Warning: Permanently added '[localhost]:40910' (ECDSA) to the list of known hosts.
2020/11/30 19:10:20 fuzzer started
2020/11/30 19:10:21 dialing manager at 10.0.2.10:42319
2020/11/30 19:10:21 syscalls: 3441
2020/11/30 19:10:21 code coverage: enabled
2020/11/30 19:10:21 comparison tracing: enabled
2020/11/30 19:10:21 extra coverage: enabled
2020/11/30 19:10:21 setuid sandbox: enabled
2020/11/30 19:10:21 namespace sandbox: enabled
2020/11/30 19:10:21 Android sandbox: /sys/fs/selinux/policy does not exist
2020/11/30 19:10:21 fault injection: enabled
2020/11/30 19:10:21 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/11/30 19:10:21 net packet injection: enabled
2020/11/30 19:10:21 net device setup: enabled
2020/11/30 19:10:21 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/11/30 19:10:21 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/11/30 19:10:21 USB emulation: enabled
2020/11/30 19:10:21 hci packet injection: enabled
2020/11/30 19:10:21 wifi device emulation: enabled
19:11:48 executing program 0:
r0 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)

19:11:48 executing program 1:
r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r0, 0x2, 0x70740000000000)

19:11:49 executing program 2:
syz_emit_ethernet(0x42, &(0x7f0000000000)={@empty, @local, @void, {@arp={0x806, @ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x0, @random="8f59ebd4b13b", @mcast2, @random="bda8ea069ec3", @remote}}}}, 0x0)

19:11:49 executing program 3:
prctl$PR_SET_PDEATHSIG(0x8, 0x0)

syzkaller login: [  205.624061][ T9267] IPVS: ftp: loaded support on port[0] = 21
[  205.641868][ T9269] IPVS: ftp: loaded support on port[0] = 21
[  206.028102][ T9269] chnl_net:caif_netlink_parms(): no params data found
[  206.054574][ T9267] chnl_net:caif_netlink_parms(): no params data found
[  206.226519][ T9271] IPVS: ftp: loaded support on port[0] = 21
[  206.245654][ T9267] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.271646][ T9267] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.290051][ T9267] device bridge_slave_0 entered promiscuous mode
[  206.312506][ T9269] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.327753][ T9269] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.345768][ T9269] device bridge_slave_0 entered promiscuous mode
[  206.360827][ T9269] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.372216][ T9269] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.385613][ T9269] device bridge_slave_1 entered promiscuous mode
[  206.401045][ T9267] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.413100][ T9267] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.424920][ T9267] device bridge_slave_1 entered promiscuous mode
[  206.478655][ T9267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.504938][ T9269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.524270][ T9267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.559507][ T9269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.593938][ T9267] team0: Port device team_slave_0 added
[  206.611110][ T9267] team0: Port device team_slave_1 added
[  206.631603][ T9269] team0: Port device team_slave_0 added
[  206.653786][ T9269] team0: Port device team_slave_1 added
[  206.685954][ T9267] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.701068][ T9267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.755330][ T9267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.777673][ T9267] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.790652][ T9267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.834918][ T9267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  206.871305][ T9269] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.889671][ T9269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.948892][ T9269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.979184][ T9269] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.993930][ T9269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.045341][ T9269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.078560][ T9267] device hsr_slave_0 entered promiscuous mode
[  207.093963][ T9267] device hsr_slave_1 entered promiscuous mode
[  207.173974][ T9269] device hsr_slave_0 entered promiscuous mode
[  207.176450][ T9277] IPVS: ftp: loaded support on port[0] = 21
[  207.203698][ T9269] device hsr_slave_1 entered promiscuous mode
[  207.217506][ T9269] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  207.232046][ T9269] Cannot create hsr debugfs directory
[  207.250656][ T9271] chnl_net:caif_netlink_parms(): no params data found
[  207.450323][ T9271] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.468617][ T9271] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.483953][ T3482] Bluetooth: hci0: command 0x0409 tx timeout
[  207.493517][ T9271] device bridge_slave_0 entered promiscuous mode
[  207.517801][ T9271] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.535456][ T9271] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.553306][ T9271] device bridge_slave_1 entered promiscuous mode
[  207.591345][ T9271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.634588][ T9271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.643770][   T28] Bluetooth: hci1: command 0x0409 tx timeout
[  207.715414][ T9271] team0: Port device team_slave_0 added
[  207.748812][ T9271] team0: Port device team_slave_1 added
[  207.791634][ T9271] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.812840][ T9271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.884599][ T9271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.924665][ T9271] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.945130][ T9271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.006303][ T9271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.032487][ T9267] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  208.067463][ T9267] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  208.107420][ T9277] chnl_net:caif_netlink_parms(): no params data found
[  208.163318][ T9267] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  208.199684][ T9267] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  208.203252][   T28] Bluetooth: hci2: command 0x0409 tx timeout
[  208.279448][ T9271] device hsr_slave_0 entered promiscuous mode
[  208.298576][ T9271] device hsr_slave_1 entered promiscuous mode
[  208.318375][ T9271] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.338593][ T9271] Cannot create hsr debugfs directory
[  208.418415][ T9269] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  208.451829][ T9277] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.480747][ T9277] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.502825][ T9277] device bridge_slave_0 entered promiscuous mode
[  208.523318][ T9277] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.545047][ T9277] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.564645][ T9277] device bridge_slave_1 entered promiscuous mode
[  208.584214][ T9269] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  208.634767][ T9269] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  208.656566][ T9269] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  208.676320][ T9277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  208.715153][ T9277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.758400][ T9277] team0: Port device team_slave_0 added
[  208.775547][ T9277] team0: Port device team_slave_1 added
[  208.813265][ T9277] batman_adv: batadv0: Adding interface: batadv_slave_0
[  208.836673][ T9277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.945619][ T9277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  208.985947][ T9277] batman_adv: batadv0: Adding interface: batadv_slave_1
[  209.000496][ T9277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.059683][ T3482] Bluetooth: hci3: command 0x0409 tx timeout
[  209.059878][ T9277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  209.137289][ T9277] device hsr_slave_0 entered promiscuous mode
[  209.151225][ T9277] device hsr_slave_1 entered promiscuous mode
[  209.164522][ T9277] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  209.179602][ T9277] Cannot create hsr debugfs directory
[  209.287010][ T9271] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  209.313385][ T9271] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  209.332760][ T9271] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  209.362208][ T9271] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  209.396924][ T9267] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.444599][ T9269] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.468962][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  209.491769][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  209.514280][ T9267] 8021q: adding VLAN 0 to HW filter on device team0
[  209.549371][   T81] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  209.563555][    T7] Bluetooth: hci0: command 0x041b tx timeout
[  209.572467][   T81] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  209.603108][   T81] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.616287][   T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.629102][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  209.645522][ T9277] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  209.662316][ T9277] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  209.678765][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  209.690536][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  209.701615][   T18] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.711519][   T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.721667][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  209.750348][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  209.753370][    T7] Bluetooth: hci1: command 0x041b tx timeout
[  209.779527][ T9277] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  209.797686][ T9277] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  209.825729][ T9269] 8021q: adding VLAN 0 to HW filter on device team0
[  209.842425][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  209.857473][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  209.884109][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  209.904500][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  209.925419][ T1722] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.944510][ T1722] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.979255][ T9267] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  210.002335][ T9267] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  210.036838][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  210.059686][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  210.079340][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  210.105589][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  210.130973][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  210.163767][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  210.191033][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  210.223370][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  210.251071][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  210.272522][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  210.305216][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  210.331725][ T9299] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.342293][ T9299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  210.354384][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  210.371566][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  210.383194][ T9299] Bluetooth: hci2: command 0x041b tx timeout
[  210.402531][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  210.425418][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  210.463685][ T9269] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  210.496957][ T9269] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  210.540206][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  210.565970][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  210.608102][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  210.639711][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  210.671280][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  210.708161][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  210.775554][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  210.828085][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  210.877182][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  210.914003][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  210.976312][ T9267] 8021q: adding VLAN 0 to HW filter on device batadv0
[  211.028533][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  211.071311][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  211.083757][    T7] Bluetooth: hci3: command 0x041b tx timeout
[  211.117712][ T9271] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.168341][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  211.200867][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  211.290311][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  211.345961][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  211.381440][ T9269] 8021q: adding VLAN 0 to HW filter on device batadv0
[  211.416759][ T9271] 8021q: adding VLAN 0 to HW filter on device team0
[  211.444920][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  211.471921][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  211.507209][ T9277] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.536123][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  211.554794][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  211.574817][ T9300] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.592148][ T9300] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.616898][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  211.644179][    T7] Bluetooth: hci0: command 0x040f tx timeout
[  211.655893][ T9277] 8021q: adding VLAN 0 to HW filter on device team0
[  211.689674][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  211.727241][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  211.777873][ T9299] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.826689][ T9299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.833871][    T7] Bluetooth: hci1: command 0x040f tx timeout
[  211.859103][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  211.916639][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  211.951995][ T9267] device veth0_vlan entered promiscuous mode
[  211.985483][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  212.016489][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  212.045988][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  212.071729][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  212.098726][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  212.119436][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  212.144514][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  212.173386][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  212.200116][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  212.234646][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  212.264467][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.284100][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.314901][ T9267] device veth1_vlan entered promiscuous mode
[  212.333682][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  212.354944][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  212.377393][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  212.406842][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  212.449772][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  212.453562][    T7] Bluetooth: hci2: command 0x040f tx timeout
[  212.489615][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  212.549728][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  212.577914][ T9299] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.611810][ T9299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.667960][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  212.704016][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  212.748122][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  212.776421][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  212.799306][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  212.821929][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  212.846893][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  212.871410][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  212.897738][ T9269] device veth0_vlan entered promiscuous mode
[  212.913540][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  212.928421][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  212.958085][ T9271] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  212.989173][ T9271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  213.006355][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  213.024492][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  213.044495][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  213.064086][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  213.081237][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  213.101785][ T9269] device veth1_vlan entered promiscuous mode
[  213.126565][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  213.139760][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  213.156049][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  213.173127][    T7] Bluetooth: hci3: command 0x040f tx timeout
[  213.175512][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  213.199566][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  213.223160][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  213.265646][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  213.314963][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  213.353557][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  213.369459][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  213.395554][ T9267] device veth0_macvtap entered promiscuous mode
[  213.413391][ T9277] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  213.428995][ T9277] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  213.446842][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  213.464891][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  213.481449][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  213.504980][ T9271] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.531606][ T9267] device veth1_macvtap entered promiscuous mode
[  213.579711][ T9269] device veth0_macvtap entered promiscuous mode
[  213.619685][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  213.664306][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  213.712823][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  213.723801][    T7] Bluetooth: hci0: command 0x0419 tx timeout
[  213.745472][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  213.793976][ T9267] batman_adv: batadv0: Interface activated: batadv_slave_0
[  213.829691][ T9267] batman_adv: batadv0: Interface activated: batadv_slave_1
[  213.871607][ T9269] device veth1_macvtap entered promiscuous mode
[  213.905428][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  213.922704][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  213.940348][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  213.958357][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  213.973374][    T7] Bluetooth: hci1: command 0x0419 tx timeout
[  213.999577][ T9267] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.031360][ T9267] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.064797][ T9267] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.109128][ T9267] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.172388][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  214.238646][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  214.273657][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  214.311588][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  214.379892][ T9277] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.406960][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  214.449766][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.475792][ T9269] batman_adv: batadv0: Interface activated: batadv_slave_0
[  214.501812][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  214.522477][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.533660][ T3482] Bluetooth: hci2: command 0x0419 tx timeout
[  214.551009][ T9269] batman_adv: batadv0: Interface activated: batadv_slave_1
[  214.596199][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  214.621182][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  214.653716][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  214.676090][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  214.700901][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  214.731892][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  214.757122][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  214.776251][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  214.806899][ T9271] device veth0_vlan entered promiscuous mode
[  214.824373][ T9269] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.839930][ T9269] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.859911][ T9269] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.876141][ T9269] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.904399][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  214.922957][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  214.976202][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  214.996272][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  215.015634][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  215.032115][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  215.055621][ T9277] device veth0_vlan entered promiscuous mode
[  215.076079][ T9271] device veth1_vlan entered promiscuous mode
[  215.136196][ T9280] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.156601][ T9280] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.163753][ T9277] device veth1_vlan entered promiscuous mode
[  215.215260][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  215.237484][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  215.260400][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  215.263469][ T3482] Bluetooth: hci3: command 0x0419 tx timeout
[  215.294886][ T9277] device veth0_macvtap entered promiscuous mode
[  215.323528][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  215.340543][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  215.358019][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  215.373405][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  215.392390][ T9277] device veth1_macvtap entered promiscuous mode
[  215.405935][ T9280] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.412545][ T9271] device veth0_macvtap entered promiscuous mode
[  215.419468][ T9280] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.439243][ T9271] device veth1_macvtap entered promiscuous mode
[  215.467609][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  215.484092][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  215.507355][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  215.519662][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  215.536258][ T3916] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  215.582290][ T9280] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.583289][ T9288] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.590495][ T9277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  215.590526][ T9277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.590533][ T9277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  215.590538][ T9277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.591626][ T9277] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.594494][ T9277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  215.594500][ T9277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.594507][ T9277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  215.594512][ T9277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.595451][ T9277] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.598386][ T9277] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.613744][ T9288] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.613926][ T9280] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.635528][ T9277] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.868533][ T9277] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.893405][ T9277] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.923808][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  215.940019][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  215.960084][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  215.981224][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  216.002433][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  216.021616][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  216.048320][ T9271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  216.081270][ T9271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.104640][ T9271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  216.134987][ T9271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.156577][ T9271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  216.177996][ T9271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.199923][ T9271] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.224372][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  216.256201][ T9299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  216.285070][ T9271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  216.313754][ T9271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.339182][ T9271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  216.360903][ T9271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.380125][ T9271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  216.403547][ T9271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.439895][ T9271] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.464617][ T9271] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.485677][ T9271] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.510031][ T9271] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.531375][ T9271] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.556269][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  216.556352][ T9267] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[  216.576937][ T9301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
19:12:01 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x8, 0x0, &(0x7f0000000140)=0x300)

