last executing test programs: 1m9.662944818s ago: executing program 3 (id=2899): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x50, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_KEY={0x34, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "403a050c5bae9c544ef2b6d713459a7a"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xfc}, @NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}]}]}, 0x50}}, 0x0) 1m9.220130239s ago: executing program 3 (id=2905): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x7b}, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x490c2283}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x840) 59.897498487s ago: executing program 3 (id=2905): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x7b}, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x490c2283}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x840) 45.75434321s ago: executing program 3 (id=2905): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x7b}, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x490c2283}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x840) 44.411023083s ago: executing program 2 (id=3202): r0 = socket(0x2, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x80, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000740)={r1, &(0x7f00000002c0)="106ba50ea8f97d43ef13e4be4784030bbd9a90303dc4f49cf3b88aa7eae11eba17e0", &(0x7f0000000200)=@tcp6=r0}, 0x20) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r1, &(0x7f0000000180), 0x0}, 0x20) 44.192671855s ago: executing program 2 (id=3206): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r1, r0, 0x2, 0x0, 0x4000, @void, @value}, 0x10) socket$kcm(0x2, 0x2, 0x73) 44.013193859s ago: executing program 2 (id=3209): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x5}}, 0xe8) syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x3, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast=0xac14140a, @multicast1}}}}}}, 0x0) 43.557691175s ago: executing program 2 (id=3213): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)={0x24, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x2e}]}, 0x24}, 0x1, 0x6c00}, 0x0) 29.117902463s ago: executing program 3 (id=2905): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x7b}, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x490c2283}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x840) 24.149570782s ago: executing program 2 (id=3213): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)={0x24, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x2e}]}, 0x24}, 0x1, 0x6c00}, 0x0) 11.900622301s ago: executing program 3 (id=2905): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x7b}, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x490c2283}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x840) 10.826322166s ago: executing program 2 (id=3213): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)={0x24, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x2e}]}, 0x24}, 0x1, 0x6c00}, 0x0) 8.215265704s ago: executing program 1 (id=3504): unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$xdp(0x2c, 0x3, 0x0) r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000000a00)={&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, 0x0}, 0x880) 5.67782075s ago: executing program 1 (id=3511): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r1, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) sendfile(r1, r0, 0x0, 0xffefffff) shutdown(r1, 0x0) 4.621897272s ago: executing program 1 (id=3520): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000005c0), 0x10) recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/152, 0x98}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4) sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}, 0x1, 0x0, 0x0, 0x50}, 0x0) 4.151654811s ago: executing program 1 (id=3524): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000008a80)=[{&(0x7f00000086c0)=""/48, 0x30}, {&(0x7f0000001800)=""/202, 0xca}], 0x2}}], 0x1, 0x0, 0x0) sendmsg$key(r1, &(0x7f0000002a80)={0x0, 0x0, &(0x7f0000002a40)={&(0x7f0000000640)=ANY=[], 0x120}}, 0x0) 3.983356109s ago: executing program 1 (id=3525): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x12, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80, 0x10000000) 2.632904351s ago: executing program 0 (id=3526): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000480)='mm_page_alloc\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) socketpair(0x10, 0x80000, 0x4, 0x0) 2.623070283s ago: executing program 1 (id=3527): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) pipe(&(0x7f00000045c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r3, &(0x7f0000002480)=[{&(0x7f00000001c0)="9718b7b35f", 0x5}], 0x1, 0x0) splice(r2, 0x0, r1, 0x0, 0xe8, 0x0) 2.528274223s ago: executing program 0 (id=3528): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_RETRY_LONG={0x5}, @NL80211_ATTR_TXQ_QUANTUM={0x8}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}}, 0x28}}, 0x0) 1.422434338s ago: executing program 0 (id=3530): unshare(0x28000600) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000007280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8010) poll(&(0x7f0000000000)=[{r1}], 0x1, 0x0) 1.375244763s ago: executing program 0 (id=3531): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000680)={'#! ', '', [{0x20, '#\x00\x00\x19G\xef\xacV`^\xc4\xfc\xdb\x9b\xe3Z\xd0B\x1a\xe4\x9e\xe0\xbc\xf6\xca\xfdC\xba%a\xa9\x87`\xec\f\xe2\x8fW\x8f\x82\xad\xa6\x02\xcdl\xf7I\xf2p\x95\x15\xfa\x8b(\xa6kd\x94\xe41Q\x14\x92&\xe8\x115L6\xc8V\xe6D\xfc\x10\xf8\xed\x1f\xfd\xa89\x11\xad\x97c\xe3\x8a\xe1\t\x81\x8a\xf0\x17Xi\xb8\x0f\x8a`\xf5\x92\xe5\x17\xf7v\a9\x0fl\xd7\xcc\xa3\xc0S\b\xf4\xb2~\xa1\xff\x19\xdb\xcd\xb3\x04<\x7f\xde\xee\x03\x12w\x99]\xd4\xdcM\x04\xe1\x06k\x02\t\xd8\xa7i\xa2\x96\xf4#|\x1e\x8fN\xbf\x92\xd7\x8ab\x8d<\xa4\x1b7\xc1e=\xe4\xd7\"\xe17\xe0M\x00\t!\xf6u\a\xb1\xe1\x94\x0ezM\xed\xa8\xd2'}], 0xa, "903233de30c98d96da89f7df78bad1649a4e8100cb266ef6e8ca50f44c990b6655286c7d63d13a6ab1d8d6a706057d918ad8f44d26728fb5ceddab64cbaf255cf6a179cd972daaa8542affc75e8db1b998ece9ad07f909ee67cd32dd2ddf12bd1500000000aebe65af74ce363d888776afd4b1921d3b361eac9175f6a86a49952432d4"}, 0x145) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) bpf$BPF_PROG_TEST_RUN(0xd, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.12560708s ago: executing program 4 (id=3532): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GTP_LOCAL6={0x14, 0x8, @empty}, @IFLA_GTP_CREATE_SOCKETS={0x5}]}}}]}, 0x4c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="140004006e7363766630000000000001010000000800050006000000180017800400040004"], 0x50}}, 0x0) 1.102430519s ago: executing program 0 (id=3533): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x6, 0x3}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001c40)=""/4096, 0x1000}], 0x1}, 0xfffffffc}], 0x1, 0x0, 0x0) 976.067301ms ago: executing program 4 (id=3534): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x8000002}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f00000003c0)=0xa566, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x2200c041, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x10) sendto$inet6(r0, &(0x7f0000000080)='D', 0x1, 0x0, 0x0, 0x0) 781.328628ms ago: executing program 4 (id=3535): sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x1, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4008819}, 0x8d0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map, 0xffffffffffffffff, 0x5, 0x0, 0x0, @void, @value}, 0x10) 675.865578ms ago: executing program 4 (id=3536): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "77746a315690a576", "07f217bd2e511e465bbbd5de32b495b2f9044677d4d588360663af84db44be59", "9bbf8c07", "8ce63ecbc640735f"}, 0x38) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@ccm_128={{0x304}, "a9b5c6deba0eb9bc", "a8b47cf5e2a5fe99e3d1e3b179fa23c4", "b68c138e", "cba837614597f417"}, 0x28) 554.38636ms ago: executing program 4 (id=3537): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="c9", 0x1) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xb}, 0x1c) syz_emit_ethernet(0x67, &(0x7f0000000bc0)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x31, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x3, 0x2, 0x0, 0x0, {0x0, 0x6, "020810", 0x0, 0x11, 0x0, @private1, @empty, [], "fb"}}}}}}}, 0x0) 169.222506ms ago: executing program 0 (id=3538): r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108) r1 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108) setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @dev}}}, 0x108) close(r1) 0s ago: executing program 4 (id=3539): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): lmulticast mode [ 78.173303][ T5704] netlink: 'syz.4.185': attribute type 1 has an invalid length. [ 78.204999][ T5704] netlink: 9312 bytes leftover after parsing attributes in process `syz.4.185'. [ 78.245918][ T5704] netlink: 'syz.4.185': attribute type 1 has an invalid length. [ 78.425264][ T5710] syzkaller0: tun_chr_ioctl cmd 2147767506 [ 78.954254][ T5735] netlink: 8 bytes leftover after parsing attributes in process `syz.0.200'. [ 79.066503][ T5740] veth1_macvtap: left promiscuous mode [ 79.216864][ T5748] netem: incorrect ge model size [ 79.235338][ T5748] netem: change failed [ 79.473321][ T5756] netlink: 5292 bytes leftover after parsing attributes in process `syz.1.209'. [ 79.494569][ T5756] netlink: 60 bytes leftover after parsing attributes in process `syz.1.209'. [ 79.517239][ T5756] netlink: 5292 bytes leftover after parsing attributes in process `syz.1.209'. [ 80.072987][ T5781] IPVS: persistence engine module ip_vs_pe_@ not found [ 80.766053][ T5809] netlink: 4 bytes leftover after parsing attributes in process `syz.0.235'. [ 81.024528][ T5816] netlink: 2124 bytes leftover after parsing attributes in process `syz.4.238'. [ 81.688271][ T5829] tun0: tun_chr_ioctl cmd 2147767519 [ 82.304002][ T5856] netlink: 40 bytes leftover after parsing attributes in process `syz.4.256'. [ 82.356735][ T5860] netlink: 'syz.1.259': attribute type 12 has an invalid length. [ 82.381000][ T5860] netlink: 'syz.1.259': attribute type 11 has an invalid length. [ 82.415056][ T5860] netlink: 190580 bytes leftover after parsing attributes in process `syz.1.259'. [ 82.767916][ T5875] netlink: 20 bytes leftover after parsing attributes in process `syz.1.265'. [ 83.702611][ T5904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.278'. [ 83.740078][ T5904] vlan2: entered allmulticast mode [ 83.751505][ T5904] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 84.635203][ T5928] netlink: 'syz.2.287': attribute type 1 has an invalid length. [ 84.642911][ T5928] netlink: 9116 bytes leftover after parsing attributes in process `syz.2.287'. [ 84.684908][ T5928] netlink: 'syz.2.287': attribute type 1 has an invalid length. [ 84.705768][ T5928] netlink: 217 bytes leftover after parsing attributes in process `syz.2.287'. [ 85.345376][ T5960] netlink: 'syz.4.304': attribute type 1 has an invalid length. [ 85.370540][ T5960] netlink: 224 bytes leftover after parsing attributes in process `syz.4.304'. [ 85.582100][ T5966] netlink: 188 bytes leftover after parsing attributes in process `syz.2.306'. [ 85.789409][ T5980] netlink: 'syz.3.314': attribute type 3 has an invalid length. [ 86.153420][ T5998] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 86.307071][ T6004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.325'. [ 86.645369][ T6016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.331'. [ 86.862426][ T6032] Zero length message leads to an empty skb [ 87.015315][ T6044] netlink: 'syz.0.342': attribute type 14 has an invalid length. [ 87.484013][ T6069] pimreg: entered allmulticast mode [ 87.513854][ T6069] pimreg: left allmulticast mode [ 88.213524][ T6116] netlink: 'syz.0.378': attribute type 14 has an invalid length. [ 88.495226][ T6133] __nla_validate_parse: 2 callbacks suppressed [ 88.495245][ T6133] netlink: 12 bytes leftover after parsing attributes in process `syz.0.387'. [ 89.551742][ T6198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.417'. [ 89.691049][ T6210] netlink: 40 bytes leftover after parsing attributes in process `syz.0.421'. [ 89.848607][ T6217] netlink: 20 bytes leftover after parsing attributes in process `syz.3.426'. [ 89.864824][ T6220] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 89.879406][ T6217] netlink: 20 bytes leftover after parsing attributes in process `syz.3.426'. [ 89.905066][ T6217] netlink: 20 bytes leftover after parsing attributes in process `syz.3.426'. [ 90.021513][ T6227] netlink: 'syz.4.431': attribute type 5 has an invalid length. [ 90.103674][ T6235] netlink: 4 bytes leftover after parsing attributes in process `syz.2.434'. [ 90.154258][ T6235] netlink: 20 bytes leftover after parsing attributes in process `syz.2.434'. [ 90.981846][ T6284] netlink: 'syz.1.455': attribute type 3 has an invalid length. [ 90.994488][ T6284] netlink: 'syz.1.455': attribute type 3 has an invalid length. [ 91.481840][ T6315] netlink: 4 bytes leftover after parsing attributes in process `syz.3.468'. [ 92.176680][ T6352] netlink: 4 bytes leftover after parsing attributes in process `syz.4.485'. [ 92.357684][ T6358] wireguard0: entered promiscuous mode [ 92.363199][ T6358] wireguard0: entered allmulticast mode [ 93.634659][ T6430] netlink: 'syz.1.522': attribute type 1 has an invalid length. [ 93.673367][ T6431] __nla_validate_parse: 1 callbacks suppressed [ 93.673387][ T6431] netlink: 12 bytes leftover after parsing attributes in process `syz.4.521'. [ 93.952346][ T6443] Bluetooth: MGMT ver 1.23 [ 94.035763][ T6451] netlink: 20 bytes leftover after parsing attributes in process `syz.4.532'. [ 94.119607][ T6454] ipvlan2: entered promiscuous mode [ 94.480723][ T6478] netlink: 4 bytes leftover after parsing attributes in process `syz.4.544'. [ 94.653470][ T6486] macvlan0: entered promiscuous mode [ 94.671057][ T6486] batadv_slave_0: entered promiscuous mode [ 94.724400][ T6489] ip6gretap0: entered promiscuous mode [ 94.742046][ T6489] ip6gretap0: left promiscuous mode [ 95.305729][ T6518] vxcan1: tx address claim with dlc 9 [ 96.044913][ T54] Bluetooth: hci3: command 0x1407 tx timeout [ 96.051082][ T5237] Bluetooth: hci3: Opcode 0x1407 failed: -110 [ 96.367548][ T6563] netlink: 296 bytes leftover after parsing attributes in process `syz.3.582'. [ 96.381626][ T6563] unsupported nlmsg_type 40 [ 96.453093][ T6569] netlink: 264 bytes leftover after parsing attributes in process `syz.3.584'. [ 97.041282][ T6600] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 97.066461][ T6600] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 97.164162][ T6561] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 98.224036][ T6659] netlink: 4 bytes leftover after parsing attributes in process `syz.3.624'. [ 98.389912][ T6668] Bluetooth: hci0: load_link_keys: too big key_count value 65280 [ 98.444869][ T5237] Bluetooth: hci0: command 0x0401 tx timeout [ 98.690549][ T6684] netlink: 32 bytes leftover after parsing attributes in process `syz.4.637'. [ 98.793089][ T6687] netlink: 'syz.1.638': attribute type 11 has an invalid length. [ 99.013127][ T6698] netlink: 148 bytes leftover after parsing attributes in process `syz.4.644'. [ 99.022320][ T6698] netlink: 'syz.4.644': attribute type 2 has an invalid length. [ 99.035240][ T6698] netlink: 60 bytes leftover after parsing attributes in process `syz.4.644'. [ 99.566404][ T6720] netlink: 44 bytes leftover after parsing attributes in process `syz.1.654'. [ 99.591506][ T6720] netlink: 40 bytes leftover after parsing attributes in process `syz.1.654'. [ 100.112012][ T6748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.664'. [ 100.543657][ T6763] netlink: 'syz.3.669': attribute type 7 has an invalid length. [ 101.263286][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.689'. [ 101.280132][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.689'. [ 101.407749][ T6807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.691'. [ 101.971387][ T6833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.702'. [ 102.010707][ T6833] ipvlan2: entered allmulticast mode [ 102.032911][ T6833] veth0_vlan: entered allmulticast mode [ 102.679622][ T6876] netlink: 'syz.1.725': attribute type 12 has an invalid length. [ 102.705302][ T6876] netlink: 'syz.1.725': attribute type 29 has an invalid length. [ 102.713250][ T6876] netlink: 'syz.1.725': attribute type 2 has an invalid length. [ 102.733150][ T6878] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 103.138527][ T6902] wg1: entered promiscuous mode [ 104.726644][ T6996] __nla_validate_parse: 4 callbacks suppressed [ 104.726662][ T6996] netlink: 60 bytes leftover after parsing attributes in process `syz.1.782'. [ 104.882066][ T7005] bridge0: port 3(bond0) entered blocking state [ 104.904065][ T7005] bridge0: port 3(bond0) entered disabled state [ 104.931648][ T7005] bond0: entered allmulticast mode [ 104.939917][ T7005] bond_slave_0: entered allmulticast mode [ 104.966724][ T7005] bond_slave_1: entered allmulticast mode [ 105.004307][ T7005] bond0: entered promiscuous mode [ 105.026215][ T7005] bond_slave_0: entered promiscuous mode [ 105.034407][ T7005] bond_slave_1: entered promiscuous mode [ 105.052668][ T7005] bridge0: port 3(bond0) entered blocking state [ 105.059446][ T7005] bridge0: port 3(bond0) entered forwarding state [ 105.087658][ T941] IPVS: starting estimator thread 0... [ 105.166084][ T7023] netlink: 16 bytes leftover after parsing attributes in process `syz.0.795'. [ 105.185427][ T7021] IPVS: using max 17 ests per chain, 40800 per kthread [ 105.218329][ T7027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.797'. [ 105.813613][ T7051] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 105.832857][ T7051] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 106.015098][ T7069] netlink: 12 bytes leftover after parsing attributes in process `syz.1.815'. [ 106.258890][ T7082] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.821'. [ 106.290548][ T7082] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 106.711935][ T7104] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 106.911519][ T7117] netlink: 'syz.4.839': attribute type 1 has an invalid length. [ 106.947661][ T7117] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.839'. [ 106.979558][ T7117] netlink: 'syz.4.839': attribute type 1 has an invalid length. [ 107.428314][ T7144] netlink: 'syz.1.852': attribute type 4 has an invalid length. [ 107.452745][ T7144] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check. [ 107.554194][ T7151] netlink: 32 bytes leftover after parsing attributes in process `syz.1.855'. [ 107.564457][ T7151] netem: unknown loss type 13 [ 107.571503][ T7151] netem: change failed [ 107.687248][ T7159] netlink: 'syz.3.859': attribute type 9 has an invalid length. [ 107.710372][ T7161] netlink: 'syz.0.860': attribute type 12 has an invalid length. [ 107.719010][ T7161] bond0: option primary_reselect: invalid value (255) [ 107.739693][ T7163] tun0: tun_chr_ioctl cmd 1074025677 [ 107.750359][ T7163] tun0: linktype set to 778 [ 107.844468][ T7167] netlink: 40 bytes leftover after parsing attributes in process `syz.3.863'. [ 108.351921][ T7197] bridge0: left allmulticast mode [ 108.534500][ T7206] netlink: 52 bytes leftover after parsing attributes in process `syz.0.880'. [ 109.020693][ T7238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.897'. [ 109.507796][ T7269] netlink: 'syz.4.906': attribute type 1 has an invalid length. [ 110.523969][ T7327] netlink: 'syz.0.927': attribute type 1 has an invalid length. [ 110.555014][ T7327] __nla_validate_parse: 2 callbacks suppressed [ 110.555032][ T7327] netlink: 9324 bytes leftover after parsing attributes in process `syz.0.927'. [ 110.603720][ T7327] netlink: 'syz.0.927': attribute type 1 has an invalid length. [ 110.630117][ T7327] netlink: 16 bytes leftover after parsing attributes in process `syz.0.927'. [ 111.330750][ T7373] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.337940][ T7373] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.561775][ T7445] netlink: 'syz.3.976': attribute type 1 has an invalid length. [ 112.585446][ T7445] netlink: 9328 bytes leftover after parsing attributes in process `syz.3.976'. [ 112.651047][ T7450] netlink: 'syz.2.978': attribute type 11 has an invalid length. [ 112.662625][ T7450] netlink: 140 bytes leftover after parsing attributes in process `syz.2.978'. [ 112.817015][ T7458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.854869][ T7458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.877747][ T7461] xt_TCPMSS: Only works on TCP SYN packets [ 112.891733][ T7458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.909272][ T7458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.930653][ T7458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.963047][ T7458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.985845][ T7458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.011222][ T7458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.045325][ T7466] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 114.463415][ T7539] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1020'. [ 114.492334][ T7539] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1020'. [ 114.537103][ C0] hrtimer: interrupt took 1266427 ns [ 114.555636][ T7542] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 114.690998][ T7550] netlink: 'syz.0.1026': attribute type 1 has an invalid length. [ 114.800389][ T7554] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 115.290648][ T7575] tun0: tun_chr_ioctl cmd 1074025677 [ 115.300413][ T7575] tun0: linktype set to 774 [ 115.303313][ T7578] netlink: 'syz.0.1040': attribute type 1 has an invalid length. [ 115.330538][ T7578] netlink: 9352 bytes leftover after parsing attributes in process `syz.0.1040'. [ 115.342026][ T7578] netlink: 'syz.0.1040': attribute type 1 has an invalid length. [ 115.351732][ T7578] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1040'. [ 115.740484][ T7602] sch_fq: defrate 0 ignored. [ 116.189556][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1059'. [ 116.214888][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1059'. [ 116.347372][ T7627] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1061'. [ 116.384862][ T7631] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1062'. [ 116.541207][ T7636] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1067'. [ 116.964958][ T7660] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1075'. [ 117.320691][ T7666] netlink: 'syz.4.1077': attribute type 11 has an invalid length. [ 117.962542][ T7689] macsec1: entered promiscuous mode [ 117.983973][ T7689] vlan0: entered promiscuous mode [ 118.003445][ T7689] vlan0: left promiscuous mode [ 118.432976][ T7709] netlink: 'syz.0.1098': attribute type 1 has an invalid length. [ 118.453257][ T7709] netlink: 'syz.0.1098': attribute type 1 has an invalid length. [ 118.463268][ T7709] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.1098'. [ 118.682496][ T7719] pim6reg: entered allmulticast mode [ 118.702670][ T7719] pim6reg: left allmulticast mode [ 118.827476][ T7723] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1104'. [ 119.156277][ T7739] netlink: 'syz.2.1113': attribute type 1 has an invalid length. [ 119.166757][ T7739] netlink: 'syz.2.1113': attribute type 2 has an invalid length. [ 119.517250][ T7758] netlink: 'syz.1.1123': attribute type 1 has an invalid length. [ 119.541094][ T7758] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1123'. [ 120.309417][ T7799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1143'. [ 120.687207][ T7818] team0: entered promiscuous mode [ 120.708363][ T7818] team_slave_0: entered promiscuous mode [ 120.731913][ T7818] team_slave_1: entered promiscuous mode [ 120.752794][ T7816] team0: left promiscuous mode [ 120.770834][ T7816] team_slave_0: left promiscuous mode [ 120.791947][ T7816] team_slave_1: left promiscuous mode [ 121.242969][ T7836] __nla_validate_parse: 1 callbacks suppressed [ 121.243050][ T7836] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1161'. [ 121.632980][ T7856] netlink: 'syz.1.1171': attribute type 9 has an invalid length. [ 121.648658][ T7856] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1171'. [ 121.723355][ T7859] netlink: 'syz.1.1171': attribute type 9 has an invalid length. [ 121.759550][ T7859] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1171'. [ 122.300378][ T7872] netlink: 'syz.3.1176': attribute type 5 has an invalid length. [ 122.323098][ T7875] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1177'. [ 122.413820][ T7875] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1177'. [ 123.197290][ T7912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1194'. [ 123.214114][ T7912] tipc: Started in network mode [ 123.223896][ T7912] tipc: Node identity , cluster identity 8 [ 123.621833][ T7936] tap0: tun_chr_ioctl cmd 1074025681 [ 124.200316][ T7963] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1216'. [ 124.216287][ T7966] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1217'. [ 124.243971][ T7963] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6erspan0 [ 124.663023][ T7984] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1224'. [ 124.845983][ T7989] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1226'. [ 125.173113][ T8005] hsr_slave_0: left promiscuous mode [ 125.214129][ T8005] hsr_slave_1: left promiscuous mode [ 125.933432][ T8033] ip6gretap1: entered promiscuous mode [ 125.954934][ T8033] ip6gretap1: entered allmulticast mode [ 126.420933][ T8056] netlink: 'syz.0.1258': attribute type 11 has an invalid length. [ 126.530915][ T8062] netlink: 'syz.4.1262': attribute type 1 has an invalid length. [ 126.829421][ T8073] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1268'. [ 127.195826][ T8094] netlink: 'syz.1.1277': attribute type 1 has an invalid length. [ 127.238910][ T8094] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.1277'. [ 127.281696][ T8094] netlink: 'syz.1.1277': attribute type 1 has an invalid length. [ 127.304870][ T8094] netlink: 'syz.1.1277': attribute type 2 has an invalid length. [ 127.355510][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1279'. [ 128.424980][ T8149] netlink: 'syz.1.1302': attribute type 11 has an invalid length. [ 128.952801][ T8171] netlink: 209840 bytes leftover after parsing attributes in process `syz.1.1313'. [ 129.886007][ T8199] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1324'. [ 130.240797][ T8208] netlink: 'syz.1.1328': attribute type 10 has an invalid length. [ 130.328755][ T8208] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 130.342915][ T8213] netlink: 'syz.3.1332': attribute type 1 has an invalid length. [ 130.577463][ T8219] vxcan1: tx drop: invalid sa for name 0x0000000000000001 [ 130.655972][ T8223] sch_tbf: burst 5 is lower than device lo mtu (65550) ! [ 131.051556][ T8235] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 131.383374][ T8250] netlink: 'syz.1.1350': attribute type 1 has an invalid length. [ 131.393873][ T8246] tun0: tun_chr_ioctl cmd 2147767511 [ 131.405940][ T8250] netlink: 9320 bytes leftover after parsing attributes in process `syz.1.1350'. [ 131.443906][ T8250] netlink: 'syz.1.1350': attribute type 1 has an invalid length. [ 131.474452][ T8250] netlink: 'syz.1.1350': attribute type 2 has an invalid length. [ 131.656180][ T5237] Bluetooth: hci3: link tx timeout [ 131.662709][ T5237] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 131.836025][ T8259] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.023551][ T8259] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.145756][ T8259] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.322501][ T8259] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.385398][ T8273] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 132.516772][ T8259] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.530797][ T8276] raw_sendmsg: syz.3.1362 forgot to set AF_INET. Fix it! [ 132.611796][ T8259] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.677588][ T8259] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.727890][ T8259] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.811788][ T8278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 133.231212][ T8292] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1370'. [ 133.728572][ T54] Bluetooth: hci3: command 0x1407 tx timeout [ 134.213621][ T8329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1388'. [ 134.420264][ T8337] sch_tbf: peakrate 4 is lower than or equals to rate 33554432 ! [ 134.981324][ T8357] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1401'. [ 135.131925][ T8364] netlink: 'syz.0.1405': attribute type 6 has an invalid length. [ 135.290324][ T8372] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 135.823649][ T8395] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1420'. [ 136.235013][ T8417] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1430'. [ 138.166457][ T8518] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1473'. [ 138.703030][ T8536] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1481'. [ 140.189527][ T8590] syz.0.1503 uses obsolete (PF_INET,SOCK_PACKET) [ 141.450707][ T8644] syzkaller1: entered promiscuous mode [ 141.464406][ T8644] syzkaller1: entered allmulticast mode [ 141.644213][ T8652] tun0: tun_chr_ioctl cmd 1074025675 [ 141.655109][ T8652] tun0: persist enabled [ 141.662727][ T8652] tun0: tun_chr_ioctl cmd 1074025675 [ 141.669318][ T8652] tun0: persist enabled [ 141.818975][ T8659] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1534'. [ 142.070557][ T8675] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1541'. [ 142.129320][ T8677] netlink: 'syz.3.1542': attribute type 3 has an invalid length. [ 142.418521][ T8689] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1548'. [ 142.822701][ T8706] netlink: 'syz.0.1556': attribute type 12 has an invalid length. [ 143.183980][ T8720] netlink: 'syz.1.1562': attribute type 2 has an invalid length. [ 143.203449][ T8720] netlink: 'syz.1.1562': attribute type 8 has an invalid length. [ 143.225045][ T8720] netlink: 'syz.1.1562': attribute type 1 has an invalid length. [ 143.245400][ T8720] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1562'. [ 143.293763][ T8722] netlink: 468 bytes leftover after parsing attributes in process `syz.4.1563'. [ 143.306421][ T8722] netlink: 'syz.4.1563': attribute type 2 has an invalid length. [ 143.662732][ T8742] netlink: 'syz.4.1572': attribute type 3 has an invalid length. [ 143.702248][ T8746] netlink: 'syz.0.1574': attribute type 1 has an invalid length. [ 143.711436][ T8746] netlink: 3440 bytes leftover after parsing attributes in process `syz.0.1574'. [ 143.722728][ T8746] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1574'. [ 143.734459][ T8746] netlink: 'syz.0.1574': attribute type 1 has an invalid length. [ 143.759238][ T8746] netlink: 5888 bytes leftover after parsing attributes in process `syz.0.1574'. [ 144.007695][ T8757] pimreg: entered allmulticast mode [ 144.130884][ T8757] pimreg: left allmulticast mode [ 144.330119][ T8771] Bluetooth: hci3: unsupported parameter 64512 [ 144.339325][ T8771] Bluetooth: hci3: invalid length 0, exp 2 for type 8 [ 144.374452][ T8768] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.1585'. [ 144.739663][ T8792] Bluetooth: hci3: unsupported parameter 1025 [ 144.760649][ T8792] Bluetooth: hci3: invalid length 0, exp 2 for type 15 [ 145.789506][ T8837] atomic_op ffff88807a845998 conn xmit_atomic 0000000000000000 [ 146.426921][ T8864] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1630'. [ 147.364975][ T8906] netlink: 'syz.0.1650': attribute type 10 has an invalid length. [ 147.952213][ T8933] tipc: Started in network mode [ 147.961474][ T8933] tipc: Node identity 1, cluster identity 4711 [ 147.968987][ T8933] tipc: Node number set to 1 [ 148.223789][ T8940] veth1_macvtap: entered allmulticast mode [ 148.474998][ T8954] sctp: [Deprecated]: syz.1.1670 (pid 8954) Use of struct sctp_assoc_value in delayed_ack socket option. [ 148.474998][ T8954] Use struct sctp_sack_info instead [ 148.533650][ T8954] sctp: [Deprecated]: syz.1.1670 (pid 8954) Use of struct sctp_assoc_value in delayed_ack socket option. [ 148.533650][ T8954] Use struct sctp_sack_info instead [ 149.019106][ T8979] batman_adv: batadv0: Adding interface: gretap1 [ 149.045206][ T8979] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.092473][ T8979] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 149.127101][ T8985] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1685'. [ 150.118484][ T9031] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1706'. [ 150.151952][ T9031] netlink: 'syz.0.1706': attribute type 1 has an invalid length. [ 150.184924][ T9031] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1706'. [ 150.676338][ T9060] netlink: 'syz.2.1716': attribute type 1 has an invalid length. [ 150.692761][ T9060] netlink: 'syz.2.1716': attribute type 1 has an invalid length. [ 150.723851][ T9060] netlink: 9328 bytes leftover after parsing attributes in process `syz.2.1716'. [ 150.745127][ T9060] netlink: 'syz.2.1716': attribute type 1 has an invalid length. [ 151.736373][ T9100] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1736'. [ 151.761383][ T9100] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 152.378093][ T9134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1751'. [ 152.581535][ T9142] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.1756'. [ 152.601213][ T9142] openvswitch: netlink: IP tunnel dst address not specified [ 152.757741][ T9146] netlink: 'syz.4.1758': attribute type 2 has an invalid length. [ 152.819079][ T9148] pimreg: entered allmulticast mode [ 152.853633][ T9150] netlink: 'syz.0.1760': attribute type 1 has an invalid length. [ 152.863054][ T9150] netlink: 9116 bytes leftover after parsing attributes in process `syz.0.1760'. [ 152.874165][ T9150] netlink: 'syz.0.1760': attribute type 1 has an invalid length. [ 152.883967][ T9150] netlink: 209 bytes leftover after parsing attributes in process `syz.0.1760'. [ 152.935843][ T9148] pimreg: left allmulticast mode [ 153.513299][ T2636] IPVS: starting estimator thread 0... [ 153.514279][ T9175] tipc: Started in network mode [ 153.556026][ T9175] tipc: Node identity ac1414aa, cluster identity 4711 [ 153.565295][ T9175] tipc: Enabled bearer , priority 10 [ 153.645061][ T9178] IPVS: using max 20 ests per chain, 48000 per kthread [ 153.675357][ T9184] netlink: 'syz.0.1775': attribute type 3 has an invalid length. [ 153.827181][ T9186] syzkaller1: entered promiscuous mode [ 153.843616][ T9186] syzkaller1: entered allmulticast mode [ 154.676738][ T8] tipc: Node number set to 2886997162 [ 155.099568][ T9249] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1804'. [ 155.130751][ T9249] geneve1: entered promiscuous mode [ 155.144122][ T9249] geneve1: left promiscuous mode [ 155.473747][ T9268] pimreg: entered allmulticast mode [ 155.603584][ T9268] pimreg: left allmulticast mode [ 155.692057][ T9276] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.1815'. [ 155.703215][ T9276] openvswitch: netlink: IP tunnel dst address not specified [ 155.788386][ T9278] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1816'. [ 156.721783][ T9321] netlink: 'syz.2.1836': attribute type 21 has an invalid length. [ 156.739455][ T9321] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1836'. [ 156.825778][ T9324] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1837'. [ 156.906857][ T9328] af_packet: tpacket_rcv: packet too big, clamped from 57 to 4294967272. macoff=96 [ 157.058329][ T9332] netlink: 'syz.2.1841': attribute type 1 has an invalid length. [ 157.080334][ T9332] netlink: 'syz.2.1841': attribute type 2 has an invalid length. [ 157.191142][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.229538][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.757638][ T9362] sctp: [Deprecated]: syz.1.1855 (pid 9362) Use of struct sctp_assoc_value in delayed_ack socket option. [ 157.757638][ T9362] Use struct sctp_sack_info instead [ 158.392181][ T9398] team0: No ports can be present during mode change [ 158.647077][ T9410] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1874'. [ 159.669953][ T9453] netlink: 'syz.3.1892': attribute type 11 has an invalid length. [ 159.812033][ T9461] syz.1.1897[9461] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 159.812186][ T9461] syz.1.1897[9461] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.830373][ T9589] bridge0: entered promiscuous mode [ 162.888464][ T9589] macvlan3: entered promiscuous mode [ 162.928721][ T9589] bridge0: left promiscuous mode [ 163.695931][ T9617] team_slave_0: entered promiscuous mode [ 163.703434][ T9617] team_slave_1: entered promiscuous mode [ 163.727715][ T9617] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 163.773893][ T9617] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 164.509164][ T9645] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 164.899472][ T9656] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 165.157442][ T9659] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.166587][ T9659] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.455998][ T9659] wg1: left promiscuous mode [ 165.545205][ T9659] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 166.281907][ T9694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1994'. [ 168.070944][ T9736] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2 [ 168.131468][ T9736] gretap2: default qdisc (pfifo_fast) fail, fallback to noqueue [ 168.172189][ T9736] gretap2: entered promiscuous mode [ 168.185186][ T9736] gretap2: entered allmulticast mode [ 168.572955][ T9745] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2016'. [ 169.349469][ T9758] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2022'. [ 169.972073][ T9780] netlink: 'syz.2.2031': attribute type 4 has an invalid length. [ 170.185898][ T9787] sctp: [Deprecated]: syz.4.2033 (pid 9787) Use of struct sctp_assoc_value in delayed_ack socket option. [ 170.185898][ T9787] Use struct sctp_sack_info instead [ 170.206984][ T9789] netlink: 'syz.2.2034': attribute type 11 has an invalid length. [ 170.466185][ T9797] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526 [ 170.754441][ T9807] syz_tun: entered promiscuous mode [ 170.791620][ T9807] syz_tun: left promiscuous mode [ 171.081371][ T9817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2046'. [ 171.112877][ T9817] bond0: left allmulticast mode [ 171.135089][ T9817] bond_slave_0: left allmulticast mode [ 171.158326][ T9817] bond_slave_1: left allmulticast mode [ 171.178295][ T9817] bond0: left promiscuous mode [ 171.194818][ T9817] bond_slave_0: left promiscuous mode [ 171.213073][ T9817] bond_slave_1: left promiscuous mode [ 171.233146][ T9817] bridge0: port 3(bond0) entered disabled state [ 171.258426][ T9817] bridge_slave_1: left allmulticast mode [ 171.273801][ T9817] bridge_slave_1: left promiscuous mode [ 171.287377][ T9817] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.312528][ T9817] bridge_slave_0: left allmulticast mode [ 171.354768][ T9817] bridge_slave_0: left promiscuous mode [ 171.360572][ T9817] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.887175][ T9837] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2054'. [ 171.948196][ T9837] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2054'. [ 172.118301][ T2636] IPVS: starting estimator thread 0... [ 172.245885][ T9847] IPVS: using max 22 ests per chain, 52800 per kthread [ 173.300233][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 173.313132][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 173.325130][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 173.341440][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 173.398176][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 173.411419][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 173.631227][ T5231] bond0: (slave syz_tun): Releasing backup interface [ 174.013640][ T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.236247][ T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.500940][ T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.727690][ T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.956205][ T9937] syz.4.2099[9937] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.956447][ T9937] syz.4.2099[9937] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.151347][ T9872] chnl_net:caif_netlink_parms(): no params data found [ 175.406905][ T35] bridge_slave_1: left allmulticast mode [ 175.445397][ T35] bridge_slave_1: left promiscuous mode [ 175.454296][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.485046][ T54] Bluetooth: hci5: command tx timeout [ 175.566174][ T35] bridge_slave_0: left allmulticast mode [ 175.571872][ T35] bridge_slave_0: left promiscuous mode [ 175.582178][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.418184][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 176.430828][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.470079][ T35] bond0 (unregistering): Released all slaves [ 176.842336][ T9872] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.863531][ T9872] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.905223][ T9872] bridge_slave_0: entered allmulticast mode [ 176.924156][ T9872] bridge_slave_0: entered promiscuous mode [ 177.051377][ T9872] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.072938][ T9872] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.094986][ T9872] bridge_slave_1: entered allmulticast mode [ 177.109463][ T9872] bridge_slave_1: entered promiscuous mode [ 177.383011][ T9872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 177.398844][ T9872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.542781][ T35] macvlan0: left promiscuous mode [ 177.569093][ T54] Bluetooth: hci5: command tx timeout [ 177.615013][ T35] batadv_slave_0: left promiscuous mode [ 177.712367][ T35] hsr_slave_0: left promiscuous mode [ 177.755019][ T35] hsr_slave_1: left promiscuous mode [ 177.800116][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 177.832883][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.861498][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 177.869332][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 177.923837][ T35] veth1_macvtap: left promiscuous mode [ 177.946989][ T35] veth0_macvtap: left promiscuous mode [ 177.952625][ T35] veth1_vlan: left promiscuous mode [ 177.973506][ T35] veth0_vlan: left promiscuous mode [ 179.182684][ T35] team0 (unregistering): Port device team_slave_1 removed [ 179.224375][ T35] team0 (unregistering): Port device team_slave_0 removed [ 179.648368][ T54] Bluetooth: hci5: command tx timeout [ 179.763655][ T9872] team0: Port device team_slave_0 added [ 179.787057][ T9872] team0: Port device team_slave_1 added [ 179.957281][ T9872] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.985452][ T9872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.052423][ T9872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.103256][ T9872] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.133537][ T9872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.171950][ T9872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.357455][ T9872] hsr_slave_0: entered promiscuous mode [ 180.405732][ T9872] hsr_slave_1: entered promiscuous mode [ 180.428633][ T9872] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.438464][ T9872] Cannot create hsr debugfs directory [ 180.568275][T10080] trusted_key: syz.4.2160 sent an empty control message without MSG_MORE. [ 180.727380][T10085] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2162'. [ 180.737148][T10085] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2162'. [ 181.113590][T10094] tun0: tun_chr_ioctl cmd 1074025675 [ 181.121450][T10097] nbd: device at index 4 is going down [ 181.134965][T10094] tun0: persist enabled [ 181.147577][T10094] tun0: tun_chr_ioctl cmd 1074025675 [ 181.152915][T10094] tun0: persist disabled [ 181.438803][ T9872] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 181.439239][T10103] netlink: 'syz.3.2171': attribute type 11 has an invalid length. [ 181.489184][ T9872] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 181.514067][T10103] netlink: 'syz.3.2171': attribute type 1 has an invalid length. [ 181.542683][ T9872] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 181.559487][ T9872] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 181.661485][T10107] syzkaller1: entered promiscuous mode [ 181.685764][T10107] syzkaller1: entered allmulticast mode [ 181.732401][ T54] Bluetooth: hci5: command tx timeout [ 182.015050][ T9872] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.086057][T10125] sock: sock_set_timeout: `syz.2.2182' (pid 10125) tries to set negative timeout [ 182.099165][ T9872] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.148854][ T2932] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.156076][ T2932] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.216349][T10129] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 182.239034][ T2932] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.247302][ T2932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.745131][T10145] sctp: [Deprecated]: syz.4.2190 (pid 10145) Use of int in maxseg socket option. [ 182.745131][T10145] Use struct sctp_assoc_value instead [ 183.130047][ T9872] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 183.235104][ T9872] veth0_vlan: entered promiscuous mode [ 183.258756][ T9872] veth1_vlan: entered promiscuous mode [ 183.312700][ T9872] veth0_macvtap: entered promiscuous mode [ 183.345300][ T9872] veth1_macvtap: entered promiscuous mode [ 183.374275][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.392700][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.404032][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.420185][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.430439][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.441492][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.452297][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.482451][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.502192][ T9872] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.526692][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.546397][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.561509][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.574005][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.590469][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.611149][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.622544][ T9872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.642000][ T9872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.657093][ T9872] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.693717][ T9872] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.703999][ T9872] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.721214][ T9872] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.740171][ T9872] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.977708][ T2932] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.995631][ T2932] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.049470][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.075894][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.578865][T10212] netlink: 'syz.0.2218': attribute type 9 has an invalid length. [ 184.598015][T10212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2218'. [ 185.438710][T10242] IPVS: length: 8 != 2400 [ 185.810360][T10255] netlink: 'syz.0.2237': attribute type 2 has an invalid length. [ 185.821825][T10255] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2237'. [ 186.038840][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2241'. [ 186.367409][ T5250] Bluetooth: hci2: command 0x0406 tx timeout [ 186.367418][ T5240] Bluetooth: hci4: command 0x0406 tx timeout [ 187.656942][T10308] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 187.832224][T10314] netlink: 'syz.0.2260': attribute type 1 has an invalid length. [ 187.857657][T10314] netlink: 9320 bytes leftover after parsing attributes in process `syz.0.2260'. [ 187.874395][T10314] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2260'. [ 187.886793][T10314] netlink: 'syz.0.2260': attribute type 1 has an invalid length. [ 188.463111][T10339] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2271'. [ 189.043604][T10360] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2281'. [ 189.076043][T10360] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2281'. [ 189.800703][T10390] netlink: 'syz.1.2291': attribute type 42 has an invalid length. [ 190.007819][T10395] netlink: 'syz.0.2295': attribute type 3 has an invalid length. [ 192.451022][T10509] netlink: 'syz.3.2347': attribute type 12 has an invalid length. [ 192.482221][T10509] netlink: 'syz.3.2347': attribute type 11 has an invalid length. [ 192.528851][T10509] netlink: 'syz.3.2347': attribute type 11 has an invalid length. [ 192.553239][T10509] netlink: 'syz.3.2347': attribute type 11 has an invalid length. [ 192.569327][T10509] netlink: 'syz.3.2347': attribute type 11 has an invalid length. [ 192.583194][T10509] netlink: 'syz.3.2347': attribute type 11 has an invalid length. [ 192.592166][T10509] netlink: 'syz.3.2347': attribute type 4 has an invalid length. [ 192.600887][T10509] netlink: 'syz.3.2347': attribute type 5 has an invalid length. [ 192.608992][T10509] netlink: 196072 bytes leftover after parsing attributes in process `syz.3.2347'. [ 194.248453][T10555] Bluetooth: Found 0 CAPI controller(s) on device 10:aa:aa:aa:aa:aa [ 194.403503][T10593] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2384'. [ 194.435251][T10593] bond_slave_0: entered promiscuous mode [ 194.441298][T10593] bond_slave_1: entered promiscuous mode [ 194.463018][T10593] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 194.773012][T10604] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 194.789598][T10604] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 195.023700][T10613] netlink: 'syz.2.2394': attribute type 3 has an invalid length. [ 195.042291][T10613] netlink: 'syz.2.2394': attribute type 11 has an invalid length. [ 195.053166][T10613] netlink: 128512 bytes leftover after parsing attributes in process `syz.2.2394'. [ 195.342951][T10629] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2402'. [ 195.463324][T10637] tipc: Started in network mode [ 195.476594][T10637] tipc: Node identity 2d000000000000002df4ffffffffffff, cluster identity 4711 [ 195.507620][T10637] netlink: 'syz.1.2405': attribute type 10 has an invalid length. [ 195.515886][T10637] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2405'. [ 195.534214][T10637] batman_adv: batadv0: Adding interface: virt_wifi0 [ 195.541143][T10637] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.579987][T10637] batman_adv: batadv0: Interface activated: virt_wifi0 [ 195.844380][T10655] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2410'. [ 196.611711][T10681] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256 [ 196.942054][T10691] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2428'. [ 196.980162][T10691] netlink: 'syz.2.2428': attribute type 1 has an invalid length. [ 197.043982][T10694] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2429'. [ 197.094804][T10694] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2429'. [ 197.115902][T10694] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2429'. [ 197.415392][T10702] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 197.909650][T10715] netlink: 4611 bytes leftover after parsing attributes in process `syz.0.2439'. [ 198.851086][T10743] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2454'. [ 198.888389][T10743] netlink: 'syz.2.2454': attribute type 7 has an invalid length. [ 198.905398][T10743] netlink: 'syz.2.2454': attribute type 8 has an invalid length. [ 198.922270][T10743] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2454'. [ 199.136011][T10753] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 200.247547][T10784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2472'. [ 200.307137][T10788] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2472'. [ 200.356174][T10789] Bluetooth: hci0: Opcode 0x0401 failed: -22 [ 202.364856][ T5237] Bluetooth: hci0: command tx timeout [ 202.537087][T10827] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 202.589186][T10827] mac80211_hwsim hwsim4 wlan0: left promiscuous mode [ 203.680027][T10858] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2505'. [ 203.710194][T10858] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2505'. [ 204.383971][T10884] syzkaller1: entered promiscuous mode [ 204.391259][T10884] syzkaller1: entered allmulticast mode [ 205.066200][T10902] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2524'. [ 205.085196][T10902] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2524'. [ 205.097342][T10881] Bluetooth: Found 0 CAPI controller(s) on device 10:aa:aa:aa:aa:aa [ 205.110338][T10902] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2524'. [ 205.303329][T10909] netlink: 'syz.3.2528': attribute type 2 has an invalid length. [ 205.335085][T10909] netlink: 'syz.3.2528': attribute type 5 has an invalid length. [ 205.346607][T10909] netlink: 'syz.3.2528': attribute type 6 has an invalid length. [ 205.356619][T10909] netlink: 'syz.3.2528': attribute type 7 has an invalid length. [ 205.372926][T10909] netlink: 'syz.3.2528': attribute type 7 has an invalid length. [ 205.394586][T10909] netlink: 13022 bytes leftover after parsing attributes in process `syz.3.2528'. [ 205.436901][T10909] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.2528'. [ 205.462625][T10909] netlink: 'syz.3.2528': attribute type 2 has an invalid length. [ 205.473149][T10909] netlink: 'syz.3.2528': attribute type 5 has an invalid length. [ 205.483444][T10909] netlink: 'syz.3.2528': attribute type 6 has an invalid length. [ 205.493163][T10909] netlink: 'syz.3.2528': attribute type 7 has an invalid length. [ 205.513109][T10909] netlink: 'syz.3.2528': attribute type 7 has an invalid length. [ 205.521191][T10918] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 205.522881][T10918] macsec1: entered allmulticast mode [ 205.538983][T10909] netlink: 13022 bytes leftover after parsing attributes in process `syz.3.2528'. [ 205.549739][T10918] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 205.560596][T10918] mac80211_hwsim hwsim4 wlan0: left allmulticast mode [ 205.590791][T10918] mac80211_hwsim hwsim4 wlan0: left promiscuous mode [ 205.681472][T10923] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 205.700600][T10923] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 205.757454][T10923] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 206.772470][T10969] netlink: 5300 bytes leftover after parsing attributes in process `syz.4.2543'. [ 206.790322][T10969] openvswitch: netlink: IP tunnel dst address not specified [ 207.314558][T10994] Bluetooth: hci3: unsupported parameter 64512 [ 207.332082][T10994] Bluetooth: hci3: invalid length 0, exp 2 for type 26 [ 207.519912][T11004] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2570'. [ 209.187774][T11079] Bluetooth: hci3: unsupported parameter 64512 [ 209.204017][T11079] Bluetooth: hci3: invalid length 0, exp 2 for type 12 [ 210.883891][T11159] validate_nla: 1 callbacks suppressed [ 210.883908][T11159] netlink: 'syz.1.2638': attribute type 1 has an invalid length. [ 211.082607][T11166] __nla_validate_parse: 1 callbacks suppressed [ 211.082653][T11166] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2639'. [ 212.136705][T11208] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 212.179708][T11209] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2661'. [ 212.222435][T11211] macsec1: entered promiscuous mode [ 212.233355][T11211] macvlan0: entered promiscuous mode [ 212.242171][T11211] macsec1: entered allmulticast mode [ 212.252665][T11211] macvlan0: entered allmulticast mode [ 212.264604][T11211] macvlan0: left allmulticast mode [ 212.275935][T11211] macvlan0: left promiscuous mode [ 212.579281][T11224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2667'. [ 212.698528][T11226] syz.1.2668 (11226) used greatest stack depth: 18944 bytes left [ 213.462677][T11263] netlink: 'syz.2.2686': attribute type 1 has an invalid length. [ 213.472218][T11263] netlink: 9320 bytes leftover after parsing attributes in process `syz.2.2686'. [ 213.483395][T11263] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2686'. [ 213.506993][T11263] netlink: 'syz.2.2686': attribute type 1 has an invalid length. [ 213.523203][T11263] netlink: 'syz.2.2686': attribute type 2 has an invalid length. [ 213.775601][T11275] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2691'. [ 214.440648][T11303] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2703'. [ 215.136683][T11331] netlink: 'syz.2.2718': attribute type 11 has an invalid length. [ 215.218704][T11339] netlink: 'syz.1.2719': attribute type 3 has an invalid length. [ 215.239000][T11339] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2719'. [ 215.422693][T11346] netlink: 'syz.0.2723': attribute type 4 has an invalid length. [ 216.861882][T11402] Bluetooth: hci3: unsupported parameter 64512 [ 216.873005][T11402] Bluetooth: hci3: invalid length 0, exp 2 for type 6 [ 217.454613][T11425] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2757'. [ 217.696384][T11436] bond0: option arp_interval: invalid value (18446744072376677605) [ 217.705012][T11436] bond0: option arp_interval: allowed values 0 - 2147483647 [ 217.714185][T11434] netlink: 'syz.0.2761': attribute type 4 has an invalid length. [ 218.216777][T11458] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2771'. [ 218.461672][T11470] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 218.927299][T11482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2783'. [ 219.414838][T11497] Bluetooth: hci3: unsupported parameter 64512 [ 219.422256][T11497] Bluetooth: hci3: invalid length 0, exp 2 for type 10 [ 221.122997][T11536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2801'. [ 221.374123][T11542] vcan0: tx drop: invalid sa for name 0x0000000000000003 [ 221.596975][T11549] netlink: 'syz.1.2812': attribute type 2 has an invalid length. [ 221.723655][T11552] veth2: entered allmulticast mode [ 222.953008][T11600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2834'. [ 223.034356][T11604] vlan3: entered allmulticast mode [ 223.051838][T11604] bond0: entered allmulticast mode [ 223.061530][T11604] bond_slave_0: entered allmulticast mode [ 223.073225][T11604] bond_slave_1: entered allmulticast mode [ 223.079208][T11604] macvlan2: entered allmulticast mode [ 223.084778][T11604] team0: entered allmulticast mode [ 223.090048][T11604] team_slave_0: entered allmulticast mode [ 223.104727][T11604] team_slave_1: entered allmulticast mode [ 223.201843][T11604] bond0: left allmulticast mode [ 223.210448][T11604] bond_slave_0: left allmulticast mode [ 223.234904][T11604] bond_slave_1: left allmulticast mode [ 223.243034][T11604] macvlan2: left allmulticast mode [ 223.249979][T11604] team0: left allmulticast mode [ 223.260779][T11604] team_slave_0: left allmulticast mode [ 223.275950][T11604] team_slave_1: left allmulticast mode [ 224.722443][T11673] batadv_slave_1: entered promiscuous mode [ 224.741352][T11672] batadv_slave_1: left promiscuous mode [ 225.200475][T11694] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2876'. [ 225.281064][T11691] sctp: [Deprecated]: syz.4.2868 (pid 11691) Use of int in maxseg socket option. [ 225.281064][T11691] Use struct sctp_assoc_value instead [ 225.368902][T11699] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2879'. [ 225.391569][T11699] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2879'. [ 225.632153][T11712] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2884'. [ 226.345970][T11742] netlink: 'syz.2.2902': attribute type 4 has an invalid length. [ 226.356921][T11742] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2902'. [ 227.057229][T11769] syz.0.2910[11769] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 227.057379][T11769] syz.0.2910[11769] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 227.533569][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 227.556137][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 227.574091][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 227.583803][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 227.591944][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 227.601330][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 227.809764][T11782] chnl_net:caif_netlink_parms(): no params data found [ 228.011024][T11798] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2922'. [ 228.020305][T11798] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2922'. [ 228.246194][T11807] netlink: 'syz.2.2921': attribute type 10 has an invalid length. [ 228.268888][T11807] syz_tun: entered promiscuous mode [ 228.344004][T11807] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 228.368926][T11782] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.377948][T11782] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.386899][T11782] bridge_slave_0: entered allmulticast mode [ 228.396743][T11782] bridge_slave_0: entered promiscuous mode [ 228.420013][T11782] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.428844][T11782] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.439478][T11782] bridge_slave_1: entered allmulticast mode [ 228.465890][T11782] bridge_slave_1: entered promiscuous mode [ 228.838001][T11782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 228.889352][T11782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 229.061435][T11782] team0: Port device team_slave_0 added [ 229.084487][T11782] team0: Port device team_slave_1 added [ 229.262498][T11782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 229.289385][T11782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.374990][T11782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 229.431525][T11782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 229.444771][T11782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.529979][T11782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 229.646269][ T54] Bluetooth: hci1: command tx timeout [ 229.717365][T11782] hsr_slave_0: entered promiscuous mode [ 229.752933][T11782] hsr_slave_1: entered promiscuous mode [ 229.773653][T11782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 229.791857][T11782] Cannot create hsr