last executing test programs: 9.183795727s ago: executing program 0 (id=21768): r0 = socket$kcm(0xa, 0x6, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000000800000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) setsockopt$sock_attach_bpf(r0, 0x10d, 0xa, &(0x7f0000000000)=r1, 0x11) setsockopt$sock_attach_bpf(r0, 0x10d, 0xa, &(0x7f0000000040)=r1, 0x4) 9.035905719s ago: executing program 0 (id=21772): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) setsockopt$sock_attach_bpf(r0, 0x0, 0x4, 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000000580)={&(0x7f0000000340)={0x2, 0x0, @local}, 0x10, &(0x7f0000000440)=[{&(0x7f00000003c0)='\f', 0x1}], 0x1}, 0xfffc) 8.864711663s ago: executing program 0 (id=21778): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) 8.646569591s ago: executing program 0 (id=21791): r0 = socket$kcm(0x10, 0x2, 0x0) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9ae, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x35f, 0x0, 0x0, 0x0, 0x0, 0xfffa}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d80000001e0081054e81f782060000000000000006007c095dd2466506000e800a00142603600e1208000f0000000406a80016c0080009400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0) 8.501667692s ago: executing program 0 (id=21781): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2a040, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc5d, 0x0, 0x0, 0x0, 0x0, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x8, 0x0, 0x0}}, 0x10) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580)=0x1000000, &(0x7f00000005c0)='%pS \x00'}, 0x20) 8.380829902s ago: executing program 0 (id=21783): r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001180)='./cgroup.net/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000c40), 0x12) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) 5.657333562s ago: executing program 3 (id=21815): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000003c80)="d800000019008111e0020f060d8107040a60000060020000000455a12a00090008000699e3ffffff14000500fe80817806000500000000000074d67f6f9400f7d1d9bbe94fa27108a007a240c77f01896034277ce06bbace8037cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a365ce4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad96267e004dcdf634c1f215ce3bb9ad809d50b69b42a9ecbee5de6ccd44242f4d643f6fd0f26187b51f9ffffff0000e1fffffffffffff39956e4f98b53ced9802b", 0xd8}], 0x1}, 0x40) 2.778598505s ago: executing program 3 (id=21818): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$TUNSETLINK(r0, 0x400454cd, 0x324) 2.583591521s ago: executing program 3 (id=21824): r0 = socket$kcm(0x2c, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r0, 0x11b, 0x2, &(0x7f0000000040)=r1, 0x4) close(0x3) 2.547398844s ago: executing program 3 (id=21825): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB='N-N:', @ANYBLOB='N'], 0x6a) 2.501607497s ago: executing program 3 (id=21826): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="5c00000015006b05c84e21000ab16d6e2306063302000000040002045817d30461bc24eeb556a705251e6182", 0x2c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x800) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b9040a000000e8fe55a1180015000600142603600e1209001800", 0x28}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="043900002000ef02"], 0x33fe0) 2.3443171s ago: executing program 3 (id=21829): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0b00000000010000fd0000000900000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r0}, 0x38) 947.268533ms ago: executing program 2 (id=21846): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x58, &(0x7f00000000c0)}, 0x10) 905.654127ms ago: executing program 4 (id=21847): r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000980)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21ca0000cf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c98cda2948ef0f440d7cad29567e15a7d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf225571f2487fc86acc2bff7d5664abebd6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552d703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8498856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa086d2a39f13f60b51136a945f780687aad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f91b52fc0b241c2db99a187c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f9ac2f7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe8799fe266e2ccac80fefe750151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa796ea7b152d19612297c63bb20e1e0469f7615f67a9218cbace38f5236821314f76302b98afa93044b83989339ca10e6ae30e70e17a82f03e915b8425e8e7a91614306d2ae0bc3550d856f2d7293672b5673d264fc886b0c8bdf436a0fcd21bf9da7bdca98e34cd6e59b0a7ce4ba1b466561aaa35448dff47bb1d7df23d467689a66"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="14000000040000000400000002000200000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="2e01"], 0x50) 723.904811ms ago: executing program 2 (id=21850): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001280)=@base={0x4, 0x4, 0x4, 0x1}, 0x50) r1 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000400), &(0x7f00000004c0)=r1}, 0x20) close(0x3) 580.985383ms ago: executing program 1 (id=21851): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000200)='GPL\x00'}, 0x90) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00'}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f0, &(0x7f0000000080)) 535.867336ms ago: executing program 1 (id=21852): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40600, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) 529.939567ms ago: executing program 4 (id=21853): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000c90000007b8af8ff00000000b7080000000008007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007d00000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 501.573489ms ago: executing program 2 (id=21855): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000001000000b70400000000000085000000330000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a7401", 0x17}], 0x1}, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="93430000520033d087277b9b108b4ab51c", @ANYRES32, @ANYRES8=r0], 0xfe33) 406.242777ms ago: executing program 4 (id=21856): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000780)=ANY=[@ANYBLOB="7a0af8ff75257000bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b25952850a84a70002b2ab3d6ffaa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc44bc25fb591cf77b9dfb379a3f611dbc2a364916f098dab10b1a297cf528666d1ddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e9e54687d3c56d7bedb6b2f25ddb8c640bb321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0b6dd7356aa79d5fabb5c0d0da6d719d7e0efb2bb713d18242cd5df6ca53307a4cdd91be4587f90e317c8de5e5c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1786eda2b20"], &(0x7f0000000100)='GPL\x00'}, 0x48) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001840)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000200), &(0x7f0000000240)=r0}, 0x20) 376.787929ms ago: executing program 1 (id=21857): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e20, @broadcast}, 0x10, 0x0}, 0x4000000) 333.689072ms ago: executing program 2 (id=21858): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000280)={'\x00', 0x400}) close(r0) 307.291975ms ago: executing program 4 (id=21859): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90424fc60100005000a000200053582c137153e37000c09", 0x27}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000190091c8b14a077828123d181d"], 0xfe33) 248.916639ms ago: executing program 1 (id=21860): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000002140)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ae685c0b163ef93d82c7e307969ae8c22842f85899c62ca3a6ff691f1df44c614a5fd33f6f8a4eb689d0910000000096d3635567c2d514698af29411dd54da063469b0e756f055d162dfd2311a63be96f52406aff201b1057a8fc25a4e33b1a296875642eb3a7b7b2cda1bffff2a42c4c333abc80e0000000000004e4c4263ef022b257fdf9d292ba48e3aa93faeb7a3973a6dd9cf527332eb4a5dda77ad0e925d0a9c004dcb78410a3100c44cb61c92d40e31577a4e64c1155008241709504b573381f79b890a2aedbe60114760df9aaca876e5784c61652a5750fbe11f2f135ca57fb01963263262db801bf616aa783aeb7dfe8ee78ebe2800d75080deeeccc47500"/294], &(0x7f0000000040)='syzkaller\x00'}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='initcall_start\x00', r0}, 0x10) r2 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={r2, r1, 0x0, 0x500, &(0x7f00000001c0)='\x00'}, 0x11) 199.100394ms ago: executing program 4 (id=21861): perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x5452, &(0x7f0000000a00)={'dvmrp0\x00', @random='c\b\x00'}) setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000000), 0x4) 145.689218ms ago: executing program 1 (id=21862): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x18) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0xfffffe0f}, 0x20) 145.507138ms ago: executing program 2 (id=21863): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) sendmsg$inet(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) close(r1) 80.992153ms ago: executing program 2 (id=21864): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120019007f00000001"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)='%pS \x00'}, 0x20) 56.388665ms ago: executing program 4 (id=21865): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="63a02a3a340977720a89"], 0xa) 0s ago: executing program 1 (id=21866): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'\x00', 0x6132}) perf_event_open(&(0x7f0000000d00)={0x2, 0x80, 0x6d, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbd0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe3a) kernel console output (not intermixed with test programs): gth. [ 652.251850][ T2801] netlink: 2418 bytes leftover after parsing attributes in process `syz.0.15019'. [ 652.263249][ T2797] netlink: 132 bytes leftover after parsing attributes in process `syz.3.15017'. [ 652.381240][ T2808] netlink: 134056 bytes leftover after parsing attributes in process `syz.2.15022'. [ 652.457272][ T2814] sock: sock_set_timeout: `syz.1.15026' (pid 2814) tries to set negative timeout [ 652.490951][ T2818] netlink: 'syz.4.15036': attribute type 21 has an invalid length. [ 652.531615][ T2818] netlink: 'syz.4.15036': attribute type 6 has an invalid length. [ 652.580274][ T2818] netlink: 132 bytes leftover after parsing attributes in process `syz.4.15036'. [ 653.006619][ T2829] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.15030'. [ 653.177700][ T2849] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 653.186198][ T2849] openvswitch: netlink: Message has 1 unknown bytes. [ 653.453836][ T2871] netlink: 'syz.1.15051': attribute type 11 has an invalid length. [ 654.225207][ T2901] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 654.237235][ T2901] openvswitch: netlink: Message has 1 unknown bytes. [ 654.368365][ T2919] netlink: 'syz.4.15072': attribute type 29 has an invalid length. [ 654.422454][ T2919] netlink: 'syz.4.15072': attribute type 29 has an invalid length. [ 654.592272][ T2948] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 654.604358][ T2948] openvswitch: netlink: Message has 1 unknown bytes. [ 656.990753][ T3082] __nla_validate_parse: 9 callbacks suppressed [ 656.990772][ T3082] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.15143'. [ 657.262017][ T3106] validate_nla: 7 callbacks suppressed [ 657.262034][ T3106] netlink: 'syz.3.15157': attribute type 3 has an invalid length. [ 657.310734][ T3106] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.15157'. [ 657.833200][ T3149] netlink: 'syz.1.15176': attribute type 3 has an invalid length. [ 657.846623][ T3149] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.15176'. [ 658.227860][ T3183] netlink: 'syz.2.15195': attribute type 3 has an invalid length. [ 658.234692][ T3184] netlink: 'syz.1.15204': attribute type 25 has an invalid length. [ 658.241877][ T3183] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.15195'. [ 658.262707][ T3184] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.15204'. [ 658.622159][ T3207] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.15203'. [ 659.741755][ T3240] netlink: 'syz.1.15218': attribute type 17 has an invalid length. [ 659.741856][ T3241] netlink: 'syz.0.15219': attribute type 29 has an invalid length. [ 659.803870][ T3241] netlink: 'syz.0.15219': attribute type 29 has an invalid length. [ 659.836588][ T3250] netlink: 'syz.0.15219': attribute type 29 has an invalid length. [ 659.856986][ T3252] netlink: 15998 bytes leftover after parsing attributes in process `syz.2.15223'. [ 660.222471][ T3284] netlink: 'syz.4.15240': attribute type 29 has an invalid length. [ 660.268560][ T3282] netlink: 'syz.0.15237': attribute type 17 has an invalid length. [ 660.480808][ T3302] netlink: 15998 bytes leftover after parsing attributes in process `syz.3.15245'. [ 660.788189][ T3322] netlink: 10 bytes leftover after parsing attributes in process `syz.4.15257'. [ 661.217882][ T3347] netlink: 15998 bytes leftover after parsing attributes in process `syz.0.15266'. [ 662.078582][ T3400] __nla_validate_parse: 2 callbacks suppressed [ 662.078599][ T3400] netlink: 10 bytes leftover after parsing attributes in process `syz.1.15292'. [ 662.380252][ T3422] validate_nla: 14 callbacks suppressed [ 662.380269][ T3422] netlink: 'syz.0.15310': attribute type 15 has an invalid length. [ 662.433987][ T3422] netlink: 176 bytes leftover after parsing attributes in process `syz.0.15310'. [ 663.516635][ T3492] netlink: 'syz.0.15332': attribute type 28 has an invalid length. [ 663.555712][ T3492] netlink: 'syz.0.15332': attribute type 4 has an invalid length. [ 663.593009][ T3496] netlink: 'syz.3.15334': attribute type 15 has an invalid length. [ 663.601415][ T3492] netlink: 136 bytes leftover after parsing attributes in process `syz.0.15332'. [ 663.655247][ T3496] netlink: 176 bytes leftover after parsing attributes in process `syz.3.15334'. [ 665.050669][ T3567] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.15360'. [ 665.093727][ T3566] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.15360'. [ 665.335959][ T3586] netlink: 'syz.2.15370': attribute type 4 has an