last executing test programs:

951.021418ms ago: executing program 0 (id=1057):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000140)={0x10000042}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x2042, 0xfffffffd}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10)

289.150822ms ago: executing program 1 (id=1070):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r0, 0x0, 0x2, 0x4044898, &(0x7f0000e68000)={0x2, 0x4e26, @remote}, 0x10)

220.957526ms ago: executing program 2 (id=1072):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_buf(r0, 0x29, 0x2b, &(0x7f0000001c40)="63472afef9f36c45e3f8669700a670dc155349118a15b8809fe3cc57565ab71162b810314c9d1e3747586d33157ad60a6d5cd75cc1a650aa41ae3fee4f6795408e8a6428ba84eb4bf60c54ea0a16545e56bbdeb31b215dee06a5c027c2d1032eec8332fe930c3d2362dfa632e9fc09df4f0691f564839e7934551388dc82c3f3244b99aa74eae9aa8274640e5d818abc92abb376329960c17f041af32ceb5525d8d67f978dc407e8ece1e47ee8f49e4663cf8e864d34ddd360d3637e8db4807941326d7045d8dea9bb29d7e2b0b858223ef4dc82d8cc8c47401a9ff4ecb1529cd278735ece9c68d78569be55198118f33b6f2bca91d6776dc728ddc8baf750b7bc36a39cb1ed08bd", 0x108)

220.851728ms ago: executing program 1 (id=1073):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x7fffffe, 0x90, [0x200000000c40, 0x0, 0x0, 0x200000000c70, 0x200000000ca0], 0x0, 0x0, 0x0}, 0x108)

220.774276ms ago: executing program 2 (id=1074):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00))
sendmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

220.718003ms ago: executing program 1 (id=1075):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@fwd={0x4}]}, {0x0, [0x30, 0x61, 0x5f, 0x61, 0x2e]}}, 0x0, 0x2b, 0x0, 0x1, 0x400}, 0x28)

220.630366ms ago: executing program 2 (id=1076):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000800)=@mangle={'mangle\x00', 0x64, 0x6, 0x538, 0x438, 0x0, 0x438, 0x520, 0x300, 0x520, 0x520, 0x520, 0x520, 0x520, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private0, [], [0xffffff00, 0x0, 0x0, 0x1f9814788dbf7ab2], 'veth1\x00', 'syz_tun\x00', {}, {}, 0x29}, 0x11e, 0xa8, 0xf0, 0x1f000000, {0x0, 0x7}}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x0, 0x200, {0x81}}}}, {{@ipv6={@mcast1, @dev, [], [], 'batadv_slave_0\x00', 'ip6gretap0\x00', {}, {}, 0x2b}, 0x0, 0xa8, 0xd0, 0x7400}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'macvlan1\x00', {0x1}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@rand_addr=0x64010100}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)

171.081706ms ago: executing program 1 (id=1077):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x13, &(0x7f00000009c0)=@framed={{}, [@printk={@llx, {0x3, 0x0, 0x3, 0xa, 0x0}, {0x5}, {0x6, 0x0, 0x2}, {}, {}, {0x85, 0x0, 0x0, 0x8}}, @printk={@p, {0x5, 0x3, 0x6, 0xa, 0x1, 0xfff5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

170.783805ms ago: executing program 2 (id=1078):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_ASSOCIATE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x0, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x4000002)

170.669935ms ago: executing program 1 (id=1079):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x14, 0x3, 0x3, 0x101}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x4)

107.838237ms ago: executing program 1 (id=1080):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)

107.718583ms ago: executing program 0 (id=1081):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DONE(r0, 0x29, 0xc9, 0x12, 0x0)

107.427618ms ago: executing program 2 (id=1082):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x48, &(0x7f00000014c0)={0x2c, 0x7, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x8}, @ra={0x5, 0x2, 0x2}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @generic={0x2}, @ra={0x5, 0x2, 0x7dca}, @calipso={0x7, 0x20, {0x0, 0x6, 0x9, 0x86, [0x10e, 0xfffffffffffffffc, 0x0]}}]}, 0x40)

107.207959ms ago: executing program 2 (id=1083):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet_sctp(r0, &(0x7f0000004900)=[{&(0x7f00000000c0)=@in={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000100)="f4", 0x34000}, {0x0}], 0x2, &(0x7f00000001c0)=[@dstaddrv4={0x18, 0x84, 0x7, @remote}, @dstaddrv4={0x18, 0x84, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @dstaddrv4={0x18, 0x84, 0x7, @dev}], 0x48}], 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r1, 0x8b2a, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb4b1}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5bb}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040), 0x6)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={&(0x7f0000000540)="3b14265d2a9eee7c089ecde19a2559ee3e316a782c3d0d50816bc0cb775db410d40152d7825fcc9e9a4b89872e3a016581fce14895e85588fbd5ad30af11d8728356da784e2cb2c4d6e1c81b34051158e783279257f03065923d67d99315a202c0b20db70f387aa9f5e31e6fa48590108d662484b9ca144e20644e25393f1a061cee472a8044941cfeb8d5daff40aa2dfd75fc0545e9f378ca35c41a0be68455f5f05bf159063a9136599f6fea50f3097823febd70af8cc496cd2574f629a3405ebeee7822097d826f21c0d5a1d47de8e1", &(0x7f0000001f40)=""/4096, &(0x7f0000000780)="0d8c1d61e348d64ba0f885366863622dc347a95321e40c05ca8d104817d1ae1fc904e3e650f6ceed36bf43b4ed5e6e670c70392d7723b6029f4df5daec6c4e08a30a32f6ed3d129b8e7e89c9f00cf4c8a814c2ecdb8c369e3e34cd2fd416d79f5a73f07a2a8ed117c6cab1fd6e8f158bb60a507ac2f48abd399ed4ba712785e5419760c443f74355396bd06906e0db1d036719e9a282f8e41f4b2ee24b70558151b948", &(0x7f0000000840)="1dd605aaa6ba45e8fd28ab14c48ae429156b52224382963609944a21dc246c3a9b87836a0306ccfc3f27c8b03542a86d75ca5321c36f5f4d1b98c19ee14a1432a92f8566e7374a9e62eac9575e34acc50d3031251c888da3f0e2ec5db00d29af3d4a12cbb8ba96b40b0698a9b749988b572371cff594ca268738cf3e", 0x5, r2}, 0x38)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r5, 0x0, 0xd}, 0x18)
r6 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$NS_GET_PARENT(r6, 0xb702, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000003c0)={r2, &(0x7f0000000140)="3156cff2394930963656873e99c19c42cbc16a", &(0x7f0000000180)=""/26}, 0x20)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$sock_bt_hci(r4, 0x400448e6, &(0x7f0000000500)="d7")
ioctl$sock_bt_hci(r4, 0x400448e7, &(0x7f0000000080))

