last executing test programs: 1.276078009s ago: executing program 1 (id=8396): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0) close(r0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8b20, &(0x7f00000001c0)={'virt_wifi0\x00', @dev}) 1.123102413s ago: executing program 4 (id=8400): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x3) 1.118135517s ago: executing program 0 (id=8401): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f00000009c0)=[{{&(0x7f00000003c0)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000400)=[{&(0x7f0000000180)="7f", 0x1}], 0x1}}], 0x1, 0x0) listen(r0, 0xfff) accept(r0, &(0x7f0000000080)=@pppoe, 0x0) 1.081788892s ago: executing program 1 (id=8403): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[@ANYBLOB='-1'], 0x27) 1.008302864s ago: executing program 3 (id=8404): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_buf(r0, 0x0, 0x13, &(0x7f0000000080)="ca", 0x1) syz_emit_ethernet(0x3a, &(0x7f00000002c0)={@link_local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x1, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0x7, 0x10008}}}}}}, 0x0) 902.658904ms ago: executing program 1 (id=8408): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002140)={&(0x7f0000000000)=@newlink={0x2c, 0x10, 0x401, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_VFINFO_LIST={0xc, 0x16, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}]}, 0x2c}}, 0x0) 892.46764ms ago: executing program 4 (id=8409): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0xffffffffffffffcc}]}}]}, 0xac}}, 0x0) 820.90238ms ago: executing program 2 (id=8410): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000440)="1e0c03f6ff8cff9129e508000800", 0xe, 0x0, &(0x7f0000000480)={0x11, 0x0, r2}, 0x14) 757.002945ms ago: executing program 3 (id=8411): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c00000010000100"/20, @ANYRES32=r2, @ANYBLOB="c89904bd0000000008000d000000000034001680300001802c000c8014"], 0x5c}}, 0x0) 756.147511ms ago: executing program 0 (id=8412): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) writev(r1, &(0x7f0000000740)=[{&(0x7f0000000180)="207bc9875a5ce52ae56fbd9cb2643c7a7f0fd4b02938f64c6086829480cb80704ca7ad3e442cc6ab395c8643f738611ae6cc69d742f98ecd2ea9fc51ac6efe1cd209086a37510ee5df36b7c66ca565a399a57ad477699cb7445949895fc3dc14c4bcdf770e42439f6d493c4d13f7e19a11a08a2be4615407fbb100daaef983c6a969586ea8b2e3b31b81b0d1832b8e29d6d37163d387dec6cd571c090b611605599658f3bb509c110f71cf47b31bbf0bccd53101e63257f991a6b093842e13db43df22b858779f124e9d2c7b1745", 0xce}, {&(0x7f0000000580)="76b165c213f88afa4c53688f124937850b1a56eb70", 0x15}, {&(0x7f00000006c0)='d', 0x1}], 0x3) 726.752246ms ago: executing program 2 (id=8413): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r1, 0x0) 641.041962ms ago: executing program 0 (id=8414): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r0, 0x0, 0x14, 0x0, &(0x7f0000000280)="f6f4e9a1d78ad62cee718843e6a578bb3fb7dbfc", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 587.330517ms ago: executing program 4 (id=8415): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000140)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x39}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) 587.069664ms ago: executing program 1 (id=8416): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002200)={0x58, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PMKID={0x14, 0x55, "4c4a35ddf05ad7786d91edb4801f7654"}, @NL80211_ATTR_FILS_CACHE_ID={0x6}, @NL80211_ATTR_PMK={0x14, 0xfe, "23310c9a5063b202fe5f676d76a05b31"}]}, 0x58}}, 0x20000050) 586.879771ms ago: executing program 2 (id=8417): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000005100000008000300", @ANYRES32=r2, @ANYBLOB="0a00060008021100000100ff05008a"], 0x30}}, 0x0) 484.0859ms ago: executing program 2 (id=8418): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x4}, 0x10) close(r0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 473.11591ms ago: executing program 0 (id=8419): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000940)=@newqdisc={0x60, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}, {0x0, 0x0, 0x0, 0x1}}}, @TCA_TBF_BURST={0x8}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20004010}, 0x0) 424.732648ms ago: executing program 3 (id=8420): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x34, r1, 0x101, 0x70bd29, 0xffffffff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="a1"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]]}, 0x34}}, 0x0) 412.197582ms ago: executing program 4 (id=8421): pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r1, 0x0) sendfile(r0, r1, 0x0, 0x8) 378.74141ms ago: executing program 2 (id=8422): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$packet(r1, &(0x7f00000002c0)="48357e0287af48ffa745b497a54e0eec1bf2c69011f35b48339d15afaef1bd7e", 0x20, 0x0, 0x0, 0x0) 355.527873ms ago: executing program 1 (id=8423): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_AUTORATE={0x8}, @TCA_CAKE_INGRESS={0x8}]}}]}, 0x44}}, 0x0) 323.192275ms ago: executing program 2 (id=8424): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @loopback}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x3, 0x0, 0x0) 233.044711ms ago: executing program 0 (id=8425): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfe}, 0xc) bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfe}, 0xc) 226.19216ms ago: executing program 4 (id=8426): r0 = socket$kcm(0xa, 0x2, 0x3a) recvmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000100), 0x4) sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @mcast2, 0x1a}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000780)="80005b020eaa4da2", 0x8}], 0x1, 0x0, 0x0, 0x900}, 0x0) 223.129022ms ago: executing program 1 (id=8427): socket$l2tp(0x2, 0x2, 0x73) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000140), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x2a012, r0, 0x0) 211.892107ms ago: executing program 3 (id=8428): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003500000008000300", @ANYRES32=r2, @ANYBLOB="0a0006"], 0x30}}, 0x0) 118.433414ms ago: executing program 3 (id=8429): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@bridge_dellink={0x2c, 0x11, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4}}]}]}, 0x2c}}, 0x0) 85.070931ms ago: executing program 0 (id=8430): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000140)=0x1, 0x4) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0x88}}, 0x0) 15.500541ms ago: executing program 3 (id=8431): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000600)={@remote, @empty}, 0x8) 0s ago: executing program 4 (id=8432): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@dev={0xfe, 0x80, '\x00', 0x3a}, 0x1, 0x1, 0x1, 0x3}, 0x20) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r0, 0x8b32, &(0x7f0000000040)) kernel console output (not intermixed with test programs): 0152] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 159.166104][T10159] netlink: 'syz.1.2399': attribute type 10 has an invalid length. [ 159.215390][T10159] team0: Device ipvlan1 failed to register rx_handler [ 159.292522][T10166] netlink: 'syz.4.2401': attribute type 1 has an invalid length. [ 159.300321][T10166] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2401'. [ 160.135251][T10213] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6) [ 160.221670][T10215] netlink: 'syz.1.2426': attribute type 3 has an invalid length. [ 160.230455][T10215] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2426'. [ 160.430100][T10230] netlink: 'syz.1.2432': attribute type 3 has an invalid length. [ 161.010873][T10262] netlink: 'syz.4.2451': attribute type 1 has an invalid length. [ 161.051522][T10262] NCSI netlink: No device for ifindex 0 [ 161.348503][T10281] xt_CT: You must specify a L4 protocol and not use inversions on it [ 161.386410][T10283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2460'. [ 161.454653][T10287] netlink: 'syz.3.2461': attribute type 11 has an invalid length. [ 161.472426][T10287] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2461'. [ 161.557865][T10294] netlink: 'syz.2.2464': attribute type 1 has an invalid length. [ 161.655765][T10299] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2468'. [ 161.872907][T10310] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2473'. [ 161.902164][T10310] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-tlb(5) [ 162.245072][T10329] netlink: 'syz.2.2483': attribute type 3 has an invalid length. [ 162.325175][T10333] xt_CT: You must specify a L4 protocol and not use inversions on it [ 162.551019][T10345] ieee802154 phy0 wpan0: encryption failed: -90 [ 162.706532][T10357] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2497'. [ 163.249126][T10388] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2512'. [ 163.370264][T10394] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2515'. [ 163.516559][T10403] IPv6: NLM_F_REPLACE set, but no existing node found! [ 164.169875][T10438] netlink: 'syz.3.2536': attribute type 3 has an invalid length. [ 164.199447][T10438] netlink: 'syz.3.2536': attribute type 3 has an invalid length. [ 164.233851][T10438] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2536'. [ 164.252754][T10444] xt_l2tp: v2 tid > 0xffff: 150994944 [ 164.570718][T10460] netlink: 'syz.0.2547': attribute type 11 has an invalid length. [ 164.847408][T10478] openvswitch: netlink: Missing key (keys=1000040, expected=200000) [ 165.070056][T10486] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2560'. [ 165.284708][T10499] netlink: 'syz.3.2567': attribute type 1 has an invalid length. [ 165.305567][T10499] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.2567'. [ 165.315254][T10503] xt_CT: You must specify a L4 protocol and not use inversions on it [ 165.344439][T10499] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2567'. [ 166.140250][T10550] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-xor(2) [ 166.624636][T10577] xt_TCPMSS: Only works on TCP SYN packets [ 167.030855][T10601] netlink: 'syz.1.2615': attribute type 3 has an invalid length. [ 167.070761][T10601] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2615'. [ 169.291594][T10729] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2679'. [ 169.769680][T10757] netlink: 'syz.1.2691': attribute type 21 has an invalid length. [ 169.790906][T10757] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2691'. [ 170.592055][T10804] netlink: 'syz.1.2716': attribute type 8 has an invalid length. [ 170.604905][T10804] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2716'. [ 171.041124][T10830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2728'. [ 171.110592][T10836] sctp: [Deprecated]: syz.2.2731 (pid 10836) Use of int in max_burst socket option. [ 171.110592][T10836] Use struct sctp_assoc_value instead [ 171.250196][T10844] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2735'. [ 171.510854][T10856] netlink: 'syz.2.2741': attribute type 1 has an invalid length. [ 171.645956][T10866] netlink: 'syz.0.2744': attribute type 8 has an invalid length. [ 172.099425][T10880] xt_CT: No such helper "snmp_trap" [ 174.115422][T11003] netlink: 203452 bytes leftover after parsing attributes in process `syz.2.2812'. [ 174.142804][T11003] netlink: 'syz.2.2812': attribute type 2 has an invalid length. [ 174.175228][T11003] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2812'. [ 174.465124][T11019] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2819'. [ 174.629669][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2823'. [ 174.878435][T11042] netlink: 'syz.3.2831': attribute type 4 has an invalid length. [ 174.900244][T11042] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2831'. [ 175.025832][T11041] IPv6: sit1: Disabled Multicast RS [ 175.203926][T11057] C: renamed from team_slave_0 (while UP) [ 175.276590][T11057] netlink: 'syz.1.2838': attribute type 1 has an invalid length. [ 175.294946][T11057] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 175.522678][T11075] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2847'. [ 175.558893][T11075] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2847'. [ 175.586993][T11075] netlink: 'syz.2.2847': attribute type 3 has an invalid length. [ 175.609804][T11078] xt_TCPMSS: Only works on TCP SYN packets [ 175.615897][T11075] netlink: 'syz.2.2847': attribute type 2 has an invalid length. [ 175.623207][T11079] __nla_validate_parse: 1 callbacks suppressed [ 175.623221][T11079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2849'. [ 175.634779][T11075] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2847'. [ 175.674775][T11081] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2850'. [ 176.280066][T11116] netlink: 'syz.0.2867': attribute type 20 has an invalid length. [ 176.444162][T11125] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2872'. [ 176.450167][T11127] netlink: 'syz.1.2871': attribute type 3 has an invalid length. [ 176.461118][T11127] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2871'. [ 176.707273][T11137] bridge5: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 176.740467][T11143] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2880'. [ 176.760725][T11142] raw_sendmsg: syz.4.2878 forgot to set AF_INET. Fix it! [ 177.266953][T11170] netlink: 'syz.0.2893': attribute type 1 has an invalid length. [ 177.306201][T11173] netlink: 'syz.1.2895': attribute type 4 has an invalid length. [ 177.540362][T11190] netlink: 144316 bytes leftover after parsing attributes in process `syz.4.2901'. [ 178.125023][T11225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2919'. [ 178.134024][T11225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2919'. [ 178.386533][T11242] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2927'. [ 179.733802][T11324] netlink: 'syz.1.2967': attribute type 3 has an invalid length. [ 180.098844][T11346] xt_CT: You must specify a L4 protocol and not use inversions on it [ 180.157736][T11301] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 180.490917][T11369] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 180.668852][T11379] netlink: 'syz.3.2991': attribute type 1 has an invalid length. [ 180.835003][T11388] __nla_validate_parse: 4 callbacks suppressed [ 180.835021][T11388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2996'. [ 181.364991][ T4619] Bluetooth: hci0: command 0x0401 tx timeout [ 181.483058][T11429] xt_TPROXY: Can be used only with -p tcp or -p udp [ 181.582334][T11436] netlink: 'syz.3.3017': attribute type 6 has an invalid length. [ 181.638060][T11436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3017'. [ 182.375107][T11477] netlink: 'syz.2.3039': attribute type 1 has an invalid length. [ 182.382883][T11477] netlink: 'syz.2.3039': attribute type 1 has an invalid length. [ 182.458899][T11484] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3041'. [ 182.573002][T11485] xt_CT: No such helper "pptp" [ 182.639590][T11492] nft_compat: unsupported protocol 0 [ 182.906779][T11506] netlink: 'syz.4.3053': attribute type 10 has an invalid length. [ 182.972977][T11506] team0: Device veth0_macvtap failed to register rx_handler [ 183.441501][T11539] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.3069'. [ 183.473206][T11539] openvswitch: netlink: Key 32 has unexpected len 3064 expected 2 [ 183.675238][T11554] SET target dimension over the limit! [ 183.997455][T11573] netlink: 'syz.2.3084': attribute type 2 has an invalid length. [ 184.314695][T11589] netlink: 'syz.2.3091': attribute type 9 has an invalid length. [ 184.337442][T11589] netlink: 'syz.2.3091': attribute type 6 has an invalid length. [ 184.371269][T11595] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 184.509488][T11603] syz.2.3099: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 184.566206][T11603] CPU: 1 UID: 0 PID: 11603 Comm: syz.2.3099 Not tainted 6.11.0-rc4-syzkaller-00198-gfebccb39255f #0 [ 184.577016][T11603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 184.587092][T11603] Call Trace: [ 184.590390][T11603] [ 184.593336][T11603] dump_stack_lvl+0x241/0x360 [ 184.598059][T11603] ? __pfx_dump_stack_lvl+0x10/0x10 [ 184.603276][T11603] ? __pfx__printk+0x10/0x10 [ 