last executing test programs:

6.473768814s ago: executing program 2 (id=8691):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r4 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xfffbffff, {0x0, 0x0, 0x0, r2, {0x0, 0x8}, {0xffff, 0xffff}, {0xc, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x30, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x3}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0xc, 0x9, 0x9}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40001}, 0x10)

6.473488441s ago: executing program 4 (id=8692):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r1, 0x6)
listen(r0, 0xa)

6.263292069s ago: executing program 4 (id=8695):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}, @IFLA_ADDRESS={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}, 0x48}}, 0x0)

4.073285966s ago: executing program 3 (id=8699):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=@newlink={0x38, 0x10, 0x439, 0x0, 0x60000, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @broadcast}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000000)
sendto$packet(r0, &(0x7f0000000180)="280320000a0014000000fbf719143baa111f43c851ffab286e16195ecf3d77cc32b6d78839980700e6669d3c865c6b96e84000050016f37fe8c0295f5c", 0x3d, 0x840, &(0x7f00000000c0)={0x11, 0x86dd, r3, 0x1, 0x2, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2eaaaac15ca67ef2}}, 0x14)

2.206630115s ago: executing program 4 (id=8702):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee9, 0x8031, r0, 0x215eb000)
r1 = socket(0x14, 0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x61d0, 0x0)
ioctl$sock_TIOCINQ(r1, 0x61d8, 0x0)

2.16457837s ago: executing program 0 (id=8704):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000c40), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_type(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r3, &(0x7f0000000280), 0x9)

2.100233571s ago: executing program 3 (id=8705):
unshare(0x22020600)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x7, 0x0, 0x0, 0x10}}, &(0x7f0000000040)='GPL\x00', 0x2, 0x92, &(0x7f0000000240)=""/146}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
unshare(0x20000)
mmap(&(0x7f00006b7000/0x14000)=nil, 0x14000, 0x4, 0x1010, r1, 0x0)

2.046526117s ago: executing program 2 (id=8706):
socket$inet6(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b707000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f0000000240)=r2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="b9ff03076804268c989e140088a8", 0x0, 0x4ff, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.964455399s ago: executing program 0 (id=8707):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x84, 0x30, 0x400, 0x70bd29, 0x25dfdbff, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x4}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x4000890}, 0x0)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r3, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)

1.949269084s ago: executing program 1 (id=8708):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0xd, 0xfffff034}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd03000a000000140000006c07010033d484"], 0x340a)

1.84989211s ago: executing program 2 (id=8709):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000005c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)={0x40, r2, 0x1, 0x1070bd0c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_PEER_COOKIE={0xc}]}, 0x40}, 0x1, 0x0, 0x0, 0x40811}, 0x20)
syz_emit_ethernet(0x50, &(0x7f0000000600)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e79"}}}}}}}, 0x0)

1.762224464s ago: executing program 3 (id=8710):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900010073797a30000000000900030073797a3000000000140004800800024000000000080001400000000568000000060a010400000008000000000100000008000b4000000000400004803c0001800a0001006d617463680000002c0002800800010065636e000c000300e4edf2b75cc7c0a308000240000000000c000100706b7474797065000900010073797a300000000014000000110001"], 0xf0}}, 0x0)

1.720334904s ago: executing program 0 (id=8711):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70ad2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r4 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xfff2}, {}, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x54, 0x2, [@TCA_BASIC_ACT={0x50, 0x3, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x4, 0xffff, 0x3f, 0x2, 0x6}, 0x2}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x78, 0xfa}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x4)

1.640624818s ago: executing program 2 (id=8712):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
write$tun(r0, &(0x7f0000001880)={@val={0x0, 0x88fb}, @void, @eth={@empty, @multicast, @val={@val={0x88a8, 0x5, 0x1, 0x4}, {0x8100, 0x6, 0x0, 0x6}}, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x2, 0x4, 0x28, 0x67, 0x0, 0x7, 0x21, 0x0, @empty, @local, {[@generic={0x89, 0x2}]}}, {{0x4e24, 0x4e24, 0x4, 0x1, 0x7, 0x0, 0x0, 0x5, 0x7, '\x00', 0x0, "20dda3"}}}}}}}, 0x42)

1.56576521s ago: executing program 3 (id=8713):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)

1.441037119s ago: executing program 1 (id=8714):
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="8724866f", 0x4}], 0x1)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x8, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1a04"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

1.350415342s ago: executing program 0 (id=8715):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newtfilter={0xd8, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xc}, {0xfff2}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0xac, 0x2, [@TCA_BPF_ACT={0x4c}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0xd8}}, 0x0)

1.211177994s ago: executing program 3 (id=8716):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="d800000019008111e0020f060d8107040a600200640f040b067c55a12a00090008000699e3ffffff14000500fe8081780c000567b8b7b940020000090a0016060000000000000000d67f6f9400f7d1d9bbe94fa27100a007a290457f0189b316277c", 0x62}], 0x1}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="68000000100001002fbd7000fddbdf2500000000", @ANYRES32, @ANYBLOB="0201000000000000140003006e657464657673696d3000000000000034001680300001802c"], 0x68}}, 0x24040800)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x5, 0x0, 0x5cc7, 0x8}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0xb, @loopback={0x400000004000300}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="cb2da763bb3282b121692bc43eb4105000000003080106000240000000002c"], 0x50}}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd00028008"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

1.019459379s ago: executing program 2 (id=8717):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@ccm_128={{0x303}, "0e57b3d487e2db32", "a9df7ccffde8899f914d4f2c3e263509", "3c36a51c", "6775c975b6b15e11"}, 0x28)
writev(r0, &(0x7f0000000240)=[{&(0x7f00000005c0)="c800b66cf7e6a5", 0x7}, {&(0x7f0000000140)="e2b5de1b04c0", 0x6}], 0x2)
readv(r0, &(0x7f00000006c0)=[{&(0x7f0000001980)=""/4099, 0xff1}], 0x1)

959.005017ms ago: executing program 3 (id=8718):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
writev(r0, 0x0, 0x0)
r1 = socket(0x14, 0x2, 0x4)
getsockopt$inet_pktinfo(r1, 0x0, 0x42020054, 0x0, &(0x7f0000000300))

899.818276ms ago: executing program 0 (id=8719):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r4, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="540000001000050428bd7000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="4000000004000000240012800b0001006970766c616e0000140002800600010000000000060001000200000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4], 0x54}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

890.024443ms ago: executing program 1 (id=8720):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0xcd, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e22, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000040)=0xc8, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

693.802217ms ago: executing program 1 (id=8721):
socket(0x10, 0x803, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'netdevsim0\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r0, r2, 0x25, 0x0, @void}, 0x10)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r3=>0x0}, 0x8)
r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000200)=r3, 0x2)
bpf$LINK_DETACH(0x22, &(0x7f0000000040)=r4, 0x4)

496.066927ms ago: executing program 4 (id=8722):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x1103, 0x4, @private0, 0x2}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0)
recvmsg$unix(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x120)

308.164089ms ago: executing program 4 (id=8723):
recvmsg(0xffffffffffffffff, 0x0, 0x80)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x4e23, 0x27bf, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}, 0x3}, 0x1c)
sendto$inet6(r0, &(0x7f0000000040)='[', 0x1, 0xc0, 0x0, 0x0)

225.290251ms ago: executing program 1 (id=8724):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_int(r2, 0x11, 0x1, &(0x7f0000000080)=0x4, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r2, r1, 0x0, 0xe25)

148.272211ms ago: executing program 4 (id=8725):
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="8724866f", 0x4}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x8, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1a04"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

128.135878ms ago: executing program 0 (id=8726):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r1, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a00001bbbbbbbbbbbbbaaaaaaaaaa2986dd6d002008001811ff20010000000000000000000000000001ff0200000000000000000000000000014f194e20"], 0x52)

84.928366ms ago: executing program 1 (id=8727):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$key(0xf, 0x3, 0x2)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$key(r1, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r2, 0x0, 0x0, 0x20040000, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=ANY=[@ANYBLOB="58010000100013070000000000000000fc020000000000000000000000000001fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141417000000000000000000000000000004d533000000e000000100000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000220000000000000000000000000000000200000000000000000000005c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080", @ANYBLOB], 0x158}}, 0x4000)

0s ago: executing program 2 (id=8728):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xffffffff)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000006c0)={0x10, 0x2d, 0x1, 0x70bd26}, 0x10}], 0x1}, 0x4)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x2}, 0x8)
sendmmsg$unix(r1, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="c7", 0x1}], 0x1, 0x0, 0x0, 0x8054}}], 0x1, 0x4000045)
close(r1)

kernel console output (not intermixed with test programs):

