last executing test programs:

7.097949377s ago: executing program 0 (id=212):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8)
listen(r0, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000540), &(0x7f0000000580)=0x4)

7.097660043s ago: executing program 0 (id=214):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

7.039879355s ago: executing program 0 (id=216):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)

7.039247615s ago: executing program 0 (id=217):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000002a80)=[{&(0x7f0000000a00)="1b", 0x1}], 0x1)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
write$cgroup_pid(r4, &(0x7f0000000000), 0xffffff98)
splice(r0, 0x0, r4, 0x0, 0x80, 0x6)
write(r2, 0x0, 0x0)

6.800632429s ago: executing program 0 (id=221):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000040)={r1, @in6={{0xa, 0x4e21, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}}}, &(0x7f0000000140)=0x84)

980.501417ms ago: executing program 1 (id=307):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}, @TCA_CAKE_FWMARK={0x8}]}}]}, 0x44}}, 0x0)

980.192757ms ago: executing program 1 (id=309):
r0 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x90, [], 0x2, 0x0, 0x0}, &(0x7f0000005480)=0x108)

930.749747ms ago: executing program 1 (id=311):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)

817.959181ms ago: executing program 1 (id=315):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000005c0)={&(0x7f0000000400)={0x2, 0x0, @multicast2}, 0x10, 0x0}, 0x0)

817.848686ms ago: executing program 1 (id=316):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x80, 0x10, 0x5, 0x0, 0x3, 0x0, 0x2, 0x3000}, [@RTA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x17}}]}, 0x24}}, 0x0)

759.438569ms ago: executing program 1 (id=317):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000008c0)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000a0000000000006f0000000005001b003a000000080003"], 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, 0x0, 0x40800)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400000008000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000008500", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@RTM_NEWMDB={0x17, 0x55, 0x1e5, 0x7, 0xffffffff, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@in6_addr=@private1, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48c0}, 0x40004c0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b000000"], 0x4c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x1}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r2}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0xfc, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0x8000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)

431.368929ms ago: executing program 2 (id=322):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_LOG_GROUP={0x6, 0x1, 0x1, 0x0, 0xfff3}, @NFTA_LOG_LEVEL={0x8, 0x5, 0x1, 0x0, 0xfffffffd}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

381.105854ms ago: executing program 2 (id=323):
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth1_virt_wifi\x00', <r1=>0x0})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000004c0)=0x6b22, 0x4)
bind$packet(r0, &(0x7f00000003c0)={0x11, 0x2, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendto$packet(r0, &(0x7f0000000380)="bb53a9459f285101010000853e6c", 0xe, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=""/220, 0xdc}, 0x7}], 0x1, 0x2040, 0x0)

380.859088ms ago: executing program 2 (id=324):
socket$inet(0xa, 0x801, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r1, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c0000"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
splice(r1, 0x0, r0, 0x0, 0x30fea7, 0xa)

368.507759ms ago: executing program 0 (id=221):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000040)={r1, @in6={{0xa, 0x4e21, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}}}, &(0x7f0000000140)=0x84)

187.723844ms ago: executing program 2 (id=325):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
r0 = socket$pptp(0x18, 0x1, 0x2)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000180))

81.645208ms ago: executing program 2 (id=326):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000054}, 0x44)