invalid length. [ 665.358902][ T3586] netlink: 199824 bytes leftover after parsing attributes in process `syz.2.15370'. [ 665.531738][ T3601] netlink: 'syz.0.15388': attribute type 4 has an invalid length. [ 665.549339][ T3601] netlink: 199824 bytes leftover after parsing attributes in process `syz.0.15388'. [ 665.581548][ T3604] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.15379'. [ 665.636794][ T3603] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.15379'. [ 665.680089][ T3610] netlink: 'syz.4.15382': attribute type 21 has an invalid length. [ 666.006446][ T3631] netlink: 'syz.4.15393': attribute type 4 has an invalid length. [ 666.187185][ T3640] netlink: 'syz.1.15397': attribute type 21 has an invalid length. [ 666.487830][ T3663] netlink: 'syz.1.15406': attribute type 4 has an invalid length. [ 667.536326][ T3729] validate_nla: 1 callbacks suppressed [ 667.536344][ T3729] netlink: 'syz.2.15449': attribute type 21 has an invalid length. [ 668.197745][ T3771] netlink: 'syz.4.15457': attribute type 21 has an invalid length. [ 668.375686][ T3782] __nla_validate_parse: 5 callbacks suppressed [ 668.375705][ T3782] netlink: 164 bytes leftover after parsing attributes in process `syz.0.15462'. [ 669.177188][ T3822] netlink: 64 bytes leftover after parsing attributes in process `syz.4.15483'. [ 669.465619][ T3839] netlink: 'syz.4.15490': attribute type 9 has an invalid length. [ 669.485874][ T3839] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.15490'. [ 669.630700][ T3858] netlink: 132 bytes leftover after parsing attributes in process `syz.1.15496'. [ 669.862469][ T3873] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.15505'. [ 670.048543][ T3885] netlink: 'syz.1.15508': attribute type 9 has an invalid length. [ 670.093613][ T3885] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.15508'. [ 670.417589][ T3904] netlink: 132 bytes leftover after parsing attributes in process `syz.2.15516'. [ 671.309970][ T3959] netlink: 'syz.2.15541': attribute type 10 has an invalid length. [ 671.339706][ T3959] netlink: 'syz.2.15541': attribute type 10 has an invalid length. [ 671.384298][ T3964] netlink: 'syz.2.15541': attribute type 10 has an invalid length. [ 671.441886][ T3968] netlink: 'syz.3.15544': attribute type 7 has an invalid length. [ 671.524369][ T3968] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.15544'. [ 672.846977][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 672.897869][ T4014] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 674.424980][ T4108] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 674.435795][ T4108] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 675.007545][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 675.021341][ T4144] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 675.639503][ T4175] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.15638'. [ 675.662629][ T4175] netlink: 18430 bytes leftover after parsing attributes in process `syz.0.15638'. [ 675.969213][ T4205] netlink: set zone limit has 8 unknown bytes [ 675.996897][ T4223] netlink: 'syz.0.15648': attribute type 10 has an invalid length. [ 676.022779][ T4223] netlink: 'syz.0.15648': attribute type 10 has an invalid length. [ 676.500310][ T4282] netlink: set zone limit has 8 unknown bytes [ 676.704286][ T4290] netlink: 'syz.3.15665': attribute type 10 has an invalid length. [ 676.741057][ T4290] netlink: 'syz.3.15665': attribute type 10 has an invalid length. [ 677.318385][ T4327] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.15684'. [ 677.318789][ T4328] netlink: 'syz.1.15682': attribute type 10 has an invalid length. [ 677.352001][ T4328] netlink: 'syz.1.15682': attribute type 10 has an invalid length. [ 677.375406][ T4327] netlink: 18430 bytes leftover after parsing attributes in process `syz.3.15684'. [ 677.859007][ T4354] netlink: 'syz.2.15698': attribute type 10 has an invalid length. [ 677.915943][ T4354] netlink: 'syz.2.15698': attribute type 10 has an invalid length. [ 679.190115][ T4413] netlink: 'syz.1.15734': attribute type 21 has an invalid length. [ 679.365372][ T4420] netlink: 'syz.3.15726': attribute type 1 has an invalid length. [ 679.386421][ T4420] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.15726'. [ 679.516461][ T4424] netlink: 129384 bytes leftover after parsing attributes in process `syz.1.15728'. [ 680.587499][ T4489] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.15759'. [ 680.605771][ T4486] netlink: 129384 bytes leftover after parsing attributes in process `syz.4.15760'. [ 681.100676][ T4518] netlink: 129384 bytes leftover after parsing attributes in process `syz.0.15773'. [ 681.618720][ T4545] validate_nla: 2 callbacks suppressed [ 681.618787][ T4545] netlink: 'syz.0.15785': attribute type 21 has an invalid length. [ 681.980166][ T4564] netlink: 'syz.1.15795': attribute type 1 has an invalid length. [ 682.011692][ T4564] netlink: 191376 bytes leftover after parsing attributes in process `syz.1.15795'. [ 682.344580][ T4582] netlink: 'syz.0.15804': attribute type 10 has an invalid length. [ 682.515867][ T4593] netlink: 60 bytes leftover after parsing attributes in process `syz.1.15809'. [ 682.818593][ T4609] netlink: 'syz.0.15818': attribute type 1 has an invalid length. [ 682.855586][ T4609] netlink: 191376 bytes leftover after parsing attributes in process `syz.0.15818'. [ 682.866902][ T4611] netlink: 'syz.4.15819': attribute type 10 has an invalid length. [ 683.067332][ T4626] netlink: 60 bytes leftover after parsing attributes in process `syz.0.15824'. [ 683.644579][ T4647] netlink: 11562 bytes leftover after parsing attributes in process `syz.4.15836'. [ 683.817298][ T4656] netlink: 60 bytes leftover after parsing attributes in process `syz.3.15840'. [ 684.426380][ T4695] netlink: 'syz.1.15859': attribute type 16 has an invalid length. [ 684.493539][ T4695] netlink: 'syz.1.15859': attribute type 3 has an invalid length. [ 684.546317][ T4695] netlink: 132 bytes leftover after parsing attributes in process `syz.1.15859'. [ 684.750055][ T4709] netlink: 11562 bytes leftover after parsing attributes in process `syz.0.15866'. [ 685.002613][ T4720] netlink: 'syz.1.15871': attribute type 21 has an invalid length. [ 685.013144][ T4720] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.15871'. [ 685.551059][ T4757] netlink: 'syz.4.15889': attribute type 16 has an invalid length. [ 685.566662][ T4757] netlink: 'syz.4.15889': attribute type 3 has an invalid length. [ 685.715321][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.721774][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.177522][ T4807] __nla_validate_parse: 4 callbacks suppressed [ 686.177540][ T4807] netlink: 1 bytes leftover after parsing attributes in process `syz.2.15923'. [ 687.745619][ T4899] validate_nla: 5 callbacks suppressed [ 687.745686][ T4899] netlink: 'syz.3.15962': attribute type 2 has an invalid length. [ 688.051928][ T4921] netlink: 1 bytes leftover after parsing attributes in process `syz.4.15968'. [ 688.208442][ T4935] netlink: 'syz.4.15973': attribute type 2 has an invalid length. [ 688.317766][ T4939] netlink: 60 bytes leftover after parsing attributes in process `syz.0.15987'. [ 688.735099][ T4959] netlink: 1 bytes leftover after parsing attributes in process `syz.3.15986'. [ 689.044337][ T4977] device vcan0 entered promiscuous mode [ 689.063944][ T4977] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 689.248505][ T4985] netlink: 'syz.0.16001': attribute type 2 has an invalid length. [ 689.277051][ T4985] netlink: 'syz.0.16001': attribute type 3 has an invalid length. [ 689.300255][ T4985] netlink: 132 bytes leftover after parsing attributes in process `syz.0.16001'. [ 690.378231][ T5063] netlink: 'syz.2.16035': attribute type 2 has an invalid length. [ 690.520332][ T5072] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.16040'. [ 690.771493][ T5090] netlink: 129384 bytes leftover after parsing attributes in process `syz.2.16051'. [ 690.917915][ T5099] netlink: 'syz.0.16052': attribute type 2 has an invalid length. [ 691.009259][ T5106] netlink: 'syz.4.16058': attribute type 21 has an invalid length. [ 691.043381][ T5106] netlink: 176 bytes leftover after parsing attributes in process `syz.4.16058'. [ 691.894471][ T5163] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.16084'. [ 691.910242][ T5164] netlink: 60 bytes leftover after parsing attributes in process `syz.4.16083'. [ 691.922376][ T5164] netlink: 60 bytes leftover after parsing attributes in process `syz.4.16083'. [ 691.936204][ T5160] netlink: 60 bytes leftover after parsing attributes in process `syz.4.16083'. [ 691.947743][ T5163] netlink: 8454 bytes leftover after parsing attributes in process `syz.1.16084'. [ 692.600609][ T5199] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.16102'. [ 692.612799][ T5199] netlink: 8454 bytes leftover after parsing attributes in process `syz.4.16102'. [ 692.623841][ T5202] netlink: 60 bytes leftover after parsing attributes in process `syz.1.16101'. [ 692.664817][ T5202] netlink: 60 bytes leftover after parsing attributes in process `syz.1.16101'. [ 692.713820][ T5197] netlink: 60 bytes leftover after parsing attributes in process `syz.1.16101'. [ 695.072510][ T5289] netlink: 'syz.4.16145': attribute type 3 has an invalid length. [ 695.451827][ T5303] netlink: 'syz.4.16152': attribute type 2 has an invalid length. [ 696.389612][ T5362] netlink: 'syz.3.16178': attribute type 3 has an invalid length. [ 697.106006][ T5399] netlink: 'syz.2.16196': attribute type 3 has an invalid length. [ 697.128850][ T5399] __nla_validate_parse: 9 callbacks suppressed [ 697.128867][ T5399] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.16196'. [ 697.238952][ T5411] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.16203'. [ 697.415216][ T5424] netlink: 'syz.1.16218': attribute type 1 has an invalid length. [ 697.717519][ T5449] netlink: 28 bytes leftover after parsing attributes in process `syz.4.16217'. [ 697.731847][ T5449] netlink: 28 bytes leftover after parsing attributes in process `syz.4.16217'. [ 697.754871][ T5443] netlink: 28 bytes leftover after parsing attributes in process `syz.4.16217'. [ 698.122607][ T5476] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.16234'. [ 699.180631][ T5496] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.16241'. [ 699.310999][ T5506] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.16248'. [ 699.590357][ T5520] netlink: 'syz.3.16257': attribute type 1 has an invalid length. [ 699.787566][ T5538] netlink: 'syz.1.16264': attribute type 1 has an invalid length. [ 699.976783][ T5548] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.16267'. [ 700.380221][ T5583] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.16284'. [ 700.692394][ T5606] netlink: 'syz.3.16295': attribute type 1 has an invalid length. [ 700.790543][ T5610] netlink: 'syz.2.16300': attribute type 4 has an invalid length. [ 700.838095][ T5610] netlink: 'syz.2.16300': attribute type 1 has an invalid length. [ 701.394779][ T5649] netlink: 'syz.1.16318': attribute type 7 has an invalid length. [ 701.402664][ T5649] netlink: 'syz.1.16318': attribute type 1 has an invalid length. [ 701.934274][ T5681] netlink: 'syz.3.16332': attribute type 7 has an invalid length. [ 701.960765][ T5681] netlink: 'syz.3.16332': attribute type 1 has an invalid length. [ 702.345819][ T5711] netlink: 'syz.4.16348': attribute type 7 has an invalid length. [ 702.368330][ T5711] netlink: 'syz.4.16348': attribute type 1 has an invalid length. [ 702.405762][ T5711] __nla_validate_parse: 4 callbacks suppressed [ 702.405781][ T5711] netlink: 191376 bytes leftover after parsing attributes in process `syz.4.16348'. [ 702.571720][ T5730] netlink: 830 bytes leftover after parsing attributes in process `syz.0.16356'. [ 702.636767][ T5734] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.16358'. [ 703.001101][ T5766] netlink: 830 bytes leftover after parsing attributes in process `syz.4.16371'. [ 703.410004][ T5803] netlink: 830 bytes leftover after parsing attributes in process `syz.3.16386'. [ 704.816371][ T5865] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.16419'. [ 704.845483][ T5865] netlink: del zone limit has 8 unknown bytes [ 704.891695][ T5873] netlink: 'syz.4.16421': attribute type 21 has an invalid length. [ 705.707594][ T5902] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.16435'. [ 705.717935][ T5902] netlink: del zone limit has 8 unknown bytes [ 705.783725][ T5905] netlink: 'syz.0.16447': attribute type 21 has an invalid length. [ 706.220051][ T5931] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.16450'. [ 706.264513][ T5931] netlink: del zone limit has 8 unknown bytes [ 706.307202][ T5936] netlink: 'syz.2.16452': attribute type 21 has an invalid length. [ 707.236445][ T5963] netlink: 'syz.0.16465': attribute type 1 has an invalid length. [ 707.262235][ T5963] netlink: 16255 bytes leftover after parsing attributes in process `syz.0.16465'. [ 708.632946][ T5997] delete_channel: no stack [ 710.095120][ T6045] delete_channel: no stack [ 710.602426][ T6064] netlink: 763 bytes leftover after parsing attributes in process `syz.3.16521'. [ 711.884280][ T6101] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16527'. [ 711.901029][ T6101] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16527'. [ 711.921015][ T6098] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16527'. [ 715.191733][ T6128] netlink: 763 bytes leftover after parsing attributes in process `syz.2.16538'. [ 715.786403][ T6148] netlink: 'syz.3.16550': attribute type 3 has an invalid length. [ 715.803733][ T6148] netlink: 132 bytes leftover after parsing attributes in process `syz.3.16550'. [ 715.972949][ T6154] netlink: 'syz.4.16553': attribute type 17 has an invalid length. [ 716.128176][ T6166] netlink: 'syz.2.16559': attribute type 21 has an invalid length. [ 717.246094][ T6213] netlink: 132 bytes leftover after parsing attributes in process `syz.3.16581'. [ 717.397914][ T6229] netlink: 'syz.1.16588': attribute type 12 has an invalid length. [ 717.415675][ T6229] netlink: 14585 bytes leftover after parsing attributes in process `syz.1.16588'. [ 