last executing test programs: 5m18.694547701s ago: executing program 0 (id=21837): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x14869}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="7700000018007f0137", 0x9}, {&(0x7f0000000140)="78cabf2dfb73fc0a00250080f2dc0689258f2e1800b8f9e6aaeb1ae2f6c8bcb5ee52dc06249798093c5102a1bca0b646a7ce904f346b788b3219c233e60ddc36024a99a63e72572c9f9b06f96137c8af12b66cb0e031713a0ffb0f5fe4ca08fd3c67e8f319b8f3a9bb2fa7d5ee75", 0x6e}], 0x2}, 0x0) 5m18.38667372s ago: executing program 0 (id=21843): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r0, 0x40047440, 0x2000000c) 5m18.20664771s ago: executing program 0 (id=21848): r0 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x0, 0x4, 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x4e22, @dev}, 0x10, 0x0}, 0x0) 5m18.036399649s ago: executing program 0 (id=21853): r0 = socket$kcm(0x2, 0x1000000000000002, 0x0) socket$kcm(0x11, 0xa, 0x300) sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e1f, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x10}, @multicast2}}}], 0x20}, 0x0) 5m17.826039298s ago: executing program 0 (id=21858): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x14869}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100108}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000002540)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000005574d074fa7e93447a88c0fbab48660aae7cdf367ef0e4538279b6113de5b94e1056f443305145c9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 5m17.703952088s ago: executing program 0 (id=21860): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000400)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e21, @loopback}, 0x3, 0x0, 0xffffffff, 0x3}}, 0x80, 0x0}, 0x0) r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x9, &(0x7f0000000380), 0x98) 5m17.426242307s ago: executing program 32 (id=21860): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000400)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e21, @loopback}, 0x3, 0x0, 0xffffffff, 0x3}}, 0x80, 0x0}, 0x0) r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x9, &(0x7f0000000380), 0x98) 51.645256359s ago: executing program 2 (id=25865): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="62202a3a2a207793"], 0x9) 51.546120739s ago: executing program 2 (id=25866): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 51.334600998s ago: executing program 2 (id=25870): ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x420004}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0xa, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 51.215871888s ago: executing program 2 (id=25872): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$inet(r0, &(0x7f0000002300)={&(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000080)="c5", 0x1}], 0x1}, 0x40000) setsockopt$sock_attach_bpf(r0, 0x29, 0x3b, 0x0, 0x0) 50.158056764s ago: executing program 2 (id=25898): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r1, 0x0, 0x23) 50.065467303s ago: executing program 2 (id=25888): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)='\"', 0x1}], 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$unix(r1, &(0x7f0000002500)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x1000000}, 0x0) 49.681063692s ago: executing program 33 (id=25888): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)='\"', 0x1}], 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$unix(r1, &(0x7f0000002500)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x1000000}, 0x0) 48.98869s ago: executing program 1 (id=25901): perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x100000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000c00)={r1, 0x58}, 0x10) 48.805135929s ago: executing program 1 (id=25914): bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x30, &(0x7f00000001c0)=@framed={{}, [@tail_call, @ldst={0x3, 0x1, 0x4, 0x9, 0x0, 0x4}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0xdf1, 0x0, 0x0, 0x0, 0x78}, @call={0x85, 0x0, 0x0, 0x2f}, @btf_id, @initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xa}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x30}, @alu={0x4, 0x1, 0xb, 0x7, 0x0, 0x4, 0xfffffffffffffff0}, @func={0x85, 0x0, 0x1, 0x0, 0xfdfffff9}, @alu={0x4, 0x0, 0xa, 0x7, 0x7, 0x0, 0xfffffffffffffff0}, @ldst={0x2, 0x0, 0x1, 0x8, 0x7, 0xffffffffffffffe0, 0x4}, @jmp={0x5, 0x1, 0x9, 0x7, 0xa, 0xb0, 0xfffffffffffffff0}, @ldst={0x3, 0x0, 0x6, 0x8, 0x3, 0x2, 0xffffffffffffffff}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x401}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}]}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 48.561585028s ago: executing program 1 (id=25907): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1a, 0x36af, 0x6, 0x6, 0x20, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x3, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x34}, 0x10) 48.463742187s ago: executing program 6 (id=25890): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) close(r1) 48.250433127s ago: executing program 34 (id=25890): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) close(r1) 48.231533077s ago: executing program 1 (id=25921): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x1d}}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="5a6e41dea43e63a3f70cff11c72b", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 48.063245116s ago: executing program 1 (id=25913): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r0, 0x10f, 0x88, 0x0, 0x0) 46.546587311s ago: executing program 1 (id=25933): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000000c0)={'c', ' *:* ', 'rwm\x00'}, 0xa) 46.209160039s ago: executing program 35 (id=25933): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000000c0)={'c', ' *:* ', 'rwm\x00'}, 0xa) 5.579708721s ago: executing program 8 (id=26336): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 5.178640549s ago: executing program 8 (id=26347): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x3, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f00000000c0), &(0x7f0000000100)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000040)={r1, &(0x7f00000007c0), 0x20000000}, 0x20) 4.688877307s ago: executing program 7 (id=26350): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ba20702500000000002003007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\b\x00\x00', &(0x7f0000000300)=""/8, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 4.687756267s ago: executing program 8 (id=26352): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x5452, 0x2000140f) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x11, 0x38}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) 3.657868423s ago: executing program 8 (id=26369): bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x108009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/pid_for_children\x00') 3.657626203s ago: executing program 7 (id=26370): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000900000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 3.544490953s ago: executing program 7 (id=26372): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_service_bytes\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$inet(r1, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e1f, @broadcast}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@ip_retopts={{0x1f, 0x0, 0x7, {[@generic={0x89, 0xf, "04630b4d7d113b3f186e0a2ed2"}]}}}], 0x20, 0x5}, 0x2400c014) 1.903495017s ago: executing program 8 (id=26395): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_clone(0x8020000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000040)) 1.895491387s ago: executing program 7 (id=26396): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000b7080000000000007b8af8ff00000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r2, 0x0, 0xe, 0x0, &(0x7f0000000480)="1f6c00c2231bc4cb50017d870800", 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.234577005s ago: executing program 3 (id=26408): socket$kcm(0x2, 0x3, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x8, 0x6, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@initr0, @exit]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.088689704s ago: executing program 3 (id=26412): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.014846224s ago: executing program 7 (id=26414): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0xa, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x2e, &(0x7f0000000640)=r0, 0x4) recvmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0xffc2, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x40) 899.719114ms ago: executing program 5 (id=26416): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b4000000000000006111540000000000460000000000000095000000000000006d1985eafbe5e187"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0xffffff33, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20) 790.546643ms ago: executing program 4 (id=26418): close(0x3) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006b1109000000000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 710.007133ms ago: executing program 5 (id=26419): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000004c0), 0x1000, r1}, 0x38) 659.910342ms ago: executing program 3 (id=26420): bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x108009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/pid_for_children\x00') 659.682392ms ago: executing program 4 (id=26421): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{0x0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002f000b08d25a80648c7494f90424fc600b0002", 0x17}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="934300005a"], 0xfe33) 559.995532ms ago: executing program 3 (id=26422): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x13, 0x20, 0xbc, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xe, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x4d}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f00000003c0)=@raw=[@map_fd={0x18, 0x0, 0x1, 0x0, r0}, @exit], &(0x7f0000000480)='syzkaller\x00', 0x1, 0xe0, &(0x7f00000004c0)=""/224, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) 554.104292ms ago: executing program 4 (id=26423): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x11, &(0x7f0000000840)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x75}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r1}, 0x10) 419.923511ms ago: executing program 4 (id=26424): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdba, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0eab0700040005"], 0xfe33) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 413.457111ms ago: executing program 3 (id=26425): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB='-', @ANYRESOCT, @ANYRESDEC], 0x27) 383.360141ms ago: executing program 5 (id=26426): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB='b *:4\t`'], 0xa) 303.985241ms ago: executing program 8 (id=26427): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 286.490631ms ago: executing program 5 (id=26428): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x120, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 283.597111ms ago: executing program 3 (id=26429): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r0, &(0x7f00000024c0)={&(0x7f00000000c0)={0x2, 0x0, @private=0xa014101}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000100)="a7", 0x1}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0x7c, &(0x7f0000000000), 0xc) 163.89549ms ago: executing program 5 (id=26430): bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x2d, &(0x7f0000000300)=@raw=[@map_idx_val={0x18, 0x0, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x287}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @exit, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffff9}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 163.732941ms ago: executing program 7 (id=26431): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff90, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000240)='tlb_flush\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xf, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0xe}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 145.842551ms ago: executing program 4 (id=26432): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, 0x0, 0x80000004, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0f02000039000511d25a80648c63940d0224fc600b003540280009", 0x1b}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe00006a"], 0xfe33) 103.63732ms ago: executing program 5 (id=26433): bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x108009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/pid_for_children\x00') 0s ago: executing program 4 (id=26434): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x14869, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x6, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000faffffff0000000000004000850000002c0000001800000004000000000000000700000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x1400, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) kernel console output (not intermixed with test programs): ng attributes in process `syz.1.20147'. [ 1091.972071][T13353] device team0 entered promiscuous mode [ 1091.991652][T13353] device team_slave_1 entered promiscuous mode [ 1092.008474][T13353] device geneve1 entered promiscuous mode [ 1092.035741][T13353] 8021q: adding VLAN 0 to HW filter on device team0 [ 1092.361241][T13372] sock: sock_set_timeout: `syz.2.20159' (pid 13372) tries to set negative timeout [ 1092.524731][T13376] netlink: 16255 bytes leftover after parsing attributes in process `syz.0.20161'. [ 1093.015207][T13396] netlink: 16255 bytes leftover after parsing attributes in process `syz.0.20171'. [ 1093.150005][T13401] netlink: 'syz.3.20173': attribute type 22 has an invalid length. [ 1093.873098][T13432] netlink: 'syz.3.20188': attribute type 10 has an invalid length. [ 1093.901680][T13432] device team0 left promiscuous mode [ 1093.911563][T13432] device team_slave_1 left promiscuous mode [ 1093.955285][T13432] device geneve1 left promiscuous mode [ 1093.981314][T13434] netlink: 'syz.3.20188': attribute type 10 has an invalid length. [ 1094.021502][T13434] __nla_validate_parse: 2 callbacks suppressed [ 1094.021517][T13434] netlink: 2 bytes leftover after parsing attributes in process `syz.3.20188'. [ 1094.047075][T13434] device team0 entered promiscuous mode [ 1094.057068][T13434] device team_slave_1 entered promiscuous mode [ 1094.071030][T13434] device geneve1 entered promiscuous mode [ 1094.088564][T13434] 8021q: adding VLAN 0 to HW filter on device team0 [ 1094.104761][T13440] netlink: 16255 bytes leftover after parsing attributes in process `syz.4.20190'. [ 1094.241597][T13448] netlink: 'syz.3.20194': attribute type 29 has an invalid length. [ 1097.479827][T13579] validate_nla: 2 callbacks suppressed [ 1097.479846][T13579] netlink: 'syz.2.20257': attribute type 4 has an invalid length. [ 1097.508430][T13579] netlink: 152 bytes leftover after parsing attributes in process `syz.2.20257'. [ 1098.854868][T13645] netlink: 'syz.0.20288': attribute type 4 has an invalid length. [ 1098.862998][T13645] netlink: 152 bytes leftover after parsing attributes in process `syz.0.20288'. [ 1099.637242][T13691] netlink: 10 bytes leftover after parsing attributes in process `syz.4.20307'. [ 1099.793452][T13694] netlink: 'syz.3.20308': attribute type 3 has an invalid length. [ 1099.829024][T13694] netlink: 199824 bytes leftover after parsing attributes in process `syz.3.20308'. [ 1100.683964][T13723] netlink: 'syz.4.20322': attribute type 3 has an invalid length. [ 1100.699119][T13722] netlink: 'syz.3.20320': attribute type 4 has an invalid length. [ 1100.708486][T13723] netlink: 199824 bytes leftover after parsing attributes in process `syz.4.20322'. [ 1100.721597][T13722] netlink: 152 bytes leftover after parsing attributes in process `syz.3.20320'. [ 1101.659355][T13779] netlink: 'syz.0.20347': attribute type 1 has an invalid length. [ 1101.680254][T13779] netlink: 105120 bytes leftover after parsing attributes in process `syz.0.20347'. [ 1101.707625][T13781] netlink: 14560 bytes leftover after parsing attributes in process `syz.2.20350'. [ 1102.165454][T13809] netlink: 'syz.3.20364': attribute type 1 has an invalid length. [ 1102.189762][T13809] netlink: 105120 bytes leftover after parsing attributes in process `syz.3.20364'. [ 1103.026629][T13845] netlink: 'syz.2.20380': attribute type 1 has an invalid length. [ 1103.052486][T13845] netlink: 105120 bytes leftover after parsing attributes in process `syz.2.20380'. [ 1104.574839][T13914] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.20412'. [ 1106.762033][T14020] netlink: 763 bytes leftover after parsing attributes in process `syz.4.20458'. [ 1107.020305][T14030] netlink: 'syz.2.20462': attribute type 21 has an invalid length. [ 1107.102321][T14030] netlink: 'syz.2.20462': attribute type 6 has an invalid length. [ 1107.110335][T14030] netlink: 132 bytes leftover after parsing attributes in process `syz.2.20462'. [ 1107.810905][T14066] netlink: 'syz.4.20479': attribute type 10 has an invalid length. [ 1107.829152][T14066] netlink: 'syz.4.20479': attribute type 19 has an invalid length. [ 1107.849368][T14066] netlink: 156 bytes leftover after parsing attributes in process `syz.4.20479'. [ 1108.317217][T14084] netlink: 'syz.1.20486': attribute type 21 has an invalid length. [ 1108.336492][T14084] netlink: 'syz.1.20486': attribute type 6 has an invalid length. [ 1108.356708][T14084] netlink: 132 bytes leftover after parsing attributes in process `syz.1.20486'. [ 1110.215380][T14116] netlink: 763 bytes leftover after parsing attributes in process `syz.2.20501'. [ 1112.021028][T14156] netlink: 763 bytes leftover after parsing attributes in process `syz.1.20518'. [ 1114.043091][T14194] netlink: 'syz.1.20540': attribute type 7 has an invalid length. [ 