last executing test programs:
1.036743019s ago: executing program 0 (id=4682):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b05, &(0x7f0000000880)={'wlan1\x00'})
986.496232ms ago: executing program 4 (id=4683):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, 0x0, 0x0)
917.805789ms ago: executing program 2 (id=4686):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'erspan0\x00', &(0x7f0000000000)=@ethtool_channels={0x1, 0x4, 0x4, 0x1ff, 0x3, 0x7fffffff, 0x80, 0x101, 0x8}})
862.288365ms ago: executing program 4 (id=4687):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x60, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x24, 0x11, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_SREG={0x8}, @NFTA_EXTHDR_OP={0x8}]}}}]}], {0x14, 0x10}}, 0xa8}}, 0x0)
834.977051ms ago: executing program 0 (id=4688):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, @null, @bpq0, 0x1, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @bcast, @bcast, @bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
829.949254ms ago: executing program 3 (id=4689):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'veth1_to_bridge\x00', 0x20})
774.020544ms ago: executing program 1 (id=4690):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, 0x0, 0x0)
762.045833ms ago: executing program 2 (id=4691):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x6, &(0x7f0000000080)=0x80000001, 0x4)
703.56986ms ago: executing program 1 (id=4692):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)=@newlink={0x40, 0x10, 0xc3b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IGNORE_DF={0x5, 0x13, 0x1}]}}}]}, 0x40}}, 0x0)
686.002456ms ago: executing program 0 (id=4693):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="b8010000160011040000000000000000ffffffff000000000000000000000000ffffffff0000000000000000000000000000000000000000000000003b000000", @ANYRES32, @ANYRES32=0xee01, @ANYBLOB="fe8000000000000000000000000000aa0000000033000000ac14141a000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200"/158, @ANYRES32=r0, @ANYBLOB="00000000ac0007"], 0x1b8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
685.319311ms ago: executing program 3 (id=4694):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000a00)={'tunl0\x00', &(0x7f0000000a40)=@ethtool_cmd={0x3d, 0x0, 0xfffffffd, 0x1, 0x2, 0x3, 0x8, 0xfe, 0x0, 0x9, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, [0x0, 0x2]}})
654.937702ms ago: executing program 4 (id=4695):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmmsg(r0, &(0x7f0000006100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000001)
562.361397ms ago: executing program 1 (id=4696):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000000300), 0x4)
534.744313ms ago: executing program 0 (id=4697):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800e0001006970366772657461700000000c00028008000100", @ANYRES32, @ANYBLOB="080001"], 0x48}}, 0x0)
526.26956ms ago: executing program 2 (id=4698):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x29}, @printk={@lx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
525.376492ms ago: executing program 4 (id=4699):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000001d40)={&(0x7f00000018c0)={0x2, 0x4e20, @dev}, 0x10, 0x0, 0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="1c00000000000000000000000700000001890b04000000000a0101000000000000b2a2ea7255fddda57a21deed386870f436efead273c89bad45e30423"], 0x20}, 0x0)
513.864152ms ago: executing program 3 (id=4700):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@empty, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0x2, 0x4}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)
436.844518ms ago: executing program 1 (id=4701):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="3c0000001000010400000000000000c104000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008003a"], 0x3c}}, 0x0)
370.501343ms ago: executing program 2 (id=4702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000000)=@newtaction={0x84, 0x30, 0x12f, 0x0, 0x0, {0x0, 0x0, 0x1be}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10, 0x20000000, 0xc7, 0x4e, 0xbf, {0x50, 0x0, 0xc, 0x9, 0x907, 0x6}, {0x8, 0x1, 0x3, 0x6, 0x6}, 0x1017, 0x5, 0x5}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
369.976785ms ago: executing program 3 (id=4703):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="480000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="8b04040000000000280012800b00010065727370616e000018000280040012000600020001ab"], 0x48}}, 0x88890)
357.264971ms ago: executing program 4 (id=4704):
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x7b, 0x0, 0x0)
289.939702ms ago: executing program 0 (id=4705):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x5c, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0)
262.033ms ago: executing program 1 (id=4706):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$netlink(r0, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000006480)={0x1c, 0x27, 0x1, 0x0, 0x0, "", [@nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x23, 0x0, 0x0, @pid}]}]}, 0x1c}], 0x1}, 0x0)
238.900256ms ago: executing program 3 (id=4707):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a32000000002c0003800800014000000000180003801400010076657468315f00005f626f6e64000000080002400000000064000000160a0101000b000000000000010000000900020073797a32000000000900010073797a3000000000300003802c0003801400010067656e657665300000000000000000001400010076657468315f"], 0x104}}, 0x0)
193.158633ms ago: executing program 4 (id=4708):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0x22, 0x0, 0x0)
192.1119ms ago: executing program 2 (id=4709):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb", 0x16}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
syz_emit_ethernet(0x16, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff000000000000886411"], 0x0)
121.988623ms ago: executing program 0 (id=4710):
r0 = socket$inet6(0xa, 0x3, 0x38)
setsockopt$inet6_int(r0, 0x29, 0x7, &(0x7f0000000040)=0xb03, 0x4)
117.898454ms ago: executing program 1 (id=4711):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000600)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0xa, 0x6c}, [@mark={0xc, 0x15, {0x0, 0x7}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x0)
105.848176ms ago: executing program 2 (id=4712):
r0 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {0x1, 0xfff1}, {0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
0s ago: executing program 3 (id=4713):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89b0, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000400)={'erspan0\x00', 0x0, 0x2500, 0x10, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffdba, 0x0, 0xfffd, 0x1, 0x2f, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x3a}}}}})
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.0.32' (ED25519) to the list of known hosts.
[ 83.727234][ T5851] cgroup: Unknown subsys name 'net'
[ 83.882169][ T5851] cgroup: Unknown subsys name 'cpuset'
[ 83.891737][ T5851] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 85.547396][ T5851] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 89.812787][ T5875] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 90.118721][ T5894] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 90.129912][ T5894] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 90.144840][ T5894] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 90.178322][ T5894] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 90.198802][ T5894] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 91.026482][ T5888] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 91.216557][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.238719][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 91.374097][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.408337][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 91.949820][ T9] cfg80211: failed to load regulatory.db
[ 96.921234][ T5894] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 96.936679][ T5894] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 96.944681][ T5894] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 96.963619][ T5894] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 96.971432][ T5894] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 96.998264][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 97.007386][ T5942] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 97.027909][ T5942] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 97.039814][ T5943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 97.048615][ T5943] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 97.056490][ T5943] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 97.065453][ T5943] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 97.073703][ T5943] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 97.083639][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 97.092215][ T5943] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 97.097307][ T5894] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 97.114920][ T5943] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 97.114920][ T5894] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 97.149621][ T5894] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 97.158220][ T5894] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 97.205303][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 97.219769][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 97.239824][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 97.260311][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 97.268621][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 97.983150][ T5935] chnl_net:caif_netlink_parms(): no params data found
[ 98.065278][ T5937] chnl_net:caif_netlink_parms(): no params data found
[ 98.189061][ T5945] chnl_net:caif_netlink_parms(): no params data found
[ 98.324339][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.331680][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.339029][ T5935] bridge_slave_0: entered allmulticast mode
[ 98.347110][ T5935] bridge_slave_0: entered promiscuous mode
[ 98.380940][ T5948] chnl_net:caif_netlink_parms(): no params data found
[ 98.393456][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.400814][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.408182][ T5935] bridge_slave_1: entered allmulticast mode
[ 98.415408][ T5935] bridge_slave_1: entered promiscuous mode
[ 98.480753][ T5938] chnl_net:caif_netlink_parms(): no params data found
[ 98.536740][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.544052][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.551438][ T5937] bridge_slave_0: entered allmulticast mode
[ 98.559219][ T5937] bridge_slave_0: entered promiscuous mode
[ 98.589109][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.626381][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.633665][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.640903][ T5937] bridge_slave_1: entered allmulticast mode
[ 98.648382][ T5937] bridge_slave_1: entered promiscuous mode
[ 98.664125][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.774246][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.781712][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.789137][ T5945] bridge_slave_0: entered allmulticast mode
[ 98.796451][ T5945] bridge_slave_0: entered promiscuous mode
[ 98.812435][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.844078][ T5935] team0: Port device team_slave_0 added
[ 98.850686][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.858131][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.865751][ T5945] bridge_slave_1: entered allmulticast mode
[ 98.873262][ T5945] bridge_slave_1: entered promiscuous mode
[ 98.882124][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.919013][ T5935] team0: Port device team_slave_1 added
[ 98.925070][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.932307][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.940082][ T5948] bridge_slave_0: entered allmulticast mode
[ 98.947275][ T5948] bridge_slave_0: entered promiscuous mode
[ 99.008025][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.015989][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.023624][ T5948] bridge_slave_1: entered allmulticast mode
[ 99.031271][ T5948] bridge_slave_1: entered promiscuous mode
[ 99.064944][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.072858][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.080184][ T5938] bridge_slave_0: entered allmulticast mode
[ 99.087428][ T5938] bridge_slave_0: entered promiscuous mode
[ 99.122454][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.135765][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.147251][ T5937] team0: Port device team_slave_0 added
[ 99.153787][ T51] Bluetooth: hci1: command tx timeout
[ 99.154016][ T51] Bluetooth: hci0: command tx timeout
[ 99.165700][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.173576][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.181586][ T5938] bridge_slave_1: entered allmulticast mode
[ 99.189685][ T5938] bridge_slave_1: entered promiscuous mode
[ 99.197766][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.204881][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.228633][ T5894] Bluetooth: hci2: command tx timeout
[ 99.236399][ T5894] Bluetooth: hci3: command tx timeout
[ 99.238129][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.284020][ T5937] team0: Port device team_slave_1 added
[ 99.304839][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.308188][ T5894] Bluetooth: hci4: command tx timeout
[ 99.312558][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.344108][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 99.357731][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.416461][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.441018][ T5945] team0: Port device team_slave_0 added
[ 99.478885][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.492529][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.504398][ T5945] team0: Port device team_slave_1 added
[ 99.512340][ T5948] team0: Port device team_slave_0 added
[ 99.521197][ T5948] team0: Port device team_slave_1 added
[ 99.528125][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.535077][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.561723][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.628248][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.635231][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.661691][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 99.738337][ T5938] team0: Port device team_slave_0 added
[ 99.750393][ T5935] hsr_slave_0: entered promiscuous mode
[ 99.756834][ T5935] hsr_slave_1: entered promiscuous mode
[ 99.764447][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.771824][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.797984][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.809878][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.816863][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.843209][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.856052][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.863186][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.889166][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 99.912797][ T5938] team0: Port device team_slave_1 added