717.921697][ T6258] netlink: 105120 bytes leftover after parsing attributes in process `syz.2.16601'. [ 717.941918][ T6258] netlink: 'syz.2.16601': attribute type 2 has an invalid length. [ 718.146583][ T6271] netlink: 180 bytes leftover after parsing attributes in process `syz.0.16608'. [ 718.337504][ T6286] netlink: 'syz.0.16616': attribute type 7 has an invalid length. [ 718.462654][ T6296] netlink: 38831 bytes leftover after parsing attributes in process `syz.0.16621'. [ 718.571529][ T6305] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.16622'. [ 718.835703][ T6323] netlink: 'syz.2.16631': attribute type 7 has an invalid length. [ 718.971076][ T6332] netlink: 38831 bytes leftover after parsing attributes in process `syz.1.16634'. [ 719.124230][ T6348] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.16638'. [ 719.261499][ T6357] netlink: 'syz.3.16649': attribute type 7 has an invalid length. [ 719.330227][ T6363] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.16659'. [ 719.469337][ T6365] netlink: 'syz.1.16650': attribute type 2 has an invalid length. [ 720.440769][ T6421] netlink: 'syz.0.16689': attribute type 21 has an invalid length. [ 721.751636][ T6476] netlink: 'syz.4.16704': attribute type 21 has an invalid length. [ 722.068068][ T6498] netlink: 'syz.0.16715': attribute type 29 has an invalid length. [ 722.077195][ T6498] netlink: 'syz.0.16715': attribute type 29 has an invalid length. [ 722.092089][ T6498] netlink: 'syz.0.16715': attribute type 29 has an invalid length. [ 722.240896][ T6505] netlink: 'syz.0.16720': attribute type 3 has an invalid length. [ 722.263551][ T6505] __nla_validate_parse: 3 callbacks suppressed [ 722.263590][ T6505] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.16720'. [ 722.925438][ T6551] netlink: 'syz.4.16737': attribute type 3 has an invalid length. [ 722.947004][ T6551] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.16737'. [ 723.333994][ C0] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1 [ 723.336338][ T6580] netlink: 'syz.2.16753': attribute type 3 has an invalid length. [ 723.373550][ T6580] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.16753'. [ 723.746858][ T6606] netlink: 65047 bytes leftover after parsing attributes in process `syz.4.16767'. [ 723.799517][ T6607] netlink: 'syz.2.16766': attribute type 17 has an invalid length. [ 723.828138][ T6607] netlink: 152 bytes leftover after parsing attributes in process `syz.2.16766'. [ 723.852515][ T6607] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 724.179975][ T6629] netlink: 132 bytes leftover after parsing attributes in process `syz.0.16777'. [ 724.360760][ T6635] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.16780'. [ 724.489439][ T6642] netlink: 'syz.1.16783': attribute type 17 has an invalid length. [ 724.587100][ T6642] netlink: 152 bytes leftover after parsing attributes in process `syz.1.16783'. [ 724.725100][ T6642] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 724.777761][ T6642] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 724.800152][ T6644] netlink: 17279 bytes leftover after parsing attributes in process `syz.2.16784'. [ 725.907340][ T6674] netlink: 'syz.0.16796': attribute type 7 has an invalid length. [ 725.944209][ T6676] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.16797'. [ 725.990185][ T6680] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 726.035133][ T6680] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 727.146615][ T6744] validate_nla: 4 callbacks suppressed [ 727.146635][ T6744] netlink: 'syz.3.16832': attribute type 7 has an invalid length. [ 728.070439][ T6775] netlink: 'syz.4.16846': attribute type 7 has an invalid length. [ 728.416767][ T6787] netlink: 'syz.2.16851': attribute type 21 has an invalid length. [ 728.441693][ T6787] netlink: 'syz.2.16851': attribute type 1 has an invalid length. [ 731.010845][ T6900] __nla_validate_parse: 5 callbacks suppressed [ 731.010862][ T6900] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.16902'. [ 731.722035][ T6937] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.16917'. [ 731.856620][ T6949] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.16931'. [ 732.386035][ T6976] netlink: 'syz.3.16934': attribute type 1 has an invalid length. [ 732.407638][ T6976] netlink: 5 bytes leftover after parsing attributes in process `syz.3.16934'. [ 732.961438][ T7012] netlink: 'syz.0.16954': attribute type 1 has an invalid length. [ 732.972226][ T7012] netlink: 5 bytes leftover after parsing attributes in process `syz.0.16954'. [ 733.290235][ T7033] netlink: 134056 bytes leftover after parsing attributes in process `syz.0.16963'. [ 733.666316][ T7052] netlink: 180 bytes leftover after parsing attributes in process `syz.1.16981'. [ 733.687171][ T7052] netlink: 180 bytes leftover after parsing attributes in process `syz.1.16981'. [ 733.881405][ T7065] netlink: 'syz.4.16982': attribute type 1 has an invalid length. [ 733.902119][ T7069] netlink: 134056 bytes leftover after parsing attributes in process `syz.1.16980'. [ 733.935591][ T7065] netlink: 5 bytes leftover after parsing attributes in process `syz.4.16982'. [ 734.528839][ T7104] C: renamed from team_slave_0 [ 736.609388][ T7161] C: renamed from team_slave_0 [ 736.705550][ T7161] __nla_validate_parse: 5 callbacks suppressed [ 736.705567][ T7161] netlink: 164 bytes leftover after parsing attributes in process `syz.3.17024'. [ 736.734235][ T7167] netlink: 'syz.0.17026': attribute type 1 has an invalid length. [ 736.760312][ T7167] netlink: 199572 bytes leftover after parsing attributes in process `syz.0.17026'. [ 736.863671][ T7172] netlink: 134056 bytes leftover after parsing attributes in process `syz.4.17029'. [ 736.955935][ T7178] netlink: 'syz.0.17032': attribute type 3 has an invalid length. [ 736.974069][ T7178] netlink: 'syz.0.17032': attribute type 1 has an invalid length. [ 736.990496][ T7178] netlink: 193404 bytes leftover after parsing attributes in process `syz.0.17032'. [ 737.427991][ T7212] netlink: 'syz.2.17048': attribute type 3 has an invalid length. [ 737.449820][ T7212] netlink: 'syz.2.17048': attribute type 1 has an invalid length. [ 737.491176][ T7212] netlink: 193404 bytes leftover after parsing attributes in process `syz.2.17048'. [ 738.097540][ T7248] netlink: 'syz.1.17065': attribute type 3 has an invalid length. [ 738.126025][ T7248] netlink: 'syz.1.17065': attribute type 1 has an invalid length. [ 738.147863][ T7248] netlink: 193404 bytes leftover after parsing attributes in process `syz.1.17065'. [ 738.266806][ T7258] netlink: 'syz.2.17072': attribute type 1 has an invalid length. [ 738.297931][ T7258] netlink: 199572 bytes leftover after parsing attributes in process `syz.2.17072'. [ 739.974478][ T7367] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.17125'. [ 740.098802][ T7381] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17139'. [ 740.123666][ T7381] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17139'. [ 740.999698][ T7445] netlink: 'syz.3.17165': attribute type 10 has an invalid length. [ 741.378035][ T7467] netlink: 'syz.2.17173': attribute type 29 has an invalid length. [ 741.406005][ T7467] netlink: 'syz.2.17173': attribute type 29 has an invalid length. [ 741.417657][ T7467] netlink: 'syz.2.17173': attribute type 29 has an invalid length. [ 742.069812][ T7483] netlink: 'syz.4.17178': attribute type 3 has an invalid length. [ 742.112799][ T7483] __nla_validate_parse: 8 callbacks suppressed [ 742.112908][ T7483] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.17178'. [ 742.337547][ T7498] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.17186'. [ 742.337660][ T7497] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.17184'. [ 742.478573][ T7510] validate_nla: 1 callbacks suppressed [ 742.478591][ T7510] netlink: 'syz.4.17189': attribute type 10 has an invalid length. [ 742.780526][ T7529] netlink: 'syz.2.17198': attribute type 3 has an invalid length. [ 742.790366][ T7529] netlink: 'syz.2.17198': attribute type 8 has an invalid length. [ 742.802564][ T7529] netlink: 197324 bytes leftover after parsing attributes in process `syz.2.17198'. [ 742.927247][ T7531] can: request_module (can-proto-0) failed. [ 743.301886][ T7564] netlink: 'syz.3.17214': attribute type 3 has an invalid length. [ 743.331049][ T7564] netlink: 'syz.3.17214': attribute type 8 has an invalid length. [ 743.361308][ T7564] netlink: 197324 bytes leftover after parsing attributes in process `syz.3.17214'. [ 743.730973][ T7572] can: request_module (can-proto-0) failed. [ 744.540446][ T7609] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.17230'. [ 745.140418][ T7650] netlink: 'syz.4.17253': attribute type 6 has an invalid length. [ 745.156394][ T7650] netlink: 164 bytes leftover after parsing attributes in process `syz.4.17253'. [ 746.204540][ T7713] netlink: 'syz.0.17282': attribute type 10 has an invalid length. [ 746.212894][ T7713] netlink: 210880 bytes leftover after parsing attributes in process `syz.0.17282'. [ 746.977356][ T7733] netlink: 'syz.0.17290': attribute type 10 has an invalid length. [ 747.003136][ T7733] netlink: 'syz.0.17290': attribute type 19 has an invalid length. [ 747.012782][ T7733] netlink: 156 bytes leftover after parsing attributes in process `syz.0.17290'. [ 747.040862][ T7740] netlink: 60 bytes leftover after parsing attributes in process `syz.4.17294'. [ 747.155561][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.161921][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.428570][ T7768] netlink: 'syz.4.17308': attribute type 10 has an invalid length. [ 747.437150][ T7768] __nla_validate_parse: 2 callbacks suppressed [ 747.437164][ T7768] netlink: 210880 bytes leftover after parsing attributes in process `syz.4.17308'. [ 747.459677][ T7770] netlink: 156 bytes leftover after parsing attributes in process `syz.2.17309'. [ 747.838377][ T7802] validate_nla: 2 callbacks suppressed [ 747.838395][ T7802] netlink: 'syz.3.17325': attribute type 10 has an invalid length. [ 747.868753][ T7802] netlink: 'syz.3.17325': attribute type 19 has an invalid length. [ 747.878596][ T7802] netlink: 156 bytes leftover after parsing attributes in process `syz.3.17325'. [ 748.187197][ T7830] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17344'. [ 748.197517][ T7830] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17344'. [ 748.233741][ T7822] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17344'. [ 748.707441][ T7865] netlink: 1042 bytes leftover after parsing attributes in process `syz.0.17356'. [ 749.481388][ T7926] netlink: 60 bytes leftover after parsing attributes in process `syz.2.17384'. [ 750.816770][ T7964] netlink: 1042 bytes leftover after parsing attributes in process `syz.3.17403'. [ 750.930180][ T7973] netlink: 763 bytes leftover after parsing attributes in process `syz.0.17407'. [ 751.065927][ T7978] netlink: 'syz.0.17410': attribute type 9 has an invalid length. [ 751.293934][ T7997] netlink: 'syz.3.17419': attribute type 3 has an invalid length. [ 751.506347][ T8003] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 751.785854][ T8019] netlink: 'syz.1.17430': attribute type 9 has an invalid length. [ 751.810004][ T8021] netlink: 'syz.2.17431': attribute type 29 has an invalid length. [ 751.856278][ T8021] netlink: 'syz.2.17431': attribute type 29 has an invalid length. [ 752.024381][ T8028] netlink: 'syz.4.17435': attribute type 3 has an invalid length. [ 752.051463][ T8030] netlink: 'syz.2.17436': attribute type 2 has an invalid length. [ 752.594045][ T8060] netlink: 'syz.1.17450': attribute type 3 has an invalid length. [ 752.630257][ T8060] __nla_validate_parse: 9 callbacks suppressed [ 752.630273][ T8060] netlink: 13435 bytes leftover after parsing attributes in process `syz.1.17450'. [ 753.420527][ T8085] netlink: 'syz.0.17473': attribute type 29 has an invalid length. [ 753.467262][ T8085] netlink: 'syz.0.17473': attribute type 29 has an invalid length. [ 753.628624][ T8093] netlink: 'syz.1.17465': attribute type 1 has an invalid length. [ 753.646942][ T8093] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.17465'. [ 753.667308][ T8093] netlink: 'syz.1.17465': attribute type 1 has an invalid length. [ 754.156576][ T8123] netlink: 'syz.1.17480': attribute type 21 has an invalid length. [ 754.161951][ T8124] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.17482'. [ 754.232840][ T8124] debugfs: Directory '!!