last executing test programs:

1.15211341s ago: executing program 0 (id=496):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000b80)=ANY=[@ANYBLOB="34000000120001002abd7000fedbdf2564010100000000000000000000000000000004d50a00ff"], 0x34}, 0x1, 0x0, 0x0, 0x8010}, 0x40000)

1.07277053s ago: executing program 0 (id=499):
r0 = socket$kcm(0x2, 0x3, 0x2)
recvmsg$kcm(r0, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x18000)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)

913.592629ms ago: executing program 0 (id=504):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0bfc0000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x44000)
writev(r0, &(0x7f0000000040), 0x2)
close(r0)
r1 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000140))
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000180)={0x1, 0x1000}, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x34, 0x2, [@TCA_HHF_RESET_TIMEOUT={0x8, 0x4, 0x800}, @TCA_HHF_QUANTUM={0x8, 0x2, 0xd}, @TCA_HHF_RESET_TIMEOUT={0x8, 0x4, 0x6}, @TCA_HHF_HH_FLOWS_LIMIT={0x8, 0x3, 0x8}, @TCA_HHF_BACKLOG_LIMIT={0x0, 0x1, 0x2}, @TCA_HHF_QUANTUM={0x3, 0x2, 0xffff8001}]}}, @TCA_RATE={0x6}]}, 0x68}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

841.18077ms ago: executing program 0 (id=508):
syz_emit_ethernet(0x5e, &(0x7f0000000000)={@local, @random="1553ff41cf11", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dda00", 0x28, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x2, 0x0, 0x0, 0x0, {[@generic={0x13, 0x2}, @generic={0x22, 0x4, "a85b"}, @mptcp=@mp_fclose={0x1e, 0xc, 0x7, 0x0, 0x2}]}}}}}}}}, 0x0)

783.310568ms ago: executing program 0 (id=512):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='svc_unregister\x00', r0, 0x0, 0xfaf}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='svc_unregister\x00', r2, 0x0, 0xfaf}, 0x18)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="1400000025000100000000000000040006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

732.859633ms ago: executing program 2 (id=516):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)="d80000001d0081054e81f783db4cb9040a00000000000000e8fc3ca10a0015000600142603600e1208000f0000000401a80001000047880000000000035c0461c1d67f6f94007134cf6efb8000feea60d8a8a007a290457f0189b316277ce06bbaceac3c2fb14c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775820d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace0d81ed0bffece0b42a9ecbee5de6ccffffffff00000000b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0)

663.365735ms ago: executing program 2 (id=518):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="48000000120001000000000000000010ac1414aa000000000000000000000000000000000000000014000d1a200100000000000000000039000000000c0015"], 0x48}}, 0x0)

662.959631ms ago: executing program 0 (id=519):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8916, 0x0)
socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8916, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x180, 0x0)
ioctl$TUNSETTXFILTER(r3, 0x400454d1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
accept4$vsock_stream(r0, &(0x7f0000000880)={0x28, 0x0, 0x2711}, 0x10, 0x80000)
shutdown(r1, 0x1)

662.762176ms ago: executing program 2 (id=520):
syz_80211_inject_frame(&(0x7f0000001f80)=@broadcast, &(0x7f0000001fc0)=@ctrl_frame=@ba={{}, {0xf}, @device_b, @device_a, @basic={{0x1, 0x0, 0x0, 0x0, 0x6}, {0x6, 0x1}, "89b3630fd2bead961be2761f5a56762f3e77cd8cac6fdc963ab4cd268ff65c42950fa7580a36581d0536609be6cdd5b5848eefc43a9b307032fa8480546ad2c157ca3940d9586bf5d49d6ce6f5404f6f10ed55359ff61e4b653a4541ec0d5563606e4536196bdd84661efd3905d57c7b6e2a4afa9dbc7a9efb358e7dea9711d4"}}, 0x94)