[ 99.934743][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.941842][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.968394][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.061804][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.069084][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.095142][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.151719][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.159096][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.186045][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.216190][ T5937] hsr_slave_0: entered promiscuous mode
[ 100.222759][ T5937] hsr_slave_1: entered promiscuous mode
[ 100.229262][ T5937] debugfs: 'hsr0' already exists in 'hsr'
[ 100.235127][ T5937] Cannot create hsr debugfs directory
[ 100.253670][ T5948] hsr_slave_0: entered promiscuous mode
[ 100.260581][ T5948] hsr_slave_1: entered promiscuous mode
[ 100.266694][ T5948] debugfs: 'hsr0' already exists in 'hsr'
[ 100.274258][ T5948] Cannot create hsr debugfs directory
[ 100.331629][ T5945] hsr_slave_0: entered promiscuous mode
[ 100.339419][ T5945] hsr_slave_1: entered promiscuous mode
[ 100.345524][ T5945] debugfs: 'hsr0' already exists in 'hsr'
[ 100.352428][ T5945] Cannot create hsr debugfs directory
[ 100.557306][ T5938] hsr_slave_0: entered promiscuous mode
[ 100.564395][ T5938] hsr_slave_1: entered promiscuous mode
[ 100.572175][ T5938] debugfs: 'hsr0' already exists in 'hsr'
[ 100.578207][ T5938] Cannot create hsr debugfs directory
[ 100.951980][ T5935] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 100.965256][ T5935] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 101.009193][ T5935] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 101.037369][ T5935] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 101.102775][ T5948] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 101.114439][ T5948] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 101.146748][ T5948] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 101.172432][ T5948] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 101.222883][ T5937] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 101.231438][ T5894] Bluetooth: hci0: command tx timeout
[ 101.231507][ T51] Bluetooth: hci1: command tx timeout
[ 101.250352][ T5937] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 101.263678][ T5937] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 101.275901][ T5937] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 101.308922][ T51] Bluetooth: hci3: command tx timeout
[ 101.308931][ T5894] Bluetooth: hci2: command tx timeout
[ 101.388967][ T51] Bluetooth: hci4: command tx timeout
[ 101.408107][ T5945] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 101.423808][ T5945] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 101.453657][ T5945] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 101.466742][ T5945] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 101.593810][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 101.605720][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 101.633946][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 101.645212][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 101.669930][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.753936][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.765679][ T5935] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.819184][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.826467][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.842581][ T5948] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.855067][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.875165][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.882450][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.915431][ T5937] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.929592][ T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.936759][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.977496][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.990980][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.998298][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.028662][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.035801][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.046474][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.053660][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.093415][ T5945] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.148705][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.155883][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.187117][ T5948] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 102.199576][ T5948] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 102.235053][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.242256][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.384153][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0
[ 102.472666][ T5945] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 102.521240][ T5938] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.566383][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.573617][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.625677][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.632912][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.906240][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.039547][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.064557][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.147430][ T5948] veth0_vlan: entered promiscuous mode
[ 103.233807][ T5935] veth0_vlan: entered promiscuous mode
[ 103.261208][ T5948] veth1_vlan: entered promiscuous mode
[ 103.283998][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.310302][ T51] Bluetooth: hci0: command tx timeout
[ 103.310312][ T5894] Bluetooth: hci1: command tx timeout
[ 103.340609][ T5935] veth1_vlan: entered promiscuous mode
[ 103.388450][ T51] Bluetooth: hci3: command tx timeout
[ 103.393916][ T51] Bluetooth: hci2: command tx timeout
[ 103.441436][ T5948] veth0_macvtap: entered promiscuous mode
[ 103.466980][ T5948] veth1_macvtap: entered promiscuous mode
[ 103.480731][ T51] Bluetooth: hci4: command tx timeout
[ 103.512943][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.530927][ T5945] veth0_vlan: entered promiscuous mode
[ 103.605893][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.620638][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.634617][ T5945] veth1_vlan: entered promiscuous mode
[ 103.650171][ T5935] veth0_macvtap: entered promiscuous mode
[ 103.672504][ T1160] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.682463][ T1160] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.707012][ T1160] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.717189][ T1160] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.727641][ T5935] veth1_macvtap: entered promiscuous mode
[ 103.801965][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.827154][ T5945] veth0_macvtap: entered promiscuous mode
[ 103.843083][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.866801][ T5938] veth0_vlan: entered promiscuous mode
[ 103.879937][ T5937] veth0_vlan: entered promiscuous mode
[ 103.897544][ T5945] veth1_macvtap: entered promiscuous mode
[ 103.922695][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.933412][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.946493][ T5937] veth1_vlan: entered promiscuous mode
[ 103.957333][ T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.966438][ T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.989832][ T5938] veth1_vlan: entered promiscuous mode
[ 104.049384][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.055509][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.070322][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.092740][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 104.107215][ T5937] veth0_macvtap: entered promiscuous mode
[ 104.139784][ T1160] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.194137][ T1160] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.203830][ T1160] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.214574][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.215234][ T1160] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.231929][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.241749][ T5937] veth1_macvtap: entered promiscuous mode
[ 104.266242][ T5938] veth0_macvtap: entered promiscuous mode
[ 104.302209][ T5938] veth1_macvtap: entered promiscuous mode
[ 104.325268][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.411626][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 104.448787][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.456720][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.472049][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.541354][ T49] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.573415][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 104.601628][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.621168][ T49] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.630240][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.642038][ T6048] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[ 104.642734][ T49] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.695980][ T49] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.726341][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.754628][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.906981][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.949593][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.957454][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.983919][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.116833][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.145103][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.274786][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.285594][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.388273][ T51] Bluetooth: hci0: command tx timeout
[ 105.390041][ T5894] Bluetooth: hci1: command tx timeout
[ 105.459986][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.474648][ T5894] Bluetooth: hci3: command tx timeout
[ 105.480433][ T5894] Bluetooth: hci2: command tx timeout
[ 105.496594][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.501629][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.552042][ T51] Bluetooth: hci4: command tx timeout
[ 105.557090][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.706895][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.771793][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.074304][ T6135] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[ 121.274512][ T6790] TCP: tcp_parse_options: Illegal window scaling value 150 > 14 received
[ 125.975817][ T7012] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x5
[ 132.912899][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.919582][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 135.808832][ T7527] ICMPv6: NA: 00:00:00:00:00:00 advertised our address fe80::aa on syz_tun!
[ 145.465363][ T8075] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 151.607147][ T8411] IPv6: addrconf: prefix option has invalid lifetime
[ 156.823140][ T8726] IPv6: addrconf: prefix option has invalid lifetime
[ 164.086813][ T9167] netlink: 'syz.0.1572': attribute type 1 has an invalid length.
[ 164.129773][ T9167] netlink: 'syz.0.1572': attribute type 11 has an invalid length.
[ 164.193068][ T9167] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1572'.
[ 164.490432][ T9191] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1584'.
[ 165.499321][ T9229] netlink: 'syz.0.1603': attribute type 11 has an invalid length.
[ 165.577991][ T9229] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1603'.
[ 165.879883][ T9240] veth3: entered allmulticast mode
[ 165.994661][ T9249] syz.0.1613 uses obsolete (PF_INET,SOCK_PACKET)
[ 167.120723][ T9301] netlink: 'syz.0.1639': attribute type 3 has an invalid length.
[ 167.137856][ T9301] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1639'.
[ 167.229865][ T9304] openvswitch: netlink: Tunnel attr 303 out of range max 16
[ 167.744788][ T9329] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 168.494356][ T9364] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[ 168.743555][ T9375] netlink: 'syz.2.1674': attribute type 10 has an invalid length.
[ 168.770319][ T9375] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[ 168.803950][ T9375] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 169.420813][ T9401] netlink: 'syz.3.1686': attribute type 11 has an invalid length.
[ 169.450890][ T9401] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1686'.
[ 169.838481][ T9385] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 170.471716][ T9443] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1706'.
[ 170.598100][ T9448] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1708'.
[ 170.677416][ T9454] ieee802154 phy0 wpan0: encryption failed: -22
[ 170.821660][ T9461] netlink: 'syz.3.1714': attribute type 33 has an invalid length.
[ 171.318499][ T9484] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1726'.
[ 171.342660][ T9484] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[ 171.642503][ T9496] netlink: 'syz.0.1732': attribute type 1 has an invalid length.
[ 171.710534][ T9496] netlink: 'syz.0.1732': attribute type 1 has an invalid length.
[ 171.750796][ T9504] sctp: [Deprecated]: syz.1.1736 (pid 9504) Use of int in max_burst socket option.
[ 171.750796][ T9504] Use struct sctp_assoc_value instead
[ 172.285422][ T9528] openvswitch: netlink: IP tunnel dst address not specified
[ 172.331962][ T9532] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[ 172.386869][ T9532] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[ 172.426061][ T9532] netlink: 'syz.3.1749': attribute type 3 has an invalid length.
[ 172.783492][ T9545] bond1 (unregistering): Released all slaves
[ 172.859862][ T9546] netlink: 'syz.4.1757': attribute type 26 has an invalid length.
[ 173.021100][ T9561] netlink: 'syz.0.1763': attribute type 7 has an invalid length.
[ 173.118033][ T9561] netlink: 'syz.0.1763': attribute type 8 has an invalid length.
[ 173.931453][ T9607] netlink: 'syz.4.1787': attribute type 15 has an invalid length.
[ 173.997492][ T9607] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1787'.
[ 174.019263][ T9610] netlink: 'syz.1.1789': attribute type 7 has an invalid length.
[ 174.035037][ T9614] (unnamed net_device) (uninitialized): down delay (33554432) is not a multiple of miimon (640), value rounded to 33553920 ms
[ 174.242060][ T9620] wg1: entered promiscuous mode
[ 174.247002][ T9620] wg1: entered allmulticast mode
[ 175.019900][ T9651] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[ 175.233809][ T5894] Bluetooth: hci4: command 0x0405 tx timeout
[ 175.612905][ T9682] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1822'.