184.607899][T11603] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 184.614333][T11603] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 184.620862][T11603] warn_alloc+0x278/0x410 [ 184.625215][T11603] ? stack_depot_save_flags+0x6e4/0x830 [ 184.630780][T11603] ? __vmalloc_node_range_noprof+0x106/0x1400 [ 184.636862][T11603] ? __pfx_warn_alloc+0x10/0x10 [ 184.641717][T11603] ? kasan_save_track+0x3f/0x80 [ 184.646565][T11603] ? __kasan_kmalloc+0x98/0xb0 [ 184.651329][T11603] ? xsk_setsockopt+0x4ea/0x950 [ 184.656176][T11603] ? do_sock_setsockopt+0x3af/0x720 [ 184.661368][T11603] ? __sys_setsockopt+0x1ae/0x250 [ 184.666383][T11603] ? __x64_sys_setsockopt+0xb5/0xd0 [ 184.671573][T11603] ? do_syscall_64+0xf3/0x230 [ 184.676241][T11603] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.682307][T11603] __vmalloc_node_range_noprof+0x126/0x1400 [ 184.688213][T11603] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 184.694540][T11603] ? __kasan_kmalloc+0x98/0xb0 [ 184.699298][T11603] ? xskq_create+0x54/0x170 [ 184.703798][T11603] vmalloc_user_noprof+0x74/0x80 [ 184.708724][T11603] ? xskq_create+0xb6/0x170 [ 184.713219][T11603] xskq_create+0xb6/0x170 [ 184.717547][T11603] xsk_init_queue+0xa1/0x100 [ 184.722132][T11603] xsk_setsockopt+0x4ea/0x950 [ 184.726806][T11603] ? __pfx_xsk_setsockopt+0x10/0x10 [ 184.732001][T11603] ? __pfx_lock_acquire+0x10/0x10 [ 184.737022][T11603] ? aa_sock_opt_perm+0x79/0x120 [ 184.741950][T11603] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 184.747486][T11603] ? security_socket_setsockopt+0x87/0xb0 [ 184.753193][T11603] ? __pfx_xsk_setsockopt+0x10/0x10 [ 184.758392][T11603] do_sock_setsockopt+0x3af/0x720 [ 184.763426][T11603] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 184.768962][T11603] ? __fget_files+0x29/0x470 [ 184.773548][T11603] ? __fget_files+0x3f6/0x470 [ 184.778228][T11603] __sys_setsockopt+0x1ae/0x250 [ 184.783074][T11603] __x64_sys_setsockopt+0xb5/0xd0 [ 184.788093][T11603] do_syscall_64+0xf3/0x230 [ 184.792586][T11603] ? clear_bhb_loop+0x35/0x90 [ 184.797259][T11603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.803148][T11603] RIP: 0033:0x7f5a6d179ef9 [ 184.807555][T11603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.827155][T11603] RSP: 002b:00007f5a6df8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 184.835558][T11603] RAX: ffffffffffffffda RBX: 00007f5a6d315f80 RCX: 00007f5a6d179ef9 [ 184.843527][T11603] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 184.851485][T11603] RBP: 00007f5a6d1e793e R08: 0000000000000004 R09: 0000000000000000 [ 184.859450][T11603] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.867416][T11603] R13: 0000000000000000 R14: 00007f5a6d315f80 R15: 00007ffe941f67f8 [ 184.875394][T11603] [ 184.944763][T11603] Mem-Info: [ 184.954958][T11603] active_anon:4174 inactive_anon:0 isolated_anon:0 [ 184.954958][T11603] active_file:997 inactive_file:38198 isolated_file:0 [ 184.954958][T11603] unevictable:768 dirty:201 writeback:0 [ 184.954958][T11603] slab_reclaimable:8787 slab_unreclaimable:94847 [ 184.954958][T11603] mapped:20632 shmem:1251 pagetables:793 [ 184.954958][T11603] sec_pagetables:0 bounce:0 [ 184.954958][T11603] kernel_misc_reclaimable:0 [ 184.954958][T11603] free:1391193 free_pcp:642 free_cma:0 [ 185.081693][T11603] Node 0 active_anon:16676kB inactive_anon:0kB active_file:3988kB inactive_file:152720kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:82584kB dirty:828kB writeback:0kB shmem:3472kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10204kB pagetables:3056kB sec_pagetables:0kB all_unreclaimable? no [ 185.145020][T11603] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 185.185237][T11622] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3107'. [ 185.211242][T11603] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 185.269134][T11603] lowmem_reserve[]: 0 2561 2562 0 0 [ 185.285479][T11603] Node 0 DMA32 free:1599448kB boost:0kB min:35020kB low:43772kB high:52524kB reserved_highatomic:0KB active_anon:16508kB inactive_anon:0kB active_file:3988kB inactive_file:151408kB unevictable:1536kB writepending:840kB present:3129332kB managed:2651248kB mlocked:0kB bounce:0kB free_pcp:1644kB local_pcp:0kB free_cma:0kB [ 185.398794][T11603] lowmem_reserve[]: 0 0 1 0 0 [ 185.441843][T11603] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 185.527608][T11603] lowmem_reserve[]: 0 0 0 0 0 [ 185.532484][T11603] Node 1 Normal free:3951304kB boost:0kB min:54864kB low:68580kB high:82296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 185.581534][T11603] lowmem_reserve[]: 0 0 0 0 0 [ 185.597375][T11603] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 185.628291][T11603] Node 0 DMA32: 84*4kB (UM) 71*8kB (UME) 101*16kB (UME) 193*32kB (UME) 294*64kB (UE) 147*128kB (UME) 50*256kB (UME) 24*512kB (UM) 9*1024kB (UME) 7*2048kB (UM) 367*4096kB (UM) = 1598200kB [ 185.672964][T11603] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 185.720902][T11603] Node 1 Normal: 4*4kB (UM) 5*8kB (UM) 9*16kB (UM) 10*32kB (UM) 5*64kB (U) 5*128kB (U) 5*256kB (UM) 2*512kB (UM) 3*1024kB (U) 2*2048kB (U) 962*4096kB (M) = 3951304kB [ 185.741692][T11641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3117'. [ 185.792324][T11603] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 185.842182][T11603] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 185.915001][T11603] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 185.924601][T11603] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 185.953250][T11603] 40450 total pagecache pages [ 185.964910][T11603] 0 pages in swap cache [ 185.969278][T11603] Free swap = 124996kB [ 185.983858][T11603] Total swap = 124996kB [ 186.030160][T11603] 2097051 pages RAM [ 186.034008][T11603] 0 pages HighMem/MovableOnly [ 186.062976][T11603] 402773 pages reserved [ 186.079097][T11603] 0 pages cma reserved [ 186.296572][T11673] xt_l2tp: missing protocol rule (udp|l2tpip) [ 186.329244][ T5235] Bluetooth: hci3: command 0x0406 tx timeout [ 186.335446][ T54] Bluetooth: hci1: command 0x0406 tx timeout [ 186.341466][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 186.344057][ T5246] Bluetooth: hci4: command 0x0406 tx timeout [ 186.347484][ T5241] Bluetooth: hci0: command 0x0401 tx timeout [ 186.411538][T11677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3137'. [ 186.880097][T11706] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 187.022141][T11715] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.671291][T11757] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 187.929006][T11772] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3182'. [ 187.964433][T11777] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3184'. [ 188.457719][T11807] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3196'. [ 188.473188][T11807] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3196'. [ 188.820456][T11829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3205'. [ 189.117281][T11847] No such timeout policy "syz1" [ 189.226307][T11853] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551614) [ 189.255245][T11853] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 189.523377][T11871] netlink: 'syz.4.3227': attribute type 5 has an invalid length. [ 190.033131][T11904] netlink: 5 bytes leftover after parsing attributes in process `syz.1.3241'. [ 190.075513][T11904] 0ªX¹¦Dö»: renamed from gretap0 (while UP) [ 190.122963][T11904] 0ªX¹¦Dö»: entered allmulticast mode [ 190.344227][T11917] netlink: 164 bytes leftover after parsing attributes in process `syz.1.3248'. [ 190.397962][T11924] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3251'. [ 190.708797][T11941] xt_CT: No such helper "syz0" [ 191.174302][T11972] netlink: 'syz.0.3277': attribute type 10 has an invalid length. [ 191.183804][T11972] netlink: 212412 bytes leftover after parsing attributes in process `syz.0.3277'. [ 191.204715][T11975] workqueue: name exceeds WQ_NAME_LEN. Truncating to: †< )Ù2¼”›U7‘Åä‹¡ô¾ÐËÝ;&!éi‡¼ [ 191.238434][T11972] openvswitch: netlink: Flow key attr not present in new flow. [ 191.545551][T11992] netlink: 'syz.3.3284': attribute type 1 has an invalid length. [ 191.578180][T11992] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3284'. [ 191.732071][T12000] netlink: 'syz.2.3289': attribute type 1 has an invalid length. [ 191.755036][T12002] IPVS: set_ctl: invalid protocol: 59 224.0.0.1:20004 [ 192.100927][T12024] netlink: 92 bytes leftover after parsing attributes in process `syz.3.3301'. [ 192.279376][T12035] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3307'. [ 192.471034][T12049] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 192.541853][T12052] netlink: 'syz.4.3315': attribute type 21 has an invalid length. [ 192.562733][T12052] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3315'. [ 192.982406][T12080] netlink: 'syz.4.3329': attribute type 1 has an invalid length. [ 193.562918][T12112] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3346'. [ 193.582316][T12112] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3346'. [ 193.630021][T12116] xt_TCPMSS: Only works on TCP SYN packets [ 193.716195][T12121] xt_CT: You must specify a L4 protocol and not use inversions on it [ 193.925119][T12130] netlink: 'syz.4.3352': attribute type 15 has an invalid length. [ 193.980654][T12135] netlink: 'syz.3.3356': attribute type 29 has an invalid length. [ 194.045408][T12140] netlink: 'syz.1.3359': attribute type 21 has an invalid length. [ 194.081366][T12140] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3359'. [ 194.090902][T12142] netlink: 'syz.4.3360': attribute type 3 has an invalid length. [ 194.122528][T12142] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.3360'. [ 194.161623][T12146] lo speed is unknown, defaulting to 1000 [ 194.172529][T12146] lo speed is unknown, defaulting to 1000 [ 194.183779][T12146] lo speed is unknown, defaulting to 1000 [ 194.495345][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.501686][ T1266] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.795016][ T5398] lo speed is unknown, defaulting to 1000 [ 194.805267][T12146] infiniband syz0: set active [ 194.820487][T12146] infiniband syz0: added lo [ 194.898153][T12184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3380'. [ 194.968279][T12186] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3381'. [ 195.053599][T12146] RDS/IB: syz0: added [ 195.075605][T12146] smc: adding ib device syz0 with port count 1 [ 195.090440][T12146] smc: ib device syz0 port 1 has pnetid [ 195.099026][ T5287] lo speed is unknown, defaulting to 1000 [ 195.118308][T12146] lo speed is unknown, defaulting to 1000 [ 195.579507][T12216] netlink: 'syz.1.3395': attribute type 21 has an invalid length. [ 195.606924][T12146] lo speed is unknown, defaulting to 1000 [ 195.642997][T12222] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048) [ 195.751412][T12228] SET target dimension over the limit! [ 195.885093][T12234] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 195.954676][T12238] xt_connbytes: Forcing CT accounting to be enabled [ 195.962871][T12238] Cannot find del_set index 768 as target [ 196.129119][T12146] lo speed is unknown, defaulting to 1000 [ 196.135138][T12248] netlink: 'syz.1.3411': attribute type 7 has an invalid length. [ 196.317889][T12257] netlink: 'syz.0.3416': attribute type 6 has an invalid length. [ 196.612693][T12270] netlink: 'syz.1.3422': attribute type 2 has an invalid length. [ 196.638844][T12270] __nla_validate_parse: 6 callbacks suppressed [ 196.638861][T12270] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3422'. [ 196.667336][T12146] lo speed is unknown, defaulting to 1000 [ 196.836663][T12282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3428'. [ 197.116154][T12146] lo speed is unknown, defaulting to 1000 [ 197.767177][T12334] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3453'. [ 198.199575][T12357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3465'. [ 198.219221][T12357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3465'. [ 198.233527][T12357] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3465'. [ 198.556931][T12380] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3477'. [ 198.657452][T12384] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3479'. [ 198.715253][T12389] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3481'. [ 198.814704][T12394] netlink: 332 bytes leftover after parsing attributes in process `syz.1.3483'. [ 199.908728][T12449] netlink: 'syz.0.3510': attribute type 2 has an invalid length. [ 200.055328][T12455] IPv6: addrconf: prefix option has invalid lifetime [ 200.485322][T12479] (unnamed net_device) (uninitialized): up delay (5) is not a multiple of miimon (4), value rounded to 4 ms [ 200.998606][T12508] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 201.495595][T12536] xt_CT: You must specify a L4 protocol and not use inversions on it [ 201.840427][T12555] __nla_validate_parse: 5 callbacks suppressed [ 201.840446][T12555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3564'. [ 202.120644][T12573] netlink: 'syz.0.3571': attribute type 10 has an invalid length. [ 202.155816][T12573] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3571'. [ 202.182312][T12573] bridge0: port 3(syz_tun) entered blocking state [ 202.209863][T12573] bridge0: port 3(syz_tun) entered disabled state [ 202.228304][T12573] syz_tun: entered allmulticast mode [ 202.246680][T12573] syz_tun: entered promiscuous mode [ 202.266843][T12573] bridge0: port 3(syz_tun) entered blocking state [ 202.273422][T12573] bridge0: port 3(syz_tun) entered forwarding state [ 202.410881][T12589] --map-set only usable from mangle table [ 202.530433][T12596] syz.2.3583 uses old SIOCAX25GETINFO [ 202.674918][T12604] netlink: 'syz.3.3586': attribute type 1 has an invalid length. [ 202.708421][T12604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3586'. [ 202.731971][T12608] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 202.768778][T12608] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 202.826117][T12608] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 202.844956][T12608] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 202.864072][T12608] geneve4: entered promiscuous mode [ 202.880770][T12608] geneve4: entered allmulticast mode [ 203.063006][T12624] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 203.122494][T12626] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3598'. [ 203.209047][T12632] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3601'. [ 203.524275][T12649] netlink: 'syz.2.3608': attribute type 9 has an invalid length. [ 204.026749][T12677] SET target dimension over the limit! [ 204.191154][T12687] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3626'. [ 204.206665][T12687] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3626'. [ 204.475492][T12704] netlink: 'syz.4.3636': attribute type 7 has an invalid length. [ 204.483267][T12704] netlink: 244 bytes leftover after parsing attributes in process `syz.4.3636'. [ 204.922499][T12726] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3646'. [ 205.270351][T12744] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 205.331711][T12744] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 205.498319][T12750] bridge0: entered promiscuous mode [ 205.503575][T12750] bridge0: entered allmulticast mode [ 205.684062][T12766] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3665'. [ 205.831705][T12772] netlink: 'syz.4.3669': attribute type 2 has an invalid length. [ 206.036479][T12786] sctp: [Deprecated]: syz.1.3675 (pid 12786) Use of struct sctp_assoc_value in delayed_ack socket option. [ 206.036479][T12786] Use struct sctp_sack_info instead [ 206.195058][T12792] netlink: 'syz.0.3678': attribute type 3 has an invalid length. [ 206.425671][T12807] sock: sock_timestamping_bind_phc: sock not bind to device [ 206.615730][T12805] sit0: entered promiscuous mode [ 206.637920][T12805] netlink: 'syz.0.3683': attribute type 1 has an invalid length. [ 207.481900][T12859] __nla_validate_parse: 3 callbacks suppressed [ 207.481918][T12859] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3711'. [ 207.637259][T12869] vlan2: entered promiscuous mode [ 