 netlink: Flow actions may not be safe on all matching packets.
[  204.992817][T11269] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2580'.
[  205.335781][  T980] IPVS: starting estimator thread 0...
[  205.375876][T11290] delete_channel: no stack
[  205.440036][T11287] IPVS: using max 23 ests per chain, 55200 per kthread
[  206.339582][T11336] x_tables: unsorted underflow at hook 1
[  206.831924][T11364] ip6t_rpfilter: unknown options
[  206.930510][T11263] Bluetooth: hci4: command 0x0406 tx timeout
[  206.937077][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  206.937105][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[  206.944137][T11263] Bluetooth: hci3: command 0x0406 tx timeout
[  206.949548][ T5839] Bluetooth: hci2: command 0x0406 tx timeout
[  207.193701][T11377] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2629'.
[  207.230262][T11377] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2629'.
[  207.693867][T11399] syz.0.2640 uses old SIOCAX25GETINFO
[  208.012859][T11417] netlink: 'syz.1.2649': attribute type 39 has an invalid length.
[  208.439926][T11436] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2657'.
[  208.468671][T11438] ieee802154 phy0 wpan0: encryption failed: -22
[  208.481114][T11436] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2657'.
[  208.508989][T11436] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2657'.
[  209.576025][T11494] xt_addrtype: ipv6 does not support BROADCAST matching
[  209.626213][T11496] bridge5: the hash_elasticity option has been deprecated and is always 16
[  209.854502][T11508] xt_ecn: cannot match TCP bits for non-tcp packets
[  210.286269][T11525] netlink: 'syz.4.2702': attribute type 21 has an invalid length.
[  210.320007][T11525] IPv6: NLM_F_CREATE should be specified when creating new route
[  210.354757][T11525] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  210.362154][T11525] IPv6: NLM_F_CREATE should be set when creating new route
[  210.369670][T11525] IPv6: NLM_F_CREATE should be set when creating new route
[  210.374043][T11530] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2705'.
[  210.377776][T11525] IPv6: NLM_F_CREATE should be set when creating new route
[  210.450098][T11532] netlink: 260 bytes leftover after parsing attributes in process `syz.1.2706'.
[  210.618166][T11538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2709'.
[  210.656764][T11538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2709'.
[  210.690972][T11538] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2709'.
[  210.907326][T11549] netlink: 'syz.1.2714': attribute type 1 has an invalid length.
[  210.945025][T11549] netlink: 244 bytes leftover after parsing attributes in process `syz.1.2714'.
[  211.560953][T11544] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  211.685930][T11584] openvswitch: netlink: IP tunnel dst address not specified
[  212.290965][T11615] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2747'.
[  212.326165][T11615] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2747'.
[  212.344006][T11617] x_tables: unsorted underflow at hook 3
[  213.026303][T11651] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  213.084100][T11655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2766'.
[  213.359455][T11666] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  213.435959][T11666] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  213.713662][T11681] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2779'.
[  214.611754][T11722] openvswitch: netlink: Missing key (keys=40, expected=80)
[  214.708743][T11724] netlink: zone id is out of range
[  214.729710][T11724] netlink: zone id is out of range
[  214.765274][T11724] netlink: zone id is out of range
[  214.782432][T11724] netlink: zone id is out of range
[  214.808855][T11724] netlink: zone id is out of range
[  214.832847][T11724] netlink: zone id is out of range
[  214.863771][T11724] netlink: zone id is out of range
[  215.721211][T11774] __nla_validate_parse: 2 callbacks suppressed
[  215.721232][T11774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2825'.
[  215.769270][T11777] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.2826'.
[  215.793718][T11777] bridge: RTM_NEWNEIGH with invalid state 0x1
[  216.651511][T11823] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[  216.874666][T11833] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2852'.
[  217.237188][ T5944] IPVS: starting estimator thread 0...
[  217.351722][T11853] IPVS: using max 24 ests per chain, 57600 per kthread
[  217.585515][T11870] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2872'.
[  217.645179][T11872] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2869'.
[  218.107933][T11894] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2881'.
[  218.534444][T11917] netlink: 'syz.1.2893': attribute type 12 has an invalid length.
[  218.748353][T11929] net_ratelimit: 53 callbacks suppressed
[  218.748374][T11929] openvswitch: netlink: Message has 1 unknown bytes.
[  218.789935][T11929] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  218.976065][T11939] netlink: 'syz.2.2904': attribute type 11 has an invalid length.
[  219.948505][T11989] xt_nat: multiple ranges no longer supported
[  219.967020][T11987] ieee802154 phy0 wpan0: encryption failed: -22
[  220.268369][T12002] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048)
[  220.300645][T12005] netlink: 'syz.0.2936': attribute type 1 has an invalid length.
[  220.329452][T12005] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2936'.
[  220.364036][T12005] netlink: 658 bytes leftover after parsing attributes in process `syz.0.2936'.
[  220.415993][T12005] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2936'.
[  220.668255][T12019] openvswitch: netlink: Unexpected mask (mask=200440, allowed=10048)
[  220.696780][T12024] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  220.704383][T12024] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  221.000032][T12039] netlink: 'syz.0.2953': attribute type 24 has an invalid length.
[  221.102750][T12044] netlink: 'syz.1.2956': attribute type 3 has an invalid length.
[  221.123604][T12044] netlink: 'syz.1.2956': attribute type 1 has an invalid length.
[  221.141675][T12044] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2956'.
[  221.909012][T12081] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2974'.
[  222.055755][T12089] netlink: 220 bytes leftover after parsing attributes in process `syz.3.2978'.
[  222.410268][T12107] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  222.580122][T12117] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2990'.
[  223.213007][T12147] netlink: 'syz.2.3005': attribute type 1 has an invalid length.
[  223.246828][T12147] netlink: 'syz.2.3005': attribute type 2 has an invalid length.
[  223.609096][T12165] netlink: 'syz.3.3014': attribute type 2 has an invalid length.
[  223.639950][T12165] netlink: 'syz.3.3014': attribute type 5 has an invalid length.
[  224.150049][T12194] netlink: 'syz.2.3028': attribute type 32 has an invalid length.
[  224.221449][T12200] sctp: [Deprecated]: syz.0.3031 (pid 12200) Use of int in maxseg socket option.
[  224.221449][T12200] Use struct sctp_assoc_value instead
[  224.968590][T12233] netlink: 'syz.1.3042': attribute type 23 has an invalid length.
[  225.043218][T12238] netlink: 'syz.2.3043': attribute type 3 has an invalid length.
[  225.547267][T12262] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3056'.
[  225.672698][T12268] : renamed from hsr0 (while UP)
[  225.736488][T12273] xt_connbytes: Forcing CT accounting to be enabled
[  226.147988][T12292] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3071'.
[  226.595284][T12317] x_tables: unsorted entry at hook 2
[  226.618689][T12318] openvswitch: netlink: IPv4 tun info is not correct
[  226.835109][T12328] netlink: 'syz.0.3089': attribute type 11 has an invalid length.
[  226.857544][T12328] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3089'.
[  226.923628][T12334] openvswitch: netlink: EtherType 0 is less than min 600
[  227.064829][T12339] 
s5���: renamed from vlan1 (while UP)
[  227.256173][T12349] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3100'.
[  227.436843][T12357] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3104'.
[  227.462048][T12360] netlink: 'syz.0.3105': attribute type 21 has an invalid length.
[  227.697527][T12373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3112'.
[  228.359983][T12407] xt_l2tp: v2 doesn't support IP mode
[  229.244949][T12455] netlink: 'syz.4.3152': attribute type 10 has an invalid length.
[  229.858703][T12482] ipt_ECN: cannot use operation on non-tcp rule
[  230.022527][T12491] xt_CT: You must specify a L4 protocol and not use inversions on it
[  230.954935][T12537] netlink: 'syz.0.3191': attribute type 1 has an invalid length.
[  230.982649][T12537] netlink: 228 bytes leftover after parsing attributes in process `syz.0.3191'.
[  231.203949][T12553] IPv6: NLM_F_REPLACE set, but no existing node found!
[  231.404824][T12565] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3205'.
[  231.441290][T12565] openvswitch: netlink: Missing key (keys=40, expected=80)
[  231.614656][T12571] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3208'.
[  231.822433][T12584] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  231.871918][T12582] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  232.153609][T12597] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3221'.
[  232.709122][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3234'.
[  232.891138][T12632] siw: device registration error -23
[  233.262082][T12649] batadv0: entered allmulticast mode
[  233.288674][T12653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3249'.
[  233.462794][T12659] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3252'.
[  233.672052][T12667] netlink: 'syz.2.3256': attribute type 15 has an invalid length.
[  233.709416][T12667] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3256'.
[  233.866239][T12680] xt_cluster: node mask cannot exceed total number of nodes
[  233.951121][T12683] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3264'.
[  234.040339][T12687] netlink: 'syz.3.3266': attribute type 4 has an invalid length.
[  234.143280][T12695] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  234.240813][T12697] netlink: 'syz.4.3271': attribute type 1 has an invalid length.
[  234.264365][T12697] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3271'.
[  234.617994][T12718] netlink: 'syz.2.3280': attribute type 21 has an invalid length.
[  234.842054][T12727] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3285'.
[  234.877119][T12727] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3285'.
[  234.943046][T12727] gretap2: entered promiscuous mode
[  234.958839][T12727] gretap2: entered allmulticast mode
[  235.162916][T12741] x_tables: duplicate underflow at hook 1
[  235.491520][T12761] netlink: 'syz.3.3302': attribute type 21 has an invalid length.
[  235.517810][T12761] netlink: 128 bytes leftover after parsing attributes in process `syz.3.3302'.
[  235.546526][T12761] netlink: 'syz.3.3302': attribute type 5 has an invalid length.
[  235.629775][T12763] netlink: 'syz.4.3303': attribute type 10 has an invalid length.
[  235.700831][T12769] x_tables: duplicate underflow at hook 4
[  235.944983][T12779] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  235.997920][T12768] 8021q: VLANs not supported on gre0
[  236.395119][T12793] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048)
[  236.410252][T12794] netlink: 'syz.2.3315': attribute type 10 has an invalid length.
[  236.642882][T12805] openvswitch: netlink: IP tunnel dst address not specified
[  236.947436][T12823] netlink: 'syz.2.3326': attribute type 9 has an invalid length.
[  237.250218][T12835] __nla_validate_parse: 4 callbacks suppressed
[  237.250242][T12835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3332'.
[  237.497731][T12847] netlink: 'syz.4.3336': attribute type 7 has an invalid length.
[  237.543927][T12847] netlink: 'syz.4.3336': attribute type 8 has an invalid length.
[  237.802893][T12864] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3343'.
[  237.955370][T12868] netlink: 'syz.2.3345': attribute type 13 has an invalid length.
[  238.416689][T12890] openvswitch: netlink: EtherType 50a is less than min 600
[  238.438169][T12894] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3356'.
[  238.991641][T12918] netlink: 'syz.1.3366': attribute type 61 has an invalid length.
[  239.015503][T12918] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3366'.
[  239.306132][T12935] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3373'.
[  239.966214][T12966] ieee802154 phy0 wpan0: encryption failed: -22
[  241.245675][T13016] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  241.349371][T13024] netlink: zone id is out of range
[  241.369245][T13024] netlink: zone id is out of range
[  241.393002][T13024] netlink: zone id is out of range
[  241.409091][T13024] netlink: zone id is out of range
[  241.426448][T13024] netlink: zone id is out of range
[  241.448125][T13024] netlink: zone id is out of range
[  241.463738][T13024] netlink: zone id is out of range
[  241.480497][T13024] netlink: zone id is out of range
[  241.504815][T13024] netlink: zone id is out of range
[  242.358724][T13072] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3429'.
[  242.491379][T13079] nft_compat: unsupported protocol 0
[  242.907578][T13100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[  242.925898][T13102] x_tables: unsorted entry at hook 3
[  243.381663][T13123] validate_nla: 1 callbacks suppressed
[  243.381684][T13123] netlink: 'syz.0.3451': attribute type 1 has an invalid length.
[  243.635395][T13138] netlink: 'syz.0.3456': attribute type 1 has an invalid length.
[  243.667534][T13138] netlink: 'syz.0.3456': attribute type 2 has an invalid length.
[  243.793595][T13142] net_ratelimit: 5 callbacks suppressed
[  243.793617][T13142] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  244.327100][T13169] netlink: 'syz.0.3470': attribute type 10 has an invalid length.
[  244.361692][T13169] bridge_slave_1: left allmulticast mode
[  244.372189][T13173] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3472'.
[  244.390829][T13169] bridge_slave_1: left promiscuous mode
[  244.417188][T13169] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.465692][T13169] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  244.905659][T13198] ��: renamed from team_slave_1 (while UP)
[  245.089371][T13207] wg1: entered promiscuous mode
[  245.104225][T13207] wg1: entered allmulticast mode
[  245.831059][T13245] netlink: 'syz.4.3509': attribute type 1 has an invalid length.
[  246.168117][T13263] netlink: 'syz.1.3517': attribute type 1 has an invalid length.
[  246.181656][T13263] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3517'.
[  246.513150][T13279] netlink: 666 bytes leftover after parsing attributes in process `syz.4.3528'.
[  247.348346][T13326] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  247.978309][T13355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3559'.
[  248.056083][T13361] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3561'.
[  248.241758][T13368] netlink: 'syz.2.3564': attribute type 20 has an invalid length.
[  248.266370][T13368] IPv6: NLM_F_CREATE should be specified when creating new route
[  248.506639][T13381] netdevsim netdevsim0 
: renamed from netdevsim0
[  248.518514][T13379] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3568'.
[  248.945599][T13401] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3579'.
[  249.133000][T13410] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3583'.
[  249.160525][T13410] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3583'.
[  249.733941][T13439] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3598'.
[  249.922278][T13448] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3604'.
[  250.205620][T13464] netlink: 'syz.4.3611': attribute type 11 has an invalid length.
[  250.230216][T13464] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3611'.
[  250.667872][T13485] netlink: 'syz.2.3621': attribute type 3 has an invalid length.
[  250.703315][T13485] netlink: 'syz.2.3621': attribute type 1 has an invalid length.
[  251.000340][T13504] netlink: 'syz.1.3629': attribute type 1 has an invalid length.
[  251.369471][T13523] xt_hashlimit: size too large, truncated to 1048576
[  251.601010][T13535] netlink: 'syz.0.3644': attribute type 13 has an invalid length.
[  251.615854][T13533] ip6gre1: entered allmulticast mode
[  251.636173][T13535] gretap0: refused to change device tx_queue_len
[  251.656850][T13535] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  251.667374][T13538] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  251.830117][T13544] netlink: 216 bytes leftover after parsing attributes in process `syz.3.3650'.
[  252.063714][T13554] IPv6: sit1: Disabled Multicast RS
[  252.543915][T13578] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  253.479068][T13630] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  253.616527][T13636] bond3: Removing last ns target with arp_interval on
[  255.466561][T13723] netlink: 'syz.0.3738': attribute type 1 has an invalid length.
[  255.501223][T13723] __nla_validate_parse: 1 callbacks suppressed
[  255.501243][T13723] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3738'.
[  256.058619][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  256.070616][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  256.686530][T13784] bond2 (unregistering): Released all slaves
[  256.991729][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.034473][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.048385][T13803] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  257.089289][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.145987][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.185597][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.230896][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.274906][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.305727][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.333397][T13800] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  257.396947][T13816] 8021q: adding VLAN 0 to HW filter on device bond5