[ 175.853231][ T9692] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1826'.
[ 176.111891][ T9701] netdevsim netdevsim4: Direct firmware load for failed with error -2
[ 176.138469][ T9666] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 176.154643][ T9666] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 176.162743][ T9701] netdevsim netdevsim4: Falling back to sysfs fallback for:
[ 176.220564][ T9666] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 176.226524][ T9666] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 176.392865][ T9666] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 176.430083][ T9666] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 176.539594][ T9666] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 176.566056][ T9666] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 176.655021][ T9666] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 176.680802][ T9666] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 176.774229][ T9727] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1840'.
[ 178.376923][ T9795] warning: `syz.1.1869' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 179.048277][ T9822] netlink: 'syz.2.1881': attribute type 23 has an invalid length.
[ 179.145451][ T9828] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (18446744073709551615)
[ 179.187906][ T9828] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[ 180.240424][ T9885] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1907'.
[ 180.291263][ T9885] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1907'.
[ 180.472141][ T9894] netlink: 'syz.0.1911': attribute type 1 has an invalid length.
[ 180.506432][ T9894] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1911'.
[ 180.563697][ T9899] netlink: 'syz.3.1913': attribute type 3 has an invalid length.
[ 180.598229][ T9899] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1913'.
[ 181.098865][ T9923] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1922'.
[ 181.394176][ T9935] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1926'.
[ 181.577306][ T9945] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1928'.
[ 181.646689][ T9948] netlink: 'syz.1.1930': attribute type 4 has an invalid length.
[ 181.663608][ T9945] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1928'.
[ 181.673010][ T9948] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1930'.
[ 181.740139][ T9952] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1932'.
[ 183.380156][T10032] netlink: 'syz.3.1964': attribute type 11 has an invalid length.
[ 183.432460][T10032] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1964'.
[ 183.478797][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1965'.
[ 183.496506][T10041] netlink: 'syz.0.1967': attribute type 1 has an invalid length.
[ 184.501780][T10085] tipc: Can't bind to reserved service type 0
[ 184.814991][T10100] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1993'.
[ 185.156984][T10119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2000'.
[ 185.392118][T10134] netlink: 'syz.2.2005': attribute type 9 has an invalid length.
[ 185.409459][T10135] �: renamed from hsr0 (while UP)
[ 186.683860][T10208] netlink: 'syz.4.2038': attribute type 1 has an invalid length.
[ 186.735826][T10208] netlink: 'syz.4.2038': attribute type 1 has an invalid length.
[ 186.755199][T10208] netlink: 'syz.4.2038': attribute type 1 has an invalid length.
[ 186.810544][T10208] netlink: 'syz.4.2038': attribute type 2 has an invalid length.
[ 186.838246][T10208] __nla_validate_parse: 1 callbacks suppressed
[ 186.838265][T10208] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2038'.
[ 186.968439][T10221] openvswitch: netlink: Missing valid actions attribute.
[ 186.994163][T10221] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 187.299340][T10239] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2050'.
[ 187.461359][T10245] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2053'.
[ 188.296582][T10290] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[ 188.497135][T10301] netlink: 'syz.1.2078': attribute type 1 has an invalid length.
[ 188.509858][T10301] netlink: 'syz.1.2078': attribute type 2 has an invalid length.
[ 188.854566][T10320] netlink: 512 bytes leftover after parsing attributes in process `syz.3.2087'.
[ 189.415907][T10358] netlink: 252 bytes leftover after parsing attributes in process `syz.0.2105'.
[ 189.555911][T10366] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2109'.
[ 190.134003][T10397] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[ 190.222440][T10397] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 190.268416][T10397] gretap1: entered promiscuous mode
[ 190.273701][T10397] gretap1: entered allmulticast mode
[ 191.071956][T10455] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 191.674307][T10490] netlink: 'syz.4.2164': attribute type 25 has an invalid length.
[ 191.715561][T10493] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2163'.
[ 191.986290][T10509] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[ 192.044522][T10514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2176'.
[ 192.063873][T10514] netlink: 'syz.2.2176': attribute type 8 has an invalid length.
[ 192.235809][T10527] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2182'.
[ 192.708109][ T12] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 192.728094][ T12] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 192.757483][ T12] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 192.786914][ T12] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 193.491314][T10586] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[ 193.512561][T10586] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[ 193.535218][T10586] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[ 193.680934][T10602] netlink: 'syz.2.2216': attribute type 1 has an invalid length.
[ 193.689172][T10601] netlink: 'syz.1.2215': attribute type 33 has an invalid length.
[ 193.697027][T10601] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2215'.
[ 193.710801][T10602] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2216'.
[ 193.975429][T10614] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2224'.
[ 193.995607][T10614] bridge_slave_1: left allmulticast mode
[ 194.015588][T10614] bridge_slave_1: left promiscuous mode
[ 194.029715][T10614] bridge0: port 2(bridge_slave_1) entered disabled state
[ 194.065375][T10614] bridge_slave_0: left allmulticast mode
[ 194.078034][T10614] bridge_slave_0: left promiscuous mode
[ 194.083966][T10614] bridge0: port 1(bridge_slave_0) entered disabled state
[ 194.206313][T10618] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2225'.
[ 194.351852][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 194.481158][T10642] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 194.769603][T10659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2245'.
[ 194.782465][T10659] bridge_slave_1: left allmulticast mode
[ 194.790007][T10659] bridge_slave_1: left promiscuous mode
[ 194.813873][T10659] bridge0: port 2(bridge_slave_1) entered disabled state
[ 194.846191][T10659] bridge_slave_0: left allmulticast mode
[ 194.880666][T10659] bridge0: port 1(bridge_slave_0) entered disabled state
[ 194.917340][T10667] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 194.973318][T10663] (unnamed net_device) (uninitialized): peer notification delay (1164) is not a multiple of miimon (100), value rounded to 1100 ms
[ 195.025553][T10663] bond1: entered promiscuous mode
[ 195.038272][T10663] bond1: entered allmulticast mode
[ 195.054145][T10663] 8021q: adding VLAN 0 to HW filter on device bond1
[ 195.500038][T10698] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2264'.
[ 195.608131][T10705] raw_sendmsg: syz.0.2268 forgot to set AF_INET. Fix it!
[ 195.625393][T10708] netlink: 'syz.4.2269': attribute type 11 has an invalid length.
[ 195.670808][T10708] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2269'.
[ 195.772697][T10716] netlink: 'syz.1.2272': attribute type 3 has an invalid length.
[ 195.787246][T10711] veth3: entered promiscuous mode
[ 195.796306][T10715] netlink: 'syz.0.2273': attribute type 2 has an invalid length.
[ 195.816961][T10711] veth3: entered allmulticast mode
[ 195.879275][T10720] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2275'.
[ 196.255463][T10744] delete_channel: no stack
[ 196.313959][T10746] netlink: 'syz.3.2288': attribute type 4 has an invalid length.
[ 196.358567][T10746] �`: renamed from bond0 (while UP)
[ 196.391307][T10754] bridge_slave_1: left allmulticast mode
[ 196.397025][T10754] bridge_slave_1: left promiscuous mode
[ 196.428396][T10754] bridge0: port 2(bridge_slave_1) entered disabled state
[ 196.481141][T10754] bridge_slave_0: left allmulticast mode
[ 196.492886][T10754] bridge_slave_0: left promiscuous mode
[ 196.508182][T10754] bridge0: port 1(bridge_slave_0) entered disabled state
[ 196.550139][T10761] netlink: 'syz.3.2295': attribute type 1 has an invalid length.
[ 196.890736][ T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 196.905115][T10779] netlink: 'syz.2.2305': attribute type 6 has an invalid length.
[ 197.086683][T10794] __nla_validate_parse: 4 callbacks suppressed
[ 197.086706][T10794] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2312'.
[ 197.475110][T10816] netlink: 'syz.0.2323': attribute type 1 has an invalid length.
[ 197.504677][T10816] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.2323'.
[ 197.544917][T10822] netlink: 'syz.3.2325': attribute type 10 has an invalid length.
[ 197.653180][T10822] �`: (slave geneve1): Enslaving as an active interface with an up link
[ 198.293785][T10866] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2347'.
[ 198.326304][T10867] netlink: 'syz.1.2348': attribute type 10 has an invalid length.
[ 198.348103][T10867] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2348'.
[ 198.411388][T10867] team0: Port device geneve0 added
[ 198.696726][T10890] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2360'.
[ 199.455714][T10938] netlink: 'syz.2.2382': attribute type 75 has an invalid length.
[ 200.077007][T10977] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2402'.
[ 200.194661][T10983] openvswitch: netlink: Unexpected mask (mask=40040, allowed=10048)
[ 200.923104][T11032] openvswitch: netlink: Flow actions attr not present in new flow.
[ 201.110142][T11045] netlink: 'syz.0.2435': attribute type 11 has an invalid length.
[ 201.330263][T11060] netlink: 'syz.0.2444': attribute type 1 has an invalid length.
[ 202.247699][T11119] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2473'.
[ 202.389475][T11127] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 202.503668][T11129] netlink: 'syz.2.2477': attribute type 7 has an invalid length.
[ 203.267989][T11173] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 203.955071][T11218] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2517'.
[ 204.008066][T11218] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2517'.
[ 204.057868][T11218] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2517'.
[ 204.066878][T11218] netlink: 'syz.2.2517': attribute type 3 has an invalid length.
[ 204.117609][T11218] netlink: 'syz.2.2517': attribute type 2 has an invalid length.
[ 204.147786][T11218] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2517'.
[ 204.236114][T11232] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2523'.
[ 205.418124][T11302] netlink: 'syz.1.2555': attribute type 1 has an invalid length.
[ 205.425929][T11302] netlink: 232 bytes leftover after parsing attributes in process `syz.1.2555'.
[ 205.435093][T11304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 205.668273][T11318] netlink: 'syz.2.2564': attribute type 1 has an invalid length.
[ 206.293472][T11353] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2580'.
[ 206.321834][T11353] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2580'.
[ 206.638078][T11368] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2587'.
