last executing test programs:

1.620640808s ago: executing program 0 (id=325):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0xc220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa2721, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r0, &(0x7f0000000000), 0x2a979d)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{}, {}, {0x280000, 0x4, 0x10009, 0x6}], 0x10, 0xfffffff6}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b35, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90424fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
recvmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003940)=[{&(0x7f00000039c0)=""/4104, 0x1008}, {&(0x7f0000000100)=""/81, 0x51}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000000180)=""/56, 0x38}, {&(0x7f00000016c0)=""/262, 0x106}, {&(0x7f0000001600)=""/149, 0x95}, {&(0x7f00000038c0)=""/115, 0x73}], 0x7}, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0xa0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x400000000008, 0x8000008}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2106, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b90402090000e8fe55a1180015000600142603600000000401a80016000a001040319a4707c5ee6f83b94dcf5c0468c1d67f6f94007134cf6ee0800089e408e8d8ef52b49816cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70300000040fad95667e006dcdf969b3ef35ce3bb9ad809d58bd0fdcaed0bffec29002a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701000440005041c827c8245afef87b9a2125c0fcbb4095452741", 0xda}], 0x1}, 0x4008000)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001d00)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010067656e65766530000000000000000000140001"], 0x110}}, 0x0)
sendmsg$nl_xfrm(r5, &(0x7f0000001cc0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000005c0)={&(0x7f0000001800)=@flushpolicy={0x438, 0x1d, 0x2, 0x70bd2a, 0x25dfdbfe, "", [@tmpl={0x84, 0x5, [{{@in6=@mcast2, 0x4d3, 0x32}, 0xa, @in=@private=0xa010100, 0x3504, 0x0, 0x3, 0x5, 0xa, 0x7, 0x81}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d4, 0x3c}, 0xa, @in=@multicast2, 0x3507, 0x4, 0x2, 0x3, 0x0, 0x0, 0xfffff001}]}, @user_kmaddress={0x2c, 0x13, {@in6=@private0, @in=@remote, 0x0, 0xa}}, @migrate={0x180, 0x11, [{@in6=@dev={0xfe, 0x80, '\x00', 0x17}, @in=@rand_addr=0x64010102, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private1, 0x33, 0x4, 0x0, 0x3500, 0x2, 0x2}, {@in6=@mcast1, @in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@mcast2, 0x32, 0x4, 0x0, 0x3504, 0x2, 0x2}, {@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@mcast2, @in=@empty, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6c, 0x0, 0x0, 0x0, 0xa, 0x2}, {@in=@rand_addr=0x64010100, @in=@remote, @in6=@remote, @in=@private=0xa010100, 0x33, 0x2, 0x0, 0x0, 0x2, 0x2}, {@in=@broadcast, @in6=@mcast1, @in=@multicast2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x3c, 0x4, 0x0, 0x3505, 0x2, 0x2}]}, @lifetime_val={0x24, 0x9, {0x3, 0x1, 0x2, 0x9}}, @algo_comp={0xf1, 0x3, {{'lzjh\x00'}, 0x548, "34c0d52e2db98da43abbbb420e50092d701c4ee1ec37a090a965dd16674d57ce8a551b571fe16f516447dd3e4181b8a8903bf5f652e02a42c021dbcda06e803a7378ed6a885c275cd540be17fcac81697ac105152514cefb80e98ba882f84a73cd41eb7560e5a0a2f453e7074f102f0899fbd28366ea115fa5dd1a6fcaeeafe35c680da238568a710521d0e7d735360c7c3a5b3344f06523bc3cd661823918a24769c1f367aae0c6ee"}}, @algo_aead={0xab, 0x12, {{'morus1280\x00'}, 0x2f8, 0x0, "a26f2cbccc1e63a1d6b97d8b968b7b7e0f34001254471dc36f00b7e4689e2599e5c94cce445fef823031172549137dd37f0b595d4f855bd04fad324b02095284a6b0fb7236425991ff29515e647b1b27cbf068c3b430bb0a9d59509df782b1"}}, @etimer_thresh={0x8, 0xc, 0x401}, @user_kmaddress={0x2c, 0x13, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@loopback, 0x0, 0x2}}]}, 0x438}, 0x1, 0x0, 0x0, 0x40000}, 0x20004054)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001d80)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000080)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x34, &(0x7f0000000240)=""/52, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0xf, 0x6, 0xb}, 0x10, 0x178c7, 0xffffffffffffffff, 0x3, 0x0, &(0x7f00000002c0)=[{0x4, 0x4, 0xd, 0x8}, {0x5, 0x3, 0x4, 0x9}, {0x2, 0x1, 0xc}], 0x10, 0x6}, 0x94)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000340), 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000500), 0x12)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000029008188e6b62aa73772cc9f1ba1f848430000005e1406020000063e0e002800100007000280000012", 0x2d}], 0x1}, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000440)={0x2, 0x0, [0x0, 0x0]})