208.688339][T12930] netlink: 144 bytes leftover after parsing attributes in process `syz.4.3746'. [ 208.838859][T12937] SET target dimension over the limit! [ 208.868683][T12936] netlink: 'syz.1.3749': attribute type 21 has an invalid length. [ 208.876136][T12941] tipc: Trying to set illegal importance in message [ 208.904204][T12936] netlink: 'syz.1.3749': attribute type 1 has an invalid length. [ 209.550166][T12983] netlink: 'syz.2.3772': attribute type 1 has an invalid length. [ 209.762526][T12995] ip6t_srh: unknown srh invflags 5F00 [ 209.818746][T12999] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3780'. [ 209.882846][T13001] siw: device registration error -23 [ 210.509060][T13038] openvswitch: netlink: Key type 12592 is out of range max 32 [ 210.902126][T13054] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3807'. [ 210.936244][T13054] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3807'. [ 210.970752][T13054] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3807'. [ 211.019624][T13062] netlink: 'syz.4.3811': attribute type 5 has an invalid length. [ 211.215466][T13072] netlink: 'syz.1.3817': attribute type 7 has an invalid length. [ 211.223238][T13072] netlink: 'syz.1.3817': attribute type 8 has an invalid length. [ 211.328037][T13080] x_tables: unsorted underflow at hook 3 [ 211.617882][T13096] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3828'. [ 211.638972][T13096] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3828'. [ 211.718121][T13106] netlink: 'syz.3.3833': attribute type 9 has an invalid length. [ 211.747898][T13106] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3833'. [ 211.871335][T13115] IPv6: sit2: Disabled Multicast RS [ 212.353789][T13142] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3849'. [ 212.793061][T13171] netlink: 'syz.4.3864': attribute type 6 has an invalid length. [ 212.950038][T13178] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 213.565665][T13221] batadv1: entered allmulticast mode [ 213.795027][T13233] netlink: 'syz.3.3893': attribute type 10 has an invalid length. [ 214.256554][T13256] netlink: 'syz.1.3904': attribute type 3 has an invalid length. [ 214.285103][T13256] netlink: 'syz.1.3904': attribute type 3 has an invalid length. [ 214.315445][T13256] netlink: 23 bytes leftover after parsing attributes in process `syz.1.3904'. [ 214.477547][T13268] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3910'. [ 214.521754][T13272] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3913'. [ 214.926674][T13295] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3922'. [ 215.049765][T13305] netlink: 'syz.1.3928': attribute type 5 has an invalid length. [ 215.269162][T13315] netlink: 'syz.1.3933': attribute type 3 has an invalid length. [ 215.388446][T13323] netlink: 'syz.2.3936': attribute type 1 has an invalid length. [ 215.549459][T13335] netlink: 830 bytes leftover after parsing attributes in process `syz.2.3943'. [ 215.565124][T13334] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3942'. [ 215.582590][T13336] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 215.741994][T13345] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3947'. [ 215.769415][T13347] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3949'. [ 215.913399][T13352] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3951'. [ 216.220428][T13372] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3961'. [ 216.752469][T13406] xt_TPROXY: Can be used only with -p tcp or -p udp [ 217.023028][T13421] xt_cgroup: invalid path, errno=-2 [ 217.052020][T13424] netlink: 'syz.1.3987': attribute type 1 has an invalid length. [ 217.091694][T13424] netlink: 'syz.1.3987': attribute type 2 has an invalid length. [ 217.631344][T13461] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 217.692442][T13461] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 218.385226][T13507] netlink: 'syz.0.4028': attribute type 27 has an invalid length. [ 218.460056][T13511] netlink: 'syz.3.4030': attribute type 30 has an invalid length. [ 219.404001][T13573] IPVS: length: 157 != 24 [ 219.625350][T13585] x_tables: ip_tables: CONNMARK.1 target: invalid size 16 (kernel) != (user) 0 [ 219.666038][T13587] __nla_validate_parse: 12 callbacks suppressed [ 219.666055][T13587] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4068'. [ 219.705849][T13587] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4068'. [ 219.716338][T13587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4068'. [ 219.735238][T13591] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4071'. [ 219.975001][T13607] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4077'. [ 220.313747][T13624] netlink: 'syz.1.4085': attribute type 10 has an invalid length. [ 220.343881][T13624] bond0: (slave bond_slave_0): Releasing backup interface [ 220.349374][T13630] netlink: 'syz.0.4088': attribute type 8 has an invalid length. [ 220.360673][T13630] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4088'. [ 220.558860][T13641] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 220.849148][T13657] netlink: zone id is out of range [ 220.913286][T13661] ebt_among: src integrity fail: 30a [ 222.666794][T13770] infiniband syz0: set active [ 222.671687][T13770] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 222.765088][ T5287] lo speed is unknown, defaulting to 1000 [ 223.247712][T13807] netlink: 'syz.3.4164': attribute type 1 has an invalid length. [ 223.264963][T13807] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4164'. [ 223.475338][T13822] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4169'. [ 223.708296][T13834] netlink: 'syz.1.4175': attribute type 2 has an invalid length. [ 223.768850][T13834] netlink: 244 bytes leftover after parsing attributes in process `syz.1.4175'. [ 224.075027][T13856] xt_l2tp: missing protocol rule (udp|l2tpip) [ 224.152020][T13863] netlink: 'syz.4.4187': attribute type 3 has an invalid length. [ 224.329055][T13873] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 224.622861][T13892] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4199'. [ 224.801176][T13904] netlink: 'syz.0.4204': attribute type 4 has an invalid length. [ 224.844989][T13904] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 224.887503][T13903] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4203'. [ 225.480380][T13947] x_tables: ip6_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT [ 225.601932][T13951] netlink: 116 bytes leftover after parsing attributes in process `syz.0.4223'. [ 225.671796][T13958] netlink: 'syz.2.4227': attribute type 1 has an invalid length. [ 225.698345][T13958] netlink: 244 bytes leftover after parsing attributes in process `syz.2.4227'. [ 225.976333][T13974] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4235'. [ 226.004402][T13974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4235'. [ 226.337116][T13997] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 226.404544][T14004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4248'. [ 226.643001][T14015] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4253'. [ 226.696334][T14019] netlink: 120 bytes leftover after parsing attributes in process `syz.2.4256'. [ 226.804359][T14024] openvswitch: netlink: Port 16777216 exceeds max allowable 65535 [ 226.813353][T14026] netlink: 292 bytes leftover after parsing attributes in process `syz.3.4258'. [ 226.843250][T14026] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4258'. [ 227.269883][T14053] x_tables: unsorted entry at hook 2 [ 227.310073][T14055] netlink: 'syz.3.4273': attribute type 12 has an invalid length. [ 227.403696][T14061] netlink: 'syz.1.4277': attribute type 7 has an invalid length. [ 227.434530][T14061] netlink: 'syz.1.4277': attribute type 6 has an invalid length. [ 228.205907][T14107] delete_channel: no stack [ 228.406610][T14118] netlink: 'syz.0.4305': attribute type 1 has an invalid length. [ 228.428393][T14118] netlink: 'syz.0.4305': attribute type 2 has an invalid length. [ 228.624993][T14134] netlink: 'syz.3.4312': attribute type 21 has an invalid length. [ 228.642766][T14136] netlink: 'syz.2.4314': attribute type 32 has an invalid length. [ 228.651165][T14134] netlink: 'syz.3.4312': attribute type 4 has an invalid length. [ 228.674247][T14134] netlink: 'syz.3.4312': attribute type 5 has an invalid length. [ 229.058352][T14160] ebt_among: dst integrity fail: 101 [ 229.155560][T14164] xt_l2tp: invalid flags combination: c [ 229.585091][T14191] vxcan2: entered allmulticast mode [ 229.596386][T14193] openvswitch: netlink: Missing key (keys=400040, expected=200000) [ 229.691497][T14198] €Â: renamed from bridge_slave_0 (while UP) [ 229.778937][T14201] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 230.253722][T14233] __nla_validate_parse: 16 callbacks suppressed [ 230.253741][T14233] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4360'. [ 230.947601][T14271] netlink: 'syz.2.4376': attribute type 33 has an invalid length. [ 230.994071][T14275] netlink: 64985 bytes leftover after parsing attributes in process `syz.4.4379'. [ 231.029136][T14277] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4377'. [ 231.627436][T14310] xt_CT: You must specify a L4 protocol and not use inversions on it [ 231.837492][T14322] netlink: 'syz.1.4402': attribute type 11 has an invalid length. [ 231.853577][T14322] netlink: 211132 bytes leftover after parsing attributes in process `syz.1.4402'. [ 232.161764][T14335] netlink: 'syz.2.4407': attribute type 1 has an invalid length. [ 232.199470][T14335] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4407'. [ 232.391118][T14344] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4412'. [ 232.543434][T14357] netlink: 'syz.3.4419': attribute type 11 has an invalid length. [ 232.735709][T14367] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551585) [ 232.755915][T14367] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647 [ 232.925253][T14374] netlink: 'syz.2.4428': attribute type 27 has an invalid length. [ 232.933115][T14374] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4428'. [ 232.978721][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4431'. [ 233.279310][T14398] sctp: [Deprecated]: syz.1.4439 (pid 14398) Use of int in maxseg socket option. [ 233.279310][T14398] Use struct sctp_assoc_value instead [ 233.747056][T14424] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 234.031329][T14441] SET target dimension over the limit! [ 234.215974][T14451] netlink: 'syz.3.4466': attribute type 21 has an invalid length. [ 234.722662][T14480] netlink: 244 bytes leftover after parsing attributes in process `syz.1.4480'. [ 235.072438][T14502] netlink: 'syz.3.4489': attribute type 24 has an invalid length. [ 235.246715][T14510] netlink: 192 bytes leftover after parsing attributes in process `syz.0.4492'. [ 235.513724][T14527] netlink: 'syz.2.4500': attribute type 16 has an invalid length. [ 235.526617][T14527] netlink: 'syz.2.4500': attribute type 17 has an invalid length. [ 235.535791][T14527] infiniband syz0: set active [ 235.541136][T14527] infiniband syz0: set active [ 235.601828][ T46] lo speed is unknown, defaulting to 1000 [ 235.620335][ T5234] lo speed is unknown, defaulting to 1000 [ 235.761563][T14542] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4507'. [ 235.962838][T14552] netlink: 'syz.0.4511': attribute type 23 has an invalid length. [ 236.141376][T14560] netlink: 148 bytes leftover after parsing attributes in process `syz.2.4516'. [ 236.590349][T14586] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4529'. [ 236.608258][T14588] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4530'. [ 236.676147][T14592] netlink: 'syz.3.4532': attribute type 14 has an invalid length. [ 237.719734][T14654] netlink: 'syz.4.4560': attribute type 12 has an invalid length. [ 237.741560][T14654] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4560'. [ 238.066097][T14675] netlink: 'syz.3.4571': attribute type 8 has an invalid length. [ 238.243860][T14685] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4577'. [ 238.458321][T14697] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (129) [ 238.595135][T14705] netlink: 'syz.1.4587': attribute type 24 has an invalid length. [ 238.698031][T14713] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.4590'. [ 238.829985][T14718] netlink: 'syz.2.4593': attribute type 1 has an invalid length. [ 238.855000][T14718] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4593'. [ 239.620919][T14763] netlink: 'syz.4.4616': attribute type 1 has an invalid length. [ 239.645529][T14763] netlink: 616 bytes leftover after parsing attributes in process `syz.4.4616'. [ 239.717995][T14768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4619'. [ 239.998564][T14788] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 240.816873][T14832] netlink: 'syz.4.4652': attribute type 33 has an invalid length. [ 240.841007][T14832] __nla_validate_parse: 4 callbacks suppressed [ 240.841024][T14832] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4652'. [ 241.219048][T14859] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4663'. [ 241.414399][T14871] netlink: 'syz.3.4669': attribute type 1 has an invalid length. [ 241.439256][T14871] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4669'. [ 241.559079][T14875] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4671'. [ 241.606127][T14875] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4671'. [ 241.719757][T14885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4676'. [ 241.799745][T14889] netlink: 'syz.3.4678': attribute type 3 has an invalid length. [ 241.856545][T14889] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.4678'. [ 241.899930][T14899] netlink: set zone limit has 8 unknown bytes [ 242.028680][T14902] netlink: 'syz.2.4684': attribute type 1 has an invalid length. [ 242.058518][T14902] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4684'. [ 242.313424][T14919] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4693'. [ 242.565243][T14935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4699'. [ 242.758729][T14948] netlink: 'syz.4.4706': attribute type 21 has an invalid length. [ 242.768958][T14948] IPv6: NLM_F_CREATE should be specified when creating new route [ 242.785174][T14948] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 242.792484][T14948] IPv6: NLM_F_CREATE should be set when creating new route [ 242.799795][T14948] IPv6: NLM_F_CREATE should be set when creating new route [ 242.807073][T14948] IPv6: NLM_F_CREATE should be set when creating new route [ 243.144435][T14965] unsupported nla_type 33800 [ 243.322020][T14973] ieee802154 phy0 wpan0: encryption failed: -90 [ 243.333251][T14975] xt_cluster: you have exceeded the maximum number of cluster nodes (768 > 32) [ 243.420033][T14977] lo speed is unknown, defaulting to 1000 [ 243.488034][T14941] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 244.423716][T15016] xt_cluster: node mask cannot exceed total number of nodes [ 244.944488][T15044] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 245.712403][T15086] netlink: 'syz.2.4770': attribute type 15 has an invalid length. [ 245.721448][T15082] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 246.188277][T15111] __nla_validate_parse: 7 callbacks suppressed [ 246.188297][T15111] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4783'. [ 246.345060][T15118] netlink: 84 bytes leftover after parsing attributes in process `syz.2.4786'. [ 246.569250][T15132] sctp: [Deprecated]: syz.3.4792 (pid 15132) Use of int in max_burst socket option. [ 246.569250][T15132] Use struct sctp_assoc_value instead [ 246.590327][T15135] netlink: 'syz.0.4795': attribute type 1 has an invalid length. [ 246.785760][T15144] netlink: 5312 bytes leftover after parsing attributes in process `syz.2.4799'. [ 247.139703][T15163] netlink: 'syz.3.4808': attribute type 24 has an invalid length. [ 247.181598][T15168] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4812'. [ 247.190818][T15169] Cannot find add_set index 0 as target [ 247.346450][T15175] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4815'. [ 247.382145][T15179] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4817'. [ 