Warning: Permanently added '[localhost]:23510' (ECDSA) to the list of known hosts.
2020/08/07 17:23:30 fuzzer started
2020/08/07 17:23:31 dialing manager at 10.0.2.10:44085
2020/08/07 17:23:32 syscalls: 3264
2020/08/07 17:23:32 code coverage: enabled
2020/08/07 17:23:32 comparison tracing: enabled
2020/08/07 17:23:32 extra coverage: enabled
2020/08/07 17:23:32 setuid sandbox: enabled
2020/08/07 17:23:32 namespace sandbox: enabled
2020/08/07 17:23:32 Android sandbox: /sys/fs/selinux/policy does not exist
2020/08/07 17:23:32 fault injection: enabled
2020/08/07 17:23:32 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/08/07 17:23:32 net packet injection: enabled
2020/08/07 17:23:32 net device setup: enabled
2020/08/07 17:23:32 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/08/07 17:23:32 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/08/07 17:23:32 USB emulation: enabled
2020/08/07 17:23:32 hci packet injection: enabled
17:24:41 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x10}}, @ip_ttl={{0x14}}], 0x28}, 0x0)

17:24:41 executing program 1:
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @local}}}, @ip_retopts={{0x10}}], 0x30}, 0x0)
syz_genetlink_get_family_id$net_dm(&(0x7f00000000c0)='NET_DM\x00')

17:24:41 executing program 2:
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0)
link(&(0x7f0000000200)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00')