0s ago: executing program 2 (id=327):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:16499' (ED25519) to the list of known hosts.
syzkaller login: [   41.661999][ T5804] cgroup: Unknown subsys name 'net'
[   41.747585][ T5804] cgroup: Unknown subsys name 'cpuset'
[   41.754323][ T5804] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   43.122513][ T5804] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.437387][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.444652][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.447090][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   46.449870][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.452219][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.455553][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.459111][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.461378][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.465418][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.468083][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.470697][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.477340][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   46.486478][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   46.492039][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.495510][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.688647][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   46.744275][ T5832] chnl_net:caif_netlink_parms(): no params data found
[   46.789985][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.792680][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.795857][ T5833] bridge_slave_0: entered allmulticast mode
[   46.798539][ T5833] bridge_slave_0: entered promiscuous mode
[   46.815102][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.817383][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.819773][ T5833] bridge_slave_1: entered allmulticast mode
[   46.822434][ T5833] bridge_slave_1: entered promiscuous mode
[   46.827666][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   46.870125][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.891125][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.905256][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.908273][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.911157][ T5832] bridge_slave_0: entered allmulticast mode
[   46.915337][ T5832] bridge_slave_0: entered promiscuous mode
[   46.928235][ T5833] team0: Port device team_slave_0 added
[   46.940776][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.943995][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.946915][ T5832] bridge_slave_1: entered allmulticast mode
[   46.950504][ T5832] bridge_slave_1: entered promiscuous mode
[   46.954732][ T5833] team0: Port device team_slave_1 added
[   46.973326][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.975578][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.977798][ T5828] bridge_slave_0: entered allmulticast mode
[   46.980357][ T5828] bridge_slave_0: entered promiscuous mode
[   47.001820][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.005549][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.007934][ T5828] bridge_slave_1: entered allmulticast mode
[   47.010566][ T5828] bridge_slave_1: entered promiscuous mode
[   47.028952][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.041473][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.045632][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.047828][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.056206][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.062161][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.066607][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.069866][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.072070][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.081096][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.110846][ T5828] team0: Port device team_slave_0 added
[   47.122514][ T5832] team0: Port device team_slave_0 added
[   47.126259][ T5832] team0: Port device team_slave_1 added
[   47.129106][ T5828] team0: Port device team_slave_1 added
[   47.169150][ T5833] hsr_slave_0: entered promiscuous mode
[   47.171482][ T5833] hsr_slave_1: entered promiscuous mode
[   47.181519][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.183984][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.192900][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.197586][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.199903][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.208470][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.212438][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.215170][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.224823][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.242847][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.245470][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.253891][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.296648][ T5832] hsr_slave_0: entered promiscuous mode
[   47.299081][ T5832] hsr_slave_1: entered promiscuous mode
[   47.301256][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.304842][ T5832] Cannot create hsr debugfs directory
[   47.351882][ T5828] hsr_slave_0: entered promiscuous mode
[   47.355109][ T5828] hsr_slave_1: entered promiscuous mode
[   47.357224][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.359684][ T5828] Cannot create hsr debugfs directory