323.26497ms ago: executing program 1 (id=526):
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001600)={&(0x7f0000000340)="d8aa188d863b33f99f530c2abfdd648e919040d7103471524e36ea66f2d524be9f8e6d9359c5da21ddccd98004726c0daa970d8f6f80c9bae7bfe893d40badde90884c016fc7dd52e8c629727a95dbe854bcce096f651b144d4f4ff1be6eb2cb3e72cdd408763e25d893ddc13cba93954295504da230e1054406c7278a4f7e7818a053c66067d1a08c51dc3f60b04a34c8582dd2cd52f376abc56c5c73c95f67e08097973e19ea32fc40c3bd034c28e9b0f8d42d6b6a3dde454d0ac2e20bdda084918c4393618d067d3a9041d988993ca7c7087e4f7b75607a48a1a5fadfbc2c33484e65034edb83e3c40117776d9d60bd4f262f3f70921f3fdbf9d2a63c7cfd67dec753fe03461b2d249918b2468dd9da689ec948da2f356f03f5dc7b2556b7dfc177997bfff5fa99451b638c9f6adf4d201c13446914c77b34e48128c972c212555e1eaf6cedffea8035717986005cd1683caa4e7dbadf36bf0340001d110fa383045c921ebdf6ec7e49d583a3dca514cd44ebe1b648abef67730af9dd19fc64abd7442cf1cbdefeb3921cdd3fa90906926c99ad209264d03e026615cbf3c7a8944cc2708ce8c5a1fccb5af449efb2a2af4322e9d6dd6968484a82aee5dd9f22a87e26c2d912948f9d665a282696325feaf25c66ac964ebe63f4fa2cbbd7797109f1c49d2f5cd4903919537a97a7a3e9548a6003cdc969fa63bd61bb1ec1c3912509baff8664d194baaebeaf5f79d4c62e2087bb3fe51b4c4e8d9531b68dd11446629d107a3cb216e9029a2daf1a719e270a70a9b8e145fdabb18195a9d4d040714fd751acff2274cde71d380d8e0cd7c48a0d0fe480defcf332d5a1cd01d906eaf5c3e68276593342eac31e65aca3a0e45b149004700b2cd6e43baaa8627c3381619eb1bcd72578c9e8787c65eac393713a47c4f5acb29de74666278a1e3a925393db608b737a2bf9b17cfcf1b44784779ebc278ba03514f1ee8ac8a7142d246f844b9927fcb5fd460a873d417b1f3472f52057a3df579b57c4f1a9a69faed3b3b053c3374d239f9ba254ab77efa0d19fdbbf1791a6079afc958d1cdaff872480ebc879ed00c6a9be20c1ade30871bb665275253d64a91e9e7d91c98d00fe665271b4e848456355dc8f661ecaf334981dc4b11986dab6fab78ffd79eadb4ebaed8c0ebe853bc50afec228ee3309921f66a18f47e3cb3ffe6e9f8e59b50af6eb9f1788115500ae03960be51b2ea7dc41a5b33e9d15b7e65c281e65e9741d8b65187dd71486fe0a51483971da1588af9d4f95a607c68453595c4a1041ef27fc19f290eab3b2f49633d359bfed28e7efa2cffde2591a6ba93a2f3ab2990d0057cb89d331dbe5828db35ec6712da54c29fb695b6502e1d3ec1d70500364563edfcb0cb722122282de0a2e73a13153b0a6413f4c5d74559c1d61a102b8209e3e98351e624b4bff57470466578ad70b8ca13767a3d59f5657680ff441cea68a832a19398d154e38d2f44785f8a5b860c05fe859afd8617f9604c64ad7bc22f644653d8ae262e1755a6bf0140b0995218ec4a2444d90db88ee3628c85f7e47b0f69bb72921a115acb45ff9ac2c4feed389d1240b26d2c8f6704cfc912b3d9ca800bb23a342c4b8dac7cecf5fc24c1504e5bbb26f88278ff6ccfbb502cacf1aafe6c821ec27e7", 0x0, 0x0, 0x0}, 0x38)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000007c0)=ANY=[@ANYBLOB="1401000027000100000000000000000003"], 0x114}], 0x1}, 0x0)

323.127301ms ago: executing program 1 (id=527):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x2404c140)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="24000000680001"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

263.298001ms ago: executing program 1 (id=528):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={&(0x7f0000000200), 0xc, 0x0}, 0x800)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0xe22, 0x0, @loopback={0xff00000000000000}}, 0x1c)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0xe22, 0x0, @loopback={0xff00000000000002}}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e22d991000000000000a80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
accept4$vsock_stream(r5, &(0x7f0000000380)={0x28, 0x0, 0xffffffff, @host}, 0x10, 0x800)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000cc0), &(0x7f0000000d00)=0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYRES32=r8, @ANYBLOB="00000000000000001c"], 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000700fc000000080011000700000008000e00800000000800", @ANYRES16=r5], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, 0x0, 0x40)

256.023196ms ago: executing program 1 (id=529):
unshare(0x24060400)
socket(0x2, 0x2, 0x1)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
socket$key(0xf, 0x3, 0x2)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r2=>0x0}, 0x8)
r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r2, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000500)={r3, r1, 0x4, r1}, 0x10)

163.387293ms ago: executing program 1 (id=530):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0xc000001)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000200)=@ccm_128={{0x303}, "bd4a8e165ba29be8", "595786437e882122fba8132c60b2e265", "17ede429", "47f47ac2f711d652"}, 0x28)
pselect6(0x40, &(0x7f00000000c0)={0x7, 0x9, 0x1, 0x0, 0x2000000000000, 0x8, 0xffffffff, 0x6}, 0x0, &(0x7f0000000280)={0x8, 0x2, 0x4, 0x80000000, 0x6, 0x4fc1cd87, 0x0, 0x6b04}, &(0x7f0000000340), 0x0)

82.869685ms ago: executing program 2 (id=531):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000040)={0x34, r1, 0x30b, 0x0, 0x0, {0x26}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

82.55626ms ago: executing program 2 (id=532):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$sock_buf(r0, 0x1, 0x13, &(0x7f0000000780)=""/16, &(0x7f00000007c0)=0x10)

798.37µs ago: executing program 2 (id=533):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002b80)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1, 0x0, 0x5}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x77)