795.054537ms ago: executing program 2 (id=333):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081d4b7bd57000540018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c40ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)

794.822737ms ago: executing program 1 (id=334):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x685}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffd}, 0x39)

703.09966ms ago: executing program 2 (id=335):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a78000000060a010400000000000000000200000038000480340001800a0001006d617463680000002400028008000100756470000e0003007acc6338a90000b03bd9000008000240000000000900010073797a30000000000900020073797a32000000001400058008000140f200001108"], 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

702.930329ms ago: executing program 1 (id=336):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000006c0)="5c0000006c006bcd9e3fe3dc6e48aa31086b8703240000007ea60264160af365040043001f0003000e0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

661.989402ms ago: executing program 1 (id=337):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000160a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)

661.726828ms ago: executing program 2 (id=338):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="60000000020605000000000000000000000000000e0003006269746d61703a697000000005000400000000000900020073797a31000000001800078005000300200000000c00018008000140ffffffff05000500020000000500010006"], 0x60}}, 0x0)

650.847697ms ago: executing program 0 (id=339):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000051e6850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_kthread_stop_ret\x00', r0, 0x0, 0x100000}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)=ANY=[], 0x100}, 0x0)
close(r1)

573.516639ms ago: executing program 1 (id=340):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="1400000037000b0fd25a806c8c6f94f907000000", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x408e0)

572.894663ms ago: executing program 0 (id=341):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000000040)=[@rthdr_2292={{0x28, 0x29, 0x5, {0x0, 0x2, 0x2, 0x1, 0x0, [@remote]}}}, @dstopts={{0x18, 0x29, 0x37, {0x1}}}], 0x40}, 0x0)

572.715548ms ago: executing program 2 (id=342):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)

484.995346ms ago: executing program 1 (id=343):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="8b", 0x1}], 0x1, 0x0, 0x0, 0x900}, 0x60)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400090200000000000000000000000000010c00028005000100000000004700028005000100010000000600040000000000060005"], 0xe4}}, 0x0)

484.634766ms ago: executing program 0 (id=344):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000200)={0x44, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x44}}, 0x0)

423.076636ms ago: executing program 1 (id=345):
r0 = gettid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001500)={&(0x7f00000013c0)=ANY=[@ANYBLOB="9feb050018"], &(0x7f00000014c0)=""/5, 0x18, 0x5, 0x1}, 0x28)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x4, 0x8, 0x3fe, 0x7fff7fff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x20)
perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x100, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x56, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f00000004c0)={&(0x7f00000001c0)={0x2, 0x4e23, @remote}, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1400, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r3}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000000714010025bd7000fcdbdf250900020073797a6ad2"], 0x44}}, 0x20040894)
r5 = socket$kcm(0xa, 0x1, 0x106)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00'}, 0x10)
sendmsg$kcm(r5, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff3c, 0x0}, 0xe07e872420dfefca)
socket$kcm(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000dc0)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000000c00d1000c00000005000000000000000000000700000000002e5f2e1e001ac475d77d3bc576508ecf"], 0x0, 0x2a, 0x0, 0x1, 0x3}, 0x28)
r6 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r6, 0x84, 0x7d, &(0x7f0000000000), 0x8)
r7 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3400c085)

422.698153ms ago: executing program 0 (id=346):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket$kcm(0x2, 0x1, 0x84)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
recvmsg$kcm(r1, &(0x7f0000000180)={&(0x7f00000000c0)=@xdp, 0x80, &(0x7f0000000140)=[{&(0x7f0000000040)=""/26, 0x1a}], 0x1, &(0x7f0000000640)=""/4096, 0x1000}, 0x40)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000340)=@framed={{}, [@printk={@lld, {0x3, 0x3, 0x6, 0xa, 0x1, 0xfff8, 0x41}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xca}}]}, &(0x7f0000000400)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
recvmsg$kcm(r1, &(0x7f0000001640)={&(0x7f00000002c0)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000000340), 0x0, &(0x7f0000000580)=""/120, 0x78}, 0x40000000)
r2 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x30}, 0x40000c1)
r3 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x11, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffc00, 0x0, @perf_bp={0x0, 0xe}, 0x880, 0x0, 0x0, 0x0, 0x9015, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0xffffffffffffffff, 0x40000000000000, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x4)
ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000040)={'bond0\x00', @random='\x00\x00\x00\x00\x00 '})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x606080, 0x0)
ioctl$TUNSETLINK(r4, 0x400454cd, 0x18)

422.514408ms ago: executing program 2 (id=347):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x4, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

332.916024ms ago: executing program 2 (id=348):
socket$kcm(0x2, 0x922000000001, 0x106)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x94004, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x3, 0xffffffff, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x10003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001006d617463680000003400028008000240000000001c0003000afe6cbf96caa5debdad61b67ddb2fb68fcf19f7807076430a0001"], 0xc8}, 0x1, 0x0, 0x0, 0x4000005}, 0x20000004)

