last executing test programs:

35.107565285s ago: executing program 1 (id=2903):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x24}}, 0x4000884)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c000000480005800800010065756800070002"], 0x5c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="04010000", @ANYRES16=r2, @ANYBLOB="000829bd7000fbdbdf251400000034000980080001001000000008000100000000000800010001000080080001000f00000008000200080000000800010002000000100005800c0002800800030004000000ac00018038000400200001000a004e230000000400000000000000f731ef2f00471dbb8a3a4b2bf9000000ffffac1e0101000000001400020002004e23e0000002000000000000000044000400200001000a004e2000000007fe8000000000000000000000000000bb01000000200002000a004e2100000000fc020000000000000000000000000001050000002c0004001400010002004e23ac1414bb00000000000000001400020002004e"], 0x104}, 0x1, 0x0, 0x0, 0x40880}, 0x24008000)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000180)="c0dbbf7c", 0x4}, {&(0x7f0000000380)="ea5ef64880446cc9620eff27127e", 0xe}, {&(0x7f00000003c0)="879d19ec198e512c284d2d9982402cedace200e52e20d77f86b78e4f4774a02907a11ea1804e9d8a45684941dee612b08c4fc5fd3cca01e23cea6d7203edbe038a096fa4bd737671b5f7fe06447a44e438ae434b836cd987d379340cc39e6e957b82bf63688b021196b4c5671bcd885599c4d0042f64b863d264ec48d77d56", 0x7f}, {&(0x7f0000000440)="c89cd20e87b2c27961369b33b8416160261d9d8d6f760334ec636c9b72d7fa8d5a42f38ae398e46c38fcc223b9643985c0ca40ba3a3d5045f049357c10e34c72fd63d69cdbbee9cfa64d8785522ed8825d26d8f12224273d11bbe5318c940fcafadf8d498ff2a426ee568698471819028ea725bd329f5a71f2205e170012db1b3fef46761d443e85f07555c23b211e0428a0cd323f27cd58cd522ce9e84c209e4a971a810d49b9e905d14100f3e0a925f8c03983a89d620dab8bd687bb2469eaaf535e21e465ca3ee0a7bd338317e7bbf92aefa5a89d2b134211a2cc4f7b2a5fbb8b6164", 0xe4}, {&(0x7f0000000540)="25217ab9150a1ebd47bcd4cd1e8abfd3a415a7bfb322c15d027f1b51359afec0347302bebdea8bd9e578f253ef4a884689e73dc15efff821c86cc685c117b89c222484761673f13a4d066628d2c79091e0272db5f019d4dcfd89c0655999da32e477d3e584730fe94f159f41f11e51c99ac1f160739b676f568a6bce446c218a3c466fc67dfa12d2d4afc0ceb76fb046b6f7d8afc3702b70abc852c83a42b407826f15c961a70f8064393e893fd7a1459ff64a182e7dc7aa4b5851e63ece867ae7e254f217954e83620ffcce277d", 0xce}, {0xfffffffffffffffc}, {&(0x7f0000000640)="8109101d1fad86c8ac83876978218917f3e572191ab16bf3c02883f364f2505fdadeb20bb400a812b940d1d1ea58adc552cfbafc5d2a44eaac39e44dd15d7469ef593f11c0dbe83d236aa8cf281ce5f48dd263ae112200bce55317d7e92ea677ef7dc07594488a3566c960007f44902bb8064337a76513ef335f48ea32d02ee822e4acef74f9b16ff12ae35d44564843fa3d46b398ac01b824", 0x99}, {&(0x7f0000000700)="3e1e2c4f513c7aa6f3b1ece8adc9a3e1cb2ad15c2418b5fcc7967328f93ebb6f55769fb30b3854f4a02c17a24bb14f541d7fb2bafc6827aab03175090d027792faf8cca591da44f3827ec70fdb64fec071ebec7ecf6a5c5649087230420963f5c38ca2c7857eaba5187d419d", 0x6c}, {&(0x7f0000000780)="2236f3959631c8212a1fae55ab86df23e2db6b42e82ff4f74e", 0x19}, {&(0x7f00000007c0)="b16add6dc1785567a5211500d00fdda17545f8689e29b8abdaae3b1bdb9aa7c25e6cb9829d37d62fb56ae33ae837b89c22c0cc080bdcd4a7bb7c48f6cd99c0765eddcab9e215c9d564aa7294a7308d7279db0e678c14c25632f808816e9662f07554fa791610544be7fd2c03693631ce7e8d7be9b7015afd07f61cffa3b518c753edbe1c7da0b220eb0c3cc7538c6ca33fd7f852e96bb26892bb2310d6c5345df9", 0xa1}], 0xa}}, {{&(0x7f0000000940)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000cc0)=[{&(0x7f0000000980)="1241e03545ac68ab163d04a73af1db63a6dca97672ccb12905e92d43981d0901fab6c75b32dd4df16bd1ccadd4734175ae2aed320afb684580917e7ac83e1054b40e60d82dcc4459a1f392d6e8011de5c8932b644a800b4ad60378b26e982bf1417fb2616f9f80d49fddab1c672e87b4137ee2860b", 0x75}, {&(0x7f0000000a00)="43899e3daaa49185e9c987dd476fb0be7b015a96bd8048a64735802c66eb9ba1ee62107f04b4368660bd1dd46528b0435c7d49a8d9a02bbaade051e5c187a802b304de99da4d9cae39484a7384be3b413c3dc3451f6ef1e9354b12d3e64e8bd95acb11c6b5d4ada7059605ab47291069cdb15c9b16a20a0938f8d12efbde2099ff5bb83bd824905932fb2a27c0621dfa766e9e88f3168369586f86377d88a7a5f1c9d5b0a9f215f820121bc8a3c11deda3abdddf3080cbd3a5dc81f22d8e0265a668996321fd6c7f301e7f64d2be07a1997531aa916b8ac1a4092ce08be8c8ad814ba4c34cf20e205d5b8e2330ef11e68e", 0xf1}, {&(0x7f0000000b00)="797d738fef02f09d4eed6eeb30f626b38e9871901809426e28d3921c9de9a21c7f47e9ef9f0cff7a72dda179e0a52008eb690727c92a10eb6e4f1a8f993c976a20b61f14f42235723c0b4ac5442c8d27494ee624234c090a909c36e31e8e9e865c39b95631d78021a23a281f7c25747be1412ebdf14028e77ba2cbd3cf2764d13d14b17760e7abce81acd382fd74e2e90e907d1970c50d94852ed6291a6df11a2c4e788bd2480c7f72a86049fde0a4cf5672a3ff530f71e135847fc4a5947fee78fce0d4149db3cee98fce5ab4f7374a836f58c4258e47345bc04a26767d2dcdc01be77d7787b0fa5fe88885cc28b7d83dd0e19c0384", 0xf6}, {&(0x7f0000000c00)="f393deea85f3deb42755b4fc07d200f0e21917cfbc0e1d14837f6e45b75d237b9bdedabcfda3fb26cf0e20ba053c4d6a911913ad1b636b5b8f9b9efe00e42d46b737426d727c080a094fcfbbf48e5a6c7a99f19311ef06034ba76194a684a411bcdfe9a2ef48f556d103f9a306d215162e8d7a6cbccb482aedbea31fb9b4c79053f9a320d6bb32fc2ae776f3", 0x8c}], 0x4}}], 0x2, 0x4000000)

29.490505667s ago: executing program 1 (id=2903):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x24}}, 0x4000884)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c000000480005800800010065756800070002"], 0x5c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="04010000", @ANYRES16=r2, @ANYBLOB="000829bd7000fbdbdf251400000034000980080001001000000008000100000000000800010001000080080001000f00000008000200080000000800010002000000100005800c0002800800030004000000ac00018038000400200001000a004e230000000400000000000000f731ef2f00471dbb8a3a4b2bf9000000ffffac1e0101000000001400020002004e23e0000002000000000000000044000400200001000a004e2000000007fe8000000000000000000000000000bb01000000200002000a004e2100000000fc020000000000000000000000000001050000002c0004001400010002004e23ac1414bb00000000000000001400020002004e"], 0x104}, 0x1, 0x0, 0x0, 0x40880}, 0x24008000)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000180)="c0dbbf7c", 0x4}, {&(0x7f0000000380)="ea5ef64880446cc9620eff27127e", 0xe}, {&(0x7f00000003c0)="879d19ec198e512c284d2d9982402cedace200e52e20d77f86b78e4f4774a02907a11ea1804e9d8a45684941dee612b08c4fc5fd3cca01e23cea6d7203edbe038a096fa4bd737671b5f7fe06447a44e438ae434b836cd987d379340cc39e6e957b82bf63688b021196b4c5671bcd885599c4d0042f64b863d264ec48d77d56", 0x7f}, {&(0x7f0000000440)="c89cd20e87b2c27961369b33b8416160261d9d8d6f760334ec636c9b72d7fa8d5a42f38ae398e46c38fcc223b9643985c0ca40ba3a3d5045f049357c10e34c72fd63d69cdbbee9cfa64d8785522ed8825d26d8f12224273d11bbe5318c940fcafadf8d498ff2a426ee568698471819028ea725bd329f5a71f2205e170012db1b3fef46761d443e85f07555c23b211e0428a0cd323f27cd58cd522ce9e84c209e4a971a810d49b9e905d14100f3e0a925f8c03983a89d620dab8bd687bb2469eaaf535e21e465ca3ee0a7bd338317e7bbf92aefa5a89d2b134211a2cc4f7b2a5fbb8b6164", 0xe4}, {&(0x7f0000000540)="25217ab9150a1ebd47bcd4cd1e8abfd3a415a7bfb322c15d027f1b51359afec0347302bebdea8bd9e578f253ef4a884689e73dc15efff821c86cc685c117b89c222484761673f13a4d066628d2c79091e0272db5f019d4dcfd89c0655999da32e477d3e584730fe94f159f41f11e51c99ac1f160739b676f568a6bce446c218a3c466fc67dfa12d2d4afc0ceb76fb046b6f7d8afc3702b70abc852c83a42b407826f15c961a70f8064393e893fd7a1459ff64a182e7dc7aa4b5851e63ece867ae7e254f217954e83620ffcce277d", 0xce}, {0xfffffffffffffffc}, {&(0x7f0000000640)="8109101d1fad86c8ac83876978218917f3e572191ab16bf3c02883f364f2505fdadeb20bb400a812b940d1d1ea58adc552cfbafc5d2a44eaac39e44dd15d7469ef593f11c0dbe83d236aa8cf281ce5f48dd263ae112200bce55317d7e92ea677ef7dc07594488a3566c960007f44902bb8064337a76513ef335f48ea32d02ee822e4acef74f9b16ff12ae35d44564843fa3d46b398ac01b824", 0x99}, {&(0x7f0000000700)="3e1e2c4f513c7aa6f3b1ece8adc9a3e1cb2ad15c2418b5fcc7967328f93ebb6f55769fb30b3854f4a02c17a24bb14f541d7fb2bafc6827aab03175090d027792faf8cca591da44f3827ec70fdb64fec071ebec7ecf6a5c5649087230420963f5c38ca2c7857eaba5187d419d", 0x6c}, {&(0x7f0000000780)="2236f3959631c8212a1fae55ab86df23e2db6b42e82ff4f74e", 0x19}, {&(0x7f00000007c0)="b16add6dc1785567a5211500d00fdda17545f8689e29b8abdaae3b1bdb9aa7c25e6cb9829d37d62fb56ae33ae837b89c22c0cc080bdcd4a7bb7c48f6cd99c0765eddcab9e215c9d564aa7294a7308d7279db0e678c14c25632f808816e9662f07554fa791610544be7fd2c03693631ce7e8d7be9b7015afd07f61cffa3b518c753edbe1c7da0b220eb0c3cc7538c6ca33fd7f852e96bb26892bb2310d6c5345df9", 0xa1}], 0xa}}, {{&(0x7f0000000940)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000cc0)=[{&(0x7f0000000980)="1241e03545ac68ab163d04a73af1db63a6dca97672ccb12905e92d43981d0901fab6c75b32dd4df16bd1ccadd4734175ae2aed320afb684580917e7ac83e1054b40e60d82dcc4459a1f392d6e8011de5c8932b644a800b4ad60378b26e982bf1417fb2616f9f80d49fddab1c672e87b4137ee2860b", 0x75}, {&(0x7f0000000a00)="43899e3daaa49185e9c987dd476fb0be7b015a96bd8048a64735802c66eb9ba1ee62107f04b4368660bd1dd46528b0435c7d49a8d9a02bbaade051e5c187a802b304de99da4d9cae39484a7384be3b413c3dc3451f6ef1e9354b12d3e64e8bd95acb11c6b5d4ada7059605ab47291069cdb15c9b16a20a0938f8d12efbde2099ff5bb83bd824905932fb2a27c0621dfa766e9e88f3168369586f86377d88a7a5f1c9d5b0a9f215f820121bc8a3c11deda3abdddf3080cbd3a5dc81f22d8e0265a668996321fd6c7f301e7f64d2be07a1997531aa916b8ac1a4092ce08be8c8ad814ba4c34cf20e205d5b8e2330ef11e68e", 0xf1}, {&(0x7f0000000b00)="797d738fef02f09d4eed6eeb30f626b38e9871901809426e28d3921c9de9a21c7f47e9ef9f0cff7a72dda179e0a52008eb690727c92a10eb6e4f1a8f993c976a20b61f14f42235723c0b4ac5442c8d27494ee624234c090a909c36e31e8e9e865c39b95631d78021a23a281f7c25747be1412ebdf14028e77ba2cbd3cf2764d13d14b17760e7abce81acd382fd74e2e90e907d1970c50d94852ed6291a6df11a2c4e788bd2480c7f72a86049fde0a4cf5672a3ff530f71e135847fc4a5947fee78fce0d4149db3cee98fce5ab4f7374a836f58c4258e47345bc04a26767d2dcdc01be77d7787b0fa5fe88885cc28b7d83dd0e19c0384", 0xf6}, {&(0x7f0000000c00)="f393deea85f3deb42755b4fc07d200f0e21917cfbc0e1d14837f6e45b75d237b9bdedabcfda3fb26cf0e20ba053c4d6a911913ad1b636b5b8f9b9efe00e42d46b737426d727c080a094fcfbbf48e5a6c7a99f19311ef06034ba76194a684a411bcdfe9a2ef48f556d103f9a306d215162e8d7a6cbccb482aedbea31fb9b4c79053f9a320d6bb32fc2ae776f3", 0x8c}], 0x4}}], 0x2, 0x4000000)

25.637158675s ago: executing program 2 (id=3364):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan1\x00', <r2=>0x0})
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x3, 0x0, @empty, 0x4000}, 0x1c)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd0600ffdbdb252100000021000300", @ANYRES32=r2, @ANYBLOB="0600eb00000800000700ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x28000)

25.483206291s ago: executing program 2 (id=3365):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)

23.554576463s ago: executing program 1 (id=2903):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x24}}, 0x4000884)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c000000480005800800010065756800070002"], 0x5c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="04010000", @ANYRES16=r2, @ANYBLOB="000829bd7000fbdbdf251400000034000980080001001000000008000100000000000800010001000080080001000f00000008000200080000000800010002000000100005800c0002800800030004000000ac00018038000400200001000a004e230000000400000000000000f731ef2f00471dbb8a3a4b2bf9000000ffffac1e0101000000001400020002004e23e0000002000000000000000044000400200001000a004e2000000007fe8000000000000000000000000000bb01000000200002000a004e2100000000fc020000000000000000000000000001050000002c0004001400010002004e23ac1414bb00000000000000001400020002004e"], 0x104}, 0x1, 0x0, 0x0, 0x40880}, 0x24008000)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000180)="c0dbbf7c", 0x4}, {&(0x7f0000000380)="ea5ef64880446cc9620eff27127e", 0xe}, {&(0x7f00000003c0)="879d19ec198e512c284d2d9982402cedace200e52e20d77f86b78e4f4774a02907a11ea1804e9d8a45684941dee612b08c4fc5fd3cca01e23cea6d7203edbe038a096fa4bd737671b5f7fe06447a44e438ae434b836cd987d379340cc39e6e957b82bf63688b021196b4c5671bcd885599c4d0042f64b863d264ec48d77d56", 0x7f}, {&(0x7f0000000440)="c89cd20e87b2c27961369b33b8416160261d9d8d6f760334ec636c9b72d7fa8d5a42f38ae398e46c38fcc223b9643985c0ca40ba3a3d5045f049357c10e34c72fd63d69cdbbee9cfa64d8785522ed8825d26d8f12224273d11bbe5318c940fcafadf8d498ff2a426ee568698471819028ea725bd329f5a71f2205e170012db1b3fef46761d443e85f07555c23b211e0428a0cd323f27cd58cd522ce9e84c209e4a971a810d49b9e905d14100f3e0a925f8c03983a89d620dab8bd687bb2469eaaf535e21e465ca3ee0a7bd338317e7bbf92aefa5a89d2b134211a2cc4f7b2a5fbb8b6164", 0xe4}, {&(0x7f0000000540)="25217ab9150a1ebd47bcd4cd1e8abfd3a415a7bfb322c15d027f1b51359afec0347302bebdea8bd9e578f253ef4a884689e73dc15efff821c86cc685c117b89c222484761673f13a4d066628d2c79091e0272db5f019d4dcfd89c0655999da32e477d3e584730fe94f159f41f11e51c99ac1f160739b676f568a6bce446c218a3c466fc67dfa12d2d4afc0ceb76fb046b6f7d8afc3702b70abc852c83a42b407826f15c961a70f8064393e893fd7a1459ff64a182e7dc7aa4b5851e63ece867ae7e254f217954e83620ffcce277d", 0xce}, {0xfffffffffffffffc}, {&(0x7f0000000640)="8109101d1fad86c8ac83876978218917f3e572191ab16bf3c02883f364f2505fdadeb20bb400a812b940d1d1ea58adc552cfbafc5d2a44eaac39e44dd15d7469ef593f11c0dbe83d236aa8cf281ce5f48dd263ae112200bce55317d7e92ea677ef7dc07594488a3566c960007f44902bb8064337a76513ef335f48ea32d02ee822e4acef74f9b16ff12ae35d44564843fa3d46b398ac01b824", 0x99}, {&(0x7f0000000700)="3e1e2c4f513c7aa6f3b1ece8adc9a3e1cb2ad15c2418b5fcc7967328f93ebb6f55769fb30b3854f4a02c17a24bb14f541d7fb2bafc6827aab03175090d027792faf8cca591da44f3827ec70fdb64fec071ebec7ecf6a5c5649087230420963f5c38ca2c7857eaba5187d419d", 0x6c}, {&(0x7f0000000780)="2236f3959631c8212a1fae55ab86df23e2db6b42e82ff4f74e", 0x19}, {&(0x7f00000007c0)="b16add6dc1785567a5211500d00fdda17545f8689e29b8abdaae3b1bdb9aa7c25e6cb9829d37d62fb56ae33ae837b89c22c0cc080bdcd4a7bb7c48f6cd99c0765eddcab9e215c9d564aa7294a7308d7279db0e678c14c25632f808816e9662f07554fa791610544be7fd2c03693631ce7e8d7be9b7015afd07f61cffa3b518c753edbe1c7da0b220eb0c3cc7538c6ca33fd7f852e96bb26892bb2310d6c5345df9", 0xa1}], 0xa}}, {{&(0x7f0000000940)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000cc0)=[{&(0x7f0000000980)="1241e03545ac68ab163d04a73af1db63a6dca97672ccb12905e92d43981d0901fab6c75b32dd4df16bd1ccadd4734175ae2aed320afb684580917e7ac83e1054b40e60d82dcc4459a1f392d6e8011de5c8932b644a800b4ad60378b26e982bf1417fb2616f9f80d49fddab1c672e87b4137ee2860b", 0x75}, {&(0x7f0000000a00)="43899e3daaa49185e9c987dd476fb0be7b015a96bd8048a64735802c66eb9ba1ee62107f04b4368660bd1dd46528b0435c7d49a8d9a02bbaade051e5c187a802b304de99da4d9cae39484a7384be3b413c3dc3451f6ef1e9354b12d3e64e8bd95acb11c6b5d4ada7059605ab47291069cdb15c9b16a20a0938f8d12efbde2099ff5bb83bd824905932fb2a27c0621dfa766e9e88f3168369586f86377d88a7a5f1c9d5b0a9f215f820121bc8a3c11deda3abdddf3080cbd3a5dc81f22d8e0265a668996321fd6c7f301e7f64d2be07a1997531aa916b8ac1a4092ce08be8c8ad814ba4c34cf20e205d5b8e2330ef11e68e", 0xf1}, {&(0x7f0000000b00)="797d738fef02f09d4eed6eeb30f626b38e9871901809426e28d3921c9de9a21c7f47e9ef9f0cff7a72dda179e0a52008eb690727c92a10eb6e4f1a8f993c976a20b61f14f42235723c0b4ac5442c8d27494ee624234c090a909c36e31e8e9e865c39b95631d78021a23a281f7c25747be1412ebdf14028e77ba2cbd3cf2764d13d14b17760e7abce81acd382fd74e2e90e907d1970c50d94852ed6291a6df11a2c4e788bd2480c7f72a86049fde0a4cf5672a3ff530f71e135847fc4a5947fee78fce0d4149db3cee98fce5ab4f7374a836f58c4258e47345bc04a26767d2dcdc01be77d7787b0fa5fe88885cc28b7d83dd0e19c0384", 0xf6}, {&(0x7f0000000c00)="f393deea85f3deb42755b4fc07d200f0e21917cfbc0e1d14837f6e45b75d237b9bdedabcfda3fb26cf0e20ba053c4d6a911913ad1b636b5b8f9b9efe00e42d46b737426d727c080a094fcfbbf48e5a6c7a99f19311ef06034ba76194a684a411bcdfe9a2ef48f556d103f9a306d215162e8d7a6cbccb482aedbea31fb9b4c79053f9a320d6bb32fc2ae776f3", 0x8c}], 0x4}}], 0x2, 0x4000000)

