last executing test programs: 1.590153195s ago: executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in={{0x2, 0x0, @empty}}}, 0x90) 1.435471425s ago: executing program 0: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48) r1 = socket$inet6(0xa, 0x80002, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000280), &(0x7f0000001840)=@udp6=r1}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/82}, 0x20) 1.294533666s ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r1, 0x1}, 0x14}}, 0x0) 1.167963943s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) 1.029088168s ago: executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c000000101700"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c00028008001e00ff"], 0x3c}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f3f770005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 720.209767ms ago: executing program 3: mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0xa}]}}, &(0x7f0000000f40)=""/4089, 0x26, 0xff9, 0x1}, 0x20) 626.170634ms ago: executing program 3: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000001a00010000000000000000008020000000000002"], 0x1c}}, 0x0) 603.223909ms ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c40)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5}]}}}, @IFLA_NUM_TX_QUEUES={0x8}, @IFLA_NUM_RX_QUEUES={0x8}]}, 0x4c}}, 0x0) 595.109005ms ago: executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x4, 0x1, @mcast1}]}, 0x30}}, 0x0) 575.695543ms ago: executing program 2: getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x8) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = socket(0x2, 0x2, 0x1) sendto$rose(r1, &(0x7f0000000180)="ef3ba4c48e6b838b", 0x8, 0x0, 0x0, 0x0) 500.495216ms ago: executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}, @printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='jbd2_handle_stats\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) 496.101855ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48) r1 = socket$inet6(0xa, 0x80002, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000280), &(0x7f0000001840)=@udp6=r1}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/82}, 0x20) 467.777637ms ago: executing program 1: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, 0x0, 0xd}, 0x90) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b2a, &(0x7f0000000040)) 458.546477ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @initr0, @exit, @printk={@x={0x18, 0x0}, {0x3, 0x3, 0x6, 0xa, 0x1, 0xfe30}, {0x7, 0x1, 0xb, 0x1, 0x2}, {}, {}, {0x5, 0x0, 0xb, 0x2}}]}, &(0x7f0000000000)='GPL\x00', 0x9}, 0x90) 384.443813ms ago: executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic, @initr0, @exit, @tail_call]}, &(0x7f0000000000)='GPL\x00', 0xa}, 0x90) 374.627022ms ago: executing program 3: r0 = socket(0x40000000015, 0x5, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c) 356.214144ms ago: executing program 2: mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0) 349.785057ms ago: executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000fc010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a300000000009000200e77133f69373144fb2ad1d348c0e5973797a300000000014000000002c000000180a01010000000000000000010000000900010073797a30000000000c0005"], 0xb4}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) pipe(&(0x7f0000000040)) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r3) sendmsg$IEEE802154_START_REQ(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x101}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000280), r2) r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000580), r2) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x14, r5, 0xf1f637d198ee7311}, 0x14}}, 0x0) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000380), r1) 300.372192ms ago: executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfb, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x800}) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x0, 0x16, 0x0, 0x7f, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000040), 0x12) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x1, 0x1, 0x8, 0x11}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000000000027b, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='ext4_alloc_da_blocks\x00'}, 0x10) socketpair(0x0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.events\x00', 0x26e1, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='track_foreign_dirty\x00', r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r4, &(0x7f0000000200), 0x43451) 270.824678ms ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)={0x34, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5}]}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x34}}, 0x0) 248.552713ms ago: executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x2, 0x7, 0x401}, 0x14}}, 0x0) 192.35945ms ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c40)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5}]}}}, @IFLA_NUM_TX_QUEUES={0x8}, @IFLA_NUM_RX_QUEUES={0x8}]}, 0x4c}}, 0x0) 165.066769ms ago: executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000280)="580000001400add4273200000000b4560a117fffffff81000e220e227f000001000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000c335237676a8e5dc968b2bf8ec", 0x58}], 0x1) 152.998088ms ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x4, 0x1, @mcast1}]}, 0x30}}, 0x0) 119.928239ms ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x14, r1, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 84.009139ms ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200006c0], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0000000000000000ff0000000000000000d17d000000000000000000000000000000000000000000ffffffff0000000000000000400000000000001210000000000000000000000001000000000000000800000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006e7230000000000000000000000000040000000000000001000000001000b40079616d30000000000000000000000000766574b7708ad56f5f7465616d0000000180c2000000000000000000aaaaaaaaaa00000000000000000000000000b0000000e0"]}, 0x175) write$binfmt_script(r0, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x7001, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8) 47.551461ms ago: executing program 1: r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)="4480502ac1216c3f00", 0x9}}, 0x0) setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f0000000240)=0x7ff, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0x0) recvmsg$can_j1939(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)=""/95, 0x5f}, 0x0) 19.632295ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @initr0, @exit, @printk={@x={0x18, 0x0}, {0x3, 0x3, 0x6, 0xa, 0x1, 0xfe30}, {0x7, 0x1, 0xb, 0x1, 0x2}, {}, {}, {0x5, 0x0, 0xb, 0x2}}]}, &(0x7f0000000000)='GPL\x00', 0x9}, 0x90) 418.805µs ago: executing program 1: bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000040)={'wg0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtaction={0x68, 0x30, 0xc808e8d6fcb00ba1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 0s ago: executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x0, 0x10000}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x40, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}, @RTA_FLOW={0x8, 0xb, 0x80010000}]}, 0x40}}, 0x0) kernel console output (not intermixed with test programs): tdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.446868][ C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 120.484155][ T2862] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.519533][ T7633] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 120.633511][ T7638] syz-executor.1[7638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.633746][ T7638] syz-executor.1[7638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.673416][ T7590] chnl_net:caif_netlink_parms(): no params data found [ 121.074616][ T7662] net_ratelimit: 301 callbacks suppressed [ 121.074635][ T7662] openvswitch: netlink: VXLAN extension 1 has unexpected len 6 expected 4 [ 121.092398][ T7590] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.101396][ T7590] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.114596][ T7590] bridge_slave_0: entered allmulticast mode [ 121.121935][ T7590] bridge_slave_0: entered promiscuous mode [ 121.181865][ T2862] vlan2: left allmulticast mode [ 121.223934][ T2862] vlan2: left promiscuous mode [ 121.234867][ T2862] bridge0: port 3(vlan2) entered disabled state [ 121.275346][ T2862] bridge_slave_1: left allmulticast mode [ 121.281048][ T2862] bridge_slave_1: left promiscuous mode [ 121.297663][ T2862] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.333274][ T2862] bridge_slave_0: left allmulticast mode [ 121.357880][ T2862] bridge_slave_0: left promiscuous mode [ 121.368765][ T2862] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.724689][ T4489] Bluetooth: hci1: command tx timeout [ 121.805517][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 122.095026][ T2862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 122.108226][ T2862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 122.124502][ T2862] bond0 (unregistering): Released all slaves [ 122.138814][ T7590] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.147149][ T7590] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.155302][ T7590] bridge_slave_1: entered allmulticast mode [ 122.162270][ T7590] bridge_slave_1: entered promiscuous mode [ 122.344172][ T2862] : left promiscuous mode [ 122.410421][ T7590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 122.443068][ T7590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 122.572755][ T7590] team0: Port device team_slave_0 added [ 122.628744][ T7708] __nla_validate_parse: 5 callbacks suppressed [ 122.628764][ T7708] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 122.661650][ T7709] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 122.693068][ T7708] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'. [ 122.710093][ T7708] openvswitch: netlink: VXLAN extension 1 has unexpected len 6 expected 4 [ 122.726631][ T7703] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'. [ 122.749120][ T7590] team0: Port device team_slave_1 added [ 122.926882][ T7590] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 122.945813][ T7590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 122.973479][ T7590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 123.076283][ T2862] hsr_slave_0: left promiscuous mode [ 123.103882][ T2862] hsr_slave_1: left promiscuous mode [ 123.143620][ T7733] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 123.154106][ T2862] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 123.169899][ T2862] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 123.206701][ T2862] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 123.224372][ T2862] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 123.280496][ T2862] veth1_macvtap: left promiscuous mode [ 123.286340][ T2862] veth0_macvtap: left promiscuous mode [ 123.292134][ T2862] veth1_vlan: left promiscuous mode [ 123.301732][ T2862] veth0_vlan: left promiscuous mode [ 123.360045][ T7744] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 123.740810][ T2862] team0 (unregistering): Port device team_slave_1 removed [ 123.777635][ T2862] team0 (unregistering): Port device team_slave_0 removed [ 123.806214][ T4489] Bluetooth: hci1: command tx timeout [ 124.135423][ T7590] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 124.142528][ T7590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.174909][ T7590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 124.211977][ T7743] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.2'. [ 124.474072][ T7590] hsr_slave_0: entered promiscuous mode [ 124.495631][ T7758] ipt_ECN: cannot use operation on non-tcp rule [ 124.524637][ C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 124.540696][ T7590] hsr_slave_1: entered promiscuous mode [ 124.582789][ T7590] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 124.612206][ T7590] Cannot create hsr debugfs directory [ 124.966683][ T7783] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 125.089045][ T7781] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.3'. [ 125.471720][ T5114] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 125.482711][ T5114] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 125.493397][ T5114] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 125.505973][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 125.519696][ T5114] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 125.530135][ T5114] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 125.660147][ T7797] netdevsim0 speed is unknown, defaulting to 1000 [ 125.884602][ T4489] Bluetooth: hci1: command tx timeout [ 126.053100][ T7590] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 126.111889][ T7590] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 126.185605][ T7590] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 126.200860][ T7590] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 126.372443][ T7797] chnl_net:caif_netlink_parms(): no params data found [ 126.531501][ T7590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 126.793721][ T7797] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.808935][ T7797] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.829191][ T7797] bridge_slave_0: entered allmulticast mode [ 126.839113][ T7797] bridge_slave_0: entered promiscuous mode [ 126.852347][ T7852] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 126.863708][ T7852] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 126.874673][ T7852] tc_dump_action: action bad kind [ 126.889324][ T7590] 8021q: adding VLAN 0 to HW filter on device team0 [ 126.903250][ T7797] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.923008][ T7797] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.933936][ T7797] bridge_slave_1: entered allmulticast mode [ 126.942044][ T7797] bridge_slave_1: entered promiscuous mode [ 126.956279][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.963416][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 127.076115][ T5247] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.083251][ T5247] bridge0: port 2(bridge_slave_1) entered forwarding state [ 127.117956][ T7797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 127.162849][ T7797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 127.307613][ T7797] team0: Port device team_slave_0 added [ 127.353711][ T7590] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 127.375639][ T7590] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 127.393612][ T7797] team0: Port device team_slave_1 added [ 127.490192][ T7797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 127.508151][ T7797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.566895][ T4489] Bluetooth: hci2: command tx timeout [ 127.589182][ T7797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 127.665988][ T7797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 127.673055][ T7797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.708713][ T7797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.735229][ T7890] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 127.913627][ T7797] hsr_slave_0: entered promiscuous mode [ 127.943664][ T7797] hsr_slave_1: entered promiscuous mode [ 127.960062][ T7797] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.967909][ T4489] Bluetooth: hci1: command tx timeout [ 127.978788][ T7797] Cannot create hsr debugfs directory [ 128.208430][ T7590] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 128.430512][ T7797] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 128.442605][ T7797] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.558188][ T7936] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 128.592334][ T7936] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'. [ 128.599386][ T7797] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 128.653250][ T7797] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.783571][ T7797] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 128.818793][ T7797] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.942848][ T7797] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 128.956440][ T7797] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.027032][ T7590] veth0_vlan: entered promiscuous mode [ 129.038159][ T7961] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 129.066862][ T7590] veth1_vlan: entered promiscuous mode [ 129.198318][ T7797] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 129.235017][ T7797] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 129.256760][ T7590] veth0_macvtap: entered promiscuous mode [ 129.283627][ T7590] veth1_macvtap: entered promiscuous mode [ 129.295772][ T7797] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 129.323721][ T7797] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 129.373711][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.389695][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.400047][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.423619][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.438786][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.458326][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.471618][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.486328][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.498264][ T7590] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 129.535250][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 129.557527][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.567397][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 129.567466][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.608605][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 129.621374][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.631728][ T7590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 129.642720][ T7590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.655698][ T4489] Bluetooth: hci2: command tx timeout [ 129.657386][ T7590] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 129.736532][ T7590] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.749664][ T7590] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.758981][ T7590] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.771680][ T7590] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.782117][ T7990] tipc: Can't bind to reserved service type 0 [ 129.961427][ T7797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.072444][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.091638][ T7797] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.097499][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.176758][ T1055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.182350][ T5157] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.186209][ T1055] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.191799][ T5157] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.268015][ T5157] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.275300][ T5157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.357737][ T8013] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 130.425244][ T8013] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 130.476731][ T8013] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 130.512266][ T8013] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 131.017084][ T7797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.064715][ T8052] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 131.148209][ T8052] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 131.341809][ T7797] veth0_vlan: entered promiscuous mode [ 131.350447][ T8066] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 131.395286][ T7797] veth1_vlan: entered promiscuous mode [ 131.506532][ T7797] veth0_macvtap: entered promiscuous mode [ 131.527847][ T7797] veth1_macvtap: entered promiscuous mode [ 131.588923][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.602305][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.632106][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.654532][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.683741][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.703829][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.722816][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.733390][ T4489] Bluetooth: hci2: command tx timeout [ 131.743539][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.756381][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.768166][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.783081][ T7797] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.816207][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.853965][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.858376][ T8095] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 131.876874][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.877073][ T8095] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 131.888319][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.912728][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.923276][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.933533][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.945494][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.958408][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.969505][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.986237][ T7797] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.036469][ T8095] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 132.047029][ T8095] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 132.058741][ T8098] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 132.108680][ T7797] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.126924][ T7797] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.144053][ T8100] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 132.150968][ T7797] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.169870][ T7797] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.318053][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.339634][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.414111][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.438065][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.539454][ T8086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 132.684612][ C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 132.721909][ T8129] syz-executor.4[8129] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.722237][ T8129] syz-executor.4[8129] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.758070][ T8129] syz-executor.4[8129] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.787102][ T8129] syz-executor.4[8129] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.168449][ T8156] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 133.219239][ T8156] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 133.727830][ T8184] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 133.804393][ T4489] Bluetooth: hci2: command tx timeout [ 134.636232][ T8239] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 134.652951][ T8239] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 134.674387][ T8239] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 134.990077][ T8257] netdevsim0 speed is unknown, defaulting to 1000 [ 135.328390][ T8278] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 135.337811][ T8278] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.2'. [ 135.753995][ T8254] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 136.668816][ T8362] netdevsim0 speed is unknown, defaulting to 1000 [ 136.725379][ T8366] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 136.768801][ T8366] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 136.810641][ T8366] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 138.726953][ T8510] tipc: Started in network mode [ 138.739078][ T8510] tipc: Node identity id-name-, cluster identity 4711 [ 138.751842][ T8510] tipc: Enabling of bearer rejected, failed to enable media [ 139.565283][ T8550] pim6reg9: entered allmulticast mode [ 139.790153][ T8565] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 139.812903][ T8565] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 140.103344][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 140.192710][ T8593] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 140.212881][ T8593] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 140.244866][ T8593] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 140.265713][ T8593] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 140.299440][ T8599] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 140.318932][ T8599] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 140.612996][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 140.823036][ T8624] bond0: entered promiscuous mode [ 140.840913][ T8624] bond_slave_0: entered promiscuous mode [ 140.849443][ T8624] bond_slave_1: entered promiscuous mode [ 141.295455][ T8651] tipc: Started in network mode [ 141.305540][ T8651] tipc: Node identity id-name-, cluster identity 4711 [ 141.344814][ T8651] tipc: Enabling of bearer rejected, failed to enable media [ 141.557113][ T8667] bridge0: port 3(vlan2) entered blocking state [ 141.574816][ T8667] bridge0: port 3(vlan2) entered disabled state [ 141.592289][ T8667] vlan2: entered allmulticast mode [ 141.599137][ T8672] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 141.610254][ T8667] vlan2: entered promiscuous mode [ 141.893487][ T8687] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 141.951732][ T8689] netlink: 13042 bytes leftover after parsing attributes in process `syz-executor.2'. [ 142.024396][ T8696] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.033022][ T8696] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.675233][ T8735] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 142.731790][ T8739] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 142.877467][ T8744] TCP: MD5 Hash not found for 0.0.0.0.0->255.255.255.255.20002 [.] L3 index 0 [ 143.197877][ T8768] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 143.881733][ T8817] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'. [ 143.966004][ T8821] hsr_slave_0: left promiscuous mode [ 143.993994][ T8821] hsr_slave_1: left promiscuous mode [ 144.221905][ T8834] bridge0: entered allmulticast mode [ 144.256157][ T8834] pimreg: entered allmulticast mode [ 144.289996][ T8834] pimreg: left allmulticast mode [ 144.315216][ T8834] bridge0: left allmulticast mode [ 144.438845][ T8835] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 145.296593][ T8889] TCP: MD5 Hash not found for 0.0.0.0.0->255.255.255.255.20002 [.] L3 index 0 [ 145.625088][ T8912] __nla_validate_parse: 5 callbacks suppressed [ 145.625107][ T8912] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 145.678219][ T8912] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 145.862827][ T8917] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 146.073990][ T8929] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (18446744073709551614) [ 146.086059][ T8929] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535 [ 146.231237][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 146.339609][ T8935] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 146.350420][ T8945] netlink: 14 bytes leftover after parsing attributes in process `syz-executor.1'. [ 146.424851][ T8945] netlink: 14 bytes leftover after parsing attributes in process `syz-executor.1'. [ 146.530946][ T8945] netlink: 14 bytes leftover after parsing attributes in process `syz-executor.1'. [ 146.866061][ T8979] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 146.905579][ T8980] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 146.927924][ T8980] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.3'. [ 147.119523][ T8996] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 147.438027][ T9011] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 147.673130][ T9035] IPVS: Error connecting to the multicast addr [ 148.023446][ T29] audit: type=1804 audit(1717727614.144:7): pid=9052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir983218344/syzkaller.cQMRlz/124/cgroup.controllers" dev="sda1" ino=1965 res=1 errno=0 [ 148.360630][ T9074] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 149.324317][ C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 149.671754][ T9151] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 149.865441][ T9157] batman_adv: batadv1: Adding interface: netdevsim0 [ 149.889895][ T9157] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.938691][ T9157] batman_adv: batadv1: Interface activated: netdevsim0 [ 150.277449][ T9186] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 151.058797][ T9217] __nla_validate_parse: 10 callbacks suppressed [ 151.058819][ T9217] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.1'. [ 152.023499][ T9284] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 152.027538][ T9283] team0: Device macvtap1 is already an upper device of the team interface [ 152.499531][ T9309] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 152.769124][ T9329] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.3'. [ 153.484279][ T9371] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 154.294853][ T9409] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 154.722277][ T9436] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 154.820543][ T9443] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 155.760137][ T9497] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 155.778665][ T9497] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.1'. [ 156.226538][ T9519] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 157.075339][ T9566] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 157.096337][ T9566] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 157.114142][ T9566] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 157.499588][ T9591] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 157.509925][ T9591] netlink: 168864 bytes leftover after parsing attributes in process `syz-executor.4'. [ 157.942036][ T9615] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 157.961589][ T9615] netlink: 168864 bytes leftover after parsing attributes in process `syz-executor.3'. [ 158.116560][ T9624] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'. [ 158.132889][ T9624] tipc: Invalid UDP bearer configuration [ 158.132946][ T9624] tipc: Enabling of bearer rejected, failed to enable media [ 158.224502][ T9629] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 158.547829][ T9653] Bluetooth: hci3: unsupported parameter 64512 [ 158.554997][ T9653] Bluetooth: hci3: invalid length 0, exp 2 for type 16 [ 159.445084][ T9703] dummy0: entered promiscuous mode [ 159.454642][ T9703] macsec1: entered promiscuous mode [ 159.460796][ T9703] macsec1: entered allmulticast mode [ 159.467090][ T9703] dummy0: entered allmulticast mode [ 159.475701][ T9703] dummy0: left allmulticast mode [ 159.481459][ T9703] dummy0: left promiscuous mode [ 159.879869][ T9728] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 160.610531][ T9773] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 160.997153][ T9791] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 161.178148][ T9800] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 161.199988][ T9800] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 161.217863][ T9800] tipc: Enabled bearer , priority 16 [ 161.598280][ T9829] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode [ 161.779750][ T9842] __nla_validate_parse: 3 callbacks suppressed [ 161.779769][ T9842] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.2'. [ 162.224416][ T5190] tipc: Node number set to 134826051 [ 164.198776][ T9935] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 164.213953][ T9935] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 164.268871][ T9935] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.2'. [ 164.278679][ T9935] tipc: Started in network mode [ 164.283558][ T9935] tipc: Node identity aaaaaaaaaa0c, cluster identity 4711 [ 164.293192][ T9935] tipc: Enabled bearer , priority 16 [ 165.102007][ T9989] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 165.414894][ T784] tipc: Node number set to 10922666 [ 165.457233][T10016] netlink: 'syz-executor.4': attribute type 15 has an invalid length. [ 165.484478][T10016] netlink: 666 bytes leftover after parsing attributes in process `syz-executor.4'. [ 165.859275][T10044] batadv_slave_0: mtu less than device minimum [ 165.899411][T10046] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 165.957174][T10048] netlink: 'syz-executor.4': attribute type 15 has an invalid length. [ 165.990609][T10048] netlink: 666 bytes leftover after parsing attributes in process `syz-executor.4'. [ 166.334140][T10076] netlink: 'syz-executor.2': attribute type 15 has an invalid length. [ 166.342615][T10076] netlink: 666 bytes leftover after parsing attributes in process `syz-executor.2'. [ 168.079313][T10113] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 168.452806][ T5114] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 168.478561][ T5114] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 168.494427][ T5114] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 168.503012][ T5114] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 168.518963][ T5114] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 168.536908][ T5114] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 168.571155][T10137] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 168.646772][T10129] netdevsim0 speed is unknown, defaulting to 1000 [ 168.853384][T10150] xt_CT: You must specify a L4 protocol and not use inversions on it [ 168.908835][T10129] chnl_net:caif_netlink_parms(): no params data found [ 168.909125][T10145] xt_CT: No such helper "pptp" [ 168.976456][T10150] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 168.985938][T10150] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 169.314789][T10150] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.322769][T10150] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.762061][T10150] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 169.810828][T10150] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.168287][T10150] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.177758][T10150] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.186802][T10150] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.195763][T10150] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.212162][T10150] batman_adv: batadv1: Interface deactivated: netdevsim0 [ 170.291688][T10153] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 170.317154][T10153] vlan2: entered promiscuous mode [ 170.322311][T10153] batadv0: entered promiscuous mode [ 170.332365][T10153] batadv0: left promiscuous mode [ 170.380870][T10172] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 170.576164][T10182] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 170.593815][T10129] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.604587][ T4489] Bluetooth: hci5: command tx timeout [ 170.614963][T10129] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.622185][T10129] bridge_slave_0: entered allmulticast mode [ 170.634932][T10129] bridge_slave_0: entered promiscuous mode [ 170.643675][T10129] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.677831][T10129] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.685712][T10129] bridge_slave_1: entered allmulticast mode [ 170.695981][T10129] bridge_slave_1: entered promiscuous mode [ 170.790396][T10129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 170.817325][T10129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 170.898534][T10129] team0: Port device team_slave_0 added [ 170.932165][T10129] team0: Port device team_slave_1 added [ 171.012390][T10129] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.023100][T10129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.078725][T10129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.116709][T10129] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.126326][T10129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.172862][T10129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.305827][T10129] hsr_slave_0: entered promiscuous mode [ 171.316170][T10129] hsr_slave_1: entered promiscuous mode [ 171.332951][T10129] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 171.352885][T10129] Cannot create hsr debugfs directory [ 171.358882][T10218] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 171.369896][T10218] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 171.663346][T10237] ip6gretap0: entered promiscuous mode [ 171.676505][T10237] batadv_slave_0: entered promiscuous mode [ 171.762478][T10241] netlink: 'syz-executor.3': attribute type 16 has an invalid length. [ 171.771925][T10241] batadv0: entered promiscuous mode [ 171.864057][T10129] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.989362][T10129] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.139278][T10129] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.277996][T10129] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.332647][ T784] netdevsim0 speed is unknown, defaulting to 1000 [ 172.446839][T10268] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 172.523362][T10129] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 172.551484][T10129] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 172.576842][T10129] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 172.597743][T10129] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 172.626516][T10275] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 172.684800][ T4489] Bluetooth: hci5: command tx timeout [ 172.782120][T10129] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.823042][T10129] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.853167][ T5159] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.860375][ T5159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.892996][ T5159] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.900211][ T5159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.169955][T10299] netlink: 'syz-executor.4': attribute type 16 has an invalid length. [ 173.185575][T10299] batadv0: entered promiscuous mode [ 173.232574][T10129] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.307492][T10129] veth0_vlan: entered promiscuous mode [ 173.331610][T10129] veth1_vlan: entered promiscuous mode [ 173.396350][T10129] veth0_macvtap: entered promiscuous mode [ 173.418266][T10129] veth1_macvtap: entered promiscuous mode [ 173.451392][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.473949][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.494502][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.514238][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.526511][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.537743][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.548015][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.561279][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.580657][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.604417][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.620628][T10129] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.640040][T10312] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups) [ 173.641528][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.668347][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.678532][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.689502][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.699920][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.711143][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.721339][T10313] EXT4-fs (sda1): Can't modify superblock whileperforming online resize [ 173.731912][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.742742][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.752816][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.763533][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.776203][T10129] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.795127][T10129] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.803965][T10129] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.816024][T10129] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.825314][T10129] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.928490][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.937659][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.960858][T10315] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 173.973999][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.982322][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.988577][T10315] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.4'. [ 174.049803][T10315] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 174.765353][ T4489] Bluetooth: hci5: command tx timeout [ 174.913008][T10337] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 174.923696][T10337] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'. [ 175.189851][T10356] netlink: 