0s ago: executing program 1 (id=534):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1eae8f721276f1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:15328' (ED25519) to the list of known hosts.
syzkaller login: [   48.207273][ T5774] cgroup: Unknown subsys name 'net'
[   48.360206][ T5774] cgroup: Unknown subsys name 'cpuset'
[   48.366411][ T5774] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   50.022634][ T5774] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   59.589639][ T5872] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   59.608027][ T5872] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   59.615614][ T5872] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   59.619486][ T5872] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   59.623651][ T5872] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   59.797935][ T5874] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   61.798957][ T5872] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.805969][ T5872] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.808772][ T5872] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.811815][ T5872] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.814722][ T5872] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.888279][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   61.891608][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   61.895417][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   61.898344][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   61.901116][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   61.943246][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   61.946915][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   61.951181][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   61.955266][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   61.958224][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   62.150079][ T5895] chnl_net:caif_netlink_parms(): no params data found
[   62.294509][ T5895] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.297217][ T5895] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.299496][ T5895] bridge_slave_0: entered allmulticast mode
[   62.302648][ T5895] bridge_slave_0: entered promiscuous mode
[   62.310515][ T5898] chnl_net:caif_netlink_parms(): no params data found
[   62.326196][ T5895] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.328568][ T5895] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.330770][ T5895] bridge_slave_1: entered allmulticast mode
[   62.334532][ T5895] bridge_slave_1: entered promiscuous mode
[   62.372865][ T5895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.389351][ T5895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.469042][ T5898] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.472731][ T5898] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.475433][ T5898] bridge_slave_0: entered allmulticast mode
[   62.479029][ T5898] bridge_slave_0: entered promiscuous mode
[   62.496590][ T5898] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.499396][ T5898] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.502786][ T5898] bridge_slave_1: entered allmulticast mode
[   62.506576][ T5898] bridge_slave_1: entered promiscuous mode
[   62.512809][ T5895] team0: Port device team_slave_0 added
[   62.545662][ T5895] team0: Port device team_slave_1 added
[   62.553965][ T5898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.572889][ T5901] chnl_net:caif_netlink_parms(): no params data found
[   62.580384][ T5898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.585490][ T5895] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.587600][ T5895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.596858][ T5895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.604753][ T5895] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.607410][ T5895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.618003][ T5895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.684334][ T5898] team0: Port device team_slave_0 added
[   62.699857][ T5898] team0: Port device team_slave_1 added
[   62.724411][ T5895] hsr_slave_0: entered promiscuous mode
[   62.726815][ T5895] hsr_slave_1: entered promiscuous mode
[   62.747663][ T5898] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.750493][ T5898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.758785][ T5898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.782607][ T5898] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.785259][ T5898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.794791][ T5898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.799567][ T5901] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.804237][ T5901] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.807058][ T5901] bridge_slave_0: entered allmulticast mode
[   62.810904][ T5901] bridge_slave_0: entered promiscuous mode
[   62.816007][ T5901] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.818500][ T5901] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.821068][ T5901] bridge_slave_1: entered allmulticast mode
[   62.824722][ T5901] bridge_slave_1: entered promiscuous mode
[   62.894313][ T5901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.906732][ T5901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.929408][ T5898] hsr_slave_0: entered promiscuous mode
[   62.931682][ T5898] hsr_slave_1: entered promiscuous mode
[   62.934741][ T5898] debugfs: 'hsr0' already exists in 'hsr'
[   62.936518][ T5898] Cannot create hsr debugfs directory
[   62.964940][ T5901] team0: Port device team_slave_0 added
[   62.968268][ T5901] team0: Port device team_slave_1 added
[   63.047368][ T5901] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.049538][ T5901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.058356][ T5901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.070634][ T5901] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.073143][ T5901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.081233][ T5901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.179314][ T5901] hsr_slave_0: entered promiscuous mode
[   63.183151][ T5901] hsr_slave_1: entered promiscuous mode
[   63.185744][ T5901] debugfs: 'hsr0' already exists in 'hsr'
[   63.187898][ T5901] Cannot create hsr debugfs directory
