last executing test programs:

3.183137385s ago: executing program 1 (id=468):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="680000000206011e00000000e6000000000000000e0003006269746d61703a697000000005000400000000000900020073797a300000000020000780050003001c0000000c000180080001c008000000050014002010000005000500020000000500010006"], 0x68}}, 0x0)

3.119381324s ago: executing program 1 (id=471):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = getpid()
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0)=r0, 0x12)
recvmmsg(0xffffffffffffffff, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
unshare(0x2a020400)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x2, 0x9}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000400, 0x2, 0x3, 0x9}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'ovf\x00', 0x38, 0x84, 0x46}, 0x2c)

2.925185783s ago: executing program 1 (id=477):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)

2.856681899s ago: executing program 1 (id=480):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
close(r4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r6, r5, 0x2, 0x6, 0x4000}, 0x10)

2.798523117s ago: executing program 1 (id=484):
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xa0028000})

2.527714752s ago: executing program 1 (id=486):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x4, 0x4, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020d90c1af8ff00000000bfa100000500000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.448555167s ago: executing program 2 (id=497):
r0 = socket(0x22, 0x2, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r1, 0x0)
getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, 0x0, 0x0)

1.34685389s ago: executing program 2 (id=498):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x8)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
syz_emit_ethernet(0x3a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x3, 0x0, 0x2, 0x5, 0x0, @private=0xa010100, @private=0xa010100, {[@timestamp_addr={0x44, 0x4, 0x4, 0x3}]}}, {{0x4e23, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="8fedcb5d070811960000000186dd6372ce22667f2c"], 0x280)

1.247178048s ago: executing program 0 (id=500):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r0, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000700)="49723b3ab53a13274c", 0x0}, 0x50)

1.188199748s ago: executing program 0 (id=501):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@mpls_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_TTL_PROPAGATE={0x5, 0x1a, 0x40}]}, 0x24}}, 0x0)

1.109498871s ago: executing program 0 (id=502):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000000)=@ethtool_cmd={0x48, 0x1, 0x4, 0x0, 0x8f, 0x80, 0x2, 0x9, 0x5, 0x50, 0x9, 0x6, 0x567, 0x1, 0x1, 0x7, [0x6, 0x80]}})

199.398105ms ago: executing program 0 (id=503):
syz_emit_ethernet(0x8a, &(0x7f0000000000)={@broadcast, @multicast, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x2, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@dev}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}]}]}}}}}}}, 0x0)

198.482204ms ago: executing program 2 (id=504):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@ldst={0x3, 0x0, 0x3, 0xa, 0xa, 0xfffffffffffffff4}]}, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)

198.318227ms ago: executing program 0 (id=505):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001300)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x3}]}, @enum, @restrict]}}, 0x0, 0x46}, 0x20)

148.871748ms ago: executing program 2 (id=506):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0x138, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private2, @in6=@private2, 0x8000, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x84}}, [@migrate={0xe8, 0x11, [{@in=@dev={0xac, 0x14, 0x14, 0xc}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0xff, 0x0, 0x0, 0x2, 0x2, 0xa}, {@in6=@loopback, @in6=@mcast1, @in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x4, 0x0, 0x3500, 0xa, 0x8}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@private2, @in=@rand_addr=0x64010102, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x2, 0x2}]}]}, 0x138}}, 0x0)

148.63417ms ago: executing program 0 (id=507):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xaf, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff43052f002000636777fbac141443e000000d62079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_emit_ethernet(0x22, &(0x7f0000000180)={@multicast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x37, 0x14, 0x67, 0x0, 0x7, 0x6, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x36)

66.412011ms ago: executing program 2 (id=508):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0x50}, @generic={0x3c, 0x8}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)

0s ago: executing program 2 (id=509):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@ptr={0xa, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x5f, 0x0, 0x0, 0x30]}}, &(0x7f0000000580)=""/140, 0x2a, 0x8c, 0x0, 0x446, 0x10000}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x20, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffcf5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000300000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0x3, 0x25, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, 0x52, 0x1, 0x0, 0x0, {0xa}, [@typed={0x5, 0x1, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x40010)
syz_genetlink_get_family_id$team(&(0x7f0000000380), r4)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000400))
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r6=>0x0})
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000100)={0x1d, r8}, 0x18)
sendmsg$can_j1939(r7, &(0x7f00000003c0)={&(0x7f0000000300)={0x1d, r6, 0x2, {0x0, 0xff}, 0x1}, 0x18, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x840}, 0x820)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, 0x0, &(0x7f0000000680))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000006c0)={'batadv_slave_0\x00'})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000700)={0x0, @multicast2, @remote}, &(0x7f0000000740)=0xc)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, 0x0, 0x48000)
r9 = socket(0x2a, 0x2, 0x0)
ioctl$SIOCSIFMTU(r9, 0x8932, &(0x7f0000000040)={'dummy0\x00'})

