last executing test programs: 1m4.32741446s ago: executing program 3 (id=672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="258e0d5465999bafa30001000000080002000201ee0008000100"], 0x24}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) write$cgroup_subtree(r4, &(0x7f0000000040), 0xfffffc3f) 55.375995091s ago: executing program 3 (id=672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="258e0d5465999bafa30001000000080002000201ee0008000100"], 0x24}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) write$cgroup_subtree(r4, &(0x7f0000000040), 0xfffffc3f) 52.456725483s ago: executing program 2 (id=904): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xc0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9c00000000010505000000000000f10c0a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c0002800500010000000000440001800c00028005000100000000002c00018014000300fd020000000000000000000000000001140004002001000000000000000000000000000106000340000100000800074000000001"], 0x9c}, 0x1, 0x0, 0x0, 0x4041}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000200)=[@in6={0xa, 0x0, 0x0, @local, 0x7}], 0x1c) sendto$inet6(r2, &(0x7f0000000140)='l', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000180)=0x4) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="980000000001030000000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff0200000000000000000000000000011400040020010000000000000000000000000001080007400000000004000680"], 0x98}}, 0x0) 52.13572763s ago: executing program 2 (id=907): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x48403900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x198, r0, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x179, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x2}, 0x6, 0x0, @broadcast, 0x5, 0xffff, 0x40000}}, @peer_mgmt={0x75, 0x16, {0x1, 0x827, @void, @val=0x22, @val="c15da2023c80c0c1bac004fbcf170c0b"}}, @link_id={0x65, 0x12, {@random="7a5a65182692", @broadcast, @broadcast}}, @rann={0x7e, 0x15, {{0x0, 0x18}, 0x9, 0xa, @device_a, 0x6, 0x7ff, 0xfffff800}}, @mesh_id={0x72, 0x6}, @random_vendor={0xdd, 0xc, "e4b2c1324cbfb0dcb712a7d2"}, @peer_mgmt={0x75, 0x6, {0x0, 0x1, @val=0x1f, @void, @void}}, @erp={0x2a, 0x1}, @random_vendor={0xdd, 0xf5, "80f0427fc0a4b9149b8930ca1ef4b70cc6cb47662b133dbfd8fd7f12202fa6327e732435f92162a85e8a2450e9af0af5e70538b51cfad005a05e5a62df4cf21c8ff3925cef4c29a47c5669e4df75c0919b9d18fae2592fb9ab1ff5abb6c6f4dc6cd7b1095fc3f5c13defb564fe948bef6be425fdfa3f0258492a77346ff038dfe80a999eb15342ba2769dac891bc6a79bcd0eda455ccc87ed2562341a974adeaee105d1513fd8ebf5f9279f90cb86edcd14f30c96a868b4faeee638f7a2eb7ee70ade201c17151b9d3383ce9fb685b06c928701210d9dba432333b854c1e4bb14dbeaa8494619b44b1f5704b48e8f5e41fe480c11c"}, @dsss={0x3, 0x1, 0x1}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4c020) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3e57fd066aad153ac89f2d6cbc8aab52b95417ef863a7674a08a7ea8f8cac7d88c10fca8bffbccf1d43dbfbcca7b8c8e852f050000007d01bc87c08927721228e211d7ecee001ab65e3623bd2f5cf82b97d79bb033099018ca5dce422ea29e9932dcd9256ebc6a54d0d0f529e200e67cd46f66390a7bdb7e5fe87862fd56757774de039ca81c006faaa60233ce6799adb6297e3172655793f0c5293da6638a438c30e4bcecd6ffff000000000000", @ANYRES16=r3, @ANYBLOB="010000000000ffdbdf250f000000050033000100000008000300", @ANYRES32=r2, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 42.767026083s ago: executing program 2 (id=907): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x48403900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x198, r0, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x179, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x2}, 0x6, 0x0, @broadcast, 0x5, 0xffff, 0x40000}}, @peer_mgmt={0x75, 0x16, {0x1, 0x827, @void, @val=0x22, @val="c15da2023c80c0c1bac004fbcf170c0b"}}, @link_id={0x65, 0x12, {@random="7a5a65182692", @broadcast, @broadcast}}, @rann={0x7e, 0x15, {{0x0, 0x18}, 0x9, 0xa, @device_a, 0x6, 0x7ff, 0xfffff800}}, @mesh_id={0x72, 0x6}, @random_vendor={0xdd, 0xc, "e4b2c1324cbfb0dcb712a7d2"}, @peer_mgmt={0x75, 0x6, {0x0, 0x1, @val=0x1f, @void, @void}}, @erp={0x2a, 0x1}, @random_vendor={0xdd, 0xf5, "80f0427fc0a4b9149b8930ca1ef4b70cc6cb47662b133dbfd8fd7f12202fa6327e732435f92162a85e8a2450e9af0af5e70538b51cfad005a05e5a62df4cf21c8ff3925cef4c29a47c5669e4df75c0919b9d18fae2592fb9ab1ff5abb6c6f4dc6cd7b1095fc3f5c13defb564fe948bef6be425fdfa3f0258492a77346ff038dfe80a999eb15342ba2769dac891bc6a79bcd0eda455ccc87ed2562341a974adeaee105d1513fd8ebf5f9279f90cb86edcd14f30c96a868b4faeee638f7a2eb7ee70ade201c17151b9d3383ce9fb685b06c928701210d9dba432333b854c1e4bb14dbeaa8494619b44b1f5704b48e8f5e41fe480c11c"}, @dsss={0x3, 0x1, 0x1}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4c020) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3e57fd066aad153ac89f2d6cbc8aab52b95417ef863a7674a08a7ea8f8cac7d88c10fca8bffbccf1d43dbfbcca7b8c8e852f050000007d01bc87c08927721228e211d7ecee001ab65e3623bd2f5cf82b97d79bb033099018ca5dce422ea29e9932dcd9256ebc6a54d0d0f529e200e67cd46f66390a7bdb7e5fe87862fd56757774de039ca81c006faaa60233ce6799adb6297e3172655793f0c5293da6638a438c30e4bcecd6ffff000000000000", @ANYRES16=r3, @ANYBLOB="010000000000ffdbdf250f000000050033000100000008000300", @ANYRES32=r2, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 42.302020388s ago: executing program 3 (id=672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="258e0d5465999bafa30001000000080002000201ee0008000100"], 0x24}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) write$cgroup_subtree(r4, &(0x7f0000000040), 0xfffffc3f) 31.376452179s ago: executing program 2 (id=907): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x48403900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x198, r0, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x179, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x2}, 0x6, 0x0, @broadcast, 0x5, 0xffff, 0x40000}}, @peer_mgmt={0x75, 0x16, {0x1, 0x827, @void, @val=0x22, @val="c15da2023c80c0c1bac004fbcf170c0b"}}, @link_id={0x65, 0x12, {@random="7a5a65182692", @broadcast, @broadcast}}, @rann={0x7e, 0x15, {{0x0, 0x18}, 0x9, 0xa, @device_a, 0x6, 0x7ff, 0xfffff800}}, @mesh_id={0x72, 0x6}, @random_vendor={0xdd, 0xc, "e4b2c1324cbfb0dcb712a7d2"}, @peer_mgmt={0x75, 0x6, {0x0, 0x1, @val=0x1f, @void, @void}}, @erp={0x2a, 0x1}, @random_vendor={0xdd, 0xf5, "80f0427fc0a4b9149b8930ca1ef4b70cc6cb47662b133dbfd8fd7f12202fa6327e732435f92162a85e8a2450e9af0af5e70538b51cfad005a05e5a62df4cf21c8ff3925cef4c29a47c5669e4df75c0919b9d18fae2592fb9ab1ff5abb6c6f4dc6cd7b1095fc3f5c13defb564fe948bef6be425fdfa3f0258492a77346ff038dfe80a999eb15342ba2769dac891bc6a79bcd0eda455ccc87ed2562341a974adeaee105d1513fd8ebf5f9279f90cb86edcd14f30c96a868b4faeee638f7a2eb7ee70ade201c17151b9d3383ce9fb685b06c928701210d9dba432333b854c1e4bb14dbeaa8494619b44b1f5704b48e8f5e41fe480c11c"}, @dsss={0x3, 0x1, 0x1}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4c020) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3e57fd066aad153ac89f2d6cbc8aab52b95417ef863a7674a08a7ea8f8cac7d88c10fca8bffbccf1d43dbfbcca7b8c8e852f050000007d01bc87c08927721228e211d7ecee001ab65e3623bd2f5cf82b97d79bb033099018ca5dce422ea29e9932dcd9256ebc6a54d0d0f529e200e67cd46f66390a7bdb7e5fe87862fd56757774de039ca81c006faaa60233ce6799adb6297e3172655793f0c5293da6638a438c30e4bcecd6ffff000000000000", @ANYRES16=r3, @ANYBLOB="010000000000ffdbdf250f000000050033000100000008000300", @ANYRES32=r2, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 31.000877078s ago: executing program 3 (id=672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="258e0d5465999bafa30001000000080002000201ee0008000100"], 0x24}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) write$cgroup_subtree(r4, &(0x7f0000000040), 0xfffffc3f) 21.408180219s ago: executing program 2 (id=907): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x48403900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x198, r0, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x179, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x2}, 0x6, 0x0, @broadcast, 0x5, 0xffff, 0x40000}}, @peer_mgmt={0x75, 0x16, {0x1, 0x827, @void, @val=0x22, @val="c15da2023c80c0c1bac004fbcf170c0b"}}, @link_id={0x65, 0x12, {@random="7a5a65182692", @broadcast, @broadcast}}, @rann={0x7e, 0x15, {{0x0, 0x18}, 0x9, 0xa, @device_a, 0x6, 0x7ff, 0xfffff800}}, @mesh_id={0x72, 0x6}, @random_vendor={0xdd, 0xc, "e4b2c1324cbfb0dcb712a7d2"}, @peer_mgmt={0x75, 0x6, {0x0, 0x1, @val=0x1f, @void, @void}}, @erp={0x2a, 0x1}, @random_vendor={0xdd, 0xf5, "80f0427fc0a4b9149b8930ca1ef4b70cc6cb47662b133dbfd8fd7f12202fa6327e732435f92162a85e8a2450e9af0af5e70538b51cfad005a05e5a62df4cf21c8ff3925cef4c29a47c5669e4df75c0919b9d18fae2592fb9ab1ff5abb6c6f4dc6cd7b1095fc3f5c13defb564fe948bef6be425fdfa3f0258492a77346ff038dfe80a999eb15342ba2769dac891bc6a79bcd0eda455ccc87ed2562341a974adeaee105d1513fd8ebf5f9279f90cb86edcd14f30c96a868b4faeee638f7a2eb7ee70ade201c17151b9d3383ce9fb685b06c928701210d9dba432333b854c1e4bb14dbeaa8494619b44b1f5704b48e8f5e41fe480c11c"}, @dsss={0x3, 0x1, 0x1}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4c020) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3e57fd066aad153ac89f2d6cbc8aab52b95417ef863a7674a08a7ea8f8cac7d88c10fca8bffbccf1d43dbfbcca7b8c8e852f050000007d01bc87c08927721228e211d7ecee001ab65e3623bd2f5cf82b97d79bb033099018ca5dce422ea29e9932dcd9256ebc6a54d0d0f529e200e67cd46f66390a7bdb7e5fe87862fd56757774de039ca81c006faaa60233ce6799adb6297e3172655793f0c5293da6638a438c30e4bcecd6ffff000000000000", @ANYRES16=r3, @ANYBLOB="010000000000ffdbdf250f000000050033000100000008000300", @ANYRES32=r2, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 19.851707825s ago: executing program 3 (id=672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="258e0d5465999bafa30001000000080002000201ee0008000100"], 0x24}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) write$cgroup_subtree(r4, &(0x7f0000000040), 0xfffffc3f) 9.024976751s ago: executing program 2 (id=907): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x48403900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x198, r0, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x179, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x2}, 0x6, 0x0, @broadcast, 0x5, 0xffff, 0x40000}}, @peer_mgmt={0x75, 0x16, {0x1, 0x827, @void, @val=0x22, @val="c15da2023c80c0c1bac004fbcf170c0b"}}, @link_id={0x65, 0x12, {@random="7a5a65182692", @broadcast, @broadcast}}, @rann={0x7e, 0x15, {{0x0, 0x18}, 0x9, 0xa, @device_a, 0x6, 0x7ff, 0xfffff800}}, @mesh_id={0x72, 0x6}, @random_vendor={0xdd, 0xc, "e4b2c1324cbfb0dcb712a7d2"}, @peer_mgmt={0x75, 0x6, {0x0, 0x1, @val=0x1f, @void, @void}}, @erp={0x2a, 0x1}, @random_vendor={0xdd, 0xf5, "80f0427fc0a4b9149b8930ca1ef4b70cc6cb47662b133dbfd8fd7f12202fa6327e732435f92162a85e8a2450e9af0af5e70538b51cfad005a05e5a62df4cf21c8ff3925cef4c29a47c5669e4df75c0919b9d18fae2592fb9ab1ff5abb6c6f4dc6cd7b1095fc3f5c13defb564fe948bef6be425fdfa3f0258492a77346ff038dfe80a999eb15342ba2769dac891bc6a79bcd0eda455ccc87ed2562341a974adeaee105d1513fd8ebf5f9279f90cb86edcd14f30c96a868b4faeee638f7a2eb7ee70ade201c17151b9d3383ce9fb685b06c928701210d9dba432333b854c1e4bb14dbeaa8494619b44b1f5704b48e8f5e41fe480c11c"}, @dsss={0x3, 0x1, 0x1}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4c020) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3e57fd066aad153ac89f2d6cbc8aab52b95417ef863a7674a08a7ea8f8cac7d88c10fca8bffbccf1d43dbfbcca7b8c8e852f050000007d01bc87c08927721228e211d7ecee001ab65e3623bd2f5cf82b97d79bb033099018ca5dce422ea29e9932dcd9256ebc6a54d0d0f529e200e67cd46f66390a7bdb7e5fe87862fd56757774de039ca81c006faaa60233ce6799adb6297e3172655793f0c5293da6638a438c30e4bcecd6ffff000000000000", @ANYRES16=r3, @ANYBLOB="010000000000ffdbdf250f000000050033000100000008000300", @ANYRES32=r2, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 8.670961661s ago: executing program 3 (id=672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="258e0d5465999bafa30001000000080002000201ee0008000100"], 0x24}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) write$cgroup_subtree(r4, &(0x7f0000000040), 0xfffffc3f) 1.10049397s ago: executing program 0 (id=1339): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) 985.615665ms ago: executing program 4 (id=1341): r0 = socket(0x2b, 0x80801, 0x1) getsockopt$inet_mreqsrc(r0, 0x0, 0xe, 0x0, &(0x7f0000000280)) 985.2165ms ago: executing program 1 (id=1342): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg$kcm(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000142) 896.37934ms ago: executing program 1 (id=1343): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) 864.73353ms ago: executing program 4 (id=1344): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x1, @mcast1, 0xc}, 0x1c) sendmmsg$inet(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000800)="3aae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dbfaf8eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff690894405a0b6abc3c4d0f6a16c0a95c0508bd7eeffcd1da0b17f7701448658864b429e9472edfeffbf34d6e7c78f4aa73c0b585d5463a40298459e6ebb94bf2bf363c3a6d0a6c38b5", 0x2f5}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb7630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33e47a0e416573cfdcfb44ed9dd4ce41af4de9c471c49f12f090934c3b32f2f4777c65b1574826727f5f62f842a3bedb18ec4aa931dfa0fc47e4dca15ec180d04cfdfff82fd9c6066fe65322c8c0b733c091c7ab9f8e1b60f6c37ef36acd509dec18fcc274d0334c8fa81809a5ddb27cc891a22c5978b8df086393396bf972ffd3013add7b197e6cbf06237757ae14f2eaabfcdf934749424c8250eb4ae6d5dd57b192825821fce610cb", 0x25a}, {&(0x7f0000000fc0)="05437c98b91b1455046fd01a7838d859007067c10aa7352abb8998e9bf031147", 0x20}, {&(0x7f0000000380)="8070982c08b53a070144c6fceb999378620c53631b3a22952c", 0x19}], 0x4, 0x0, 0x0, 0x900}}], 0x1, 0x0) 741.967235ms ago: executing program 4 (id=1345): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000012c0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 741.781881ms ago: executing program 0 (id=1346): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000005001b00"], 0x2c}}, 0x0) 670.419553ms ago: executing program 4 (id=1347): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) openat$cgroup(r0, 0x0, 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000240)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000280)={'b', ' *:* ', 'rm\x00'}, 0x9) 627.851723ms ago: executing program 0 (id=1348): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@getnexthop={0x1c, 0x6a, 0x501, 0xfffffdfe, 0x25dfdbff, {}, [@NHA_GROUPS={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20008000) 561.311155ms ago: executing program 1 (id=1349): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001c00)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xf, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) 542.121116ms ago: executing program 4 (id=1350): r0 = socket$kcm(0x10, 0x400000002, 0x0) recvmsg$kcm(r0, &(0x7f0000006480)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000014c0)=""/4093, 0xffd}, {&(0x7f0000000280)=""/88, 0x58}, {&(0x7f00000007c0)=""/216, 0xd8}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000e00)=""/100, 0x64}, {&(0x7f00000003c0)=""/229, 0xe5}, {&(0x7f00000001c0)=""/66, 0x42}, {&(0x7f0000000000)=""/60, 0x3c}], 0x8}, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0xfffffffffffffc80, &(0x7f0000000380)=[{&(0x7f0000000240)="1c0000005e007f029ea69801d76a90a272a2a788bab6c95f79e8f0e5", 0x1c}], 0x1}, 0x0) 478.841225ms ago: executing program 0 (id=1351): write(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x82, &(0x7f0000000300)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @local, {[@rr={0x7, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x4, [{@private=0xa010132}, {@multicast1}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@local}, {}, {@dev}, {@private, 0x3}]}]}}}}}}}, 0x0) 353.219403ms ago: executing program 4 (id=1352): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000280)=ANY=[@ANYBLOB="05000000000000007111af0000000000851000000200000085000000070000008c000000000000009500a50500000000fcf6673b78ee9a9f76542d6e87e12e07667b7b800297d645cf0bcbbf8787107700"/96], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="120000"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0) close(0xffffffffffffffff) r6 = socket(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, 0x0) r7 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r7, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) r8 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000200), 