[  257.852461][T13821] bond3 (unregistering): Released all slaves
[  258.210668][T13845] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3794'.
[  258.412734][T13856] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3798'.
[  258.432170][T13856] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3798'.
[  258.770699][T13871] IPv6: NLM_F_CREATE should be specified when creating new route
[  259.070860][T13890] netlink: 'syz.1.3817': attribute type 2 has an invalid length.
[  259.105809][T13890] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3817'.
[  259.371630][T13903] xt_hashlimit: invalid interval
[  262.347629][T14053] netlink: 'syz.1.3897': attribute type 16 has an invalid length.
[  262.385047][T14053] netlink: 'syz.1.3897': attribute type 17 has an invalid length.
[  262.467631][T14053] net_ratelimit: 2922 callbacks suppressed
[  262.467644][T14053] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.068656][T14129] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3932'.
[  264.912951][T14172] netlink: 'syz.4.3955': attribute type 1 has an invalid length.
[  264.973194][T14176] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3956'.
[  265.017953][T14176] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3956'.
[  265.369526][T14196] netlink: 'syz.3.3967': attribute type 1 has an invalid length.
[  265.835773][T14219] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  265.911062][T14225] netlink: 'syz.4.3981': attribute type 2 has an invalid length.
[  266.067905][T14225] �9: entered promiscuous mode
[  266.469585][T14249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3993'.
[  266.717772][T14259] netlink: 'syz.0.3998': attribute type 1 has an invalid length.
[  267.058870][T14277] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4005'.
[  267.073483][T14276] netlink: 'syz.3.4007': attribute type 11 has an invalid length.
[  267.091742][T14276] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4007'.
[  267.390035][T14281] bond6: option arp_interval: mode dependency failed, not supported in mode balance-tlb(5)
[  267.436054][T14296] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4016'.
[  267.447287][T14281] bond6 (unregistering): Released all slaves
[  267.508040][T14300] netlink: 'syz.4.4018': attribute type 3 has an invalid length.
[  267.678387][T14302] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4020'.
[  267.940421][T14320] x_tables: duplicate underflow at hook 3
[  268.700864][T14360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4048'.
[  268.716688][T14360] openvswitch: netlink: Unknown nsh attribute 0
[  268.838544][T14363] netlink: 'syz.4.4051': attribute type 21 has an invalid length.
[  268.857554][T14363] netlink: 156 bytes leftover after parsing attributes in process `syz.4.4051'.
[  269.431670][T14392] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4062'.
[  270.187697][T14431] bond0: entered promiscuous mode
[  270.199946][T14431] bond_slave_0: entered promiscuous mode
[  270.215315][T14431] bond_slave_1: entered promiscuous mode
[  270.361077][T14441] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4086'.
[  270.685423][T14454] delete_channel: no stack
[  271.154747][T14481] netlink: 256 bytes leftover after parsing attributes in process `syz.4.4105'.
[  271.381235][T14493] Cannot find del_set index 49151 as target
[  271.433802][T14495] netlink: 'syz.0.4113': attribute type 1 has an invalid length.
[  272.062094][T14523] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4125'.
[  272.169924][T14528] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4129'.
[  273.388165][T14586] netlink: 'syz.4.4157': attribute type 5 has an invalid length.
[  273.945442][T14613] Bluetooth: MGMT ver 1.23
[  274.460211][T14641] bridge0: port 3(veth0_to_bridge) entered blocking state
[  274.484565][T14641] bridge0: port 3(veth0_to_bridge) entered disabled state
[  274.506183][T14641] veth0_to_bridge: entered allmulticast mode
[  274.572467][T14641] veth0_to_bridge: entered promiscuous mode
[  274.611731][T14645] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  274.856114][T14655] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4188'.
[  275.413826][T14684] Zero length message leads to an empty skb
[  275.881127][T14701] IPVS: Error connecting to the multicast addr
[  275.907245][T14703] Bluetooth: MGMT ver 1.23
[  276.053231][ T5827] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  276.070388][T14711] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4216'.
[  276.086315][T14712] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4215'.
[  276.097592][T14711] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4216'.
[  276.902697][T14753] netlink: 'syz.3.4233': attribute type 3 has an invalid length.
[  278.014832][T14806] netlink: 165 bytes leftover after parsing attributes in process `syz.3.4260'.
[  278.361728][T14818] netlink: 272 bytes leftover after parsing attributes in process `syz.1.4266'.
[  278.458066][T14822] netlink: 'syz.0.4268': attribute type 10 has an invalid length.
[  278.486176][T14822] 8021q: adding VLAN 0 to HW filter on device batadv0
[  278.546104][T14825] netlink: 'syz.0.4268': attribute type 10 has an invalid length.
[  278.563182][T14822] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  278.582687][T14825] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4268'.
[  278.633872][T14825] batadv0: entered promiscuous mode
[  278.650591][T14831] netlink: 'syz.2.4271': attribute type 83 has an invalid length.
[  278.661546][T14825] batadv0: entered allmulticast mode
[  278.716687][T14825] bond0: (slave batadv0): Releasing backup interface
[  278.785227][T14825] bridge0: port 2(batadv0) entered blocking state
[  278.804444][T14825] bridge0: port 2(batadv0) entered disabled state
[  278.850117][   T58] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  278.860017][   T58] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  279.328963][T14863] openvswitch: netlink: Missing valid actions attribute.
[  279.362780][T14863] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  279.453479][T14866] block nbd1: not configured, cannot reconfigure
[  279.605160][T14873] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  280.063564][T14896] Driver unsupported XDP return value 0 on prog  (id 309) dev N/A, expect packet loss!
[  280.065735][T14898] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  280.137432][T14902] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  280.187609][T14904] nbd: must specify a size in bytes for the device
[  280.573789][T14924] xt_hashlimit: size too large, truncated to 1048576
[  281.487544][T14951] syz.3.4329 (14951) used greatest stack depth: 17216 bytes left
[  281.608020][T14967] netlink: 'syz.2.4337': attribute type 1 has an invalid length.
[  281.789199][T14977] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4342'.
[  282.116705][T14995] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  282.828922][T15029] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4367'.
[  282.915483][T15037] Bluetooth: MGMT ver 1.23
[  284.102400][T15094] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4399'.
[  284.128092][T15096] xt_hashlimit: size too large, truncated to 1048576
[  284.232413][T15103] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4402'.
[  284.473942][T15112] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4407'.
[  284.499988][T15112] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4407'.
[  285.172696][T15150] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4424'.
[  285.444061][T15160] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4432'.
[  285.478309][T15160] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4432'.
[  285.519644][T15160] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4432'.
[  287.459948][T15259] IPVS: ip_vs_add_dest(): server weight less than zero
[  287.760614][T15272] netlink: 'syz.1.4477': attribute type 62 has an invalid length.
[  287.947207][T15281] __nla_validate_parse: 2 callbacks suppressed
[  287.947229][T15281] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4482'.
[  288.467697][T15305] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4494'.
[  288.843293][T15325] netlink: 'syz.0.4504': attribute type 2 has an invalid length.
[  288.878330][T15325] netlink: 188 bytes leftover after parsing attributes in process `syz.0.4504'.
[  288.994464][T15335] xt_cgroup: invalid path, errno=-2
[  289.369277][T15349] netlink: 'syz.1.4515': attribute type 11 has an invalid length.
[  289.621697][T15366] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4522'.
[  289.680369][T15369] netlink: 'syz.0.4523': attribute type 11 has an invalid length.
[  290.133966][T15391] xt_l2tp: v2 sid > 0xffff: 1114112
[  290.321831][T15399] netlink: 1 bytes leftover after parsing attributes in process `syz.0.4537'.
[  290.737955][T15418] netlink: 'syz.0.4547': attribute type 1 has an invalid length.
[  290.757957][T15418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4547'.
[  290.778529][T15418] netlink: 'syz.0.4547': attribute type 1 has an invalid length.
[  290.805038][T15423] netlink: 204 bytes leftover after parsing attributes in process `syz.2.4550'.
[  291.102958][T15435] netlink: 'syz.1.4556': attribute type 3 has an invalid length.
[  291.995062][T15479] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4577'.
[  292.434587][T15491] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4582'.
[  292.477173][T15491] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4582'.
[  292.706308][ T5916] IPVS: starting estimator thread 0...
[  292.820714][T15511] IPVS: using max 27 ests per chain, 64800 per kthread
[  293.100851][T15532] __nla_validate_parse: 2 callbacks suppressed
[  293.100872][T15532] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4603'.
[  293.203317][T15534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4604'.
[  293.777267][T15565] xt_l2tp: unknown flags: 10
[  294.419094][T15594] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4632'.
[  294.595896][T15603] netlink: 'syz.2.4636': attribute type 32 has an invalid length.
[  294.623062][T15603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4636'.
[  294.716297][T15603] bond3: option coupled_control: invalid value (192)
[  294.739521][T15603] bond3 (unregistering): Released all slaves
[  294.747691][T15611] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  295.130673][T15630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4648'.
[  295.153000][T15630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4648'.
[  295.177124][T15630] netlink: 'syz.4.4648': attribute type 14 has an invalid length.
[  295.207388][T15630] netlink: 'syz.4.4648': attribute type 13 has an invalid length.
[  295.399477][T15636] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4652'.
[  295.455696][T15636] vlan2: entered allmulticast mode
[  295.461223][T15636] gretap0: entered allmulticast mode
[  296.904066][T15689] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  296.925190][T15689] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  297.068365][T15698] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4682'.
[  297.098608][T15698] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4682'.
[  297.131436][T15698] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4682'.
[  297.736121][T15726] bridge0: port 3(dummy0) entered disabled state
[  297.742869][T15726] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.750658][T15726] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.950744][T15726] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  298.219685][T15755] netlink: 'syz.3.4710': attribute type 18 has an invalid length.
[  298.263639][ T1162] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  298.299493][ T1162] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  298.325379][ T1162] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  298.349199][ T1162] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  299.063202][T15797] sock: sock_timestamping_bind_phc: sock not bind to device
[  299.543392][T15819] __nla_validate_parse: 1 callbacks suppressed
[  299.543412][T15819] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4740'.
[  300.061537][T15846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4752'.
[  300.192639][T15855] tipc: Started in network mode
[  300.199002][T15855] tipc: Node identity ac141441, cluster identity 5
[  300.208703][T15855] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  301.119143][T15903] macvlan0: entered promiscuous mode
[  302.193974][T15954] netlink: 'syz.0.4806': attribute type 12 has an invalid length.
[  303.130398][T16001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4826'.
[  303.446926][T16017] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4834'.
[  304.257918][T16055] netlink: 277 bytes leftover after parsing attributes in process `syz.0.4851'.
[  304.332425][T16059] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4853'.
[  304.345235][T16059] tipc: Invalid UDP bearer configuration
[  304.345299][T16059] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  304.606600][T16073] netlink: 'syz.3.4858': attribute type 1 has an invalid length.
[  304.776103][T16080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4861'.
[  304.954926][T16093] netlink: 100 bytes leftover after parsing attributes in process `syz.4.4866'.
[  304.977055][T16080] bond6: Invalid ad_actor_system MAC address.
[  305.003163][T16080] bond6: option ad_actor_system: invalid value (1)
[  305.075857][T16080] bond6 (unregistering): Released all slaves
[  305.601704][T16118] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  305.604280][T16121] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4878'.
[  305.884397][T16124] bond3: (slave bond_slave_1): Device is not our slave
[  305.915920][T16124] bond3: option active_slave: invalid value (bond_slave_1)
[  305.949162][T16124] bond3 (unregistering): Released all slaves
[  306.213778][T16149] netlink: 'syz.1.4890': attribute type 3 has an invalid length.
[  306.306491][T16148] vlan0: entered allmulticast mode
[  307.200593][T16190] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  307.335707][T16195] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4906'.
[  307.398912][T16197] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4907'.
[  307.431098][T16197] netlink: 43 bytes leftover after parsing attributes in process `syz.3.4907'.
[  307.450440][T16197] netlink: 'syz.3.4907': attribute type 6 has an invalid length.
[  307.475378][T16197] netlink: 'syz.3.4907': attribute type 5 has an invalid length.
[  307.501054][T16197] netlink: 43 bytes leftover after parsing attributes in process `syz.3.4907'.
[  308.037416][T16225] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  308.045756][T16225] IPv6: NLM_F_CREATE should be set when creating new route
[  308.053463][T16225] IPv6: NLM_F_CREATE should be set when creating new route
[  308.060867][T16225] IPv6: NLM_F_CREATE should be set when creating new route
[  308.076913][T16227] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  308.410975][T16244] netlink: 'syz.3.4925': attribute type 4 has an invalid length.
[  308.440851][T16244] netlink: 17 bytes leftover after parsing attributes in process `syz.3.4925'.
[  308.662065][T16253] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4928'.
[  308.944160][T16269] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  309.081425][T16275] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.4938'.
[  311.321564][T16378] __nla_validate_parse: 2 callbacks suppressed
[  311.321587][T16378] netlink: 148 bytes leftover after parsing attributes in process `syz.2.4975'.
[  311.741437][T16399] nftables ruleset with unbound set
[  312.657557][T16429] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.678102][T16437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4997'.
[  312.956649][T16429] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.207437][T16429] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.322549][T16429] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.504174][T16471] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5011'.
[  313.514073][T16471] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5011'.
[  313.659559][ T8633] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.747842][   T48] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.853844][ T1114] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.970707][ T1114] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  314.192800][T16500] netlink: 'syz.1.5023': attribute type 4 has an invalid length.
[  314.210356][T16500] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5023'.
[  314.782742][T16528] : entered promiscuous mode
[  315.868586][T16580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5063'.
[  316.145436][T16593] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5069'.
[  316.353265][T16600] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5072'.
[  316.399891][T16600] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5072'.
[  316.673046][T16615] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5078'.
[  316.974712][T16631] netlink: 'syz.0.5086': attribute type 32 has an invalid length.
[  316.991371][T16631] netlink: 776 bytes leftover after parsing attributes in process `syz.0.5086'.
[  317.495017][T16656] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5099'.
[  317.506290][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.513150][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  318.092788][T16681] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[  318.124258][T16680] netdevsim netdevsim1 netdevsim1: left allmulticast mode
[  318.685624][T16703] netlink: 332 bytes leftover after parsing attributes in process `syz.3.5118'.
[  319.297540][T16732] netlink: 'syz.1.5134': attribute type 3 has an invalid length.
[  319.327224][T16732] netlink: 766 bytes leftover after parsing attributes in process `syz.1.5134'.
[  319.695308][T16751] xt_time: invalid argument - start or stop time greater than 23:59:59
[  320.312486][T16781] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5157'.
