last executing test programs: 5.563749459s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x2, 0xc}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000300000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000005a00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='ext4_es_find_extent_range_exit\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x0, 0x0, 0x0, 0x0, 0x0, 0x62}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19}, 0x90) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xda00) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40305829, &(0x7f0000000040)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r2, &(0x7f00000003c0)={[{0x0, 'blkio'}]}, 0x7) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x6628, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[], 0xffe6) 5.280201391s ago: executing program 4: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe, 0x0, &(0x7f0000000480)="1f6c00c2231bc4cb50017d8788a8", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 5.162281252s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$kcm(0x10, 0x100000000002, 0x4) close(r0) sendmsg$unix(r1, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b35d25a806f8c6394f90224fc602f0009000a740200053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 4.8976913s ago: executing program 4: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db", 0xd}], 0x1}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1503"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90) ioctl$TUNSETOFFLOAD(r1, 0x4010744d, 0x20000000) 4.641035729s ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x13}, @call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000140)="e0b9547ed387dce9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 4.469155589s ago: executing program 4: r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1e, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x8c}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0)) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYRES16, @ANYRES16, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0xb0}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9eaafdc0a00e9bfde9089060000004e51afe9c81a97f0570759f1cae63487ff68fffffffffffe8e3932e2b7185a25a4cf8a9456aa8a701c318c67edb6e9330b53c0eeba8644311ba75411890700000000000000d8e5b1dc91c5499bea0977"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x0, 0xd00, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8641200a8", 0x0, 0xf6d}, 0x28) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz0\x00', 0x200002, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f7, &(0x7f0000000080)) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) close(r5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f000000a300)) ioctl$SIOCSIFHWADDR(r5, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random='\rh\x00 \x00'}) recvmsg$unix(r1, &(0x7f0000000600)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000100)=""/112, 0x70}, {&(0x7f0000000180)=""/169, 0xa9}, {&(0x7f0000000240)=""/78, 0x4e}, {&(0x7f00000002c0)=""/209, 0xd1}, {&(0x7f00000003c0)=""/239, 0xef}], 0x5, &(0x7f0000000540)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}, 0x1) 1.463898008s ago: executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000f40)="5c00000012006bab9a3fe3d8457f0bd2bf6e17aa0a046b876c1d0048007ea60864160af36504001a0038001d00193107e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb45601d8ad2330e", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="18080000000000000000000600000000000000000300000018000000000000000000000000000000950008000000000000000000"], &(0x7f0000000000)='GPL\x00', 0x4, 0xec, &(0x7f00000004c0)=""/236}, 0x80) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000024c0)=""/220, 0xdc}, {&(0x7f0000000a00)=""/242, 0xf2}, {&(0x7f0000001140)=""/4055, 0xfd7}, {&(0x7f00000006c0)=""/235, 0xeb}, {&(0x7f0000000c00)=""/220, 0xdc}, {&(0x7f0000001040)=""/179, 0xb3}, {&(0x7f0000000500)=""/217, 0xd9}, {&(0x7f0000000040)=""/1, 0x1}, {&(0x7f00000000c0)=""/42, 0x2a}, {&(0x7f00000023c0)=""/224, 0xe0}, {&(0x7f0000000140)=""/39, 0x27}, {&(0x7f00000007c0)=""/114, 0x72}, {&(0x7f0000000400)=""/193, 0xc1}, {&(0x7f0000000940)=""/143, 0x8f}, {&(0x7f0000000880)=""/59, 0x3b}, {&(0x7f0000000200)=""/57, 0x39}, {&(0x7f0000000180)=""/68, 0x44}, {&(0x7f0000000d00)=""/215, 0xd7}], 0x12}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001340)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a7645100b2ffbdb0ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14faecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9cf53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b2f113ad4c7915c8f82c333a7b350802f03b0057010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f842cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2beaf4510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44be9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2002045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed8c631be6411f9927fe9f6b43ec83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea5919ffff72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff153d20f3681f7a3a31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f5cb6dbb714487a9145e9d2918846e78072e0b8f6df849e7f5e3c7e92292c858570d210720102d509083e7af826d9d9f5e4fb389d782e26f243be0c05b9c60383ad28ea3d21466c8d87a4c9cf649315fbd62a6aa4188abb6d8d42785a4ae50157d76efb9c8df83b1c35daad5afaebc7756af1b80d92e8f96a6332e429f6939c230169307e92acd283063304bf6243a0e1f5487bbd54da9fed9bee94d374cc55333fb5c4760cc9ba610937c0f107ef6fbad781863a56897c93c7de1defeaefcef70692d3a8bbf7a4364eac7d608c69caec0f4df2"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000880), 0x10}, 0x49) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r2}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r4}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r5}, &(0x7f0000000700), &(0x7f0000000740)}, 0x20) openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x0) recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r0, &(0x7f0000000680)={0x0, 0xa, 0x0}, 0x0) 1.05802834s ago: executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000220000dd0a000000000000000062"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19}, 0x90) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40305829, &(0x7f0000000040)) write$cgroup_int(r0, &(0x7f0000000140), 0x12) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10008, 0x1, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc020660b, &(0x7f0000000040)) 937.867351ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='track_foreign_dirty\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r2, &(0x7f0000000cc0), 0x12) 917.356903ms ago: executing program 3: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000440)={{r0, 0xffffffffffffffff}, &(0x7f00000005c0), &(0x7f0000000040)='%+9llu \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000840)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000080007b8af8ff00000000b7080000800000017b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 866.199417ms ago: executing program 3: ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x420004}]}) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x0, 0x1}, 0xfffffffffffffe6c) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) 812.049528ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f00000001c0)='\t', 0x20000000}, 0x20) 754.044837ms ago: executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@union={0x1}]}}, &(0x7f0000000380)=""/206, 0x26, 0xce, 0x1}, 0x20) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000200000408000000000000000300000000000000000000000200000000000000000000000000000200000000000000000000000404"], 0x0, 0x56}, 0x20) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000001c0), 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000300)=0x400) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000017c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x8, 0x1001, 0x7}, 0x9c) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000e900850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef) close(r5) recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0xfdef) 712.829344ms ago: executing program 0: socket$kcm(0xa, 0x0, 0x87) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) socket$kcm(0x2, 0x1, 0x84) close(0xffffffffffffffff) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xfffffffffffffeff, 0x0, 0x0, 0xffffffffffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002c000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0) 681.042247ms ago: executing program 3: r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x77, &(0x7f0000000000), 0x10) 605.438252ms ago: executing program 1: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x28, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 587.844567ms ago: executing program 2: bpf$MAP_CREATE(0x0, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) write$cgroup_subtree(r0, 0x0, 0xffbf) 528.980188ms ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x3) ioctl$TUNSETLINK(r0, 0x400454cd, 0x0) 472.507341ms ago: executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015400400142603600e120800060000000401a80016000800014003000000036010fab94dcf5c", 0x44}], 0x1}, 0x0) sendmsg$unix(r0, &(0x7f0000000480)={&(0x7f0000000040)=@abs={0x1, 0x5c}, 0x6e, 0x0}, 0x0) 407.477154ms ago: executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x18, 0x2, &(0x7f00000007c0)=@raw=[@generic={0x81}, @exit], &(0x7f0000000840)='syzkaller\x00', 0x3, 0x75, &(0x7f0000000880)=""/117}, 0x90) 378.593732ms ago: executing program 0: r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000a40)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120c000200040000000600000000000000e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 360.830491ms ago: executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$sock(r1, &(0x7f00000028c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x541b, &(0x7f0000000280)={'lo\x00', @random}) 253.873342ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x4, 0x8, 0xa}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x0, 0x0, 0x0) close(0xffffffffffffffff) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) r3 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec472db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc626b424da1e8c825357861aa50054686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf4d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b0100000000000000b0255f347160ac83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff7020000eea2ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072913152c845cf572cf39310d522a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8abafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e5251aae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b6588f6008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda34536020000fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bf8d9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177c16810fae053349609000000000000009a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f8100257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33384253af570f4ef9c0254afdd89c73943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b70304669c447c71ca4d54c82395a3958d576c42c08a4d5adfb58306164cc7d870b881f8084a3d185a63c6b05292186095c1f407ce74297d16470988f1647f7b6f6cdc6ab8be3cacc325df963c2cb80cfe07ded6d55f556be0a3dfa85f0a0ace879b0a0a95cd07b66fbbc73d0945beebe87a21dd46fd5804cd63c01199c78b1d774b17686fe3aeadebc4f3d2e6af1110466fecf41384f1b5c96531700db5aefa1a5c17a9ebcaf334110ed582999208cc7ef977ceb2f8a5aa7d00000000000000"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0xde, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07070403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0", 0x0, 0x24, 0x60000000, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000b00)={{r1}, &(0x7f0000000a80), &(0x7f0000000ac0)='%ps \x00'}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xf, &(0x7f0000000280)=@ringbuf={{}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000380), 0x8, 0x10, &(0x7f00000003c0)={0x0, 0x0, 0x20}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10) write$cgroup_type(r0, &(0x7f0000000140), 0x9) 229.324083ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@call={0x85, 0x0, 0x0, 0x54}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 138.59469ms ago: executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x6, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @typedef={0x4, 0x0, 0x0, 0xf, 0x1}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x3e}, 0x20) 111.935064ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000080)='cpuset\x00'}, 0x30) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) close(r1) 69.845945ms ago: executing program 0: r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x77, &(0x7f0000000000), 0x10) 68.077845ms ago: executing program 3: r0 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r0, 0x1, 0x3d, &(0x7f00000002c0), 0x8) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000240)=@in6={0xa, 0x4e1e, 0x0, @private1}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@txtime={{0x18}}], 0x18}, 0x0) 2.975415ms ago: executing program 2: perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000900d7f00000000000000b018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) write$cgroup_type(r0, &(0x7f0000000000), 0x248800) 0s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) kernel console output (not intermixed with test programs): tor.0'. [ 70.140798][ T5250] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 70.197331][ T5250] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 70.273088][ T5250] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 71.843152][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.849736][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.994486][ T5285] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 72.242159][ T5285] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.258871][ T5285] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.439183][ T5296] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 72.554821][ T5296] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 72.621980][ T5296] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.4'. [ 72.644031][ T5285] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.651420][ T5285] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.659654][ T5285] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.666875][ T5285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.800307][ T5285] team0: Port device bridge0 added [ 72.821381][ T5302] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 72.839386][ T5302] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'. [ 73.080625][ T5312] netlink: 37 bytes leftover after parsing attributes in process `syz-executor.4'. [ 73.298581][ T5320] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 73.943564][ T5341] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'. [ 74.007245][ T5346] netlink: 37 bytes leftover after parsing attributes in process `syz-executor.1'. [ 74.050952][ T5348] syz-executor.2[5348] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.059811][ T5348] syz-executor.2[5348] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.243177][ T5356] validate_nla: 2 callbacks suppressed [ 74.243198][ T5356] netlink: 'syz-executor.0': attribute type 63 has an invalid length. [ 74.303453][ T5356] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 75.227946][ T5385] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 75.250758][ T5385] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'. [ 75.322595][ T5389] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 75.331386][ T5389] netlink: 