0s ago: executing program 0 (id=349):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="16000000690005"], 0xfe33)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:3036' (ED25519) to the list of known hosts.
syzkaller login: [   48.803274][ T5770] cgroup: Unknown subsys name 'net'
[   48.937093][ T5770] cgroup: Unknown subsys name 'cpuset'
[   48.944023][ T5770] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   50.794750][ T5770] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   55.464015][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   55.467362][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   55.470412][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   55.473582][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   55.476544][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   55.532986][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   55.535944][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   55.539084][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   55.551215][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   55.555129][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   55.585104][ T5841] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   55.588547][ T5841] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   55.592930][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   55.610443][ T5841] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   55.614226][ T5841] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   55.781073][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   55.881442][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.884615][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.887860][ T5838] bridge_slave_0: entered allmulticast mode
[   55.892071][ T5838] bridge_slave_0: entered promiscuous mode
[   55.919029][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.929407][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.932703][ T5838] bridge_slave_1: entered allmulticast mode
[   55.936536][ T5838] bridge_slave_1: entered promiscuous mode
[   56.003174][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   56.018767][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.050042][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.098404][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   56.113075][ T5838] team0: Port device team_slave_0 added
[   56.128738][ T5838] team0: Port device team_slave_1 added
[   56.205023][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.208173][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.211517][ T5843] bridge_slave_0: entered allmulticast mode
[   56.215282][ T5843] bridge_slave_0: entered promiscuous mode
[   56.219100][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.222614][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.231563][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.243880][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.246820][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.257313][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.264232][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.267205][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.271173][ T5843] bridge_slave_1: entered allmulticast mode
[   56.275080][ T5843] bridge_slave_1: entered promiscuous mode
[   56.326210][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.329828][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.332733][ T5845] bridge_slave_0: entered allmulticast mode
[   56.336595][ T5845] bridge_slave_0: entered promiscuous mode
[   56.341430][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.344222][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.347120][ T5845] bridge_slave_1: entered allmulticast mode
[   56.351912][ T5845] bridge_slave_1: entered promiscuous mode
[   56.364467][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.408058][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.426610][ T5838] hsr_slave_0: entered promiscuous mode
[   56.429060][ T5838] hsr_slave_1: entered promiscuous mode
[   56.442622][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.447338][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.460200][ T5843] team0: Port device team_slave_0 added
[   56.482059][ T5843] team0: Port device team_slave_1 added
[   56.531045][ T5845] team0: Port device team_slave_0 added
[   56.547961][ T5845] team0: Port device team_slave_1 added
[   56.551246][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.554117][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.565177][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.572525][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.575522][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.587928][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.630290][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.633230][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.643335][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.666713][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.669055][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.678342][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.716769][ T5843] hsr_slave_0: entered promiscuous mode
[   56.719141][ T5843] hsr_slave_1: entered promiscuous mode
[   56.721759][ T5843] debugfs: 'hsr0' already exists in 'hsr'
[   56.723695][ T5843] Cannot create hsr debugfs directory
[   56.764789][ T5845] hsr_slave_0: entered promiscuous mode
[   56.768029][ T5845] hsr_slave_1: entered promiscuous mode
[   56.772317][ T5845] debugfs: 'hsr0' already exists in 'hsr'
[   56.774177][ T5845] Cannot create hsr debugfs directory