21.253976555s ago: executing program 2 (id=3365):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)

17.428306901s ago: executing program 1 (id=2903):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x24}}, 0x4000884)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c000000480005800800010065756800070002"], 0x5c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="04010000", @ANYRES16=r2, @ANYBLOB="000829bd7000fbdbdf251400000034000980080001001000000008000100000000000800010001000080080001000f00000008000200080000000800010002000000100005800c0002800800030004000000ac00018038000400200001000a004e230000000400000000000000f731ef2f00471dbb8a3a4b2bf9000000ffffac1e0101000000001400020002004e23e0000002000000000000000044000400200001000a004e2000000007fe8000000000000000000000000000bb01000000200002000a004e2100000000fc020000000000000000000000000001050000002c0004001400010002004e23ac1414bb00000000000000001400020002004e"], 0x104}, 0x1, 0x0, 0x0, 0x40880}, 0x24008000)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000180)="c0dbbf7c", 0x4}, {&(0x7f0000000380)="ea5ef64880446cc9620eff27127e", 0xe}, {&(0x7f00000003c0)="879d19ec198e512c284d2d9982402cedace200e52e20d77f86b78e4f4774a02907a11ea1804e9d8a45684941dee612b08c4fc5fd3cca01e23cea6d7203edbe038a096fa4bd737671b5f7fe06447a44e438ae434b836cd987d379340cc39e6e957b82bf63688b021196b4c5671bcd885599c4d0042f64b863d264ec48d77d56", 0x7f}, {&(0x7f0000000440)="c89cd20e87b2c27961369b33b8416160261d9d8d6f760334ec636c9b72d7fa8d5a42f38ae398e46c38fcc223b9643985c0ca40ba3a3d5045f049357c10e34c72fd63d69cdbbee9cfa64d8785522ed8825d26d8f12224273d11bbe5318c940fcafadf8d498ff2a426ee568698471819028ea725bd329f5a71f2205e170012db1b3fef46761d443e85f07555c23b211e0428a0cd323f27cd58cd522ce9e84c209e4a971a810d49b9e905d14100f3e0a925f8c03983a89d620dab8bd687bb2469eaaf535e21e465ca3ee0a7bd338317e7bbf92aefa5a89d2b134211a2cc4f7b2a5fbb8b6164", 0xe4}, {&(0x7f0000000540)="25217ab9150a1ebd47bcd4cd1e8abfd3a415a7bfb322c15d027f1b51359afec0347302bebdea8bd9e578f253ef4a884689e73dc15efff821c86cc685c117b89c222484761673f13a4d066628d2c79091e0272db5f019d4dcfd89c0655999da32e477d3e584730fe94f159f41f11e51c99ac1f160739b676f568a6bce446c218a3c466fc67dfa12d2d4afc0ceb76fb046b6f7d8afc3702b70abc852c83a42b407826f15c961a70f8064393e893fd7a1459ff64a182e7dc7aa4b5851e63ece867ae7e254f217954e83620ffcce277d", 0xce}, {0xfffffffffffffffc}, {&(0x7f0000000640)="8109101d1fad86c8ac83876978218917f3e572191ab16bf3c02883f364f2505fdadeb20bb400a812b940d1d1ea58adc552cfbafc5d2a44eaac39e44dd15d7469ef593f11c0dbe83d236aa8cf281ce5f48dd263ae112200bce55317d7e92ea677ef7dc07594488a3566c960007f44902bb8064337a76513ef335f48ea32d02ee822e4acef74f9b16ff12ae35d44564843fa3d46b398ac01b824", 0x99}, {&(0x7f0000000700)="3e1e2c4f513c7aa6f3b1ece8adc9a3e1cb2ad15c2418b5fcc7967328f93ebb6f55769fb30b3854f4a02c17a24bb14f541d7fb2bafc6827aab03175090d027792faf8cca591da44f3827ec70fdb64fec071ebec7ecf6a5c5649087230420963f5c38ca2c7857eaba5187d419d", 0x6c}, {&(0x7f0000000780)="2236f3959631c8212a1fae55ab86df23e2db6b42e82ff4f74e", 0x19}, {&(0x7f00000007c0)="b16add6dc1785567a5211500d00fdda17545f8689e29b8abdaae3b1bdb9aa7c25e6cb9829d37d62fb56ae33ae837b89c22c0cc080bdcd4a7bb7c48f6cd99c0765eddcab9e215c9d564aa7294a7308d7279db0e678c14c25632f808816e9662f07554fa791610544be7fd2c03693631ce7e8d7be9b7015afd07f61cffa3b518c753edbe1c7da0b220eb0c3cc7538c6ca33fd7f852e96bb26892bb2310d6c5345df9", 0xa1}], 0xa}}, {{&(0x7f0000000940)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000cc0)=[{&(0x7f0000000980)="1241e03545ac68ab163d04a73af1db63a6dca97672ccb12905e92d43981d0901fab6c75b32dd4df16bd1ccadd4734175ae2aed320afb684580917e7ac83e1054b40e60d82dcc4459a1f392d6e8011de5c8932b644a800b4ad60378b26e982bf1417fb2616f9f80d49fddab1c672e87b4137ee2860b", 0x75}, {&(0x7f0000000a00)="43899e3daaa49185e9c987dd476fb0be7b015a96bd8048a64735802c66eb9ba1ee62107f04b4368660bd1dd46528b0435c7d49a8d9a02bbaade051e5c187a802b304de99da4d9cae39484a7384be3b413c3dc3451f6ef1e9354b12d3e64e8bd95acb11c6b5d4ada7059605ab47291069cdb15c9b16a20a0938f8d12efbde2099ff5bb83bd824905932fb2a27c0621dfa766e9e88f3168369586f86377d88a7a5f1c9d5b0a9f215f820121bc8a3c11deda3abdddf3080cbd3a5dc81f22d8e0265a668996321fd6c7f301e7f64d2be07a1997531aa916b8ac1a4092ce08be8c8ad814ba4c34cf20e205d5b8e2330ef11e68e", 0xf1}, {&(0x7f0000000b00)="797d738fef02f09d4eed6eeb30f626b38e9871901809426e28d3921c9de9a21c7f47e9ef9f0cff7a72dda179e0a52008eb690727c92a10eb6e4f1a8f993c976a20b61f14f42235723c0b4ac5442c8d27494ee624234c090a909c36e31e8e9e865c39b95631d78021a23a281f7c25747be1412ebdf14028e77ba2cbd3cf2764d13d14b17760e7abce81acd382fd74e2e90e907d1970c50d94852ed6291a6df11a2c4e788bd2480c7f72a86049fde0a4cf5672a3ff530f71e135847fc4a5947fee78fce0d4149db3cee98fce5ab4f7374a836f58c4258e47345bc04a26767d2dcdc01be77d7787b0fa5fe88885cc28b7d83dd0e19c0384", 0xf6}, {&(0x7f0000000c00)="f393deea85f3deb42755b4fc07d200f0e21917cfbc0e1d14837f6e45b75d237b9bdedabcfda3fb26cf0e20ba053c4d6a911913ad1b636b5b8f9b9efe00e42d46b737426d727c080a094fcfbbf48e5a6c7a99f19311ef06034ba76194a684a411bcdfe9a2ef48f556d103f9a306d215162e8d7a6cbccb482aedbea31fb9b4c79053f9a320d6bb32fc2ae776f3", 0x8c}], 0x4}}], 0x2, 0x4000000)

15.137067488s ago: executing program 2 (id=3365):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)

10.044101816s ago: executing program 1 (id=2903):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x24}}, 0x4000884)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c000000480005800800010065756800070002"], 0x5c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="04010000", @ANYRES16=r2, @ANYBLOB="000829bd7000fbdbdf251400000034000980080001001000000008000100000000000800010001000080080001000f00000008000200080000000800010002000000100005800c0002800800030004000000ac00018038000400200001000a004e230000000400000000000000f731ef2f00471dbb8a3a4b2bf9000000ffffac1e0101000000001400020002004e23e0000002000000000000000044000400200001000a004e2000000007fe8000000000000000000000000000bb01000000200002000a004e2100000000fc020000000000000000000000000001050000002c0004001400010002004e23ac1414bb00000000000000001400020002004e"], 0x104}, 0x1, 0x0, 0x0, 0x40880}, 0x24008000)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000180)="c0dbbf7c", 0x4}, {&(0x7f0000000380)="ea5ef64880446cc9620eff27127e", 0xe}, {&(0x7f00000003c0)="879d19ec198e512c284d2d9982402cedace200e52e20d77f86b78e4f4774a02907a11ea1804e9d8a45684941dee612b08c4fc5fd3cca01e23cea6d7203edbe038a096fa4bd737671b5f7fe06447a44e438ae434b836cd987d379340cc39e6e957b82bf63688b021196b4c5671bcd885599c4d0042f64b863d264ec48d77d56", 0x7f}, {&(0x7f0000000440)="c89cd20e87b2c27961369b33b8416160261d9d8d6f760334ec636c9b72d7fa8d5a42f38ae398e46c38fcc223b9643985c0ca40ba3a3d5045f049357c10e34c72fd63d69cdbbee9cfa64d8785522ed8825d26d8f12224273d11bbe5318c940fcafadf8d498ff2a426ee568698471819028ea725bd329f5a71f2205e170012db1b3fef46761d443e85f07555c23b211e0428a0cd323f27cd58cd522ce9e84c209e4a971a810d49b9e905d14100f3e0a925f8c03983a89d620dab8bd687bb2469eaaf535e21e465ca3ee0a7bd338317e7bbf92aefa5a89d2b134211a2cc4f7b2a5fbb8b6164", 0xe4}, {&(0x7f0000000540)="25217ab9150a1ebd47bcd4cd1e8abfd3a415a7bfb322c15d027f1b51359afec0347302bebdea8bd9e578f253ef4a884689e73dc15efff821c86cc685c117b89c222484761673f13a4d066628d2c79091e0272db5f019d4dcfd89c0655999da32e477d3e584730fe94f159f41f11e51c99ac1f160739b676f568a6bce446c218a3c466fc67dfa12d2d4afc0ceb76fb046b6f7d8afc3702b70abc852c83a42b407826f15c961a70f8064393e893fd7a1459ff64a182e7dc7aa4b5851e63ece867ae7e254f217954e83620ffcce277d", 0xce}, {0xfffffffffffffffc}, {&(0x7f0000000640)="8109101d1fad86c8ac83876978218917f3e572191ab16bf3c02883f364f2505fdadeb20bb400a812b940d1d1ea58adc552cfbafc5d2a44eaac39e44dd15d7469ef593f11c0dbe83d236aa8cf281ce5f48dd263ae112200bce55317d7e92ea677ef7dc07594488a3566c960007f44902bb8064337a76513ef335f48ea32d02ee822e4acef74f9b16ff12ae35d44564843fa3d46b398ac01b824", 0x99}, {&(0x7f0000000700)="3e1e2c4f513c7aa6f3b1ece8adc9a3e1cb2ad15c2418b5fcc7967328f93ebb6f55769fb30b3854f4a02c17a24bb14f541d7fb2bafc6827aab03175090d027792faf8cca591da44f3827ec70fdb64fec071ebec7ecf6a5c5649087230420963f5c38ca2c7857eaba5187d419d", 0x6c}, {&(0x7f0000000780)="2236f3959631c8212a1fae55ab86df23e2db6b42e82ff4f74e", 0x19}, {&(0x7f00000007c0)="b16add6dc1785567a5211500d00fdda17545f8689e29b8abdaae3b1bdb9aa7c25e6cb9829d37d62fb56ae33ae837b89c22c0cc080bdcd4a7bb7c48f6cd99c0765eddcab9e215c9d564aa7294a7308d7279db0e678c14c25632f808816e9662f07554fa791610544be7fd2c03693631ce7e8d7be9b7015afd07f61cffa3b518c753edbe1c7da0b220eb0c3cc7538c6ca33fd7f852e96bb26892bb2310d6c5345df9", 0xa1}], 0xa}}, {{&(0x7f0000000940)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000cc0)=[{&(0x7f0000000980)="1241e03545ac68ab163d04a73af1db63a6dca97672ccb12905e92d43981d0901fab6c75b32dd4df16bd1ccadd4734175ae2aed320afb684580917e7ac83e1054b40e60d82dcc4459a1f392d6e8011de5c8932b644a800b4ad60378b26e982bf1417fb2616f9f80d49fddab1c672e87b4137ee2860b", 0x75}, {&(0x7f0000000a00)="43899e3daaa49185e9c987dd476fb0be7b015a96bd8048a64735802c66eb9ba1ee62107f04b4368660bd1dd46528b0435c7d49a8d9a02bbaade051e5c187a802b304de99da4d9cae39484a7384be3b413c3dc3451f6ef1e9354b12d3e64e8bd95acb11c6b5d4ada7059605ab47291069cdb15c9b16a20a0938f8d12efbde2099ff5bb83bd824905932fb2a27c0621dfa766e9e88f3168369586f86377d88a7a5f1c9d5b0a9f215f820121bc8a3c11deda3abdddf3080cbd3a5dc81f22d8e0265a668996321fd6c7f301e7f64d2be07a1997531aa916b8ac1a4092ce08be8c8ad814ba4c34cf20e205d5b8e2330ef11e68e", 0xf1}, {&(0x7f0000000b00)="797d738fef02f09d4eed6eeb30f626b38e9871901809426e28d3921c9de9a21c7f47e9ef9f0cff7a72dda179e0a52008eb690727c92a10eb6e4f1a8f993c976a20b61f14f42235723c0b4ac5442c8d27494ee624234c090a909c36e31e8e9e865c39b95631d78021a23a281f7c25747be1412ebdf14028e77ba2cbd3cf2764d13d14b17760e7abce81acd382fd74e2e90e907d1970c50d94852ed6291a6df11a2c4e788bd2480c7f72a86049fde0a4cf5672a3ff530f71e135847fc4a5947fee78fce0d4149db3cee98fce5ab4f7374a836f58c4258e47345bc04a26767d2dcdc01be77d7787b0fa5fe88885cc28b7d83dd0e19c0384", 0xf6}, {&(0x7f0000000c00)="f393deea85f3deb42755b4fc07d200f0e21917cfbc0e1d14837f6e45b75d237b9bdedabcfda3fb26cf0e20ba053c4d6a911913ad1b636b5b8f9b9efe00e42d46b737426d727c080a094fcfbbf48e5a6c7a99f19311ef06034ba76194a684a411bcdfe9a2ef48f556d103f9a306d215162e8d7a6cbccb482aedbea31fb9b4c79053f9a320d6bb32fc2ae776f3", 0x8c}], 0x4}}], 0x2, 0x4000000)

8.609083959s ago: executing program 2 (id=3365):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)