1115.836197][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.842631][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 1124.739434][T14429] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.20650'. [ 1126.232737][T14473] netlink: 'syz.2.20666': attribute type 8 has an invalid length. [ 1126.253093][T14473] netlink: 'syz.2.20666': attribute type 1 has an invalid length. [ 1126.281052][T14473] netlink: 104088 bytes leftover after parsing attributes in process `syz.2.20666'. [ 1126.566666][T14483] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.20674'. [ 1127.274275][T14506] netlink: 'syz.0.20683': attribute type 8 has an invalid length. [ 1127.311448][T14506] netlink: 'syz.0.20683': attribute type 1 has an invalid length. [ 1127.337829][T14506] netlink: 104088 bytes leftover after parsing attributes in process `syz.0.20683'. [ 1127.732590][T14526] netlink: 'syz.2.20694': attribute type 29 has an invalid length. [ 1127.761786][T14526] netlink: 'syz.2.20694': attribute type 29 has an invalid length. [ 1127.793344][T14526] netlink: 'syz.2.20694': attribute type 29 has an invalid length. [ 1127.878082][T14532] netlink: 'syz.3.20697': attribute type 3 has an invalid length. [ 1127.923180][T14532] netlink: 'syz.3.20697': attribute type 1 has an invalid length. [ 1128.710573][T14564] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.20711'. [ 1129.322831][T14576] netlink: 'syz.2.20719': attribute type 11 has an invalid length. [ 1130.466767][T14593] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.20733'. [ 1131.479543][T14630] validate_nla: 5 callbacks suppressed [ 1131.479562][T14630] netlink: 'syz.0.20743': attribute type 29 has an invalid length. [ 1131.516735][T14630] netlink: 'syz.0.20743': attribute type 29 has an invalid length. [ 1131.534239][T14633] netlink: 'syz.0.20743': attribute type 29 has an invalid length. [ 1131.542926][T14632] netlink: 'syz.1.20744': attribute type 3 has an invalid length. [ 1131.573409][T14632] netlink: 'syz.1.20744': attribute type 1 has an invalid length. [ 1132.543257][T14663] netlink: 'syz.1.20767': attribute type 11 has an invalid length. [ 1132.627505][T14667] netlink: 'syz.3.20757': attribute type 29 has an invalid length. [ 1132.657915][T14667] netlink: 'syz.3.20757': attribute type 29 has an invalid length. [ 1132.693901][T14668] netlink: 'syz.3.20757': attribute type 29 has an invalid length. [ 1132.921834][T14672] netlink: 134268 bytes leftover after parsing attributes in process `syz.1.20760'. [ 1132.943469][T14674] netlink: 'syz.3.20761': attribute type 2 has an invalid length. [ 1132.975541][T14674] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.20761'. [ 1133.265712][T14683] netlink: 134268 bytes leftover after parsing attributes in process `syz.3.20776'. [ 1134.527591][T14716] netlink: 134268 bytes leftover after parsing attributes in process `syz.0.20780'. [ 1134.550882][T14718] netlink: 152 bytes leftover after parsing attributes in process `syz.2.20781'. [ 1136.837223][T14794] validate_nla: 1 callbacks suppressed [ 1136.837241][T14794] netlink: 'syz.2.20816': attribute type 5 has an invalid length. [ 1137.063791][T14803] netlink: 'syz.1.20820': attribute type 2 has an invalid length. [ 1137.073826][T14803] netlink: 16098 bytes leftover after parsing attributes in process `syz.1.20820'. [ 1141.127748][T14887] netlink: 'syz.1.20861': attribute type 3 has an invalid length. [ 1141.142645][T14887] netlink: 132 bytes leftover after parsing attributes in process `syz.1.20861'. [ 1143.171820][T14963] netlink: 134780 bytes leftover after parsing attributes in process `syz.3.20891'. [ 1143.220359][T14967] netlink: 1034 bytes leftover after parsing attributes in process `syz.3.20891'. [ 1143.885079][T15002] netlink: 134780 bytes leftover after parsing attributes in process `syz.0.20911'. [ 1143.927970][T15004] netlink: 28 bytes leftover after parsing attributes in process `syz.4.20912'. [ 1143.940134][T15005] netlink: 1034 bytes leftover after parsing attributes in process `syz.0.20911'. [ 1144.696344][T15043] netlink: 134780 bytes leftover after parsing attributes in process `syz.1.20929'. [ 1144.708682][T15043] netlink: 1034 bytes leftover after parsing attributes in process `syz.1.20929'. [ 1144.778093][T15045] netlink: 28 bytes leftover after parsing attributes in process `syz.0.20930'. [ 1145.392066][T15062] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.20939'. [ 1145.858099][T15073] netlink: 28 bytes leftover after parsing attributes in process `syz.2.20945'. [ 1147.035058][T15111] netlink: 'syz.0.20964': attribute type 29 has an invalid length. [ 1147.091738][T15111] netlink: 'syz.0.20964': attribute type 29 has an invalid length. [ 1147.111741][T15112] netlink: 'syz.0.20964': attribute type 29 has an invalid length. [ 1147.776882][T15145] netlink: 'syz.3.20980': attribute type 29 has an invalid length. [ 1147.795329][T15145] netlink: 'syz.3.20980': attribute type 29 has an invalid length. [ 1147.815120][T15145] netlink: 'syz.3.20980': attribute type 29 has an invalid length. [ 1148.142253][T15164] netlink: 'syz.0.20997': attribute type 25 has an invalid length. [ 1148.427896][T15179] netlink: 'syz.1.20993': attribute type 29 has an invalid length. [ 1148.443230][T15179] netlink: 'syz.1.20993': attribute type 29 has an invalid length. [ 1148.493040][T15183] netlink: 'syz.1.20993': attribute type 29 has an invalid length. [ 1148.593788][T15188] __nla_validate_parse: 3 callbacks suppressed [ 1148.593807][T15188] netlink: 10 bytes leftover after parsing attributes in process `syz.3.20998'. [ 1149.003884][T15200] netlink: 56 bytes leftover after parsing attributes in process `syz.0.21005'. [ 1149.051497][T15200] netlink: 56 bytes leftover after parsing attributes in process `syz.0.21005'. [ 1149.062106][T15202] sock: sock_set_timeout: `syz.1.21006' (pid 15202) tries to set negative timeout [ 1149.091797][T15204] netlink: 56 bytes leftover after parsing attributes in process `syz.0.21005'. [ 1149.839985][T15244] netlink: 2418 bytes leftover after parsing attributes in process `syz.2.21025'. [ 1150.197614][T15259] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.21031'. [ 1150.521291][T15272] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.21037'. [ 1150.634817][T15279] netlink: 10 bytes leftover after parsing attributes in process `syz.0.21041'. [ 1150.688463][T15281] netlink: 56 bytes leftover after parsing attributes in process `syz.3.21042'. [ 1150.721594][T15281] netlink: 56 bytes leftover after parsing attributes in process `syz.3.21042'. [ 1151.126475][T15308] sock: sock_set_timeout: `syz.2.21053' (pid 15308) tries to set negative timeout [ 1152.047194][T15350] validate_nla: 7 callbacks suppressed [ 1152.047213][T15350] netlink: 'syz.1.21086': attribute type 29 has an invalid length. [ 1152.061940][T15350] netlink: 'syz.1.21086': attribute type 29 has an invalid length. [ 1152.103789][T15350] netlink: 'syz.1.21086': attribute type 29 has an invalid length. [ 1152.278248][T15360] netlink: 'syz.1.21079': attribute type 17 has an invalid length. [ 1152.289506][T15360] netlink: 'syz.1.21079': attribute type 16 has an invalid length. [ 1152.397131][T15370] netlink: 'syz.0.21084': attribute type 3 has an invalid length. [ 1153.773261][T15424] netlink: 'syz.1.21109': attribute type 2 has an invalid length. [ 1153.969312][T15436] netlink: 'syz.3.21117': attribute type 21 has an invalid length. [ 1154.002433][T15436] netlink: 'syz.3.21117': attribute type 6 has an invalid length. [ 1154.010471][T15436] __nla_validate_parse: 8 callbacks suppressed [ 1154.010485][T15436] netlink: 132 bytes leftover after parsing attributes in process `syz.3.21117'. [ 1154.396657][T15457] netlink: 'syz.4.21126': attribute type 2 has an invalid length. [ 1154.653603][T15465] netlink: 132 bytes leftover after parsing attributes in process `syz.0.21141'. [ 1155.357871][T15496] ref_ctr_offset mismatch. inode: 0x535b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x7602 [ 1155.576362][T15503] netlink: 132 bytes leftover after parsing attributes in process `syz.4.21148'. [ 1155.966774][T15519] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.21158'. [ 1156.188918][T15533] ref_ctr_offset mismatch. inode: 0x534b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x7602 [ 1156.235848][T15539] netlink: 132 bytes leftover after parsing attributes in process `syz.2.21165'. [ 1157.004234][T15565] ref_ctr_offset mismatch. inode: 0x52a8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x7602 [ 1157.542329][T15589] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.21192'. [ 1159.023377][T15648] validate_nla: 7 callbacks suppressed [ 1159.023398][T15648] netlink: 'syz.2.21220': attribute type 12 has an invalid length. [ 1159.096201][T15648] netlink: 132 bytes leftover after parsing attributes in process `syz.2.21220'. [ 1161.717233][T15811] netlink: 'syz.1.21301': attribute type 21 has an invalid length. [ 1161.731053][T15811] netlink: 'syz.1.21301': attribute type 1 has an invalid length. [ 1164.263619][T15909] netlink: 2530 bytes leftover after parsing attributes in process `syz.3.21347'. [ 1164.321924][T15912] netlink: 'syz.2.21348': attribute type 21 has an invalid length. [ 1164.341579][T15912] netlink: 'syz.2.21348': attribute type 1 has an invalid length. [ 1164.368929][T15916] netlink: 144 bytes leftover after parsing attributes in process `syz.3.21351'. [ 1164.908748][T15944] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 1165.014236][T15951] netlink: 144 bytes leftover after parsing attributes in process `syz.0.21365'. [ 1165.402485][T15973] netlink: 2530 bytes leftover after parsing attributes in process `syz.4.21378'. [ 1165.491193][T15976] netlink: 144 bytes leftover after parsing attributes in process `syz.2.21381'. [ 1165.605800][T15983] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 1165.884300][T16001] netlink: 2530 bytes leftover after parsing attributes in process `syz.0.21393'. [ 1166.039251][T16009] netlink: 144 bytes leftover after parsing attributes in process `syz.1.21396'. [ 1166.144698][T16018] netlink: 14560 bytes leftover after parsing attributes in process `syz.0.21401'. [ 1166.403213][T16032] netlink: 'syz.2.21408': attribute type 29 has an invalid length. [ 1166.426508][T16032] netlink: 'syz.2.21408': attribute type 29 has an invalid length. [ 1166.438369][T16032] netlink: 'syz.2.21408': attribute type 29 has an invalid length. [ 1166.530594][T16042] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 1167.059567][T16070] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 1168.454447][T16139] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.21459'. [ 1169.110067][T16176] netlink: 'syz.0.21477': attribute type 29 has an invalid length. [ 1169.141721][T16176] netlink: 'syz.0.21477': attribute type 29 has an invalid length. [ 1169.161603][T16176] netlink: 'syz.0.21477': attribute type 29 has an invalid length. [ 1169.838526][T16211] netlink: 'syz.3.21495': attribute type 10 has an invalid length. [ 1169.862714][T16211] netlink: 'syz.3.21495': attribute type 10 has an invalid length. [ 1169.882101][T16217] netlink: 'syz.3.21495': attribute type 10 has an invalid length. [ 1169.977031][T16219] netlink: 'syz.0.21498': attribute type 3 has an invalid length. [ 1169.992170][T16219] netlink: 'syz.0.21498': attribute type 1 has an invalid length. [ 1170.000037][T16219] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.21498'. [ 1170.228054][T16235] netlink: 'syz.1.21505': attribute type 13 has an invalid length. [ 1170.240525][T16235] netlink: 152 bytes leftover after parsing attributes in process `syz.1.21505'. [ 1170.252188][T16235] erspan0: refused to change device tx_queue_len [ 1170.259070][T16235] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 1170.487594][T16247] netlink: 'syz.1.21512': attribute type 10 has an invalid length. [ 1170.506224][T16247] netlink: 'syz.1.21512': attribute type 10 has an invalid length. [ 1170.525912][T16247] netlink: 'syz.1.21512': attribute type 10 has an invalid length. [ 1170.709376][T16256] netlink: 'syz.2.21515': attribute type 3 has an invalid length. [ 1170.722524][T16256] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.21515'. [ 1171.218232][T16288] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.21531'. [ 1172.205218][T16325] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.21546'. [ 1172.972684][T16355] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.21562'. [ 1173.680967][T16393] netlink: 16098 bytes leftover after parsing attributes in process `syz.4.21583'. [ 1175.394289][T16435] netlink: 14546 bytes leftover after parsing attributes in process `syz.3.21603'. [ 1175.753747][T16458] netlink: 60 bytes leftover after parsing attributes in process `syz.2.21613'. [ 1175.791426][T16458] netlink: 60 bytes leftover after parsing attributes in process `syz.2.21613'. [ 1175.831176][T16461] netlink: 60 bytes leftover after parsing attributes in process `syz.2.21613'. [ 1175.941279][T16467] validate_nla: 13 callbacks suppressed [ 1175.941300][T16467] netlink: 'syz.0.21617': attribute type 29 has an invalid length. [ 1175.977882][T16467] netlink: 'syz.0.21617': attribute type 29 has an invalid length. [ 1175.999697][T16469] netlink: 'syz.0.21617': attribute type 29 has an invalid length. [ 1176.021532][T16470] netlink: 14546 bytes leftover after parsing attributes in process `syz.2.21619'. [ 1176.272980][T16485] netlink: 'syz.0.21626': attribute type 10 has an invalid length. [ 1176.526982][T16501] netlink: 'syz.3.21634': attribute type 29 has an invalid length. [ 1176.545571][T16501] netlink: 'syz.3.21634': attribute type 29 has an invalid length. [ 1176.562797][T16505] netlink: 60 bytes leftover after parsing attributes in process `syz.1.21632'. [ 1176.575351][T16501] netlink: 'syz.3.21634': attribute type 29 has an invalid length. [ 1176.591893][T16505] netlink: 60 bytes leftover after parsing attributes in process `syz.1.21632'. [ 1176.603838][T16505] netlink: 60 bytes leftover after parsing attributes in process `syz.1.21632'. [ 1177.176975][T16538] netlink: 'syz.2.21650': attribute type 29 has an invalid length. [ 1177.191725][T16538] netlink: 'syz.2.21650': attribute type 29 has an invalid length. [ 1177.227072][T16538] netlink: 'syz.2.21650': attribute type 29 has an invalid length. [ 1177.274270][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.280618][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 1179.896112][T16671] netlink: 176 bytes leftover after parsing attributes in process `syz.3.21711'. [ 1181.731741][T16739] validate_nla: 2 callbacks suppressed [ 1181.731759][T16739] netlink: 'syz.4.21744': attribute type 21 has an invalid length. [ 1181.771617][T16739] netlink: 176 bytes leftover after parsing attributes in process `syz.4.21744'. [ 1182.492206][T16774] netlink: 'syz.0.21761': attribute type 21 has an invalid length. [ 1182.531506][T16774] netlink: 176 bytes leftover after parsing attributes in process `syz.0.21761'. [ 1185.234874][T16893] netlink: 67 bytes leftover after parsing attributes in process `syz.4.21829'. [ 1185.274934][T16893] IPv6: NLM_F_CREATE should be specified when creating new route [ 1185.284242][T16893] IPv6: Can't replace route, no match found [ 1186.060797][T16935] netlink: 67 bytes leftover after parsing attributes in process `syz.0.21837'. [ 1186.111203][T16935] IPv6: NLM_F_CREATE should be specified when creating new route [ 1186.155114][T16935] IPv6: Can't replace route, no match found [ 1186.612070][T16958] netlink: 'syz.4.21850': attribute type 21 has an invalid length. [ 1186.767039][T16966] netlink: 67 bytes leftover after parsing attributes in process `syz.3.21854'. [ 1186.788039][T16966] IPv6: NLM_F_CREATE should be specified when creating new route [ 1186.807584][T16966] IPv6: Can't replace route, no match found [ 1187.036768][T27313] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1187.150309][T27313] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1187.248489][T27313] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1187.422807][T27313] device netdevsim0 left promiscuous mode [ 1187.429474][T27313] bridge0: port 5(netdevsim0) entered disabled state [ 1187.482597][T27313] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1187.816856][T16999] netlink: 67 bytes leftover after parsing attributes in process `syz.1.21872'. [ 1187.853367][T16999] IPv6: NLM_F_CREATE should be specified when creating new route [ 1187.861261][T16999] IPv6: Can't replace route, no match found [ 1187.996276][ T4257] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1188.005723][ T4257] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1188.013575][ T4257] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1188.021784][ T4257] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1188.029607][ T4257] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1188.037904][ T4257] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1188.085236][T27313] device 0 left promiscuous mode [ 1188.832523][T17000] chnl_net:caif_netlink_parms(): no params data found [ 1188.906028][T17033] netlink: 'syz.4.21884': attribute type 3 has an invalid length. [ 1188.917978][T17031] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1188.930763][T17035] netlink: 'syz.2.21885': attribute type 9 has an invalid length. [ 1188.938972][T17033] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.21884'. [ 1188.949762][T17035] netlink: 134780 bytes leftover after parsing attributes in process `syz.2.21885'. [ 1188.959394][T17031] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 1189.113287][T17000] bridge0: port 1(bridge_slave_0) entered blocking state [ 1189.132905][T17000] bridge0: port 1(bridge_slave_0) entered disabled state [ 1189.142023][T17000] device bridge_slave_0 entered promiscuous mode [ 1189.176712][T17000] bridge0: port 2(bridge_slave_1) entered blocking state [ 1189.187259][T17000] bridge0: port 2(bridge_slave_1) entered disabled state [ 1189.207525][T17000] device