[   56.911112][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   56.954489][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   56.980932][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   56.998224][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.066435][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   57.073765][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   57.081771][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   57.094316][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   57.135676][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   57.147174][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   57.154335][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   57.166570][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   57.197901][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.241275][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   57.261925][  T732] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.265285][  T732] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.294447][  T732] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.297491][  T732] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.315629][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.347406][ T5838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.372718][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   57.398510][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.401348][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.409770][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.412754][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.430492][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.462232][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   57.475246][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.478398][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.500308][   T54] Bluetooth: hci0: command tx timeout
[   57.504392][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.507433][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.544303][ T5845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.572743][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.580681][   T54] Bluetooth: hci1: command tx timeout
[   57.660099][   T54] Bluetooth: hci2: command tx timeout
[   57.672434][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.693231][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.712681][ T5838] veth0_vlan: entered promiscuous mode
[   57.755009][ T5838] veth1_vlan: entered promiscuous mode
[   57.775759][ T5843] veth0_vlan: entered promiscuous mode
[   57.782919][ T5845] veth0_vlan: entered promiscuous mode
[   57.793342][ T5843] veth1_vlan: entered promiscuous mode
[   57.798625][ T5845] veth1_vlan: entered promiscuous mode
[   57.824592][ T5838] veth0_macvtap: entered promiscuous mode
[   57.841017][ T5838] veth1_macvtap: entered promiscuous mode
[   57.846895][ T5845] veth0_macvtap: entered promiscuous mode
[   57.851370][ T5843] veth0_macvtap: entered promiscuous mode
[   57.858227][ T5845] veth1_macvtap: entered promiscuous mode
[   57.863917][ T5843] veth1_macvtap: entered promiscuous mode
[   57.875435][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.894001][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.906095][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.912576][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.918338][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.923804][ T5866] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.934228][ T5866] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.938901][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.944046][ T5866] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.947066][ T5866] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.958993][ T5866] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.964669][ T5866] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.970807][ T5867] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.977059][ T5867] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.982124][ T5867] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.984997][ T5867] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.987836][ T5867] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.997748][ T5867] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.073383][   T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.076811][   T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.103725][   T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.107126][   T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.123089][ T5047] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.125740][ T5047] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.144990][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.147614][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.166199][   T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.168792][   T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.186557][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   58.197559][   T91] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.202972][   T91] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.305668][ T5913] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4'.
[   58.309101][ T5913] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4'.
[   58.333803][ T5913] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4'.
[   58.336705][ T5913] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4'.
[   58.401150][ T5913] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4'.
[   58.404314][ T5913] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4'.
[   58.411150][ T5918] netlink: 'syz.1.6': attribute type 1 has an invalid length.
[   58.415078][ T5918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6'.
[   58.661636][ T5934] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   58.974024][ T5960] netlink: 'syz.1.24': attribute type 10 has an invalid length.
[   58.976787][ T5960] netlink: 40 bytes leftover after parsing attributes in process `syz.1.24'.
[   58.983378][ T5960] batman_adv: batadv0: Adding interface: hsr_slave_1
[   58.986000][ T5960] batman_adv: batadv0: The MTU of interface hsr_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.994825][ T5960] batman_adv: batadv0: Interface activated: hsr_slave_1
[   59.567863][ T5980] netlink: 'syz.0.32': attribute type 21 has an invalid length.
[   59.583205][   T54] Bluetooth: hci0: command tx timeout
[   59.661172][   T54] Bluetooth: hci1: command tx timeout
[   59.742789][   T54] Bluetooth: hci2: command tx timeout
[   60.645747][ T5996] netlink: 202232 bytes leftover after parsing attributes in process `syz.1.40'.
[   60.675812][ T5996] netlink: zone id is out of range
[   60.678100][ T5996] netlink: zone id is out of range
[   60.698822][    C0] hrtimer: interrupt took 136991 ns
[   61.264187][ T6014] netlink: 'syz.0.47': attribute type 2 has an invalid length.
[   61.266796][ T6014] netlink: 'syz.0.47': attribute type 8 has an invalid length.
[   61.273979][ T6014] netlink: 132 bytes leftover after parsing attributes in process `syz.0.47'.
[   61.310578][   T54] Bluetooth: hci1: Malformed Event: 0x13
[   61.633399][ T6037] Zero length message leads to an empty skb
[   61.659504][   T54] Bluetooth: hci0: command tx timeout
[   61.749447][   T54] Bluetooth: hci1: command tx timeout
[   61.801719][ T6043] veth0_vlan: entered allmulticast mode
[   61.830241][   T54] Bluetooth: hci2: command tx timeout