[ 207.210724][T11402] netlink: 'syz.2.2604': attribute type 1 has an invalid length.
[ 207.229459][T11402] netlink: 'syz.2.2604': attribute type 1 has an invalid length.
[ 208.106303][T11458] netlink: 'syz.3.2632': attribute type 2 has an invalid length.
[ 208.846193][T11512] __nla_validate_parse: 5 callbacks suppressed
[ 208.846216][T11512] netlink: 172 bytes leftover after parsing attributes in process `syz.3.2659'.
[ 209.270322][T11538] netlink: 'syz.1.2672': attribute type 12 has an invalid length.
[ 209.458128][T11548] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2677'.
[ 209.511049][T11554] netlink: 232 bytes leftover after parsing attributes in process `syz.0.2680'.
[ 209.690614][T11566] netlink: 'syz.1.2684': attribute type 11 has an invalid length.
[ 209.856897][T11572] netlink: 'syz.4.2690': attribute type 11 has an invalid length.
[ 209.885463][T11572] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2690'.
[ 209.949023][T11576] netlink: 'syz.1.2691': attribute type 8 has an invalid length.
[ 210.077796][T11583] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[ 210.532648][T11609] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 210.714189][T11618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2711'.
[ 211.016384][T11636] netlink: 'syz.0.2720': attribute type 1 has an invalid length.
[ 211.031354][T11636] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2720'.
[ 211.436322][T11659] openvswitch: netlink: Key type 85 is out of range max 32
[ 212.547943][T11732] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2767'.
[ 212.960995][T11761] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 213.110958][T11768] netlink: 'syz.1.2785': attribute type 12 has an invalid length.
[ 213.111030][T11769] netlink: 'syz.4.2784': attribute type 33 has an invalid length.
[ 213.148055][T11768] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2785'.
[ 213.208455][T11773] netlink: 'syz.2.2787': attribute type 1 has an invalid length.
[ 213.253209][T11777] netlink: 1196 bytes leftover after parsing attributes in process `syz.1.2789'.
[ 213.278002][T11773] netlink: 784 bytes leftover after parsing attributes in process `syz.2.2787'.
[ 213.827079][T11813] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 213.834707][T11813] IPv6: NLM_F_CREATE should be set when creating new route
[ 214.531050][T11858] netlink: 'syz.1.2829': attribute type 11 has an invalid length.
[ 214.547900][T11858] netlink: 'syz.1.2829': attribute type 11 has an invalid length.
[ 214.565419][T11858] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2829'.
[ 214.737166][T11867] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2833'.
[ 214.943086][T11879] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[ 215.225992][T11897] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[ 215.308563][T11903] netlink: 300 bytes leftover after parsing attributes in process `syz.3.2848'.
[ 215.429588][T11907] netlink: 'syz.0.2849': attribute type 12 has an invalid length.
[ 215.664700][T11922] ieee802154 phy1 wpan1: encryption failed: -22
[ 215.667957][T11921] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2854'.
[ 215.948137][T11932] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2859'.
[ 215.997212][T11932] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[ 216.079305][T11932] netlink: 184 bytes leftover after parsing attributes in process `syz.4.2859'.
[ 216.569455][T11970] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 217.301131][T12015] netlink: 'syz.2.2900': attribute type 1 has an invalid length.
[ 217.314608][T12016] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2899'.
[ 217.334668][T12015] netlink: 'syz.2.2900': attribute type 3 has an invalid length.
[ 217.353012][T12015] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2900'.
[ 217.384793][T12015] NCSI netlink: No device for ifindex 0
[ 217.515585][T12024] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 217.532281][T12026] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[ 217.745377][T12038] openvswitch: netlink: IP tunnel dst address not specified
[ 218.080882][T12058] netlink: 'syz.2.2921': attribute type 1 has an invalid length.
[ 218.115428][T12058] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2921'.
[ 218.768944][T12101] netlink: 'syz.4.2942': attribute type 12 has an invalid length.
[ 218.777178][T12101] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (255)
[ 218.859585][T12108] netlink: 'syz.0.2944': attribute type 1 has an invalid length.
[ 219.190650][T12126] geneve2: entered promiscuous mode
[ 219.216135][T12126] geneve2: entered allmulticast mode
[ 219.250784][T12132] delete_channel: no stack
[ 219.881923][T12170] !€�ÿ: renamed from bond_slave_0 (while UP)
[ 220.094475][T12184] netlink: 'syz.4.2984': attribute type 1 has an invalid length.
[ 220.127467][T12184] __nla_validate_parse: 2 callbacks suppressed
[ 220.127488][T12184] netlink: 228 bytes leftover after parsing attributes in process `syz.4.2984'.
[ 220.171132][T12184] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2984'.
[ 220.757579][T12224] openvswitch: netlink: Tunnel attr 0 has unexpected len 16 expected 8
[ 220.818383][T12230] erspan0: entered promiscuous mode
[ 220.823661][T12230] erspan0: entered allmulticast mode
[ 221.186411][T12254] netlink: set zone limit has 8 unknown bytes
[ 221.624731][T12281] netlink: 'syz.3.3032': attribute type 5 has an invalid length.
[ 221.642014][T12281] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3032'.
[ 222.007920][T12304] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3043'.
[ 222.078090][T12309] openvswitch: netlink: nsh attribute has 2 unknown bytes.
[ 222.522065][T12338] TCP: tcp_parse_options: Illegal window scaling value 150 > 14 received
[ 222.995074][T12368] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3076'.
[ 223.062821][T12373] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 223.429588][T12396] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3089'.
[ 223.484354][T12401] netlink: 'syz.4.3092': attribute type 1 has an invalid length.
[ 223.512922][T12401] netlink: 'syz.4.3092': attribute type 3 has an invalid length.
[ 223.531025][T12401] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3092'.
[ 223.541821][T12404] netlink: 204 bytes leftover after parsing attributes in process `syz.3.3093'.
[ 223.783214][T12419] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[ 223.796836][T12419] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[ 223.925578][T12425] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3102'.
[ 223.945956][T12422] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3103'.
[ 224.357366][T12444] bridge1: entered promiscuous mode
[ 224.368008][T12444] bridge1: entered allmulticast mode
[ 224.752238][T12474] netlink: 'syz.3.3128': attribute type 21 has an invalid length.
[ 225.354633][T12508] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[ 225.643625][T12528] netlink: ct family unspecified
[ 225.688221][T12528] openvswitch: netlink: Actions may not be safe on all matching packets
[ 225.969026][T12548] __nla_validate_parse: 2 callbacks suppressed
[ 225.969048][T12548] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3166'.
[ 226.054017][T12553] netlink: 'syz.4.3167': attribute type 3 has an invalid length.
[ 226.066386][T12555] netlink: 'syz.0.3168': attribute type 7 has an invalid length.
[ 226.078157][T12553] netlink: 'syz.4.3167': attribute type 1 has an invalid length.
[ 226.101824][T12556] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.3169'.
[ 226.199732][T12556] netlink: zone id is out of range
[ 226.206831][T12556] netlink: get zone limit has 8 unknown bytes
[ 226.257060][T12562] bridge2: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[ 226.413815][T12574] netlink: 'syz.4.3178': attribute type 4 has an invalid length.
[ 226.978012][T12608] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3195'.
[ 227.033972][T12615] netlink: 'syz.2.3198': attribute type 1 has an invalid length.
[ 227.329362][T12634] netlink: 'syz.3.3207': attribute type 10 has an invalid length.
[ 227.375159][T12634] team0: Port device dummy0 added
[ 227.478236][T12642] netlink: 'syz.0.3212': attribute type 11 has an invalid length.
[ 227.486112][T12642] netlink: 'syz.0.3212': attribute type 4 has an invalid length.
[ 227.521990][T12642] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3212'.
[ 227.537126][T12646] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3213'.
[ 228.244719][T12687] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 228.483121][T12702] ip6gre1: entered allmulticast mode
[ 228.681543][T12714] netlink: 'syz.4.3246': attribute type 11 has an invalid length.
[ 228.967987][T12736] netlink: 'syz.3.3255': attribute type 12 has an invalid length.
[ 229.196509][T12750] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3264'.
[ 229.753288][T12786] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3281'.
[ 230.503725][T12833] tunl0: entered promiscuous mode
[ 230.532089][T12833] validate_nla: 1 callbacks suppressed
[ 230.532110][T12833] netlink: 'syz.4.3305': attribute type 3 has an invalid length.
[ 230.553549][T12837] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 230.561121][T12833] netlink: 9 bytes leftover after parsing attributes in process `syz.4.3305'.
[ 230.573309][T12839] netlink: 'syz.2.3309': attribute type 11 has an invalid length.
[ 230.645158][T12842] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[ 230.699571][T12844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3311'.
[ 230.751191][T12846] netlink: 9 bytes leftover after parsing attributes in process `syz.2.3312'.
[ 230.797702][T12846] gretap0: entered promiscuous mode
[ 230.846239][T12851] netlink: 'syz.0.3315': attribute type 4 has an invalid length.
[ 230.930930][T12858] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 231.014513][T12866] netlink: 'syz.1.3319': attribute type 30 has an invalid length.
[ 231.034483][T12866] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[ 231.076170][T12866] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[ 231.252545][T12878] __nla_validate_parse: 1 callbacks suppressed
[ 231.252567][T12878] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3328'.
[ 231.388490][T12884] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 231.395940][T12884] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 231.464870][T12884] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 231.474622][T12884] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 232.202838][T12934] netlink: 'syz.1.3356': attribute type 1 has an invalid length.
[ 232.215670][T12934] netlink: 'syz.1.3356': attribute type 3 has an invalid length.
[ 232.241836][T12934] netlink: 'syz.1.3356': attribute type 235 has an invalid length.
[ 232.277690][T12942] netlink: 'syz.0.3359': attribute type 1 has an invalid length.
[ 232.420859][T12952] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3363'.
[ 232.667879][ T51] Bluetooth: hci0: command tx timeout
[ 232.910407][T12980] netlink: 'syz.2.3378': attribute type 12 has an invalid length.
[ 233.882752][T13042] netlink: 'syz.2.3410': attribute type 1 has an invalid length.
[ 233.897949][T13045] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3411'.