61.105896ms ago: executing program 0 (id=1084):
r0 = socket$kcm(0x11, 0xa, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="f1", 0x1}], 0x1}, 0x40040)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0), 0x8}, 0x0)

60.976571ms ago: executing program 0 (id=1085):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000380), r0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x2c, r2, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x2}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x5a8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x8080)

182.958µs ago: executing program 0 (id=1086):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000dffbdbdf25210000000500200041e9ff000b001f0070687931000000000c000500"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x20048000)

0s ago: executing program 0 (id=1087):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x44, r4, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r5}}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x44}}, 0x20000000)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040090}, 0xc0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r7, 0x8983, &(0x7f0000001640)={0x0, 'veth0_to_hsr\x00', {0x3}, 0x4})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYBLOB="a769ed16d431d963eff6c2d0f9113babb7ce9c9a317adc5c255123c8c3280fb83d7ef6e4571bc229479c5d4ca1cdbc9823e0e294d603260f4c32ea85c3a4dd6ec71e005b8576568eeb12745cf1951e0e6186"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)={0x58, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @remote}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004010}, 0x400c000)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000080)={0x0, 'wlan0\x00', {0x1}, 0x10})

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:59277' (ED25519) to the list of known hosts.
syzkaller login: [   41.957849][ T5799] cgroup: Unknown subsys name 'net'
[   42.087003][ T5799] cgroup: Unknown subsys name 'cpuset'
[   42.093284][ T5799] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   43.483076][ T5799] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.694385][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.703233][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.709103][ T5217] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.711566][ T5217] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   46.714576][ T5217] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   46.717254][ T5217] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   46.719859][ T5217] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.722507][ T5217] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.725877][ T5217] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.728130][ T5217] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.771655][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.783986][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.787301][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.795310][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.800046][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.944778][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   47.000988][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   47.063284][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.065989][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.068440][ T5828] bridge_slave_0: entered allmulticast mode
[   47.071405][ T5828] bridge_slave_0: entered promiscuous mode
[   47.081065][ T5834] chnl_net:caif_netlink_parms(): no params data found
[   47.086970][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.089312][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.091685][ T5828] bridge_slave_1: entered allmulticast mode
[   47.094822][ T5828] bridge_slave_1: entered promiscuous mode
[   47.135732][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.138151][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.140502][ T5823] bridge_slave_0: entered allmulticast mode
[   47.144482][ T5823] bridge_slave_0: entered promiscuous mode
[   47.147827][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.150260][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.152632][ T5823] bridge_slave_1: entered allmulticast mode
[   47.155648][ T5823] bridge_slave_1: entered promiscuous mode
[   47.166697][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.185688][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.222223][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.227818][ T5828] team0: Port device team_slave_0 added
[   47.238072][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.241149][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.243789][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.246203][ T5834] bridge_slave_0: entered allmulticast mode
[   47.248907][ T5834] bridge_slave_0: entered promiscuous mode
[   47.254231][ T5828] team0: Port device team_slave_1 added
[   47.269548][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.271898][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.275136][ T5834] bridge_slave_1: entered allmulticast mode
[   47.277884][ T5834] bridge_slave_1: entered promiscuous mode
[   47.296426][ T5823] team0: Port device team_slave_0 added
[   47.312618][ T5823] team0: Port device team_slave_1 added
[   47.315277][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.318053][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.327003][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.333298][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.342924][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.345670][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.354935][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.359780][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.395148][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.397384][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.406651][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.412000][ T5834] team0: Port device team_slave_0 added
[   47.415518][ T5834] team0: Port device team_slave_1 added
[   47.430957][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.433301][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.441306][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.455854][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.458148][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.467853][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.475120][ T5828] hsr_slave_0: entered promiscuous mode
[   47.477499][ T5828] hsr_slave_1: entered promiscuous mode
[   47.481055][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.483690][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.491762][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.528999][ T5823] hsr_slave_0: entered promiscuous mode
[   47.531296][ T5823] hsr_slave_1: entered promiscuous mode
[   47.533847][ T5823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.536384][ T5823] Cannot create hsr debugfs directory
[   47.565944][ T5834] hsr_slave_0: entered promiscuous mode
[   47.568165][ T5834] hsr_slave_1: entered promiscuous mode
[   47.570212][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.572574][ T5834] Cannot create hsr debugfs directory