syzkaller login: [  264.922139][ T9498] IPVS: ftp: loaded support on port[0] = 21
[  264.972034][ T9500] IPVS: ftp: loaded support on port[0] = 21
17:24:42 executing program 3:
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  265.056425][ T9501] IPVS: ftp: loaded support on port[0] = 21
[  265.361575][ T9503] IPVS: ftp: loaded support on port[0] = 21
[  265.645938][ T9501] chnl_net:caif_netlink_parms(): no params data found
[  265.697804][ T9500] chnl_net:caif_netlink_parms(): no params data found
[  265.799901][ T9498] chnl_net:caif_netlink_parms(): no params data found
[  265.920080][ T9503] chnl_net:caif_netlink_parms(): no params data found
[  265.955311][ T9500] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.970156][ T9500] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.989093][ T9500] device bridge_slave_0 entered promiscuous mode
[  266.019011][ T9500] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.033517][ T9500] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.048017][ T9500] device bridge_slave_1 entered promiscuous mode
[  266.083418][ T9501] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.107473][ T9501] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.133384][ T9501] device bridge_slave_0 entered promiscuous mode
[  266.200950][ T9501] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.228844][ T9501] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.265806][ T9501] device bridge_slave_1 entered promiscuous mode
[  266.302812][ T9500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.360793][ T9500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.423860][ T9498] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.448298][ T9498] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.474649][ T9498] device bridge_slave_0 entered promiscuous mode
[  266.498040][ T9501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.557162][ T9500] team0: Port device team_slave_0 added
[  266.583275][ T9503] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.610022][ T9503] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.640620][ T9503] device bridge_slave_0 entered promiscuous mode
[  266.672616][ T9498] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.703390][ T9498] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.737861][ T9498] device bridge_slave_1 entered promiscuous mode
[  266.755225][ T9501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.773114][ T9500] team0: Port device team_slave_1 added
[  266.805527][ T9503] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.821200][ T9503] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.837699][ T9503] device bridge_slave_1 entered promiscuous mode
[  266.890292][ T9503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.925254][ T9498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.944987][ T9500] batman_adv: batadv0: Adding interface: batadv_slave_0
[  266.957379][ T9500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.027319][ T9500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.055604][ T9503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.077058][ T9501] team0: Port device team_slave_0 added
[  267.090519][ T9498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.108926][ T9500] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.122609][ T9500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.171314][ T9500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.206745][ T9501] team0: Port device team_slave_1 added
[  267.236820][ T9498] team0: Port device team_slave_0 added
[  267.253286][ T9498] team0: Port device team_slave_1 added
[  267.278864][ T9503] team0: Port device team_slave_0 added
[  267.295279][ T9503] team0: Port device team_slave_1 added
[  267.344389][ T9501] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.360777][ T9501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.410306][ T9501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.437692][ T9501] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.454636][ T9501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.533051][ T9501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.572840][ T9500] device hsr_slave_0 entered promiscuous mode
[  267.588913][ T9500] device hsr_slave_1 entered promiscuous mode
[  267.608687][ T9503] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.635149][ T9503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.699161][ T9503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.720477][ T9498] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.733272][ T9498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.787752][ T9498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.829701][ T9498] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.848431][ T9498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.924451][ T9498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.981222][ T9503] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.014699][ T9503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.115841][ T9503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.251394][ T9501] device hsr_slave_0 entered promiscuous mode
[  268.284953][ T9501] device hsr_slave_1 entered promiscuous mode
[  268.313074][ T9501] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.334833][ T9501] Cannot create hsr debugfs directory
[  268.356015][ T9503] device hsr_slave_0 entered promiscuous mode
[  268.373702][ T9503] device hsr_slave_1 entered promiscuous mode
[  268.386452][ T9503] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.400572][ T9503] Cannot create hsr debugfs directory
[  268.414141][ T9498] device hsr_slave_0 entered promiscuous mode
[  268.427303][ T9498] device hsr_slave_1 entered promiscuous mode
[  268.442371][ T9498] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.462684][ T9498] Cannot create hsr debugfs directory
[  268.918106][ T9500] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  268.962826][ T9500] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  268.988784][ T9500] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  269.018170][ T9501] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  269.048726][ T9500] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  269.078506][ T9501] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  269.104865][ T9501] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  269.150622][ T9501] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  269.207490][ T9498] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  269.248024][ T9498] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  269.278217][ T9498] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  269.295129][ T9498] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  269.308934][ T9503] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  269.323420][ T9503] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  269.351734][ T9503] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  269.378055][ T9503] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  269.504032][ T9500] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.544555][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  269.581214][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  269.606691][ T9500] 8021q: adding VLAN 0 to HW filter on device team0
[  269.664515][   T84] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  269.685049][   T84] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.706015][   T84] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.725818][   T84] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.770663][ T9501] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.796231][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.831796][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  269.874139][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.907130][ T9517] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.925339][ T9517] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.953941][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  269.987298][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  270.005526][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  270.023280][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  270.042446][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  270.066284][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  270.080606][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.096718][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  270.112328][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  270.131661][ T9501] 8021q: adding VLAN 0 to HW filter on device team0
[  270.162353][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  270.179741][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.196000][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  270.213575][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  270.236550][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.252963][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.281030][ T9503] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.295181][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  270.312525][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  270.328665][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.355000][ T9500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  270.374318][ T9498] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.388255][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  270.403689][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  270.417685][ T9517] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.433317][ T9517] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.449768][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  270.473700][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  270.494197][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  270.511214][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.534191][ T9503] 8021q: adding VLAN 0 to HW filter on device team0
[  270.556365][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  270.575792][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  270.591490][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  270.612806][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  270.631581][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.650279][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  270.673164][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  270.700926][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  270.720056][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  270.736964][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  270.755461][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  270.771414][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.788674][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.822081][ T9501] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  270.856505][ T9501] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  270.894872][ T9498] 8021q: adding VLAN 0 to HW filter on device team0