[   47.470023][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.487627][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.496980][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.510594][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.546063][ T5832] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.555831][ T5832] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.565631][ T5832] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.570198][ T5832] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.585454][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.587960][ T5833] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.590855][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.593285][ T5833] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.615774][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.639061][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.644238][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.650681][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.674347][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.677356][ T5832] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.679833][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.682143][ T5832] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.700212][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.704012][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.708777][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.711467][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.752322][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.774589][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.789306][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   47.795336][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   47.799698][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.802108][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.812435][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.814859][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.818702][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.821046][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.838014][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.840399][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.857860][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.887721][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[   47.900818][ T3922] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.903054][ T3922] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.928860][ T5832] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   47.932260][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.946590][ T3922] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.949091][ T3922] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.004009][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.039096][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.046885][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.060468][ T5828] veth0_vlan: entered promiscuous mode
[   48.074849][ T5828] veth1_vlan: entered promiscuous mode
[   48.105924][ T5833] veth0_vlan: entered promiscuous mode
[   48.119897][ T5832] veth0_vlan: entered promiscuous mode
[   48.128323][ T5828] veth0_macvtap: entered promiscuous mode
[   48.133041][ T5833] veth1_vlan: entered promiscuous mode
[   48.138936][ T5832] veth1_vlan: entered promiscuous mode
[   48.141982][ T5828] veth1_macvtap: entered promiscuous mode
[   48.162634][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.175841][ T5832] veth0_macvtap: entered promiscuous mode
[   48.179022][ T5833] veth0_macvtap: entered promiscuous mode
[   48.184668][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.189679][ T5832] veth1_macvtap: entered promiscuous mode
[   48.193305][ T5833] veth1_macvtap: entered promiscuous mode
[   48.197745][ T5828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.200563][ T5828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.204183][ T5828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.206923][ T5828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.229558][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.234852][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.244312][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.263886][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.266708][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.269509][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.272335][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.279148][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.294835][ T5832] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.297760][ T5832] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.300893][ T5832] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.305060][ T5832] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.328545][ T4386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.331348][ T4386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.385084][ T3922] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.388025][ T3922] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.395870][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.398489][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.431815][ T3922] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.440828][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.442830][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.445938][ T3922] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.450200][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.477684][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.480295][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.494667][ T5838] Bluetooth: hci2: command tx timeout
[   48.494673][ T5830] Bluetooth: hci0: command tx timeout
[   48.560046][ T5901] netlink: 'syz.2.3': attribute type 2 has an invalid length.
[   48.562616][ T5901] netlink: 'syz.2.3': attribute type 1 has an invalid length.