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:41236' (ED25519) to the list of known hosts.
syzkaller login: [   47.346828][ T5757] cgroup: Unknown subsys name 'net'
[   47.453414][ T5757] cgroup: Unknown subsys name 'cpuset'
[   47.461203][ T5757] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   48.798623][ T5757] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   56.664979][ T5861] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   59.697460][ T5215] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   59.711044][ T5876] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   59.715225][ T5876] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   59.719192][ T5874] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   59.722484][ T5874] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   59.726272][ T5874] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   59.729421][ T5874] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   59.731791][ T5874] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   59.735897][ T5874] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   59.738901][ T5874] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   59.798297][ T5876] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   59.804118][ T5876] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   59.806726][ T5876] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   59.809588][ T5876] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   59.812594][ T5876] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   60.043849][ T5873] chnl_net:caif_netlink_parms(): no params data found
[   60.077435][ T5877] chnl_net:caif_netlink_parms(): no params data found
[   60.183521][ T5870] chnl_net:caif_netlink_parms(): no params data found
[   60.208455][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.213571][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.216601][ T5873] bridge_slave_0: entered allmulticast mode
[   60.220815][ T5873] bridge_slave_0: entered promiscuous mode
[   60.238927][ T5877] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.241620][ T5877] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.244472][ T5877] bridge_slave_0: entered allmulticast mode
[   60.247894][ T5877] bridge_slave_0: entered promiscuous mode
[   60.251408][ T5877] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.253935][ T5877] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.256488][ T5877] bridge_slave_1: entered allmulticast mode
[   60.259307][ T5877] bridge_slave_1: entered promiscuous mode
[   60.262730][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.265685][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.268639][ T5873] bridge_slave_1: entered allmulticast mode
[   60.273358][ T5873] bridge_slave_1: entered promiscuous mode
[   60.332151][ T5877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.337343][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.345248][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.351288][ T5877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.391039][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.393344][ T5870] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.395554][ T5870] bridge_slave_0: entered allmulticast mode
[   60.398158][ T5870] bridge_slave_0: entered promiscuous mode
[   60.415569][ T5877] team0: Port device team_slave_0 added
[   60.421546][ T5873] team0: Port device team_slave_0 added
[   60.424458][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.427294][ T5870] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.430140][ T5870] bridge_slave_1: entered allmulticast mode
[   60.434383][ T5870] bridge_slave_1: entered promiscuous mode
[   60.448364][ T5877] team0: Port device team_slave_1 added
[   60.452383][ T5873] team0: Port device team_slave_1 added
[   60.486664][ T5870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.489989][ T5877] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.495406][ T5877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.503944][ T5877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.521392][ T5870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.524807][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.527369][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.536550][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.541757][ T5877] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.544457][ T5877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.553006][ T5877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.563561][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.565876][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.574452][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.594024][ T5870] team0: Port device team_slave_0 added
[   60.601172][ T5870] team0: Port device team_slave_1 added
[   60.663678][ T5877] hsr_slave_0: entered promiscuous mode
[   60.666686][ T5877] hsr_slave_1: entered promiscuous mode