[ 233.921170][T13045] (unnamed net_device) (uninitialized): (slave gre0): Device is not bonding slave
[ 233.944800][T13045] (unnamed net_device) (uninitialized): option active_slave: invalid value (gre0)
[ 234.256080][T13066] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3422'.
[ 234.820011][T13102] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 235.095201][T13120] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[ 235.753821][T13162] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3469'.
[ 236.512223][T13210] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3489'.
[ 237.351239][T13256] netlink: 4552 bytes leftover after parsing attributes in process `syz.3.3515'.
[ 237.378001][T13256] netlink: 4552 bytes leftover after parsing attributes in process `syz.3.3515'.
[ 237.392618][T13263] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3518'.
[ 237.577575][ T5856] IPVS: starting estimator thread 0...
[ 237.687997][T13273] IPVS: using max 27 ests per chain, 64800 per kthread
[ 237.825620][T13290] validate_nla: 3 callbacks suppressed
[ 237.825642][T13290] netlink: 'syz.0.3531': attribute type 10 has an invalid length.
[ 237.862075][T13290] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3531'.
[ 237.874434][T13294] netlink: 'syz.3.3532': attribute type 33 has an invalid length.
[ 237.885123][T13290] batadv0: entered promiscuous mode
[ 237.888663][T13294] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3532'.
[ 237.898246][T13290] batadv0: entered allmulticast mode
[ 237.906793][T13290] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 238.037603][T13300] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3537'.
[ 238.917963][T13352] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[ 239.218044][T13374] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3573'.
[ 239.421940][T13387] netlink: del zone limit has 4 unknown bytes
[ 239.612614][T13400] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 241.262601][T13506] netlink: 'syz.4.3638': attribute type 1 has an invalid length.
[ 241.281529][T13506] netlink: 244 bytes leftover after parsing attributes in process `syz.4.3638'.
[ 241.773776][T13543] netlink: 'syz.3.3657': attribute type 2 has an invalid length.
[ 241.897235][T13551] bond0: (slave erspan0): Opening slave failed
[ 241.908702][T13548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3659'.
[ 241.950651][T13548] netlink: 'syz.2.3659': attribute type 5 has an invalid length.
[ 241.977940][T13548] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3659'.
[ 242.024915][T13548] geneve2: entered promiscuous mode
[ 242.038006][T13548] geneve2: entered allmulticast mode
[ 242.067962][ T12] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[ 242.108262][ T12] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[ 242.165963][ T12] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[ 242.203100][ T12] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[ 242.572872][T13587] netlink: 404 bytes leftover after parsing attributes in process `syz.1.3679'.
[ 242.622987][T13587] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3679'.
[ 242.649314][T13595] netlink: 348 bytes leftover after parsing attributes in process `syz.0.3683'.
[ 242.661105][T13587] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3679'.
[ 242.677392][T13587] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3679'.
[ 243.130805][T13624] netlink: 'syz.2.3697': attribute type 1 has an invalid length.
[ 243.165608][T13624] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3697'.
[ 243.376583][T13639] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3705'.
[ 243.394496][T13639] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3705'.
[ 243.415280][T13643] netlink: 'syz.0.3707': attribute type 2 has an invalid length.
[ 243.604778][T13654] netlink: 'syz.3.3711': attribute type 1 has an invalid length.
[ 243.707423][T13659] netlink: 'syz.4.3715': attribute type 1 has an invalid length.
[ 244.143777][T13684] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !ãÙdñ4�QNªå¯¿$ûÌÌULÙv��…D£øUDŒw
[ 244.420025][T13703] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 244.427319][T13703] IPv6: NLM_F_CREATE should be set when creating new route
[ 244.579612][T13713] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[ 245.191204][T13751] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 245.197935][T13751] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 246.089846][T13804] netlink: 'syz.1.3781': attribute type 1 has an invalid length.
[ 246.663490][T13841] netlink: 'syz.4.3797': attribute type 1 has an invalid length.
[ 246.675927][T13841] netlink: 'syz.4.3797': attribute type 1 has an invalid length.
[ 246.948352][T13860] netlink: 'syz.1.3808': attribute type 21 has an invalid length.
[ 247.219851][T13877] netlink: 'syz.0.3816': attribute type 49 has an invalid length.
[ 247.533917][T13896] unsupported nla_type 52263
[ 248.070327][T13931] openvswitch: netlink: Missing key (keys=40, expected=2000)
[ 248.096379][T13934] __nla_validate_parse: 11 callbacks suppressed
[ 248.096402][T13934] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3845'.
[ 248.132284][T13934] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3845'.
[ 248.768192][T13977] bond0: Error: Cannot enslave bond to itself.
[ 248.882468][T13985] netlink: 'syz.4.3870': attribute type 13 has an invalid length.
[ 248.927353][T13985] lo: entered promiscuous mode
[ 248.932293][T13985] lo: entered allmulticast mode
[ 248.958666][T13985] tunl0: entered allmulticast mode
[ 248.964903][T13985] gre0: entered promiscuous mode
[ 248.977979][T13985] gre0: entered allmulticast mode
[ 249.042210][T13985] gretap0: entered promiscuous mode
[ 249.068460][T13985] gretap0: entered allmulticast mode
[ 249.180607][T13998] openvswitch: netlink: Flow key attr not present in new flow.
[ 249.189489][T13985] gretap0: refused to change device tx_queue_len
[ 249.206506][T13985] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 249.218886][T14000] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3877'.
[ 249.260400][T13988] dvmrp1: entered allmulticast mode
[ 249.612810][T14021] netlink: 'syz.2.3888': attribute type 1 has an invalid length.
[ 249.765429][T14029] netlink: 'syz.0.3891': attribute type 21 has an invalid length.
[ 249.791790][T14029] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3891'.
[ 249.818042][T14029] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3891'.
[ 250.118338][T14056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3903'.
[ 250.504154][ T10] IPVS: starting estimator thread 0...
[ 250.550042][T14084] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3918'.
[ 250.597989][T14081] IPVS: using max 31 ests per chain, 74400 per kthread
[ 250.818081][T14100] netlink: 516 bytes leftover after parsing attributes in process `syz.2.3926'.
[ 251.487981][T14142] netlink: 'syz.0.3946': attribute type 1 has an invalid length.
[ 251.520440][T14142] netlink: 'syz.0.3946': attribute type 3 has an invalid length.
[ 251.541629][T14147] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3947'.
[ 251.565291][T14142] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3946'.
[ 252.083212][T14181] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[ 252.117955][T14181] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 252.351628][T14198] gretap0: left promiscuous mode
[ 252.392685][T14198] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 252.514972][T14208] netlink: 'syz.1.3977': attribute type 3 has an invalid length.
[ 252.620221][T14210] delete_channel: no stack
[ 252.711495][T14220] netlink: 'syz.0.3983': attribute type 10 has an invalid length.
[ 252.749896][T14220] bond0: (slave wlan1): Opening slave failed
[ 253.388893][T14260] netlink: 'syz.3.4003': attribute type 11 has an invalid length.
[ 253.396870][T14260] netlink: 'syz.3.4003': attribute type 11 has an invalid length.
[ 253.436993][T14264] __nla_validate_parse: 8 callbacks suppressed
[ 253.437015][T14264] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4004'.
[ 253.478179][T14260] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4003'.
[ 253.537946][T14270] netlink: 'syz.4.4008': attribute type 1 has an invalid length.
[ 253.922240][T14293] netlink: 'syz.0.4019': attribute type 21 has an invalid length.
[ 253.951349][T14298] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (3)
[ 253.997913][T14293] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4019'.
[ 254.057286][T14301] netlink: 'syz.4.4024': attribute type 21 has an invalid length.
[ 254.080140][T14301] netlink: 'syz.4.4024': attribute type 6 has an invalid length.
[ 254.102478][T14301] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4024'.
[ 254.434647][T14326] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4036'.
[ 254.705789][T14342] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4044'.
[ 255.148663][T14370] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4058'.
[ 255.157602][T14370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4058'.
[ 255.332682][T14382] netlink: 'syz.3.4064': attribute type 21 has an invalid length.
[ 255.364482][T14382] netlink: 156 bytes leftover after parsing attributes in process `syz.3.4064'.
[ 255.403690][T14385] netlink: 'syz.4.4065': attribute type 2 has an invalid length.
[ 255.793237][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 256.325408][T14444] netlink: 'syz.3.4095': attribute type 1 has an invalid length.
[ 256.765992][T14472] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 257.154792][T14484] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4115'.
[ 257.567352][T14497] netlink: 'syz.3.4122': attribute type 2 has an invalid length.
[ 257.584545][T14497] netlink: 'syz.3.4122': attribute type 1 has an invalid length.
[ 257.862099][T14516] netlink: 'syz.1.4132': attribute type 16 has an invalid length.
[ 257.879870][T14516] netlink: 'syz.1.4132': attribute type 3 has an invalid length.
[ 258.111960][T14533] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[ 258.960282][T14583] validate_nla: 1 callbacks suppressed
[ 258.960305][T14583] netlink: 'syz.2.4164': attribute type 10 has an invalid length.
[ 259.023188][T14588] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[ 259.893495][T14644] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[ 260.408563][T14677] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 260.521718][T14683] ieee802154 phy1 wpan1: encryption failed: -22
[ 261.204988][T14728] __nla_validate_parse: 3 callbacks suppressed
[ 261.205010][T14728] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4236'.
[ 261.633381][T14755] netlink: 'syz.2.4248': attribute type 1 has an invalid length.
[ 261.646677][T14756] netlink: 'syz.4.4250': attribute type 3 has an invalid length.
[ 261.672362][T14758] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4247'.
[ 262.031249][T14776] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4261'.
[ 262.324861][T14797] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4269'.
[ 262.921928][T14837] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.4290'.
[ 264.261530][T14920] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4331'.
[ 264.400893][T14929] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4335'.
[ 264.604137][T14943] netlink: 'syz.4.4343': attribute type 1 has an invalid length.
[ 264.616355][T14943] netlink: 244 bytes leftover after parsing attributes in process `syz.4.4343'.
[ 265.993000][T15031] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4387'.
[ 266.022352][T15031] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4387'.
[ 266.837962][T15085] Driver unsupported XDP return value 0 on prog (id 360) dev N/A, expect packet loss!