2.288031305s ago: executing program 1 (id=2903):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x24}}, 0x4000884)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c000000480005800800010065756800070002"], 0x5c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="04010000", @ANYRES16=r2, @ANYBLOB="000829bd7000fbdbdf251400000034000980080001001000000008000100000000000800010001000080080001000f00000008000200080000000800010002000000100005800c0002800800030004000000ac00018038000400200001000a004e230000000400000000000000f731ef2f00471dbb8a3a4b2bf9000000ffffac1e0101000000001400020002004e23e0000002000000000000000044000400200001000a004e2000000007fe8000000000000000000000000000bb01000000200002000a004e2100000000fc020000000000000000000000000001050000002c0004001400010002004e23ac1414bb00000000000000001400020002004e"], 0x104}, 0x1, 0x0, 0x0, 0x40880}, 0x24008000)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000180)="c0dbbf7c", 0x4}, {&(0x7f0000000380)="ea5ef64880446cc9620eff27127e", 0xe}, {&(0x7f00000003c0)="879d19ec198e512c284d2d9982402cedace200e52e20d77f86b78e4f4774a02907a11ea1804e9d8a45684941dee612b08c4fc5fd3cca01e23cea6d7203edbe038a096fa4bd737671b5f7fe06447a44e438ae434b836cd987d379340cc39e6e957b82bf63688b021196b4c5671bcd885599c4d0042f64b863d264ec48d77d56", 0x7f}, {&(0x7f0000000440)="c89cd20e87b2c27961369b33b8416160261d9d8d6f760334ec636c9b72d7fa8d5a42f38ae398e46c38fcc223b9643985c0ca40ba3a3d5045f049357c10e34c72fd63d69cdbbee9cfa64d8785522ed8825d26d8f12224273d11bbe5318c940fcafadf8d498ff2a426ee568698471819028ea725bd329f5a71f2205e170012db1b3fef46761d443e85f07555c23b211e0428a0cd323f27cd58cd522ce9e84c209e4a971a810d49b9e905d14100f3e0a925f8c03983a89d620dab8bd687bb2469eaaf535e21e465ca3ee0a7bd338317e7bbf92aefa5a89d2b134211a2cc4f7b2a5fbb8b6164", 0xe4}, {&(0x7f0000000540)="25217ab9150a1ebd47bcd4cd1e8abfd3a415a7bfb322c15d027f1b51359afec0347302bebdea8bd9e578f253ef4a884689e73dc15efff821c86cc685c117b89c222484761673f13a4d066628d2c79091e0272db5f019d4dcfd89c0655999da32e477d3e584730fe94f159f41f11e51c99ac1f160739b676f568a6bce446c218a3c466fc67dfa12d2d4afc0ceb76fb046b6f7d8afc3702b70abc852c83a42b407826f15c961a70f8064393e893fd7a1459ff64a182e7dc7aa4b5851e63ece867ae7e254f217954e83620ffcce277d", 0xce}, {0xfffffffffffffffc}, {&(0x7f0000000640)="8109101d1fad86c8ac83876978218917f3e572191ab16bf3c02883f364f2505fdadeb20bb400a812b940d1d1ea58adc552cfbafc5d2a44eaac39e44dd15d7469ef593f11c0dbe83d236aa8cf281ce5f48dd263ae112200bce55317d7e92ea677ef7dc07594488a3566c960007f44902bb8064337a76513ef335f48ea32d02ee822e4acef74f9b16ff12ae35d44564843fa3d46b398ac01b824", 0x99}, {&(0x7f0000000700)="3e1e2c4f513c7aa6f3b1ece8adc9a3e1cb2ad15c2418b5fcc7967328f93ebb6f55769fb30b3854f4a02c17a24bb14f541d7fb2bafc6827aab03175090d027792faf8cca591da44f3827ec70fdb64fec071ebec7ecf6a5c5649087230420963f5c38ca2c7857eaba5187d419d", 0x6c}, {&(0x7f0000000780)="2236f3959631c8212a1fae55ab86df23e2db6b42e82ff4f74e", 0x19}, {&(0x7f00000007c0)="b16add6dc1785567a5211500d00fdda17545f8689e29b8abdaae3b1bdb9aa7c25e6cb9829d37d62fb56ae33ae837b89c22c0cc080bdcd4a7bb7c48f6cd99c0765eddcab9e215c9d564aa7294a7308d7279db0e678c14c25632f808816e9662f07554fa791610544be7fd2c03693631ce7e8d7be9b7015afd07f61cffa3b518c753edbe1c7da0b220eb0c3cc7538c6ca33fd7f852e96bb26892bb2310d6c5345df9", 0xa1}], 0xa}}, {{&(0x7f0000000940)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000cc0)=[{&(0x7f0000000980)="1241e03545ac68ab163d04a73af1db63a6dca97672ccb12905e92d43981d0901fab6c75b32dd4df16bd1ccadd4734175ae2aed320afb684580917e7ac83e1054b40e60d82dcc4459a1f392d6e8011de5c8932b644a800b4ad60378b26e982bf1417fb2616f9f80d49fddab1c672e87b4137ee2860b", 0x75}, {&(0x7f0000000a00)="43899e3daaa49185e9c987dd476fb0be7b015a96bd8048a64735802c66eb9ba1ee62107f04b4368660bd1dd46528b0435c7d49a8d9a02bbaade051e5c187a802b304de99da4d9cae39484a7384be3b413c3dc3451f6ef1e9354b12d3e64e8bd95acb11c6b5d4ada7059605ab47291069cdb15c9b16a20a0938f8d12efbde2099ff5bb83bd824905932fb2a27c0621dfa766e9e88f3168369586f86377d88a7a5f1c9d5b0a9f215f820121bc8a3c11deda3abdddf3080cbd3a5dc81f22d8e0265a668996321fd6c7f301e7f64d2be07a1997531aa916b8ac1a4092ce08be8c8ad814ba4c34cf20e205d5b8e2330ef11e68e", 0xf1}, {&(0x7f0000000b00)="797d738fef02f09d4eed6eeb30f626b38e9871901809426e28d3921c9de9a21c7f47e9ef9f0cff7a72dda179e0a52008eb690727c92a10eb6e4f1a8f993c976a20b61f14f42235723c0b4ac5442c8d27494ee624234c090a909c36e31e8e9e865c39b95631d78021a23a281f7c25747be1412ebdf14028e77ba2cbd3cf2764d13d14b17760e7abce81acd382fd74e2e90e907d1970c50d94852ed6291a6df11a2c4e788bd2480c7f72a86049fde0a4cf5672a3ff530f71e135847fc4a5947fee78fce0d4149db3cee98fce5ab4f7374a836f58c4258e47345bc04a26767d2dcdc01be77d7787b0fa5fe88885cc28b7d83dd0e19c0384", 0xf6}, {&(0x7f0000000c00)="f393deea85f3deb42755b4fc07d200f0e21917cfbc0e1d14837f6e45b75d237b9bdedabcfda3fb26cf0e20ba053c4d6a911913ad1b636b5b8f9b9efe00e42d46b737426d727c080a094fcfbbf48e5a6c7a99f19311ef06034ba76194a684a411bcdfe9a2ef48f556d103f9a306d215162e8d7a6cbccb482aedbea31fb9b4c79053f9a320d6bb32fc2ae776f3", 0x8c}], 0x4}}], 0x2, 0x4000000)

1.899452088s ago: executing program 2 (id=3365):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)

1.299233561s ago: executing program 0 (id=3490):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_ax25_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={@default, @default, 0x5, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x4c, r5, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x1c, 0x51, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "3b9f558ca8"}, @NL80211_KEY_IDX={0x5}]}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0xd0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x2c, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x2}, @TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_DATA={0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

1.230102651s ago: executing program 0 (id=3491):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x4030582a, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'erspan0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f031c00eee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r0, 0x20, &(0x7f0000000140)={&(0x7f0000000500)=""/224, 0xe0, <r3=>0x0, &(0x7f0000000240)=""/174, 0xae}}, 0x10)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000300)={0x6, &(0x7f0000000080)=[{0x2, 0x0, 0x9, 0x6}, {0x621, 0xfa, 0x8, 0x1}, {0xe, 0x26, 0xa, 0xb9}, {0x5e0, 0x0, 0x7, 0x9}, {0x8, 0x6, 0x4, 0x5}, {0x0, 0x7, 0x3, 0x8001}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000fdffffff000000000000000063011c00000000009500000000000000cf08d7a7572375b13c1e1a736e38fb649631818cf0f7aeb550c4bc3c69ec28750bc7c759ac889827469f9153a201cd7c9ed8c34be4737534586516ecea7dbf26bee10b1323526ad932c8bbe75c158042bca10544bf1894a3394f25d9bf09ca50cb226e4b9abc6944a3ffabf7ccd511b66937cbda813112c453f9058e98aa6d35baa62ff63d3e73fde28d02a6d2b8a2144621cde238e546c53a082c63a8755c76886287364f246828521218925feb60bf970c406ca708e9a8cc1055f75605a0735514c6e00deac3b023f492ecc2f09b096647f522af81a7ad83d952e9ab241772461e0b2e2ac5fbe363750ece6def8bad1124431331fd03316e40a1bb"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}, 0x94)

1.170190175s ago: executing program 0 (id=3492):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x23}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000180)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
recvmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0xff03, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x84001080}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x178, 0x1403, 0x300, 0x70bd2a, 0x25dfdbfd, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'xfrm0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'dummy0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'team_slave_1\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth1_virt_wifi\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'team0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'rose0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'ipvlan1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'hsr0\x00'}}]}, 0x178}, 0x1, 0x0, 0x0, 0x4000090}, 0x4000804)

300.003845ms ago: executing program 0 (id=3493):
recvfrom$packet(0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="24000000680001"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x3ffff70, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
sendmsg$alg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="839fefaaad03ca3b4dae808f04bfaf14f3f0f6da158967f4907475caf5fc0df59d3ee87cb50d61cc045cb7363e2ba86a87b300e4b2dcacbeb2531d3c0ad37ca8f128bb88a95361ac8f3fbac5c5687189b69aee5014588a0106085faeed4b91d22a4192f2349785f0b96110b29463f579717c7817d213d9c00e2747707debef0696a88586eabeda97e7b95b1a4d687d452e00bbb108308c", 0x97}, {&(0x7f0000000280)="393c96e59b5bc332598b60828edd744c6db7bb622b24f6f08057694aa248c0b00c6a92d3ecb7f763a61b1924d356dc687f614a554182bd1e991ab82ccc848864745eaba0133f00ad7aec640f641b58853686c390d444b2f2c47c42cc1552f3f1fa37811ab8924f7414568be78ea17ab728549a79ff3490c9d07fb7140b5d8cd7a4088258af2bd0937397c395f85f2af870a9b2ac01870b35cb976412f6b30ce411b88d5aece869a72b8261", 0xab}], 0x2, 0x0, 0x0, 0x44081}, 0x4811)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="0200000002000000", @ANYRES64=0x0], 0x10)
socket$alg(0x26, 0x5, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073727a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

205.068606ms ago: executing program 0 (id=3494):
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="20000000140001042bbd7000fcdbdf2510400000"], 0x14}, 0x1, 0x0, 0x0, 0x20020000}, 0x40880)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'team_slave_1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000280)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x60, r5, 0x1, 0x3000000, 0x25dfdbff, {0x1, 0x6c00000000000000}, [{{0x8, 0x1, r6}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r3}}}]}}]}, 0x60}, 0x1, 0xf000, 0x0, 0x20000000}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="410028bd0d66e05f22f395b9000008000300", @ANYRES32=r9, @ANYBLOB="1400040073797a6b616c6c6572300000000000000800050002000000050053"], 0x40}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r4)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r7, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x148, r10, 0x2, 0x70bd29, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xffff}, {0x6, 0x11, 0x4}, {0x8, 0x15, 0x9}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x7}, {0x8, 0x15, 0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x9}, {0x8, 0x15, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x4}, {0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x8}, {0x8, 0x15, 0x7}}]}, 0x148}, 0x1, 0x0, 0x0, 0x44040}, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000045000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r13, 0x8946, &(0x7f0000000500)={'hsr0\x00', &(0x7f00000004c0)=@ethtool_sfeatures={0x3b, 0x2, [{0x200, 0x4a39b33c}, {0x2, 0x9}]}})
syz_emit_ethernet(0x5f, &(0x7f0000000b80)=ANY=[@ANYBLOB="aaaaaaaaaa27bbbbbbbbbbbb8888350081002f0008050000f78db86a3919b9105d94c485cc84c1a28a1ee316349dc89be7c53517391aafb08cb98c575acef29bca249e0606463feb69a543553483d43f9be2bea381973ab55007871fb4099550a1242cb5bdd571a7ff865ce1324e5e421db2690d1506da84d676b96f6fbecf93a9def9cb2b671a8d8048e189854dfe8b0ebc2828ae2ef515c3395df491ffc2e0415c87ef0bb54519ebe3bcefb365695d349b9306322614e30436cb86f7d6f9831f0b00673d37c2c96a511f76eda8ddeaf4fd41687df505e53e774820ba9071d0fb1c2fc0cc3d"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r12, 0x0, 0xe, 0xe00, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r14 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000001780)={0x0, @local, @empty}, &(0x7f00000017c0)=0xc)
sendmmsg$inet6(r1, &(0x7f0000001700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40044)

0s ago: executing program 0 (id=3495):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000055003d0926bd70000200000007000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="000200006401010200000000000000000000000086dd0000"], 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) (async)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000055003d0926bd70000200000007000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="000200006401010200000000000000000000000086dd0000"], 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000180)='ufshcd_upiu\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="180000006800010003001000fddbdf250000000000000092"], 0x18}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r4 = openat$cgroup_type(r3, &(0x7f0000000300), 0x2, 0x0)
write$cgroup_type(r4, &(0x7f0000000280), 0x9)
openat$cgroup_procs(r3, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0) (async)
r5 = openat$cgroup_procs(r3, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000140), 0x9) (async)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000140), 0x9)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40088a01, &(0x7f0000000000)=0x200) (async)
ioctl$FS_IOC_SETFLAGS(r0, 0x40088a01, &(0x7f0000000000)=0x200)
r7 = openat$cgroup_ro(r6, &(0x7f00000001c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r8, &(0x7f0000000000)={0x1a, 0x118, 0x0, 0x0, 0x64, 0x42}, 0x10) (async)
bind$llc(r8, &(0x7f0000000000)={0x1a, 0x118, 0x0, 0x0, 0x64, 0x42}, 0x10)
listen(r8, 0x2) (async)
listen(r8, 0x2)
recvfrom$llc(r8, 0x0, 0x0, 0x21, 0x0, 0x0)
write$cgroup_int(r7, &(0x7f00000000c0), 0x12)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f00000003c0), r9) (async)
syz_genetlink_get_family_id$nbd(&(0x7f00000003c0), r9)
socket$nl_netfilter(0x10, 0x3, 0xc)

kernel console output (not intermixed with test programs):