[  270.931308][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  270.945565][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  270.971738][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.988772][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  271.004940][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  271.022086][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  271.036957][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  271.052480][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.064425][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.080097][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  271.095069][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  271.110224][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  271.124733][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  271.141408][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  271.156481][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  271.173559][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  271.195668][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  271.215106][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  271.228246][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  271.248239][ T9500] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.266311][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  271.280421][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  271.310325][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  271.324679][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  271.341485][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.354937][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.367138][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  271.379956][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  271.392498][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  271.407177][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  271.422933][   T18] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.436230][   T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.453440][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  271.466792][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  271.485206][ T9501] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.511901][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  271.526255][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  271.540721][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  271.553936][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  271.568305][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  271.596064][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  271.612890][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  271.627338][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  271.641693][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  271.659794][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  271.678209][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  271.698008][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  271.726415][ T9503] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.756766][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  271.775428][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  271.805617][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  271.825833][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  271.851523][ T9498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  271.870558][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  271.886881][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  271.910542][ T9500] device veth0_vlan entered promiscuous mode
[  271.926923][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  271.943951][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  271.968452][ T9501] device veth0_vlan entered promiscuous mode
[  271.986251][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  272.001808][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  272.023629][ T9500] device veth1_vlan entered promiscuous mode
[  272.041635][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  272.057624][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  272.072308][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  272.086874][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  272.101602][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  272.126452][ T9501] device veth1_vlan entered promiscuous mode
[  272.158329][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  272.173903][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  272.188480][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  272.200889][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  272.222309][ T9498] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.238742][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  272.254094][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  272.268206][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  272.283308][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  272.296257][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  272.313041][ T9503] device veth0_vlan entered promiscuous mode
[  272.333921][ T9503] device veth1_vlan entered promiscuous mode
[  272.347420][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  272.377730][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  272.394048][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.411669][ T9500] device veth0_macvtap entered promiscuous mode
[  272.442064][ T9500] device veth1_macvtap entered promiscuous mode
[  272.464778][ T9529] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  272.497031][ T9529] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  272.520566][ T9529] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  272.537991][ T9529] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.556832][ T9501] device veth0_macvtap entered promiscuous mode
[  272.583115][ T9501] device veth1_macvtap entered promiscuous mode
[  272.632161][ T9500] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.656078][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  272.676633][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  272.698830][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  272.719137][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.743081][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  272.764451][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.803467][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  272.852427][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  272.898301][ T9501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  272.956305][ T9501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.017464][ T9501] batman_adv: batadv0: Interface activated: batadv_slave_0
[  273.058344][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  273.090479][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  273.125828][ T9500] batman_adv: batadv0: Interface activated: batadv_slave_1
[  273.156917][ T9501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  273.211538][ T9501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.253034][ T9501] batman_adv: batadv0: Interface activated: batadv_slave_1
[  273.278852][ T9503] device veth0_macvtap entered promiscuous mode
[  273.310750][ T9500] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.331604][ T9500] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.349104][ T9500] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.370004][ T9500] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.399808][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  273.420086][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  273.441900][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  273.465217][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  273.486265][ T9517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  273.511098][ T9501] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.536179][ T9501] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.558201][ T9501] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.583934][ T9501] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.627419][ T9498] device veth0_vlan entered promiscuous mode
[  273.655716][ T9503] device veth1_macvtap entered promiscuous mode
[  273.697762][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  273.730847][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  273.928315][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  273.971172][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  274.015811][ T9503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  274.081277][ T9503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.140418][ T9503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  274.211813][ T9503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.272253][ T9503] batman_adv: batadv0: Interface activated: batadv_slave_0
[  274.316669][ T9498] device veth1_vlan entered promiscuous mode
[  274.346314][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  274.370089][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  274.398371][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  274.464385][ T9503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  274.504716][ T9503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.532366][ T9503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  274.574206][ T9503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.607058][ T9503] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.636473][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  274.657595][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  274.683973][ T9503] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.703544][ T9503] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.723640][ T9503] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.742504][ T9503] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.790613][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  274.807488][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  274.832916][ T9498] device veth0_macvtap entered promiscuous mode
[  274.851317][ T9498] device veth1_macvtap entered promiscuous mode
[  274.883793][ T9498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  274.905584][ T9498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.923185][ T9498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  274.941935][ T9498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.963757][ T9498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  274.991692][ T9498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.016136][ T9498] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.037738][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  275.061513][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  275.092275][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  275.141360][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  275.177381][ T9498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  275.201845][ T9498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.230472][ T9498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  275.267746][ T9498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.293910][ T9498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  275.314134][ T9498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.332191][ T9498] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.348482][ T9527] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  275.364990][ T9527] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  275.385364][ T9498] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.400939][ T9498] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.421660][ T9498] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.445205][ T9498] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.716931][ T9500] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
17:24:53 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendfile(r1, r0, 0x0, 0x800000bf)