[  320.379241][T16786] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5160'.
[  320.548639][T16796] vlan1: entered allmulticast mode
[  320.563631][T16796] veth0_vlan: entered allmulticast mode
[  320.779094][T16804] pim6reg: entered allmulticast mode
[  320.923343][T16816] netlink: 'syz.2.5175': attribute type 1 has an invalid length.
[  321.595121][T16846] pimreg3: entered allmulticast mode
[  322.881749][T16915] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5224'.
[  323.215580][T16930] tunl0: left promiscuous mode
[  323.226024][T16930] gre0: left promiscuous mode
[  323.237817][T16930] gretap0: left promiscuous mode
[  323.243746][T16930] erspan0: left promiscuous mode
[  323.253327][T16930] ip_vti0: left promiscuous mode
[  323.278351][T16930] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  323.867495][T16959] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  323.888678][T16960] netlink: 'syz.0.5245': attribute type 25 has an invalid length.
[  323.940426][T16963] netlink: 'syz.1.5247': attribute type 1 has an invalid length.
[  324.511162][T16984] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5258'.
[  324.556143][T16984] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5258'.
[  326.367246][T17069] netlink: 'syz.0.5298': attribute type 29 has an invalid length.
[  327.336102][T17114] raw_sendmsg: syz.1.5320 forgot to set AF_INET. Fix it!
[  327.615901][T17124] : entered promiscuous mode
[  328.753890][T17181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5353'.
[  328.772206][T17181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5353'.
[  329.896036][T17221] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5372'.
[  330.247027][T17237] netlink: 104 bytes leftover after parsing attributes in process `syz.3.5380'.
[  330.462826][T17247] netlink: 168 bytes leftover after parsing attributes in process `syz.0.5385'.
[  330.760639][T17263] netlink: 'syz.1.5393': attribute type 29 has an invalid length.
[  331.231504][T17287] tipc: Enabling of bearer <u˩:s> rejected, media not registered
[  331.525079][T17301] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5412'.
[  331.676547][T17309] netlink: 'syz.2.5416': attribute type 11 has an invalid length.
[  331.839648][T17315] netlink: 76 bytes leftover after parsing attributes in process `syz.0.5418'.
[  331.873608][T17315] nbd: illegal input index -8454144
[  332.136122][T17330] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5426'.
[  332.207078][T17335] netlink: 'syz.2.5428': attribute type 1 has an invalid length.
[  332.789302][T17362] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5440'.
[  332.800779][T17362] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5440'.
[  333.145510][T17375] netlink: 'syz.2.5446': attribute type 1 has an invalid length.
[  334.225260][T17417] xt_l2tp: missing protocol rule (udp|l2tpip)
[  334.498424][T17431] __nla_validate_parse: 1 callbacks suppressed
[  334.498445][T17431] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5475'.
[  334.515888][T17429] vlan2: entered promiscuous mode
[  334.550325][T17429] gretap0: entered promiscuous mode
[  335.094044][T17457] netlink: 'syz.1.5487': attribute type 2 has an invalid length.
[  335.127900][T17462] sctp: [Deprecated]: syz.4.5491 (pid 17462) Use of struct sctp_assoc_value in delayed_ack socket option.
[  335.127900][T17462] Use struct sctp_sack_info instead
[  335.185074][T17462] sctp: [Deprecated]: syz.4.5491 (pid 17462) Use of struct sctp_assoc_value in delayed_ack socket option.
[  335.185074][T17462] Use struct sctp_sack_info instead
[  335.902115][T17494] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5505'.
[  336.814800][T17531] netlink: 120 bytes leftover after parsing attributes in process `syz.3.5522'.
[  336.831460][T17532] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5523'.
[  336.832189][T17531] netlink: 'syz.3.5522': attribute type 1 has an invalid length.
[  336.847595][T17532] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5523'.
[  336.866453][T17531] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5522'.
[  336.875918][T17532] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5523'.
[  336.896924][T17532] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5523'.
[  336.915168][T17532] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5523'.
[  337.602809][T17566] netlink: 100 bytes leftover after parsing attributes in process `syz.2.5539'.
[  339.229630][T17643] netlink: 'syz.0.5577': attribute type 2 has an invalid length.
[  339.248799][T17642] openvswitch: netlink: Message has 6 unknown bytes.
[  340.490123][T17696] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  342.087840][T17751] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  342.432830][T17766] __nla_validate_parse: 3 callbacks suppressed
[  342.432851][T17766] netlink: 76 bytes leftover after parsing attributes in process `syz.1.5635'.
[  342.531297][T17772] xt_l2tp: invalid flags combination: 0
[  342.983840][T17799] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5650'.
[  343.709214][T17831] vlan0: entered promiscuous mode
[  343.731976][T17831] bridge0: entered promiscuous mode
[  343.855985][T17837] delete_channel: no stack
[  344.303253][T17863] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5682'.
[  344.320845][T17863] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5682'.
[  344.341652][T17863] netlink: 'syz.1.5682': attribute type 12 has an invalid length.
[  344.358368][T17863] netlink: 'syz.1.5682': attribute type 11 has an invalid length.
[  344.485590][T17871] netlink: 'syz.3.5686': attribute type 2 has an invalid length.
[  344.530806][ T5144] Bluetooth: hci4: command 0x0406 tx timeout
[  344.866004][T17883] IPVS: Scheduler module ip_vs_sip not found
[  345.083278][T17899] tipc: Started in network mode
[  345.099650][T17899] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  345.118516][T17899] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  345.431836][T17917] netlink: 'syz.1.5706': attribute type 3 has an invalid length.
[  346.235437][T17958] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5724'.
[  346.442103][T17967] sctp: [Deprecated]: syz.2.5731 (pid 17967) Use of int in maxseg socket option.
[  346.442103][T17967] Use struct sctp_assoc_value instead
[  346.621343][T17975] netlink: 100 bytes leftover after parsing attributes in process `syz.0.5733'.
[  347.067382][T17996] netlink: 'syz.0.5745': attribute type 1 has an invalid length.
[  347.087392][T17996] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  347.525844][T18019] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5756'.
[  347.566254][T18019] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5756'.
[  347.807573][T18032] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5762'.
[  347.918641][T18036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5764'.
[  347.940513][T18038] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5765'.
[  347.988455][T18038] F: renamed from gre0 (while UP)
[  348.012669][T18041] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5765'.
[  348.052339][T18038] F: entered allmulticast mode
[  348.492669][T18062] vlan2: entered promiscuous mode
[  348.513935][T18062] geneve1: entered promiscuous mode
[  348.525120][T18062] vlan2: entered allmulticast mode
[  348.546503][T18062] geneve1: entered allmulticast mode
[  348.704799][T18076] netlink: 'syz.0.5783': attribute type 2 has an invalid length.
[  349.828448][T18126] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5807'.
[  349.861976][T18126] netlink: 120 bytes leftover after parsing attributes in process `syz.1.5807'.
[  349.883320][T18126] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5807'.
[  349.933561][T18132] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5810'.
[  350.697457][T18167] netlink: 'syz.0.5828': attribute type 1 has an invalid length.
[  350.719581][T18167] netlink: 'syz.0.5828': attribute type 1 has an invalid length.
[  352.624077][T18262] vcan0: entered allmulticast mode
[  353.017764][T18281] netlink: 'syz.3.5882': attribute type 58 has an invalid length.
[  353.027964][T18281] __nla_validate_parse: 3 callbacks suppressed
[  353.027984][T18281] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5882'.
[  353.391438][T18297] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5890'.
[  353.587072][T18296] "syz.1.5889" (18296) uses obsolete ecb(arc4) skcipher
[  354.161026][T18334] veth0_to_bridge: vlans aren't supported yet for dev_uc|mc_add()
[  354.189157][T18337] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5907'.
[  354.383788][T18343] nbd: socks must be embedded in a SOCK_ITEM attr
[  354.944585][T18377] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5926'.
[  355.033968][T18379] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5929'.
[  355.046886][T18379] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5929'.
[  355.214875][T18388] atomic_op ffff88801f6f3998 conn xmit_atomic 0000000000000000
[  355.226200][T18389] netlink: 240 bytes leftover after parsing attributes in process `syz.3.5933'.
[  355.845078][T18421] veth1_macvtap: left promiscuous mode
[  355.851005][T18421] macsec0: entered promiscuous mode
[  355.856340][T18421] macsec0: entered allmulticast mode
[  355.867857][T18421] veth1_macvtap: entered promiscuous mode
[  355.875375][T18421] veth1_macvtap: entered allmulticast mode
[  355.885054][T18421] macsec0: left promiscuous mode
[  355.892156][T18421] macsec0: left allmulticast mode
[  355.897545][T18421] veth1_macvtap: left allmulticast mode
[  355.993051][T18423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5951'.
[  357.331375][T18490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5984'.
[  357.537671][T18502] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5989'.
[  358.330215][T18536] __nla_validate_parse: 2 callbacks suppressed
[  358.330237][T18536] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6006'.
[  358.611453][T18552] netlink: 'syz.3.6014': attribute type 2 has an invalid length.
[  358.756728][T18557] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.6017'.
[  359.489472][T18595] team0: No ports can be present during mode change
[  359.853642][T18612] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6043'.
[  361.193790][T18671] netlink: 81 bytes leftover after parsing attributes in process `syz.4.6069'.
[  361.407125][T18679] netem: change failed
[  362.319380][T18720] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6087'.
[  362.586816][ T5489] veth0_macvtap: left promiscuous mode
[  363.013441][T18750] netlink: 248 bytes leftover after parsing attributes in process `syz.4.6100'.
[  363.327838][T18767] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6106'.
[  363.367924][T18767] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6106'.
[  365.728821][T18864] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6143'.
[  367.117371][T18928] netlink: 'syz.0.6174': attribute type 1 has an invalid length.
[  367.149956][T18928] netlink: 'syz.0.6174': attribute type 7 has an invalid length.
[  367.161696][T18928] netlink: 'syz.0.6174': attribute type 8 has an invalid length.
[  367.176812][T18928] netlink: 208 bytes leftover after parsing attributes in process `syz.0.6174'.
[  367.195918][T18928] NCSI netlink: No device for ifindex 65584
[  367.582152][T18955] sctp: [Deprecated]: syz.3.6186 (pid 18955) Use of struct sctp_assoc_value in delayed_ack socket option.
[  367.582152][T18955] Use struct sctp_sack_info instead
[  367.851298][T18969] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6194'.
[  367.874575][T18969] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6194'.
[  369.089207][T19029] netlink: 104 bytes leftover after parsing attributes in process `syz.0.6221'.
[  369.566885][T19050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6232'.
[  369.686341][T19056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6235'.
[  369.845551][T19062] netlink: 'syz.4.6239': attribute type 1 has an invalid length.
[  369.866762][T19062] netlink: 96 bytes leftover after parsing attributes in process `syz.4.6239'.
[  369.904289][T19062] netlink: 'syz.4.6239': attribute type 1 has an invalid length.
[  369.941198][T19062] netlink: 'syz.4.6239': attribute type 8 has an invalid length.
[  369.964106][T19062] netlink: 582 bytes leftover after parsing attributes in process `syz.4.6239'.
[  370.747515][T19101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6255'.
[  370.770391][T19101] vlan3: entered allmulticast mode
[  370.775802][T19101] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  371.149309][   T30] audit: type=1804 audit(1776280916.326:2): pid=19120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.6264" name="/newroot/1246/cgroup.controllers" dev="tmpfs" ino=6259 res=1 errno=0
[  371.223683][   T30] audit: type=1800 audit(1776280916.356:3): pid=19120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6264" name="cgroup.controllers" dev="tmpfs" ino=6259 res=0 errno=0
[  371.392563][T19129] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  371.564754][T19140] netlink: 'syz.0.6273': attribute type 1 has an invalid length.
[  371.614497][T19140] netlink: 'syz.0.6273': attribute type 2 has an invalid length.
[  371.658929][T19140] netlink: 'syz.0.6273': attribute type 1 has an invalid length.
[  372.144551][T19170] netlink: 272 bytes leftover after parsing attributes in process `syz.2.6289'.
[  372.162537][T19171] netlink: 'syz.3.6288': attribute type 9 has an invalid length.
[  373.136385][T19220] netlink: 'syz.4.6311': attribute type 25 has an invalid length.
[  373.849709][T19252] netlink: 168 bytes leftover after parsing attributes in process `syz.0.6326'.
[  374.208926][T19268] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6333'.
[  374.227070][T19265] bond4: entered promiscuous mode
[  374.304252][T19275] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.6336'.
[  374.316218][T19275] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.6336'.
[  374.679893][T19293] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6345'.
[  374.753045][T19296] netlink: 232 bytes leftover after parsing attributes in process `syz.4.6346'.
[  374.888492][T19301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6349'.
[  374.913933][T19301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6349'.
[  375.329216][T19326] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6360'.
[  375.599588][T19340] netlink: 64 bytes leftover after parsing attributes in process `syz.4.6367'.
[  375.834584][T19352] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.6372'.
[  376.957520][T19407] skbuff: bad partial csum: csum=65535/0 headroom=64 headlen=65537
[  377.402049][T19425] macvtap1: entered promiscuous mode
[  377.420057][T19425] vlan0: entered promiscuous mode
[  377.437820][T19425] macvtap1: entered allmulticast mode
[  377.466147][T19425] vlan0: entered allmulticast mode
[  378.603515][T19488] ipvlan2: entered allmulticast mode
[  378.621097][T19488] syz_tun: entered allmulticast mode
[  378.909231][T19501] xt_hashlimit: size too large, truncated to 1048576
[  378.939088][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.946253][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  378.979452][T19505] �: renamed from vxcan1 (while UP)
[  379.462419][T19527] netlink: 'syz.4.6438': attribute type 8 has an invalid length.
[  379.666668][T19539] netem: change failed
[  380.583956][T19583] __nla_validate_parse: 7 callbacks suppressed
[  380.583977][T19583] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6466'.
[  380.618534][T19588] ipvlan2: entered allmulticast mode
[  380.624203][T19588] batadv_slave_1: entered allmulticast mode
[  380.635205][T19588] batman_adv: batadv0: Adding interface: ipvlan2
[  380.642776][T19588] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  380.676936][T19588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.688446][T19588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.707299][T19588] batman_adv: batadv0: Interface activated: ipvlan2
[  380.835509][T19594] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6472'.
[  380.997280][T19604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6475'.
[  381.075012][T19609] netlink: 'syz.0.6477': attribute type 1 has an invalid length.
[  381.086315][T19609] netlink: 'syz.0.6477': attribute type 7 has an invalid length.
[  381.095369][T19609] netlink: 'syz.0.6477': attribute type 8 has an invalid length.
[  381.105448][T19609] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6477'.
[  381.127995][T19611] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6478'.
[  381.211321][T19616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6480'.
[  381.271761][T19618] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6481'.
[  381.645538][T19636] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6490'.
[  381.769163][T19642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6493'.
[  382.033348][T19657] tipc: New replicast peer: 255.255.255.255
[  382.063967][T19657] tipc: Enabled bearer <udp:syz2>, priority 10
[  382.136836][T19661] netlink: 104 bytes leftover after parsing attributes in process `syz.2.6500'.
[  383.028610][T19699] veth0: entered promiscuous mode
[  383.036541][T19698] veth0: left promiscuous mode
[  383.193117][ T5944] tipc: Node number set to 2886997057
[  384.100404][T19746] blkio.reset_stats is deprecated
[  386.037635][T19836] __nla_validate_parse: 8 callbacks suppressed
[  386.037657][T19836] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6580'.
[  386.117148][T19838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6580'.
[  386.348972][T19846] netem: unknown loss type 0
[  386.366146][T19846] netem: change failed
[  387.683803][T19895] netlink: 'syz.4.6607': attribute type 1 has an invalid length.
[  387.701576][T19897] netlink: 88 bytes leftover after parsing attributes in process `syz.0.6608'.
[  387.713152][T19895] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6607'.
[  388.632532][T19938] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6627'.
[  388.679666][T19938] hsr0: entered promiscuous mode
[  388.721644][T19938] macvlan0: entered allmulticast mode
[  388.752894][T19938] hsr0: entered allmulticast mode
[  388.756999][T19943] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6630'.