[   60.669972][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.673424][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.682365][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.689251][ T5873] hsr_slave_0: entered promiscuous mode
[   60.692518][ T5873] hsr_slave_1: entered promiscuous mode
[   60.694880][ T5873] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.697850][ T5873] Cannot create hsr debugfs directory
[   60.701834][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.704120][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.713669][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.813344][ T5870] hsr_slave_0: entered promiscuous mode
[   60.815874][ T5870] hsr_slave_1: entered promiscuous mode
[   60.818229][ T5870] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.822373][ T5870] Cannot create hsr debugfs directory
[   61.032947][ T5877] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   61.050111][ T5877] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   61.055648][ T5877] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   61.060215][ T5877] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   61.102021][ T5873] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.113411][ T5873] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.118023][ T5873] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.123336][ T5873] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   61.198294][ T5870] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   61.205699][ T5870] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.210457][ T5870] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.220896][ T5870] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.250032][ T5877] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.285561][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.295616][ T5877] 8021q: adding VLAN 0 to HW filter on device team0
[   61.309462][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.312592][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.325671][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.328668][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.335175][ T5873] 8021q: adding VLAN 0 to HW filter on device team0
[   61.364096][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.367167][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.388810][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.391823][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.418912][ T5877] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.464371][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.473991][ T5873] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.505216][ T5870] 8021q: adding VLAN 0 to HW filter on device team0
[   61.513157][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.515869][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.535515][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.538104][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.615449][ T5877] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.694004][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.720244][ T5877] veth0_vlan: entered promiscuous mode
[   61.737429][ T5877] veth1_vlan: entered promiscuous mode
[   61.768631][ T5877] veth0_macvtap: entered promiscuous mode
[   61.782679][ T5876] Bluetooth: hci1: command tx timeout
[   61.794029][ T5877] veth1_macvtap: entered promiscuous mode
[   61.808795][ T5873] veth0_vlan: entered promiscuous mode
[   61.821591][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.827998][ T5873] veth1_vlan: entered promiscuous mode
[   61.843702][ T5877] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.861247][ T5872] Bluetooth: hci0: command tx timeout
[   61.863372][ T5877] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.863385][ T5876] Bluetooth: hci2: command tx timeout
[   61.869472][ T5877] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.874000][ T5877] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.877523][ T5877] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.881880][ T5877] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.921382][ T5873] veth0_macvtap: entered promiscuous mode
[   61.949509][ T5870] veth0_vlan: entered promiscuous mode
[   61.955163][ T5873] veth1_macvtap: entered promiscuous mode
[   61.982401][ T5870] veth1_vlan: entered promiscuous mode
[   62.005941][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.028099][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.038997][ T5873] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.039220][  T164] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.045552][ T5873] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.051616][ T5873] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.055702][  T164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.056826][ T5873] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.095497][ T5870] veth0_macvtap: entered promiscuous mode