247.411196][T15179] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4817'. [ 247.700990][T15198] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 247.718198][T15200] netlink: 11 bytes leftover after parsing attributes in process `syz.0.4827'. [ 247.762448][T15200] netlink: 11 bytes leftover after parsing attributes in process `syz.0.4827'. [ 248.092031][T15222] netlink: 'syz.2.4838': attribute type 1 has an invalid length. [ 248.103501][T15222] netlink: 232 bytes leftover after parsing attributes in process `syz.2.4838'. [ 248.211659][T15226] syz.4.4841: vmalloc error: size 17179873280, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 248.290211][T15226] CPU: 0 UID: 0 PID: 15226 Comm: syz.4.4841 Not tainted 6.11.0-rc4-syzkaller-00198-gfebccb39255f #0 [ 248.301032][T15226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 248.311107][T15226] Call Trace: [ 248.314398][T15226] [ 248.317345][T15226] dump_stack_lvl+0x241/0x360 [ 248.322054][T15226] ? __pfx_dump_stack_lvl+0x10/0x10 [ 248.327274][T15226] ? __pfx__printk+0x10/0x10 [ 248.331895][T15226] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 248.334333][T15234] x_tables: ip6_tables: rpfilter match: used from hooks POSTROUTING, but only valid from PREROUTING [ 248.338310][T15226] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 248.355631][T15226] warn_alloc+0x278/0x410 [ 248.359984][T15226] ? stack_depot_save_flags+0x6e4/0x830 [ 248.365547][T15226] ? __vmalloc_node_range_noprof+0x106/0x1400 [ 248.371694][T15226] ? __pfx_warn_alloc+0x10/0x10 [ 248.376591][T15226] ? kasan_save_track+0x3f/0x80 [ 248.381468][T15226] ? __kasan_kmalloc+0x98/0xb0 [ 248.386253][T15226] ? xsk_setsockopt+0x598/0x950 [ 248.391124][T15226] ? do_sock_setsockopt+0x3af/0x720 [ 248.396340][T15226] ? __sys_setsockopt+0x1ae/0x250 [ 248.401379][T15226] ? __x64_sys_setsockopt+0xb5/0xd0 [ 248.406591][T15226] ? do_syscall_64+0xf3/0x230 [ 248.411284][T15226] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.417374][T15226] __vmalloc_node_range_noprof+0x126/0x1400 [ 248.423310][T15226] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 248.429658][T15226] ? __kasan_kmalloc+0x98/0xb0 [ 248.434442][T15226] ? xskq_create+0x54/0x170 [ 248.438975][T15226] vmalloc_user_noprof+0x74/0x80 [ 248.443933][T15226] ? xskq_create+0xb6/0x170 [ 248.448457][T15226] xskq_create+0xb6/0x170 [ 248.452824][T15226] xsk_init_queue+0xa1/0x100 [ 248.457444][T15226] xsk_setsockopt+0x598/0x950 [ 248.462148][T15226] ? __pfx_xsk_setsockopt+0x10/0x10 [ 248.467373][T15226] ? __pfx_lock_acquire+0x10/0x10 [ 248.472427][T15226] ? aa_sock_opt_perm+0x79/0x120 [ 248.477390][T15226] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 248.482965][T15226] ? security_socket_setsockopt+0x87/0xb0 [ 248.488700][T15226] ? __pfx_xsk_setsockopt+0x10/0x10 [ 248.490650][T15240] netlink: 'syz.2.4848': attribute type 1 has an invalid length. [ 248.493899][T15226] do_sock_setsockopt+0x3af/0x720 [ 248.493935][T15226] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 248.512205][T15226] ? __fget_files+0x29/0x470 [ 248.515295][T15240] netlink: 'syz.2.4848': attribute type 1 has an invalid length. [ 248.516797][T15226] ? __fget_files+0x3f6/0x470 [ 248.516840][T15226] __sys_setsockopt+0x1ae/0x250 [ 248.524567][T15240] netlink: 'syz.2.4848': attribute type 2 has an invalid length. [ 248.529174][T15226] __x64_sys_setsockopt+0xb5/0xd0 [ 248.529204][T15226] do_syscall_64+0xf3/0x230 [ 248.529225][T15226] ? clear_bhb_loop+0x35/0x90 [ 248.529251][T15226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.561857][T15226] RIP: 0033:0x7efd20b79ef9 [ 248.566289][T15226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.585911][T15226] RSP: 002b:00007efd21901038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 248.594345][T15226] RAX: ffffffffffffffda RBX: 00007efd20d15f80 RCX: 00007efd20b79ef9 [ 248.602334][T15226] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003 [ 248.610327][T15226] RBP: 00007efd20be793e R08: 0000000000000004 R09: 0000000000000000 [ 248.618315][T15226] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.626303][T15226] R13: 0000000000000000 R14: 00007efd20d15f80 R15: 00007ffc38a400d8 [ 248.634307][T15226] [ 248.647061][T15226] Mem-Info: [ 248.715064][T15226] active_anon:4191 inactive_anon:0 isolated_anon:0 [ 248.715064][T15226] active_file:1078 inactive_file:38224 isolated_file:0 [ 248.715064][T15226] unevictable:768 dirty:210 writeback:0 [ 248.715064][T15226] slab_reclaimable:9012 slab_unreclaimable:98579 [ 248.715064][T15226] mapped:20675 shmem:1266 pagetables:756 [ 248.715064][T15226] sec_pagetables:0 bounce:0 [ 248.715064][T15226] kernel_misc_reclaimable:0 [ 248.715064][T15226] free:1388616 free_pcp:413 free_cma:0 [ 248.844883][T15226] Node 0 active_anon:16664kB inactive_anon:0kB active_file:4312kB inactive_file:152824kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:82600kB dirty:840kB writeback:0kB shmem:3528kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10292kB pagetables:3024kB sec_pagetables:0kB all_unreclaimable? no [ 248.878862][T15226] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 248.909139][T15226] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 249.001255][T15226] lowmem_reserve[]: 0 2561 2562 0 0 [ 249.008062][T15226] Node 0 DMA32 free:1588300kB boost:0kB min:35020kB low:43772kB high:52524kB reserved_highatomic:0KB active_anon:16520kB inactive_anon:0kB active_file:4312kB inactive_file:151504kB unevictable:1536kB writepending:840kB present:3129332kB managed:2651248kB mlocked:0kB bounce:0kB free_pcp:1816kB local_pcp:1244kB free_cma:0kB [ 249.075420][T15226] lowmem_reserve[]: 0 0 1 0 0 [ 249.080206][T15226] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 249.142144][T15226] lowmem_reserve[]: 0 0 0 0 0 [ 249.150299][T15226] Node 1 Normal free:3951296kB boost:0kB min:54864kB low:68580kB high:82296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 249.194676][T15226] lowmem_reserve[]: 0 0 0 0 0 [ 249.202213][T15226] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 249.242743][T15226] Node 0 DMA32: 1*4kB (U) 5*8kB (ME) 9*16kB (UME) 311*32kB (UE) 146*64kB (UE) 148*128kB (UME) 58*256kB (UE) 27*512kB (UM) 16*1024kB (UM) 9*2048kB (UM) 363*4096kB (UME) = 1588764kB [ 249.312900][T15226] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 249.326210][T15226] Node 1 Normal: 2*4kB (UM) 5*8kB (UM) 9*16kB (UM) 10*32kB (UM) 5*64kB (U) 5*128kB (U) 5*256kB (UM) 2*512kB (UM) 3*1024kB (U) 2*2048kB (U) 962*4096kB (M) = 3951296kB [ 249.343840][T15226] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 249.361764][T15226] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 249.401765][T15226] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 249.449855][T15226] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 249.472288][T15226] 40570 total pagecache pages [ 249.495205][T15226] 0 pages in swap cache [ 249.499383][T15226] Free swap = 124996kB [ 249.503544][T15226] Total swap = 124996kB [ 249.524726][T15226] 2097051 pages RAM [ 249.528235][T15282] xt_TCPMSS: Only works on TCP SYN packets [ 249.531868][T15226] 0 pages HighMem/MovableOnly [ 249.539422][T15226] 402773 pages reserved [ 249.543583][T15226] 0 pages cma reserved [ 249.985619][T15306] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 250.023136][T15310] netlink: 'syz.1.4882': attribute type 1 has an invalid length. [ 250.310744][T15328] unsupported nlmsg_type 40 [ 251.075102][T15372] netlink: 'syz.1.4912': attribute type 11 has an invalid length. [ 251.174799][T15380] netlink: 'syz.2.4916': attribute type 7 has an invalid length. [ 251.451345][T15396] __nla_validate_parse: 6 callbacks suppressed [ 251.451364][T15396] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4923'. [ 251.490990][T15396] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4923'. [ 251.813711][T15420] netlink: 'syz.1.4932': attribute type 1 has an invalid length. [ 252.197240][T15446] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4942'. [ 252.237284][T15446] openvswitch: netlink: IP tunnel attribute has 3064 unknown bytes. [ 252.483556][T15462] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4951'. [ 252.862915][T15486] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6 [ 252.917999][T15489] netlink: 'syz.1.4964': attribute type 3 has an invalid length. [ 252.975086][T15489] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.4964'. [ 253.447166][T15520] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4978'. [ 253.772725][T15539] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4989'. [ 253.793144][T15539] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4989'. [ 253.867830][T15543] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4991'. [ 254.139149][T15556] netlink: 'syz.0.4997': attribute type 4 has an invalid length. [ 254.510339][T15583] netlink: 105120 bytes leftover after parsing attributes in process `syz.2.5010'. [ 255.213149][T15621] xt_CONNSECMARK: invalid mode: 0 [ 255.929622][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.947191][ T1266] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.013898][T15661] sctp: [Deprecated]: syz.3.5050 (pid 15661) Use of int in max_burst socket option. [ 256.013898][T15661] Use struct sctp_assoc_value instead [ 256.155002][ T5398] IPVS: starting estimator thread 0... [ 256.257254][T15668] IPVS: using max 25 ests per chain, 60000 per kthread [ 256.574647][T15693] x_tables: duplicate underflow at hook 2 [ 256.737257][T15701] xt_limit: Overflow, try lower: 0/0 [ 257.129068][T15725] netlink: 'syz.1.5081': attribute type 1 has an invalid length. [ 257.149298][T15727] __nla_validate_parse: 2 callbacks suppressed [ 257.149314][T15727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5082'. [ 257.758974][T15763] smc: removing ib device syz0 [ 257.762335][T15765] netlink: 'syz.3.5100': attribute type 21 has an invalid length. [ 258.057419][T15778] netlink: 'syz.3.5107': attribute type 10 has an invalid length. [ 258.072735][T15778] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5107'. [ 258.099488][T15778] bridge0: port 3(macvlan1) entered blocking state [ 258.119556][T15778] bridge0: port 3(macvlan1) entered disabled state [ 258.141834][T15778] macvlan1: entered allmulticast mode [ 258.155314][T15778] veth1_vlan: entered allmulticast mode [ 258.172573][T15778] macvlan1: entered promiscuous mode [ 258.191799][T15778] bridge0: port 3(macvlan1) entered blocking state [ 258.198495][T15778] bridge0: port 3(macvlan1) entered forwarding state [ 258.230605][T15787] netlink: 830 bytes leftover after parsing attributes in process `syz.2.5111'. [ 259.014505][T15834] netlink: 'syz.1.5134': attribute type 1 has an invalid length. [ 259.075657][T15837] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5136'. [ 259.113754][T15837] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5136'. [ 259.403331][T15854] netlink: 2860 bytes leftover after parsing attributes in process `syz.1.5144'. [ 259.427500][T15857] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5146'. [ 259.625271][T15869] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.5149'. [ 259.704809][T15872] netlink: 296 bytes leftover after parsing attributes in process `syz.2.5150'. [ 260.463046][T15915] netlink: 'syz.4.5164': attribute type 4 has an invalid length. [ 260.781785][T15934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5174'. [ 260.792687][T15935] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 260.813300][T15937] netlink: 'syz.4.5175': attribute type 4 has an invalid length. [ 260.921799][T15940] netlink: 'syz.1.5177': attribute type 11 has an invalid length. [ 261.063103][T15949] netlink: 'syz.1.5182': attribute type 1 has an invalid length. [ 261.237552][T15957] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (222) [ 261.506301][T15971] netlink: 'syz.4.5193': attribute type 1 has an invalid length. [ 261.525067][T15971] netlink: 'syz.4.5193': attribute type 2 has an invalid length. [ 261.568534][T15975] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 261.584437][T15975] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 262.381979][T16011] xt_CT: You must specify a L4 protocol and not use inversions on it [ 262.560110][T16019] __nla_validate_parse: 1 callbacks suppressed [ 262.560131][T16019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5217'. [ 264.008617][T16103] lo: entered promiscuous mode [ 264.023003][T16103] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 264.059691][T16105] veth0_to_batadv: entered promiscuous mode [ 264.088820][T16105] veth0_to_batadv: entered allmulticast mode [ 265.329612][T16177] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5294'. [ 265.640221][T16189] atomic_op ffff88801eb95198 conn xmit_atomic 0000000000000000 [ 266.392782][T16229] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5320'. [ 267.652997][ T5324] IPVS: starting estimator thread 0... [ 267.746501][T16299] IPVS: using max 26 ests per chain, 62400 per kthread [ 267.957020][T16310] netlink: 'syz.3.5359': attribute type 11 has an invalid length. [ 267.962589][T16311] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 268.282933][ T4619] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 268.292307][ T4619] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 268.301326][ T4619] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 268.310939][ T4619] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 268.320770][ T4619] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 268.330111][ T4619] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 268.603799][T16337] bridge0: entered promiscuous mode [ 268.610698][T16338] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5373'. [ 268.620957][T16337] macvlan2: entered allmulticast mode [ 268.627836][T16337] bridge0: entered allmulticast mode [ 269.051837][T16361] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5383'. [ 269.230016][T16323] chnl_net:caif_netlink_parms(): no params data found [ 269.488944][T16323] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.501194][T16323] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.514647][T16323] bridge_slave_0: entered allmulticast mode [ 269.536365][T16323] bridge_slave_0: entered promiscuous mode [ 269.544783][T16323] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.570466][T16323] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.586947][T16323] bridge_slave_1: entered allmulticast mode [ 269.612221][T16323] bridge_slave_1: entered promiscuous mode [ 269.698706][T16323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 269.719765][T16323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 269.847372][T16323] team0: Port device team_slave_0 added [ 269.876966][T16323] team0: Port device team_slave_1 added [ 269.996933][T16323] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 270.021815][T16323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 270.055912][T16323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 270.078097][T16323] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 270.085659][T16323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 270.112420][T16323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 270.228968][T16416] netlink: 'syz.2.5407': attribute type 3 has an invalid length. [ 270.264777][T16323] hsr_slave_0: entered promiscuous mode [ 270.279170][T16323] hsr_slave_1: entered promiscuous mode [ 270.297350][T16323] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 270.309559][T16323] Cannot create hsr debugfs directory [ 270.405315][ T5242] Bluetooth: hci5: command tx timeout [ 270.433547][T16427] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5412'. [ 270.457600][T16429] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5414'. [ 270.600368][T16434] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.5416'. [ 270.618740][T16434] openvswitch: netlink: IP tunnel attribute has 3060 unknown bytes. [ 270.750325][T16323] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.797117][T16441] netlink: 'syz.2.5420': attribute type 11 has an invalid length. [ 270.813288][T16441] netlink: 'syz.2.5420': attribute type 1 has an invalid length. [ 270.821471][T16441] netlink: 199816 bytes leftover after parsing attributes in process `syz.2.5420'. [ 270.909631][T16323] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.057020][T16323] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.154130][T16323] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.353165][T16323] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 271.373385][T16323] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 271.383908][T16323] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 271.394957][T16323] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 271.473420][T16323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.503936][T16323] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.529274][ T2991] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.536480][ T2991] bridge0: port 1(bridge_slave_0) entered forwarding state [ 271.546685][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.553810][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state [ 271.734694][T16323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 271.780562][T16323] veth0_vlan: entered promiscuous mode [ 271.793359][T16323] veth1_vlan: entered promiscuous mode [ 271.841166][T16323] veth0_macvtap: entered promiscuous mode [ 271.853381][T16323] veth1_macvtap: entered promiscuous mode [ 271.875756][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.886576][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.897555][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.909936][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.920400][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.934306][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.947897][T16469] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5431'. [ 271.952145][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.972424][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.982607][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.993430][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.006413][T16323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 272.023147][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 272.033783][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.055318][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 272.075989][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.094263][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 272.109353][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.119758][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 272.130633][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.141314][T16323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 272.152078][T16323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.163807][T16323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 272.221631][T16323] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.245960][T16323] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.254697][T16323] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.303148][T16323] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.355980][T16477] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5433'. [ 272.485696][ T5242] Bluetooth: hci5: command tx timeout [ 272.571605][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.588098][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.665850][T16489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5441'. [ 272.682703][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.715267][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.908408][T16504] netlink: 'syz.4.5446': attribute type 10 has an invalid length. [ 272.929309][T16504] syz_tun: entered allmulticast mode [ 272.964629][T16504] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 273.632824][T16536] netlink: 'syz.0.5460': attribute type 10 has an invalid length. [ 273.747556][T16536] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.778406][T16536] bond0: (slave team0): Enslaving as an active interface with an up link [ 273.790092][T16540] netlink: 'syz.0.5460': attribute type 10 has an invalid length. [ 273.804294][T16543] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5464'. [ 273.847378][T16540] bond0: (slave team0): Releasing backup interface [ 273.875773][T16540] bridge0: port 3(team0) entered blocking state [ 273.895138][T16540] bridge0: port 3(team0) entered disabled state [ 273.921950][T16540] team0: entered allmulticast mode [ 273.931253][T16540] team_slave_0: entered allmulticast mode [ 273.943871][T16540] team_slave_1: entered allmulticast mode [ 273.967428][T16540] team0: entered promiscuous mode [ 273.975079][T16540] team_slave_0: entered promiscuous mode [ 273.985850][T16540] team_slave_1: entered promiscuous mode [ 273.994551][T16541] netlink: 'syz.3.5463': attribute type 4 has an invalid length. [ 274.364729][T16569] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5476'. [ 274.385828][T16569] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5476'. [ 274.396688][T16570] rdma_op ffff88802d7031f0 conn xmit_rdma 0000000000000000 [ 274.542638][T16575] Bluetooth: MGMT ver 1.23 [ 274.566507][ T4619] Bluetooth: hci5: command tx timeout [ 275.026283][T16601] netlink: 'syz.0.5492': attribute type 2 has an invalid length. [ 275.655019][T16623] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.5503'. [ 275.678606][T16623] openvswitch: netlink: Actions may not be safe on all matching packets [ 276.302460][T16656] tipc: Started in network mode [ 276.314070][T16656] tipc: Node identity , cluster identity 4711 [ 276.446082][T16665] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5523'. [ 276.566181][T16667] nbd: socks must be embedded in a SOCK_ITEM attr [ 276.645611][ T4619] Bluetooth: hci5: command 0x0419 tx timeout [ 276.950302][T16690] netlink: 210596 bytes leftover after parsing attributes in process `syz.3.5534'. [ 277.125591][T16700] netlink: 'syz.3.5539': attribute type 1 has an invalid length. [ 277.235203][T16704] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5540'. [ 277.826126][T16736] tipc: Started in network mode [ 277.831044][T16736] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 277.864499][T16736] tipc: Enabling of bearer rejected, failed to enable media [ 277.877249][T16739] openvswitch: netlink: Unknown nsh attribute 0 [ 278.661743][T16774] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5575'. [ 278.725764][ T5242] Bluetooth: hci5: command 0x0419 tx timeout [ 278.753037][T16779] netlink: 'syz.0.5578': attribute type 2 has an invalid length. [ 279.222174][T16803] netlink: 'syz.2.5589': attribute type 29 has an invalid length. [ 279.916944][T16834] tipc: Enabling of bearer rejected, failed to enable media [ 280.230416][T16850] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5612'. [ 280.249970][T16850] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5612'. [ 280.278805][T16853] tipc: Started in network mode [ 280.283711][T16853] tipc: Node identity aaaaaaaaaa35, cluster identity 4711 [ 280.325649][T16853] tipc: Enabled bearer , priority 10 [ 280.415652][T16861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5617'. [ 281.171814][T16905] netlink: 'syz.3.5640': attribute type 1 has an invalid length. [ 281.336653][T16914] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5644'. [ 281.446436][ T1174] tipc: Node number set to 10463914 [ 281.903533][T16943] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5656'. [ 282.266633][T16962] tipc: Enabling of bearer rejected, failed to enable media [ 282.618003][T16979] batadv0: entered promiscuous mode [ 282.680366][T16986] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 283.125301][T17008] nftables ruleset with unbound chain [ 283.416987][T17024] netlink: 'syz.2.5697': attribute type 21 has an invalid length. [ 283.448779][T17024] netlink: 15998 bytes leftover after parsing attributes in process `syz.2.5697'. [ 283.625348][T17037] veth1_macvtap: left promiscuous mode [ 283.632615][T17037] macsec0: entered promiscuous mode [ 283.648866][T17037] macsec0: entered allmulticast mode [ 283.710233][T17040] veth1_macvtap: entered promiscuous mode [ 283.735484][T17040] veth1_macvtap: entered allmulticast mode [ 283.762429][T17040] macsec0: left promiscuous mode [ 283.768206][T17040] macsec0: left allmulticast mode [ 283.773855][T17040] veth1_macvtap: left allmulticast mode [ 283.806933][T17043] tipc: Started in network mode [ 283.812113][T17043] tipc: Node identity ffffffff, cluster identity 4711 [ 283.829252][T17043] tipc: Node number set to 4294967295 [ 284.010232][T17054] syz.2.5709 (17054) used obsolete PPPIOCDETACH ioctl [ 284.151310][T17062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5714'. [ 284.201190][T17066] Bluetooth: MGMT ver 1.23 [ 284.933407][T17101] netlink: 'syz.1.5732': attribute type 1 has an invalid length. [ 285.636725][T17135] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 285.678779][ T46] IPVS: starting estimator thread 0... [ 285.785227][T17140] IPVS: using max 19 ests per chain, 45600 per kthread [ 285.928241][T17152] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5758'. [ 286.222466][T17166] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5765'. [ 286.336439][T17172] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.5767'. [ 286.386874][T17176] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.5769'. [ 286.712323][T17194] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5778'. [ 286.738497][ T46] IPVS: starting estimator thread 0... [ 286.837666][T17197] IPVS: using max 19 ests per chain, 45600 per kthread [ 286.885574][T17206] netlink: 65047 bytes leftover after parsing attributes in process `syz.4.5783'. [ 287.054189][T17211] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5786'. [ 287.061676][T17215] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5790'. [ 287.220790][T17222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5792'. [ 287.392811][T17233] Bluetooth: MGMT ver 1.23 [ 287.925961][T17261] netlink: 228 bytes leftover after parsing attributes in process `syz.1.5811'. [ 287.943377][T17261] netlink: 'syz.1.5811': attribute type 2 has an invalid length. [ 288.066404][T17268] RDS: rds_bind could not find a transport for ::c001:20:0:0, load rds_tcp or rds_rdma? [ 288.824323][T17312] netlink: 'syz.2.5834': attribute type 12 has an invalid length. [ 289.125866][T17327] tipc: Started in network mode [ 289.151278][T17327] tipc: Node identity fe8000000000000000000000000000aa, cluster identity 4711 [ 289.183807][T17327] tipc: Enabled bearer , priority 10 [ 290.315596][ T5398] tipc: Node number set to 4269801642 [ 291.947356][T17485] __nla_validate_parse: 4 callbacks suppressed [ 291.947382][T17485] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5920'. [ 291.963480][T17485] netlink: 52 bytes leftover after parsing attributes in process `syz.3.5920'. [ 293.488992][T17566] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.5960'. [ 293.574722][T17570] netlink: 9 bytes leftover after parsing attributes in process `syz.0.5962'. [ 293.597784][T17570] 0·: renamed from hsr_slave_1 (while UP) [ 293.633267][T17570] 0·: entered allmulticast mode [ 293.645397][T17570] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 293.687262][T17577] netlink: 'syz.1.5965': attribute type 25 has an invalid length. [ 294.382464][T17616] tipc: Enabling of bearer rejected, failed to enable media [ 294.766149][T17634] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5994'. [ 294.799663][T17634] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5994'. [ 294.968985][T17644] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5998'. [ 295.045162][T17644] Zero length message leads to an empty skb [ 295.329117][T17666] batadv_slave_1: default FDB implementation only supports local addresses [ 296.243964][T17718] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6034'. [ 296.320265][T17723] netlink: 'syz.0.6039': attribute type 1 has an invalid length. [ 296.331975][T17723] netlink: 9384 bytes leftover after parsing attributes in process `syz.0.6039'. [ 296.408783][T17726] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6036'. [ 297.294519][T17777] netlink: 'syz.1.6062': attribute type 13 has an invalid length. [ 297.319342][T17777] veth0_macvtap: left promiscuous mode [ 297.332236][T17777] macvtap0: entered allmulticast mode [ 297.364453][T17777] macvtap0: refused to change device tx_queue_len [ 297.383322][T17775] tipc: New replicast peer: 10.1.1.1 [ 297.411050][T17775] tipc: Enabled bearer , priority 10 [ 297.532544][T17788] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6067'. [ 297.750904][T17797] nbd: must specify at least one socket [ 298.300575][T17828] netlink: 'syz.0.6086': attribute type 21 has an invalid length. [ 298.338751][T17828] netlink: 156 bytes leftover after parsing attributes in process `syz.0.6086'. [ 298.514597][T17839] netlink: 'syz.0.6090': attribute type 46 has an invalid length. [ 298.800212][T17855] netlink: 'syz.3.6099': attribute type 4 has an invalid length. [ 299.980267][T17923] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6131'. [ 301.252746][T17986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6161'. [ 301.988647][T18004] netlink: 'syz.1.6169': attribute type 1 has an invalid length. [ 302.014758][T18004] netlink: 9380 bytes leftover after parsing attributes in process `syz.1.6169'. [ 302.123284][T18012] @ÿÿÿ: renamed from veth0_vlan (while UP) [ 302.534582][T18037] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 302.969504][T18063] smc: net device ip6_vti0 applied user defined pnetid SYZ0 [ 303.250395][T18079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6207'. [ 303.331278][T18083] pimreg3: entered allmulticast mode [ 303.906622][T18116] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 304.294796][T18136] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6235'. [ 304.635443][T18154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6242'. [ 305.096917][T18174] netlink: 'syz.4.6251': attribute type 10 has an invalid length. [ 305.327827][T18182] netlink: 'syz.1.6257': attribute type 3 has an invalid length. [ 305.633206][T18200] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6265'. [ 305.990662][T18220] netlink: 'syz.2.6276': attribute type 1 has an invalid length. [ 306.025441][T18220] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6276'. [ 306.340121][T18242] netlink: 88 bytes leftover after parsing attributes in process `syz.2.6285'. [ 306.373104][T18237] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6283'. [ 306.518115][T18249] netlink: 'syz.1.6288': attribute type 4 has an invalid length. [ 306.524162][T18251] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6290'. [ 306.531402][T18249] netlink: 'syz.1.6288': attribute type 1 has an invalid length. [ 306.544331][T18249] netlink: 88156 bytes leftover after parsing attributes in process `syz.1.6288'. [ 306.890186][T18264] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 306.915365][ T4680] udevd[4680]: worker [5244] terminated by signal 33 (Unknown signal 33) [ 306.935002][ T4680] udevd[4680]: worker [5244] failed while handling '/devices/virtual/block/loop4' [ 307.541613][T18301] 8021q: adding VLAN 0 to HW filter on device bond0 [ 307.576069][T18301] team0: Port device bond0 added [ 307.594411][T18306] netlink: 64 bytes leftover after parsing attributes in process `syz.4.6315'. [ 308.697166][T18372] __nla_validate_parse: 1 callbacks suppressed [ 308.697185][T18372] netlink: 108 bytes leftover after parsing attributes in process `syz.2.6345'. [ 308.720693][T18372] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6345'. [ 308.829254][T18378] netlink: 'syz.3.6350': attribute type 10 has an invalid length. [ 309.223465][T18398] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6359'. [ 309.963331][T18440] netlink: 248 bytes leftover after parsing attributes in process `syz.0.6380'. [ 310.106393][T18445] netlink: 'syz.2.6384': attribute type 1 has an invalid length. [ 310.114655][T18445] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.6384'. [ 310.124095][T18445] netlink: 1 bytes leftover after parsing attributes in process `syz.2.6384'. [ 310.135052][T18447] netlink: 'syz.0.6383': attribute type 1 has an invalid length. [ 310.260499][T18452] netlink: 'syz.2.6386': attribute