last executing test programs: 1m11.288580899s ago: executing program 3 (id=968): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x41071, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x11, 0x80a, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000000240)={'ip6tnl0\x00', @random}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x304) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000170000000000080000000a14000000030a01010000000000fb3ff92e848802000000000000010000000000000000000000000a"], 0x3c}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d) ioctl$SIOCSIFHWADDR(r6, 0x401c5820, &(0x7f0000000080)={'macvlan1\x00', @broadcast}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) close(r5) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10) 1m9.648228901s ago: executing program 3 (id=968): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x41071, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x11, 0x80a, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000000240)={'ip6tnl0\x00', @random}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x304) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000170000000000080000000a14000000030a01010000000000fb3ff92e848802000000000000010000000000000000000000000a"], 0x3c}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d) ioctl$SIOCSIFHWADDR(r6, 0x401c5820, &(0x7f0000000080)={'macvlan1\x00', @broadcast}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) close(r5) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10) 57.516246984s ago: executing program 3 (id=968): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x41071, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x11, 0x80a, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000000240)={'ip6tnl0\x00', @random}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x304) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000170000000000080000000a14000000030a01010000000000fb3ff92e848802000000000000010000000000000000000000000a"], 0x3c}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d) ioctl$SIOCSIFHWADDR(r6, 0x401c5820, &(0x7f0000000080)={'macvlan1\x00', @broadcast}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) close(r5) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10) 42.545096344s ago: executing program 3 (id=968): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x41071, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x11, 0x80a, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000000240)={'ip6tnl0\x00', @random}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x304) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000170000000000080000000a14000000030a01010000000000fb3ff92e848802000000000000010000000000000000000000000a"], 0x3c}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d) ioctl$SIOCSIFHWADDR(r6, 0x401c5820, &(0x7f0000000080)={'macvlan1\x00', @broadcast}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) close(r5) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10) 23.650119794s ago: executing program 3 (id=968): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x41071, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x11, 0x80a, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000000240)={'ip6tnl0\x00', @random}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x304) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000170000000000080000000a14000000030a01010000000000fb3ff92e848802000000000000010000000000000000000000000a"], 0x3c}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d) ioctl$SIOCSIFHWADDR(r6, 0x401c5820, &(0x7f0000000080)={'macvlan1\x00', @broadcast}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) close(r5) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10) 11.431613115s ago: executing program 3 (id=968): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x41071, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x11, 0x80a, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000000240)={'ip6tnl0\x00', @random}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x304) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000170000000000080000000a14000000030a01010000000000fb3ff92e848802000000000000010000000000000000000000000a"], 0x3c}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d) ioctl$SIOCSIFHWADDR(r6, 0x401c5820, &(0x7f0000000080)={'macvlan1\x00', @broadcast}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) close(r5) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10) 2.806165962s ago: executing program 1 (id=1710): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00'}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_subtree(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='1-01'], 0x31) 2.610095214s ago: executing program 1 (id=1712): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0}) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) write$binfmt_script(r0, &(0x7f0000001ac0)={'#! ', './file0'}, 0xb) 2.310295249s ago: executing program 4 (id=1714): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0) 2.006030179s ago: executing program 0 (id=1715): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x55}], 0x2c) sendto$inet6(r1, &(0x7f0000847fff)="01", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback, 0x822000}, 0x1c) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0) recvmmsg(r1, &(0x7f0000005d00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/203, 0xcb}, 0x6}], 0x1, 0x40010002, 0x0) 1.170836974s ago: executing program 0 (id=1716): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001200)=@newtfilter={0x50, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x1c, 0xffff}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x20, 0x2, [@TCA_CGROUP_EMATCHES={0x1c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0xf798, 0x4, 0xe}}}]}]}]}}]}, 0x50}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.113026655s ago: executing program 0 (id=1717): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/15, 0xf) r1 = accept4(r0, 0x0, 0x0, 0x80000) sendmmsg$unix(r1, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000002c0)="042c31af66424e8f92bb4d98f7fa7426984a61174667fb4a9e7805015a0000e3965ef2cff5198100000000000000", 0x2e}, {&(0x7f0000000040)="d5", 0x1}, {&(0x7f0000000180)="c4d958cb3d3b439702bbee57446d75947a7f47d45eaad4a1680aec21a64fd7c8f188004da2fe697943f8e49f8e8c85547d052a18250ca93a204d89772738710539b013b9351a44aec8dc9caff28462bbbc001692b15db07de2ddd88c464bb7100e983c", 0x63}], 0x3}}], 0x1, 0x41) 1.000952053s ago: executing program 0 (id=1718): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x6, 0x4, 0x8, 0xb}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) 999.404322ms ago: executing program 0 (id=1719): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto(r0, 0x0, 0x0, 0x20040000, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @local, 0x5}, 0x80) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x58, 0x0}}], 0x6c00, 0x0) 686.295942ms ago: executing program 4 (id=1720): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b7040000000000008500000033000000850000002a00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 661.262873ms ago: executing program 2 (id=1721): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000002fc0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x90) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4) sendmsg$unix(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) 570.073216ms ago: executing program 4 (id=1722): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) socketpair(0x1, 0x2, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x6, 0x101, 0x82}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)={0x6, 0x4, 0x4001}, 0x48) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1206"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90) ioctl$TUNSETOFFLOAD(r1, 0x4010744d, 0x20000000) 529.4531ms ago: executing program 1 (id=1723): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=r2, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff05002400000000010500240001000000060027"], 0x58}}, 0x0) 525.355947ms ago: executing program 2 (id=1724): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cpuacct.usage_user\x00', 0x275a, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="54010000", @ANYRES16=r2, @ANYBLOB="01002bbd7000fbdbdf250f000000e40001800f000100000001000000000063300000380004001400010002004e21ac1414bb0000000000000000200002000a004e2400000006fc0100000000000000000000000000000100000014000280080004000700000008000300060000002c0004001400010002004e20ac14143300000000000000001400020002004e24e000000100000000000000000d0001007564703a73797a30000000001c0400000000000000000080080001001e000000080002000200000008000300010000802400028008000300ff7f00000800187902000000080003000600000008000200ffffff7f2c000380080003008000000008000300e17f0000080001000008000008000200790f000008000100ff0000003000078008000100080000000c0004006e000000000000000c0003"], 0x154}}, 0x0) 410.066671ms ago: executing program 2 (id=1725): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) sendmmsg$inet(r0, &(0x7f0000005ac0)=[{{&(0x7f0000000180)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x4, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @local, @local}}}], 0x20}}], 0x1, 0x0) 333.824826ms ago: executing program 2 (id=1726): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_1\x00'}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00'}) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) 314.389643ms ago: executing program 1 (id=1727): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f0000000300)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r0, &(0x7f0000000340)='\b', 0x1, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000000), 0x9058c5ec658d63ab, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x0, 0x0, 0xfffffffffffffd25) 270.30559ms ago: executing program 4 (id=1728): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b07d25a806f8c6394f90624fc602f0000000a740100051382c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x10002) 270.11161ms ago: executing program 1 (id=1729): r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000f00), 0x0, 0x100, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000b80)=0x5e6de1f3) sendto$inet6(r0, 0x0, 0x0, 0x24044005, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @loopback}, 0x1c) 198.49059ms ago: executing program 4 (id=1730): r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) r1 = socket(0x10, 0x803, 0x0) r2 = socket(0x1, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0) r4 = socket(0x10, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x2c5}]}, 0x34}}, 0x0) 189.209142ms ago: executing program 2 (id=1731): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = epoll_create(0x200) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) 96.264416ms ago: executing program 1 (id=1732): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000580)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001b0000000c00018008000100", @ANYRES32=r5], 0x20}}, 0x0) 53.740406ms ago: executing program 0 (id=1733): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="4dc07f947163300c", 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="a1", 0x1}, {&(0x7f0000000280)='Y', 0xffba}], 0x2, 0x0, 0x0, 0x200408c1}}], 0x1, 0x0) 53.02669ms ago: executing program 4 (id=1734): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x55}], 0x2c) sendto$inet6(r1, &(0x7f0000847fff)="01", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback, 0x822000}, 0x1c) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000580)={0x3f}, 0xe) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0) recvmmsg(r1, &(0x7f0000005d00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/203, 0xcb}, 0x6}], 0x1, 0x40010002, 0x0) 0s ago: executing program 2 (id=1735): socket$netlink(0x10, 0x3, 0x1a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff) r2 = socket(0x1e, 0x5, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xd5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xf2}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0) kernel console output (not intermixed with test programs): ated. [ 109.003919][ T6759] Use struct sctp_assoc_value instead [ 109.095213][ T6761] wireguard0: entered promiscuous mode [ 109.106774][ T6761] wireguard0: entered allmulticast mode [ 109.590928][ T6773] Bluetooth: MGMT ver 1.23 [ 109.756440][ T6782] bridge0: port 3(ip6gretap0) entered blocking state [ 109.763785][ T6782] bridge0: port 3(ip6gretap0) entered disabled state [ 109.772265][ T6782] ip6gretap0: entered allmulticast mode [ 109.797772][ T6782] ip6gretap0: entered promiscuous mode [ 109.826132][ T6782] bridge0: port 3(ip6gretap0) entered blocking state [ 109.833328][ T6782] bridge0: port 3(ip6gretap0) entered forwarding state [ 109.852563][ T6787] dccp_v6_rcv: dropped packet with invalid checksum [ 110.270866][ T6796] sctp: [Deprecated]: syz.0.501 (pid 6796) Use of int in max_burst socket option deprecated. [ 110.270866][ T6796] Use struct sctp_assoc_value instead [ 110.666175][ T6815] nbd: device at index 0 is going down [ 110.821263][ T6823] __nla_validate_parse: 7 callbacks suppressed [ 110.821285][ T6823] netlink: 72 bytes leftover after parsing attributes in process `syz.1.510'. [ 110.883435][ T6824] tun0: tun_chr_ioctl cmd 1074025677 [ 110.890101][ T6824] tun0: linktype set to 774 [ 110.969040][ T6832] netlink: 132 bytes leftover after parsing attributes in process `syz.0.512'. [ 111.192455][ T6842] Bluetooth: hci3: invalid len left 7, exp >= 103 [ 111.328690][ T6849] netlink: 16 bytes leftover after parsing attributes in process `syz.3.515'. [ 111.347275][ T6849] netlink: 52 bytes leftover after parsing attributes in process `syz.3.515'. [ 111.357697][ T6849] netlink: 36 bytes leftover after parsing attributes in process `syz.3.515'. [ 111.370146][ T6849] vlan0: entered allmulticast mode [ 111.375284][ T6849] veth0_vlan: entered allmulticast mode [ 111.514580][ T6854] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 111.524872][ T6850] netlink: 32 bytes leftover after parsing attributes in process `syz.4.517'. [ 111.609360][ T6856] FAULT_INJECTION: forcing a failure. [ 111.609360][ T6856] name failslab, interval 1, probability 0, space 0, times 0 [ 111.640150][ T6856] CPU: 0 UID: 0 PID: 6856 Comm: syz.4.520 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 111.650789][ T6856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 111.660866][ T6856] Call Trace: [ 111.664140][ T6856] [ 111.667170][ T6856] dump_stack_lvl+0x241/0x360 [ 111.671890][ T6856] ? __pfx_dump_stack_lvl+0x10/0x10 [ 111.677118][ T6856] ? __pfx__printk+0x10/0x10 [ 111.681730][ T6856] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 111.687374][ T6856] ? __pfx___might_resched+0x10/0x10 [ 111.692657][ T6856] should_fail_ex+0x3b0/0x4e0 [ 111.697432][ T6856] should_failslab+0xac/0x100 [ 111.702125][ T6856] ? __request_module+0x2b9/0x650 [ 111.707149][ T6856] __kmalloc_cache_noprof+0x6c/0x2c0 [ 111.712430][ T6856] __request_module+0x2b9/0x650 [ 111.717304][ T6856] ? capable+0x79/0xe0 [ 111.721367][ T6856] ? __pfx___request_module+0x10/0x10 [ 111.726743][ T6856] ? bpf_lsm_capable+0x9/0x10 [ 111.731408][ T6856] ? security_capable+0x90/0xb0 [ 111.736257][ T6856] ? dev_load+0x21/0x1f0 [ 111.740492][ T6856] dev_load+0x18f/0x1f0 [ 111.744639][ T6856] devinet_ioctl+0xe1/0x1aa0 [ 111.749229][ T6856] ? _copy_from_user+0xa6/0xe0 [ 111.753992][ T6856] ? get_user_ifreq+0x1bb/0x200 [ 111.758842][ T6856] inet_ioctl+0x3d7/0x4f0 [ 111.763189][ T6856] ? __pfx_inet_ioctl+0x10/0x10 [ 111.768053][ T6856] sock_do_ioctl+0x158/0x460 [ 111.772649][ T6856] ? __pfx_sock_do_ioctl+0x10/0x10 [ 111.777899][ T6856] sock_ioctl+0x629/0x8e0 [ 111.782233][ T6856] ? __pfx_sock_ioctl+0x10/0x10 [ 111.787085][ T6856] ? __fget_files+0x29/0x470 [ 111.791779][ T6856] ? __fget_files+0x3f6/0x470 [ 111.796466][ T6856] ? __fget_files+0x29/0x470 [ 111.801074][ T6856] ? bpf_lsm_file_ioctl+0x9/0x10 [ 111.806018][ T6856] ? security_file_ioctl+0x87/0xb0 [ 111.811217][ T6856] ? __pfx_sock_ioctl+0x10/0x10 [ 111.816257][ T6856] __se_sys_ioctl+0xfc/0x170 [ 111.820847][ T6856] do_syscall_64+0xf3/0x230 [ 111.825349][ T6856] ? clear_bhb_loop+0x35/0x90 [ 111.830024][ T6856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.835911][ T6856] RIP: 0033:0x7f44e0579e79 [ 111.840317][ T6856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.859924][ T6856] RSP: 002b:00007f44e12d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 111.868336][ T6856] RAX: ffffffffffffffda RBX: 00007f44e0715f80 RCX: 00007f44e0579e79 [ 111.876394][ T6856] RDX: 0000000020001c80 RSI: 000000000000891a RDI: 0000000000000005 [ 111.884361][ T6856] RBP: 00007f44e12d8090 R08: 0000000000000000 R09: 0000000000000000 [ 111.892340][ T6856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 111.900315][ T6856] R13: 0000000000000000 R14: 00007f44e0715f80 R15: 00007ffceb7f39f8 [ 111.908294][ T6856] [ 112.169001][ T6870] batadv0: entered promiscuous mode [ 112.182007][ T6870] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 112.197355][ T6870] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 112.214059][ T6872] netlink: 32 bytes leftover after parsing attributes in process `syz.4.525'. [ 112.556817][ T6887] dccp_v6_rcv: dropped packet with invalid checksum [ 112.725041][ T6890] netlink: 24 bytes leftover after parsing attributes in process `syz.3.532'. [ 113.608510][ T6912] netlink: 24 bytes leftover after parsing attributes in process `syz.0.538'. [ 113.841367][ T6921] syzkaller0: entered promiscuous mode [ 113.851104][ T6921] syzkaller0: entered allmulticast mode [ 113.867469][ T6924] netlink: 28 bytes leftover after parsing attributes in process `syz.0.539'. [ 115.284397][ T6927] smc: net device lo applied user defined pnetid SYZ2 [ 115.492978][ T6950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 116.062214][ T6959] __nla_validate_parse: 1 callbacks suppressed [ 116.062227][ T6959] netlink: 76 bytes leftover after parsing attributes in process `syz.0.552'. [ 116.323764][ T6970] FAULT_INJECTION: forcing a failure. [ 116.323764][ T6970] name failslab, interval 1, probability 0, space 0, times 0 [ 116.337371][ T6970] CPU: 0 UID: 0 PID: 6970 Comm: syz.1.554 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 116.348079][ T6970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 116.358132][ T6970] Call Trace: [ 116.361404][ T6970] [ 116.364329][ T6970] dump_stack_lvl+0x241/0x360 [ 116.369009][ T6970] ? __pfx_dump_stack_lvl+0x10/0x10 [ 116.374198][ T6970] ? __pfx__printk+0x10/0x10 [ 116.378799][ T6970] ? __kmalloc_node_track_caller_noprof+0xb2/0x440 [ 116.385296][ T6970] ? __pfx___might_resched+0x10/0x10 [ 116.390589][ T6970] should_fail_ex+0x3b0/0x4e0 [ 116.395356][ T6970] should_failslab+0xac/0x100 [ 116.400043][ T6970] __kmalloc_node_track_caller_noprof+0xda/0x440 [ 116.406362][ T6970] ? __request_module+0x2d5/0x650 [ 116.411380][ T6970] ? __request_module+0x2b9/0x650 [ 116.416433][ T6970] kstrdup+0x3a/0x80 [ 116.420326][ T6970] __request_module+0x2d5/0x650 [ 116.425172][ T6970] ? __pfx_aa_get_newest_label+0x10/0x10 [ 116.430797][ T6970] ? capable+0x79/0xe0 [ 116.434974][ T6970] ? __pfx___request_module+0x10/0x10 [ 116.440437][ T6970] ? apparmor_capable+0x13b/0x1b0 [ 116.445473][ T6970] ? capable+0x89/0xe0 [ 116.449541][ T6970] ? dev_load+0x21/0x1f0 [ 116.453802][ T6970] devinet_ioctl+0xe1/0x1aa0 [ 116.458386][ T6970] ? _copy_from_user+0xa6/0xe0 [ 116.463142][ T6970] ? get_user_ifreq+0x1bb/0x200 [ 116.467987][ T6970] inet_ioctl+0x3d7/0x4f0 [ 116.472308][ T6970] ? __pfx_inet_ioctl+0x10/0x10 [ 116.477166][ T6970] sock_do_ioctl+0x158/0x460 [ 116.481754][ T6970] ? __pfx_sock_do_ioctl+0x10/0x10 [ 116.486876][ T6970] sock_ioctl+0x629/0x8e0 [ 116.491201][ T6970] ? __pfx_sock_ioctl+0x10/0x10 [ 116.496067][ T6970] ? __fget_files+0x29/0x470 [ 116.500667][ T6970] ? __fget_files+0x3f6/0x470 [ 116.505340][ T6970] ? __fget_files+0x29/0x470 [ 116.510020][ T6970] ? bpf_lsm_file_ioctl+0x9/0x10 [ 116.514951][ T6970] ? security_file_ioctl+0x87/0xb0 [ 116.520138][ T6970] ? __pfx_sock_ioctl+0x10/0x10 [ 116.524985][ T6970] __se_sys_ioctl+0xfc/0x170 [ 116.529583][ T6970] do_syscall_64+0xf3/0x230 [ 116.534127][ T6970] ? clear_bhb_loop+0x35/0x90 [ 116.538816][ T6970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.544700][ T6970] RIP: 0033:0x7fd977379e79 [ 116.549129][ T6970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.568915][ T6970] RSP: 002b:00007fd97811e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 116.577409][ T6970] RAX: ffffffffffffffda RBX: 00007fd977515f80 RCX: 00007fd977379e79 [ 116.585370][ T6970] RDX: 0000000020001c80 RSI: 000000000000891a RDI: 0000000000000005 [ 116.593350][ T6970] RBP: 00007fd97811e090 R08: 0000000000000000 R09: 0000000000000000 [ 116.601332][ T6970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.609303][ T6970] R13: 0000000000000000 R14: 00007fd977515f80 R15: 00007fff616a7498 [ 116.617331][ T6970] [ 116.917061][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.560'. [ 116.991083][ T6989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.560'. [ 117.009361][ T6992] netlink: 'syz.2.562': attribute type 11 has an invalid length. [ 117.017533][ T6992] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.562'. [ 117.071118][ T5239] block nbd2: Receive control failed (result -107) [ 117.116314][ T6989] nbd2: detected capacity change from 0 to 256 [ 117.131631][ T5241] block nbd2: Dead connection, failed to find a fallback [ 117.165475][ T5241] block nbd2: shutting down sockets [ 117.167060][ T6997] netlink: 'syz.0.563': attribute type 5 has an invalid length. [ 117.175586][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.208956][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.233776][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.251221][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.259781][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.269043][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.277174][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.286404][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.294658][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.318504][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.329681][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.339028][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.347525][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.357342][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.365293][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.375976][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.384029][ T5241] ldm_validate_partition_table(): Disk read failed. [ 117.391249][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.401560][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.411710][ T5241] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.423079][ T5241] Buffer I/O error on dev nbd2, logical block 0, async page read [ 117.431184][ T5241] Dev nbd2: unable to read RDB block 0 [ 117.437534][ T5241] nbd2: unable to read partition table [ 117.448597][ T5241] ldm_validate_partition_table(): Disk read failed. [ 117.455991][ T5241] Dev nbd2: unable to read RDB block 0 [ 117.461959][ T5241] nbd2: unable to read partition table [ 118.077553][ T7024] netlink: 'syz.3.571': attribute type 16 has an invalid length. [ 118.092531][ T7024] netlink: 'syz.3.571': attribute type 3 has an invalid length. [ 118.103710][ T7025] netlink: 'syz.3.571': attribute type 2 has an invalid length. [ 118.122439][ T7024] netlink: 64066 bytes leftover after parsing attributes in process `syz.3.571'. [ 118.456268][ T7038] netlink: 16 bytes leftover after parsing attributes in process `syz.2.576'. [ 118.478598][ T7038] netlink: 104 bytes leftover after parsing attributes in process `syz.2.576'. [ 118.779548][ T7050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.574'. [ 119.518375][ T7058] netlink: 16 bytes leftover after parsing attributes in process `syz.3.581'. [ 119.585867][ T59] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 119.821623][ T5283] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 119.873643][ T7066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.585'. [ 119.890391][ T7066] macvlan3: entered promiscuous mode [ 120.101530][ T7072] syz_tun: entered promiscuous mode [ 120.221617][ T7074] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 120.894397][ T7113] syz.1.602 uses old SIOCAX25GETINFO [ 121.382333][ T7132] __nla_validate_parse: 1 callbacks suppressed [ 121.382347][ T7132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.609'. [ 121.408143][ T7132] netlink: 12 bytes leftover after parsing attributes in process `syz.0.609'. [ 121.698479][ T7145] netlink: 'syz.0.613': attribute type 5 has an invalid length. [ 121.921877][ T7152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 121.987062][ T7152] netlink: 12 bytes leftover after parsing attributes in process `syz.0.616'. [ 122.402504][ T7159] netlink: 28 bytes leftover after parsing attributes in process `syz.2.619'. [ 122.413759][ T7159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.619'. [ 122.827314][ T7177] netlink: 16 bytes leftover after parsing attributes in process `syz.2.626'. [ 122.838217][ T7177] netlink: 52 bytes leftover after parsing attributes in process `syz.2.626'. [ 122.847587][ T7177] netlink: 36 bytes leftover after parsing attributes in process `syz.2.626'. [ 123.127380][ T7192] netlink: 28 bytes leftover after parsing attributes in process `syz.2.630'. [ 123.137133][ T7192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.630'. [ 123.400376][ T5245] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 123.416003][ T5245] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 123.424588][ T5245] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 123.433992][ T5245] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 123.443126][ T5245] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 123.452966][ T5245] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 124.031731][ T7201] chnl_net:caif_netlink_parms(): no params data found [ 124.300023][ T7201] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.336392][ T7201] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.343701][ T7201] bridge_slave_0: entered allmulticast mode [ 124.388735][ T7201] bridge_slave_0: entered promiscuous mode [ 124.406307][ T7224] delete_channel: no stack [ 124.413686][ T7201] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.455717][ T7201] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.463004][ T7201] bridge_slave_1: entered allmulticast mode [ 124.506953][ T7201] bridge_slave_1: entered promiscuous mode [ 124.609268][ T7201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 124.633386][ T7201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 124.712453][ T7201] team0: Port device team_slave_0 added [ 124.730877][ T7201] team0: Port device team_slave_1 added [ 124.820994][ T7201] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 124.836107][ T7201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.864811][ T7201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 124.879746][ T7201] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 124.894456][ T7201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.933257][ T7201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 125.082678][ T7201] hsr_slave_0: entered promiscuous mode [ 125.097497][ T7201] hsr_slave_1: entered promiscuous mode [ 125.114072][ T7201] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 125.125501][ T7201] Cannot create hsr debugfs directory [ 125.368902][ T7201] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.494044][ T7201] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.525586][ T5245] Bluetooth: hci6: command tx timeout [ 125.629515][ T7201] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.828678][ T7201] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.069993][ T7283] FAULT_INJECTION: forcing a failure. [ 126.069993][ T7283] name failslab, interval 1, probability 0, space 0, times 0 [ 126.118185][ T7283] CPU: 1 UID: 0 PID: 7283 Comm: syz.3.661 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 126.128926][ T7283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 126.139442][ T7283] Call Trace: [ 126.142750][ T7283] [ 126.145701][ T7283] dump_stack_lvl+0x241/0x360 [ 126.150507][ T7283] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.155736][ T7283] ? __pfx__printk+0x10/0x10 [ 126.160352][ T7283] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 126.165924][ T7283] ? __pfx___might_resched+0x10/0x10 [ 126.171238][ T7283] should_fail_ex+0x3b0/0x4e0 [ 126.175940][ T7283] ? ptlock_alloc+0x20/0x70 [ 126.180466][ T7283] should_failslab+0xac/0x100 [ 126.185167][ T7283] ? ptlock_alloc+0x20/0x70 [ 126.189698][ T7283] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 126.195094][ T7283] ptlock_alloc+0x20/0x70 [ 126.199463][ T7283] pte_alloc_one+0xcd/0x5d0 [ 126.203994][ T7283] ? __pfx_pte_alloc_one+0x10/0x10 [ 126.208422][ T7201] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 126.209192][ T7283] ? mark_lock+0x9a/0x350 [ 126.220725][ T7283] ? __lock_acquire+0x137a/0x2040 [ 126.225785][ T7283] __pte_alloc+0x79/0x3a0 [ 126.230218][ T7283] ? mark_lock+0x9a/0x350 [ 126.234600][ T7283] ? __pfx___pte_alloc+0x10/0x10 [ 126.239591][ T7283] ? __lock_acquire+0x137a/0x2040 [ 126.244735][ T7283] handle_pte_fault+0x55cd/0x6fc0 [ 126.249786][ T7283] ? validate_chain+0x11e/0x5900 [ 126.254748][ T7283] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 126.260668][ T7283] ? __pfx_lock_acquire+0x10/0x10 [ 126.265724][ T7283] ? __pfx_handle_pte_fault+0x10/0x10 [ 126.271128][ T7283] ? mark_lock+0x9a/0x350 [ 126.275602][ T7283] ? __lock_acquire+0x137a/0x2040 [ 126.280694][ T7283] handle_mm_fault+0x1029/0x1980 [ 126.286105][ T7283] ? __pfx_handle_mm_fault+0x10/0x10 [ 126.291437][ T7283] ? __pfx_find_vma+0x10/0x10 [ 126.296179][ T7283] ? vma_is_secretmem+0xd/0x50 [ 126.300965][ T7283] ? check_vma_flags+0x500/0x5a0 [ 126.306486][ T7283] __get_user_pages+0x6ec/0x16a0 [ 126.311511][ T7283] ? __gup_longterm_locked+0xd11/0x17d0 [ 126.317275][ T7283] ? __pfx___get_user_pages+0x10/0x10 [ 126.322710][ T7283] __gup_longterm_locked+0xed7/0x17d0 [ 126.328131][ T7283] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 126.334489][ T7283] ? sanity_check_pinned_pages+0x12c2/0x13c0 [ 126.340512][ T7283] ? gup_fast_fallback+0x221d/0x2b50 [ 126.345839][ T7283] gup_fast_fallback+0x2742/0x2b50 [ 126.351184][ T7283] ? __pfx_gup_fast_fallback+0x10/0x10 [ 126.356703][ T7283] ? mark_lock+0x9a/0x350 [ 126.361149][ T7283] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 126.367156][ T7283] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 126.373517][ T7283] ? irqentry_exit+0x63/0x90 [ 126.378143][ T7283] ? is_valid_gup_args+0x124/0x200 [ 126.383294][ T7283] pin_user_pages_fast+0xcc/0x160 [ 126.388349][ T7283] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 126.394064][ T7283] iov_iter_extract_pages+0x3db/0x720 [ 126.399475][ T7283] extract_iter_to_sg+0x890/0x22b0 [ 126.404627][ T7283] ? __asan_memcpy+0x40/0x70 [ 126.409253][ T7283] ? __pfx_extract_iter_to_sg+0x10/0x10 [ 126.414830][ T7283] ? unpin_user_page+0xe0/0x1e0 [ 126.419710][ T7283] ? __pfx_unpin_user_page+0x10/0x10 [ 126.425018][ T7283] ? __local_bh_enable_ip+0x168/0x200 [ 126.430419][ T7283] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 126.436171][ T7283] ? do_raw_spin_unlock+0x13c/0x8b0 [ 126.441483][ T7283] ? vmac_init+0x8e/0xf0 [ 126.445751][ T7283] ? __asan_memset+0x23/0x50 [ 126.450372][ T7283] hash_sendmsg+0x513/0x1110 [ 126.455000][ T7283] ? __pfx_hash_sendmsg+0x10/0x10 [ 126.460067][ T7283] __sock_sendmsg+0x221/0x270 [ 126.464781][ T7283] ____sys_sendmsg+0x525/0x7d0 [ 126.469588][ T7283] ? __pfx_____sys_sendmsg+0x10/0x10 [ 126.474926][ T7283] __sys_sendmsg+0x2b0/0x3a0 [ 126.479550][ T7283] ? __pfx___sys_sendmsg+0x10/0x10 [ 126.484814][ T7283] ? vfs_write+0x7c4/0xc90 [ 126.489425][ T7283] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 126.495797][ T7283] ? do_syscall_64+0x100/0x230 [ 126.500765][ T7283] ? do_syscall_64+0xb6/0x230 [ 126.505555][ T7283] do_syscall_64+0xf3/0x230 [ 126.510174][ T7283] ? clear_bhb_loop+0x35/0x90 [ 126.514894][ T7283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.520814][ T7283] RIP: 0033:0x7fcea4d79e79 [ 126.525351][ T7283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.545071][ T7283] RSP: 002b:00007fcea5aea038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 126.553963][ T7283] RAX: ffffffffffffffda RBX: 00007fcea4f15f80 RCX: 00007fcea4d79e79 [ 126.561968][ T7283] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 126.570050][ T7283] RBP: 00007fcea5aea090 R08: 0000000000000000 R09: 0000000000000000 [ 126.578048][ T7283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.586040][ T7283] R13: 0000000000000000 R14: 00007fcea4f15f80 R15: 00007ffd6af7cea8 [ 126.594079][ T7283] [ 126.607401][ T7201] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 126.676724][ T7201] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 126.713053][ T7201] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 126.991603][ T7201] 8021q: adding VLAN 0 to HW filter on device bond0 [ 127.038319][ T7201] 8021q: adding VLAN 0 to HW filter on device team0 [ 127.077957][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.085263][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 127.153099][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.160395][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 127.290313][ T7305] netlink: 'syz.1.671': attribute type 1 has an invalid length. [ 127.291450][ T7201] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 127.309172][ T7305] __nla_validate_parse: 12 callbacks suppressed [ 127.309188][ T7305] netlink: 224 bytes leftover after parsing attributes in process `syz.1.671'. [ 127.583163][ T7201] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 127.595513][ T5245] Bluetooth: hci6: command tx timeout [ 127.818991][ T7321] netlink: 28 bytes leftover after parsing attributes in process `syz.2.673'. [ 127.842799][ T7321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.673'. [ 127.950696][ T7325] netlink: 4 bytes leftover after parsing attributes in process `syz.0.674'. [ 128.281894][ T7201] veth0_vlan: entered promiscuous mode [ 128.336112][ T7201] veth1_vlan: entered promiscuous mode [ 128.445984][ T7337] syzkaller0: refused to change device tx_queue_len [ 128.464577][ T7201] veth0_macvtap: entered promiscuous mode [ 128.492438][ T7201] veth1_macvtap: entered promiscuous mode [ 128.578365][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.605454][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.637519][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.659201][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.681735][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.702511][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.713392][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.724364][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.736724][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.747363][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.761530][ T7201] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 128.807141][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.827207][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.842987][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.855760][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.867606][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.882033][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.899486][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.910069][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.920225][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.930913][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.941670][ T7201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.952479][ T7201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.965239][ T7201] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 128.989445][ T7356] netlink: 28 bytes leftover after parsing attributes in process `syz.2.684'. [ 128.998840][ T7356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.684'. [ 129.013041][ T7201] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.023030][ T7201] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.032714][ T7201] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.041825][ T7201] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.220938][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.259002][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.350831][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.376030][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.564762][ T7372] netlink: 24 bytes leftover after parsing attributes in process `syz.4.631'. [ 129.621301][ T7370] FAULT_INJECTION: forcing a failure. [ 129.621301][ T7370] name failslab, interval 1, probability 0, space 0, times 0 [ 129.642057][ T7370] CPU: 1 UID: 0 PID: 7370 Comm: syz.3.690 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 129.652698][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 129.662789][ T7370] Call Trace: [ 129.666086][ T7370] [ 129.669037][ T7370] dump_stack_lvl+0x241/0x360 [ 129.673746][ T7370] ? __pfx_dump_stack_lvl+0x10/0x10 [ 129.675730][ T5245] Bluetooth: hci6: command tx timeout [ 129.678947][ T7370] ? __pfx__printk+0x10/0x10 [ 129.688917][ T7370] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 129.694494][ T7370] ? __pfx___might_resched+0x10/0x10 [ 129.699816][ T7370] should_fail_ex+0x3b0/0x4e0 [ 129.704517][ T7370] ? ptlock_alloc+0x20/0x70 [ 129.709122][ T7370] should_failslab+0xac/0x100 [ 129.713832][ T7370] ? ptlock_alloc+0x20/0x70 [ 129.718358][ T7370] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 129.723743][ T7370] ptlock_alloc+0x20/0x70 [ 129.728096][ T7370] pte_alloc_one+0xcd/0x5d0 [ 129.732803][ T7370] ? __pfx_pte_alloc_one+0x10/0x10 [ 129.737946][ T7370] ? mark_lock+0x9a/0x350 [ 129.742322][ T7370] ? __lock_acquire+0x137a/0x2040 [ 129.747394][ T7370] __pte_alloc+0x79/0x3a0 [ 129.751765][ T7370] ? mark_lock+0x9a/0x350 [ 129.756139][ T7370] ? __pfx___pte_alloc+0x10/0x10 [ 129.761109][ T7370] ? __lock_acquire+0x137a/0x2040 [ 129.766189][ T7370] handle_pte_fault+0x55cd/0x6fc0 [ 129.771270][ T7370] ? validate_chain+0x11e/0x5900 [ 129.776243][ T7370] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 129.782012][ T7370] ? __pfx_lock_acquire+0x10/0x10 [ 129.787094][ T7370] ? __pfx_handle_pte_fault+0x10/0x10 [ 129.792491][ T7370] ? mark_lock+0x9a/0x350 [ 129.796869][ T7370] ? __lock_acquire+0x137a/0x2040 [ 129.802080][ T7370] handle_mm_fault+0x1029/0x1980 [ 129.807080][ T7370] ? __pfx_handle_mm_fault+0x10/0x10 [ 129.812404][ T7370] ? __pfx_find_vma+0x10/0x10 [ 129.817190][ T7370] ? vma_is_secretmem+0xd/0x50 [ 129.821975][ T7370] ? check_vma_flags+0x500/0x5a0 [ 129.826966][ T7370] __get_user_pages+0x6ec/0x16a0 [ 129.831951][ T7370] ? __gup_longterm_locked+0xd11/0x17d0 [ 129.837543][ T7370] ? __pfx___get_user_pages+0x10/0x10 [ 129.842951][ T7370] __gup_longterm_locked+0xed7/0x17d0 [ 129.848331][ T7370] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 129.854676][ T7370] ? sanity_check_pinned_pages+0x12c2/0x13c0 [ 129.860672][ T7370] ? gup_fast_fallback+0x221d/0x2b50 [ 129.865971][ T7370] gup_fast_fallback+0x2742/0x2b50 [ 129.871174][ T7370] ? __pfx___schedule+0x10/0x10 [ 129.876058][ T7370] ? __pfx_gup_fast_fallback+0x10/0x10 [ 129.881553][ T7370] ? mark_lock+0x9a/0x350 [ 129.886008][ T7370] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 129.892045][ T7370] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 129.898399][ T7370] ? irqentry_exit+0x63/0x90 [ 129.903002][ T7370] ? is_valid_gup_args+0x124/0x200 [ 129.908121][ T7370] pin_user_pages_fast+0xcc/0x160 [ 129.913190][ T7370] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 129.918848][ T7370] iov_iter_extract_pages+0x3db/0x720 [ 129.924265][ T7370] extract_iter_to_sg+0x890/0x22b0 [ 129.929466][ T7370] ? __asan_memcpy+0x40/0x70 [ 129.934064][ T7370] ? __pfx_extract_iter_to_sg+0x10/0x10 [ 129.939697][ T7370] ? unpin_user_page+0xe0/0x1e0 [ 129.944568][ T7370] ? __pfx_unpin_user_page+0x10/0x10 [ 129.949855][ T7370] ? __local_bh_enable_ip+0x168/0x200 [ 129.955226][ T7370] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 129.960965][ T7370] ? do_raw_spin_unlock+0x13c/0x8b0 [ 129.966170][ T7370] ? vmac_init+0x8e/0xf0 [ 129.970426][ T7370] ? __asan_memset+0x23/0x50 [ 129.975034][ T7370] hash_sendmsg+0x513/0x1110 [ 129.979655][ T7370] ? __pfx_hash_sendmsg+0x10/0x10 [ 129.984689][ T7370] __sock_sendmsg+0x221/0x270 [ 129.989527][ T7370] ____sys_sendmsg+0x525/0x7d0 [ 129.994451][ T7370] ? __pfx_____sys_sendmsg+0x10/0x10 [ 129.999753][ T7370] __sys_sendmsg+0x2b0/0x3a0 [ 130.004468][ T7370] ? __pfx___sys_sendmsg+0x10/0x10 [ 130.009577][ T7370] ? vfs_write+0x7c4/0xc90 [ 130.014067][ T7370] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 130.020412][ T7370] ? do_syscall_64+0x100/0x230 [ 130.025175][ T7370] ? do_syscall_64+0xb6/0x230 [ 130.029846][ T7370] do_syscall_64+0xf3/0x230 [ 130.034342][ T7370] ? clear_bhb_loop+0x35/0x90 [ 130.039011][ T7370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.045250][ T7370] RIP: 0033:0x7fcea4d79e79 [ 130.049689][ T7370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.069323][ T7370] RSP: 002b:00007fcea5aea038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 130.077759][ T7370] RAX: ffffffffffffffda RBX: 00007fcea4f15f80 RCX: 00007fcea4d79e79 [ 130.085752][ T7370] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 130.093766][ T7370] RBP: 00007fcea5aea090 R08: 0000000000000000 R09: 0000000000000000 [ 130.101735][ T7370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.109738][ T7370] R13: 0000000000000000 R14: 00007fcea4f15f80 R15: 00007ffd6af7cea8 [ 130.117730][ T7370] [ 130.326465][ T7384] netlink: 28 bytes leftover after parsing attributes in process `syz.1.695'. [ 130.347338][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.695'. [ 130.456512][ T7390] dccp_v6_rcv: dropped packet with invalid checksum [ 130.484245][ T7391] netlink: 8 bytes leftover after parsing attributes in process `syz.4.698'. [ 130.509693][ T7391] bridge0: entered promiscuous mode [ 130.529626][ T7391] macvlan2: entered promiscuous mode [ 130.550780][ T7393] netlink: 'syz.0.700': attribute type 10 has an invalid length. [ 130.634838][ T7393] team0: Device syz_tun failed to register rx_handler [ 130.680813][ T7393] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 131.755875][ T5245] Bluetooth: hci6: command tx timeout [ 131.836460][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 131.923921][ T7439] netlink: 'syz.3.715': attribute type 6 has an invalid length. [ 131.951612][ T7439] raw_sendmsg: syz.3.715 forgot to set AF_INET. Fix it! [ 132.117643][ T7448] delete_channel: no stack [ 132.247053][ T7451] FAULT_INJECTION: forcing a failure. [ 132.247053][ T7451] name failslab, interval 1, probability 0, space 0, times 0 [ 132.275566][ T7451] CPU: 1 UID: 0 PID: 7451 Comm: syz.2.721 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 132.286305][ T7451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 132.296382][ T7451] Call Trace: [ 132.299685][ T7451] [ 132.302637][ T7451] dump_stack_lvl+0x241/0x360 [ 132.307341][ T7451] ? __pfx_dump_stack_lvl+0x10/0x10 [ 132.312564][ T7451] ? __pfx__printk+0x10/0x10 [ 132.317182][ T7451] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 132.322752][ T7451] ? __pfx___might_resched+0x10/0x10 [ 132.328084][ T7451] should_fail_ex+0x3b0/0x4e0 [ 132.332792][ T7451] ? ptlock_alloc+0x20/0x70 [ 132.337332][ T7451] should_failslab+0xac/0x100 [ 132.342050][ T7451] ? ptlock_alloc+0x20/0x70 [ 132.346586][ T7451] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 132.351991][ T7451] ptlock_alloc+0x20/0x70 [ 132.356352][ T7451] pte_alloc_one+0xcd/0x5d0 [ 132.360891][ T7451] ? __pfx_pte_alloc_one+0x10/0x10 [ 132.366031][ T7451] ? mark_lock+0x9a/0x350 [ 132.370398][ T7451] ? __lock_acquire+0x137a/0x2040 [ 132.375458][ T7451] __pte_alloc+0x79/0x3a0 [ 132.379810][ T7451] ? mark_lock+0x9a/0x350 [ 132.384179][ T7451] ? __pfx___pte_alloc+0x10/0x10 [ 132.389142][ T7451] ? __lock_acquire+0x137a/0x2040 [ 132.394210][ T7451] handle_pte_fault+0x55cd/0x6fc0 [ 132.399273][ T7451] ? validate_chain+0x11e/0x5900 [ 132.404236][ T7451] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 132.409993][ T7451] ? __pfx_lock_acquire+0x10/0x10 [ 132.415064][ T7451] ? __pfx_handle_pte_fault+0x10/0x10 [ 132.420464][ T7451] ? mark_lock+0x9a/0x350 [ 132.424871][ T7451] ? __lock_acquire+0x137a/0x2040 [ 132.429971][ T7451] handle_mm_fault+0x1029/0x1980 [ 132.434970][ T7451] ? __pfx_handle_mm_fault+0x10/0x10 [ 132.440477][ T7451] ? __pfx_find_vma+0x10/0x10 [ 132.445630][ T7451] ? vma_is_secretmem+0xd/0x50 [ 132.450418][ T7451] ? check_vma_flags+0x500/0x5a0 [ 132.455394][ T7451] __get_user_pages+0x6ec/0x16a0 [ 132.460383][ T7451] ? __gup_longterm_locked+0xd11/0x17d0 [ 132.465972][ T7451] ? __pfx___get_user_pages+0x10/0x10 [ 132.471392][ T7451] __gup_longterm_locked+0xed7/0x17d0 [ 132.476805][ T7451] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 132.483165][ T7451] ? sanity_check_pinned_pages+0x12c2/0x13c0 [ 132.489181][ T7451] ? gup_fast_fallback+0x221d/0x2b50 [ 132.494508][ T7451] gup_fast_fallback+0x2742/0x2b50 [ 132.499682][ T7451] ? __pfx_gup_fast_fallback+0x10/0x10 [ 132.505176][ T7451] ? mark_lock+0x9a/0x350 [ 132.509544][ T7451] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 132.515558][ T7451] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 132.521920][ T7451] ? irqentry_exit+0x63/0x90 [ 132.526549][ T7451] ? is_valid_gup_args+0x124/0x200 [ 132.531691][ T7451] pin_user_pages_fast+0xcc/0x160 [ 132.536755][ T7451] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 132.542434][ T7451] iov_iter_extract_pages+0x3db/0x720 [ 132.547943][ T7451] extract_iter_to_sg+0x890/0x22b0 [ 132.553089][ T7451] ? __asan_memcpy+0x40/0x70 [ 132.557723][ T7451] ? __pfx_extract_iter_to_sg+0x10/0x10 [ 132.563295][ T7451] ? unpin_user_page+0xe0/0x1e0 [ 132.568176][ T7451] ? __pfx_unpin_user_page+0x10/0x10 [ 132.573485][ T7451] ? __local_bh_enable_ip+0x168/0x200 [ 132.578894][ T7451] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 132.584730][ T7451] ? do_raw_spin_unlock+0x13c/0x8b0 [ 132.589974][ T7451] ? vmac_init+0x8e/0xf0 [ 132.594249][ T7451] ? __asan_memset+0x23/0x50 [ 132.598867][ T7451] hash_sendmsg+0x513/0x1110 [ 132.603505][ T7451] ? __pfx_hash_sendmsg+0x10/0x10 [ 132.608546][ T7451] __sock_sendmsg+0x221/0x270 [ 132.613274][ T7451] ____sys_sendmsg+0x525/0x7d0 [ 132.618078][ T7451] ? __pfx_____sys_sendmsg+0x10/0x10 [ 132.623409][ T7451] __sys_sendmsg+0x2b0/0x3a0 [ 132.628074][ T7451] ? __pfx___sys_sendmsg+0x10/0x10 [ 132.633222][ T7451] ? vfs_write+0x7c4/0xc90 [ 132.637718][ T7451] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 132.644078][ T7451] ? do_syscall_64+0x100/0x230 [ 132.648883][ T7451] ? do_syscall_64+0xb6/0x230 [ 132.653602][ T7451] do_syscall_64+0xf3/0x230 [ 132.658136][ T7451] ? clear_bhb_loop+0x35/0x90 [ 132.662854][ T7451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.668776][ T7451] RIP: 0033:0x7f4157779e79 [ 132.673224][ T7451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.692956][ T7451] RSP: 