19:12:01 executing program 1:
prctl$PR_SET_PDEATHSIG(0x24, 0xffff)

[  216.811653][ T9288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.833814][ T9305] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
19:12:01 executing program 0:
add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb)

[  216.864308][ T9288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
19:12:01 executing program 1:
prctl$PR_SET_PDEATHSIG(0x1c, 0x0)

[  216.912340][ T9305] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
19:12:01 executing program 0:
add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb)

[  216.965608][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
19:12:01 executing program 1:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f00000001c0)='encrypted\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)='R', 0x1, r0)

[  217.016421][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  217.040055][ T9328] encrypted_key: insufficient parameters specified
[  217.092847][ T9305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.115541][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.126259][ T9305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.147014][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.161651][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  217.197430][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
19:12:02 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f00000001c0)='encrypted\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="52d4d2ebdc945666dfb88e94d32505c5f43f814e18e57306a1f67549ec0cdc54c4ab4cb780ff9281c9ccb65c3728ce72868b48b623f5b043d2160629ec7a69791f65d40911dfce48b872d33fb5f6179f22d7ca0a", 0x54, r0)

19:12:02 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x66, 0x0, &(0x7f0000000140))

19:12:02 executing program 1:
r0 = socket$unix(0x1, 0x5, 0x0)
sendmmsg$inet(r0, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

19:12:02 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/tcp6\x00')
read$FUSE(r0, &(0x7f0000004240)={0x2020}, 0x2020)

[  217.320784][ T9345] encrypted_key: master key parameter 'ßÎH¸rÓ?µöŸ"×Ê
[  217.320784][ T9345] ' is invalid
19:12:02 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg(r0, &(0x7f00000039c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003940)=ANY=[], 0x68}, 0x1)

19:12:02 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x21, 0x0, &(0x7f0000000140))

19:12:02 executing program 0:
r0 = getpid()
waitid(0x1, r0, 0x0, 0x2, 0x0)

19:12:02 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f00000001c0)='encrypted\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="52d4d2ebdc945666dfb88e94d32505c5f43f814e18e57306a1f67549ec0cdc54c4ab4cb780ff9281c9ccb65c3728ce72868b48b623f5b043d2160629ec7a69791f65d40911dfce48b872d33fb5f6179f22d7ca0a", 0x54, r0)

19:12:02 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x6, 0x4, 0x0, 0x0)

[  217.408018][ T9357] encrypted_key: master key parameter 'ßÎH¸rÓ?µöŸ"×Ê
[  217.408018][ T9357] ' is invalid
19:12:02 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x2, 0x0, &(0x7f0000000140)=0x700)

19:12:02 executing program 1:
prctl$PR_SET_PDEATHSIG(0x1d, 0xffff)

19:12:02 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f00000001c0)=@newchain={0xec4, 0x64, 0x1, 0x0, 0x0, {}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x9e4, 0x2, [@TCA_ROUTE4_ACT={0x148, 0x6, [@m_ipt={0x144, 0x0, 0x0, 0x0, {{0x8, 0x1, 'ipt\x00'}, {0x30, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}, @TCA_IPT_HOOK={0x8}]}, {0xed, 0x6, "c4202aff32994a6c6b95a0cdf3c6345d4167bc2b50e230213347d034845b16778631d059ac32e80510bc2f7947d8d12b04d054747e056cd5d370e86b3a4095c2e46938f9766bec74719734acf990cc72b28a2ba7f65aa22bb8d898fc48d9c0acd6d7670c40df6ee6ca74ede4b315b9e67a558a96b3f82a169a110ee80f0063f36e49832ad05fc9b5b302aee294264f5b6a879fd4e99c5541f88f2deb6ce2918902eb9148be6002074ca0ec6768b9fe404636e93379862e53ca9495a346ac9f7357d6b37c86118826ccc85e793f42e549356fc1163cb2f34065a1bcff399594f441e78c73b89bc7bcae"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x888, 0x5, [@TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc}]}, @TCA_ROUTE4_IIF={0x8}]}}, @TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_matchall={{0xd, 0x1, 'matchall\x00'}, {0x70, 0x2, [@TCA_MATCHALL_ACT={0x6c, 0x2, [@m_nat={0x68, 0x0, 0x0, 0x0, {{0x8, 0x1, 'nat\x00'}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @broadcast}}]}, {0x15, 0x6, "939cb044c9fc456d3d39f768fc96c7751e"}, {0xc}, {0xc}}}]}]}}, @filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0x40c, 0x2, [@TCA_BASIC_POLICE={0x408, 0x4, [@TCA_POLICE_PEAKRATE={0x404}]}]}}, @TCA_RATE={0x6}]}, 0xec4}}, 0x0)