[  388.771242][T19938] hsr_slave_0: entered allmulticast mode
[  388.779256][T19938] hsr_slave_1: entered allmulticast mode
[  388.811164][T19945] netlink: 'syz.3.6631': attribute type 11 has an invalid length.
[  390.428679][T20019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6666'.
[  390.442402][T20019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6666'.
[  390.934886][T20046] sch_tbf: burst 0 is lower than device lo mtu (1550) !
[  390.966064][T20048] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6680'.
[  391.171568][T20056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6684'.
[  391.171576][T20058] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6685'.
[  391.212631][T20054] tap0: tun_chr_ioctl cmd 1074025672
[  391.221325][T20054] tap0: ignored: set checksum disabled
[  391.425960][T20069] IPv6: NLM_F_CREATE should be specified when creating new route
[  391.814973][T20089] h: entered promiscuous mode
[  392.041173][T20100] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  392.174467][T20106] bridge0: port 3(syz_tun) entered blocking state
[  392.237171][T20106] bridge0: port 3(syz_tun) entered disabled state
[  392.281024][T20106] syz_tun: entered promiscuous mode
[  392.287553][T20106] bridge0: port 3(syz_tun) entered blocking state
[  392.295534][T20106] bridge0: port 3(syz_tun) entered forwarding state
[  392.892615][T20149] netlink: 'syz.3.6726': attribute type 1 has an invalid length.
[  392.902297][T20149] netlink: 'syz.3.6726': attribute type 2 has an invalid length.
[  392.910660][T20149] netlink: 'syz.3.6726': attribute type 1 has an invalid length.
[  392.918784][T20149] netlink: 'syz.3.6726': attribute type 3 has an invalid length.
[  392.927516][T20149] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6726'.
[  393.678655][T20184] netlink: 'syz.4.6742': attribute type 9 has an invalid length.
[  393.756386][T20186] netlink: 16215 bytes leftover after parsing attributes in process `syz.2.6743'.
[  394.890974][T20240] tipc: Started in network mode
[  394.905638][T20240] tipc: Node identity ac14140f, cluster identity 4711
[  394.935030][T20240] tipc: New replicast peer: 255.255.255.255
[  394.960404][T20240] tipc: Enabled bearer <udp:syz2>, priority 10
[  394.993109][T20245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6770'.
[  395.033391][T20249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6773'.
[  395.616990][T20272] netlink: 'syz.1.6785': attribute type 1 has an invalid length.
[  395.643845][T20272] netlink: 96 bytes leftover after parsing attributes in process `syz.1.6785'.
[  395.667408][T20272] netlink: 1 bytes leftover after parsing attributes in process `syz.1.6785'.
[  395.680605][T20272] netlink: 'syz.1.6785': attribute type 1 has an invalid length.
[  395.712071][T20272] netlink: 'syz.1.6785': attribute type 8 has an invalid length.
[  395.734287][T20272] netlink: 582 bytes leftover after parsing attributes in process `syz.1.6785'.
[  396.079947][  T980] tipc: Node number set to 2886997007
[  396.090767][T20292] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6794'.
[  396.399353][T20306] veth0_to_bridge: entered promiscuous mode
[  396.428263][T20304] veth0_to_bridge: left promiscuous mode
[  397.504487][T20363] __nla_validate_parse: 1 callbacks suppressed
[  397.504507][T20363] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6826'.
[  397.939447][T20383] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6835'.
[  398.114708][T20393] 
: renamed from bond0
[  398.386213][T20407] netlink: 'syz.2.6847': attribute type 21 has an invalid length.
[  398.414405][T20407] netlink: 128 bytes leftover after parsing attributes in process `syz.2.6847'.
[  398.427712][T20407] netlink: 'syz.2.6847': attribute type 4 has an invalid length.
[  398.431921][T20409] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6848'.
[  398.436317][T20407] netlink: 'syz.2.6847': attribute type 5 has an invalid length.
[  398.457742][T20407] netlink: 3 bytes leftover after parsing attributes in process `syz.2.6847'.
[  398.478907][T20412] netlink: 'syz.2.6847': attribute type 21 has an invalid length.
[  398.498650][T20414] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6850'.
[  398.508095][T20412] netlink: 128 bytes leftover after parsing attributes in process `syz.2.6847'.
[  398.547182][T20412] netlink: 'syz.2.6847': attribute type 4 has an invalid length.
[  398.573933][T20412] netlink: 'syz.2.6847': attribute type 5 has an invalid length.
[  398.597549][T20412] netlink: 3 bytes leftover after parsing attributes in process `syz.2.6847'.
[  398.997073][T20436] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6861'.
[  399.069574][T20438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6862'.
[  403.066044][T20614] __nla_validate_parse: 8 callbacks suppressed
[  403.066067][T20614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6940'.
[  403.895000][T20649] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6957'.
[  404.095845][T20657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6962'.
[  404.143154][T20657] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6962'.
[  404.553800][T20676] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6968'.
[  404.587420][T20676] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6968'.
[  404.630049][T20676] netlink: 2 bytes leftover after parsing attributes in process `syz.1.6968'.
[  404.656351][T20676] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6968'.
[  404.683718][T20676] netlink: 2 bytes leftover after parsing attributes in process `syz.1.6968'.
[  404.706151][T20682] tap0: tun_chr_ioctl cmd 1074025678
[  404.722310][T20682] tap0: group set to 0
[  405.057068][T20704] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6979'.
[  407.313555][T20807] netlink: 'syz.0.7026': attribute type 2 has an invalid length.
[  407.447526][T20810] Bluetooth: hci1: too big key_count value 32778
[  407.801611][T20826] netlink: 'syz.4.7035': attribute type 1 has an invalid length.
[  407.834320][T20826] netlink: 'syz.4.7035': attribute type 2 has an invalid length.
[  408.136350][    T9] IPVS: starting estimator thread 0...
[  408.241565][T20841] IPVS: using max 29 ests per chain, 69600 per kthread
[  408.548471][T20857] __nla_validate_parse: 8 callbacks suppressed
[  408.548491][T20857] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7050'.
[  408.615063][T20861] netlink: 10 bytes leftover after parsing attributes in process `syz.4.7052'.
[  408.845494][T20869] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7056'.
[  408.906632][T20869] block nbd1: Unsupported socket: should be TCP or UNIX.
[  408.995280][T20875] veth0: entered promiscuous mode
[  409.017486][T20875] veth0: left promiscuous mode
[  411.371067][T20966] netlink: zone id is out of range
[  411.418693][T20966] netlink: zone id is out of range
[  411.419409][T20964] netlink: set zone limit has 4 unknown bytes
[  412.158136][T20994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7113'.
[  412.655692][T21007] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7119'.
[  412.697292][T21007] macvlan0: left promiscuous mode
[  412.743583][T21007] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7119'.
[  412.955265][T21017] netlink: 'syz.3.7123': attribute type 25 has an invalid length.
[  412.979376][T21017] netlink: 'syz.3.7123': attribute type 28 has an invalid length.
[  413.378345][T21031] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.7129'.
[  413.954705][T21053] netlink: 'syz.0.7138': attribute type 4 has an invalid length.
[  414.295545][T21070] netlink: 284 bytes leftover after parsing attributes in process `syz.1.7146'.
[  414.398335][T21077] tap0: tun_chr_ioctl cmd 2148553947
[  414.530953][T21081] netlink: 766 bytes leftover after parsing attributes in process `syz.2.7150'.
[  414.987138][T21106] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  415.010897][T21107] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  415.233362][T21112] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.333289][T21165] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7190'.
[  416.395383][T21168] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993
[  416.732483][T21185] netlink: 207952 bytes leftover after parsing attributes in process `syz.4.7199'.
[  417.409393][T21219] xt_hashlimit: size too large, truncated to 1048576
[  417.458378][T21215] block nbd0: NBD_DISCONNECT
[  417.533209][T21224] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  417.556727][T21224] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.7215'.
[  417.791328][T21233] syzkaller1: entered promiscuous mode
[  417.797061][T21233] syzkaller1: entered allmulticast mode
[  418.421125][T21266] netlink: 64 bytes leftover after parsing attributes in process `syz.1.7231'.
[  419.674623][T21320] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  419.685844][T21322] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7259'.
[  419.701718][T21322] bond0: ARP target 8.4.0.0 is already present
[  419.720897][T21322] bond0: option arp_ip_target: invalid value (1032)
[  419.920102][T21333] netlink: 'syz.0.7262': attribute type 1 has an invalid length.
[  419.940225][T21333] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7262'.
[  420.218051][T21346] team0 (unregistering): Port device team_slave_0 removed
[  420.251807][T21346] team0 (unregistering): Port device team_slave_1 removed
[  420.524769][T21356] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  421.311706][T21396] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  423.077714][T21471] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7327'.
[  424.481668][T21534] netlink: 'syz.2.7358': attribute type 4 has an invalid length.
[  425.076120][T21561] syzkaller1: entered promiscuous mode
[  425.094552][T21561] syzkaller1: entered allmulticast mode
[  425.153718][T21567] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7372'.
[  425.245774][T21572] netlink: 'syz.0.7375': attribute type 1 has an invalid length.
[  425.272407][T21572] netlink: 88 bytes leftover after parsing attributes in process `syz.0.7375'.
[  425.302694][T21572] netlink: 1 bytes leftover after parsing attributes in process `syz.0.7375'.
[  425.332003][T21572] netlink: 'syz.0.7375': attribute type 1 has an invalid length.
[  425.368991][T21572] netlink: 634 bytes leftover after parsing attributes in process `syz.0.7375'.
[  426.068309][T21605] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  426.232989][T21610] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7391'.
[  426.245212][T21610] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7391'.
[  426.348172][T21617] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.7395'.
[  426.553096][T21627] syzkaller1: entered promiscuous mode
[  426.561414][T21627] syzkaller1: entered allmulticast mode
[  426.574073][T21629] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7400'.
[  426.666269][T21631] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7401'.
[  426.960063][T21642] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7406'.
[  427.257415][T21655] netlink: 'syz.4.7412': attribute type 11 has an invalid length.
[  427.754804][T21678] erspan0: entered promiscuous mode
[  427.973336][T21686] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  428.127736][T21695] netlink: 'syz.4.7431': attribute type 1 has an invalid length.
[  428.401387][T21707] macvlan0: entered promiscuous mode
[  429.763269][T21763] block nbd0: Unsupported socket: should be TCP or UNIX.
[  430.483174][T21794] netlink: 'syz.2.7475': attribute type 10 has an invalid length.
[  430.618915][T21794] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.643882][T21794] bridge_slave_1: left allmulticast mode
[  430.660879][T21794] bridge_slave_1: left promiscuous mode
[  430.670594][T21794] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.725782][T21794] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  431.332409][T21827] __nla_validate_parse: 4 callbacks suppressed
[  431.332430][T21827] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.7486'.
[  431.382281][T21831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7487'.
[  433.085498][T21904] netlink: 212336 bytes leftover after parsing attributes in process `syz.1.7522'.
[  433.233553][T21908] netlink: 'syz.2.7523': attribute type 1 has an invalid length.
[  433.256024][T21910] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7524'.
[  433.311912][T21910] netlink: 65011 bytes leftover after parsing attributes in process `syz.3.7524'.
[  433.600139][T21927] netlink: 'syz.4.7531': attribute type 1 has an invalid length.
[  433.615618][T21927] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7531'.
[  433.640642][T21923] syzkaller1: entered promiscuous mode
[  433.666690][T21923] syzkaller1: entered allmulticast mode
[  433.762309][T21936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7536'.
[  433.773990][T21936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7536'.
[  434.153616][T21953] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.7543'.
[  434.765753][T21958] dvmrp8: entered allmulticast mode
[  434.826306][T21980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7554'.
[  434.849352][ T1114] dvmrp8: left allmulticast mode
[  435.433332][T22006] veth0: entered promiscuous mode
[  435.442202][T22004] veth0: left promiscuous mode
[  435.599106][T22011] netlink: ct family unspecified
[  436.724160][T22067] geneve2: entered promiscuous mode
[  436.736258][   T58] netdevsim netdevsim0 
: set [1, 0] type 2 family 0 port 39551 - 0
[  436.746288][   T58] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 39551 - 0
[  436.767775][   T58] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 39551 - 0
[  436.797792][   T58] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 39551 - 0
[  436.836001][T22073] netlink: 'syz.3.7595': attribute type 2 has an invalid length.
[  436.847694][T22073] netlink: 'syz.3.7595': attribute type 2 has an invalid length.
[  437.737903][T22116] __nla_validate_parse: 3 callbacks suppressed
[  437.737923][T22116] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7615'.
[  440.035138][T22222] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  440.094368][T22226] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.7660'.
[  440.123570][T22225] netlink: 'syz.0.7662': attribute type 10 has an invalid length.
[  440.374002][T22237] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.7666'.
[  440.377494][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  440.391849][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  440.639370][T22245] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7670'.
[  440.822568][T22248] netlink: 27 bytes leftover after parsing attributes in process `syz.0.7672'.
[  441.109980][T22260] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7675'.
[  441.905648][T22283] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.7688'.
[  442.137052][T22297] netlink: 68 bytes leftover after parsing attributes in process `syz.2.7693'.
[  442.153259][T22297] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7693'.
[  443.204302][T22350] syzkaller1: entered promiscuous mode
[  443.221715][T22350] syzkaller1: entered allmulticast mode
[  443.545837][T22371] netlink: 'syz.0.7726': attribute type 20 has an invalid length.
[  443.558744][T22371] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7726'.
[  443.587679][T22371] netlink: 'syz.0.7726': attribute type 20 has an invalid length.
[  443.587834][  T151] netdevsim netdevsim0 
: set [0, 0] type 1 family 0 port 8472 - 0
[  443.596509][T22371] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7726'.
[  443.609070][  T151] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  443.638858][  T151] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  443.657882][T22374] syzkaller1: entered promiscuous mode
[  443.666893][T22374] syzkaller1: entered allmulticast mode
[  443.675131][  T151] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  443.924337][T22385] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7732'.
[  443.978762][T22385] team0: Port device team_slave_0 removed
[  444.491650][T22407] netlink: 'syz.3.7742': attribute type 17 has an invalid length.
[  444.529934][T22407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7742'.
[  444.544531][T22407] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7742'.
[  444.579277][T22407] gretap0: entered promiscuous mode
[  444.587257][T22407] gretap0: left promiscuous mode
[  444.606066][T22415] batadv0: left allmulticast mode
[  444.612954][T22415] batadv0: left promiscuous mode
[  444.618739][T22415] bridge0: port 2(batadv0) entered disabled state
[  444.636043][T22416] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  444.639045][T22415] bridge_slave_0: left allmulticast mode
[  444.675398][T22415] bridge_slave_0: left promiscuous mode
[  444.703959][T22415] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.756910][T22415] 
: (slave bridge_slave_1): Releasing backup interface
[  444.784610][T22415] 
: (slave bond_slave_0): Releasing backup interface
[  444.804132][T22415] 
: (slave bond_slave_1): Releasing backup interface
[  444.816354][T22415] team0: Port device team_slave_1 removed
[  444.823816][T22415] batman_adv: batadv0: Removing interface: batadv_slave_0
[  444.833128][T22415] batman_adv: batadv0: Removing interface: batadv_slave_1
[  444.841705][T22415] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  444.922133][T22422] erspan0: entered promiscuous mode
[  444.992997][T22422] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.001061][T22422] bridge0: port 2(bridge_slave_1) entered forwarding state
[  445.010874][T22422] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.018203][T22422] bridge0: port 1(bridge_slave_0) entered forwarding state
[  445.126440][T22431] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7753'.
[  445.158181][T22431] chnl_net:caif_netlink_parms(): no params data found
[  445.303989][T22435] syzkaller1: entered promiscuous mode
[  445.320411][T22435] syzkaller1: entered allmulticast mode
[  445.374829][T22438] netlink: 512 bytes leftover after parsing attributes in process `syz.0.7757'.
[  445.584630][T22447] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7760'.
[  446.158638][T22477] gretap1: entered promiscuous mode