[   47.744551][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.756601][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.765899][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.775608][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.798554][ T5823] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.804537][ T5823] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.809315][ T5823] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.825391][ T5823] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.846285][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.848860][ T5828] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.851705][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.854257][ T5828] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.866376][ T5834] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.879296][ T5834] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.883893][ T5834] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.891716][ T5834] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.924686][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.927075][ T5823] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.929927][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.933097][ T5823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.945947][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.949765][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.954528][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.957286][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.981763][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.009796][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   48.030839][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.033176][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.041153][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.043554][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.079011][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.097480][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.110302][ T5834] 8021q: adding VLAN 0 to HW filter on device team0
[   48.125484][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   48.128673][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.131036][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.139478][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.141819][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.150583][  T810] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.153004][  T810] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.184372][  T810] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.186716][  T810] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.268960][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.316982][ T5828] veth0_vlan: entered promiscuous mode
[   48.328663][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.336716][ T5828] veth1_vlan: entered promiscuous mode
[   48.361101][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.380246][ T5834] veth0_vlan: entered promiscuous mode
[   48.384484][ T5828] veth0_macvtap: entered promiscuous mode
[   48.395616][ T5834] veth1_vlan: entered promiscuous mode
[   48.398838][ T5828] veth1_macvtap: entered promiscuous mode
[   48.419400][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.426840][ T5823] veth0_vlan: entered promiscuous mode
[   48.431049][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.439107][ T5823] veth1_vlan: entered promiscuous mode
[   48.448983][ T5828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.451907][ T5828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.456022][ T5828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.458719][ T5828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.468114][ T5834] veth0_macvtap: entered promiscuous mode
[   48.475979][ T5834] veth1_macvtap: entered promiscuous mode
[   48.481652][ T5823] veth0_macvtap: entered promiscuous mode
[   48.487570][ T5823] veth1_macvtap: entered promiscuous mode
[   48.510096][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.526851][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.530806][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.547422][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.551562][ T5834] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.557502][ T5834] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.560290][ T5834] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.563248][ T5834] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.569430][  T731] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.572040][  T731] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.581327][ T5823] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.585018][ T5823] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.587837][ T5823] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.590658][ T5823] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.610980][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.614953][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.661100][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.676843][   T28] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.679306][   T28] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.703101][  T731] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.705692][  T731] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.745734][   T28] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.748581][   T28] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.748645][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.754157][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.814469][   T54] Bluetooth: hci2: command tx timeout
[   48.816536][   T54] Bluetooth: hci1: command tx timeout
[   48.816878][ T5832] Bluetooth: hci0: command tx timeout
[   48.917850][ T5908] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   49.061952][ T5925] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[   49.067078][ T5925] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[   49.147014][ T5932] netlink: 76 bytes leftover after parsing attributes in process `syz.0.15'.
[   49.152130][ T5932] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15'.
[   49.159923][ T5932] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15'.
[   49.343645][ T5954] netlink: 'syz.1.26': attribute type 1 has an invalid length.
[   49.390763][ T5962] xt_hashlimit: size too large, truncated to 1048576
[   49.391883][ T5961] netlink: 'syz.1.29': attribute type 21 has an invalid length.
[   49.452680][ T5967] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   49.764663][ T6005] netlink: 24 bytes leftover after parsing attributes in process `syz.1.50'.
[   49.815083][ T6009] netlink: 4 bytes leftover after parsing attributes in process `syz.2.53'.
[   49.872197][ T6017] netlink: 60 bytes leftover after parsing attributes in process `syz.0.56'.
[   49.902814][ T6017] netlink: 16 bytes leftover after parsing attributes in process `syz.0.56'.
[   49.905561][ T6017] netlink: 60 bytes leftover after parsing attributes in process `syz.0.56'.
[   49.927481][ T6017] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   49.929985][ T6023] netlink: 32 bytes leftover after parsing attributes in process `syz.1.59'.
[   50.288394][ T6050] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.372078][ T6053] netlink: 'syz.0.73': attribute type 10 has an invalid length.
[   50.386734][ T6053] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   50.893673][ T5827] Bluetooth: hci1: command tx timeout
[   50.896804][ T5827] Bluetooth: hci2: command tx timeout
[   50.898965][ T5827] Bluetooth: hci0: command tx timeout
[   51.450772][ T6144] netlink: 8 bytes leftover after parsing attributes in process `syz.1.112'.
[   51.472023][ T6144] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   52.244998][ T6219] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   52.247598][ T6219] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[   52.256401][ T6219] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   52.275102][ T6217] nbd: socks must be embedded in a SOCK_ITEM attr
[   52.277791][ T6217] block nbd0: shutting down sockets
[   52.560047][ T6239] netlink: 'syz.2.150': attribute type 13 has an invalid length.
[   52.565333][ T6239] netlink: 'syz.2.150': attribute type 17 has an invalid length.
[   52.598707][ T6244] xt_CT: You must specify a L4 protocol and not use inversions on it