[   63.268258][ T5895] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.279226][ T5895] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.290577][ T5895] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.309157][ T5895] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.386107][ T5898] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   63.395459][ T5898] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   63.402299][ T5898] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   63.411038][ T5898] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   63.472063][ T5901] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   63.479996][ T5901] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   63.495598][ T5901] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   63.510579][ T5901] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   63.570061][ T5895] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.594282][ T5898] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.607477][ T5895] 8021q: adding VLAN 0 to HW filter on device team0
[   63.624454][  T711] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.626689][  T711] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.642750][  T711] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.644939][  T711] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.652456][ T5898] 8021q: adding VLAN 0 to HW filter on device team0
[   63.671567][ T5901] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.684625][  T711] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.686957][  T711] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.697210][  T711] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.699488][  T711] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.741108][ T5901] 8021q: adding VLAN 0 to HW filter on device team0
[   63.766097][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.768987][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.788128][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.790878][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.852931][ T5872] Bluetooth: hci0: command tx timeout
[   63.895489][ T5895] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.934043][ T5872] Bluetooth: hci1: command tx timeout
[   63.958789][ T5895] veth0_vlan: entered promiscuous mode
[   63.977326][ T5895] veth1_vlan: entered promiscuous mode
[   64.010025][ T5895] veth0_macvtap: entered promiscuous mode
[   64.017664][ T5895] veth1_macvtap: entered promiscuous mode
[   64.022549][ T5872] Bluetooth: hci2: command tx timeout
[   64.040920][ T5898] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.060520][ T5895] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.085175][ T5895] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.102587][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.105715][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.109603][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.116798][ T5901] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.125597][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.175856][ T5898] veth0_vlan: entered promiscuous mode
[   64.215937][ T5898] veth1_vlan: entered promiscuous mode
[   64.245203][ T5901] veth0_vlan: entered promiscuous mode
[   64.260584][ T5901] veth1_vlan: entered promiscuous mode
[   64.265462][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.268291][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.317293][ T5901] veth0_macvtap: entered promiscuous mode
[   64.328110][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.330726][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.339525][ T5901] veth1_macvtap: entered promiscuous mode
[   64.349863][ T5898] veth0_macvtap: entered promiscuous mode
[   64.360911][ T5898] veth1_macvtap: entered promiscuous mode
[   64.395412][ T5901] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.409124][ T5898] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.419940][ T5898] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.432247][ T5901] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.465087][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.499032][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.506779][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.518892][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.523619][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.526290][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.528956][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.531604][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.658429][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.662984][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.692355][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.694765][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.730790][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.738898][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.777034][  T711] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.780066][  T711] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.911605][ T5970] pimreg: entered allmulticast mode
[   65.925055][ T6038] netlink: 27 bytes leftover after parsing attributes in process `syz.2.60'.
[   65.957924][ T6043] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   66.013920][ T5872] Bluetooth: hci1: command tx timeout
[   66.061392][ T6049] netlink: 20 bytes leftover after parsing attributes in process `syz.2.65'.
[   66.093645][ T5872] Bluetooth: hci2: command tx timeout
[   66.236151][ T6058] netlink: 20 bytes leftover after parsing attributes in process `syz.2.70'.
[   66.478465][ T6077] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   66.529365][ T6082] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   66.534813][ T6080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.80'.
[   66.940917][ T6114] batadv_slave_1: entered promiscuous mode
[   66.950656][ T6111] batadv_slave_1: left promiscuous mode
[   67.315963][ T6145] tipc: Started in network mode
[   67.317610][ T6145] tipc: Node identity 721123d958a4, cluster identity 4711
[   67.320891][ T6145] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   67.346395][ T6145] syzkaller0: entered promiscuous mode
[   67.348274][ T6145] syzkaller0: entered allmulticast mode
[   67.365652][ T6147] tipc: Started in network mode
[   67.367643][ T6147] tipc: Node identity , cluster identity 4711
[   67.370033][ T6147] tipc: Failed to obtain node identity
[   67.377736][ T6147] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   67.381570][ T6147] syzkaller0: entered promiscuous mode
[   67.383684][ T6147] syzkaller0: entered allmulticast mode
[   67.407263][ T6145] tipc: Resetting bearer <eth:syzkaller0>
[   67.426278][ T6144] tipc: Resetting bearer <eth:syzkaller0>
[   67.461602][ T6144] tipc: Disabling bearer <eth:syzkaller0>
[   67.507183][ T6155] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.116'.