[   48.574869][ T5830] Bluetooth: hci1: command tx timeout
[   48.632645][ T5908] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   48.673646][ T5908] netlink: 92 bytes leftover after parsing attributes in process `syz.2.5'.
[   48.702481][ T5908] xt_hashlimit: overflow, try lower: 72057594037927936/255
[   48.800841][ T5925] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10'.
[   49.100514][ T5957] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present
[   49.114632][ T5957] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9)
[   49.157879][ T5961] warning: `syz.0.28' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   49.336533][ T5977] ip6tnl1: entered promiscuous mode
[   49.338425][ T5977] ip6tnl1: entered allmulticast mode
[   49.341372][ T5977] team0: Device ip6tnl1 is of different type
[   49.561643][ T5999] netlink: 'syz.0.48': attribute type 1 has an invalid length.
[   49.566092][ T5999] netlink: 'syz.0.48': attribute type 2 has an invalid length.
[   49.568953][ T5999] netlink: 1172 bytes leftover after parsing attributes in process `syz.0.48'.
[   49.644860][ T6005] tun0: tun_chr_ioctl cmd 1074025675
[   49.646625][ T6005] tun0: persist enabled
[   49.648147][ T6005] tun0: tun_chr_ioctl cmd 1074025675
[   49.649987][ T6005] tun0: persist enabled
[   49.828184][ T6023] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) !
[   50.577135][ T5830] Bluetooth: hci2: command tx timeout
[   50.577176][ T5838] Bluetooth: hci0: command tx timeout
[   50.599267][ T6075] netlink: 20 bytes leftover after parsing attributes in process `syz.2.84'.
[   50.654190][ T5838] Bluetooth: hci1: command tx timeout
[   51.212340][ T6112] netlink: 12 bytes leftover after parsing attributes in process `syz.1.100'.
[   51.521106][ T6137] syz.2.112 (6137) used obsolete PPPIOCDETACH ioctl
[   51.894958][ T6166] syz.0.125 uses obsolete (PF_INET,SOCK_PACKET)
[   51.965928][ T6175] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   51.995046][ T6178] netlink: 4 bytes leftover after parsing attributes in process `syz.2.131'.
[   52.027308][ T6178] 8021q: adding VLAN 0 to HW filter on device team1
[   52.029803][ T6178] Zero length message leads to an empty skb
[   52.087830][ T6189] IPv6: sit1: Disabled Multicast RS
[   52.114534][ T6191] netlink: 'syz.0.137': attribute type 3 has an invalid length.
[   52.247303][ T6207] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   52.318464][ T6217] netlink: 8 bytes leftover after parsing attributes in process `syz.1.149'.
[   52.326565][ T6218] netlink: 24 bytes leftover after parsing attributes in process `syz.0.150'.
[   52.653501][ T5838] Bluetooth: hci0: command tx timeout
[   52.655396][ T5838] Bluetooth: hci2: command tx timeout
[   52.733816][ T5830] Bluetooth: hci1: command tx timeout
[   54.084963][ T6330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.195'.
[   54.088741][ T6330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.195'.
[   54.092265][ T6330] netlink: 'syz.1.195': attribute type 4 has an invalid length.
[   54.271410][ T6343] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   54.276370][ T6343] Cannot find set identified by id 0 to match
[   54.379944][ T6354] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   54.694546][ T6382] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   54.697545][ T6382] batadv_slave_0: entered promiscuous mode
[   54.699514][ T6382] batadv_slave_0: entered allmulticast mode
[   54.733465][ T5830] Bluetooth: hci2: command tx timeout
[   54.813684][ T5830] Bluetooth: hci1: command tx timeout
[   54.850852][ T5700] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.921768][ T5700] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.004922][ T5700] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.065665][ T5700] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.118214][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   55.123820][ T6397] Cannot find del_set index 0 as target
[   55.125680][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   55.129741][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   55.136042][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   55.144349][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   55.189170][ T5700] bridge_slave_1: left allmulticast mode
[   55.191097][ T5700] bridge_slave_1: left promiscuous mode
[   55.193720][ T5700] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.199394][ T5700] bridge_slave_0: left allmulticast mode
[   55.201223][ T5700] bridge_slave_0: left promiscuous mode
[   55.203006][ T5700] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.459517][ T5700] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   55.464586][ T5700] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   55.468483][ T5700] bond0 (unregistering): Released all slaves
[   55.687395][ T6395] chnl_net:caif_netlink_parms(): no params data found
[   55.751876][ T6428] netlink: 'syz.2.230': attribute type 83 has an invalid length.
[   55.757967][ T5700] hsr_slave_0: left promiscuous mode
[   55.761947][ T5700] hsr_slave_1: left promiscuous mode
[   55.764876][ T5700] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.767226][ T5700] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.771527][ T5700] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.775644][ T5700] batman_adv: batadv0: Removing interface: batadv_slave_1
[   55.796906][ T5700] veth1_macvtap: left promiscuous mode
[   55.798786][ T5700] veth0_macvtap: left promiscuous mode
[   55.800796][ T5700] veth1_vlan: left promiscuous mode
[   55.802663][ T5700] veth0_vlan: left promiscuous mode
[   56.270131][ T5700] team0 (unregistering): Port device team_slave_1 removed
[   56.287175][ T5700] team0 (unregistering): Port device team_slave_0 removed