002b:00007f415850a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 132.694595][ T7466] __nla_validate_parse: 8 callbacks suppressed [ 132.694609][ T7466] netlink: 16 bytes leftover after parsing attributes in process `syz.3.728'. [ 132.701420][ T7451] RAX: ffffffffffffffda RBX: 00007f4157915f80 RCX: 00007f4157779e79 [ 132.701442][ T7451] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 132.701454][ T7451] RBP: 00007f415850a090 R08: 0000000000000000 R09: 0000000000000000 [ 132.701466][ T7451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 132.701476][ T7451] R13: 0000000000000000 R14: 00007f4157915f80 R15: 00007ffd2ba84e98 [ 132.701504][ T7451] [ 132.768531][ T7466] netlink: 52 bytes leftover after parsing attributes in process `syz.3.728'. [ 133.009930][ T7474] bridge0: port 3(vlan2) entered blocking state [ 133.032121][ T7474] bridge0: port 3(vlan2) entered disabled state [ 133.067178][ T7474] vlan2: entered allmulticast mode [ 133.080777][ T7474] vlan2: left allmulticast mode [ 133.121992][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.339659][ T7485] delete_channel: no stack [ 133.371545][ T7490] netlink: 28 bytes leftover after parsing attributes in process `syz.2.734'. [ 133.383883][ T7490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.734'. [ 133.626293][ T7496] netlink: 4 bytes leftover after parsing attributes in process `syz.3.737'. [ 133.705859][ T7496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.737'. [ 133.780631][ T7509] netlink: 16 bytes leftover after parsing attributes in process `syz.1.742'. [ 133.810447][ T7509] netlink: 52 bytes leftover after parsing attributes in process `syz.1.742'. [ 133.952307][ T7517] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 133.991181][ T7511] dvmrp0: entered allmulticast mode [ 134.003205][ T7517] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 134.030502][ T7520] netlink: 'syz.1.746': attribute type 3 has an invalid length. [ 134.591170][ T7543] netlink: 16 bytes leftover after parsing attributes in process `syz.4.755'. [ 134.634609][ T7543] netlink: 52 bytes leftover after parsing attributes in process `syz.4.755'. [ 135.257037][ T7572] FAULT_INJECTION: forcing a failure. [ 135.257037][ T7572] name failslab, interval 1, probability 0, space 0, times 0 [ 135.277514][ T7572] CPU: 0 UID: 0 PID: 7572 Comm: syz.1.768 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 135.288147][ T7572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 135.298209][ T7572] Call Trace: [ 135.301494][ T7572] [ 135.304414][ T7572] dump_stack_lvl+0x241/0x360 [ 135.309083][ T7572] ? __pfx_dump_stack_lvl+0x10/0x10 [ 135.314278][ T7572] ? __pfx__printk+0x10/0x10 [ 135.318870][ T7572] ? ref_tracker_alloc+0x332/0x490 [ 135.323976][ T7572] should_fail_ex+0x3b0/0x4e0 [ 135.328662][ T7572] ? skb_clone+0x20c/0x390 [ 135.333107][ T7572] should_failslab+0xac/0x100 [ 135.337819][ T7572] ? skb_clone+0x20c/0x390 [ 135.342245][ T7572] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 135.347618][ T7572] skb_clone+0x20c/0x390 [ 135.351855][ T7572] __netlink_deliver_tap+0x3cc/0x7c0 [ 135.357158][ T7572] ? netlink_deliver_tap+0x2e/0x1b0 [ 135.362348][ T7572] netlink_deliver_tap+0x19d/0x1b0 [ 135.367451][ T7572] netlink_unicast+0x7c4/0x990 [ 135.372213][ T7572] ? __pfx_netlink_unicast+0x10/0x10 [ 135.377767][ T7572] ? __virt_addr_valid+0x183/0x530 [ 135.382982][ T7572] ? __check_object_size+0x49c/0x900 [ 135.388262][ T7572] ? bpf_lsm_netlink_send+0x9/0x10 [ 135.393386][ T7572] netlink_sendmsg+0x8e4/0xcb0 [ 135.398149][ T7572] ? __pfx_netlink_sendmsg+0x10/0x10 [ 135.403424][ T7572] ? __import_iovec+0x536/0x820 [ 135.408287][ T7572] ? aa_sock_msg_perm+0x91/0x160 [ 135.413235][ T7572] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 135.418520][ T7572] ? security_socket_sendmsg+0x87/0xb0 [ 135.424071][ T7572] ? __pfx_netlink_sendmsg+0x10/0x10 [ 135.429354][ T7572] __sock_sendmsg+0x221/0x270 [ 135.434043][ T7572] ____sys_sendmsg+0x525/0x7d0 [ 135.438894][ T7572] ? __pfx_____sys_sendmsg+0x10/0x10 [ 135.444179][ T7572] __sys_sendmsg+0x2b0/0x3a0 [ 135.448762][ T7572] ? __pfx___sys_sendmsg+0x10/0x10 [ 135.453873][ T7572] ? vfs_write+0x7c4/0xc90 [ 135.458314][ T7572] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 135.464646][ T7572] ? do_syscall_64+0x100/0x230 [ 135.469401][ T7572] ? do_syscall_64+0xb6/0x230 [ 135.474076][ T7572] do_syscall_64+0xf3/0x230 [ 135.478583][ T7572] ? clear_bhb_loop+0x35/0x90 [ 135.483290][ T7572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.489211][ T7572] RIP: 0033:0x7fd977379e79 [ 135.493794][ T7572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.513407][ T7572] RSP: 002b:00007fd97811e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 135.521829][ T7572] RAX: ffffffffffffffda RBX: 00007fd977515f80 RCX: 00007fd977379e79 [ 135.529832][ T7572] RDX: 0000000000000000 RSI: 000000002000c2c0 RDI: 0000000000000003 [ 135.537817][ T7572] RBP: 00007fd97811e090 R08: 0000000000000000 R09: 0000000000000000 [ 135.545789][ T7572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.553755][ T7572] R13: 0000000000000000 R14: 00007fd977515f80 R15: 00007fff616a7498 [ 135.561734][ T7572] [ 135.683631][ T7578] netlink: 'syz.0.769': attribute type 1 has an invalid length. [ 136.074273][ T7592] macvlan3: entered promiscuous mode [ 136.509789][ T7604] FAULT_INJECTION: forcing a failure. [ 136.509789][ T7604] name failslab, interval 1, probability 0, space 0, times 0 [ 136.522890][ T7604] CPU: 1 UID: 0 PID: 7604 Comm: syz.2.780 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 136.533509][ T7604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 136.543592][ T7604] Call Trace: [ 136.546896][ T7604] [ 136.549854][ T7604] dump_stack_lvl+0x241/0x360 [ 136.554598][ T7604] ? __pfx_dump_stack_lvl+0x10/0x10 [ 136.559929][ T7604] ? __pfx__printk+0x10/0x10 [ 136.564625][ T7604] should_fail_ex+0x3b0/0x4e0 [ 136.569518][ T7604] ? skb_clone+0x20c/0x390 [ 136.573966][ T7604] should_failslab+0xac/0x100 [ 136.578698][ T7604] ? skb_clone+0x20c/0x390 [ 136.583153][ T7604] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 136.588581][ T7604] skb_clone+0x20c/0x390 [ 136.592860][ T7604] ? dev_queue_xmit_nit+0x220/0xc10 [ 136.598088][ T7604] dev_queue_xmit_nit+0x419/0xc10 [ 136.603138][ T7604] ? dev_queue_xmit_nit+0x2b/0xc10 [ 136.608452][ T7604] ? validate_xmit_skb+0x9f9/0x1120 [ 136.613693][ T7604] dev_hard_start_xmit+0x15f/0x7e0 [ 136.618845][ T7604] ? __pfx_validate_xmit_skb+0x10/0x10 [ 136.624347][ T7604] __dev_queue_xmit+0x1b63/0x3e90 [ 136.629407][ T7604] ? kasan_save_track+0x51/0x80 [ 136.634294][ T7604] ? do_syscall_64+0xf3/0x230 [ 136.638995][ T7604] ? __dev_queue_xmit+0x2da/0x3e90 [ 136.644138][ T7604] ? __pfx___dev_queue_xmit+0x10/0x10 [ 136.649584][ T7604] ? __copy_skb_header+0x437/0x5b0 [ 136.654728][ T7604] ? __asan_memcpy+0x40/0x70 [ 136.659347][ T7604] ? __copy_skb_header+0x437/0x5b0 [ 136.664491][ T7604] ? __skb_clone+0x454/0x6c0 [ 136.669116][ T7604] ? skb_clone+0x240/0x390 [ 136.673560][ T7604] __netlink_deliver_tap+0x54d/0x7c0 [ 136.678879][ T7604] ? netlink_deliver_tap+0x2e/0x1b0 [ 136.684098][ T7604] netlink_deliver_tap+0x19d/0x1b0 [ 136.689238][ T7604] netlink_unicast+0x7c4/0x990 [ 136.694040][ T7604] ? __pfx_netlink_unicast+0x10/0x10 [ 136.699353][ T7604] ? __virt_addr_valid+0x183/0x530 [ 136.704504][ T7604] ? __check_object_size+0x49c/0x900 [ 136.709811][ T7604] ? bpf_lsm_netlink_send+0x9/0x10 [ 136.714984][ T7604] netlink_sendmsg+0x8e4/0xcb0 [ 136.719795][ T7604] ? __pfx_netlink_sendmsg+0x10/0x10 [ 136.725093][ T7604] ? __import_iovec+0x536/0x820 [ 136.729960][ T7604] ? aa_sock_msg_perm+0x91/0x160 [ 136.734901][ T7604] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 136.740185][ T7604] ? security_socket_sendmsg+0x87/0xb0 [ 136.745646][ T7604] ? __pfx_netlink_sendmsg+0x10/0x10 [ 136.750949][ T7604] __sock_sendmsg+0x221/0x270 [ 136.755644][ T7604] ____sys_sendmsg+0x525/0x7d0 [ 136.760458][ T7604] ? __pfx_____sys_sendmsg+0x10/0x10 [ 136.765797][ T7604] __sys_sendmsg+0x2b0/0x3a0 [ 136.770515][ T7604] ? __pfx___sys_sendmsg+0x10/0x10 [ 136.775637][ T7604] ? vfs_write+0x7c4/0xc90 [ 136.780102][ T7604] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 136.786441][ T7604] ? do_syscall_64+0x100/0x230 [ 136.791207][ T7604] ? do_syscall_64+0xb6/0x230 [ 136.795917][ T7604] do_syscall_64+0xf3/0x230 [ 136.800420][ T7604] ? clear_bhb_loop+0x35/0x90 [ 136.805097][ T7604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.811423][ T7604] RIP: 0033:0x7f4157779e79 [ 136.815852][ T7604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.835567][ T7604] RSP: 002b:00007f415850a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 136.844099][ T7604] RAX: ffffffffffffffda RBX: 00007f4157915f80 RCX: 00007f4157779e79 [ 136.852678][ T7604] RDX: 0000000000000000 RSI: 000000002000c2c0 RDI: 0000000000000003 [ 136.860643][ T7604] RBP: 00007f415850a090 R08: 0000000000000000 R09: 0000000000000000 [ 136.868613][ T7604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.876582][ T7604] R13: 0000000000000000 R14: 00007f4157915f80 R15: 00007ffd2ba84e98 [ 136.884571][ T7604] [ 137.210035][ T7618] netlink: 'syz.3.782': attribute type 1 has an invalid length. [ 137.698119][ T7630] __nla_validate_parse: 6 callbacks suppressed [ 137.698138][ T7630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.787'. [ 137.770797][ T7630] bridge0: entered promiscuous mode [ 137.794877][ T7630] macvlan4: entered promiscuous mode [ 137.830482][ T7632] netlink: 24 bytes leftover after parsing attributes in process `syz.1.788'. [ 139.409489][ T7673] netlink: 8 bytes leftover after parsing attributes in process `syz.0.800'. [ 139.457695][ T7673] macvlan5: entered promiscuous mode [ 139.682285][ T7687] netlink: 16 bytes leftover after parsing attributes in process `syz.0.805'. [ 139.713426][ T7687] netlink: 52 bytes leftover after parsing attributes in process `syz.0.805'. [ 139.752474][ T7678] netlink: 'syz.2.802': attribute type 10 has an invalid length. [ 139.779600][ T7678] netlink: 40 bytes leftover after parsing attributes in process `syz.2.802'. [ 139.818555][ T7678] batman_adv: batadv0: Adding interface: virt_wifi0 [ 139.825199][ T7678] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.902148][ T7678] batman_adv: batadv0: Interface activated: virt_wifi0 [ 140.014547][ T7702] sctp: [Deprecated]: syz.1.812 (pid 7702) Use of int in max_burst socket option. [ 140.014547][ T7702] Use struct sctp_assoc_value instead [ 140.240899][ T7713] netlink: 20 bytes leftover after parsing attributes in process `syz.3.816'. [ 140.274806][ T7713] netlink: 40 bytes leftover after parsing attributes in process `syz.3.816'. [ 140.316654][ T7713] netlink: 7 bytes leftover after parsing attributes in process `syz.3.816'. [ 140.365170][ T7713] tc_dump_action: action bad kind [ 140.373916][ T7715] netlink: 24 bytes leftover after parsing attributes in process `syz.1.817'. [ 140.982153][ T7748] pim6reg: entered allmulticast mode [ 141.001605][ T7748] pim6reg: left allmulticast mode [ 141.390771][ T7763] tipc: Started in network mode [ 141.402789][ T7763] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 141.416372][ T7763] tipc: Enabled bearer , priority 10 [ 141.474228][ T7763] team0: Device wg2 is of different type [ 141.636380][ T7770] macvlan4: entered promiscuous mode [ 141.788994][ T7777] dccp_v6_rcv: dropped packet with invalid checksum [ 141.795649][ T7773] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 142.164614][ T7795] netlink: 'syz.2.845': attribute type 3 has an invalid length. [ 142.424467][ T7806] macvlan6: entered promiscuous mode [ 142.430180][ T7808] FAULT_INJECTION: forcing a failure. [ 142.430180][ T7808] name failslab, interval 1, probability 0, space 0, times 0 [ 142.456488][ T7808] CPU: 0 UID: 0 PID: 7808 Comm: syz.2.850 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 142.467300][ T7808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 142.477377][ T7808] Call Trace: [ 142.480677][ T7808] [ 142.483626][ T7808] dump_stack_lvl+0x241/0x360 [ 142.488340][ T7808] ? __pfx_dump_stack_lvl+0x10/0x10 [ 142.493653][ T7808] ? __pfx__printk+0x10/0x10 [ 142.498267][ T7808] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 142.504274][ T7808] ? __pfx___might_resched+0x10/0x10 [ 142.509585][ T7808] ? nft_pernet+0x1ef/0x240 [ 142.514119][ T7808] should_fail_ex+0x3b0/0x4e0 [ 142.518823][ T7808] should_failslab+0xac/0x100 [ 142.523524][ T7808] ? __alloc_skb+0x1c3/0x440 [ 142.528133][ T7808] kmem_cache_alloc_node_noprof+0x71/0x320 [ 142.533973][ T7808] __alloc_skb+0x1c3/0x440 [ 142.538427][ T7808] ? __pfx___alloc_skb+0x10/0x10 [ 142.543393][ T7808] ? nf_tables_commit+0x89e0/0x8a40 [ 142.548632][ T7808] ? netlink_ack_tlv_len+0x6e/0x200 [ 142.553859][ T7808] netlink_ack+0x13f/0xa30 [ 142.558308][ T7808] ? __kasan_kmalloc+0x98/0xb0 [ 142.563111][ T7808] ? nfnetlink_rcv+0x1265/0x2ad0 [ 142.568078][ T7808] ? nfnetlink_rcv+0x12c6/0x2ad0 [ 142.573033][ T7808] nfnetlink_rcv+0x26c4/0x2ad0 [ 142.577872][ T7808] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 142.583046][ T7808] ? netlink_deliver_tap+0x2e/0x1b0 [ 142.588249][ T7808] ? skb_clone+0x240/0x390 [ 142.592662][ T7808] ? __pfx_lock_release+0x10/0x10 [ 142.597709][ T7808] ? netlink_deliver_tap+0x2e/0x1b0 [ 142.602929][ T7808] netlink_unicast+0x7f6/0x990 [ 142.607694][ T7808] ? __pfx_netlink_unicast+0x10/0x10 [ 142.612985][ T7808] ? __virt_addr_valid+0x183/0x530 [ 142.618103][ T7808] ? __check_object_size+0x49c/0x900 [ 142.623493][ T7808] ? bpf_lsm_netlink_send+0x9/0x10 [ 142.628629][ T7808] netlink_sendmsg+0x8e4/0xcb0 [ 142.633426][ T7808] ? __pfx_netlink_sendmsg+0x10/0x10 [ 142.638727][ T7808] ? __import_iovec+0x536/0x820 [ 142.643585][ T7808] ? aa_sock_msg_perm+0x91/0x160 [ 142.648673][ T7808] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 142.653959][ T7808] ? security_socket_sendmsg+0x87/0xb0 [ 142.659418][ T7808] ? __pfx_netlink_sendmsg+0x10/0x10 [ 142.664707][ T7808] __sock_sendmsg+0x221/0x270 [ 142.669413][ T7808] ____sys_sendmsg+0x525/0x7d0 [ 142.674215][ T7808] ? __pfx_____sys_sendmsg+0x10/0x10 [ 142.679546][ T7808] __sys_sendmsg+0x2b0/0x3a0 [ 142.684171][ T7808] ? __pfx___sys_sendmsg+0x10/0x10 [ 142.689311][ T7808] ? vfs_write+0x7c4/0xc90 [ 142.693795][ T7808] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 142.700263][ T7808] ? do_syscall_64+0x100/0x230 [ 142.705059][ T7808] ? do_syscall_64+0xb6/0x230 [ 142.709771][ T7808] do_syscall_64+0xf3/0x230 [ 142.714395][ T7808] ? clear_bhb_loop+0x35/0x90 [ 142.719109][ T7808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.725034][ T7808] RIP: 0033:0x7f4157779e79 [ 142.729468][ T7808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.749246][ T7808] RSP: 002b:00007f415850a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 142.757752][ T7808] RAX: ffffffffffffffda RBX: 00007f4157915f80 RCX: 00007f4157779e79 [ 142.765824][ T7808] RDX: 0000000000000000 RSI: 000000002000c2c0 RDI: 0000000000000003 [ 142.773908][ T7808] RBP: 00007f415850a090 R08: 0000000000000000 R09: 0000000000000000 [ 142.781953][ T7808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.789956][ T7808] R13: 0000000000000000 R14: 00007f4157915f80 R15: 00007ffd2ba84e98 [ 142.798069][ T7808] [ 142.808263][ T5310] tipc: Node number set to 11578026 [ 142.933523][ T7818] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 143.056279][ T7822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.090378][ T7822] team0: Port device bond0 added [ 143.224810][ T7834] __nla_validate_parse: 10 callbacks suppressed [ 143.224828][ T7834] netlink: 8 bytes leftover after parsing attributes in process `syz.2.855'. [ 143.617713][ T7851] netlink: 24 bytes leftover after parsing attributes in process `syz.3.863'. [ 144.113211][ T7879] netlink: 16 bytes leftover after parsing attributes in process `syz.0.871'. [ 144.122941][ T7879] netlink: 52 bytes leftover after parsing attributes in process `syz.0.871'. [ 144.200798][ T7881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.872'. [ 144.408165][ T7888] netlink: 24 bytes leftover after parsing attributes in process `syz.0.875'. [ 144.544995][ T7890] netlink: 24 bytes leftover after parsing attributes in process `syz.1.876'. [ 144.660294][ T7895] netlink: 8 bytes leftover after parsing attributes in process `syz.4.878'. [ 146.374279][ T7962] netlink: 16 bytes leftover after parsing attributes in process `syz.2.901'. [ 146.405541][ T7962] netlink: 52 bytes leftover after parsing attributes in process `syz.2.901'. [ 146.811436][ T7984] veth1_macvtap: left promiscuous mode [ 146.820609][ T7984] macsec0: entered allmulticast mode [ 146.833842][ T7984] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 147.165924][ T7999] netlink: 'syz.1.914': attribute type 1 has an invalid length. [ 147.638846][ T8011] hsr0: left promiscuous mode [ 147.809051][ T8020] sock: sock_timestamping_bind_phc: sock not bind to device [ 148.720711][ T8051] tipc: Started in network mode [ 148.751947][ T8051] tipc: Node identity ac1414aa, cluster identity 4711 [ 148.778535][ T8051] tipc: Enabled bearer , priority 10 [ 148.849347][ T8056] netlink: 'syz.1.936': attribute type 12 has an invalid length. [ 148.869950][ T8056] __nla_validate_parse: 4 callbacks suppressed [ 148.869971][ T8056] netlink: 132 bytes leftover after parsing attributes in process `syz.1.936'. [ 149.311339][ T8072] tipc: Started in network mode [ 149.319809][ T8077] FAULT_INJECTION: forcing a failure. [ 149.319809][ T8077] name failslab, interval 1, probability 0, space 0, times 0 [ 149.333033][ T8072] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 149.357572][ T8072] tipc: Enabled bearer , priority 10 [ 149.394584][ T8077] CPU: 0 UID: 0 PID: 8077 Comm: syz.4.943 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 149.405216][ T8077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 149.415277][ T8077] Call Trace: [ 149.418555][ T8077] [ 149.421487][ T8077] dump_stack_lvl+0x241/0x360 [ 149.426157][ T8077] ? __pfx_dump_stack_lvl+0x10/0x10 [ 149.431426][ T8077] ? __pfx__printk+0x10/0x10 [ 149.436022][ T8077] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 149.441986][ T8077] ? __pfx___might_resched+0x10/0x10 [ 149.447288][ T8077] ? kasan_save_track+0x51/0x80 [ 149.452166][ T8077] should_fail_ex+0x3b0/0x4e0 [ 149.456879][ T8077] should_failslab+0xac/0x100 [ 149.461580][ T8077] ? __alloc_skb+0x1c3/0x440 [ 149.466265][ T8077] kmem_cache_alloc_node_noprof+0x71/0x320 [ 149.472065][ T8077] __alloc_skb+0x1c3/0x440 [ 149.476476][ T8077] ? __pfx___alloc_skb+0x10/0x10 [ 149.481413][ T8077] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 149.487486][ T8077] ? netlink_ack_tlv_len+0x6e/0x200 [ 149.492691][ T8077] netlink_ack+0x13f/0xa30 [ 149.497115][ T8077] ? lockdep_hardirqs_on+0x99/0x150 [ 149.502341][ T8077] ? nfnetlink_rcv+0x27b4/0x2ad0 [ 149.507310][ T8077] ? kfree+0x149/0x360 [ 149.511411][ T8077] nfnetlink_rcv+0x26c4/0x2ad0 [ 149.516231][ T8077] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 149.521423][ T8077] ? netlink_deliver_tap+0x2e/0x1b0 [ 149.526644][ T8077] ? skb_clone+0x240/0x390 [ 149.531086][ T8077] ? __pfx_lock_release+0x10/0x10 [ 149.536149][ T8077] ? netlink_deliver_tap+0x2e/0x1b0 [ 149.541377][ T8077] netlink_unicast+0x7f6/0x990 [ 149.546222][ T8077] ? __pfx_netlink_unicast+0x10/0x10 [ 149.551521][ T8077] ? __virt_addr_valid+0x183/0x530 [ 149.556661][ T8077] ? __check_object_size+0x49c/0x900 [ 149.561973][ T8077] ? bpf_lsm_netlink_send+0x9/0x10 [ 149.567114][ T8077] netlink_sendmsg+0x8e4/0xcb0 [ 149.571935][ T8077] ? __pfx_netlink_sendmsg+0x10/0x10 [ 149.577223][ T8077] ? __import_iovec+0x536/0x820 [ 149.582072][ T8077] ? aa_sock_msg_perm+0x91/0x160 [ 149.587030][ T8077] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 149.592375][ T8077] ? security_socket_sendmsg+0x87/0xb0 [ 149.597848][ T8077] ? __pfx_netlink_sendmsg+0x10/0x10 [ 149.603155][ T8077] __sock_sendmsg+0x221/0x270 [ 149.607862][ T8077] ____sys_sendmsg+0x525/0x7d0 [ 149.612669][ T8077] ? __pfx_____sys_sendmsg+0x10/0x10 [ 149.617999][ T8077] __sys_sendmsg+0x2b0/0x3a0 [ 149.622621][ T8077] ? __pfx___sys_sendmsg+0x10/0x10 [ 149.627753][ T8077] ? vfs_write+0x7c4/0xc90 [ 149.632321][ T8077] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 149.638699][ T8077] ? do_syscall_64+0x100/0x230 [ 149.643458][ T8077] ? do_syscall_64+0xb6/0x230 [ 149.648157][ T8077] do_syscall_64+0xf3/0x230 [ 149.652686][ T8077] ? clear_bhb_loop+0x35/0x90 [ 149.657401][ T8077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.663300][ T8077] RIP: 0033:0x7f1fb9979e79 [ 149.667723][ T8077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.687329][ T8077] RSP: 002b:00007f1fba68f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 149.695755][ T8077] RAX: ffffffffffffffda RBX: 00007f1fb9b15f80 RCX: 00007f1fb9979e79 [ 149.703748][ T8077] RDX: 0000000000000000 RSI: 000000002000c2c0 RDI: 0000000000000003 [ 149.711763][ T8077] RBP: 00007f1fba68f090 R08: 0000000000000000 R09: 0000000000000000 [ 149.719846][ T8077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 149.728017][ T8077] R13: 0000000000000000 R14: 00007f1fb9b15f80 R15: 00007ffdbcc83c98 [ 149.736033][ T8077] [ 149.785682][ T5278] tipc: Node number set to 2886997162 [ 149.940782][ T8100] netlink: 8 bytes leftover after parsing attributes in process `syz.4.950'. [ 149.958758][ T8100] netlink: 4 bytes leftover after parsing attributes in process `syz.4.950'. [ 149.988451][ T8100] netlink: 32 bytes leftover after parsing attributes in process `syz.4.950'. [ 150.029295][ T8100] netlink: 12 bytes leftover after parsing attributes in process `syz.4.950'. [ 150.038651][ T8100] nbd: couldn't find device at index 0 [ 150.060045][ T8100] netlink: 732 bytes leftover after parsing attributes in process `syz.4.950'. [ 150.079010][ T8100] netlink: 732 bytes leftover after parsing attributes in process `syz.4.950'. [ 150.487128][ T25] tipc: Node number set to 11578026 [ 150.761206][ T8133] dummy0: entered promiscuous mode [ 150.867969][ T8132] dummy0: left promiscuous mode [ 150.895969][ T8142] netlink: 4 bytes leftover after parsing attributes in process `syz.2.966'. [ 151.102151][ T8142] veth0_vlan (unregistering): left allmulticast mode [ 151.326370][ T8149] netlink: 'syz.0.969': attribute type 1 has an invalid length. [ 151.335975][ T8150] netlink: 'syz.4.970': attribute type 1 has an invalid length. [ 151.497732][ T8154] netlink: 'syz.0.972': attribute type 12 has an invalid length. [ 151.511835][ T8152] netlink: 32 bytes leftover after parsing attributes in process `syz.1.971'. [ 151.531443][ T8154] netlink: 132 bytes leftover after parsing attributes in process `syz.0.972'. [ 151.761870][ T5239] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 151.774389][ T5239] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 151.787046][ T5239] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 151.797008][ T5239] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 151.804772][ T5239] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 151.814451][ T5239] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 151.958457][ T8156] chnl_net:caif_netlink_parms(): no params data found [ 152.026500][ T8156] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.035497][ T8156] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.042705][ T8156] bridge_slave_0: entered allmulticast mode [ 152.054569][ T8156] bridge_slave_0: entered promiscuous mode [ 152.063250][ T8156] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.070698][ T8156] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.078143][ T8156] bridge_slave_1: entered allmulticast mode [ 152.085109][ T8156] bridge_slave_1: entered promiscuous mode [ 152.116748][ T8156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 152.130606][ T8156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 152.167143][ T8156] team0: Port device team_slave_0 added [ 152.174916][ T8156] team0: Port device team_slave_1 added [ 152.200866][ T8156] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 152.210055][ T8156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.237901][ T8156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 152.250842][ T8156] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 152.257893][ T8156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.284815][ T8156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 152.337443][ T8156] hsr_slave_0: entered promiscuous mode [ 152.343872][ T8156] hsr_slave_1: entered promiscuous mode [ 152.354140][ T8156] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 152.361933][ T8156] Cannot create hsr debugfs directory [ 152.489884][ T8156] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.571515][ T8156] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.655037][ T8156] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.720790][ T8156] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.832634][ T8156] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 152.843192][ T8156] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 152.860282][ T8156] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 152.873112][ T8156] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 152.963388][ T8156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.988391][ T8156] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.003843][ T3039] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.011109][ T3039] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.030640][ T3028] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.037811][ T3028] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.222665][ T8156] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 153.273272][ T8156] veth0_vlan: entered promiscuous mode [ 153.287542][ T8156] veth1_vlan: entered promiscuous mode [ 153.322452][ T8156] veth0_macvtap: entered promiscuous mode [ 153.332911][ T8156] veth1_macvtap: entered promiscuous mode [ 153.354920][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.370101][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.380413][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.392342][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.402460][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.413706][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.423604][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.434389][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.444407][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.456565][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.467096][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.478396][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.490028][ T8156] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.502722][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.513669][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.523762][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.534861][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.545069][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.560077][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.570054][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.581064][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.591688][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.604128][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.614734][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.625590][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.635562][ T8156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.646168][ T8156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.658623][ T8156] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.678865][ T8156] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.688821][ T8156] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.700114][ T8156] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.709014][ T8156] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.788222][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.804413][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.832723][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.840739][ T5239] Bluetooth: hci5: command tx timeout [ 153.853317][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 155.471250][ T8191] __nla_validate_parse: 1 callbacks suppressed [ 155.471267][ T8191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.979'. [ 155.528655][ T8191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.979'. [ 155.541848][ T8196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.980'. [ 155.590790][ T8196] macvlan6: entered promiscuous mode [ 155.884268][ T8206] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 156.152111][ T8218] netlink: 24 bytes leftover after parsing attributes in process `syz.4.989'. [ 156.362014][ T8224] netlink: 8 bytes leftover after parsing attributes in process `syz.4.992'. [ 156.375607][ T8224] macvlan4: entered promiscuous mode [ 156.709359][ T3028] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.228694][ T5245] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 157.246503][ T5245] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 157.255592][ T5245] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 157.271891][ T5245] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 157.282231][ T5245] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 157.290485][ T5245] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 157.639142][ T8249] chnl_net:caif_netlink_parms(): no params data found [ 157.653081][ T8258] netlink: 'syz.2.1003': attribute type 10 has an invalid length. [ 157.697525][ T8258] netlink: 181292 bytes leftover after parsing attributes in process `syz.2.1003'. [ 157.716688][ T8258] openvswitch: netlink: Message has 4 unknown bytes. [ 157.805508][ T8262] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1004'. [ 157.976836][ T8268] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 158.015059][ T8249] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.034093][ T8249] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.049370][ T8249] bridge_slave_0: entered allmulticast mode [ 158.067294][ T8249] bridge_slave_0: entered promiscuous mode [ 158.081631][ T8249] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.089246][ T8249] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.105139][ T8249] bridge_slave_1: entered allmulticast mode [ 158.114440][ T8249] bridge_slave_1: entered promiscuous mode [ 158.213142][ T8249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.254463][ T8249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 158.352493][ T8249] team0: Port device team_slave_0 added [ 158.374425][ T8249] team0: Port device team_slave_1 added [ 158.461814][ T8249] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 158.462215][ T8285] netlink: 5296 bytes leftover after parsing attributes in process `syz.1.1012'. [ 158.483324][ T8249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.522075][ T8249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 158.538981][ T8249] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 158.554372][ T8249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.593865][ T8249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 158.857068][ T8249] hsr_slave_0: entered promiscuous mode [ 158.891153][ T8249] hsr_slave_1: entered promiscuous mode [ 158.901961][ T8249] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 158.909843][ T8249] Cannot create hsr debugfs directory [ 158.934290][ T8300] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1016'. [ 158.954204][ T8299] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1019'. [ 158.994261][ T8300] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 159.203285][ T3028] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.358949][ T5239] Bluetooth: hci5: command tx timeout [ 159.470906][ T3028] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.649984][ T3028] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.819733][ T8320] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 159.912007][ T8322] netlink: 'syz.2.1026': attribute type 10 has an invalid length. [ 159.932824][ T8322] bond0: (slave bond_slave_0): Releasing backup interface [ 159.990729][ T3028] bridge_slave_1: left allmulticast mode [ 160.000064][ T3028] bridge_slave_1: left promiscuous mode [ 160.018440][ T3028] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.050694][ T3028] bridge_slave_0: left allmulticast mode [ 160.059323][ T3028] bridge_slave_0: left promiscuous mode [ 160.065150][ T3028] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.664291][ T3028] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 160.678456][ T3028] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 160.690151][ T3028] bond0 (unregistering): Released all slaves [ 160.771459][ T8334] __nla_validate_parse: 1 callbacks suppressed [ 160.771479][ T8334] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1028'. [ 161.064802][ T8339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1030'. [ 161.158556][ T8353] xt_cgroup: xt_cgroup: no path or classid specified [ 161.435747][ T5239] Bluetooth: hci5: command tx timeout [ 161.556676][ T3028] hsr_slave_0: left promiscuous mode [ 161.570668][ T3028] hsr_slave_1: left promiscuous mode [ 161.581808][ T3028] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 161.599088][ T3028] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.631007][ T3028] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 161.651200][ T3028] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 161.702547][ T3028] veth1_macvtap: left promiscuous mode [ 161.716197][ T3028] veth0_macvtap: left promiscuous mode [ 161.729634][ T3028] veth1_vlan: left promiscuous mode [ 161.745953][ T3028] veth0_vlan: left promiscuous mode [ 162.003263][ T8379] syz.4.1038[8379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.003416][ T8379] syz.4.1038[8379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.042149][ T8379] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 162.086953][ T8379] syz.4.1038[8379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.087123][ T8379] syz.4.1038[8379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.621846][ T3028] team0 (unregistering): Port device team_slave_1 removed [ 162.671835][ T3028] team0 (unregistering): Port device team_slave_0 removed [ 163.185818][ T8394] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1039'. [ 163.232576][ T8249] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 163.303633][ T3039] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.343974][ T8249] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 163.397099][ T8249] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 163.419279][ T8249] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 163.516865][ T5239] Bluetooth: hci5: command tx timeout [ 163.646913][ T8410] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 163.708580][ T8249] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.780675][ T8249] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.814249][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.821457][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.878529][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.885796][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.888190][ T8421] netlink: 480 bytes leftover after parsing attributes in process `syz.2.1047'. [ 164.642627][ T8448] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1052'. [ 164.667844][ T8448] netlink: 'syz.4.1052': attribute type 7 has an invalid length. [ 164.699009][ T8448] netlink: 'syz.4.1052': attribute type 8 has an invalid length. [ 164.725599][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1052'. [ 165.010796][ T8464] syz_tun: entered promiscuous mode [ 165.067242][ T8249] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 165.252987][ T8249] veth0_vlan: entered promiscuous mode [ 165.313155][ T8249] veth1_vlan: entered promiscuous mode [ 165.351350][ T8482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1063'. [ 165.421862][ T8484] netlink: 'syz.1.1062': attribute type 1 has an invalid length. [ 165.438650][ T8482] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1063'. [ 165.465964][ T8484] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1062'. [ 165.471804][ T8249] veth0_macvtap: entered promiscuous mode [ 165.504017][ T8249] veth1_macvtap: entered promiscuous mode [ 165.564145][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.590171][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.602383][ T5239] Bluetooth: hci5: command tx timeout [ 165.635954][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.667521][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.677967][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.699421][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.725574][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.764686][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.783794][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.810052][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.820905][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.831760][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.861557][ T8249] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 165.890977][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.925411][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.948011][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.965702][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.008855][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 166.048105][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.063661][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 166.094625][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.114632][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 166.135187][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.157002][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 166.175371][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.185229][ T8249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 166.200535][ T8249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.212614][ T8249] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 166.298870][ T8249] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.335714][ T8249] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.344458][ T8249] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.365251][ T8249] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.539691][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.567013][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.652240][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.680793][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.966107][ T8539] delete_channel: no stack [ 167.528979][ T8573] bridge0: port 3(gretap0) entered blocking state [ 167.541006][ T8573] bridge0: port 3(gretap0) entered disabled state [ 167.548325][ T8573] gretap0: entered allmulticast mode [ 167.555788][ T8573] gretap0: entered promiscuous mode [ 167.579147][ T8573] gretap0: left allmulticast mode [ 167.597408][ T8573] gretap0: left promiscuous mode [ 167.605250][ T8573] bridge0: port 3(gretap0) entered disabled state [ 167.723717][ T8579] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'. [ 168.211879][ T8591] vlan2: entered promiscuous mode [ 168.225514][ T8591] vlan2: entered allmulticast mode [ 168.236451][ T8591] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 168.253297][ T8591] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 168.284060][ T8591] team0: Port device vlan2 added [ 168.346024][ T8596] delete_channel: no stack [ 168.888863][ T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.121777][ T8621] bond0: entered promiscuous mode [ 169.146687][ T8621] bond_slave_0: entered promiscuous mode [ 169.185937][ T8621] bond_slave_1: entered promiscuous mode [ 169.192897][ T8621] bond0: left promiscuous mode [ 169.215470][ T8621] bond_slave_0: left promiscuous mode [ 169.235641][ T8621] bond_slave_1: left promiscuous mode [ 169.654647][ T5245] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 169.665653][ T5245] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 169.676971][ T5245] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 169.687350][ T5245] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 169.705752][ T5245] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 169.728727][ T5245] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 169.783722][ T8635] delete_channel: no stack [ 169.855030][ T8638] netlink: 'syz.4.1104': attribute type 3 has an invalid length. [ 169.916461][ T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.106668][ T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.146698][ T8647] netlink: 288 bytes leftover after parsing attributes in process `syz.0.1108'. [ 170.264688][ T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.305198][ T8653] netlink: 'syz.1.1110': attribute type 10 has an invalid length. [ 170.334833][ T8653] tipc: Resetting bearer [ 170.427758][ T8653] batman_adv: batadv0: Adding interface: team0 [ 170.455718][ T8653] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.482794][ T8653] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 170.500301][ T8656] netlink: 'syz.1.1110': attribute type 10 has an invalid length. [ 170.510309][ T8656] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1110'. [ 170.519462][ T8656] team0: entered promiscuous mode [ 170.524506][ T8656] team_slave_0: entered promiscuous mode [ 170.531756][ T8656] team_slave_1: entered promiscuous mode [ 170.537726][ T8656] bond0: entered promiscuous mode [ 170.542772][ T8656] bond_slave_0: entered promiscuous mode [ 170.548809][ T8656] bond_slave_1: entered promiscuous mode [ 170.560729][ T8656] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.572157][ T8656] batman_adv: batadv0: Interface activated: team0 [ 170.579989][ T8656] batman_adv: batadv0: Interface deactivated: team0 [ 170.593868][ T8656] batman_adv: batadv0: Removing interface: team0 [ 170.601481][ T8656] bridge0: port 3(team0) entered blocking state [ 170.609197][ T8656] bridge0: port 3(team0) entered disabled state [ 170.615736][ T8656] team0: entered allmulticast mode [ 170.620955][ T8656] team_slave_0: entered allmulticast mode [ 170.632247][ T8656] team_slave_1: entered allmulticast mode [ 170.638333][ T8656] bond0: entered allmulticast mode [ 170.643482][ T8656] bond_slave_0: entered allmulticast mode [ 170.656564][ T8656] bond_slave_1: entered allmulticast mode [ 170.679117][ T8662] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1109'. [ 170.714438][ T8665] pimreg: entered allmulticast mode [ 170.968140][ T35] bridge_slave_1: left allmulticast mode [ 170.973821][ T35] bridge_slave_1: left promiscuous mode [ 170.995640][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.017575][ T35] bridge_slave_0: left allmulticast mode [ 171.023286][ T35] bridge_slave_0: left promiscuous mode [ 171.038094][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.665788][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 171.683318][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 171.694689][ T35] bond0 (unregistering): Released all slaves [ 171.760377][ T5239] Bluetooth: hci5: command tx timeout [ 171.981833][ T8632] chnl_net:caif_netlink_parms(): no params data found [ 172.585747][ T35] hsr_slave_0: left promiscuous mode [ 172.609538][ T35] hsr_slave_1: left promiscuous mode [ 172.717522][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 172.725203][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 172.797890][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 172.875473][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.199804][ T35] veth1_macvtap: left promiscuous mode [ 173.255695][ T35] veth0_macvtap: left promiscuous mode [ 173.262581][ T35] veth1_vlan: left promiscuous mode [ 173.325529][ T35] veth0_vlan: left promiscuous mode [ 173.835764][ T5239] Bluetooth: hci5: command tx timeout [ 174.601312][ T35] team0 (unregistering): Port device team_slave_1 removed [ 174.662112][ T35] team0 (unregistering): Port device team_slave_0 removed [ 175.143787][ T8757] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1137'. [ 175.153529][ T8748] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 175.166320][ T8753] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1136'. [ 175.351516][ T8632] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.386686][ T8632] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.393981][ T8632] bridge_slave_0: entered allmulticast mode [ 175.438117][ T8632] bridge_slave_0: entered promiscuous mode [ 175.468567][ T8632] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.496073][ T8632] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.503375][ T8632] bridge_slave_1: entered allmulticast mode [ 175.523702][ T8632] bridge_slave_1: entered promiscuous mode [ 175.653378][ T8632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.707040][ T8632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.885845][ T8632] team0: Port device team_slave_0 added [ 175.915846][ T5239] Bluetooth: hci5: command tx timeout [ 175.948880][ T8632] team0: Port device team_slave_1 added [ 176.024475][ T8797] netlink: 5128 bytes leftover after parsing attributes in process `syz.2.1149'. [ 176.034841][ T8797] netlink: 5128 bytes leftover after parsing attributes in process `syz.2.1149'. [ 176.049628][ T8797] netlink: 332 bytes leftover after parsing attributes in process `syz.2.1149'. [ 176.174521][ T8632] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 176.217607][ T8632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.229245][ T8805] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1151'. [ 176.292522][ T8632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.322045][ T8632] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 176.345854][ T8632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.428670][ T8632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 176.630388][ T8632] hsr_slave_0: entered promiscuous mode [ 176.656365][ T8632] hsr_slave_1: entered promiscuous mode [ 176.706421][ T8632] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 176.716774][ T8632] Cannot create hsr debugfs directory [ 177.012439][ T8837] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1162'. [ 177.261677][ T8843] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1165'. [ 177.995767][ T5239] Bluetooth: hci5: command tx timeout [ 178.362567][ T8632] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 178.389485][ T8632] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 178.436007][ T8632] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 178.458688][ T8632] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 178.766257][ T8632] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.829717][ T8632] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.897551][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.904713][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.935851][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.943019][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.310721][ T8919] netlink: 'syz.2.1182': attribute type 29 has an invalid length. [ 179.334650][ T8919] netlink: 'syz.2.1182': attribute type 29 has an invalid length. [ 179.353780][ T8919] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1182'. [ 179.598258][ T8632] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.728000][ T8632] veth0_vlan: entered promiscuous mode [ 179.787437][ T8632] veth1_vlan: entered promiscuous mode [ 179.897729][ T8632] veth0_macvtap: entered promiscuous mode [ 179.922281][ T8632] veth1_macvtap: entered promiscuous mode [ 180.001991][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.041636][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.072575][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.097743][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.123874][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.147484][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.167308][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.190981][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.204857][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.224513][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.234714][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.251561][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.276803][ T8632] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.298194][ T8956] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1199'. [ 180.307747][ T8956] tipc: Invalid UDP bearer configuration [ 180.307798][ T8956] tipc: Enabling of bearer rejected, failed to enable media [ 180.371797][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.395010][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.407044][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.435815][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.485855][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.505440][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.516852][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.535387][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.545232][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.575531][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.592110][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.616726][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.634185][ T8632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.665368][ T8632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.687039][ T8632] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.763261][ T8632] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.784444][ T8632] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.809603][ T8632] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.825430][ T8632] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.863141][ T8977] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1203'. [ 180.937375][ T8982] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1205'. [ 181.018279][ T8982] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1205'. [ 181.321693][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.360036][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.468424][ T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.486098][ T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.832379][ T3039] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.835802][ T3039] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.043039][ T3039] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.078520][ T5246] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 185.088908][ T5246] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 185.102024][ T5246] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 185.112125][ T5246] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 185.133645][ T5246] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 185.141287][ T5246] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 185.269774][ T3039] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.621082][ T3039] bridge_slave_1: left allmulticast mode [ 185.645844][ T3039] bridge_slave_1: left promiscuous mode [ 185.651655][ T3039] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.716415][ T3039] bridge_slave_0: left allmulticast mode [ 185.725236][ T3039] bridge_slave_0: left promiscuous mode [ 185.762165][ T3039] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.399576][ T5238] Bluetooth: hci0: command 0x0406 tx timeout [ 186.399618][ T55] Bluetooth: hci4: command 0x0406 tx timeout [ 186.406288][ T5238] Bluetooth: hci3: command 0x0406 tx timeout [ 186.406583][ T5246] Bluetooth: hci1: command 0x0406 tx timeout [ 186.432560][ T5234] Bluetooth: hci2: command 0x0406 tx timeout [ 186.459474][ T3039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 186.477633][ T3039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 186.503413][ T3039] bond0 (unregistering): Released all slaves [ 186.814106][ T9222] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1291'. [ 186.833216][ T9222] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1291'. [ 187.200148][ T5245] Bluetooth: hci5: command tx timeout [ 188.508650][ T9232] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1297'. [ 188.519153][ T9232] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1297'. [ 188.765572][ T3039] hsr_slave_0: left promiscuous mode [ 188.806520][ T3039] hsr_slave_1: left promiscuous mode [ 188.826141][ T3039] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 188.833657][ T3039] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 188.851031][ T3039] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 188.860521][ T3039] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 188.899408][ T3039] veth1_macvtap: left promiscuous mode [ 188.905133][ T3039] veth0_macvtap: left promiscuous mode [ 188.913737][ T3039] veth1_vlan: left promiscuous mode [ 188.920815][ T3039] veth0_vlan: left promiscuous mode [ 189.275704][ T5245] Bluetooth: hci5: command tx timeout [ 189.484286][ T3039] team0 (unregistering): Port device team_slave_1 removed [ 189.526483][ T3039] team0 (unregistering): Port device team_slave_0 removed [ 190.102443][ T9137] chnl_net:caif_netlink_parms(): no params data found [ 190.505916][ T9137] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.544368][ T9137] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.553246][ T9137] bridge_slave_0: entered allmulticast mode [ 190.573115][ T9137] bridge_slave_0: entered promiscuous mode [ 190.606590][ T9137] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.626409][ T9137] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.633738][ T9137] bridge_slave_1: entered allmulticast mode [ 190.677038][ T9137] bridge_slave_1: entered promiscuous mode [ 190.867351][ T9137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.901399][ T9137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.068418][ T9137] team0: Port device team_slave_0 added [ 191.090710][ T9137] team0: Port device team_slave_1 added [ 191.241449][ T9137] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.264611][ T9137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.311871][ T9137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.351383][ T9137] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.353253][ T9344] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1342'. [ 191.371805][ T5245] Bluetooth: hci5: command tx timeout [ 191.384613][ T9137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.423047][ T9137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.635216][ T9137] hsr_slave_0: entered promiscuous mode [ 191.681059][ T9137] hsr_slave_1: entered promiscuous mode [ 191.694264][ T9137] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 191.725634][ T9137] Cannot create hsr debugfs directory [ 191.996055][ T9377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1356'. [ 192.483939][ T9137] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 192.513954][ T9137] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 192.548640][ T9137] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 192.579238][ T9137] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 192.847999][ T9137] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.909891][ T9137] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.934139][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.941523][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.973676][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.981016][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.435920][ T5245] Bluetooth: hci5: command tx timeout [ 193.511860][ T9137] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.718180][ T9137] veth0_vlan: entered promiscuous mode [ 193.738368][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1391'. [ 193.798860][ T9137] veth1_vlan: entered promiscuous mode [ 193.912209][ T9137] veth0_macvtap: entered promiscuous mode [ 193.947812][ T9137] veth1_macvtap: entered promiscuous mode [ 194.013929][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.044617][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.045888][ T9479] x_tables: duplicate underflow at hook 3 [ 194.060759][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.095515][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.128971][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.168602][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.191925][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.225548][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.257051][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.275423][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.293683][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.304616][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.328221][ T9137] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.358452][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.393794][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.426334][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.466732][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.505385][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.536298][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.569298][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.577886][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.605464][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.627448][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.659685][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.675671][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.695741][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.710312][ T9137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.722880][ T9137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.736698][ T9137] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.812036][ T9137] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.846040][ T9137] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.854808][ T9137] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.889607][ T9137] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.108923][ T3028] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.137856][ T3028] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.221963][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.243929][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.879002][ T3013] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.619099][ T3013] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.949670][ T3013] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.217687][ T3013] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.596054][ T3013] bridge_slave_1: left allmulticast mode [ 199.601749][ T3013] bridge_slave_1: left promiscuous mode [ 199.665828][ T3013] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.876416][ T3013] bridge_slave_0: left allmulticast mode [ 199.882121][ T3013] bridge_slave_0: left promiscuous mode [ 199.945633][ T3013] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.893282][ T3013] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 202.904908][ T3013] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.920523][ T3013] bond0 (unregistering): Released all slaves [ 202.949286][ T9637] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1460'. [ 202.981396][ T9637] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 203.220167][ T3013] hsr_slave_0: left promiscuous mode [ 203.226788][ T3013] hsr_slave_1: left promiscuous mode [ 203.232778][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 203.241429][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 203.249877][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 203.257630][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 203.369898][ T3013] veth1_macvtap: left promiscuous mode [ 203.396782][ T3013] veth0_macvtap: left promiscuous mode [ 203.407117][ T3013] veth1_vlan: left promiscuous mode [ 203.420743][ T3013] veth0_vlan: left promiscuous mode [ 203.769159][ T5243] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 203.780079][ T5243] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 203.794892][ T5243] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 203.809322][ T5243] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 203.820234][ T5243] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 203.834553][ T5243] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 204.159357][ T3013] team0 (unregistering): Port device team_slave_1 removed [ 204.201029][ T3013] team0 (unregistering): Port device team_slave_0 removed [ 204.581297][ T9643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1466'. [ 204.590400][ T9643] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1466'. [ 204.801480][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 205.129950][ T9683] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1479'. [ 205.172485][ T9683] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1479'. [ 205.434703][ T9656] chnl_net:caif_netlink_parms(): no params data found [ 205.836271][ T9656] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.853740][ T9656] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.874600][ T9656] bridge_slave_0: entered allmulticast mode [ 205.892186][ T9656] bridge_slave_0: entered promiscuous mode [ 205.917275][ T5245] Bluetooth: hci5: command tx timeout [ 205.964665][ T9716] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1492'. [ 205.989563][ T9656] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.997430][ T9656] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.005731][ T9656] bridge_slave_1: entered allmulticast mode [ 206.025932][ T9656] bridge_slave_1: entered promiscuous mode [ 206.211538][ T9656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.243133][ T9656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.257650][ T9734] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1498'. [ 207.962348][ T9656] team0: Port device team_slave_0 added [ 207.971588][ T9656] team0: Port device team_slave_1 added [ 207.999586][ T5245] Bluetooth: hci5: command tx timeout [ 208.247324][ T9656] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.262447][ T9656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.293565][ T9656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.324644][ T9656] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.351830][ T9656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.388354][ T9656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.860646][ T9764] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1511'. [ 208.898300][ T9656] hsr_slave_0: entered promiscuous mode [ 208.916169][ T9656] hsr_slave_1: entered promiscuous mode [ 208.925936][ T9656] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 208.938114][ T9656] Cannot create hsr debugfs directory [ 209.216516][ T9785] netlink: 'syz.1.1521': attribute type 10 has an invalid length. [ 209.254602][ T9785] netlink: 209820 bytes leftover after parsing attributes in process `syz.1.1521'. [ 209.276142][ T9785] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 209.860209][ T9822] netlink: 'syz.1.1536': attribute type 9 has an invalid length. [ 209.868975][ T9822] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1536'. [ 209.922610][ T9822] netlink: 'syz.1.1536': attribute type 9 has an invalid length. [ 209.943285][ T9822] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1536'. [ 210.036904][ T9656] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 210.058086][ T9656] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 210.075895][ T5245] Bluetooth: hci5: command tx timeout [ 210.084685][ T9656] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 210.109415][ T9656] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 210.324449][ T9656] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.355208][ T9656] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.371595][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.378795][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.402457][ T149] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.409670][ T149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.685922][ T9656] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 210.783841][ T9656] veth0_vlan: entered promiscuous mode [ 210.814142][ T9656] veth1_vlan: entered promiscuous mode [ 210.867314][ T9656] veth0_macvtap: entered promiscuous mode [ 210.888016][ T9656] veth1_macvtap: entered promiscuous mode [ 210.929593][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.967881][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.988257][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 211.015346][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.033812][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 211.061147][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.085403][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 211.100199][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.138613][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 211.159108][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.170690][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 211.181725][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.198909][ T9656] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 211.264068][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 211.297248][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.321976][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 211.335659][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.362973][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 211.383170][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.398395][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 211.415914][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.434368][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 211.450890][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.472737][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 211.495410][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.505266][ T9656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 211.533708][ T9656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.554682][ T9656] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 211.579074][ T9656] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.600457][ T9656] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.618739][ T9656] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.635763][ T9656] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.841557][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.864964][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.942710][ T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.957310][ T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.636311][ T9929] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.643899][ T9929] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.895099][ T9969] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1601'. [ 214.077713][ T9978] netlink: 2088 bytes leftover after parsing attributes in process `syz.0.1602'. [ 216.149315][ T5243] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 216.173834][ T5243] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 216.185734][ T5243] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 216.195896][ T5243] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 216.204810][ T5243] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 216.216778][ T5243] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 217.460592][ T3013] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.625738][ T3013] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.869446][ T3013] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.056897][ T3013] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.320272][T10000] chnl_net:caif_netlink_parms(): no params data found [ 218.335584][ T5245] Bluetooth: hci5: command tx timeout [ 218.686187][T10000] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.699947][T10000] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.720703][T10000] bridge_slave_0: entered allmulticast mode [ 218.734561][T10000] bridge_slave_0: entered promiscuous mode [ 218.766893][T10000] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.774062][T10000] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.793552][T10000] bridge_slave_1: entered allmulticast mode [ 218.820668][T10000] bridge_slave_1: entered promiscuous mode [ 218.842829][ T3013] bridge_slave_1: left allmulticast mode [ 218.855468][ T3013] bridge_slave_1: left promiscuous mode [ 218.861329][ T3013] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.906612][ T3013] bridge_slave_0: left allmulticast mode [ 218.929008][ T3013] bridge_slave_0: left promiscuous mode [ 218.947288][ T3013] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.052054][ T3013] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 220.073043][ T3013] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 220.099529][ T3013] bond0 (unregistering): Released all slaves [ 220.211725][T10131] netlink: 'syz.0.1667': attribute type 1 has an invalid length. [ 220.225709][T10131] netlink: 'syz.0.1667': attribute type 2 has an invalid length. [ 220.395529][ T5245] Bluetooth: hci5: command tx timeout [ 220.402278][T10000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.438096][T10000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 220.470413][T10147] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1672'. [ 220.590756][T10000] team0: Port device team_slave_0 added [ 220.617967][T10000] team0: Port device team_slave_1 added [ 220.703730][ T3013] hsr_slave_0: left promiscuous mode [ 220.719606][ T3013] hsr_slave_1: left promiscuous mode [ 220.734028][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 220.755483][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 220.776258][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 220.783745][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 220.827735][ T3013] veth1_macvtap: left promiscuous mode [ 220.842108][ T3013] veth0_macvtap: left promiscuous mode [ 220.847890][ T3013] veth1_vlan: left promiscuous mode [ 220.853258][ T3013] veth0_vlan: left promiscuous mode [ 221.363580][T10170] sctp: [Deprecated]: syz.4.1681 (pid 10170) Use of int in maxseg socket option. [ 221.363580][T10170] Use struct sctp_assoc_value instead [ 221.473326][T10173] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1684'. [ 221.482648][T10173] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1684'. [ 221.751260][ T3013] team0 (unregistering): Port device team_slave_1 removed [ 221.941499][ T3013] team0 (unregistering): Port device team_slave_0 removed [ 222.485794][ T5245] Bluetooth: hci5: command tx timeout [ 222.602238][T10000] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 222.609600][T10000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.644387][T10000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 222.657964][T10000] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 222.664938][T10000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.695067][T10000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 222.853514][T10000] hsr_slave_0: entered promiscuous mode [ 222.861487][T10000] hsr_slave_1: entered promiscuous mode [ 222.869636][T10000] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 222.881255][T10000] Cannot create hsr debugfs directory [ 223.812100][T10239] ebtables: ebtables: counters copy to user failed while replacing table [ 224.565840][ T5245] Bluetooth: hci5: command tx timeout [ 225.722888][T10268] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1724'. [ 225.803477][T10000] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 225.833889][T10000] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 225.900564][T10000] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 225.941028][T10000] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 226.177579][T10000] 8021q: adding VLAN 0 to HW filter on device bond0 [ 226.230579][T10000] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.249249][T10287] Oops: general protection fault, probably for non-canonical address 0xdffffc00000000f8: 0000 [#1] PREEMPT SMP KASAN PTI [ 226.262136][T10287] KASAN: null-ptr-deref in range [0x00000000000007c0-0x00000000000007c7] [ 226.270585][T10287] CPU: 1 UID: 0 PID: 10287 Comm: syz.1.1732 Not tainted 6.11.0-rc4-syzkaller-00567-g18aaa82bd36a #0 [ 226.281461][T10287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 226.291618][T10287] RIP: 0010:phy_start_cable_test_tdr+0x3a/0x5c0 [ 226.297982][T10287] Code: ec 38 48 89 54 24 18 49 89 f6 48 89 fb 49 bd 00 00 00 00 00 fc ff df e8 74 26 2b fb 48 8d bb c0 07 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 2a 68 92 fb 48 8b 83 c0 07 00 00 48 89 44 [ 226.317678][T10287] RSP: 0018:ffffc90004e5f230 EFLAGS: 00010202 [ 226.323750][T10287] RAX: 00000000000000f8 RBX: 0000000000000000 RCX: 0000000000040000 [ 226.331730][T10287] RDX: ffffc90009739000 RSI: 0000000000000ad9 RDI: 00000000000007c0 [ 226.339804][T10287] RBP: ffffc90004e5f470 R08: ffffffff89cb108d R09: 1ffff1100c474015 [ 226.347775][T10287] R10: dffffc0000000000 R11: ffffffff866864a0 R12: ffffc90004e5f3f0 [ 226.355746][T10287] R13: dffffc0000000000 R14: ffffc90004e5f740 R15: 0000000000000000 [ 226.363799][T10287] FS: 00007fd97811e6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 226.372726][T10287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.379310][T10287] CR2: 00007f4157917a8c CR3: 000000006aa68000 CR4: 00000000003506f0 [ 226.387797][T10287] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 226.395758][T10287] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 226.403808][T10287] Call Trace: [ 226.407080][T10287] [ 226.409999][T10287] ? __die_body+0x88/0xe0 [ 226.414329][T10287] ? die_addr+0x108/0x140 [ 226.418654][T10287] ? exc_general_protection+0x3dd/0x5d0 [ 226.424219][T10287] ? netdev_get_by_index+0x7a/0xb0 [ 226.429327][T10287] ? asm_exc_general_protection+0x26/0x30 [ 226.435050][T10287] ? __pfx_phy_start_cable_test_tdr+0x10/0x10 [ 226.441109][T10287] ? ethnl_act_cable_test_tdr+0x5ad/0x10d0 [ 226.446991][T10287] ? phy_start_cable_test_tdr+0x3a/0x5c0 [ 226.452616][T10287] ? ethnl_ops_begin+0x1ae/0x1f0 [ 226.457540][T10287] ? __pfx_phy_start_cable_test_tdr+0x10/0x10 [ 226.463599][T10287] ethnl_act_cable_test_tdr+0x607/0x10d0 [ 226.469232][T10287] ? __pfx_ethnl_act_cable_test_tdr+0x10/0x10 [ 226.475296][T10287] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 226.481545][T10287] ? __nla_parse+0x40/0x60 [ 226.485973][T10287] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 226.492382][T10287] genl_rcv_msg+0xb14/0xec0 [ 226.496892][T10287] ? mark_lock+0x9a/0x350 [ 226.501219][T10287] ? __pfx_genl_rcv_msg+0x10/0x10 [ 226.506244][T10287] ? __pfx_lock_acquire+0x10/0x10 [ 226.511347][T10287] ? __pfx_ethnl_act_cable_test_tdr+0x10/0x10 [ 226.517400][T10287] ? __pfx___might_resched+0x10/0x10 [ 226.522679][T10287] netlink_rcv_skb+0x1e3/0x430 [ 226.527520][T10287] ? __pfx_genl_rcv_msg+0x10/0x10 [ 226.532534][T10287] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 226.537835][T10287] ? __netlink_deliver_tap+0x77e/0x7c0 [ 226.543311][T10287] genl_rcv+0x28/0x40 [ 226.547299][T10287] netlink_unicast+0x7f6/0x990 [ 226.552060][T10287] ? __pfx_netlink_unicast+0x10/0x10 [ 226.557361][T10287] ? __virt_addr_valid+0x183/0x530 [ 226.562462][T10287] ? __check_object_size+0x49c/0x900 [ 226.567739][T10287] ? bpf_lsm_netlink_send+0x9/0x10 [ 226.573021][T10287] netlink_sendmsg+0x8e4/0xcb0 [ 226.577784][T10287] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.583058][T10287] ? __import_iovec+0x536/0x820 [ 226.587901][T10287] ? aa_sock_msg_perm+0x91/0x160 [ 226.592920][T10287] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 226.598311][T10287] ? security_socket_sendmsg+0x87/0xb0 [ 226.603785][T10287] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.609067][T10287] __sock_sendmsg+0x221/0x270 [ 226.613807][T10287] ____sys_sendmsg+0x525/0x7d0 [ 226.618593][T10287] ? __pfx_____sys_sendmsg+0x10/0x10 [ 226.623889][T10287] __sys_sendmsg+0x2b0/0x3a0 [ 226.628475][T10287] ? __pfx___sys_sendmsg+0x10/0x10 [ 226.633617][T10287] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 226.639940][T10287] ? do_syscall_64+0x100/0x230 [ 226.644693][T10287] ? do_syscall_64+0xb6/0x230 [ 226.649359][T10287] do_syscall_64+0xf3/0x230 [ 226.653885][T10287] ? clear_bhb_loop+0x35/0x90 [ 226.658555][T10287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.664447][T10287] RIP: 0033:0x7fd977379e79 [ 226.668852][T10287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.688456][T10287] RSP: 002b:00007fd97811e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 226.696863][T10287] RAX: ffffffffffffffda RBX: 00007fd977515f80 RCX: 00007fd977379e79 [ 226.704834][T10287] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000003 [ 226.712793][T10287] RBP: 00007fd9773e793e R08: 0000000000000000 R09: 0000000000000000 [ 226.721012][T10287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.729079][T10287] R13: 0000000000000000 R14: 00007fd977515f80 R15: 00007fff616a7498 [ 226.737060][T10287] [ 226.740069][T10287] Modules linked in: [ 226.765719][T10287] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to send rpc fd=3 want=48 sent=0 n=-1 (errno 32: Broken pipe) [ 226.778342][T10287] RIP: 0010:phy_start_cable_test_tdr+0x3a/0x5c0 [ 226.797988][T10287] Code: ec 38 48 89 54 24 18 49 89 f6 48 89 fb 49 bd 00 00 00 00 00 fc ff df e8 74 26 2b fb 48 8d bb c0 07 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 2a 68 92 fb 48 8b 83 c0 07 00 00 48 89 44 [ 226.897102][T10287] RSP: 0018:ffffc90004e5f230 EFLAGS: 00010202 [ 226.911562][T10287] RAX: 00000000000000f8 RBX: 0000000000000000 RCX: 0000000000040000 [ 226.921656][T10287] RDX: ffffc90009739000 RSI: 0000000000000ad9 RDI: 00000000000007c0 [ 226.932552][T10287] RBP: ffffc90004e5f470 R08: ffffffff89cb108d R09: 1ffff1100c474015 [ 226.940672][T10287] R10: dffffc0000000000 R11: ffffffff866864a0 R12: ffffc90004e5f3f0 [ 226.951709][T10287] R13: dffffc0000000000 R14: ffffc90004e5f740 R15: 0000000000000000 [ 226.960875][T10287] FS: 00007fd97811e6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 226.972818][T10287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.981272][T10287] CR2: 00007f4158447d60 CR3: 000000006aa68000 CR4: 00000000003506f0 [ 226.989751][T10287] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 226.998535][T10287] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 227.006722][T10287] Kernel panic - not syncing: Fatal exception [ 227.013036][T10287] Kernel Offset: disabled [ 227.017614][T10287] Rebooting in 86400 seconds..