ô' with parent 'ieee80211' already present! [ 754.827621][ T8161] netlink: 'syz.0.17499': attribute type 21 has an invalid length. [ 754.942859][ T8169] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.17504'. [ 754.970585][ T8169] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô' [ 755.003924][ T8169] CPU: 1 PID: 8169 Comm: syz.4.17504 Not tainted 5.15.189-syzkaller #0 [ 755.012456][ T8169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 755.022587][ T8169] Call Trace: [ 755.025894][ T8169] [ 755.028835][ T8169] dump_stack_lvl+0x168/0x230 [ 755.033630][ T8169] ? show_regs_print_info+0x20/0x20 [ 755.038842][ T8169] ? load_image+0x3b0/0x3b0 [ 755.043380][ T8169] sysfs_warn_dup+0x8a/0xa0 [ 755.047895][ T8169] sysfs_do_create_link_sd+0xc0/0x110 [ 755.053292][ T8169] device_add+0x7ed/0xfb0 [ 755.057729][ T8169] wiphy_register+0x1d67/0x2b20 [ 755.062602][ T8169] ? cfg80211_event_work+0x40/0x40 [ 755.067721][ T8169] ? minstrel_ht_alloc+0x808/0x980 [ 755.072856][ T8169] ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0 [ 755.078937][ T8169] ieee80211_register_hw+0x29b1/0x39d0 [ 755.084400][ T8169] ? lockdep_hardirqs_on+0x94/0x140 [ 755.089623][ T8169] ? ieee80211_tasklet_handler+0x20/0x20 [ 755.095263][ T8169] ? rcu_is_watching+0x11/0xa0 [ 755.100048][ T8169] ? memset+0x1e/0x40 [ 755.104048][ T8169] ? hrtimer_init+0x10c/0x220 [ 755.108736][ T8169] mac80211_hwsim_new_radio+0x20d3/0x4080 [ 755.114478][ T8169] hwsim_new_radio_nl+0xa6f/0xc40 [ 755.119524][ T8169] genl_rcv_msg+0xbc6/0xf40 [ 755.124044][ T8169] ? genl_bind+0x370/0x370 [ 755.128478][ T8169] ? verify_lock_unused+0x140/0x140 [ 755.133777][ T8169] ? perf_trace_lock_acquire+0xe3/0x3c0 [ 755.139336][ T8169] ? trace_event_raw_event_lock_acquire+0x2b0/0x2b0 [ 755.145937][ T8169] ? hwsim_tx_info_frame_received_nl+0x1010/0x1010 [ 755.152469][ T8169] netlink_rcv_skb+0x1e0/0x430 [ 755.157275][ T8169] ? genl_bind+0x370/0x370 [ 755.161704][ T8169] ? netlink_ack+0xb60/0xb60 [ 755.166308][ T8169] ? __lock_acquire+0x7c60/0x7c60 [ 755.171360][ T8169] ? preempt_count_add+0x8d/0x190 [ 755.176403][ T8169] ? down_read+0x1aa/0x2e0 [ 755.180833][ T8169] genl_rcv+0x24/0x40 [ 755.184827][ T8169] netlink_unicast+0x774/0x920 [ 755.189620][ T8169] netlink_sendmsg+0x8ab/0xbc0 [ 755.194407][ T8169] ? netlink_getsockopt+0x560/0x560 [ 755.199616][ T8169] ? aa_sock_msg_perm+0x94/0x150 [ 755.204558][ T8169] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 755.209850][ T8169] ? security_socket_sendmsg+0x7c/0xa0 [ 755.215320][ T8169] ? netlink_getsockopt+0x560/0x560 [ 755.220533][ T8169] ____sys_sendmsg+0x5a2/0x8c0 [ 755.225308][ T8169] ? memset+0x1e/0x40 [ 755.229300][ T8169] ? __sys_sendmsg_sock+0x30/0x30 [ 755.234361][ T8169] ? import_iovec+0x6f/0xa0 [ 755.238878][ T8169] ___sys_sendmsg+0x1f0/0x260 [ 755.243570][ T8169] ? __sys_sendmsg+0x250/0x250 [ 755.248439][ T8169] ? sock_setsockopt+0x1502/0x2270 [ 755.253592][ T8169] ? __fdget+0x18b/0x210 [ 755.257838][ T8169] __se_sys_sendmsg+0x190/0x250 [ 755.262692][ T8169] ? __x64_sys_sendmsg+0x80/0x80 [ 755.267636][ T8169] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 755.273640][ T8169] ? lockdep_hardirqs_on+0x94/0x140 [ 755.278846][ T8169] do_syscall_64+0x4c/0xa0 [ 755.283268][ T8169] ? clear_bhb_loop+0x30/0x80 [ 755.287968][ T8169] ? clear_bhb_loop+0x30/0x80 [ 755.292735][ T8169] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 755.298648][ T8169] RIP: 0033:0x7f8065611be9 [ 755.303099][ T8169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.322815][ T8169] RSP: 002b:00007f8063879038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 755.331301][ T8169] RAX: ffffffffffffffda RBX: 00007f8065838fa0 RCX: 00007f8065611be9 [ 755.339380][ T8169] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 755.347356][ T8169] RBP: 00007f8065694e19 R08: 0000000000000000 R09: 0000000000000000 [ 755.355326][ T8169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.363312][ T8169] R13: 00007f8065839038 R14: 00007f8065838fa0 R15: 00007fff9791e9f8 [ 755.371341][ T8169] [ 756.160218][ T8199] netlink: 'syz.0.17526': attribute type 10 has an invalid length. [ 756.199380][ T8199] netlink: 210880 bytes leftover after parsing attributes in process `syz.0.17526'. [ 756.428208][ T8212] netlink: 132 bytes leftover after parsing attributes in process `syz.0.17522'. [ 756.736451][ T8229] netlink: 134268 bytes leftover after parsing attributes in process `syz.2.17532'. [ 758.053512][ T8294] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.17558'. [ 758.076625][ T8295] netlink: 132 bytes leftover after parsing attributes in process `syz.1.17560'. [ 758.136408][ T8294] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô' [ 758.162999][ T8294] CPU: 0 PID: 8294 Comm: syz.3.17558 Not tainted 5.15.189-syzkaller #0 [ 758.171302][ T8294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 758.181387][ T8294] Call Trace: [ 758.184711][ T8294] [ 758.187679][ T8294] dump_stack_lvl+0x168/0x230 [ 758.192388][ T8294] ? show_regs_print_info+0x20/0x20 [ 758.197653][ T8294] ? load_image+0x3b0/0x3b0 [ 758.202213][ T8294] sysfs_warn_dup+0x8a/0xa0 [ 758.206839][ T8294] sysfs_do_create_link_sd+0xc0/0x110 [ 758.212251][ T8294] device_add+0x7ed/0xfb0 [ 758.216622][ T8294] wiphy_register+0x1d67/0x2b20 [ 758.221613][ T8294] ? cfg80211_event_work+0x40/0x40 [ 758.226757][ T8294] ? minstrel_ht_alloc+0x808/0x980 [ 758.231920][ T8294] ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0 [ 758.238041][ T8294] ieee80211_register_hw+0x29b1/0x39d0 [ 758.243535][ T8294] ? lockdep_hardirqs_on+0x94/0x140 [ 758.248784][ T8294] ? ieee80211_tasklet_handler+0x20/0x20 [ 758.254471][ T8294] ? rcu_is_watching+0x11/0xa0 [ 758.259268][ T8294] ? memset+0x1e/0x40 [ 758.263292][ T8294] ? hrtimer_init+0x10c/0x220 [ 758.268005][ T8294] mac80211_hwsim_new_radio+0x20d3/0x4080 [ 758.273787][ T8294] hwsim_new_radio_nl+0xa6f/0xc40 [ 758.278866][ T8294] genl_rcv_msg+0xbc6/0xf40 [ 758.283413][ T8294] ? genl_bind+0x370/0x370 [ 758.287865][ T8294] ? up_read+0x20/0x20 [ 758.291987][ T8294] ? vmacache_find+0x238/0x590 [ 758.296778][ T8294] ? verify_lock_unused+0x140/0x140 [ 758.302358][ T8294] ? verify_lock_unused+0x140/0x140 [ 758.307585][ T8294] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 758.313596][ T8294] ? lock_chain_count+0x20/0x20 [ 758.318589][ T8294] ? hwsim_tx_info_frame_received_nl+0x1010/0x1010 [ 758.325140][ T8294] netlink_rcv_skb+0x1e0/0x430 [ 758.330086][ T8294] ? genl_bind+0x370/0x370 [ 758.334543][ T8294] ? netlink_ack+0xb60/0xb60 [ 758.339167][ T8294] ? __lock_acquire+0x7c60/0x7c60 [ 758.344226][ T8294] ? preempt_count_add+0x8d/0x190 [ 758.349280][ T8294] ? down_read+0x1aa/0x2e0 [ 758.353726][ T8294] genl_rcv+0x24/0x40 [ 758.357742][ T8294] netlink_unicast+0x774/0x920 [ 758.362606][ T8294] netlink_sendmsg+0x8ab/0xbc0 [ 758.367415][ T8294] ? netlink_getsockopt+0x560/0x560 [ 758.372653][ T8294] ? aa_sock_msg_perm+0x94/0x150 [ 758.377624][ T8294] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 758.382939][ T8294] ? security_socket_sendmsg+0x7c/0xa0 [ 758.388432][ T8294] ? netlink_getsockopt+0x560/0x560 [ 758.393665][ T8294] ____sys_sendmsg+0x5a2/0x8c0 [ 758.398467][ T8294] ? memset+0x1e/0x40 [ 758.402577][ T8294] ? __sys_sendmsg_sock+0x30/0x30 [ 758.407647][ T8294] ? import_iovec+0x6f/0xa0 [ 758.412203][ T8294] ___sys_sendmsg+0x1f0/0x260 [ 758.416922][ T8294] ? __sys_sendmsg+0x250/0x250 [ 758.421753][ T8294] ? __fdget+0x18b/0x210 [ 758.426048][ T8294] __se_sys_sendmsg+0x190/0x250 [ 758.431024][ T8294] ? __x64_sys_sendmsg+0x80/0x80 [ 758.435998][ T8294] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 758.442033][ T8294] ? lockdep_hardirqs_on+0x94/0x140 [ 758.447276][ T8294] do_syscall_64+0x4c/0xa0 [ 758.452159][ T8294] ? clear_bhb_loop+0x30/0x80 [ 758.456862][ T8294] ? clear_bhb_loop+0x30/0x80 [ 758.461577][ T8294] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 758.467506][ T8294] RIP: 0033:0x7f705b141be9 [ 758.471961][ T8294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 758.491792][ T8294] RSP: 002b:00007f70593a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 758.500244][ T8294] RAX: ffffffffffffffda RBX: 00007f705b368fa0 RCX: 00007f705b141be9 [ 758.508259][ T8294] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 758.516268][ T8294] RBP: 00007f705b1c4e19 R08: 0000000000000000 R09: 0000000000000000 [ 758.524358][ T8294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 758.532362][ T8294] R13: 00007f705b369038 R14: 00007f705b368fa0 R15: 00007fffa9067518 [ 758.540479][ T8294] [ 758.770578][ T8297] netlink: 'syz.4.17575': attribute type 10 has an invalid length. [ 758.808430][ T8297] netlink: 210880 bytes leftover after parsing attributes in process `syz.4.17575'. [ 759.371370][ T8329] netlink: 'syz.2.17578': attribute type 1 has an invalid length. [ 759.418063][ T8334] netlink: 'syz.0.17580': attribute type 29 has an invalid length. [ 759.438623][ T8334] netlink: 'syz.0.17580': attribute type 29 has an invalid length. [ 759.468310][ T8335] netlink: 'syz.0.17580': attribute type 29 has an invalid length. [ 759.612542][ T8344] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.17583'. [ 759.645286][ T8344] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô' [ 759.690435][ T8344] CPU: 0 PID: 8344 Comm: syz.1.17583 Not tainted 5.15.189-syzkaller #0 [ 759.698746][ T8344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 759.708896][ T8344] Call Trace: [ 759.712298][ T8344] [ 759.715258][ T8344] dump_stack_lvl+0x168/0x230 [ 759.719985][ T8344] ? show_regs_print_info+0x20/0x20 [ 759.725276][ T8344] ? load_image+0x3b0/0x3b0 [ 759.729834][ T8344] sysfs_warn_dup+0x8a/0xa0 [ 759.734376][ T8344] sysfs_do_create_link_sd+0xc0/0x110 [ 759.739794][ T8344] device_add+0x7ed/0xfb0 [ 759.744194][ T8344] wiphy_register+0x1d67/0x2b20 [ 759.749088][ T8344] ? cfg80211_event_work+0x40/0x40 [ 759.754418][ T8344] ? minstrel_ht_alloc+0x808/0x980 [ 759.759556][ T8344] ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0 [ 759.765655][ T8344] ieee80211_register_hw+0x29b1/0x39d0 [ 759.771143][ T8344] ? lockdep_hardirqs_on+0x94/0x140 [ 759.776387][ T8344] ? ieee80211_tasklet_handler+0x20/0x20 [ 759.782138][ T8344] ? rcu_is_watching+0x11/0xa0 [ 759.786926][ T8344] ? memset+0x1e/0x40 [ 759.790943][ T8344] ? hrtimer_init+0x10c/0x220 [ 759.795650][ T8344] mac80211_hwsim_new_radio+0x20d3/0x4080 [ 759.801415][ T8344] hwsim_new_radio_nl+0xa6f/0xc40 [ 759.806622][ T8344] genl_rcv_msg+0xbc6/0xf40 [ 759.811166][ T8344] ? genl_bind+0x370/0x370 [ 759.815619][ T8344] ? up_read+0x20/0x20 [ 759.819746][ T8344] ? vmacache_find+0x238/0x590 [ 759.824539][ T8344] ? verify_lock_unused+0x140/0x140 [ 759.829767][ T8344] ? verify_lock_unused+0x140/0x140 [ 759.834984][ T8344] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 759.840995][ T8344] ? lock_chain_count+0x20/0x20 [ 759.845882][ T8344] ? hwsim_tx_info_frame_received_nl+0x1010/0x1010 [ 759.852861][ T8344] netlink_rcv_skb+0x1e0/0x430 [ 759.857659][ T8344] ? genl_bind+0x370/0x370 [ 759.862106][ T8344] ? netlink_ack+0xb60/0xb60 [ 759.866723][ T8344] ? __lock_acquire+0x7c60/0x7c60 [ 759.871886][ T8344] ? preempt_count_add+0x8d/0x190 [ 759.876948][ T8344] ? down_read+0x1aa/0x2e0 [ 759.881935][ T8344] genl_rcv+0x24/0x40 [ 759.885972][ T8344] netlink_unicast+0x774/0x920 [ 759.890779][ T8344] netlink_sendmsg+0x8ab/0xbc0 [ 759.895573][ T8344] ? netlink_getsockopt+0x560/0x560 [ 759.900804][ T8344] ? aa_sock_msg_perm+0x94/0x150 [ 759.905777][ T8344] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 759.911085][ T8344] ? security_socket_sendmsg+0x7c/0xa0 [ 759.916571][ T8344] ? netlink_getsockopt+0x560/0x560 [ 759.921804][ T8344] ____sys_sendmsg+0x5a2/0x8c0 [ 759.926600][ T8344] ? memset+0x1e/0x40 [ 759.930701][ T8344] ? __sys_sendmsg_sock+0x30/0x30 [ 759.935753][ T8344] ? import_iovec+0x6f/0xa0 [ 759.940279][ T8344] ___sys_sendmsg+0x1f0/0x260 [ 759.944987][ T8344] ? __sys_sendmsg+0x250/0x250 [ 759.949787][ T8344] ? sock_setsockopt+0x1502/0x2270 [ 759.954945][ T8344] ? __fdget+0x18b/0x210 [ 759.959216][ T8344] __se_sys_sendmsg+0x190/0x250 [ 759.964176][ T8344] ? __x64_sys_sendmsg+0x80/0x80 [ 759.969175][ T8344] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 759.975296][ T8344] ? lockdep_hardirqs_on+0x94/0x140 [ 759.980712][ T8344] do_syscall_64+0x4c/0xa0 [ 759.985154][ T8344] ? clear_bhb_loop+0x30/0x80 [ 759.989847][ T8344] ? clear_bhb_loop+0x30/0x80 [ 759.994555][ T8344] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 760.000478][ T8344] RIP: 0033:0x7f09fd462be9 [ 760.004916][ T8344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 760.024834][ T8344] RSP: 002b:00007f09fb6ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 760.033368][ T8344] RAX: ffffffffffffffda RBX: 00007f09fd689fa0 RCX: 00007f09fd462be9 [ 760.041369][ T8344] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 760.049465][ T8344] RBP: 00007f09fd4e5e19 R08: 0000000000000000 R09: 0000000000000000 [ 760.057465][ T8344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 760.065451][ T8344] R13: 00007f09fd68a038 R14: 00007f09fd689fa0 R15: 00007ffd5427e5f8 [ 760.073464][ T8344] [ 760.397008][ T8368] netlink: 'syz.2.17598': attribute type 29 has an invalid length. [ 760.408598][ T8368] netlink: 'syz.2.17598': attribute type 29 has an invalid length. [ 760.448029][ T8368] netlink: 'syz.2.17598': attribute type 29 has an invalid length. [ 760.504050][ T8370] netlink: 'syz.0.17597': attribute type 1 has an invalid length. [ 760.854974][ T8390] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.17606'. [ 760.882602][ T8390] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô' [ 760.930278][ T8390] CPU: 1 PID: 8390 Comm: syz.2.17606 Not tainted 5.15.189-syzkaller #0 [ 760.938739][ T8390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 760.948841][ T8390] Call Trace: [ 760.952150][ T8390] [ 760.955133][ T8390] dump_stack_lvl+0x168/0x230 [ 760.959946][ T8390] ? show_regs_print_info+0x20/0x20 [ 760.965179][ T8390] ? load_image+0x3b0/0x3b0 [ 760.969731][ T8390] sysfs_warn_dup+0x8a/0xa0 [ 760.974268][ T8390] sysfs_do_create_link_sd+0xc0/0x110 [ 760.979682][ T8390] device_add+0x7ed/0xfb0 [ 760.984058][ T8390] wiphy_register+0x1d67/0x2b20 [ 760.988961][ T8390] ? cfg80211_event_work+0x40/0x40 [ 760.994116][ T8390] ? minstrel_ht_alloc+0x808/0x980 [ 760.999260][ T8390] ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0 [ 761.005465][ T8390] ieee80211_register_hw+0x29b1/0x39d0 [ 761.010945][ T8390] ? lockdep_hardirqs_on+0x94/0x140 [ 761.016196][ T8390] ? ieee80211_tasklet_handler+0x20/0x20 [ 761.021874][ T8390] ? rcu_is_watching+0x11/0xa0 [ 761.026765][ T8390] ? memset+0x1e/0x40 [ 761.030783][ T8390] ? hrtimer_init+0x10c/0x220 [ 761.035678][ T8390] mac80211_hwsim_new_radio+0x20d3/0x4080 [ 761.041424][ T8390] hwsim_new_radio_nl+0xa6f/0xc40 [ 761.046470][ T8390] genl_rcv_msg+0xbc6/0xf40 [ 761.051080][ T8390] ? genl_bind+0x370/0x370 [ 761.055552][ T8390] ? verify_lock_unused+0x140/0x140 [ 761.060764][ T8390] ? __dev_queue_xmit+0x1bc5/0x2ed0 [ 761.065991][ T8390] ? dev_queue_xmit+0x20/0x20 [ 761.070669][ T8390] ? hwsim_tx_info_frame_received_nl+0x1010/0x1010 [ 761.077187][ T8390] netlink_rcv_skb+0x1e0/0x430 [ 761.081959][ T8390] ? genl_bind+0x370/0x370 [ 761.086386][ T8390] ? netlink_ack+0xb60/0xb60 [ 761.090990][ T8390] ? __lock_acquire+0x7c60/0x7c60 [ 761.096176][ T8390] ? preempt_count_add+0x8d/0x190 [ 761.101242][ T8390] ? down_read+0x1aa/0x2e0 [ 761.105673][ T8390] genl_rcv+0x24/0x40 [ 761.109676][ T8390] netlink_unicast+0x774/0x920 [ 761.114508][ T8390] netlink_sendmsg+0x8ab/0xbc0 [ 761.119297][ T8390] ? netlink_getsockopt+0x560/0x560 [ 761.124595][ T8390] ? aa_sock_msg_perm+0x94/0x150 [ 761.129543][ T8390] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 761.134831][ T8390] ? security_socket_sendmsg+0x7c/0xa0 [ 761.140299][ T8390] ? netlink_getsockopt+0x560/0x560 [ 761.145503][ T8390] ____sys_sendmsg+0x5a2/0x8c0 [ 761.150278][ T8390] ? memset+0x1e/0x40 [ 761.154269][ T8390] ? __sys_sendmsg_sock+0x30/0x30 [ 761.159395][ T8390] ? import_iovec+0x6f/0xa0 [ 761.163910][ T8390] ___sys_sendmsg+0x1f0/0x260 [ 761.168723][ T8390] ? __sys_sendmsg+0x250/0x250 [ 761.173519][ T8390] ? sock_setsockopt+0x1502/0x2270 [ 761.178675][ T8390] ? __fdget+0x18b/0x210 [ 761.182933][ T8390] __se_sys_sendmsg+0x190/0x250 [ 761.187795][ T8390] ? __x64_sys_sendmsg+0x80/0x80 [ 761.192740][ T8390] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 761.198742][ T8390] ? lockdep_hardirqs_on+0x94/0x140 [ 761.203964][ T8390] do_syscall_64+0x4c/0xa0 [ 761.208386][ T8390] ? clear_bhb_loop+0x30/0x80 [ 761.213064][ T8390] ? clear_bhb_loop+0x30/0x80 [ 761.217835][ T8390] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 761.223744][ T8390] RIP: 0033:0x7f789c2e0be9 [ 761.228172][ T8390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 761.247966][ T8390] RSP: 002b:00007f789a548038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 761.256408][ T8390] RAX: ffffffffffffffda RBX: 00007f789c507fa0 RCX: 00007f789c2e0be9 [ 761.264385][ T8390] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 761.272360][ T8390] RBP: 00007f789c363e19 R08: 0000000000000000 R09: 0000000000000000 [ 761.280331][ T8390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 761.288307][ T8390] R13: 00007f789c508038 R14: 00007f789c507fa0 R15: 00007ffdf0038788 [ 761.296296][ T8390] [ 761.507542][ T8406] netlink: 'syz.3.17613': attribute type 29 has an invalid length. [ 762.566584][ T8431] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.17626'. [ 762.620123][ T8431] netlink: 3064 bytes leftover after parsing attributes in process `syz.2.17626'. [ 763.276956][ T8471] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.17645'. [ 763.319722][ T8471] netlink: 3064 bytes leftover after parsing attributes in process `syz.3.17645'. [ 763.925730][ T8511] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.17664'. [ 763.962032][ T8511] netlink: 3064 bytes leftover after parsing attributes in process `syz.0.17664'. [ 764.130493][ T8523] validate_nla: 3 callbacks suppressed [ 764.130512][ T8523] netlink: 'syz.1.17671': attribute type 2 has an invalid length. [ 764.191263][ T8523] netlink: 164 bytes leftover after parsing attributes in process `syz.1.17671'. [ 764.219074][ T8528] netlink: 'syz.1.17671': attribute type 2 has an invalid length. [ 764.240268][ T8528] netlink: 164 bytes leftover after parsing attributes in process `syz.1.17671'. [ 768.317594][ T8650] netlink: 105120 bytes leftover after parsing attributes in process `syz.4.17729'. [ 769.281447][ T8712] netlink: set zone limit has 8 unknown bytes [ 769.532261][ T8731] netlink: 56 bytes leftover after parsing attributes in process `syz.3.17766'. [ 769.554294][ T8731] netlink: 56 bytes leftover after parsing attributes in process `syz.3.17766'. [ 769.579335][ T8733] netlink: 144316 bytes leftover after parsing attributes in process `syz.1.17767'. [ 769.589331][ T8734] netlink: 56 bytes leftover after parsing attributes in process `syz.3.17766'. [ 770.536139][ T8776] netlink: set zone limit has 8 unknown bytes [ 771.108894][ T8780] netlink: 105120 bytes leftover after parsing attributes in process `syz.1.17790'. [ 771.257515][ T8791] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.17795'. [ 772.076482][ T8815] netlink: set zone limit has 8 unknown bytes [ 773.095034][ T8829] netlink: 144316 bytes leftover after parsing attributes in process `syz.0.17822'. [ 773.224881][ T8839] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17819'. [ 773.872982][ T8868] netlink: 76 bytes leftover after parsing attributes in process `syz.3.17832'. [ 773.961238][ T8871] netlink: 'syz.4.17833': attribute type 3 has an invalid length. [ 774.040945][ T8871] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.17833'. [ 775.269117][ T8924] netlink: 'syz.0.17859': attribute type 3 has an invalid length. [ 775.279699][ T8924] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.17859'. [ 775.754355][ T8951] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 775.832889][ T8955] netlink: 'syz.3.17876': attribute type 3 has an invalid length. [ 775.849435][ T8955] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.17876'. [ 776.245287][ T8980] netlink: 14 bytes leftover after parsing attributes in process `syz.3.17898'. [ 776.373084][ T8984] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 776.889279][ T9012] netlink: 14 bytes leftover after parsing attributes in process `syz.1.17904'. [ 777.138623][ T9018] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 777.476776][ T9041] netlink: 14 bytes leftover after parsing attributes in process `syz.0.17917'. [ 778.061200][ T9060] netlink: 'syz.1.17926': attribute type 2 has an invalid length. [ 778.077226][ T9060] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.17926'. [ 779.064677][ T9097] netlink: 'syz.2.17942': attribute type 21 has an invalid length. [ 780.565492][ T9181] netlink: 'syz.2.17986': attribute type 3 has an invalid length. [ 780.593723][ T9181] netlink: 13435 bytes leftover after parsing attributes in process `syz.2.17986'. [ 780.683873][ T9194] netlink: 'syz.0.18001': attribute type 19 has an invalid length. [ 781.129626][ T9217] netlink: 'syz.2.18002': attribute type 46 has an invalid length. [ 781.273719][ T9228] netlink: 'syz.3.18008': attribute type 19 has an invalid length. [ 781.303570][ T9229] netlink: 'syz.4.18009': attribute type 33 has an invalid length. [ 781.323573][ T9229] netlink: 164 bytes leftover after parsing attributes in process `syz.4.18009'. [ 781.707215][ T9250] netlink: 'syz.1.18017': attribute type 46 has an invalid length. [ 781.881738][ T9255] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.18020'. [ 782.095214][ T9267] netlink: 'syz.4.18024': attribute type 19 has an invalid length. [ 782.138341][ T9270] netlink: 'syz.3.18026': attribute type 33 has an invalid length. [ 782.151593][ T9270] netlink: 164 bytes leftover after parsing attributes in process `syz.3.18026'. [ 782.525707][ T9280] netlink: 'syz.3.18030': attribute type 3 has an invalid length. [ 782.537567][ T9280] netlink: 13435 bytes leftover after parsing attributes in process `syz.3.18030'. [ 783.466987][ T9311] netlink: 212168 bytes leftover after parsing attributes in process `syz.3.18054'. [ 783.477731][ T9308] netlink: 13435 bytes leftover after parsing attributes in process `syz.0.18043'. [ 784.047711][ T9341] netlink: 13435 bytes leftover after parsing attributes in process `syz.1.18063'. [ 784.062946][ T9343] netlink: 16255 bytes leftover after parsing attributes in process `syz.0.18061'. [ 784.223691][ T9353] validate_nla: 7 callbacks suppressed [ 784.223709][ T9353] netlink: 'syz.0.18065': attribute type 21 has an invalid length. [ 784.246843][ T9356] netlink: 212168 bytes leftover after parsing attributes in process `syz.2.18066'. [ 784.411806][ T9359] netlink: 'syz.1.18069': attribute type 29 has an invalid length. [ 784.441893][ T9359] netlink: 'syz.1.18069': attribute type 29 has an invalid length. [ 784.462760][ T9363] netlink: 'syz.1.18069': attribute type 29 has an invalid length. [ 784.778899][ T9382] netlink: 'syz.0.18087': attribute type 21 has an invalid length. [ 785.821622][ T9396] __nla_validate_parse: 3 callbacks suppressed [ 785.821640][ T9396] netlink: 212168 bytes leftover after parsing attributes in process `syz.4.18081'. [ 786.938830][ T9406] netlink: 'syz.3.18090': attribute type 21 has an invalid length. [ 786.977866][ T9409] netlink: 16255 bytes leftover after parsing attributes in process `syz.4.18091'. [ 786.984552][ T9406] netlink: 156 bytes leftover after parsing attributes in process `syz.3.18090'. [ 786.999660][ T9406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18090'. [ 787.061370][ T9419] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.18093'. [ 787.169988][ T9422] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.18095'. [ 788.182976][ T9444] netlink: 'syz.2.18104': attribute type 3 has an invalid length. [ 788.266457][ T9448] netlink: 212168 bytes leftover after parsing attributes in process `syz.1.18103'. [ 788.432685][ T9454] netlink: 'syz.2.18107': attribute type 21 has an invalid length. [ 788.443195][ T9454] netlink: 156 bytes leftover after parsing attributes in process `syz.2.18107'. [ 788.463563][ T9454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18107'. [ 788.881047][ T9480] netlink: 14568 bytes leftover after parsing attributes in process `syz.0.18125'. [ 789.327067][ T9510] netlink: 'syz.4.18137': attribute type 3 has an invalid length. [ 789.695265][ T9537] netlink: 'syz.2.18147': attribute type 2 has an invalid length. [ 789.915280][ T9548] netlink: 'syz.0.18151': attribute type 3 has an invalid length. [ 791.115886][ T9627] __nla_validate_parse: 3 callbacks suppressed [ 791.115907][ T9627] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.18192'. [ 791.291795][ T9638] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.18196'. [ 791.771309][ T9677] netlink: 830 bytes leftover after parsing attributes in process `syz.1.18224'. [ 791.841648][ T9681] netlink: 'syz.3.18227': attribute type 2 has an invalid length. [ 791.867817][ T9681] netlink: 17267 bytes leftover after parsing attributes in process `syz.3.18227'. [ 792.226874][ T9713] netlink: 60 bytes leftover after parsing attributes in process `syz.4.18234'. [ 792.236416][ T9713] netlink: 60 bytes leftover after parsing attributes in process `syz.4.18234'. [ 792.247182][ T9713] netlink: 60 bytes leftover after parsing attributes in process `syz.4.18234'. [ 792.417152][ T9727] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.18241'. [ 795.809036][ T9764] netlink: 62967 bytes leftover after parsing attributes in process `syz.4.18257'. [ 796.189527][ T9781] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.18266'. [ 796.555196][ T9801] netlink: 62967 bytes leftover after parsing attributes in process `syz.2.18277'. [ 796.785609][ T9814] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.18283'. [ 796.988294][ T9832] netlink: 62967 bytes leftover after parsing attributes in process `syz.0.18292'. [ 797.589165][ T9863] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.18301'. [ 797.987417][ T9876] netlink: 'syz.0.18320': attribute type 9 has an invalid length. [ 798.040777][ T9876] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.18320'. [ 798.978186][ T9895] netlink: 'syz.0.18321': attribute type 1 has an invalid length. [ 798.998062][ T9895] netlink: 116376 bytes leftover after parsing attributes in process `syz.0.18321'. [ 799.068049][ T9898] netlink: 'syz.3.18323': attribute type 21 has an invalid length. [ 799.107055][ T9898] netlink: 128 bytes leftover after parsing attributes in process `syz.3.18323'. [ 799.139668][ T9898] netlink: 'syz.3.18323': attribute type 4 has an invalid length. [ 799.158439][ T9898] netlink: 'syz.3.18323': attribute type 5 has an invalid length. [ 799.180976][ T9898] netlink: 3 bytes leftover after parsing attributes in process `syz.3.18323'. [ 799.317647][ T9914] netlink: 14 bytes leftover after parsing attributes in process `syz.1.18337'. [ 800.709639][ T9965] syz.4.18354[9965] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 800.709745][ T9965] syz.4.18354[9965] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 801.170160][ T9993] netlink: 'syz.4.18368': attribute type 21 has an invalid length. [ 801.225797][ T9993] __nla_validate_parse: 3 callbacks suppressed [ 801.225814][ T9993] netlink: 14530 bytes leftover after parsing attributes in process `syz.4.18368'. [ 801.397499][T10008] netlink: 'syz.4.18377': attribute type 2 has an invalid length. [ 801.751885][T10036] netlink: 'syz.4.18389': attribute type 7 has an invalid length. [ 802.285032][T10081] netlink: 'syz.2.18411': attribute type 8 has an invalid length. [ 802.302730][T10081] netlink: 'syz.2.18411': attribute type 3 has an invalid length. [ 802.319756][T10081] netlink: 153952 bytes leftover after parsing attributes in process `syz.2.18411'. [ 803.015214][T10115] netlink: 'syz.3.18428': attribute type 2 has an invalid length. [ 803.024977][T10115] netlink: 132 bytes leftover after parsing attributes in process `syz.3.18428'. [ 807.218184][T10164] netlink: 'syz.1.18449': attribute type 1 has an invalid length. [ 807.238753][T10164] netlink: 116376 bytes leftover after parsing attributes in process `syz.1.18449'. [ 807.340225][T10175] netlink: 'syz.1.18453': attribute type 8 has an invalid length. [ 807.353882][T10175] netlink: 'syz.1.18453': attribute type 3 has an invalid length. [ 807.362087][T10175] netlink: 153952 bytes leftover after parsing attributes in process `syz.1.18453'. [ 807.378854][T10169] netlink: 14 bytes leftover after parsing attributes in process `syz.2.18448'. [ 807.398189][T10173] netlink: 'syz.4.18452': attribute type 21 has an invalid length. [ 807.410926][T10173] netlink: 128 bytes leftover after parsing attributes in process `syz.4.18452'. [ 807.441713][T10173] netlink: 'syz.4.18452': attribute type 4 has an invalid length. [ 807.456020][T10173] netlink: 'syz.4.18452': attribute type 5 has an invalid length. [ 807.489876][T10173] netlink: 3 bytes leftover after parsing attributes in process `syz.4.18452'. [ 807.596223][T10187] netlink: 'syz.3.18457': attribute type 7 has an invalid length. [ 807.732843][T10198] netlink: 'syz.4.18463': attribute type 1 has an invalid length. [ 807.744905][T10198] netlink: 116376 bytes leftover after parsing attributes in process `syz.4.18463'. [ 807.804823][T10202] netlink: 14 bytes leftover after parsing attributes in process `syz.3.18466'. [ 807.883482][T10204] netlink: 'syz.2.18475': attribute type 7 has an invalid length. [ 808.056202][T10214] netlink: 'syz.1.18471': attribute type 21 has an invalid length. [ 808.091147][T10214] netlink: 128 bytes leftover after parsing attributes in process `syz.1.18471'. [ 808.119801][T10214] netlink: 'syz.1.18471': attribute type 4 has an invalid length. [ 808.145896][T10214] netlink: 'syz.1.18471': attribute type 5 has an invalid length. [ 808.158762][T10214] netlink: 3 bytes leftover after parsing attributes in process `syz.1.18471'. [ 808.278936][T10236] netlink: 'syz.3.18480': attribute