[   56.534660][ T6395] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.543911][ T6395] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.549226][ T6395] bridge_slave_0: entered allmulticast mode
[   56.554525][ T6395] bridge_slave_0: entered promiscuous mode
[   56.586814][ T6395] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.589465][ T6395] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.591987][ T6395] bridge_slave_1: entered allmulticast mode
[   56.615266][ T6395] bridge_slave_1: entered promiscuous mode
[   56.697531][ T6456] netlink: 'syz.1.241': attribute type 2 has an invalid length.
[   56.702521][ T6395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.721653][ T6395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.754948][ T6461] xt_HMARK: spi-set and port-set can't be combined
[   56.799021][ T6395] team0: Port device team_slave_0 added
[   56.806924][ T6395] team0: Port device team_slave_1 added
[   56.873269][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.876206][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.886494][ T6395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.905348][ T6472] netlink: 'syz.2.246': attribute type 2 has an invalid length.
[   56.910175][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.919952][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.934440][ T6395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.999405][ T6395] hsr_slave_0: entered promiscuous mode
[   57.001828][ T6395] hsr_slave_1: entered promiscuous mode
[   57.010471][ T6395] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   57.015029][ T6395] Cannot create hsr debugfs directory
[   57.015204][ T6482] ieee802154 phy0 wpan0: encryption failed: -22
[   57.213212][ T5838] Bluetooth: hci0: command tx timeout
[   57.623021][ T6514] xt_CT: No such helper "pptp"
[   57.689354][ T6523] netlink: 240 bytes leftover after parsing attributes in process `syz.1.263'.
[   57.877162][ T6542] netlink: 8 bytes leftover after parsing attributes in process `syz.2.269'.
[   57.908905][ T6542] syzkaller0: entered promiscuous mode
[   57.910669][ T6542] syzkaller0: entered allmulticast mode
[   58.526443][ T6395] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   58.535152][ T6395] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   58.556019][ T6395] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   58.571906][ T6395] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   58.652850][ T6565] netlink: 'syz.1.276': attribute type 1 has an invalid length.
[   58.657743][ T6565] netlink: 36 bytes leftover after parsing attributes in process `syz.1.276'.
[   58.696668][ T6395] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.710727][ T6395] 8021q: adding VLAN 0 to HW filter on device team0
[   58.734631][ T4367] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.736948][ T4367] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.745023][ T4367] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.747230][ T4367] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.800871][ T6395] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   58.950631][ T6395] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.990019][ T6395] veth0_vlan: entered promiscuous mode
[   58.996746][ T6395] veth1_vlan: entered promiscuous mode
[   59.023821][ T6395] veth0_macvtap: entered promiscuous mode
[   59.027325][ T6395] veth1_macvtap: entered promiscuous mode
[   59.041446][ T6602] netlink: 'syz.2.284': attribute type 13 has an invalid length.
[   59.053637][ T6602] netlink: 'syz.2.284': attribute type 17 has an invalid length.
[   59.055483][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.111643][ T6606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   59.143371][ T6602] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   59.156420][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.167737][ T6395] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.170722][ T6395] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.174776][ T6395] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.178498][ T6395] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.256669][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.259210][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.279085][ T4367] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.281674][ T4367] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.293875][ T5838] Bluetooth: hci0: command tx timeout
[   59.815646][ T6596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   60.392791][ T6640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.295'.
[   60.526955][ T6652] netlink: 72 bytes leftover after parsing attributes in process `syz.1.301'.
[   60.529791][ T6652] netlink: 8 bytes leftover after parsing attributes in process `syz.1.301'.
[   60.748278][ T6672] netlink: 44 bytes leftover after parsing attributes in process `syz.1.311'.
[   61.315752][ T6700] netlink: 28 bytes leftover after parsing attributes in process `syz.2.324'.
[   61.318522][ T6700] openvswitch: netlink: Flow key attr not present in new flow.
[   61.365062][ T5861] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.624298][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.640266][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.644191][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.648081][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.650776][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.665929][ T6709] netlink: 'syz.2.327': attribute type 10 has an invalid length.
[   61.689758][ T6709] team0: Port device dummy0 added
[   61.694387][ T6709] netlink: 'syz.2.327': attribute type 10 has an invalid length.
[   61.704784][ T6709] 