debugfs directory [ 230.183806][T11874] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2954'. [ 230.311665][T11782] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.467255][T11782] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.670680][T11892] netlink: 4232 bytes leftover after parsing attributes in process `syz.2.2965'. [ 230.733478][T11782] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.903727][T11782] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.240073][T11782] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 231.261687][T11782] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 231.298044][T11782] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 231.323329][T11782] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 231.612100][T11782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.680093][T11782] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.713526][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.720769][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.724995][ T54] Bluetooth: hci1: command tx timeout [ 231.806827][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.813999][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.481973][T11782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.654266][T11782] veth0_vlan: entered promiscuous mode [ 232.703627][T11782] veth1_vlan: entered promiscuous mode [ 232.840763][T11782] veth0_macvtap: entered promiscuous mode [ 232.860261][T11782] veth1_macvtap: entered promiscuous mode [ 232.908717][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.932563][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.944606][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.957633][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.971167][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.986121][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.999476][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.012293][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.057926][T11782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.077661][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.113068][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.137218][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.151417][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.163399][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.176909][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.198238][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.213938][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.234756][T11782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.247883][T11782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.263293][T11782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.330611][T11782] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.342709][T11782] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.354514][T11782] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.366318][T11782] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.574059][ T2903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.594996][ T2903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.689820][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.704520][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.805014][ T54] Bluetooth: hci1: command tx timeout [ 234.016353][T11989] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3004'. [ 235.687376][T12042] ip6gretap0: entered promiscuous mode [ 235.739679][T12042] batadv_slave_0: entered promiscuous mode [ 235.765051][T12042] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 235.774123][T12042] Cannot create hsr debugfs directory [ 236.173446][ T2932] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.727341][T12078] Bluetooth: hci3: unsupported parameter 64512 [ 236.735497][T12078] Bluetooth: hci3: invalid len left 4, exp >= 212 [ 236.735968][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 236.752612][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 236.761468][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 236.771425][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 236.780615][ T5237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 236.789158][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 236.998919][T12088] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3045'. [ 237.353655][T12077] chnl_net:caif_netlink_parms(): no params data found [ 237.716560][ T2932] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.989996][ T2932] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.016211][T12077] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.027278][T12077] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.036695][T12077] bridge_slave_0: entered allmulticast mode [ 238.048379][T12077] bridge_slave_0: entered promiscuous mode [ 238.117694][T12077] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.165956][T12077] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.185194][T12077] bridge_slave_1: entered allmulticast mode [ 238.206616][T12077] bridge_slave_1: entered promiscuous mode [ 238.247781][T12138] netlink: 5296 bytes leftover after parsing attributes in process `syz.0.3067'. [ 238.276751][ T2932] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.362545][T12077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.430922][T12077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.557050][T12077] team0: Port device team_slave_0 added [ 238.593221][T12077] team0: Port device team_slave_1 added [ 238.703189][T12077] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.720560][T12077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.756310][T12077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.809616][T12077] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.822929][T12077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.851230][ T5237] Bluetooth: hci1: command tx timeout [ 238.857666][T12077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 238.869704][ T2932] bridge_slave_1: left allmulticast mode [ 238.875804][ T2932] bridge_slave_1: left promiscuous mode [ 238.882151][ T2932] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.908114][ T2932] bridge_slave_0: left allmulticast mode [ 238.914098][ T2932] bridge_slave_0: left promiscuous mode [ 238.920186][ T2932] bridge0: port 1(bridge_slave_0) entered disabled state [ 240.141792][ T2932] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 240.194219][ T2932] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 240.215608][ T2932] bond0 (unregistering): Released all slaves [ 240.466196][T12077] hsr_slave_0: entered promiscuous mode [ 240.487133][T12077] hsr_slave_1: entered promiscuous mode [ 240.508918][T12077] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 240.534694][T12077] Cannot create hsr debugfs directory [ 240.925752][ T5237] Bluetooth: hci1: command tx timeout [ 241.194989][ T2932] hsr_slave_0: left promiscuous mode [ 241.212386][ T2932] hsr_slave_1: left promiscuous mode [ 241.237812][ T2932] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 241.254928][ T2932] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 241.282778][ T2932] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 241.304986][ T2932] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 241.372654][ T2932] veth1_macvtap: left promiscuous mode [ 241.383887][ T2932] veth0_macvtap: left promiscuous mode [ 241.393434][ T2932] veth1_vlan: left promiscuous mode [ 241.402404][ T2932] veth0_vlan: left promiscuous mode [ 242.330200][ T2932] team0 (unregistering): Port device team_slave_1 removed [ 242.403878][ T2932] team0 (unregistering): Port device team_slave_0 removed [ 243.005200][ T5237] Bluetooth: hci1: command tx timeout [ 243.780988][T12206] netlink: 'syz.0.3095': attribute type 10 has an invalid length. [ 243.806556][T12206] syz_tun: entered promiscuous mode [ 243.877504][T12206] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 244.615368][T12228] netlink: 4272 bytes leftover after parsing attributes in process `syz.0.3106'. [ 245.036357][T12238] netlink: 'syz.1.3111': attribute type 10 has an invalid length. [ 245.085306][ T5237] Bluetooth: hci1: command tx timeout [ 245.085641][ C1] Dead loop on virtual device ipvlan0, fix it urgently! [ 245.155943][T12238] syz_tun: entered promiscuous mode [ 245.214264][T12238] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 245.283746][T12077] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 245.424548][T12077] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 245.439042][T12077] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 245.488467][T12077] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 245.829559][T12077] 8021q: adding VLAN 0 to HW filter on device bond0 [ 245.902050][T12077] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.004689][ T2903] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.011911][ T2903] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.056978][ T2903] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.064199][ T2903] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.227644][T12077] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 246.590888][T12279] hsr0: entered promiscuous mode [ 246.671544][T12077] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.682055][T12281] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3131'. [ 246.748496][T12077] veth0_vlan: entered promiscuous mode [ 246.782440][T12077] veth1_vlan: entered promiscuous mode [ 246.902383][T12077] veth0_macvtap: entered promiscuous mode [ 246.923551][T12077] veth1_macvtap: entered promiscuous mode [ 246.982948][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.001150][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.019726][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.041582][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.053115][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.064272][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.075478][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.093244][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.114599][T12077] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 247.142584][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.157889][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.169520][T12292] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3135'. [ 247.178699][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.193619][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.213961][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.232497][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.254404][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.276978][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.298197][T12077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.334725][T12077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.366477][T12077] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 247.392871][T12077] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.408349][T12077] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.422214][T12077] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.432171][T12077] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.622290][T12308] Dead loop on virtual device ipvlan0, fix it urgently! [ 247.648719][T12308] syz.1.3142 (12308) used greatest stack depth: 6032 bytes left [ 247.718917][ T2932] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 247.731580][ T2932] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 247.797150][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 247.822028][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 248.043600][T12320] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3147'. [ 248.850284][T12351] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3161'. [ 248.875246][T12351] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3161'. [ 248.951655][T12355] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3163'. [ 250.222976][ T2903] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.333126][T12402] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3184'. [ 250.956595][T12426] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3195'. [ 251.067121][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 251.079380][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 251.087659][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 251.105306][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 251.124953][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 251.132567][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 251.688148][T12429] chnl_net:caif_netlink_parms(): no params data found [ 251.689447][T12452] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3205'. [ 251.864786][T12429] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.873444][T12429] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.882174][T12429] bridge_slave_0: entered allmulticast mode [ 251.892896][T12429] bridge_slave_0: entered promiscuous mode [ 251.906429][T12429] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.916068][T12429] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.925537][T12429] bridge_slave_1: entered allmulticast mode [ 251.936288][T12429] bridge_slave_1: entered promiscuous mode [ 252.081830][ T2903] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.143769][ T5233] bond0: (slave syz_tun): Releasing backup interface [ 252.226253][T12429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.388406][ T2903] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.421576][T12429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.494181][T12429] team0: Port device team_slave_0 added [ 252.557587][ T2903] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.606802][T12429] team0: Port device team_slave_1 added [ 252.688926][T12429] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.706013][T12429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.752909][T12429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.805277][T12429] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.813959][T12429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.857821][T12429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.945558][T12477] Dead loop on virtual device ipvlan0, fix it urgently! [ 252.991051][T12479] Dead loop on virtual device ipvlan0, fix it urgently! [ 253.106358][T12429] hsr_slave_0: entered promiscuous mode [ 253.122800][T12429] hsr_slave_1: entered promiscuous mode [ 253.129922][T12429] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 253.137753][T12429] Cannot create hsr debugfs directory [ 253.165332][ T54] Bluetooth: hci1: command tx timeout [ 253.211520][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 253.214117][T12480] netlink: 'syz.4.3216': attribute type 1 has an invalid length. [ 253.229727][T12480] netlink: 9320 bytes leftover after parsing attributes in process `syz.4.3216'. [ 253.241140][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 253.241298][T12480] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3216'. [ 253.259747][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 253.260900][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 253.261663][ T5237] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 253.262026][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 253.293767][T12480] netlink: 'syz.4.3216': attribute type 1 has an invalid length. [ 253.301735][T12480] netlink: 'syz.4.3216': attribute type 2 has an invalid length. [ 253.513999][ T2903] bridge_slave_1: left allmulticast mode [ 253.527155][ T2903] bridge_slave_1: left promiscuous mode [ 253.547114][ T2903] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.578671][ T2903] bridge_slave_0: left allmulticast mode [ 253.584514][ T2903] bridge_slave_0: left promiscuous mode [ 253.597314][ T2903] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.686770][ T2903] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 254.704305][ T2903] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 254.739360][ T2903] bond0 (unregistering): Released all slaves [ 255.244856][ T5237] Bluetooth: hci1: command tx timeout [ 255.405188][ T5237] Bluetooth: hci2: command tx timeout [ 255.614781][ T2903] hsr_slave_0: left promiscuous mode [ 255.635526][ T2903] hsr_slave_1: left promiscuous mode [ 255.644521][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 255.655520][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 255.668524][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 255.684588][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 255.709567][ T2903] veth1_macvtap: left promiscuous mode [ 255.715468][ T2903] veth0_macvtap: left promiscuous mode [ 255.721112][ T2903] veth1_vlan: left promiscuous mode [ 255.726911][ T2903] veth0_vlan: left promiscuous mode [ 256.313067][ T2903] team0 (unregistering): Port device team_slave_1 removed [ 256.362328][ T2903] team0 (unregistering): Port device team_slave_0 removed [ 257.292297][T12484] chnl_net:caif_netlink_parms(): no params data found [ 257.312220][T12429] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 257.325641][ T5237] Bluetooth: hci1: command tx timeout [ 257.350359][T12429] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 257.374466][T12429] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 257.402069][T12429] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 257.484950][ T5237] Bluetooth: hci2: command tx timeout [ 257.680532][T12484] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.704849][T12484] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.734224][T12484] bridge_slave_0: entered allmulticast mode [ 257.742158][T12484] bridge_slave_0: entered promiscuous mode [ 257.796035][T12557] veth2: entered allmulticast mode [ 257.837855][ T2903] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.868232][T12484] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.884607][T12484] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.924976][T12484] bridge_slave_1: entered allmulticast mode [ 257.934881][T12484] bridge_slave_1: entered promiscuous mode [ 258.042851][ T2903] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.065515][ T5237] Bluetooth: hci3: command 0x1407 tx timeout [ 258.161409][T12484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.251688][ T2903] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.280134][T12484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 258.375841][ T2903] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.546504][T12484] team0: Port device team_slave_0 added [ 258.584591][T12429] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.610236][T12484] team0: Port device team_slave_1 added [ 258.793524][T12484] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 258.806716][T12484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.878611][T12484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 258.907918][T12484] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 258.917324][T12484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.959283][T12484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.131678][T12429] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.228521][T12600] netlink: 'syz.1.3263': attribute type 4 has an invalid length. [ 259.247980][T12587] netlink: 'syz.4.3255': attribute type 4 has an invalid length. [ 259.263263][T12484] hsr_slave_0: entered promiscuous mode [ 259.291128][T12484] hsr_slave_1: entered promiscuous mode [ 259.300395][T12484] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.325189][T12484] Cannot create hsr debugfs directory [ 259.352790][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.361308][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.377241][T12604] netlink: 340 bytes leftover after parsing attributes in process `syz.1.3265'. [ 259.406071][ T54] Bluetooth: hci1: command tx timeout [ 259.463786][ T2903] bridge_slave_1: left allmulticast mode [ 259.469810][ T2903] bridge_slave_1: left promiscuous mode [ 259.475599][ T2903] bridge0: port 2(bridge_slave_1) entered disabled state [ 259.515507][ T2903] bridge_slave_0: left allmulticast mode [ 259.521375][ T2903] bridge0: port 1(bridge_slave_0) entered disabled state [ 259.565725][ T54] Bluetooth: hci2: command tx timeout [ 259.675430][ T2903] bond_slave_0: left promiscuous mode [ 259.682317][ T2903] bond_slave_1: left promiscuous mode [ 259.912981][T12618] Bluetooth: hci3: unsupported parameter 64512 [ 259.922477][T12618] Bluetooth: hci3: invalid length 0, exp 2 for type 7 [ 260.255315][T12624] IPVS: Scheduler module ip_vs_sip not found [ 260.266446][T12628] netlink: 'syz.4.3274': attribute type 1 has an invalid length. [ 260.553375][ T2903] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 260.567748][ T2903] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 260.582714][ T2903] bond0 (unregistering): Released all slaves [ 260.597863][ T2903] bond1 (unregistering): Released all slaves [ 260.730885][T12632] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3275'. [ 260.742289][T12632] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3275'. [ 260.763246][T12632] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3275'. [ 260.803450][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.810677][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.045977][T12643] syz.1.3280[12643] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.046126][T12643] syz.1.3280[12643] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.646352][ T54] Bluetooth: hci2: command tx timeout [ 261.992715][T12429] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 262.194464][ T2903] hsr_slave_0: left promiscuous mode [ 262.210148][ T2903] hsr_slave_1: left promiscuous mode [ 262.235732][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 262.244580][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.263067][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 262.273693][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 262.323455][ T2903] veth0_macvtap: left promiscuous mode [ 262.335701][ T2903] veth1_vlan: left promiscuous mode [ 262.341175][ T2903] veth0_vlan: left promiscuous mode [ 263.137512][ T2903] team0 (unregistering): Port device team_slave_1 removed [ 263.218023][ T2903] team0 (unregistering): Port device team_slave_0 removed [ 263.618707][T12691] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3301'. [ 264.317132][T12429] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 264.598297][T12429] veth0_vlan: entered promiscuous mode [ 264.607510][T12484] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 264.646191][T12484] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 264.682456][T12484] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 264.720369][T12429] veth1_vlan: entered promiscuous mode [ 264.736441][ T2903] IPVS: stop unused estimator thread 0... [ 264.763667][T12484] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 264.984011][T12429] veth0_macvtap: entered promiscuous mode [ 265.042563][T12429] veth1_macvtap: entered promiscuous mode [ 265.166259][T12429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.185918][T12429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.213574][T12429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.253110][T12429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.274550][T12429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.315272][T12429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.328510][T12429] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.377964][T12429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.405924][T12429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.430358][T12429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.453719][T12429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.464494][T12429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.483416][T12429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.493734][T12429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.514137][T12429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.534310][T12429] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.583958][T12429] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.610422][T12429] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.623487][T12429] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.632626][T12429] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.688867][T12484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.719207][T12484] 8021q: adding VLAN 0 to HW filter on device team0 [ 265.763512][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.770733][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 265.792704][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.799896][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 265.961470][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 265.976819][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.076193][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.091305][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.507661][T12484] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.628174][T12484] veth0_vlan: entered promiscuous mode [ 266.667122][T12484] veth1_vlan: entered promiscuous mode [ 266.869600][ T2903] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.008162][T12484] veth0_macvtap: entered promiscuous mode [ 267.056106][T12484] veth1_macvtap: entered promiscuous mode [ 267.179286][ T2903] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.209925][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 267.220939][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.232686][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 267.246392][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.257052][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 267.267838][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.278457][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 267.290436][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.302570][T12484] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 267.322824][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.335339][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.349721][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.362411][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.372475][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.383529][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.393794][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.406006][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.416513][T12484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.427241][T12484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.438888][T12484] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 267.463983][ T2903] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.490764][T12484] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.500601][T12484] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.511859][T12484] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.535365][T12484] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.641825][ T2903] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.185808][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 268.204021][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 268.213415][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 268.230445][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 268.241468][ T5237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 268.256549][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 268.332185][ T2932] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.341883][ T2932] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.503855][ T2903] bridge_slave_1: left allmulticast mode [ 268.525907][ T2903] bridge_slave_1: left promiscuous mode [ 268.532776][ T2903] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.550091][ T2903] bridge_slave_0: left allmulticast mode [ 268.556771][ T2903] bridge_slave_0: left promiscuous mode [ 268.563815][ T2903] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.866364][T12809] netlink: 428 bytes leftover after parsing attributes in process `syz.4.3341'. [ 269.233525][ T2903] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 269.248963][ T2903] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 269.262424][ T2903] bond0 (unregistering): Released all slaves [ 269.313360][T12809] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3341'. [ 269.523386][T12817] xt_NFQUEUE: number of total queues is 0 [ 269.568686][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.581311][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.754047][T12823] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3350'. [ 269.803955][T12825] netlink: 124 bytes leftover after parsing attributes in process `syz.0.3351'. [ 269.844540][ T2903] hsr_slave_0: left promiscuous mode [ 269.877587][ T2903] hsr_slave_1: left promiscuous mode [ 269.896577][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 269.905645][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 269.918510][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 269.927224][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 269.959975][T12827] Bluetooth: hci3: unsupported parameter 65535 [ 269.961472][ T2903] veth1_macvtap: left promiscuous mode [ 269.970668][T12827] Bluetooth: hci3: invalid length 1, exp 2 for type 16 [ 269.974110][ T2903] veth0_macvtap: left promiscuous mode [ 270.000382][ T2903] veth1_vlan: left promiscuous mode [ 270.007224][ T2903] veth0_vlan: left promiscuous mode [ 270.292079][ T5237] Bluetooth: hci1: command tx timeout [ 270.758769][ T2903] team0 (unregistering): Port device team_slave_1 removed [ 270.815029][ T2903] team0 (unregistering): Port device team_slave_0 removed [ 271.373894][T12825] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3351'. [ 271.670599][T12789] chnl_net:caif_netlink_parms(): no params data found [ 272.061729][T12789] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.079267][T12789] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.094015][T12789] bridge_slave_0: entered allmulticast mode [ 272.121132][T12789] bridge_slave_0: entered promiscuous mode [ 272.165281][T12789] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.188466][T12789] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.208362][T12789] bridge_slave_1: entered allmulticast mode [ 272.222475][T12789] bridge_slave_1: entered promiscuous mode [ 272.364798][ T5237] Bluetooth: hci1: command tx timeout [ 272.507728][T12789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 272.526273][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 272.539757][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 272.549298][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 272.568429][T12789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 272.583096][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 272.593487][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 272.604852][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 272.754000][T12869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3369'. [ 272.783151][T12789] team0: Port device team_slave_0 added [ 