161700 bytes leftover after parsing attributes in process `syz-executor.1'. [ 76.037318][ T5422] netlink: 65051 bytes leftover after parsing attributes in process `syz-executor.2'. [ 77.009511][ T5455] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'. [ 77.084327][ T5451] warning: `syz-executor.1' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 78.723838][ T5498] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 78.946858][ T5505] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 79.003305][ T5505] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.2'. [ 79.152539][ T5505] bond0: entered promiscuous mode [ 79.174490][ T5505] bond_slave_0: entered promiscuous mode [ 79.204314][ T5505] bond_slave_1: entered promiscuous mode [ 79.220782][ T5505] bridge0: port 3(bond0) entered blocking state [ 79.227396][ T5505] bridge0: port 3(bond0) entered disabled state [ 79.234060][ T5505] bond0: entered allmulticast mode [ 79.239187][ T5505] bond_slave_0: entered allmulticast mode [ 79.361239][ T5505] bond_slave_1: entered allmulticast mode [ 79.567783][ T5505] bridge0: port 3(bond0) entered blocking state [ 79.574210][ T5505] bridge0: port 3(bond0) entered forwarding state [ 79.841727][ T5514] netlink: 65051 bytes leftover after parsing attributes in process `syz-executor.3'. [ 79.996737][ T5521] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 80.033012][ T5521] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.2'. [ 81.654251][ T5567] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 81.677734][ T5567] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.687622][ T5567] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.810623][ T5567] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.818459][ T5567] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.829004][ T5567] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.837319][ T5567] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.946984][ T5567] team0: Port device bridge0 added [ 82.016577][ T25] cfg80211: failed to load regulatory.db [ 82.723823][ T5600] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.731862][ T5600] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.468349][ T5684] netlink: 'syz-executor.2': attribute type 25 has an invalid length. [ 85.501159][ T5684] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 86.172039][ T5715] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'. [ 86.424791][ T5723] bridge0: entered promiscuous mode [ 86.430739][ T5723] bridge0: entered allmulticast mode [ 86.489697][ T5727] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 86.524409][ T5727] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 86.549404][ T5727] netlink: 16114 bytes leftover after parsing attributes in process `syz-executor.0'. [ 87.257461][ T5761] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 87.427673][ T29] audit: type=1800 audit(1717544684.772:2): pid=5767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1945 res=0 errno=0 [ 87.460807][ T5765] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.468125][ T5765] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.475817][ T5765] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.483133][ T5765] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.504837][ T5770] netlink: 'syz-executor.4': attribute type 21 has an invalid length. [ 87.524775][ T5770] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 87.557772][ T5770] netlink: 16114 bytes leftover after parsing attributes in process `syz-executor.4'. [ 87.562466][ T5765] bridge0: entered promiscuous mode [ 87.618941][ T5765] bridge0: entered allmulticast mode [ 87.669740][ T5773] netlink: 'syz-executor.0': attribute type 19 has an invalid length. [ 87.994422][ T5780] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 88.049837][ T5780] netlink: 'syz-executor.0': attribute type 49 has an invalid length. [ 88.103345][ T5780] netlink: 'syz-executor.0': attribute type 49 has an invalid length. [ 88.429844][ T29] audit: type=1800 audit(1717544685.772:3): pid=5803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1967 res=0 errno=0 [ 88.600900][ T5802] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 88.720952][ T5808] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.2'. [ 89.195865][ T5818] wg2: entered promiscuous mode [ 89.212227][ T5818] wg2: entered allmulticast mode [ 90.017369][ T5857] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.2'. [ 90.058418][ T5857] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'. [ 90.590289][ T5127] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.599898][ T5127] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.614839][ T5127] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.643547][ T5127] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.660337][ T5127] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 90.671164][ T5127] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.797432][ T5885] netlink: 15743 bytes leftover after parsing attributes in process `syz-executor.3'. [ 92.732210][ T5117] Bluetooth: hci2: command tx timeout [ 93.479543][ T5882] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.1'. [ 93.535372][ T5886] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'. [ 93.583803][ T5892] bridge0: entered promiscuous mode [ 93.589240][ T5892] bridge0: entered allmulticast mode [ 93.602569][ T5895] net veth1_virt_wifi : renamed from virt_wifi0 [ 93.731737][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.977094][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.111190][ T5916] netlink: 15743 bytes leftover after parsing attributes in process `syz-executor.1'. [ 94.122894][ T29] audit: type=1800 audit(1717544691.472:4): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="memory.events" dev="sda1" ino=1942 res=0 errno=0 [ 94.155284][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.414459][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.767194][ T5944] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.3'. [ 94.814067][ T5117] Bluetooth: hci2: command tx timeout [ 94.831279][ T5944] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'. [ 94.857372][ T12] bridge_slave_1: left allmulticast mode [ 94.868403][ T12] bridge_slave_1: left promiscuous mode [ 94.885926][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.988574][ T12] bridge_slave_0: left allmulticast mode [ 95.008952][ T12] bridge_slave_0: left promiscuous mode [ 95.028809][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.681853][ T12] team0: Port device bridge0 removed [ 95.838209][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 95.853978][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 95.867371][ T12] bond0 (unregistering): Released all slaves [ 95.881354][ T5873] chnl_net:caif_netlink_parms(): no params data found [ 95.904859][ T5957] net veth1_virt_wifi : renamed from virt_wifi0 [ 95.919693][ T5971] validate_nla: 3 callbacks suppressed [ 95.919711][ T5971] netlink: 'syz-executor.1': attribute type 19 has an invalid length. [ 95.950722][ T5971] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 96.140640][ T5117] Bluetooth: hci4: unexpected event 0x04 length: 15 > 10 [ 96.350392][ T5996] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'. [ 96.422112][ T6000] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 96.443413][ T6000] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.0'. [ 96.483702][ T5996] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'. [ 96.550956][ T6003] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'. [ 96.729001][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.762219][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.793860][ T5873] bridge_slave_0: entered allmulticast mode [ 96.813853][ T5873] bridge_slave_0: entered promiscuous mode [ 96.832969][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.844388][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.853372][ T5873] bridge_slave_1: entered allmulticast mode [ 96.887646][ T5873] bridge_slave_1: entered promiscuous mode [ 96.893028][ T5117] Bluetooth: hci2: command tx timeout [ 97.341219][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.466969][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.542013][ T12] hsr_slave_0: left promiscuous mode [ 97.559569][ T12] hsr_slave_1: left promiscuous mode [ 97.573894][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.584180][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.604455][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.632490][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.791091][ T12] veth1_macvtap: left promiscuous mode [ 97.832505][ T12] veth0_macvtap: left promiscuous mode [ 97.885684][ T12] veth1_vlan: left promiscuous mode [ 97.909807][ T12] veth0_vlan: left promiscuous mode [ 98.172177][ T5117] Bluetooth: hci4: command tx timeout [ 98.972275][ T5117] Bluetooth: hci2: command tx timeout [ 102.129310][ T12] team0 (unregistering): Port device team_slave_1 removed [ 102.196653][ T12] team0 (unregistering): Port device team_slave_0 removed [ 102.278898][ T6103] netlink: 'syz-executor.2': attribute type 126 has an invalid length. [ 105.654232][ T6112] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 105.662635][ T6112] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 105.670810][ T6112] __nla_validate_parse: 2 callbacks suppressed [ 105.670826][ T6112] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.2'. [ 105.957757][ T6076] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'. [ 106.130456][ T5873] team0: Port device team_slave_0 added [ 106.158455][ T5873] team0: Port device team_slave_1 added [ 106.279588][ T6135] netlink: 'syz-executor.0': attribute type 126 has an invalid length. [ 106.316559][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.328192][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.376120][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.399059][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.422751][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.467593][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.704690][ T5873] hsr_slave_0: entered promiscuous mode [ 106.748910][ T5873] hsr_slave_1: entered promiscuous mode [ 106.792279][ T5873] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.811447][ T5873] Cannot create hsr debugfs directory [ 107.562861][ T6176] Zero length message leads to an empty skb [ 107.808196][ T6186] netlink: 14593 bytes leftover after parsing attributes in process `syz-executor.3'. [ 107.886449][ T6192] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 107.918601][ T6192] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 107.946245][ T6190] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) [ 107.955770][ T6192] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.2'. [ 108.947903][ T5873] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 108.987305][ T5873] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 109.044495][ T6221] Driver unsupported XDP return value 0 on prog (id 226) dev N/A, expect packet loss! [ 109.054911][ T5873] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 109.127071][ T5873] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 109.273615][ T6234] netlink: 209840 bytes leftover after parsing attributes in process `syz-executor.3'. [ 109.729399][ T6249] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 109.765196][ T6249] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 109.868369][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.980699][ T5873] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.068048][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.075276][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.116356][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.123585][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.046130][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.507847][ T6322] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 111.573110][ T6322] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 111.623531][ T6322] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 112.038732][ T5873] veth0_vlan: entered promiscuous mode [ 112.094634][ T5873] veth1_vlan: entered promiscuous mode [ 112.237020][ T5873] veth0_macvtap: entered promiscuous mode [ 112.278991][ T5873] veth1_macvtap: entered promiscuous mode [ 112.360641][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.372378][ T6353] netlink: 209840 bytes leftover after parsing attributes in process `syz-executor.1'. [ 112.414246][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.454257][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.497643][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.533197][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.556534][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.584121][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.609041][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.611115][ T6366] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 112.636390][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.683474][ T6366] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.3'. [ 112.751756][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.805860][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.819129][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.831861][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.862011][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.931855][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.963735][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.992467][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.033610][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.146976][ T5873] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.188311][ T5873] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.216477][ T5873] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.240622][ T5873] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.474823][ T6402] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 113.486342][ T6400] netlink: 209840 bytes leftover after parsing attributes in process `syz-executor.1'. [ 113.508351][ T6402] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 113.557971][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.603032][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.831373][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.867536][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.150895][ T6433] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 114.194602][ T6433] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 114.233815][ T6433] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'. [ 114.475148][ T6449] IPv6: Can't replace route, no match found [ 114.980747][ T6473] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 115.034194][ T6473] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 115.068030][ T6478] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 115.092163][ T6473] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 115.308524][ T6489] IPv6: Can't replace route, no match found [ 115.953655][ T6510] syzkaller0: entered promiscuous mode [ 115.971447][ T6510] syzkaller0: entered allmulticast mode [ 119.591880][ T6588] netlink: 65039 bytes leftover after parsing attributes in process `syz-executor.0'. [ 119.775892][ T6597] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 119.805189][ T6597] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.4'. [ 120.219844][ T6609] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.695723][ T6609] syzkaller0: entered promiscuous mode [ 120.735480][ T6609] syzkaller0: entered allmulticast mode [ 120.760880][ T6620] netlink: 65039 bytes leftover after parsing attributes in