[   63.749541][   T54] Bluetooth: hci0: command tx timeout
[   63.819549][   T54] Bluetooth: hci1: command tx timeout
[   63.846292][ T6099] netlink: 'syz.0.86': attribute type 1 has an invalid length.
[   63.849594][ T6099] netlink: 'syz.0.86': attribute type 4 has an invalid length.
[   63.852828][ T6099] __nla_validate_parse: 4 callbacks suppressed
[   63.852836][ T6099] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.86'.
[   63.899907][   T54] Bluetooth: hci2: command tx timeout
[   64.204375][    C0] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[   64.341423][ T6121] netlink: 36 bytes leftover after parsing attributes in process `syz.2.95'.
[   64.386483][ T6121] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   64.802756][ T6123] syzkaller0: entered promiscuous mode
[   64.804806][ T6123] syzkaller0: entered allmulticast mode
[   66.436021][ T6158] netlink: 148 bytes leftover after parsing attributes in process `syz.0.110'.
[   66.644114][ T6164] netlink: 208192 bytes leftover after parsing attributes in process `syz.0.113'.
[   66.647711][ T6164] netlink: 'syz.0.113': attribute type 1 has an invalid length.
[   66.936932][ T6170] netlink: 4 bytes leftover after parsing attributes in process `syz.0.116'.
[   67.124326][ T6172] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   67.218175][ T6183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.122'.
[   67.991905][ T6195] netlink: 'syz.2.127': attribute type 27 has an invalid length.
[   67.995242][ T6195] netlink: 'syz.2.127': attribute type 3 has an invalid length.
[   67.998426][ T6195] netlink: 132 bytes leftover after parsing attributes in process `syz.2.127'.
[   68.098591][ T6202] C: renamed from team_slave_0 (while UP)
[   68.099826][ T6205] syz.2.133 uses obsolete (PF_INET,SOCK_PACKET)
[   68.170122][ T6202] netlink: 'syz.1.132': attribute type 3 has an invalid length.
[   68.173015][ T6202] netlink: 152 bytes leftover after parsing attributes in process `syz.1.132'.
[   68.338801][ T6213] netlink: 14 bytes leftover after parsing attributes in process `syz.2.133'.
[   68.453617][ T6218] netlink: 24 bytes leftover after parsing attributes in process `syz.1.136'.
[   68.607508][ T6228] x_tables: ip_tables: icmp match: only valid for protocol 1
[   68.798039][ T6242] netlink: 'syz.1.147': attribute type 21 has an invalid length.
[   69.209796][ T6269] __nla_validate_parse: 5 callbacks suppressed
[   69.209809][ T6269] netlink: 128 bytes leftover after parsing attributes in process `syz.1.160'.
[   70.338554][ T6298] netlink: 60 bytes leftover after parsing attributes in process `syz.1.174'.
[   70.345115][ T6298] netlink: 60 bytes leftover after parsing attributes in process `syz.1.174'.
[   70.350334][ T6298] netlink: 60 bytes leftover after parsing attributes in process `syz.1.174'.
[   70.837756][ T6327] syzkaller0: entered promiscuous mode
[   70.839820][ T6327] syzkaller0: entered allmulticast mode
[   71.190380][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.194199][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   71.362442][   T24] cfg80211: failed to load regulatory.db
[   71.435984][ T6332] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   71.542844][ T6335] netlink: 12 bytes leftover after parsing attributes in process `syz.1.189'.
[   71.981918][ T6347] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[   72.092449][ T6353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.197'.
[   72.365062][ T6364] netlink: 28 bytes leftover after parsing attributes in process `syz.2.202'.
[   73.681358][ T6416] warning: `syz.0.223' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   73.813027][ T6416] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[   75.384269][ T6474] netlink: 14 bytes leftover after parsing attributes in process `syz.2.248'.
[   76.615972][ T6508] netlink: 8 bytes leftover after parsing attributes in process `syz.2.263'.
[   76.648223][ T6499] netlink: 'syz.1.260': attribute type 6 has an invalid length.
[   76.653564][ T6499] netlink: 168 bytes leftover after parsing attributes in process `syz.1.260'.
[   77.335584][ T6510] infiniband syz1: set active
[   77.337353][ T6510] infiniband syz1: added bond0
[   77.374673][ T6510] RDS/IB: syz1: added
[   77.377032][ T6510] smc: adding ib device syz1 with port count 1
[   77.380341][ T6510] smc:    ib device syz1 port 1 has pnetid 
[   77.606130][ T6526] netlink: 68 bytes leftover after parsing attributes in process `syz.1.271'.
[   77.659573][ T1098] wlan1: Trigger new scan to find an IBSS to join
[   78.016010][   T54] Bluetooth: hci2: unexpected event 0x3d length: 151 > 14
[   78.742715][ T6545] netlink: 'syz.2.278': attribute type 27 has an invalid length.
[   78.747419][ T6545] netlink: 152 bytes leftover after parsing attributes in process `syz.2.278'.
[   78.752767][ T6545] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   78.867334][ T6549] netlink: 'syz.2.280': attribute type 10 has an invalid length.
[   79.357436][ T6549] batman_adv: batadv0: Adding interface: netdevsim0
[   79.360928][ T6549] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.371206][ T6549] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[   79.472074][ T6558] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.284'.
[   79.637721][ T6569] netlink: 8 bytes leftover after parsing attributes in process `syz.1.289'.
[   79.642709][ T6569] netlink: 32 bytes leftover after parsing attributes in process `syz.1.289'.
[   79.843557][ T6574] netlink: 'syz.0.291': attribute type 6 has an invalid length.
[   79.848138][ T6574] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.291'.
[   79.976789][ T6589] netlink: 'syz.1.299': attribute type 21 has an invalid length.
[   80.032262][ T6592] GPL: port 1(gretap0) entered blocking state
[   80.035894][ T6592] GPL: port 1(gretap0) entered disabled state
[   80.038061][ T6592] gretap0: entered allmulticast mode
[   80.075892][ T6592] gretap0: entered promiscuous mode
[   80.265687][ T6605] Illegal XDP return value 4294967289 on prog  (id 118) dev N/A, expect packet loss!
[   80.346476][ T6609] netlink: 'syz.1.308': attribute type 2 has an invalid length.
[   80.351597][ T6609] netlink: 164 bytes leftover after parsing attributes in process `syz.1.308'.
[   80.383203][ T6611] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   80.410233][ T6615] netlink: 64 bytes leftover after parsing attributes in process `syz.1.310'.
[   81.660511][   T27] wlan1: Trigger new scan to find an IBSS to join
[   81.747634][ T3621] wlan1: Creating new IBSS network, BSSID 5e:6b:67:c0:4e:3c