bridge_slave_1 entered promiscuous mode [ 1189.262828][T17000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1189.277937][T17000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1189.355076][T17000] team0: Port device team_slave_0 added [ 1189.375965][T17000] team0: Port device team_slave_1 added [ 1189.447304][T17000] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1189.464678][T17000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1189.489565][T17057] netlink: 'syz.1.21903': attribute type 9 has an invalid length. [ 1189.498630][T17000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1189.522979][T17000] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1189.530380][T17000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1189.541476][T17057] netlink: 134780 bytes leftover after parsing attributes in process `syz.1.21903'. [ 1189.560032][T17000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1189.635031][T17000] device hsr_slave_0 entered promiscuous mode [ 1189.647218][T17000] device hsr_slave_1 entered promiscuous mode [ 1190.072140][T17003] Bluetooth: hci2: command 0x0409 tx timeout [ 1190.159468][T27313] bridge0: port 3(bond0) entered disabled state [ 1190.195094][T27313] device dummy0 left promiscuous mode [ 1190.201787][T27313] bridge0: port 4(dummy0) entered disabled state [ 1190.242832][T27313] device bridge_slave_1 left promiscuous mode [ 1190.250566][T27313] bridge0: port 2(bridge_slave_1) entered disabled state [ 1190.269875][T27313] bridge0: port 1(bridge_slave_0) entered disabled state [ 1190.368452][T17086] netlink: 'syz.3.21907': attribute type 9 has an invalid length. [ 1190.408842][T17086] netlink: 134780 bytes leftover after parsing attributes in process `syz.3.21907'. [ 1190.538292][T27313] device geneve1 left promiscuous mode [ 1190.554716][T27313] team0 (unregistering): Port device geneve1 removed [ 1190.616404][T17098] netlink: 'syz.2.21914': attribute type 3 has an invalid length. [ 1190.624640][T17098] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.21914'. [ 1190.751073][T27313] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface [ 1190.761268][T27313] device batadv_slave_0 left promiscuous mode [ 1190.803092][T27313] device team_slave_1 left promiscuous mode [ 1190.809850][T27313] team0 (unregistering): Port device team_slave_1 removed [ 1190.846228][T27313] device team_slave_0 left promiscuous mode [ 1190.854370][T27313] team0 (unregistering): Port device team_slave_0 removed [ 1190.893050][T27313] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1190.903352][T27313] device bond_slave_1 left promiscuous mode [ 1191.139673][T27313] device bridge0 left promiscuous mode [ 1191.147584][T27313] team0 (unregistering): Port device bridge0 removed [ 1191.267155][T27313] bond0 (unregistering): Released all slaves [ 1191.342274][T17090] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1191.353376][T17090] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 1191.459406][T17000] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1191.469462][T17000] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1191.480242][T17000] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1191.497171][T17000] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1191.565352][T17000] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1191.581548][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1191.590124][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1191.603485][T17000] 8021q: adding VLAN 0 to HW filter on device team0 [ 1191.614871][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1191.623917][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1191.633312][T27324] bridge0: port 1(bridge_slave_0) entered blocking state [ 1191.641118][T27324] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1191.649192][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1191.666149][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1191.677549][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1191.687148][T27297] bridge0: port 2(bridge_slave_1) entered blocking state [ 1191.694264][T27297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1191.703062][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1191.712060][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1191.731558][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1191.745865][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1191.755724][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1191.764710][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1191.774068][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1191.782621][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1191.794550][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1191.802692][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1191.811022][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1191.821794][T17000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1191.958518][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1191.967387][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1191.979938][T17000] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1192.151697][T17003] Bluetooth: hci2: command 0x041b tx timeout [ 1192.169554][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1192.178895][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1192.199994][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1192.209468][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1192.219128][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1192.228316][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1192.239085][T17000] device veth0_vlan entered promiscuous mode [ 1192.250499][T17000] device veth1_vlan entered promiscuous mode [ 1192.271287][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1192.279911][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1192.288154][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1192.297294][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1192.308447][T17000] device veth0_macvtap entered promiscuous mode [ 1192.319373][T17000] device veth1_macvtap entered promiscuous mode [ 1192.336244][T17000] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1192.344155][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1192.354615][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1192.363273][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1192.375813][T17000] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1192.385516][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1192.394598][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1192.406765][T17000] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1192.416321][T17000] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1192.425352][T17000] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1192.434278][T17000] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1192.493835][T27324] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1192.510164][T27324] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1192.520374][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1192.532567][T27324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1192.540574][T27324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1192.550136][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1192.848109][T17127] netlink: 'syz.3.21929': attribute type 11 has an invalid length. [ 1192.866867][T17127] netlink: 140 bytes leftover after parsing attributes in process `syz.3.21929'. [ 1193.564265][T17162] netlink: 129384 bytes leftover after parsing attributes in process `syz.2.21939'. [ 1193.639020][T17168] netlink: 14593 bytes leftover after parsing attributes in process `syz.5.21942'. [ 1193.942754][T17182] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.21949'. [ 1194.232227][T17003] Bluetooth: hci2: command 0x040f tx timeout [ 1194.324034][T17210] netlink: 14593 bytes leftover after parsing attributes in process `syz.1.21964'. [ 1194.917957][T17243] netlink: 'syz.3.21979': attribute type 2 has an invalid length. [ 1194.931514][T17243] netlink: 199848 bytes leftover after parsing attributes in process `syz.3.21979'. [ 1195.116371][T17254] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.21985'. [ 1195.707718][T17287] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.21999'. [ 1196.121004][T17310] netlink: 'syz.1.22021': attribute type 2 has an invalid length. [ 1196.138505][T17310] netlink: 199848 bytes leftover after parsing attributes in process `syz.1.22021'. [ 1196.282867][T17316] netlink: 'syz.2.22012': attribute type 3 has an invalid length. [ 1196.311452][T17003] Bluetooth: hci2: command 0x0419 tx timeout [ 1196.333116][T17316] netlink: 13435 bytes leftover after parsing attributes in process `syz.2.22012'. [ 1198.165504][T17390] netlink: 'syz.3.22049': attribute type 3 has an invalid length. [ 1198.191545][T17390] netlink: 13435 bytes leftover after parsing attributes in process `syz.3.22049'. [ 1200.393548][T17498] syz.5.22102 (17498) used obsolete PPPIOCDETACH ioctl [ 1202.068476][T17556] netlink: 'syz.5.22128': attribute type 21 has an invalid length. [ 1204.325630][T17653] netlink: 'syz.3.22177': attribute type 21 has an invalid length. [ 1204.597748][T17665] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.22184'. [ 1205.155781][T17702] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.22199'. [ 1206.564729][T17744] netlink: 60 bytes leftover after parsing attributes in process `syz.3.22226'. [ 1206.594119][T17749] netlink: 'syz.1.22225': attribute type 21 has an invalid length. [ 1207.918950][T17810] netlink: 60 bytes leftover after parsing attributes in process `syz.1.22253'. [ 1208.052211][T17817] netlink: 'syz.4.22256': attribute type 21 has an invalid length. [ 1208.712296][T17849] netlink: 60 bytes leftover after parsing attributes in process `syz.2.22272'. [ 1213.415264][T18030] netlink: 'syz.1.22358': attribute type 3 has an invalid length. [ 1213.719472][T18046] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.22367'. [ 1213.943353][T18056] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.22373'. [ 1214.199641][T18071] netlink: 14601 bytes leftover after parsing attributes in process `syz.5.22380'. [ 1214.723290][T18098] netlink: 'syz.2.22393': attribute type 29 has an invalid length. [ 1214.743077][T18098] netlink: 'syz.2.22393': attribute type 29 has an invalid length. [ 1214.764716][T18098] netlink: 'syz.2.22393': attribute type 29 has an invalid length. [ 1214.787612][T18102] netlink: 'syz.4.22396': attribute type 3 has an invalid length. [ 1215.304507][T18122] netlink: 202920 bytes leftover after parsing attributes in process `syz.5.22404'. [ 1216.017921][T18154] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.22420'. [ 1216.055068][T18158] netlink: 'syz.5.22431': attribute type 29 has an invalid length. [ 1216.065750][T18158] netlink: 'syz.5.22431': attribute type 29 has an invalid length. [ 1216.094277][T18158] netlink: 'syz.5.22431': attribute type 29 has an invalid length. [ 1217.140953][T18196] netlink: 65051 bytes leftover after parsing attributes in process `syz.3.22440'. [ 1218.483019][T18234] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.22470'. [ 1218.492831][T18236] netlink: 65051 bytes leftover after parsing attributes in process `syz.5.22459'. [ 1219.045807][T18263] netlink: 65051 bytes leftover after parsing attributes in process `syz.4.22473'. [ 1219.724209][T18302] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.22493'. [ 1220.442624][T18332] netlink: 'syz.4.22506': attribute type 29 has an invalid length. [ 1220.454310][T18332] netlink: 'syz.4.22506': attribute type 29 has an invalid length. [ 1220.468031][T18332] netlink: 'syz.4.22506': attribute type 29 has an invalid length. [ 1220.599498][T18343] netlink: 'syz.4.22513': attribute type 27 has an invalid length. [ 1220.608210][T18343] netlink: 2418 bytes leftover after parsing attributes in process `syz.4.22513'. [ 1223.561221][T18464] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.22570'. [ 1223.941561][T18482] netlink: 'syz.4.22580': attribute type 29 has an invalid length. [ 1223.960403][T18482] netlink: 'syz.4.22580': attribute type 29 has an invalid length. [ 1223.982610][T18482] netlink: 'syz.4.22580': attribute type 29 has an invalid length. [ 1224.959017][T18530] netlink: 'syz.3.22611': attribute type 29 has an invalid length. [ 1224.982629][T18530] netlink: 'syz.3.22611': attribute type 29 has an invalid length. [ 1224.995249][T18530] netlink: 'syz.3.22611': attribute type 29 has an invalid length. [ 1225.395934][T18556] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.22615'. [ 1225.515634][T18564] netlink: 'syz.2.22618': attribute type 29 has an invalid length. [ 1225.524523][T18564] netlink: 'syz.2.22618': attribute type 29 has an invalid length. [ 1225.535599][T18564] netlink: 'syz.2.22618': attribute type 29 has an invalid length. [ 1225.985871][T18588] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.22630'. [ 1226.070856][T18592] netlink: 'syz.5.22632': attribute type 29 has an invalid length. [ 1226.080256][T18592] netlink: 'syz.5.22632': attribute type 29 has an invalid length. [ 1226.103168][T18592] netlink: 'syz.5.22632': attribute type 29 has an invalid length. [ 1228.383791][T18685] netlink: 6401 bytes leftover after parsing attributes in process `syz.3.22679'. [ 1228.536296][T18696] netlink: 'syz.2.22685': attribute type 3 has an invalid length. [ 1228.546199][T18696] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.22685'. [ 1229.664478][T18716] netlink: 'syz.4.22691': attribute type 1 has an invalid length. [ 1229.970439][T18738] netlink: 'syz.3.22704': attribute type 21 has an invalid length. [ 1230.174527][T18748] netlink: 'syz.5.22709': attribute type 1 has an invalid length. [ 1230.442901][T18762] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.22715'. [ 1230.645760][T18769] validate_nla: 1 callbacks suppressed [ 1230.645780][T18769] netlink: 'syz.5.22729': attribute type 3 has an invalid length. [ 1230.670442][T18769] netlink: 105116 bytes leftover after parsing attributes in process `syz.5.22729'. [ 1230.754013][T18778] netlink: 'syz.3.22723': attribute type 1 has an invalid length. [ 1231.265805][T18810] netlink: 'syz.4.22737': attribute type 3 has an invalid length. [ 1231.276550][T18811] netlink: 'syz.2.22739': attribute type 29 has an invalid length. [ 1231.286082][T18810] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.22737'. [ 1231.298402][T18811] netlink: 'syz.2.22739': attribute type 29 has an invalid length. [ 1231.315034][T18811] netlink: 'syz.2.22739': attribute type 29 has an invalid length. [ 1231.509186][T18822] netlink: 'syz.4.22743': attribute type 21 has an invalid length. [ 1231.676554][T18829] netlink: 132 bytes leftover after parsing attributes in process `syz.2.22747'. [ 1233.277724][T18903] netlink: 132 bytes leftover after parsing attributes in process `syz.3.22783'. [ 1233.966871][T18930] netlink: 132 bytes leftover after parsing attributes in process `syz.1.22797'. [ 1233.998098][T18932] netlink: 'syz.3.22798': attribute type 21 has an invalid length. [ 1234.010463][T18932] netlink: 'syz.3.22798': attribute type 1 has an invalid length. [ 1234.162699][T18939] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.22810'. [ 1234.187181][T18935] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.22810'. [ 1234.861620][T18963] netlink: 'syz.2.22813': attribute type 3 has an invalid length. [ 1234.889891][T18963] netlink: 1034 bytes leftover after parsing attributes in process `syz.2.22813'. [ 1235.346493][T18991] netlink: 3 bytes leftover after parsing attributes in process `syz.1.22825'. [ 1235.469368][T18995] netlink: 1034 bytes leftover after parsing attributes in process `syz.3.22828'. [ 1236.416217][T19037] validate_nla: 3 callbacks suppressed [ 1236.416234][T19037] netlink: 'syz.5.22842': attribute type 3 has an invalid length. [ 1236.440514][T19034] netlink: 'syz.1.22844': attribute type 1 has an invalid length. [ 1236.452637][T19037] netlink: 1034 bytes leftover after parsing attributes in process `syz.5.22842'. [ 1236.474845][T19034] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.22844'. [ 1236.675087][T19051] netlink: 192 bytes leftover after parsing attributes in process `syz.2.22854'. [ 1237.974747][T19088] netlink: 192 bytes leftover after parsing attributes in process `syz.4.22872'. [ 1238.122901][T19097] netlink: 192 bytes leftover after parsing attributes in process `syz.3.22887'. [ 1238.714150][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.720512][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 1240.750207][T19243] netlink: 'syz.5.22959': attribute type 1 has an invalid length. [ 1240.759285][T19243] netlink: 5 bytes leftover after parsing attributes in process `syz.5.22959'. [ 1241.285909][T19271] netlink: 10 bytes leftover after parsing attributes in process `syz.1.22963'. [ 1241.527661][T19282] netlink: 'syz.1.22968': attribute type 1 has an invalid length. [ 1241.571399][T19282] netlink: 5 bytes leftover after parsing attributes in process `syz.1.22968'. [ 1242.236958][T19320] netlink: 'syz.2.22987': attribute type 1 has an invalid length. [ 1242.265465][T19320] netlink: 5 bytes leftover after parsing attributes in process `syz.2.22987'. [ 1245.324331][T19447] netlink: 'syz.1.23045': attribute type 11 has an invalid length. [ 1245.351110][T19447] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.23045'. [ 1245.411707][T19446] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1245.652031][T19462] netlink: 'syz.5.23051': attribute type 29 has an invalid length. [ 1245.681220][T19462] netlink: 'syz.5.23051': attribute type 29 has an invalid length. [ 1245.706634][T19467] netlink: 'syz.5.23051': attribute type 29 has an invalid length. [ 1246.413287][T19493] netlink: 'syz.3.23067': attribute type 1 has an invalid length. [ 1246.428935][T19493] netlink: 