19:12:02 executing program 2:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x1, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

19:12:02 executing program 0:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080)="99", 0x1, 0xffffffffffffffff)

19:12:02 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000380)={0x2, 0x4e22}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000100)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@generic={0x0, 0x2}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x2, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x12, 0xf989, "c9903ce0447d49da81aa85f15a16"}]}}}}}}}, 0x0)

19:12:02 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)

19:12:02 executing program 2:
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x181602)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'})
timerfd_create(0x8, 0x80000)

19:12:02 executing program 0:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCGETNODEID(r0, 0x89e1, &(0x7f0000000480))

19:12:02 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet(r0, &(0x7f000000e380)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0x64010101}, 0x10, &(0x7f0000001480)=[{&(0x7f0000000180)="07206fb09cc2f62e4e51938592ff7c8815af24927b3f202187d939ab8db849e3628b6c8ba9542f714975d942ccf9b2a4972bad0aa3b9cd1991899af8d0b369a4c5f004bfca3c2606caa72f8a7e98ea2606382116c4e25e4e23a74022366784c3477408cda3e089e9fa01558a1a8269c95c7fefbe27167f72c569f6f59441cec5ae1f8f1d83415427d5c2d22003f9", 0x8e}, {&(0x7f0000000240)="ffadc9c6c9bc1ec08b635cbca4fd2b5a28cab2f578e02fd0c33ff5a36eef81", 0x1f}, {&(0x7f0000000280)='CzB', 0x3}, {&(0x7f00000002c0)="9088a173033e13f6c2430f23cd2d720da4f8e2071685e694d1a709b585e6f4a1500d0d961ba9ad146b28cc0b92ca4779a09859a2696c3694d15acb97780ab42d2b6ab8f1c306049253348a7a8a1b000f4c26263bf60ae0209f02d94722c4e1f80448c99e76a9d9c8ab5ea389fb9f78826fb3b8fc30", 0x75}, {&(0x7f0000000340)="02a7085731e6d12983969aeda065f5e552dcdbdd6b2b71f637e3b90cfcc820", 0x1f}, {&(0x7f0000000380)="aac089723597be572d14826487d0669f40e9cc54e4c7cc11657ae1de336ecc6d", 0x20}, {&(0x7f00000003c0)="4776375050fcdabfdf31644a44828a949f8e64fbd45c30069b2d1ab5ae5b51c6c15eb1d619345e2f239093388adb524f97c4394d3a135eaf40d98ece40dbf82c025e6bc476e7e22d4b1cbdf12b235a9cecc67be55228feff0252f0aec7f92dbbf568dfdef9bc05a6fd66694042b548855abc9aa9eb47cc4c9c7705729ef4b52a94121d7b105e569fd75607f2b30c3b078619f88aabed3b648919854827bfb4c114126869a76cda753cce6da98ea440f0623262579b7b65be262059", 0xbb}, {&(0x7f0000000480)="e31e31fe68212cb40c24f202efeab36615538342821c8f59c7360e1d8529f06bddfb8c6da78e60932b9b03e98f60b0e3a0efd7c4c81c5156a99c9713ab62e1de610b542e1e735acaaf5d436a9ff975c1fab704bd4f791c49af7e560bdf6eeefe4fa42529295ccb87c6d4cc8b31d97fea815891698d3c54b21e84355cb1a9fc6d39a1733f055c84a29821f6b4e15c712165e12604b3f6def950ab8aca0c7c1942a2cd6255bc717994f7c4ad21e10d32094d5591b83bffe1f219dbc7fd1432060b726645e61ff7669044f7a7c541b86717d4e4fb5851131f7e4dd7efd4fb0a362d4f412ffba9812b1ef1797780dcc9574a8de13321b6604baf825f5bd09f14b2432a26e50482706531960e6b3a8c82c6de48ad66ab9e007bcf1d785a87d34ab54bdf2008b16decd5811dce3ba070b9b46bf5f8fc9cbaceb49b89357b2388923af80564d1d0c910e6efcc537660bf0a056bd90083d69ed22b56fad78a626d4602cdf2e1892d41e6130aea15743c5dbb4acc6a7b151b610c15d8848ef57c9f52834073f48d2827e46a6834820b05c250eae6398e853a0b16c2fe83765465804e28b8dcad575d5403f3b9b930dcee1551fea4d6425cc65091ceaa9b93f1c8d6906883d00eb3438e55333f223d6c5a369f0d595b0a2b7f345a0ac43f84d0359382945f43d642671dc8fa01ac99f4adc6262d91ca3b07abe0fca92a1df3cb672ea4c28506834a1300af1d515680c6c511e2cafac885e27fae6db7317e338571ad2b767b09ddc08327ae5fd16ef5cf617a8756f052653a003b19da10e5a6e8c1e99779682c0a0a6406613a8f11c604e9cd16367ae868963327648c4badf374d05a92c0e8890bffecf8ca86377aedda794d20ac182076240b4ad140db41f932f9654e2628c7f7e9bdaac19f4174887785dd4f3523304bb85644783a1405cb96b768a42f4bf28dbda3ad65e0725bc7e1f35ff6102270e06aa7d7714da237103bbb5d034f4e48fc6b8522", 0x2c5}], 0x8}}], 0x1, 0x0)

19:12:02 executing program 0:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

19:12:02 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
recvmmsg(r0, &(0x7f0000002140)=[{{0x0, 0x8, 0x0}}], 0x1, 0x10020, 0x0)

19:12:02 executing program 0:
prctl$PR_SET_PDEATHSIG(0x59616d61, 0x0)

19:12:02 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc01064b3, &(0x7f00000000c0))

19:12:03 executing program 0:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
recvmmsg(r0, &(0x7f00000059c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x43, 0x0)

19:12:03 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f0000000300)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x0)

19:12:03 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x0, 0x0, &(0x7f0000000140)=0x8300)

19:12:03 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000600)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)

19:12:03 executing program 0:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x1, 0x0)
read$FUSE(r0, 0x0, 0x0)

19:12:03 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
recvmmsg(r0, &(0x7f0000002140)=[{{0x0, 0x0, 0x0, 0x3c}}], 0x1, 0x0, 0x0)

19:12:03 executing program 3:
request_key(&(0x7f0000000140)='keyring\x00', &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0)

19:12:03 executing program 0:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)

19:12:03 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=@delqdisc={0x48, 0x25, 0x1, 0x0, 0x0, {}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x48}}, 0x0)

19:12:03 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockname(r0, &(0x7f0000000300)=@pppol2tp={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff}}, &(0x7f00000001c0)=0x80)
ioctl$sock_SIOCSPGRP(r1, 0x8902, 0x0)

19:12:03 executing program 3:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'})

19:12:03 executing program 1:
r0 = inotify_init1(0x0)
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x7fffffff)

19:12:03 executing program 0:
timerfd_settime(0xffffffffffffffff, 0xc03fb8c10fbfb324, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)

19:12:03 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000001c0)={'ip6gre0\x00', &(0x7f0000000140)={'ip6gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @mcast1}})

19:12:03 executing program 3:
openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/seq\x00', 0x1a1803)

19:12:03 executing program 1:
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x107401, 0x0)

19:12:03 executing program 0:
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000000)={{0x3, @null}, [@default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)

19:12:03 executing program 2:
keyctl$dh_compute(0xe, &(0x7f0000000000), 0x0, 0x0, 0x0)

19:12:03 executing program 0:
prctl$PR_SET_PDEATHSIG(0x7, 0x0)

19:12:03 executing program 3:
prctl$PR_SET_PDEATHSIG(0x28, 0x0)

19:12:03 executing program 1:
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x107401, 0x0)

19:12:03 executing program 2:
prctl$PR_SET_PDEATHSIG(0x2a, 0x0)

19:12:03 executing program 0:
r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r0, 0x2, 0x750000)

19:12:03 executing program 3:
socket$inet_sctp(0x2, 0x1, 0x84)
clock_gettime(0x0, &(0x7f00000000c0))
select(0x40, &(0x7f0000000000)={0x4}, 0x0, 0x0, 0x0)

19:12:03 executing program 1:
socketpair(0xa, 0x2, 0x9, &(0x7f0000000000))

19:12:03 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080)="99", 0x10, 0xffffffffffffffff)