[   62.112991][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.114941][ T5870] veth1_macvtap: entered promiscuous mode
[   62.119467][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.178121][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.180358][ T5877] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   62.200231][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.209676][ T5928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.214751][ T5928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.227508][ T5870] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.243380][ T5870] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.246973][ T5870] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.253997][ T5870] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.307913][ T5928] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.312075][ T5928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.396305][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.399408][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.441032][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.448629][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.894335][ T5970] tipc: Started in network mode
[   62.896393][ T5970] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[   62.910359][ T5970] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   63.577780][ T6013] netlink: 'syz.1.60': attribute type 1 has an invalid length.
[   63.624230][ T6015] netlink: 132 bytes leftover after parsing attributes in process `syz.0.61'.
[   63.729649][ T6018] IPVS: Scheduler module ip_vs_sip not found
[   63.861674][ T5876] Bluetooth: hci1: command tx timeout
[   63.942817][ T5876] Bluetooth: hci2: command tx timeout
[   63.945278][ T5876] Bluetooth: hci0: command tx timeout
[   64.033015][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.73'.
[   64.084892][ T6043] syz.0.74 uses obsolete (PF_INET,SOCK_PACKET)
[   64.540504][ T6079] netlink: 20 bytes leftover after parsing attributes in process `syz.0.91'.
[   64.733942][ T6091] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[   65.114842][ T6112] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   65.678583][ T6141] netlink: 788 bytes leftover after parsing attributes in process `syz.2.114'.
[   65.942134][ T5876] Bluetooth: hci1: command tx timeout
[   65.986341][ T6153] netlink: 116 bytes leftover after parsing attributes in process `syz.1.122'.
[   66.022459][ T5876] Bluetooth: hci2: command tx timeout
[   66.025005][ T5872] Bluetooth: hci0: command tx timeout
[   66.221915][ T6167] netlink: 24 bytes leftover after parsing attributes in process `syz.0.128'.
[   66.459488][ T6186] netlink: 12 bytes leftover after parsing attributes in process `syz.2.136'.
[   67.327299][ T6241] netlink: 8 bytes leftover after parsing attributes in process `syz.0.160'.
[   67.572091][ T6254] Driver unsupported XDP return value 0 on prog  (id 31) dev N/A, expect packet loss!
[   68.022568][ T5876] Bluetooth: hci1: command tx timeout
[   68.069240][ T6290] netlink: 'syz.1.182': attribute type 3 has an invalid length.
[   68.072882][ T6290] netlink: 666 bytes leftover after parsing attributes in process `syz.1.182'.
[   68.101145][ T5876] Bluetooth: hci2: command tx timeout
[   68.103912][ T5872] Bluetooth: hci0: command tx timeout
[   68.229087][ T6299] warning: `syz.2.187' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   68.978505][ T6344] netlink: 'syz.1.206': attribute type 3 has an invalid length.
[   69.782658][ T6377] syzkaller0: entered promiscuous mode
[   69.784965][ T6377] syzkaller0: entered allmulticast mode
[   69.848259][ T6385] netlink: 2 bytes leftover after parsing attributes in process `syz.1.226'.
[   70.317102][ T6411] netlink: 'syz.0.239': attribute type 1 has an invalid length.
[   70.325949][ T6411] netlink: 228 bytes leftover after parsing attributes in process `syz.0.239'.
[   70.330357][ T6411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.239'.
[   71.025795][ T6423] netlink: 7 bytes leftover after parsing attributes in process `syz.0.243'.
[   71.127692][ T6430] netlink: 60 bytes leftover after parsing attributes in process `syz.1.247'.
[   71.266653][ T6443] netlink: 'syz.1.254': attribute type 1 has an invalid length.
[   71.269250][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.254'.
[   71.391952][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[   71.394766][ T1360] ieee802154 phy1 wpan1: encryption failed: -22
[   71.429245][ T6454] netlink: 12 bytes leftover after parsing attributes in process `syz.1.258'.
[   71.633334][ T6472] netlink: 24 bytes leftover after parsing attributes in process `syz.2.268'.
[   71.636529][ T6472] netlink: 84 bytes leftover after parsing attributes in process `syz.2.268'.
[   71.876532][ T6486] netlink: 'syz.2.275': attribute type 7 has an invalid length.
[   71.900293][ T6466] infiniband syz0: set down
[   71.902976][ T6466] infiniband syz0: added ipvlan1