'syz.3.23067': attribute type 1 has an invalid length. [ 1246.437370][T19493] netlink: 116376 bytes leftover after parsing attributes in process `syz.3.23067'. [ 1246.443704][T19496] netlink: 'syz.1.23069': attribute type 29 has an invalid length. [ 1246.473708][T19496] netlink: 'syz.1.23069': attribute type 29 has an invalid length. [ 1246.498102][T19496] netlink: 'syz.1.23069': attribute type 29 has an invalid length. [ 1246.913154][T19519] netlink: 763 bytes leftover after parsing attributes in process `syz.3.23081'. [ 1247.041800][T19525] netlink: 'syz.4.23084': attribute type 29 has an invalid length. [ 1247.061707][T19525] netlink: 'syz.4.23084': attribute type 29 has an invalid length. [ 1247.079997][T19525] netlink: 'syz.4.23084': attribute type 29 has an invalid length. [ 1247.406620][T19539] netlink: 'syz.2.23091': attribute type 3 has an invalid length. [ 1247.459663][T19542] netlink: 'syz.3.23092': attribute type 11 has an invalid length. [ 1247.501506][T19542] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.23092'. [ 1247.541442][T19540] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1247.590781][T19548] netlink: 763 bytes leftover after parsing attributes in process `syz.4.23096'. [ 1249.654273][T19630] netlink: 'syz.1.23133': attribute type 3 has an invalid length. [ 1250.474162][T19669] IPv6: Can't replace route, no match found [ 1250.843490][T19687] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.23163'. [ 1250.879222][T19687] netlink: zone id is out of range [ 1250.900329][T19687] netlink: zone id is out of range [ 1250.935148][T19687] netlink: del zone limit has 4 unknown bytes [ 1251.543049][T19726] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.23181'. [ 1251.553870][T19726] netlink: zone id is out of range [ 1251.559958][T19726] netlink: zone id is out of range [ 1251.581629][T19726] netlink: del zone limit has 4 unknown bytes [ 1252.505227][T19767] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.23200'. [ 1252.530133][T19767] netlink: zone id is out of range [ 1252.545379][T19767] netlink: zone id is out of range [ 1252.592954][T19767] netlink: del zone limit has 4 unknown bytes [ 1252.893914][T19773] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.23203'. [ 1253.853797][T19823] netlink: 'syz.4.23225': attribute type 2 has an invalid length. [ 1253.882351][T19823] netlink: 'syz.4.23225': attribute type 1 has an invalid length. [ 1254.243884][T19839] netlink: 16255 bytes leftover after parsing attributes in process `syz.4.23235'. [ 1254.480557][T19849] netlink: 'syz.5.23240': attribute type 2 has an invalid length. [ 1254.513504][T19849] netlink: 'syz.5.23240': attribute type 1 has an invalid length. [ 1255.373272][T19890] netlink: 'syz.3.23254': attribute type 2 has an invalid length. [ 1255.412733][T19890] netlink: 'syz.3.23254': attribute type 1 has an invalid length. [ 1256.474846][T19939] netlink: 168 bytes leftover after parsing attributes in process `syz.4.23282'. [ 1256.670770][T19947] netlink: 'syz.4.23286': attribute type 17 has an invalid length. [ 1256.721398][T19947] netlink: 152 bytes leftover after parsing attributes in process `syz.4.23286'. [ 1256.771390][T19947] A link change request failed with some changes committed already. Interface Q±6ã×\b‹¡Y­4 may have been left with an inconsistent configuration, please check. [ 1258.195330][T19971] netlink: 168 bytes leftover after parsing attributes in process `syz.2.23297'. [ 1259.345702][T20005] netlink: 168 bytes leftover after parsing attributes in process `syz.3.23313'. [ 1259.501677][T20013] netlink: 'syz.3.23317': attribute type 17 has an invalid length. [ 1259.509731][T20013] netlink: 152 bytes leftover after parsing attributes in process `syz.3.23317'. [ 1259.751965][T20025] netlink: 'syz.5.23333': attribute type 17 has an invalid length. [ 1259.786825][T20025] netlink: 152 bytes leftover after parsing attributes in process `syz.5.23333'. [ 1259.822346][T20025] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1261.012988][T20049] netlink: 132 bytes leftover after parsing attributes in process `syz.4.23331'. [ 1261.270325][T20062] netlink: 'syz.2.23338': attribute type 17 has an invalid length. [ 1261.301436][T20062] netlink: 152 bytes leftover after parsing attributes in process `syz.2.23338'. [ 1261.310719][T20062] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1267.094628][T20222] netlink: 'syz.1.23408': attribute type 3 has an invalid length. [ 1267.114571][T20222] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.23408'. [ 1268.013500][T20247] netlink: 'syz.3.23421': attribute type 3 has an invalid length. [ 1268.032691][T20247] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.23421'. [ 1269.606548][T20286] netlink: 'syz.4.23437': attribute type 3 has an invalid length. [ 1269.691975][T20286] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.23437'. [ 1271.855418][T20334] netlink: 'syz.2.23457': attribute type 3 has an invalid length. [ 1271.881817][T20334] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.23457'. [ 1272.035836][T20340] netlink: 65043 bytes leftover after parsing attributes in process `syz.3.23464'. [ 1272.690819][T20355] netlink: 'syz.1.23472': attribute type 4 has an invalid length. [ 1272.712416][T20355] netlink: 'syz.1.23472': attribute type 1 has an invalid length. [ 1272.730472][T20355] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.23472'. [ 1275.509868][T20450] netlink: 'syz.5.23519': attribute type 4 has an invalid length. [ 1275.543301][T20450] netlink: 'syz.5.23519': attribute type 1 has an invalid length. [ 1275.551590][T20450] netlink: 181400 bytes leftover after parsing attributes in process `syz.5.23519'. [ 1275.936841][T20461] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.23523'. [ 1276.475101][T20484] netlink: 'syz.4.23532': attribute type 4 has an invalid length. [ 1276.495966][T20484] netlink: 'syz.4.23532': attribute type 1 has an invalid length. [ 1276.521439][T20484] netlink: 181400 bytes leftover after parsing attributes in process `syz.4.23532'. [ 1276.660248][T20489] netlink: 16410 bytes leftover after parsing attributes in process `syz.1.23538'. [ 1276.850199][T20502] netlink: 16410 bytes leftover after parsing attributes in process `syz.5.23555'. [ 1278.029594][T20542] netlink: 'syz.1.23564': attribute type 33 has an invalid length. [ 1278.043137][T20542] netlink: 164 bytes leftover after parsing attributes in process `syz.1.23564'. [ 1278.221168][T20550] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.23568'. [ 1279.467036][T20581] netlink: 'syz.5.23582': attribute type 29 has an invalid length. [ 1279.517070][T20581] netlink: 'syz.5.23582': attribute type 29 has an invalid length. [ 1280.316322][T20630] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.23606'. [ 1280.693078][T20654] netlink: 'syz.2.23617': attribute type 33 has an invalid length. [ 1280.711400][T20654] netlink: 164 bytes leftover after parsing attributes in process `syz.2.23617'. [ 1281.014489][T20667] netlink: 202920 bytes leftover after parsing attributes in process `syz.5.23622'. [ 1281.134846][T20671] netlink: 'syz.3.23637': attribute type 29 has an invalid length. [ 1281.154111][T20671] netlink: 'syz.3.23637': attribute type 29 has an invalid length. [ 1281.633866][T20695] netlink: 'syz.4.23633': attribute type 33 has an invalid length. [ 1281.643471][T20695] netlink: 164 bytes leftover after parsing attributes in process `syz.4.23633'. [ 1282.686130][T20751] netlink: 'syz.5.23666': attribute type 1 has an invalid length. [ 1282.712986][T20751] netlink: 5 bytes leftover after parsing attributes in process `syz.5.23666'. [ 1282.907815][T20760] netlink: 'syz.4.23668': attribute type 1 has an invalid length. [ 1283.105659][T20773] netlink: 'syz.2.23677': attribute type 29 has an invalid length. [ 1283.129170][T20773] netlink: 'syz.2.23677': attribute type 29 has an invalid length. [ 1283.756823][T20798] netlink: 'syz.3.23685': attribute type 1 has an invalid length. [ 1283.775036][T20798] netlink: 5 bytes leftover after parsing attributes in process `syz.3.23685'. [ 1283.945916][T20803] netlink: 161700 bytes leftover after parsing attributes in process `syz.5.23689'. [ 1283.981405][T20803] openvswitch: netlink: Message has 41214 unknown bytes. [ 1284.744370][T20840] netlink: 'syz.1.23718': attribute type 1 has an invalid length. [ 1285.122908][T20856] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.23726'. [ 1285.142799][T20856] tc_dump_action: action bad kind [ 1285.323508][T20866] syz.5.23720[20866] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1285.365851][T20868] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.23721'. [ 1285.471537][T20868] openvswitch: netlink: Message has 41214 unknown bytes. [ 1285.919940][T20895] syz.2.23733[20895] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1286.137811][T20907] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.23739'. [ 1286.199095][T20907] openvswitch: netlink: Message has 41214 unknown bytes. [ 1287.504302][T20976] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.23774'. [ 1287.538283][T20976] tc_dump_action: action bad kind [ 1288.944861][T21043] netlink: 1042 bytes leftover after parsing attributes in process `syz.4.23807'. [ 1289.196114][T21057] netlink: 'syz.5.23814': attribute type 33 has an invalid length. [ 1289.252494][T21057] netlink: 152 bytes leftover after parsing attributes in process `syz.5.23814'. [ 1291.046645][T21127] netlink: 'syz.4.23846': attribute type 6 has an invalid length. [ 1291.512921][T21143] netlink: 'syz.2.23852': attribute type 33 has an invalid length. [ 1291.561403][T21143] netlink: 152 bytes leftover after parsing attributes in process `syz.2.23852'. [ 1291.646562][T21150] netlink: 1042 bytes leftover after parsing attributes in process `syz.1.23858'. [ 1292.638833][T21187] netlink: 'syz.3.23875': attribute type 33 has an invalid length. [ 1292.675236][T21187] netlink: 152 bytes leftover after parsing attributes in process `syz.3.23875'. [ 1294.936462][T21285] netlink: 'syz.1.23919': attribute type 29 has an invalid length. [ 1294.961722][T21285] netlink: 'syz.1.23919': attribute type 29 has an invalid length. [ 1294.973040][T21285] netlink: 'syz.1.23919': attribute type 29 has an invalid length. [ 1296.784828][T21363] netlink: 'syz.5.23967': attribute type 29 has an invalid length. [ 1296.803751][T21363] netlink: 'syz.5.23967': attribute type 29 has an invalid length. [ 1296.824824][T21363] netlink: 'syz.5.23967': attribute type 29 has an invalid length. [ 1298.469111][T21435] netlink: 'syz.2.23990': attribute type 29 has an invalid length. [ 1298.484619][T21435] netlink: 'syz.2.23990': attribute type 29 has an invalid length. [ 1298.515811][T21435] netlink: 'syz.2.23990': attribute type 29 has an invalid length. [ 1298.837600][T21447] netlink: 'syz.4.23997': attribute type 3 has an invalid length. [ 1298.855838][T21447] netlink: 197344 bytes leftover after parsing attributes in process `syz.4.23997'. [ 1299.565685][T21472] netlink: 128 bytes leftover after parsing attributes in process `syz.5.24009'. [ 1299.601483][T21472] netlink: 3 bytes leftover after parsing attributes in process `syz.5.24009'. [ 1299.954764][T21488] validate_nla: 6 callbacks suppressed [ 1299.954782][T21488] netlink: 'syz.1.24026': attribute type 3 has an invalid length. [ 1299.988956][T21488] netlink: 'syz.1.24026': attribute type 8 has an invalid length. [ 1300.012918][T21488] netlink: 197344 bytes leftover after parsing attributes in process `syz.1.24026'. [ 1300.154607][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.161048][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 1301.325176][T21522] netlink: 'syz.5.24031': attribute type 3 has an invalid length. [ 1301.349864][T21522] netlink: 'syz.5.24031': attribute type 8 has an invalid length. [ 1301.371671][T21522] netlink: 197344 bytes leftover after parsing attributes in process `syz.5.24031'. [ 1302.032247][T21547] netlink: 'syz.4.24046': attribute type 21 has an invalid length. [ 1302.071764][T21547] netlink: 128 bytes leftover after parsing attributes in process `syz.4.24046'. [ 1302.083100][T21547] netlink: 'syz.4.24046': attribute type 4 has an invalid length. [ 1302.101355][T21547] netlink: 3 bytes leftover after parsing attributes in process `syz.4.24046'. [ 1302.496112][T21568] netlink: 'syz.5.24055': attribute type 29 has an invalid length. [ 1302.531472][T21568] netlink: 'syz.5.24055': attribute type 29 has an invalid length. [ 1302.551790][T21575] netlink: 'syz.5.24055': attribute type 29 has an invalid length. [ 1302.585900][T21568] netlink: 'syz.5.24055': attribute type 29 has an invalid length. [ 1303.763456][T21610] tun0: tun_chr_ioctl cmd 2147767507 [ 1304.259876][T21638] netlink: 4031 bytes leftover after parsing attributes in process `syz.5.24085'. [ 1304.426021][T21645] tun0: tun_chr_ioctl cmd 2147767507 [ 1305.636445][T21687] tun0: tun_chr_ioctl cmd 2147767507 [ 1306.829840][T21755] tap0: tun_chr_ioctl cmd 1074025677 [ 1306.837746][T21755] tap0: linktype set to 780 [ 1307.335203][T21776] netlink: 16255 bytes leftover after parsing attributes in process `syz.5.24150'. [ 1311.668583][T21841] netlink: 154020 bytes leftover after parsing attributes in process `syz.5.24177'. [ 1311.687580][T21841] openvswitch: netlink: ufid size 48894 bytes exceeds the range (1, 16) [ 1312.471451][ T4257] Bluetooth: hci2: command 0x0406 tx timeout [ 1313.496377][T21888] netlink: 154020 bytes leftover after parsing attributes in process `syz.2.24196'. [ 1313.523730][T21888] openvswitch: netlink: ufid size 48894 bytes exceeds the range (1, 16) [ 1316.196467][T21922] netlink: 60 bytes leftover after parsing attributes in process `syz.2.24211'. [ 1316.338563][T21932] validate_nla: 16 callbacks suppressed [ 1316.338582][T21932] netlink: 'syz.3.24218': attribute type 49 has an invalid length. [ 1316.361469][T21932] netlink: 'syz.3.24218': attribute type 49 has an invalid length. [ 1316.519209][T21942] netlink: 'syz.4.24221': attribute type 3 has an invalid length. [ 1316.552633][T21942] netlink: 13435 bytes leftover after parsing attributes in process `syz.4.24221'. [ 1316.866752][T21963] netlink: 'syz.1.24234': attribute type 49 has an invalid length. [ 1316.875302][T21963] netlink: 'syz.1.24234': attribute type 49 has an invalid length. [ 1316.918612][T21967] netlink: 60 bytes leftover after parsing attributes in process `syz.5.24235'. [ 1317.128362][T21976] netlink: 'syz.1.24239': attribute type 3 has an invalid length. [ 1317.173616][T21976] netlink: 13435 bytes leftover after parsing attributes in process `syz.1.24239'. [ 1317.606239][T21997] netlink: 'syz.5.24247': attribute type 49 has an invalid length. [ 1317.616142][T21997] netlink: 'syz.5.24247': attribute type 49 has an invalid length. [ 1318.140484][T22019] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.24259'. [ 1323.423795][T22149] netlink: 40 bytes leftover after parsing attributes in process `syz.2.24322'. [ 1323.491807][T22149] netlink: 'syz.2.24322': attribute type 3 has an invalid length. [ 1323.499665][T22149] netlink: 1 bytes leftover after parsing attributes in process `syz.2.24322'. [ 1323.585244][T22158] netlink: 'syz.1.24324': attribute type 3 has an invalid length. [ 1323.602145][T22158] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.24324'. [ 1324.119365][T22185] netlink: 40 bytes leftover after parsing attributes in process `syz.3.24337'. [ 1324.142664][T22185] netlink: 'syz.3.24337': attribute type 3 has an invalid length. [ 1324.174028][T22185] netlink: 1 bytes leftover after parsing attributes in process `syz.3.24337'. [ 1324.356678][T22194] netlink: 'syz.4.24342': attribute type 3 has an invalid length. [ 1324.377224][T22194] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.24342'. [ 1325.076535][T22222] netlink: 40 bytes leftover after parsing attributes in process `syz.5.24352'. [ 1325.098939][T22222] netlink: 'syz.5.24352': attribute type 3 has an invalid length. [ 1325.107830][T22222] netlink: 1 bytes leftover after parsing attributes in process `syz.5.24352'. [ 1325.457208][T22234] netlink: 'syz.2.24361': attribute type 3 has an invalid length. [ 1325.475915][T22232] netlink: 'syz.5.24359': attribute type 29 has an invalid length. [ 1325.477980][T22234] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.24361'. [ 1325.525420][T22232] netlink: 'syz.5.24359': attribute type 29 has an invalid length. [ 1329.396010][T22286] netlink: 'syz.1.24386': attribute type 29 has an invalid length. [ 1329.422085][T22286] netlink: 44 bytes leftover after parsing attributes in process `syz.1.24386'. [ 1329.468600][T22286] netlink: 'syz.1.24386': attribute type 29 has an invalid length. [ 1329.481501][T22286] netlink: 44 bytes leftover after parsing attributes in process `syz.1.24386'. [ 1329.611117][T22292] netlink: 'syz.3.24389': attribute type 3 has an invalid length. [ 1329.637892][T22292] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.24389'. [ 1329.887181][T22304] netlink: 'syz.5.24403': attribute type 3 has an invalid length. [ 1329.911848][T22304] netlink: 105116 bytes leftover after parsing attributes in process `syz.5.24403'. [ 1330.299144][T22326] netlink: 'syz.2.24402': attribute type 29 has an invalid length. [ 1330.358062][T22326] netlink: 44 bytes leftover after parsing attributes in process `syz.2.24402'. [ 1330.391478][T22326] netlink: 'syz.2.24402': attribute type 29 has an invalid length. [ 1330.424097][T22326] netlink: 44 bytes leftover after parsing attributes in process `syz.2.24402'. [ 1338.079968][T22522] netlink: 56 bytes leftover after parsing attributes in process `syz.2.24495'. [ 1339.481102][T22563] netlink: 56 bytes leftover after parsing attributes in process `syz.1.24511'. [ 1340.130317][T22584] netlink: 40 bytes leftover after parsing attributes in process `syz.4.24525'. [ 1340.163534][T22584] netlink: 'syz.4.24525': attribute type 3 has an invalid length. [ 1340.190267][T22584] netlink: 1 bytes leftover