te type 21 has an invalid length.
[  183.189319][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.192962][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.223590][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.228783][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.290557][T14739] openvswitch: netlink: Tunnel attr 16359 out of range max 16
[  183.362300][T14751] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3141'.
[  183.364088][T14753] sch_tbf: burst 0 is lower than device macvtap0 mtu (1514) !
[  183.366868][T14751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3141'.
[  183.386389][T14753] IPv6: Can't replace route, no match found
[  183.471891][T14757] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3144'.
[  183.512363][T14760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3145'.
[  183.515688][T14760] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3145'.
[  183.692925][T14779] bridge_slave_0: invalid flags given to default FDB implementation
[  183.736353][T14782] netlink: 'syz.0.3152': attribute type 7 has an invalid length.
[  183.799831][T14782] bridge0: port 1(syz_tun) entered disabled state
[  183.814804][T14782] bridge9: port 1(team0) entered disabled state
[  183.850470][T14782] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  183.854338][T14782] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  183.914654][ T5869] lo speed is unknown, defaulting to 1000
[  183.923272][ T5869] syz2: Port: 1 Link DOWN
[  184.103741][T14793] netlink: 'syz.0.3157': attribute type 4 has an invalid length.
[  184.192227][T14797] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3159'.
[  184.555409][T14803] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3162'.
[  184.562475][T14803] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  184.692087][T14810] GUP no longer grows the stack in syz.2.3165 (14810): 200000006000-20000000a000 (200000005000)
[  184.697710][T14810] CPU: 1 UID: 0 PID: 14810 Comm: syz.2.3165 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  184.697731][T14810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  184.697740][T14810] Call Trace:
[  184.697747][T14810]  <TASK>
[  184.697754][T14810]  dump_stack_lvl+0x189/0x250
[  184.697784][T14810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.697804][T14810]  ? __pfx__printk+0x10/0x10
[  184.697817][T14810]  ? find_vma+0xe7/0x160
[  184.697841][T14810]  __get_user_pages+0x2a60/0x30b0
[  184.697885][T14810]  ? __pfx___get_user_pages+0x10/0x10
[  184.697902][T14810]  ? __gup_longterm_locked+0xbf7/0x15b0
[  184.697920][T14810]  ? down_read_killable+0x1d1/0x350
[  184.697933][T14810]  ? try_get_folio+0x633/0x660
[  184.697947][T14810]  __gup_longterm_locked+0xd66/0x15b0
[  184.697969][T14810]  ? try_grab_folio_fast+0x1be/0x4f0
[  184.697997][T14810]  ? gup_fast_fallback+0x1afc/0x2260
[  184.698018][T14810]  gup_fast_fallback+0x1cd4/0x2260
[  184.698061][T14810]  ? __pfx_gup_fast_fallback+0x10/0x10
[  184.698079][T14810]  ? trace_contention_end+0x39/0x120
[  184.698093][T14810]  ? __mutex_lock+0x330/0xe80
[  184.698115][T14810]  ? is_valid_gup_args+0x11f/0x200
[  184.698135][T14810]  ? get_user_pages_fast+0x4d/0xb0
[  184.698154][T14810]  __iov_iter_get_pages_alloc+0x39a/0xb40
[  184.698173][T14810]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  184.698187][T14810]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  184.698203][T14810]  ? wait_for_space+0x24d/0x2d0
[  184.698218][T14810]  iov_iter_get_pages2+0x5e/0xa0
[  184.698241][T14810]  __se_sys_vmsplice+0x548/0x10d0
[  184.698270][T14810]  ? __pfx___se_sys_vmsplice+0x10/0x10
[  184.698295][T14810]  ? __lock_acquire+0xab9/0xd20
[  184.698314][T14810]  ? __pfx_futex_wake+0x10/0x10
[  184.698340][T14810]  ? __lock_acquire+0xab9/0xd20
[  184.698383][T14810]  ? do_pipe2+0xf7/0x170
[  184.698400][T14810]  ? rcu_is_watching+0x15/0xb0
[  184.698452][T14810]  ? do_syscall_64+0xbe/0x3b0
[  184.698471][T14810]  do_syscall_64+0xfa/0x3b0
[  184.698482][T14810]  ? lockdep_hardirqs_on+0x9c/0x150
[  184.698501][T14810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.698514][T14810]  ? exc_page_fault+0x9f/0xf0
[  184.698533][T14810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.698546][T14810] RIP: 0033:0x7fb89358e929
[  184.698560][T14810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.698573][T14810] RSP: 002b:00007fb8943d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  184.698588][T14810] RAX: ffffffffffffffda RBX: 00007fb8937b5fa0 RCX: 00007fb89358e929
[  184.698599][T14810] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000b
[  184.698608][T14810] RBP: 00007fb893610b39 R08: 0000000000000000 R09: 0000000000000000
[  184.698617][T14810] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  184.698626][T14810] R13: 0000000000000000 R14: 00007fb8937b5fa0 R15: 00007ffc51d76228
[  184.698649][T14810]  </TASK>
[  184.833077][T14812] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  185.287406][T14828] openvswitch: netlink: Tunnel attr 16359 out of range max 16
[  185.348850][T14835] xt_hashlimit: size too large, truncated to 1048576
[  185.536063][ T5847] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.621274][T14846] lo speed is unknown, defaulting to 1000
[  186.190406][ T5824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  186.196339][ T5824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  186.199684][ T5824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  186.203046][ T5824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  186.208440][ T5824] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  186.314002][T14876] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  186.325987][T14876] CPU: 1 UID: 0 PID: 14876 Comm: syz.2.3186 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  186.326004][T14876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  186.326010][T14876] Call Trace:
[  186.326016][T14876]  <TASK>
[  186.326020][T14876]  dump_stack_lvl+0x189/0x250
[  186.326040][T14876]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.326053][T14876]  ? __pfx__printk+0x10/0x10
[  186.326064][T14876]  ? kernfs_path_from_node+0x2c/0x260
[  186.326075][T14876]  ? kernfs_path_from_node+0x2c/0x260
[  186.326083][T14876]  ? kernfs_path_from_node+0x2c/0x260
[  186.326093][T14876]  ? kernfs_path_from_node+0x22c/0x260
[  186.326101][T14876]  ? kernfs_path_from_node+0x2c/0x260
[  186.326112][T14876]  sysfs_warn_dup+0x8e/0xa0
[  186.326123][T14876]  sysfs_do_create_link_sd+0xc0/0x110
[  186.326133][T14876]  device_add_class_symlinks+0x1cf/0x240
[  186.326144][T14876]  device_add+0x475/0xb50
[  186.326154][T14876]  wiphy_register+0x199a/0x26b0
[  186.326171][T14876]  ? __pfx_wiphy_register+0x10/0x10
[  186.326179][T14876]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  186.326193][T14876]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  186.326205][T14876]  ieee80211_register_hw+0x33e1/0x4120
[  186.326224][T14876]  ? ieee80211_register_hw+0x14b1/0x4120
[  186.326238][T14876]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  186.326250][T14876]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  186.326266][T14876]  ? __hrtimer_setup+0x187/0x210
[  186.326276][T14876]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  186.326294][T14876]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  186.326321][T14876]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  186.326333][T14876]  ? trace_kmalloc+0x1f/0xd0
[  186.326340][T14876]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  186.326348][T14876]  ? kstrndup+0xbf/0x160
[  186.326363][T14876]  hwsim_new_radio_nl+0xea4/0x1b10
[  186.326372][T14876]  ? __pfx___nla_validate_parse+0x10/0x10
[  186.326392][T14876]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  186.326405][T14876]  ? __nla_parse+0x40/0x60
[  186.326445][T14876]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  186.326470][T14876]  genl_family_rcv_msg_doit+0x215/0x300
[  186.326492][T14876]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  186.326515][T14876]  ? bpf_lsm_capable+0x9/0x20
[  186.326523][T14876]  ? security_capable+0x7e/0x2e0
[  186.326536][T14876]  genl_rcv_msg+0x60e/0x790
[  186.326549][T14876]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.326559][T14876]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  186.326572][T14876]  netlink_rcv_skb+0x208/0x470
[  186.326582][T14876]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.326593][T14876]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  186.326608][T14876]  ? down_read+0x1ad/0x2e0
[  186.326617][T14876]  genl_rcv+0x28/0x40
[  186.326627][T14876]  netlink_unicast+0x75b/0x8d0
[  186.326640][T14876]  netlink_sendmsg+0x805/0xb30
[  186.326653][T14876]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.326663][T14876]  ? aa_sock_msg_perm+0x94/0x160
[  186.326673][T14876]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  186.326682][T14876]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.326691][T14876]  __sock_sendmsg+0x21c/0x270
[  186.326704][T14876]  ____sys_sendmsg+0x505/0x830
[  186.326715][T14876]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.326728][T14876]  ? import_iovec+0x74/0xa0
[  186.326738][T14876]  ___sys_sendmsg+0x21f/0x2a0
[  186.326748][T14876]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.326773][T14876]  ? __fget_files+0x2a/0x420
[  186.326781][T14876]  ? __fget_files+0x3a0/0x420
[  186.326793][T14876]  __x64_sys_sendmsg+0x19b/0x260
[  186.326803][T14876]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  186.326817][T14876]  ? rcu_is_watching+0x15/0xb0
[  186.326831][T14876]  ? do_syscall_64+0xbe/0x3b0
[  186.326840][T14876]  do_syscall_64+0xfa/0x3b0
[  186.326846][T14876]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.326856][T14876]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.326863][T14876]  ? exc_page_fault+0x9f/0xf0
[  186.326874][T14876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.326882][T14876] RIP: 0033:0x7fb89358e929
[  186.326891][T14876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.326898][T14876] RSP: 002b:00007fb8943d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.326908][T14876] RAX: ffffffffffffffda RBX: 00007fb8937b5fa0 RCX: 00007fb89358e929
[  186.326914][T14876] RDX: 000000002000c800 RSI: 0000200000000040 RDI: 0000000000000004
[  186.326920][T14876] RBP: 00007fb893610b39 R08: 0000000000000000 R09: 0000000000000000
[  186.326924][T14876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  186.326929][T14876] R13: 0000000000000000 R14: 00007fb8937b5fa0 R15: 00007ffc51d76228
[  186.326942][T14876]  </TASK>
[  186.361743][T14868] lo speed is unknown, defaulting to 1000
[  186.505246][T14879] __nla_validate_parse: 2 callbacks suppressed
[  186.505257][T14879] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3187'.
[  186.526819][T14879] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3187'.
[  186.625953][T14891] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3191'.
[  186.638649][T14868] chnl_net:caif_netlink_parms(): no params data found
[  186.708103][T14868] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.711709][T14868] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.714099][T14868] bridge_slave_0: entered allmulticast mode
[  186.717942][T14868] bridge_slave_0: entered promiscuous mode
[  186.723836][T14868] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.726647][T14868] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.728952][T14868] bridge_slave_1: entered allmulticast mode
[  186.731796][T14868] bridge_slave_1: entered promiscuous mode
[  186.760081][T14868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.764993][T14868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.788853][T14868] team0: Port device team_slave_0 added
[  186.793713][T14868] team0: Port device team_slave_1 added
[  186.822491][T14868] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.825285][T14868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.833753][T14868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.839448][T14868] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.841719][T14868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.843004][T14909] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3195'.
[  186.850361][T14868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.859754][T14909] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3195'.
[  186.882205][T14868] hsr_slave_0: entered promiscuous mode
[  186.885619][T14868] hsr_slave_1: entered promiscuous mode
[  186.887851][T14868] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.890354][T14868] Cannot create hsr debugfs directory
[  186.939440][T14913] veth0: entered promiscuous mode
[  186.953860][T14912] veth0: left promiscuous mode
[  186.991112][T14915] netlink: 'syz.2.3198': attribute type 1 has an invalid length.
[  187.007714][T14915] bond4: entered promiscuous mode
[  187.010130][T14915] 8021q: adding VLAN 0 to HW filter on device bond4
[  187.025071][T14915] bond4: (slave bridge6): making interface the new active one
[  187.028126][T14915] bridge6: entered promiscuous mode
[  187.030879][T14915] bond4: (slave bridge6): Enslaving as an active interface with an up link
[  187.141062][ T5847] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.202845][ T5847] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.263560][ T5847] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.365774][ T5847] bridge_slave_1: left allmulticast mode
[  187.368005][ T5847] bridge_slave_1: left promiscuous mode
[  187.370248][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.377534][ T5847] bridge_slave_0: left allmulticast mode
[  187.384837][ T5847] bridge_slave_0: left promiscuous mode
[  187.386957][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.701717][ T5847] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  187.707847][ T5847] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  187.711872][ T5847] bond0 (unregistering): Released all slaves
[  187.948342][T14938] IPVS: set_ctl: invalid protocol: 115 100.1.1.0:19999
[  187.995451][T14938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3202'.
[  188.068606][T14938] vlan0: entered promiscuous mode
[  188.070918][T14938] vlan0: entered allmulticast mode
[  188.073004][T14938] bridge0: entered allmulticast mode
[  188.109884][T14942] xt_TPROXY: Can be used only with -p tcp or -p udp
[  188.133039][ T5847] hsr_slave_0: left promiscuous mode
[  188.157195][ T5847] hsr_slave_1: left promiscuous mode
[  188.161617][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.164264][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_0
[  188.176697][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.184913][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_1
[  188.203166][ T5847] veth1_macvtap: left promiscuous mode
[  188.206582][ T5847] veth0_macvtap: left promiscuous mode
[  188.208416][ T5847] veth1_vlan: left promiscuous mode
[  188.210494][ T5847] veth0_vlan: left promiscuous mode
[  188.264821][T14948] openvswitch: netlink: Tunnel attr 16359 out of range max 16
[  188.274591][   T54] Bluetooth: hci2: command tx timeout
[  188.542932][ T5847] team0 (unregistering): Port device team_slave_1 removed
[  188.567342][ T5847] team0 (unregistering): Port device team_slave_0 removed
[  188.829635][T14946] wg1: Master is either lo or non-ether device
[  188.887008][T14868] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  188.906392][T14868] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  188.913309][T14868] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  188.920989][T14868] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  189.094805][T14868] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.124330][T14868] 8021q: adding VLAN 0 to HW filter on device team0
[  189.132163][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.134594][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.158234][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.160615][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.306488][T14992] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3215'.
[  189.355586][T14868] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.403594][T14868] veth0_vlan: entered promiscuous mode
[  189.410223][T14868] veth1_vlan: entered promiscuous mode
[  189.468005][T14868] veth0_macvtap: entered promiscuous mode
[  189.480482][T14868] veth1_macvtap: entered promiscuous mode
[  189.501910][T14868] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.512144][T14868] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.517820][T15007] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3220'.
[  189.528142][T14868] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.531110][T14868] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.536485][T14868] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.539978][T14868] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.618169][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.623764][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.645072][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.647766][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.400060][T15045] openvswitch: netlink: Tunnel attr 16359 out of range max 16
[  190.447286][T15049] netlink: 248 bytes leftover after parsing attributes in process `syz.2.3234'.
[  190.852681][T15072] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3239'.
[  190.983038][T15079] openvswitch: netlink: Tunnel attr 16359 out of range max 16
[  191.048660][T15095] netlink: 'syz.2.3244': attribute type 3 has an invalid length.
[  191.104766][T15098] wg1: Master is either lo or non-ether device
[  191.242752][T15119] netlink: 'syz.2.3251': attribute type 7 has an invalid length.
[  191.520740][T15119] veth1_vlan: left allmulticast mode
[  191.542156][T15119] netdevsim netdevsim2 eth0: unset [1, 2] type 2 family 0 port 6081 - 0
[  191.547690][T15119] netdevsim netdevsim2 eth1: unset [1, 2] type 2 family 0 port 6081 - 0
[  191.550511][T15119] netdevsim netdevsim2 eth2: unset [1, 2] type 2 family 0 port 6081 - 0
[  191.553304][T15119] netdevsim netdevsim2 eth3: unset [1, 2] type 2 family 0 port 6081 - 0
[  191.587353][T15119] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 43036 - 0
[  191.591160][T15119] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 43036 - 0
[  191.593964][T15119] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 43036 - 0
[  191.596897][T15119] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 43036 - 0
[  191.605389][T15119] macvlan1: left allmulticast mode
[  191.607196][T15119] macvlan1: left promiscuous mode
[  191.670561][ T5862] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.021498][T15129] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  192.109632][ T5824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  192.112744][ T5824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  192.117567][ T5824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  192.120491][ T5824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  192.123160][ T5824] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  192.257326][T15136] lo speed is unknown, defaulting to 1000
[  192.357585][T15136] chnl_net:caif_netlink_parms(): no params data found
[  192.438333][T15136] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.440941][T15136] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.443254][T15136] bridge_slave_0: entered allmulticast mode
[  192.447027][T15136] bridge_slave_0: entered promiscuous mode
[  192.452228][T15136] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.455823][T15136] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.458116][T15136] bridge_slave_1: entered allmulticast mode
[  192.460802][T15136] bridge_slave_1: entered promiscuous mode
[  192.481552][T15136] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  192.488474][T15136] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  192.512661][T15136] team0: Port device team_slave_0 added
[  192.526400][T15136] team0: Port device team_slave_1 added
[  192.553762][T15166] rdma_op ffff88803039c1f0 conn xmit_rdma 0000000000000000
[  192.569494][T15136] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.574118][T15136] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.590328][T15136] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.596013][T15136] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.598274][T15136] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.608623][T15136] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.620803][T15165] lo speed is unknown, defaulting to 1000
[  192.651535][T15136] hsr_slave_0: entered promiscuous mode
[  192.657154][T15136] hsr_slave_1: entered promiscuous mode
[  192.660589][T15136] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  192.663070][T15136] Cannot create hsr debugfs directory
[  192.722864][ T5862] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.750256][T15170] syzkaller1: entered promiscuous mode
[  192.752261][T15170] syzkaller1: entered allmulticast mode
[  192.790175][ T5862] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.844909][ T5862] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.969776][ T5862] bridge_slave_1: left allmulticast mode
[  192.971613][ T5862] bridge_slave_1: left promiscuous mode
[  192.973555][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.980936][ T5862] bridge_slave_0: left allmulticast mode
[  192.982722][ T5862] bridge_slave_0: left promiscuous mode
[  192.984966][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.185953][ T5862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.191256][ T5862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.195682][ T5862] bond0 (unregistering): Released all slaves
[  193.321219][T15193] wg1: Master is either lo or non-ether device
[  193.403504][T15195] netlink: 'syz.0.3277': attribute type 1 has an invalid length.
[  193.425695][T15195] bond5 (unregistering): Released all slaves
[  193.637040][T15212] netlink: 'syz.0.3280': attribute type 3 has an invalid length.
[  193.639659][T15212] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3280'.
[  193.686217][T15215] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3281'.
[  193.717510][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  193.719646][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  193.751995][ T5862] hsr_slave_0: left promiscuous mode
[  193.755691][ T5862] hsr_slave_1: left promiscuous mode
[  193.757852][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.760354][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.763077][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.773109][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.783566][ T5862] veth1_macvtap: left promiscuous mode
[  193.785611][ T5862] veth0_macvtap: left promiscuous mode
[  193.788460][ T5862] veth1_vlan: left promiscuous mode
[  193.790160][ T5862] veth0_vlan: left promiscuous mode
[  193.814156][T15223] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3284'.
[  194.076706][ T5862] team0 (unregistering): Port device team_slave_1 removed
[  194.084992][T15229] openvswitch: netlink: Tunnel attr 16359 out of range max 16
[  194.099667][ T5862] team0 (unregistering): Port device team_slave_0 removed
[  194.208116][ T5824] Bluetooth: hci2: command tx timeout
[  194.346366][T15136] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  194.353339][T15136] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  194.379309][T15136] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  194.391121][T15136] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  194.502871][T15136] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.540241][T15136] 8021q: adding VLAN 0 to HW filter on device team0
[  194.547031][  T176] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.549480][  T176] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.558203][  T176] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.560621][  T176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.614075][T15252] netlink: 312 bytes leftover after parsing attributes in process `syz.2.3290'.
[  194.637960][T15256] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3292'.
[  194.770881][T15136] 8021q: adding VLAN 0 to HW filter on device batadv0
[  194.800558][T15136] veth0_vlan: entered promiscuous mode
[  194.816638][T15136] veth1_vlan: entered promiscuous mode
[  194.858354][T15272] netlink: 'syz.0.3296': attribute type 12 has an invalid length.
[  194.876950][T15136] veth0_macvtap: entered promiscuous mode
[  194.889981][T15136] veth1_macvtap: entered promiscuous mode