type 1 has an invalid length. [ 808.319946][T10236] netlink: 116376 bytes leftover after parsing attributes in process `syz.3.18480'. [ 808.346422][T10234] netlink: 'syz.0.18491': attribute type 21 has an invalid length. [ 808.410703][T10234] netlink: 'syz.0.18491': attribute type 4 has an invalid length. [ 808.435111][T10234] netlink: 'syz.0.18491': attribute type 5 has an invalid length. [ 808.486956][T10249] netlink: 'syz.3.18486': attribute type 8 has an invalid length. [ 808.495463][T10249] netlink: 'syz.3.18486': attribute type 3 has an invalid length. [ 808.529334][T10246] netlink: 'syz.2.18497': attribute type 1 has an invalid length. [ 808.595969][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.602347][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 813.331725][T10504] __nla_validate_parse: 14 callbacks suppressed [ 813.331745][T10504] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.18608'. [ 813.417267][T10509] validate_nla: 11 callbacks suppressed [ 813.417287][T10509] netlink: 'syz.0.18609': attribute type 21 has an invalid length. [ 813.497089][T10513] netlink: 'syz.1.18611': attribute type 3 has an invalid length. [ 813.523398][T10513] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.18611'. [ 813.873623][T10529] netlink: 'syz.0.18627': attribute type 1 has an invalid length. [ 813.913378][T10529] netlink: 154788 bytes leftover after parsing attributes in process `syz.0.18627'. [ 814.535823][T10563] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.18633'. [ 814.592415][T10567] netlink: 'syz.3.18635': attribute type 4 has an invalid length. [ 814.612504][T10567] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.18635'. [ 815.018861][T10599] netlink: 'syz.1.18652': attribute type 4 has an invalid length. [ 815.041193][T10599] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.18652'. [ 817.463711][T10749] netlink: 'syz.4.18726': attribute type 21 has an invalid length. [ 818.365338][T10802] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.18753'. [ 818.510448][T10809] netlink: 209592 bytes leftover after parsing attributes in process `syz.4.18755'. [ 818.566437][T10811] netlink: 'syz.4.18756': attribute type 29 has an invalid length. [ 818.621089][T10811] netlink: 'syz.4.18756': attribute type 29 has an invalid length. [ 818.644610][T10812] netlink: 'syz.4.18756': attribute type 29 has an invalid length. [ 818.954741][T10834] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.18766'. [ 819.058424][T10841] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.18780'. [ 819.773451][T10865] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.18783'. [ 819.863548][T10869] netlink: 'syz.1.18784': attribute type 25 has an invalid length. [ 819.916167][T10873] netlink: 209592 bytes leftover after parsing attributes in process `syz.2.18785'. [ 819.937903][T10869] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.18784'. [ 821.439430][T10923] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.18808'. [ 821.611683][T10935] netlink: 'syz.0.18816': attribute type 12 has an invalid length. [ 821.639577][T10935] netlink: 172 bytes leftover after parsing attributes in process `syz.0.18816'. [ 821.937207][T10957] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.18827'. [ 822.293412][T10971] netlink: 'syz.2.18833': attribute type 12 has an invalid length. [ 823.871698][T11050] netlink: 'syz.4.18872': attribute type 9 has an invalid length. [ 823.881905][T11050] __nla_validate_parse: 3 callbacks suppressed [ 823.881930][T11050] netlink: 126588 bytes leftover after parsing attributes in process `syz.4.18872'. [ 824.163519][T11066] netlink: 192436 bytes leftover after parsing attributes in process `syz.0.18881'. [ 824.221039][T11066] openvswitch: netlink: Duplicate key (type 0). [ 824.512032][T11084] netlink: 209592 bytes leftover after parsing attributes in process `syz.1.18890'. [ 824.861122][T11108] netlink: 830 bytes leftover after parsing attributes in process `syz.1.18900'. [ 824.946578][T11115] netlink: 209592 bytes leftover after parsing attributes in process `syz.2.18905'. [ 825.088082][T11121] netlink: 192436 bytes leftover after parsing attributes in process `syz.2.18908'. [ 825.140241][T11121] openvswitch: netlink: Duplicate key (type 0). [ 825.433168][T11147] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.18919'. [ 825.549186][T11155] netlink: 16054 bytes leftover after parsing attributes in process `syz.1.18923'. [ 825.823749][T11168] netlink: 830 bytes leftover after parsing attributes in process `syz.0.18929'. [ 826.055208][T11183] netlink: 16054 bytes leftover after parsing attributes in process `syz.3.18936'. [ 827.237210][T11271] netlink: 'syz.0.18979': attribute type 21 has an invalid length. [ 828.172087][T11349] netlink: 'syz.2.19016': attribute type 21 has an invalid length. [ 829.007869][T11422] netlink: 'syz.4.19052': attribute type 21 has an invalid length. [ 829.336842][T11445] __nla_validate_parse: 12 callbacks suppressed [ 829.336859][T11445] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.19066'. [ 829.360327][T11449] netlink: 11562 bytes leftover after parsing attributes in process `syz.3.19068'. [ 829.751430][T11482] netlink: 11562 bytes leftover after parsing attributes in process `syz.0.19083'. [ 830.195530][T11520] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.19099'. [ 831.384166][T11620] netlink: 129384 bytes leftover after parsing attributes in process `syz.4.19150'. [ 831.783946][T11650] netlink: 129384 bytes leftover after parsing attributes in process `syz.3.19165'. [ 832.234459][T11690] netlink: 129384 bytes leftover after parsing attributes in process `syz.1.19182'. [ 832.928446][T11753] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.19214'. [ 832.961341][T11755] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.19216'. [ 833.383258][T11790] netlink: 60 bytes leftover after parsing attributes in process `syz.2.19225'. [ 833.431882][T11793] netlink: 'syz.1.19230': attribute type 3 has an invalid length. [ 833.460823][T11793] netlink: 'syz.1.19230': attribute type 1 has an invalid length. [ 834.480440][T11873] __nla_validate_parse: 5 callbacks suppressed [ 834.480456][T11873] netlink: 60 bytes leftover after parsing attributes in process `syz.4.19268'. [ 834.524877][T11873] netlink: 60 bytes leftover after parsing attributes in process `syz.4.19268'. [ 834.545100][T11866] netlink: 60 bytes leftover after parsing attributes in process `syz.4.19268'. [ 835.006129][T11913] netlink: 60 bytes leftover after parsing attributes in process `syz.1.19289'. [ 835.048734][T11913] netlink: 60 bytes leftover after parsing attributes in process `syz.1.19289'. [ 835.073655][T11907] netlink: 60 bytes leftover after parsing attributes in process `syz.1.19289'. [ 835.432474][T11947] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.19309'. [ 835.458399][T11946] netlink: 'syz.4.19308': attribute type 3 has an invalid length. [ 835.503388][T11946] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.19308'. [ 835.938586][T11984] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.19326'. [ 836.212902][T12003] netlink: 'syz.3.19336': attribute type 12 has an invalid length. [ 836.241411][T12003] netlink: 'syz.3.19336': attribute type 11 has an invalid length. [ 836.254558][T12003] netlink: 178840 bytes leftover after parsing attributes in process `syz.3.19336'. [ 837.527552][T12101] netlink: 'syz.1.19382': attribute type 3 has an invalid length. [ 838.526049][T12185] netlink: 'syz.4.19426': attribute type 3 has an invalid length. [ 838.566513][T12185] netlink: 'syz.4.19426': attribute type 1 has an invalid length. [ 839.251015][T12239] netlink: 'syz.2.19451': attribute type 1 has an invalid length. [ 839.380726][T12250] netlink: 'syz.0.19456': attribute type 3 has an invalid length. [ 839.389179][T12250] netlink: 'syz.0.19456': attribute type 1 has an invalid length. [ 839.677869][T12266] netlink: 'syz.1.19466': attribute type 1 has an invalid length. [ 839.686487][T12266] __nla_validate_parse: 18 callbacks suppressed [ 839.686504][T12266] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.19466'. [ 839.721707][T12272] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.19467'. [ 839.907715][T12286] netlink: 209588 bytes leftover after parsing attributes in process `syz.0.19473'. [ 840.105053][T12295] netlink: 'syz.2.19478': attribute type 10 has an invalid length. [ 840.199218][T12307] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.19483'. [ 840.270895][T12310] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.19485'. [ 840.504257][T12326] validate_nla: 1 callbacks suppressed [ 840.504276][T12326] netlink: 'syz.1.19502': attribute type 10 has an invalid length. [ 840.822869][T12347] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.19500'. [ 841.903804][T12443] netlink: 'syz.1.19546': attribute type 10 has an invalid length. [ 841.922119][T12443] netlink: 55 bytes leftover after parsing attributes in process `syz.1.19546'. [ 842.077659][T12457] netlink: 'syz.2.19553': attribute type 2 has an invalid length. [ 842.105263][T12457] netlink: 17267 bytes leftover after parsing attributes in process `syz.2.19553'. [ 842.194369][T12463] nr0: tun_chr_ioctl cmd 1074812118 [ 843.083668][T12507] netlink: 'syz.3.19586': attribute type 4 has an invalid length. [ 843.866220][T12560] netlink: 64859 bytes leftover after parsing attributes in process `syz.1.19603'. [ 844.356922][T12586] nr0: tun_chr_ioctl cmd 1074812118 [ 844.594253][T12589] netlink: 'syz.2.19617': attribute type 21 has an invalid length. [ 844.607857][T12589] netlink: 132 bytes leftover after parsing attributes in process `syz.2.19617'. [ 845.027230][T12620] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.19631'. [ 845.763035][T12624] netlink: 'syz.3.19632': attribute type 10 has an invalid length. [ 845.775417][T12624] netlink: 55 bytes leftover after parsing attributes in process `syz.3.19632'. [ 845.905000][T12637] tap0: tun_chr_ioctl cmd 1074025694 [ 846.022031][T12650] netlink: 60 bytes leftover after parsing attributes in process `syz.3.19642'. [ 846.038473][T12650] netlink: 60 bytes leftover after parsing attributes in process `syz.3.19642'. [ 846.059629][T12653] netlink: 'syz.0.19645': attribute type 21 has an invalid length. [ 846.071139][T12653] netlink: 132 bytes leftover after parsing attributes in process `syz.0.19645'. [ 846.100112][T12646] netlink: 60 bytes leftover after parsing attributes in process `syz.3.19642'. [ 846.111581][T12650] netlink: 60 bytes leftover after parsing attributes in process `syz.3.19642'. [ 846.459332][T12681] tap0: tun_chr_ioctl cmd 1074025694 [ 846.983246][T12719] tap0: tun_chr_ioctl cmd 1074025694 [ 847.603581][T12751] netlink: 'syz.1.19700': attribute type 21 has an invalid length. [ 847.615603][T12751] netlink: 156 bytes leftover after parsing attributes in process `syz.1.19700'. [ 847.880697][T12761] netlink: 64535 bytes leftover after parsing attributes in process `syz.2.19704'. [ 848.259733][T12786] netlink: 64535 bytes leftover after parsing attributes in process `syz.4.19708'. [ 849.143511][ T9] tipc: Subscription rejected, illegal request [ 849.331768][T12840] tap0: tun_chr_ioctl cmd 1074025677 [ 849.354712][T12840] tap0: linktype set to 774 [ 849.666228][ T4355] tipc: Subscription rejected, illegal request [ 849.964401][T12877] tap0: tun_chr_ioctl cmd 1074025677 [ 849.969979][T12877] tap0: linktype set to 774 [ 850.122072][ T4355] tipc: Subscription rejected, illegal request [ 850.196742][T12896] netlink: 'syz.4.19759': attribute type 2 has an invalid length. [ 850.214925][T12896] __nla_validate_parse: 1 callbacks suppressed [ 850.214945][T12896] netlink: 132 bytes leftover after parsing attributes in process `syz.4.19759'. [ 850.328965][T12904] IPv6: Can't replace route, no match found [ 850.695849][T12920] tap0: tun_chr_ioctl cmd 1074025677 [ 850.717231][T12920] tap0: linktype set to 774 [ 850.802844][T12928] netlink: 'syz.3.19773': attribute type 2 has an invalid length. [ 850.817737][T12928] netlink: 132 bytes leftover after parsing attributes in process `syz.3.19773'. [ 850.860914][T12934] IPv6: Can't replace route, no match found [ 851.538562][T12971] netlink: 'syz.1.19793': attribute type 9 has an invalid length. [ 851.552306][T12971] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.19793'. [ 852.546677][T13030] netlink: 'syz.4.19820': attribute type 4 has an invalid length. [ 852.596628][T13034] netlink: 'syz.4.19822': attribute type 9 has an invalid length. [ 852.607280][T13034] netlink: 126588 bytes leftover after parsing attributes in process `syz.4.19822'. [ 852.676478][T13040] netlink: 'syz.4.19825': attribute type 27 has an invalid length. [ 852.693434][T13040] netlink: 2418 bytes leftover after parsing attributes in process `syz.4.19825'. [ 852.898778][T13058] netlink: 1010 bytes leftover after parsing attributes in process `syz.0.19843'. [ 852.914983][T13058] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 853.061760][T13072] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.19837'. [ 853.092178][T13072] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.19837'. [ 853.103910][T13066] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.19837'. [ 853.527044][T13103] netlink: 'syz.1.19857': attribute type 4 has an invalid length. [ 853.882160][T13129] netlink: 1010 bytes leftover after parsing attributes in process `syz.1.19866'. [ 853.957752][T13132] tun0: tun_chr_ioctl cmd 2147767507 [ 853.993483][T13136] netlink: 'syz.1.19870': attribute type 13 has an invalid length. [ 854.621251][T13179] netlink: 'syz.3.19900': attribute type 13 has an invalid length. [ 855.055755][T13211] netlink: 'syz.4.19904': attribute type 3 has an invalid length. [ 855.876300][T13264] netlink: 'syz.3.19930': attribute type 46 has an invalid length. [ 855.970503][T13274] __nla_validate_parse: 3 callbacks suppressed [ 855.970521][T13274] netlink: 209592 bytes leftover after parsing attributes in process `syz.3.19935'. [ 855.998768][T13275] netlink: 'syz.0.19936': attribute type 3 has an invalid length. [ 856.043819][T13275] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.19936'. [ 856.188377][T13291] netlink: 