process `syz-executor.3'. [ 123.557679][ T6659] syzkaller0: entered promiscuous mode [ 123.565625][ T6659] syzkaller0: entered allmulticast mode [ 124.433667][ T6685] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'. [ 127.238812][ T6736] syzkaller0: entered promiscuous mode [ 127.252472][ T6736] syzkaller0: entered allmulticast mode [ 127.473791][ T5109] cgroup: fork rejected by pids controller in /syz2 [ 128.718689][ T6745] lo: entered promiscuous mode [ 129.215613][ T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.314406][ T6770] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'. [ 129.379215][ T6767] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'. [ 129.796485][ T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.041120][ T5127] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 130.065738][ T5127] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 130.095990][ T5127] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 130.122862][ T5127] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 130.142115][ T5127] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 130.149650][ T5127] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 130.183278][ T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.343610][ T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.601649][ T6785] syzkaller0: entered promiscuous mode [ 130.638049][ T6785] syzkaller0: entered allmulticast mode [ 132.175868][ T5127] Bluetooth: hci0: command tx timeout [ 132.464347][ T6818] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 132.524275][ T6818] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.3'. [ 132.604676][ T6825] netlink: 144316 bytes leftover after parsing attributes in process `syz-executor.1'. [ 132.714856][ T51] bond0: left allmulticast mode [ 132.734057][ T51] bond_slave_0: left allmulticast mode [ 132.748806][ T51] bond_slave_1: left allmulticast mode [ 132.763102][ T51] bridge0: port 3(bond0) entered disabled state [ 132.782771][ T6833] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'. [ 132.794844][ T51] bridge_slave_1: left allmulticast mode [ 132.822962][ T51] bridge_slave_1: left promiscuous mode [ 132.828788][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.912940][ T51] bridge_slave_0: left allmulticast mode [ 132.918649][ T51] bridge_slave_0: left promiscuous mode [ 132.952663][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.219287][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.229039][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.446488][ T6860] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 133.476595][ T6860] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.4'. [ 133.903983][ T51] team0: Port device bridge0 removed [ 134.050029][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.060600][ T51] bond_slave_0: left promiscuous mode [ 134.071885][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.081753][ T51] bond_slave_1: left promiscuous mode [ 134.089504][ T51] bond0 (unregistering): Released all slaves [ 134.233144][ T6860] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 134.252274][ T5127] Bluetooth: hci0: command tx timeout [ 134.269397][ T6860] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 134.665013][ T6779] chnl_net:caif_netlink_parms(): no params data found [ 134.924582][ T6907] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 134.973961][ T6907] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.4'. [ 135.038593][ T51] hsr_slave_0: left promiscuous mode [ 135.057269][ T51] hsr_slave_1: left promiscuous mode [ 135.080496][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.093934][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.118602][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.158584][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.299400][ T51] veth1_macvtap: left promiscuous mode [ 135.323070][ T51] veth0_macvtap: left promiscuous mode [ 135.328799][ T51] veth1_vlan: left promiscuous mode [ 135.364956][ T51] veth0_vlan: left promiscuous mode [ 135.414118][ T6926] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.1'. [ 135.472151][ T6926] netlink: 3072 bytes leftover after parsing attributes in process `syz-executor.1'. [ 136.335862][ T5127] Bluetooth: hci0: command tx timeout [ 136.816377][ T51] team0 (unregistering): Port device team_slave_1 removed [ 137.148528][ T51] team0 (unregistering): Port device team_slave_0 removed [ 137.426808][ T5111] cgroup: fork rejected by pids controller in /syz0 [ 138.308964][ T6989] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 138.334207][ T6779] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.341408][ T6779] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.358512][ T6989] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.1'. [ 138.378805][ T6779] bridge_slave_0: entered allmulticast mode [ 138.409596][ T6779] bridge_slave_0: entered promiscuous mode [ 138.415838][ T5127] Bluetooth: hci0: command tx timeout [ 138.472444][ T6779] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.474812][ T6989] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 138.492345][ T6779] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.513123][ T6779] bridge_slave_1: entered allmulticast mode [ 138.537321][ T6779] bridge_slave_1: entered promiscuous mode [ 138.543007][ T6989] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 138.709852][ T6998] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'. [ 138.732267][ T6998] netlink: 3072 bytes leftover after parsing attributes in process `syz-executor.3'. [ 138.751793][ T6779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.820277][ T6779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.972988][ T7003] netlink: 45 bytes leftover after parsing attributes in process `syz-executor.3'. [ 139.044721][ T6779] team0: Port device team_slave_0 added [ 139.076117][ T6779] team0: Port device team_slave_1 added [ 139.300866][ T6779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 139.342269][ T6779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.446284][ T6779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 139.514669][ T6779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 139.539591][ T5117] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 139.549894][ T6779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.554001][ T5117] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.594785][ T5117] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 139.616179][ T5117] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 139.626551][ T5117] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 139.634379][ T5117] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 139.706737][ T6779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 141.036507][ T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.211116][ T7052] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.1'. [ 141.221773][ T7052] netlink: 8446 bytes leftover after parsing attributes in process `syz-executor.1'. [ 141.278455][ T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.291679][ T7054] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 141.312169][ T7054] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.3'. [ 141.398095][ T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.510471][ T6779] hsr_slave_0: entered promiscuous mode [ 141.531102][ T6779] hsr_slave_1: entered promiscuous mode [ 141.664289][ T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.692267][ T5127] Bluetooth: hci3: command tx timeout [ 141.801748][ T7073] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.1'. [ 142.004535][ T7071] syzkaller0: entered promiscuous mode [ 142.010212][ T7071] syzkaller0: entered allmulticast mode [ 142.083790][ T7080] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 142.102220][ T7080] netlink: 203156 bytes leftover after parsing attributes in process `syz-executor.1'. [ 143.772175][ T5127] Bluetooth: hci3: command tx timeout [ 144.438276][ T51] bridge_slave_1: left allmulticast mode [ 144.472915][ T51] bridge_slave_1: left promiscuous mode [ 144.478868][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.485309][ T7132] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.1'. [ 144.520146][ T51] bridge_slave_0: left promiscuous mode [ 144.545051][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.131566][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.150397][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.177151][ T51] bond0 (unregistering): Released all slaves [ 145.361130][ T7015] chnl_net:caif_netlink_parms(): no params data found [ 145.852189][ T5127] Bluetooth: hci3: command tx timeout [ 146.150481][ T7015] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.180829][ T7015] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.202246][ T7015] bridge_slave_0: entered allmulticast mode [ 146.216702][ T7015] bridge_slave_0: entered promiscuous mode [ 146.302373][ T7015] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.330350][ T7015] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.358215][ T7015] bridge_slave_1: entered allmulticast mode [ 146.375363][ T7015] bridge_slave_1: entered promiscuous mode [ 146.478062][ T51] hsr_slave_0: left promiscuous mode [ 146.519050][ T51] hsr_slave_1: left promiscuous mode [ 146.540699][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.557711][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 146.583708][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.603658][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 146.650882][ T51] veth1_macvtap: left promiscuous mode [ 146.661168][ T51] veth0_macvtap: left promiscuous mode [ 146.682476][ T51] veth1_vlan: left promiscuous mode [ 146.693199][ T51] veth0_vlan: left promiscuous mode [ 147.468670][ T51] team0 (unregistering): Port device team_slave_1 removed [ 147.545662][ T51] team0 (unregistering): Port device team_slave_0 removed [ 147.935293][ T5127] Bluetooth: hci3: command tx timeout [ 148.223033][ T7015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 148.330209][ T7015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 148.376959][ T6779] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 148.385127][ T7260] syz-executor.1[7260] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 148.385273][ T7260] syz-executor.1[7260] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 148.388285][ T7256] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 148.418980][ T7256] netlink: 'syz-executor.3': attribute type 20 has an invalid length. [ 148.427597][ T7256] IPv6: NLM_F_CREATE should be specified when creating new route [ 148.487637][ T6779] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 148.533729][ T7015] team0: Port device team_slave_0 added [ 148.544668][ T7015] team0: Port device team_slave_1 added [ 148.565347][ T6779] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 148.639885][ T7266] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.3'. [ 148.723743][ T6779] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 148.779021][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 148.804600][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.846425][ T7015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 148.863867][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 148.871195][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.884384][ T7276] sctp: [Deprecated]: syz-executor.3 (pid 7276) Use of struct sctp_assoc_value in delayed_ack socket option. [ 148.884384][ T7276] Use struct sctp_sack_info instead [ 148.931804][ T7015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 148.967068][ T7276] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 148.991690][ T7276] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 149.055951][ T7276] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 149.069567][ T7276] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 149.095927][ T7015] hsr_slave_0: entered promiscuous mode [ 149.130418][ T7015] hsr_slave_1: entered promiscuous mode [ 149.182440][ T7015] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 149.190047][ T7015] Cannot create hsr debugfs directory [ 149.624744][ T7316] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 149.814250][ T7321] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 149.841974][ T7321] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.3'. [ 150.086639][ T7316] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 150.101323][ T7321] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 150.128627][ T7321] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 150.378273][ T7331] wg2: entered promiscuous mode [ 150.389290][ T7331] wg2: entered allmulticast mode [ 150.759387][ T6779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 150.806102][ T6779] 8021q: adding VLAN 0 to HW filter on device team0 [ 150.835406][ T928] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.842625][ T928] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.916243][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.923515][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 151.969953][ T7015] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 152.044221][ T7015] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 152.094776][ T7015] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 152.182202][ T6779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 152.192765][ T7015] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 152.411725][ T6779] veth0_vlan: entered promiscuous mode [ 152.460865][ T6779] veth1_vlan: entered promiscuous mode [ 152.605086][ T6779] veth0_macvtap: entered promiscuous mode [ 152.627720][ T7015] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.660050][ T6779] veth1_macvtap: entered promiscuous mode [ 152.676688][ T7417] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 152.710749][ T7417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 152.754591][ T7417] team0: Port device batadv0 added [ 152.784013][ T7015] 8021q: adding VLAN 0 to HW filter on device team0 [ 152.820800][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.828134][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 152.905166][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.912388][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 152.967539][ T6779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.002180][ T6779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.017619][ T6779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.042059][ T6779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.060382][ T6779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.075930][ T6779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.075958][ T29] audit: type=1804 audit(1717544750.422:5): pid=7428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3534151352/syzkaller.KgSkbJ/104/cgroup.controllers" dev="sda1" ino=1954 res=1 errno=0 [ 153.121149][ T6779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.127995][ T29] audit: type=1800 audit(1717544750.462:6): pid=7428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="cgroup.controllers" dev="sda1" ino=1954 res=0 errno=0 [ 153.156465][ T6779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.173803][ T6779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.189143][ T6779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.200067][ T6779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.210686][ T6779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.221791][ T6779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.235974][ T6779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.344241][ T6779] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.380216][ T6779] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.405484][ T6779] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.421549][ T6779] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.578230][ T7015] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 153.713364][ C0] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1 [ 153.874280][ T2842] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.911360][ T2842] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.002117][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.032210][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.281449][ T7015] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 154.570887][ T7015] veth0_vlan: entered promiscuous mode [ 154.668762][ T7015] veth1_vlan: entered promiscuous mode [ 154.832787][ T7015] veth0_macvtap: entered promiscuous mode [ 154.865128][ T7015] veth1_macvtap: entered promiscuous mode [ 154.991503][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.036449][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.070193][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.104470][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.138410][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.167834][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.191089][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.234200][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.269955][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 155.364918][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.414039][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.484521][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.522045][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.545334][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.568381][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.591885][ T7507] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.2'. [ 155.617255][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.638772][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.668634][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 155.727134][ T7015] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.750912][ T7015] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.768484][ T7015] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.790855][ T7015] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.068901][ T7521] netlink: 'syz-executor.3': attribute type 9 has an invalid length. [ 156.091756][ T5164] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.108974][ T7521] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.3'. [ 156.137282][ T5164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 156.248601][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.277335][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.262886][ T7576] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.1'. [ 157.656610][ T5127] Bluetooth: hci1: unexpected event 0x20 length: 15 > 7 [ 158.315602][ T7621] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 158.362339][ T7621] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 158.391677][ T7627] netlink: 15743 bytes leftover after parsing attributes in process `syz-executor.1'. [ 158.712214][ T5127] Bluetooth: hci2: unexpected event 0x20 length: 15 > 7 [ 159.392349][ T29] audit: type=1800 audit(1717544756.732:7): pid=7669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1961 res=0 errno=0 [ 162.244766][ T29] audit: type=1800 audit(1717544759.592:8): pid=7773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1957 res=0 errno=0 [ 163.945231][ T7865] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 163.978840][ T7865] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.986608][ T7865] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.101773][ T7865] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.109065][ T7865] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.116667][ T7865] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.123928][ T7865] bridge0: port 1(bridge_slave_0) entered forwarding state [ 164.170714][ T7865] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 165.109032][ T7927] netlink: 129384 bytes leftover after parsing attributes in process `syz-executor.2'. [ 165.725139][ T7960] netlink: 129384 bytes leftover after parsing attributes in process `syz-executor.3'. [ 166.372667][ T7999] netlink: 3084 bytes leftover after parsing attributes in process `syz-executor.0'. [ 166.430643][ T7999] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.0'. [ 166.621040][ T8007] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 166.649106][ T8007] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.0'. [ 166.681340][ T8007] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 167.359579][ T8038] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 167.376763][ T8038] veth1_macvtap: left promiscuous mode [ 167.405224][ T8038] bridge0: port 3(macsec0) entered blocking state [ 167.423399][ T8038] bridge0: port 3(macsec0) entered disabled state [ 167.430464][ T8038] macsec0: entered allmulticast mode [ 167.437380][ T8038] macsec0: entered promiscuous mode [ 167.455465][ T8042] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.1'. [ 167.481501][ T8042] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 167.734456][ T8056] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 167.762261][ T8056] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'. [ 168.798107][ T8110] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 168.830565][ T8110] netlink: 212412 bytes leftover after parsing attributes in process `syz-executor.3'. [ 168.858568][ T8110] openvswitch: netlink: Flow key attr not present in new flow. [ 168.892165][ T8115] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 168.917088][ T8110] bridge0: port 3(team0) entered blocking state [ 168.922213][ T8115] netlink: 210876 bytes leftover after parsing attributes in process `syz-executor.2'. [ 168.932460][ T8110] bridge0: port 3(team0) entered disabled state [ 168.949355][ T8110] team0: entered allmulticast mode [ 168.973523][ T8110] team_slave_0: entered allmulticast mode [ 168.980585][ T8110] team_slave_1: entered allmulticast mode [ 168.997456][ T8110] team0: entered promiscuous mode [ 169.003208][ T8110] team_slave_0: entered promiscuous mode [ 169.014710][ T8110] team_slave_1: entered promiscuous mode [ 169.029260][ T8110] bridge0: port 3(team0) entered blocking state [ 169.036091][ T8110] bridge0: port 3(team0) entered forwarding state [ 169.905323][ T8173] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 170.451014][ T8196] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 170.498803][ T8196] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 170.646403][ T8196] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 170.748976][ T8196] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 171.669337][ T8230] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 171.697558][ T8230] __nla_validate_parse: 3 callbacks suppressed [ 171.697587][ T8230] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.4'. [ 171.906895][ T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.096217][ T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.166760][ T8252] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 172.184704][ T8252] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.2'. [ 172.366245][ T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.395012][ T8263] sit0: entered promiscuous mode [ 172.400196][ T8263] sit0: entered allmulticast mode [ 172.557648][ T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.865736][ T61] team0: left allmulticast mode [ 172.877469][ T61] team_slave_0: left allmulticast mode [ 172.904760][ T61] team_slave_1: left allmulticast mode [ 172.928037][ T61] team0: left promiscuous mode [ 172.943235][ T61] team_slave_0: left promiscuous mode [ 172.963100][ T61] team_slave_1: left promiscuous mode [ 172.991614][ T61] bridge0: port 3(team0) entered disabled state [ 173.015843][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 173.026739][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 173.041216][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 173.053233][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 173.064744][ T5117] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 173.067324][ T61] bridge_slave_1: left allmulticast mode [ 173.081036][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 173.149435][ T61] bridge_slave_1: left promiscuous mode [ 173.185007][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.285535][ T61] bridge_slave_0: left promiscuous mode [ 173.306824][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.124780][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 174.140274][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 174.154330][ T61] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface [ 174.168468][ T61] bond0 (unregistering): Released all slaves [ 174.194770][ T8293] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'. [ 174.240815][ T8329] veth1_macvtap: entered allmulticast mode [ 174.274050][ T8333] veth1_macvtap: entered promiscuous mode [ 174.333732][ T8334] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 175.135201][ T5117] Bluetooth: hci1: command tx timeout [ 175.252293][ T61] hsr_slave_0: left promiscuous mode [ 175.278988][ T61] hsr_slave_1: left promiscuous mode [ 175.333475][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 175.358606][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 175.431155][ T61] veth1_macvtap: left promiscuous mode [ 175.439408][ T61] veth0_macvtap: left promiscuous mode [ 175.467137][ T61] veth1_vlan: left promiscuous mode [ 175.489036][ T61] veth0_vlan: left promiscuous mode [ 176.336991][ T61] team0 (unregistering): Port device team_slave_1 removed [ 176.375624][ T61] team0 (unregistering): Port device team_slave_0 removed [ 176.803462][ T8407] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 176.832255][ T8407] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'. [ 177.223097][ T5117] Bluetooth: hci1: command tx timeout [ 177.236825][ T8287] chnl_net:caif_netlink_parms(): no params data found [ 177.649645][ T8459] netlink: 144316 bytes leftover after parsing attributes in process `syz-executor.4'. [ 177.712233][ T8455] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 177.831017][ T8459] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 177.852708][ T8459] tipc: Started in network mode [ 177.873557][ T8459] tipc: Node identity a, cluster identity 4711 [ 177.895005][ T8459] tipc: Node number set to 10 [ 177.909935][ T8287] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.931807][ T8287] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.955847][ T8287] bridge_slave_0: entered allmulticast mode [ 177.964590][ T8287] bridge_slave_0: entered promiscuous mode [ 178.002520][ T8287] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.026012][ T8287] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.042390][ T8287] bridge_slave_1: entered allmulticast mode [ 178.060719][ T8287] bridge_slave_1: entered promiscuous mode [ 178.155193][ T8287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.223581][ T8287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 178.373709][ T8287] team0: Port device team_slave_0 added [ 178.407092][ T8287] team0: Port device team_slave_1 added [ 178.617064][ T8287] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.628710][ T8287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.672213][ T8287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.685636][ T8287] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.693523][ T8287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.726257][ T8287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.849011][ T8287] hsr_slave_0: entered promiscuous mode [ 178.887361][ T8287] hsr_slave_1: entered promiscuous mode [ 178.904975][ T8287] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 178.916680][ T8287] Cannot create hsr debugfs directory [ 178.963888][ T8511] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 178.989074][ T8511] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 179.293724][ T5117] Bluetooth: hci1: command tx timeout [ 180.040105][ T5117] Bluetooth: hci2: unexpected event 0x04 length: 15 > 10 [ 180.830104][ T8287] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 180.886573][ T8287] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 180.923885][ T8287] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 180.982140][ T8287] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 181.369278][ T8287] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.382420][ T5117] Bluetooth: hci1: command tx timeout [ 181.460720][ T8287] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.511437][ T1615] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.518655][ T1615] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.584667][ T1615] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.591906][ T1615] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.102989][ T5117] Bluetooth: hci2: command tx timeout [ 182.398129][ T8287] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.535145][ T8664] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 182.547409][ T8664] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 182.588194][ T8287] veth0_vlan: entered promiscuous mode [ 182.627784][ T8287] veth1_vlan: entered promiscuous mode [ 182.873744][ T8287] veth0_macvtap: entered promiscuous mode [ 182.911094][ T8287] veth1_macvtap: entered promiscuous mode [ 182.997037][ T8688] mac80211_hwsim hwsim19 : renamed from wlan1 (while UP) [ 183.084922][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.122128][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.154664][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.192661][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.223911][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.253524][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.282337][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.316799][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.355727][ T8287] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.398461][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.446579][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.473838][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.522342][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.549296][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.572033][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.582728][ T8287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.599229][ T8287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.629392][ T8287] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.687110][ T8287] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.716842][ T8287] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.730124][ T8287] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.757733][ T8287] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.138340][ T2795] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.177345][ T2795] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.335554][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.367437][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.674295][ T8796] netlink: 'syz-executor.1': attribute type 28 has an invalid length. [ 185.712248][ T8796] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.1'. [ 185.777571][ T8796] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 185.828247][ T8796] batman_adv: batadv0: Adding interface: hsr_slave_0 [ 185.885452][ T8796] batman_adv: batadv0: The MTU of interface hsr_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.961868][ T8804] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 185.977319][ T8796] batman_adv: batadv0: Not using interface hsr_slave_0 (retrying later): interface not active [ 186.088735][ T8804] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 186.261236][ T8818] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 186.316679][ T8818] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 186.337271][ T8818] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 186.363616][ T8818] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 186.503917][ T5127] Bluetooth: hci4: command 0x0406 tx timeout [ 186.759230][ T8844] netlink: 'syz-executor.2': attribute type 63 has an invalid length. [ 186.996258][ T8856] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.1'. [ 187.013604][ T8854] netlink: 'syz-executor.2': attribute type 28 has an invalid length. [ 187.032305][ T8854] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.2'. [ 187.076490][ T8859] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 187.114427][ T8859] batman_adv: batadv0: Adding interface: hsr_slave_0 [ 187.121201][ T8859] batman_adv: batadv0: The MTU of interface hsr_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.304893][ T8859] batman_adv: batadv0: Not using interface hsr_slave_0 (retrying later): interface not active [ 187.499680][ T8873] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 187.517391][ T8873] netlink: 112865 bytes leftover after parsing attributes in process `syz-executor.3'. [ 187.550812][ T8873] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.3'. [ 187.806885][ T8882] netlink: 'syz-executor.2': attribute type 63 has an invalid length. [ 188.002932][ T8891] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.1'. [ 188.053363][ T8890] tun0: tun_chr_ioctl cmd 2147767519 [ 188.173542][ T8898] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 188.223593][ T8898] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.1'. [ 188.627943][ T8921] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.1'. [ 188.734299][ T8925] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 188.922551][ T8931] tun1: tun_chr_ioctl cmd 2147767519 [ 189.405920][ T8964] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 189.649571][ T8972] netlink: 'syz-executor.4': attribute type 28 has an invalid length. [ 189.702948][ T8972] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 189.742524][ T8972] batman_adv: batadv0: Adding interface: hsr_slave_0 [ 189.776553][ T8972] batman_adv: batadv0: The MTU of interface hsr_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.873686][ T8972] batman_adv: batadv0: Not using interface hsr_slave_0 (retrying later): interface not active [ 190.449636][ T9001] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 190.713015][ T5117] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 190.983472][ T9011] netlink: 'syz-executor.4': attribute type 28 has an invalid length. [ 191.102301][ T9011] __nla_validate_parse: 3 callbacks suppressed [ 191.102319][ T9011] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.4'. [ 191.217977][ T9015] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 191.434397][ T29] audit: type=1800 audit(1717544788.772:9): pid=9020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1949 res=0 errno=0 [ 191.500826][ T29] audit: type=1804 audit(1717544788.782:10): pid=9020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1518804920/syzkaller.AtguKX/129/memory.events" dev="sda1" ino=1949 res=1 errno=0 [ 191.570720][ T29] audit: type=1804 audit(1717544788.842:11): pid=9024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1518804920/syzkaller.AtguKX/129/memory.events" dev="sda1" ino=1949 res=1 errno=0 [ 191.713485][ T9024] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 191.723443][ T9024] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 191.731806][ T9024] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 191.760151][ T9024] syz-executor.0[9024] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 191.760325][ T9024] syz-executor.0[9024] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 191.831752][ T9035] syz-executor.0[9035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 191.894996][ T9035] syz-executor.0[9035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 192.224571][ T9051] netlink: 105120 bytes leftover after parsing attributes in process `syz-executor.4'. [ 192.324148][ T9051] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 192.529632][ T9057] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.4'. [ 193.096346][ T9078] netlink: 105120 bytes leftover after parsing attributes in process `syz-executor.2'. [ 193.112204][ T9078] validate_nla: 2 callbacks suppressed [ 193.112222][ T9078] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 193.437450][ T9090] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 193.709219][ T9105] IPv6: Can't replace route, no match found [ 193.838752][ T9111] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37 [ 194.043533][ T9125] netlink: 'syz-executor.2': attribute type 6 has an invalid length. [ 194.077166][ T9125] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 194.088466][ T9119] syzkaller0: entered promiscuous mode [ 194.101497][ T9119] syzkaller0: entered allmulticast mode [ 194.655715][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.662741][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.851073][ T9138] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 195.869377][ T9146] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 195.875428][ T9146] pim6reg0: linktype set to 804 [ 196.012805][ T9150] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 196.124476][ T9153] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37 [ 196.649831][ T9182] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 196.757207][ T9187] netlink: 61211 bytes leftover after parsing attributes in process `syz-executor.3'. [ 196.931047][ T9189] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37 [ 197.248298][ T5117] Bluetooth: hci4: unexpected event 0x01 length: 15 > 1 [ 197.257929][ T9214] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 197.846894][ T9233] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37 [ 198.901110][ T9272] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37 [ 199.041892][ T9285] netlink: 'syz-executor.0': attribute type 49 has an invalid length. [ 199.062892][ T9287] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 199.119110][ T9287] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 199.149264][ T9288] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 199.189525][ T9294] netlink: 'syz-executor.2': attribute type 39 has an invalid length. [ 199.208989][ T9294] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 199.227978][ T9294] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.2'. [ 199.261526][ T9294] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 199.292638][ T9287] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 199.314854][ T9288] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 199.326329][ T9300] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 199.343580][ T9287] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 201.366819][ T9352] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'. [ 204.279692][ T9454] validate_nla: 3 callbacks suppressed [ 204.279713][ T9454] netlink: 'syz-executor.3': attribute type 13 has an invalid length. [ 204.310960][ T9454] netlink: 24859 bytes leftover after parsing attributes in process `syz-executor.3'. [ 204.733615][ T5117] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 204.813999][ T9484] netlink: 'syz-executor.1': attribute type 13 has an invalid length. [ 204.832122][ T9484] netlink: 24859 bytes leftover after parsing attributes in process `syz-executor.1'. [ 204.865269][ T9486] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 204.913020][ T9486] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.4'. [ 205.047056][ T9496] netlink: 35347 bytes leftover after parsing attributes in process `syz-executor.4'. [ 205.305796][ T9506] netlink: 131752 bytes leftover after parsing attributes in process `syz-executor.1'. [ 206.173773][ T9530] netlink: 35347 bytes leftover after parsing attributes in process `syz-executor.3'. [ 206.637158][ T9539] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.4'. [ 206.648707][ T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.649572][ T5127] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 206.679726][ T5127] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 206.688351][ T5127] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 206.697601][ T5127] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 206.705838][ T5127] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 206.714171][ T5127] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 206.902298][ T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.085215][ T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.225417][ T9549] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 207.241054][ T9549] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'. [ 207.403755][ T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.438325][ T9558] netlink: 35347 bytes leftover after parsing attributes in process `syz-executor.2'. [ 207.735593][ T9567] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 207.770875][ T9567] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.785522][ T9567] bond0: (slave team0): Enslaving as an active interface with an up link [ 207.809689][ T51] bridge_slave_1: left allmulticast mode [ 207.822091][ T51] bridge_slave_1: left promiscuous mode [ 207.836689][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.858450][ T51] bridge_slave_0: left allmulticast mode [ 207.869752][ T51] bridge_slave_0: left promiscuous mode [ 207.879028][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.917442][ T5117] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 208.311882][ T51] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 208.466495][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 208.481775][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 208.500086][ T51] bond0 (unregistering): Released all slaves [ 208.529117][ T9540] chnl_net:caif_netlink_parms(): no params data found [ 208.561019][ T9584] : renamed from bond0 [ 208.812148][ T5117] Bluetooth: hci4: command tx timeout [ 209.117626][ T9540] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.125312][ T9540] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.135594][ T9540] bridge_slave_0: entered allmulticast mode [ 209.143492][ T9540] bridge_slave_0: entered promiscuous mode [ 209.224944][ T9540] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.248656][ T9540] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.302698][ T9540] bridge_slave_1: entered allmulticast mode [ 209.311059][ T9540] bridge_slave_1: entered promiscuous mode [ 209.389866][ T5127] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 209.399646][ T5127] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 209.412797][ T5127] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 209.423454][ T5127] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 209.432292][ T5127] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 209.440261][ T5127] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 209.568844][ T51] hsr_slave_0: left promiscuous mode [ 209.591665][ T51] hsr_slave_1: left promiscuous mode [ 209.607297][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.616985][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.631445][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.640467][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.654812][ T51] batman_adv: batadv0: Removing interface: hsr_slave_0 [ 209.690500][ T51] veth1_macvtap: left promiscuous mode [ 209.696823][ T51] veth0_macvtap: left promiscuous mode [ 209.703969][ T51] veth1_vlan: left promiscuous mode [ 209.709472][ T51] veth0_vlan: left promiscuous mode [ 210.138042][ T51] team0 (unregistering): Port device team_slave_1 removed [ 210.186875][ T51] team0 (unregistering): Port device team_slave_0 removed [ 210.396465][ T51] team0 (unregistering): Port device batadv0 removed [ 210.620173][ T9540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.662515][ T9540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.810533][ T9540] team0: Port device team_slave_0 added [ 210.839241][ T9632] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.4'. [ 210.857966][ T9540] team0: Port device team_slave_1 added [ 210.892707][ T5127] Bluetooth: hci4: command tx timeout [ 210.974115][ T9540] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.981619][ T9540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.025068][ T9540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.077139][ T9540] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.094042][ T9540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.152444][ T9540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.315848][ T9540] hsr_slave_0: entered promiscuous mode [ 211.325184][ T9540] hsr_slave_1: entered promiscuous mode [ 211.331676][ T9540] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.341820][ T9540] Cannot create hsr debugfs directory [ 211.532085][ T5127] Bluetooth: hci5: command tx timeout [ 211.644411][ T51] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.818026][ T51] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.880529][ T9614] chnl_net:caif_netlink_parms(): no params data found [ 212.026320][ T51] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.175043][ T51] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.398577][ T9614] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.429193][ T9614] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.453121][ T9614] bridge_slave_0: entered allmulticast mode [ 212.460529][ T9614] bridge_slave_0: entered promiscuous mode [ 212.495083][ T9614] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.511114][ T9614] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.527133][ T9614] bridge_slave_1: entered allmulticast mode [ 212.543522][ T9614] bridge_slave_1: entered promiscuous mode [ 212.790763][ T9614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.844187][ T9614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.983647][ T5127] Bluetooth: hci4: command tx timeout [ 213.083792][ T51] bridge_slave_1: left allmulticast mode [ 213.094287][ T51] bridge_slave_1: left promiscuous mode [ 213.105723][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.116180][ T51] bridge_slave_0: left allmulticast mode [ 213.122134][ T51] bridge_slave_0: left promiscuous mode [ 213.128125][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.625065][ T5127] Bluetooth: hci5: command tx timeout [ 213.804063][ T9734] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.0'. [ 213.813978][ T9734] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.0'. [ 213.824040][ T9734] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.0'. [ 213.971617][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 213.996671][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 214.017323][ T51] bond0 (unregistering): Released all slaves [ 214.051484][ T9614] team0: Port device team_slave_0 added [ 214.058015][ T9728] netlink: 61211 bytes leftover after parsing attributes in process `syz-executor.2'. [ 214.114222][ T9614] team0: Port device team_slave_1 added [ 214.244256][ T9614] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 214.260280][ T9614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.290824][ T9614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.311460][ T9614] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.320523][ T9614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.352986][ T9614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 214.552890][ T9614] hsr_slave_0: entered promiscuous mode [ 214.571574][ T9614] hsr_slave_1: entered promiscuous mode [ 214.587099][ T9614] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 214.605419][ T9757] netlink: 'syz-executor.0': attribute type 9 has an invalid length. [ 214.608832][ T9614] Cannot create hsr debugfs directory [ 214.619410][ T9757] netlink: 134780 bytes leftover after parsing attributes in process `syz-executor.0'. [ 214.748855][ T9540] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 214.806264][ T9540] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 214.835526][ T9540] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 214.870288][ T51] hsr_slave_0: left promiscuous mode [ 214.881404][ T51] hsr_slave_1: left promiscuous mode [ 214.926906][ T51] veth1_macvtap: left promiscuous mode [ 214.938446][ T51] veth0_macvtap: left promiscuous mode [ 214.952690][ T51] veth1_vlan: left promiscuous mode [ 214.959040][ T51] veth0_vlan: left promiscuous mode [ 215.053125][ T5127] Bluetooth: hci4: command tx timeout [ 215.692500][ T5117] Bluetooth: hci5: command tx timeout [ 215.752788][ T9779] netlink: 'syz-executor.4': attribute type 9 has an invalid length. [ 215.761125][ T9779] netlink: 134780 bytes leftover after parsing attributes in process `syz-executor.4'. [ 215.959905][ T51] team0 (unregistering): Port device team_slave_1 removed [ 216.027724][ T51] team0 (unregistering): Port device team_slave_0 removed [ 216.458141][ T9540] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 216.684686][ T9798] netlink: 9286 bytes leftover after parsing attributes in process `syz-executor.2'. [ 216.886989][ T9540] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.945600][ T9540] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.989729][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.996962][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.021245][ T928] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.028437][ T928] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.213272][ T5117] Bluetooth: hci2: command 0x0406 tx timeout [ 217.284059][ T9614] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 217.325929][ T9614] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 217.377085][ T9614] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 217.397318][ T9614] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 217.773117][ T5127] Bluetooth: hci5: command tx timeout [ 217.801483][ T9540] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.857642][ T9614] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.939083][ T9614] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.981345][ T5175] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.988610][ T5175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.034965][ T9540] veth0_vlan: entered promiscuous mode [ 218.077472][ T5175] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.084684][ T5175] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.141121][ T9540] veth1_vlan: entered promiscuous mode [ 218.161833][ T9844] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 218.186495][ T9844] netlink: 168864 bytes leftover after parsing attributes in process `syz-executor.4'. [ 218.327373][ T9540] veth0_macvtap: entered promiscuous mode [ 218.366425][ T9540] veth1_macvtap: entered promiscuous mode [ 218.434905][ T9540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.517416][ T9540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.562214][ T9540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.645344][ T9540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.702879][ T9540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.765488][ T9540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.802713][ T9540] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.842398][ T9540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.875700][ T9540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.878251][ T9861] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 218.898958][ T9540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.909759][ T9540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.919915][ T9540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.930927][ T9540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.945320][ T9540] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.957347][ T9540] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.967106][ T9540] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.977358][ T9540] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.988975][ T9540] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.001260][ T9861] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 219.046823][ T9864] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 219.103007][ T9866] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 219.150035][ T9861] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 219.181386][ T9871] EXT4-fs warning (device sda1): __ext4_ioctl:1258: Setting inode version is not supported with metadata_csum enabled. [ 219.229854][ T9614] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.338530][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.356375][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.483997][ T9614] veth0_vlan: entered promiscuous mode [ 219.499984][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.526220][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.548046][ T9614] veth1_vlan: entered promiscuous mode [ 219.623740][ T9614] veth0_macvtap: entered promiscuous mode [ 219.668884][ T9614] veth1_macvtap: entered promiscuous mode [ 219.718952][ T9891] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.726641][ T9891] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.798445][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.817169][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.839158][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.851539][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.870129][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.898284][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.923216][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.955704][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.009921][ T9614] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.096055][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 220.128642][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.143236][ T9913] netlink: 85288 bytes leftover after parsing attributes in process `syz-executor.1'. [ 220.154133][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 220.177319][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.193323][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 220.217696][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.256042][ T9614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 220.277844][ T9614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.298597][ T9614] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.347044][ T9614] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.361787][ T9614] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.373619][ T9614] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.398583][ T9614] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.668498][ T928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 220.679381][ T928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.740417][ T9934] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 220.753961][ T1615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 220.763590][ T1615] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.771129][ T9934] netlink: 168864 bytes leftover after parsing attributes in process `syz-executor.0'. [ 221.270711][ T9963] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 221.363911][ T9963] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 221.406403][ T9964] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 221.430545][ T9963] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 221.463221][ T9963] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 221.588841][ T29] audit: type=1800 audit(1717544818.932:12): pid=9976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1955 res=0 errno=0 [ 221.664868][ T9980] netlink: 3084 bytes leftover after parsing attributes in process `syz-executor.3'. [ 221.707949][ T29] audit: type=1804 audit(1717544818.982:13): pid=9976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236236264/syzkaller.dgRWW5/9/memory.events" dev="sda1" ino=1955 res=1 errno=0 [ 221.752156][ T9980] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'. [ 221.769819][ T29] audit: type=1804 audit(1717544819.052:14): pid=9983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236236264/syzkaller.dgRWW5/9/memory.events" dev="sda1" ino=1955 res=1 errno=0 [ 222.108471][ T9976] netlink: 'syz-executor.1': attribute type 21 has an invalid length. [ 222.131701][ T9976] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 222.147612][ T9976] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'. [ 222.194420][ T9976] syz-executor.1[9976] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 222.194585][ T9976] syz-executor.1[9976] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 222.245138][ T9983] syz-executor.1[9983] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 222.290393][ T9983] syz-executor.1[9983] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 222.844106][T10023] Q6\bY4: renamed from lo (while UP) [ 222.876840][T10025] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 222.900553][T10025] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.2'. [ 223.401147][T10060] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 223.446780][T10060] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.1'. [ 224.457373][ T5127] Bluetooth: hci2: unexpected event 0x1c length: 15 > 5 [ 225.929245][T10133] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 225.961185][T10135] netlink: 61211 bytes leftover after parsing attributes in process `syz-executor.1'. [ 225.978605][T10137] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 226.016516][T10137] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 226.534259][T10152] netlink: 3084 bytes leftover after parsing attributes in process `syz-executor.3'. [ 226.563352][T10152] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'. [ 227.107169][T10174] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 227.136276][T10174] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.0'. [ 227.794245][T10201] batman_adv: The newly added mac address (74:72:6f:6c:00:00) already exists on: batadv_slave_0 [ 227.852318][T10201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.327148][T10236] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 228.343645][T10236] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 228.840223][T10268] netlink: 'syz-executor.3': attribute type 39 has an invalid length. [ 228.946695][ T29] audit: type=1804 audit(1717544826.292:15): pid=10275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3534151352/syzkaller.KgSkbJ/346/memory.events" dev="sda1" ino=1964 res=1 errno=0 [ 228.984589][ T29] audit: type=1800 audit(1717544826.322:16): pid=10275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="memory.events" dev="sda1" ino=1964 res=0 errno=0 [ 229.184161][T10283] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 229.206565][T10283] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 229.390283][ T29] audit: type=1800 audit(1717544826.732:17): pid=10295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1962 res=0 errno=0 [ 229.427100][ T29] audit: type=1804 audit(1717544826.762:18): pid=10295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236236264/syzkaller.dgRWW5/43/memory.events" dev="sda1" ino=1962 res=1 errno=0 [ 229.489174][ T29] audit: type=1804 audit(1717544826.832:19): pid=10298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236236264/syzkaller.dgRWW5/43/memory.events" dev="sda1" ino=1962 res=1 errno=0 [ 229.718762][T10298] netlink: 'syz-executor.1': attribute type 21 has an invalid length. [ 229.822286][T10298] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 229.877972][T10298] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'. [ 230.120341][T10298] syz-executor.1[10298] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 230.120811][T10298] syz-executor.1[10298] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 230.242965][T10303] syz-executor.1[10303] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 230.343454][T10305] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 230.378276][T10303] syz-executor.1[10303] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 230.549655][T10312] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'. [ 230.999121][T10328] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.4'. [ 231.142339][T10332] validate_nla: 8 callbacks suppressed [ 231.142357][T10332] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 231.187440][T10332] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 231.257179][T10336] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 231.779983][T10347] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 231.794827][T10347] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.4'. [ 231.815073][T10347] nbd: couldn't find device at index 17 [ 232.012924][T10356] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'. [ 232.414519][T10374] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 232.437791][T10374] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 232.470517][T10374] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 232.485497][T10379] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 232.535127][T10379] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 232.586452][T10379] nbd: couldn't find device at index 17 [ 233.223578][T10392] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'. [ 233.593819][T10407] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 233.631244][T10407] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 233.768956][T10419] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 233.792158][T10419] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.4'. [ 233.928225][T10421] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'. [ 234.366374][T10446] veth1_macvtap: left promiscuous mode [ 234.454512][T10454] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 234.492815][T10454] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'. [ 234.658219][T10460] pim6reg1: entered promiscuous mode [ 234.675539][T10460] pim6reg1: entered allmulticast mode [ 235.045579][T10484] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 235.077601][T10484] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 235.234981][T10481] wg2: entered promiscuous mode [ 235.245024][T10481] wg2: entered allmulticast mode [ 235.423437][T10496] netlink: 104088 bytes leftover after parsing attributes in process `syz-executor.3'. [ 236.172895][T10524] wg2: entered promiscuous mode [ 236.181153][T10524] wg2: entered allmulticast mode [ 236.345483][T10528] : renamed from bridge_slave_0 (while UP) [ 236.926596][T10528] syz-executor.1 (10528) used greatest stack depth: 15928 bytes left [ 237.192440][T10559] pim6reg1: entered promiscuous mode [ 237.200593][T10559] pim6reg1: entered allmulticast mode [ 237.635779][T10583] __nla_validate_parse: 2 callbacks suppressed [ 237.635798][T10583] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.3'. [ 237.658737][T10583] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 237.679915][T10579] : renamed from bridge_slave_0 (while UP) [ 238.208848][T10609] pim6reg1: entered promiscuous mode [ 