0x4) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$inet_sctp_SCTP_STATUS(r6, 0x84, 0xe, &(0x7f0000000540)={0x0, 0x9, 0x7, 0x8, 0x3, 0xba, 0x8, 0x8, {0x0, @in6={{0xa, 0x4e20, 0x40, @empty, 0x40}}, 0x8, 0x3, 0xd86, 0x9, 0x8}}, &(0x7f0000000400)=0xb0) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x30, 0x10, 0x503, 0x0, 0x0, {0x0, 0xcf, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gre={{0x8}, {0x4}}}]}, 0x30}}, 0xc880) sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) 346.748315ms ago: executing program 0 (id=1353): getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={0x0, @in6={{0xa, 0x4e20, 0x3, @mcast1, 0x800}}}, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd601927f2001c2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa6200005e"], 0x0) 310.545297ms ago: executing program 1 (id=1354): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 77.529467ms ago: executing program 1 (id=1355): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db7", 0x2d}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a958df39f9c5a8c8e876a52816446d0106f4a81dba144c80fda0b401f0774edbf73b3de44d7ca5c28b0830910f3b0", 0x424}], 0x2}, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40) 75.566ms ago: executing program 0 (id=1356): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00', 0x0}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000200)={@private2, r1}, 0x14) 0s ago: executing program 1 (id=1357): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$netlink(0x10, 0x3, 0x4) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafd0d36020a8429000b4e230f00000000a2bc5603ca00000f7f89004e002050da742dac0000000101ff05020003000200000000000100000000005839", 0x48}], 0x1) kernel console output (not intermixed with test programs): ented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.066165][ T8029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.094904][ T8029] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.102055][ T8029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.129353][ T8029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.303611][ T8029] hsr_slave_0: entered promiscuous mode [ 106.315435][ T8029] hsr_slave_1: entered promiscuous mode [ 106.330877][ T8138] netlink: 12 bytes leftover after parsing attributes in process `syz.2.708'. [ 106.333363][ T8029] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.367250][ T8029] Cannot create hsr debugfs directory [ 106.481951][ T8143] netlink: 'syz.2.708': attribute type 2 has an invalid length. [ 106.643844][ T5852] Bluetooth: hci2: command tx timeout [ 106.742859][ T8029] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.842487][ T8029] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.950473][ T8029] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.083914][ T8029] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.154464][ T8176] x_tables: duplicate underflow at hook 1 [ 107.302564][ T8029] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.327009][ T8187] syz.1.726: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 107.332664][ T8029] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.342602][ T8187] CPU: 1 UID: 0 PID: 8187 Comm: syz.1.726 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 107.342625][ T8187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 107.342639][ T8187] Call Trace: [ 107.342646][ T8187] [ 107.342653][ T8187] dump_stack_lvl+0x241/0x360 [ 107.342686][ T8187] ? __pfx_dump_stack_lvl+0x10/0x10 [ 107.342704][ T8187] ? __pfx__printk+0x10/0x10 [ 107.342735][ T8187] ? __rcu_read_unlock+0xa1/0x110 [ 107.342759][ T8187] warn_alloc+0x278/0x410 [ 107.342782][ T8187] ? __vmalloc_node_range_noprof+0x106/0x1380 [ 107.342804][ T8187] ? __pfx_warn_alloc+0x10/0x10 [ 107.342826][ T8187] ? kasan_save_track+0x3f/0x80 [ 107.342844][ T8187] ? __kasan_kmalloc+0x98/0xb0 [ 107.342866][ T8187] ? xsk_setsockopt+0x4ea/0x950 [ 107.342882][ T8187] ? do_sock_setsockopt+0x3af/0x720 [ 107.342905][ T8187] ? __x64_sys_setsockopt+0x1ee/0x280 [ 107.342927][ T8187] ? do_syscall_64+0xf3/0x230 [ 107.342947][ T8187] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.342976][ T8187] __vmalloc_node_range_noprof+0x126/0x1380 [ 107.343022][ T8187] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 107.343047][ T8187] ? __kasan_kmalloc+0x98/0xb0 [ 107.343073][ T8187] vmalloc_user_noprof+0x74/0x80 [ 107.343093][ T8187] ? xskq_create+0xb6/0x170 [ 107.343109][ T8187] xskq_create+0xb6/0x170 [ 107.343129][ T8187] xsk_init_queue+0xa1/0x100 [ 107.343149][ T8187] xsk_setsockopt+0x4ea/0x950 [ 107.343168][ T8187] ? __pfx_xsk_setsockopt+0x10/0x10 [ 107.343185][ T8187] ? __pfx_aa_sk_perm+0x10/0x10 [ 107.343208][ T8187] ? aa_sock_opt_perm+0x79/0x120 [ 107.343233][ T8187] ? __pfx_xsk_setsockopt+0x10/0x10 [ 107.343248][ T8187] do_sock_setsockopt+0x3af/0x720 [ 107.343277][ T8187] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 107.343305][ T8187] ? __fget_files+0x395/0x410 [ 107.343321][ T8187] ? __fget_files+0x2a/0x410 [ 107.343345][ T8187] __x64_sys_setsockopt+0x1ee/0x280 [ 107.343375][ T8187] do_syscall_64+0xf3/0x230 [ 107.343396][ T8187] ? clear_bhb_loop+0x35/0x90 [ 107.343420][ T8187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.343439][ T8187] RIP: 0033:0x7fe87738cde9 [ 107.343459][ T8187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.343472][ T8187] RSP: 002b:00007fe87816b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 107.343489][ T8187] RAX: ffffffffffffffda RBX: 00007fe8775a5fa0 RCX: 00007fe87738cde9 [ 107.343501][ T8187] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 107.343514][ T8187] RBP: 00007fe87740e2a0 R08: 0000000000000004 R09: 0000000000000000 [ 107.343525][ T8187] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000 [ 107.343535][ T8187] R13: 0000000000000000 R14: 00007fe8775a5fa0 R15: 00007fff31a39ba8 [ 107.343561][ T8187] [ 107.343723][ T8187] Mem-Info: [ 107.635811][ T8187] active_anon:4002 inactive_anon:0 isolated_anon:0 [ 107.635811][ T8187] active_file:1289 inactive_file:38316 isolated_file:0 [ 107.635811][ T8187] unevictable:768 dirty:101 writeback:0 [ 107.635811][ T8187] slab_reclaimable:10698 slab_unreclaimable:102933 [ 107.635811][ T8187] mapped:28289 shmem:1440 pagetables:819 [ 107.635811][ T8187] sec_pagetables:0 bounce:0 [ 107.635811][ T8187] kernel_misc_reclaimable:0 [ 107.635811][ T8187] free:1335839 free_pcp:642 free_cma:0 [ 107.636536][ T8029] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.696843][ T8187] Node 0 active_anon:16008kB inactive_anon:0kB active_file:5156kB inactive_file:153192kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:113156kB dirty:404kB writeback:0kB shmem:4224kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11192kB pagetables:3276kB sec_pagetables:0kB all_unreclaimable? no [ 107.746183][ T8187] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 107.805311][ T8029] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.853768][ T8187] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 107.920433][ T8204] nbd: must specify a size in bytes for the device [ 107.950487][ T8187] lowmem_reserve[]: 0 2491 2491 0 0 [ 107.983919][ T8187] Node 0 DMA32 free:1419824kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:15972kB inactive_anon:0kB active_file:5156kB inactive_file:152612kB unevictable:1536kB writepending:400kB present:3129332kB managed:2551084kB mlocked:0kB bounce:0kB free_pcp:2440kB local_pcp:752kB free_cma:0kB [ 108.022868][ T8029] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.039532][ T8187] lowmem_reserve[]: 0 0 0 0 0 [ 108.071848][ T8187] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:580kB unevictable:0kB writepending:4kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 108.157568][ T8029] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.167654][ T8187] lowmem_reserve[]: 0 0 0 0 0 [ 108.172490][ T8187] Node 1 Normal free:3907256kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 108.202891][ T8187] lowmem_reserve[]: 0 0 0 0 0 [ 108.207782][ T8187] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 108.220774][ T8187] Node 0 DMA32: 5*4kB (UM) 160*8kB (UME) 102*16kB (UME) 75*32kB (UME) 37*64kB (ME) 21*128kB (ME) 22*256kB (UM) 19*512kB (UME) 8*1024kB (UM) 0*2048kB 338*4096kB (M) = 1418388kB [ 108.239503][ T8187] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 108.262876][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.268246][ T8187] Node 1 Normal: 214*4kB (UE) 40*8kB (UME) 38*16kB (UME) [ 108.270011][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.270016][ T8187] 208*32kB (UME) 105*64kB (UME) 37*128kB (UME) 17*256kB (UME) 8*512kB (UME) 4*1024kB (UM) 6*2048kB (UE) 943*4096kB (M) = 3907256kB [ 108.304096][ T8187] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 108.344495][ T8187] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 108.346386][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.360944][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.373804][ T8187] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 108.388935][ T8187] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 108.400299][ T8187] 41047 total pagecache pages [ 108.406440][ T8187] 0 pages in swap cache [ 108.410714][ T8187] Free swap = 124996kB [ 108.451562][ T8187] Total swap = 124996kB [ 108.470213][ T8224] netlink: zone id is out of range [ 108.471822][ T8187] 2097051 pages RAM [ 108.476982][ T8219] netlink: 'syz.0.736': attribute type 4 has an invalid length. [ 108.488273][ T8187] 0 pages HighMem/MovableOnly [ 108.499228][ T8224] netlink: del zone limit has 8 unknown bytes [ 108.503224][ T8187] 427494 pages reserved [ 108.527064][ T8187] 0 pages cma reserved [ 108.724512][ T5852] Bluetooth: hci2: command tx timeout [ 108.983123][ T8029] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.009883][ T8250] ip6gre1: entered allmulticast mode [ 109.115258][ T8029] veth0_vlan: entered promiscuous mode [ 109.141727][ T8029] veth1_vlan: entered promiscuous mode [ 109.199906][ T8029] veth0_macvtap: entered promiscuous mode [ 109.222540][ T8029] veth1_macvtap: entered promiscuous mode [ 109.262100][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.274036][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.285336][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.296310][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.308172][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.327400][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.338478][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.349387][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.363192][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.381947][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.410432][ T8029] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.431597][ T8029] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.440900][ T8029] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.450145][ T8029] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.586028][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.608239][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.670652][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.698068][ T8267] syz.4.751 (8267) used greatest stack depth: 16800 bytes left [ 109.705933][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.889429][ T8280] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 110.310975][ T8304] __nla_validate_parse: 9 callbacks suppressed [ 110.310991][ T8304] netlink: 12 bytes leftover after parsing attributes in process `syz.0.763'. [ 110.319409][ T8303] netlink: 12 bytes leftover after parsing attributes in process `syz.4.762'. [ 110.355753][ T8303] netlink: 'syz.4.762': attribute type 2 has an invalid length. [ 110.577160][ T8324] bridge0: port 3(ipvlan4) entered blocking state [ 110.604198][ T8324] bridge0: port 3(ipvlan4) entered disabled state [ 110.622264][ T8324] ipvlan4: entered allmulticast mode [ 110.631969][ T8324] bridge0: entered allmulticast mode [ 110.673534][ T8324] ipvlan4: left allmulticast mode [ 110.685168][ T8324] bridge0: left allmulticast mode [ 110.768400][ T8338] openvswitch: netlink: nsh attribute has 65524 unknown bytes. [ 110.783910][ T8338] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 110.934092][ T8347] netlink: 28 bytes leftover after parsing attributes in process `syz.2.771'. [ 111.029750][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.531421][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.641041][ T8382] netlink: 8 bytes leftover after parsing attributes in process `syz.4.783'. [ 111.683895][ T8382] netlink: 12 bytes leftover after parsing attributes in process `syz.4.783'. [ 111.843310][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 111.854997][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 111.863139][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 111.881644][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 111.890499][ T5842] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 111.898305][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 111.907234][ T8407] netlink: 12 bytes leftover after parsing attributes in process `syz.4.789'. [ 111.939148][ T8407] netlink: 32 bytes leftover after parsing attributes in process `syz.4.789'. [ 111.948348][ T8407] netlink: 12 bytes leftover after parsing attributes in process `syz.4.789'. [ 111.957898][ T8407] netlink: 20 bytes leftover after parsing attributes in process `syz.4.789'. [ 112.021658][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.186074][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.397437][ T12] bridge_slave_1: left allmulticast mode [ 112.405858][ T12] bridge_slave_1: left promiscuous mode [ 112.413032][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.425861][ T12] bridge_slave_0: left allmulticast mode [ 112.431530][ T12] bridge_slave_0: left promiscuous mode [ 112.437734][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.819544][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.830189][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.840206][ T12] bond0 (unregistering): Released all slaves [ 112.856018][ T8434] netlink: 80 bytes leftover after parsing attributes in process `syz.4.797'. [ 112.906213][ T8446] dvmrp8: entered allmulticast mode [ 113.092285][ T8402] chnl_net:caif_netlink_parms(): no params data found [ 113.227659][ T8429] dvmrp8: left allmulticast mode [ 113.480904][ T8402] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.490463][ T8402] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.502773][ T8402] bridge_slave_0: entered allmulticast mode [ 113.515156][ T8402] bridge_slave_0: entered promiscuous mode [ 113.536312][ T8402] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.552357][ T8402] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.567216][ T8402] bridge_slave_1: entered allmulticast mode [ 113.582198][ T8402] bridge_slave_1: entered promiscuous mode [ 113.659537][ T8477] ax25_connect(): syz.4.808 uses autobind, please contact jreuter@yaina.de [ 113.685566][ T5842] Bluetooth: hci4: command 0x0405 tx timeout [ 113.697679][ T8402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 113.731967][ T8402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 113.937528][ T8485] FAULT_INJECTION: forcing a failure. [ 113.937528][ T8485] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 114.011782][ T5842] Bluetooth: hci2: command tx timeout [ 114.021460][ T8485] CPU: 0 UID: 0 PID: 8485 Comm: syz.2.811 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 114.021483][ T8485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 114.021493][ T8485] Call Trace: [ 114.021499][ T8485] [ 114.021506][ T8485] dump_stack_lvl+0x241/0x360 [ 114.021531][ T8485] ? __pfx_dump_stack_lvl+0x10/0x10 [ 114.021549][ T8485] ? __pfx__printk+0x10/0x10 [ 114.021575][ T8485] ? __pfx_lock_release+0x10/0x10 [ 114.021604][ T8485] should_fail_ex+0x40a/0x550 [ 114.021627][ T8485] _copy_from_user+0x2d/0xb0 [ 114.021645][ T8485] copy_msghdr_from_user+0xae/0x680 [ 114.021671][ T8485] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 114.021689][ T8485] ? __fget_files+0x2a/0x410 [ 114.021710][ T8485] ? __fget_files+0x2a/0x410 [ 114.021735][ T8485] __sys_sendmsg+0x209/0x350 [ 114.021757][ T8485] ? __pfx___sys_sendmsg+0x10/0x10 [ 114.021785][ T8485] ? do_sys_openat2+0x17a/0x1d0 [ 114.021828][ T8485] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 114.021849][ T8485] ? do_syscall_64+0x100/0x230 [ 114.021873][ T8485] ? do_syscall_64+0xb6/0x230 [ 114.021897][ T8485] do_syscall_64+0xf3/0x230 [ 114.021917][ T8485] ? clear_bhb_loop+0x35/0x90 [ 114.021942][ T8485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.021961][ T8485] RIP: 0033:0x7f24b6f8cde9 [ 114.021976][ T8485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.021989][ T8485] RSP: 002b:00007f24b7d24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 114.022007][ T8485] RAX: ffffffffffffffda RBX: 00007f24b71a5fa0 RCX: 00007f24b6f8cde9 [ 114.022019][ T8485] RDX: 0000000000004040 RSI: 0000400000000240 RDI: 0000000000000003 [ 114.022029][ T8485] RBP: 00007f24b7d24090 R08: 0000000000000000 R09: 0000000000000000 [ 114.022039][ T8485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 114.022048][ T8485] R13: 0000000000000000 R14: 00007f24b71a5fa0 R15: 00007ffdf9680488 [ 114.022075][ T8485] [ 114.025952][ T8489] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 114.251472][ T8402] team0: Port device team_slave_0 added [ 114.276081][ T8402] team0: Port device team_slave_1 added [ 114.314326][ T12] hsr_slave_0: left promiscuous mode [ 114.335544][ T12] hsr_slave_1: left promiscuous mode [ 114.341709][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 114.350063][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 114.363870][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 114.371298][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.398155][ T12] veth1_macvtap: left promiscuous mode [ 114.405780][ T12] veth0_macvtap: left promiscuous mode [ 114.411512][ T12] veth1_vlan: left promiscuous mode [ 114.417882][ T12] veth0_vlan: left promiscuous mode [ 114.540474][ T8507] siw: device registration error -23 [ 114.850676][ T12] team0 (unregistering): Port device team_slave_1 removed [ 114.891548][ T12] team0 (unregistering): Port device team_slave_0 removed [ 115.248222][ T8497] ip_vti0: entered allmulticast mode [ 115.269271][ T8508] netlink: 'syz.2.818': attribute type 5 has an invalid length. [ 115.384408][ T8402] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 115.391428][ T8402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 115.423292][ T8402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 115.456447][ T8402] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 115.472462][ T8402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 115.563787][ T8402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 115.621449][ T8518] FAULT_INJECTION: forcing a failure. [ 115.621449][ T8518] name failslab, interval 1, probability 0, space 0, times 1 [ 115.658119][ T8518] CPU: 1 UID: 0 PID: 8518 Comm: syz.4.823 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 115.658141][ T8518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 115.658149][ T8518] Call Trace: [ 115.658154][ T8518] [ 115.658161][ T8518] dump_stack_lvl+0x241/0x360 [ 115.658184][ T8518] ? __pfx_dump_stack_lvl+0x10/0x10 [ 115.658200][ T8518] ? __pfx__printk+0x10/0x10 [ 115.658224][ T8518] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 115.658242][ T8518] ? __pfx___might_resched+0x10/0x10 [ 115.658262][ T8518] should_fail_ex+0x40a/0x550 [ 115.658280][ T8518] should_failslab+0xac/0x100 [ 115.658295][ T8518] kmem_cache_alloc_node_noprof+0x77/0x380 [ 115.658318][ T8518] ? __alloc_skb+0x1c3/0x440 [ 115.658342][ T8518] __alloc_skb+0x1c3/0x440 [ 115.658366][ T8518] ? __pfx___alloc_skb+0x10/0x10 [ 115.658386][ T8518] ? netlink_autobind+0xd6/0x2f0 [ 115.658399][ T8518] ? netlink_autobind+0x2b0/0x2f0 [ 115.658416][ T8518] netlink_sendmsg+0x638/0xcb0 [ 115.658440][ T8518] ? __pfx_netlink_sendmsg+0x10/0x10 [ 115.658457][ T8518] ? aa_sock_msg_perm+0x91/0x160 [ 115.658483][ T8518] ? __pfx_netlink_sendmsg+0x10/0x10 [ 115.658496][ T8518] __sock_sendmsg+0x221/0x270 [ 115.658518][ T8518] ____sys_sendmsg+0x52a/0x7e0 [ 115.658540][ T8518] ? __pfx_____sys_sendmsg+0x10/0x10 [ 115.658553][ T8518] ? __fget_files+0x2a/0x410 [ 115.658569][ T8518] ? __fget_files+0x2a/0x410 [ 115.658589][ T8518] __sys_sendmsg+0x269/0x350 [ 115.658608][ T8518] ? __pfx___sys_sendmsg+0x10/0x10 [ 115.658632][ T8518] ? do_sys_openat2+0x17a/0x1d0 [ 115.658670][ T8518] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 115.658693][ T8518] ? do_syscall_64+0x100/0x230 [ 115.658717][ T8518] ? do_syscall_64+0xb6/0x230 [ 115.658739][ T8518] do_syscall_64+0xf3/0x230 [ 115.658757][ T8518] ? clear_bhb_loop+0x35/0x90 [ 115.658781][ T8518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.658800][ T8518] RIP: 0033:0x7f65e378cde9 [ 115.658815][ T8518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.658827][ T8518] RSP: 002b:00007f65e463c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 115.658844][ T8518] RAX: ffffffffffffffda RBX: 00007f65e39a5fa0 RCX: 00007f65e378cde9 [ 115.658855][ T8518] RDX: 0000000000004040 RSI: 0000400000000240 RDI: 0000000000000003 [ 115.658865][ T8518] RBP: 00007f65e463c090 R08: 0000000000000000 R09: 0000000000000000 [ 115.658874][ T8518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 115.658884][ T8518] R13: 0000000000000000 R14: 00007f65e39a5fa0 R15: 00007ffe96d849d8 [ 115.658906][ T8518] [ 115.944264][ T8402] hsr_slave_0: entered promiscuous mode [ 115.950693][ T8402] hsr_slave_1: entered promiscuous mode [ 115.957049][ T8402] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 115.984368][ T8402] Cannot create hsr debugfs directory [ 116.084002][ T5842] Bluetooth: hci2: command tx timeout [ 116.507850][ T8551] bond0: (slave macvlan2): Error -98 calling set_mac_address [ 116.762986][ T8402] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 116.772150][ T8560] sctp: [Deprecated]: syz.2.834 (pid 8560) Use of int in max_burst socket option deprecated. [ 116.772150][ T8560] Use struct sctp_assoc_value instead [ 116.796613][ T8402] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 116.837924][ T8402] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 116.857802][ T8402] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 116.872475][ T8563] __nla_validate_parse: 3 callbacks suppressed [ 116.872491][ T8563] netlink: 308 bytes leftover after parsing attributes in process `syz.0.838'. [ 117.078255][ T8402] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.099728][ T8402] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.114971][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.122163][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.188540][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.195755][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.266435][ T8581] netlink: 16 bytes leftover after parsing attributes in process `syz.0.846'. [ 117.444195][ T8591] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 117.488404][ T8591] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 117.651004][ T8402] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.736174][ T8611] can: request_module (can-proto-4) failed. [ 117.740647][ T8402] veth0_vlan: entered promiscuous mode [ 117.772219][ T8617] netlink: 'syz.2.855': attribute type 4 has an invalid length. [ 117.964931][ T8402] veth1_vlan: entered promiscuous mode [ 118.037491][ T8630] netlink: 16 bytes leftover after parsing attributes in process `syz.4.859'. [ 118.045446][ T8402] veth0_macvtap: entered promiscuous mode [ 118.054386][ T8624] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 118.069446][ T8402] veth1_macvtap: entered promiscuous mode [ 118.146030][ T8402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.147035][ T8632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.860'. [ 118.164233][ T5842] Bluetooth: hci2: command tx timeout [ 118.181965][ T8402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.202192][ T8402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.222983][ T8402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.239830][ T8402] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.265214][ T8402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.289408][ T8402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.299950][ T8402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.310737][ T8402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.321862][ T8402] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.332840][ T8402] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.342661][ T8402] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.352313][ T8402] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.361301][ T8402] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.380954][ T8636] netlink: 17684 bytes leftover after parsing attributes in process `syz.4.861'. [ 118.578455][ T8646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.865'. [ 118.594642][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.602495][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.691864][ T8646] netlink: 516 bytes leftover after parsing attributes in process `syz.4.865'. [ 118.699351][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.715783][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.847013][ T8657] openvswitch: netlink: Port -1 exceeds max allowable 65535 [ 119.005941][ T8668] netlink: 8 bytes leftover after parsing attributes in process `syz.0.871'. [ 119.034460][ T8668] vlan4: entered allmulticast mode [ 119.045442][ T8672] netlink: 24 bytes leftover after parsing attributes in process `syz.1.872'. [ 119.179658][ T8679] netlink: 44 bytes leftover after parsing attributes in process `syz.0.874'. [ 119.194243][ T8682] netem: change failed [ 119.461662][ T8698] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 119.497815][ T8700] dummy0: entered allmulticast mode [ 119.508836][ T8700] batman_adv: batadv0: Adding interface: dummy0 [ 119.522178][ T8700] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 119.550272][ T8700] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 119.605392][ T8703] Cannot find del_set index 4 as target [ 119.799110][ T1167] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.050111][ T8715] vlan8: entered allmulticast mode [ 120.341445][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 120.351287][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 120.364112][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 120.379972][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 120.393924][ T5852] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 120.403829][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 120.569851][ T8746] nbd: must specify an index to disconnect [ 121.994759][ T1167] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.142847][ T1167] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.281198][ T8764] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.319017][ T1167] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.449697][ T8764] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.484179][ T5842] Bluetooth: hci2: command tx timeout [ 122.615004][ T8788] dvmrp1: entered allmulticast mode [ 122.703845][ T8764] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.759092][ T8791] __nla_validate_parse: 3 callbacks suppressed [ 122.759111][ T8791] netlink: 48 bytes leftover after parsing attributes in process `syz.1.905'. [ 122.792297][ T8791] netlink: 28 bytes leftover after parsing attributes in process `syz.1.905'. [ 122.822137][ T8791] netlink: 24 bytes leftover after parsing attributes in process `syz.1.905'. [ 122.911730][ T8764] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.113874][ T1167] bridge_slave_1: left allmulticast mode [ 123.125265][ T1167] bridge_slave_1: left promiscuous mode [ 123.152390][ T1167] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.188986][ T1167] bridge_slave_0: left allmulticast mode [ 123.196288][ T1167] bridge_slave_0: left promiscuous mode [ 123.202232][ T1167] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.520789][ T8814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.911'. [ 123.553536][ T5852] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 123.563327][ T5852] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 123.572211][ T5852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 123.589643][ T5852] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 123.607324][ T5852] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 123.614981][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 123.713320][ T1167] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 123.726764][ T1167] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 123.736873][ T1167] bond0 (unregistering): Released all slaves [ 123.779749][ T8812] vlan2: entered promiscuous mode [ 123.785566][ T8812] vlan2: entered allmulticast mode [ 123.945162][ T8764] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.971807][ T8764] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.981437][ T8820] netlink: 68 bytes leftover after parsing attributes in process `syz.1.912'. [ 124.048899][ T8764] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.056395][ T8826] netlink: 28 bytes leftover after parsing attributes in process `syz.4.913'. [ 124.171533][ T8730] chnl_net:caif_netlink_parms(): no params data found [ 124.212877][ T8764] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.253340][ T8829] FAULT_INJECTION: forcing a failure. [ 124.253340][ T8829] name failslab, interval 1, probability 0, space 0, times 0 [ 124.280770][ T8829] CPU: 1 UID: 0 PID: 8829 Comm: syz.1.914 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 124.280797][ T8829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 124.280807][ T8829] Call Trace: [ 124.280813][ T8829] [ 124.280821][ T8829] dump_stack_lvl+0x241/0x360 [ 124.280856][ T8829] ? __pfx_dump_stack_lvl+0x10/0x10 [ 124.280873][ T8829] ? __pfx__printk+0x10/0x10 [ 124.280898][ T8829] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 124.280917][ T8829] ? __pfx___might_resched+0x10/0x10 [ 124.280940][ T8829] should_fail_ex+0x40a/0x550 [ 124.280964][ T8829] should_failslab+0xac/0x100 [ 124.280983][ T8829] kmem_cache_alloc_node_noprof+0x77/0x380 [ 124.281000][ T8829] ? __alloc_skb+0x1c3/0x440 [ 124.281027][ T8829] __alloc_skb+0x1c3/0x440 [ 124.281054][ T8829] ? __pfx___alloc_skb+0x10/0x10 [ 124.281079][ T8829] ? netlink_ack_tlv_len+0x6e/0x200 [ 124.281106][ T8829] netlink_ack+0x145/0xa50 [ 124.281126][ T8829] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 124.281146][ T8829] ? __pfx_nl80211_post_doit+0x10/0x10 [ 124.281166][ T8829] ? __pfx___might_resched+0x10/0x10 [ 124.281195][ T8829] netlink_rcv_skb+0x262/0x430 [ 124.281219][ T8829] ? __pfx_genl_rcv_msg+0x10/0x10 [ 124.281239][ T8829] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 124.281276][ T8829] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 124.281306][ T8829] genl_rcv+0x28/0x40 [ 124.281323][ T8829] netlink_unicast+0x7f6/0x990 [ 124.281353][ T8829] ? __pfx_netlink_unicast+0x10/0x10 [ 124.281371][ T8829] ? __virt_addr_valid+0x45f/0x530 [ 124.281394][ T8829] ? __phys_addr_symbol+0x2f/0x70 [ 124.281415][ T8829] ? __check_object_size+0x47a/0x730 [ 124.281435][ T8829] netlink_sendmsg+0x8e4/0xcb0 [ 124.281463][ T8829] ? __pfx_netlink_sendmsg+0x10/0x10 [ 124.281483][ T8829] ? aa_sock_msg_perm+0x91/0x160 [ 124.281510][ T8829] ? __pfx_netlink_sendmsg+0x10/0x10 [ 124.281524][ T8829] __sock_sendmsg+0x221/0x270 [ 124.281547][ T8829] ____sys_sendmsg+0x52a/0x7e0 [ 124.281572][ T8829] ? __pfx_____sys_sendmsg+0x10/0x10 [ 124.281586][ T8829] ? __fget_files+0x2a/0x410 [ 124.281606][ T8829] ? __fget_files+0x2a/0x410 [ 124.281632][ T8829] __sys_sendmsg+0x269/0x350 [ 124.281653][ T8829] ? __pfx___sys_sendmsg+0x10/0x10 [ 124.281721][ T8829] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 124.281744][ T8829] ? do_syscall_64+0x100/0x230 [ 124.281769][ T8829] ? do_syscall_64+0xb6/0x230 [ 124.281792][ T8829] do_syscall_64+0xf3/0x230 [ 124.281812][ T8829] ? clear_bhb_loop+0x35/0x90 [ 124.281837][ T8829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.281857][ T8829] RIP: 0033:0x7fe87738cde9 [ 124.281876][ T8829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.281889][ T8829] RSP: 002b:00007fe87816b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 124.281914][ T8829] RAX: ffffffffffffffda RBX: 00007fe8775a5fa0 RCX: 00007fe87738cde9 [ 124.281926][ T8829] RDX: 0000000000004040 RSI: 0000400000000240 RDI: 0000000000000003 [ 124.281937][ T8829] RBP: 00007fe87816b090 R08: 0000000000000000 R09: 0000000000000000 [ 124.281946][ T8829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.281956][ T8829] R13: 0000000000000000 R14: 00007fe8775a5fa0 R15: 00007fff31a39ba8 [ 124.281982][ T8829] [ 124.661028][ T5852] Bluetooth: hci2: command tx timeout [ 124.766578][ T1167] hsr_slave_0: left promiscuous mode [ 124.772523][ T1167] hsr_slave_1: left promiscuous mode [ 124.778613][ T1167] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.786443][ T1167] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.802879][ T1167] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.811350][ T1167] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 125.043054][ T1167] veth1_macvtap: left promiscuous mode [ 125.049867][ T1167] veth0_macvtap: left promiscuous mode [ 125.072054][ T1167] veth1_vlan: left promiscuous mode [ 125.079055][ T1167] veth0_vlan: left promiscuous mode [ 125.260794][ T8851] netlink: 'syz.1.920': attribute type 13 has an invalid length. [ 125.315400][ T8852] netlink: 300 bytes leftover after parsing attributes in process `syz.1.920'. [ 125.567791][ T1167] team0 (unregistering): Port device team_slave_1 removed [ 125.607324][ T1167] team0 (unregistering): Port device team_slave_0 removed [ 125.687266][ T5852] Bluetooth: hci1: command tx timeout [ 125.980704][ T8849] veth0_to_hsr: invalid flags given to default FDB implementation [ 126.018736][ T8851] veth0_macvtap: left promiscuous mode [ 126.034242][ T8851] macvtap0: entered allmulticast mode [ 126.051870][ T8851] macvtap0: refused to change device tx_queue_len [ 126.078261][ T8852] netlink: 28 bytes leftover after parsing attributes in process `syz.1.920'. [ 126.107661][ T8858] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 126.110212][ T8852] netlink: 28 bytes leftover after parsing attributes in process `syz.1.920'. [ 126.124183][ T8859] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 126.202792][ T8730] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.210200][ T8730] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.231333][ T8730] bridge_slave_0: entered allmulticast mode [ 126.258267][ T8730] bridge_slave_0: entered promiscuous mode [ 126.283835][ T8730] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.291019][ T8730] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.311403][ T8730] bridge_slave_1: entered allmulticast mode [ 126.325864][ T8730] bridge_slave_1: entered promiscuous mode [ 126.353536][ T8871] netlink: 'syz.1.926': attribute type 12 has an invalid length. [ 126.363939][ T8871] netlink: 132 bytes leftover after parsing attributes in process `syz.1.926'. [ 126.425600][ T8730] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.458060][ T8730] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 126.599496][ T8730] team0: Port device team_slave_0 added [ 126.619597][ T8730] team0: Port device team_slave_1 added [ 126.698674][ T8815] chnl_net:caif_netlink_parms(): no params data found [ 126.716768][ T8730] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.724192][ T5852] Bluetooth: hci2: command tx timeout [ 126.738739][ T8730] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.770043][ T8730] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.799604][ T8730] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.811477][ T8730] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.839193][ T8730] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.041098][ T8906] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold [ 127.082669][ T8730] hsr_slave_0: entered promiscuous mode [ 127.090198][ T8730] hsr_slave_1: entered promiscuous mode [ 127.110011][ T8730] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.121531][ T8730] Cannot create hsr debugfs directory [ 127.130060][ T8815] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.146816][ T8815] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.159976][ T8815] bridge_slave_0: entered allmulticast mode [ 127.180591][ T8815] bridge_slave_0: entered promiscuous mode [ 127.196162][ T8815] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.219277][ T8815] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.251908][ T8815] bridge_slave_1: entered allmulticast mode [ 127.271404][ T8815] bridge_slave_1: entered promiscuous mode [ 127.367143][ T8815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 127.404051][ T8815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 127.420615][ T8927] ieee802154 phy0 wpan0: encryption failed: -22 [ 127.483370][ T8815] team0: Port device team_slave_0 added [ 127.500584][ T8815] team0: Port device team_slave_1 added [ 127.566809][ T8815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 127.578144][ T8815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.607385][ T8815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 127.637432][ T8815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 127.649023][ T8815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.675871][ T8815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.718608][ T8937] ax25_connect(): syz.4.945 uses autobind, please contact jreuter@yaina.de [ 127.746388][ T8937] Cannot find set identified by id 2 to match [ 127.765063][ T5852] Bluetooth: hci1: command tx timeout [ 127.816240][ T8815] hsr_slave_0: entered promiscuous mode [ 127.825985][ T8815] hsr_slave_1: entered promiscuous mode [ 127.832104][ T8815] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.844855][ T8815] Cannot create hsr debugfs directory [ 128.148485][ T8730] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 128.159700][ T8730] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 128.217924][ T8815] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.256696][ T8730] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 128.268283][ T8730] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 128.361103][ T8815] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.461315][ T8815] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.490352][ T8961] __nla_validate_parse: 5 callbacks suppressed [ 128.490369][ T8961] netlink: 4 bytes leftover after parsing attributes in process `syz.4.954'. [ 128.501502][ T8730] 8021q: adding VLAN 0 to HW filter on device bond0 [ 128.533105][ T8815] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.575330][ T8963] team_slave_0: mtu less than device minimum [ 128.586369][ T8730] 8021q: adding VLAN 0 to HW filter on device team0 [ 128.604180][ T2951] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.611365][ T2951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.640797][ T2951] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.647979][ T2951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.713303][ T8965] Timeout policy `syz0' can only be used by L3 protocol number 0 [ 128.750526][ T8815] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 128.774169][ T8815] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 128.785664][ T8815] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 128.797529][ T8815] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 128.805020][ T5852] Bluetooth: hci2: command tx timeout [ 128.967621][ T8815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 128.979841][ T8976] netlink: 'syz.1.958': attribute type 15 has an invalid length. [ 129.009913][ T8976] netlink: 'syz.1.958': attribute type 1 has an invalid length. [ 129.018082][ T8815] 8021q: adding VLAN 0 to HW filter on device team0 [ 129.044963][ T2951] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.052243][ T2951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 129.095399][ T2951] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.102563][ T2951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 129.191026][ T8981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.959'. [ 129.210478][ T8815] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 129.258985][ T8730] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 129.296780][ T8990] FAULT_INJECTION: forcing a failure. [ 129.296780][ T8990] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 129.326261][ T8988] can: request_module (can-proto-3) failed. [ 129.349201][ T8984] netlink: 'syz.1.961': attribute type 15 has an invalid length. [ 129.357251][ T8984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.961'. [ 129.396068][ T8990] CPU: 0 UID: 0 PID: 8990 Comm: syz.4.960 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 129.396094][ T8990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 129.396104][ T8990] Call Trace: [ 129.396109][ T8990] [ 129.396116][ T8990] dump_stack_lvl+0x241/0x360 [ 129.396140][ T8990] ? __pfx_dump_stack_lvl+0x10/0x10 [ 129.396156][ T8990] ? __pfx__printk+0x10/0x10 [ 129.396177][ T8990] ? __pfx_lock_release+0x10/0x10 [ 129.396205][ T8990] should_fail_ex+0x40a/0x550 [ 129.396226][ T8990] _copy_from_user+0x2d/0xb0 [ 129.396243][ T8990] sctp_setsockopt+0xcc/0x11c0 [ 129.396265][ T8990] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 129.396284][ T8990] do_sock_setsockopt+0x3af/0x720 [ 129.396310][ T8990] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 129.396337][ T8990] ? __fget_files+0x395/0x410 [ 129.396353][ T8990] ? __fget_files+0x2a/0x410 [ 129.396380][ T8990] __x64_sys_setsockopt+0x1ee/0x280 [ 129.396407][ T8990] do_syscall_64+0xf3/0x230 [ 129.396427][ T8990] ? clear_bhb_loop+0x35/0x90 [ 129.396450][ T8990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.396468][ T8990] RIP: 0033:0x7f65e378cde9 [ 129.396484][ T8990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.396496][ T8990] RSP: 002b:00007f65e461b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 129.396514][ T8990] RAX: ffffffffffffffda RBX: 00007f65e39a6080 RCX: 00007f65e378cde9 [ 129.396525][ T8990] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000004 [ 129.396535][ T8990] RBP: 00007f65e461b090 R08: 000000000000009c R09: 0000000000000000 [ 129.396545][ T8990] R10: 0000400000000300 R11: 0000000000000246 R12: 0000000000000001 [ 129.396554][ T8990] R13: 0000000000000001 R14: 00007f65e39a6080 R15: 00007ffe96d849d8 [ 129.396579][ T8990] [ 129.402386][ T8730] veth0_vlan: entered promiscuous mode [ 129.628760][ T8730] veth1_vlan: entered promiscuous mode [ 129.694732][ T8815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 129.761582][ T8730] veth0_macvtap: entered promiscuous mode [ 129.804289][ T8730] veth1_macvtap: entered promiscuous mode [ 129.820332][ T9005] netlink: 80 bytes leftover after parsing attributes in process `syz.0.966'. [ 129.830266][ T8815] veth0_vlan: entered promiscuous mode [ 129.845492][ T5852] Bluetooth: hci1: command tx timeout [ 129.870441][ T8730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.881637][ T8730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.892744][ T8730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.903548][ T8730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.915715][ T8730] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 129.927966][ T8815] veth1_vlan: entered promiscuous mode [ 129.963155][ T8730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 129.984232][ T8730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.994458][ T8730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.005942][ T8730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.017960][ T8730] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 130.047455][ T8815] veth0_macvtap: entered promiscuous mode [ 130.061063][ T9010] netlink: 28 bytes leftover after parsing attributes in process `syz.0.969'. [ 130.099581][ T8815] veth1_macvtap: entered promiscuous mode [ 130.109367][ T8730] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.118605][ T8730] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.129186][ T8730] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.137945][ T8730] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.175562][ T9015] netlink: 16 bytes leftover after parsing attributes in process `syz.0.969'. [ 130.236023][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 130.248858][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.262307][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 130.274381][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.284566][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 130.295368][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.315687][ T8815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 130.349719][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.369530][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.381298][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.398339][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.410194][ T8815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.425747][ T8815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.440924][ T8815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 130.460733][ T9024] netlink: 'syz.4.973': attribute type 3 has an invalid length. [ 130.468733][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.470700][ T8815] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.495544][ T8815] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.503668][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.508361][ T8815] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.527803][ T8815] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.527938][ T9024] netlink: 9 bytes leftover after parsing attributes in process `syz.4.973'. [ 130.574210][ T9024] 0·: renamed from hsr0 (while UP) [ 130.580779][ T9025] netlink: 68 bytes leftover after parsing attributes in process `syz.4.973'. [ 130.582748][ T9024] 0·: entered promiscuous mode [ 130.598342][ T9024] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 130.662133][ T9024] delete_channel: no stack [ 130.697634][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.714962][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.765557][ T9038] FAULT_INJECTION: forcing a failure. [ 130.765557][ T9038] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.788647][ T9038] CPU: 1 UID: 0 PID: 9038 Comm: syz.1.975 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 130.788669][ T9038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 130.788677][ T9038] Call Trace: [ 130.788683][ T9038] [ 130.788689][ T9038] dump_stack_lvl+0x241/0x360 [ 130.788713][ T9038] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.788729][ T9038] ? __pfx__printk+0x10/0x10 [ 130.788757][ T9038] ? snprintf+0xda/0x120 [ 130.788775][ T9038] should_fail_ex+0x40a/0x550 [ 130.788793][ T9038] _copy_to_user+0x31/0xb0 [ 130.788810][ T9038] simple_read_from_buffer+0xca/0x150 [ 130.788833][ T9038] proc_fail_nth_read+0x1e9/0x250 [ 130.788857][ T9038] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 130.788880][ T9038] ? rw_verify_area+0x243/0x630 [ 130.788897][ T9038] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 130.788918][ T9038] vfs_read+0x1f8/0xb40 [ 130.788936][ T9038] ? fdget_pos+0x254/0x320 [ 130.788953][ T9038] ? __pfx___mutex_lock+0x10/0x10 [ 130.788972][ T9038] ? __pfx_vfs_read+0x10/0x10 [ 130.788994][ T9038] ? __fget_files+0x2a/0x410 [ 130.789012][ T9038] ? __fget_files+0x395/0x410 [ 130.789026][ T9038] ? __fget_files+0x2a/0x410 [ 130.789050][ T9038] ksys_read+0x18f/0x2b0 [ 130.789069][ T9038] ? __pfx_ksys_read+0x10/0x10 [ 130.789088][ T9038] ? do_syscall_64+0x100/0x230 [ 130.789109][ T9038] ? do_syscall_64+0xb6/0x230 [ 130.789127][ T9038] do_syscall_64+0xf3/0x230 [ 130.789145][ T9038] ? clear_bhb_loop+0x35/0x90 [ 130.789167][ T9038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.789184][ T9038] RIP: 0033:0x7fe87738b7fc [ 130.789198][ T9038] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 130.789209][ T9038] RSP: 002b:00007fe87814a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 130.789226][ T9038] RAX: ffffffffffffffda RBX: 00007fe8775a6080 RCX: 00007fe87738b7fc [ 130.789237][ T9038] RDX: 000000000000000f RSI: 00007fe87814a0a0 RDI: 0000000000000005 [ 130.789247][ T9038] RBP: 00007fe87814a090 R08: 0000000000000000 R09: 0000000000000000 [ 130.789258][ T9038] R10: 0000400000000300 R11: 0000000000000246 R12: 0000000000000001 [ 130.789267][ T9038] R13: 0000000000000001 R14: 00007fe8775a6080 R15: 00007fff31a39ba8 [ 130.789294][ T9038] [ 130.801270][ T9042] SET target dimension over the limit! [ 130.924154][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.037916][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.120370][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.135864][ T9050] netlink: 'syz.1.979': attribute type 9 has an invalid length. [ 131.184408][ T9050] netlink: 201384 bytes leftover after parsing attributes in process `syz.1.979'. [ 131.201867][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.251246][ T9050] openvswitch: netlink: Message has 6 unknown bytes. [ 131.722417][ T9076] netlink: 16 bytes leftover after parsing attributes in process `syz.4.989'. [ 131.938877][ T9081] netlink: get zone limit has 8 unknown bytes [ 132.464470][ T2946] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.052731][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.059805][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.258042][ T2946] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.364830][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 133.380494][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 133.398415][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 133.407251][ T2946] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.418440][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 133.430865][ T5842] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 133.438867][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 133.502110][ T2946] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.626770][ T2946] bridge_slave_1: left allmulticast mode [ 133.632457][ T2946] bridge_slave_1: left promiscuous mode [ 133.638496][ T2946] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.647175][ T2946] bridge_slave_0: left allmulticast mode [ 133.652818][ T2946] bridge_slave_0: left promiscuous mode [ 133.663397][ T2946] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.120708][ T2946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.168436][ T2946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.191627][ T2946] bond0 (unregistering): Released all slaves [ 134.238394][ T9156] pimreg: left allmulticast mode [ 134.285405][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 134.303472][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 134.313109][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 134.322037][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 134.341858][ T5852] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 134.349639][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 134.427565][ T9150] chnl_net:caif_netlink_parms(): no params data found [ 134.661349][ T9187] __nla_validate_parse: 3 callbacks suppressed [ 134.661366][ T9187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1017'. [ 134.903350][ T9150] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.928678][ T9150] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.928919][ T9197] xt_CT: No such helper "pptp" [ 134.937541][ T9150] bridge_slave_0: entered allmulticast mode [ 134.953064][ T9150] bridge_slave_0: entered promiscuous mode [ 135.001621][ T2946] hsr_slave_0: left promiscuous mode [ 135.010540][ T2946] hsr_slave_1: left promiscuous mode [ 135.018109][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.025924][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.034628][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.042037][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.061207][ T2946] veth1_macvtap: left promiscuous mode [ 135.067780][ T2946] veth0_macvtap: left promiscuous mode [ 135.073590][ T2946] veth1_vlan: left promiscuous mode [ 135.080078][ T2946] veth0_vlan: left promiscuous mode [ 135.488544][ T2946] team0 (unregistering): Port device team_slave_1 removed [ 135.525129][ T5842] Bluetooth: hci1: command tx timeout [ 135.532142][ T2946] team0 (unregistering): Port device team_slave_0 removed [ 135.875580][ T9150] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.882799][ T9150] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.898831][ T9150] bridge_slave_1: entered allmulticast mode [ 135.911804][ T9150] bridge_slave_1: entered promiscuous mode [ 135.962387][ T9215] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1022'. [ 135.975371][ T9218] xt_time: unknown flags 0x4 [ 136.063400][ T9150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 136.095717][ T9150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 136.197545][ T9150] team0: Port device team_slave_0 added [ 136.255271][ T9150] team0: Port device team_slave_1 added [ 136.335044][ T9150] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.370187][ T9150] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.397966][ T9150] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.413883][ T5842] Bluetooth: hci2: command tx timeout [ 136.430169][ T9150] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 136.437181][ T9150] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.464985][ T9150] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.482182][ T9173] chnl_net:caif_netlink_parms(): no params data found [ 136.552274][ T9231] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1028'. [ 136.653304][ T2951] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.736773][ T9231] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.763563][ T9150] hsr_slave_0: entered promiscuous mode [ 136.775265][ T9150] hsr_slave_1: entered promiscuous mode [ 136.812183][ T2951] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.910649][ T9231] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.960286][ T2951] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.085972][ T9231] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.124727][ T2951] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.227489][ T9231] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.311332][ T9173] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.318672][ T9173] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.332804][ T9173] bridge_slave_0: entered allmulticast mode [ 137.340459][ T9173] bridge_slave_0: entered promiscuous mode [ 137.348656][ T9173] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.357196][ T9173] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.365832][ T9173] bridge_slave_1: entered allmulticast mode [ 137.372535][ T9173] bridge_slave_1: entered promiscuous mode [ 137.404569][ T9253] dccp_invalid_packet: P.Data Offset(0) too small [ 137.478158][ T9173] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.490453][ T9173] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 137.577863][ T9231] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.614372][ T5842] Bluetooth: hci1: command tx timeout [ 137.637960][ T9173] team0: Port device team_slave_0 added [ 137.662465][ T9231] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.685451][ T9173] team0: Port device team_slave_1 added [ 137.737015][ T9231] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.778860][ T2951] bridge_slave_1: left allmulticast mode [ 137.791052][ T2951] bridge_slave_1: left promiscuous mode [ 137.797564][ T2951] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.813138][ T2951] bridge_slave_0: left allmulticast mode [ 137.820865][ T2951] bridge_slave_0: left promiscuous mode [ 137.833792][ T2951] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.869533][ T9274] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1042'. [ 138.142274][ T2951] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 138.152945][ T2951] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 138.162921][ T2951] bond0 (unregistering): Released all slaves [ 138.220002][ T9231] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.362124][ T9173] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.373678][ T9173] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.433672][ T9173] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.494455][ T5842] Bluetooth: hci2: command tx timeout [ 138.656060][ T9278] veth0_to_hsr: entered promiscuous mode [ 138.674139][ T9173] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.681108][ T9173] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.743689][ T9173] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.772638][ T9275] veth0_to_hsr: left promiscuous mode [ 139.049380][ T9173] hsr_slave_0: entered promiscuous mode [ 139.056876][ T9173] hsr_slave_1: entered promiscuous mode [ 139.063430][ T9173] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 139.077936][ T9173] Cannot create hsr debugfs directory [ 139.088528][ T9299] batman_adv: batadv0: Removing interface: dummy0 [ 139.102331][ T9299] bond0: (slave bond_slave_0): Releasing backup interface [ 139.112738][ T9299] bond_slave_0: left promiscuous mode [ 139.120084][ T9299] bond_slave_0: left allmulticast mode [ 139.132913][ T9299] bond0: (slave bond_slave_1): Releasing backup interface [ 139.141544][ T9299] bond_slave_1: left promiscuous mode [ 139.149741][ T9299] bond_slave_1: left allmulticast mode [ 139.179714][ T9299] team0: Port device team_slave_0 removed [ 139.201255][ T9299] team0: Port device team_slave_1 removed [ 139.208147][ T9299] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 139.216125][ T9299] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 139.229709][ T9299] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 139.238271][ T9299] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 139.252782][ T9299] bond0: (slave bond1): Releasing backup interface [ 139.260317][ T9299] bond1: left promiscuous mode [ 139.265353][ T9299] bond1: left allmulticast mode [ 139.281648][ T9299] bond0: (slave bond2): Releasing backup interface [ 139.295483][ T9299] bond2: left promiscuous mode [ 139.300432][ T9299] bond2: left allmulticast mode [ 139.314157][ T9299] vlan2: left promiscuous mode [ 139.319169][ T9299] bridge0: port 1(vlan2) entered disabled state [ 139.330735][ T9299] vlan3: left promiscuous mode [ 139.336826][ T9299] bond0: left promiscuous mode [ 139.349004][ T9299] bridge0: port 2(vlan3) entered disabled state [ 139.551900][ T9150] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 139.677419][ T2951] hsr_slave_0: left promiscuous mode [ 139.685929][ T5842] Bluetooth: hci1: command tx timeout [ 139.701883][ T2951] hsr_slave_1: left promiscuous mode [ 139.707986][ T2951] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 139.720710][ T2951] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 139.741828][ T2951] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 139.758875][ T9320] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1052'. [ 139.767889][ T2951] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 139.800746][ T2951] veth1_macvtap: left promiscuous mode [ 139.831701][ T2951] veth0_macvtap: left promiscuous mode [ 139.844122][ T2951] veth1_vlan: left promiscuous mode [ 139.849450][ T2951] veth0_vlan: left promiscuous mode [ 139.931518][ T9326] netlink: 'syz.1.1055': attribute type 10 has an invalid length. [ 140.247540][ T2951] team0 (unregistering): Port device team_slave_1 removed [ 140.284284][ T2951] team0 (unregistering): Port device team_slave_0 removed [ 140.571344][ T5852] Bluetooth: hci2: command tx timeout [ 140.636315][ T9150] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 140.646442][ T9150] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 140.685742][ T9150] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 140.770161][ T9337] openvswitch: netlink: EtherType 50a is less than min 600 [ 141.096266][ T9150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.135830][ T9150] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.158520][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.165694][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 141.202900][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.210072][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.386599][ T9367] netlink: 'syz.0.1065': attribute type 4 has an invalid length. [ 141.479378][ T9173] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 141.491783][ T9150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.505121][ T9173] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 141.519825][ T9173] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 141.532351][ T9173] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 141.651310][ T9150] veth0_vlan: entered promiscuous mode [ 141.681981][ T9150] veth1_vlan: entered promiscuous mode [ 141.752310][ T9173] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.763830][ T5852] Bluetooth: hci1: command tx timeout [ 141.776689][ T9150] veth0_macvtap: entered promiscuous mode [ 141.799654][ T9150] veth1_macvtap: entered promiscuous mode [ 141.816136][ T9173] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.848925][ T2951] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.856107][ T2951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 141.867360][ T9150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.875242][ T9387] sctp: [Deprecated]: syz.1.1069 (pid 9387) Use of struct sctp_assoc_value in delayed_ack socket option. [ 141.875242][ T9387] Use struct sctp_sack_info instead [ 141.885500][ T9150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.905881][ T9389] x_tables: unsorted underflow at hook 1 [ 141.906863][ T9150] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.932121][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.939233][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.949042][ T9387] netlink: 'syz.1.1069': attribute type 2 has an invalid length. [ 141.973044][ T9150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.987424][ T9150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.000087][ T9150] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.021655][ T9150] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.030923][ T9150] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.042419][ T9150] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.051767][ T9150] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.162850][ T2972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.178436][ T2972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.186300][ T9397] netlink: 'syz.0.1072': attribute type 21 has an invalid length. [ 142.201017][ T9397] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1072'. [ 142.302362][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.329718][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.356346][ T9405] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1074'. [ 142.472920][ T9173] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 142.611581][ T9173] veth0_vlan: entered promiscuous mode [ 142.626950][ T9173] veth1_vlan: entered promiscuous mode [ 142.646552][ T5852] Bluetooth: hci2: command 0x0419 tx timeout [ 142.702462][ T9173] veth0_macvtap: entered promiscuous mode [ 142.721430][ T9173] veth1_macvtap: entered promiscuous mode [ 142.745604][ T9421] sctp: [Deprecated]: syz.0.1080 (pid 9421) Use of int in max_burst socket option. [ 142.745604][ T9421] Use struct sctp_assoc_value instead [ 142.766230][ T9421] IPVS: set_ctl: invalid protocol: 64 172.20.20.170:20001 [ 142.806087][ T9173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.830230][ T9173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.846583][ T9173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.859509][ T9173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.875018][ T9173] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 142.898195][ T9173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.917613][ T9173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.931954][ T9173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.949832][ T9173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.960928][ T9173] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.998753][ T9173] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.021757][ T9173] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.031522][ T9173] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.040475][ T9173] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.071731][ T9437] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1084'. [ 143.158840][ T2972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.173304][ T2972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.230382][ T2972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.243114][ T2972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.248070][ T9443] SET target dimension over the limit! [ 143.300587][ T9419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 143.315270][ T9441] geneve2: entered promiscuous mode [ 143.320524][ T9441] geneve2: entered allmulticast mode [ 143.416316][ T9446] netlink: 'syz.4.1088': attribute type 10 has an invalid length. [ 143.442349][ T9446] team0: Port device  added [ 143.545470][ T9450] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1090'. [ 143.578649][ T9455] netlink: ct family unspecified [ 143.583939][ T9455] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 143.793056][ T9469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1096'. [ 143.862617][ T9469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1096'. [ 143.989305][ T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.389750][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 144.399126][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 144.412892][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 144.421308][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 144.431898][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 144.439381][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 144.628315][ T9493] chnl_net:caif_netlink_parms(): no params data found [ 144.682777][ T9493] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.690155][ T9493] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.697950][ T9493] bridge_slave_0: entered allmulticast mode [ 144.705375][ T9493] bridge_slave_0: entered promiscuous mode [ 144.712610][ T9493] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.720062][ T9493] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.728762][ T9493] bridge_slave_1: entered allmulticast mode [ 144.736016][ T9493] bridge_slave_1: entered promiscuous mode [ 144.761531][ T9493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 144.777353][ T9493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 144.801700][ T9493] team0: Port device team_slave_0 added [ 144.810116][ T9493] team0: Port device team_slave_1 added [ 144.834669][ T9493] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 144.841649][ T9493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.868516][ T9493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 144.880731][ T9493] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 144.887980][ T9493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.914432][ T9493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 145.053130][ T9503] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 145.079989][ T9493] hsr_slave_0: entered promiscuous mode [ 145.087162][ T9493] hsr_slave_1: entered promiscuous mode [ 145.094781][ T9493] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 145.103504][ T9493] Cannot create hsr debugfs directory [ 145.109355][ T9503] netlink: 'syz.4.1103': attribute type 1 has an invalid length. [ 145.131642][ T9507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1104'. [ 145.176069][ T9507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1104'. [ 145.339632][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 145.352123][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 145.361296][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 145.365350][ T9507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1104'. [ 145.379465][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 145.389588][ T5842] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 145.403861][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 145.442865][ T9517] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1106'. [ 145.467112][ T9519] netlink: 'syz.4.1107': attribute type 5 has an invalid length. [ 145.467334][ T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.543320][ T9514] netlink: 'syz.0.1106': attribute type 2 has an invalid length. [ 145.606914][ T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.641692][ T9525] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1109'. [ 145.741904][ T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.778609][ T9525] tipc: Enabled bearer , priority 10 [ 145.834932][ T9531] dvmrp0: entered allmulticast mode [ 146.074177][ T51] bridge_slave_1: left allmulticast mode [ 146.079882][ T51] bridge_slave_1: left promiscuous mode [ 146.093936][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.129447][ T51] bridge_slave_0: left allmulticast mode [ 146.142973][ T51] bridge_slave_0: left promiscuous mode [ 146.153228][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.484097][ T5849] Bluetooth: hci1: command tx timeout [ 146.499494][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 146.516117][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 146.527767][ T51] bond0 (unregistering): Released all slaves [ 146.837222][ T9566] netlink: 'syz.1.1119': attribute type 7 has an invalid length. [ 146.980039][ T9515] chnl_net:caif_netlink_parms(): no params data found [ 147.259245][ T51] hsr_slave_0: left promiscuous mode [ 147.269318][ T51] hsr_slave_1: left promiscuous mode [ 147.280019][ T9588] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1124'. [ 147.292118][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.300598][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.331417][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 147.340273][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.369929][ T51] veth1_macvtap: left promiscuous mode [ 147.376537][ T51] veth0_macvtap: left promiscuous mode [ 147.382218][ T51] veth1_vlan: left promiscuous mode [ 147.387535][ T51] veth0_vlan: left promiscuous mode [ 147.454467][ T5849] Bluetooth: hci2: command tx timeout [ 147.777138][ T51] team0 (unregistering): Port device team_slave_1 removed [ 147.812745][ T51] team0 (unregistering): Port device team_slave_0 removed [ 148.206710][ T9515] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.215780][ T9515] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.223072][ T9515] bridge_slave_0: entered allmulticast mode [ 148.230070][ T9515] bridge_slave_0: entered promiscuous mode [ 148.238832][ T9493] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 148.274539][ T9515] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.294193][ T9515] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.333842][ T9515] bridge_slave_1: entered allmulticast mode [ 148.351681][ T9515] bridge_slave_1: entered promiscuous mode [ 148.372160][ T9493] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 148.389975][ T9493] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 148.442034][ T9493] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 148.526421][ T9515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 148.560389][ T9515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 148.570109][ T5849] Bluetooth: hci1: command tx timeout [ 148.602512][ T9607] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1129'. [ 148.653864][ T9515] team0: Port device team_slave_0 added [ 148.662094][ T9515] team0: Port device team_slave_1 added [ 148.742465][ T9515] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 148.761183][ T9515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.787851][ T9515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 148.805991][ T9515] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 148.819698][ T9515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.846380][ T9515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 148.905007][ T9620] batadv1: entered allmulticast mode [ 148.934153][ T9515] hsr_slave_0: entered promiscuous mode [ 148.940480][ T9515] hsr_slave_1: entered promiscuous mode [ 149.015785][ T2946] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.103908][ T2946] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.127574][ T9493] 8021q: adding VLAN 0 to HW filter on device bond0 [ 149.206883][ T9628] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1137'. [ 149.231636][ T2946] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.251122][ T9493] 8021q: adding VLAN 0 to HW filter on device team0 [ 149.259641][ T9628] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1137'. [ 149.270872][ T9628] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1137'. [ 149.325230][ T2946] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.350683][ T81] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.357816][ T81] bridge0: port 1(bridge_slave_0) entered forwarding state [ 149.427318][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.434489][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.504540][ T9628] tc_dump_action: action bad kind [ 149.527278][ T5849] Bluetooth: hci2: command tx timeout [ 149.582682][ T9645] Cannot find del_set index 65531 as target [ 149.739091][ T2946] bridge_slave_1: left allmulticast mode [ 149.755680][ T2946] bridge_slave_1: left promiscuous mode [ 149.761439][ T2946] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.807207][ T2946] bridge_slave_0: left allmulticast mode [ 149.820521][ T2946] bridge_slave_0: left promiscuous mode [ 149.830417][ T2946] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.283980][ T2946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 150.298222][ T2946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 150.311672][ T2946] bond0 (unregistering): Released all slaves [ 150.386903][ T9676] __nla_validate_parse: 1 callbacks suppressed [ 150.386919][ T9676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1149'. [ 150.412420][ T9676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1149'. [ 150.644008][ T5849] Bluetooth: hci1: command tx timeout [ 150.664378][ T9493] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.761188][ T9682] tipc: Started in network mode [ 150.772784][ T9682] tipc: Node identity , cluster identity 4711 [ 150.781506][ T9685] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1152'. [ 150.804664][ T9687] netlink: 'syz.4.1153': attribute type 4 has an invalid length. [ 150.935620][ T9493] veth0_vlan: entered promiscuous mode [ 150.957170][ T9493] veth1_vlan: entered promiscuous mode [ 151.159314][ T2946] hsr_slave_0: left promiscuous mode [ 151.172017][ T2946] hsr_slave_1: left promiscuous mode [ 151.178173][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 151.188836][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 151.199160][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 151.213773][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 151.243550][ T2946] veth1_macvtap: left promiscuous mode [ 151.256159][ T2946] veth0_macvtap: left promiscuous mode [ 151.262780][ T2946] veth1_vlan: left promiscuous mode [ 151.272841][ T2946] veth0_vlan: left promiscuous mode [ 151.607006][ T5842] Bluetooth: hci2: command tx timeout [ 151.654430][ T2946] team0 (unregistering): Port device team_slave_1 removed [ 151.693190][ T2946] team0 (unregistering): Port device team_slave_0 removed [ 152.049315][ T9702] bridge_slave_0: left allmulticast mode [ 152.063919][ T9702] bridge_slave_0: left promiscuous mode [ 152.069655][ T9702] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.101764][ T9702] bridge_slave_1: left allmulticast mode [ 152.122969][ T9708] netlink: 'syz.4.1160': attribute type 11 has an invalid length. [ 152.131430][ T9702] bridge_slave_1: left promiscuous mode [ 152.159479][ T9702] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.188070][ T9702] bond0: (slave bond_slave_0): Releasing backup interface [ 152.203142][ T9714] SET target dimension over the limit! [ 152.210677][ T9702] bond0: (slave bond_slave_1): Releasing backup interface [ 152.236025][ T9702] team0: Port device team_slave_0 removed [ 152.258304][ T9702] team0: Port device team_slave_1 removed [ 152.299783][ T9515] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 152.346588][ T9515] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 152.400272][ T9722] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1164'. [ 152.431320][ T9493] veth0_macvtap: entered promiscuous mode [ 152.445319][ T9515] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 152.448988][ T9727] x_tables: duplicate underflow at hook 2 [ 152.471764][ T9722] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1164'. [ 152.483057][ T9493] veth1_macvtap: entered promiscuous mode [ 152.520194][ T9515] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 152.571421][ T9493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.590187][ T9493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.603456][ T9493] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 152.660463][ T9493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.679575][ T9493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.691373][ T9493] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 152.721873][ T9493] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.730784][ T5842] Bluetooth: hci1: command tx timeout [ 152.756147][ T9493] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.765142][ T9493] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.774281][ T9493] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.983470][ T9515] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.023048][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.052470][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.069469][ T9515] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.092963][ T2946] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.100143][ T2946] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.119807][ T2946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.133269][ T2946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.153115][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.160275][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.246783][ T9751] netlink: 'syz.0.1174': attribute type 15 has an invalid length. [ 153.390438][ T9756] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1175'. [ 153.399546][ T9756] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1175'. [ 153.443083][ T9515] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 153.482854][ T9515] veth0_vlan: entered promiscuous mode [ 153.504400][ T9515] veth1_vlan: entered promiscuous mode [ 153.522740][ T9759] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 153.531158][ T9515] veth0_macvtap: entered promiscuous mode [ 153.542310][ T9515] veth1_macvtap: entered promiscuous mode [ 153.578310][ T9515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.591953][ T9515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.610318][ T9515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.631088][ T9515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.651766][ T9515] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.662512][ T9761] xt_l2tp: invalid flags combination: c [ 153.670392][ T9515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.681339][ T9515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.693682][ T5842] Bluetooth: hci2: command tx timeout [ 153.699147][ T9515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.709638][ T9515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.720684][ T9515] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.754679][ T9515] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.764000][ T9515] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.773886][ T9515] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.782672][ T9515] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.830484][ T9766] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1177'. [ 153.861560][ T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.960881][ T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.991477][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.999923][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.026219][ T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.050866][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.060907][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.086695][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.566660][ T35] bridge_slave_1: left allmulticast mode [ 154.578312][ T35] bridge_slave_1: left promiscuous mode [ 154.589240][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.605970][ T35] bridge_slave_0: left allmulticast mode [ 154.611737][ T35] bridge_slave_0: left promiscuous mode [ 154.622837][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.669836][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 154.685540][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 154.698595][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 