[   67.750468][ T6176] netlink: 'syz.2.126': attribute type 1 has an invalid length.
[   67.754123][ T6176] netlink: 'syz.2.126': attribute type 2 has an invalid length.
[   67.757963][ T6176] netlink: 19 bytes leftover after parsing attributes in process `syz.2.126'.
[   67.949142][ T6193] syz.2.132 uses obsolete (PF_INET,SOCK_PACKET)
[   67.976252][ T6186] syz.0.130 (6186) used greatest stack depth: 20000 bytes left
[   68.058352][ T6203] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   68.091865][ T5872] Bluetooth: hci1: command tx timeout
[   68.169588][ T6210] netlink: 'syz.1.138': attribute type 1 has an invalid length.
[   68.183146][ T5872] Bluetooth: hci2: command tx timeout
[   68.196733][ T6210] bond1: entered promiscuous mode
[   68.205124][ T6210] 8021q: adding VLAN 0 to HW filter on device bond1
[   68.246823][ T6210] 8021q: adding VLAN 0 to HW filter on device bond1
[   68.249378][ T6210] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[   68.264543][ T6210] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[   68.274800][ T6210] bond1: (slave wireguard0): making interface the new active one
[   68.277472][ T6210] wireguard0: entered promiscuous mode
[   68.280371][ T6210] bond1: (slave wireguard0): Enslaving as an active interface with an up link
[   68.320449][ T6210] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   68.323450][ T6210] IPv6: NLM_F_CREATE should be set when creating new route
[   68.325979][ T6210] IPv6: NLM_F_CREATE should be set when creating new route
[   68.337474][ T6210] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   68.349922][ T6210] bond1: (slave wireguard1): The slave device specified does not support setting the MAC address
[   68.356775][ T6210] bond1: (slave wireguard1): Enslaving as a backup interface with an up link
[   68.372507][ T6210] Zero length message leads to an empty skb
[   68.494001][ T6236] lo speed is unknown, defaulting to 1000
[   68.496014][ T6236] lo speed is unknown, defaulting to 1000
[   68.528807][ T6236] lo speed is unknown, defaulting to 1000
[   68.553150][ T6236] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   68.588940][ T6236] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   68.630160][ T6236] lo speed is unknown, defaulting to 1000
[   68.635223][ T6236] lo speed is unknown, defaulting to 1000
[   68.639934][ T6236] lo speed is unknown, defaulting to 1000
[   68.726424][ T6241] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.733433][ T6246] netlink: 'syz.1.151': attribute type 5 has an invalid length.
[   68.850377][ T6241] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.950227][ T6241] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.019845][ T6248] netlink: 28 bytes leftover after parsing attributes in process `syz.2.154'.
[   69.036095][ T6241] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.160261][ T5878] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.180591][ T5878] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.194593][ T5878] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.211650][ T5878] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.332420][ T6264] sctp: [Deprecated]: syz.1.158 (pid 6264) Use of int in maxseg socket option.
[   69.332420][ T6264] Use struct sctp_assoc_value instead
[   69.433493][ T6272] netlink: 24 bytes leftover after parsing attributes in process `syz.1.162'.
[   69.485284][ T6272] bond2: entered promiscuous mode
[   69.495633][ T6272] 8021q: adding VLAN 0 to HW filter on device bond2
[   69.630628][ T6272] bond2 (unregistering): Released all slaves
[   69.704349][ T6285] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   69.715115][ T6285] netlink: 'syz.0.168': attribute type 4 has an invalid length.
[   69.771468][ T6285] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.774905][ T6285] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.846203][ T6285] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   69.850917][ T6293] netlink: 2 bytes leftover after parsing attributes in process `syz.2.171'.
[   69.855261][ T6285] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.006144][   T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.018606][ T6285] syz.0.168 (6285) used greatest stack depth: 19960 bytes left
[   70.027033][   T12] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.032228][   T12] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.046485][   T12] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.152247][ T6301] nbd0: detected capacity change from 0 to 549764202496
[   70.166227][   T56] block nbd0: Receive control failed (result -104)
[   70.172730][ T5872] Bluetooth: hci1: command tx timeout
[   70.208574][ T6312] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.264860][ T5872] Bluetooth: hci2: command tx timeout
[   71.204523][ T6360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.197'.
[   71.221424][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[   71.225063][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[   71.630384][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz.0.199'.
[   71.713391][ T6373] netlink: 44 bytes leftover after parsing attributes in process `syz.1.202'.
[   72.419886][ T6399] tipc: Started in network mode
[   72.424114][ T6399] tipc: Node identity c27cba52a3d3, cluster identity 4711
[   72.426670][ T6399] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   72.456187][ T6399] syzkaller0: entered promiscuous mode
[   72.458092][ T6399] syzkaller0: entered allmulticast mode
[   72.460315][ T6399] tipc: Resetting bearer <eth:syzkaller0>
[   72.476403][ T6398] tipc: Resetting bearer <eth:syzkaller0>
[   72.915123][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.222'.
[   73.467114][   T47] tipc: Node number set to 1638906450
[   73.787380][ T6398] tipc: Disabling bearer <eth:syzkaller0>
[   73.792466][ T6423] vxcan1: entered allmulticast mode
[   73.884983][ T6431] netlink: 'syz.2.230': attribute type 4 has an invalid length.
[   73.895438][ T5873] lo speed is unknown, defaulting to 1000
[   73.897465][ T5873] syz2: Port: 1 Link DOWN
[   73.907627][ T6431] netlink: 'syz.2.230': attribute type 4 has an invalid length.
[   73.922020][ T5873] lo speed is unknown, defaulting to 1000
[   73.924034][ T5873] syz2: Port: 1 Link ACTIVE
[   73.934444][   T47] lo speed is unknown, defaulting to 1000
[   73.936611][   T47] syz2: Port: 1 Link DOWN
[   74.176200][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.0.245'.
[   74.192419][ T6461] netem: incorrect gi model size
[   74.281107][ T6467] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[   74.286294][ T6467] macsec1: entered allmulticast mode