after parsing attributes in process `syz.4.24525'. [ 1343.254674][T22674] netlink: 40 bytes leftover after parsing attributes in process `syz.1.24564'. [ 1343.279243][T22674] device bridge_slave_0 left promiscuous mode [ 1343.310205][T22674] netlink: 'syz.1.24564': attribute type 3 has an invalid length. [ 1343.330362][T22674] netlink: 1 bytes leftover after parsing attributes in process `syz.1.24564'. [ 1344.280550][T22706] netlink: 48 bytes leftover after parsing attributes in process `syz.4.24579'. [ 1346.685559][T22731] netlink: 'syz.2.24590': attribute type 4 has an invalid length. [ 1346.709092][T22731] netlink: 152 bytes leftover after parsing attributes in process `syz.2.24590'. [ 1346.743384][T22731] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 1347.015899][T22745] tap0: tun_chr_ioctl cmd 2147767520 [ 1349.310767][T22790] tap0: tun_chr_ioctl cmd 2147767520 [ 1350.516885][T22834] tap0: tun_chr_ioctl cmd 2147767520 [ 1351.492969][T22859] netlink: 152 bytes leftover after parsing attributes in process `syz.5.24643'. [ 1351.526614][T22859] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1351.905849][T22879] pimreg0: tun_chr_ioctl cmd 1074025677 [ 1351.929623][T22879] pimreg0: linktype set to 769 [ 1358.544701][T22982] netlink: 'syz.5.24696': attribute type 4 has an invalid length. [ 1358.556045][T22982] netlink: 152 bytes leftover after parsing attributes in process `syz.5.24696'. [ 1358.764543][T22982] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 1358.804033][T22989] netlink: 152 bytes leftover after parsing attributes in process `syz.2.24701'. [ 1358.837898][T22989] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1359.363166][T23009] bond_slave_1: mtu less than device minimum [ 1359.770515][T23029] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.24720'. [ 1359.863990][T23034] tun0: tun_chr_ioctl cmd 1074025692 [ 1359.911522][T23037] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.24724'. [ 1360.180534][T23049] bond_slave_1: mtu less than device minimum [ 1360.522115][T23061] netlink: 16255 bytes leftover after parsing attributes in process `syz.5.24735'. [ 1360.755739][T23071] tun0: tun_chr_ioctl cmd 1074025692 [ 1360.902202][T23077] bond_slave_1: mtu less than device minimum [ 1361.200571][T23092] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.24750'. [ 1361.286218][T23094] netlink: 16255 bytes leftover after parsing attributes in process `syz.4.24751'. [ 1361.594030][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.600414][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 1361.747750][T23108] tun0: tun_chr_ioctl cmd 1074025692 [ 1362.063518][T23125] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.24764'. [ 1362.147615][T23129] netlink: 152 bytes leftover after parsing attributes in process `syz.3.24767'. [ 1363.041123][T23163] netlink: 15998 bytes leftover after parsing attributes in process `syz.2.24785'. [ 1366.165727][T23176] netlink: 'syz.4.24790': attribute type 4 has an invalid length. [ 1366.201662][T23176] netlink: 152 bytes leftover after parsing attributes in process `syz.4.24790'. [ 1366.269241][T23176] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 1366.648878][T23197] netlink: 152 bytes leftover after parsing attributes in process `syz.4.24799'. [ 1367.157488][T23218] netlink: 148 bytes leftover after parsing attributes in process `syz.5.24811'. [ 1367.329406][T23220] netlink: 'syz.4.24812': attribute type 21 has an invalid length. [ 1369.602037][T23231] netlink: 152 bytes leftover after parsing attributes in process `syz.5.24817'. [ 1373.204972][T23269] netlink: 'syz.5.24835': attribute type 21 has an invalid length. [ 1373.485625][T23286] netlink: 148 bytes leftover after parsing attributes in process `syz.4.24843'. [ 1374.100181][T23314] netlink: 'syz.3.24856': attribute type 3 has an invalid length. [ 1374.108175][T23314] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.24856'. [ 1374.406753][T23333] netlink: 'syz.5.24865': attribute type 29 has an invalid length. [ 1374.421650][T23333] netlink: 'syz.5.24865': attribute type 29 has an invalid length. [ 1374.451744][T23333] netlink: 'syz.5.24865': attribute type 29 has an invalid length. [ 1374.465614][T23333] netlink: 'syz.5.24865': attribute type 29 has an invalid length. [ 1374.976874][T23368] netlink: 'syz.2.24879': attribute type 3 has an invalid length. [ 1374.994085][T23368] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.24879'. [ 1375.084964][T23375] netlink: 'syz.1.24883': attribute type 29 has an invalid length. [ 1375.113521][T23375] netlink: 'syz.1.24883': attribute type 29 has an invalid length. [ 1375.150133][T23379] netlink: 'syz.1.24883': attribute type 29 has an invalid length. [ 1375.630701][T23408] netlink: 105116 bytes leftover after parsing attributes in process `syz.5.24896'. [ 1376.308048][T23446] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.24914'. [ 1376.333402][T23446] netlink: zone id is out of range [ 1376.348517][T23446] netlink: zone id is out of range [ 1377.356763][T23489] netlink: 168864 bytes leftover after parsing attributes in process `syz.5.24933'. [ 1377.367819][T23489] netlink: zone id is out of range [ 1377.375754][T23489] netlink: zone id is out of range [ 1378.095453][T23521] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.24946'. [ 1378.123696][T23521] netlink: zone id is out of range [ 1378.129756][T23521] netlink: zone id is out of range [ 1379.606333][T23557] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.24962'. [ 1379.628080][T23557] netlink: zone id is out of range [ 1379.641511][T23557] netlink: zone id is out of range [ 1380.507066][T23593] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.24978'. [ 1380.542281][T23593] netlink: zone id is out of range [ 1380.548591][T23593] netlink: zone id is out of range [ 1381.074486][T23610] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.24997'. [ 1381.646743][T23641] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.25005'. [ 1381.668315][T23641] net_ratelimit: 2 callbacks suppressed [ 1381.668350][T23641] netlink: zone id is out of range [ 1381.685355][T23641] netlink: zone id is out of range [ 1387.180449][T23703] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.25033'. [ 1387.390472][T23711] tun0: tun_chr_ioctl cmd 1074025672 [ 1387.431287][T23711] tun0: ignored: set checksum enabled [ 1388.142825][T23741] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.25050'. [ 1388.811318][T23760] tun0: tun_chr_ioctl cmd 1074025672 [ 1388.816667][T23760] tun0: ignored: set checksum enabled [ 1389.277350][T23780] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.25068'. [ 1389.418324][T23788] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.25073'. [ 1389.983650][T23796] tun0: tun_chr_ioctl cmd 1074025672 [ 1390.012460][T23796] tun0: ignored: set checksum enabled [ 1390.317138][T23814] netlink: 40 bytes leftover after parsing attributes in process `syz.3.25084'. [ 1390.445706][T23818] tap0: tun_chr_ioctl cmd 1074025677 [ 1390.471693][T23818] tap0: linktype set to 821 [ 1391.298800][T23823] netlink: 'syz.2.25090': attribute type 11 has an invalid length. [ 1391.319667][T23823] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.25090'. [ 1391.330194][T23824] validate_nla: 6 callbacks suppressed [ 1391.330210][T23824] netlink: 'syz.3.25091': attribute type 27 has an invalid length. [ 1391.371547][T23824] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.25091'. [ 1391.382201][T23821] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1392.361043][T23852] netlink: 202920 bytes leftover after parsing attributes in process `syz.5.25101'. [ 1392.547583][T23861] tap0: tun_chr_ioctl cmd 1074025677 [ 1392.555440][T23861] tap0: linktype set to 821 [ 1393.075435][T23866] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.25107'. [ 1393.552878][T23889] tap0: tun_chr_ioctl cmd 1074025677 [ 1393.558794][T23889] tap0: linktype set to 821 [ 1394.627673][T23923] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.25137'. [ 1394.662682][T23923] netlink: zone id is out of range [ 1394.700524][T23923] netlink: zone id is out of range [ 1398.134238][T23964] netlink: 40 bytes leftover after parsing attributes in process `syz.5.25155'. [ 1398.180991][T23968] netlink: 'syz.1.25159': attribute type 3 has an invalid length. [ 1398.195804][T23968] netlink: 9814 bytes leftover after parsing attributes in process `syz.1.25159'. [ 1399.325789][T24012] tap0: tun_chr_ioctl cmd 1074025677 [ 1399.337533][T24012] tap0: linktype set to 773 [ 1400.704760][T24074] netlink: 830 bytes leftover after parsing attributes in process `syz.1.25207'. [ 1402.724082][T24152] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.25251'. [ 1402.762102][T24152] netlink: zone id is out of range [ 1402.782932][T24152] netlink: zone id is out of range [ 1406.022758][T24174] netlink: 14568 bytes leftover after parsing attributes in process `syz.5.25257'. [ 1406.183798][T24179] netlink: 'syz.5.25259': attribute type 3 has an invalid length. [ 1406.205734][T24179] netlink: 9814 bytes leftover after parsing attributes in process `syz.5.25259'. [ 1409.849067][T24212] netlink: 830 bytes leftover after parsing attributes in process `syz.5.25274'. [ 1409.884363][T24210] netlink: 'syz.2.25275': attribute type 3 has an invalid length. [ 1409.903984][T24210] netlink: 9814 bytes leftover after parsing attributes in process `syz.2.25275'. [ 1410.592595][T24241] netlink: 830 bytes leftover after parsing attributes in process `syz.2.25291'. [ 1412.253740][T24299] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.25318'. [ 1412.704425][T24319] netlink: 'syz.3.25328': attribute type 27 has an invalid length. [ 1412.733500][T24319] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.25328'. [ 1413.381316][T24339] dvmrp1: tun_chr_ioctl cmd 2148553947 [ 1415.912974][T24352] tun1: tun_chr_ioctl cmd 21731 [ 1415.918266][T24361] IPv6: Can't replace route, no match found [ 1416.223568][T24379] netlink: 'syz.5.25352': attribute type 29 has an invalid length. [ 1416.246989][T24379] netlink: 'syz.5.25352': attribute type 29 has an invalid length. [ 1416.271116][T24379] netlink: 'syz.5.25352': attribute type 29 has an invalid length. [ 1416.302700][T24379] netlink: 'syz.5.25352': attribute type 29 has an invalid length. [ 1416.462559][T24389] tap0: tun_chr_ioctl cmd 1074025677 [ 1416.476506][T24389] tap0: linktype set to 804 [ 1417.742705][T24419] netlink: 'syz.4.25370': attribute type 29 has an invalid length. [ 1417.761617][T24419] netlink: 'syz.4.25370': attribute type 29 has an invalid length. [ 1417.784795][T24419] netlink: 'syz.4.25370': attribute type 29 has an invalid length. [ 1417.809991][T24419] netlink: 'syz.4.25370': attribute type 29 has an invalid length. [ 1417.834320][T24423] tap0: tun_chr_ioctl cmd 1074025677 [ 1417.863424][T24423] tap0: linktype set to 804 [ 1418.019148][T24435] netlink: 'syz.1.25388': attribute type 29 has an invalid length. [ 1418.029165][T24435] netlink: 'syz.1.25388': attribute type 29 has an invalid length. [ 1418.042947][T24435] netlink: 'syz.1.25388': attribute type 29 has an invalid length. [ 1418.052439][T24435] netlink: 'syz.1.25388': attribute type 29 has an invalid length. [ 1421.619741][T24466] tap0: tun_chr_ioctl cmd 1074025677 [ 1421.632313][T24466] tap0: linktype set to 804 [ 1422.354926][T24493] netlink: 830 bytes leftover after parsing attributes in process `syz.1.25408'. [ 1422.934030][T24523] netlink: 'syz.4.25422': attribute type 16 has an invalid length. [ 1422.965512][T24523] netlink: 48 bytes leftover after parsing attributes in process `syz.4.25422'. [ 1423.034537][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.040967][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 1423.208103][T24527] netlink: 830 bytes leftover after parsing attributes in process `syz.5.25426'. [ 1423.422894][T24541] netlink: 40 bytes leftover after parsing attributes in process `syz.4.25429'. [ 1423.457948][T24541] netlink: 8 bytes leftover after parsing attributes in process `syz.4.25429'. [ 1423.481458][T24541] netlink: 8 bytes leftover after parsing attributes in process `syz.4.25429'. [ 1423.499694][T24541] netlink: 8 bytes leftover after parsing attributes in process `syz.4.25429'. [ 1423.728746][T24547] netlink: 830 bytes leftover after parsing attributes in process `syz.2.25442'. [ 1427.084520][T24575] netlink: 'syz.1.25446': attribute type 16 has an invalid length. [ 1427.106506][T24575] netlink: 48 bytes leftover after parsing attributes in process `syz.1.25446'. [ 1427.255809][T24582] netlink: 830 bytes leftover after parsing attributes in process `syz.4.25451'. [ 1428.093942][T24623] netlink: 830 bytes leftover after parsing attributes in process `syz.3.25466'. [ 1428.326719][T24629] netlink: 'syz.2.25471': attribute type 16 has an invalid length. [ 1428.335146][T24629] netlink: 48 bytes leftover after parsing attributes in process `syz.2.25471'. [ 1429.155777][T24647] netlink: 830 bytes leftover after parsing attributes in process `syz.2.25487'. [ 1431.628110][T24686] netlink: 830 bytes leftover after parsing attributes in process `syz.4.25494'. [ 1431.869031][T24702] netlink: 830 bytes leftover after parsing attributes in process `syz.5.25508'. [ 1432.043174][T24710] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1434.631486][T24744] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 1434.641605][T24744] syzkaller0: linktype set to 778 [ 1435.040525][T24764] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.25530'. [ 1435.480469][T24781] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 1435.488764][T24781] syzkaller0: linktype set to 778 [ 1435.495143][T24782] netpci0: tun_chr_ioctl cmd 1074025694 [ 1436.118959][T24816] netpci0: tun_chr_ioctl cmd 1074025694 [ 1436.135729][T24815] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 1436.149538][T24815] syzkaller0: linktype set to 778 [ 1437.037888][T24857] netpci0: tun_chr_ioctl cmd 1074025694 [ 1437.490761][T24888] netlink: 830 bytes leftover after parsing attributes in process `syz.2.25588'. [ 1437.620356][T24893] tap0: tun_chr_ioctl cmd 1074025681 [ 1437.969818][T24906] netpci0: tun_chr_ioctl cmd 1074025694 [ 1438.290302][T24919] netlink: 830 bytes leftover after parsing attributes in process `syz.1.25602'. [ 1438.617724][T24937] tap0: tun_chr_ioctl cmd 1074025681 [ 1438.837751][T24948] netlink: 'syz.4.25610': attribute type 10 has an invalid length. [ 1438.856173][T24948] netlink: 'syz.4.25610': attribute type 19 has an invalid length. [ 1438.876473][T24948] netlink: 156 bytes leftover after parsing attributes in process `syz.4.25610'. [ 1438.972574][T24950] syz.3.25625[24950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1438.972711][T24950] syz.3.25625[24950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1439.033000][T24954] netpci0: tun_chr_ioctl cmd 1074025694 [ 1439.265675][T24963] netlink: 830 bytes leftover after parsing attributes in process `syz.3.25618'. [ 1439.682117][T24974] tap0: tun_chr_ioctl cmd 1074025681 [ 1439.864450][T24984] syz.5.25629[24984] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1439.864586][T24984] syz.5.25629[24984] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1440.026316][T24994] netlink: 830 bytes leftover after parsing attributes in process `syz.5.25633'. [ 1440.425388][T25008] netlink: 830 bytes leftover after parsing attributes in process `syz.5.25647'. [ 1440.872978][T25020] syz.4.25644[25020] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1440.873115][T25020] syz.4.25644[25020] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1440.969226][T25027] netlink: 'syz.2.25648': attribute type 29 has an invalid length. [ 1441.005174][T25027] netlink: 'syz.2.25648': attribute type 29 has an invalid length. [ 1441.015276][T25027] netlink: 'syz.2.25648': attribute type 29 has an invalid length. [ 1441.029489][T25027] netlink: 'syz.2.25648': attribute type 29 has an invalid length. [ 1441.466411][T25047] netlink: 830 bytes leftover after parsing attributes in process `syz.5.25667'. [ 1441.597948][T25055] netlink: 'syz.5.25660': attribute type 10 has an invalid length. [ 1441.607970][T25055] netlink: 'syz.5.25660': attribute type 19 has an invalid length. [ 1441.633178][T25055] netlink: 156 bytes leftover after parsing attributes in process `syz.5.25660'. [ 1442.753614][T25087] netlink: 'syz.3.25675': attribute type 10 has an invalid length. [ 1442.793821][T25087] netlink: 'syz.3.25675': attribute type 19 has an invalid length. [ 1442.813184][T25087] netlink: 156 bytes leftover after parsing attributes in process `syz.3.25675'. [ 1444.120028][T25151] netlink: 'syz.1.25708': attribute type 29 has an invalid length. [ 1444.139395][T25151] netlink: 'syz.1.25708': attribute type 29 has an invalid length. [ 1444.172858][T25151] netlink: 'syz.1.25708': attribute type 29 has an invalid length. [ 1444.208033][T25151] netlink: 'syz.1.25708': attribute type 29 has an invalid length. [ 1444.342001][T25161] netlink: 'syz.1.25713': attribute type 49 has an invalid length. [ 1444.424348][T25165] netlink: 'syz.3.25715': attribute type 27 has an invalid length. [ 1444.443122][T25165] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.25715'. [ 1446.433972][T25242] netlink: 'syz.2.25752': attribute type 27 has an invalid length. [ 1446.461347][T25242] netlink: 2418 bytes leftover after parsing attributes in process `syz.2.25752'. [ 1448.238411][T25305] netlink: 144 bytes leftover after parsing attributes in process `syz.5.25790'. [ 1449.022324][T25326] netlink: 'syz.4.25792': attribute type 2 has an invalid length. [ 1449.174618][T25333] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.25794'. [ 1449.226045][T25335] netlink: 'syz.4.25796': attribute type 11 has an invalid length. [ 1450.347111][T25362] netlink: 144 bytes leftover after parsing attributes in process `syz.2.25806'. [ 1450.658506][T25374] netlink: 'syz.3.25813': attribute type 11 has an invalid length. [ 