[   61.705611][ T6709] ======================================================
[   61.707823][ T6709] WARNING: possible circular locking dependency detected
[   61.710008][ T6709] 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 Not tainted
[   61.713210][ T6709] ------------------------------------------------------
[   61.715432][ T6709] syz.2.327/6709 is trying to acquire lock:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   61.717290][ T6709] ffff888027588e00 (team->team_lock_key){+.+.}-{4:4}, at: team_device_event+0x182/0xa20
[   61.720489][ T6709] 
[   61.720489][ T6709] but task is already holding lock:
[   61.722842][ T6709] ffff88802e934d30 (&dev_instance_lock_key#3){+.+.}-{4:4}, at: do_setlink+0x388/0x41c0
[   61.725958][ T6709] 
[   61.725958][ T6709] which lock already depends on the new lock.
[   61.725958][ T6709] 
[   61.729228][ T6709] 
[   61.729228][ T6709] the existing dependency chain (in reverse order) is:
[   61.732069][ T6709] 
[   61.732069][ T6709] -> #1 (&dev_instance_lock_key#3){+.+.}-{4:4}:
[   61.734744][ T6709]        lock_acquire+0x120/0x360
[   61.736385][ T6709]        __mutex_lock+0x182/0xe80
[   61.737976][ T6709]        dev_set_mtu+0x10e/0x260
[   61.739590][ T6709]        team_add_slave+0x8b8/0x2840
[   61.741229][ T6709]        do_set_master+0x533/0x6d0
[   61.742835][ T6709]        do_setlink+0xcf0/0x41c0
[   61.744411][ T6709]        rtnl_newlink+0x160b/0x1c70
[   61.746054][ T6709]        rtnetlink_rcv_msg+0x7cf/0xb70
[   61.747921][ T6709]        netlink_rcv_skb+0x208/0x470
[   61.749617][ T6709]        netlink_unicast+0x75b/0x8d0
[   61.751301][ T6709]        netlink_sendmsg+0x805/0xb30
[   61.753009][ T6709]        __sock_sendmsg+0x21c/0x270
[   61.754788][ T6709]        ____sys_sendmsg+0x505/0x830
[   61.756509][ T6709]        ___sys_sendmsg+0x21f/0x2a0
[   61.758203][ T6709]        __x64_sys_sendmsg+0x19b/0x260
[   61.759986][ T6709]        do_syscall_64+0xfa/0x3b0
[   61.761613][ T6709]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.763675][ T6709] 
[   61.763675][ T6709] -> #0 (team->team_lock_key){+.+.}-{4:4}:
[   61.766198][ T6709]        validate_chain+0xb9b/0x2140
[   61.767925][ T6709]        __lock_acquire+0xab9/0xd20
[   61.769591][ T6709]        lock_acquire+0x120/0x360
[   61.771154][ T6709]        __mutex_lock+0x182/0xe80
[   61.772731][ T6709]        team_device_event+0x182/0xa20
[   61.774450][ T6709]        notifier_call_chain+0x1b6/0x3e0
[   61.776254][ T6709]        __dev_notify_flags+0x18d/0x2e0
[   61.778005][ T6709]        netif_change_flags+0xe8/0x1a0
[   61.779787][ T6709]        do_setlink+0xc55/0x41c0
[   61.781368][ T6709]        rtnl_newlink+0x160b/0x1c70
[   61.783085][ T6709]        rtnetlink_rcv_msg+0x7cf/0xb70
[   61.784834][ T6709]        netlink_rcv_skb+0x208/0x470
[   61.786546][ T6709]        netlink_unicast+0x75b/0x8d0
[   61.788264][ T6709]        netlink_sendmsg+0x805/0xb30
[   61.789964][ T6709]        __sock_sendmsg+0x21c/0x270
[   61.791637][ T6709]        ____sys_sendmsg+0x505/0x830
[   61.793399][ T6709]        ___sys_sendmsg+0x21f/0x2a0
[   61.795128][ T6709]        __x64_sys_sendmsg+0x19b/0x260
[   61.796904][ T6709]        do_syscall_64+0xfa/0x3b0
[   61.798516][ T6709]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.800605][ T6709] 
[   61.800605][ T6709] other info that might help us debug this:
[   61.800605][ T6709] 
[   61.803916][ T6709]  Possible unsafe locking scenario:
[   61.803916][ T6709] 
[   61.806303][ T6709]        CPU0                    CPU1
[   61.808050][ T6709]        ----                    ----
[   61.809810][ T6709]   lock(&dev_instance_lock_key#3);
[   61.811517][ T6709]                                lock(team->team_lock_key);
[   61.813870][ T6709]                                lock(&dev_instance_lock_key#3);
[   61.816399][ T6709]   lock(team->team_lock_key);
[   61.817978][ T6709] 
[   61.817978][ T6709]  *** DEADLOCK ***
[   61.817978][ T6709] 
[   61.820573][ T6709] 2 locks held by syz.2.327/6709:
[   61.822187][ T6709]  #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[   61.825034][ T6709]  #1: ffff88802e934d30 (&dev_instance_lock_key#3){+.+.}-{4:4}, at: do_setlink+0x388/0x41c0
[   61.828209][ T6709] 
[   61.828209][ T6709] stack backtrace:
[   61.830038][ T6709] CPU: 0 UID: 0 PID: 6709 Comm: syz.2.327 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   61.830048][ T6709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   61.830053][ T6709] Call Trace:
[   61.830058][ T6709]  <TASK>
[   61.830061][ T6709]  dump_stack_lvl+0x189/0x250
[   61.830072][ T6709]  ? __pfx_dump_stack_lvl+0x10/0x10
[   61.830080][ T6709]  ? __pfx__printk+0x10/0x10
[   61.830092][ T6709]  ? print_lock_name+0xde/0x100
[   61.830102][ T6709]  print_circular_bug+0x2ee/0x310
[   61.830113][ T6709]  check_noncircular+0x134/0x160
[   61.830124][ T6709]  validate_chain+0xb9b/0x2140
[   61.830134][ T6709]  ? __lock_acquire+0xab9/0xd20
[   61.830143][ T6709]  __lock_acquire+0xab9/0xd20
[   61.830152][ T6709]  ? team_device_event+0x182/0xa20
[   61.830161][ T6709]  lock_acquire+0x120/0x360
[   61.830168][ T6709]  ? team_device_event+0x182/0xa20
[   61.830178][ T6709]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[   61.830189][ T6709]  __mutex_lock+0x182/0xe80
[   61.830196][ T6709]  ? team_device_event+0x182/0xa20
[   61.830207][ T6709]  ? __try_to_del_timer_sync+0x34a/0x3a0
[   61.830217][ T6709]  ? team_device_event+0x182/0xa20
[   61.830226][ T6709]  ? __pfx___mutex_lock+0x10/0x10
[   61.830233][ T6709]  ? __timer_delete_sync+0x218/0x2d0
[   61.830250][ T6709]  team_device_event+0x182/0xa20
[   61.830261][ T6709]  notifier_call_chain+0x1b6/0x3e0
[   61.830271][ T6709]  __dev_notify_flags+0x18d/0x2e0
[   61.830280][ T6709]  ? __pfx___dev_notify_flags+0x10/0x10