154.709581][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 154.718192][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 154.728209][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 154.836831][ T9783] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1181'. [ 155.489961][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 155.501568][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 155.514114][ T35] bond0 (unregistering): Released all slaves [ 155.864445][ T35] hsr_slave_0: left promiscuous mode [ 155.870436][ T35] hsr_slave_1: left promiscuous mode [ 155.880920][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 155.888851][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 155.896851][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 155.904472][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 155.925069][ T35] veth1_macvtap: left promiscuous mode [ 155.930606][ T35] veth0_macvtap: left promiscuous mode [ 155.938256][ T35] veth1_vlan: left promiscuous mode [ 155.943536][ T35] veth0_vlan: left promiscuous mode [ 156.180948][ T9808] tipc: Failed to remove unknown binding: 66,1,1/0:812074959/812074961 [ 156.210873][ T9808] tipc: Failed to remove unknown binding: 66,1,1/0:812074959/812074961 [ 156.321020][ T9820] openvswitch: netlink: Multiple metadata blocks provided [ 156.405178][ T9823] netlink: 'syz.4.1191': attribute type 3 has an invalid length. [ 156.534878][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 156.550964][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 156.560949][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 156.581484][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 156.599538][ T5849] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 156.608146][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 156.647068][ T35] team0 (unregistering): Port device team_slave_1 removed [ 156.689262][ T35] team0 (unregistering): Port device team_slave_0 removed [ 156.806794][ T5849] Bluetooth: hci1: command tx timeout [ 157.205549][ T9775] chnl_net:caif_netlink_parms(): no params data found [ 157.569806][ T9775] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.583516][ T9841] can: request_module (can-proto-0) failed. [ 157.584306][ T9844] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 157.599526][ T9775] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.610842][ T9775] bridge_slave_0: entered allmulticast mode [ 157.623357][ T9775] bridge_slave_0: entered promiscuous mode [ 157.638110][ T9775] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.663868][ T9775] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.676301][ T9775] bridge_slave_1: entered allmulticast mode [ 157.705225][ T9775] bridge_slave_1: entered promiscuous mode [ 157.735248][ T9841] netlink: 'syz.0.1199': attribute type 3 has an invalid length. [ 157.745158][ T9841] netlink: 766 bytes leftover after parsing attributes in process `syz.0.1199'. [ 157.840430][ T9775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 157.860537][ T9775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 157.935541][ T9775] team0: Port device team_slave_0 added [ 157.947146][ T9775] team0: Port device team_slave_1 added [ 157.973341][ T9860] netlink: 187320 bytes leftover after parsing attributes in process `syz.0.1203'. [ 157.984383][ T9860] netlink: zone id is out of range [ 157.989712][ T9860] netlink: zone id is out of range [ 158.036658][ T9860] netlink: zone id is out of range [ 158.055768][ T9860] netlink: zone id is out of range [ 158.061907][ T9860] netlink: zone id is out of range [ 158.063971][ T9775] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 158.069032][ T9860] netlink: zone id is out of range [ 158.079326][ T9860] netlink: zone id is out of range [ 158.084845][ T9860] netlink: zone id is out of range [ 158.088274][ T9775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.090563][ T9860] netlink: zone id is out of range [ 158.122012][ T9775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 158.134982][ T9775] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 158.141971][ T9775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.168775][ T9775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 158.195678][ T9860] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1203'. [ 158.258182][ T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.299457][ T9824] chnl_net:caif_netlink_parms(): no params data found [ 158.317528][ T9775] hsr_slave_0: entered promiscuous mode [ 158.327841][ T9775] hsr_slave_1: entered promiscuous mode [ 158.338709][ T9775] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 158.346720][ T9775] Cannot create hsr debugfs directory [ 158.386824][ T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.480246][ T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.636605][ T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.652160][ T5849] Bluetooth: hci2: command tx timeout [ 158.666116][ T9824] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.684638][ T9824] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.695191][ T9824] bridge_slave_0: entered allmulticast mode [ 158.719970][ T9824] bridge_slave_0: entered promiscuous mode [ 158.760099][ T9824] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.784931][ T9824] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.788022][ T9889] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1212'. [ 158.814458][ T9824] bridge_slave_1: entered allmulticast mode [ 158.836765][ T9824] bridge_slave_1: entered promiscuous mode [ 158.883812][ T5849] Bluetooth: hci1: command tx timeout [ 158.895020][ T9890] workqueue: name exceeds WQ_NAME_LEN. Truncating to: ¯HcUØîÑË•‚Ž¹+ÕuµŽê!Þ÷œ8¦ [ 158.939196][ T9824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.001526][ T9824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 159.108255][ T35] bridge_slave_1: left allmulticast mode [ 159.114334][ T35] bridge_slave_1: left promiscuous mode [ 159.120107][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.147066][ T35] bridge_slave_0: left allmulticast mode [ 159.152988][ T35] bridge_slave_0: left promiscuous mode [ 159.169161][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.570232][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 159.581697][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 159.591644][ T35] bond0 (unregistering): Released all slaves [ 159.612075][ T9824] team0: Port device team_slave_0 added [ 159.620159][ T9912] veth1_macvtap: left promiscuous mode [ 159.634944][ T9912] macsec0: entered allmulticast mode [ 159.663292][ T9913] veth1_macvtap: entered promiscuous mode [ 159.683740][ T9913] veth1_macvtap: entered allmulticast mode [ 159.695177][ T9913] macsec0: left allmulticast mode [ 159.712035][ T9913] veth1_macvtap: left allmulticast mode [ 159.767618][ T9918] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 159.795149][ T9824] team0: Port device team_slave_1 added [ 159.904089][ T9824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 159.911090][ T9824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.950627][ T9824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.024055][ T9824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 160.031053][ T9824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.103909][ T9824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 160.167299][ T9928] netlink: 71 bytes leftover after parsing attributes in process `syz.0.1222'. [ 160.277605][ T9824] hsr_slave_0: entered promiscuous mode [ 160.289429][ T9824] hsr_slave_1: entered promiscuous mode [ 160.297232][ T9824] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 160.305296][ T9824] Cannot create hsr debugfs directory [ 160.498043][ T9948] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1226'. [ 160.532180][ T9948] geneve2: entered promiscuous mode [ 160.547207][ T9949] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1225'. [ 160.648576][ T35] hsr_slave_0: left promiscuous mode [ 160.659175][ T35] hsr_slave_1: left promiscuous mode [ 160.666229][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 160.677411][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 160.685780][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.693219][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 160.724102][ T35] veth1_macvtap: left promiscuous mode [ 160.729691][ T35] veth0_macvtap: left promiscuous mode [ 160.733952][ T5849] Bluetooth: hci2: command tx timeout [ 160.735837][ T35] veth1_vlan: left promiscuous mode [ 160.746218][ T35] veth0_vlan: left promiscuous mode [ 160.971117][ T5849] Bluetooth: hci1: command tx timeout [ 161.190287][ T9965] netlink: 1275 bytes leftover after parsing attributes in process `syz.0.1233'. [ 161.213154][ T9965] netlink: 1275 bytes leftover after parsing attributes in process `syz.0.1233'. [ 161.235390][ T9965] netlink: 1275 bytes leftover after parsing attributes in process `syz.0.1233'. [ 161.407907][ T35] team0 (unregistering): Port device team_slave_1 removed [ 161.479104][ T35] team0 (unregistering): Port device team_slave_0 removed [ 162.062594][ T9979] x_tables: duplicate underflow at hook 1 [ 162.226082][ T9775] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 162.283153][ T9775] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 162.290319][ T9989] netlink: 'syz.1.1240': attribute type 75 has an invalid length. [ 162.308166][ T9775] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 162.330194][ T9987] x_tables: arp_tables: MARK.2 target: invalid size 8 (kernel) != (user) 0 [ 162.357361][ T9775] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 162.693241][ T9824] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 162.731131][ T9824] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 162.758531][ T9824] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 162.775414][ T9824] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 162.790797][T10011] netlink: 'syz.4.1244': attribute type 10 has an invalid length. [ 162.802098][T10010] netlink: 'syz.4.1244': attribute type 10 has an invalid length. [ 162.814055][ T5849] Bluetooth: hci2: command tx timeout [ 162.840002][ T9775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.976620][ T9775] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.000109][ T2946] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.007319][ T2946] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.055992][ T5849] Bluetooth: hci1: command tx timeout [ 163.068731][ T2972] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.075907][ T2972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.209973][ T9824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.276005][T10030] __nla_validate_parse: 63 callbacks suppressed [ 163.276033][T10030] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1249'. [ 163.293182][T10032] xt_l2tp: missing protocol rule (udp|l2tpip) [ 163.294519][ T9824] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.375111][ T2946] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.382237][ T2946] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.419734][ T2946] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.426921][ T2946] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.728428][ T9775] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 163.831916][ T9824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 163.921629][ T9775] veth0_vlan: entered promiscuous mode [ 163.953570][ T9824] veth0_vlan: entered promiscuous mode [ 163.960145][T10062] Bluetooth: MGMT ver 1.23 [ 163.976408][ T9775] veth1_vlan: entered promiscuous mode [ 164.000308][ T9824] veth1_vlan: entered promiscuous mode [ 164.018460][T10062] netlink: 'syz.0.1259': attribute type 3 has an invalid length. [ 164.116621][ T9775] veth0_macvtap: entered promiscuous mode [ 164.141974][ T9775] veth1_macvtap: entered promiscuous mode [ 164.158423][ T9824] veth0_macvtap: entered promiscuous mode [ 164.188639][ T9824] veth1_macvtap: entered promiscuous mode [ 164.220604][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 164.241115][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.253304][ T9775] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 164.270273][T10072] netlink: 71 bytes leftover after parsing attributes in process `syz.4.1261'. [ 164.281702][T10069] ieee802154 phy0 wpan0: encryption failed: -22 [ 164.322991][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 164.335224][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.346993][ T9775] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 164.359708][T10074] macvlan2: entered allmulticast mode [ 164.370994][T10074] veth1_vlan: entered allmulticast mode [ 164.383060][T10074] veth1_vlan: left allmulticast mode [ 164.445528][ T9824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 164.465395][ T9824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.475778][ T9824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 164.492589][ T9824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.506028][ T9824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 164.577007][ T9824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 164.626610][T10092] netlink: 'syz.1.1266': attribute type 2 has an invalid length. [ 164.628702][ T9824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.642293][T10092] netlink: 'syz.1.1266': attribute type 1 has an invalid length. [ 164.669141][ T9824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 164.685644][ T9824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.708182][ T9824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 164.731816][ T9775] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.743395][ T9775] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.755202][ T9775] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.773672][ T9775] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.852682][ T9824] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.884148][ T5849] Bluetooth: hci2: command tx timeout [ 164.884662][ T9824] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.908933][ T9824] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.918186][ T9824] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.927331][T10110] xt_nat: multiple ranges no longer supported [ 165.090916][T10114] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1271'. [ 165.168795][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 165.182772][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 165.248771][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 165.275914][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 165.314927][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 165.343492][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 165.403399][ T2946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 165.417586][ T2946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 165.872143][T10140] IPVS: set_ctl: invalid protocol: 108 0.0.0.0:20003 [ 165.889670][T10105] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1268'. [ 165.990520][T10144] netlink: 'syz.0.1283': attribute type 5 has an invalid length. [ 165.992318][T10146] nftables ruleset with unbound chain [ 166.037197][T10144] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1283'. [ 166.054168][T10146] net_ratelimit: 65 callbacks suppressed [ 166.054188][T10146] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 166.606720][ T2972] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.774800][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 166.785782][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 166.795959][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 166.804645][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 166.812219][ T5842] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 166.821430][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 166.850753][ T2972] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.021095][ T2972] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.090073][ T2972] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.269567][ T2972] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.305214][T10155] chnl_net:caif_netlink_parms(): no params data found [ 167.379221][ T2972] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.537950][ T2972] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.587062][T10155] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.627016][T10155] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.654064][T10155] bridge_slave_0: entered allmulticast mode [ 167.655246][T10175] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 167.661035][T10155] bridge_slave_0: entered promiscuous mode [ 167.668323][T10175] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1291'. [ 167.686211][T10155] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.693948][T10155] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.702403][T10155] bridge_slave_1: entered allmulticast mode [ 167.709920][T10155] bridge_slave_1: entered promiscuous mode [ 167.717367][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 167.726510][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 167.734981][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 167.748839][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 167.757812][ T5849] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 167.759218][ T2972] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.765215][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 167.851070][T10155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 167.872916][T10155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.990410][T10155] team0: Port device team_slave_0 added [ 168.009728][T10155] team0: Port device team_slave_1 added [ 168.089990][T10155] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 168.106186][T10188] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input5 [ 168.117000][T10155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.147874][T10155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 168.252066][T10155] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 168.291142][T10155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.326595][T10155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.371038][T10195] tipc: Enabling of bearer rejected, failed to enable media [ 168.382961][ T2972] bridge_slave_1: left allmulticast mode [ 168.398964][ T2972] bridge_slave_1: left promiscuous mode [ 168.414282][ T2972] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.446033][ T2972] bridge_slave_0: left allmulticast mode [ 168.452028][ T2972] bridge_slave_0: left promiscuous mode [ 168.472437][ T2972] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.524933][ T2972] bridge_slave_1: left allmulticast mode [ 168.533941][ T2972] bridge_slave_1: left promiscuous mode [ 168.539666][ T2972] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.584375][ T2972] bridge_slave_0: left allmulticast mode [ 168.590112][ T2972] bridge_slave_0: left promiscuous mode [ 168.603890][ T2972] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.888597][ T5849] Bluetooth: hci1: command tx timeout [ 169.146603][ T2972] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 169.157447][ T2972] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 169.169084][ T2972] bond0 (unregistering): Released all slaves [ 169.271628][ T2972] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 169.282115][ T2972] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 169.292794][ T2972] bond0 (unregistering): Released all slaves [ 169.366416][T10155] hsr_slave_0: entered promiscuous mode [ 169.387942][T10155] hsr_slave_1: entered promiscuous mode [ 169.656971][T10227] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 169.850262][ T5849] Bluetooth: hci2: command tx timeout [ 169.918089][T10178] chnl_net:caif_netlink_parms(): no params data found [ 170.015985][T10246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1312'. [ 170.121787][T10253] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1314'. [ 170.134153][T10253] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1314'. [ 170.145826][T10246] erspan0: entered promiscuous mode [ 170.156317][T10253] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1314'. [ 170.161611][T10246] macvtap1: entered promiscuous mode [ 170.171695][T10246] macvtap1: entered allmulticast mode [ 170.177410][T10246] erspan0: entered allmulticast mode [ 170.219125][ T5849] block nbd1: Receive control failed (result -107) [ 170.245627][T10253] nbd1: detected capacity change from 0 to 256 [ 170.640042][ T2972] hsr_slave_0: left promiscuous mode [ 170.659119][ T2972] hsr_slave_1: left promiscuous mode [ 170.671650][ T2972] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 170.679863][ T2972] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 170.698086][ T2972] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.714031][ T2972] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.752651][ T2972] hsr_slave_0: left promiscuous mode [ 170.763838][ T2972] hsr_slave_1: left promiscuous mode [ 170.775766][ T2972] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 170.785453][ T2972] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 170.795276][ T2972] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.813015][ T2972] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.899308][ T2972] veth1_macvtap: left promiscuous mode [ 170.906716][ T2972] veth0_macvtap: left promiscuous mode [ 170.912420][ T2972] veth1_vlan: left promiscuous mode [ 170.917852][ T2972] veth0_vlan: left promiscuous mode [ 170.939225][ T2972] veth1_macvtap: left promiscuous mode [ 170.945142][ T2972] veth0_macvtap: left promiscuous mode [ 170.950750][ T2972] veth1_vlan: left promiscuous mode [ 170.956252][ T2972] veth0_vlan: left promiscuous mode [ 170.963814][ T5849] Bluetooth: hci1: command tx timeout [ 171.719264][ T2972] team0 (unregistering): Port device team_slave_1 removed [ 171.762521][ T2972] team0 (unregistering): Port device team_slave_0 removed [ 171.924770][ T5849] Bluetooth: hci2: command tx timeout [ 172.119005][T10331] netlink: 'syz.4.1324': attribute type 4 has an invalid length. [ 172.459370][ T2972] team0 (unregistering): Port device team_slave_1 removed [ 172.495573][ T2972] team0 (unregistering): Port device team_slave_0 removed [ 172.848210][T10178] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.855859][T10178] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.863145][T10178] bridge_slave_0: entered allmulticast mode [ 172.879878][T10178] bridge_slave_0: entered promiscuous mode [ 172.897968][T10329] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1324'. [ 172.941140][T10178] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.951735][T10178] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.959708][T10178] bridge_slave_1: entered allmulticast mode [ 172.967006][T10178] bridge_slave_1: entered promiscuous mode [ 173.045762][ T5849] Bluetooth: hci1: command tx timeout [ 173.087565][T10178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.127430][T10178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.312837][T10178] team0: Port device team_slave_0 added [ 173.327062][T10178] team0: Port device team_slave_1 added [ 173.416966][T10349] macvlan0: entered allmulticast mode [ 173.422522][T10349] veth1_vlan: entered allmulticast mode [ 173.429262][T10351] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1331'. [ 173.444801][T10349] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 173.503536][T10178] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 173.508318][T10356] IPVS: set_ctl: invalid protocol: 137 255.255.255.255:20001 [ 173.514209][T10178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.549363][T10178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.597297][T10178] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.613416][T10178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.656371][T10178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.659326][T10359] netlink: 'syz.0.1333': attribute type 1 has an invalid length. [ 173.696504][T10359] netlink: 'syz.0.1333': attribute type 1 has an invalid length. [ 173.746006][T10155] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 173.767292][T10155] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 173.805256][T10359] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1333'. [ 173.878307][T10155] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 173.898604][T10178] hsr_slave_0: entered promiscuous mode [ 173.914912][T10178] hsr_slave_1: entered promiscuous mode [ 173.948367][T10178] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 173.982630][T10178] Cannot create hsr debugfs directory [ 173.995241][T10155] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 174.009298][ T5849] Bluetooth: hci2: command tx timeout [ 174.411722][T10388] veth0_vlan: entered allmulticast mode [ 174.421379][T10392] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1346'. [ 174.462195][T10155] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.602670][T10155] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.623449][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.630792][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.698848][ T2972] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.706022][ T2972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.794720][T10155] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 174.865806][T10408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1352'. [ 174.983841][T10178] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 175.002997][T10178] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 175.048048][T10178] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 175.065921][T10178] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 175.105380][T10155] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 175.124671][ T51] ------------[ cut here ]------------ [ 175.130190][ T51] WARNING: CPU: 0 PID: 51 at net/mac80211/mlme.c:4106 ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.140600][ T5849] Bluetooth: hci1: command tx timeout [ 175.146318][ T51] Modules linked in: [ 175.150239][ T51] CPU: 0 UID: 0 PID: 51 Comm: kworker/u8:3 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 175.161344][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 175.171947][ T51] Workqueue: events_unbound cfg80211_wiphy_work [ 175.178456][ T51] RIP: 0010:ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.185185][ T51] Code: 5d 41 5e 41 5f 5d e9 bc d6 2d f6 e8 57 27 41 f6 90 0f 0b 90 eb b6 e8 4c 27 41 f6 90 0f 0b 90 e9 fc fb ff ff e8 3e 27 41 f6 90 <0f> 0b 90 e9 bf fc ff ff e8 30 27 41 f6 90 0f 0b 90 e9 30 ff ff ff [ 175.205145][ T51] RSP: 0018:ffffc90000bc7a80 EFLAGS: 00010293 [ 175.211254][ T51] RAX: ffffffff8b7e36e2 RBX: 0000000000000001 RCX: ffff88801daa9e00 [ 175.219502][ T51] RDX: 0000000000000000 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c608a00 [ 175.227582][ T51] RBP: 1ffff1100f88db8e R08: ffffffff901b5977 R09: 1ffffffff2036b2e [ 175.235619][ T51] R10: dffffc0000000000 R11: fffffbfff2036b2f R12: ffff88807c46ea22 [ 175.243738][ T51] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff88807c46cd80 [ 175.251737][ T51] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 175.260806][ T51] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.267470][ T51] CR2: 00007f12469fc678 CR3: 000000007e076000 CR4: 00000000003526f0 [ 175.275639][ T51] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 175.282329][T10155] veth0_vlan: entered promiscuous mode [ 175.283766][ T51] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 175.297655][ T51] Call Trace: [ 175.300965][ T51] [ 175.304000][ T51] ? __warn+0x165/0x4d0 [ 175.308189][ T51] ? ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.314262][ T51] ? report_bug+0x2b3/0x500 [ 175.318795][ T51] ? ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.322009][T10155] veth1_vlan: entered promiscuous mode [ 175.324872][ T51] ? handle_bug+0x60/0x90 [ 175.334782][ T51] ? exc_invalid_op+0x1a/0x50 [ 175.339488][ T51] ? asm_exc_invalid_op+0x1a/0x20 [ 175.344638][ T51] ? ieee80211_mgd_probe_ap_send+0x4e2/0x5c0 [ 175.350648][ T51] ? ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.356731][ T51] ? ieee80211_mgd_probe_ap+0x2ed/0x420 [ 175.362311][ T51] cfg80211_wiphy_work+0x2f0/0x490 [ 175.367575][ T51] ? process_scheduled_works+0x976/0x1840 [ 175.373323][ T51] process_scheduled_works+0xa66/0x1840 [ 175.379160][ T51] ? __pfx_process_scheduled_works+0x10/0x10 [ 175.385391][ T51] ? assign_work+0x364/0x3d0 [ 175.390023][ T51] worker_thread+0x870/0xd30 [ 175.394727][ T51] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 175.400648][ T51] ? __kthread_parkme+0x169/0x1d0 [ 175.405767][ T51] ? __pfx_worker_thread+0x10/0x10 [ 175.410900][ T51] kthread+0x7a9/0x920 [ 175.415045][ T51] ? __pfx_kthread+0x10/0x10 [ 175.419663][ T51] ? __pfx_worker_thread+0x10/0x10 [ 175.424920][ T51] ? __pfx_kthread+0x10/0x10 [ 175.429537][ T51] ? __pfx_kthread+0x10/0x10 [ 175.434244][ T51] ? __pfx_kthread+0x10/0x10 [ 175.438860][ T51] ? _raw_spin_unlock_irq+0x23/0x50 [ 175.444291][ T51] ? lockdep_hardirqs_on+0x99/0x150 [ 175.449524][ T51] ? __pfx_kthread+0x10/0x10 [ 175.450720][T10178] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.454258][ T51] ret_from_fork+0x4b/0x80 [ 175.465386][ T51] ? __pfx_kthread+0x10/0x10 [ 175.470004][ T51] ret_from_fork_asm+0x1a/0x30 [ 175.474859][ T51] [ 175.478031][ T51] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 175.485321][ T51] CPU: 0 UID: 0 PID: 51 Comm: kworker/u8:3 Not tainted 6.14.0-rc1-syzkaller-00102-g9dfedb8dc78b #0 [ 175.496014][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 175.506087][ T51] Workqueue: events_unbound cfg80211_wiphy_work [ 175.512369][ T51] Call Trace: [ 175.515665][ T51] [ 175.518603][ T51] dump_stack_lvl+0x241/0x360 [ 175.523301][ T51] ? __pfx_dump_stack_lvl+0x10/0x10 [ 175.528517][ T51] ? __pfx__printk+0x10/0x10 [ 175.533133][ T51] ? _printk+0xd5/0x120 [ 175.537330][ T51] ? __init_begin+0x41000/0x41000 [ 175.542384][ T51] ? vscnprintf+0x5d/0x90 [ 175.546732][ T51] panic+0x349/0x880 [ 175.550633][ T51] ? __warn+0x174/0x4d0 [ 175.554791][ T51] ? __pfx_panic+0x10/0x10 [ 175.559227][ T51] ? ret_from_fork_asm+0x1a/0x30 [ 175.564176][ T51] __warn+0x344/0x4d0 [ 175.568156][ T51] ? ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.574137][ T51] report_bug+0x2b3/0x500 [ 175.578461][ T51] ? ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.584452][ T51] handle_bug+0x60/0x90 [ 175.588609][ T51] exc_invalid_op+0x1a/0x50 [ 175.593115][ T51] asm_exc_invalid_op+0x1a/0x20 [ 175.597966][ T51] RIP: 0010:ieee80211_mgd_probe_ap_send+0x4e3/0x5c0 [ 175.604549][ T51] Code: 5d 41 5e 41 5f 5d e9 bc d6 2d f6 e8 57 27 41 f6 90 0f 0b 90 eb b6 e8 4c 27 41 f6 90 0f 0b 90 e9 fc fb ff ff e8 3e 27 41 f6 90 <0f> 0b 90 e9 bf fc ff ff e8 30 27 41 f6 90 0f 0b 90 e9 30 ff ff ff [ 175.624158][ T51] RSP: 0018:ffffc90000bc7a80 EFLAGS: 00010293 [ 175.630241][ T51] RAX: ffffffff8b7e36e2 RBX: 0000000000000001 RCX: ffff88801daa9e00 [ 175.638210][ T51] RDX: 0000000000000000 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c608a00 [ 175.646175][ T51] RBP: 1ffff1100f88db8e R08: ffffffff901b5977 R09: 1ffffffff2036b2e [ 175.654149][ T51] R10: dffffc0000000000 R11: fffffbfff2036b2f R12: ffff88807c46ea22 [ 175.662122][ T51] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff88807c46cd80 [ 175.670102][ T51] ? ieee80211_mgd_probe_ap_send+0x4e2/0x5c0 [ 175.676097][ T51] ? ieee80211_mgd_probe_ap+0x2ed/0x420 [ 175.681652][ T51] cfg80211_wiphy_work+0x2f0/0x490 [ 175.686772][ T51] ? process_scheduled_works+0x976/0x1840 [ 175.692502][ T51] process_scheduled_works+0xa66/0x1840 [ 175.698071][ T51] ? __pfx_process_scheduled_works+0x10/0x10 [ 175.704056][ T51] ? assign_work+0x364/0x3d0 [ 175.708648][ T51] worker_thread+0x870/0xd30 [ 175.713242][ T51] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 175.719145][ T51] ? __kthread_parkme+0x169/0x1d0 [ 175.724172][ T51] ? __pfx_worker_thread+0x10/0x10 [ 175.729279][ T51] kthread+0x7a9/0x920 [ 175.733345][ T51] ? __pfx_kthread+0x10/0x10 [ 175.737934][ T51] ? __pfx_worker_thread+0x10/0x10 [ 175.743042][ T51] ? __pfx_kthread+0x10/0x10 [ 175.747626][ T51] ? __pfx_kthread+0x10/0x10 [ 175.752213][ T51] ? __pfx_kthread+0x10/0x10 [ 175.756795][ T51] ? _raw_spin_unlock_irq+0x23/0x50 [ 175.761986][ T51] ? lockdep_hardirqs_on+0x99/0x150 [ 175.767175][ T51] ? __pfx_kthread+0x10/0x10 [ 175.771758][ T51] ret_from_fork+0x4b/0x80 [ 175.776167][ T51] ? __pfx_kthread+0x10/0x10 [ 175.780747][ T51] ret_from_fork_asm+0x1a/0x30 [ 175.785517][ T51] [ 175.788772][ T51] Kernel Offset: disabled [ 175.793159][ T51] Rebooting in 86400 seconds..