19:12:03 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg(r0, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="3891f9f724059e26827482eb36e11f2052daaafbe2cffc6c3ad5143d9b70ed9b14967d26d6e89a07e080cc5de3daba19b66d3ae4b1c0b5a2"}, {&(0x7f0000000040)="e78023dd48cca65d6fc4020a3143985df1a43c0ff5aa33d3b6f62ae193037c3975a1ae3ac5ef8586dea412fc11812cc4c7e4c3e9f26772ddd516905177960c84c702e48c7af68d412dcb40e7b1441637abaa1dd42d874307038143db5fb5a5225c5dcb59753e0a1e0b46cbc57ea4b1727969c6098a2195aac714db0f5d5df97341f498219b118df8670615de3da3d018a49270b141fb972952a9437f88e7e0"}], 0x0, 0x0, 0xfffffff0}, 0x40080b0)

19:12:03 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x22, 0x0, &(0x7f0000000140))

19:12:03 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080)="99", 0x10, 0xffffffffffffffff)

19:12:03 executing program 3:
keyctl$dh_compute(0x17, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={'sha224-arm64\x00'}})

19:12:03 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080)="99", 0x10, 0xffffffffffffffff)

19:12:03 executing program 0:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$assume_authority(0x10, 0x0)

[  218.979077][ T9498] could not allocate digest TFM handle sha224-arm64
19:12:03 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x75, 0x0, &(0x7f0000000140))

19:12:03 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080)="99", 0x10, 0xffffffffffffffff)

19:12:03 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

19:12:03 executing program 2:
add_key(0x0, 0x0, &(0x7f0000000080)="99", 0x1, 0xffffffffffffffff)

19:12:03 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=@delqdisc={0x28, 0x25, 0x1, 0x0, 0x0, {}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0)

[  219.069545][ T9498] could not allocate digest TFM handle sha224-arm64
19:12:03 executing program 3:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCGETNODEID(r0, 0x89e1, 0x0)

19:12:03 executing program 1:
r0 = getpgid(0x0)
ptrace$setopts(0x4206, r0, 0x5fb05bce, 0x0)

19:12:03 executing program 2:
add_key(0x0, 0x0, &(0x7f0000000080)="99", 0x1, 0xffffffffffffffff)

19:12:03 executing program 0:
prctl$PR_SET_PDEATHSIG(0x29, 0xffff)

19:12:03 executing program 0:
prctl$PR_SET_PDEATHSIG(0x2, 0x1590000)

19:12:03 executing program 2:
add_key(0x0, 0x0, &(0x7f0000000080)="99", 0x1, 0xffffffffffffffff)

19:12:03 executing program 1:
syz_genetlink_get_family_id$batadv(0xffffffffffffffff)

19:12:04 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f00000001c0)=@newchain={0xec4, 0x64, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x9e4, 0x2, [@TCA_ROUTE4_ACT={0x148, 0x6, [@m_ipt={0x144, 0x0, 0x0, 0x0, {{0x8, 0x1, 'ipt\x00'}, {0x30, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}, @TCA_IPT_HOOK={0x8}]}, {0xed, 0x6, "c4202aff32994a6c6b95a0cdf3c6345d4167bc2b50e230213347d034845b16778631d059ac32e80510bc2f7947d8d12b04d054747e056cd5d370e86b3a4095c2e46938f9766bec74719734acf990cc72b28a2ba7f65aa22bb8d898fc48d9c0acd6d7670c40df6ee6ca74ede4b315b9e67a558a96b3f82a169a110ee80f0063f36e49832ad05fc9b5b302aee294264f5b6a879fd4e99c5541f88f2deb6ce2918902eb9148be6002074ca0ec6768b9fe404636e93379862e53ca9495a346ac9f7357d6b37c86118826ccc85e793f42e549356fc1163cb2f34065a1bcff399594f441e78c73b89bc7bcae"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x888, 0x5, [@TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc}]}, @TCA_ROUTE4_IIF={0x8}]}}, @TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_matchall={{0xd, 0x1, 'matchall\x00'}, {0x70, 0x2, [@TCA_MATCHALL_ACT={0x6c, 0x2, [@m_nat={0x68, 0x0, 0x0, 0x0, {{0x8, 0x1, 'nat\x00'}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @broadcast}}]}, {0x15, 0x6, "939cb044c9fc456d3d39f768fc96c7751e"}, {0xc}, {0xc}}}]}]}}, @filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0x40c, 0x2, [@TCA_BASIC_POLICE={0x408, 0x4, [@TCA_POLICE_PEAKRATE={0x404}]}]}}, @TCA_RATE={0x6}]}, 0xec4}}, 0x0)

19:12:04 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000003cc0)={0x0, 0x0, &(0x7f0000003c80)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_HANDLE={0xc}]}], {0x14}}, 0x48}}, 0x0)

19:12:04 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)

19:12:04 executing program 1:
syz_emit_ethernet(0x19, &(0x7f0000000000)={@local, @local, @val, {@mpls_uc={0x8847, {[], @llc={@llc={0x0, 0x0, "c0"}}}}}}, 0x0)

19:12:04 executing program 3:
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000002040)={&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, 0x0, 0x0, &(0x7f0000001e80)=[@mask_fadd={0x58, 0x114, 0x8, {{}, 0x0, 0x0}}], 0x58}, 0x0)

19:12:04 executing program 1:
syz_emit_ethernet(0xe, &(0x7f0000000000)={@random="e0ebcf61f11a", @multicast, @void, {@generic={0x8906}}}, 0x0)

19:12:04 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0)
read$FUSE(r0, 0x0, 0x0)

19:12:04 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)

19:12:04 executing program 0:
timerfd_create(0x0, 0x0)
pselect6(0x40, &(0x7f0000000240), &(0x7f0000000280)={0x7}, 0x0, 0x0, &(0x7f00000003c0)={0x0})

19:12:04 executing program 1:
prctl$PR_SET_PDEATHSIG(0x1c, 0xffff)

19:12:04 executing program 0:
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, 0x0, &(0x7f00000001c0))

19:12:04 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)

19:12:04 executing program 3:
socketpair(0x29, 0x2, 0x2, &(0x7f00000000c0))

19:12:04 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080), 0x0, 0xffffffffffffffff)

19:12:04 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc01064b3, 0x0)

19:12:04 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x181602)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000140)={0x10, 0x30, 0xfa00, {0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}, 0x38)

19:12:04 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080), 0x0, 0xffffffffffffffff)

19:12:04 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000080)={"131abd3aae953d7cd8c575ca412070ac"})

19:12:04 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x4, 0x0)
read$FUSE(r0, &(0x7f00000010c0)={0x2020}, 0x2020)

19:12:04 executing program 1:
pselect6(0x40, &(0x7f0000000240), 0x0, &(0x7f00000002c0)={0x7}, 0x0, 0x0)

19:12:04 executing program 2:
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080), 0x0, 0xffffffffffffffff)

19:12:04 executing program 3:
r0 = timerfd_create(0x0, 0x0)
write$tun(r0, 0x0, 0x0)

19:12:04 executing program 0:
r0 = timerfd_create(0x1, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={0x0, <r1=>0x0})
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, r1+60000000}}, &(0x7f0000000080))

19:12:04 executing program 3:
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vcsn(&(0x7f0000000400)='/dev/vcs#\x00', 0x0, 0x80800)
add_key(&(0x7f00000001c0)='encrypted\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="52d4d2ebdc945666dfb88e94d32505c5f43f814e18e57306a1f67549ec0cdc54c4ab4cb780ff9281c9ccb65c3728ce72868b48b623f5b043d2160629ec7a69791f65d40911dfce48b872d33fb5f6179f22d7ca0a", 0x54, r0)

19:12:04 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, r0)
add_key(&(0x7f0000000040)='dns_resolver\x00', 0x0, &(0x7f00000001c0)="2660595d785469d2e2dd0fa1ffb5bcf1a405ac6808c4c72f6ed2eef404f9a8ae18e6b7b88ee1438d48a76ff2f180738933085cba0bd92b2314d525986d85ad679315b2dbf7a2dda9283cde6dfe8a3750a18247a3183bf28ac296157673004eda0000000000000000d429cf36a38c62dc56f4694f7a6ec007f3d075714b09ecd5bbbdb13822a62984353a5e4b01350129a3e3b76f56f60cbc0d94b39ed61440f24554d5be5a47de79fe3d7954964cb1ffff42467f5a7a2b598f0f9563e695ac56784a4b1365ca823c572346f8ccc1d53a59933f320087fda8b82b77a35245d6fccfd0179e11ae4f32474b47bc503e611d00", 0xf1, r1)

19:12:04 executing program 0:
timerfd_create(0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000300)={<r0=>0x0})
pselect6(0x40, &(0x7f0000000240)={0x9}, &(0x7f0000000280)={0x7}, 0x0, &(0x7f0000000340)={r0}, 0x0)

[  219.583483][ T9622] Invalid option length (145) for dns_resolver key
19:12:04 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x24, 0x0, &(0x7f0000000140))

[  219.592741][ T9626] encrypted_key: master key parameter 'ßÎH¸rÓ?µöŸ"×Ê
[  219.592741][ T9626] ' is invalid
19:12:05 executing program 1:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x1, @dev}, 0x10)

19:12:05 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x6d, 0x0, &(0x7f0000000140))