[  194.914687][T15136] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.927540][T15136] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.933373][T15136] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.938474][T15136] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.941258][T15136] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.944081][T15136] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.976642][T15276] netlink: 'syz.0.3298': attribute type 3 has an invalid length.
[  194.983264][T15276] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3298'.
[  195.041118][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.048379][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.085495][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.088050][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.126654][T15291] syzkaller1: entered promiscuous mode
[  195.128808][T15291] syzkaller1: entered allmulticast mode
[  195.168921][T15292] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  195.388046][T15302] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  195.390761][T15302] CPU: 1 UID: 0 PID: 15302 Comm: syz.2.3306 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  195.390774][T15302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  195.390780][T15302] Call Trace:
[  195.390785][T15302]  <TASK>
[  195.390790][T15302]  dump_stack_lvl+0x189/0x250
[  195.390809][T15302]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.390822][T15302]  ? __pfx__printk+0x10/0x10
[  195.390831][T15302]  ? kernfs_path_from_node+0x2c/0x260
[  195.390842][T15302]  ? kernfs_path_from_node+0x2c/0x260
[  195.390851][T15302]  ? kernfs_path_from_node+0x2c/0x260
[  195.390860][T15302]  ? kernfs_path_from_node+0x22c/0x260
[  195.390869][T15302]  ? kernfs_path_from_node+0x2c/0x260
[  195.390879][T15302]  sysfs_warn_dup+0x8e/0xa0
[  195.390888][T15302]  sysfs_do_create_link_sd+0xc0/0x110
[  195.390898][T15302]  device_add_class_symlinks+0x1cf/0x240
[  195.390909][T15302]  device_add+0x475/0xb50
[  195.390919][T15302]  wiphy_register+0x199a/0x26b0
[  195.390937][T15302]  ? __pfx_wiphy_register+0x10/0x10
[  195.390945][T15302]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  195.390957][T15302]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  195.390969][T15302]  ieee80211_register_hw+0x33e1/0x4120
[  195.390986][T15302]  ? ieee80211_register_hw+0x14b1/0x4120
[  195.391000][T15302]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  195.391012][T15302]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  195.391026][T15302]  ? __hrtimer_setup+0x187/0x210
[  195.391038][T15302]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  195.391049][T15302]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  195.391072][T15302]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  195.391083][T15302]  ? trace_kmalloc+0x1f/0xd0
[  195.391089][T15302]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  195.391097][T15302]  ? kstrndup+0xbf/0x160
[  195.391110][T15302]  hwsim_new_radio_nl+0xea4/0x1b10
[  195.391119][T15302]  ? __pfx___nla_validate_parse+0x10/0x10
[  195.391136][T15302]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  195.391148][T15302]  ? __nla_parse+0x40/0x60
[  195.391160][T15302]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  195.391175][T15302]  genl_family_rcv_msg_doit+0x215/0x300
[  195.391188][T15302]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  195.391204][T15302]  ? bpf_lsm_capable+0x9/0x20
[  195.391211][T15302]  ? security_capable+0x7e/0x2e0
[  195.391228][T15302]  genl_rcv_msg+0x60e/0x790
[  195.391254][T15302]  ? __pfx_genl_rcv_msg+0x10/0x10
[  195.391272][T15302]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  195.391295][T15302]  netlink_rcv_skb+0x208/0x470
[  195.391311][T15302]  ? __pfx_genl_rcv_msg+0x10/0x10
[  195.391330][T15302]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  195.391367][T15302]  ? down_read+0x1ad/0x2e0
[  195.391380][T15302]  genl_rcv+0x28/0x40
[  195.391391][T15302]  netlink_unicast+0x75b/0x8d0
[  195.391403][T15302]  netlink_sendmsg+0x805/0xb30
[  195.391416][T15302]  ? __pfx_netlink_sendmsg+0x10/0x10
[  195.391450][T15302]  ? aa_sock_msg_perm+0x94/0x160
[  195.391463][T15302]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  195.391473][T15302]  ? __pfx_netlink_sendmsg+0x10/0x10
[  195.391483][T15302]  __sock_sendmsg+0x21c/0x270
[  195.391499][T15302]  ____sys_sendmsg+0x505/0x830
[  195.391511][T15302]  ? __pfx_____sys_sendmsg+0x10/0x10
[  195.391524][T15302]  ? import_iovec+0x74/0xa0
[  195.391534][T15302]  ___sys_sendmsg+0x21f/0x2a0
[  195.391544][T15302]  ? __pfx____sys_sendmsg+0x10/0x10
[  195.391583][T15302]  ? __fget_files+0x2a/0x420
[  195.391593][T15302]  ? __fget_files+0x3a0/0x420
[  195.391606][T15302]  __x64_sys_sendmsg+0x19b/0x260
[  195.391616][T15302]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  195.391630][T15302]  ? rcu_is_watching+0x15/0xb0
[  195.391643][T15302]  ? do_syscall_64+0xbe/0x3b0
[  195.391653][T15302]  do_syscall_64+0xfa/0x3b0
[  195.391659][T15302]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.391672][T15302]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.391679][T15302]  ? exc_page_fault+0x9f/0xf0
[  195.391690][T15302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.391698][T15302] RIP: 0033:0x7fb89358e929
[  195.391706][T15302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.391713][T15302] RSP: 002b:00007fb8943d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.391723][T15302] RAX: ffffffffffffffda RBX: 00007fb8937b5fa0 RCX: 00007fb89358e929
[  195.391729][T15302] RDX: 000000002000c800 RSI: 0000200000000040 RDI: 0000000000000004
[  195.391734][T15302] RBP: 00007fb893610b39 R08: 0000000000000000 R09: 0000000000000000
[  195.391739][T15302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  195.391743][T15302] R13: 0000000000000000 R14: 00007fb8937b5fa0 R15: 00007ffc51d76228
[  195.391756][T15302]  </TASK>
[  195.693296][T15311] netlink: 'syz.2.3309': attribute type 3 has an invalid length.
[  195.697790][T15311] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3309'.
[  195.736697][T15313] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3310'.
[  195.862128][T15317] x_tables: ip6_tables: udplite match: only valid for protocol 136
[  195.866773][T15317] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  195.869100][T15317] IPv6: NLM_F_CREATE should be set when creating new route
[  195.871393][T15317] IPv6: NLM_F_CREATE should be set when creating new route
[  195.873655][T15317] IPv6: NLM_F_CREATE should be set when creating new route
[  195.879250][T15317] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  196.021109][T15324] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3315'.
[  196.024178][T15324] unsupported nlmsg_type 40
[  196.030094][T15324] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3315'.
[  196.089075][T15340] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  196.150911][T15345] wg1: Master is either lo or non-ether device
[  196.181244][T15347] dvmrp8: entered allmulticast mode
[  196.342179][T15353] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  197.004053][ T5689] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.739496][T15366] netlink: 'syz.0.3330': attribute type 1 has an invalid length.
[  197.742890][T15366] netlink: 'syz.0.3330': attribute type 10 has an invalid length.
[  197.849630][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  197.853372][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  197.859502][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  197.862887][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  197.866088][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  197.923902][T15377] wg1: Master is either lo or non-ether device
[  198.072574][T15371] lo speed is unknown, defaulting to 1000
[  198.168169][T15404] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  198.285135][T15371] chnl_net:caif_netlink_parms(): no params data found
[  198.362519][T15371] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.374637][T15371] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.377123][T15371] bridge_slave_0: entered allmulticast mode
[  198.380014][T15371] bridge_slave_0: entered promiscuous mode
[  198.399177][T15371] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.402265][T15371] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.405579][T15371] bridge_slave_1: entered allmulticast mode
[  198.409477][T15371] bridge_slave_1: entered promiscuous mode
[  198.435125][T15371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.439659][T15371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.470153][T15371] team0: Port device team_slave_0 added
[  198.473602][T15371] team0: Port device team_slave_1 added
[  198.491120][T15371] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.493791][T15371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.503648][T15371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.510831][T15371] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.513486][T15371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.522476][T15371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.558610][T15371] hsr_slave_0: entered promiscuous mode
[  198.561175][T15371] hsr_slave_1: entered promiscuous mode
[  198.563482][T15371] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  198.566075][T15371] Cannot create hsr debugfs directory
[  198.740818][T15425] lo speed is unknown, defaulting to 1000
[  198.887440][ T5689] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.947693][ T5689] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.000292][ T5689] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.118917][ T5689] bridge_slave_1: left allmulticast mode
[  199.121175][ T5689] bridge_slave_1: left promiscuous mode
[  199.124319][ T5689] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.131391][ T5689] bridge_slave_0: left allmulticast mode
[  199.133886][ T5689] bridge_slave_0: left promiscuous mode
[  199.139265][ T5689] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.451681][ T5689] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.457760][ T5689] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  199.461810][ T5689] bond0 (unregistering): Released all slaves
[  199.707495][T15448] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  199.813088][T15450] netlink: 'syz.2.3354': attribute type 6 has an invalid length.
[  199.820958][T15450] netlink: 'syz.2.3354': attribute type 7 has an invalid length.
[  199.823454][T15450] netlink: 'syz.2.3354': attribute type 8 has an invalid length.
[  199.874738][   T54] Bluetooth: hci2: command tx timeout
[  199.937159][ T5689] hsr_slave_0: left promiscuous mode
[  199.939207][ T5689] hsr_slave_1: left promiscuous mode
[  199.941182][ T5689] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.943602][ T5689] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.948511][ T5689] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.950935][ T5689] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.965703][ T5689] veth1_macvtap: left promiscuous mode
[  199.967505][ T5689] veth0_macvtap: left promiscuous mode
[  199.969317][ T5689] veth1_vlan: left promiscuous mode
[  199.971027][ T5689] veth0_vlan: left promiscuous mode
[  200.251511][T15468] netlink: 'syz.0.3356': attribute type 3 has an invalid length.
[  200.254224][T15468] __nla_validate_parse: 4 callbacks suppressed
[  200.254307][T15468] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3356'.
[  200.278741][ T5689] team0 (unregistering): Port device team_slave_1 removed
[  200.302049][ T5689] team0 (unregistering): Port device team_slave_0 removed
[  200.584221][T15371] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  200.589213][T15371] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  200.600155][T15371] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  200.611740][T15371] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  200.712697][T15371] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.762153][T15371] 8021q: adding VLAN 0 to HW filter on device team0
[  200.767344][ T1092] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.769721][ T1092] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.783185][ T1092] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.785518][ T1092] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.950039][T15371] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.026135][T15371] veth0_vlan: entered promiscuous mode
[  201.050631][T15371] veth1_vlan: entered promiscuous mode
[  201.095666][T15371] veth0_macvtap: entered promiscuous mode
[  201.102377][T15371] veth1_macvtap: entered promiscuous mode
[  201.130790][T15371] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.147095][T15371] batman_adv: batadv0: Interface activated: batadv_slave_1
[  201.151978][T15371] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.159835][T15371] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.163781][T15371] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.166761][T15371] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.283765][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.291359][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.323555][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.326872][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.444168][ T5824] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  201.448653][ T5824] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  201.451589][ T5824] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  201.456899][ T5824] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  201.459829][ T5824] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  201.609717][T15510] netlink: 'syz.0.3366': attribute type 1 has an invalid length.
[  201.612263][T15510] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3366'.
[  201.648027][T15507] lo speed is unknown, defaulting to 1000
[  201.701619][T15514] netlink: 'syz.0.3368': attribute type 2 has an invalid length.
[  201.708772][T15514] xt_connbytes: Forcing CT accounting to be enabled
[  201.711320][T15514] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  201.715769][T15514] __bpf_mt_check_bytecode: 23 callbacks suppressed
[  201.715778][T15514] xt_bpf: check failed: parse error
[  201.797810][T15522] netlink: 'syz.0.3370': attribute type 1 has an invalid length.
[  201.820578][T15522] 8021q: adding VLAN 0 to HW filter on device bond5
[  201.828386][T15507] chnl_net:caif_netlink_parms(): no params data found
[  201.907280][T15507] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.909651][T15507] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.912414][T15507] bridge_slave_0: entered allmulticast mode
[  201.917314][T15507] bridge_slave_0: entered promiscuous mode
[  201.925211][T15507] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.927575][T15507] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.929952][T15507] bridge_slave_1: entered allmulticast mode
[  201.933268][T15507] bridge_slave_1: entered promiscuous mode
[  201.961244][T15507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.966495][T15507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.984325][T15530] netlink: 'syz.0.3372': attribute type 3 has an invalid length.
[  201.987736][T15530] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3372'.
[  202.003529][T15507] team0: Port device team_slave_0 added
[  202.009371][T15507] team0: Port device team_slave_1 added
[  202.040151][T15507] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.043040][T15507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.055600][T15507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.062512][T15507] batman_adv: batadv0: Adding interface: batadv_slave_1
[  202.065637][T15507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.077061][T15507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.115814][T15507] hsr_slave_0: entered promiscuous mode
[  202.118203][T15507] hsr_slave_1: entered promiscuous mode
[  202.120376][T15507] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  202.122774][T15507] Cannot create hsr debugfs directory
[  202.141856][T15536] syzkaller1: entered promiscuous mode
[  202.143903][T15536] syzkaller1: entered allmulticast mode
[  202.363310][T15547] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3378'.
[  202.472719][T15550] netlink: 'syz.0.3379': attribute type 3 has an invalid length.
[  202.481981][T15550] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3379'.
[  202.524644][T15507] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  202.530581][T15507] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  202.547850][T15507] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  202.559547][T15507] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  202.582501][T15507] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.585523][T15507] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.588580][T15507] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.591503][T15507] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.606147][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.610751][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.667282][T15507] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.676716][T15507] 8021q: adding VLAN 0 to HW filter on device team0
[  202.681708][ T1092] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.683907][ T1092] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.689946][ T1092] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.692220][ T1092] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.812158][T15507] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.855712][T15507] veth0_vlan: entered promiscuous mode
[  202.867273][T15507] veth1_vlan: entered promiscuous mode
[  202.922006][T15507] veth0_macvtap: entered promiscuous mode
[  202.940329][T15507] veth1_macvtap: entered promiscuous mode
[  202.980074][ T5847] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.015204][T15507] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.021740][T15507] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.027043][T15507] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.030740][T15507] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.033513][T15507] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.036749][T15507] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.086201][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.088729][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.111338][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.113875][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.955122][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  203.964905][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  203.968872][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  203.977144][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  203.980771][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  204.161054][T15588] lo speed is unknown, defaulting to 1000
[  204.331088][T15588] chnl_net:caif_netlink_parms(): no params data found
[  204.352867][ T5847] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.376059][T15611] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  204.379286][T15611] netlink: 'syz.0.3396': attribute type 1 has an invalid length.
[  204.382630][T15611] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3396'.
[  204.387208][T15611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3396'.
[  204.397854][T15611] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3396'.
[  204.456557][ T5847] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.468989][T15588] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.471923][T15588] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.477669][T15588] bridge_slave_0: entered allmulticast mode
[  204.481779][T15588] bridge_slave_0: entered promiscuous mode
[  204.487809][T15588] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.490897][T15588] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.493991][T15588] bridge_slave_1: entered allmulticast mode
[  204.498711][T15588] bridge_slave_1: entered promiscuous mode
[  204.520982][ T5847] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.543931][T15588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  204.550454][T15588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  204.573386][T15588] team0: Port device team_slave_0 added
[  204.577991][T15588] team0: Port device team_slave_1 added
[  204.596555][T15588] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.598867][T15588] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.607548][T15588] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.622705][T15588] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.625700][T15588] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.633567][T15588] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.666564][T15588] hsr_slave_0: entered promiscuous mode
[  204.668830][T15588] hsr_slave_1: entered promiscuous mode
[  204.670944][T15588] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.673244][T15588] Cannot create hsr debugfs directory
[  204.761645][ T5847] bridge_slave_1: left allmulticast mode
[  204.764157][ T5847] bridge_slave_1: left promiscuous mode
[  204.767247][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.773110][ T5847] bridge_slave_0: left allmulticast mode
[  204.776067][ T5847] bridge_slave_0: left promiscuous mode
[  204.778704][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.004133][ T5847] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  205.008835][ T5847] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  205.012547][ T5847] bond0 (unregistering): Released all slaves
[  205.432533][T15629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3399'.
[  205.512960][T15629] bridge10: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  205.594784][ T5847] hsr_slave_0: left promiscuous mode
[  205.598007][ T5847] hsr_slave_1: left promiscuous mode
[  205.608982][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.611536][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.623938][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.627446][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.657871][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  205.661396][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  205.666286][ T5847] veth1_macvtap: left promiscuous mode
[  205.668600][ T5847] veth0_macvtap: left promiscuous mode
[  205.670393][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  205.672817][ T5847] veth1_vlan: left promiscuous mode
[  205.676354][ T5847] veth0_vlan: left promiscuous mode
[  205.678540][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  205.683878][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  205.948624][ T5847] team0 (unregistering): Port device team_slave_1 removed
[  205.971394][ T5847] team0 (unregistering): Port device team_slave_0 removed
[  206.045839][ T5824] Bluetooth: hci1: command tx timeout
[  206.277609][T15588] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  206.290783][T15588] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  206.300613][T15588] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  206.313312][T15588] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  206.393481][T15588] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.416880][T15588] 8021q: adding VLAN 0 to HW filter on device team0
[  206.422887][ T1086] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.425296][ T1086] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.438876][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.441608][ T1086] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.481967][T15641] lo speed is unknown, defaulting to 1000
[  206.510379][T15656] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  206.524192][T15656] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3403'.
[  206.579793][T15656] netlink: 'syz.0.3403': attribute type 1 has an invalid length.
[  206.610927][T15588] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.637588][T15641] chnl_net:caif_netlink_parms(): no params data found
[  206.668366][ T5847] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.760921][T15588] veth0_vlan: entered promiscuous mode
[  206.780283][ T5847] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.786547][T15641] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.789020][T15641] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.791873][T15641] bridge_slave_0: entered allmulticast mode