238.218934][T10609] pim6reg1: entered allmulticast mode [ 238.236596][T10617] netlink: 65011 bytes leftover after parsing attributes in process `syz-executor.1'. [ 238.699634][T10640] IPv6: Can't replace route, no match found [ 238.719901][T10643] validate_nla: 5 callbacks suppressed [ 238.719922][T10643] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 239.233994][T10670] IPv6: Can't replace route, no match found [ 239.922462][T10694] wg2: left promiscuous mode [ 239.927121][T10694] wg2: left allmulticast mode [ 240.028701][T10694] wg2: entered promiscuous mode [ 240.057702][T10694] wg2: entered allmulticast mode [ 240.101152][T10705] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 240.202179][T10705] team0: Device ipvlan1 failed to register rx_handler [ 240.321225][T10710] netlink: 'syz-executor.4': attribute type 21 has an invalid length. [ 240.903004][T10733] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.0'. [ 240.927163][T10734] netlink: 144316 bytes leftover after parsing attributes in process `syz-executor.1'. [ 240.951798][T10734] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 241.262677][T10746] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 241.427558][T10760] netlink: 'syz-executor.2': attribute type 5 has an invalid length. [ 241.484630][T10760] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.2'. [ 242.003811][T10778] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 242.037950][T10778] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'. [ 242.089055][T10778] bridge_slave_0: left promiscuous mode [ 242.123207][T10778] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.835831][T10799] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 242.859346][T10799] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 242.868454][T10799] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'. [ 243.140630][T10820] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 243.164060][T10820] batman_adv: batadv0: Adding interface: wlan0 [ 243.170477][T10820] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 243.208614][T10820] batman_adv: batadv0: Interface activated: wlan0 [ 243.566321][T10837] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 243.583042][T10837] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 243.591176][T10837] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.4'. [ 243.774424][T10841] netlink: 'syz-executor.3': attribute type 153 has an invalid length. [ 243.803611][T10841] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 243.826287][T10841] netlink: 104088 bytes leftover after parsing attributes in process `syz-executor.3'. [ 244.002700][T10847] netlink: 'syz-executor.4': attribute type 21 has an invalid length. [ 244.530471][T10869] netlink: 'syz-executor.1': attribute type 153 has an invalid length. [ 244.561403][T10869] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 244.589804][T10869] netlink: 104088 bytes leftover after parsing attributes in process `syz-executor.1'. [ 244.599935][T10874] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 244.971645][T10898] netlink: 16186 bytes leftover after parsing attributes in process `syz-executor.1'. [ 245.651329][T10932] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 245.844338][T10932] team0: Device ipvlan1 failed to register rx_handler [ 246.047031][T10950] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 246.057601][T10950] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 246.066216][T10950] netlink: 12374 bytes leftover after parsing attributes in process `syz-executor.3'. [ 246.234270][T10960] netlink: 'syz-executor.1': attribute type 5 has an invalid length. [ 246.275827][T10960] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.1'. [ 246.373873][T10965] netlink: 16186 bytes leftover after parsing attributes in process `syz-executor.4'. [ 246.994410][T10993] team0: Device ipvlan1 failed to register rx_handler [ 248.225578][T11065] syzkaller0: create flow: hash 277967121 index 0 [ 248.264140][T11053] syzkaller0: entered promiscuous mode [ 248.271588][T11053] syzkaller0: entered allmulticast mode [ 248.490326][ T2842] syzkaller0: tun_net_xmit 48 [ 248.518511][T11080] __nla_validate_parse: 7 callbacks suppressed [ 248.518532][T11080] netlink: 16178 bytes leftover after parsing attributes in process `syz-executor.0'. [ 249.540054][T11107] validate_nla: 2 callbacks suppressed [ 249.540075][T11107] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 249.564165][T11107] netlink: 15999 bytes leftover after parsing attributes in process `syz-executor.1'. [ 251.126561][T11053] syzkaller0 (unregistered): delete flow: hash 277967121 index 0 [ 251.832332][T11169] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 252.404212][T11198] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 252.630335][T11212] netlink: 'syz-executor.4': attribute type 21 has an invalid length. [ 252.667404][T11212] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 252.692579][T11212] netlink: 12374 bytes leftover after parsing attributes in process `syz-executor.4'. [ 253.054622][ T5127] Bluetooth: hci0: command 0x0406 tx timeout [ 253.213709][T11241] netlink: 9286 bytes leftover after parsing attributes in process `syz-executor.2'. [ 254.653657][T11313] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 255.184936][T11320] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 255.211638][T11320] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.4'. [ 256.095334][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.108698][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.194805][T11349] syzkaller0: entered promiscuous mode [ 256.211370][T11349] syzkaller0: entered allmulticast mode [ 258.530932][T11370] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 258.688599][T11423] bridge0: port 3(team0) entered blocking state [ 258.715491][T11423] bridge0: port 3(team0) entered disabled state [ 258.732488][T11423] team0: entered allmulticast mode [ 258.744561][T11423] team_slave_0: entered allmulticast mode [ 258.772751][T11423] team_slave_1: entered allmulticast mode [ 258.804119][T11423] team0: entered promiscuous mode [ 258.836979][T11423] team_slave_0: entered promiscuous mode [ 258.853819][T11423] team_slave_1: entered promiscuous mode [ 258.890344][T11423] bridge0: port 3(team0) entered blocking state [ 258.896868][T11423] bridge0: port 3(team0) entered forwarding state [ 258.918653][T11436] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 258.940333][T11436] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 258.978837][T11436] team0: entered promiscuous mode [ 258.997208][T11436] team_slave_0: entered promiscuous mode [ 259.014677][T11436] team_slave_1: entered promiscuous mode [ 259.021430][T11436] team0: entered allmulticast mode [ 259.055570][T11436] team_slave_0: entered allmulticast mode [ 259.072217][T11436] team_slave_1: entered allmulticast mode [ 259.081672][T11436] : (slave team0): Releasing backup interface [ 259.116927][T11436] bridge0: port 1(team0) entered blocking state [ 259.132661][T11436] bridge0: port 1(team0) entered disabled state [ 259.706720][T11473] netlink: 'syz-executor.2': attribute type 21 has an invalid length. [ 259.727786][T11473] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 259.879466][T11485] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 259.888144][T11485] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 260.408307][T11511] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 260.442329][T11511] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 260.630578][T11520] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 260.637506][T11520] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 261.036019][T11545] team0: Port device team_slave_0 removed [ 261.063002][T11545] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 262.290400][T11619] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 262.839163][T11640] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 262.901125][T11640] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 262.942441][T11643] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 262.956774][T11646] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 263.179421][T11658] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 263.269469][T11661] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.2'. [ 263.293354][ T5127] Bluetooth: hci3: command 0x0406 tx timeout [ 263.318246][T11661] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.2'. [ 263.362175][T11661] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.2'. [ 263.547603][T11671] team0: Device ipvlan1 failed to register rx_handler [ 264.286207][T11707] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 264.543368][T11712] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 264.550287][T11712] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 264.810117][ T5117] Bluetooth: hci2: unexpected event 0x12 length: 15 > 8 [ 265.010327][T11732] validate_nla: 8 callbacks suppressed [ 265.010347][T11732] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 265.049451][T11733] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 265.113096][T11733] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.4'. [ 265.250530][T11743] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 265.257281][T11743] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 265.783569][T11775] netlink: 'syz-executor.2': attribute type 64 has an invalid length. [ 265.790393][T11776] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 265.799246][T11776] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 265.825273][T11775] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 265.842137][T11775] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 266.046925][T11783] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.0'. [ 266.083912][T11783] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.0'. [ 266.156590][T11783] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.0'. [ 266.678685][T11816] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 267.160463][T11815] netlink: 'syz-executor.0': attribute type 64 has an invalid length. [ 267.302835][T11825] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 267.714436][T11849] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 267.733702][T11853] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 267.910951][T11862] netlink: 'syz-executor.2': attribute type 21 has an invalid length. [ 268.054960][T11866] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 268.069457][T11866] pim6reg0: linktype set to 805 [ 268.946120][T11909] __nla_validate_parse: 3 callbacks suppressed [ 268.946140][T11909] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.0'. [ 269.078101][T11912] mac80211_hwsim hwsim23 wlan1: entered allmulticast mode [ 269.144553][T11912] mac80211_hwsim hwsim23 wlan1: left allmulticast mode [ 269.312208][T11919] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'. [ 269.397231][T11925] bridge0: port 3(team0) entered blocking state [ 269.424051][T11925] bridge0: port 3(team0) entered disabled state [ 269.430564][T11925] team0: entered allmulticast mode [ 269.462474][T11925] team_slave_1: entered allmulticast mode [ 269.492330][T11925] team0: entered promiscuous mode [ 269.520388][T11925] team_slave_1: entered promiscuous mode [ 269.547677][T11925] bridge0: port 3(team0) entered blocking state [ 269.554170][T11925] bridge0: port 3(team0) entered forwarding state [ 269.970544][T11954] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.2'. [ 270.019074][T11954] validate_nla: 3 callbacks suppressed [ 270.019095][T11954] netlink: 'syz-executor.2': attribute type 5 has an invalid length. [ 270.078589][T11954] netlink: 'syz-executor.2': attribute type 6 has an invalid length. [ 270.110247][T11954] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 270.339473][T11963] tun0: tun_chr_ioctl cmd 10 [ 270.393894][T11965] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.3'. [ 270.990153][T11989] netlink: 'syz-executor.1': attribute type 21 has an invalid length. [ 271.037520][T11989] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.1'. [ 271.069396][T11989] netlink: 'syz-executor.1': attribute type 5 has an invalid length. [ 271.091250][T11989] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. [ 271.110296][T11993] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'. [ 271.162253][T11999] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 271.447779][T12019] netlink: 'syz-executor.1': attribute type 21 has an invalid length. [ 271.481767][T12019] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.1'. [ 271.493317][T12024] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 271.501276][T12019] netlink: 'syz-executor.1': attribute type 5 has an invalid length. [ 271.517466][T12019] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 271.522038][T12024] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'. [ 271.569010][T12020] netlink: 'syz-executor.3': attribute type 64 has an invalid length. [ 271.655504][T12020] bridge0: port 3(team0) entered disabled state [ 272.179726][T12049] openvswitch: netlink: Key type 29 is not supported [ 272.753169][T12084] IPv6: NLM_F_CREATE should be specified when creating new route [ 273.999777][T12133] __nla_validate_parse: 5 callbacks suppressed [ 273.999796][T12133] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'. [ 274.238522][T12148] syz-executor.1[12148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 274.238668][T12148] syz-executor.1[12148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 274.400569][T12164] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.2'. [ 274.525310][T12168] netlink: 24859 bytes leftover after parsing attributes in process `syz-executor.4'. [ 275.012739][ T5117] Bluetooth: hci0: unexpected event 0x0f length: 15 > 4 [ 275.012801][ T5117] Bluetooth: hci0: unexpected event for opcode 0x2064 [ 275.182437][T12202] validate_nla: 4 callbacks suppressed [ 275.182457][T12202] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 275.261604][T12208] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'. [ 276.489140][ T5117] Bluetooth: hci0: unexpected event 0x0f length: 15 > 4 [ 276.489185][ T5117] Bluetooth: hci0: unexpected event for opcode 0x2064 [ 277.303311][ T5117] Bluetooth: hci0: unexpected event 0x0f length: 15 > 4 [ 277.303359][ T5117] Bluetooth: hci0: unexpected event for opcode 0x2064 [ 277.947793][T12305] syzkaller0: entered promiscuous mode [ 278.148689][ T5117] Bluetooth: hci2: Malformed LE Event: 0x0b [ 281.816637][T12404] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.2'. [ 282.232808][T12424] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 282.277698][T12424] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.3'. [ 282.616856][T12436] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 282.635525][T12436] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.4'. [ 282.854042][T12450] netlink: 1041 bytes leftover after parsing attributes in process `syz-executor.4'. [ 282.880574][T12450] nbd: must specify an index to disconnect [ 282.958592][T12454] pim6reg1: entered promiscuous mode [ 282.968134][T12454] pim6reg1: entered allmulticast mode [ 283.375634][T12473] bridge0: port 3(gretap0) entered blocking state [ 283.388482][T12473] bridge0: port 3(gretap0) entered disabled state [ 283.404428][T12473] gretap0: entered allmulticast mode [ 283.418294][T12473] gretap0: entered promiscuous mode [ 283.566636][T12480] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.1'. [ 283.672678][T12475] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 283.703878][T12475] netlink: 116376 bytes leftover after parsing attributes in process `syz-executor.4'. [ 283.739112][T12475] netlink: 18430 bytes leftover after parsing attributes in process `syz-executor.4'. [ 283.871551][T12488] netlink: 'syz-executor.2': attribute type 46 has an invalid length. [ 283.880826][T12488] netlink: 212868 bytes leftover after parsing attributes in process `syz-executor.2'. [ 284.298674][T12497] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 284.337211][T12495] pim6reg1: entered promiscuous mode [ 284.342401][T12497] netlink: 191384 bytes leftover after parsing attributes in process `syz-executor.2'. [ 284.345722][T12495] pim6reg1: entered allmulticast mode [ 284.820563][T12516] veth0_vlan: mtu greater than device maximum [ 284.853615][T12520] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 284.902378][T12520] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 284.925957][T12520] netlink: 126008 bytes leftover after parsing attributes in process `syz-executor.4'. [ 285.176358][T12529] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 286.757747][T12564] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 287.317988][ T5117] Bluetooth: hci0: unexpected event 0x36 length: 15 > 7 [ 288.388914][T12657] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 288.432504][T12657] __nla_validate_parse: 4 callbacks suppressed [ 288.432525][T12657] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 288.477047][T12657] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 289.244745][T12685] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 289.258849][T12685] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 289.562385][T12696] netlink: 'syz-executor.0': attribute type 9 has an invalid length. [ 289.596969][T12696] netlink: 134780 bytes leftover after parsing attributes in process `syz-executor.0'. [ 289.641654][T12700] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 289.666408][T12700] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 289.679870][T12700] netlink: 126008 bytes leftover after parsing attributes in process `syz-executor.1'. [ 289.723964][T12707] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 289.758535][T12707] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.2'. [ 289.931161][T12719] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 289.949462][T12719] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 290.029447][T12719] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 290.513145][T12741] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 290.534204][T12741] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 292.437536][T12823] netlink: 134788 bytes leftover after parsing attributes in process `syz-executor.3'. [ 292.938718][T12848] netlink: 134788 bytes leftover after parsing attributes in process `syz-executor.3'. [ 293.357710][T12865] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 293.369789][T12865] netlink: 'syz-executor.0': attribute type 15 has an invalid length. [ 293.385757][T12865] netlink: 149468 bytes leftover after parsing attributes in process `syz-executor.0'. [ 294.247876][T12896] validate_nla: 4 callbacks suppressed [ 294.247898][T12896] netlink: 'syz-executor.1': attribute type 17 has an invalid length. [ 295.383035][ T5117] Bluetooth: hci5: unexpected event 0x36 length: 15 > 7 [ 296.566711][T12958] netlink: 134788 bytes leftover after parsing attributes in process `syz-executor.2'. [ 297.014213][T12986] netlink: 'syz-executor.2': attribute type 27 has an invalid length. [ 297.449890][T13015] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 297.468223][T13015] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'. [ 297.747439][T13025] netlink: 'syz-executor.4': attribute type 9 has an invalid length. [ 297.772851][T13030] netlink: 'syz-executor.2': attribute type 27 has an invalid length. [ 297.784683][T13025] netlink: 134780 bytes leftover after parsing attributes in process `syz-executor.4'. [ 297.806913][T13033] netlink: 149380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 299.278547][ T5127] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 299.294002][ T5127] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 299.303205][ T5127] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 299.311354][ T5127] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 299.324456][ T5127] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 299.334820][ T5127] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 299.537491][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.744661][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.073891][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.097038][T13138] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 300.140136][T13138] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 300.157039][T13139] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 300.248532][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.278584][T13138] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 300.287838][T13139] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 300.433470][T13110] chnl_net:caif_netlink_parms(): no params data found [ 300.479471][ T12] bridge_slave_1: left allmulticast mode [ 300.491059][ T12] bridge_slave_1: left promiscuous mode [ 300.497924][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 300.516414][ T12] bridge_slave_0: left promiscuous mode [ 300.522432][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.391411][ T5127] Bluetooth: hci1: command tx timeout [ 301.411159][T13168] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.3'. [ 301.447706][T13164] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'. [ 301.497594][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 301.547826][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 301.568833][ T12] bond0 (unregistering): Released all slaves [ 301.606115][T13168] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.3'. [ 301.624908][T13173] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.3'. [ 301.746792][T13168] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.3'. [ 301.757290][ T12] tipc: Left network mode [ 301.765952][T13173] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.3'. [ 301.816864][T13187] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 301.832528][T13187] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 302.059680][T13110] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.083358][T13110] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.090642][T13110] bridge_slave_0: entered allmulticast mode [ 302.138146][T13110] bridge_slave_0: entered promiscuous mode [ 302.207265][T13210] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'. [ 302.289786][T13110] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.300810][T13110] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.324262][T13110] bridge_slave_1: entered allmulticast mode [ 302.338844][T13110] bridge_slave_1: entered promiscuous mode [ 302.512179][T13218] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 302.518397][T13218] pim6reg0: linktype set to 0 [ 302.536748][T13110] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 302.614960][T13110] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 302.791892][ T12] hsr_slave_0: left promiscuous mode [ 302.801389][ T12] hsr_slave_1: left promiscuous mode [ 302.803045][T13239] ------------[ cut here ]------------ [ 302.812645][T13239] WARNING: CPU: 0 PID: 13239 at include/linux/skbuff.h:4222 __ip6_make_skb+0x14f8/0x2470 [ 302.822824][T13239] Modules linked in: [ 302.826766][T13239] CPU: 0 PID: 13239 Comm: syz-executor.3 Not tainted 6.9.0-syzkaller-12148-g61ce0ea7591f #0 2024/06/04 23:48:20 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 302.836888][T13239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 302.847304][T13239] RIP: 0010:__ip6_make_skb+0x14f8/0x2470 [ 302.854616][T13239] Code: c0 0f 85 94 0a 00 00 41 8b 5d 00 4d 85 f6 74 0d e8 2d 90 6f f7 83 e3 fc 44 09 e3 eb 79 e8 20 90 6f f7 eb 6f e8 19 90 6f f7 90 <0f> 0b 90 48 8b 5c 24 08 48 8d 7b 20 48 89 f8 48 c1 e8 03 42 80 3c [ 302.875353][T13239] RSP: 0018:ffffc9000a09f400 EFLAGS: 00010287 [ 302.881471][T13239] RAX: ffffffff8a268467 RBX: 00000000000000ff RCX: 0000000000040000 [ 302.889914][T13239] RDX: ffffc90011b1c000 RSI: 0000000000001b55 RDI: 0000000000001b56 [ 302.898273][T13239] RBP: ffffc9000a09f610 R08: 0000000000000001 R09: ffffffff8a2683a9 [ 302.906600][T13239] R10: 0000000000000003 R11: ffff888060f48000 R12: ffff8880600f8030 [ 302.914682][T13239] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc9000a09f6a0 [ 302.922721][T13239] FS: 00007fd1146116c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 302.931684][T13239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 302.938349][T13239] CR2: 00007fab59ee56c6 CR3: 0000000066d42000 CR4: 00000000003506f0 [ 302.946404][T13239] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 302.955436][T13239] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 302.964264][T13239] Call Trace: [ 302.967585][T13239] [ 302.970539][T13239] ? __warn+0x163/0x4e0 [ 302.974973][T13239] ? __ip6_make_skb+0x14f8/0x2470 [ 302.980048][T13239] ? report_bug+0x2b3/0x500 [ 302.984672][T13239] ? __ip6_make_skb+0x14f8/0x2470 [ 302.989750][T13239] ? handle_bug+0x3e/0x70 [ 302.994147][T13239] ? exc_invalid_op+0x1a/0x50 [ 302.998848][T13239] ? asm_exc_invalid_op+0x1a/0x20 [ 303.004065][T13239] ? __ip6_make_skb+0x1439/0x2470 [ 303.009123][T13239] ? __ip6_make_skb+0x14f7/0x2470 [ 303.014239][T13239] ? __ip6_make_skb+0x14f8/0x2470 [ 303.019405][T13239] ? __pfx___ip6_make_skb+0x10/0x10 [ 303.024673][T13239] ? __pfx___ip6_append_data+0x10/0x10 [ 303.030161][T13239] ? ip6_setup_cork+0x9fd/0xfb0 [ 303.035168][T13239] ip6_make_skb+0x48b/0x530 [ 303.039701][T13239] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 303.045310][T13239] ? __pfx_ip6_make_skb+0x10/0x10 [ 303.050369][T13239] ? __pfx_lock_release+0x10/0x10 [ 303.056500][T13239] ? ip6_sk_dst_lookup_flow+0x87c/0xa30 [ 303.062885][T13239] udpv6_sendmsg+0x237f/0x3270 [ 303.067696][T13239] ? release_sock+0x30/0x1f0 [ 303.072391][T13239] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 303.077967][T13239] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 303.083146][T13239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 303.089515][T13239] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 303.095459][T13239] ? inet_send_prepare+0x1b7/0x260 [ 303.100617][T13239] ? do_raw_spin_unlock+0x13c/0x8b0 [ 303.105975][T13239] ? inet_send_prepare+0x1b7/0x260 [ 303.111124][T13239] __sock_sendmsg+0xef/0x270 [ 303.115793][T13239] ____sys_sendmsg+0x525/0x7d0 [ 303.120606][T13239] ? __pfx_____sys_sendmsg+0x10/0x10 [ 303.126043][T13239] __sys_sendmsg+0x2b0/0x3a0 [ 303.130759][T13239] ? __pfx___sys_sendmsg+0x10/0x10 [ 303.136122][T13239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 303.142529][T13239] ? do_syscall_64+0x100/0x230 [ 303.147324][T13239] ? do_syscall_64+0xb6/0x230 [ 303.152101][T13239] do_syscall_64+0xf3/0x230 [ 303.157554][T13239] ? clear_bhb_loop+0x35/0x90 [ 303.163120][T13239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.169054][T13239] RIP: 0033:0x7fd11387cee9 [ 303.173553][T13239] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 303.193361][T13239] RSP: 002b:00007fd1146110c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 303.201815][T13239] RAX: ffffffffffffffda RBX: 00007fd1139b3f80 RCX: 00007fd11387cee9 [ 303.209873][T13239] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003 [ 303.218076][T13239] RBP: 00007fd1138da6fe R08: 0000000000000000 R09: 0000000000000000 [ 303.226123][T13239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.234164][T13239] R13: 000000000000000b R14: 00007fd1139b3f80 R15: 00007ffd2c3740e8 [ 303.242225][T13239] [ 303.245260][T13239] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 303.252553][T13239] CPU: 0 PID: 13239 Comm: syz-executor.3 Not tainted 6.9.0-syzkaller-12148-g61ce0ea7591f #0 [ 303.262640][T13239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 303.272722][T13239] Call Trace: [ 303.276015][T13239] [ 303.278944][T13239] dump_stack_lvl+0x241/0x360 [ 303.283626][T13239] ? __pfx_dump_stack_lvl+0x10/0x10 [ 303.288830][T13239] ? __pfx__printk+0x10/0x10 [ 303.293421][T13239] ? vscnprintf+0x5d/0x90 [ 303.297750][T13239] panic+0x349/0x860 [ 303.301639][T13239] ? __warn+0x172/0x4e0 [ 303.305795][T13239] ? __pfx_panic+0x10/0x10 [ 303.310214][T13239] __warn+0x346/0x4e0 [ 303.314193][T13239] ? __ip6_make_skb+0x14f8/0x2470 [ 303.319218][T13239] report_bug+0x2b3/0x500 [ 303.323547][T13239] ? __ip6_make_skb+0x14f8/0x2470 [ 303.328570][T13239] handle_bug+0x3e/0x70 [ 303.332719][T13239] exc_invalid_op+0x1a/0x50 [ 303.337217][T13239] asm_exc_invalid_op+0x1a/0x20 [ 303.342061][T13239] RIP: 0010:__ip6_make_skb+0x14f8/0x2470 [ 303.347691][T13239] Code: c0 0f 85 94 0a 00 00 41 8b 5d 00 4d 85 f6 74 0d e8 2d 90 6f f7 83 e3 fc 44 09 e3 eb 79 e8 20 90 6f f7 eb 6f e8 19 90 6f f7 90 <0f> 0b 90 48 8b 5c 24 08 48 8d 7b 20 48 89 f8 48 c1 e8 03 42 80 3c [ 303.367298][T13239] RSP: 0018:ffffc9000a09f400 EFLAGS: 00010287 [ 303.373383][T13239] RAX: ffffffff8a268467 RBX: 00000000000000ff RCX: 0000000000040000 [ 303.381351][T13239] RDX: ffffc90011b1c000 RSI: 0000000000001b55 RDI: 0000000000001b56 [ 303.389319][T13239] RBP: ffffc9000a09f610 R08: 0000000000000001 R09: ffffffff8a2683a9 [ 303.397289][T13239] R10: 0000000000000003 R11: ffff888060f48000 R12: ffff8880600f8030 [ 303.405253][T13239] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc9000a09f6a0 [ 303.413230][T13239] ? __ip6_make_skb+0x1439/0x2470 [ 303.418253][T13239] ? __ip6_make_skb+0x14f7/0x2470 [ 303.423296][T13239] ? __pfx___ip6_make_skb+0x10/0x10 [ 303.428495][T13239] ? __pfx___ip6_append_data+0x10/0x10 [ 303.433951][T13239] ? ip6_setup_cork+0x9fd/0xfb0 [ 303.438803][T13239] ip6_make_skb+0x48b/0x530 [ 303.443309][T13239] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 303.448853][T13239] ? __pfx_ip6_make_skb+0x10/0x10 [ 303.453880][T13239] ? __pfx_lock_release+0x10/0x10 [ 303.458900][T13239] ? ip6_sk_dst_lookup_flow+0x87c/0xa30 [ 303.464464][T13239] udpv6_sendmsg+0x237f/0x3270 [ 303.469233][T13239] ? release_sock+0x30/0x1f0 [ 303.473832][T13239] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 303.479377][T13239] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 303.484489][T13239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 303.490825][T13239] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 303.496543][T13239] ? inet_send_prepare+0x1b7/0x260 [ 303.501651][T13239] ? do_raw_spin_unlock+0x13c/0x8b0 [ 303.506852][T13239] ? inet_send_prepare+0x1b7/0x260 [ 303.511970][T13239] __sock_sendmsg+0xef/0x270 [ 303.516562][T13239] ____sys_sendmsg+0x525/0x7d0 [ 303.521330][T13239] ? __pfx_____sys_sendmsg+0x10/0x10 [ 303.526623][T13239] __sys_sendmsg+0x2b0/0x3a0 [ 303.531216][T13239] ? __pfx___sys_sendmsg+0x10/0x10 [ 303.536367][T13239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 303.542699][T13239] ? do_syscall_64+0x100/0x230 [ 303.547464][T13239] ? do_syscall_64+0xb6/0x230 [ 303.552146][T13239] do_syscall_64+0xf3/0x230 [ 303.556648][T13239] ? clear_bhb_loop+0x35/0x90 [ 303.561322][T13239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.567216][T13239] RIP: 0033:0x7fd11387cee9 [ 303.571632][T13239] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 303.591248][T13239] RSP: 002b:00007fd1146110c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 303.599664][T13239] RAX: ffffffffffffffda RBX: 00007fd1139b3f80 RCX: 00007fd11387cee9 [ 303.607650][T13239] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003 [ 303.615621][T13239] RBP: 00007fd1138da6fe R08: 0000000000000000 R09: 0000000000000000 [ 303.623620][T13239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.631585][T13239] R13: 000000000000000b R14: 00007fd1139b3f80 R15: 00007ffd2c3740e8 [ 303.639571][T13239] [ 303.642806][T13239] Kernel Offset: disabled [ 303.647125][T13239] Rebooting in 86400 seconds..