type 3 has an invalid length. [ 310.426387][T18462] IPVS: Error connecting to the multicast addr [ 311.056853][T18497] netlink: 'syz.2.6405': attribute type 29 has an invalid length. [ 311.082712][T18493] netlink: 'syz.2.6405': attribute type 29 has an invalid length. [ 311.156915][T18502] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 311.515283][T18519] netlink: 'syz.0.6416': attribute type 13 has an invalid length. [ 312.506340][T18569] netlink: 9392 bytes leftover after parsing attributes in process `syz.3.6441'. [ 312.530331][T18569] netlink: 'syz.3.6441': attribute type 1 has an invalid length. [ 313.011585][T18595] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6453'. [ 313.139291][T18603] ebtables: ebtables: counters copy to user failed while replacing table [ 313.673701][T18628] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6469'. [ 314.302959][T18658] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6484'. [ 314.464571][T18661] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.6485'. [ 314.496007][T18661] openvswitch: netlink: IP tunnel attribute has 3060 unknown bytes. [ 315.574423][T18711] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.6507'. [ 315.595608][T18708] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.6507'. [ 317.026473][T18777] netlink: 'syz.1.6540': attribute type 3 has an invalid length. [ 317.043751][T18775] lo: entered allmulticast mode [ 317.043788][T18777] netlink: 'syz.1.6540': attribute type 1 has an invalid length. [ 317.064437][T18777] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.6540'. [ 317.065166][T18775] lo: left allmulticast mode [ 317.240189][T18783] Bluetooth: MGMT ver 1.23 [ 317.371434][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.273158][T18822] netlink: 'syz.1.6562': attribute type 16 has an invalid length. [ 318.488824][T18833] pim6reg: entered allmulticast mode [ 318.554482][T18833] pim6reg: left allmulticast mode [ 319.035294][T18854] tipc: Enabling of bearer rejected, failed to enable media [ 319.205027][ T5242] Bluetooth: hci5: command 0x0419 tx timeout [ 319.524750][T18880] netlink: 148 bytes leftover after parsing attributes in process `syz.1.6588'. [ 320.231165][T18911] netlink: 'syz.4.6603': attribute type 32 has an invalid length. [ 320.281624][T18911] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6603'. [ 320.317685][T18911] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 320.345594][T18917] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6607'. [ 320.820954][T18938] netlink: 3 bytes leftover after parsing attributes in process `syz.1.6616'. [ 320.867171][T18939] netlink: 'syz.4.6615': attribute type 29 has an invalid length. [ 320.902837][T18937] netlink: 'syz.4.6615': attribute type 29 has an invalid length. [ 321.664428][T18974] tipc: Enabled bearer , priority 10 [ 323.658675][ T4619] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 323.667883][ T4619] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 323.682570][ T4619] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 323.692236][ T4619] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 323.700396][ T4619] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 323.707924][ T4619] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 323.962532][T19054] netlink: 9392 bytes leftover after parsing attributes in process `syz.0.6669'. [ 323.984923][T19054] netlink: 'syz.0.6669': attribute type 1 has an invalid length. [ 324.509680][T19048] chnl_net:caif_netlink_parms(): no params data found [ 324.834965][T19048] bridge0: port 1(bridge_slave_0) entered blocking state [ 324.856934][T19048] bridge0: port 1(bridge_slave_0) entered disabled state [ 324.864140][T19048] bridge_slave_0: entered allmulticast mode [ 324.886850][T19048] bridge_slave_0: entered promiscuous mode [ 324.902286][T19048] bridge0: port 2(bridge_slave_1) entered blocking state [ 324.920871][T19048] bridge0: port 2(bridge_slave_1) entered disabled state [ 324.954456][T19048] bridge_slave_1: entered allmulticast mode [ 324.981252][T19048] bridge_slave_1: entered promiscuous mode [ 325.141451][T19048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 325.190970][T19048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 325.384541][T19048] team0: Port device team_slave_0 added [ 325.486454][T19048] team0: Port device team_slave_1 added [ 325.632203][T19048] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 325.656978][T19048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 325.768710][ T4619] Bluetooth: hci6: command tx timeout [ 325.784935][T19048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 325.846072][T19048] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 325.883720][T19048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 325.964460][T19048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 326.001294][T19132] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 326.231654][T19048] hsr_slave_0: entered promiscuous mode [ 326.262127][T19048] hsr_slave_1: entered promiscuous mode [ 326.294931][T19048] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 326.322782][T19048] Cannot create hsr debugfs directory [ 326.405887][T19146] netlink: 'syz.4.6710': attribute type 1 has an invalid length. [ 327.103515][T19048] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.313935][T19048] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.407520][T19187] –eth0_vlan: renamed from bridge_slave_1 (while UP) [ 327.577397][T19048] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.839268][T19048] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.850357][ T4619] Bluetooth: hci6: command tx timeout [ 328.190669][T19225] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6747'. [ 328.289889][T19048] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 328.369147][T19048] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 328.414694][T19048] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 328.458665][T19048] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 328.541109][T19233] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6751'. [ 328.776657][T19048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 328.848108][T19048] 8021q: adding VLAN 0 to HW filter on device team0 [ 328.907621][ T2886] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.914782][ T2886] bridge0: port 1(bridge_slave_0) entered forwarding state [ 328.946515][T19247] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6757'. [ 328.968115][ T2886] bridge0: port 2(bridge_slave_1) entered blocking state [ 328.976187][ T2886] bridge0: port 2(bridge_slave_1) entered forwarding state [ 329.005063][T19250] netlink: 'syz.2.6758': attribute type 3 has an invalid length. [ 329.885778][T19048] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.925184][ T4619] Bluetooth: hci6: command tx timeout [ 330.065783][T19048] veth0_vlan: entered promiscuous mode [ 330.113158][T19048] veth1_vlan: entered promiscuous mode [ 330.204284][T19048] veth0_macvtap: entered promiscuous mode [ 330.219441][T19296] netlink: 188 bytes leftover after parsing attributes in process `syz.2.6778'. [ 330.230510][T19048] veth1_macvtap: entered promiscuous mode [ 330.254981][T19296] netlink: 'syz.2.6778': attribute type 1 has an invalid length. [ 330.278165][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.298692][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.319161][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.347697][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.373779][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.403339][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.434069][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.454483][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.464402][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.477284][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.506082][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.525792][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.546931][T19048] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 330.587615][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.608846][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.628311][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.661644][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.686536][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.707586][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.723413][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.746885][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.763667][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.787981][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.804528][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.827363][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.850248][T19048] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 330.913507][T19048] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.940322][T19048] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.970828][T19048] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.001569][T19048] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.234375][ T2886] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.282561][ T2886] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 331.334492][T19322] netlink: 'syz.1.6790': attribute type 10 has an invalid length. [ 331.396827][T19322] 8021q: adding VLAN 0 to HW filter on device team0 [ 331.435990][T19322] bond0: (slave team0): Enslaving as an active interface with an up link [ 331.519539][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.548194][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.005557][ T4619] Bluetooth: hci6: command tx timeout [ 332.308273][T19364] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 333.096717][T19405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6825'. [ 333.471141][T19421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6833'. [ 334.115386][T19441] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6841'. [ 334.208897][T19446] netlink: 209676 bytes leftover after parsing attributes in process `syz.0.6844'. [ 334.583135][T19465] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6853'. [ 334.615870][T19465] netlink: 116 bytes leftover after parsing attributes in process `syz.1.6853'. [ 335.990681][T19530] tipc: Enabled bearer , priority 10 [ 336.056346][T19535] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.6881'. [ 336.110839][T19535] openvswitch: netlink: Actions may not be safe on all matching packets [ 336.417187][T19554] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6889'. [ 337.335332][T19607] netlink: 188 bytes leftover after parsing attributes in process `syz.4.6914'. [ 337.371723][T19607] netlink: 'syz.4.6914': attribute type 1 has an invalid length. [ 337.453411][T19608] netlink: 'syz.3.6913': attribute type 1 has an invalid length. [ 337.483617][T19608] netlink: 9388 bytes leftover after parsing attributes in process `syz.3.6913'. [ 337.627869][T19620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6920'. [ 338.842754][T19677] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6947'. [ 338.864512][T19677] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6947'. [ 339.761222][T19707] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6962'. [ 340.066851][T19723] netlink: 332 bytes leftover after parsing attributes in process `syz.4.6969'. [ 340.088445][T19723] netlink: 'syz.4.6969': attribute type 9 has an invalid length. [ 340.111845][T19723] netlink: 108 bytes leftover after parsing attributes in process `syz.4.6969'. [ 340.141464][T19723] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6969'. [ 340.563631][T19744] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6979'. [ 340.896111][T19763] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6989'. [ 341.342123][T19784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6997'. [ 341.522940][T19793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7005'. [ 341.826041][T19808] netlink: 'syz.0.7010': attribute type 3 has an invalid length. [ 343.859913][T19916] netlink: 'syz.1.7061': attribute type 1 has an invalid length. [ 343.878345][T19916] __nla_validate_parse: 1 callbacks suppressed [ 343.878362][T19916] netlink: 9364 bytes leftover after parsing attributes in process `syz.1.7061'. [ 343.935452][T19916] netlink: 'syz.1.7061': attribute type 1 has an invalid length. [ 344.083777][T19926] netlink: 'syz.4.7067': attribute type 1 has an invalid length. [ 344.116532][T19926] netlink: 9348 bytes leftover after parsing attributes in process `syz.4.7067'. [ 344.142141][T19926] netlink: 'syz.4.7067': attribute type 1 has an invalid length. [ 345.419380][T19994] tipc: Bearer : already 2 bearers with priority 10 [ 345.443393][T19994] tipc: Bearer : trying with adjusted priority [ 345.461803][T19994] tipc: Enabling of bearer rejected, failed to enable media [ 345.495815][T19995] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 345.504591][T19995] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 345.513697][T19995] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 345.523061][T19995] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 345.556741][T19999] tipc: Started in network mode [ 345.591808][T19999] tipc: Node identity , cluster identity 4711 [ 345.848007][T20013] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7110'. [ 346.885903][ T4619] Bluetooth: hci6: command 0x0405 tx timeout [ 346.919044][T20065] netlink: 'syz.0.7135': attribute type 1 has an invalid length. [ 346.935546][T20065] netlink: 'syz.0.7135': attribute type 3 has an invalid length. [ 346.987013][T20065] netlink: 224 bytes leftover after parsing attributes in process `syz.0.7135'. [ 347.239120][T20085] netlink: 134716 bytes leftover after parsing attributes in process `syz.2.7146'. [ 347.274065][T20085] openvswitch: netlink: Message has 5 unknown bytes. [ 347.304431][T20088] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7147'. [ 347.387950][T20091] netlink: 'syz.0.7149': attribute type 1 has an invalid length. [ 347.415906][T20091] netlink: 9344 bytes leftover after parsing attributes in process `syz.0.7149'. [ 347.446892][T20091] netlink: 'syz.0.7149': attribute type 1 has an invalid length. [ 348.019179][T20122] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.7165'. [ 348.045713][T20122] openvswitch: netlink: Multiple metadata blocks provided [ 348.057457][T20125] netlink: 156 bytes leftover after parsing attributes in process `syz.2.7166'. [ 348.081516][T20125] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7166'. [ 348.205150][T20129] netlink: 'syz.4.7169': attribute type 10 has an invalid length. [ 348.214001][T20129] bridge0: port 3(dummy0) entered blocking state [ 348.268450][T20129] bridge0: port 3(dummy0) entered disabled state [ 348.285419][T20129] dummy0: entered allmulticast mode [ 348.305798][T20129] dummy0: entered promiscuous mode [ 348.635766][T20157] sctp: [Deprecated]: syz.1.7180 (pid 20157) Use of struct sctp_assoc_value in delayed_ack socket option. [ 348.635766][T20157] Use struct sctp_sack_info instead [ 349.643159][T20195] sctp: [Deprecated]: syz.0.7198 (pid 20195) Use of struct sctp_assoc_value in delayed_ack socket option. [ 349.643159][T20195] Use struct sctp_sack_info instead [ 349.685045][ T4619] Bluetooth: hci3: command 0x0406 tx timeout [ 350.401655][T20235] tipc: Started in network mode [ 350.415372][T20235] tipc: Node identity , cluster identity 4711 [ 350.421475][T20235] tipc: Failed to set node id, please configure manually [ 350.464239][T20235] tipc: Enabling of bearer rejected, failed to enable media [ 350.512167][T20239] __nla_validate_parse: 4 callbacks suppressed [ 350.512183][T20239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7217'. [ 350.551405][T20239] dummy0: entered promiscuous mode [ 350.647241][ T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.352482][T20282] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7236'. [ 351.605299][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.614084][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.622496][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 