[   81.898377][ T6652] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.325'.
[   81.906905][ T6652] netlink: 5 bytes leftover after parsing attributes in process `syz.0.325'.
[   82.037547][ T6658] netlink: 180 bytes leftover after parsing attributes in process `syz.0.325'.
[   82.061662][ T6657] netlink: 56 bytes leftover after parsing attributes in process `syz.2.328'.
[   82.911200][ T6690] netlink: 44 bytes leftover after parsing attributes in process `syz.1.343'.
[   82.915599][ T6690] netlink: 43 bytes leftover after parsing attributes in process `syz.1.343'.
[   82.920732][ T6690] netlink: 'syz.1.343': attribute type 5 has an invalid length.
[   82.924302][ T6690] netlink: 43 bytes leftover after parsing attributes in process `syz.1.343'.
[   98.850597][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   98.853487][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   98.856175][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   98.859093][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   98.863475][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   99.045064][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   99.048714][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   99.054227][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   99.057597][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   99.063072][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   99.669652][ T6711] chnl_net:caif_netlink_parms(): no params data found
[   99.726587][   T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   99.733070][   T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   99.736707][   T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   99.744028][   T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   99.747498][   T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   99.982981][    C1] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 16363046565 wd_nsec: 16363046929
[  100.939541][   T54] Bluetooth: hci3: command tx timeout
[  101.099503][   T54] Bluetooth: hci4: command tx timeout
[  101.819474][   T54] Bluetooth: hci5: command tx timeout
[  103.019366][   T54] Bluetooth: hci3: command tx timeout
[  103.189578][   T54] Bluetooth: hci4: command tx timeout
[  103.909405][   T54] Bluetooth: hci5: command tx timeout
[  105.099531][   T54] Bluetooth: hci3: command tx timeout
[  105.267945][   T54] Bluetooth: hci4: command tx timeout
[  105.979407][   T54] Bluetooth: hci5: command tx timeout
[  107.179412][   T54] Bluetooth: hci3: command tx timeout
[  107.349591][   T54] Bluetooth: hci4: command tx timeout
[  108.059333][   T54] Bluetooth: hci5: command tx timeout
[  180.798573][ T6734] Bluetooth: hci1: command 0x0406 tx timeout
[  181.419412][ T6734] Bluetooth: hci2: command 0x0406 tx timeout
[  188.499256][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  188.502312][    C1] rcu: 	1-....: (1 GPs behind) idle=e224/1/0x4000000000000000 softirq=16943/16948 fqs=4647
[  188.508270][    C1] rcu: 	         hardirqs   softirqs   csw/system
[  188.511252][    C1] rcu: 	 number:   725158          0            0
[  188.514187][    C1] rcu: 	cputime:    37762      14727           67   ==> 52490(ms)
[  188.517801][    C1] rcu: 	(t=10500 jiffies g=11209 q=2229 ncpus=2)
[  188.520729][    C1] CPU: 1 UID: 0 PID: 6707 Comm: syz.0.350 Not tainted 6.17.0-rc1-syzkaller-00022-g07866544e410-dirty #0 PREEMPT(full) 
[  188.520743][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  188.520752][    C1] RIP: 0010:_ieee802_11_parse_elems_full+0x23c5/0x4550
[  188.520773][    C1] Code: c2 f6 41 83 fd 50 0f 85 1b 02 00 00 4d 8d 6c 24 04 4c 89 e8 48 c1 e8 03 42 0f b6 04 30 84 c0 0f 85 d2 1b 00 00 45 0f b6 6d 00 <bf> f2 00 00 00 44 89 ee e8 ee f1 c2 f6 41 81 fd f2 00 00 00 0f 85
[  188.520781][    C1] RSP: 0018:ffffc900001dfaa0 EFLAGS: 00000246
[  188.520793][    C1] RAX: 0000000000000000 RBX: 0000000000000009 RCX: 0000000000000100
[  188.520800][    C1] RDX: ffff888107885640 RSI: 0000000000000050 RDI: 0000000000000050
[  188.520808][    C1] RBP: ffffc900001dfe90 R08: ffff888107885640 R09: 000000000000002b
[  188.520814][    C1] R10: 00000000000000ff R11: 0000000000000100 R12: ffff88810739c53c
[  188.520822][    C1] R13: 00000000000000f2 R14: dffffc0000000000 R15: 00000000000000dd
[  188.520828][    C1] FS:  00007f760fb3b6c0(0000) GS:ffff8881a3c1c000(0000) knlGS:0000000000000000
[  188.520837][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.520845][    C1] CR2: 0000000100000000 CR3: 00000001100ce000 CR4: 00000000000006f0
[  188.520878][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  188.520885][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 00000000000f0602
[  188.520891][    C1] Call Trace:
[  188.520897][    C1]  <IRQ>
[  188.520952][    C1]  ? __pfx__ieee802_11_parse_elems_full+0x10/0x10
[  188.520980][    C1]  ieee802_11_parse_elems_full+0x125a/0x2ab0
[  188.521006][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  188.521034][    C1]  ? __pfx_ieee802_11_parse_elems_full+0x10/0x10
[  188.521050][    C1]  ? cfg80211_update_known_bss+0x803/0x1330
[  188.521063][    C1]  ? cmp_bss+0x8b3/0xe80
[  188.521079][    C1]  ieee80211_inform_bss+0x10c/0x10a0
[  188.521095][    C1]  ? __cfg80211_bss_update+0x101a/0x2120
[  188.521117][    C1]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  188.521129][    C1]  ? do_raw_spin_lock+0x121/0x290
[  188.521148][    C1]  ? trace_kmalloc+0x1f/0xd0
[  188.521164][    C1]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  188.521178][    C1]  cfg80211_inform_single_bss_data+0xd05/0x1ac0
[  188.521197][    C1]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  188.521234][    C1]  cfg80211_inform_bss_data+0x1fb/0x3b30
[  188.521249][    C1]  ? ktime_get+0x3e/0x1f0
[  188.521263][    C1]  ? ktime_get+0x3e/0x1f0
[  188.521279][    C1]  ? ktime_get+0x3e/0x1f0
[  188.521291][    C1]  ? ktime_get+0x3e/0x1f0
[  188.521304][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  188.521316][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  188.521330][    C1]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  188.521348][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  188.521361][    C1]  ? sched_clock+0x3f/0x60
[  188.521378][    C1]  ? sched_clock_cpu+0x74/0x430
[  188.521395][    C1]  ? lapic_next_event+0x11/0x20
[  188.521407][    C1]  ? clockevents_program_event+0x24d/0x360
[  188.521424][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  188.521439][    C1]  ? hrtimer_interrupt+0x889/0xaa0
[  188.521456][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  188.521478][    C1]  ? irqentry_exit+0x74/0x90