'syz.1.19943': attribute type 6 has an invalid length. [ 856.203386][T13291] netlink: 140 bytes leftover after parsing attributes in process `syz.1.19943'. [ 856.516732][T13311] netlink: 'syz.3.19952': attribute type 3 has an invalid length. [ 856.569279][T13311] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.19952'. [ 856.734389][T13329] netlink: 28 bytes leftover after parsing attributes in process `syz.4.19959'. [ 856.767845][T13329] netlink: 28 bytes leftover after parsing attributes in process `syz.4.19959'. [ 856.788230][T13330] netlink: 'syz.2.19961': attribute type 6 has an invalid length. [ 856.796950][T13330] netlink: 140 bytes leftover after parsing attributes in process `syz.2.19961'. [ 856.821297][T13325] netlink: 28 bytes leftover after parsing attributes in process `syz.4.19959'. [ 856.863477][T13333] netlink: 28 bytes leftover after parsing attributes in process `syz.4.19959'. [ 857.007451][T13336] netlink: 132 bytes leftover after parsing attributes in process `syz.1.19964'. [ 857.019775][T13338] netlink: 'syz.1.19964': attribute type 12 has an invalid length. [ 858.106022][T13361] netlink: 'syz.2.19974': attribute type 46 has an invalid length. [ 858.302636][T13372] netlink: 'syz.4.19977': attribute type 6 has an invalid length. [ 860.112439][T13439] Â: renamed from pim6reg1 [ 860.761258][T13489] Â: renamed from pim6reg1 [ 861.848012][T13513] __nla_validate_parse: 10 callbacks suppressed [ 861.848030][T13513] netlink: 40 bytes leftover after parsing attributes in process `syz.0.20043'. [ 861.893966][T13513] netlink: 3 bytes leftover after parsing attributes in process `syz.0.20043'. [ 861.930546][T13517] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.20045'. [ 862.187612][T13537] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.20067'. [ 862.210142][T13539] Â: renamed from pim6reg1 [ 863.383931][T13550] netlink: 'syz.4.20064': attribute type 10 has an invalid length. [ 863.391991][T13550] netlink: 65015 bytes leftover after parsing attributes in process `syz.4.20064'. [ 863.467439][T13551] netlink: 40 bytes leftover after parsing attributes in process `syz.1.20063'. [ 863.503667][T13551] netlink: 3 bytes leftover after parsing attributes in process `syz.1.20063'. [ 863.661653][T13565] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.20071'. [ 864.225722][T13590] netlink: 65019 bytes leftover after parsing attributes in process `syz.3.20085'. [ 864.626926][T13602] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.20090'. [ 865.566213][T13632] netlink: 'syz.2.20104': attribute type 10 has an invalid length. [ 866.871686][T13699] __nla_validate_parse: 2 callbacks suppressed [ 866.871727][T13699] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.20145'. [ 867.686155][T13731] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.20158'. [ 867.898966][T13740] netlink: 188 bytes leftover after parsing attributes in process `syz.0.20151'. [ 868.104359][T13757] netlink: 15999 bytes leftover after parsing attributes in process `syz.3.20160'. [ 868.176910][T13763] netlink: 'syz.4.20162': attribute type 21 has an invalid length. [ 868.223374][T13763] netlink: 8 bytes leftover after parsing attributes in process `syz.4.20162'. [ 868.251408][T13767] netlink: 9286 bytes leftover after parsing attributes in process `syz.2.20166'. [ 868.307171][T13771] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.20177'. [ 868.341802][T13771] netlink: zone id is out of range [ 868.360714][T13771] netlink: get zone limit has 8 unknown bytes [ 868.813929][T13782] netlink: 188 bytes leftover after parsing attributes in process `syz.4.20171'. [ 869.050442][T13795] netlink: 15999 bytes leftover after parsing attributes in process `syz.4.20178'. [ 869.397662][T13817] netlink: 188 bytes leftover after parsing attributes in process `syz.2.20187'. [ 870.045645][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.052088][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.371705][T13861] can: request_module (can-proto-0) failed. [ 871.214127][T13891] netlink: zone id is out of range [ 871.220050][T13891] netlink: zone id is out of range [ 871.225469][T13891] netlink: zone id is out of range [ 871.230741][T13891] netlink: zone id is out of range [ 871.245388][T13891] netlink: zone id is out of range [ 871.255258][T13891] netlink: zone id is out of range [ 871.265012][T13891] netlink: zone id is out of range [ 871.293485][T13891] netlink: zone id is out of range [ 872.404975][T13939] tap0: tun_chr_ioctl cmd 2147767519 [ 873.124221][T13981] netlink: 'syz.4.20260': attribute type 3 has an invalid length. [ 873.132118][T13981] __nla_validate_parse: 4 callbacks suppressed [ 873.132133][T13981] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.20260'. [ 873.160876][T13983] netlink: 144 bytes leftover after parsing attributes in process `syz.0.20262'. [ 873.192461][T13987] pim6reg0: tun_chr_ioctl cmd 1074025680 [ 873.272880][T13991] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.20265'. [ 873.791621][T14022] netlink: 'syz.1.20280': attribute type 10 has an invalid length. [ 873.815002][T14022] netlink: 65015 bytes leftover after parsing attributes in process `syz.1.20280'. [ 874.058690][T14036] netlink: 'syz.3.20286': attribute type 21 has an invalid length. [ 874.078096][T14036] netlink: 168 bytes leftover after parsing attributes in process `syz.3.20286'. [ 874.613604][T14070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20299'. [ 875.187154][T14070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20299'. [ 875.219075][T14063] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20299'. [ 875.254329][T14084] tun0: tun_chr_ioctl cmd 1074025677 [ 875.259839][T14084] tun0: linktype set to 768 [ 875.268224][T14071] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20299'. [ 875.506804][T14094] pim6reg: tun_chr_ioctl cmd 1074025677 [ 875.512792][T14094] pim6reg: linktype set to 778 [ 875.965163][T14110] tap0: tun_chr_ioctl cmd 1074025677 [ 875.970817][T14110] tap0: linktype set to 6 [ 877.168090][T14171] netlink: 'syz.0.20349': attribute type 3 has an invalid length. [ 877.183787][T14171] netlink: 'syz.0.20349': attribute type 1 has an invalid length. [ 877.191809][T14171] netlink: 5886 bytes leftover after parsing attributes in process `syz.0.20349'. [ 878.369418][T14228] __nla_validate_parse: 1 callbacks suppressed [ 878.369435][T14228] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.20377'. [ 879.135339][T14261] netlink: 'syz.1.20391': attribute type 16 has an invalid length. [ 879.171789][T14261] netlink: 48 bytes leftover after parsing attributes in process `syz.1.20391'. [ 879.637126][T14284] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.20402'. [ 880.088121][T14305] tap0: tun_chr_ioctl cmd 1074025677 [ 880.120623][T14305] tap0: linktype set to 773 [ 880.336879][T14318] netlink: 'syz.4.20419': attribute type 21 has an invalid length. [ 880.345456][T14318] netlink: 128 bytes leftover after parsing attributes in process `syz.4.20419'. [ 880.355161][T14318] netlink: 'syz.4.20419': attribute type 4 has an invalid length. [ 880.363697][T14318] netlink: 'syz.4.20419': attribute type 5 has an invalid length. [ 880.385518][T14318] netlink: 3 bytes leftover after parsing attributes in process `syz.4.20419'. [ 880.417245][T14316] netlink: 'syz.1.20418': attribute type 9 has an invalid length. [ 880.438341][T14316] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.20418'. [ 881.372752][T14354] netlink: 188 bytes leftover after parsing attributes in process `syz.4.20437'. [ 881.689548][T14367] netlink: 48 bytes leftover after parsing attributes in process `syz.2.20442'. [ 882.266531][ T4189] cgroup: fork rejected by pids controller in /syz3 [ 882.883055][T14409] tap0: tun_chr_ioctl cmd 35108 [ 882.977056][T14414] netlink: 64023 bytes leftover after parsing attributes in process `syz.4.20466'. [ 883.167992][T14423] netlink: 'syz.4.20471': attribute type 10 has an invalid length. [ 883.192059][T14423] netlink: 'syz.4.20471': attribute type 19 has an invalid length. [ 883.222234][T14423] netlink: 14536 bytes leftover after parsing attributes in process `syz.4.20471'. [ 883.418149][T14435] netlink: 'syz.0.20473': attribute type 10 has an invalid length. [ 883.444797][T14435] netlink: 'syz.0.20473': attribute type 19 has an invalid length. [ 883.482040][T14435] netlink: 156 bytes leftover after parsing attributes in process `syz.0.20473'. [ 883.536287][T14443] netlink: 204732 bytes leftover after parsing attributes in process `syz.1.20478'. [ 883.935170][T14468] netlink: 'syz.0.20489': attribute type 21 has an invalid length. [ 883.968736][T14468] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.20489'. [ 883.996104][T14426] chnl_net:caif_netlink_parms(): no params data found [ 884.016770][T14474] netlink: 132 bytes leftover after parsing attributes in process `syz.2.20492'. [ 884.261492][T14426] bridge0: port 1(bridge_slave_0) entered blocking state [ 884.270405][T14426] bridge0: port 1(bridge_slave_0) entered disabled state [ 884.280281][T14426] device bridge_slave_0 entered promiscuous mode [ 884.289706][T14426] bridge0: port 2(bridge_slave_1) entered blocking state [ 884.298538][T14426] bridge0: port 2(bridge_slave_1) entered disabled state [ 884.308748][T14426] device bridge_slave_1 entered promiscuous mode [ 884.400157][T18895] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 884.435532][T14426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 884.463238][T14426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 884.513099][T18895] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 884.616171][T14426] team0: Port device team_slave_0 added [ 884.646391][T14426] team0: Port device team_slave_1 added [ 884.711650][T18895] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 884.731765][T14426] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 884.740193][T14426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 884.811431][T14426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 884.925986][T18895] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 884.973717][T14515] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.20509'. [ 884.992178][T14426] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 885.008076][T14515] ksmbd: Daemon and kernel module version mismatch. ksmbd: 36, kernel module: 1. User-space ksmbd should terminate. [ 885.013483][T14426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 885.063751][T14426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 885.167221][T14525] netlink: 60 bytes leftover after parsing attributes in process `syz.2.20514'. [ 885.259775][T14527] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.20515'. [ 885.313749][T10694] Bluetooth: hci2: command 0x0409 tx timeout [ 885.538094][T14426] device hsr_slave_0 entered promiscuous mode [ 885.559422][T14426] device hsr_slave_1 entered promiscuous mode [ 885.607205][T14426] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 885.619995][T14426] Cannot create hsr debugfs directory [ 885.642175][T14536] netlink: 152 bytes leftover after parsing attributes in process `syz.0.20521'. [ 885.661832][T14536] tc_dump_action: action bad kind [ 885.707212][T14539] validate_nla: 3 callbacks suppressed [ 885.707230][T14539] netlink: 'syz.1.20520': attribute type 10 has an invalid length. [ 885.741695][T14539] netlink: 65015 bytes leftover after parsing attributes in process `syz.1.20520'. [ 886.067495][T14558] netlink: 15999 bytes leftover after parsing attributes in process `syz.1.20529'. [ 886.977895][T14426] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 887.009053][T14426] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 887.036182][T14426] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 887.101654][T14426] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 887.403706][ T7482] Bluetooth: hci2: command 0x041b tx timeout [ 887.533561][T14426] 8021q: adding VLAN 0 to HW filter on device bond0 [ 887.599168][T14426] 8021q: adding VLAN 0 to HW filter on device team0 [ 887.628880][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 887.641632][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 887.723631][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 887.760055][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 887.791494][ T4221] bridge0: port 1(bridge_slave_0) entered blocking state [ 887.798681][ T4221] bridge0: port 1(bridge_slave_0) entered forwarding state [ 887.843769][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 887.870932][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 887.904161][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 887.933117][ T4221] bridge0: port 2(bridge_slave_1) entered blocking state [ 887.940276][ T4221] bridge0: port 2(bridge_slave_1) entered forwarding state [ 888.057093][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 888.160718][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 888.218258][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 888.232271][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 888.267447][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 888.294289][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 888.322256][T14426] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 888.363314][T14426] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 888.401553][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 888.421050][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 888.478108][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 888.504350][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 888.534054][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 888.574037][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 889.108245][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 889.118059][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 889.160185][T14426] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 889.280961][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 889.307632][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 889.367129][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 