1450.749071][T25383] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.25816'. [ 1450.943912][T25388] netlink: 'syz.1.25820': attribute type 27 has an invalid length. [ 1450.953367][T25388] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.25820'. [ 1451.529869][T25415] netlink: 'syz.2.25831': attribute type 27 has an invalid length. [ 1451.567205][T25415] netlink: 2418 bytes leftover after parsing attributes in process `syz.2.25831'. [ 1452.343228][T25452] netlink: 'syz.4.25848': attribute type 27 has an invalid length. [ 1452.361589][T25452] netlink: 2418 bytes leftover after parsing attributes in process `syz.4.25848'. [ 1452.819967][T25475] netlink: 'syz.4.25859': attribute type 46 has an invalid length. [ 1452.848397][T25475] netlink: 44 bytes leftover after parsing attributes in process `syz.4.25859'. [ 1453.089601][T25487] netlink: 'syz.3.25863': attribute type 27 has an invalid length. [ 1453.121960][T25487] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.25863'. [ 1453.262931][T25493] netlink: 48 bytes leftover after parsing attributes in process `syz.4.25867'. [ 1453.505646][T25508] netlink: 'syz.3.25873': attribute type 46 has an invalid length. [ 1453.533461][T25508] netlink: 44 bytes leftover after parsing attributes in process `syz.3.25873'. [ 1453.669389][T25517] netlink: 'syz.1.25889': attribute type 46 has an invalid length. [ 1453.690981][T25517] netlink: 44 bytes leftover after parsing attributes in process `syz.1.25889'. [ 1454.046085][T25528] netlink: 48 bytes leftover after parsing attributes in process `syz.3.25883'. [ 1454.685155][T17071] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1454.863437][T17071] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1454.996894][T17071] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1455.056646][T25542] netlink: 'syz.3.25893': attribute type 13 has an invalid length. [ 1455.079901][T25542] netlink: 24859 bytes leftover after parsing attributes in process `syz.3.25893'. [ 1455.145626][T17071] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1455.591599][T17003] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1455.602139][T17003] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1455.610037][T17003] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1455.641554][T17003] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1455.651136][T17003] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1455.658699][T17003] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1456.798388][T17003] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1456.807745][T17003] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1456.816200][T17003] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1456.824355][T17003] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1456.832351][T17003] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1456.839606][T17003] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1457.401792][T17071] device veth1_vlan left promiscuous mode [ 1458.016841][ T4257] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1458.025550][ T4257] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1458.034317][ T4257] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1458.043436][ T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1458.051022][ T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1458.058321][ T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1458.169157][T17071] device geneve1 left promiscuous mode [ 1458.208507][T17071] team0 (unregistering): Port device geneve1 removed [ 1458.627577][T17071] device team_slave_1 left promiscuous mode [ 1458.636622][T17071] team0 (unregistering): Port device team_slave_1 removed [ 1458.685296][T17071] device team_slave_0 left promiscuous mode [ 1458.694779][T17071] team0 (unregistering): Port device team_slave_0 removed [ 1458.753179][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1458.764171][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1458.773263][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1458.785765][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1458.800225][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1458.811318][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1458.876445][T17003] Bluetooth: hci1: command 0x0409 tx timeout [ 1459.298811][T25593] chnl_net:caif_netlink_parms(): no params data found [ 1459.313977][T25651] netlink: 61959 bytes leftover after parsing attributes in process `syz.4.25940'. [ 1459.331514][T25651] tc_dump_action: action bad kind [ 1459.467860][T25593] bridge0: port 1(bridge_slave_0) entered blocking state [ 1459.475130][T25593] bridge0: port 1(bridge_slave_0) entered disabled state [ 1459.483845][T25593] device bridge_slave_0 entered promiscuous mode [ 1459.502558][T25593] bridge0: port 2(bridge_slave_1) entered blocking state [ 1459.509829][T25593] bridge0: port 2(bridge_slave_1) entered disabled state [ 1459.520155][T25593] device bridge_slave_1 entered promiscuous mode [ 1459.583734][T25593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1459.612976][T25593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1459.695720][T25593] team0: Port device team_slave_0 added [ 1459.716740][T25593] team0: Port device team_slave_1 added [ 1459.723001][T25636] chnl_net:caif_netlink_parms(): no params data found [ 1459.784080][T25593] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1459.791066][T25593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1459.817121][T25593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1459.856551][T25593] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1459.863753][T25593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1459.889942][T25593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1459.958646][T25636] bridge0: port 1(bridge_slave_0) entered blocking state [ 1459.965986][T25636] bridge0: port 1(bridge_slave_0) entered disabled state [ 1459.974454][T25636] device bridge_slave_0 entered promiscuous mode [ 1459.985447][T25593] device hsr_slave_0 entered promiscuous mode [ 1459.994660][T25593] device hsr_slave_1 entered promiscuous mode [ 1460.002924][T25593] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1460.010536][T25593] Cannot create hsr debugfs directory [ 1460.017951][T25636] bridge0: port 2(bridge_slave_1) entered blocking state [ 1460.027629][T25636] bridge0: port 2(bridge_slave_1) entered disabled state [ 1460.035713][T25636] device bridge_slave_1 entered promiscuous mode [ 1460.086216][T17071] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.115007][T25636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1460.149322][T17071] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.163583][T25636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1460.211809][T17071] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.226393][T25636] team0: Port device team_slave_0 added [ 1460.236217][T25636] team0: Port device team_slave_1 added [ 1460.292513][T25636] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1460.299481][T25636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1460.328369][T25636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1460.347791][T25636] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1460.354798][T25636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1460.381030][T25636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1460.413107][T17071] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.457168][T25636] device hsr_slave_0 entered promiscuous mode [ 1460.466493][T25636] device hsr_slave_1 entered promiscuous mode [ 1460.473267][T25636] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1460.480834][T25636] Cannot create hsr debugfs directory [ 1460.554316][T25593] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1460.573109][T25593] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1460.594578][T25593] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1460.608893][T25593] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1460.640306][T17071] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.720009][T17071] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.788141][T17071] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.801878][T25636] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1460.820642][T25636] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1460.829823][T25636] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1460.840495][T25636] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1460.859679][T17071] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.872513][T17003] Bluetooth: hci0: command 0x0409 tx timeout [ 1460.890972][T25593] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1460.914409][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1460.922576][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1460.935489][T25593] 8021q: adding VLAN 0 to HW filter on device team0 [ 1460.952194][T17003] Bluetooth: hci1: command 0x041b tx timeout [ 1460.967729][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1460.976859][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1460.985758][T27297] bridge0: port 1(bridge_slave_0) entered blocking state [ 1460.993082][T27297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1461.014051][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1461.025042][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1461.039649][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1461.049512][T27297] bridge0: port 2(bridge_slave_1) entered blocking state [ 1461.056665][T27297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1461.083984][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1461.114945][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1461.137593][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1461.149326][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1461.158235][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1461.167409][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1461.176737][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1461.195934][T25636] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1461.206323][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1461.215736][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1461.225457][T17071] device 0 left promiscuous mode [ 1461.239023][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1461.249705][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1461.263846][T25593] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1461.277179][T25636] 8021q: adding VLAN 0 to HW filter on device team0 [ 1461.289834][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1461.297781][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1461.307714][T17071] device 0 left promiscuous mode [ 1461.321785][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1461.330938][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1461.343902][T27307] bridge0: port 1(bridge_slave_0) entered blocking state [ 1461.351023][T27307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1461.366018][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1461.426725][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1461.436546][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1461.457279][T27324] bridge0: port 2(bridge_slave_1) entered blocking state [ 1461.464455][T27324] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1461.474022][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1461.504012][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1461.514818][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1461.526638][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1461.535790][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1461.545069][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1461.557232][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1461.566254][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1461.581221][T25636] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1461.593518][T25636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1461.692215][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1461.700109][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1461.709399][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1461.730409][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1461.744157][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1461.815301][T25593] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1461.976965][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1461.985795][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1462.041969][T25636] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1462.250245][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1462.277182][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1462.354628][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1462.364315][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1462.378976][T25593] device veth0_vlan entered promiscuous mode [ 1462.387048][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1462.395210][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1462.431874][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1462.440715][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1462.456589][T25593] device veth1_vlan entered promiscuous mode [ 1462.504319][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1462.512764][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1462.520817][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1462.529900][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1462.547018][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1462.555375][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1462.590885][T25636] device veth0_vlan entered promiscuous mode [ 1462.601924][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1462.610469][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1462.629445][T25636] device veth1_vlan entered promiscuous mode [ 1462.640374][T25593] device veth0_macvtap entered promiscuous mode [ 1462.656959][T25593] device veth1_macvtap entered promiscuous mode [ 1462.698485][T25593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1462.709826][T25593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1462.721088][T25593] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1462.730474][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1462.739626][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1462.748844][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1462.756953][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1462.765166][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1462.774225][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1462.783472][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1462.792694][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1462.805389][T25636] device veth0_macvtap entered promiscuous mode [ 1462.827742][T25593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1462.839950][T25593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1462.852916][T25593] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1462.868423][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1462.877763][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1462.886799][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1462.901113][T25636] device veth1_macvtap entered promiscuous mode [ 1462.923986][T25593] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1462.932892][T25593] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1462.943646][T25593] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1462.952870][T17003] Bluetooth: hci0: command 0x041b tx timeout [ 1462.959062][T25593] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1462.975733][T25636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1462.986598][T25636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1462.996828][T25636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1463.007736][T25636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1463.019017][T25636] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1463.031463][ T48] Bluetooth: hci1: command 0x040f tx timeout [ 1463.084601][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1463.093624][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1463.102436][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1463.120598][T25636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1463.131850][T25636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1463.142675][T25636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1463.153897][T25636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1463.166548][T25636] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1463.200457][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1463.211686][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1463.259451][T25636] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1463.269521][T25636] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1463.279674][T25636] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1463.291670][T25636] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1463.329994][T27297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1463.338703][T27297] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1463.360309][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1463.420346][T27297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1463.443217][T27297] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1463.458149][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1463.469196][T27324] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1463.478882][T27324] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1463.497352][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1463.562311][T27318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1463.582237][T27318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1463.614049][T27301] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1464.229814][T17071] device