272.793225][T12789] team0: Port device team_slave_1 added [ 272.919071][ T2903] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.048247][T12789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 273.059417][T12789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.105695][T12789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.170406][ T2903] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.212742][T12789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.222720][T12789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.254284][T12789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 273.329003][ T2903] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.492952][ T2903] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.604570][T12789] hsr_slave_0: entered promiscuous mode [ 273.627940][T12789] hsr_slave_1: entered promiscuous mode [ 273.637335][T12789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 273.647527][T12789] Cannot create hsr debugfs directory [ 273.765943][T12897] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3381'. [ 274.095114][ T2903] bridge_slave_1: left allmulticast mode [ 274.102085][ T2903] bridge_slave_1: left promiscuous mode [ 274.115068][ T2903] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.144012][ T2903] bridge_slave_0: left allmulticast mode [ 274.152241][ T2903] bridge_slave_0: left promiscuous mode [ 274.160046][ T2903] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.445974][ T54] Bluetooth: hci1: command tx timeout [ 274.675876][ T2903] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 274.688458][ T2903] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 274.697415][ T54] Bluetooth: hci2: command tx timeout [ 274.708049][ T2903] bond0 (unregistering): Released all slaves [ 275.130762][T12858] chnl_net:caif_netlink_parms(): no params data found [ 275.553917][ T2903] hsr_slave_0: left promiscuous mode [ 275.600003][ T2903] hsr_slave_1: left promiscuous mode [ 275.614446][T12943] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3401'. [ 275.617172][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 275.634290][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 275.646246][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 275.663658][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 275.711335][ T2903] veth1_macvtap: left promiscuous mode [ 275.717472][ T2903] veth0_macvtap: left promiscuous mode [ 275.723401][ T2903] veth1_vlan: left promiscuous mode [ 275.730185][ T2903] veth0_vlan: left promiscuous mode [ 276.525180][ T54] Bluetooth: hci1: command tx timeout [ 276.647411][ T2903] team0 (unregistering): Port device team_slave_1 removed [ 276.698521][ T2903] team0 (unregistering): Port device team_slave_0 removed [ 276.765612][ T54] Bluetooth: hci2: command tx timeout [ 277.417875][T12971] syz.0.3413[12971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 277.418251][T12971] syz.0.3413[12971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 277.443836][T12858] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.476922][T12858] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.484179][T12858] bridge_slave_0: entered allmulticast mode [ 277.513573][T12858] bridge_slave_0: entered promiscuous mode [ 277.548747][T12858] bridge0: port 2(bridge_slave_1) entered blocking state [ 277.568936][T12858] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.589975][T12858] bridge_slave_1: entered allmulticast mode [ 277.612151][T12858] bridge_slave_1: entered promiscuous mode [ 277.855906][T12858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 277.872188][T12858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 277.964246][T12858] team0: Port device team_slave_0 added [ 277.976928][T12858] team0: Port device team_slave_1 added [ 278.077866][T12858] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 278.086434][T12858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 278.118532][T12858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 278.149362][T12986] ebt_among: src integrity fail: 300 [ 278.176409][T12858] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 278.195503][T12858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 278.227376][T12858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 278.279162][T12789] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 278.329465][T12789] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 278.355818][T12789] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 278.391034][T12789] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 278.512077][T12858] hsr_slave_0: entered promiscuous mode [ 278.528554][T12858] hsr_slave_1: entered promiscuous mode [ 278.536904][T12858] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 278.554501][T12858] Cannot create hsr debugfs directory [ 278.725110][T13001] unknown channel width for channel at 909000KHz? [ 278.732845][T13001] unknown channel width for channel at 909000KHz? [ 278.805061][T13001] unknown channel width for channel at 909000KHz? [ 278.846458][ T54] Bluetooth: hci2: command tx timeout [ 279.042742][T13011] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3431'. [ 279.151716][T13015] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3433'. [ 279.236800][T13017] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3434'. [ 279.298805][T12789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 279.517181][T12789] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.524286][T13028] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3440'. [ 279.570485][ T2932] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.577685][ T2932] bridge0: port 1(bridge_slave_0) entered forwarding state [ 279.604511][ T2932] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.611708][ T2932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.659429][T13030] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3441'. [ 279.689920][T13030] tipc: Cannot configure node identity twice [ 279.731786][T13032] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3442'. [ 279.883800][T12858] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 279.908918][T12858] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 279.946882][T12858] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 279.978110][T12858] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 280.192199][T12789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 280.213601][T12858] 8021q: adding VLAN 0 to HW filter on device bond0 [ 280.269928][T12858] 8021q: adding VLAN 0 to HW filter on device team0 [ 280.306070][ T2932] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.313273][ T2932] bridge0: port 1(bridge_slave_0) entered forwarding state [ 280.323616][ T2932] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.330819][ T2932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.443723][T12789] veth0_vlan: entered promiscuous mode [ 280.483428][T12789] veth1_vlan: entered promiscuous mode [ 280.588331][T12789] veth0_macvtap: entered promiscuous mode [ 280.612002][T12789] veth1_macvtap: entered promiscuous mode [ 280.691163][T12789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 280.718214][T12789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 280.738935][T12789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 280.777223][T12789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 280.801104][T12789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 280.824098][T12789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 280.840395][T12789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 280.866075][T12789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 280.898804][T12789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 280.918452][T12789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 280.934877][ T54] Bluetooth: hci2: command tx timeout [ 280.944937][T12789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 280.956993][T12789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 280.969627][T12789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 280.981440][T12789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 280.995128][T12789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.011925][T12789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 281.032800][T12789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.073862][T12789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.104943][T12789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.113690][T12789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.313443][T12858] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 281.453719][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 281.486548][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 281.574009][T12858] veth0_vlan: entered promiscuous mode [ 281.665015][ T2932] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 281.677371][T12858] veth1_vlan: entered promiscuous mode [ 281.695250][ T2932] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 281.866779][T12858] veth0_macvtap: entered promiscuous mode [ 281.944523][T12858] veth1_macvtap: entered promiscuous mode [ 282.112173][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.125523][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.155138][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.198544][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.234888][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.262893][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.284958][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.314757][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.327313][T12858] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 282.370893][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.406720][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.424533][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.449468][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.459716][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.493376][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.507482][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.526540][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.544941][T12858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.564524][T12858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.578313][T12858] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 282.626447][T12858] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.646662][T12858] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.656079][T12858] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.672476][T12858] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.932597][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.947775][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 283.000870][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 283.021783][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.080056][ T52] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.659486][ T52] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.734037][ T52] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.824558][ T52] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.133251][ T52] bridge_slave_1: left allmulticast mode [ 285.155106][ T52] bridge_slave_1: left promiscuous mode [ 285.162082][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.237659][ T52] bridge_slave_0: left allmulticast mode [ 285.244507][ T52] bridge_slave_0: left promiscuous mode [ 285.273378][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.458217][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 285.469113][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 285.478284][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 285.493472][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 285.506855][ T5237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 285.526443][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 285.811896][T13159] netlink: 'syz.4.3491': attribute type 11 has an invalid length. [ 286.179599][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 286.217232][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 286.240534][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 286.250268][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 286.268200][ T5237] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 286.278145][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 286.281319][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 286.301247][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 286.314366][ T52] bond0 (unregistering): Released all slaves [ 286.867039][T13175] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3499'. [ 286.883906][T13175] netlink: 'syz.1.3499': attribute type 7 has an invalid length. [ 286.902014][T13175] netlink: 'syz.1.3499': attribute type 8 has an invalid length. [ 286.911276][T13175] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3499'. [ 286.941978][T13175] gretap0: entered promiscuous mode [ 286.953756][T13175] batadv_slave_1: entered promiscuous mode [ 287.022654][ T52] hsr_slave_0: left promiscuous mode [ 287.038041][ T52] hsr_slave_1: left promiscuous mode [ 287.044788][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 287.053912][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 287.064085][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 287.075405][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 287.142097][ T52] veth1_macvtap: left promiscuous mode [ 287.165817][ T52] veth0_macvtap: left promiscuous mode [ 287.174225][ T52] veth1_vlan: left promiscuous mode [ 287.180984][ T52] veth0_vlan: left promiscuous mode [ 287.647906][ T54] Bluetooth: hci1: command tx timeout [ 288.311604][ T52] team0 (unregistering): Port device team_slave_1 removed [ 288.363349][ T52] team0 (unregistering): Port device team_slave_0 removed [ 288.365098][ T54] Bluetooth: hci2: command tx timeout [ 288.928014][T13179] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3500'. [ 288.941049][T13179] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3500'. [ 289.001066][T13182] geneve2: entered promiscuous mode [ 289.008678][T13182] geneve2: entered allmulticast mode [ 289.322874][T13165] chnl_net:caif_netlink_parms(): no params data found [ 289.725329][ T54] Bluetooth: hci1: command tx timeout [ 289.818996][T13165] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.827080][T13165] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.834328][T13165] bridge_slave_0: entered allmulticast mode [ 289.842635][T13165] bridge_slave_0: entered promiscuous mode [ 289.880241][T13165] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.888957][T13165] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.897469][T13165] bridge_slave_1: entered allmulticast mode [ 289.906957][T13165] bridge_slave_1: entered promiscuous mode [ 289.933669][T13156] chnl_net:caif_netlink_parms(): no params data found [ 290.103613][T13165] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 290.147043][T13165] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 290.444970][ T54] Bluetooth: hci2: command tx timeout [ 290.462603][ T52] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.596491][T13165] team0: Port device team_slave_0 added [ 290.666284][T13165] team0: Port device team_slave_1 added [ 290.848551][ T52] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.998605][T13165] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 291.023626][T13165] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.080551][T13234] Bluetooth: hci3: invalid length 0, exp 2 for type 3 [ 291.091812][T13165] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 