[  446.185147][T22477] batman_adv: batadv0: Adding interface: gretap1
[  446.188404][T22480] netlink: 'syz.2.7775': attribute type 21 has an invalid length.
[  446.211856][T22477] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  446.216422][T22480] netlink: 'syz.2.7775': attribute type 22 has an invalid length.
[  446.253420][T22480] netlink: 'syz.2.7775': attribute type 23 has an invalid length.
[  446.273036][T22480] netlink: 'syz.2.7775': attribute type 25 has an invalid length.
[  446.283083][T22480] netlink: 'syz.2.7775': attribute type 26 has an invalid length.
[  446.284506][T22477] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  446.294908][T22480] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7775'.
[  446.323246][T22485] netlink: 'syz.0.7777': attribute type 19 has an invalid length.
[  446.341472][T22485] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7777'.
[  446.364960][T22485] netlink: 'syz.0.7777': attribute type 19 has an invalid length.
[  446.549636][T22492] trusted_key: syz.2.7779 sent an empty control message without MSG_MORE.
[  446.771366][   T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  446.781438][ T1114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  447.192242][T22518] syzkaller1: entered promiscuous mode
[  447.220147][T22518] syzkaller1: entered allmulticast mode
[  447.352041][T22523] veth0: entered promiscuous mode
[  447.363791][T22523] veth0 (unregistering): left promiscuous mode
[  447.526557][T22525] PF_CAN: dropped non conform CAN XL skbuff: dev type 280, len 40
[  447.763927][T22537] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  447.791557][T22541] bridge_slave_0: invalid flags given to default FDB implementation
[  448.059871][ T8633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  448.706052][ T1114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  450.482752][T22574] bond5: (slave C): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  450.566724][T22574] bond5: (slave C): Enslaving as an active interface with an up link
[  450.615579][T22574] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  450.974842][T22598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.218490][T22612] validate_nla: 1 callbacks suppressed
[  451.218512][T22612] netlink: 'syz.0.7827': attribute type 21 has an invalid length.
[  451.274177][T22612] __nla_validate_parse: 7 callbacks suppressed
[  451.274199][T22612] netlink: 128 bytes leftover after parsing attributes in process `syz.0.7827'.
[  451.318440][T22612] netlink: 'syz.0.7827': attribute type 5 has an invalid length.
[  451.333745][T22620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7829'.
[  451.361328][T22612] netlink: 'syz.0.7827': attribute type 6 has an invalid length.
[  451.367559][T22620] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7829'.
[  451.372360][T22612] netlink: 3 bytes leftover after parsing attributes in process `syz.0.7827'.
[  451.393549][T22620] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7829'.
[  451.512567][T22620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7829'.
[  451.539049][T22620] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7829'.
[  451.580778][T22620] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7829'.
[  452.033716][T22650] netlink: 'syz.0.7841': attribute type 29 has an invalid length.
[  452.071426][T22650] netlink: 'syz.0.7841': attribute type 29 has an invalid length.
[  452.119332][T22650] netlink: 500 bytes leftover after parsing attributes in process `syz.0.7841'.
[  452.531439][  T151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.540320][   T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.576984][T22671] netlink: 212344 bytes leftover after parsing attributes in process `syz.0.7848'.
[  452.951272][T22687] netlink: 'syz.3.7853': attribute type 12 has an invalid length.
[  453.319355][T22706] netlink: Unknown conntrack attr (0)
[  453.561308][  T151] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x2
[  453.811214][  T151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.016577][T22722] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.028679][T22722] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0
[  454.040568][T22722] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 256 - 0
[  454.121489][T22736] 8021q: adding VLAN 0 to HW filter on device batadv1
[  454.394421][T22722] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.428648][T22722] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0
[  454.442860][T22722] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 256 - 0
[  454.455963][  T151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.796478][T22722] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.832313][T22722] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0
[  454.870536][T22722] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 256 - 0
[  455.087248][T22722] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.125568][T22722] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0
[  455.178553][T22722] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 256 - 0
[  455.555496][  T151] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  455.591541][  T151] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 19999 - 0
[  455.624438][  T151] netdevsim netdevsim2 eth0: set [1, 2] type 2 family 0 port 6081 - 0
[  455.644824][T22787] syzkaller1: tun_chr_ioctl cmd 1074025677
[  455.653838][T22787] syzkaller1: Refused to change device type
[  455.755043][ T1162] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  455.777545][ T1162] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 19999 - 0
[  455.816778][ T1162] netdevsim netdevsim2 eth1: set [1, 2] type 2 family 0 port 6081 - 0
[  455.948134][  T151] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  455.979096][  T151] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 19999 - 0
[  456.000989][  T151] netdevsim netdevsim2 eth2: set [1, 2] type 2 family 0 port 6081 - 0
[  456.096463][ T1162] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  456.124359][ T1162] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 19999 - 0
[  456.164726][ T1162] netdevsim netdevsim2 eth3: set [1, 2] type 2 family 0 port 6081 - 0
[  456.921575][T22827] __nla_validate_parse: 2 callbacks suppressed
[  456.921597][T22827] netlink: 52 bytes leftover after parsing attributes in process `syz.1.7902'.
[  457.008055][T22834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7905'.
[  457.041450][T22834] netlink: 'syz.0.7905': attribute type 18 has an invalid length.
[  457.057467][T22834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7905'.
[  457.134908][T22839] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.7908'.
[  457.163015][T22834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7905'.
[  457.185418][T22834] netlink: 'syz.0.7905': attribute type 18 has an invalid length.
[  457.211510][T22834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7905'.
[  457.223222][T22842] rdma_rxe: rxe_newlink: failed to add vxcan1
[  457.379672][T22851] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7912'.
[  457.580261][T22859] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7917'.
[  457.651679][  T151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.006969][T22882] netlink: 'syz.4.7928': attribute type 1 has an invalid length.
[  458.062891][T22882] 8021q: adding VLAN 0 to HW filter on device bond1
[  458.088022][T22886] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.7929'.
[  458.295474][   T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.735733][T22914] syzkaller1: tun_chr_ioctl cmd 1074025677
[  458.743532][T22914] syzkaller1: Linktype set failed because interface is up
[  458.932775][ T1114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.111268][T22925] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.7948'.
[  459.137177][T22925] netlink: Conntrack attr has 3 unknown bytes
[  459.617732][T22945] pim6reg1: entered promiscuous mode
[  459.631335][T22945] pim6reg1: entered allmulticast mode
[  460.172523][T22972] netlink: 'syz.1.7968': attribute type 22 has an invalid length.
[  460.190722][T22972] netlink: 'syz.1.7968': attribute type 22 has an invalid length.
[  460.995136][T23012] syz_tun: left promiscuous mode
[  461.000665][T23012] bridge0: port 3(syz_tun) entered disabled state
[  461.023259][T23012] bridge_slave_0: left allmulticast mode
[  461.031714][T23012] bridge_slave_0: left promiscuous mode
[  461.039038][T23012] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.075148][T23012] bridge_slave_1: left allmulticast mode
[  461.084685][T23012] bridge_slave_1: left promiscuous mode
[  461.098449][T23012] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.119801][T23012] bond0: (slave ������): Releasing backup interface
[  461.132759][T23012] bond0: (slave bond_slave_1): Releasing backup interface
[  461.156600][T23012] team0: Port device team_slave_0 removed
[  461.181219][T23012] team0: Port device team_slave_1 removed
[  461.188736][T23012] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  461.201796][T23012] batman_adv: batadv0: Removing interface: batadv_slave_0
[  461.216227][T23012] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  461.224621][T23012] batman_adv: batadv0: Removing interface: batadv_slave_1
[  461.234303][T23012] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  461.255226][T23017] team0: Mode changed to "random"
[  461.519171][T23029] lo: left promiscuous mode
[  461.549537][T23029] erspan0: left promiscuous mode
[  461.906092][T23029] bond4: left promiscuous mode
[  461.911959][T23029] batman_adv: batadv0: Interface deactivated: ipvlan2
[  461.969111][ T8633] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  462.010320][ T8633] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.086527][ T8633] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  462.115933][ T8633] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.149979][ T8633] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  462.151272][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880567b0c00: rx timeout, send abort
[  462.177472][ T8633] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.216947][ T8633] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  462.256289][ T8633] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.371995][T23060] __nla_validate_parse: 8 callbacks suppressed
[  462.372015][T23060] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7998'.
[  462.669277][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880567b0c00: abort rx timeout. Force session deactivation
[  462.990511][T23086] syzkaller1: entered promiscuous mode
[  463.010293][T23086] syzkaller1: entered allmulticast mode
[  463.242465][T23095] netlink: 212344 bytes leftover after parsing attributes in process `syz.1.8011'.
[  463.276246][T23096] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8010'.
[  463.331162][ T1162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.413151][  T151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.481323][T23105] netlink: 212328 bytes leftover after parsing attributes in process `syz.1.8013'.
[  463.499533][T23103] bond5: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  463.528172][T23103] bond5: (slave lo): Enslaving as an active interface with an up link
[  463.537784][T23103] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  464.159816][T23136] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8023'.
[  464.627850][T23157] netlink: 212328 bytes leftover after parsing attributes in process `syz.3.8031'.
[  464.647389][T23157] netlink: Unknown conntrack attr (type=2304, max=9)
[  464.690920][ T1162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.063685][T23177] syzkaller1: entered promiscuous mode
[  465.089602][T23177] syzkaller1: entered allmulticast mode
[  465.358815][T23195] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8043'.
[  466.879899][T23227] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  466.902179][T23226] netlink: 33 bytes leftover after parsing attributes in process `syz.0.8052'.
[  466.924731][T23226] netlink: 140 bytes leftover after parsing attributes in process `syz.0.8052'.
[  466.948833][T23226] netlink: 33 bytes leftover after parsing attributes in process `syz.0.8052'.
[  467.674405][T23244] netlink: 'syz.0.8059': attribute type 8 has an invalid length.
[  467.718993][T23244] __nla_validate_parse: 1 callbacks suppressed
[  467.719014][T23244] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8059'.
[  467.792726][T23247] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8060'.
[  467.828419][T23247] netlink: 'syz.2.8060': attribute type 7 has an invalid length.
[  467.840729][T23247] netlink: 'syz.2.8060': attribute type 8 has an invalid length.
[  467.883647][T23247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8060'.
[  468.054640][T23253] netlink: 'syz.1.8063': attribute type 1 has an invalid length.
[  468.236660][T23253] 8021q: adding VLAN 0 to HW filter on device bond2
[  468.250777][T23259] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8065'.
[  468.283055][T23259] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8065'.
[  468.301601][T23259] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8065'.
[  468.345851][T23257] bond2: (slave geneve3): making interface the new active one
[  468.383810][T23257] bond2: (slave geneve3): Enslaving as an active interface with an up link
[  468.532640][T23259] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8065'.
[  468.532672][ T8633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  468.559842][T23259] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8065'.
[  468.567511][ T1162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  468.578272][ T8635] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  468.607324][T23259] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8065'.
[  468.751823][T23267] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8068'.
[  469.191034][T23276] nbd1: detected capacity change from 0 to 63
[  469.227256][T23283] block nbd1: NBD_DISCONNECT
[  469.247182][T23283] block nbd1: Disconnected due to user request.
[  469.278108][T23283] block nbd1: shutting down sockets
[  469.278582][ T5880] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.324784][ T5880] Buffer I/O error on dev nbd1, logical block 0, async page read
[  469.370738][ T5208] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  469.384054][ T5208] Buffer I/O error on dev nbd1, logical block 1, async page read
[  469.395027][ T5208] Buffer I/O error on dev nbd1, logical block 2, async page read
[  469.404633][ T5208] Buffer I/O error on dev nbd1, logical block 3, async page read
[  469.415956][ T5880] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.435467][ T5880] Buffer I/O error on dev nbd1, logical block 0, async page read
[  469.457948][ T5880] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.468881][ T5880] Buffer I/O error on dev nbd1, logical block 1, async page read
[  469.479217][ T5880] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.489229][ T5880] Buffer I/O error on dev nbd1, logical block 2, async page read
[  469.500746][ T5880] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.514257][ T5880] Buffer I/O error on dev nbd1, logical block 3, async page read
[  469.527985][ T5880] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.539349][ T5880] Buffer I/O error on dev nbd1, logical block 0, async page read
[  469.549489][ T5880] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.560545][ T5880] Buffer I/O error on dev nbd1, logical block 1, async page read
[  469.569501][ T5880] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.596490][ T5880] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  469.626718][ T5880] ldm_validate_partition_table(): Disk read failed.
[  469.688981][ T5880] Dev nbd1: unable to read RDB block 0
[  469.738958][ T5880]  nbd1: unable to read partition table
[  469.858886][ T5880] ldm_validate_partition_table(): Disk read failed.
[  469.898113][ T5880] Dev nbd1: unable to read RDB block 0
[  469.933528][ T5880]  nbd1: unable to read partition table
[  470.314489][T23321] wg1: left promiscuous mode
[  470.377843][T23330] netlink: 'syz.3.8088': attribute type 9 has an invalid length.
[  470.378161][T23321] netdevsim netdevsim0 
: left promiscuous mode
[  470.422624][T23321] bond3: left promiscuous mode
[  470.451409][ T8633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.481230][T23321] vlan2: left promiscuous mode
[  470.501333][T23321] geneve1: left promiscuous mode
[  470.538894][T23321] geneve2: left promiscuous mode
[  470.579146][T23330] netlink: 'syz.3.8088': attribute type 9 has an invalid length.
[  470.588071][   T58] netdevsim netdevsim0 
: unset [0, 0] type 1 family 0 port 8472 - 0
[  470.611412][   T58] netdevsim netdevsim0 
: unset [1, 0] type 2 family 0 port 39551 - 0
[  470.642291][   T58] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  470.682098][   T58] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 39551 - 0
[  470.723515][   T58] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  470.755931][   T58] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 39551 - 0
[  470.789609][   T58] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  470.834553][   T58] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 39551 - 0
[  471.514351][T23368] IPv6: sit1: Disabled Multicast RS
[  472.788518][T23416] __nla_validate_parse: 11 callbacks suppressed
[  472.788543][T23416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8124'.
[  472.868169][T23416] netlink: 'syz.4.8124': attribute type 7 has an invalid length.
[  472.900264][T23416] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8124'.
[  472.924471][T23416] erspan0: entered promiscuous mode
[  472.937084][T23416] gretap0: entered promiscuous mode
[  473.097229][T23425] netlink: 140 bytes leftover after parsing attributes in process `syz.3.8128'.
[  473.581732][T23436] netlink: 207952 bytes leftover after parsing attributes in process `syz.3.8132'.
[  473.675397][T23438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8134'.