[  206.796075][T15641] bridge_slave_0: entered promiscuous mode
[  206.800606][T15641] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.802905][T15641] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.805460][T15641] bridge_slave_1: entered allmulticast mode
[  206.808087][T15641] bridge_slave_1: entered promiscuous mode
[  206.846207][ T5847] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.860396][T15641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.865218][T15641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.869580][T15588] veth1_vlan: entered promiscuous mode
[  206.905074][ T5847] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.913577][T15641] team0: Port device team_slave_0 added
[  206.920910][T15641] team0: Port device team_slave_1 added
[  206.940832][T15641] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.943135][T15641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.952792][T15641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.957638][T15641] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.960068][T15641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.970850][T15641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.008867][T15588] veth0_macvtap: entered promiscuous mode
[  207.014139][T15641] hsr_slave_0: entered promiscuous mode
[  207.017341][T15641] hsr_slave_1: entered promiscuous mode
[  207.019565][T15641] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  207.021985][T15641] Cannot create hsr debugfs directory
[  207.058112][T15588] veth1_macvtap: entered promiscuous mode
[  207.095182][ T5847] bridge_slave_1: left allmulticast mode
[  207.097100][ T5847] bridge_slave_1: left promiscuous mode
[  207.099016][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.103310][ T5847] bridge_slave_0: left allmulticast mode
[  207.105482][ T5847] bridge_slave_0: left promiscuous mode
[  207.107405][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.306772][ T5847] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.310991][ T5847] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.318998][ T5847] bond0 (unregistering): Released all slaves
[  207.329843][T15677] wg1: Master is either lo or non-ether device
[  207.338065][T15588] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.377327][T15588] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.426699][T15679] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  207.429190][T15679] CPU: 1 UID: 0 PID: 15679 Comm: syz.0.3408 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  207.429211][T15679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  207.429221][T15679] Call Trace:
[  207.429227][T15679]  <TASK>
[  207.429233][T15679]  dump_stack_lvl+0x189/0x250
[  207.429263][T15679]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.429285][T15679]  ? __pfx__printk+0x10/0x10
[  207.429302][T15679]  ? kernfs_path_from_node+0x2c/0x260
[  207.429318][T15679]  ? kernfs_path_from_node+0x2c/0x260
[  207.429330][T15679]  ? kernfs_path_from_node+0x2c/0x260
[  207.429346][T15679]  ? kernfs_path_from_node+0x22c/0x260
[  207.429360][T15679]  ? kernfs_path_from_node+0x2c/0x260
[  207.429385][T15679]  sysfs_warn_dup+0x8e/0xa0
[  207.429402][T15679]  sysfs_do_create_link_sd+0xc0/0x110
[  207.429444][T15679]  device_add_class_symlinks+0x1cf/0x240
[  207.429466][T15679]  device_add+0x475/0xb50
[  207.429484][T15679]  wiphy_register+0x199a/0x26b0
[  207.429515][T15679]  ? __pfx_wiphy_register+0x10/0x10
[  207.429529][T15679]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  207.429550][T15679]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  207.429572][T15679]  ieee80211_register_hw+0x33e1/0x4120
[  207.429606][T15679]  ? ieee80211_register_hw+0x14b1/0x4120
[  207.429629][T15679]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  207.429649][T15679]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  207.429674][T15679]  ? __hrtimer_setup+0x187/0x210
[  207.429692][T15679]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  207.429710][T15679]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  207.429755][T15679]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  207.429773][T15679]  ? trace_kmalloc+0x1f/0xd0
[  207.429784][T15679]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  207.429796][T15679]  ? kstrndup+0xbf/0x160
[  207.429821][T15679]  hwsim_new_radio_nl+0xea4/0x1b10
[  207.429839][T15679]  ? __pfx___nla_validate_parse+0x10/0x10
[  207.429870][T15679]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  207.429885][T15679]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  207.429912][T15679]  ? __nla_parse+0x40/0x60
[  207.429932][T15679]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  207.429957][T15679]  genl_family_rcv_msg_doit+0x215/0x300
[  207.429980][T15679]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  207.430009][T15679]  ? bpf_lsm_capable+0x9/0x20
[  207.430021][T15679]  ? security_capable+0x7e/0x2e0
[  207.430045][T15679]  genl_rcv_msg+0x60e/0x790
[  207.430070][T15679]  ? __pfx_genl_rcv_msg+0x10/0x10
[  207.430087][T15679]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  207.430111][T15679]  netlink_rcv_skb+0x208/0x470
[  207.430126][T15679]  ? __pfx_genl_rcv_msg+0x10/0x10
[  207.430146][T15679]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  207.430174][T15679]  ? down_read+0x1ad/0x2e0
[  207.430189][T15679]  genl_rcv+0x28/0x40
[  207.430205][T15679]  netlink_unicast+0x75b/0x8d0
[  207.430227][T15679]  netlink_sendmsg+0x805/0xb30
[  207.430249][T15679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.430266][T15679]  ? aa_sock_msg_perm+0x94/0x160
[  207.430284][T15679]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  207.430300][T15679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.430315][T15679]  __sock_sendmsg+0x21c/0x270
[  207.430337][T15679]  ____sys_sendmsg+0x505/0x830
[  207.430357][T15679]  ? __pfx_____sys_sendmsg+0x10/0x10
[  207.430386][T15679]  ? import_iovec+0x74/0xa0
[  207.430402][T15679]  ___sys_sendmsg+0x21f/0x2a0
[  207.430443][T15679]  ? __pfx____sys_sendmsg+0x10/0x10
[  207.430492][T15679]  ? __fget_files+0x2a/0x420
[  207.430507][T15679]  ? __fget_files+0x3a0/0x420
[  207.430530][T15679]  __x64_sys_sendmsg+0x19b/0x260
[  207.430550][T15679]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  207.430575][T15679]  ? rcu_is_watching+0x15/0xb0
[  207.430598][T15679]  ? do_syscall_64+0xbe/0x3b0
[  207.430614][T15679]  do_syscall_64+0xfa/0x3b0
[  207.430624][T15679]  ? lockdep_hardirqs_on+0x9c/0x150
[  207.430641][T15679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.430655][T15679]  ? exc_page_fault+0x9f/0xf0
[  207.430674][T15679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.430687][T15679] RIP: 0033:0x7f777ef8e929
[  207.430701][T15679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.430713][T15679] RSP: 002b:00007f777fdce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  207.430728][T15679] RAX: ffffffffffffffda RBX: 00007f777f1b5fa0 RCX: 00007f777ef8e929
[  207.430737][T15679] RDX: 000000002000c800 RSI: 0000200000000040 RDI: 0000000000000004
[  207.430747][T15679] RBP: 00007f777f010b39 R08: 0000000000000000 R09: 0000000000000000
[  207.430756][T15679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  207.430764][T15679] R13: 0000000000000000 R14: 00007f777f1b5fa0 R15: 00007fffe4b2fd38
[  207.430785][T15679]  </TASK>
[  207.600684][T15588] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.603499][T15588] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.606927][T15588] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.609923][T15588] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.708754][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.711287][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.724681][ T5824] Bluetooth: hci2: command tx timeout
[  207.729528][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.732079][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.971335][ T5847] hsr_slave_0: left promiscuous mode
[  207.974188][ T5847] hsr_slave_1: left promiscuous mode
[  207.979768][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  207.982526][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_0
[  207.985366][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  207.987759][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.000340][ T5847] veth1_macvtap: left promiscuous mode
[  208.002315][ T5847] veth0_macvtap: left promiscuous mode
[  208.004210][ T5847] veth1_vlan: left promiscuous mode
[  208.006763][ T5847] veth0_vlan: left promiscuous mode
[  208.293559][ T5847] team0 (unregistering): Port device team_slave_1 removed
[  208.321357][ T5847] team0 (unregistering): Port device team_slave_0 removed
[  208.721217][T15698] wg1: Master is either lo or non-ether device
[  208.817367][T15701] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3415'.
[  208.831748][T15641] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  208.849505][T15641] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  208.877386][T15641] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  208.900545][T15641] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  208.972310][T15716] netlink: 'syz.0.3416': attribute type 10 has an invalid length.
[  209.040696][T15641] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.092670][ T5847] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.126982][T15641] 8021q: adding VLAN 0 to HW filter on device team0
[  209.133450][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.135758][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.148218][ T1089] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.150602][ T1089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.278877][T15641] 8021q: adding VLAN 0 to HW filter on device batadv0
[  209.309556][T15641] veth0_vlan: entered promiscuous mode
[  209.316132][T15641] veth1_vlan: entered promiscuous mode
[  209.337981][T15641] veth0_macvtap: entered promiscuous mode
[  209.343661][T15641] veth1_macvtap: entered promiscuous mode
[  209.357164][T15641] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.367713][T15641] batman_adv: batadv0: Interface activated: batadv_slave_1
[  209.374666][T15641] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.378087][T15641] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.381737][T15641] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.385763][T15641] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  209.455483][  T176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  209.458856][  T176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  209.489717][  T176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  209.493123][  T176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.077509][T15729] lo speed is unknown, defaulting to 1000
[  210.097268][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  210.100597][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  210.103209][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  210.106456][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  210.108911][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  210.260115][T15733] lo speed is unknown, defaulting to 1000
[  210.458513][ T5847] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.507097][T15733] chnl_net:caif_netlink_parms(): no params data found
[  210.595977][ T5847] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.601327][T15733] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.603717][T15733] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.607807][T15733] bridge_slave_0: entered allmulticast mode
[  210.611781][T15733] bridge_slave_0: entered promiscuous mode
[  210.628694][T15733] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.631566][T15733] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.633854][T15733] bridge_slave_1: entered allmulticast mode
[  210.636706][T15733] bridge_slave_1: entered promiscuous mode
[  210.662085][ T5847] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.693987][T15733] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.712635][T15733] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.736799][T15733] team0: Port device team_slave_0 added
[  210.740907][T15733] team0: Port device team_slave_1 added
[  210.743067][T15753] wg1: Master is either lo or non-ether device
[  210.784020][T15733] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.787061][T15733] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.799279][T15733] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.805913][T15733] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.808692][T15733] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.822334][T15733] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.895220][T15733] hsr_slave_0: entered promiscuous mode
[  210.897568][T15733] hsr_slave_1: entered promiscuous mode
[  210.899648][T15733] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  210.902044][T15733] Cannot create hsr debugfs directory
[  210.913981][ T5847] bridge_slave_1: left allmulticast mode
[  210.916030][ T5847] bridge_slave_1: left promiscuous mode
[  210.917912][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.921580][ T5847] bridge_slave_0: left allmulticast mode
[  210.923495][ T5847] bridge_slave_0: left promiscuous mode
[  210.925751][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.959497][T15759] netlink: 'syz.0.3424': attribute type 1 has an invalid length.
[  210.962073][T15759] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3424'.
[  211.177560][ T5847] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.183184][ T5847] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.188498][ T5847] bond0 (unregistering): Released all slaves
[  211.309316][T15770] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3427'.
[  211.687940][ T5847] hsr_slave_0: left promiscuous mode
[  211.699397][ T5847] hsr_slave_1: left promiscuous mode
[  211.705980][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.708290][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_0
[  211.715993][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  211.718376][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_1
[  211.755478][ T5847] veth1_macvtap: left promiscuous mode
[  211.757248][ T5847] veth0_macvtap: left promiscuous mode
[  211.759022][ T5847] veth1_vlan: left promiscuous mode
[  211.761341][ T5847] veth0_vlan: left promiscuous mode
[  211.773479][ T5824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  211.778161][ T5824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  211.781156][ T5824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  211.786318][ T5824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  211.788912][ T5824] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  212.022282][ T5847] team0 (unregistering): Port device team_slave_1 removed
[  212.044060][ T5847] team0 (unregistering): Port device team_slave_0 removed
[  212.114801][ T5824] Bluetooth: hci1: command tx timeout
[  212.341574][T15794] bridge12: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  212.493737][T15733] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  212.519654][T15733] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  212.535817][T15733] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  212.552231][T15733] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  212.558267][T15791] lo speed is unknown, defaulting to 1000
[  212.697263][ T5847] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.708567][T15819] team0: Refused to change device type
[  212.773653][T15733] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.779480][T15791] chnl_net:caif_netlink_parms(): no params data found
[  212.828236][T15733] 8021q: adding VLAN 0 to HW filter on device team0
[  212.858767][ T5847] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.882640][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.885064][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.948595][T15791] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.952177][T15791] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.956553][T15791] bridge_slave_0: entered allmulticast mode
[  212.959235][T15791] bridge_slave_0: entered promiscuous mode
[  212.963403][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.965730][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.981891][ T5847] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.995413][T15791] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.998207][T15791] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.001126][T15791] bridge_slave_1: entered allmulticast mode
[  213.012002][T15791] bridge_slave_1: entered promiscuous mode
[  213.053860][ T5847] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.092744][T15791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.100069][T15733] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  213.102346][T15839] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3441'.
[  213.103297][T15733] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  213.117366][T15791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.124053][T15839] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3441'.
[  213.176485][T15791] team0: Port device team_slave_0 added
[  213.181234][T15791] team0: Port device team_slave_1 added
[  213.236681][T15843] IPv6: syztnl1: Disabled Multicast RS
[  213.257562][T15791] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.260462][T15791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.271318][T15791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.289506][T15791] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.293282][T15791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.307513][T15791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.353212][ T5847] bridge_slave_1: left allmulticast mode
[  213.358403][ T5847] bridge_slave_1: left promiscuous mode
[  213.363501][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.368183][ T5847] bridge_slave_0: left allmulticast mode
[  213.370022][ T5847] bridge_slave_0: left promiscuous mode
[  213.371910][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.644318][ T5847] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  213.650704][ T5847] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  213.656103][ T5847] bond0 (unregistering): Released all slaves
[  213.716496][T15791] hsr_slave_0: entered promiscuous mode
[  213.718814][T15791] hsr_slave_1: entered promiscuous mode
[  213.721181][T15791] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.723521][T15791] Cannot create hsr debugfs directory
[  213.730882][T15850] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  213.734132][T15850] CPU: 1 UID: 0 PID: 15850 Comm: syz.0.3444 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  213.734152][T15850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  213.734160][T15850] Call Trace:
[  213.734168][T15850]  <TASK>
[  213.734176][T15850]  dump_stack_lvl+0x189/0x250
[  213.734204][T15850]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.734224][T15850]  ? __pfx__printk+0x10/0x10
[  213.734239][T15850]  ? kernfs_path_from_node+0x2c/0x260
[  213.734256][T15850]  ? kernfs_path_from_node+0x2c/0x260
[  213.734270][T15850]  ? kernfs_path_from_node+0x2c/0x260
[  213.734287][T15850]  ? kernfs_path_from_node+0x22c/0x260
[  213.734300][T15850]  ? kernfs_path_from_node+0x2c/0x260
[  213.734318][T15850]  sysfs_warn_dup+0x8e/0xa0
[  213.734334][T15850]  sysfs_do_create_link_sd+0xc0/0x110
[  213.734350][T15850]  device_add_class_symlinks+0x1cf/0x240
[  213.734389][T15850]  device_add+0x475/0xb50
[  213.734407][T15850]  wiphy_register+0x199a/0x26b0
[  213.734468][T15850]  ? __pfx_wiphy_register+0x10/0x10
[  213.734483][T15850]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  213.734512][T15850]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  213.734533][T15850]  ieee80211_register_hw+0x33e1/0x4120
[  213.734564][T15850]  ? ieee80211_register_hw+0x14b1/0x4120
[  213.734588][T15850]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  213.734608][T15850]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  213.734633][T15850]  ? __hrtimer_setup+0x187/0x210
[  213.734651][T15850]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  213.734669][T15850]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  213.734712][T15850]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  213.734731][T15850]  ? trace_kmalloc+0x1f/0xd0
[  213.734741][T15850]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  213.734753][T15850]  ? kstrndup+0xbf/0x160
[  213.734776][T15850]  hwsim_new_radio_nl+0xea4/0x1b10
[  213.734791][T15850]  ? __pfx___nla_validate_parse+0x10/0x10
[  213.734820][T15850]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  213.734837][T15850]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  213.734863][T15850]  ? __nla_parse+0x40/0x60
[  213.734883][T15850]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  213.734908][T15850]  genl_family_rcv_msg_doit+0x215/0x300
[  213.734932][T15850]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  213.734960][T15850]  ? bpf_lsm_capable+0x9/0x20
[  213.734971][T15850]  ? security_capable+0x7e/0x2e0
[  213.734992][T15850]  genl_rcv_msg+0x60e/0x790
[  213.735015][T15850]  ? __pfx_genl_rcv_msg+0x10/0x10
[  213.735032][T15850]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  213.735057][T15850]  netlink_rcv_skb+0x208/0x470
[  213.735072][T15850]  ? __pfx_genl_rcv_msg+0x10/0x10
[  213.735090][T15850]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  213.735119][T15850]  ? down_read+0x1ad/0x2e0
[  213.735133][T15850]  genl_rcv+0x28/0x40
[  213.735149][T15850]  netlink_unicast+0x75b/0x8d0
[  213.735171][T15850]  netlink_sendmsg+0x805/0xb30
[  213.735193][T15850]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.735212][T15850]  ? aa_sock_msg_perm+0x94/0x160
[  213.735229][T15850]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  213.735245][T15850]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.735260][T15850]  __sock_sendmsg+0x21c/0x270
[  213.735281][T15850]  ____sys_sendmsg+0x505/0x830
[  213.735302][T15850]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.735326][T15850]  ? import_iovec+0x74/0xa0
[  213.735341][T15850]  ___sys_sendmsg+0x21f/0x2a0
[  213.735358][T15850]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.735399][T15850]  ? __fget_files+0x2a/0x420
[  213.735413][T15850]  ? __fget_files+0x3a0/0x420
[  213.735467][T15850]  __x64_sys_sendmsg+0x19b/0x260
[  213.735486][T15850]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  213.735518][T15850]  ? rcu_is_watching+0x15/0xb0
[  213.735541][T15850]  ? do_syscall_64+0xbe/0x3b0
[  213.735557][T15850]  do_syscall_64+0xfa/0x3b0
[  213.735568][T15850]  ? lockdep_hardirqs_on+0x9c/0x150
[  213.735586][T15850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.735600][T15850]  ? exc_page_fault+0x9f/0xf0
[  213.735620][T15850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.735633][T15850] RIP: 0033:0x7f777ef8e929
[  213.735646][T15850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.735658][T15850] RSP: 002b:00007f777fdce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.735672][T15850] RAX: ffffffffffffffda RBX: 00007f777f1b5fa0 RCX: 00007f777ef8e929
[  213.735682][T15850] RDX: 000000002000c800 RSI: 0000200000000040 RDI: 0000000000000004
[  213.735690][T15850] RBP: 00007f777f010b39 R08: 0000000000000000 R09: 0000000000000000
[  213.735698][T15850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.735706][T15850] R13: 0000000000000000 R14: 00007f777f1b5fa0 R15: 00007fffe4b2fd38
[  213.735730][T15850]  </TASK>
[  213.923850][ T5824] Bluetooth: hci2: command tx timeout
[  213.960834][T15733] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.151500][T15733] veth0_vlan: entered promiscuous mode
[  214.195393][ T5824] Bluetooth: hci1: command tx timeout
[  214.223383][T15733] veth1_vlan: entered promiscuous mode
[  214.263077][T15733] veth0_macvtap: entered promiscuous mode
[  214.319382][ T5847] hsr_slave_0: left promiscuous mode
[  214.322216][ T5847] hsr_slave_1: left promiscuous mode
[  214.324324][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.333659][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.348479][ T5847] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.356972][ T5847] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.367506][ T5847] veth1_macvtap: left promiscuous mode
[  214.369641][ T5847] veth0_macvtap: left promiscuous mode
[  214.371807][ T5847] veth1_vlan: left promiscuous mode
[  214.374061][ T5847] veth0_vlan: left promiscuous mode