[   71.942510][ T6466] RDS/IB: syz0: added
[   71.944765][ T6466] smc: adding ib device syz0 with port count 1
[   71.947075][ T6466] smc:    ib device syz0 port 1 has pnetid 
[   72.137777][ T6502] xt_ecn: cannot match TCP bits for non-tcp packets
[   72.274137][ T6511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.286'.
[   72.545232][ T6466] syz.1.263 (6466) used greatest stack depth: 20320 bytes left
[   72.989295][ T6546] rdma_rxe: rxe_newlink: failed to add lo
[   73.009226][ T6546] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   73.153832][ T6564] netlink: 'syz.2.312': attribute type 1 has an invalid length.
[   73.234037][ T6569] netlink: 'syz.1.311': attribute type 13 has an invalid length.
[   73.237478][ T6569] netlink: 'syz.1.311': attribute type 17 has an invalid length.
[   73.396262][ T6569] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   73.484280][ T6563] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   73.541905][ T6563] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   73.603344][ T6569] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   75.062928][ T6632] netlink: 'syz.1.338': attribute type 11 has an invalid length.
[   75.081314][ T6632] __nla_validate_parse: 6 callbacks suppressed
[   75.081324][ T6632] netlink: 244 bytes leftover after parsing attributes in process `syz.1.338'.
[   75.224674][ T5872] Bluetooth: hci2: command 0x0405 tx timeout
[   75.244657][ T6643] netlink: 224 bytes leftover after parsing attributes in process `syz.1.343'.
[   75.268903][ T6643] netlink: 'syz.1.343': attribute type 1 has an invalid length.
[   75.297315][ T6643] 8021q: adding VLAN 0 to HW filter on device bond2
[   75.314997][ T6643] bond2: (slave gretap1): making interface the new active one
[   75.323605][ T6643] bond2: (slave gretap1): Enslaving as an active interface with an up link
[   75.369594][ T6643] syz.1.343 (6643) used greatest stack depth: 19088 bytes left
[   76.239095][ T6694] netlink: 'syz.0.368': attribute type 1 has an invalid length.
[   76.406984][ T6714] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   76.761307][ T6742] vlan2: entered allmulticast mode
[   76.767083][ T6742] dummy0: entered allmulticast mode
[   76.832521][ T6742] Zero length message leads to an empty skb
[   77.859207][ T6794] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.895332][ T6794] syzkaller0: entered promiscuous mode
[   77.899543][ T6794] syzkaller0: entered allmulticast mode
[   77.978277][ T6794] tipc: Resetting bearer <eth:syzkaller0>
[   77.993610][ T6793] tipc: Resetting bearer <eth:syzkaller0>
[   78.041833][ T6793] tipc: Disabling bearer <eth:syzkaller0>
[   78.892741][ T6818] netlink: 28 bytes leftover after parsing attributes in process `syz.2.420'.
[   79.114431][ T6854] netlink: 12 bytes leftover after parsing attributes in process `syz.0.436'.
[   79.118582][ T6854] vlan0: entered promiscuous mode
[   79.165370][ T6858] bridge0: port 3(syz_tun) entered blocking state
[   79.168108][ T6858] bridge0: port 3(syz_tun) entered disabled state
[   79.172441][ T6858] syz_tun: entered allmulticast mode
[   79.177481][ T6858] syz_tun: entered promiscuous mode
[   79.180255][ T6858] bridge0: port 3(syz_tun) entered blocking state
[   79.183240][ T6858] bridge0: port 3(syz_tun) entered forwarding state
[   79.253258][ T6862] pim6reg1: entered promiscuous mode
[   79.255072][ T6862] pim6reg1: entered allmulticast mode
[   79.360446][ T6868] netlink: 8 bytes leftover after parsing attributes in process `syz.0.443'.
[   79.415010][ T6876] netlink: 16 bytes leftover after parsing attributes in process `syz.0.446'.
[   79.418325][ T6876] netlink: 'syz.0.446': attribute type 1 has an invalid length.
[   79.643124][ T6894] netlink: 'syz.0.456': attribute type 4 has an invalid length.
[   79.645929][ T6894] netlink: 32 bytes leftover after parsing attributes in process `syz.0.456'.
[   79.843147][ T6915] netlink: 12 bytes leftover after parsing attributes in process `syz.0.467'.
[   80.006132][  T789] IPVS: starting estimator thread 0...
[   80.006663][ T6925] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   80.121426][ T6930] IPVS: using max 79 ests per chain, 189600 per kthread
[   80.529372][ T5905] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.576305][ T6960] tap0: tun_chr_ioctl cmd 1074025677
[   80.578888][ T6960] tap0: linktype set to 0
[   80.637302][ T5905] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.714338][ T5905] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.800227][ T5905] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.816685][ T6952] xt_CT: No such helper "snmp"
[   80.970277][ T5872] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.975935][ T5872] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.980396][ T5872] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.988669][ T5872] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.999511][ T5872] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   81.000260][ T5905] bridge_slave_1: left allmulticast mode