veth1_vlan left promiscuous mode [ 1464.247641][T17071] device veth1_vlan left promiscuous mode [ 1464.272646][ T48] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1464.307162][ T48] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1464.317710][ T48] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1464.326405][ T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1464.334981][ T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1464.342522][ T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1465.033946][T17003] Bluetooth: hci0: command 0x040f tx timeout [ 1465.113639][T17003] Bluetooth: hci1: command 0x0419 tx timeout [ 1466.401407][ T48] Bluetooth: hci3: command 0x0409 tx timeout [ 1467.113102][ T48] Bluetooth: hci0: command 0x0419 tx timeout [ 1467.951179][T17071] device geneve1 left promiscuous mode [ 1467.964126][T17071] team0 (unregistering): Port device geneve1 removed [ 1468.232773][T17071] device team_slave_1 left promiscuous mode [ 1468.239921][T17071] team0 (unregistering): Port device team_slave_1 removed [ 1468.474569][T17003] Bluetooth: hci3: command 0x041b tx timeout [ 1468.770019][T17071] device geneve1 left promiscuous mode [ 1468.778876][T17071] team0 (unregistering): Port device geneve1 removed [ 1468.996235][T17071] device team_slave_1 left promiscuous mode [ 1469.003075][T17071] team0 (unregistering): Port device team_slave_1 removed [ 1469.332870][T25713] netlink: 'syz.4.25951': attribute type 13 has an invalid length. [ 1469.341679][T25713] netlink: 24859 bytes leftover after parsing attributes in process `syz.4.25951'. [ 1469.366260][T25727] ip6erspan0: tun_chr_ioctl cmd 2148553947 [ 1469.647768][T25712] chnl_net:caif_netlink_parms(): no params data found [ 1469.962255][T25712] bridge0: port 1(bridge_slave_0) entered blocking state [ 1469.971411][T25712] bridge0: port 1(bridge_slave_0) entered disabled state [ 1469.979889][T25712] device bridge_slave_0 entered promiscuous mode [ 1470.057116][T25712] bridge0: port 2(bridge_slave_1) entered blocking state [ 1470.100106][T25712] bridge0: port 2(bridge_slave_1) entered disabled state [ 1470.109311][T25712] device bridge_slave_1 entered promiscuous mode [ 1470.125741][T25780] netlink: 16255 bytes leftover after parsing attributes in process `syz.8.25981'. [ 1470.194360][T25712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1470.238975][T25712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1470.354082][T25712] team0: Port device team_slave_0 added [ 1470.373109][T17000] cgroup: fork rejected by pids controller in /syz5 [ 1470.382161][T25712] team0: Port device team_slave_1 added [ 1470.496029][T25712] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1470.514456][T25712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1470.559437][T25712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1470.561562][T17003] Bluetooth: hci3: command 0x040f tx timeout [ 1470.705728][T25712] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1470.731292][T25712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1470.781302][T25712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1470.916106][T17071] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1470.934698][T25712] device hsr_slave_0 entered promiscuous mode [ 1470.962661][T25712] device hsr_slave_1 entered promiscuous mode [ 1470.970436][T25712] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1470.991367][T25712] Cannot create hsr debugfs directory [ 1471.012578][T17071] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1471.102087][T17071] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1471.193834][T17071] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1471.468818][T25820] netlink: 132 bytes leftover after parsing attributes in process `syz.4.26001'. [ 1471.611994][ T48] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1471.621619][ T48] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1471.629997][ T48] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1471.638473][ T48] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1471.647648][ T48] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1471.655794][ T48] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1472.632140][T17003] Bluetooth: hci3: command 0x0419 tx timeout [ 1472.730265][T25833] Â: renamed from pim6reg1 [ 1472.773930][T25831] ip6erspan0: tun_chr_ioctl cmd 2148553947 [ 1472.790660][T25712] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1472.840346][T25712] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1472.850472][T25712] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1472.885772][T25712] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1472.917806][T25823] chnl_net:caif_netlink_parms(): no params data found [ 1473.143926][T25823] bridge0: port 1(bridge_slave_0) entered blocking state [ 1473.151177][T25823] bridge0: port 1(bridge_slave_0) entered disabled state [ 1473.160114][T25823] device bridge_slave_0 entered promiscuous mode [ 1473.169812][T25823] bridge0: port 2(bridge_slave_1) entered blocking state [ 1473.178206][T25823] bridge0: port 2(bridge_slave_1) entered disabled state [ 1473.186704][T25823] device bridge_slave_1 entered promiscuous mode [ 1473.236344][T25823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1473.257926][T25823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1473.354249][T25823] team0: Port device team_slave_0 added [ 1473.374583][T25823] team0: Port device team_slave_1 added [ 1473.380676][T25849] netlink: 132 bytes leftover after parsing attributes in process `syz.7.26011'. [ 1473.406756][T25712] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1473.508334][T25752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1473.536321][T25752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1473.558928][T25712] 8021q: adding VLAN 0 to HW filter on device team0 [ 1473.569824][T25823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1473.580078][T25823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1473.640333][T25823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1473.751700][T17003] Bluetooth: hci2: command 0x0409 tx timeout [ 1474.484919][T17071] device hsr_slave_0 left promiscuous mode [ 1474.511581][T17071] device hsr_slave_1 left promiscuous mode [ 1474.518515][T17071] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1474.526981][T17071] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1474.536131][T17071] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1474.544261][T17071] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1474.555003][T17071] device bridge_slave_1 left promiscuous mode [ 1474.561251][T17071] bridge0: port 2(bridge_slave_1) entered disabled state [ 1474.570007][T17071] device bridge_slave_0 left promiscuous mode [ 1474.577213][T17071] bridge0: port 1(bridge_slave_0) entered disabled state [ 1474.600114][T17071] device veth1_macvtap left promiscuous mode [ 1474.606223][T17071] device veth0_macvtap left promiscuous mode [ 1474.612590][T17071] device veth1_vlan left promiscuous mode [ 1474.618438][T17071] device veth0_vlan left promiscuous mode [ 1475.087536][T17071] team0 (unregistering): Port device team_slave_1 removed [ 1475.125052][T17071] team0 (unregistering): Port device team_slave_0 removed [ 1475.167044][T17071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1475.206240][T17071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1475.580265][T17071] bond0 (unregistering): Released all slaves [ 1475.658079][T25823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1475.665447][T25823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1475.691651][T25823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1475.724043][T25865] ip6erspan0: tun_chr_ioctl cmd 2148553947 [ 1475.748588][T25823] device hsr_slave_0 entered promiscuous mode [ 1475.758038][T25823] device hsr_slave_1 entered promiscuous mode [ 1475.776209][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1475.785619][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1475.798545][T27318] bridge0: port 1(bridge_slave_0) entered blocking state [ 1475.805721][T27318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1475.816379][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1475.841365][T17003] Bluetooth: hci2: command 0x041b tx timeout [ 1475.864986][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1475.884293][T27324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1475.893193][T27324] bridge0: port 2(bridge_slave_1) entered blocking state [ 1475.900333][T27324] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1475.992015][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1476.010765][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1476.051902][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1476.070577][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1476.080057][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1476.096007][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1476.108436][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1476.120725][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1477.922086][ T48] Bluetooth: hci2: command 0x040f tx timeout [ 1478.995473][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1479.028599][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1479.046022][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1479.059977][T25712] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1479.327934][T25888] netlink: 132 bytes leftover after parsing attributes in process `syz.8.26024'. [ 1479.397016][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1479.413697][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1479.466192][T25712] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1479.530715][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1479.550359][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1479.643059][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1479.655858][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1479.683396][T25712] device veth0_vlan entered promiscuous mode [ 1479.701310][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1479.709442][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1479.734215][T25823] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1479.750079][T25712] device veth1_vlan entered promiscuous mode [ 1479.767537][T25823] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1479.777366][T25823] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1479.794465][T25823] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1479.821996][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1479.830125][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1479.839238][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1479.847843][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1479.871165][T25712] device veth0_macvtap entered promiscuous mode [ 1479.883272][T25712] device veth1_macvtap entered promiscuous mode [ 1479.918078][T25712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1479.931700][T25712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1479.942044][T25712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1479.953840][T25712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1479.969873][T25712] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1479.979618][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1479.991565][T17003] Bluetooth: hci2: command 0x0419 tx timeout [ 1480.019511][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1480.033555][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1480.045181][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1480.068535][T25712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1480.085747][T25712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1480.095977][T25712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1480.106728][T25712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1480.122238][T25712] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1480.145409][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1480.160435][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1480.180408][T25712] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.192157][T25712] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.200876][T25712] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.209953][T25712] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.293305][T25823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1480.309469][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1480.332329][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1480.373362][T25823] 8021q: adding VLAN 0 to HW filter on device team0 [ 1480.417215][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1480.426490][T27307] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1480.436489][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1480.446245][T27307] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1480.453897][T27318] bridge0: port 1(bridge_slave_0) entered blocking state [ 1480.461045][T27318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1480.470600][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1480.479250][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1480.498309][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1480.512265][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1480.526678][T27307] bridge0: port 2(bridge_slave_1) entered blocking state [ 1480.533884][T27307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1480.563785][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1480.590639][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1480.600254][T17071] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1480.613021][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1480.621364][T17071] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1480.639919][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1480.649179][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1480.667971][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1480.682870][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1480.702527][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1480.724435][T25823] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1480.748918][T25823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1480.789684][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1480.802684][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1480.820887][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1480.838365][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1480.857883][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1481.168751][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1481.178885][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1481.200380][T25823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1481.492976][T25953] netlink: 16255 bytes leftover after parsing attributes in process `syz.7.26048'. [ 1481.506325][T25948] netlink: 'syz.4.26049': attribute type 29 has an invalid length. [ 1481.525265][T25948] netlink: 'syz.4.26049': attribute type 29 has an invalid length. [ 1481.703163][T25962] tun0: tun_chr_ioctl cmd 1074025680 [ 1481.765988][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1481.777792][T27318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1481.823973][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1481.852197][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1481.878286][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1481.887284][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1481.915773][T25823] device veth0_vlan entered promiscuous mode [ 1481.935958][T25823] device veth1_vlan entered promiscuous mode [ 1481.966798][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1481.975085][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1481.985467][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1482.000982][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1482.014605][T25823] device veth0_macvtap entered promiscuous mode [ 1482.024983][T25823] device veth1_macvtap entered promiscuous mode [ 1482.040129][T25823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1482.050893][T25823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1482.064604][T25823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1482.075244][T25823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1482.088038][T25823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1482.099766][T25823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1482.116103][T25823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1482.126853][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1482.135629][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1482.144088][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1482.153730][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1482.168055][T25823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1482.178639][T25823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1482.189461][T25823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1482.204745][T25823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1482.215025][T25823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1482.225700][T25823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1482.236965][T25823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1482.246583][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1482.258428][T27297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1482.269012][T25823] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1482.277936][T25823] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1482.287089][T25823] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1482.295992][T25823] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1482.354116][T27297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1482.367362][T27297] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1482.382845][T17071] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1482.398058][T27297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1482.408679][T27297] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1482.418987][T27307] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1483.850492][T26051] netlink: 