[ 266.991149][T15096] IPVS: set_ctl: invalid protocol: 58 0.0.0.0:20000
[ 267.189591][T15107] syz.1.4424: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 267.226853][T15111] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4426'.
[ 267.226926][T15109] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4425'.
[ 267.241090][T15111] openvswitch: netlink: Actions may not be safe on all matching packets
[ 267.274005][T15107] CPU: 0 UID: 0 PID: 15107 Comm: syz.1.4424 Not tainted syzkaller #0 PREEMPT(full)
[ 267.274050][T15107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 267.274078][T15107] Call Trace:
[ 267.274086][T15107]
[ 267.274096][T15107] dump_stack_lvl+0x189/0x250
[ 267.274129][T15107] ? __pfx_dump_stack_lvl+0x10/0x10
[ 267.274154][T15107] ? __pfx__printk+0x10/0x10
[ 267.274183][T15107] ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 267.274207][T15107] ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 267.274232][T15107] ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 267.274258][T15107] warn_alloc+0x214/0x310
[ 267.274300][T15107] ? stack_depot_save_flags+0x40/0x860
[ 267.274332][T15107] ? __pfx_warn_alloc+0x10/0x10
[ 267.274366][T15107] ? kasan_save_track+0x4f/0x80
[ 267.274392][T15107] ? xskq_create+0x56/0x170
[ 267.274419][T15107] ? xsk_init_queue+0xb0/0x110
[ 267.274444][T15107] ? xsk_setsockopt+0x4dc/0x8d0
[ 267.274467][T15107] ? do_sock_setsockopt+0x179/0x1b0
[ 267.274486][T15107] ? __x64_sys_setsockopt+0x13f/0x1b0
[ 267.274506][T15107] ? do_syscall_64+0xfa/0x3b0
[ 267.274524][T15107] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 267.274552][T15107] __vmalloc_node_range_noprof+0x125/0x12f0
[ 267.274615][T15107] ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 267.274653][T15107] ? __kasan_kmalloc+0x93/0xb0
[ 267.274683][T15107] vmalloc_user_noprof+0xad/0xf0
[ 267.274713][T15107] ? xskq_create+0xbf/0x170
[ 267.274744][T15107] xskq_create+0xbf/0x170
[ 267.274778][T15107] xsk_init_queue+0xb0/0x110
[ 267.274810][T15107] xsk_setsockopt+0x4dc/0x8d0
[ 267.274841][T15107] ? __pfx_xsk_setsockopt+0x10/0x10
[ 267.274869][T15107] ? __pfx_aa_sk_perm+0x10/0x10
[ 267.274904][T15107] ? aa_sock_opt_perm+0xff/0x1b0
[ 267.274927][T15107] ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 267.274949][T15107] ? __pfx_xsk_setsockopt+0x10/0x10
[ 267.274978][T15107] do_sock_setsockopt+0x179/0x1b0
[ 267.275006][T15107] __x64_sys_setsockopt+0x13f/0x1b0
[ 267.275034][T15107] do_syscall_64+0xfa/0x3b0
[ 267.275052][T15107] ? lockdep_hardirqs_on+0x9c/0x150
[ 267.275081][T15107] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 267.275101][T15107] ? clear_bhb_loop+0x60/0xb0
[ 267.275126][T15107] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 267.275145][T15107] RIP: 0033:0x7fc0e2f8eba9
[ 267.275170][T15107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 267.275186][T15107] RSP: 002b:00007fc0e3d4d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 267.275206][T15107] RAX: ffffffffffffffda RBX: 00007fc0e31d5fa0 RCX: 00007fc0e2f8eba9
[ 267.275219][T15107] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[ 267.275230][T15107] RBP: 00007fc0e3011e19 R08: 0000000000000004 R09: 0000000000000000
[ 267.275241][T15107] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 267.275252][T15107] R13: 00007fc0e31d6038 R14: 00007fc0e31d5fa0 R15: 00007ffd022d75f8
[ 267.275293][T15107]
[ 267.275305][T15107] Mem-Info:
[ 267.428116][T15113] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4427'.
[ 267.445731][T15107] active_anon:5088 inactive_anon:0 isolated_anon:0
[ 267.445731][T15107] active_file:3406 inactive_file:39959 isolated_file:0
[ 267.445731][T15107] unevictable:768 dirty:168 writeback:0
[ 267.445731][T15107] slab_reclaimable:11385 slab_unreclaimable:98131
[ 267.445731][T15107] mapped:29046 shmem:1359 pagetables:1321
[ 267.445731][T15107] sec_pagetables:0 bounce:0
[ 267.445731][T15107] kernel_misc_reclaimable:0
[ 267.445731][T15107] free:1326981 free_pcp:15573 free_cma:0
[ 267.640107][T15107] Node 0 active_anon:20252kB inactive_anon:0kB active_file:13624kB inactive_file:159632kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116184kB dirty:672kB writeback:0kB shmem:3900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11560kB pagetables:5148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 267.677292][T15107] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 267.729808][T15107] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 267.796500][T15107] lowmem_reserve[]: 0 2497 2499 2499 2499
[ 267.813769][T15107] Node 0 DMA32 free:1411848kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20304kB inactive_anon:0kB active_file:13624kB inactive_file:158068kB unevictable:1536kB writepending:672kB present:3129332kB managed:2557436kB mlocked:0kB bounce:0kB free_pcp:42312kB local_pcp:21044kB free_cma:0kB
[ 267.882764][T15107] lowmem_reserve[]: 0 0 1 1 1
[ 267.887561][T15107] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1564kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 267.925555][T15107] lowmem_reserve[]: 0 0 0 0 0
[ 267.932494][T15107] Node 1 Normal free:3881204kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:20416kB local_pcp:9024kB free_cma:0kB
[ 267.982860][T15107] lowmem_reserve[]: 0 0 0 0 0
[ 268.009449][T15107] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 268.099503][T15107] Node 0 DMA32: 1016*4kB (UME) 1808*8kB (UME) 1102*16kB (UME) 1316*32kB (UME) 926*64kB (UME) 597*128kB (UME) 400*256kB (UM) 265*512kB (UM) 108*1024kB (UM) 3*2048kB (UME) 206*4096kB (M) = 1412544kB
[ 268.168015][T15107] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[ 268.215965][T15107] Node 1 Normal: 193*4kB (UE) 44*8kB (UME) 43*16kB (UME) 55*32kB (UME) 14*64kB (UME) 7*128kB (UME) 2*256kB (M) 3*512kB (ME) 1*1024kB (M) 1*2048kB (E) 945*4096kB (UM) = 3881204kB
[ 268.265204][T15107] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 268.294107][T15107] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 268.320708][T15107] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 268.365729][T15107] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 268.416372][T15107] 44720 total pagecache pages
[ 268.433849][T15107] 0 pages in swap cache
[ 268.454833][T15107] Free swap = 124996kB
[ 268.464302][T15107] Total swap = 124996kB
[ 268.483743][T15107] 2097051 pages RAM
[ 268.496139][T15107] 0 pages HighMem/MovableOnly
[ 268.505329][T15107] 425666 pages reserved
[ 268.515403][T15107] 0 pages cma reserved
[ 268.595064][T15164] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.4452'.
[ 269.431481][T15220] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4479'.
[ 269.445023][T15218] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4480'.
[ 269.586030][T15226] openvswitch: netlink: Message has 4 unknown bytes.
[ 269.608550][T15226] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 269.981086][T15253] netlink: 'syz.0.4497': attribute type 21 has an invalid length.
[ 270.530235][T15288] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4509'.
[ 271.118184][T15326] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 271.403666][T15343] netlink: 'syz.3.4536': attribute type 1 has an invalid length.
[ 271.427949][T15343] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4536'.
[ 271.537084][T15346] netlink: 'syz.0.4540': attribute type 11 has an invalid length.
[ 271.549311][T15346] netlink: 'syz.0.4540': attribute type 11 has an invalid length.
[ 271.568411][T15346] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4540'.
[ 271.946376][T15368] netlink: 'syz.4.4550': attribute type 4 has an invalid length.
[ 272.064270][T15376] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 272.603263][T15406] netlink: 11 bytes leftover after parsing attributes in process `syz.4.4570'.
[ 272.612553][T15406] netlink: 11 bytes leftover after parsing attributes in process `syz.4.4570'.
[ 272.962410][T15427] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4578'.
[ 274.031478][T15494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4610'.
[ 274.117898][ T51] Bluetooth: hci0: command tx timeout
[ 274.712395][T15536] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4631'.
[ 274.749539][T15540] netlink: 'syz.3.4633': attribute type 8 has an invalid length.
[ 275.126981][T15556] sctp: [Deprecated]: syz.0.4639 (pid 15556) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 275.126981][T15556] Use struct sctp_sack_info instead
[ 275.489308][T15577] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4649'.
[ 275.671820][T15583] �: renamed from bridge_slave_0 (while UP)
[ 276.008069][T15605] netlink: 88 bytes leftover after parsing attributes in process `syz.3.4662'.
[ 276.937653][T15663] netlink: 192 bytes leftover after parsing attributes in process `syz.0.4693'.
[ 277.247969][T15683] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4703'.
[ 277.426605][T15695] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4707'.