[   81.008152][ T5905] bridge_slave_1: left promiscuous mode
[   81.017876][ T5905] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.028781][ T5905] bridge_slave_0: left allmulticast mode
[   81.033718][ T5905] bridge_slave_0: left promiscuous mode
[   81.035860][ T5905] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.233462][ T5905] bond2 (unregistering): (slave gretap1): Releasing active interface
[   81.339840][ T6989] netlink: 140 bytes leftover after parsing attributes in process `syz.0.495'.
[   81.373784][ T5905] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   81.378400][ T5905] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   81.383636][ T5905] bond0 (unregistering): Released all slaves
[   81.393164][ T5905] bond1 (unregistering): Released all slaves
[   81.455488][ T5905] bond2 (unregistering): Released all slaves
[   81.465972][ T6983] netlink: 'syz.0.495': attribute type 29 has an invalid length.
[   81.486692][ T6987] netlink: 'syz.0.495': attribute type 29 has an invalid length.
[   81.632500][  T972] cfg80211: failed to load regulatory.db
[   82.935307][ T6970] chnl_net:caif_netlink_parms(): no params data found
[   83.063558][ T5876] Bluetooth: hci2: command tx timeout
[   83.079712][ T7027] syzkaller0: entered promiscuous mode
[   83.082554][ T7027] syzkaller0: entered allmulticast mode
[   83.089917][ T5905] hsr_slave_0: left promiscuous mode
[   83.093779][ T5905] hsr_slave_1: left promiscuous mode
[   83.097075][ T5905] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   83.100186][ T5905] batman_adv: batadv0: Removing interface: batadv_slave_0
[   83.104654][ T5905] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   83.107837][ T5905] batman_adv: batadv0: Removing interface: batadv_slave_1
[   83.121761][ T5905] veth1_macvtap: left promiscuous mode
[   83.124848][ T5905] veth0_macvtap: left promiscuous mode
[   83.127296][ T5905] veth1_vlan: left promiscuous mode
[   83.129705][ T5905] veth0_vlan: left promiscuous mode
[   83.274826][  T164] smc: removing ib device syz0
[   83.500994][ T5905] team0 (unregistering): Port device team_slave_1 removed
[   83.533252][ T5905] team0 (unregistering): Port device team_slave_0 removed
[   84.830719][  T789] ==================================================================
[   84.834096][  T789] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x6e/0x190
[   84.837682][  T789] Read of size 8 at addr ffff88811e4462e8 by task kworker/1:2/789
[   84.841831][  T789] 
[   84.842863][  T789] CPU: 1 UID: 0 PID: 789 Comm: kworker/1:2 Not tainted 6.16.0-rc5-syzkaller-00159-g47c84997c686-dirty #0 PREEMPT(full) 
[   84.842878][  T789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   84.842886][  T789] Workqueue: events smc_ib_port_event_work
[   84.842908][  T789] Call Trace:
[   84.842914][  T789]  <TASK>
[   84.842921][  T789]  dump_stack_lvl+0x189/0x250
[   84.842936][  T789]  ? __virt_addr_valid+0x1c8/0x5c0
[   84.842951][  T789]  ? rcu_is_watching+0x15/0xb0
[   84.842965][  T789]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.842979][  T789]  ? rcu_is_watching+0x15/0xb0
[   84.842991][  T789]  ? lock_release+0x4b/0x3e0
[   84.843003][  T789]  ? __virt_addr_valid+0x1c8/0x5c0
[   84.843018][  T789]  ? __virt_addr_valid+0x4a5/0x5c0
[   84.843060][  T789]  print_report+0xd2/0x2b0
[   84.843071][  T789]  ? __ethtool_get_link_ksettings+0x6e/0x190
[   84.843088][  T789]  kasan_report+0x118/0x150
[   84.843102][  T789]  ? __ethtool_get_link_ksettings+0x6e/0x190
[   84.843121][  T789]  __ethtool_get_link_ksettings+0x6e/0x190
[   84.843137][  T789]  ib_get_eth_speed+0x15e/0x7b0
[   84.843155][  T789]  ? __pfx_ib_get_eth_speed+0x10/0x10
[   84.843173][  T789]  ? do_raw_spin_unlock+0x4d/0x240
[   84.843190][  T789]  rxe_query_port+0x93/0x3b0
[   84.843204][  T789]  ib_query_port+0x170/0x830
[   84.843221][  T789]  smc_ib_port_event_work+0x15a/0x940
[   84.843240][  T789]  ? _raw_spin_unlock_irq+0x23/0x50
[   84.843255][  T789]  ? process_scheduled_works+0x9ef/0x17b0
[   84.843269][  T789]  ? process_scheduled_works+0x9ef/0x17b0
[   84.843280][  T789]  process_scheduled_works+0xae1/0x17b0
[   84.843301][  T789]  ? __pfx_process_scheduled_works+0x10/0x10
[   84.843317][  T789]  worker_thread+0x8a0/0xda0
[   84.843331][  T789]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   84.843349][  T789]  ? __kthread_parkme+0x7b/0x200
[   84.843365][  T789]  kthread+0x711/0x8a0
[   84.843382][  T789]  ? __pfx_worker_thread+0x10/0x10
[   84.843395][  T789]  ? __pfx_kthread+0x10/0x10
[   84.843411][  T789]  ? _raw_spin_unlock_irq+0x23/0x50
[   84.843432][  T789]  ? lockdep_hardirqs_on+0x9c/0x150
[   84.843450][  T789]  ? __pfx_kthread+0x10/0x10
[   84.843466][  T789]  ret_from_fork+0x3fc/0x770
[   84.843479][  T789]  ? __pfx_ret_from_fork+0x10/0x10
[   84.843492][  T789]  ? __switch_to_asm+0x39/0x70
[   84.843507][  T789]  ? __switch_to_asm+0x33/0x70
[   84.843520][  T789]  ? __pfx_kthread+0x10/0x10