352.306109][T20318] tun0: tun_chr_ioctl cmd 1074812117 [ 352.444774][T20323] netlink: 'syz.0.7255': attribute type 1 has an invalid length. [ 352.470080][T20323] netlink: 9324 bytes leftover after parsing attributes in process `syz.0.7255'. [ 352.515132][T20323] netlink: 'syz.0.7255': attribute type 1 has an invalid length. [ 352.523003][T20323] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7255'. [ 352.916912][T20337] unknown channel width for channel at 907000KHz? [ 353.463586][T20366] netlink: 'syz.0.7273': attribute type 1 has an invalid length. [ 353.773500][T20379] syz.2.7279[20379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 353.773740][T20379] syz.2.7279[20379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 353.787803][T20382] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check. [ 354.375761][T20406] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7290'. [ 355.045365][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 355.671390][T20466] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7317'. [ 355.708770][T20469] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 355.901278][T20475] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 356.085444][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 356.396113][T20492] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 356.893963][ T5324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 357.125258][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 357.246347][T20530] vxcan3: entered allmulticast mode [ 357.573846][T20549] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7358'. [ 357.711437][ T1174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 357.800675][T20557] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 357.823221][T20557] macsec1: entered allmulticast mode [ 357.844185][T20557] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 357.890753][T20557] mac80211_hwsim hwsim2 wlan0: left allmulticast mode [ 357.925473][T20557] mac80211_hwsim hwsim2 wlan0: left promiscuous mode [ 358.014033][T20565] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7365'. [ 358.165469][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 358.333071][ T5324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 359.000407][T20615] netlink: 201400 bytes leftover after parsing attributes in process `syz.2.7389'. [ 359.197420][T20625] netlink: 2300 bytes leftover after parsing attributes in process `syz.3.7392'. [ 359.220131][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 359.245056][T20625] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7392'. [ 359.605310][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 359.926566][ T1174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 360.255690][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 360.263853][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 360.286201][T20668] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.7415'. [ 360.308747][T20671] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.7417'. [ 360.321977][T20671] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 360.333785][T20668] netlink: zone id is out of range [ 360.344949][T20668] netlink: zone id is out of range [ 360.350148][T20668] netlink: zone id is out of range [ 360.366211][T20668] netlink: zone id is out of range [ 361.211238][T20703] netlink: 1028 bytes leftover after parsing attributes in process `syz.2.7431'. [ 361.231214][T20703] sch_tbf: burst 0 is lower than device bridge_slave_0 mtu (1514) ! [ 361.337613][T20706] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7432'. [ 361.382571][T20706] netem: unknown loss type 13 [ 361.397348][T20706] netem: change failed [ 363.200568][T20800] netlink: 'syz.1.7473': attribute type 34 has an invalid length. [ 363.762696][T20822] sctp: [Deprecated]: syz.3.7481 (pid 20822) Use of int in max_burst socket option deprecated. [ 363.762696][T20822] Use struct sctp_assoc_value instead [ 363.924479][T20833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7489'. [ 363.952583][T20833] netlink: 56 bytes leftover after parsing attributes in process `syz.0.7489'. [ 364.405336][ T5287] net_ratelimit: 31 callbacks suppressed [ 364.405356][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.525624][T20862] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7499'. [ 364.723202][T20873] syz.4.7509[20873] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 364.723450][T20873] syz.4.7509[20873] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 364.956354][T20888] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.7515'. [ 365.006120][T20888] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 365.203000][T20899] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 365.452017][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 365.675423][T20922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 365.684400][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 366.031513][T20937] vlan3: entered promiscuous mode [ 366.042013][T20942] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7542'. [ 366.060074][T20937] vlan3: entered allmulticast mode [ 366.072305][T20937] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 366.104976][T20937] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 366.152832][T20937] team0: Port device vlan3 added [ 366.326383][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 366.496363][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 366.877886][T20969] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7552'. [ 366.906317][T20969] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7552'. [ 366.936862][T20969] gtp0: entered promiscuous mode [ 366.941996][T20969] gtp0: entered allmulticast mode [ 367.536331][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.553933][T21004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7569'. [ 367.585451][T21004] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 367.592887][T21004] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 367.613274][T21010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.632337][T21004] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 367.642235][T21010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.653670][T21004] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 368.213416][T21037] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7581'. [ 368.574098][T21056] netlink: 'syz.1.7591': attribute type 1 has an invalid length. [ 368.590645][T21057] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7592'. [ 368.605122][T21056] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7591'. [ 368.627189][T21057] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7592'. [ 369.566585][T21106] netlink: 'syz.1.7616': attribute type 3 has an invalid length. [ 369.602411][T21106] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.7616'. [ 369.615376][ T5234] net_ratelimit: 8 callbacks suppressed [ 369.615392][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 369.936244][T21126] netlink: 'syz.3.7622': attribute type 29 has an invalid length. [ 369.977877][T21126] netlink: 'syz.3.7622': attribute type 29 has an invalid length. [ 370.007785][T21126] netlink: 'syz.3.7622': attribute type 29 has an invalid length. [ 370.099155][T21135] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7629'. [ 370.129179][T21138] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7631'. [ 370.135047][T21135] openvswitch: netlink: Tunnel attr 8192 out of range max 16 [ 370.171511][T21138] vlan2: entered allmulticast mode [ 370.275093][T21140] tap0: tun_chr_ioctl cmd 1074025677 [ 370.280663][T21140] tap0: linktype set to 6 [ 370.485787][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 370.647318][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 370.769324][T21165] xt_CT: You must specify a L4 protocol and not use inversions on it [ 370.966416][T21174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 371.694918][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 371.897229][T21215] __nla_validate_parse: 2 callbacks suppressed [ 371.897247][T21215] netlink: 193372 bytes leftover after parsing attributes in process `syz.4.7668'. [ 371.919652][T21217] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 371.969140][T21215] netlink: zone id is out of range [ 371.974287][T21215] netlink: zone id is out of range [ 372.026388][T21215] netlink: zone id is out of range [ 373.024585][T21269] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 373.199480][T21277] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7697'. [ 373.230726][T21274] erspan0: vlans aren't supported yet for dev_uc|mc_add() [ 373.866563][T21309] batadv0: entered promiscuous mode [ 373.896306][T21309] macsec1: entered promiscuous mode [ 373.901736][T21309] macsec1: entered allmulticast mode [ 373.914243][T21309] batadv0: entered allmulticast mode [ 373.946921][T21309] batadv0: left allmulticast mode [ 373.952264][T21309] batadv0: left promiscuous mode [ 374.013724][T21315] netlink: 'syz.4.7711': attribute type 10 has an invalid length. [ 374.032333][T21315] syz_tun: left allmulticast mode [ 374.551285][T21340] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7723'. [ 374.814507][T21350] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7728'. [ 374.829819][ T25] net_ratelimit: 279 callbacks suppressed [ 374.829835][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 374.855390][T21350] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7728'. [ 374.953205][T21355] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.7730'. [ 374.985261][T21355] openvswitch: netlink: VXLAN extension 101 out of range max 1 [ 375.325776][T21371] pim6reg: tun_chr_ioctl cmd 1074025677 [ 375.355431][T21371] pim6reg: linktype set to 823 [ 375.848081][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.928570][T21404] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7751'. [ 375.961287][T21404] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7751'. [ 376.002293][T21404] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.022572][T21404] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.029788][T21404] bridge0: port 2(bridge_slave_1) entered forwarding state [ 376.565394][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 376.894737][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 377.932344][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.177091][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.603584][T21530] ax25_connect(): syz.2.7807 uses autobind, please contact jreuter@yaina.de [ 378.793561][ T35] macvlan1: left allmulticast mode [ 378.801972][ T35] veth1_vlan: left allmulticast mode [ 378.810392][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.842398][ T35] macvlan1: left promiscuous mode [ 378.855417][ T35] bridge0: port 3(macvlan1) entered disabled state [ 378.916007][ T35] bridge_slave_1: left allmulticast mode [ 378.935789][ T35] bridge_slave_1: left promiscuous mode [ 378.944157][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 378.962954][ T35] bridge_slave_0: left allmulticast mode [ 378.977375][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.978448][ T35] bridge_slave_0: left promiscuous mode [ 379.007347][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 379.520655][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 379.541026][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 379.552493][ T35] bond0 (unregistering): Released all slaves [ 379.568546][ T35] bond1 (unregistering): Released all slaves [ 379.581791][ T35] bond2 (unregistering): Released all slaves [ 379.605870][ T1174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 379.758583][ T35] tipc: Left network mode [ 379.864510][T21557] netlink: 'syz.4.7820': attribute type 1 has an invalid length. [ 379.925127][T21561] netlink: 188 bytes leftover after parsing attributes in process `syz.2.7822'. [ 379.945254][T21561] netlink: 'syz.2.7822': attribute type 1 has an invalid length. [ 380.015474][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 380.140654][T21569] netlink: 'syz.2.7826': attribute type 11 has an invalid length. [ 380.325306][T21580] sch_tbf: burst 5 is lower than device team0 mtu (1514) ! [ 381.048084][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 381.221234][T21625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7853'. [ 381.245197][T21625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7853'. [ 381.258112][T21628] netlink: 'syz.3.7854': attribute type 2 has an invalid length. [ 381.281765][T21625] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7853'. [ 381.562032][T21644] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7861'. [ 381.605752][T21643] syz.1.7862 (21643) used greatest stack depth: 17424 bytes left [ 381.794718][T21652] Bluetooth: hci3: too big key_count value 34945 [ 382.085415][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 382.099382][T21672] netlink: 19 bytes leftover after parsing attributes in process `syz.0.7876'. [ 382.653769][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 383.125393][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 383.343817][T21727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7902'. [ 383.353009][T21727] netlink: 44 bytes leftover after parsing attributes in process `syz.0.7902'. [ 383.782635][T21756] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7914'. [ 383.998369][T21767] netlink: 'syz.1.7921': attribute type 9 has an invalid length. [ 384.007445][T21767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7921'. [ 384.008287][T21768] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 384.034738][T21767] veth1_vlan: left promiscuous mode [ 384.086208][ T2886] wlan1: Trigger new scan to find an IBSS to join [ 384.177558][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 385.205809][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 385.252506][T21821] netem: change failed [ 385.549200][T21836] __nla_validate_parse: 1 callbacks suppressed [ 385.549218][T21836] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7949'. [ 385.686377][ T1174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 386.246510][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 386.454445][T21877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7967'. [ 387.125867][ T2886] wlan1: Trigger new scan to find an IBSS to join [ 387.133073][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 387.215535][T21911] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 387.246737][ T1174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 387.286736][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 387.655113][T21929] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7993'. [ 387.710247][T21933] netlink: 64 bytes leftover after parsing attributes in process `syz.3.7995'. [ 388.085934][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 388.327069][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 388.407835][ T5398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 388.442940][T21946] netlink: 'syz.0.8003': attribute type 8 has an invalid length. [ 388.607776][T21957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8006'. [ 389.328767][T22001] netlink: 'syz.3.8028': attribute type 5 has an invalid length. [ 390.307011][T22054] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 390.316014][T22054] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 390.324729][T22054] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 390.334140][T22054] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 390.380636][T22054] vxlan0: entered promiscuous mode [ 390.415614][ T5234] net_ratelimit: 7 callbacks suppressed [ 390.415630][ T5234] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 390.431618][T22054] vxlan0: entered allmulticast mode [ 390.696615][T22078] netlink: 'syz.4.8065': attribute type 1 has an invalid length. [ 391.127221][ T11] wlan1: Trigger new scan to find an IBSS to join [ 391.276233][T22111] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8078'. [ 391.447382][ T5287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.672737][T22136] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.8090'. [ 