[   52.698165][ T6257] netlink: 'syz.2.158': attribute type 1 has an invalid length.
[   52.974235][ T5832] Bluetooth: hci2: command tx timeout
[   52.974267][   T54] Bluetooth: hci1: command tx timeout
[   52.975960][ T5827] Bluetooth: hci0: command tx timeout
[   53.079398][ T6270] syz.2.164 uses obsolete (PF_INET,SOCK_PACKET)
[   53.582431][ T6308] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   53.677516][ T6320] Zero length message leads to an empty skb
[   53.926965][ T6351] IPv6: addrconf: prefix option has invalid lifetime
[   54.030820][ T6356] bridge_slave_1: left allmulticast mode
[   54.035028][ T6356] bridge_slave_1: left promiscuous mode
[   54.037049][ T6356] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.051063][ T6356] bridge_slave_0: left allmulticast mode
[   54.053768][ T6356] bridge_slave_0: left promiscuous mode
[   54.055839][ T6356] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.326999][ T6378] __nla_validate_parse: 7 callbacks suppressed
[   54.327009][ T6378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.211'.
[   54.336719][ T6380] Driver unsupported XDP return value 0 on prog  (id 34) dev N/A, expect packet loss!
[   54.497294][ T6393] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input4
[   54.616048][ T6404] netlink: 28 bytes leftover after parsing attributes in process `syz.0.221'.
[   55.053368][ T5827] Bluetooth: hci1: command tx timeout
[   55.062858][   T54] Bluetooth: hci2: command tx timeout
[   55.064087][ T5827] Bluetooth: hci0: command tx timeout
[   55.281896][ T6423] netlink: 'syz.2.229': attribute type 1 has an invalid length.
[   55.467788][ T6439] netlink: 'syz.2.237': attribute type 2 has an invalid length.
[   55.497043][ T6441] netlink: 12 bytes leftover after parsing attributes in process `syz.2.238'.
[   55.746595][ T6464] Bluetooth: MGMT ver 1.23
[   55.917727][ T6487] bridge_slave_0: left allmulticast mode
[   55.919611][ T6487] bridge_slave_0: left promiscuous mode
[   55.923639][ T6487] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.930608][ T6487] bridge_slave_1: left allmulticast mode
[   55.932476][ T6487] bridge_slave_1: left promiscuous mode
[   55.941407][ T6487] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.954120][ T6487] bond0: (slave bond_slave_0): Releasing backup interface
[   55.974715][ T6487] bond0: (slave bond_slave_1): Releasing backup interface
[   55.999637][ T6487] team0: Port device team_slave_0 removed
[   56.009116][ T6487] team0: Port device team_slave_1 removed
[   56.011786][ T6487] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.014957][ T6487] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.018818][ T6487] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.021301][ T6487] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.032649][ T6493] warning: `syz.1.263' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   56.043056][ T6500] A link change request failed with some changes committed already. Interface veth1_to_batadv may have been left with an inconsistent configuration, please check.
[   56.203853][ T6521] pimreg: tun_chr_ioctl cmd 2147767506
[   56.269904][ T6526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.277'.
[   56.376781][ T6535] netlink: 4 bytes leftover after parsing attributes in process `syz.1.281'.
[   56.492308][ T6546] sctp: [Deprecated]: syz.2.285 (pid 6546) Use of struct sctp_assoc_value in delayed_ack socket option.
[   56.492308][ T6546] Use struct sctp_sack_info instead
[   56.867745][ T6563] syz_tun: entered promiscuous mode
[   56.871094][ T6563] syz_tun: left promiscuous mode
[   57.089197][ T6579] tap0: tun_chr_ioctl cmd 1074025677
[   57.091467][ T6579] tap0: linktype set to 769
[   57.144666][ T6581] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   57.632152][ T6645] can: request_module (can-proto-3) failed.
[   57.850554][ T6663] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[   57.854414][ T6663] macsec1: entered promiscuous mode
[   57.856218][ T6663] macsec1: entered allmulticast mode
[   57.858074][ T6663] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[   57.891111][ T5867] IPVS: starting estimator thread 0...
[   57.983959][ T6666] IPVS: using max 80 ests per chain, 192000 per kthread
[   58.076661][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.345'.
[   58.279453][ T6700] netlink: 20 bytes leftover after parsing attributes in process `syz.2.351'.
[   58.457259][ T6715] netlink: 52 bytes leftover after parsing attributes in process `syz.0.355'.
[   59.007301][ T6765] netlink: 28 bytes leftover after parsing attributes in process `syz.0.376'.
[   59.010743][ T6765] vlan0: entered promiscuous mode
[   59.216806][ T6784] netlink: 36 bytes leftover after parsing attributes in process `syz.0.385'.
[   59.261542][ T6790] tipc: Started in network mode
[   59.274677][ T6790] tipc: Node identity 6acd53513df2, cluster identity 4711
[   59.277227][ T6790] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   59.286129][ T6790] syzkaller0: entered promiscuous mode
[   59.287908][ T6790] syzkaller0: entered allmulticast mode
[   59.336695][ T6790] tipc: Resetting bearer <eth:syzkaller0>
[   59.346213][ T6785] tipc: Resetting bearer <eth:syzkaller0>
[   59.373004][ T6785] tipc: Disabling bearer <eth:syzkaller0>
[   59.641310][ T6842] batadv_slave_0: entered promiscuous mode
[   59.683616][ T6846] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   59.833852][ T6860] xt_CT: No such helper "syz0"
[   60.020122][ T6870] trusted_key: syz.1.427 sent an empty control message without MSG_MORE.
[   60.221312][ T6899] netlink: 'syz.1.439': attribute type 6 has an invalid length.
[   60.225346][ T6899] netlink: 32 bytes leftover after parsing attributes in process `syz.1.439'.
[   60.407396][ T6921] netlink: 20 bytes leftover after parsing attributes in process `syz.1.448'.
[   60.479562][ T6921] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   60.482074][ T6921] batman_adv: batadv0: Removing interface: batadv_slave_0
[   60.491270][ T6921] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   60.494303][ T6921] batman_adv: batadv0: Removing interface: batadv_slave_1
[   60.554554][ T6937] syz_tun: entered allmulticast mode
[   60.559976][ T6934] syz_tun: left allmulticast mode
[   60.755933][ T6961] netlink: 28 bytes leftover after parsing attributes in process `syz.0.466'.
[   61.048592][ T6987] netlink: 'syz.0.478': attribute type 21 has an invalid length.
[   61.051271][ T6987] netlink: 132 bytes leftover after parsing attributes in process `syz.0.478'.
[   61.295286][ T7005] netlink: 128 bytes leftover after parsing attributes in process `syz.2.485'.
[   61.508260][ T7035] bridge1: entered allmulticast mode
[   61.541950][ T7038] lo speed is unknown, defaulting to 1000
[   61.544668][ T7038] lo speed is unknown, defaulting to 1000
[   61.559989][ T7038] lo speed is unknown, defaulting to 1000
[   61.565046][ T7038] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   61.576338][ T7038] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   61.598685][ T7038] lo speed is unknown, defaulting to 1000
[   61.603476][ T7038] lo speed is unknown, defaulting to 1000
[   61.612119][ T7038] lo speed is unknown, defaulting to 1000
[   62.417179][ T7078] netlink: 12 bytes leftover after parsing attributes in process `syz.0.519'.
[   62.532274][ T7085] netlink: 16 bytes leftover after parsing attributes in process `syz.2.523'.
[   62.675397][ T7105] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   62.725855][ T5890] lo speed is unknown, defaulting to 1000
[   62.729578][ T5890] syz2: Port: 1 Link DOWN
[   62.731930][ T7113] IPv6: sit1: Disabled Multicast RS
[   62.788364][ T7117] netlink: 4 bytes leftover after parsing attributes in process `syz.0.539'.
[   62.853853][ T7117] team0 (unregistering): Port device team_slave_0 removed
[   62.859181][ T7117] team0 (unregistering): Port device team_slave_1 removed