291.208469][ T52] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.257310][T13156] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.275211][T13156] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.282503][T13156] bridge_slave_0: entered allmulticast mode [ 291.300673][T13156] bridge_slave_0: entered promiscuous mode [ 291.309566][T13156] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.324818][T13156] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.332183][T13156] bridge_slave_1: entered allmulticast mode [ 291.353311][T13156] bridge_slave_1: entered promiscuous mode [ 291.407268][T13165] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 291.420740][T13165] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.461263][T13165] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 291.605365][ T52] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.637750][T13156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.652805][T13156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 291.808008][ T54] Bluetooth: hci1: command tx timeout [ 291.815649][T13156] team0: Port device team_slave_0 added [ 291.827964][T13165] hsr_slave_0: entered promiscuous mode [ 291.836531][T13165] hsr_slave_1: entered promiscuous mode [ 291.845508][T13165] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 291.855441][T13165] Cannot create hsr debugfs directory [ 291.868986][T13156] team0: Port device team_slave_1 added [ 292.166729][ T52] bridge_slave_1: left allmulticast mode [ 292.172425][ T52] bridge_slave_1: left promiscuous mode [ 292.225216][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.315802][ T52] bridge_slave_0: left allmulticast mode [ 292.321492][ T52] bridge_slave_0: left promiscuous mode [ 292.365253][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.525029][ T54] Bluetooth: hci2: command tx timeout [ 293.431721][T13264] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3528'. [ 293.564191][ T52] batman_adv: batadv0: Removing interface: gretap1 [ 293.890861][ T54] Bluetooth: hci1: command tx timeout [ 293.970375][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 293.982494][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 293.993777][ T52] bond0 (unregistering): Released all slaves [ 294.138559][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 294.150736][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 294.162544][ T52] bond0 (unregistering): Released all slaves [ 294.304409][T13156] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 294.320172][T13156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 294.350820][T13156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 294.411028][T13156] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 294.434997][T13156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 294.484741][T13156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 294.608933][ T54] Bluetooth: hci2: command tx timeout [ 294.632879][T13271] netlink: 'syz.4.3529': attribute type 1 has an invalid length. [ 294.640947][T13271] netlink: 3440 bytes leftover after parsing attributes in process `syz.4.3529'. [ 294.650244][T13271] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3529'. [ 294.749401][T13156] hsr_slave_0: entered promiscuous mode [ 294.757699][T13156] hsr_slave_1: entered promiscuous mode [ 294.766856][T13156] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 294.790957][T13156] Cannot create hsr debugfs directory [ 295.308548][ T52] hsr_slave_0: left promiscuous mode [ 295.321319][ T52] hsr_slave_1: left promiscuous mode [ 295.327825][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 295.335623][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 295.345643][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 295.353072][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 295.368329][ T52] hsr_slave_0: left promiscuous mode [ 295.374503][ T52] hsr_slave_1: left promiscuous mode [ 295.380953][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 295.390316][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 295.399064][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 295.407090][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 295.449177][ T52] veth1_macvtap: left promiscuous mode [ 295.454898][ T52] veth0_macvtap: left promiscuous mode [ 295.460543][ T52] veth1_vlan: left promiscuous mode [ 295.466255][ T52] veth0_vlan: left promiscuous mode [ 295.473736][ T52] veth1_macvtap: left promiscuous mode [ 295.479437][ T52] veth0_macvtap: left promiscuous mode [ 295.485153][ T52] veth1_vlan: left promiscuous mode [ 295.490487][ T52] veth0_vlan: left promiscuous mode [ 297.005433][ T52] team0 (unregistering): Port device team_slave_1 removed [ 297.153693][ T52] team0 (unregistering): Port device team_slave_0 removed [ 299.623197][ T52] team0 (unregistering): Port device team_slave_1 removed [ 299.750816][ T52] team0 (unregistering): Port device team_slave_0 removed [ 307.165659][ C1] Dead loop on virtual device ipvlan0, fix it urgently! [ 329.754804][ T54] Bluetooth: hci5: command 0x0406 tx timeout [ 411.656180][ T54] Bluetooth: hci1: command 0x0406 tx timeout [ 416.784669][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 424.935651][ C1] Dead loop on virtual device ipvlan0, fix it urgently! [ 445.405595][ T30] INFO: task syz.1.3527:13259 blocked for more than 143 seconds. [ 445.484988][ T30] Not tainted 6.11.0-rc6-syzkaller-01487-g3cfb5aa10cb7 #0 [ 445.492756][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 445.644676][ T30] task:syz.1.3527 state:D stack:24672 pid:13259 tgid:13259 ppid:9872 flags:0x00000000 [ 445.714740][ T30] Call Trace: [ 445.718072][ T30] [ 445.721021][ T30] __schedule+0x1800/0x4a60 [ 445.814674][ T30] ? __pfx___schedule+0x10/0x10 [ 445.819593][ T30] ? __pfx_lock_release+0x10/0x10 [ 445.894657][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 445.900392][ T30] ? schedule+0x90/0x320 [ 445.974639][ T30] schedule+0x14b/0x320 [ 445.978871][ T30] schedule_preempt_disabled+0x13/0x30 [ 446.054687][ T30] __mutex_lock+0x6a4/0xd70 [ 446.059259][ T30] ? __mutex_lock+0x527/0xd70 [ 446.063959][ T30] ? pipe_release+0x4e/0x330 [ 446.174594][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 446.179689][ T30] ? __pfx___might_resched+0x10/0x10 [ 446.274657][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 446.280192][ T30] pipe_release+0x4e/0x330 [ 446.374604][ T30] ? __pfx_pipe_release+0x10/0x10 [ 446.379695][ T30] __fput+0x24a/0x8a0 [ 446.383711][ T30] task_work_run+0x24f/0x310 [ 446.494627][ T30] ? __pfx_task_work_run+0x10/0x10 [ 446.499804][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 446.585086][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 446.590876][ T30] do_syscall_64+0x100/0x230 [ 446.664645][ T30] ? clear_bhb_loop+0x35/0x90 [ 446.669392][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.774641][ T30] RIP: 0033:0x7f8e16b7def9 [ 446.779128][ T30] RSP: 002b:00007ffed3b715e8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 446.864671][ T30] RAX: 0000000000000000 RBX: 00007f8e16d37a80 RCX: 00007f8e16b7def9 [ 446.872709][ T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 446.994621][ T30] RBP: 00007f8e16d37a80 R08: 0000000000000006 R09: 00007ffed3b718df [ 447.004204][ T30] R10: 00000000005fa488 R11: 0000000000000246 R12: 0000000000047cf8 [ 447.144645][ T30] R13: 00007ffed3b716f0 R14: 0000000000000032 R15: ffffffffffffffff [ 447.154289][ T30] [ 447.224650][ T30] [ 447.224650][ T30] Showing all locks held in the system: [ 447.233938][ T30] 3 locks held by kworker/0:1/9: [ 447.325224][ T30] 1 lock held by khungtaskd/30: [ 447.331070][ T30] #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 447.454795][ T30] 3 locks held by kworker/u8:8/2932: [ 447.461408][ T30] 2 locks held by getty/4994: [ 447.554732][ T30] #0: ffff8880308dc0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 447.634639][ T30] #1: ffffc90002f0e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 447.734707][ T30] 1 lock held by syz.1.3527/13259: [ 447.741016][ T30] #0: ffff888025715868 (&pipe->mutex){+.+.}-{3:3}, at: pipe_release+0x4e/0x330 [ 447.854733][ T30] 1 lock held by syz.1.3527/13265: [ 447.860919][ T30] #0: ffff888025715868 (&pipe->mutex){+.+.}-{3:3}, at: splice_to_socket+0xee/0x10b0 [ 447.974652][ T30] [ 447.977532][ T30] ============================================= [ 447.977532][ T30] [ 448.094634][ T30] NMI backtrace for cpu 1 [ 448.099042][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-01487-g3cfb5aa10cb7 #0 [ 448.109563][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 448.119637][ T30] Call Trace: [ 448.122924][ T30] [ 448.125862][ T30] dump_stack_lvl+0x241/0x360 [ 448.130653][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 448.135875][ T30] ? __pfx__printk+0x10/0x10 [ 448.140474][ T30] ? vprintk_emit+0x667/0x7c0 [ 448.145169][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 448.150295][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 448.155248][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 448.160731][ T30] ? _printk+0xd5/0x120 [ 448.164913][ T30] ? __pfx__printk+0x10/0x10 [ 448.169521][ T30] ? __wake_up_klogd+0xcc/0x110 [ 448.174401][ T30] ? __pfx__printk+0x10/0x10 [ 448.179098][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 448.184137][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 448.190136][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 448.196134][ T30] watchdog+0xff4/0x1040 [ 448.200395][ T30] ? watchdog+0x1ea/0x1040 [ 448.204828][ T30] ? __pfx_watchdog+0x10/0x10 [ 448.209519][ T30] kthread+0x2f0/0x390 [ 448.213614][ T30] ? __pfx_watchdog+0x10/0x10 [ 448.218308][ T30] ? __pfx_kthread+0x10/0x10 [ 448.223006][ T30] ret_from_fork+0x4b/0x80 [ 448.227441][ T30] ? __pfx_kthread+0x10/0x10 [ 448.232079][ T30] ret_from_fork_asm+0x1a/0x30 [ 448.236876][ T30] [ 448.240372][ T30] Sending NMI from CPU 1 to CPUs 0: [ 448.245642][ C0] NMI backtrace for cpu 0 [ 448.245655][ C0] CPU: 0 UID: 0 PID: 4902 Comm: dhcpcd Not tainted 6.11.0-rc6-syzkaller-01487-g3cfb5aa10cb7 #0 [ 448.245676][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 448.245686][ C0] RIP: 0010:__kasan_check_read+0x0/0x20 [ 448.245713][ C0] Code: 8e 4c 89 fe e8 81 84 bd 09 31 db eb d0 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 89 f6 48 8b 0c 24 31 d2 e9 6f e6 ff ff 66 2e 0f 1f 84 [ 448.245731][ C0] RSP: 0018:ffffc9000410f9c8 EFLAGS: 00000047 [ 448.245746][ C0] RAX: 0000000000000000 RBX: 0000000000000021 RCX: 0000000025a33bf3 [ 448.245757][ C0] RDX: 00000000f17dae4a RSI: 0000000000000008 RDI: ffffffff941eb840 [ 448.245769][ C0] RBP: d8332a6fa9f2d431 R08: ffffffff941eb847 R09: 1ffffffff283d708 [ 448.245785][ C0] R10: dffffc0000000000 R11: fffffbfff283d709 R12: 0000000000000000 [ 448.245796][ C0] R13: ffff88802f2b8ad8 R14: 1ffff11005e57165 R15: ffff88802f2b8b28 [ 448.245808][ C0] FS: 00007f4bd535a740(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 448.245823][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 448.245833][ C0] CR2: 000055a58b0c9a48 CR3: 0000000012380000 CR4: 00000000003506f0 [ 448.245847][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 448.245857][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 448.245867][ C0] Call Trace: [ 448.245873][ C0] [ 448.245880][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 448.245896][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 448.245926][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 448.245952][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 448.245973][ C0] ? nmi_handle+0x14f/0x5a0 [ 448.245988][ C0] ? nmi_handle+0x2a/0x5a0 [ 448.246004][ C0] ? __pfx___kasan_check_read+0x10/0x10 [ 448.246022][ C0] ? default_do_nmi+0x63/0x160 [ 448.246037][ C0] ? exc_nmi+0x123/0x1f0 [ 448.246055][ C0] ? end_repeat_nmi+0xf/0x53 [ 448.246080][ C0] ? __pfx___kasan_check_read+0x10/0x10 [ 448.246098][ C0] ? __pfx___kasan_check_read+0x10/0x10 [ 448.246117][ C0] ? __pfx___kasan_check_read+0x10/0x10 [ 448.246135][ C0] [ 448.246141][ C0] [ 448.246146][ C0] __lock_acquire+0xf3c/0x2040 [ 448.246172][ C0] lock_acquire+0x1ed/0x550 [ 448.246193][ C0] ? group_send_sig_info+0x86/0x310 [ 448.246213][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 448.246232][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 448.246252][ C0] ? __lock_acquire+0x137a/0x2040 [ 448.246274][ C0] ? group_send_sig_info+0x86/0x310 [ 448.246289][ C0] group_send_sig_info+0xa3/0x310 [ 448.246303][ C0] ? group_send_sig_info+0x86/0x310 [ 448.246323][ C0] ? __pfx_group_send_sig_info+0x10/0x10 [ 448.246340][ C0] ? __pfx_kernel_wait4+0x10/0x10 [ 448.246357][ C0] bpf_send_signal_common+0x2dd/0x430 [ 448.246377][ C0] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 448.246394][ C0] ? __pfx___cant_migrate+0x10/0x10 [ 448.246416][ C0] ? bpf_trace_run2+0x1fc/0x540 [ 448.246435][ C0] bpf_send_signal+0x19/0x30 [ 448.246456][ C0] bpf_prog_7ba5217f62dcd359+0x40/0x44 [ 448.246471][ C0] bpf_trace_run2+0x2ec/0x540 [ 448.246490][ C0] ? __pfx_bpf_trace_run2+0x10/0x10 [ 448.246509][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 448.246528][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 448.246548][ C0] ? do_syscall_64+0x100/0x230 [ 448.246567][ C0] trace_sys_enter+0x93/0xd0 [ 448.246584][ C0] syscall_trace_enter+0xf8/0x150 [ 448.246600][ C0] do_syscall_64+0xcc/0x230 [ 448.246618][ C0] ? clear_bhb_loop+0x35/0x90 [ 448.246634][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.246655][ C0] RIP: 0033:0x7f4bd5427ad5 [ 448.246669][ C0] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83 [ 448.246682][ C0] RSP: 002b:00007ffe3c24ce40 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 448.246697][ C0] RAX: ffffffffffffffda RBX: 000055a58b0b3e20 RCX: 00007f4bd5427ad5 [ 448.246709][ C0] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 000055a58b0b3e00 [ 448.246719][ C0] RBP: 00007ffe3c24d190 R08: 0000000000000008 R09: 00007ffe3c22cb40 [ 448.246730][ C0] R10: 00007ffe3c24d190 R11: 0000000000000246 R12: 0000000000000000 [ 448.246740][ C0] R13: 000055a570e9b610 R14: 00000000ffffffff R15: 0000000000000000 [ 448.246758][ C0] [ 449.354629][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 449.361523][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-01487-g3cfb5aa10cb7 #0 [ 449.372028][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 449.382090][ T30] Call Trace: [ 449.385374][ T30] [ 449.388310][ T30] dump_stack_lvl+0x241/0x360 [ 449.393009][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 449.398220][ T30] ? __pfx__printk+0x10/0x10 [ 449.402817][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 449.408820][ T30] ? vscnprintf+0x5d/0x90 [ 449.413164][ T30] panic+0x349/0x860 [ 449.417072][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 449.423245][ T30] ? __pfx_panic+0x10/0x10 [ 449.427673][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 449.433053][ T30] ? __irq_work_queue_local+0x137/0x410 [ 449.438611][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 449.444009][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 449.450170][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 449.456333][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 449.462504][ T30] watchdog+0x1033/0x1040 [ 449.466847][ T30] ? watchdog+0x1ea/0x1040 [ 449.471281][ T30] ? __pfx_watchdog+0x10/0x10 [ 449.475972][ T30] kthread+0x2f0/0x390 [ 449.480061][ T30] ? __pfx_watchdog+0x10/0x10 [ 449.484753][ T30] ? __pfx_kthread+0x10/0x10 [ 449.489358][ T30] ret_from_fork+0x4b/0x80 [ 449.493781][ T30] ? __pfx_kthread+0x10/0x10 [ 449.498386][ T30] ret_from_fork_asm+0x1a/0x30 [ 449.503174][ T30] [ 449.506319][ T30] Kernel Offset: disabled [ 449.510636][ T30] Rebooting in 86400 seconds..