[   84.843537][  T789]  ret_from_fork_asm+0x1a/0x30
[   84.843554][  T789]  </TASK>
[   84.843560][  T789] 
[   84.942289][  T789] Allocated by task 5877:
[   84.943844][  T789]  kasan_save_track+0x3e/0x80
[   84.945860][  T789]  __kasan_kmalloc+0x93/0xb0
[   84.947942][  T789]  __kvmalloc_node_noprof+0x30d/0x5f0
[   84.950010][  T789]  alloc_netdev_mqs+0xa6/0x11e0
[   84.951968][  T789]  rtnl_create_link+0x31f/0xd10
[   84.953673][  T789]  rtnl_newlink_create+0x25c/0xb00
[   84.955508][  T789]  rtnl_newlink+0x16d6/0x1c70
[   84.957110][  T789]  rtnetlink_rcv_msg+0x7cf/0xb70
[   84.959184][  T789]  netlink_rcv_skb+0x208/0x470
[   84.961222][  T789]  netlink_unicast+0x75c/0x8e0
[   84.963461][  T789]  netlink_sendmsg+0x805/0xb30
[   84.966086][  T789]  __sock_sendmsg+0x21c/0x270
[   84.968225][  T789]  __sys_sendto+0x3bd/0x520
[   84.970236][  T789]  __x64_sys_sendto+0xde/0x100
[   84.972315][  T789]  do_syscall_64+0xfa/0x3b0
[   84.974278][  T789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.976789][  T789] 
[   84.977879][  T789] Freed by task 5905:
[   84.979692][  T789]  kasan_save_track+0x3e/0x80
[   84.981903][  T789]  kasan_save_free_info+0x46/0x50
[   84.984165][  T789]  __kasan_slab_free+0x62/0x70
[   84.986330][  T789]  kfree+0x18e/0x440
[   84.987970][  T789]  device_release+0x9c/0x1c0
[   84.989938][  T789]  kobject_put+0x22b/0x480
[   84.991979][  T789]  netdev_run_todo+0xd2e/0xea0
[   84.994061][  T789]  default_device_exit_batch+0x81e/0x890
[   84.996651][  T789]  ops_undo_list+0x525/0x990
[   84.998989][  T789]  cleanup_net+0x4c5/0x800
[   85.000975][  T789]  process_scheduled_works+0xae1/0x17b0
[   85.003201][  T789]  worker_thread+0x8a0/0xda0
[   85.004958][  T789]  kthread+0x711/0x8a0
[   85.006413][  T789]  ret_from_fork+0x3fc/0x770
[   85.008067][  T789]  ret_from_fork_asm+0x1a/0x30
[   85.009717][  T789] 
[   85.010694][  T789] The buggy address belongs to the object at ffff88811e446000
[   85.010694][  T789]  which belongs to the cache kmalloc-cg-4k of size 4096
[   85.016267][  T789] The buggy address is located 744 bytes inside of
[   85.016267][  T789]  freed 4096-byte region [ffff88811e446000, ffff88811e447000)
[   85.022282][  T789] 
[   85.023394][  T789] The buggy address belongs to the physical page:
[   85.026008][  T789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e440
[   85.029279][  T789] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   85.032879][  T789] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[   85.036192][  T789] page_type: f5(slab)
[   85.037886][  T789] raw: 057ff00000000040 ffff88801a44b500 dead000000000122 0000000000000000
[   85.041374][  T789] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[   85.045386][  T789] head: 057ff00000000040 ffff88801a44b500 dead000000000122 0000000000000000
[   85.049613][  T789] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[   85.053144][  T789] head: 057ff00000000003 ffffea0004791001 00000000ffffffff 00000000ffffffff
[   85.056657][  T789] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[   85.060131][  T789] page dumped because: kasan: bad access detected
[   85.062769][  T789] page_owner tracks the page as allocated
[   85.065280][  T789] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5873, tgid 5873 (syz-executor), ts 60773000975, free_ts 60331001614
[   85.074772][  T789]  post_alloc_hook+0x240/0x2a0
[   85.076762][  T789]  get_page_from_freelist+0x21e4/0x22c0
[   85.079072][  T789]  __alloc_frozen_pages_noprof+0x181/0x370
[   85.081447][  T789]  alloc_pages_mpol+0x232/0x4a0
[   85.083191][  T789]  allocate_slab+0x8a/0x3b0
[   85.085207][  T789]  ___slab_alloc+0xbfc/0x1480
[   85.087342][  T789]  __kmalloc_cache_noprof+0x296/0x3d0
[   85.089820][  T789]  ipv6_add_dev+0x6ca/0x1370
[   85.091901][  T789]  addrconf_notify+0x794/0x1010
[   85.094061][  T789]  notifier_call_chain+0x1b6/0x3e0
[   85.096290][  T789]  register_netdevice+0x1608/0x1ae0
[   85.098521][  T789]  veth_newlink+0x5cc/0xa50
[   85.100513][  T789]  rtnl_newlink_create+0x310/0xb00
[   85.102696][  T789]  rtnl_newlink+0x16d6/0x1c70
[   85.104765][  T789]  rtnetlink_rcv_msg+0x7cf/0xb70
[   85.106778][  T789]  netlink_rcv_skb+0x208/0x470
[   85.108877][  T789] page last free pid 5877 tgid 5877 stack trace:
[   85.111529][  T789]  __free_frozen_pages+0xc71/0xe70
[   85.113764][  T789]  __slab_free+0x326/0x400
[   85.115751][  T789]  qlist_free_all+0x97/0x140
[   85.117562][  T789]  kasan_quarantine_reduce+0x148/0x160
[   85.120146][  T789]  __kasan_slab_alloc+0x22/0x80
[   85.121823][  T789]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[   85.123818][  T789]  __alloc_skb+0x112/0x2d0
[   85.125378][  T789]  rtmsg_ifinfo_build_skb+0x84/0x260
[   85.127179][  T789]  rtnetlink_event+0x1b7/0x270
[   85.129276][  T789]  notifier_call_chain+0x1b6/0x3e0
[   85.131673][  T789]  netdev_lower_state_changed+0xc6/0x140
[   85.134259][  T789]  bond_set_slave_link_state+0x1b2/0x390
[   85.136698][  T789]  bond_enslave+0x19be/0x3a20
