failed to load regulatory.db

VM DIAGNOSIS:
09:56:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000600 RBX=0000000000000200 RCX=0000000000080000 RDX=ffffc900097ca000
RSI=0000000000000200 RDI=ffffffff8a07f6c3 RBP=ffffc900048cef30 RSP=ffffc900048cee80
R8 =ffffc900048cf09f R9 =0000000000000000 R10=ffffc900048cf080 R11=fffff52000919e14
R12=1ffff92000919dd0 R13=ffff8880243ee17e R14=0000000000000246 R15=dffffc0000000000
RIP=ffffffff8185ae15 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f150e4366c0 ffffffff 00c00000
GS =0000 ffff8880b8626000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffa49d802d8 CR3=00000001092d2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 000000524f525245 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f0890011ec1
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000037 RBX=0000000000000037 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000066ee10
R8 =ffff8880202d0237 R9 =1ffff1100405a046 R10=dffffc0000000000 R11=ffffffff85460db0
R12=dffffc0000000000 R13=ffffffff99aee8be R14=ffffffff99df32e0 R15=0000000000000000
RIP=ffffffff85460e2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c26000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000004400 CR3=000000001fb6a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffff000000000000 ffff00ff00000000 XMM05=0000000000000031 0000552f00313130
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffff0000ff000000 XMM09=6c696b66722f3031 7968702f31313230
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