[   62.897608][ T7121] netem: incorrect gi model size
[   62.899728][ T7121] netem: change failed
[   63.678643][ T7173] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   63.681855][ T7173] syzkaller0: entered promiscuous mode
[   63.685621][ T7173] syzkaller0: entered allmulticast mode
[   63.698145][ T7173] tipc: Resetting bearer <eth:syzkaller0>
[   63.701759][ T7172] tipc: Resetting bearer <eth:syzkaller0>
[   63.711645][ T7172] tipc: Disabling bearer <eth:syzkaller0>
[   64.143159][ T7205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.575'.
[   64.174554][ T7207] macvlan2: entered promiscuous mode
[   64.176625][ T7207] macvlan2: entered allmulticast mode
[   64.262034][ T7219] netlink: 'syz.1.582': attribute type 10 has an invalid length.
[   64.275790][ T7219] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.278274][ T7219] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.286891][ T7219] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.289224][ T7219] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.291601][ T7219] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.294008][ T7219] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.298263][ T7219] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   64.489708][ T7231] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.542086][ T7231] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.603599][ T7231] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.641808][ T7231] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.690787][ T7231] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.698001][ T7231] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.705611][ T7231] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.712377][ T7231] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.740943][ T7233] netlink: 56 bytes leftover after parsing attributes in process `syz.1.589'.
[   66.008012][ T7309] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   66.055277][ T7316] __nla_validate_parse: 3 callbacks suppressed
[   66.055288][ T7316] netlink: 8 bytes leftover after parsing attributes in process `syz.0.625'.
[   66.119138][ T7327] netlink: 'syz.1.628': attribute type 11 has an invalid length.
[   66.148879][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'.
[   66.184621][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.0.634'.
[   66.478348][ T7383] IPv6: Can't replace route, no match found
[   66.490276][ T7385] netlink: 'syz.1.657': attribute type 21 has an invalid length.
[   66.561378][ T7391] tipc: Invalid UDP bearer configuration
[   66.561405][ T7391] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   66.650885][ T7402] sctp: [Deprecated]: syz.2.665 (pid 7402) Use of int in maxseg socket option.
[   66.650885][ T7402] Use struct sctp_assoc_value instead
[   66.708889][ T7412] C: renamed from team_slave_0
[   66.711976][ T7412] netlink: 'syz.2.670': attribute type 3 has an invalid length.
[   66.715181][ T7412] netlink: 152 bytes leftover after parsing attributes in process `syz.2.670'.
[   66.718238][ T7412] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   67.674864][ T7442] netlink: 184 bytes leftover after parsing attributes in process `syz.0.684'.
[   67.731896][ T7444] netlink: 'syz.1.685': attribute type 12 has an invalid length.
[   67.734559][ T7444] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.685'.
[   67.822275][ T7459] xt_TCPMSS: Only works on TCP SYN packets
[   67.827467][ T7461] netlink: 20 bytes leftover after parsing attributes in process `syz.1.693'.
[   67.959200][ T7469] lo speed is unknown, defaulting to 1000
[   68.039416][ T7475] netlink: 388 bytes leftover after parsing attributes in process `syz.0.699'.
[   68.437600][ T7513] x_tables: duplicate underflow at hook 3
[   68.695174][ T7523] batadv_slave_0: left promiscuous mode
[   68.782680][ T7523] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.788867][ T7523] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.791713][ T7523] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.796190][ T7523] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.803130][ T7523] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[   68.805838][ T7523] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[   68.836775][ T7523] mac80211_hwsim hwsim4 wlan0: left allmulticast mode
[   68.839114][ T7523] macsec1: left promiscuous mode
[   68.840672][ T7523] macsec1: left allmulticast mode
[   68.844827][ T7523] macvlan2: left promiscuous mode
[   68.846429][ T7523] macvlan2: left allmulticast mode
[   69.113888][ T7570] team0: Port device gtp0 added
[   69.158756][ T7575] netlink: 8 bytes leftover after parsing attributes in process `syz.0.740'.
[   69.477496][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.1.761'.
[   69.577202][ T7639] geneve0: entered promiscuous mode
[   69.593219][ T7638] lo speed is unknown, defaulting to 1000
[   69.906061][ T7673] lo speed is unknown, defaulting to 1000
[   70.825618][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[   70.829543][ T7697] bond0: (slave bond_slave_0): Releasing backup interface
[   70.850499][ T7697] bond0: (slave bond_slave_1): Releasing backup interface
[   70.865594][ T7697] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.870298][ T7697] batman_adv: batadv0: Removing interface: batadv_slave_0
[   70.878950][ T7706] netlink: 'syz.0.788': attribute type 10 has an invalid length.
[   70.882637][ T7697] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.887413][ T7697] batman_adv: batadv0: Removing interface: batadv_slave_1
[   70.904377][ T7697] bond0: (slave wlan1): Releasing backup interface
[   70.924289][ T7706] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   70.948821][ T7697] syz.0.788 (7697) used greatest stack depth: 19896 bytes left
[   70.965553][ T7710] lo speed is unknown, defaulting to 1000
[   71.050906][ T7718] tipc: Started in network mode
[   71.053429][ T7718] tipc: Node identity 080211000001, cluster identity 4711
[   71.055907][ T7718] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   71.059623][ T7718] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[   71.062164][ T7718] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[   71.250987][ T7718] tipc: Resetting bearer <eth:syzkaller0>
[   71.308131][ T7726] __nla_validate_parse: 6 callbacks suppressed
[   71.308141][ T7726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.799'.
[   71.391945][ T7732] mac80211_hwsim hwsim3 syzkaller0: left promiscuous mode
[   71.396475][ T7732] mac80211_hwsim hwsim3 syzkaller0: left allmulticast mode
[   71.855169][ T7750] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   72.103851][ T5867] tipc: Node number set to 134418688
[   72.356686][ T7760] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.359164][ T7760] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.538710][ T7760] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.541562][ T7760] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.544596][ T7760] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.547389][ T7760] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   72.720128][ T7775] netlink: 4 bytes leftover after parsing attributes in process `syz.1.820'.
[   72.910686][ T7801] lo speed is unknown, defaulting to 1000
[   73.071597][ T7821] syzkaller1: entered promiscuous mode
[   73.074069][ T7821] syzkaller1: entered allmulticast mode
[   73.307272][ T7839] netlink: 104 bytes leftover after parsing attributes in process `syz.2.849'.
[   73.337455][ T7843] netlink: 12 bytes leftover after parsing attributes in process `syz.2.851'.
[   73.374764][ T7849] macsec0: entered promiscuous mode
[   73.376895][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.854'.
[   73.385321][ T7849] veth1_macvtap: left promiscuous mode
[   73.397424][ T7849] macsec0 (unregistering): left promiscuous mode
[   73.785198][ T7895] netlink: 'syz.1.876': attribute type 39 has an invalid length.