17:24:53 executing program 3:
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)

17:24:53 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0x4, r2}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

17:24:53 executing program 3:
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  276.401850][ T9556] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  276.484913][ T9561] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
17:24:53 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d40800002a00db4bb9e6d5fb16c54f4d98e52ac0", @ANYRES32], 0x2}}, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)={@mcast2}, 0x14)
r2 = socket$inet(0x10, 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x84ffde, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)

17:24:53 executing program 3:
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)

17:24:53 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendfile(r1, r0, 0x0, 0x800000bf)

17:24:53 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'ip6erspan0\x00', 0x1})
clone(0x13102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket(0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x8000000000000200)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000200)=""/157, &(0x7f0000000040)=0x9d)
r1 = perf_event_open(&(0x7f0000000400)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0), 0x8}, 0x0, 0x0, 0x81, 0x1, 0x72}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x0)

17:24:54 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendfile(r1, r0, 0x0, 0x800000bf)

17:24:54 executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x2, 0x4, 0x6d, 0x2, 0x0, 0x0}, 0x1a)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r0, &(0x7f0000000000)="8d", 0x0}, 0x20)

17:24:54 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendfile(r1, r0, 0x0, 0x800000bf)

17:24:54 executing program 3:
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffd76, &(0x7f0000000000)='/proc/sys/net/ipv4\x00\x00s/sync_\x00le\xf44.\xab%n'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

17:24:54 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

17:24:54 executing program 3:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x275a, 0x0)
write$FUSE_INIT(r1, 0x0, 0x0)

17:24:54 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x2, 0x4, 0x6d, 0x2, 0x0, 0x0}, 0x1a)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r0, 0x0, &(0x7f0000000040)=""/171}, 0x20)

17:24:54 executing program 0:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002a80)=[{{&(0x7f0000000100)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000002a40)=[@pktinfo={{0x24, 0x29, 0x32, {@empty}}}], 0x28}}], 0x1, 0x0)

17:24:54 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="7400000010000104000000ffffff000000ad58c6", @ANYRES32=r1, @ANYBLOB="0000000000000c20540012801100010062725aad329d0000000076abf3a188023c0005800500190002000000050001"], 0x74}, 0x1, 0x88a8ffff}, 0x0)
r2 = socket(0x10, 0x8000000000000003, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendmmsg(r2, &(0x7f0000000000), 0x40000000000024a, 0x0)

17:24:54 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

17:24:54 executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x2, 0x4, 0x6d, 0x2, 0x0, 0x0}, 0x1a)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f0000000280)=""/4096}, 0x20)

[  277.552129][ T9611] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
17:24:54 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

17:24:54 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, 0xffffffffffffffff, 0x0)

[  277.600659][ T9517] Bluetooth: hci0: command 0x0409 tx timeout
[  277.619118][ T9611] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.633025][ T9621] ==================================================================
17:24:54 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendfile(r0, 0xffffffffffffffff, 0x0, 0x800000bf)