[   74.288244][ T6467] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[   74.293425][ T6467] batman_adv: batadv0: Adding interface: macsec1
[   74.295546][ T6467] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.304215][ T6467] batman_adv: batadv0: Interface activated: macsec1
[   74.656989][ T6482] netlink: 12 bytes leftover after parsing attributes in process `syz.2.253'.
[   75.008294][    T9] cfg80211: failed to load regulatory.db
[   75.148290][ T6501] macvtap1: entered allmulticast mode
[   75.150213][ T6501] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[   75.154571][ T6501] batman_adv: batadv0: Adding interface: macvtap1
[   75.156806][ T6501] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.164901][ T6501] batman_adv: batadv0: Interface activated: macvtap1
[   75.471499][ T6529] netlink: 212924 bytes leftover after parsing attributes in process `syz.1.274'.
[   75.500377][ T6531] netlink: 248 bytes leftover after parsing attributes in process `syz.1.275'.
[   75.620033][ T6540] netlink: 12 bytes leftover after parsing attributes in process `syz.1.278'.
[   75.637357][ T6543] netlink: 40 bytes leftover after parsing attributes in process `syz.0.279'.
[   75.778449][ T6552] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   75.786780][ T6552] syzkaller0: entered promiscuous mode
[   75.792102][ T6552] syzkaller0: entered allmulticast mode
[   75.825264][ T6552] tipc: Resetting bearer <eth:syzkaller0>
[   75.839174][ T6550] tipc: Resetting bearer <eth:syzkaller0>
[   75.850479][ T6550] tipc: Disabling bearer <eth:syzkaller0>
[   76.073881][ T6580] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.339817][ T6602] Illegal XDP return value 4294967274 on prog  (id 39) dev N/A, expect packet loss!
[   76.690961][ T6657] __nla_validate_parse: 1 callbacks suppressed
[   76.690974][ T6657] netlink: 4 bytes leftover after parsing attributes in process `syz.1.291'.
[   76.726965][ T6656] bridge_slave_0: left allmulticast mode
[   76.729043][ T6656] bridge_slave_0: left promiscuous mode
[   76.731873][ T6656] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.745734][ T6656] bridge_slave_1: left allmulticast mode
[   76.747708][ T6656] bridge_slave_1: left promiscuous mode
[   76.756259][ T6656] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.764813][ T6656] bond0: (slave bond_slave_0): Releasing backup interface
[   76.793882][ T6656] bond0: (slave bond_slave_1): Releasing backup interface
[   76.814189][ T6656] team0: Port device team_slave_0 removed
[   76.818294][ T6656] team0: Port device team_slave_1 removed
[   76.820677][ T6656] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.828647][ T6656] batman_adv: batadv0: Interface deactivated: macvtap1
[   76.831037][ T6656] batman_adv: batadv0: Removing interface: macvtap1
[   77.036075][ T6673] warning: `syz.2.295' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   77.353880][ T6685] sock: sock_timestamping_bind_phc: sock not bind to device
[   77.870678][ T6705] tipc: Started in network mode
[   77.873027][ T6705] tipc: Node identity e6199a2dd3ff, cluster identity 4711
[   77.875359][ T6705] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.916425][ T6705] syzkaller0: entered promiscuous mode
[   77.918208][ T6705] syzkaller0: entered allmulticast mode
[   77.920848][ T6705] tipc: Resetting bearer <eth:syzkaller0>
[   77.958884][ T1090] tipc: Resetting bearer <eth:syzkaller0>
[   77.971044][ T6703] tipc: Resetting bearer <eth:syzkaller0>
[   78.878301][ T6703] tipc: Disabling bearer <eth:syzkaller0>
[   78.883627][ T6712] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[   78.929184][ T6720] gtp0: entered promiscuous mode
[   78.931272][ T6720] gtp0: entered allmulticast mode
[   79.244735][ T6744] netlink: 28 bytes leftover after parsing attributes in process `syz.2.329'.
[   79.247930][ T6744] netlink: 'syz.2.329': attribute type 7 has an invalid length.
[   79.250347][ T6744] netlink: 'syz.2.329': attribute type 8 has an invalid length.
[   79.254972][ T6744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.329'.
[   79.312378][ T6750] netlink: 51 bytes leftover after parsing attributes in process `syz.2.331'.
[   79.880689][ T6776] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   79.885927][ T6776] syzkaller0: entered promiscuous mode
[   79.887943][ T6776] syzkaller0: entered allmulticast mode
[   79.953995][ T6776] tipc: Resetting bearer <eth:syzkaller0>
[   79.970342][ T6775] tipc: Resetting bearer <eth:syzkaller0>
[   79.999468][ T6775] tipc: Disabling bearer <eth:syzkaller0>
[   80.026751][ T6780] IPv6: Can't replace route, no match found
[   80.196920][ T6787] netlink: 'syz.1.347': attribute type 3 has an invalid length.
[   80.200646][ T6787] netlink: 'syz.1.347': attribute type 1 has an invalid length.
[   80.203164][ T6787] netlink: 60387 bytes leftover after parsing attributes in process `syz.1.347'.
[   80.422348][ T6806] vxcan1: left allmulticast mode
[   80.435777][ T6799] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.489342][ T6799] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.578171][ T6799] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.651476][ T6799] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.792968][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.812480][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.815105][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.817647][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.266153][ T6842] netlink: 8 bytes leftover after parsing attributes in process `syz.0.374'.
[   81.385739][ T6855] netlink: 24 bytes leftover after parsing attributes in process `syz.2.380'.
[   81.573078][ T6868] ip6gretap0: entered promiscuous mode
[   81.575056][ T6868] macsec1: entered allmulticast mode
[   81.576722][ T6868] ip6gretap0: entered allmulticast mode
[   81.597053][ T6871] netlink: 536 bytes leftover after parsing attributes in process `syz.0.388'.
[   81.598873][ T6868] ip6gretap0: left allmulticast mode
[   81.603047][ T6868] ip6gretap0: left promiscuous mode
[   81.644772][ T6877] netlink: 36 bytes leftover after parsing attributes in process `syz.1.391'.
[   81.665743][ T6879] netlink: 24 bytes leftover after parsing attributes in process `syz.0.392'.
[   81.812567][ T6892] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[   81.814830][ T6892] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[   81.886707][ T6892] lo speed is unknown, defaulting to 1000