19:12:05 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0xb, r0, 0x0, 0x0)

19:12:05 executing program 3:
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vcsn(&(0x7f0000000400)='/dev/vcs#\x00', 0x0, 0x80800)
add_key(&(0x7f00000001c0)='encrypted\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="52d4d2ebdc945666dfb88e94d32505c5f43f814e18e57306a1f67549ec0cdc54c4ab4cb780ff9281c9ccb65c3728ce72868b48b623f5b043d2160629ec7a69791f65d40911dfce48b872d33fb5f6179f22d7ca0a", 0x54, r0)

[  220.456014][ T9639] encrypted_key: master key parameter 'ßÎH¸rÓ?µöŸ"×Ê
19:12:05 executing program 2:
syz_emit_ethernet(0x6a, &(0x7f0000000380)={@local, @broadcast, @void, {@ipv6={0x86dd, @tipc_packet={0x0, 0x6, "7babda", 0x34, 0x2c, 0x0, @dev, @local, {[@dstopts], @payload_mcast={{{{{{0x2c, 0x0, 0x0, 0x0, 0x0, 0xb}}}}}}}}}}}, 0x0)

[  220.456014][ T9639] ' is invalid
19:12:05 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={[], [], @empty}, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}})

19:12:05 executing program 3:
prctl$PR_SET_PDEATHSIG(0x2f, 0x0)

[  220.493922][ T9645] RDS: rds_bind could not find a transport for ::ffff:172.20.20.0, load rds_tcp or rds_rdma?
19:12:05 executing program 2:
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCDELRT(r0, 0x890c, 0x0)

19:12:05 executing program 1:
socketpair(0x27, 0x0, 0x0, &(0x7f0000000080))

19:12:05 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x11, 0x0, &(0x7f0000000140))

19:12:05 executing program 3:
prctl$PR_SET_PDEATHSIG(0x4, 0xffff)

19:12:05 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$sock(r0, &(0x7f00000004c0)={&(0x7f0000000000)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000100), 0x4, &(0x7f0000000440)=[@txtime, @mark={{0x14}}, @timestamping={{0x14}}, @timestamping={{0x14}}, @txtime={{0x18}}], 0x78}, 0x0)

19:12:05 executing program 1:
prctl$PR_SET_PDEATHSIG(0x18, 0x0)

19:12:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg(r0, &(0x7f00000039c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003940)=ANY=[], 0x68}, 0x0)

19:12:05 executing program 2:
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCDELRT(r0, 0x890c, 0x0)

19:12:05 executing program 0:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x10)

19:12:05 executing program 3:
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x8, &(0x7f0000000100)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x200001f4)
recvmsg(r0, &(0x7f0000000380)={0x0, 0x1c, &(0x7f0000000240)=[{&(0x7f00000032c0)=""/4101, 0x2030}], 0x1}, 0x100)

19:12:05 executing program 2:
socketpair(0xa, 0x0, 0x401, &(0x7f0000000000))

19:12:05 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x1b, 0x0, &(0x7f0000000140))

[  220.740181][ T9681] RDS: rds_bind could not find a transport for ::ffff:172.20.20.0, load rds_tcp or rds_rdma?
19:12:05 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x1, 0x0, &(0x7f0000000140)=0x18)

19:12:05 executing program 0:
prctl$PR_SET_PDEATHSIG(0x15, 0x0)

19:12:05 executing program 1:
prctl$PR_SET_PDEATHSIG(0x22, 0xffff)

19:12:05 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast1, @local}})

19:12:05 executing program 0:
keyctl$dh_compute(0x16, &(0x7f0000000000), 0x0, 0x0, 0x0)

19:12:05 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x14, 0x0, &(0x7f0000000140)=0x9700)

19:12:05 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x7b, 0x0, &(0x7f0000000140))

19:12:05 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x9, 0x0, &(0x7f0000000140)=0x9b)

19:12:05 executing program 0:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f00000001c0)='encrypted\x00', &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0)

19:12:05 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={&(0x7f0000000280), 0xa, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, 0x0, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}]}, 0x28}}, 0x0)

19:12:05 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0xb, 0x0, &(0x7f0000000140))

19:12:05 executing program 0:
clock_gettime(0x4, &(0x7f0000003dc0))

19:12:05 executing program 3:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)

19:12:05 executing program 0:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x4, 0x0, &(0x7f0000000140))

19:12:05 executing program 2:
socketpair(0x29, 0x2, 0x0, &(0x7f00000000c0))

19:12:05 executing program 3:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)

19:12:05 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x1, 0x0, &(0x7f0000000000))

19:12:05 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet(r0, &(0x7f000000e380)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0x64010101}, 0x10, &(0x7f0000001480)=[{&(0x7f0000000180)="07206fb09cc2f62e4e51938592ff7c8815af24927b3f202187d939ab8db849e3628b6c8ba9542f714975d942ccf9b2a4972bad0aa3b9cd1991899af8d0b369a4c5f004bfca3c2606caa72f8a7e98ea2606382116c4e25e4e23a74022366784c3477408cda3e089e9fa01558a1a8269c95c7fefbe27167f72c569f6f59441cec5ae1f8f1d83415427d5c2d22003", 0x8d}, {&(0x7f0000000240)="ffadc9c6c9bc1ec08b635cbca4fd2b5a28cab2f578e02fd0c33ff5a36eef8150", 0x20}, {&(0x7f0000000280)='CzB', 0x3}, {&(0x7f00000002c0)="9088a173033e13f6c2430f23cd2d720da4f8e2071685e694d1a709b585e6f4a1500d0d961ba9ad146b28cc0b92ca4779a09859a2696c3694d15acb97780ab42d2b6ab8f1c306049253348a7a8a1b000f4c26263bf60ae0209f02d94722c4e1f80448c99e76a9d9c8ab5ea389fb9f78826fb3b8fc30", 0x75}, {&(0x7f0000000340)="02a7085731e6d12983969aeda065f5e552dcdbdd6b2b71f637e3b90cfcc820", 0x1f}, {&(0x7f0000000380)="aac089723597be572d14826487d0669f40e9cc54e4c7cc11657ae1de336ecc6d", 0x20}, {&(0x7f00000003c0)="4776375050fcdabfdf31644a44828a949f8e64fbd45c30069b2d1ab5ae5b51c6c15eb1d619345e2f239093388adb524f97c4394d3a135eaf40d98ece40dbf82c025e6bc476e7e22d4b1cbdf12b235a9cecc67be55228feff0252f0aec7f92dbbf568dfdef9bc05a6fd66694042b548855abc9aa9eb47cc4c9c7705729ef4b52a94121d7b105e569fd75607f2b30c3b078619f88aabed3b648919854827bfb4c114126869a76cda753cce6da98ea440f0623262579b7b65be262059", 0xbb}, {&(0x7f0000000480)="e31e31fe68212cb40c24f202efeab36615538342821c8f59c7360e1d8529f06bddfb8c6da78e60932b9b03e98f60b0e3a0efd7c4c81c5156a99c9713ab62e1de610b542e1e735acaaf5d436a9ff975c1fab704bd4f791c49af7e560bdf6eeefe4fa42529295ccb87c6d4cc8b31d97fea815891698d3c54b21e84355cb1a9fc6d39a1733f055c84a29821f6b4e15c712165e12604b3f6def950ab8aca0c7c1942a2cd6255bc717994f7c4ad21e10d32094d5591b83bffe1f219dbc7fd1432060b726645e61ff7669044f7a7c541b86717d4e4fb5851131f7e4dd7efd4fb0a362d4f412ffba9812b1ef1797780dcc9574a8de13321b6604baf825f5bd09f14b2432a26e50482706531960e6b3a8c82c6de48ad66ab9e007bcf1d785a87d34ab54bdf2008b16decd5811dce3ba070b9b46bf5f8fc9cbaceb49b89357b2388923af80564d1d0c910e6efcc537660bf0a056bd90083d69ed22b56fad78a626d4602cdf2e1892d41e6130aea15743c5dbb4acc6a7b151b610c15d8848ef57c9f52834073f48d2827e46a6834820b05c250eae6398e853a0b16c2fe83765465804e28b8dcad575d5403f3b9b930dcee1551fea4d6425cc65091ceaa9b93f1c8d6906883d00eb3438e55333f223d6c5a369f0d595b0a2b7f345a0ac43f84d0359382945f43d642671dc8fa01ac99f4adc6262d91ca3b07abe0fca92a1df3cb672ea4c28506834a1300af1d515680c6c511e2cafac885e27fae6db7317e338571ad2b767b09ddc08327ae5fd16ef5cf617a8756f052653a003b19da10e5a6e8c1e99779682c0a0a6406613a8f11c604e9cd16367ae868963327648c4badf374d05a92c0e8890bffecf8ca86377aedda794d20ac182076240b4ad140db41f932f9654e2628c7f7e9bdaac19f4174887785dd4f3523304bb85644783a1405cb96b768a42f4bf28dbda3ad65e0725bc7e1f35ff6102270e06aa7d7714da237103bbb5d034f4e48fc6b8522", 0x2c5}], 0x8}}], 0x1, 0x0)

19:12:05 executing program 1:

19:12:05 executing program 2:

19:12:05 executing program 3:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)
timerfd_gettime(r0, &(0x7f0000000000))

19:12:05 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0xe, 0x0, &(0x7f0000000140))

19:12:05 executing program 2:

19:12:06 executing program 3:

19:12:06 executing program 1:

19:12:06 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet(r0, &(0x7f000000e380)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0x64010101}, 0x10, &(0x7f0000001480)=[{&(0x7f0000000180)="07206fb09cc2f62e4e51938592ff7c8815af24927b3f202187d939ab8db849e3628b6c8ba9542f714975d942ccf9b2a4972bad0aa3b9cd1991899af8d0b369a4c5f004bfca3c2606caa72f8a7e98ea2606382116c4e25e4e23a74022366784c3477408cda3e089e9fa01558a1a8269c95c7fefbe27167f72c569f6f59441cec5ae1f8f1d83415427d5c2d22003", 0x8d}, {&(0x7f0000000240)="ffadc9c6c9bc1ec08b635cbca4fd2b5a28cab2f578e02fd0c33ff5a36eef8150", 0x20}, {&(0x7f0000000280)='CzB', 0x3}, {&(0x7f00000002c0)="9088a173033e13f6c2430f23cd2d720da4f8e2071685e694d1a709b585e6f4a1500d0d961ba9ad146b28cc0b92ca4779a09859a2696c3694d15acb97780ab42d2b6ab8f1c306049253348a7a8a1b000f4c26263bf60ae0209f02d94722c4e1f80448c99e76a9d9c8ab5ea389fb9f78826fb3b8fc30", 0x75}, {&(0x7f0000000340)="02a7085731e6d12983969aeda065f5e552dcdbdd6b2b71f637e3b90cfcc820", 0x1f}, {&(0x7f0000000380)="aac089723597be572d14826487d0669f40e9cc54e4c7cc11657ae1de336ecc6d", 0x20}, {&(0x7f00000003c0)="4776375050fcdabfdf31644a44828a949f8e64fbd45c30069b2d1ab5ae5b51c6c15eb1d619345e2f239093388adb524f97c4394d3a135eaf40d98ece40dbf82c025e6bc476e7e22d4b1cbdf12b235a9cecc67be55228feff0252f0aec7f92dbbf568dfdef9bc05a6fd66694042b548855abc9aa9eb47cc4c9c7705729ef4b52a94121d7b105e569fd75607f2b30c3b078619f88aabed3b648919854827bfb4c114126869a76cda753cce6da98ea440f0623262579b7b65be262059", 0xbb}, {&(0x7f0000000480)="e31e31fe68212cb40c24f202efeab36615538342821c8f59c7360e1d8529f06bddfb8c6da78e60932b9b03e98f60b0e3a0efd7c4c81c5156a99c9713ab62e1de610b542e1e735acaaf5d436a9ff975c1fab704bd4f791c49af7e560bdf6eeefe4fa42529295ccb87c6d4cc8b31d97fea815891698d3c54b21e84355cb1a9fc6d39a1733f055c84a29821f6b4e15c712165e12604b3f6def950ab8aca0c7c1942a2cd6255bc717994f7c4ad21e10d32094d5591b83bffe1f219dbc7fd1432060b726645e61ff7669044f7a7c541b86717d4e4fb5851131f7e4dd7efd4fb0a362d4f412ffba9812b1ef1797780dcc9574a8de13321b6604baf825f5bd09f14b2432a26e50482706531960e6b3a8c82c6de48ad66ab9e007bcf1d785a87d34ab54bdf2008b16decd5811dce3ba070b9b46bf5f8fc9cbaceb49b89357b2388923af80564d1d0c910e6efcc537660bf0a056bd90083d69ed22b56fad78a626d4602cdf2e1892d41e6130aea15743c5dbb4acc6a7b151b610c15d8848ef57c9f52834073f48d2827e46a6834820b05c250eae6398e853a0b16c2fe83765465804e28b8dcad575d5403f3b9b930dcee1551fea4d6425cc65091ceaa9b93f1c8d6906883d00eb3438e55333f223d6c5a369f0d595b0a2b7f345a0ac43f84d0359382945f43d642671dc8fa01ac99f4adc6262d91ca3b07abe0fca92a1df3cb672ea4c28506834a1300af1d515680c6c511e2cafac885e27fae6db7317e338571ad2b767b09ddc08327ae5fd16ef5cf617a8756f052653a003b19da10e5a6e8c1e99779682c0a0a6406613a8f11c604e9cd16367ae868963327648c4badf374d05a92c0e8890bffecf8ca86377aedda794d20ac182076240b4ad140db41f932f9654e2628c7f7e9bdaac19f4174887785dd4f3523304bb85644783a1405cb96b768a42f4bf28dbda3ad65e0725bc7e1f35ff6102270e06aa7d7714da237103bbb5d034f4e48fc6b8522", 0x2c5}], 0x8}}], 0x1, 0x0)

19:12:06 executing program 2:

19:12:06 executing program 3:

19:12:06 executing program 1:

19:12:06 executing program 1:

19:12:06 executing program 2:

19:12:06 executing program 3:

19:12:06 executing program 3:

19:12:07 executing program 0:

19:12:07 executing program 1:

19:12:07 executing program 2:

19:12:07 executing program 3:

19:12:07 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x73, 0x0, &(0x7f0000000140))

19:12:07 executing program 1:

19:12:07 executing program 2:

19:12:07 executing program 1:

19:12:07 executing program 0:

19:12:07 executing program 2:

19:12:07 executing program 3:

19:12:07 executing program 0:

19:12:07 executing program 2:

19:12:07 executing program 3:

19:12:07 executing program 1:

19:12:07 executing program 0:

19:12:07 executing program 2:

19:12:07 executing program 3:

19:12:08 executing program 0:

19:12:08 executing program 1:

19:12:08 executing program 2:

19:12:08 executing program 0:

19:12:08 executing program 3:

19:12:08 executing program 2:

19:12:08 executing program 1:

19:12:08 executing program 0:

19:12:08 executing program 1:

19:12:08 executing program 3:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 1:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 3:

19:12:08 executing program 1:

19:12:08 executing program 2:

19:12:08 executing program 0:

19:12:08 executing program 1:

19:12:08 executing program 3:

19:12:08 executing program 2:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 1:

19:12:08 executing program 3:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 3:

19:12:08 executing program 1:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 3:

19:12:08 executing program 2:

19:12:08 executing program 1:

19:12:08 executing program 0:

19:12:08 executing program 3:

19:12:08 executing program 1:

19:12:08 executing program 2:

19:12:08 executing program 0:

19:12:08 executing program 3:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 1:

19:12:08 executing program 2:

19:12:08 executing program 3:

19:12:08 executing program 0:

19:12:08 executing program 1:

19:12:08 executing program 2:

19:12:08 executing program 3:

19:12:08 executing program 0:

19:12:08 executing program 1:

19:12:08 executing program 3:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 1:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 3:

19:12:08 executing program 1:

19:12:08 executing program 0:

19:12:08 executing program 2:

19:12:08 executing program 3:

19:12:08 executing program 1:

19:12:08 executing program 0:

19:12:09 executing program 2:

19:12:09 executing program 0:

19:12:09 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40, 0x0)

19:12:09 executing program 3:

19:12:09 executing program 3:

19:12:09 executing program 0:

19:12:09 executing program 2:

19:12:09 executing program 1:

19:12:09 executing program 0:

19:12:09 executing program 1:

19:12:09 executing program 2:

19:12:09 executing program 3:

19:12:09 executing program 1:

19:12:09 executing program 3:

19:12:09 executing program 0:

19:12:09 executing program 2:

19:12:09 executing program 1:

19:12:09 executing program 3:

19:12:09 executing program 2:

19:12:09 executing program 0:

19:12:09 executing program 1:

19:12:09 executing program 0:

19:12:09 executing program 3:

19:12:09 executing program 2:

19:12:09 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 1:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 3:

19:12:10 executing program 1:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 0:

19:12:10 executing program 1:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 3:

19:12:10 executing program 1:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 3:

19:12:10 executing program 2:

19:12:10 executing program 3:

19:12:10 executing program 1:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 3:

19:12:10 executing program 1:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 3:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 1:

19:12:10 executing program 0:

19:12:10 executing program 3:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 3:

19:12:10 executing program 1:

19:12:10 executing program 0:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 3:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 1:

19:12:10 executing program 2:

19:12:10 executing program 3:

19:12:10 executing program 0:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 1:

19:12:10 executing program 3:

19:12:10 executing program 2:

19:12:10 executing program 0:

19:12:10 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 0:

19:12:11 executing program 1:

19:12:11 executing program 3:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 1:

19:12:11 executing program 3:

19:12:11 executing program 0:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 2:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 0:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 1:

19:12:11 executing program 3:

19:12:11 executing program 2:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 0:

19:12:11 executing program 2:

19:12:11 executing program 1:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 3:

19:12:11 executing program 0:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 3:

19:12:11 executing program 0:

19:12:11 executing program 2:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 0:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 1:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 1:

19:12:11 executing program 2:

19:12:11 executing program 0:

19:12:11 executing program 3:

19:12:11 executing program 0:

19:12:11 executing program 2:

19:12:11 executing program 1:

19:12:11 executing program 3:

19:12:11 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 3:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 3:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 3:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 1:

19:12:12 executing program 3:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 0:

19:12:12 executing program 2:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 2:

19:12:12 executing program 1:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 2:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 3:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 3:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:12 executing program 0:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 3:

19:12:12 executing program 0:

19:12:12 executing program 2:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 2:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:12 executing program 2:

19:12:12 executing program 0:

19:12:12 executing program 3:

19:12:12 executing program 1:

19:12:13 executing program 2:

19:12:13 executing program 3:

19:12:13 executing program 0:

19:12:13 executing program 1:

19:12:13 executing program 3:

19:12:13 executing program 0:

19:12:13 executing program 2:

19:12:13 executing program 1:

19:12:13 executing program 3:

19:12:13 executing program 2:

19:12:13 executing program 0:

19:12:13 executing program 3:

19:12:13 executing program 1:

19:12:13 executing program 0:

19:12:13 executing program 2:

19:12:13 executing program 1:

19:12:13 executing program 3:

19:12:13 executing program 1:

19:12:13 executing program 0:

19:12:13 executing program 2:

19:12:13 executing program 3:

19:12:13 executing program 2:

19:12:13 executing program 3:

19:12:13 executing program 1:

19:12:13 executing program 0:

19:12:13 executing program 2:

19:12:13 executing program 3:

19:12:13 executing program 1:

19:12:13 executing program 2:

19:12:13 executing program 0:

19:12:13 executing program 3:

19:12:13 executing program 1:

19:12:13 executing program 0:

19:12:13 executing program 2:

19:12:13 executing program 3:

19:12:13 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000580)=@flushpolicy={0x34, 0x1d, 0x58ae0367ae7f2861, 0x0, 0x0, "", [@lifetime_val={0x24}]}, 0x34}}, 0x0)

19:12:13 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000007c0)=@flushpolicy={0xf0, 0x1d, 0x58ae0367ae7f2861, 0x0, 0x0, "", [@sa={0xe0, 0x6, {{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@private1}, @in=@broadcast}}]}, 0xf0}}, 0x0)

19:12:13 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='comm\x00')
write$cgroup_devices(r0, 0x0, 0x9)

19:12:13 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000600)={0x0, @nl=@unspec, @isdn, @isdn, 0xba63})

19:12:13 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000580)=@flushpolicy={0x1c, 0x1d, 0x58ae0367ae7f2861, 0x0, 0x0, "", [@policy_type={0xa}]}, 0x1c}}, 0x0)

[  229.142808][T10450] ==================================================================
19:12:14 executing program 2:

19:12:14 executing program 3:

[  229.158527][T10450] BUG: KASAN: slab-out-of-bounds in xfrm_attr_cpy32+0x15a/0x1d0
[  229.192713][T10450] Write of size 4 at addr ffff88806884bcf4 by task syz-executor.1/10450
[  229.208193][T10450] 
19:12:14 executing program 0:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='loginuid\x00')
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r1, @ANYRESOCT], 0xfffffffffffffe0e)

19:12:14 executing program 3:
clock_getres(0xbc5cb1fcaf4eb800, 0x0)