[  277.647819][ T9611] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.662308][ T9621] BUG: KASAN: wild-memory-access in do_ebt_set_ctl+0x2c0/0x53b
[  277.662308][ T9621] Read of size 80 at addr 00000000ffffffff by task syz-executor.3/9621
[  277.692155][ T9611] bridge0: port 1(bridge_slave_0) entered forwarding state
[  277.699552][ T9621] 
[  277.699552][ T9621] CPU: 1 PID: 9621 Comm: syz-executor.3 Not tainted 5.8.0-syzkaller #0
[  277.699552][ T9621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  277.699552][ T9621] Call Trace:
[  277.699552][ T9621]  dump_stack+0x18f/0x20d
[  277.699552][ T9621]  ? do_ebt_set_ctl+0x2c0/0x53b
[  277.799905][ T9621]  ? do_ebt_set_ctl+0x2c0/0x53b
[  277.799905][ T9621]  kasan_report.cold+0x5/0x37
[  277.799905][ T9621]  ? do_ebt_set_ctl+0x2c0/0x53b
[  277.799905][ T9621]  check_memory_region+0x13d/0x180
[  277.927086][ T9621]  memcpy+0x20/0x60
[  277.927086][ T9621]  do_ebt_set_ctl+0x2c0/0x53b
[  277.927086][ T9621]  ? __mutex_unlock_slowpath+0xe2/0x610
[  277.927086][ T9621]  ? compat_do_replace+0x680/0x680
[  277.927086][ T9621]  ? wait_for_completion+0x260/0x260
[  278.009597][ T9621]  ? lock_downgrade+0x830/0x830
[  278.027375][ T9621]  ? nf_sockopt_find.constprop.0+0x22d/0x2a0
[  278.027375][ T9621]  nf_setsockopt+0x6f/0xc0
[  278.027375][ T9621]  ip_setsockopt+0x54d/0x3c10
[  278.027375][ T9621]  ? ip_ra_control+0x560/0x560
[  278.080190][ T9621]  ? aa_sk_perm+0x316/0xaa0
[  278.080190][ T9621]  ? aa_af_perm+0x230/0x230
[  278.080190][ T9621]  ? sock_common_recvmsg+0x1a0/0x1a0
[  278.080190][ T9621]  raw_setsockopt+0x205/0x250
[  278.080190][ T9621]  __sys_setsockopt+0x2ad/0x6d0
[  278.080190][ T9621]  ? __ia32_sys_recv+0x100/0x100
[  278.080190][ T9621]  ? get_old_timespec32+0x1f0/0x1f0
[  278.080190][ T9621]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  278.080190][ T9621]  ? syscall_enter_from_user_mode+0x20/0x290
[  278.080190][ T9621]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[  278.080190][ T9621]  __ia32_sys_setsockopt+0xb9/0x150
[  278.080190][ T9621]  ? syscall_enter_from_user_mode+0x20/0x290
[  278.080190][ T9621]  __do_fast_syscall_32+0x57/0x80
[  278.080190][ T9621]  do_fast_syscall_32+0x2f/0x70
[  278.080190][ T9621]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  278.080190][ T9621] RIP: 0023:0xf7f19569
[  278.080190][ T9621] Code: c4 01 10 03 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  278.080190][ T9621] RSP: 002b:00000000f55130bc EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  278.080190][ T9621] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  278.080190][ T9621] RDX: 0000000000000081 RSI: 00000000ffffffff RDI: 0000000000000000
[  278.080190][ T9621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  278.080190][ T9621] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  278.080190][ T9621] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  278.080190][ T9621] ==================================================================
[  278.529588][ T9621] Disabling lock debugging due to kernel taint
[  278.561173][ T9527] Bluetooth: hci1: command 0x0409 tx timeout
[  278.567541][ T9621] Kernel panic - not syncing: panic_on_warn set ...