[   74.223807][ T7920] netlink: 'syz.0.888': attribute type 1 has an invalid length.
[   74.236380][ T7920] 8021q: adding VLAN 0 to HW filter on device bond1
[   74.246403][ T7920] 8021q: adding VLAN 0 to HW filter on device batadv1
[   74.250298][ T7920] bond1: (slave batadv1): making interface the new active one
[   74.254700][ T7920] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   74.282413][ T7923] batadv_slave_1: entered promiscuous mode
[   74.284959][ T7922] batadv_slave_1: left promiscuous mode
[   74.328693][ T7927] netlink: 4 bytes leftover after parsing attributes in process `syz.0.891'.
[   74.392493][ T7933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   74.834014][ T7946] openvswitch: netlink: Message has 4 unknown bytes.
[   74.837116][ T7948] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   75.218875][ T7992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.921'.
[   75.421135][ T8008] netlink: 'syz.0.929': attribute type 14 has an invalid length.
[   75.766409][ T8032] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   75.897783][ T8046] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[   76.178130][ T8092] geneve2: entered promiscuous mode
[   76.179869][ T8092] geneve2: entered allmulticast mode
[   76.252369][ T8106] batadv_slave_1: entered promiscuous mode
[   76.424089][ T8095] batadv_slave_1: left promiscuous mode
[   76.501083][ T8124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.974'.
[   76.599644][ T8130] pimreg3: entered allmulticast mode
[   77.287056][ T8157] netlink: 'syz.1.989': attribute type 2 has an invalid length.
[   77.485044][ T8171] netlink: 24 bytes leftover after parsing attributes in process `syz.0.992'.
[   77.715798][ T8213] netlink: 'syz.0.1006': attribute type 1 has an invalid length.
[   77.726499][ T8213] netlink: 5624 bytes leftover after parsing attributes in process `syz.0.1006'.
[   77.788279][ T8220] netlink: 'syz.0.1007': attribute type 10 has an invalid length.
[   77.790898][ T8220] netlink: 'syz.0.1007': attribute type 49 has an invalid length.
[   78.948271][ T8297] lo speed is unknown, defaulting to 1000
[   79.000442][ T8304] xt_hashlimit: size too large, truncated to 1048576
[   79.109987][ T8297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1034'.
[   79.185367][ T8320] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1042'.
[   79.188275][ T8320] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1042'.
[   79.191054][ T8320] netlink: 'syz.2.1042': attribute type 1 has an invalid length.
[   79.196142][ T8320] netlink: 10 bytes leftover after parsing attributes in process `syz.2.1042'.
[   79.254184][ T8320] nbd: socks must be embedded in a SOCK_ITEM attr
[   79.260395][ T8320] block nbd1: shutting down sockets
[   79.387456][ T8347] netlink: 'syz.2.1054': attribute type 10 has an invalid length.
[   79.390143][ T8347] syz_tun: entered promiscuous mode
[   79.397923][ T8347] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   80.388947][ T8415] lo speed is unknown, defaulting to 1000
[   80.433686][ T8419] 
[   80.434557][ T8419] ======================================================
[   80.436818][ T8419] WARNING: possible circular locking dependency detected
[   80.439044][ T8419] 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 Not tainted
[   80.442169][ T8419] ------------------------------------------------------
[   80.444374][ T8419] syz.0.1087/8419 is trying to acquire lock:
[   80.446259][ T8419] ffff88811ab1c188 (&set->update_nr_hwq_lock){++++}-{4:4}, at: blk_mq_update_nr_hw_queues+0x3b/0x14c0
[   80.449604][ T8419] 
[   80.449604][ T8419] but task is already holding lock:
[   80.451931][ T8419] ffff88811ab1c230 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_connect+0x94f/0x1930
[   80.454929][ T8419] 
[   80.454929][ T8419] which lock already depends on the new lock.
[   80.454929][ T8419] 
[   80.458152][ T8419] 
[   80.458152][ T8419] the existing dependency chain (in reverse order) is:
[   80.461012][ T8419] 
[   80.461012][ T8419] -> #2 (&nbd->config_lock){+.+.}-{4:4}:
[   80.463489][ T8419]        lock_acquire+0x120/0x360
[   80.465092][ T8419]        __mutex_lock+0x182/0xe80
[   80.466691][ T8419]        refcount_dec_and_mutex_lock+0x30/0xa0
[   80.468634][ T8419]        nbd_config_put+0x2c/0x790
[   80.470263][ T8419]        nbd_release+0xfe/0x140
[   80.471832][ T8419]        bdev_release+0x536/0x650
[   80.473400][ T8419]        blkdev_release+0x15/0x20
[   80.474980][ T8419]        __fput+0x44c/0xa70
[   80.476478][ T8419]        fput_close_sync+0x119/0x200
[   80.478156][ T8419]        __x64_sys_close+0x7f/0x110
[   80.479787][ T8419]        do_syscall_64+0xfa/0x3b0
[   80.481387][ T8419]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.483386][ T8419] 
[   80.483386][ T8419] -> #1 (&disk->open_mutex){+.+.}-{4:4}:
[   80.485853][ T8419]        lock_acquire+0x120/0x360
[   80.487461][ T8419]        __mutex_lock+0x182/0xe80
[   80.489015][ T8419]        __del_gendisk+0x129/0x9e0
[   80.490624][ T8419]        del_gendisk+0xe8/0x160
[   80.492260][ T8419]        nbd_dev_remove_work+0x47/0xe0
[   80.494012][ T8419]        process_scheduled_works+0xae1/0x17b0
[   80.495958][ T8419]        worker_thread+0x8a0/0xda0
[   80.497576][ T8419]        kthread+0x711/0x8a0
[   80.499071][ T8419]        ret_from_fork+0x3fc/0x770
[   80.500763][ T8419]        ret_from_fork_asm+0x1a/0x30
[   80.502451][ T8419] 
[   80.502451][ T8419] -> #0 (&set->update_nr_hwq_lock){++++}-{4:4}:
[   80.505082][ T8419]        validate_chain+0xb9b/0x2140
[   80.506751][ T8419]        __lock_acquire+0xab9/0xd20
[   80.508404][ T8419]        lock_acquire+0x120/0x360
[   80.509948][ T8419]        down_write+0x96/0x1f0
[   80.511475][ T8419]        blk_mq_update_nr_hw_queues+0x3b/0x14c0
[   80.513403][ T8419]        nbd_start_device+0x16c/0xac0
[   80.515059][ T8419]        nbd_genl_connect+0x1250/0x1930
[   80.516792][ T8419]        genl_family_rcv_msg_doit+0x215/0x300
[   80.518709][ T8419]        genl_rcv_msg+0x60e/0x790
[   80.520335][ T8419]        netlink_rcv_skb+0x208/0x470
[   80.521996][ T8419]        genl_rcv+0x28/0x40
[   80.523446][ T8419]        netlink_unicast+0x75b/0x8d0
[   80.525090][ T8419]        netlink_sendmsg+0x805/0xb30
[   80.526758][ T8419]        __sock_sendmsg+0x21c/0x270
[   80.528396][ T8419]        ____sys_sendmsg+0x505/0x830
[   80.530050][ T8419]        ___sys_sendmsg+0x21f/0x2a0
[   80.531716][ T8419]        __x64_sys_sendmsg+0x19b/0x260
[   80.533426][ T8419]        do_syscall_64+0xfa/0x3b0
[   80.534988][ T8419]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.537031][ T8419] 
[   80.537031][ T8419] other info that might help us debug this:
[   80.537031][ T8419] 
[   80.540212][ T8419] Chain exists of:
[   80.540212][ T8419]   &set->update_nr_hwq_lock --> &disk->open_mutex --> &nbd->config_lock
[   80.540212][ T8419] 
[   80.544533][ T8419]  Possible unsafe locking scenario:
[   80.544533][ T8419] 
[   80.546879][ T8419]        CPU0                    CPU1
[   80.548629][ T8419]        ----                    ----
[   80.550386][ T8419]   lock(&nbd->config_lock);
[   80.551915][ T8419]                                lock(&disk->open_mutex);
[   80.554258][ T8419]                                lock(&nbd->config_lock);
[   80.556587][ T8419]   lock(&set->update_nr_hwq_lock);
[   80.558396][ T8419] 
[   80.558396][ T8419]  *** DEADLOCK ***
[   80.558396][ T8419] 
[   80.561044][ T8419] 3 locks held by syz.0.1087/8419:
[   80.562744][ T8419]  #0: ffffffff8f582af0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[   80.565437][ T8419]  #1: ffffffff8f582908 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[   80.568389][ T8419]  #2: ffff88811ab1c230 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_connect+0x94f/0x1930
[   80.571680][ T8419] 
[   80.571680][ T8419] stack backtrace:
[   80.573652][ T8419] CPU: 1 UID: 0 PID: 8419 Comm: syz.0.1087 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   80.573663][ T8419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   80.573668][ T8419] Call Trace:
[   80.573672][ T8419]  <TASK>
[   80.573677][ T8419]  dump_stack_lvl+0x189/0x250
[   80.573689][ T8419]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.573698][ T8419]  ? __pfx__printk+0x10/0x10
[   80.573709][ T8419]  ? print_lock_name+0xde/0x100
[   80.573719][ T8419]  print_circular_bug+0x2ee/0x310
[   80.573730][ T8419]  check_noncircular+0x134/0x160
[   80.573740][ T8419]  validate_chain+0xb9b/0x2140
[   80.573753][ T8419]  __lock_acquire+0xab9/0xd20
[   80.573762][ T8419]  ? blk_mq_update_nr_hw_queues+0x3b/0x14c0
[   80.573771][ T8419]  lock_acquire+0x120/0x360
[   80.573777][ T8419]  ? blk_mq_update_nr_hw_queues+0x3b/0x14c0
[   80.573785][ T8419]  ? __mutex_unlock_slowpath+0x1cd/0x700
[   80.573794][ T8419]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   80.573804][ T8419]  down_write+0x96/0x1f0
[   80.573811][ T8419]  ? blk_mq_update_nr_hw_queues+0x3b/0x14c0
[   80.573819][ T8419]  ? __pfx_down_write+0x10/0x10
[   80.573828][ T8419]  blk_mq_update_nr_hw_queues+0x3b/0x14c0
[   80.573836][ T8419]  ? nbd_add_socket+0x688/0x9a0
[   80.573845][ T8419]  ? nbd_add_socket+0x688/0x9a0
[   80.573853][ T8419]  nbd_start_device+0x16c/0xac0
[   80.573860][ T8419]  ? __nla_parse+0x40/0x60
[   80.573869][ T8419]  nbd_genl_connect+0x1250/0x1930
[   80.573877][ T8419]  ? __pfx_nbd_genl_connect+0x10/0x10
[   80.573885][ T8419]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[   80.573893][ T8419]  ? __nla_parse+0x40/0x60
[   80.573900][ T8419]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[   80.573908][ T8419]  genl_family_rcv_msg_doit+0x215/0x300
[   80.573920][ T8419]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   80.573933][ T8419]  genl_rcv_msg+0x60e/0x790
[   80.573944][ T8419]  ? __pfx_genl_rcv_msg+0x10/0x10
[   80.573953][ T8419]  ? __pfx_nbd_genl_connect+0x10/0x10
[   80.573962][ T8419]  netlink_rcv_skb+0x208/0x470
[   80.573970][ T8419]  ? __pfx_genl_rcv_msg+0x10/0x10
[   80.573980][ T8419]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   80.573991][ T8419]  ? down_read+0x1ad/0x2e0
[   80.573998][ T8419]  genl_rcv+0x28/0x40
[   80.574007][ T8419]  netlink_unicast+0x75b/0x8d0
[   80.574016][ T8419]  netlink_sendmsg+0x805/0xb30
[   80.574025][ T8419]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.574034][ T8419]  ? aa_sock_msg_perm+0x94/0x160
[   80.574045][ T8419]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   80.574052][ T8419]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.574060][ T8419]  __sock_sendmsg+0x21c/0x270
[   80.574067][ T8419]  ____sys_sendmsg+0x505/0x830
[   80.574077][ T8419]  ? __pfx_____sys_sendmsg+0x10/0x10
[   80.574087][ T8419]  ? import_iovec+0x74/0xa0
[   80.574096][ T8419]  ___sys_sendmsg+0x21f/0x2a0
[   80.574105][ T8419]  ? __pfx____sys_sendmsg+0x10/0x10
[   80.574118][ T8419]  ? __fget_files+0x2a/0x420
[   80.574135][ T8419]  ? __fget_files+0x3a0/0x420
[   80.574145][ T8419]  __x64_sys_sendmsg+0x19b/0x260
[   80.574155][ T8419]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   80.574166][ T8419]  ? rcu_is_watching+0x15/0xb0
[   80.574175][ T8419]  ? do_syscall_64+0xbe/0x3b0
[   80.574184][ T8419]  do_syscall_64+0xfa/0x3b0
[   80.574214][ T8419]  ? lockdep_hardirqs_on+0x9c/0x150
[   80.574222][ T8419]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.574229][ T8419]  ? exc_page_fault+0x9f/0xf0
[   80.574240][ T8419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.574247][ T8419] RIP: 0033:0x7f910f98e929
[   80.574256][ T8419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.574263][ T8419] RSP: 002b:00007f911075a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.574270][ T8419] RAX: ffffffffffffffda RBX: 00007f910fbb5fa0 RCX: 00007f910f98e929
[   80.574276][ T8419] RDX: 0000000020000000 RSI: 0000200000001ac0 RDI: 0000000000000007
[   80.574280][ T8419] RBP: 00007f910fa10b39 R08: 0000000000000000 R09: 0000000000000000
[   80.574285][ T8419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   80.574289][ T8419] R13: 0000000000000000 R14: 00007f910fbb5fa0 R15: 00007fff72a5a538
[   80.574296][ T8419]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   80.800531][ T8419] nbd0: detected capacity change from 0 to 63
[   80.817158][ T8423] block nbd0: NBD_DISCONNECT
[   80.818698][ T8423] block nbd0: Disconnected due to user request.
[   80.820634][ T8423] block nbd0: shutting down sockets
[   80.836913][   T11] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 0
[   80.839781][   T11] Buffer I/O error on dev nbd0, logical block 0, async page read
[   80.842308][   T11] Buffer I/O error on dev nbd0, logical block 1, async page read
[   80.845322][   T11] Buffer I/O error on dev nbd0, logical block 2, async page read
[   80.847803][   T11] Buffer I/O error on dev nbd0, logical block 3, async page read
[   80.850570][ T8165] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.855292][ T8165] Buffer I/O error on dev nbd0, logical block 0, async page read
[   80.861566][ T8165] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.873577][ T8165] Buffer I/O error on dev nbd0, logical block 1, async page read
[   80.876238][ T8165] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.879040][ T8165] Buffer I/O error on dev nbd0, logical block 2, async page read
[   80.881615][ T8165] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.885454][ T8165] Buffer I/O error on dev nbd0, logical block 3, async page read
[   80.888251][ T8165] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.891086][ T8165] Buffer I/O error on dev nbd0, logical block 0, async page read
[   80.894519][ T8165] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.897351][ T8165] Buffer I/O error on dev nbd0, logical block 1, async page read
[   80.899917][ T8415] bond0: (slave syz_tun): Releasing backup interface
[   80.905743][ T8165] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.908674][ T8165] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.911531][ T8165] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   80.915832][ T8165] ldm_validate_partition_table(): Disk read failed.
[   80.919856][ T8165] Dev nbd0: unable to read RDB block 0
[   80.922319][ T8165]  nbd0: unable to read partition table
[   80.955269][ T8165] ldm_validate_partition_table(): Disk read failed.
[   80.957794][ T8165] Dev nbd0: unable to read RDB block 0
[   80.959964][ T8165]  nbd0: unable to read partition table
[   81.053296][   T24] cfg80211: failed to load regulatory.db
[   81.056317][   T47] cfg80211: failed to load regulatory.db
[   81.386405][ T5855] team0: Port device gtp0 removed
[   81.480647][ T5855] bond0 (unregistering): Released all slaves
[   81.744350][ T5855] hsr_slave_0: left promiscuous mode
[   81.746991][ T5855] hsr_slave_1: left promiscuous mode
[   82.367753][ T5855] IPVS: stop unused estimator thread 0...
[   82.438392][ T5855] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.480423][ T5855] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.529460][ T5855] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.601444][ T5855] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.915881][ T5855] bond0 (unregistering): (slave wlan1): Releasing backup interface
[   82.920014][ T5855] bond0 (unregistering): Released all slaves
[   82.924713][ T5855] bond1 (unregistering): (slave batadv1): Releasing active interface
[   82.927654][ T5855] bond1 (unregistering): Released all slaves
[   82.983579][ T5855] tipc: Disabling bearer <eth:syzkaller0>
[   82.985674][ T5855] tipc: Left network mode
[   83.104425][ T5855] hsr_slave_0: left promiscuous mode
[   83.106611][ T5855] hsr_slave_1: left promiscuous mode
[   83.109798][ T5855] veth0_macvtap: left promiscuous mode
[   83.111604][ T5855] veth1_vlan: left promiscuous mode