[   81.888464][   T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   81.899584][   T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   81.918897][   T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   81.928941][   T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   81.965247][ T6904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.403'.
[   82.171425][ T6920] netpci0: tun_chr_ioctl cmd 1074025681
[   82.854933][ T6986] erspan0: entered promiscuous mode
[   82.901666][ T6992] netlink: 'syz.2.442': attribute type 21 has an invalid length.
[   82.904693][ T6992] IPv6: NLM_F_CREATE should be specified when creating new route
[   82.911013][ T6992] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   82.913653][ T6992] IPv6: NLM_F_CREATE should be set when creating new route
[   82.915807][ T6992] IPv6: NLM_F_CREATE should be set when creating new route
[   82.918082][ T6992] IPv6: NLM_F_CREATE should be set when creating new route
[   83.284857][ T7017] macvtap1: entered promiscuous mode
[   83.287356][ T7017] mac80211_hwsim hwsim6 wlan1: entered promiscuous mode
[   83.297092][ T7017] mac80211_hwsim hwsim6 wlan1: left promiscuous mode
[   83.551348][ T7025] macvtap2: entered allmulticast mode
[   83.562374][ T7025] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[   83.651641][ T7031] netlink: 32 bytes leftover after parsing attributes in process `syz.2.461'.
[   83.654964][ T7031] netlink: 48 bytes leftover after parsing attributes in process `syz.2.461'.
[   83.658194][ T7031] netlink: 48 bytes leftover after parsing attributes in process `syz.2.461'.
[   84.189867][ T7081] netlink: 24 bytes leftover after parsing attributes in process `syz.2.486'.
[   84.214101][ T7079] netlink: 8 bytes leftover after parsing attributes in process `syz.0.485'.
[   84.411582][ T7101] netlink: 12 bytes leftover after parsing attributes in process `syz.0.496'.
[   84.427530][ T7103] netlink: 76 bytes leftover after parsing attributes in process `syz.1.497'.
[   84.430419][ T7103] netlink: 76 bytes leftover after parsing attributes in process `syz.1.497'.
[   84.455044][ T7105] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   84.598768][ T7120] netlink: 16 bytes leftover after parsing attributes in process `syz.0.504'.
[   84.622893][ T7123] netlink: 'syz.2.506': attribute type 21 has an invalid length.
[   84.828292][ T7145] netlink: 'syz.1.517': attribute type 3 has an invalid length.
[   84.854427][ T7150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   85.133126][ T7162] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[   86.131389][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode
[   86.479440][   T12] bond0 (unregistering): Released all slaves
[   86.545904][   T12] tipc: Left network mode
[   86.676415][   T12] mac80211_hwsim hwsim2 wlan0 (unregistering): left allmulticast mode
[   86.754616][   T12] hsr_slave_0: left promiscuous mode
[   86.757787][   T12] hsr_slave_1: left promiscuous mode
[   86.775625][   T12] pimreg (unregistering): left allmulticast mode
[   87.520935][   T12] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   87.525502][   T12] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.567206][   T12] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   87.570397][   T12] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.623772][   T12] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   87.626825][   T12] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.676415][   T12] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   87.679596][   T12] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.818564][   T12] bridge_slave_1: left allmulticast mode
[   87.820460][   T12] bridge_slave_1: left promiscuous mode
[   87.824342][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.829587][   T12] bridge_slave_0: left allmulticast mode
[   87.831448][   T12] bridge_slave_0: left promiscuous mode
[   87.835093][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.176469][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   88.181944][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   88.186489][   T12] bond0 (unregistering): Released all slaves
[   88.255918][   T12] bond1 (unregistering): (slave wireguard0): Releasing backup interface
[   88.258572][   T12] wireguard0: left promiscuous mode
[   88.263101][   T12] bond1 (unregistering): (slave wireguard1): Releasing backup interface
[   88.266961][   T12] bond1 (unregistering): Released all slaves
[   88.331819][   T12] tipc: Left network mode
[   88.447555][   T12] batman_adv: batadv0: Interface deactivated: macsec1
[   88.450186][   T12] mac80211_hwsim hwsim4 wlan0 (unregistering): left allmulticast mode
[   88.464544][   T12] batman_adv: batadv0: Removing interface: macsec1
[   88.527408][   T12] hsr_slave_0: left promiscuous mode
[   88.530042][   T12] hsr_slave_1: left promiscuous mode
[   88.533967][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.536427][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   88.539438][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.543708][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.559449][   T12] veth1_macvtap: left promiscuous mode
[   88.561583][   T12] veth0_macvtap: left promiscuous mode
[   88.564611][   T12] veth1_vlan: left promiscuous mode
[   88.566481][   T12] veth0_vlan: left promiscuous mode
[   88.875180][   T12] team0 (unregistering): Port device team_slave_1 removed
[   88.905333][   T12] team0 (unregistering): Port device team_slave_0 removed
[   89.463678][   T12] ------------[ cut here ]------------
[   89.465679][   T12] WARNING: CPU: 1 PID: 12 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x270/0x2f0
[   89.468691][   T12] Modules linked in:
[   89.470094][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[   89.475174][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   89.478400][   T12] Workqueue: netns cleanup_net
[   89.479936][   T12] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[   89.481882][   T12] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 a8 e0 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 56 9e e2 f7 e8 f1 75 9e f7 90 <0f> 0b 90 e9 fd fd ff ff e8 e3 75 9e f7 90 0f 0b 90 e9 60 fe ff ff
[   89.488327][   T12] RSP: 0018:ffffc900000f7898 EFLAGS: 00010293
[   89.490244][   T12] RAX: ffffffff8a2135bf RBX: ffff888023c54880 RCX: ffff88801c685640
[   89.493091][   T12] RDX: 0000000000000000 RSI: ffffffff8dba33cb RDI: ffff88801c685640
[   89.495556][   T12] RBP: ffffc900000f79b0 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[   89.498096][   T12] R10: dffffc0000000000 R11: fffffbfff1f46847 R12: ffffffff8f62d2e0
[   89.500541][   T12] R13: 1ffff9200001ef40 R14: ffff888023c55d00 R15: dffffc0000000000
[   89.503154][   T12] FS:  0000000000000000(0000) GS:ffff8881a3c24000(0000) knlGS:0000000000000000