[  474.290788][ T8633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.299888][ T1114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.308925][ T1162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.537613][T23463] syzkaller1: entered promiscuous mode
[  474.568297][T23463] syzkaller1: entered allmulticast mode
[  475.014199][T23483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8153'.
[  475.703381][T23503] syzkaller1: entered promiscuous mode
[  475.713537][T23503] syzkaller1: entered allmulticast mode
[  476.492914][T23532] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8168'.
[  476.629591][T23536] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.8170'.
[  476.700989][T23513] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  477.321188][T23552] sock: sock_set_timeout: `syz.2.8178' (pid 23552) tries to set negative timeout
[  477.331453][T23555] netlink: 'syz.3.8180': attribute type 4 has an invalid length.
[  477.403675][T23555] netlink: 'syz.3.8180': attribute type 4 has an invalid length.
[  477.502310][T23558] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  477.588402][T23563] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8183'.
[  477.601397][T23563] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8183'.
[  477.637086][T23565] netlink: 'syz.3.8184': attribute type 1 has an invalid length.
[  477.802197][T23569] netlink: 'syz.3.8187': attribute type 1 has an invalid length.
[  477.831004][T23571] netlink: 'syz.1.8186': attribute type 21 has an invalid length.
[  477.852021][T23571] netlink: 'syz.1.8186': attribute type 22 has an invalid length.
[  477.873248][T23571] netlink: 'syz.1.8186': attribute type 23 has an invalid length.
[  477.891770][T23571] netlink: 'syz.1.8186': attribute type 25 has an invalid length.
[  477.910332][T23571] netlink: 96 bytes leftover after parsing attributes in process `syz.1.8186'.
[  477.922854][T23569] bond6: entered promiscuous mode
[  477.945185][T23569] 8021q: adding VLAN 0 to HW filter on device bond6
[  478.079090][T23575] bond6: (slave bridge2): making interface the new active one
[  478.107063][T23575] bridge2: entered promiscuous mode
[  478.123753][T23575] bond6: (slave bridge2): Enslaving as an active interface with an up link
[  478.797532][T23610] netlink: 'syz.4.8204': attribute type 1 has an invalid length.
[  478.807622][T23610] netlink: 'syz.4.8204': attribute type 1 has an invalid length.
[  479.109176][T23622] netlink: 'syz.1.8209': attribute type 1 has an invalid length.
[  479.194968][T23622] bond3: entered promiscuous mode
[  479.201723][T23622] 8021q: adding VLAN 0 to HW filter on device bond3
[  479.330344][ T1162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.348435][T23622] 8021q: adding VLAN 0 to HW filter on device bond3
[  479.373855][T23622] bond3: (slave ip6gre2): The slave device specified does not support setting the MAC address
[  479.394016][T23622] bond3: (slave ip6gre2): Setting fail_over_mac to active for active-backup mode
[  479.429601][T23622] bond3: (slave ip6gre2): making interface the new active one
[  479.448991][T23622] ip6gre2: entered promiscuous mode
[  479.469341][T23622] bond3: (slave ip6gre2): Enslaving as an active interface with an up link
[  480.061290][ T8633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.070492][ T1162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.539254][T23671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8226'.
[  480.668322][T23671] team1: entered promiscuous mode
[  480.684958][T23671] team1: entered allmulticast mode
[  480.848744][T23679] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.918052][T23681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8231'.
[  480.943201][T23681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8231'.
[  481.586525][T23698] netlink: 'syz.3.8239': attribute type 1 has an invalid length.
[  481.596573][T23698] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8239'.
[  481.607479][T23698] netlink: 1 bytes leftover after parsing attributes in process `syz.3.8239'.
[  481.795794][T23703] veth1_to_bond: entered allmulticast mode
[  481.802621][T23700] netlink: 'syz.3.8240': attribute type 16 has an invalid length.
[  481.821360][T23700] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8240'.
[  481.844263][T23703] veth1_to_bond: left allmulticast mode
[  482.724573][T23706] bridge0: port 2(bridge_slave_1) entered disabled state
[  482.731955][T23706] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.165248][T23706] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  483.205805][T23706] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  483.612832][T23706] vlan0: left allmulticast mode
[  483.617936][T23706] vlan0: left promiscuous mode
[  483.834017][T23754] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8254'.
[  483.843873][T23754] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8254'.
[  484.351181][ T8635] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  484.362541][ T8635] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  484.444627][ T8635] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  484.471436][ T8635] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 256 - 0
[  484.497790][ T8635] netdevsim netdevsim2 eth0: unset [1, 1] type 2 family 0 port 19999 - 0
[  484.522162][T23776] netlink: 'syz.2.8259': attribute type 1 has an invalid length.
[  484.522949][ T8635] netdevsim netdevsim2 eth0: unset [1, 2] type 2 family 0 port 6081 - 0
[  484.565641][ T8635] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 256 - 0
[  484.576082][ T8635] netdevsim netdevsim2 eth1: unset [1, 1] type 2 family 0 port 19999 - 0
[  484.585608][ T8635] netdevsim netdevsim2 eth1: unset [1, 2] type 2 family 0 port 6081 - 0
[  484.622856][T23772] syzkaller0: entered promiscuous mode
[  484.628384][T23772] syzkaller0: entered allmulticast mode
[  484.681251][T23781] bond6: (slave bridge9): making interface the new active one
[  484.691397][T23781] bond6: (slave bridge9): Enslaving as an active interface with an up link
[  484.710614][ T8635] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 256 - 0
[  484.734903][ T8635] netdevsim netdevsim2 eth2: unset [1, 1] type 2 family 0 port 19999 - 0
[  484.756622][ T8635] netdevsim netdevsim2 eth2: unset [1, 2] type 2 family 0 port 6081 - 0
[  484.766880][T23783] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8261'.
[  484.975697][T23797] netlink: 'syz.0.8265': attribute type 4 has an invalid length.
[  485.029202][T23800] netlink: 'syz.0.8265': attribute type 4 has an invalid length.
[  487.077865][ T8635] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 256 - 0
[  487.086861][ T8635] netdevsim netdevsim2 eth3: unset [1, 1] type 2 family 0 port 19999 - 0
[  487.096192][ T8635] netdevsim netdevsim2 eth3: unset [1, 2] type 2 family 0 port 6081 - 0
[  487.631197][T23823] tipc: Failed to remove unknown binding: 66,1,1/0:2415272441/2415272443
[  487.652273][T23823] tipc: Failed to remove unknown binding: 66,1,1/0:2415272441/2415272443
[  487.673681][T23825] GUP no longer grows the stack in syz.3.8277 (23825): 200000003000-20000000a000 (200000001000)
[  487.708634][T23825] CPU: 0 UID: 0 PID: 23825 Comm: syz.3.8277 Not tainted syzkaller #0 PREEMPT(full) 
[  487.708665][T23825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  487.708678][T23825] Call Trace:
[  487.708686][T23825]  <TASK>
[  487.708696][T23825]  dump_stack_lvl+0xe8/0x150
[  487.708733][T23825]  __get_user_pages+0x2453/0x29d0
[  487.708788][T23825]  ? __gup_longterm_locked+0xc4e/0x1630
[  487.708815][T23825]  ? down_read_killable+0x1bb/0x340
[  487.708844][T23825]  ? try_get_folio+0xec/0x650
[  487.708877][T23825]  __gup_longterm_locked+0xdcf/0x1630
[  487.708934][T23825]  gup_fast_fallback+0x1d82/0x22e0
[  487.709002][T23825]  ? __pfx_gup_fast_fallback+0x10/0x10
[  487.709032][T23825]  ? is_valid_gup_args+0x11f/0x200
[  487.709061][T23825]  ? get_user_pages_fast+0x4d/0xb0
[  487.709091][T23825]  __iov_iter_get_pages_alloc+0x3b6/0xb10
[  487.709124][T23825]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  487.709160][T23825]  iov_iter_get_pages2+0x5e/0xa0
[  487.709185][T23825]  __se_sys_vmsplice+0x7b3/0x1490
[  487.709239][T23825]  ? __pfx___se_sys_vmsplice+0x10/0x10
[  487.709268][T23825]  ? __pfx_futex_wait+0x10/0x10
[  487.709303][T23825]  ? lockdep_hardirqs_on+0x7a/0x110
[  487.709400][T23825]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.709432][T23825]  do_syscall_64+0x15f/0xf80
[  487.709457][T23825]  ? trace_irq_disable+0x3b/0x140
[  487.709480][T23825]  ? clear_bhb_loop+0x40/0x90
[  487.709508][T23825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.709529][T23825] RIP: 0033:0x7faad959c819
[  487.709550][T23825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  487.709569][T23825] RSP: 002b:00007faada3e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  487.709594][T23825] RAX: ffffffffffffffda RBX: 00007faad9815fa0 RCX: 00007faad959c819
[  487.709609][T23825] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000005
[  487.709623][T23825] RBP: 00007faad9632c91 R08: 0000000000000000 R09: 0000000000000000
[  487.709636][T23825] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  487.709649][T23825] R13: 00007faad9816038 R14: 00007faad9815fa0 R15: 00007fff93262478
[  487.709684][T23825]  </TASK>
[  488.506522][T23847] A link change request failed with some changes committed already. Interface vlan2 may have been left with an inconsistent configuration, please check.
[  488.703303][T23865] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.8294'.
[  489.166528][T23887] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.8301'.
[  489.189433][T23887] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[  489.329116][T23889] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8304'.
[  489.364878][T23889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8304'.
[  489.400582][T23889] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8304'.
[  489.429847][T23889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8304'.
[  490.098863][T23921] xt_CT: You must specify a L4 protocol and not use inversions on it
[  490.108558][T23919] syzkaller1: entered promiscuous mode
[  490.115404][T23919] syzkaller1: entered allmulticast mode
[  490.575472][T23935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8324'.
[  490.704381][T23942] netlink: 'syz.3.8326': attribute type 10 has an invalid length.
[  490.740335][T23942] netlink: 16154 bytes leftover after parsing attributes in process `syz.3.8326'.
[  490.773618][T23947] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.8328'.
[  491.279565][T23967] netlink: 'syz.0.8337': attribute type 1 has an invalid length.
[  491.357266][T23967] 8021q: adding VLAN 0 to HW filter on device bond0
[  491.449136][T23974] bond0: (slave gretap1): making interface the new active one
[  491.462283][T23974] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  491.557713][T23981] netlink: 'syz.0.8341': attribute type 26 has an invalid length.
[  491.568643][T23981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8341'.
[  491.590627][T23981] netlink: 'syz.0.8341': attribute type 26 has an invalid length.
[  491.617826][T23981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8341'.
[  493.007808][T24040] netlink: 'syz.2.8368': attribute type 1 has an invalid length.
[  493.133193][T24044] bond7: (slave gretap2): making interface the new active one
[  493.153035][T24044] bond7: (slave gretap2): Enslaving as an active interface with an up link
[  493.978660][T24068] syzkaller0: entered promiscuous mode
[  493.997112][T24068] syzkaller0: entered allmulticast mode
[  494.297996][T24099] netlink: 'syz.0.8386': attribute type 1 has an invalid length.
[  497.141917][T24099] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  497.152503][T24116] lo: Caught tx_queue_len zero misconfig
[  498.811145][T24186] syzkaller1: entered promiscuous mode
[  498.830165][T24186] syzkaller1: entered allmulticast mode
[  499.216437][T24210] syzkaller1: entered promiscuous mode
[  499.226582][T24210] syzkaller1: entered allmulticast mode
[  499.717365][T24232] sctp: [Deprecated]: syz.0.8429 (pid 24232) Use of int in maxseg socket option.
[  499.717365][T24232] Use struct sctp_assoc_value instead
[  500.136482][T24247] syzkaller1: entered promiscuous mode
[  500.180636][T24247] syzkaller1: entered allmulticast mode
[  500.204118][T24256] __nla_validate_parse: 4 callbacks suppressed
[  500.204138][T24256] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8436'.
[  500.273679][T24256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8436'.
[  500.296510][T24256] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8436'.
[  500.323637][T24256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8436'.
[  501.010897][T24283] netlink: 'syz.1.8447': attribute type 1 has an invalid length.
[  501.024595][T24283] netlink: 'syz.1.8447': attribute type 4 has an invalid length.
[  501.036543][T24283] netlink: 9422 bytes leftover after parsing attributes in process `syz.1.8447'.
[  501.638954][T24309] netlink: 'syz.3.8460': attribute type 1 has an invalid length.
[  501.783210][T24309] 8021q: adding VLAN 0 to HW filter on device bond7
[  501.816487][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.823187][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  502.525712][T24331] geneve4: entered promiscuous mode
[  502.592945][T23755] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  502.638584][T23755] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  502.665913][T23755] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  502.683960][T23755] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  502.694621][T24336] netlink: 208 bytes leftover after parsing attributes in process `syz.4.8468'.
[  502.826559][T24343] netlink: 212360 bytes leftover after parsing attributes in process `syz.0.8469'.
[  503.848260][T24390] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8490'.
[  503.860373][T24390] bridge: RTM_NEWNEIGH with invalid ether address
[  503.872422][T24393] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8489'.
[  503.898874][T24390] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8490'.
[  503.922163][T24390] bridge: RTM_NEWNEIGH with invalid ether address
[  504.128425][T24405] netlink: 'syz.4.8495': attribute type 16 has an invalid length.
[  504.156497][T24398] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.165084][T24405] netlink: 'syz.4.8495': attribute type 17 has an invalid length.
[  504.224282][T24405] F: left allmulticast mode
[  504.241348][T24410] xt_CT: You must specify a L4 protocol and not use inversions on it
[  504.452602][T24405] bond0: left promiscuous mode
[  504.471466][T24405] bond_slave_0: left promiscuous mode
[  504.477557][T24405] bond_slave_1: left promiscuous mode
[  504.486112][T24405] 8021q: adding VLAN 0 to HW filter on device bond0
[  504.522142][T24405] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.529746][T24405] bridge0: port 1(bridge_slave_0) entered forwarding state
[  504.618829][T24405] gretap2: left promiscuous mode
[  504.627004][T24405] gretap2: left allmulticast mode
[  504.654305][T24405] 8021q: adding VLAN 0 to HW filter on device eth0
[  504.663800][T24405] 8021q: adding VLAN 0 to HW filter on device eth1
[  504.675421][T24405] 8021q: adding VLAN 0 to HW filter on device eth2
[  504.685210][T24405] 8021q: adding VLAN 0 to HW filter on device eth3
[  504.700579][T24405] vlan0: left promiscuous mode
[  504.705683][T24405] bridge0: left promiscuous mode
[  504.714916][T24405] macvlan0: left allmulticast mode
[  504.723899][T24405] hsr0: left allmulticast mode
[  504.733194][T24405] hsr_slave_0: left allmulticast mode
[  504.739046][T24405] hsr_slave_1: left allmulticast mode
[  504.751201][T24405] bond_slave_0: entered promiscuous mode
[  504.757152][T24405] bond_slave_1: entered promiscuous mode
[  504.767157][T24405] 8021q: adding VLAN 0 to HW filter on device macvlan1
[  504.778087][T24405] A link change request failed with some changes committed already. Interface syzkaller0 may have been left with an inconsistent configuration, please check.
[  504.805559][T23755] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.813104][T23755] bridge0: port 2(bridge_slave_1) entered forwarding state
[  504.836928][T24407] syzkaller1: entered promiscuous mode
[  504.850165][T24407] syzkaller1: entered allmulticast mode
[  504.875712][ T1162] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  504.898143][ T1162] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  504.919070][ T1162] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  505.026290][ T1162] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  505.297697][T24440] syzkaller0: entered promiscuous mode
[  505.303961][T24440] syzkaller0: entered allmulticast mode
[  507.973953][T24457] erspan0: left promiscuous mode
[  507.993471][T24457] 8021q: adding VLAN 0 to HW filter on device bond0
[  508.003487][T24457] 8021q: adding VLAN 0 to HW filter on device team0
[  508.020151][T24457] bridge0: port 3(dummy0) entered blocking state
[  508.027034][T24457] bridge0: port 3(dummy0) entered forwarding state
[  508.041543][T24457] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  508.463815][T24493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8527'.
[  508.515093][T24493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8527'.
[  508.816514][T24507] netlink: 'syz.3.8532': attribute type 1 has an invalid length.
[  508.837757][T24510] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.8534'.
[  508.892140][T24507] bond8: (slave gretap1): making interface the new active one
[  508.908936][T24507] bond8: (slave gretap1): Enslaving as an active interface with an up link
[  509.056547][T24518] syzkaller1: entered promiscuous mode
[  509.062723][T24518] syzkaller1: entered allmulticast mode
[  509.286205][T24522] bridge0: port 3(dummy0) entered disabled state
[  509.310359][T24526] netlink: 'syz.1.8541': attribute type 16 has an invalid length.
[  509.323624][T24526] netlink: 'syz.1.8541': attribute type 17 has an invalid length.
[  509.366962][T24526] bridge0: port 3(dummy0) entered blocking state
[  509.373565][T24526] bridge0: port 3(dummy0) entered forwarding state
[  509.387891][T24526] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  509.524493][T24537] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8544'.