VM DIAGNOSIS:
10:07:09  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff81f876a3 RBX=000000000000023f RCX=ffff888026bbb980 RDX=0000000000000002
RSI=0000000000000000 RDI=ffffea0000daa780 RBP=1ffffd40001b54f1 RSP=ffffc90008a67578
R8 =ffffea0000daa787 R9 =1ffffd40001b54f0 R10=dffffc0000000000 R11=fffff940001b54f1
R12=ffffea0000daa780 R13=0000000000000000 R14=ffffea0000daa788 R15=ffffc90008a67700
RIP=ffffffff81f876b0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f8cf87f66c0 ffffffff 00c00000
GS =0000 ffff8880b861d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c3daeb3 CR3=000000001f35a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f77c2985478 00007f77c2985450 XMM03=00007f77c2985488 00007f77c2985480
XMM04=00007f77c34ed100 00007f77c2985440 XMM05=00007f77c2985458 00007f77c29854a0
XMM06=00007f77c2985498 00007f77c2985490 XMM07=00007f77c2985488 00007f77c2985480
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 00007f77c2811c91
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000032 RBX=0000000000000032 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000013fa3 RDI=0000000000013fa4 RBP=00000000000003f8 RSP=ffffc9000840e710
R8 =ffff888108d30237 R9 =1ffff110211a6046 R10=dffffc0000000000 R11=ffffffff85475610
R12=dffffc0000000000 R13=ffffffff99af78f8 R14=ffffffff99dfc760 R15=0000000000000000
RIP=ffffffff8547568c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f911075a6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffd31731034 CR3=000000011fde4000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 00007f77c2811c91
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