[ 277.533797][ C1] ==================================================================
[ 277.541966][ C1] BUG: KASAN: slab-use-after-free in __xfrm_state_delete+0x696/0xca0
[ 277.550094][ C1] Write of size 8 at addr ffff88802f4feef0 by task syz.1.4711/15697
[ 277.558108][ C1]
[ 277.560465][ C1] CPU: 1 UID: 0 PID: 15697 Comm: syz.1.4711 Not tainted syzkaller #0 PREEMPT(full)
[ 277.560494][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 277.560509][ C1] Call Trace:
[ 277.560518][ C1]
[ 277.560529][ C1] dump_stack_lvl+0x189/0x250
[ 277.560566][ C1] ? __virt_addr_valid+0x1c8/0x5c0
[ 277.560594][ C1] ? rcu_is_watching+0x15/0xb0
[ 277.560615][ C1] ? __kasan_check_byte+0x12/0x40
[ 277.560645][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 277.560670][ C1] ? rcu_is_watching+0x15/0xb0
[ 277.560690][ C1] ? lock_release+0x4b/0x3e0
[ 277.560724][ C1] ? __virt_addr_valid+0x1c8/0x5c0
[ 277.560751][ C1] ? __virt_addr_valid+0x4a5/0x5c0
[ 277.560779][ C1] print_report+0xca/0x240
[ 277.560800][ C1] ? __xfrm_state_delete+0x696/0xca0
[ 277.560820][ C1] kasan_report+0x118/0x150
[ 277.560851][ C1] ? __xfrm_state_delete+0x696/0xca0
[ 277.560877][ C1] __xfrm_state_delete+0x696/0xca0
[ 277.560904][ C1] xfrm_timer_handler+0x18f/0xa00
[ 277.560930][ C1] ? __pfx_xfrm_timer_handler+0x10/0x10
[ 277.560949][ C1] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 277.560980][ C1] ? lockdep_hardirqs_on+0x9c/0x150
[ 277.561013][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 277.561042][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 277.561076][ C1] ? __pfx_xfrm_timer_handler+0x10/0x10
[ 277.561096][ C1] ? __pfx_xfrm_timer_handler+0x10/0x10
[ 277.561115][ C1] __hrtimer_run_queues+0x529/0xc60
[ 277.561148][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 277.561167][ C1] ? read_tsc+0x9/0x20
[ 277.561199][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 277.561225][ C1] hrtimer_run_softirq+0x187/0x2b0
[ 277.561250][ C1] handle_softirqs+0x283/0x870
[ 277.561273][ C1] ? __irq_exit_rcu+0xca/0x1f0
[ 277.561297][ C1] ? __pfx_handle_softirqs+0x10/0x10
[ 277.561320][ C1] ? irqtime_account_irq+0xb6/0x1c0
[ 277.561349][ C1] __irq_exit_rcu+0xca/0x1f0
[ 277.561370][ C1] ? __pfx___irq_exit_rcu+0x10/0x10
[ 277.561395][ C1] irq_exit_rcu+0x9/0x30
[ 277.561414][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 277.561445][ C1]
[ 277.561452][ C1]
[ 277.561460][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 277.561484][ C1] RIP: 0010:lock_acquire+0x175/0x360
[ 277.561516][ C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 7b 21 03 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[ 277.561549][ C1] RSP: 0018:ffffc9001cbef4b8 EFLAGS: 00000206
[ 277.561568][ C1] RAX: 2e931583972e4800 RBX: 0000000000000000 RCX: 2e931583972e4800
[ 277.561583][ C1] RDX: 0000000000000000 RSI: ffffffff8dba7ff7 RDI: ffffffff8be33880
[ 277.561597][ C1] RBP: ffffffff822e64ca R08: 0000000000000000 R09: ffffffff822e64ca
[ 277.561611][ C1] R10: dffffc0000000000 R11: fffff94000291fa9 R12: 0000000000000002
[ 277.561624][ C1] R13: ffffffff8e139fe0 R14: 0000000000000000 R15: 0000000000000246
[ 277.561640][ C1] ? pfn_valid+0xba/0x490
[ 277.561669][ C1] ? pfn_valid+0xba/0x490
[ 277.561706][ C1] ? __folio_rmap_sanity_checks+0x411/0x7d0
[ 277.561730][ C1] ? pfn_valid+0xba/0x490
[ 277.561758][ C1] pfn_valid+0xd6/0x490
[ 277.561785][ C1] ? pfn_valid+0xba/0x490
[ 277.561814][ C1] page_table_check_clear+0x21/0x700
[ 277.561843][ C1] ? vm_normal_page+0xb7/0x210
[ 277.561865][ C1] unmap_page_range+0x3445/0x4370
[ 277.561886][ C1] ? is_bpf_text_address+0x292/0x2b0
[ 277.561945][ C1] ? __pfx_unmap_page_range+0x10/0x10
[ 277.561971][ C1] ? mas_find+0xb0e/0xd30
[ 277.562001][ C1] ? unmap_vmas+0x144/0x580
[ 277.562023][ C1] unmap_vmas+0x399/0x580
[ 277.562049][ C1] ? __pfx_unmap_vmas+0x10/0x10
[ 277.562083][ C1] exit_mmap+0x248/0xb50
[ 277.562113][ C1] ? uprobe_clear_state+0x20f/0x290
[ 277.562139][ C1] ? __pfx_exit_mmap+0x10/0x10
[ 277.562166][ C1] ? __mutex_unlock_slowpath+0x1a1/0x740
[ 277.562193][ C1] ? __pfx_exit_aio+0x10/0x10
[ 277.562236][ C1] ? uprobe_clear_state+0x274/0x290
[ 277.562263][ C1] __mmput+0x118/0x420
[ 277.562283][ C1] exit_mm+0x1da/0x2c0
[ 277.562309][ C1] ? __pfx_exit_mm+0x10/0x10
[ 277.562336][ C1] ? rcu_is_watching+0x15/0xb0
[ 277.562357][ C1] do_exit+0x648/0x2300
[ 277.562387][ C1] ? preempt_schedule_common+0x83/0xd0
[ 277.562417][ C1] ? preempt_schedule+0xae/0xc0
[ 277.562446][ C1] ? __pfx_do_exit+0x10/0x10
[ 277.562490][ C1] ? preempt_schedule_thunk+0x16/0x30
[ 277.562528][ C1] do_group_exit+0x21c/0x2d0
[ 277.562566][ C1] __x64_sys_exit_group+0x3f/0x40
[ 277.562594][ C1] x64_sys_call+0x21f7/0x2200
[ 277.562623][ C1] do_syscall_64+0xfa/0x3b0
[ 277.562642][ C1] ? lockdep_hardirqs_on+0x9c/0x150
[ 277.562674][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 277.562695][ C1] ? clear_bhb_loop+0x60/0xb0
[ 277.562719][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 277.562741][ C1] RIP: 0033:0x7fc0e2f8eba9
[ 277.562759][ C1] Code: Unable to access opcode bytes at 0x7fc0e2f8eb7f.
[ 277.562770][ C1] RSP: 002b:00007ffd022d7958 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 277.562791][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc0e2f8eba9
[ 277.562807][ C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 277.562819][ C1] RBP: 00007ffd022d79bc R08: 00000002022d7a4f R09: 00000000000927c0
[ 277.562834][ C1] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000393
[ 277.562847][ C1] R13: 00000000000927c0 R14: 0000000000043b84 R15: 00007ffd022d7a10
[ 277.562872][ C1]
[ 277.562880][ C1]
[ 278.098911][ C1] Allocated by task 13561:
[ 278.103357][ C1] kasan_save_track+0x3e/0x80
[ 278.108071][ C1] __kasan_slab_alloc+0x6c/0x80
[ 278.112955][ C1] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 278.118448][ C1] xfrm_state_alloc+0x24/0x2f0
[ 278.123222][ C1] __find_acq_core+0x8a7/0x1c00
[ 278.128082][ C1] xfrm_find_acq+0x78/0xa0
[ 278.132612][ C1] xfrm_alloc_userspi+0x6b3/0xc90
[ 278.137694][ C1] xfrm_user_rcv_msg+0x7a0/0xab0
[ 278.142652][ C1] netlink_rcv_skb+0x205/0x470
[ 278.147461][ C1] xfrm_netlink_rcv+0x79/0x90
[ 278.152175][ C1] netlink_unicast+0x82c/0x9e0
[ 278.156960][ C1] netlink_sendmsg+0x805/0xb30
[ 278.161819][ C1] __sock_sendmsg+0x21c/0x270
[ 278.166514][ C1] ____sys_sendmsg+0x505/0x830
[ 278.171381][ C1] ___sys_sendmsg+0x21f/0x2a0
[ 278.176072][ C1] __x64_sys_sendmsg+0x19b/0x260
[ 278.181015][ C1] do_syscall_64+0xfa/0x3b0
[ 278.185529][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 278.191445][ C1]
[ 278.193772][ C1] Freed by task 5999:
[ 278.197756][ C1] kasan_save_track+0x3e/0x80
[ 278.202449][ C1] kasan_save_free_info+0x46/0x50
[ 278.207472][ C1] __kasan_slab_free+0x5b/0x80
[ 278.212246][ C1] kmem_cache_free+0x18f/0x400
[ 278.217017][ C1] xfrm_state_gc_task+0x52d/0x6b0
[ 278.222054][ C1] process_scheduled_works+0xae1/0x17b0
[ 278.227607][ C1] worker_thread+0x8a0/0xda0
[ 278.232199][ C1] kthread+0x70e/0x8a0
[ 278.236280][ C1] ret_from_fork+0x3fc/0x770
[ 278.240878][ C1] ret_from_fork_asm+0x1a/0x30
[ 278.245656][ C1]
[ 278.247988][ C1] The buggy address belongs to the object at ffff88802f4feec0
[ 278.247988][ C1] which belongs to the cache xfrm_state of size 928
[ 278.261971][ C1] The buggy address is located 48 bytes inside of
[ 278.261971][ C1] freed 928-byte region [ffff88802f4feec0, ffff88802f4ff260)
[ 278.275687][ C1]
[ 278.278020][ C1] The buggy address belongs to the physical page:
[ 278.284449][ C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802f4fddc0 pfn:0x2f4fc
[ 278.294529][ C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 278.303036][ C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 278.310585][ C1] page_type: f5(slab)
[ 278.314572][ C1] raw: 00fff00000000040 ffff888143295280 dead000000000122 0000000000000000
[ 278.323163][ C1] raw: ffff88802f4fddc0 00000000800f000c 00000000f5000000 0000000000000000
[ 278.331751][ C1] head: 00fff00000000040 ffff888143295280 dead000000000122 0000000000000000
[ 278.340433][ C1] head: ffff88802f4fddc0 00000000800f000c 00000000f5000000 0000000000000000
[ 278.349116][ C1] head: 00fff00000000002 ffffea0000bd3f01 00000000ffffffff 00000000ffffffff