[  509.998963][T24559] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  510.089453][T24561] netlink: 'syz.2.8555': attribute type 1 has an invalid length.
[  510.116563][T24561] bond8: entered promiscuous mode
[  510.122026][T24561] 8021q: adding VLAN 0 to HW filter on device bond8
[  510.151909][T24527] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  510.161530][T24561] 8021q: adding VLAN 0 to HW filter on device bond8
[  510.180285][T24561] bond8: (slave vti0): The slave device specified does not support setting the MAC address
[  510.212536][T24561] bond8: (slave vti0): Setting fail_over_mac to active for active-backup mode
[  510.271972][T24561] bond8: (slave vti0): making interface the new active one
[  510.285498][T24561] vti0: entered promiscuous mode
[  510.297879][T24561] bond8: (slave vti0): Enslaving as an active interface with an up link
[  510.624867][T24577] netlink: 'syz.3.8560': attribute type 1 has an invalid length.
[  510.647514][T24577] netlink: 'syz.3.8560': attribute type 4 has an invalid length.
[  510.664341][T24577] netlink: 9491 bytes leftover after parsing attributes in process `syz.3.8560'.
[  510.863139][T24581] bond2: option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[  510.906729][T24581] bond2 (unregistering): Released all slaves
[  511.268494][T24568] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -512 0
[  511.777009][T24623] netlink: 'syz.0.8577': attribute type 1 has an invalid length.
[  512.142237][T24625] bond6: (slave gretap2): making interface the new active one
[  512.153571][T24625] bond6: (slave gretap2): Enslaving as an active interface with an up link
[  513.002576][T24657] netlink: 92 bytes leftover after parsing attributes in process `syz.0.8591'.
[  513.147275][T24665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8593'.
[  513.186213][T24667] netlink: 'syz.4.8595': attribute type 30 has an invalid length.
[  513.189875][T24665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8593'.
[  513.194752][ T8635] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  513.219969][T24667] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8595'.
[  513.229528][ T8635] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  513.240389][ T8635] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  513.255738][ T8635] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  514.598060][T24712] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8612'.
[  515.254793][T24739] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8621'.
[  515.630591][T24753] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8627'.
[  515.871156][T24762] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8630'.
[  516.350759][T24786] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8638'.
[  516.871577][T24808] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8646'.
[  516.892412][T24809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8644'.
[  517.101007][T24816] netlink: 7 bytes leftover after parsing attributes in process `syz.3.8647'.
[  517.272484][T24821] netlink: 'syz.3.8649': attribute type 1 has an invalid length.
[  517.348767][T24828] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8649'.
[  517.381791][T24821] bond9: entered promiscuous mode
[  517.389883][T24828] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8649'.
[  517.416761][T24821] 8021q: adding VLAN 0 to HW filter on device bond9
[  517.514287][T24832] bond9: (slave bridge3): making interface the new active one
[  517.522526][T24832] bridge3: entered promiscuous mode
[  517.531985][T24832] bond9: (slave bridge3): Enslaving as an active interface with an up link
[  518.392531][T24866] netlink: 'syz.3.8662': attribute type 1 has an invalid length.
[  518.449502][T24866] bond10: entered promiscuous mode
[  518.458548][T24866] 8021q: adding VLAN 0 to HW filter on device bond10
[  518.516422][T24866] bond10: (slave bridge4): making interface the new active one
[  518.525388][T24866] bridge4: entered promiscuous mode
[  518.545917][T24866] bridge4: left promiscuous mode
[  518.726850][T24876] netlink: 'syz.1.8665': attribute type 1 has an invalid length.
[  518.843277][T24876] 8021q: adding VLAN 0 to HW filter on device bond4
[  519.010721][T24878] 8021q: adding VLAN 0 to HW filter on device bond4
[  519.024604][T24878] bond4: (slave vcan1): The slave device specified does not support setting the MAC address
[  519.036634][T24878] bond4: (slave vcan1): Error -95 calling set_mac_address
[  519.407366][T24790] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  519.453039][T24901] mac80211_hwsim hwsim7 syzkaller0: entered promiscuous mode
[  519.499214][T24901] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode
[  520.072209][T24930] __nla_validate_parse: 3 callbacks suppressed
[  520.072232][T24930] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8686'.
[  520.107421][T24931] netlink: 'syz.2.8684': attribute type 4 has an invalid length.
[  520.176569][T24936] netlink: 'syz.2.8684': attribute type 4 has an invalid length.
[  522.789975][T24947] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  522.975374][T24952] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8690'.
[  523.164382][T24963] netlink: 'syz.4.8695': attribute type 1 has an invalid length.
[  526.858480][T24963] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  526.861376][T24964] netdevsim netdevsim1 
: renamed from netdevsim0
[  527.824563][T25011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8712'.
[  528.088504][T25024] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8715'.
[  528.227501][T25030] netlink: 212360 bytes leftover after parsing attributes in process `syz.3.8716'.
[  528.298474][T25026] netlink: 92 bytes leftover after parsing attributes in process `syz.0.8715'.
[  528.317218][T24984] mpoa:mpoad_close: (<unknown>) going down
[  528.579480][T25043] netlink: 'syz.0.8719': attribute type 1 has an invalid length.
[  528.798671][T25043] bond7: entered promiscuous mode
[  528.820883][T25043] 8021q: adding VLAN 0 to HW filter on device bond7
[  528.880995][T25047] bond7: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  528.925129][T25047] bond7: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  528.963998][T25047] bond7: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  529.301192][ T5929] ==================================================================
[  529.309330][ T5929] BUG: KASAN: slab-use-after-free in sock_def_readable+0x1cb/0x550
[  529.317300][ T5929] Read of size 8 at addr ffff88805723b6c0 by task kworker/1:5/5929
[  529.325311][ T5929] 
[  529.327685][ T5929] CPU: 1 UID: 0 PID: 5929 Comm: kworker/1:5 Not tainted syzkaller #0 PREEMPT(full) 
[  529.327712][ T5929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  529.327725][ T5929] Workqueue: mld mld_ifc_work
[  529.327755][ T5929] Call Trace:
[  529.327763][ T5929]  <TASK>
[  529.327771][ T5929]  dump_stack_lvl+0xe8/0x150
[  529.327801][ T5929]  print_report+0xba/0x230
[  529.327825][ T5929]  ? sock_def_readable+0x1cb/0x550
[  529.327846][ T5929]  kasan_report+0x117/0x150
[  529.327867][ T5929]  ? sock_def_readable+0x1cb/0x550
[  529.327892][ T5929]  sock_def_readable+0x1cb/0x550
[  529.327913][ T5929]  ? sock_def_readable+0xae/0x550
[  529.327934][ T5929]  ? send_to_lecd+0x26d/0x830
[  529.327957][ T5929]  send_to_lecd+0x3e7/0x830
[  529.327981][ T5929]  lec_start_xmit+0xe52/0x2890
[  529.328010][ T5929]  dev_hard_start_xmit+0x2cd/0x830
[  529.328038][ T5929]  sch_direct_xmit+0x251/0x4c0
[  529.328064][ T5929]  ? __pfx_sch_direct_xmit+0x10/0x10
[  529.328092][ T5929]  __dev_queue_xmit+0x180f/0x3950
[  529.328115][ T5929]  ? __dev_queue_xmit+0x2b6/0x3950
[  529.328141][ T5929]  ? __pfx___dev_queue_xmit+0x10/0x10
[  529.328161][ T5929]  ? neigh_resolve_output+0x438/0x750
[  529.328186][ T5929]  ? eth_header+0x11b/0x200
[  529.328203][ T5929]  ? __asan_memcpy+0x40/0x70
[  529.328239][ T5929]  ? ip6_output+0x126/0x550
[  529.328263][ T5929]  ip6_output+0x340/0x550
[  529.328287][ T5929]  ? __pfx_ip6_output+0x10/0x10
[  529.328310][ T5929]  NF_HOOK+0x177/0x4f0
[  529.328335][ T5929]  ? __pfx_NF_HOOK+0x10/0x10
[  529.328368][ T5929]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  529.328389][ T5929]  ? __local_bh_enable_ip+0xd0/0x130
[  529.328414][ T5929]  ? lockdep_hardirqs_on+0x7a/0x110
[  529.328436][ T5929]  ? __local_bh_enable_ip+0xd0/0x130
[  529.328460][ T5929]  ? icmp6_dst_alloc+0x3a6/0x440
[  529.328486][ T5929]  mld_sendpack+0x8b4/0xe40
[  529.328519][ T5929]  ? mld_sendpack+0x213/0xe40
[  529.328543][ T5929]  ? __pfx_mld_sendpack+0x10/0x10
[  529.328576][ T5929]  mld_ifc_work+0x835/0xe70
[  529.328602][ T5929]  ? process_scheduled_works+0xa70/0x1860
[  529.328628][ T5929]  process_scheduled_works+0xb5d/0x1860
[  529.328668][ T5929]  ? __pfx_process_scheduled_works+0x10/0x10
[  529.328695][ T5929]  ? assign_work+0x3d5/0x5e0
[  529.328720][ T5929]  worker_thread+0xa53/0xfc0
[  529.328760][ T5929]  kthread+0x388/0x470
[  529.328778][ T5929]  ? __pfx_worker_thread+0x10/0x10
[  529.328801][ T5929]  ? __pfx_kthread+0x10/0x10
[  529.328819][ T5929]  ret_from_fork+0x514/0xb70
[  529.328846][ T5929]  ? __pfx_ret_from_fork+0x10/0x10
[  529.328870][ T5929]  ? __switch_to+0xc79/0x1410
[  529.328893][ T5929]  ? __pfx_kthread+0x10/0x10
[  529.328912][ T5929]  ret_from_fork_asm+0x1a/0x30
[  529.328947][ T5929]  </TASK>
[  529.328953][ T5929] 
[  529.590392][ T5929] Allocated by task 24985:
[  529.594899][ T5929]  kasan_save_track+0x3e/0x80
[  529.599591][ T5929]  __kasan_slab_alloc+0x6c/0x80
[  529.604530][ T5929]  kmem_cache_alloc_lru_noprof+0x2b8/0x640
[  529.610349][ T5929]  sock_alloc_inode+0x2c/0x190
[  529.615139][ T5929]  alloc_inode+0x6a/0x1b0
[  529.619738][ T5929]  __sock_create+0x12d/0x9d0
[  529.624337][ T5929]  __sys_socket+0xd6/0x1b0
[  529.628847][ T5929]  __x64_sys_socket+0x7a/0x90
[  529.633613][ T5929]  do_syscall_64+0x15f/0xf80
[  529.638300][ T5929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.644193][ T5929] 
[  529.646527][ T5929] Freed by task 15:
[  529.650348][ T5929]  kasan_save_track+0x3e/0x80
[  529.655044][ T5929]  kasan_save_free_info+0x46/0x50
[  529.660076][ T5929]  __kasan_slab_free+0x5c/0x80
[  529.664881][ T5929]  kmem_cache_free+0x180/0x630
[  529.669667][ T5929]  rcu_core+0x7cd/0x1070
[  529.673924][ T5929]  handle_softirqs+0x22a/0x840
[  529.678694][ T5929]  run_ksoftirqd+0x36/0x60
[  529.683204][ T5929]  smpboot_thread_fn+0x541/0xa50
[  529.688151][ T5929]  kthread+0x388/0x470
[  529.692225][ T5929]  ret_from_fork+0x514/0xb70
[  529.696824][ T5929]  ret_from_fork_asm+0x1a/0x30
[  529.701688][ T5929] 
[  529.704086][ T5929] Last potentially related work creation:
[  529.709889][ T5929]  kasan_save_stack+0x3e/0x60
[  529.714590][ T5929]  kasan_record_aux_stack+0xbd/0xd0
[  529.720097][ T5929]  call_rcu+0xee/0x890
[  529.724266][ T5929]  evict+0x95b/0xb10
[  529.728163][ T5929]  __dentry_kill+0x1a2/0x5e0
[  529.733013][ T5929]  finish_dput+0xc9/0x480
[  529.737437][ T5929]  __fput+0x691/0xa60
[  529.741512][ T5929]  task_work_run+0x1d9/0x270
[  529.746136][ T5929]  exit_to_user_mode_loop+0xed/0x480
[  529.751436][ T5929]  do_syscall_64+0x33e/0xf80
[  529.756099][ T5929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.762086][ T5929] 
[  529.764414][ T5929] The buggy address belongs to the object at ffff88805723b600
[  529.764414][ T5929]  which belongs to the cache sock_inode_cache of size 1408
[  529.779238][ T5929] The buggy address is located 192 bytes inside of
[  529.779238][ T5929]  freed 1408-byte region [ffff88805723b600, ffff88805723bb80)
[  529.793563][ T5929] 
[  529.795906][ T5929] The buggy address belongs to the physical page:
[  529.802403][ T5929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57238
[  529.811257][ T5929] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  529.819945][ T5929] memcg:ffff88805723fe01
[  529.824187][ T5929] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  529.831824][ T5929] page_type: f5(slab)
[  529.835812][ T5929] raw: 00fff00000000040 ffff888140412b40 dead000000000100 dead000000000122
[  529.844575][ T5929] raw: 0000000000000000 0000000800150015 00000000f5000000 ffff88805723fe01
[  529.853427][ T5929] head: 00fff00000000040 ffff888140412b40 dead000000000100 dead000000000122
[  529.862293][ T5929] head: 0000000000000000 0000000800150015 00000000f5000000 ffff88805723fe01
[  529.871317][ T5929] head: 00fff00000000003 ffffea00015c8e01 00000000ffffffff 00000000ffffffff
[  529.880337][ T5929] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  529.889106][ T5929] page dumped because: kasan: bad access detected
[  529.895778][ T5929] page_owner tracks the page as allocated
[  529.901574][ T5929] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5823, tgid 5823 (syz-executor), ts 174281145016, free_ts 145943680989
[  529.925022][ T5929]  post_alloc_hook+0x231/0x280
[  529.929802][ T5929]  get_page_from_freelist+0x24dc/0x2580
[  529.935442][ T5929]  __alloc_frozen_pages_noprof+0x18d/0x380
[  529.941436][ T5929]  allocate_slab+0x77/0x660
[  529.945968][ T5929]  refill_objects+0x331/0x3c0
[  529.950746][ T5929]  __pcs_replace_empty_main+0x2e6/0x730
[  529.956299][ T5929]  kmem_cache_alloc_lru_noprof+0x37c/0x640
[  529.962209][ T5929]  sock_alloc_inode+0x2c/0x190
[  529.967147][ T5929]  alloc_inode+0x6a/0x1b0
[  529.971484][ T5929]  __sock_create+0x12d/0x9d0
[  529.976081][ T5929]  __sys_socket+0xd6/0x1b0
[  529.980505][ T5929]  __x64_sys_socket+0x7a/0x90
[  529.985192][ T5929]  do_syscall_64+0x15f/0xf80
[  529.989886][ T5929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.995785][ T5929] page last free pid 5822 tgid 5822 stack trace:
[  530.002199][ T5929]  __free_frozen_pages+0xc2b/0xdb0
[  530.007329][ T5929]  __slab_free+0x263/0x2b0
[  530.011760][ T5929]  qlist_free_all+0x97/0x100
[  530.016362][ T5929]  kasan_quarantine_reduce+0x148/0x160
[  530.021839][ T5929]  __kasan_slab_alloc+0x22/0x80
[  530.026784][ T5929]  kmem_cache_alloc_noprof+0x2bc/0x650
[  530.032341][ T5929]  do_getname+0x2e/0x250
[  530.036695][ T5929]  user_path_at+0x2a/0x160
[  530.041394][ T5929]  __x64_sys_umount+0xf6/0x170
[  530.046173][ T5929]  do_syscall_64+0x15f/0xf80
[  530.050790][ T5929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.056786][ T5929] 
[  530.059111][ T5929] Memory state around the buggy address:
[  530.064919][ T5929]  ffff88805723b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  530.073002][ T5929]  ffff88805723b600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  530.081135][ T5929] >ffff88805723b680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  530.089555][ T5929]                                            ^
[  530.095818][ T5929]  ffff88805723b700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  530.104013][ T5929]  ffff88805723b780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  530.112189][ T5929] ==================================================================
[  530.120795][ T5929] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  530.128105][ T5929] CPU: 1 UID: 0 PID: 5929 Comm: kworker/1:5 Not tainted syzkaller #0 PREEMPT(full) 
[  530.137569][ T5929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  530.147753][ T5929] Workqueue: mld mld_ifc_work
[  530.152621][ T5929] Call Trace:
[  530.155909][ T5929]  <TASK>
[  530.158849][ T5929]  vpanic+0x56c/0xa60
[  530.162938][ T5929]  ? __pfx_vpanic+0x10/0x10
[  530.167463][ T5929]  panic+0xc5/0xd0
[  530.171198][ T5929]  ? __pfx_panic+0x10/0x10
[  530.175633][ T5929]  ? sock_def_readable+0x1cb/0x550
[  530.180752][ T5929]  ? rcu_is_watching+0x15/0xb0
[  530.185637][ T5929]  ? sock_def_readable+0x1cb/0x550
[  530.190766][ T5929]  ? sock_def_readable+0x1cb/0x550
[  530.196147][ T5929]  check_panic_on_warn+0x89/0xb0
[  530.201353][ T5929]  ? sock_def_readable+0x1cb/0x550
[  530.206477][ T5929]  end_report+0x73/0x170
[  530.210730][ T5929]  ? sock_def_readable+0x1cb/0x550
[  530.215852][ T5929]  kasan_report+0x128/0x150
[  530.220368][ T5929]  ? sock_def_readable+0x1cb/0x550
[  530.225498][ T5929]  sock_def_readable+0x1cb/0x550
[  530.230442][ T5929]  ? sock_def_readable+0xae/0x550
[  530.235475][ T5929]  ? send_to_lecd+0x26d/0x830
[  530.240186][ T5929]  send_to_lecd+0x3e7/0x830
[  530.244705][ T5929]  lec_start_xmit+0xe52/0x2890
[  530.249572][ T5929]  dev_hard_start_xmit+0x2cd/0x830
[  530.254702][ T5929]  sch_direct_xmit+0x251/0x4c0
[  530.259493][ T5929]  ? __pfx_sch_direct_xmit+0x10/0x10
[  530.264994][ T5929]  __dev_queue_xmit+0x180f/0x3950
[  530.270040][ T5929]  ? __dev_queue_xmit+0x2b6/0x3950
[  530.275168][ T5929]  ? __pfx___dev_queue_xmit+0x10/0x10
[  530.280605][ T5929]  ? neigh_resolve_output+0x438/0x750
[  530.286098][ T5929]  ? eth_header+0x11b/0x200
[  530.290697][ T5929]  ? __asan_memcpy+0x40/0x70
[  530.295310][ T5929]  ? ip6_output+0x126/0x550
[  530.299827][ T5929]  ip6_output+0x340/0x550
[  530.304164][ T5929]  ? __pfx_ip6_output+0x10/0x10
[  530.309020][ T5929]  NF_HOOK+0x177/0x4f0
[  530.313103][ T5929]  ? __pfx_NF_HOOK+0x10/0x10
[  530.317712][ T5929]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  530.323828][ T5929]  ? __local_bh_enable_ip+0xd0/0x130
[  530.329171][ T5929]  ? lockdep_hardirqs_on+0x7a/0x110
[  530.334386][ T5929]  ? __local_bh_enable_ip+0xd0/0x130
[  530.339692][ T5929]  ? icmp6_dst_alloc+0x3a6/0x440
[  530.344641][ T5929]  mld_sendpack+0x8b4/0xe40
[  530.349162][ T5929]  ? mld_sendpack+0x213/0xe40
[  530.353845][ T5929]  ? __pfx_mld_sendpack+0x10/0x10
[  530.359061][ T5929]  mld_ifc_work+0x835/0xe70
[  530.363589][ T5929]  ? process_scheduled_works+0xa70/0x1860
[  530.369422][ T5929]  process_scheduled_works+0xb5d/0x1860
[  530.375031][ T5929]  ? __pfx_process_scheduled_works+0x10/0x10
[  530.381084][ T5929]  ? assign_work+0x3d5/0x5e0
[  530.385767][ T5929]  worker_thread+0xa53/0xfc0
[  530.390402][ T5929]  kthread+0x388/0x470
[  530.394590][ T5929]  ? __pfx_worker_thread+0x10/0x10
[  530.399906][ T5929]  ? __pfx_kthread+0x10/0x10
[  530.404513][ T5929]  ret_from_fork+0x514/0xb70
[  530.409376][ T5929]  ? __pfx_ret_from_fork+0x10/0x10
[  530.414513][ T5929]  ? __switch_to+0xc79/0x1410
[  530.419387][ T5929]  ? __pfx_kthread+0x10/0x10
[  530.423991][ T5929]  ret_from_fork_asm+0x1a/0x30
[  530.428876][ T5929]  </TASK>
[  530.432623][ T5929] Kernel Offset: disabled
[  530.436961][ T5929] Rebooting in 86400 seconds..