program:
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f00000000c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x4, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40)
connect$rose(r1, &(0x7f00000001c0)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, @bcast}, 0x1c)
ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
connect$rose(r1, &(0x7f0000000000)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, 0x1, @default}, 0x1c)
sendto$rose(r1, 0x0, 0x0, 0xc0, &(0x7f0000000100)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40)
syz_init_net_socket$x25(0x9, 0x5, 0x0) (async)
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) (async)
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async)
bind$rose(r1, &(0x7f00000000c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x4, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40) (async)
connect$rose(r1, &(0x7f00000001c0)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, @bcast}, 0x1c) (async)
ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) (async)
connect$rose(r1, &(0x7f0000000000)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, 0x1, @default}, 0x1c) (async)
sendto$rose(r1, 0x0, 0x0, 0xc0, &(0x7f0000000100)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40) (async)

[   75.339939][ T4681] Bluetooth: hci0: command tx timeout
[   75.431513][ T5335] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.442202][ T5335] bond0: (slave rose0): Enslaving as an active interface with an up link
[   75.505947][ T5336] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   75.575901][ T5334] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN NOPTI
[   75.581164][ T5334] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[   75.584943][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.588875][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.593496][ T5334] RIP: 0010:rose_transmit_link+0x32/0x740
[   75.596196][ T5334] Code: 56 41 55 41 54 53 48 83 ec 18 48 89 f5 49 89 fc 49 be 00 00 00 00 00 fc ff df e8 79 8a 74 f7 4c 8d 7d 36 4c 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 6e 05 00 00 41 0f b6 1f 31 ff 89 de e8
[   75.604134][ T5334] RSP: 0018:ffffc9000ee979d0 EFLAGS: 00010207
[   75.606819][ T5334] RAX: 0000000000000006 RBX: 0000000000000000 RCX: ffff888000fac980
[   75.610132][ T5334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888011ee3a00
[   75.613572][ T5334] RBP: 0000000000000000 R08: ffff888000fac980 R09: 0000000000000008
[   75.616828][ T5334] R10: 000000000000000f R11: 0000000000000000 R12: ffff888011ee3a00
[   75.620261][ T5334] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000036
[   75.623317][ T5334] FS:  0000000000000000(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
[   75.626830][ T5334] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.629857][ T5334] CR2: 000055dd97c3f008 CR3: 0000000036116000 CR4: 0000000000352ef0
[   75.633328][ T5334] Call Trace:
[   75.634836][ T5334]  <TASK>
[   75.636144][ T5334]  ? skb_put+0x11b/0x210
[   75.638006][ T5334]  rose_write_internal+0x11dc/0x1ac0
[   75.640413][ T5334]  ? lockdep_hardirqs_on+0x7b/0x110
[   75.642825][ T5334]  ? __pfx_rose_write_internal+0x10/0x10
[   75.645326][ T5334]  ? __timer_delete+0x5d/0x390
[   75.647618][ T5334]  rose_release+0x25b/0x510
[   75.649694][ T5334]  sock_close+0xc3/0x240
[   75.651673][ T5334]  ? __pfx_sock_close+0x10/0x10
[   75.653953][ T5334]  __fput+0x44c/0xa70
[   75.655956][ T5334]  task_work_run+0x1d4/0x260
[   75.657852][ T5334]  ? __pfx_task_work_run+0x10/0x10
[   75.659928][ T5334]  ? do_raw_spin_unlock+0x4d/0x240
[   75.662334][ T5334]  do_exit+0x694/0x22f0
[   75.664081][ T5334]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[   75.666545][ T5334]  ? __pfx_do_exit+0x10/0x10
[   75.668372][ T5334]  ? preempt_schedule_thunk+0x16/0x30
[   75.670590][ T5334]  ? preempt_schedule_thunk+0x16/0x30
[   75.672933][ T5334]  do_group_exit+0x21c/0x2d0
[   75.674989][ T5334]  __x64_sys_exit_group+0x3f/0x40
[   75.677255][ T5334]  x64_sys_call+0x2210/0x2210
[   75.679240][ T5334]  do_syscall_64+0xec/0xf80
[   75.681081][ T5334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.683792][ T5334]  ? trace_irq_disable+0x37/0x100
[   75.686079][ T5334]  ? clear_bhb_loop+0x60/0xb0
[   75.688131][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.691048][ T5334] RIP: 0033:0x7fbca0d8f7c9
[   75.693234][ T5334] Code: Unable to access opcode bytes at 0x7fbca0d8f79f.
[   75.696615][ T5334] RSP: 002b:00007ffe4b2e6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   75.700228][ T5334] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007fbca0d8f7c9
[   75.703727][ T5334] RDX: 00007fbca0d46ca7 RSI: 0000000000000000 RDI: 000000000000000b
[   75.707561][ T5334] RBP: 0000000000000003 R08: 00007ffe4b2e78b7 R09: 000000000000000b
[   75.711790][ T5334] R10: 00007fbca0fe5fa0 R11: 0000000000000246 R12: 00007fbca0fe627c
[   75.715083][ T5334] R13: 00007fbca0fe6270 R14: 0000000000000118 R15: 0000000000000003
[   75.718239][ T5334]  </TASK>
[   75.719483][ T5334] Modules linked in:
[   75.721532][ T5334] ---[ end trace 0000000000000000 ]---
[   75.760530][ T5334] RIP: 0010:rose_transmit_link+0x32/0x740
[   75.767695][ T5334] Code: 56 41 55 41 54 53 48 83 ec 18 48 89 f5 49 89 fc 49 be 00 00 00 00 00 fc ff df e8 79 8a 74 f7 4c 8d 7d 36 4c 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 6e 05 00 00 41 0f b6 1f 31 ff 89 de e8
[   75.788186][ T5334] RSP: 0018:ffffc9000ee979d0 EFLAGS: 00010207
[   75.790910][ T5334] RAX: 0000000000000006 RBX: 0000000000000000 RCX: ffff888000fac980
[   75.811407][ T5334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888011ee3a00
[   75.815952][ T5334] RBP: 0000000000000000 R08: ffff888000fac980 R09: 0000000000000008
[   75.820045][ T5334] R10: 000000000000000f R11: 0000000000000000 R12: ffff888011ee3a00
[   75.840106][ T5334] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000036
[   75.848869][ T5334] FS:  0000000000000000(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
[   75.881676][ T5334] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.884563][ T5334] CR2: 00007fa78c4feff8 CR3: 000000004294f000 CR4: 0000000000352ef0
[   75.887960][ T5334] Kernel panic - not syncing: Fatal exception
[   75.890901][ T5334] Kernel Offset: disabled
[   75.892812][ T5334] Rebooting in 86400 seconds..