[ 278.357793][ C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 278.366464][ C1] page dumped because: kasan: bad access detected
[ 278.372887][ C1] page_owner tracks the page as allocated
[ 278.378600][ C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 9429, tgid 9428 (syz.2.1701), ts 170165796675, free_ts 170019333313
[ 278.397877][ C1] post_alloc_hook+0x240/0x2a0
[ 278.402668][ C1] get_page_from_freelist+0x21e4/0x22c0
[ 278.408303][ C1] __alloc_frozen_pages_noprof+0x181/0x370
[ 278.414110][ C1] alloc_pages_mpol+0x232/0x4a0
[ 278.418976][ C1] allocate_slab+0x8a/0x370
[ 278.423488][ C1] ___slab_alloc+0xbeb/0x1420
[ 278.428178][ C1] kmem_cache_alloc_noprof+0x283/0x3c0
[ 278.433648][ C1] xfrm_state_alloc+0x24/0x2f0
[ 278.438421][ C1] xfrm_add_sa+0x17d1/0x4070
[ 278.443021][ C1] xfrm_user_rcv_msg+0x7a0/0xab0
[ 278.447966][ C1] netlink_rcv_skb+0x205/0x470
[ 278.452747][ C1] xfrm_netlink_rcv+0x79/0x90
[ 278.457440][ C1] netlink_unicast+0x82c/0x9e0
[ 278.462220][ C1] netlink_sendmsg+0x805/0xb30
[ 278.466985][ C1] __sock_sendmsg+0x21c/0x270
[ 278.471677][ C1] ____sys_sendmsg+0x505/0x830
[ 278.476448][ C1] page last free pid 9423 tgid 9422 stack trace:
[ 278.482777][ C1] __free_frozen_pages+0xbc4/0xd30
[ 278.487900][ C1] stack_depot_save_flags+0x436/0x860
[ 278.493279][ C1] kasan_save_track+0x4f/0x80
[ 278.497965][ C1] __kasan_slab_alloc+0x6c/0x80
[ 278.502824][ C1] kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[ 278.508730][ C1] __alloc_skb+0x112/0x2d0
[ 278.513156][ C1] mgmt_send_event+0x46/0x190
[ 278.517834][ C1] mgmt_phy_configuration_changed+0xb1/0xf0
[ 278.523730][ C1] hci_dev_cmd+0x5e2/0x7b0
[ 278.528155][ C1] sock_do_ioctl+0xdc/0x300
[ 278.532664][ C1] sock_ioctl+0x576/0x790
[ 278.536999][ C1] __se_sys_ioctl+0xfc/0x170
[ 278.541595][ C1] do_syscall_64+0xfa/0x3b0
[ 278.546112][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 278.552030][ C1]
[ 278.554365][ C1] Memory state around the buggy address:
[ 278.560006][ C1] ffff88802f4fed80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 278.568070][ C1] ffff88802f4fee00: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 278.576137][ C1] >ffff88802f4fee80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 278.584202][ C1] ^
[ 278.591919][ C1] ffff88802f4fef00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 278.599984][ C1] ffff88802f4fef80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 278.608047][ C1] ==================================================================
[ 278.616203][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 278.623429][ C1] CPU: 1 UID: 0 PID: 15697 Comm: syz.1.4711 Not tainted syzkaller #0 PREEMPT(full)
[ 278.632829][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 278.642922][ C1] Call Trace:
[ 278.646230][ C1]
[ 278.649096][ C1] dump_stack_lvl+0x99/0x250
[ 278.653712][ C1] ? __asan_memcpy+0x40/0x70
[ 278.658315][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 278.663524][ C1] ? __pfx__printk+0x10/0x10
[ 278.668128][ C1] vpanic+0x281/0x750
[ 278.672119][ C1] ? __pfx___irq_exit_rcu+0x10/0x10
[ 278.677326][ C1] ? __pfx_vpanic+0x10/0x10
[ 278.681841][ C1] ? irqentry_exit+0x74/0x90
[ 278.686459][ C1] ? lockdep_hardirqs_on+0x9c/0x150
[ 278.691782][ C1] panic+0xb9/0xc0
[ 278.695540][ C1] ? __pfx_panic+0x10/0x10
[ 278.699986][ C1] ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 278.705906][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 278.712250][ C1] ? __xfrm_state_delete+0x696/0xca0
[ 278.717539][ C1] check_panic_on_warn+0x89/0xb0
[ 278.722492][ C1] ? __xfrm_state_delete+0x696/0xca0
[ 278.727785][ C1] end_report+0x78/0x160
[ 278.732044][ C1] kasan_report+0x129/0x150
[ 278.736561][ C1] ? __xfrm_state_delete+0x696/0xca0
[ 278.741854][ C1] __xfrm_state_delete+0x696/0xca0
[ 278.746979][ C1] xfrm_timer_handler+0x18f/0xa00
[ 278.752017][ C1] ? __pfx_xfrm_timer_handler+0x10/0x10
[ 278.757570][ C1] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 278.763488][ C1] ? lockdep_hardirqs_on+0x9c/0x150
[ 278.768707][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 278.774614][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 278.780964][ C1] ? __pfx_xfrm_timer_handler+0x10/0x10
[ 278.786517][ C1] ? __pfx_xfrm_timer_handler+0x10/0x10
[ 278.792071][ C1] __hrtimer_run_queues+0x529/0xc60
[ 278.797281][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 278.803004][ C1] ? read_tsc+0x9/0x20
[ 278.807087][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 278.812906][ C1] hrtimer_run_softirq+0x187/0x2b0
[ 278.818030][ C1] handle_softirqs+0x283/0x870
[ 278.822805][ C1] ? __irq_exit_rcu+0xca/0x1f0
[ 278.827580][ C1] ? __pfx_handle_softirqs+0x10/0x10
[ 278.832879][ C1] ? irqtime_account_irq+0xb6/0x1c0
[ 278.838090][ C1] __irq_exit_rcu+0xca/0x1f0
[ 278.842686][ C1] ? __pfx___irq_exit_rcu+0x10/0x10
[ 278.847892][ C1] irq_exit_rcu+0x9/0x30
[ 278.852142][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 278.857788][ C1]
[ 278.860726][ C1]
[ 278.863660][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 278.869649][ C1] RIP: 0010:lock_acquire+0x175/0x360
[ 278.874952][ C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 7b 21 03 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[ 278.894581][ C1] RSP: 0018:ffffc9001cbef4b8 EFLAGS: 00000206
[ 278.900672][ C1] RAX: 2e931583972e4800 RBX: 0000000000000000 RCX: 2e931583972e4800
[ 278.908653][ C1] RDX: 0000000000000000 RSI: ffffffff8dba7ff7 RDI: ffffffff8be33880
[ 278.916626][ C1] RBP: ffffffff822e64ca R08: 0000000000000000 R09: ffffffff822e64ca
[ 278.924616][ C1] R10: dffffc0000000000 R11: fffff94000291fa9 R12: 0000000000000002
[ 278.932613][ C1] R13: ffffffff8e139fe0 R14: 0000000000000000 R15: 0000000000000246
[ 278.940602][ C1] ? pfn_valid+0xba/0x490
[ 278.944953][ C1] ? pfn_valid+0xba/0x490
[ 278.949306][ C1] ? __folio_rmap_sanity_checks+0x411/0x7d0
[ 278.955205][ C1] ? pfn_valid+0xba/0x490
[ 278.959550][ C1] pfn_valid+0xd6/0x490
[ 278.963726][ C1] ? pfn_valid+0xba/0x490
[ 278.968068][ C1] page_table_check_clear+0x21/0x700
[ 278.973374][ C1] ? vm_normal_page+0xb7/0x210
[ 278.978238][ C1] unmap_page_range+0x3445/0x4370
[ 278.983272][ C1] ? is_bpf_text_address+0x292/0x2b0
[ 278.988600][ C1] ? __pfx_unmap_page_range+0x10/0x10
[ 278.993985][ C1] ? mas_find+0xb0e/0xd30
[ 278.998324][ C1] ? unmap_vmas+0x144/0x580
[ 279.002835][ C1] unmap_vmas+0x399/0x580
[ 279.007170][ C1] ? __pfx_unmap_vmas+0x10/0x10
[ 279.012038][ C1] exit_mmap+0x248/0xb50
[ 279.016291][ C1] ? uprobe_clear_state+0x20f/0x290
[ 279.021505][ C1] ? __pfx_exit_mmap+0x10/0x10
[ 279.026279][ C1] ? __mutex_unlock_slowpath+0x1a1/0x740
[ 279.031926][ C1] ? __pfx_exit_aio+0x10/0x10
[ 279.036624][ C1] ? uprobe_clear_state+0x274/0x290
[ 279.041830][ C1] __mmput+0x118/0x420
[ 279.045907][ C1] exit_mm+0x1da/0x2c0
[ 279.049997][ C1] ? __pfx_exit_mm+0x10/0x10
[ 279.054598][ C1] ? rcu_is_watching+0x15/0xb0
[ 279.059376][ C1] do_exit+0x648/0x2300
[ 279.063548][ C1] ? preempt_schedule_common+0x83/0xd0
[ 279.069020][ C1] ? preempt_schedule+0xae/0xc0
[ 279.073888][ C1] ? __pfx_do_exit+0x10/0x10
[ 279.078500][ C1] ? preempt_schedule_thunk+0x16/0x30
[ 279.083896][ C1] do_group_exit+0x21c/0x2d0
[ 279.088503][ C1] __x64_sys_exit_group+0x3f/0x40
[ 279.093538][ C1] x64_sys_call+0x21f7/0x2200
[ 279.098227][ C1] do_syscall_64+0xfa/0x3b0
[ 279.102739][ C1] ? lockdep_hardirqs_on+0x9c/0x150
[ 279.107953][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 279.114033][ C1] ? clear_bhb_loop+0x60/0xb0
[ 279.118722][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 279.124621][ C1] RIP: 0033:0x7fc0e2f8eba9
[ 279.129044][ C1] Code: Unable to access opcode bytes at 0x7fc0e2f8eb7f.
[ 279.136061][ C1] RSP: 002b:00007ffd022d7958 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 279.144483][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc0e2f8eba9
[ 279.152462][ C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 279.160456][ C1] RBP: 00007ffd022d79bc R08: 00000002022d7a4f R09: 00000000000927c0
[ 279.168466][ C1] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000393
[ 279.176467][ C1] R13: 00000000000927c0 R14: 0000000000043b84 R15: 00007ffd022d7a10
[ 279.184464][ C1]
[ 279.188056][ C1] Kernel Offset: disabled
[ 279.192379][ C1] Rebooting in 86400 seconds..