[  188.521493][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.521509][    C1]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[  188.521526][    C1]  ? ieee80211_bss_info_update+0x2dc/0x9e0
[  188.521587][    C1]  ieee80211_bss_info_update+0x746/0x9e0
[  188.521603][    C1]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  188.521626][    C1]  ? ieee80211_rx_list+0x1391/0x2a90
[  188.521640][    C1]  ? ieee80211_get_channel_khz+0x15b/0x8a0
[  188.521653][    C1]  ieee80211_scan_rx+0x593/0xa20
[  188.521671][    C1]  ieee80211_rx_list+0x201c/0x2a90
[  188.521696][    C1]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  188.521717][    C1]  ? ieee80211_rx_napi+0xca/0x3d0
[  188.521731][    C1]  ? ieee80211_rx_napi+0xca/0x3d0
[  188.521744][    C1]  ? ieee80211_rx_napi+0x10f/0x3d0
[  188.521759][    C1]  ? ieee80211_rx_list+0x11/0x2a90
[  188.521775][    C1]  ? ieee80211_rx_napi+0xca/0x3d0
[  188.521787][    C1]  ieee80211_rx_napi+0x1a8/0x3d0
[  188.521803][    C1]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  188.521820][    C1]  ? skb_dequeue+0x10e/0x150
[  188.521838][    C1]  ieee80211_handle_queued_frames+0xe8/0x1f0
[  188.521854][    C1]  tasklet_action_common+0x36c/0x580
[  188.521866][    C1]  ? irqentry_exit+0x41/0x90
[  188.521883][    C1]  ? __pfx_tasklet_action_common+0x10/0x10
[  188.521901][    C1]  ? workqueue_softirq_action+0xd4/0x150
[  188.521917][    C1]  handle_softirqs+0x286/0x870
[  188.521931][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  188.521947][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  188.521960][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  188.521976][    C1]  __irq_exit_rcu+0xca/0x1f0
[  188.521988][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  188.522005][    C1]  irq_exit_rcu+0x9/0x30
[  188.522014][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  188.522029][    C1]  </IRQ>
[  188.522032][    C1]  <TASK>
[  188.522036][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  188.522051][    C1] RIP: 0010:preempt_schedule_irq+0xb0/0x150
[  188.522064][    C1] Code: 24 20 f6 44 24 21 02 74 0c 90 0f 0b 48 f7 03 08 00 00 00 74 64 bf 01 00 00 00 e8 5b 98 15 f6 e8 96 f2 4c f6 fb bf 01 00 00 00 <e8> 5b ab ff ff 48 c7 44 24 40 00 00 00 00 9c 8f 44 24 40 8b 44 24
[  188.522072][    C1] RSP: 0018:ffffc9000641fa40 EFLAGS: 00000286
[  188.522081][    C1] RAX: 9e061d6f4071bd00 RBX: 0000000000000000 RCX: 9e061d6f4071bd00
[  188.522090][    C1] RDX: 0000000000000006 RSI: ffffffff8d9b6dcb RDI: 0000000000000001
[  188.522096][    C1] RBP: ffffc9000641fae0 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  188.522102][    C1] R10: dffffc0000000000 R11: fffffbfff1f46fc7 R12: 0000000000000000
[  188.522116][    C1] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000c83f48
[  188.522135][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  188.522155][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  188.522169][    C1]  irqentry_exit+0x6f/0x90
[  188.522183][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  188.522193][    C1] RIP: 0010:perf_install_in_context+0x593/0x8f0
[  188.522207][    C1] Code: c5 14 4d 89 ec 49 c1 ec 03 43 0f b6 04 3c 84 c0 75 63 41 8b 7d 00 48 c7 c6 60 86 f0 81 4c 89 f2 b9 01 00 00 00 e8 6d 29 c4 ff <89> c3 31 ff 89 c6 e8 72 a6 cf ff 85 db 74 0c e8 29 a2 cf ff 83 fb
[  188.522214][    C1] RSP: 0018:ffffc9000641fba0 EFLAGS: 00000246
[  188.522223][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000080000
[  188.522229][    C1] RDX: ffffc90003e13000 RSI: 00000000000002c4 RDI: 00000000000002c5
[  188.522236][    C1] RBP: ffffc9000641fcf0 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  188.522244][    C1] R10: dffffc0000000000 R11: fffffbfff1f46fc7 R12: 1ffff11020f10aca
[  188.522251][    C1] R13: ffff888107885654 R14: ffffc9000641fc20 R15: dffffc0000000000
[  188.522275][    C1]  ? irqentry_exit+0x74/0x90
[  188.522290][    C1]  ? __pfx_perf_install_in_context+0x10/0x10
[  188.522302][    C1]  ? __pfx___perf_install_in_context+0x10/0x10
[  188.522321][    C1]  ? __se_sys_perf_event_open+0x126f/0x1d70
[  188.522335][    C1]  ? perf_event__header_size+0x168/0x230
[  188.522353][    C1]  __se_sys_perf_event_open+0x193a/0x1d70
[  188.522373][    C1]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  188.522385][    C1]  ? lapic_next_event+0x11/0x20
[  188.522404][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  188.522427][    C1]  ? do_syscall_64+0xbe/0x3b0
[  188.522442][    C1]  ? __x64_sys_perf_event_open+0x20/0xc0
[  188.522455][    C1]  do_syscall_64+0xfa/0x3b0
[  188.522471][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.522480][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  188.522495][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.522506][    C1] RIP: 0033:0x7f760ed8ebe9
[  188.522518][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.522526][    C1] RSP: 002b:00007f760fb3b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  188.522564][    C1] RAX: ffffffffffffffda RBX: 00007f760efb5fa0 RCX: 00007f760ed8ebe9
[  188.522571][    C1] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000100
[  188.522578][    C1] RBP: 00007f760ee11e19 R08: 0000000000000000 R09: 0000000000000000
[  188.522585][    C1] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  188.522591][    C1] R13: 00007f760efb6038 R14: 00007f760efb5fa0 R15: 00007ffc63e86608
[  188.522609][    C1]  </TASK>
[  188.870200][    C1] sched: DL replenish lagged too much
[  190.559788][ T6739] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  190.678825][ T5235] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  190.729329][ T5235] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  190.901087][ T6743] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  190.905816][ T6743] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  190.908946][ T6743] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  190.922480][ T6743] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  190.926269][ T6743] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  190.950369][ T6743] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  191.000017][ T6743] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  191.209201][ T6734] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  191.217298][ T6734] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  191.229934][ T6734] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  191.234061][ T6734] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  191.237769][ T6734] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2