'syz-executor.3': attribute type 49 has an invalid length. [ 175.204027][T10356] netlink: 'syz-executor.3': attribute type 49 has an invalid length. [ 175.212559][T10358] openvswitch: netlink: Unknown nsh attribute 0 [ 176.184091][T10384] openvswitch: netlink: Unknown nsh attribute 0 [ 176.632893][T10403] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups) [ 176.739259][T10408] openvswitch: netlink: Unknown nsh attribute 0 [ 176.845743][ T4489] Bluetooth: hci5: command tx timeout [ 176.859346][T10412] validate_nla: 2 callbacks suppressed [ 176.859366][T10412] netlink: 'syz-executor.3': attribute type 49 has an invalid length. [ 176.888669][T10412] netlink: 'syz-executor.3': attribute type 49 has an invalid length. [ 178.281108][T10442] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 178.450098][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 179.321280][T10492] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 179.343676][T10494] xt_CT: No such helper "pptp" [ 179.360431][T10498] xt_CT: You must specify a L4 protocol and not use inversions on it [ 179.415208][T10498] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 179.419320][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 179.423388][T10498] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 179.477663][T10498] batadv0: left promiscuous mode [ 179.487104][T10501] A link change request failed with some changes committed already. Interface veth0_to_hsr may have been left with an inconsistent configuration, please check. [ 179.636331][T10510] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 179.654625][T10511] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 179.664141][T10511] netlink: 'syz-executor.0': attribute type 13 has an invalid length. [ 179.693570][T10511] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 179.722015][T10511] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 179.728800][T10515] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'. [ 179.730962][T10511] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 179.749427][T10511] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 179.758292][T10511] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 179.772188][T10515] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 179.784441][T10511] vxlan0: entered promiscuous mode [ 180.203573][ T5162] IPVS: starting estimator thread 0... [ 180.229569][ T29] audit: type=1804 audit(1717727646.354:8): pid=10541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1122026330/syzkaller.M5V7im/543/memory.events" dev="sda1" ino=1967 res=1 errno=0 [ 180.304364][T10542] IPVS: using max 33 ests per chain, 79200 per kthread [ 180.861967][T10569] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 180.869676][T10569] IPv6: NLM_F_CREATE should be set when creating new route [ 180.877001][T10569] IPv6: NLM_F_CREATE should be set when creating new route [ 181.036545][T10579] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 181.106942][T10583] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 181.377882][T10601] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 181.521897][T10611] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'. [ 181.532881][T10611] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 181.964793][ C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 182.466425][T10673] A link change request failed with some changes committed already. Interface veth0_to_hsr may have been left with an inconsistent configuration, please check. [ 182.689349][T10689] bond0: (slave bond_slave_0): Releasing backup interface [ 182.946255][T10706] netlink: 'syz-executor.4': attribute type 22 has an invalid length. [ 183.239949][T10724] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 183.259765][ T5159] IPVS: starting estimator thread 0... [ 183.287825][ T29] audit: type=1804 audit(1717727649.414:9): pid=10725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir983218344/syzkaller.cQMRlz/352/memory.events" dev="sda1" ino=1967 res=1 errno=0 [ 183.364421][T10726] IPVS: using max 19 ests per chain, 45600 per kthread [ 184.096820][T10775] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 184.365123][T10787] bridge0: port 3(veth1) entered blocking state [ 184.372553][T10787] bridge0: port 3(veth1) entered disabled state [ 184.379261][T10787] veth1: entered allmulticast mode [ 184.386169][T10787] veth1: entered promiscuous mode [ 184.534029][T10796] syz-executor.3[10796] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 184.534328][T10796] syz-executor.3[10796] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 184.673559][T10804] bond0: (slave bond_slave_0): Releasing backup interface [ 185.017707][T10825] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 185.526351][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 185.774017][T10866] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 185.881066][T10874] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 186.100135][T10890] bond0: (slave bond_slave_0): Releasing backup interface [ 186.469169][ T29] audit: type=1804 audit(1717727652.594:10): pid=10902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir983218344/syzkaller.cQMRlz/374/cgroup.controllers" dev="sda1" ino=1968 res=1 errno=0 [ 186.617708][ T5114] Bluetooth: hci3: command 0x0406 tx timeout [ 186.658249][T10906] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 186.965922][T10917] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'. [ 187.128103][ T29] audit: type=1804 audit(1717727653.254:11): pid=10927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1122026330/syzkaller.M5V7im/614/cgroup.controllers" dev="sda1" ino=1963 res=1 errno=0 [ 187.550347][T10951] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 187.771846][T10947] batman_adv: batadv1: Removing interface: netdevsim0 [ 187.843421][ T5114] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 187.861380][ T5114] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 187.873897][ T5114] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 187.882323][ T5114] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 187.890254][ T5114] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 187.899923][ T5114] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 188.304868][T10958] chnl_net:caif_netlink_parms(): no params data found [ 188.555433][T10958] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.565424][T10993] delete_channel: no stack [ 188.571762][T10995] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'. [ 188.572636][T10958] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.598685][T10958] bridge_slave_0: entered allmulticast mode [ 188.620657][T10958] bridge_slave_0: entered promiscuous mode [ 188.640898][T10958] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.659236][T10958] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.676204][T10958] bridge_slave_1: entered allmulticast mode [ 188.693737][T10958] bridge_slave_1: entered promiscuous mode [ 188.800178][T10958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.829355][T10958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.972024][T10958] team0: Port device team_slave_0 added [ 189.019849][T10958] team0: Port device team_slave_1 added [ 189.110311][T11008] netlink: 'syz-executor.0': attribute type 30 has an invalid length. [ 189.121548][T10958] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.129271][T10958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.162374][T10958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.208732][T10958] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.251348][T10958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.305927][T10958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.360659][T11018] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 189.469679][T10958] hsr_slave_0: entered promiscuous mode [ 189.486182][T10958] hsr_slave_1: entered promiscuous mode [ 189.509070][T10958] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.533918][T10958] Cannot create hsr debugfs directory [ 189.806129][T10958] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.974976][ T5114] Bluetooth: hci6: command tx timeout [ 189.996951][T10958] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.189796][T10958] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.498727][T10958] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.813743][T11048] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.828689][T11059] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 190.843380][T11059] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 190.953250][T11048] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.985934][T11063] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 190.986223][T10958] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 191.010068][T11063] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 191.025068][T10958] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 191.082429][T11048] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.101113][T10958] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 191.125031][T10958] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 191.192315][T11048] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.401745][T11048] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.490693][T11048] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.568753][T11048] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.598944][T10958] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.605422][T11084] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 191.625493][T11048] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.627985][T11084] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 191.683907][T10958] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.738528][ T5236] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.745717][ T5236] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.814008][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.821231][ T5161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.045581][ T5114] Bluetooth: hci6: command tx timeout [ 192.098746][T11106] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 192.342937][T10958] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.497594][T10958] veth0_vlan: entered promiscuous mode [ 192.530980][T10958] veth1_vlan: entered promiscuous mode [ 192.619672][T10958] veth0_macvtap: entered promiscuous mode [ 192.683325][T10958] veth1_macvtap: entered promiscuous mode [ 192.717046][T11128] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 192.740810][T11128] veth1_vlan: left promiscuous mode [ 192.771268][T11128] team0: Device veth1_vlan failed to register rx_handler [ 192.860740][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.884801][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.896596][T11136] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 192.919080][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.930575][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.944760][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.955548][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.965861][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.978865][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.989187][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 193.000002][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.010822][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 193.021512][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.033214][T10958] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 193.058796][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.085017][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.104594][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.116136][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.128628][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.139716][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.149951][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.167635][T11141] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'. [ 193.177747][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.188890][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.199677][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.211479][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.222249][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.234539][T10958] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 193.242051][T11136] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 193.282549][T10958] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.317028][T10958] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.334409][T10958] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.343142][T10958] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.471680][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.500487][T11128] syz-executor.3 (11128) used greatest stack depth: 17872 bytes left [ 193.504472][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.548802][T11156] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 193.602704][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.613132][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.131484][ T5114] Bluetooth: hci6: command tx timeout [ 194.240499][T11190] sch_tbf: peakrate 71 is lower than or equals to rate 13415355817161298577 ! [ 196.116872][T11287] __nla_validate_parse: 5 callbacks suppressed [ 196.116891][T11287] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 196.162883][T11289] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 196.204626][ T5114] Bluetooth: hci6: command tx timeout [ 196.662314][T11320] netlink: 232 bytes leftover after parsing attributes in process `syz-executor.4'. [ 