last executing test programs: 0s ago: executing program 1 (id=2): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="200000001000010400000000f61c000000480000", @ANYRES32=r1, @ANYBLOB="ae"], 0x20}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$unix(0x1, 0x2, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x50, r4, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) socket$inet_sctp(0x2, 0x1, 0x84) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r9 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r9, &(0x7f0000000600)="d0d43d954be91fe9b0d243c69fb8", 0xe, 0x80810, &(0x7f00000000c0)={0x11, 0x86dd, r8, 0x1, 0x3, 0x6, @remote}, 0x14) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.74' (ED25519) to the list of known hosts. [ 156.690752][ T5758] cgroup: Unknown subsys name 'net' [ 156.815186][ T5758] cgroup: Unknown subsys name 'cpuset' [ 156.832500][ T5758] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 162.467788][ T5758] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 167.936020][ T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 167.945211][ T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 167.954293][ T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 167.985133][ T5781] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 167.998026][ T49] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 167.998559][ T5781] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 168.007414][ T49] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 168.016153][ T5781] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 168.026301][ T49] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 168.043655][ T49] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 168.072648][ T5779] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 168.090396][ T5071] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 168.099655][ T5779] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 168.100569][ T5071] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 168.117414][ T5071] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 168.126767][ T5071] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 168.130703][ T5779] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 168.139606][ T5071] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 168.146252][ T5779] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 168.151808][ T5071] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 168.281710][ T5781] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 168.290840][ T5781] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 168.304824][ T5781] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 168.321151][ T5781] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 168.332194][ T5781] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 169.438524][ T5777] chnl_net:caif_netlink_parms(): no params data found [ 169.639469][ T5776] chnl_net:caif_netlink_parms(): no params data found [ 169.799715][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 169.910013][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 170.095833][ T5071] Bluetooth: hci0: command tx timeout [ 170.101686][ T5071] Bluetooth: hci1: command tx timeout [ 170.178939][ T5781] Bluetooth: hci2: command tx timeout [ 170.255629][ T5781] Bluetooth: hci3: command tx timeout [ 170.333869][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.342054][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.354713][ T5777] bridge_slave_0: entered allmulticast mode [ 170.364231][ T5777] bridge_slave_0: entered promiscuous mode [ 170.383547][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.405741][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.413442][ T5777] bridge_slave_1: entered allmulticast mode [ 170.420021][ T5781] Bluetooth: hci4: command tx timeout [ 170.441686][ T5777] bridge_slave_1: entered promiscuous mode [ 170.467179][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 170.688521][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 170.762837][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.771493][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.780708][ T5776] bridge_slave_0: entered allmulticast mode [ 170.791330][ T5776] bridge_slave_0: entered promiscuous mode [ 170.814219][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 170.864380][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.872262][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.884439][ T5776] bridge_slave_1: entered allmulticast mode [ 170.897133][ T5776] bridge_slave_1: entered promiscuous mode [ 170.982800][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.991418][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.999268][ T5784] bridge_slave_0: entered allmulticast mode [ 171.007580][ T5784] bridge_slave_0: entered promiscuous mode [ 171.087913][ T5777] team0: Port device team_slave_0 added [ 171.126575][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.134317][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.144187][ T5784] bridge_slave_1: entered allmulticast mode [ 171.153036][ T5784] bridge_slave_1: entered promiscuous mode [ 171.196785][ T5777] team0: Port device team_slave_1 added [ 171.225005][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.233052][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.240651][ T5790] bridge_slave_0: entered allmulticast mode [ 171.248990][ T5790] bridge_slave_0: entered promiscuous mode [ 171.289402][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.344391][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.352129][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.359981][ T5790] bridge_slave_1: entered allmulticast mode [ 171.368247][ T5790] bridge_slave_1: entered promiscuous mode [ 171.415218][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.446784][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.454271][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.462291][ T5786] bridge_slave_0: entered allmulticast mode [ 171.470712][ T5786] bridge_slave_0: entered promiscuous mode [ 171.510349][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.544853][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.552530][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 