[   61.830288][ T6709]  ? __dev_change_flags+0x4cc/0x6d0
[   61.830298][ T6709]  ? __pfx___dev_change_flags+0x10/0x10
[   61.830309][ T6709]  netif_change_flags+0xe8/0x1a0
[   61.830319][ T6709]  do_setlink+0xc55/0x41c0
[   61.830329][ T6709]  ? trace_sched_exit_tp+0x38/0x120
[   61.830338][ T6709]  ? __pfx_do_setlink+0x10/0x10
[   61.830347][ T6709]  ? __lock_acquire+0xab9/0xd20
[   61.830355][ T6709]  ? do_raw_spin_lock+0x121/0x290
[   61.830366][ T6709]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[   61.830376][ T6709]  ? lockdep_hardirqs_on+0x9c/0x150
[   61.830382][ T6709]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   61.830391][ T6709]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   61.830402][ T6709]  ? rcu_is_watching+0x15/0xb0
[   61.830410][ T6709]  ? __mutex_lock+0xa6d/0xe80
[   61.830417][ T6709]  ? __mutex_lock+0x51b/0xe80
[   61.830424][ T6709]  ? rtnl_newlink+0x8db/0x1c70
[   61.830431][ T6709]  ? __pfx___mutex_lock+0x10/0x10
[   61.830439][ T6709]  ? ns_capable+0x8a/0xf0
[   61.830446][ T6709]  ? rtnl_link_get_net_capable+0x16a/0x350
[   61.830455][ T6709]  rtnl_newlink+0x160b/0x1c70
[   61.830463][ T6709]  ? netlink_sendmsg+0x805/0xb30
[   61.830473][ T6709]  ? __pfx_rtnl_newlink+0x10/0x10
[   61.830483][ T6709]  ? kasan_quarantine_put+0xdd/0x220
[   61.830491][ T6709]  ? lockdep_hardirqs_on+0x9c/0x150
[   61.830498][ T6709]  ? nlmon_xmit+0xb0/0x100
[   61.830505][ T6709]  ? kmem_cache_free+0x18f/0x400
[   61.830514][ T6709]  ? __local_bh_enable_ip+0x12d/0x1c0
[   61.830547][ T6709]  ? lockdep_hardirqs_on+0x9c/0x150
[   61.830554][ T6709]  ? __local_bh_enable_ip+0x12d/0x1c0
[   61.830561][ T6709]  ? __pfx___local_bh_enable_ip+0x10/0x10
[   61.830569][ T6709]  ? __dev_queue_xmit+0x27e/0x3a70
[   61.830582][ T6709]  ? __lock_acquire+0xab9/0xd20
[   61.830594][ T6709]  ? __pfx_rtnl_newlink+0x10/0x10
[   61.830602][ T6709]  rtnetlink_rcv_msg+0x7cf/0xb70
[   61.830611][ T6709]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   61.830618][ T6709]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   61.830625][ T6709]  ? ref_tracker_free+0x63a/0x7d0
[   61.830632][ T6709]  ? __copy_skb_header+0xa7/0x550
[   61.830643][ T6709]  ? __pfx_ref_tracker_free+0x10/0x10
[   61.830649][ T6709]  ? __skb_clone+0x63/0x7a0
[   61.830659][ T6709]  netlink_rcv_skb+0x208/0x470
[   61.830669][ T6709]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   61.830677][ T6709]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   61.830686][ T6709]  ? netlink_deliver_tap+0x2e/0x1b0
[   61.830694][ T6709]  ? netlink_deliver_tap+0x2e/0x1b0
[   61.830702][ T6709]  netlink_unicast+0x75b/0x8d0
[   61.830711][ T6709]  netlink_sendmsg+0x805/0xb30
[   61.830721][ T6709]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.830730][ T6709]  ? aa_sock_msg_perm+0x94/0x160
[   61.830740][ T6709]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   61.830747][ T6709]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.830755][ T6709]  __sock_sendmsg+0x21c/0x270
[   61.830763][ T6709]  ____sys_sendmsg+0x505/0x830
[   61.830772][ T6709]  ? __pfx_____sys_sendmsg+0x10/0x10
[   61.830782][ T6709]  ? import_iovec+0x74/0xa0
[   61.830791][ T6709]  ___sys_sendmsg+0x21f/0x2a0
[   61.830800][ T6709]  ? __pfx____sys_sendmsg+0x10/0x10
[   61.830814][ T6709]  ? __fget_files+0x2a/0x420
[   61.830824][ T6709]  ? __fget_files+0x3a0/0x420
[   61.830834][ T6709]  __x64_sys_sendmsg+0x19b/0x260
[   61.830843][ T6709]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   61.830854][ T6709]  ? rcu_is_watching+0x15/0xb0
[   61.830862][ T6709]  ? do_syscall_64+0xbe/0x3b0
[   61.830870][ T6709]  do_syscall_64+0xfa/0x3b0
[   61.830876][ T6709]  ? lockdep_hardirqs_on+0x9c/0x150
[   61.830882][ T6709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.830889][ T6709]  ? exc_page_fault+0x9f/0xf0
[   61.830899][ T6709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.830905][ T6709] RIP: 0033:0x7f587ef8e929
[   61.830914][ T6709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.830920][ T6709] RSP: 002b:00007f587fec7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.830927][ T6709] RAX: ffffffffffffffda RBX: 00007f587f1b5fa0 RCX: 00007f587ef8e929
[   61.830933][ T6709] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[   61.830937][ T6709] RBP: 00007f587f010b39 R08: 0000000000000000 R09: 0000000000000000
[   61.830942][ T6709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   61.830946][ T6709] R13: 0000000000000000 R14: 00007f587f1b5fa0 R15: 00007ffdc13da0e8
[   61.830954][ T6709]  </TASK>
[   62.134645][ T6709] team0: Port device dummy0 removed
[   62.137850][ T6709] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   62.393573][ T6684] Set syz1 is full, maxelem 65536 reached
[   63.147026][ T5861] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.187791][ T5861] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.238602][ T5861] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.323178][ T5861] bridge_slave_1: left allmulticast mode
[   63.325051][ T5861] bridge_slave_1: left promiscuous mode
[   63.326837][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.330179][ T5861] bridge_slave_0: left allmulticast mode
[   63.332366][ T5861] bridge_slave_0: left promiscuous mode
[   63.334965][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.394549][ T5861] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   63.399636][ T5861] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   63.404445][ T5861] bond0 (unregistering): Released all slaves
[   63.597193][ T5861] hsr_slave_0: left promiscuous mode
[   63.599172][ T5861] hsr_slave_1: left promiscuous mode
[   63.601044][ T5861] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   63.603830][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_0