[  214.392366][T15870] netlink: 'syz.0.3449': attribute type 3 has an invalid length.
[  214.395118][T15870] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3449'.
[  214.650865][ T5847] team0 (unregistering): Port device team_slave_1 removed
[  214.672268][ T5847] team0 (unregistering): Port device team_slave_0 removed
[  214.954922][T15733] veth1_macvtap: entered promiscuous mode
[  214.997161][T15733] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.042117][T15733] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.056330][T15733] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.059063][T15733] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.061733][T15733] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.076658][T15733] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.192619][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.200025][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.237700][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.240841][T15791] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  215.243774][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.274880][T15791] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  215.288091][T15791] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  215.314979][T15791] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  215.457703][T15791] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.473963][T15791] 8021q: adding VLAN 0 to HW filter on device team0
[  215.482331][  T176] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.485466][  T176] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.496561][  T176] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.499537][  T176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.608564][T15914] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  215.611475][T15914] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  215.629351][T15791] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.665972][T15791] veth0_vlan: entered promiscuous mode
[  215.673869][T15791] veth1_vlan: entered promiscuous mode
[  215.702284][T15791] veth0_macvtap: entered promiscuous mode
[  215.709827][T15916] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3457'.
[  215.710227][T15791] veth1_macvtap: entered promiscuous mode
[  215.728997][T15791] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.739363][T15791] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.747451][T15791] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.750928][T15791] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.756279][T15791] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.759900][T15791] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.818643][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.822808][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.842100][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.847125][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.429968][T14334] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.865517][T14334] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.009020][T14334] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.086265][T14334] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.194101][T14334] bridge_slave_1: left allmulticast mode
[  217.196400][T14334] bridge_slave_1: left promiscuous mode
[  217.198308][T14334] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.203287][T14334] bridge_slave_0: left allmulticast mode
[  217.205624][T14334] bridge_slave_0: left promiscuous mode
[  217.207591][T14334] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.452581][T14334] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  217.459070][T14334] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  217.464745][T14334] bond0 (unregistering): Released all slaves
[  217.615771][T15928] wg1: Master is either lo or non-ether device
[  217.701754][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  217.708222][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  217.710812][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  217.714287][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  217.719492][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  217.949676][T14334] hsr_slave_0: left promiscuous mode
[  217.954680][T14334] hsr_slave_1: left promiscuous mode
[  217.956764][T14334] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.959172][T14334] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.976089][T14334] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.978488][T14334] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.999008][T14334] veth1_macvtap: left promiscuous mode
[  218.001108][T14334] veth0_macvtap: left promiscuous mode
[  218.003599][T14334] veth1_vlan: left promiscuous mode
[  218.014211][T14334] veth0_vlan: left promiscuous mode
[  218.312692][T14334] team0 (unregistering): Port device team_slave_1 removed
[  218.333600][T14334] team0 (unregistering): Port device team_slave_0 removed
[  218.536350][ T5824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  218.541912][ T5824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  218.547222][ T5824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  218.549845][ T5824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  218.553894][ T5824] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  218.659775][T15933] lo speed is unknown, defaulting to 1000
[  218.853127][T15957] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3463'.
[  218.857537][T15957] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3463'.
[  218.864590][T15957] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3463'.
[  218.868202][T15957] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3463'.
[  218.962522][T15933] chnl_net:caif_netlink_parms(): no params data found
[  218.986791][T15948] lo speed is unknown, defaulting to 1000
[  219.056831][T15968] syzkaller1: entered promiscuous mode
[  219.058691][T15968] syzkaller1: entered allmulticast mode
[  219.105255][T15933] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.107640][T15933] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.109934][T15933] bridge_slave_0: entered allmulticast mode
[  219.114047][T15933] bridge_slave_0: entered promiscuous mode
[  219.118168][T15933] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.120408][T15933] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.122625][T15933] bridge_slave_1: entered allmulticast mode
[  219.127775][T15933] bridge_slave_1: entered promiscuous mode
[  219.183911][T15933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.242564][T15933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.262467][T14334] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.299572][T15948] chnl_net:caif_netlink_parms(): no params data found
[  219.325522][T15933] team0: Port device team_slave_0 added
[  219.332797][T15933] team0: Port device team_slave_1 added
[  219.421280][T14334] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.429002][T15933] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.431518][T15933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.440190][T15933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.444068][T15948] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.447038][T15948] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.449845][T15948] bridge_slave_0: entered allmulticast mode
[  219.452587][T15948] bridge_slave_0: entered promiscuous mode
[  219.456149][T15933] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.458448][T15933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.469117][T15933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  219.473084][T15948] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.479338][T15948] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.483111][T15948] bridge_slave_1: entered allmulticast mode
[  219.487327][T15948] bridge_slave_1: entered promiscuous mode
[  219.501359][T14334] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.527572][T15948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.532402][T15948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.572325][T14334] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.581017][T15933] hsr_slave_0: entered promiscuous mode
[  219.583343][T15933] hsr_slave_1: entered promiscuous mode
[  219.586615][T15933] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  219.589323][T15933] Cannot create hsr debugfs directory
[  219.611577][T15948] team0: Port device team_slave_0 added
[  219.628919][T15948] team0: Port device team_slave_1 added
[  219.655227][T15948] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.657649][T15948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.666486][T15948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.682386][T15948] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.686479][T15948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.694997][T15948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  219.789397][T15948] hsr_slave_0: entered promiscuous mode
[  219.791821][T15948] hsr_slave_1: entered promiscuous mode
[  219.794262][T15948] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  219.796816][   T54] Bluetooth: hci1: command tx timeout
[  219.799014][T15948] Cannot create hsr debugfs directory
[  219.807947][T14334] bridge_slave_1: left allmulticast mode
[  219.812153][T14334] bridge_slave_1: left promiscuous mode
[  219.814205][T14334] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.818721][T14334] bridge_slave_0: left allmulticast mode
[  219.820609][T14334] bridge_slave_0: left promiscuous mode
[  219.822560][T14334] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.041950][T14334] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  220.046266][T14334] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  220.049908][T14334] bond0 (unregistering): Released all slaves
[  220.104250][T15995] xt_hashlimit: overflow, rate too high: 1125899906842624
[  220.368772][T16009] netlink: 'syz.0.3471': attribute type 3 has an invalid length.
[  220.373465][T16009] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3471'.
[  220.542254][T14334] hsr_slave_0: left promiscuous mode
[  220.553512][T14334] hsr_slave_1: left promiscuous mode
[  220.555846][T14334] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  220.558292][T14334] batman_adv: batadv0: Removing interface: batadv_slave_0
[  220.562218][T14334] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.564850][T14334] batman_adv: batadv0: Removing interface: batadv_slave_1
[  220.578356][T14334] veth1_macvtap: left promiscuous mode
[  220.580649][T14334] veth0_macvtap: left promiscuous mode
[  220.582893][T14334] veth1_vlan: left promiscuous mode
[  220.584743][T14334] veth0_vlan: left promiscuous mode
[  220.594678][   T54] Bluetooth: hci2: command tx timeout
[  220.858358][T14334] team0 (unregistering): Port device team_slave_1 removed
[  220.881101][T14334] team0 (unregistering): Port device team_slave_0 removed
[  221.125693][T16018] syzkaller1: entered promiscuous mode
[  221.127597][T16018] syzkaller1: entered allmulticast mode
[  221.528322][T15933] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  221.537565][T15933] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  221.543012][T15933] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  221.559897][T15933] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  221.598644][T15948] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  221.616037][T15948] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  221.621005][T15948] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  221.630569][T15948] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  221.698203][T15933] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.734705][T15933] 8021q: adding VLAN 0 to HW filter on device team0
[  221.741685][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.744756][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.763655][T15948] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.768288][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.770730][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.805740][T15948] 8021q: adding VLAN 0 to HW filter on device team0
[  221.820519][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.822934][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.839896][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.842365][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.874702][   T54] Bluetooth: hci1: command tx timeout
[  221.997732][T15933] 8021q: adding VLAN 0 to HW filter on device batadv0
[  222.033302][T15933] veth0_vlan: entered promiscuous mode
[  222.039256][T15948] 8021q: adding VLAN 0 to HW filter on device batadv0
[  222.048386][T15933] veth1_vlan: entered promiscuous mode
[  222.091096][T15948] veth0_vlan: entered promiscuous mode
[  222.098748][T15948] veth1_vlan: entered promiscuous mode
[  222.102372][T15933] veth0_macvtap: entered promiscuous mode
[  222.110883][T15933] veth1_macvtap: entered promiscuous mode
[  222.134687][T15948] veth0_macvtap: entered promiscuous mode
[  222.138681][T15933] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.142976][T15933] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.148688][T15933] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.151469][T15933] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.154210][T15933] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.158222][T15933] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.171505][T15948] veth1_macvtap: entered promiscuous mode
[  222.213472][T15948] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.228708][T15948] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.238767][T15948] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.241536][T15948] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.244313][T15948] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.248880][T15948] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.290127][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.292692][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.336842][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.346105][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.373304][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.389805][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.438650][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.441403][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.611484][T16100] wg1: Master is either lo or non-ether device
[  222.650347][T16105] syzkaller1: entered promiscuous mode
[  222.652232][T16105] syzkaller1: entered allmulticast mode
[  223.562607][T16113] syzkaller1: entered promiscuous mode
[  223.566115][T16113] syzkaller1: entered allmulticast mode
[  223.720544][T16115] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  223.723592][T16115] CPU: 0 UID: 0 PID: 16115 Comm: syz.0.3480 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  223.723609][T16115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.723618][T16115] Call Trace:
[  223.723624][T16115]  <TASK>
[  223.723631][T16115]  dump_stack_lvl+0x189/0x250
[  223.723658][T16115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.723678][T16115]  ? __pfx__printk+0x10/0x10
[  223.723693][T16115]  ? kernfs_path_from_node+0x2c/0x260
[  223.723708][T16115]  ? kernfs_path_from_node+0x2c/0x260
[  223.723721][T16115]  ? kernfs_path_from_node+0x2c/0x260
[  223.723735][T16115]  ? kernfs_path_from_node+0x22c/0x260
[  223.723747][T16115]  ? kernfs_path_from_node+0x2c/0x260
[  223.723762][T16115]  sysfs_warn_dup+0x8e/0xa0
[  223.723774][T16115]  sysfs_do_create_link_sd+0xc0/0x110
[  223.723788][T16115]  device_add_class_symlinks+0x1cf/0x240
[  223.723804][T16115]  device_add+0x475/0xb50
[  223.723819][T16115]  wiphy_register+0x199a/0x26b0
[  223.723847][T16115]  ? __pfx_wiphy_register+0x10/0x10
[  223.723861][T16115]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  223.723880][T16115]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  223.723897][T16115]  ieee80211_register_hw+0x33e1/0x4120
[  223.723920][T16115]  ? ieee80211_register_hw+0x14b1/0x4120
[  223.723937][T16115]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  223.723953][T16115]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.723972][T16115]  ? __hrtimer_setup+0x187/0x210
[  223.723988][T16115]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  223.724003][T16115]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  223.724041][T16115]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  223.724056][T16115]  ? trace_kmalloc+0x1f/0xd0
[  223.724065][T16115]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  223.724075][T16115]  ? kstrndup+0xbf/0x160
[  223.724094][T16115]  hwsim_new_radio_nl+0xea4/0x1b10
[  223.724108][T16115]  ? __pfx___nla_validate_parse+0x10/0x10
[  223.724132][T16115]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  223.724153][T16115]  ? __nla_parse+0x40/0x60
[  223.724173][T16115]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  223.724195][T16115]  genl_family_rcv_msg_doit+0x215/0x300
[  223.724217][T16115]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  223.724241][T16115]  ? bpf_lsm_capable+0x9/0x20
[  223.724251][T16115]  ? security_capable+0x7e/0x2e0
[  223.724271][T16115]  genl_rcv_msg+0x60e/0x790
[  223.724293][T16115]  ? __pfx_genl_rcv_msg+0x10/0x10
[  223.724307][T16115]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  223.724325][T16115]  netlink_rcv_skb+0x208/0x470
[  223.724338][T16115]  ? __pfx_genl_rcv_msg+0x10/0x10
[  223.724353][T16115]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.724406][T16115]  ? down_read+0x1ad/0x2e0
[  223.724445][T16115]  genl_rcv+0x28/0x40
[  223.724462][T16115]  netlink_unicast+0x75b/0x8d0
[  223.724481][T16115]  netlink_sendmsg+0x805/0xb30
[  223.724500][T16115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.724522][T16115]  ? aa_sock_msg_perm+0x94/0x160
[  223.724540][T16115]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  223.724555][T16115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.724567][T16115]  __sock_sendmsg+0x21c/0x270
[  223.724585][T16115]  ____sys_sendmsg+0x505/0x830
[  223.724600][T16115]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.724621][T16115]  ? import_iovec+0x74/0xa0
[  223.724636][T16115]  ___sys_sendmsg+0x21f/0x2a0
[  223.724652][T16115]  ? __pfx____sys_sendmsg+0x10/0x10
[  223.724688][T16115]  ? __fget_files+0x2a/0x420
[  223.724700][T16115]  ? __fget_files+0x3a0/0x420
[  223.724719][T16115]  __x64_sys_sendmsg+0x19b/0x260
[  223.724733][T16115]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  223.724752][T16115]  ? rcu_is_watching+0x15/0xb0
[  223.724772][T16115]  ? do_syscall_64+0xbe/0x3b0
[  223.724785][T16115]  do_syscall_64+0xfa/0x3b0
[  223.724794][T16115]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.724808][T16115]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.724820][T16115]  ? exc_page_fault+0x9f/0xf0
[  223.724837][T16115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.724848][T16115] RIP: 0033:0x7f777ef8e929
[  223.724860][T16115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.724870][T16115] RSP: 002b:00007f777fdce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.724885][T16115] RAX: ffffffffffffffda RBX: 00007f777f1b5fa0 RCX: 00007f777ef8e929
[  223.724894][T16115] RDX: 000000002000c800 RSI: 0000200000000040 RDI: 0000000000000004
[  223.724902][T16115] RBP: 00007f777f010b39 R08: 0000000000000000 R09: 0000000000000000
[  223.724909][T16115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.724917][T16115] R13: 0000000000000000 R14: 00007f777f1b5fa0 R15: 00007fffe4b2fd38
[  223.724935][T16115]  </TASK>
[  224.136711][T16134] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3486'.
[  224.153408][T16134] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3486'.
[  224.191838][ T5862] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.370934][T16137] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  224.374131][T16137] CPU: 1 UID: 0 PID: 16137 Comm: syz.0.3487 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  224.374151][T16137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  224.374160][T16137] Call Trace:
[  224.374166][T16137]  <TASK>
[  224.374174][T16137]  dump_stack_lvl+0x189/0x250
[  224.374206][T16137]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.374228][T16137]  ? __pfx__printk+0x10/0x10
[  224.374245][T16137]  ? kernfs_path_from_node+0x2c/0x260
[  224.374261][T16137]  ? kernfs_path_from_node+0x2c/0x260
[  224.374281][T16137]  ? kernfs_path_from_node+0x2c/0x260
[  224.374297][T16137]  ? kernfs_path_from_node+0x22c/0x260
[  224.374311][T16137]  ? kernfs_path_from_node+0x2c/0x260
[  224.374329][T16137]  sysfs_warn_dup+0x8e/0xa0
[  224.374345][T16137]  sysfs_do_create_link_sd+0xc0/0x110
[  224.374382][T16137]  device_add_class_symlinks+0x1cf/0x240
[  224.374401][T16137]  device_add+0x475/0xb50
[  224.374444][T16137]  wiphy_register+0x199a/0x26b0
[  224.374494][T16137]  ? __pfx_wiphy_register+0x10/0x10
[  224.374511][T16137]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  224.374533][T16137]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  224.374554][T16137]  ieee80211_register_hw+0x33e1/0x4120
[  224.374587][T16137]  ? ieee80211_register_hw+0x14b1/0x4120
[  224.374613][T16137]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  224.374634][T16137]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  224.374661][T16137]  ? __hrtimer_setup+0x187/0x210
[  224.374677][T16137]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  224.374695][T16137]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  224.374735][T16137]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  224.374753][T16137]  ? trace_kmalloc+0x1f/0xd0
[  224.374764][T16137]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  224.374776][T16137]  ? kstrndup+0xbf/0x160
[  224.374799][T16137]  hwsim_new_radio_nl+0xea4/0x1b10
[  224.374814][T16137]  ? __pfx___nla_validate_parse+0x10/0x10
[  224.374843][T16137]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  224.374866][T16137]  ? __nla_parse+0x40/0x60
[  224.374889][T16137]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  224.374919][T16137]  genl_family_rcv_msg_doit+0x215/0x300
[  224.374945][T16137]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  224.374977][T16137]  ? bpf_lsm_capable+0x9/0x20
[  224.374990][T16137]  ? security_capable+0x7e/0x2e0
[  224.375011][T16137]  genl_rcv_msg+0x60e/0x790
[  224.375034][T16137]  ? __pfx_genl_rcv_msg+0x10/0x10
[  224.375052][T16137]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  224.375076][T16137]  netlink_rcv_skb+0x208/0x470
[  224.375092][T16137]  ? __pfx_genl_rcv_msg+0x10/0x10
[  224.375111][T16137]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  224.375140][T16137]  ? down_read+0x1ad/0x2e0
[  224.375156][T16137]  genl_rcv+0x28/0x40
[  224.375172][T16137]  netlink_unicast+0x75b/0x8d0
[  224.375194][T16137]  netlink_sendmsg+0x805/0xb30
[  224.375218][T16137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.375236][T16137]  ? aa_sock_msg_perm+0x94/0x160
[  224.375254][T16137]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  224.375270][T16137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.375295][T16137]  __sock_sendmsg+0x21c/0x270
[  224.375320][T16137]  ____sys_sendmsg+0x505/0x830
[  224.375342][T16137]  ? __pfx_____sys_sendmsg+0x10/0x10
[  224.375367][T16137]  ? import_iovec+0x74/0xa0
[  224.375385][T16137]  ___sys_sendmsg+0x21f/0x2a0
[  224.375404][T16137]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.375480][T16137]  ? __fget_files+0x2a/0x420
[  224.375498][T16137]  ? __fget_files+0x3a0/0x420
[  224.375523][T16137]  __x64_sys_sendmsg+0x19b/0x260
[  224.375541][T16137]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  224.375565][T16137]  ? rcu_is_watching+0x15/0xb0
[  224.375594][T16137]  ? do_syscall_64+0xbe/0x3b0
[  224.375611][T16137]  do_syscall_64+0xfa/0x3b0
[  224.375620][T16137]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.375638][T16137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.375651][T16137]  ? exc_page_fault+0x9f/0xf0
[  224.375669][T16137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.375681][T16137] RIP: 0033:0x7f777ef8e929
[  224.375694][T16137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.375706][T16137] RSP: 002b:00007f777fdce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.375721][T16137] RAX: ffffffffffffffda RBX: 00007f777f1b5fa0 RCX: 00007f777ef8e929
[  224.375731][T16137] RDX: 000000002000c800 RSI: 0000200000000040 RDI: 0000000000000004