[   85.138740][  T789]  do_set_master+0x533/0x6d0
[   85.140788][  T789]  do_setlink+0xcf0/0x41c0
[   85.142729][  T789]  rtnl_newlink+0x160b/0x1c70
[   85.144884][  T789] 
[   85.145993][  T789] Memory state around the buggy address:
[   85.148683][  T789]  ffff88811e446180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.152195][  T789]  ffff88811e446200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.155648][  T789] >ffff88811e446280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.159068][  T789]                                                           ^
[   85.162434][  T789]  ffff88811e446300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.166323][  T789]  ffff88811e446380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.169731][  T789] ==================================================================
[   85.180145][ T5876] Bluetooth: hci2: command tx timeout
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   85.194390][  T789] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   85.197515][  T789] CPU: 1 UID: 0 PID: 789 Comm: kworker/1:2 Not tainted 6.16.0-rc5-syzkaller-00159-g47c84997c686-dirty #0 PREEMPT(full) 
[   85.203234][  T789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   85.207714][  T789] Workqueue: events smc_ib_port_event_work
[   85.210280][  T789] Call Trace:
[   85.211735][  T789]  <TASK>
[   85.213062][  T789]  dump_stack_lvl+0x99/0x250
[   85.215088][  T789]  ? __asan_memcpy+0x40/0x70
[   85.217094][  T789]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.219555][  T789]  ? __pfx__printk+0x10/0x10
[   85.221912][  T789]  panic+0x2db/0x790
[   85.223753][  T789]  ? __pfx_panic+0x10/0x10
[   85.225723][  T789]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   85.228262][  T789]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   85.230895][  T789]  ? print_memory_metadata+0x314/0x400
[   85.233153][  T789]  ? __ethtool_get_link_ksettings+0x6e/0x190
[   85.235761][  T789]  check_panic_on_warn+0x89/0xb0
[   85.238135][  T789]  ? __ethtool_get_link_ksettings+0x6e/0x190
[   85.240791][  T789]  end_report+0x78/0x160
[   85.242769][  T789]  kasan_report+0x129/0x150
[   85.244946][  T789]  ? __ethtool_get_link_ksettings+0x6e/0x190
[   85.247792][  T789]  __ethtool_get_link_ksettings+0x6e/0x190
[   85.250318][  T789]  ib_get_eth_speed+0x15e/0x7b0
[   85.252371][  T789]  ? __pfx_ib_get_eth_speed+0x10/0x10
[   85.254936][  T789]  ? do_raw_spin_unlock+0x4d/0x240
[   85.257394][  T789]  rxe_query_port+0x93/0x3b0
[   85.259537][  T789]  ib_query_port+0x170/0x830
[   85.261603][  T789]  smc_ib_port_event_work+0x15a/0x940
[   85.263992][  T789]  ? _raw_spin_unlock_irq+0x23/0x50
[   85.266175][  T789]  ? process_scheduled_works+0x9ef/0x17b0
[   85.268770][  T789]  ? process_scheduled_works+0x9ef/0x17b0
[   85.271240][  T789]  process_scheduled_works+0xae1/0x17b0
[   85.273629][  T789]  ? __pfx_process_scheduled_works+0x10/0x10
[   85.276306][  T789]  worker_thread+0x8a0/0xda0
[   85.278653][  T789]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   85.281618][  T789]  ? __kthread_parkme+0x7b/0x200
[   85.283785][  T789]  kthread+0x711/0x8a0
[   85.285573][  T789]  ? __pfx_worker_thread+0x10/0x10
[   85.287921][  T789]  ? __pfx_kthread+0x10/0x10
[   85.290009][  T789]  ? _raw_spin_unlock_irq+0x23/0x50
[   85.292361][  T789]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.294725][  T789]  ? __pfx_kthread+0x10/0x10
[   85.297058][  T789]  ret_from_fork+0x3fc/0x770
[   85.299129][  T789]  ? __pfx_ret_from_fork+0x10/0x10
[   85.301283][  T789]  ? __switch_to_asm+0x39/0x70
[   85.303361][  T789]  ? __switch_to_asm+0x33/0x70
[   85.305378][  T789]  ? __pfx_kthread+0x10/0x10
[   85.307540][  T789]  ret_from_fork_asm+0x1a/0x30
[   85.309919][  T789]  </TASK>
[   85.312310][  T789] Kernel Offset: disabled
[   85.314301][  T789] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:33:01  Registers:
info registers vcpu 0

CPU#0
RAX=d0cfdc7f36d2db00 RBX=ffffffff81976c78 RCX=d0cfdc7f36d2db00 RDX=0000000000000001
RSI=ffffffff8d998b14 RDI=ffffffff8be29dc0 RBP=ffffffff8de07ea8 RSP=ffffffff8de07d80
R8 =ffff88804b032f5b R9 =1ffff110096065eb R10=dffffc0000000000 R11=ffffed10096065ec
R12=ffffffff8fa1f3f0 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a50
RIP=ffffffff8b6f34d3 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055593e93a000 CR3=000000002485a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000061 RBX=0000000000000061 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900045ff090
R8 =ffff888021388237 R9 =1ffff11004271046 R10=dffffc0000000000 R11=ffffffff85478780
R12=dffffc0000000000 R13=ffffffff99af98c4 R14=ffffffff99dfe6e0 R15=0000000000000000
RIP=ffffffff854787fc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32e12ff8 CR3=000000002485a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 000000524f525245 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f44d9211c91
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