VM DIAGNOSIS:
05:15:57  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffffff8185092f RCX=33f902faf56b3d00 RDX=0000000000000001
RSI=ffffffff8da07714 RDI=ffffffff8be33300 RBP=ffffc90000127b50 RSP=ffffc90000127a28
R8 =ffff8881251f160f R9 =1ffff11024a3e2c1 R10=dffffc0000000000 R11=ffffed1024a3e2c2
R12=ffff8881251f1608 R13=0000000000000006 R14=ffff88804b023d08 R15=ffff8881251f1600
RIP=ffffffff8b793a24 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffd5c251fdc CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000ff0000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000069 RBX=0000000000000069 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900001dedd0
R8 =ffff88801f580237 R9 =1ffff11003eb0046 R10=dffffc0000000000 R11=ffffffff854ef730
R12=dffffc0000000000 R13=ffffffff99af98f5 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854ef7ac RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f760fb3b6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000100000000 CR3=00000001100ce000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=00000000000f0602
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f760ef87498 00007f760ef87470 XMM03=00007f760ef874a8 00007f760ef874a0
XMM04=00007f760faed100 00007f760ef87460 XMM05=00007f760ef87478 00007f760ef874c0
XMM06=00007f760ef874b8 00007f760ef874b0 XMM07=00007f760ef874a8 00007f760ef874a0
XMM08=0000000000000000 00007f760ee12ee7 XMM09=0000000000000000 00007f760ee12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