[   89.506150][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   89.508406][   T12] CR2: 000055fd68ed9950 CR3: 000000000df36000 CR4: 00000000000006f0
[   89.510836][   T12] Call Trace:
[   89.512022][   T12]  <TASK>
[   89.512993][   T12]  xfrm_net_exit+0x2d/0x70
[   89.514469][   T12]  ops_undo_list+0x49a/0x990
[   89.516063][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[   89.517738][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[   89.519400][   T12]  cleanup_net+0x4c5/0x800
[   89.520767][   T12]  ? __pfx_cleanup_net+0x10/0x10
[   89.522466][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[   89.524072][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[   89.525900][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[   89.527720][   T12]  process_scheduled_works+0xae1/0x17b0
[   89.529527][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[   89.531473][   T12]  worker_thread+0x8a0/0xda0
[   89.533185][   T12]  kthread+0x711/0x8a0
[   89.534521][   T12]  ? __pfx_worker_thread+0x10/0x10
[   89.536186][   T12]  ? __pfx_kthread+0x10/0x10
[   89.537635][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[   89.539282][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[   89.540941][   T12]  ? __pfx_kthread+0x10/0x10
[   89.542542][   T12]  ret_from_fork+0x3fc/0x770
[   89.544101][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[   89.545840][   T12]  ? __switch_to_asm+0x39/0x70
[   89.547436][   T12]  ? __switch_to_asm+0x33/0x70
[   89.549073][   T12]  ? __pfx_kthread+0x10/0x10
[   89.550583][   T12]  ret_from_fork_asm+0x1a/0x30
[   89.552184][   T12]  </TASK>
[   89.553149][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   89.555349][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[   89.559047][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   89.562487][   T12] Workqueue: netns cleanup_net
[   89.564086][   T12] Call Trace:
[   89.565177][   T12]  <TASK>
[   89.566130][   T12]  dump_stack_lvl+0x99/0x250
[   89.567598][   T12]  ? __asan_memcpy+0x40/0x70
[   89.569184][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.570953][   T12]  ? __pfx__printk+0x10/0x10
[   89.572474][   T12]  vpanic+0x281/0x750
[   89.573683][   T12]  ? __pfx__printk+0x10/0x10
[   89.575111][   T12]  ? __pfx_vpanic+0x10/0x10
[   89.576520][   T12]  ? is_bpf_text_address+0x292/0x2b0
[   89.578177][   T12]  panic+0xb9/0xc0
[   89.579309][   T12]  ? __pfx_panic+0x10/0x10
[   89.580740][   T12]  __warn+0x31b/0x4b0
[   89.582037][   T12]  ? xfrm_state_fini+0x270/0x2f0
[   89.583665][   T12]  ? xfrm_state_fini+0x270/0x2f0
[   89.585338][   T12]  report_bug+0x2be/0x4f0
[   89.586734][   T12]  ? xfrm_state_fini+0x270/0x2f0
[   89.588333][   T12]  ? xfrm_state_fini+0x270/0x2f0
[   89.589836][   T12]  ? xfrm_state_fini+0x272/0x2f0
[   89.591320][   T12]  handle_bug+0x84/0x160
[   89.592668][   T12]  exc_invalid_op+0x1a/0x50
[   89.594125][   T12]  asm_exc_invalid_op+0x1a/0x20
[   89.595661][   T12] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[   89.597434][   T12] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 a8 e0 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 56 9e e2 f7 e8 f1 75 9e f7 90 <0f> 0b 90 e9 fd fd ff ff e8 e3 75 9e f7 90 0f 0b 90 e9 60 fe ff ff
[   89.603692][   T12] RSP: 0018:ffffc900000f7898 EFLAGS: 00010293
[   89.605540][   T12] RAX: ffffffff8a2135bf RBX: ffff888023c54880 RCX: ffff88801c685640
[   89.607925][   T12] RDX: 0000000000000000 RSI: ffffffff8dba33cb RDI: ffff88801c685640
[   89.610358][   T12] RBP: ffffc900000f79b0 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[   89.612776][   T12] R10: dffffc0000000000 R11: fffffbfff1f46847 R12: ffffffff8f62d2e0
[   89.615267][   T12] R13: 1ffff9200001ef40 R14: ffff888023c55d00 R15: dffffc0000000000
[   89.617845][   T12]  ? xfrm_state_fini+0x26f/0x2f0
[   89.619437][   T12]  ? xfrm_state_fini+0x26f/0x2f0
[   89.621009][   T12]  xfrm_net_exit+0x2d/0x70
[   89.622387][   T12]  ops_undo_list+0x49a/0x990
[   89.624100][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[   89.625675][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[   89.627189][   T12]  cleanup_net+0x4c5/0x800
[   89.628595][   T12]  ? __pfx_cleanup_net+0x10/0x10
[   89.630222][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[   89.631970][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[   89.633972][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[   89.635947][   T12]  process_scheduled_works+0xae1/0x17b0
[   89.637649][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[   89.639500][   T12]  worker_thread+0x8a0/0xda0
[   89.640931][   T12]  kthread+0x711/0x8a0
[   89.642201][   T12]  ? __pfx_worker_thread+0x10/0x10
[   89.643926][   T12]  ? __pfx_kthread+0x10/0x10
[   89.645397][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[   89.647140][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[   89.648838][   T12]  ? __pfx_kthread+0x10/0x10
[   89.650329][   T12]  ret_from_fork+0x3fc/0x770
[   89.651863][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[   89.653466][   T12]  ? __switch_to_asm+0x39/0x70
[   89.654983][   T12]  ? __switch_to_asm+0x33/0x70
[   89.656470][   T12]  ? __pfx_kthread+0x10/0x10
[   89.657888][   T12]  ret_from_fork_asm+0x1a/0x30
[   89.659341][   T12]  </TASK>
[   89.660939][   T12] Kernel Offset: disabled
[   89.662315][   T12] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:21:36  Registers:
info registers vcpu 0

CPU#0
RAX=59bc85ea4548e300 RBX=ffffffff81968308 RCX=59bc85ea4548e300 RDX=0000000000000001
RSI=ffffffff8d9b4408 RDI=ffffffff8be32600 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa34230 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7893f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007feafd943440 CR3=000000002438c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00ff000000000000 ff00000000000000 XMM05=00000000000000aa 0000000000001731
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffffffff0000 XMM09=00000000000000f1 0000000000003131
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000065 RBX=0000000000000065 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900000f7030
R8 =ffff888107858237 R9 =1ffff11020f0b046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af18f9 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055fd68ed9950 CR3=0000000111ae4000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffff000000 ffffffffffffffff XMM01=0000000000706d63 0000000000000000
XMM02=0000000000ffffff 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffff000000000000 ffffffffff000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