196.695584][T11320] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'. [ 196.706806][T11323] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 196.929848][T11331] veth0Wvlan: renamed from syz_tun [ 197.217654][T11347] syzkaller0: entered allmulticast mode [ 197.251441][T11347] syzkaller0 (unregistering): left allmulticast mode [ 197.636168][T11371] veth1: left allmulticast mode [ 197.641506][T11371] veth1: left promiscuous mode [ 197.687467][T11371] bridge0: port 3(veth1) entered disabled state [ 197.726961][T11371] bridge_slave_1: left allmulticast mode [ 197.753005][T11371] bridge_slave_1: left promiscuous mode [ 197.759852][T11371] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.772305][T11371] bridge_slave_0: left allmulticast mode [ 197.778834][T11371] bridge_slave_0: left promiscuous mode [ 197.794000][T11371] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.031285][T11387] pim6reg1: entered promiscuous mode [ 198.051969][T11387] pim6reg1: entered allmulticast mode [ 198.162576][T11399] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 198.713477][T11435] pim6reg1: entered promiscuous mode [ 198.719562][T11435] pim6reg1: entered allmulticast mode [ 199.242657][T11463] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 199.313519][T11463] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.331977][T11463] bond0: (slave team0): Enslaving as an active interface with an up link [ 199.373447][T11467] pim6reg1: entered promiscuous mode [ 199.383037][T11467] pim6reg1: entered allmulticast mode [ 199.652291][T11493] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 199.798836][T11499] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 199.828113][T11499] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 199.853156][T11506] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.4'. [ 200.004465][T11511] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 200.054870][T11511] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.070483][T11511] bond0: (slave team0): Enslaving as an active interface with an up link [ 200.210060][T11519] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 200.246711][T11519] mac80211_hwsim hwsim24 wlan1: default FDB implementation only supports local addresses [ 201.097367][T11556] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.3'. [ 201.441305][T11580] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 201.562954][T11584] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 201.582611][T11584] mac80211_hwsim hwsim21 wlan1: default FDB implementation only supports local addresses [ 201.640240][T11588] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.1'. [ 202.245719][ T4489] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 202.275896][ T4489] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 202.294532][ T4489] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 202.311042][ T4489] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 202.327143][ T4489] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 202.337038][ T4489] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 202.772541][T11609] chnl_net:caif_netlink_parms(): no params data found [ 202.788734][T11626] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 203.154914][T11609] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.180186][T11609] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.205127][T11609] bridge_slave_0: entered allmulticast mode [ 203.219600][T11609] bridge_slave_0: entered promiscuous mode [ 203.247012][T11609] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.270438][T11609] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.290722][T11609] bridge_slave_1: entered allmulticast mode [ 203.306710][T11609] bridge_slave_1: entered promiscuous mode [ 203.428290][T11609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.505864][T11609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.557778][T11663] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 203.651067][T11609] team0: Port device team_slave_0 added [ 203.679576][T11609] team0: Port device team_slave_1 added [ 203.812686][T11609] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.829537][T11609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.870617][T11609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.917930][T11609] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.943953][T11609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.016812][T11609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.193730][T11609] hsr_slave_0: entered promiscuous mode [ 204.218935][T11609] hsr_slave_1: entered promiscuous mode [ 204.241949][T11609] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.264885][T11609] Cannot create hsr debugfs directory [ 204.291217][T11696] vlan2: entered promiscuous mode [ 204.366433][ T5114] Bluetooth: hci7: command tx timeout [ 204.716745][T11711] sctp: [Deprecated]: syz-executor.3 (pid 11711) Use of struct sctp_assoc_value in delayed_ack socket option. [ 204.716745][T11711] Use struct sctp_sack_info instead [ 204.748165][T11609] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.987415][T11609] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.152884][T11609] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.318920][T11609] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.626310][T11609] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 205.652820][T11609] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 205.705640][T11609] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 205.711302][T11760] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 205.746297][T11761] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 205.762750][T11609] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 205.783734][T11763] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.4'. [ 205.883754][T11767] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 205.990901][T11609] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.032981][T11609] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.060579][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.067775][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.127704][ T5236] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.134910][ T5236] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.254166][T11609] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 206.293595][T11609] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 206.446025][ T5114] Bluetooth: hci7: command tx timeout [ 206.454680][T11794] netlink: 'syz-executor.3': attribute type 15 has an invalid length. [ 206.515944][T11798] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 206.801369][T11609] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.962907][T11609] veth0_vlan: entered promiscuous mode [ 207.000217][T11609] veth1_vlan: entered promiscuous mode [ 207.097522][T11609] veth0_macvtap: entered promiscuous mode [ 207.113993][T11609] veth1_macvtap: entered promiscuous mode [ 207.145939][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.165265][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.187214][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.198194][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.209566][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.220395][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.230521][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.241446][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.252036][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.262937][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.273109][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.284153][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.294703][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.305919][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.333749][T11609] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 207.355283][T11832] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 207.411366][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 207.442491][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.465264][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 207.476116][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.500070][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 207.511249][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.530095][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 207.541057][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.551804][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 207.573647][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.598161][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 207.625013][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.648591][T11609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 207.664722][T11850] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 207.686768][T11609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.701549][T11609] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 207.712332][T11842] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'. [ 207.742315][T11609] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.778162][T11609] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.791806][T11609] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.800886][T11609] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.990989][T11865] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 208.094913][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.102764][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.243048][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.284647][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.309718][ T29] audit: type=1804 audit(1717727674.424:12): pid=11881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3407845081/syzkaller.sGfJvr/69/cgroup.controllers" dev="sda1" ino=1949 res=1 errno=0 [ 208.399210][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.409598][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.416137][T11883] sctp: [Deprecated]: syz-executor.4 (pid 11883) Use of struct sctp_assoc_value in delayed_ack socket option. [ 208.416137][T11883] Use struct sctp_sack_info instead [ 208.418425][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.456759][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.487922][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.518055][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.525005][ T5114] Bluetooth: hci7: command tx timeout [ 208.528013][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.542827][T11889] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 208.624894][T11890] bridge0: port 3(macsec0) entered blocking state [ 208.631943][T11890] bridge0: port 3(macsec0) entered disabled state [ 208.658339][T11890] macsec0: entered allmulticast mode [ 208.671990][T11890] veth1_macvtap: entered allmulticast mode [ 208.680725][T11890] macsec0: entered promiscuous mode [ 208.713222][T11890] bridge0: port 3(macsec0) entered blocking state [ 208.720780][T11890] bridge0: port 3(macsec0) entered forwarding state [ 208.758379][T11904] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 208.779945][T11904] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.794533][T11904] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 208.819825][T11904] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.828251][T11904] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.165790][T11930] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 209.336950][T11939] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 209.363093][T11939] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 209.600176][T11957] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 210.573552][T12009] bridge0: port 3(macsec0) entered blocking state [ 210.598910][T12009] bridge0: port 3(macsec0) entered disabled state [ 210.606068][ T5114] Bluetooth: hci7: command tx timeout [ 210.615130][T12009] macsec0: entered allmulticast mode [ 210.628337][T12009] veth1_macvtap: entered allmulticast mode [ 210.675002][T12009] macsec0: entered promiscuous mode [ 210.691602][T12009] bridge0: port 3(macsec0) entered blocking state [ 210.698246][T12009] bridge0: port 3(macsec0) entered forwarding state [ 210.736505][T12009] tipc: Resetting bearer [ 210.749580][T12012] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'. [ 211.187642][T12047] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.216990][T12050] validate_nla: 13 callbacks suppressed [ 211.217008][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.261102][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.290960][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.309289][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.343066][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.364858][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.373158][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.383527][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.434498][T12050] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 211.560669][T12072] __nla_validate_parse: 2 callbacks suppressed [ 211.560699][T12072] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 211.592438][T12077] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 211.599450][T12078] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 211.626875][T12077] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'. [ 211.708886][T12072] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.772649][T12072] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.900399][T12082] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.914981][T12079] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 