[   63.606483][ T5861] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   63.608867][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_1
[   63.612621][ T5861] veth1_macvtap: left promiscuous mode
[   63.614789][ T5861] veth0_macvtap: left promiscuous mode
[   63.616604][ T5861] veth1_vlan: left promiscuous mode
[   63.618278][ T5861] veth0_vlan: left promiscuous mode
[   63.687451][ T5861] team0 (unregistering): Port device team_slave_1 removed
[   63.698219][ T5861] team0 (unregistering): Port device team_slave_0 removed
[   63.991432][ T5861] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.026371][ T5861] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.071197][ T5861] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.120934][ T5861] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.192548][ T5861] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.229785][ T5861] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.266448][ T5861] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.296782][ T5861] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.342317][ T5861] bridge_slave_1: left allmulticast mode
[   64.345627][ T5861] bridge_slave_1: left promiscuous mode
[   64.347460][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.351034][ T5861] bridge_slave_0: left allmulticast mode
[   64.352918][ T5861] bridge_slave_0: left promiscuous mode
[   64.355398][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.359066][ T5861] bridge_slave_1: left allmulticast mode
[   64.360899][ T5861] bridge_slave_1: left promiscuous mode
[   64.362703][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.365855][ T5861] bridge_slave_0: left allmulticast mode
[   64.367751][ T5861] bridge_slave_0: left promiscuous mode
[   64.369554][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.496245][ T5861] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   64.500223][ T5861] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   64.503455][ T5861] bond0 (unregistering): Released all slaves
[   64.618851][ T5861] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   64.622293][ T5861] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   64.626678][ T5861] bond0 (unregistering): (slave dummy0): Releasing backup interface
[   64.629748][ T5861] bond0 (unregistering): Released all slaves
[   64.908399][ T5861] hsr_slave_0: left promiscuous mode
[   64.910748][ T5861] hsr_slave_1: left promiscuous mode
[   64.912648][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_0
[   64.916858][ T5861] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   64.919371][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_1
[   64.924726][ T5861] hsr_slave_0: left promiscuous mode
[   64.926708][ T5861] hsr_slave_1: left promiscuous mode
[   64.928614][ T5861] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   64.931178][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_0
[   64.934013][ T5861] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   64.936622][ T5861] batman_adv: batadv0: Removing interface: batadv_slave_1
[   64.943034][ T5861] veth1_macvtap: left promiscuous mode
[   64.946024][ T5861] veth0_macvtap: left promiscuous mode
[   64.948343][ T5861] veth1_macvtap: left promiscuous mode
[   64.950188][ T5861] veth0_macvtap: left promiscuous mode
[   64.951987][ T5861] veth1_vlan: left promiscuous mode
[   64.953741][ T5861] veth0_vlan: left promiscuous mode
[   65.044644][ T5861] team0 (unregistering): Port device team_slave_1 removed
[   65.052984][ T5861] team0 (unregistering): Port device team_slave_0 removed
[   65.157990][ T5861] team0 (unregistering): Port device team_slave_1 removed
[   65.169853][ T5861] team0 (unregistering): Port device team_slave_0 removed
[   70.814588][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[   70.817118][ T1360] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
13:47:39  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000007a RBX=000000000000007a RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000002d6c RDI=0000000000002d6d RBP=00000000000003f8 RSP=ffffc90007165f10
R8 =ffff888107b58237 R9 =1ffff11020f6b046 R10=dffffc0000000000 R11=ffffffff85475610
R12=dffffc0000000000 R13=ffffffff99af78e5 R14=ffffffff99dfc760 R15=0000000000000000
RIP=ffffffff8547568c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f587fec76c0 ffffffff 00c00000
GS =0000 ffff8880b861d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f587fec6fc8 CR3=0000000110296000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f587f185478 00007f587f185450 XMM03=00007f587f185488 00007f587f185480
XMM04=00007f587fced100 00007f587f185440 XMM05=00007f587f185458 00007f587f1854a0
XMM06=00007f587f185498 00007f587f185490 XMM07=00007f587f185488 00007f587f185480
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f587f011c91
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffffff99d8f010 RCX=1ffff92000677de4 RDX=0000000000000000
RSI=ffffffff8be28fa0 RDI=ffffffff99d8f010 RBP=ffffc900033befb0 RSP=ffffc900033bef00
R8 =0000000000000001 R9 =0000000000000000 R10=dffffc0000000000 R11=fffffbfff1f43bdf
R12=dffffc0000000000 R13=ffff88802a253000 R14=ffffffff99d8f014 R15=dffffc0000000000
RIP=ffffffff819ed64d RFL=00000803 [-O----C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7034ce7d60 CR3=000000000df38000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00007f70341856a3 00007f70341856a3 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 00ff000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000ff0000 XMM05=0100100018800401 0000000806060168
XMM06=8200080018e00300 100018d0030fffff XMM07=ffffffff0418c003 02100018b0035c10
XMM08=000290031f120000 80020000000f000a XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