[  278.596145][   T35] Bluetooth: hci2: command 0x0409 tx timeout
[  278.597149][ T9621] CPU: 1 PID: 9621 Comm: syz-executor.3 Tainted: G    B             5.8.0-syzkaller #0
[  278.597149][ T9621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  278.597149][ T9621] Call Trace:
[  278.597149][ T9621]  dump_stack+0x18f/0x20d
[  278.597149][ T9621]  ? do_ebt_set_ctl+0x200/0x53b
[  278.597149][ T9621]  panic+0x2e3/0x75c
[  278.597149][ T9621]  ? __warn_printk+0xf3/0xf3
[  278.597149][ T9621]  ? preempt_schedule_common+0x59/0xc0
[  278.649469][ T9621]  ? do_ebt_set_ctl+0x2c0/0x53b
[  278.649469][ T9621]  ? preempt_schedule_thunk+0x16/0x18
[  278.808415][ T9621]  ? trace_hardirqs_on+0x55/0x220
[  278.808415][ T9621]  ? do_ebt_set_ctl+0x2c0/0x53b
[  278.808415][ T9621]  ? do_ebt_set_ctl+0x2c0/0x53b
[  278.808415][ T9621]  end_report+0x4d/0x53
[  278.808415][ T9621]  kasan_report.cold+0xd/0x37
[  278.808415][ T9621]  ? do_ebt_set_ctl+0x2c0/0x53b
[  278.808415][ T9621]  check_memory_region+0x13d/0x180
[  278.808415][ T9621]  memcpy+0x20/0x60
[  278.808415][ T9621]  do_ebt_set_ctl+0x2c0/0x53b
[  278.808415][ T9621]  ? __mutex_unlock_slowpath+0xe2/0x610
[  278.808415][ T9621]  ? compat_do_replace+0x680/0x680
[  278.808415][ T9621]  ? wait_for_completion+0x260/0x260
[  278.808415][ T9621]  ? lock_downgrade+0x830/0x830
[  278.808415][ T9621]  ? nf_sockopt_find.constprop.0+0x22d/0x2a0
[  278.808415][ T9621]  nf_setsockopt+0x6f/0xc0
[  278.808415][ T9621]  ip_setsockopt+0x54d/0x3c10
[  278.808415][ T9621]  ? ip_ra_control+0x560/0x560
[  278.808415][ T9621]  ? aa_sk_perm+0x316/0xaa0
[  278.808415][ T9621]  ? aa_af_perm+0x230/0x230
[  278.808415][ T9621]  ? sock_common_recvmsg+0x1a0/0x1a0
[  278.808415][ T9621]  raw_setsockopt+0x205/0x250
[  278.808415][ T9621]  __sys_setsockopt+0x2ad/0x6d0
[  278.808415][ T9621]  ? __ia32_sys_recv+0x100/0x100
[  278.808415][ T9621]  ? get_old_timespec32+0x1f0/0x1f0
[  278.808415][ T9621]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  278.808415][ T9621]  ? syscall_enter_from_user_mode+0x20/0x290
[  278.808415][ T9621]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[  278.808415][ T9621]  __ia32_sys_setsockopt+0xb9/0x150
[  278.808415][ T9621]  ? syscall_enter_from_user_mode+0x20/0x290
[  278.808415][ T9621]  __do_fast_syscall_32+0x57/0x80
[  278.808415][ T9621]  do_fast_syscall_32+0x2f/0x70
[  278.808415][ T9621]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  278.808415][ T9621] RIP: 0023:0xf7f19569
[  278.808415][ T9621] Code: c4 01 10 03 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  279.680179][   T28] Bluetooth: hci0: command 0x041b tx timeout
[  278.808415][ T9621] RSP: 002b:00000000f55130bc EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  278.808415][ T9621] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  278.808415][ T9621] RDX: 0000000000000081 RSI: 00000000ffffffff RDI: 0000000000000000
[  278.808415][ T9621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  278.808415][ T9621] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  278.808415][ T9621] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  278.808415][ T9621] Kernel Offset: disabled
[  278.808415][ T9621] Rebooting in 86400 seconds..