211.939677][T12079] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 212.139995][T12106] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 212.165539][T12106] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 212.421992][T12124] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.543096][T12132] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. [ 212.553874][T12132] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'. [ 212.570222][T12132] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. [ 212.682544][T12142] tipc: Enabling of bearer rejected, failed to enable media [ 212.691529][ T5114] Bluetooth: hci7: command tx timeout [ 213.384809][T12187] tipc: Resetting bearer [ 213.406292][T12187] tipc: Resetting bearer [ 213.498159][T12187] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.557917][T12187] bridge0: port 3(macsec0) entered disabled state [ 213.580466][ T5159] tipc: Resetting bearer [ 214.520999][T12250] tipc: Resetting bearer [ 217.462779][T12316] validate_nla: 5 callbacks suppressed [ 217.462916][T12316] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 217.477204][T12316] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 217.485705][T12316] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 217.493783][T12316] __nla_validate_parse: 10 callbacks suppressed [ 217.493793][T12316] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.4'. [ 217.522930][T12318] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 217.760830][T12332] dccp_invalid_packet: P.type (RESET) not Data || [Data]Ack, while P.X == 0 [ 217.920668][T12346] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 217.940534][T12346] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 218.004667][T12346] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 218.013520][T12346] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.0'. [ 218.637513][T12394] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 218.683934][T12394] netlink: 'syz-executor.3': attribute type 20 has an invalid length. [ 218.796129][T12403] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 218.824296][T12403] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 218.953121][T12414] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 218.962843][T12414] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 219.031932][T12417] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 219.119427][T12421] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 219.132011][T12421] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 219.140421][T12421] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 219.163955][T12421] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.4'. [ 219.346680][T12438] netlink: 9286 bytes leftover after parsing attributes in process `syz-executor.2'. [ 219.484163][T12441] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 220.448822][T12506] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 221.392695][T12548] syzkaller0: entered promiscuous mode [ 221.398920][T12548] syzkaller0: entered allmulticast mode [ 222.439223][T12602] xt_cluster: node mask cannot exceed total number of nodes [ 224.075650][T12618] validate_nla: 2 callbacks suppressed [ 224.075668][T12618] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 224.147816][T12618] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 224.276901][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 224.293626][T12629] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 225.401662][ T12] ip6gretap0 (unregistering): left promiscuous mode [ 225.866618][ T4489] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 225.884430][ T4489] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 225.893442][ T4489] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 225.903411][ T4489] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 225.913570][ T4489] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 225.921333][ T4489] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 226.174763][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 226.185067][ T12] bond0 (unregistering): Released all slaves [ 226.201227][ T12] bond1 (unregistering): Released all slaves [ 226.215420][T12666] __nla_validate_parse: 4 callbacks suppressed [ 226.215438][T12666] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 226.231121][T12666] netlink: 'syz-executor.2': attribute type 18 has an invalid length. [ 226.246776][T12666] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 226.256787][T12666] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 226.266333][T12666] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 226.275166][T12666] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 226.298940][T12666] vxlan0: entered promiscuous mode [ 226.925709][ T12] batadv_slave_0: left promiscuous mode [ 226.944794][ T12] hsr_slave_0: left promiscuous mode [ 226.974010][ T12] hsr_slave_1: left promiscuous mode [ 226.982256][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 226.995341][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 227.192757][ T12] pim6reg9 (unregistering): left allmulticast mode [ 227.844619][ T12] team0 (unregistering): Port device team_slave_1 removed [ 227.897152][ T12] team0 (unregistering): Port device team_slave_0 removed [ 227.964544][ T4489] Bluetooth: hci4: command tx timeout [ 228.423182][ T29] audit: type=1800 audit(1717727694.544:13): pid=12743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1968 res=0 errno=0 [ 228.484447][ T29] audit: type=1804 audit(1717727694.574:14): pid=12743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir4282503175/syzkaller.pHUNhN/273/memory.events" dev="sda1" ino=1968 res=1 errno=0 [ 228.530462][ T29] audit: type=1804 audit(1717727694.604:15): pid=12743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir4282503175/syzkaller.pHUNhN/273/memory.events" dev="sda1" ino=1968 res=1 errno=0 [ 228.650257][T12736] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 228.808910][T12751] netlink: 'syz-executor.4': attribute type 6 has an invalid length. [ 229.011505][T12675] chnl_net:caif_netlink_parms(): no params data found [ 229.193541][ T12] IPVS: stop unused estimator thread 0... [ 229.258210][T12675] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.274717][T12675] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.282120][T12675] bridge_slave_0: entered allmulticast mode [ 229.297017][T12675] bridge_slave_0: entered promiscuous mode [ 229.317513][T12675] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.336282][T12675] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.351663][T12675] bridge_slave_1: entered allmulticast mode [ 229.369743][T12675] bridge_slave_1: entered promiscuous mode [ 229.437217][T12675] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 229.451478][T12675] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 229.506482][T12675] team0: Port device team_slave_0 added [ 229.516661][T12675] team0: Port device team_slave_1 added [ 229.555437][T12675] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 229.562546][T12675] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.590451][T12675] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 229.603834][T12675] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 229.611131][T12675] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.640347][T12675] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 229.713176][T12675] hsr_slave_0: entered promiscuous mode [ 229.721780][T12675] hsr_slave_1: entered promiscuous mode [ 229.738353][T12675] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 229.755454][T12675] Cannot create hsr debugfs directory [ 229.937105][T12774] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 230.055322][ T4489] Bluetooth: hci4: command 0x041b tx timeout [ 230.137125][T12782] netlink: 'syz-executor.0': attribute type 6 has an invalid length. [ 230.215255][T12789] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'. [ 230.271756][ T29] audit: type=1800 audit(1717727696.384:16): pid=12792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1949 res=0 errno=0 [ 230.299143][ T29] audit: type=1804 audit(1717727696.394:17): pid=12792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir3407845081/syzkaller.sGfJvr/135/memory.events" dev="sda1" ino=1949 res=1 errno=0 [ 230.367874][ T29] audit: type=1804 audit(1717727696.494:18): pid=12792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir3407845081/syzkaller.sGfJvr/135/memory.events" dev="sda1" ino=1949 res=1 errno=0 [ 230.555879][T12803] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20003 [ 230.609834][T12808] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'. [ 230.642965][T12808] openvswitch: netlink: Tunnel attr 8192 out of range max 16 [ 230.828345][T12819] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'. [ 230.888146][T12675] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 230.925851][T12675] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 230.974051][T12675] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 231.008324][T12675] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 231.159855][T12834] (unnamed net_device) (uninitialized): peer notification delay (4) is not a multiple of miimon (7), value rounded to 0 ms [ 231.218778][T12837] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 231.280070][T12675] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.326922][T12675] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.365526][ T5159] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.372656][ T5159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.414324][ T5159] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.421532][ T5159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.943908][T12675] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.023772][T12877] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 232.072014][T12877] netlink: 9352 bytes leftover after parsing attributes in process `syz-executor.2'. [ 232.079544][T12675] veth0_vlan: entered promiscuous mode [ 232.122104][T12877] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 232.123681][T12675] veth1_vlan: entered promiscuous mode [ 232.136940][ T5114] Bluetooth: hci4: command 0x041b tx timeout [ 232.159436][T12877] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 232.210458][T12675] veth0_macvtap: entered promiscuous mode [ 232.221466][T12675] veth1_macvtap: entered promiscuous mode [ 232.243301][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.261623][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.289160][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.324380][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.342623][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.357362][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.375544][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.415474][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.455030][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.482759][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.509049][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.554579][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.579068][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.600943][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.639818][T12675] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.651592][T12899] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 232.690017][T12905] (unnamed net_device) (uninitialized): peer notification delay (4) is not a multiple of miimon (7), value rounded to 0 ms [ 232.793647][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.840424][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.878550][T12917] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 232.891393][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.921620][T12917] netlink: 9352 bytes leftover after parsing attributes in process `syz-executor.0'. [ 232.932705][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.947141][T12917] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 232.955429][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.966082][T12917] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 232.975845][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.987915][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.006168][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.018366][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.029205][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.040032][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.051137][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.060973][T12675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.071562][T12675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.083124][T12675] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.103483][T12913] ip6gretap1: entered promiscuous mode [ 233.135223][T12675] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.153827][T12675] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.167053][T12675] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.177515][T12675] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.270991][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.287877][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.312986][ T2839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.323366][ T2839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.204749][ T5114] Bluetooth: hci4: command 0x041b tx timeout [ 234.859851][T12926] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 235.216265][T12948] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 235.506164][T12971] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 235.906807][T12991] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 236.285153][ T5114] Bluetooth: hci4: command 0x041b tx timeout [ 236.617173][T13030] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 236.627567][T13031] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 236.695476][T13030] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'. [ 237.062929][T13042] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 237.110005][T13042] tipc: Resetting bearer [ 237.476725][T13052] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 237.713195][T13063] vlan3: entered promiscuous mode [ 237.723967][T13063] dummy0: entered promiscuous mode [ 237.754691][T13063] vlan3: entered allmulticast mode [ 237.764620][T13063] dummy0: entered allmulticast mode [ 237.788297][T13065] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 238.095594][T13081] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 238.231850][T13094] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 239.103315][T13132] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 239.192558][T13135] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 239.331504][T13141] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 239.798151][T13165] sctp: [Deprecated]: syz-executor.0 (pid 13165) Use of struct sctp_assoc_value in delayed_ack socket option. [ 239.798151][T13165] Use struct sctp_sack_info instead [ 240.301002][T13185] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 240.374715][T13185] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'. [ 240.831325][T13199] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 242.926322][ T5115] Bluetooth: hci1: command 0x0406 tx timeout [ 243.885059][T13278] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 247.056124][T13346] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 247.481806][T13346] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'. [ 248.451297][T13385] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 249.062513][ T1099] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.085541][ T5115] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 249.098265][ T5115] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 249.106479][ T5115] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 249.118182][ T5115] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 249.132694][ T5115] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 249.140488][ T5115] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 249.233864][ T1099] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.342012][ T1099] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.430883][T13418] netlink: 'syz-executor.3': attribute type 30 has an invalid length. [ 249.466983][ T1099] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.822353][T13404] chnl_net:caif_netlink_parms(): no params data found [ 250.009950][ T1099] macsec0: left allmulticast mode [ 250.024450][ T1099] veth1_macvtap: left allmulticast mode [ 250.030332][ T1099] macsec0: left promiscuous mode [ 250.037058][ T1099] bridge0: port 3(macsec0) entered disabled state [ 250.066617][ T1099] bridge_slave_1: left allmulticast mode [ 250.072297][ T1099] bridge_slave_1: left promiscuous mode [ 250.124892][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.164899][ T1099] bridge_slave_0: left allmulticast mode [ 250.188489][ T1099] bridge_slave_0: left promiscuous mode [ 250.216988][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.253736][ T1099] tipc: Resetting bearer [ 250.281266][T13457] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 250.316616][T13457] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'. [ 250.626517][T13466] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 250.851526][ T1099] tipc: Disabling bearer [ 251.189032][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 251.210002][ T1099] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 251.229340][ T1099] bond0 (unregistering): Released all slaves [ 251.245909][ T5114] Bluetooth: hci1: command tx timeout [ 251.263432][ T1099] bond1 (unregistering): Released all slaves [ 251.300336][ T1099] bond2 (unregistering): Released all slaves [ 251.466935][ T1099] tipc: Left network mode [ 251.524766][T13404] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.532143][T13404] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.557809][T13404] bridge_slave_0: entered allmulticast mode [ 251.583516][T13404] bridge_slave_0: entered promiscuous mode [ 251.659177][T13404] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.671315][T13404] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.691088][T13404] bridge_slave_1: entered allmulticast mode [ 251.716427][T13404] bridge_slave_1: entered promiscuous mode [ 251.814005][T13489] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.964110][T13404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.092130][ T1099] hsr_slave_0: left promiscuous mode [ 252.123986][ T1099] hsr_slave_1: left promiscuous mode [ 252.149194][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 252.179314][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 252.199720][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 252.222484][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 252.316872][ T1099] veth1_macvtap: left promiscuous mode [ 252.322441][ T1099] veth0_macvtap: left promiscuous mode [ 252.342447][ T1099] veth1_vlan: left promiscuous mode [ 252.349312][ T1099] veth0_vlan: left promiscuous mode [ 252.508741][T13522] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 252.531593][T13522] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'. [ 253.284459][ T1099] team0 (unregistering): Port device team_slave_1 removed [ 253.328725][ T5114] Bluetooth: hci1: command tx timeout [ 253.347053][ T1099] team0 (unregistering): Port device team_slave_0 removed [ 253.931342][T13404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 253.941127][T13515] netlink: 'syz-executor.3': attribute type 30 has an invalid length. [ 253.984581][T13546] netlink: 'syz-executor.2': attribute type 5 has an invalid length. [ 254.120371][T13404] team0: Port device team_slave_0 added [ 254.151594][T13404] team0: Port device team_slave_1 added [ 254.241306][T13565] netlink: 'syz-executor.2': attribute type 6 has an invalid length. [ 254.261384][T13565] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.2'. [ 254.335875][T13404] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.342849][T13404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.389834][T13404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.406280][T13404] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.425585][T13404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.491685][T13404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.671527][T13404] hsr_slave_0: entered promiscuous mode [ 254.689154][T13404] hsr_slave_1: entered promiscuous mode [ 254.710748][T13404] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 254.730834][T13404] Cannot create hsr debugfs directory [ 254.896902][ T1099] IPVS: stop unused estimator thread 0... [ 255.092913][ T1099] bridge_slave_1: left allmulticast mode [ 255.110327][ T1099] bridge_slave_1: left promiscuous mode [ 255.123190][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.150514][ T1099] bridge_slave_0: left allmulticast mode [ 255.159946][ T1099] bridge_slave_0: left promiscuous mode [ 255.169971][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.415336][ T5115] Bluetooth: hci1: command tx timeout [ 255.552801][ T1099] bond1 (unregistering): (slave ip6gretap1): Releasing active interface [ 255.566523][ T1099] ip6gretap1 (unregistering): left promiscuous mode [ 255.573153][ T1099] ip6gretap1 (unregistering): left allmulticast mode [ 255.610063][ T1099] bond2 (unregistering): (slave ip6gretap2): Releasing active interface [ 255.627759][ T1099] ip6gretap2 (unregistering): left promiscuous mode [ 255.637053][ T1099] ip6gretap2 (unregistering): left allmulticast mode [ 255.992887][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 256.008647][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 256.019962][ T1099] bond0 (unregistering): Released all slaves [ 256.123692][ T1099] bond1 (unregistering): Released all slaves [ 256.235808][ T1099] bond2 (unregistering): Released all slaves [ 256.267958][T13639] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 256.298020][T13639] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'. [ 256.324918][T13645] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.2'. [ 256.428515][ T1099] tipc: Disabling bearer [ 256.455815][ T1099] tipc: Left network mode [ 256.788380][ T1099] hsr_slave_0: left promiscuous mode [ 256.804587][ T1099] hsr_slave_1: left promiscuous mode [ 256.819336][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 256.837578][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 256.852319][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 256.866881][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 256.908235][ T1099] veth1_macvtap: left promiscuous mode [ 256.913884][ T1099] veth0_macvtap: left promiscuous mode [ 256.920693][ T1099] veth1_vlan: left promiscuous mode [ 256.933469][ T1099] veth0_vlan: left promiscuous mode [ 257.422750][ T1099] team0 (unregistering): Port device team_slave_1 removed [ 257.477164][ T1099] team0 (unregistering): Port device team_slave_0 removed [ 257.486624][ T5115] Bluetooth: hci1: command 0x0419 tx timeout [ 258.134689][T13693] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 258.302002][T13693] bridge_slave_1: left allmulticast mode [ 258.337717][T13693] bridge_slave_1: left promiscuous mode [ 258.358116][T13693] bridge0: port 2(bridge_slave_1) entered disabled state [ 258.466532][T13404] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 258.502937][T13404] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 258.528750][T13404] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 258.543456][T13404] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 258.631683][ T1099] IPVS: stop unused estimator thread 0... [ 258.663047][T13710] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 258.686929][T13710] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 258.861037][T13404] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.912765][T13404] 8021q: adding VLAN 0 to HW filter on device team0 [ 258.948035][ T5159] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.955270][ T5159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.992203][ T5159] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.999410][ T5159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.146796][T13730] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 259.377843][T13745] netlink: 'syz-executor.1': attribute type 13 has an invalid length. [ 259.387977][T13745] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 259.398459][T13744] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 259.670125][T13404] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 259.862880][T13771] tun0: tun_chr_ioctl cmd 2147767520 [ 260.282432][T13404] veth0_vlan: entered promiscuous mode [ 260.337849][T13404] veth1_vlan: entered promiscuous mode [ 260.443621][T13404] veth0_macvtap: entered promiscuous mode [ 260.473869][T13404] veth1_macvtap: entered promiscuous mode [ 260.522922][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.566647][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.592664][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.618272][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.642894][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.665537][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.682733][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.704258][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.714102][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.733735][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.755186][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.772800][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.788105][T13404] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 260.803567][T13819] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 260.852201][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.897526][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.915856][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.932347][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.962775][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.984104][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.001651][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.022058][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.032031][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.042660][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.054359][T13404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.067086][T13404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.080541][T13404] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 261.167150][T13404] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.194973][T13404] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.214490][T13404] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.242257][T13404] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.605670][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 261.613521][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 261.740585][ T1055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 261.770272][ T1055] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 262.026821][T13879] xt_l2tp: v2 tid > 0xffff: 150994944 [ 262.079944][ T29] audit: type=1804 audit(1717727728.204:19): pid=13877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3407845081/syzkaller.sGfJvr/245/cgroup.controllers" dev="sda1" ino=1968 res=1 errno=0 [ 