[  229.208193][T10450] CPU: 3 PID: 10450 Comm: syz-executor.1 Not tainted 5.10.0-rc6-syzkaller #0
[  229.212426][T10450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  229.240425][T10450] Call Trace:
[  229.240425][T10450]  dump_stack+0x107/0x163
[  229.256282][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  229.259057][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  229.259057][T10450]  print_address_description.constprop.0.cold+0xae/0x4c8
[  229.291081][T10450]  ? _raw_spin_lock_irqsave+0x4e/0x50
[  229.296793][T10450]  ? vprintk_func+0x95/0x1e0
[  229.303957][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  229.316518][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  229.323783][T10450]  kasan_report.cold+0x1f/0x37
[  229.330981][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  229.339544][T10450]  check_memory_region+0x13d/0x180
[  229.347546][T10450]  memset+0x20/0x40
[  229.353063][T10450]  xfrm_attr_cpy32+0x15a/0x1d0
[  229.359304][T10450]  xfrm_user_rcv_msg_compat+0x76b/0x1040
[  229.366303][T10450]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  229.373273][T10450]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  229.380367][T10450]  ? mark_lock+0xf7/0x1730
[  229.386350][T10450]  ? security_capable+0x8f/0xc0
[  229.400658][T10450]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  229.411840][T10450]  xfrm_user_rcv_msg+0x55b/0x8b0
[  229.420975][T10450]  ? _raw_spin_unlock_irq+0x2a/0x40
[  229.428044][T10450]  ? xfrm_do_migrate+0x800/0x800
[  229.435216][T10450]  ? __schedule+0x89b/0x2130
[  229.441242][T10450]  ? io_schedule_timeout+0x140/0x140
[  229.451003][T10450]  ? lock_release+0x710/0x710
[  229.458237][T10450]  ? preempt_schedule_thunk+0x16/0x18
[  229.465850][T10450]  ? preempt_schedule_common+0x59/0xc0
[  229.473248][T10450]  ? preempt_schedule_thunk+0x16/0x18
[  229.480377][T10450]  ? __mutex_lock+0xc00/0x10e0
[  229.486299][T10450]  netlink_rcv_skb+0x153/0x420
[  229.497390][T10450]  ? xfrm_do_migrate+0x800/0x800
[  229.508205][T10450]  ? netlink_ack+0xaa0/0xaa0
[  229.513886][T10450]  xfrm_netlink_rcv+0x6b/0x90
[  229.523148][T10450]  netlink_unicast+0x533/0x7d0
[  229.532250][T10450]  ? netlink_attachskb+0x810/0x810
[  229.539509][T10450]  ? __phys_addr_symbol+0x2c/0x70
[  229.557164][T10450]  ? __check_object_size+0x171/0x3f0
[  229.566811][T10450]  netlink_sendmsg+0x856/0xd90
[  229.575501][T10450]  ? netlink_unicast+0x7d0/0x7d0
[  229.583302][T10450]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  229.592228][T10450]  ? netlink_unicast+0x7d0/0x7d0
[  229.600579][T10450]  sock_sendmsg+0xcf/0x120
[  229.608164][T10450]  ____sys_sendmsg+0x6e8/0x810
[  229.620487][T10450]  ? kernel_sendmsg+0x50/0x50
[  229.629862][T10450]  ? do_recvmmsg+0x6c0/0x6c0
[  229.639148][T10450]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  229.652152][T10450]  ___sys_sendmsg+0xf3/0x170
[  229.660564][T10450]  ? sendmsg_copy_msghdr+0x160/0x160
[  229.670763][T10450]  ? __fget_files+0x272/0x400
[  229.683305][T10450]  ? lock_downgrade+0x6d0/0x6d0
[  229.700003][T10450]  ? find_held_lock+0x2d/0x110
[  229.711849][T10450]  ? __fget_files+0x294/0x400
[  229.730318][T10450]  ? __fget_light+0xea/0x280
[  229.741076][T10450]  __sys_sendmsg+0xe5/0x1b0
[  229.751082][T10450]  ? __sys_sendmsg_sock+0xb0/0xb0
[  229.761104][T10450]  ? syscall_enter_from_user_mode_prepare+0x13/0x20
[  229.773476][T10450]  __do_fast_syscall_32+0x56/0x80
[  229.789611][T10450]  do_fast_syscall_32+0x2f/0x70
[  229.803220][T10450]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  229.816699][T10450] RIP: 0023:0xf7f71549
[  229.824863][T10450] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  229.873344][T10450] RSP: 002b:00000000f556b0bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  229.894461][T10450] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000780
[  229.908869][T10450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  229.923732][T10450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.936222][T10450] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  229.953146][T10450] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.966727][T10450] 
[  229.976083][T10450] Allocated by task 10450:
[  229.983085][T10450]  kasan_save_stack+0x1b/0x40
[  229.983085][T10450]  __kasan_kmalloc.constprop.0+0xc2/0xd0
[  230.003402][T10450]  kvmalloc_node+0x61/0xf0
[  230.026033][T10450]  xfrm_user_rcv_msg_compat+0x3cd/0x1040
[  230.045527][T10450]  xfrm_user_rcv_msg+0x55b/0x8b0
[  230.063392][T10450]  netlink_rcv_skb+0x153/0x420
[  230.083296][T10450]  xfrm_netlink_rcv+0x6b/0x90
[  230.096544][T10450]  netlink_unicast+0x533/0x7d0
[  230.116546][T10450]  netlink_sendmsg+0x856/0xd90
[  230.123040][T10450]  sock_sendmsg+0xcf/0x120
[  230.136476][T10450]  ____sys_sendmsg+0x6e8/0x810
[  230.156662][T10450]  ___sys_sendmsg+0xf3/0x170
[  230.163097][T10450]  __sys_sendmsg+0xe5/0x1b0
[  230.183805][T10450]  __do_fast_syscall_32+0x56/0x80
[  230.196335][T10450]  do_fast_syscall_32+0x2f/0x70
[  230.213597][T10450]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  230.224934][T10450] 
[  230.236286][T10450] The buggy address belongs to the object at ffff88806884bc00
[  230.236286][T10450]  which belongs to the cache kmalloc-256 of size 256
[  230.276271][T10450] The buggy address is located 244 bytes inside of
[  230.276271][T10450]  256-byte region [ffff88806884bc00, ffff88806884bd00)
[  230.303191][T10450] The buggy address belongs to the page:
[  230.303191][T10450] page:00000000d153769e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68848
[  230.333265][T10450] head:00000000d153769e order:2 compound_mapcount:0 compound_pincount:0
[  230.343274][T10450] flags: 0x4fff00000010200(slab|head)
[  230.356229][T10450] raw: 04fff00000010200 dead000000000100 dead000000000122 ffff888010043400
[  230.363151][T10450] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[  230.383157][T10450] page dumped because: kasan: bad access detected
[  230.383157][T10450] 
[  230.406047][T10450] Memory state around the buggy address:
[  230.413072][T10450]  ffff88806884bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  230.433734][T10450]  ffff88806884bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  230.446095][T10450] >ffff88806884bc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 fc
[  230.466508][T10450]                                                              ^
[  230.473106][T10450]  ffff88806884bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  230.493180][T10450]  ffff88806884bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  230.503058][T10450] ==================================================================
[  230.513599][T10450] Disabling lock debugging due to kernel taint
[  230.532649][T10450] Kernel panic - not syncing: panic_on_warn set ...
[  230.543114][T10450] CPU: 3 PID: 10450 Comm: syz-executor.1 Tainted: G    B             5.10.0-rc6-syzkaller #0
[  230.557126][T10450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  230.577396][T10450] Call Trace:
[  230.582021][T10450]  dump_stack+0x107/0x163
[  230.589159][T10450]  ? xfrm_attr_cpy32+0x90/0x1d0
[  230.596139][T10450]  panic+0x306/0x73d
[  230.601919][T10450]  ? __warn_printk+0xf3/0xf3
[  230.608926][T10450]  ? preempt_schedule_common+0x59/0xc0
[  230.615858][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  230.623627][T10450]  ? preempt_schedule_thunk+0x16/0x18
[  230.632094][T10450]  ? trace_hardirqs_on+0x51/0x1c0
[  230.640463][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  230.647543][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  230.654547][T10450]  end_report+0x58/0x5e
[  230.660369][T10450]  kasan_report.cold+0xd/0x37
[  230.667327][T10450]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  230.673269][T10450]  check_memory_region+0x13d/0x180
[  230.680192][T10450]  memset+0x20/0x40
[  230.684840][T10450]  xfrm_attr_cpy32+0x15a/0x1d0
[  230.691877][T10450]  xfrm_user_rcv_msg_compat+0x76b/0x1040
[  230.698920][T10450]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  230.707204][T10450]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  230.716734][T10450]  ? mark_lock+0xf7/0x1730
[  230.723038][T10450]  ? security_capable+0x8f/0xc0
[  230.729609][T10450]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  230.737145][T10450]  xfrm_user_rcv_msg+0x55b/0x8b0
[  230.744309][T10450]  ? _raw_spin_unlock_irq+0x2a/0x40
[  230.751201][T10450]  ? xfrm_do_migrate+0x800/0x800
[  230.760690][T10450]  ? __schedule+0x89b/0x2130
[  230.767787][T10450]  ? io_schedule_timeout+0x140/0x140
[  230.776225][T10450]  ? lock_release+0x710/0x710
[  230.783670][T10450]  ? preempt_schedule_thunk+0x16/0x18
[  230.791690][T10450]  ? preempt_schedule_common+0x59/0xc0
[  230.798756][T10450]  ? preempt_schedule_thunk+0x16/0x18
[  230.807024][T10450]  ? __mutex_lock+0xc00/0x10e0
[  230.819322][T10450]  netlink_rcv_skb+0x153/0x420
[  230.830171][T10450]  ? xfrm_do_migrate+0x800/0x800
[  230.839288][T10450]  ? netlink_ack+0xaa0/0xaa0
[  230.844057][T10450]  xfrm_netlink_rcv+0x6b/0x90
[  230.861278][T10450]  netlink_unicast+0x533/0x7d0
[  230.869623][T10450]  ? netlink_attachskb+0x810/0x810
[  230.880782][T10450]  ? __phys_addr_symbol+0x2c/0x70
[  230.889013][T10450]  ? __check_object_size+0x171/0x3f0
[  230.897256][T10450]  netlink_sendmsg+0x856/0xd90
[  230.904464][T10450]  ? netlink_unicast+0x7d0/0x7d0
[  230.912633][T10450]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  230.919605][T10450]  ? netlink_unicast+0x7d0/0x7d0
[  230.926493][T10450]  sock_sendmsg+0xcf/0x120
[  230.932391][T10450]  ____sys_sendmsg+0x6e8/0x810
[  230.938362][T10450]  ? kernel_sendmsg+0x50/0x50
[  230.945566][T10450]  ? do_recvmmsg+0x6c0/0x6c0
[  230.951359][T10450]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  230.958265][T10450]  ___sys_sendmsg+0xf3/0x170
[  230.963490][T10450]  ? sendmsg_copy_msghdr+0x160/0x160
[  230.974981][T10450]  ? __fget_files+0x272/0x400
[  230.982018][T10450]  ? lock_downgrade+0x6d0/0x6d0
[  230.988076][T10450]  ? find_held_lock+0x2d/0x110
[  230.995229][T10450]  ? __fget_files+0x294/0x400
[  231.005217][T10450]  ? __fget_light+0xea/0x280
[  231.014468][T10450]  __sys_sendmsg+0xe5/0x1b0
[  231.021871][T10450]  ? __sys_sendmsg_sock+0xb0/0xb0
[  231.028866][T10450]  ? syscall_enter_from_user_mode_prepare+0x13/0x20
[  231.041421][T10450]  __do_fast_syscall_32+0x56/0x80
[  231.048634][T10450]  do_fast_syscall_32+0x2f/0x70
[  231.055740][T10450]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  231.065054][T10450] RIP: 0023:0xf7f71549
[  231.070951][T10450] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  231.103047][T10450] RSP: 002b:00000000f556b0bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  231.118213][T10450] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000780
[  231.137347][T10450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  231.151815][T10450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  231.166549][T10450] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  231.183991][T10450] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  231.204960][T10450] Kernel Offset: disabled
[  231.204960][T10450] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:12:15  Registers:
info registers vcpu 0
RAX=fffff520002fef50 RBX=1ffff920002fef50 RCX=ffffffff8155a937 RDX=dffffc0000000000
RSI=ffff888011e52a98 RDI=ffff888011e52180 RBP=0000000000000006 RSP=ffffc900017f7a50
R8 =0000000000000000 R9 =ffffffff8ecc1737 R10=fffffbfff1d982e6 R11=0000000000000000
R12=0000000000000006 R13=dffffc0000000000 R14=ffff888011e52a98 R15=ffffffff888f3950
RIP=ffffffff8155a890 RFL=00000806 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000b019984 CR3=000000006553d000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000052
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000080000000 RBX=00000000c50a2375 RCX=ffffffff837fe38c RDX=ffff888012612180
RSI=ffffffff837fe399 RDI=0000000000000004 RBP=00000000c50a2375 RSP=ffffc90000d37a58
R8 =0000000000000000 R9 =0000000000000000 R10=00000000c50a2375 R11=0000000000000000
R12=0000000000000000 R13=ffff888068826000 R14=ffff88801bdb0228 R15=0000000000000007
RIP=ffffffff81700499 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f99b9f517a0 ffffffff 00c00000
GS =0000 ffff88802cd00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000003c000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000000d722a8 CR3=000000001c3fd000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000052
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=0000000000000001 RBX=1ffff920002b0ec4 RCX=ffffffff81562cc8 RDX=0000000000000001
RSI=ffffffff899d9200 RDI=ffffffff899d9240 RBP=0000000000000000 RSP=ffffc900015875c0
R8 =0000000000000000 R9 =ffffffff8cecaa4f R10=fffffbfff19d9549 R11=0000000000000000
R12=0000000000000001 R13=ffffffff899d9200 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff88e582aa RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f99b9f517a0 ffffffff 00c00000
GS =0000 ffff88802ce00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000077000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f99b9f58000 CR3=00000000628b2000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=20202020202020202020202020202020
XMM02=000000000000000000ff0000ff000000 XMM03=00000000000000000000000000000000
XMM04=75722f766564752f62696c2f002f2a2f XMM05=5b6d626974627c2a5d392d305b646d7c
XMM06=2d305b6d626974627c2a5d392d305b64 XMM07=2d63707276633a3174633a554d45516e
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff840e8681 RDI=ffffffff8fad7ae0 RBP=ffffffff8fad7aa0 RSP=ffffc90000cf6ec0
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000000
R12=0000000000000066 R13=0000000000000066 R14=ffffffff8fad7aa0 R15=dffffc0000000000
RIP=ffffffff840e86d8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802cf00000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000b2000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000000413720 CR3=00000000146e3000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000052
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000