171.578884][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.591239][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.599169][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.606767][ T5786] bridge_slave_1: entered allmulticast mode [ 171.615092][ T5786] bridge_slave_1: entered promiscuous mode [ 171.742947][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.777432][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.784481][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 171.811015][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.855898][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.897193][ T5776] team0: Port device team_slave_0 added [ 171.928862][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.947237][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.988847][ T5776] team0: Port device team_slave_1 added [ 172.006031][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.076560][ T5784] team0: Port device team_slave_0 added [ 172.175750][ T5781] Bluetooth: hci1: command tx timeout [ 172.175844][ T5071] Bluetooth: hci0: command tx timeout [ 172.189101][ T5784] team0: Port device team_slave_1 added [ 172.249750][ T5786] team0: Port device team_slave_0 added [ 172.264145][ T5790] team0: Port device team_slave_0 added [ 172.270047][ T5071] Bluetooth: hci2: command tx timeout [ 172.302148][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.309904][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.336773][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.347726][ T5071] Bluetooth: hci3: command tx timeout [ 172.353156][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.360691][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.387241][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.411995][ T5777] hsr_slave_0: entered promiscuous mode [ 172.420980][ T5777] hsr_slave_1: entered promiscuous mode [ 172.437881][ T5786] team0: Port device team_slave_1 added [ 172.450540][ T5790] team0: Port device team_slave_1 added [ 172.496058][ T5071] Bluetooth: hci4: command tx timeout [ 172.566345][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.573451][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.600712][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.671825][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.679136][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.705604][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.764441][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.771891][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.798245][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.811951][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.820176][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.846596][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.914467][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.921865][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.948846][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.963241][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.970658][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.997180][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.067005][ T5776] hsr_slave_0: entered promiscuous mode [ 173.075816][ T5776] hsr_slave_1: entered promiscuous mode [ 173.083467][ T5776] debugfs: 'hsr0' already exists in 'hsr' [ 173.089485][ T5776] Cannot create hsr debugfs directory [ 173.339008][ T5784] hsr_slave_0: entered promiscuous mode [ 173.348142][ T5784] hsr_slave_1: entered promiscuous mode [ 173.356222][ T5784] debugfs: 'hsr0' already exists in 'hsr' [ 173.362172][ T5784] Cannot create hsr debugfs directory [ 173.397441][ T5786] hsr_slave_0: entered promiscuous mode [ 173.406614][ T5786] hsr_slave_1: entered promiscuous mode [ 173.414433][ T5786] debugfs: 'hsr0' already exists in 'hsr' [ 173.420427][ T5786] Cannot create hsr debugfs directory [ 173.540835][ T5790] hsr_slave_0: entered promiscuous mode [ 173.550213][ T5790] hsr_slave_1: entered promiscuous mode [ 173.558374][ T5790] debugfs: 'hsr0' already exists in 'hsr' [ 173.564234][ T5790] Cannot create hsr debugfs directory [ 174.255558][ T5071] Bluetooth: hci1: command tx timeout [ 174.265825][ T5071] Bluetooth: hci0: command tx timeout [ 174.335557][ T5071] Bluetooth: hci2: command tx timeout [ 174.415538][ T5071] Bluetooth: hci3: command tx timeout [ 174.554996][ T5777] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 174.578344][ T5071] Bluetooth: hci4: command tx timeout [ 174.608043][ T5777] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 174.646036][ T5777] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 174.706483][ T5777] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 174.808556][ T5776] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 174.840419][ T5776] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 174.860190][ T5776] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 174.879248][ T5776] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 175.078483][ T5786] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 175.098078][ T5786] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 175.142576][ T5786] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 175.163990][ T5786] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 175.414853][ T5784] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 175.437887][ T5784] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 175.479100][ T5784] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 175.513043][ T5784] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 175.788023][ T5790] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 175.831589][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.855464][ T5790] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 175.901910][ T5790] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 175.930608][ T5790] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 176.103577][ T5777] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.200393][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.289454][ T77] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.297153][ T77] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.335753][ T5071] Bluetooth: hci0: command tx timeout [ 176.335921][ T5781] Bluetooth: hci1: command tx timeout [ 176.374326][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.381734][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.419703][ T5781] Bluetooth: hci2: command tx timeout [ 176.507459][ T5781] Bluetooth: hci3: command tx timeout [ 176.514507][ T5776] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.613762][ T77] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.621317][ T77] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.657104][ T5781] Bluetooth: hci4: command tx timeout [ 176.728100][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.761838][ T1082] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.769680][ T1082] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.863182][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.991654][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.060726][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.091302][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.098894][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.115505][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.122951][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.235048][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.242680][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.353360][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.360970][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.534046][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.721519][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.804345][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.811961][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.872609][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 177.990696][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.998362][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.615894][ T5777] veth0_vlan: entered promiscuous mode [ 178.742629][ T5777] veth1_vlan: entered promiscuous mode [ 178.783640][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.001053][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.301906][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.337631][ T5777] veth0_macvtap: entered promiscuous mode [ 179.388690][ T5776] veth0_vlan: entered promiscuous mode [ 179.414431][ T5777] veth1_macvtap: entered promiscuous mode [ 179.530770][ T5776] veth1_vlan: entered promiscuous mode [ 179.585904][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.655228][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 179.690044][ T5786] veth0_vlan: entered promiscuous mode [ 179.761298][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 179.885047][ T77] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.894781][ T77] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.934090][ T5786] veth1_vlan: entered promiscuous mode [ 179.963723][ T77] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.975584][ T77] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.133735][ T5776] veth0_macvtap: entered promiscuous mode [ 180.173337][ T5784] veth0_vlan: entered promiscuous mode [ 180.232919][ T5776] veth1_macvtap: entered promiscuous mode [ 180.363128][ T5784] veth1_vlan: entered promiscuous mode [ 180.494156][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.521961][ T5786] veth0_macvtap: entered promiscuous mode [ 180.578634][ T5786] veth1_macvtap: entered promiscuous mode [ 180.631495][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.733756][ T34] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.744258][ T34] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.787637][ T34] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.798721][ T34] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.826947][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.953801][ T5784] veth0_macvtap: entered promiscuous mode [ 181.027069][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.114788][ T5784] veth1_macvtap: entered promiscuous mode [ 181.142060][ T77] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.225537][ T77] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.306659][ T77] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.327788][ T77] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.366113][ T5790] veth0_vlan: entered promiscuous mode [ 181.478934][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 181.501063][ T5790] veth1_vlan: entered promiscuous mode [ 181.592203][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.679110][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.698897][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.743301][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.782227][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.182223][ T5790] veth0_macvtap: entered promiscuous mode [ 182.277676][ T5790] veth1_macvtap: entered promiscuous mode [ 182.501560][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.639028][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.753015][ T53] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.785583][ T53] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.794598][ T53] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.862979][ T53] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.074841][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.115584][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.313253][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.365541][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.780208][ T5777] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 186.115553][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.123554][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.437983][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.477146][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.809810][ T5951] ===================================================== [ 186.817196][ T5951] BUG: KMSAN: uninit-value in cfg80211_classify8021d+0x99d/0x12b0 [ 186.825532][ T5951] cfg80211_classify8021d+0x99d/0x12b0 [ 186.831195][ T5951] ieee80211_select_queue+0x37a/0x9e0 [ 186.836948][ T5951] __ieee80211_subif_start_xmit+0x635/0x1e10 [ 186.843183][ T5951] ieee80211_subif_start_xmit+0xa8/0x6d0 [ 186.849175][ T5951] dev_hard_start_xmit+0x24e/0xad0 [ 186.854598][ T5951] __dev_queue_xmit+0x3412/0x5980 [ 186.859986][ T5951] packet_xmit+0x8f/0x710 [ 186.864594][ T5951] packet_sendmsg+0x91d9/0xa320 [ 186.869765][ T5951] __sys_sendto+0xa08/0xae0 [ 186.874462][ T5951] __x64_sys_sendto+0x130/0x200 [ 186.879640][ T5951] x64_sys_call+0x39a0/0x3ea0 [ 186.884529][ T5951] do_syscall_64+0x134/0xf80 [ 186.889403][ T5951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.895788][ T5951] [ 186.898184][ T5951] Uninit was created at: [ 186.902650][ T5951] kmem_cache_alloc_node_noprof+0x3cd/0x12d0 [ 186.909034][ T5951] __alloc_skb+0x855/0x1190 [ 186.913710][ T5951] alloc_skb_with_frags+0xc5/0xa60 [ 186.919164][ T5951] sock_alloc_send_pskb+0xacb/0xc60 [ 186.924524][ T5951] packet_sendmsg+0x7477/0xa320 [ 186.929791][ T5951] __sys_sendto+0xa08/0xae0 [ 186.934507][ T5951] __x64_sys_sendto+0x130/0x200 [ 186.939779][ T5951] x64_sys_call+0x39a0/0x3ea0 [ 186.944639][ T5951] do_syscall_64+0x134/0xf80 [ 186.949552][ T5951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.955793][ T5951] [ 186.958236][ T5951] CPU: 0 UID: 0 PID: 5951 Comm: syz.1.2 Not tainted syzkaller #0 PREEMPT(full) [ 186.967755][ T5951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.978168][ T5951] ===================================================== [ 186.985202][ T5951] Disabling lock debugging due to kernel taint [ 186.991596][ T5951] Kernel panic - not syncing: kmsan.panic set ... [ 186.998146][ T5951] CPU: 0 UID: 0 PID: 5951 Comm: syz.1.2 Tainted: G B syzkaller #0 PREEMPT(full) [ 187.008998][ T5951] Tainted: [B]=BAD_PAGE [ 187.013232][ T5951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 187.023490][ T5951] Call Trace: [ 187.026852][ T5951] [ 187.029854][ T5951] __dump_stack+0x26/0x30 [ 187.034514][ T5951] dump_stack_lvl+0x50/0x1c0 [ 187.039241][ T5951] ? dump_stack+0x12/0x25 [ 187.043716][ T5951] dump_stack+0x1e/0x25 [ 187.048005][ T5951] vpanic+0x7b4/0x1430 [ 187.052347][ T5951] panic+0x15d/0x160 [ 187.056439][ T5951] kmsan_report+0x31a/0x320 [ 187.061123][ T5951] ? __msan_warning+0x1b/0x30 [ 187.066212][ T5951] ? cfg80211_classify8021d+0x99d/0x12b0 [ 187.072042][ T5951] ? ieee80211_select_queue+0x37a/0x9e0 [ 187.077950][ T5951] ? __ieee80211_subif_start_xmit+0x635/0x1e10 [ 187.084337][ T5951] ? ieee80211_subif_start_xmit+0xa8/0x6d0 [ 187.090368][ T5951] ? dev_hard_start_xmit+0x24e/0xad0 [ 187.095823][ T5951] ? __dev_queue_xmit+0x3412/0x5980 [ 187.101224][ T5951] ? packet_xmit+0x8f/0x710 [ 187.105892][ T5951] ? packet_sendmsg+0x91d9/0xa320 [ 187.111141][ T5951] ? __sys_sendto+0xa08/0xae0 [ 187.116064][ T5951] ? __x64_sys_sendto+0x130/0x200 [ 187.121247][ T5951] ? x64_sys_call+0x39a0/0x3ea0 [ 187.126696][ T5951] ? do_syscall_64+0x134/0xf80 [ 187.131594][ T5951] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.137898][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.143276][ T5951] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 187.149271][ T5951] ? __siphash_unaligned+0x35a/0x9b0 [ 187.154743][ T5951] ? __flow_hash_from_keys+0x64e/0x780 [ 187.160388][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.165702][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.171029][ T5951] __msan_warning+0x1b/0x30 [ 187.175697][ T5951] cfg80211_classify8021d+0x99d/0x12b0 [ 187.181350][ T5951] ieee80211_select_queue+0x37a/0x9e0 [ 187.186984][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.192288][ T5951] __ieee80211_subif_start_xmit+0x635/0x1e10 [ 187.198437][ T5951] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 187.204468][ T5951] ieee80211_subif_start_xmit+0xa8/0x6d0 [ 187.210323][ T5951] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 187.216815][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.222102][ T5951] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 187.228111][ T5951] ? __pfx_ieee80211_subif_start_xmit+0x10/0x10 [ 187.234619][ T5951] dev_hard_start_xmit+0x24e/0xad0 [ 187.239944][ T5951] __dev_queue_xmit+0x3412/0x5980 [ 187.245152][ T5951] ? __msan_warning+0x1b/0x30 [ 187.250008][ T5951] ? __dev_queue_xmit+0x27a/0x5980 [ 187.255340][ T5951] packet_xmit+0x8f/0x710 [ 187.259836][ T5951] ? packet_parse_headers+0x92b/0xa20 [ 187.265398][ T5951] packet_sendmsg+0x91d9/0xa320 [ 187.270404][ T5951] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 187.276419][ T5951] ? aa_label_sk_perm+0x759/0x810 [ 187.281638][ T5951] ? tomoyo_socket_bind_permission+0x361/0x370 [ 187.287942][ T5951] ? filter_irq_stacks+0x49/0x190 [ 187.293171][ T5951] ? sg_pool_alloc+0xc0/0xe0 [ 187.298091][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.303393][ T5951] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 187.309974][ T5951] ? __pfx_packet_sendmsg+0x10/0x10 [ 187.315331][ T5951] __sys_sendto+0xa08/0xae0 [ 187.320010][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.325324][ T5951] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 187.331332][ T5951] ? kmsan_get_metadata+0xf1/0x160 [ 187.336626][ T5951] __x64_sys_sendto+0x130/0x200 [ 187.341664][ T5951] x64_sys_call+0x39a0/0x3ea0 [ 187.346529][ T5951] do_syscall_64+0x134/0xf80 [ 187.351274][ T5951] ? clear_bhb_loop+0x50/0xa0 [ 187.356116][ T5951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.362166][ T5951] RIP: 0033:0x7f47f1f9c799 [ 187.366697][ T5951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 187.386608][ T5951] RSP: 002b:00007f47f2ec5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 187.395277][ T5951] RAX: ffffffffffffffda RBX: 00007f47f2215fa0 RCX: 00007f47f1f9c799 [ 187.403358][ T5951] RDX: 000000000000000e RSI: 0000200000000600 RDI: 0000000000000008 [ 187.411436][ T5951] RBP: 00007f47f2032bd9 R08: 00002000000000c0 R09: 0000000000000014 [ 187.419615][ T5951] R10: 0000000000080810 R11: 0000000000000246 R12: 0000000000000000 [ 187.427864][ T5951] R13: 00007f47f2216038 R14: 00007f47f2215fa0 R15: 00007ffc1381c568 [ 187.435991][ T5951] [ 187.439393][ T5951] Kernel Offset: disabled [ 187.443764][ T5951] Rebooting in 86400 seconds..