391.884392][T22147] netlink: 'syz.4.8095': attribute type 2 has an invalid length. [ 391.893180][T22147] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8095'. [ 392.081041][ T2886] wlan1: Creating new IBSS network, BSSID a6:4a:89:90:2f:e1 [ 392.756460][T22194] netlink: 'syz.3.8119': attribute type 1 has an invalid length. [ 393.727342][T22250] tun0: tun_chr_ioctl cmd 1074025681 [ 394.003141][T22259] netlink: 'syz.1.8147': attribute type 1 has an invalid length. [ 394.016527][T22259] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 394.023804][T22259] IPv6: NLM_F_CREATE should be set when creating new route [ 394.031097][T22259] IPv6: NLM_F_CREATE should be set when creating new route [ 394.308120][T22269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8152'. [ 394.325747][T22269] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8152'. [ 394.361509][T22269] vlan3: entered allmulticast mode [ 394.376902][T22269] team0: entered allmulticast mode [ 394.387046][T22269] team_slave_0: entered allmulticast mode [ 394.408811][T22269] team_slave_1: entered allmulticast mode [ 394.593645][T22280] rose0: tun_chr_ioctl cmd 2147767519 [ 394.823107][T22290] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.8161'. [ 394.833186][T22290] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 395.065269][T22298] netlink: 'syz.2.8165': attribute type 11 has an invalid length. [ 395.646774][T22326] netlink: 140 bytes leftover after parsing attributes in process `syz.1.8179'. [ 395.827562][T22334] netlink: 'syz.3.8183': attribute type 1 has an invalid length. [ 395.845913][T22334] netlink: 9116 bytes leftover after parsing attributes in process `syz.3.8183'. [ 395.881825][T22334] netlink: 'syz.3.8183': attribute type 1 has an invalid length. [ 395.891606][T22337] Bluetooth: hci3: unsupported parameter 64 [ 395.909824][T22334] netlink: 209 bytes leftover after parsing attributes in process `syz.3.8183'. [ 395.921410][T22337] Bluetooth: hci3: invalid length 0, exp 2 for type 2 [ 396.412141][ T2991] tipc: Subscription rejected, illegal request [ 396.916830][T22379] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8203'. [ 398.729329][T22450] netlink: 277 bytes leftover after parsing attributes in process `syz.3.8239'. [ 399.328887][T22474] netlink: 64 bytes leftover after parsing attributes in process `syz.0.8250'. [ 399.633071][T22493] netlink: 'syz.4.8257': attribute type 1 has an invalid length. [ 399.649267][T22493] netlink: 9336 bytes leftover after parsing attributes in process `syz.4.8257'. [ 399.661217][T22493] netlink: 'syz.4.8257': attribute type 8 has an invalid length. [ 399.682402][T22495] sctp: [Deprecated]: syz.1.8259 (pid 22495) Use of int in maxseg socket option. [ 399.682402][T22495] Use struct sctp_assoc_value instead [ 400.000817][T22512] netlink: 68 bytes leftover after parsing attributes in process `syz.4.8266'. [ 400.142766][T22520] netlink: 428 bytes leftover after parsing attributes in process `syz.2.8272'. [ 400.152109][T22520] netlink: 56 bytes leftover after parsing attributes in process `syz.2.8272'. [ 400.490204][T22542] tipc: Resetting bearer [ 400.677721][T22542] tipc: Disabling bearer [ 401.497584][T22584] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 401.790117][T22598] netlink: 3084 bytes leftover after parsing attributes in process `syz.2.8308'. [ 401.812926][T22598] netlink: 'syz.2.8308': attribute type 1 has an invalid length. [ 401.828886][T22598] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.8308'. [ 401.891885][T22603] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8310'. [ 401.972797][T22608] pim6reg: entered allmulticast mode [ 401.988284][T22605] pim6reg: left allmulticast mode [ 402.721938][T22650] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8331'. [ 403.229882][T22681] ax25_connect(): syz.4.8346 uses autobind, please contact jreuter@yaina.de [ 403.859407][T22713] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8361'. [ 404.262859][T22741] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8375'. [ 404.271552][T22742] IPVS: lblc: TCP 127.0.0.1:0 - no destination available [ 404.280283][ T1174] IPVS: starting estimator thread 0... [ 404.376312][T22743] IPVS: using max 19 ests per chain, 45600 per kthread [ 405.542824][T22812] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8409'. [ 405.725471][T22822] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 405.786143][T22822] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 406.000059][T22837] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 406.189178][T22850] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8428'. [ 406.325338][ T30] INFO: task syz.0.5099:15763 blocked for more than 143 seconds. [ 406.339273][ T30] Not tainted 6.11.0-rc4-syzkaller-00198-gfebccb39255f #0 [ 406.379756][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 406.416400][ T30] task:syz.0.5099 state:D stack:22480 pid:15763 tgid:15761 ppid:5245 flags:0x00004006 [ 406.428767][ T30] Call Trace: [ 406.435039][T22864] netlink: 268 bytes leftover after parsing attributes in process `syz.0.8433'. [ 406.444198][ T30] [ 406.449531][ T30] __schedule+0x1800/0x4a60 [ 406.459954][ T30] ? __pfx___schedule+0x10/0x10 [ 406.470586][ T30] ? __pfx_lock_release+0x10/0x10 [ 406.481224][ T30] ? schedule+0x90/0x320 [ 406.486836][ T30] schedule+0x14b/0x320 [ 406.491102][ T30] schedule_timeout+0xb0/0x310 [ 406.496056][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 406.501520][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 406.507940][ T30] ? wait_for_completion+0x2fe/0x620 [ 406.513270][ T30] ? wait_for_completion+0x2fe/0x620 [ 406.518599][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 406.523788][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 406.529036][ T30] ? wait_for_completion+0x2fe/0x620 [ 406.534315][ T30] wait_for_completion+0x355/0x620 [ 406.539532][ T30] ? _raw_spin_unlock+0x28/0x50 [ 406.544392][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 406.550061][ T30] ? __pfx_ib_mad_remove_device+0x10/0x10 [ 406.558658][ T30] ? remove_client_context+0x19f/0x1e0 [ 406.564144][ T30] disable_device+0x1c7/0x360 [ 406.569034][ T30] ? __pfx_disable_device+0x10/0x10 [ 406.574262][ T30] __ib_unregister_device+0x2ac/0x3c0 [ 406.579728][ T30] ? __pfx_ib_device_get_by_index+0x10/0x10 [ 406.585686][ T30] ib_unregister_device_and_put+0xb9/0xf0 [ 406.591427][ T30] nldev_dellink+0x2d6/0x320 [ 406.596395][ T30] ? __pfx_nldev_dellink+0x10/0x10 [ 406.601658][ T30] ? apparmor_capable+0x13b/0x1b0 [ 406.608787][ T30] ? bpf_lsm_capable+0x9/0x10 [ 406.613487][ T30] ? security_capable+0x90/0xb0 [ 406.618548][ T30] ? __pfx_nldev_dellink+0x10/0x10 [ 406.623664][ T30] rdma_nl_rcv+0x6dd/0x9e0 [ 406.628249][ T30] ? __pfx_rdma_nl_rcv+0x10/0x10 [ 406.633215][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 406.638501][ T30] netlink_unicast+0x7f6/0x990 [ 406.643367][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 406.650329][ T30] ? __virt_addr_valid+0x183/0x530 [ 406.655567][ T30] ? __check_object_size+0x49c/0x900 [ 406.662037][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 406.669118][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 406.674037][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 406.679386][ T30] ? __import_iovec+0x536/0x820 [ 406.684229][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 406.689417][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 406.694715][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 406.700208][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 406.706720][ T30] __sock_sendmsg+0x221/0x270 [ 406.711421][ T30] ____sys_sendmsg+0x525/0x7d0 [ 406.716284][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 406.721587][ T30] __sys_sendmsg+0x2b0/0x3a0 [ 406.726736][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 406.731875][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 406.738254][ T30] ? do_syscall_64+0x100/0x230 [ 406.743011][ T30] ? do_syscall_64+0xb6/0x230 [ 406.747873][ T30] do_syscall_64+0xf3/0x230 [ 406.752392][ T30] ? clear_bhb_loop+0x35/0x90 [ 406.757179][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.764132][ T30] RIP: 0033:0x7fb368579ef9 [ 406.768658][ T30] RSP: 002b:00007fb369420038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 406.777258][ T30] RAX: ffffffffffffffda RBX: 00007fb368715f80 RCX: 00007fb368579ef9 [ 406.787637][ T30] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 406.796930][ T30] RBP: 00007fb3685e793e R08: 0000000000000000 R09: 0000000000000000 [ 406.805110][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.813169][ T30] R13: 0000000000000000 R14: 00007fb368715f80 R15: 00007ffd047d22f8 [ 406.821315][ T30] [ 406.824438][ T30] [ 406.824438][ T30] Showing all locks held in the system: [ 406.832371][ T30] 1 lock held by khungtaskd/30: [ 406.837426][ T30] #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 406.847486][ T30] 4 locks held by kworker/u8:2/35: [ 406.852597][ T30] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 406.865034][ T30] #1: ffffc90000ab7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 406.875650][ T30] #2: ffffffff8fc77b90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 406.885076][ T30] #3: ffff888061aa86b0 (&device->unregistration_lock){+.+.}-{3:3}, at: rdma_dev_change_netns+0x3a/0x2f0 [ 406.896579][ T30] 3 locks held by kworker/u8:9/2991: [ 406.901966][ T30] 2 locks held by getty/4977: [ 406.906794][ T30] #0: ffff88802b3cb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 406.916713][ T30] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 406.934973][ T30] 2 locks held by syz.0.5099/15763: [ 406.940563][ T30] #0: ffffffff952d2df8 (&rdma_nl_types[idx].sem){.+.+}-{3:3}, at: rdma_nl_rcv+0x32d/0x9e0 [ 406.957602][ T30] #1: ffff888061aa86b0 (&device->unregistration_lock){+.+.}-{3:3}, at: __ib_unregister_device+0x264/0x3c0 [ 406.970933][ T30] [ 406.973283][ T30] ============================================= [ 406.973283][ T30] [ 406.983839][ T30] NMI backtrace for cpu 0 [ 406.988191][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc4-syzkaller-00198-gfebccb39255f #0 [ 406.998693][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 407.008736][ T30] Call Trace: [ 407.012003][ T30] [ 407.014956][ T30] dump_stack_lvl+0x241/0x360 [ 407.019625][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 407.024807][ T30] ? __pfx__printk+0x10/0x10 [ 407.029400][ T30] ? vprintk_emit+0x667/0x7c0 [ 407.034071][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 407.039199][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 407.044158][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 407.049617][ T30] ? _printk+0xd5/0x120 [ 407.053763][ T30] ? __pfx__printk+0x10/0x10 [ 407.058346][ T30] ? __wake_up_klogd+0xcc/0x110 [ 407.063182][ T30] ? __pfx__printk+0x10/0x10 [ 407.067759][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 407.072774][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 407.078745][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 407.084720][ T30] watchdog+0xff4/0x1040 [ 407.088984][ T30] ? watchdog+0x1ea/0x1040 [ 407.093423][ T30] ? __pfx_watchdog+0x10/0x10 [ 407.098134][ T30] kthread+0x2f0/0x390 [ 407.102195][ T30] ? __pfx_watchdog+0x10/0x10 [ 407.106881][ T30] ? __pfx_kthread+0x10/0x10 [ 407.111469][ T30] ret_from_fork+0x4b/0x80 [ 407.115877][ T30] ? __pfx_kthread+0x10/0x10 [ 407.121077][ T30] ret_from_fork_asm+0x1a/0x30 [ 407.125838][ T30] [ 407.130041][ T30] Sending NMI from CPU 0 to CPUs 1: [ 407.136014][ C1] NMI backtrace for cpu 1 [ 407.136026][ C1] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.11.0-rc4-syzkaller-00198-gfebccb39255f #0 [ 407.136045][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 407.136056][ C1] Workqueue: bat_events batadv_nc_worker [ 407.136081][ C1] RIP: 0010:lock_acquire+0x264/0x550 [ 407.136105][ C1] Code: 2b 00 74 08 4c 89 f7 e8 0a fd 8a 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 407.136119][ C1] RSP: 0018:ffffc900001079e0 EFLAGS: 00000206 [ 407.136131][ C1] RAX: 0000000000000001 RBX: 1ffff92000020f48 RCX: af26d5152826ee00 [ 407.136148][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c606d40 [ 407.136160][ C1] RBP: ffffc90000107b40 R08: ffffffff93734847 R09: 1ffffffff26e6908 [ 407.136172][ C1] R10: dffffc0000000000 R11: fffffbfff26e6909 R12: 1ffff92000020f44 [ 407.136184][ C1] R13: dffffc0000000000 R14: ffffc90000107a40 R15: 0000000000000246 [ 407.136195][ C1] FS: 0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 407.136208][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 407.136219][ C1] CR2: 00007f5a6d2e7ab8 CR3: 000000007d50c000 CR4: 00000000003506f0 [ 407.136233][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 407.136243][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 407.136253][ C1] Call Trace: [ 407.136259][ C1] [ 407.136266][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 407.136285][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 407.136307][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 407.136325][ C1] ? nmi_handle+0x2a/0x5a0 [ 407.136349][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 407.136369][ C1] ? nmi_handle+0x14f/0x5a0 [ 407.136383][ C1] ? nmi_handle+0x2a/0x5a0 [ 407.136399][ C1] ? lock_acquire+0x264/0x550 [ 407.136417][ C1] ? default_do_nmi+0x63/0x160 [ 407.136437][ C1] ? exc_nmi+0x123/0x1f0 [ 407.136455][ C1] ? end_repeat_nmi+0xf/0x53 [ 407.136481][ C1] ? lock_acquire+0x264/0x550 [ 407.136501][ C1] ? lock_acquire+0x264/0x550 [ 407.136522][ C1] ? lock_acquire+0x264/0x550 [ 407.136541][ C1] [ 407.136547][ C1] [ 407.136556][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 407.136578][ C1] ? batadv_nc_worker+0xcb/0x610 [ 407.136598][ C1] ? __pfx_lock_release+0x10/0x10 [ 407.136620][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 407.136645][ C1] batadv_nc_worker+0xec/0x610 [ 407.136665][ C1] ? batadv_nc_worker+0xcb/0x610 [ 407.136685][ C1] ? batadv_nc_worker+0xcb/0x610 [ 407.136707][ C1] ? process_scheduled_works+0x945/0x1830 [ 407.136726][ C1] process_scheduled_works+0xa2c/0x1830 [ 407.136761][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 407.136785][ C1] ? assign_work+0x364/0x3d0 [ 407.136807][ C1] worker_thread+0x86d/0xd40 [ 407.136835][ C1] ? __kthread_parkme+0x169/0x1d0 [ 407.136858][ C1] ? __pfx_worker_thread+0x10/0x10 [ 407.136878][ C1] kthread+0x2f0/0x390 [ 407.136899][ C1] ? __pfx_worker_thread+0x10/0x10 [ 407.136919][ C1] ? __pfx_kthread+0x10/0x10 [ 407.136941][ C1] ret_from_fork+0x4b/0x80 [ 407.136961][ C1] ? __pfx_kthread+0x10/0x10 [ 407.136983][ C1] ret_from_fork_asm+0x1a/0x30 [ 407.137012][ C1] [ 407.139187][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 407.466952][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc4-syzkaller-00198-gfebccb39255f #0 [ 407.477466][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 407.487528][ T30] Call Trace: [ 407.490812][ T30] [ 407.493741][ T30] dump_stack_lvl+0x241/0x360 [ 407.498415][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 407.503605][ T30] ? __pfx__printk+0x10/0x10 [ 407.508189][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 407.514168][ T30] ? vscnprintf+0x5d/0x90 [ 407.518511][ T30] panic+0x349/0x860 [ 407.522494][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 407.528729][ T30] ? __pfx_panic+0x10/0x10 [ 407.533139][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 407.538505][ T30] ? __irq_work_queue_local+0x137/0x410 [ 407.544045][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 407.549416][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 407.555565][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 407.561713][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 407.567879][ T30] watchdog+0x1033/0x1040 [ 407.572212][ T30] ? watchdog+0x1ea/0x1040 [ 407.576623][ T30] ? __pfx_watchdog+0x10/0x10 [ 407.581292][ T30] kthread+0x2f0/0x390 [ 407.585362][ T30] ? __pfx_watchdog+0x10/0x10 [ 407.590033][ T30] ? __pfx_kthread+0x10/0x10 [ 407.594617][ T30] ret_from_fork+0x4b/0x80 [ 407.599025][ T30] ? __pfx_kthread+0x10/0x10 [ 407.603609][ T30] ret_from_fork_asm+0x1a/0x30 [ 407.608375][ T30] [ 407.613055][ T30] Kernel Offset: disabled [ 407.617369][ T30] Rebooting in 86400 seconds..