262.206266][T13884] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 262.506945][T13893] vxcan0: tx drop: invalid da for name 0x0000000000000002 [ 263.132363][T13936] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 264.200514][T13997] vxcan0: tx drop: invalid da for name 0x0000000000000002 [ 264.312356][T14011] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bond, syncid = 0, id = 0 [ 264.872104][T14047] netlink: 296 bytes leftover after parsing attributes in process `syz-executor.2'. [ 265.051343][T14065] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 265.296581][T14076] Bluetooth: hci3: invalid length 0, exp 1 for type 31 [ 265.462513][T14088] syz-executor.2 uses old SIOCAX25GETINFO [ 265.483523][T14088] netlink: 328 bytes leftover after parsing attributes in process `syz-executor.2'. [ 265.911084][T14119] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.4'. [ 265.923696][T14117] sctp: [Deprecated]: syz-executor.2 (pid 14117) Use of struct sctp_assoc_value in delayed_ack socket option. [ 265.923696][T14117] Use struct sctp_sack_info instead [ 266.030195][T14123] vlan3: entered promiscuous mode [ 266.060356][T14123] bond0: entered promiscuous mode [ 266.074373][T14123] bond_slave_1: entered promiscuous mode [ 266.084645][T14123] team0: entered promiscuous mode [ 266.101208][T14123] team_slave_0: entered promiscuous mode [ 266.133875][T14123] team_slave_1: entered promiscuous mode [ 266.155530][T14123] bond0: left promiscuous mode [ 266.160513][T14123] bond_slave_1: left promiscuous mode [ 266.166796][T14123] team0: left promiscuous mode [ 266.171763][T14123] team_slave_0: left promiscuous mode [ 266.184832][T14123] team_slave_1: left promiscuous mode [ 266.529861][T14152] Bluetooth: hci3: invalid length 0, exp 1 for type 31 [ 267.302382][T14191] sctp: [Deprecated]: syz-executor.2 (pid 14191) Use of struct sctp_assoc_value in delayed_ack socket option. [ 267.302382][T14191] Use struct sctp_sack_info instead [ 267.537213][T14207] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 267.782667][T14225] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 268.103497][T14246] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 268.274122][T14254] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 268.281727][T14259] sctp: [Deprecated]: syz-executor.4 (pid 14259) Use of struct sctp_assoc_value in delayed_ack socket option. [ 268.281727][T14259] Use struct sctp_sack_info instead [ 268.496625][T14273] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 268.758096][T14290] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bond, syncid = 0, id = 0 [ 268.980031][T14307] vlan2: entered promiscuous mode [ 268.986599][T14307] bond0: entered promiscuous mode [ 269.006745][T14307] bond_slave_0: entered promiscuous mode [ 269.043251][T14307] bond_slave_1: entered promiscuous mode [ 269.121599][T14319] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 269.163902][T14307] bond0: left promiscuous mode [ 269.176183][T14307] bond_slave_0: left promiscuous mode [ 269.192487][T14307] bond_slave_1: left promiscuous mode [ 269.845623][T14361] vlan2: entered promiscuous mode [ 269.860092][T14361] bond0: entered promiscuous mode [ 269.870460][T14361] bond_slave_0: entered promiscuous mode [ 269.881671][T14361] bond_slave_1: entered promiscuous mode [ 269.909649][T14361] bond0: left promiscuous mode [ 269.921584][T14361] bond_slave_0: left promiscuous mode [ 269.929071][T14361] bond_slave_1: left promiscuous mode [ 271.299959][T14442] __nla_validate_parse: 1 callbacks suppressed [ 271.299979][T14442] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 271.751373][T14472] netlink: 'syz-executor.1': attribute type 7 has an invalid length. [ 271.962686][T14488] netlink: 'syz-executor.3': attribute type 25 has an invalid length. [ 271.984908][T14488] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 272.007919][T14488] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (3469) [ 272.033558][T14488] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023 [ 272.260571][T14504] pim6reg1: entered promiscuous mode [ 272.266953][T14504] pim6reg1: entered allmulticast mode [ 272.352891][T14504] syzkaller0: entered allmulticast mode [ 272.464596][T14513] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 272.547196][T14519] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 272.592083][T14520] netlink: 'syz-executor.1': attribute type 25 has an invalid length. [ 272.620523][T14520] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 272.652630][T14520] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (3469) [ 272.687176][T14520] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023 [ 272.992294][T14552] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 273.737568][T14596] pim6reg1: entered promiscuous mode [ 273.745619][T14596] pim6reg1: entered allmulticast mode [ 273.805372][T14596] syzkaller0: entered allmulticast mode [ 273.890193][T14602] syzkaller0: entered promiscuous mode [ 273.897837][T14602] syzkaller0: entered allmulticast mode [ 274.967941][T14645] netlink: 'syz-executor.4': attribute type 9 has an invalid length. [ 276.205563][T14623] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 276.285467][T14661] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 276.753757][T14691] raw_sendmsg: syz-executor.3 forgot to set AF_INET. Fix it! [ 278.982706][T14822] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 279.079560][T14826] dccp_invalid_packet: P.Data Offset(100) too large [ 279.824293][T14851] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 279.966064][T14851] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 280.388367][T14884] openvswitch: netlink: Missing key (keys=40, expected=100) [ 280.803832][T14915] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 280.834364][ T29] audit: type=1804 audit(1717727746.954:20): pid=14909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2487137651/syzkaller.3MbHk6/109/cgroup.controllers" dev="sda1" ino=1970 res=1 errno=0 [ 281.173300][T14936] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 282.035408][T14947] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 282.120498][T14951] mac80211_hwsim hwsim20 wlan0: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 282.307322][T14963] netlink: 'syz-executor.4': attribute type 6 has an invalid length. [ 282.464703][T14974] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 282.568428][T14974] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 282.722619][T14993] xt_l2tp: v2 doesn't support IP mode [ 282.922857][T15006] netlink: 'syz-executor.4': attribute type 15 has an invalid length. [ 283.168906][T15024] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 283.248099][T15024] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 283.347261][T15036] netlink: 'syz-executor.0': attribute type 15 has an invalid length. [ 284.149962][T15086] netlink: 'syz-executor.2': attribute type 6 has an invalid length. [ 284.870827][T15128] netlink: 'syz-executor.0': attribute type 9 has an invalid length. [ 284.885849][T15128] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 284.905991][T15128] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 284.978218][T15132] unsupported nlmsg_type 40 [ 286.438015][T15176] netlink: 'syz-executor.2': attribute type 5 has an invalid length. [ 286.516951][T15178] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 286.620024][T15184] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'. [ 288.082723][T15289] netlink: 201392 bytes leftover after parsing attributes in process `syz-executor.1'. [ 288.575475][T15315] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 288.712645][T15325] netlink: 296 bytes leftover after parsing attributes in process `syz-executor.1'. [ 289.005032][ T5115] Bluetooth: hci2: command 0x0405 tx timeout [ 289.164809][T15349] netlink: 201392 bytes leftover after parsing attributes in process `syz-executor.1'. [ 289.173858][T15347] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 289.240140][T15347] sch_tbf: burst 0 is lower than device bridge2 mtu (1514) ! [ 289.282422][T15355] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 289.309749][T15360] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.3'. [ 289.441439][T15355] bond2: (slave vcan0): The slave device specified does not support setting the MAC address [ 289.452033][T15355] bond2: (slave vcan0): Setting fail_over_mac to active for active-backup mode [ 289.473385][T15355] bond2: (slave vcan0): making interface the new active one [ 289.482170][T15355] bond2: (slave vcan0): Enslaving as an active interface with an up link [ 289.766171][T15378] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 289.766903][T15379] netlink: 209840 bytes leftover after parsing attributes in process `syz-executor.3'. [ 290.069558][T15397] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 290.148583][T15397] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.4'. [ 290.270314][T15409] Bluetooth: hci3: invalid length 0, exp 2 for type 17 [ 290.615612][T15435] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 290.638743][T15435] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.0'. [ 290.761347][T15443] Bluetooth: hci3: invalid length 0, exp 2 for type 17 [ 291.087815][T15467] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 291.268249][T15476] Bluetooth: hci3: invalid length 0, exp 2 for type 17 [ 291.268555][T15474] sch_tbf: burst 0 is lower than device bridge6 mtu (1514) ! [ 291.884132][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 292.051952][T15519] __nla_validate_parse: 4 callbacks suppressed [ 292.051971][T15519] netlink: 300 bytes leftover after parsing attributes in process `syz-executor.4'. [ 292.057657][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 292.483411][T15537] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 292.616245][T15544] netlink: 260 bytes leftover after parsing attributes in process `syz-executor.2'. [ 292.652986][T15547] netlink: 300 bytes leftover after parsing attributes in process `syz-executor.3'. [ 294.127643][ T5115] Bluetooth: hci5: command 0x0406 tx timeout [ 295.070654][ T35] wlan0: Creating new IBSS network, BSSID fe:61:3e:62:c6:fe [ 299.098109][T15613] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 299.921191][T15670] netlink: 300 bytes leftover after parsing attributes in process `syz-executor.3'. [ 299.939822][T15671] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 300.000622][T15671] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 300.090763][T15679] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 300.132952][T15681] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 300.154274][T15681] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.4'. [ 300.993466][T15723] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 301.007552][T15723] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.0'. [ 301.509378][T15754] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 301.522958][T15754] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 301.752756][T15768] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 302.392489][T15798] can: request_module (can-proto-0) failed. [ 303.353667][T15875] netlink: 'syz-executor.0': attribute type 30 has an invalid length. [ 303.401549][T15871] caif0: entered allmulticast mode [ 303.412973][T15871] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 303.422328][T15871] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 304.207885][ T30] INFO: task syz-executor.1:9588 blocked for more than 143 seconds. [ 304.231570][ T30] Not tainted 6.10.0-rc2-syzkaller-00438-g62b5bf58b928 #0 2024/06/07 02:36:10 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 304.274277][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 304.330211][ T30] task:syz-executor.1 state:D stack:23800 pid:9588 tgid:9586 ppid:7038 flags:0x00000006 [ 304.357073][ T30] Call Trace: [ 304.360387][ T30] [ 304.363333][ T30] __schedule+0x17e8/0x4a20 [ 304.401830][ T30] ? __pfx___schedule+0x10/0x10 [ 304.410745][ T30] ? __pfx_lock_release+0x10/0x10 [ 304.432021][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 304.437621][ T30] ? schedule+0x90/0x320 [ 304.441887][ T30] schedule+0x14b/0x320 [ 304.459276][ T30] schedule_preempt_disabled+0x13/0x30 [ 304.471572][ T30] __mutex_lock+0x6a4/0xd70 [ 304.476206][ T30] ? __mutex_lock+0x527/0xd70 [ 304.480907][ T30] ? nfsd_nl_rpc_status_get_start+0x8d/0xe0 [ 304.489724][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 304.502467][ T30] ? net_generic+0x1f/0x240 [ 304.508248][ T30] nfsd_nl_rpc_status_get_start+0x8d/0xe0 [ 304.513997][ T30] genl_start+0x4d6/0x6d0 [ 304.518550][ T30] __netlink_dump_start+0x45c/0x780 [ 304.523774][ T30] genl_rcv_msg+0x88c/0xec0 [ 304.528438][ T30] ? mark_lock+0x9a/0x350 [ 304.532796][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 304.537925][ T30] ? __pfx_genl_start+0x10/0x10 [ 304.542797][ T30] ? __pfx_genl_dumpit+0x10/0x10 [ 304.547866][ T30] ? __pfx_genl_done+0x10/0x10 [ 304.552663][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 304.557748][ T30] ? __pfx_nfsd_nl_rpc_status_get_start+0x10/0x10 [ 304.564314][ T30] ? __pfx_nfsd_nl_rpc_status_get_dumpit+0x10/0x10 [ 304.570847][ T30] ? __pfx_nfsd_nl_rpc_status_get_done+0x10/0x10 [ 304.577249][ T30] ? __pfx___might_resched+0x10/0x10 [ 304.582562][ T30] netlink_rcv_skb+0x1e3/0x430 [ 304.587439][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 304.593995][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 304.604236][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 304.609742][ T30] genl_rcv+0x28/0x40 [ 304.613739][ T30] netlink_unicast+0x7ea/0x980 [ 304.633401][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 304.644428][ T30] ? __virt_addr_valid+0x183/0x520 [ 304.649578][ T30] ? __check_object_size+0x49c/0x900 [