[  224.375739][T16137] RBP: 00007f777f010b39 R08: 0000000000000000 R09: 0000000000000000
[  224.375747][T16137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  224.375755][T16137] R13: 0000000000000000 R14: 00007f777f1b5fa0 R15: 00007fffe4b2fd38
[  224.375776][T16137]  </TASK>
[  224.555954][ T5824] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  224.560699][ T5824] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  224.570499][ T5824] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  224.574229][ T5824] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  224.577302][ T5824] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  224.686129][T16138] lo speed is unknown, defaulting to 1000
[  224.763687][T16138] chnl_net:caif_netlink_parms(): no params data found
[  224.809346][T16138] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.811948][T16138] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.814897][T16138] bridge_slave_0: entered allmulticast mode
[  224.817678][T16138] bridge_slave_0: entered promiscuous mode
[  224.821160][T16138] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.823860][T16138] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.826884][T16138] bridge_slave_1: entered allmulticast mode
[  224.829770][T16138] bridge_slave_1: entered promiscuous mode
[  224.851000][T16138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  224.856223][T16138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  224.918878][T16138] team0: Port device team_slave_0 added
[  224.923076][T16138] team0: Port device team_slave_1 added
[  224.933544][T16148] netlink: 'syz.0.3488': attribute type 8 has an invalid length.
[  224.962004][T16138] batman_adv: batadv0: Adding interface: batadv_slave_0
[  224.970243][T16138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.980061][T16138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  224.986161][T16138] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.988552][T16138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.001437][T16138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  225.048675][T16138] hsr_slave_0: entered promiscuous mode
[  225.051081][T16138] hsr_slave_1: entered promiscuous mode
[  225.053298][T16138] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  225.057516][T16138] Cannot create hsr debugfs directory
[  225.069790][ T5824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  225.073015][ T5824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  225.076477][ T5824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  225.079681][ T5824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  225.082384][ T5824] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  225.268829][T16153] lo speed is unknown, defaulting to 1000
[  225.358377][T16153] chnl_net:caif_netlink_parms(): no params data found
[  225.416552][T16153] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.418940][T16153] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.421329][T16153] bridge_slave_0: entered allmulticast mode
[  225.424069][T16153] bridge_slave_0: entered promiscuous mode
[  225.431358][T16153] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.433784][T16153] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.436331][T16153] bridge_slave_1: entered allmulticast mode
[  225.439205][T16153] bridge_slave_1: entered promiscuous mode
[  225.460015][T16153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  225.464793][T16153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  225.485811][T16153] team0: Port device team_slave_0 added
[  225.490063][T16153] team0: Port device team_slave_1 added
[  225.507614][T16153] batman_adv: batadv0: Adding interface: batadv_slave_0
[  225.509851][T16153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.518527][T16153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  225.522972][T16153] batman_adv: batadv0: Adding interface: batadv_slave_1
[  225.525373][T16153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.534235][T16153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  225.560487][T16153] hsr_slave_0: entered promiscuous mode
[  225.562848][T16153] hsr_slave_1: entered promiscuous mode
[  225.565773][T16153] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  225.568088][T16153] Cannot create hsr debugfs directory
[  225.700364][ T5862] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.763979][ T5862] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.822348][ T5862] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.932801][ T5862] bridge_slave_1: left allmulticast mode
[  225.934934][ T5862] bridge_slave_1: left promiscuous mode
[  225.936802][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.943056][ T5862] bridge_slave_0: left allmulticast mode
[  225.945694][ T5862] bridge_slave_0: left promiscuous mode
[  225.947654][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.128912][T16169] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3493'.
[  226.132942][T16169] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3493'.
[  226.136357][T16169] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3493'.
[  226.176941][T16169] siw: device registration error -23
[  226.218828][ T5862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.228152][ T5862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.233604][ T5862] bond0 (unregistering): Released all slaves
[  226.335836][ T5817] bridge0: port 1(syz_tun) entered disabled state
[  226.600901][ T5824] Bluetooth: hci1: command tx timeout
[  226.739517][ T5862] hsr_slave_0: left promiscuous mode
[  226.741986][ T5862] hsr_slave_1: left promiscuous mode
[  226.744104][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  226.755002][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_0
[  226.758969][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  226.761817][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_1
[  226.783198][ T5862] veth1_macvtap: left promiscuous mode
[  226.794817][ T5862] veth0_macvtap: left promiscuous mode
[  226.796670][ T5862] veth1_vlan: left promiscuous mode
[  226.798844][ T5862] veth0_vlan: left promiscuous mode
[  226.918242][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  226.932783][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  226.938723][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  226.948477][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  226.953463][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  227.156393][   T54] Bluetooth: hci2: command tx timeout
[  227.182763][ T5862] team0 (unregistering): Port device team_slave_1 removed
[  227.207033][ T5862] team0 (unregistering): Port device team_slave_0 removed
[  227.510469][T16138] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  227.525023][T16138] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  227.577380][T16153] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.598788][T16138] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  227.605674][T16138] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  227.659694][T16153] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.668143][T16182] lo speed is unknown, defaulting to 1000
[  227.730965][T16153] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.808680][T16153] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.818807][T16138] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.824283][T16182] chnl_net:caif_netlink_parms(): no params data found
[  227.894158][T16182] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.897692][T16182] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.899961][T16182] bridge_slave_0: entered allmulticast mode
[  227.902679][T16182] bridge_slave_0: entered promiscuous mode
[  227.918392][T16138] 8021q: adding VLAN 0 to HW filter on device team0
[  227.921711][T16182] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.927042][T16182] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.929967][T16182] bridge_slave_1: entered allmulticast mode
[  227.933087][T16182] bridge_slave_1: entered promiscuous mode
[  227.961138][  T176] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.963633][  T176] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.977277][T16182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.982465][T16182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.000069][  T176] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.002984][  T176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.034328][T16182] team0: Port device team_slave_0 added
[  228.047364][T16153] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  228.053554][T16182] team0: Port device team_slave_1 added
[  228.067649][T16153] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  228.093550][T16153] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  228.098175][T16182] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.100398][T16182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.108751][T16182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.128280][T16153] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  228.138745][T16182] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.141046][T16182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.149552][T16182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  228.243527][T16182] hsr_slave_0: entered promiscuous mode
[  228.246705][T16182] hsr_slave_1: entered promiscuous mode
[  228.248895][T16182] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  228.251262][T16182] Cannot create hsr debugfs directory
[  228.378781][T16153] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.393291][ T5862] team0: left allmulticast mode
[  228.398950][ T5862] bridge9: port 1(team0) entered disabled state
[  228.406813][ T5862] bridge_slave_1: left allmulticast mode
[  228.408682][ T5862] bridge_slave_1: left promiscuous mode
[  228.410814][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.420917][ T5862] bridge_slave_0: left allmulticast mode
[  228.422753][ T5862] bridge_slave_0: left promiscuous mode
[  228.426156][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.633999][ T5862] dvmrp8 (unregistering): left allmulticast mode
[  228.674904][   T54] Bluetooth: hci1: command tx timeout
[  229.004630][   T54] Bluetooth: hci0: command tx timeout
[  229.234729][   T54] Bluetooth: hci2: command tx timeout
[  229.307678][ T5862] bond1 (unregistering): Released all slaves
[  229.378063][ T5862] bond0 (unregistering): (slave batadv0): Releasing active interface
[  229.381242][ T5862] bond0 (unregistering): Released all slaves
[  229.389984][ T5862] bond2 (unregistering): Released all slaves
[  229.397367][ T5862] bond3 (unregistering): Released all slaves
[  229.403828][ T5862] bond4 (unregistering): Released all slaves
[  229.475812][ T5862] bond5 (unregistering): Released all slaves
[  229.482357][ T5862] bond6 (unregistering): Released all slaves
[  229.688545][ T5862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.693526][ T5862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.697613][ T5862] bond0 (unregistering): Released all slaves
[  229.738275][T16138] 8021q: adding VLAN 0 to HW filter on device batadv0
[  229.787737][T16153] 8021q: adding VLAN 0 to HW filter on device team0
[  229.818969][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.821463][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.829286][ T5862] : left promiscuous mode
[  229.871786][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.874474][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.887542][T16138] veth0_vlan: entered promiscuous mode
[  229.892090][T16138] veth1_vlan: entered promiscuous mode
[  229.897191][ T5862] tipc: Disabling bearer <eth:syzkaller0>
[  229.904023][ T5862] tipc: Left network mode
[  229.996084][T16138] veth0_macvtap: entered promiscuous mode
[  230.002649][T16138] veth1_macvtap: entered promiscuous mode
[  230.042833][T16138] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.070064][T16138] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.192682][T16138] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.199951][T16138] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.203518][T16138] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.207594][T16138] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.223864][T16153] 8021q: adding VLAN 0 to HW filter on device batadv0
[  230.430556][T16153] veth0_vlan: entered promiscuous mode
[  230.445190][T16182] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  230.462886][T16182] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  230.465083][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.465145][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.476736][T16182] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  230.482804][T16153] veth1_vlan: entered promiscuous mode
[  230.499701][T16182] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  230.507930][T16153] veth0_macvtap: entered promiscuous mode
[  230.532399][T16153] veth1_macvtap: entered promiscuous mode
[  230.557729][T16153] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.565733][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.568254][T16153] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.580920][T16153] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.583717][T16153] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.586598][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.586778][T16153] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.591646][T16153] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.721850][T16182] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.754865][    C1] ------------[ cut here ]------------
[  230.757647][    C1] workqueue: cannot queue hci_cmd_timeout on wq hci1
[  230.759762][    C1] WARNING: CPU: 1 PID: 1089 at kernel/workqueue.c:2258 __queue_work+0xd62/0xfe0
[  230.762638][    C1] Modules linked in:
[  230.764270][    C1] CPU: 1 UID: 0 PID: 1089 Comm: kworker/u10:5 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  230.769083][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  230.772258][    C1] Workqueue: events_unbound linkwatch_event
[  230.774179][    C1] RIP: 0010:__queue_work+0xd62/0xfe0
[  230.775845][    C1] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 69 0f 99 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 40 e1 89 8b 4c 89 fa e8 1f 34 f9 ff 90 <0f> 0b 90 90 e9 f1 f4 ff ff e8 80 8b 35 00 90 0f 0b 90 e9 dd fc ff
[  230.781824][    C1] RSP: 0018:ffffc900001e0ba8 EFLAGS: 00010046
[  230.783747][    C1] RAX: 9fb173fb0c258b00 RBX: 0000000000000100 RCX: ffff88810708d640
[  230.786180][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  230.788585][    C1] RBP: 1ffff11007a0fe38 R08: 0000000000000003 R09: 0000000000000004
[  230.791032][    C1] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: dffffc0000000000
[  230.793700][    C1] R13: ffff888112a10988 R14: 0000000000000008 R15: ffff88803d07f178
[  230.796586][    C1] FS:  0000000000000000(0000) GS:ffff8881a3c50000(0000) knlGS:0000000000000000
[  230.799646][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  230.801712][    C1] CR2: 00007ffe71fce8a0 CR3: 000000001f708000 CR4: 00000000000006f0
[  230.804184][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  230.806688][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  230.809117][    C1] Call Trace:
[  230.810178][    C1]  <IRQ>
[  230.811268][    C1]  call_timer_fn+0x17e/0x5f0
[  230.812837][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  230.814829][    C1]  ? call_timer_fn+0xbe/0x5f0
[  230.816634][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  230.818325][    C1]  ? do_raw_spin_unlock+0x4d/0x240
[  230.820065][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  230.822026][    C1]  __run_timer_base+0x646/0x860
[  230.823600][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  230.825310][    C1]  ? lapic_next_event+0x11/0x20
[  230.826850][    C1]  ? clockevents_program_event+0x24d/0x360
[  230.828718][    C1]  run_timer_softirq+0xb7/0x180
[  230.830324][    C1]  handle_softirqs+0x286/0x870
[  230.831841][    C1]  ? do_softirq+0xec/0x180
[  230.833281][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  230.834970][    C1]  ? addrconf_notify+0xb08/0x1010
[  230.836701][    C1]  do_softirq+0xec/0x180
[  230.838089][    C1]  </IRQ>
[  230.839041][    C1]  <TASK>
[  230.840007][    C1]  ? __pfx_do_softirq+0x10/0x10
[  230.841636][    C1]  ? addrconf_mod_dad_work+0xb9/0x120
[  230.843678][    C1]  ? lockdep_softirqs_on+0x13b/0x1c0
[  230.845400][    C1]  __local_bh_enable_ip+0x17d/0x1c0
[  230.847119][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  230.848985][    C1]  ? do_raw_read_unlock+0x3d/0x80
[  230.850645][    C1]  addrconf_notify+0xb08/0x1010
[  230.852231][    C1]  notifier_call_chain+0x1b6/0x3e0
[  230.853923][    C1]  netif_state_change+0x284/0x3a0
[  230.855547][    C1]  ? __pfx_netif_state_change+0x10/0x10
[  230.857313][    C1]  linkwatch_do_dev+0x117/0x170
[  230.858934][    C1]  __linkwatch_run_queue+0x56d/0x7e0
[  230.860667][    C1]  ? __pfx___linkwatch_run_queue+0x10/0x10
[  230.862589][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  230.864287][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  230.866141][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  230.868013][    C1]  linkwatch_event+0x4c/0x60
[  230.869556][    C1]  process_scheduled_works+0xae1/0x17b0
[  230.871532][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  230.873475][    C1]  worker_thread+0x8a0/0xda0
[  230.875012][    C1]  kthread+0x711/0x8a0
[  230.876447][    C1]  ? __pfx_worker_thread+0x10/0x10
[  230.878146][    C1]  ? __pfx_kthread+0x10/0x10
[  230.879628][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  230.881412][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.883111][    C1]  ? __pfx_kthread+0x10/0x10
[  230.884800][    C1]  ret_from_fork+0x3fc/0x770
[  230.886457][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  230.888326][    C1]  ? __switch_to_asm+0x39/0x70
[  230.890107][    C1]  ? __switch_to_asm+0x33/0x70
[  230.891930][    C1]  ? __pfx_kthread+0x10/0x10
[  230.893494][    C1]  ret_from_fork_asm+0x1a/0x30
[  230.895076][    C1]  </TASK>
[  230.896189][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  230.898698][    C1] CPU: 1 UID: 0 PID: 1089 Comm: kworker/u10:5 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  230.902865][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  230.906348][    C1] Workqueue: events_unbound linkwatch_event
[  230.908452][    C1] Call Trace:
[  230.909557][    C1]  <IRQ>
[  230.910471][    C1]  dump_stack_lvl+0x99/0x250
[  230.911965][    C1]  ? __asan_memcpy+0x40/0x70
[  230.913515][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.915222][    C1]  ? __pfx__printk+0x10/0x10
[  230.917003][    C1]  panic+0x2db/0x790
[  230.918488][    C1]  ? __pfx_panic+0x10/0x10
[  230.919917][    C1]  ? show_trace_log_lvl+0x4fb/0x550
[  230.921575][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  230.923380][    C1]  __warn+0x31b/0x4b0
[  230.924737][    C1]  ? __queue_work+0xd62/0xfe0
[  230.926245][    C1]  ? __queue_work+0xd62/0xfe0
[  230.927852][    C1]  report_bug+0x2be/0x4f0
[  230.929570][    C1]  ? __queue_work+0xd62/0xfe0
[  230.931048][    C1]  ? __queue_work+0xd62/0xfe0
[  230.932580][    C1]  ? __queue_work+0xd64/0xfe0
[  230.934132][    C1]  handle_bug+0x84/0x160
[  230.935630][    C1]  exc_invalid_op+0x1a/0x50
[  230.937124][    C1]  asm_exc_invalid_op+0x1a/0x20
[  230.938871][    C1] RIP: 0010:__queue_work+0xd62/0xfe0
[  230.940706][    C1] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 69 0f 99 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 40 e1 89 8b 4c 89 fa e8 1f 34 f9 ff 90 <0f> 0b 90 90 e9 f1 f4 ff ff e8 80 8b 35 00 90 0f 0b 90 e9 dd fc ff
[  230.947235][    C1] RSP: 0018:ffffc900001e0ba8 EFLAGS: 00010046
[  230.949347][    C1] RAX: 9fb173fb0c258b00 RBX: 0000000000000100 RCX: ffff88810708d640
[  230.951949][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  230.954695][    C1] RBP: 1ffff11007a0fe38 R08: 0000000000000003 R09: 0000000000000004
[  230.957389][    C1] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: dffffc0000000000
[  230.960561][    C1] R13: ffff888112a10988 R14: 0000000000000008 R15: ffff88803d07f178
[  230.963297][    C1]  ? __queue_work+0xd61/0xfe0
[  230.965028][    C1]  call_timer_fn+0x17e/0x5f0
[  230.966585][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  230.968814][    C1]  ? call_timer_fn+0xbe/0x5f0
[  230.970338][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  230.972061][    C1]  ? do_raw_spin_unlock+0x4d/0x240
[  230.973802][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  230.975736][    C1]  __run_timer_base+0x646/0x860
[  230.977325][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  230.979124][    C1]  ? lapic_next_event+0x11/0x20
[  230.980807][    C1]  ? clockevents_program_event+0x24d/0x360
[  230.982659][    C1]  run_timer_softirq+0xb7/0x180
[  230.984242][    C1]  handle_softirqs+0x286/0x870
[  230.985865][    C1]  ? do_softirq+0xec/0x180
[  230.987297][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  230.989299][    C1]  ? addrconf_notify+0xb08/0x1010
[  230.990951][    C1]  do_softirq+0xec/0x180
[  230.992389][    C1]  </IRQ>
[  230.993545][    C1]  <TASK>
[  230.994538][    C1]  ? __pfx_do_softirq+0x10/0x10
[  230.996090][    C1]  ? addrconf_mod_dad_work+0xb9/0x120
[  230.997869][    C1]  ? lockdep_softirqs_on+0x13b/0x1c0
[  230.999670][    C1]  __local_bh_enable_ip+0x17d/0x1c0
[  231.001329][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  231.003155][    C1]  ? do_raw_read_unlock+0x3d/0x80
[  231.004801][    C1]  addrconf_notify+0xb08/0x1010
[  231.006393][    C1]  notifier_call_chain+0x1b6/0x3e0
[  231.008275][    C1]  netif_state_change+0x284/0x3a0
[  231.009969][    C1]  ? __pfx_netif_state_change+0x10/0x10
[  231.011790][    C1]  linkwatch_do_dev+0x117/0x170
[  231.013406][    C1]  __linkwatch_run_queue+0x56d/0x7e0
[  231.015124][    C1]  ? __pfx___linkwatch_run_queue+0x10/0x10
[  231.017025][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  231.018813][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  231.020684][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  231.022753][    C1]  linkwatch_event+0x4c/0x60
[  231.024459][    C1]  process_scheduled_works+0xae1/0x17b0
[  231.026295][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  231.028287][    C1]  worker_thread+0x8a0/0xda0
[  231.029831][    C1]  kthread+0x711/0x8a0
[  231.031260][    C1]  ? __pfx_worker_thread+0x10/0x10
[  231.032865][    C1]  ? __pfx_kthread+0x10/0x10
[  231.034313][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  231.035988][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  231.037719][    C1]  ? __pfx_kthread+0x10/0x10
[  231.039146][    C1]  ret_from_fork+0x3fc/0x770
[  231.040633][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  231.042352][    C1]  ? __switch_to_asm+0x39/0x70
[  231.043939][    C1]  ? __switch_to_asm+0x33/0x70
[  231.045436][    C1]  ? __pfx_kthread+0x10/0x10
[  231.046895][    C1]  ret_from_fork_asm+0x1a/0x30
[  231.048748][    C1]  </TASK>
[  231.050457][    C1] Kernel Offset: disabled
[  231.051901][    C1] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:27:01  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000000 RCX=0000000080000000 RDX=0000000000000000
RSI=ffffffff8d995ac4 RDI=ffffffff8be28d40 RBP=ffffffff81728af5 RSP=ffffc90002c6f1e0
R8 =0000000000000000 R9 =0000000000000000 R10=ffffc90002c6f3d8 R11=ffffffff81ace6a0
R12=0000000000000002 R13=ffffffff8e13ee60 R14=0000000000000000 R15=0000000000000246
RIP=ffffffff8b66d233 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8650000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f3f23ea2178 CR3=000000003bcc2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffff0000 0000000000000000
XMM02=ffff000000000000 ffffffffffffffff XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000006f RBX=000000000000006f RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900001e0350
R8 =ffff888021b70237 R9 =1ffff1100436e046 R10=dffffc0000000000 R11=ffffffff85474610
R12=dffffc0000000000 R13=ffffffff99ac4905 R14=ffffffff99dc9760 R15=0000000000000000
RIP=ffffffff8547468c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c50000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffe71fce8a0 CR3=000000001f708000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000015eb4704 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=1600000000000000 00000000000002ff
XMM06=1600000000000000 00000000000002ff XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