65047 bytes leftover after parsing attributes in process `syz.3.26091'. [ 1484.037443][T26056] netlink: 'syz.3.26094': attribute type 29 has an invalid length. [ 1484.065916][T26056] netlink: 'syz.3.26094': attribute type 29 has an invalid length. [ 1484.357278][T26067] netlink: 'syz.5.26110': attribute type 29 has an invalid length. [ 1484.393921][T26067] netlink: 'syz.5.26110': attribute type 29 has an invalid length. [ 1484.474243][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.480594][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 1485.956614][T26105] netlink: 60 bytes leftover after parsing attributes in process `syz.3.26116'. [ 1486.166094][T26120] netlink: 'syz.4.26125': attribute type 10 has an invalid length. [ 1486.211379][T26120] netlink: 148 bytes leftover after parsing attributes in process `syz.4.26125'. [ 1487.314779][T26158] netlink: 65047 bytes leftover after parsing attributes in process `syz.8.26140'. [ 1487.570966][T26173] netlink: 'syz.8.26146': attribute type 10 has an invalid length. [ 1487.580953][T26173] netlink: 148 bytes leftover after parsing attributes in process `syz.8.26146'. [ 1488.679578][T26200] netlink: 60 bytes leftover after parsing attributes in process `syz.4.26172'. [ 1488.827419][T26204] netlink: 'syz.4.26160': attribute type 5 has an invalid length. [ 1489.321402][T26216] netlink: 'syz.3.26169': attribute type 10 has an invalid length. [ 1489.329530][T26216] netlink: 148 bytes leftover after parsing attributes in process `syz.3.26169'. [ 1489.709610][T26232] netlink: 60 bytes leftover after parsing attributes in process `syz.5.26174'. [ 1490.269827][T26257] netlink: 'syz.5.26183': attribute type 10 has an invalid length. [ 1490.278111][T26257] netlink: 148 bytes leftover after parsing attributes in process `syz.5.26183'. [ 1491.280308][T26272] netlink: 'syz.5.26202': attribute type 17 has an invalid length. [ 1492.021408][T26304] netlink: 'syz.7.26209': attribute type 17 has an invalid length. [ 1492.574110][T26328] netlink: 'syz.7.26221': attribute type 5 has an invalid length. [ 1492.787468][T26334] netlink: 'syz.4.26224': attribute type 17 has an invalid length. [ 1493.365854][T26360] netlink: 'syz.5.26234': attribute type 5 has an invalid length. [ 1495.677428][T26457] netlink: 40 bytes leftover after parsing attributes in process `syz.5.26280'. [ 1495.706341][T26457] netlink: 3 bytes leftover after parsing attributes in process `syz.5.26280'. [ 1495.723399][T26457] netlink: 3 bytes leftover after parsing attributes in process `syz.5.26280'. [ 1495.738115][T26457] netlink: 3 bytes leftover after parsing attributes in process `syz.5.26280'. [ 1499.304730][T26581] netlink: 'syz.4.26342': attribute type 29 has an invalid length. [ 1499.313438][T26581] netlink: 'syz.4.26342': attribute type 29 has an invalid length. [ 1499.505156][T26588] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.26346'. [ 1500.104480][T26608] netlink: 'syz.4.26355': attribute type 21 has an invalid length. [ 1500.128277][T26608] netlink: 'syz.4.26355': attribute type 2 has an invalid length. [ 1500.139690][T26608] netlink: 15970 bytes leftover after parsing attributes in process `syz.4.26355'. [ 1500.650114][T26631] netlink: 40227 bytes leftover after parsing attributes in process `syz.5.26365'. [ 1500.867575][T26641] netlink: 60 bytes leftover after parsing attributes in process `syz.5.26368'. [ 1500.879705][T26641] netlink: 60 bytes leftover after parsing attributes in process `syz.5.26368'. [ 1500.893879][T26638] netlink: 60 bytes leftover after parsing attributes in process `syz.5.26368'. [ 1500.924987][T26641] netlink: 60 bytes leftover after parsing attributes in process `syz.5.26368'. [ 1501.220791][T26655] netlink: 'syz.4.26373': attribute type 21 has an invalid length. [ 1501.241415][T26655] netlink: 14546 bytes leftover after parsing attributes in process `syz.4.26373'. [ 1504.020142][T26756] netlink: 'syz.4.26421': attribute type 2 has an invalid length. [ 1504.028178][T26756] netlink: 17267 bytes leftover after parsing attributes in process `syz.4.26421'. [ 1504.669599][T26784] ================================================================== [ 1504.677715][T26784] BUG: KASAN: use-after-free in dev_map_enqueue+0x3c/0x340 [ 1504.684942][T26784] Read of size 8 at addr ffff88807ba1fa80 by task syz.4.26434/26784 [ 1504.692941][T26784] [ 1504.695286][T26784] CPU: 0 PID: 26784 Comm: syz.4.26434 Not tainted 6.1.127-syzkaller #0 [ 1504.703540][T26784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1504.713597][T26784] Call Trace: [ 1504.716872][T26784] [ 1504.719799][T26784] dump_stack_lvl+0x1e3/0x2cb [ 1504.724499][T26784] ? nf_tcp_handle_invalid+0x642/0x642 [ 1504.729982][T26784] ? panic+0x764/0x764 [ 1504.734056][T26784] ? _printk+0xd1/0x111 [ 1504.738210][T26784] ? __virt_addr_valid+0x17f/0x530 [ 1504.743325][T26784] ? __virt_addr_valid+0x17f/0x530 [ 1504.748453][T26784] print_report+0x15f/0x4f0 [ 1504.752970][T26784] ? __virt_addr_valid+0x17f/0x530 [ 1504.758083][T26784] ? __virt_addr_valid+0x17f/0x530 [ 1504.763215][T26784] ? __virt_addr_valid+0x45b/0x530 [ 1504.768329][T26784] ? __phys_addr+0xb6/0x170 [ 1504.772847][T26784] ? dev_map_enqueue+0x3c/0x340 [ 1504.777725][T26784] kasan_report+0x136/0x160 [ 1504.782252][T26784] ? dev_map_enqueue+0x3c/0x340 [ 1504.787127][T26784] dev_map_enqueue+0x3c/0x340 [ 1504.791827][T26784] xdp_do_redirect_frame+0x323/0x660 [ 1504.797142][T26784] bpf_test_run_xdp_live+0xbf4/0x1ea0 [ 1504.802538][T26784] ? __mutex_unlock_slowpath+0x218/0x750 [ 1504.808207][T26784] ? 0xffffffffa0003b40 [ 1504.812359][T26784] ? bpf_test_run_xdp_live+0x75c/0x1ea0 [ 1504.817927][T26784] ? xdp_convert_md_to_buff+0x330/0x330 [ 1504.823477][T26784] ? bpf_dispatcher_change_prog+0xdf5/0xf80 [ 1504.829390][T26784] ? 0xffffffffa0003b40 [ 1504.833552][T26784] ? trace_raw_output_bpf_test_finish+0xd0/0xd0 [ 1504.839802][T26784] ? __might_fault+0xbd/0x110 [ 1504.844505][T26784] ? _copy_from_user+0x109/0x170 [ 1504.849474][T26784] ? bpf_test_init+0x15a/0x180 [ 1504.854239][T26784] ? xdp_convert_md_to_buff+0x5b/0x330 [ 1504.859696][T26784] bpf_prog_test_run_xdp+0x7d1/0x1130 [ 1504.865092][T26784] ? dev_put+0x80/0x80 [ 1504.869172][T26784] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 1504.875335][T26784] ? lockdep_hardirqs_on+0x94/0x130 [ 1504.880552][T26784] ? dev_put+0x80/0x80 [ 1504.884615][T26784] bpf_prog_test_run+0x32f/0x3a0 [ 1504.889541][T26784] __sys_bpf+0x3eb/0x6c0 [ 1504.893785][T26784] ? bpf_link_show_fdinfo+0x300/0x300 [ 1504.899166][T26784] ? ct_irq_exit_irqson+0x13c/0x1b0 [ 1504.904365][T26784] ? syscall_enter_from_user_mode+0x37/0x230 [ 1504.910343][T26784] __x64_sys_bpf+0x78/0x90 [ 1504.914792][T26784] do_syscall_64+0x3b/0xb0 [ 1504.919211][T26784] ? clear_bhb_loop+0x45/0xa0 [ 1504.923902][T26784] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1504.929818][T26784] RIP: 0033:0x7f34e098cda9 [ 1504.934223][T26784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1504.953820][T26784] RSP: 002b:00007f34e07ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1504.962245][T26784] RAX: ffffffffffffffda RBX: 00007f34e0ba5fa0 RCX: 00007f34e098cda9 [ 1504.970212][T26784] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a [ 1504.978186][T26784] RBP: 00007f34e0a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1504.986185][T26784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1504.994148][T26784] R13: 0000000000000000 R14: 00007f34e0ba5fa0 R15: 00007ffeb25544b8 [ 1505.002116][T26784] [ 1505.005232][T26784] [ 1505.007544][T26784] Allocated by task 26668: [ 1505.011946][T26784] kasan_set_track+0x4b/0x70 [ 1505.016533][T26784] __kasan_kmalloc+0x97/0xb0 [ 1505.021117][T26784] __kmalloc_node+0xb3/0x230 [ 1505.025711][T26784] bpf_map_kmalloc_node+0xce/0x1c0 [ 1505.030841][T26784] __dev_map_alloc_node+0x56/0x4d0 [ 1505.035951][T26784] dev_map_update_elem+0x1eb/0x3c0 [ 1505.041056][T26784] bpf_map_update_value+0x5cf/0x6f0 [ 1505.046254][T26784] map_update_elem+0x503/0x680 [ 1505.051022][T26784] __sys_bpf+0x337/0x6c0 [ 1505.055263][T26784] __x64_sys_bpf+0x78/0x90 [ 1505.059674][T26784] do_syscall_64+0x3b/0xb0 [ 1505.064085][T26784] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1505.070000][T26784] [ 1505.072329][T26784] Freed by task 27297: [ 1505.076412][T26784] kasan_set_track+0x4b/0x70 [ 1505.081035][T26784] kasan_save_free_info+0x27/0x40 [ 1505.086089][T26784] ____kasan_slab_free+0xd6/0x120 [ 1505.091113][T26784] __kmem_cache_free+0x25c/0x3c0 [ 1505.096043][T26784] dev_map_free+0x571/0x690 [ 1505.100541][T26784] process_one_work+0x8a9/0x11d0 [ 1505.105493][T26784] worker_thread+0xa47/0x1200 [ 1505.110168][T26784] kthread+0x28d/0x320 [ 1505.114227][T26784] ret_from_fork+0x1f/0x30 [ 1505.118641][T26784] [ 1505.120957][T26784] Last potentially related work creation: [ 1505.126680][T26784] kasan_save_stack+0x3b/0x60 [ 1505.131390][T26784] __kasan_record_aux_stack+0xb0/0xc0 [ 1505.136759][T26784] kvfree_call_rcu+0x116/0x8c0 [ 1505.141529][T26784] trie_update_elem+0x9be/0xdd0 [ 1505.146409][T26784] bpf_map_update_value+0x5cf/0x6f0 [ 1505.151795][T26784] generic_map_update_batch+0x579/0x920 [ 1505.157356][T26784] bpf_map_do_batch+0x4d0/0x620 [ 1505.162201][T26784] __sys_bpf+0x658/0x6c0 [ 1505.166451][T26784] __x64_sys_bpf+0x78/0x90 [ 1505.170883][T26784] do_syscall_64+0x3b/0xb0 [ 1505.175311][T26784] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1505.181240][T26784] [ 1505.183572][T26784] Second to last potentially related work creation: [ 1505.190142][T26784] kasan_save_stack+0x3b/0x60 [ 1505.194810][T26784] __kasan_record_aux_stack+0xb0/0xc0 [ 1505.200179][T26784] call_rcu+0x163/0xa10 [ 1505.204328][T26784] __nf_register_net_hook+0x788/0x930 [ 1505.209692][T26784] nf_register_net_hook+0xac/0x180 [ 1505.214794][T26784] nf_register_net_hooks+0x3d/0x1a0 [ 1505.219997][T26784] ip6t_register_table+0x4d0/0x7b0 [ 1505.225114][T26784] ip6table_security_table_init+0x3e/0x60 [ 1505.230849][T26784] xt_find_table_lock+0x31a/0x3f0 [ 1505.235863][T26784] xt_request_find_table_lock+0x22/0xf0 [ 1505.241411][T26784] do_ip6t_get_ctl+0x86d/0x18a0 [ 1505.246278][T26784] nf_getsockopt+0x28e/0x2b0 [ 1505.250868][T26784] ipv6_getsockopt+0x259/0x370 [ 1505.255632][T26784] tcp_getsockopt+0x15c/0x1c0 [ 1505.260327][T26784] __sys_getsockopt+0x2b2/0x5d0 [ 1505.265198][T26784] __x64_sys_getsockopt+0xb1/0xc0 [ 1505.270243][T26784] do_syscall_64+0x3b/0xb0 [ 1505.274678][T26784] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1505.280593][T26784] [ 1505.282926][T26784] The buggy address belongs to the object at ffff88807ba1fa80 [ 1505.282926][T26784] which belongs to the cache kmalloc-cg-96 of size 96 [ 1505.297074][T26784] The buggy address is located 0 bytes inside of [ 1505.297074][T26784] 96-byte region [ffff88807ba1fa80, ffff88807ba1fae0) [ 1505.310092][T26784] [ 1505.312432][T26784] The buggy address belongs to the physical page: [ 1505.318874][T26784] page:ffffea0001ee87c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ba1f [ 1505.329041][T26784] memcg:ffff88807d05a401 [ 1505.333296][T26784] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff) [ 1505.340888][T26784] raw: 00fff00000000200 ffffea00017d3c00 dead000000000006 ffff888017c428c0 [ 1505.349486][T26784] raw: 0000000000000000 0000000000200020 00000001ffffffff ffff88807d05a401 [ 1505.358081][T26784] page dumped because: kasan: bad access detected [ 1505.364510][T26784] page_owner tracks the page as allocated [ 1505.370229][T26784] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 4252, tgid 4252 (syz-executor), ts 86442801261, free_ts 80852473431 [ 1505.388468][T26784] post_alloc_hook+0x18d/0x1b0 [ 1505.393235][T26784] get_page_from_freelist+0x3731/0x38d0 [ 1505.398788][T26784] __alloc_pages+0x28d/0x770 [ 1505.403380][T26784] alloc_slab_page+0x6a/0x150 [ 1505.408063][T26784] new_slab+0x84/0x2d0 [ 1505.412152][T26784] ___slab_alloc+0xc20/0x1270 [ 1505.416827][T26784] __kmem_cache_alloc_node+0x19f/0x260 [ 1505.422286][T26784] __kmalloc_node+0xa2/0x230 [ 1505.426873][T26784] kvmalloc_node+0x6e/0x180 [ 1505.431373][T26784] nf_hook_entries_grow+0x331/0x760 [ 1505.436566][T26784] __nf_register_net_hook+0x29c/0x930 [ 1505.441936][T26784] nf_register_net_hook+0xac/0x180 [ 1505.447047][T26784] nf_register_net_hooks+0x3d/0x1a0 [ 1505.452338][T26784] ebt_register_table+0xd56/0x10c0 [ 1505.457444][T26784] find_inlist_lock_noload+0x17e/0x260 [ 1505.462916][T26784] do_ebt_get_ctl+0x3cb/0x2970 [ 1505.467678][T26784] page last free stack trace: [ 1505.472340][T26784] free_unref_page_prepare+0x12a6/0x15b0 [ 1505.477963][T26784] free_unref_page+0x33/0x3e0 [ 1505.482632][T26784] qlist_free_all+0x76/0xe0 [ 1505.487169][T26784] kasan_quarantine_reduce+0x156/0x170 [ 1505.492639][T26784] __kasan_slab_alloc+0x1f/0x70 [ 1505.497487][T26784] slab_post_alloc_hook+0x52/0x3a0 [ 1505.502598][T26784] kmem_cache_alloc_node+0x136/0x310 [ 1505.507900][T26784] __alloc_skb+0xde/0x670 [ 1505.512224][T26784] netlink_ack+0x392/0x1290 [ 1505.516728][T26784] netlink_rcv_skb+0x24a/0x410 [ 1505.521493][T26784] netlink_unicast+0x7d8/0x970 [ 1505.526263][T26784] netlink_sendmsg+0xa26/0xd60 [ 1505.531029][T26784] __sys_sendto+0x480/0x600 [ 1505.535536][T26784] __x64_sys_sendto+0xda/0xf0 [ 1505.540231][T26784] do_syscall_64+0x3b/0xb0 [ 1505.544648][T26784] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1505.550629][T26784] [ 1505.552946][T26784] Memory state around the buggy address: [ 1505.558569][T26784] ffff88807ba1f980: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 1505.566625][T26784] ffff88807ba1fa00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 1505.574677][T26784] >ffff88807ba1fa80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 1505.582748][T26784] ^ [ 1505.586806][T26784] ffff88807ba1fb00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 1505.594861][T26784] ffff88807ba1fb80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 1505.603007][T26784] ================================================================== [ 1505.611317][T26784] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1505.618526][T26784] CPU: 0 PID: 26784 Comm: syz.4.26434 Not tainted 6.1.127-syzkaller #0 [ 1505.626877][T26784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1505.636938][T26784] Call Trace: [ 1505.640212][T26784] [ 1505.643145][T26784] dump_stack_lvl+0x1e3/0x2cb [ 1505.647831][T26784] ? nf_tcp_handle_invalid+0x642/0x642 [ 1505.653297][T26784] ? panic+0x764/0x764 [ 1505.657544][T26784] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 1505.663699][T26784] ? vscnprintf+0x59/0x80 [ 1505.668029][T26784] panic+0x318/0x764 [ 1505.671935][T26784] ? check_panic_on_warn+0x1d/0xa0 [ 1505.677058][T26784] ? memcpy_page_flushcache+0xfc/0xfc [ 1505.682456][T26784] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 1505.688353][T26784] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 1505.694252][T26784] ? _raw_spin_unlock+0x40/0x40 [ 1505.699103][T26784] ? print_report+0x4a3/0x4f0 [ 1505.703782][T26784] check_panic_on_warn+0x7e/0xa0 [ 1505.708757][T26784] ? dev_map_enqueue+0x3c/0x340 [ 1505.713605][T26784] end_report+0x66/0x110 [ 1505.717842][T26784] kasan_report+0x143/0x160 [ 1505.722343][T26784] ? dev_map_enqueue+0x3c/0x340 [ 1505.727208][T26784] dev_map_enqueue+0x3c/0x340 [ 1505.731881][T26784] xdp_do_redirect_frame+0x323/0x660 [ 1505.737165][T26784] bpf_test_run_xdp_live+0xbf4/0x1ea0 [ 1505.742544][T26784] ? __mutex_unlock_slowpath+0x218/0x750 [ 1505.748183][T26784] ? 0xffffffffa0003b40 [ 1505.752335][T26784] ? bpf_test_run_xdp_live+0x75c/0x1ea0 [ 1505.757879][T26784] ? xdp_convert_md_to_buff+0x330/0x330 [ 1505.763425][T26784] ? bpf_dispatcher_change_prog+0xdf5/0xf80 [ 1505.769321][T26784] ? 0xffffffffa0003b40 [ 1505.773478][T26784] ? trace_raw_output_bpf_test_finish+0xd0/0xd0 [ 1505.779737][T26784] ? __might_fault+0xbd/0x110 [ 1505.784428][T26784] ? _copy_from_user+0x109/0x170 [ 1505.789367][T26784] ? bpf_test_init+0x15a/0x180 [ 1505.794135][T26784] ? xdp_convert_md_to_buff+0x5b/0x330 [ 1505.799590][T26784] bpf_prog_test_run_xdp+0x7d1/0x1130 [ 1505.804966][T26784] ? dev_put+0x80/0x80 [ 1505.809027][T26784] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 1505.815173][T26784] ? lockdep_hardirqs_on+0x94/0x130 [ 1505.820379][T26784] ? dev_put+0x80/0x80 [ 1505.824448][T26784] bpf_prog_test_run+0x32f/0x3a0 [ 1505.829394][T26784] __sys_bpf+0x3eb/0x6c0 [ 1505.833640][T26784] ? bpf_link_show_fdinfo+0x300/0x300 [ 1505.839024][T26784] ? ct_irq_exit_irqson+0x13c/0x1b0 [ 1505.844223][T26784] ? syscall_enter_from_user_mode+0x37/0x230 [ 1505.850208][T26784] __x64_sys_bpf+0x78/0x90 [ 1505.854637][T26784] do_syscall_64+0x3b/0xb0 [ 1505.859047][T26784] ? clear_bhb_loop+0x45/0xa0 [ 1505.863751][T26784] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1505.869685][T26784] RIP: 0033:0x7f34e098cda9 [ 1505.874113][T26784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1505.893722][T26784] RSP: 002b:00007f34e07ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1505.902152][T26784] RAX: ffffffffffffffda RBX: 00007f34e0ba5fa0 RCX: 00007f34e098cda9 [ 1505.910123][T26784] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a [ 1505.918100][T26784] RBP: 00007f34e0a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1505.926065][T26784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1505.934052][T26784] R13: 0000000000000000 R14: 00007f34e0ba5fa0 R15: 00007ffeb25544b8 [ 1505.942044][T26784] [ 1505.945375][T26784] Kernel Offset: disabled [ 1505.949710][T26784] Rebooting in 86400 seconds..