889.385347][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 889.437776][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 889.457646][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 889.473725][ T7482] Bluetooth: hci2: command 0x040f tx timeout [ 889.515540][T14426] device veth0_vlan entered promiscuous mode [ 889.555256][T14426] device veth1_vlan entered promiscuous mode [ 889.683537][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 889.693097][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 889.725989][T14426] device veth0_macvtap entered promiscuous mode [ 889.816704][T18895] device veth1_macvtap left promiscuous mode [ 889.837154][T18895] device veth0_macvtap left promiscuous mode [ 890.476690][T14426] device veth1_macvtap entered promiscuous mode [ 890.531407][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 890.568356][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 890.615605][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 890.664943][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 890.706728][T14426] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 890.733910][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 890.768529][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 890.809706][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 890.843305][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 890.853170][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 890.923330][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 890.963502][T14426] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 890.972488][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 890.984250][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 891.020632][T14426] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 891.046781][T14426] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 891.092766][T14426] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 891.124122][T14426] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 891.404188][ T4221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 891.412231][ T4221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 891.463892][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 891.558097][T18885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 891.567095][ T2302] Bluetooth: hci2: command 0x0419 tx timeout [ 891.582105][T18885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 891.645845][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 894.142521][T14683] __nla_validate_parse: 1 callbacks suppressed [ 894.142537][T14683] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.20575'. [ 894.163314][T14683] net_ratelimit: 48 callbacks suppressed [ 894.165471][T14683] netlink: zone id is out of range [ 894.178840][T14683] netlink: get zone limit has 8 unknown bytes [ 894.992288][T14694] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 895.008424][T14694] syzkaller0: linktype set to 270 [ 895.202384][T14708] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.20585'. [ 895.450883][T14717] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.20591'. [ 895.563593][T14717] netlink: zone id is out of range [ 895.588304][T14717] netlink: get zone limit has 8 unknown bytes [ 896.838164][T14789] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20625'. [ 896.903451][T14789] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20625'. [ 896.983647][T14788] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20625'. [ 897.031366][T14792] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20625'. [ 897.189214][T14805] tap0: tun_chr_ioctl cmd 1074025672 [ 897.201933][T14805] tap0: ignored: set checksum disabled [ 898.338993][T14830] syzkaller0: tun_chr_ioctl cmd 35111 [ 898.395015][T14833] tun0: tun_chr_ioctl cmd 1074025677 [ 898.400477][T14833] tun0: linktype set to 805 [ 898.654467][T14853] netlink: 'syz.1.20651': attribute type 29 has an invalid length. [ 898.702043][T14853] netlink: 'syz.1.20651': attribute type 29 has an invalid length. [ 898.731559][T14850] netlink: 'syz.1.20651': attribute type 29 has an invalid length. [ 898.742956][T14859] netlink: 'syz.1.20651': attribute type 29 has an invalid length. [ 898.755830][T14856] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.20655'. [ 898.775580][T14861] netlink: 60 bytes leftover after parsing attributes in process `syz.2.20657'. [ 898.928104][T14866] netlink: 'syz.1.20659': attribute type 29 has an invalid length. [ 898.972554][T14866] netlink: 'syz.1.20659': attribute type 29 has an invalid length. [ 899.017609][T14869] netlink: 'syz.1.20659': attribute type 29 has an invalid length. [ 899.033649][T14866] netlink: 'syz.1.20659': attribute type 29 has an invalid length. [ 899.697384][T14926] netlink: 'syz.1.20687': attribute type 33 has an invalid length. [ 899.723371][T14926] netlink: 152 bytes leftover after parsing attributes in process `syz.1.20687'. [ 899.767012][T14930] netlink: 11562 bytes leftover after parsing attributes in process `syz.4.20688'. [ 900.126186][T14952] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.20701'. [ 900.865432][T14990] syzkaller1: tun_chr_ioctl cmd 1074025688 [ 901.156197][T15002] netlink: 164 bytes leftover after parsing attributes in process `syz.0.20724'. [ 901.718212][T15022] netlink: 'syz.4.20734': attribute type 2 has an invalid length. [ 901.769772][T15022] netlink: 164 bytes leftover after parsing attributes in process `syz.4.20734'. [ 902.808085][T15064] netlink: 132 bytes leftover after parsing attributes in process `syz.4.20754'. [ 902.829663][T15068] netlink: 56 bytes leftover after parsing attributes in process `syz.1.20756'. [ 902.918749][T15068] netlink: 56 bytes leftover after parsing attributes in process `syz.1.20756'. [ 902.957835][T15073] netlink: 56 bytes leftover after parsing attributes in process `syz.1.20756'. [ 902.988660][T15080] netlink: 56 bytes leftover after parsing attributes in process `syz.1.20756'. [ 904.759062][T15159] __nla_validate_parse: 1 callbacks suppressed [ 904.759081][T15159] netlink: 144 bytes leftover after parsing attributes in process `syz.3.20797'. [ 907.569520][T15172] validate_nla: 3 callbacks suppressed [ 907.569538][T15172] netlink: 'syz.3.20800': attribute type 13 has an invalid length. [ 907.623420][T15172] netlink: 152 bytes leftover after parsing attributes in process `syz.3.20800'. [ 907.667809][T15172] erspan0: refused to change device tx_queue_len [ 907.685766][T15172] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 908.120757][T15176] tun0: tun_chr_ioctl cmd 1074025677 [ 908.132029][T15176] tun0: linktype set to 804 [ 908.530505][T15198] netlink: 14548 bytes leftover after parsing attributes in process `syz.0.20814'. [ 908.975460][T15212] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.20821'. [ 909.014359][T15212] netlink: del zone limit has 8 unknown bytes [ 909.652745][T15256] netlink: 16255 bytes leftover after parsing attributes in process `syz.0.20841'. [ 909.693056][T15259] netlink: 'syz.3.20844': attribute type 9 has an invalid length. [ 909.708234][T15259] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.20844'. [ 910.038661][T15289] netlink: 44 bytes leftover after parsing attributes in process `syz.0.20858'. [ 910.163099][T15297] netlink: 'syz.0.20862': attribute type 49 has an invalid length. [ 910.183414][T15297] netlink: 'syz.0.20862': attribute type 49 has an invalid length. [ 910.216835][T15302] netlink: 'syz.4.20865': attribute type 1 has an invalid length. [ 910.262167][T15302] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.20865'. [ 910.487622][T15321] netlink: 'syz.3.20872': attribute type 2 has an invalid length. [ 910.506556][T15321] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.20872'. [ 910.919402][T15353] netlink: 16222 bytes leftover after parsing attributes in process `syz.1.20890'. [ 911.110716][T15364] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.20894'. [ 911.170285][T15366] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.20895'. [ 911.593192][T15385] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.20904'. [ 911.639040][T15385] netlink: zone id is out of range [ 911.651178][T15385] netlink: zone id is out of range [ 911.670996][T15385] netlink: zone id is out of range [ 911.689508][T15385] netlink: zone id is out of range [ 911.757203][T15385] netlink: zone id is out of range [ 911.793342][T15385] netlink: zone id is out of range [ 911.802632][T15385] netlink: zone id is out of range [ 911.819413][T15385] netlink: zone id is out of range [ 912.686506][T15439] netlink: 'syz.0.20930': attribute type 16 has an invalid length. [ 912.708423][T15439] netlink: 48 bytes leftover after parsing attributes in process `syz.0.20930'. [ 912.826315][T15449] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.20934'. [ 912.970296][T15457] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.20937'. [ 913.034807][T15457] net_ratelimit: 263 callbacks suppressed [ 913.034825][T15457] netlink: zone id is out of range [ 913.078920][T15457] netlink: zone id is out of range [ 913.099169][T15457] netlink: zone id is out of range [ 913.123895][T15457] netlink: zone id is out of range [ 913.143436][T15457] netlink: zone id is out of range [ 913.159373][T15457] netlink: zone id is out of range [ 913.173881][T15457] netlink: zone id is out of range [ 913.186076][T15457] netlink: zone id is out of range [ 913.212034][T15457] netlink: zone id is out of range [ 913.222194][T15457] netlink: zone id is out of range [ 913.571840][T15496] netlink: 'syz.4.20958': attribute type 1 has an invalid length. [ 914.001838][T15505] delete_channel: no stack [ 914.298892][T15517] tap0: tun_chr_ioctl cmd 1074025677 [ 914.321394][T15517] tap0: linktype set to 780 [ 917.080906][T15535] __nla_validate_parse: 2 callbacks suppressed [ 917.081074][T15535] netlink: 14568 bytes leftover after parsing attributes in process `syz.2.20974'. [ 917.106136][T15537] netlink: 16054 bytes leftover after parsing attributes in process `syz.4.20976'. [ 917.526260][T15561] netlink: 'syz.3.20988': attribute type 21 has an invalid length. [ 917.549431][T15561] netlink: 'syz.3.20988': attribute type 1 has an invalid length. [ 917.580588][T15561] netlink: 144 bytes leftover after parsing attributes in process `syz.3.20988'. [ 917.633084][T15569] netlink: 56 bytes leftover after parsing attributes in process `syz.4.20992'. [ 917.739699][T15580] netlink: 'syz.4.20996': attribute type 3 has an invalid length. [ 917.766069][T15580] netlink: 13435 bytes leftover after parsing attributes in process `syz.4.20996'. [ 917.978442][T15598] netlink: 'syz.4.21005': attribute type 4 has an invalid length. [ 918.003619][T15598] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.21005'. [ 918.053928][T15600] Â: renamed from pim6reg1 [ 918.130966][T15607] netlink: 'syz.4.21009': attribute type 2 has an invalid length. [ 918.143556][T15607] netlink: 132 bytes leftover after parsing attributes in process `syz.4.21009'. [ 918.819791][T15652] netlink: 'syz.3.21031': attribute type 4 has an invalid length. [ 918.844664][T15652] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.21031'. [ 919.003014][T15665] netlink: 148 bytes leftover after parsing attributes in process `syz.0.21038'. [ 919.269047][T15683] netlink: 11562 bytes leftover after parsing attributes in process `syz.4.21046'. [ 920.167819][T15745] tap0: tun_chr_ioctl cmd 1074025673 [ 920.187798][T15747] netlink: 'syz.2.21076': attribute type 10 has an invalid length. [ 920.674704][T15791] tun0: tun_chr_ioctl cmd 1074025677 [ 920.690021][T15791] tun0: linktype set to 0 [ 922.055095][T15877] delete_channel: no stack [ 922.193977][T15887] syzkaller0: tun_chr_ioctl cmd 21531 [ 922.511042][T15916] device team_slave_0 entered promiscuous mode [ 922.532925][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 923.255677][T15970] __nla_validate_parse: 15 callbacks suppressed [ 923.255696][T15970] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.21180'. [ 923.388440][T15980] netlink: 'syz.2.21186': attribute type 10 has an invalid length. [ 923.415802][T15980] netlink: 65015 bytes leftover after parsing attributes in process `syz.2.21186'. [ 923.456279][T15982] netlink: 'syz.1.21187': attribute type 2 has an invalid length. [ 923.469972][T15982] netlink: 132 bytes leftover after parsing attributes in process `syz.1.21187'. [ 923.534084][T15989] netlink: 28 bytes leftover after parsing attributes in process `syz.0.21188'. [ 923.563337][T15989] netlink: 28 bytes leftover after parsing attributes in process `syz.0.21188'. [ 923.605290][T15985] netlink: 28 bytes leftover after parsing attributes in process `syz.0.21188'. [ 923.634632][T15992] netlink: 28 bytes leftover after parsing attributes in process `syz.0.21188'. [ 923.672298][T15994] netlink: 'syz.2.21192': attribute type 3 has an invalid length. [ 923.693356][T15994] netlink: 152 bytes leftover after parsing attributes in process `syz.2.21192'. [ 923.873910][T16004] tun1: tun_chr_ioctl cmd 1074025677 [ 923.885397][T16004] tun1: linktype set to 825 [ 924.486977][T16029] netlink: 'syz.2.21209': attribute type 3 has an invalid length. [ 924.495621][T16029] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.21209'. [ 925.842422][T16081] netlink: 178584 bytes leftover after parsing attributes in process `syz.4.21235'. [ 925.897666][T16081] net_ratelimit: 53 callbacks suppressed [ 925.897681][T16081] netlink: zone id is out of range [ 925.943347][T16081] netlink: zone id is out of range [ 925.948528][T16081] netlink: zone id is out of range [ 925.995483][T16081] netlink: zone id is out of range [ 926.093439][T16081] netlink: zone id is out of range [ 926.098690][T16081] netlink: zone id is out of range [ 926.126848][T16081] netlink: zone id is out of range [ 926.169188][T16081] netlink: zone id is out of range [ 926.190372][T16081] netlink: zone id is out of range [ 926.208881][T16081] netlink: zone id is out of range [ 926.834781][T16133] tap0: tun_chr_ioctl cmd 2147767519 [ 927.636280][T16177] netlink: 'syz.3.21278': attribute type 3 has an invalid length. [ 927.755487][T16179] pim6reg0: tun_chr_ioctl cmd 1074025680 [ 928.122706][T16208] netlink: 'syz.4.21295': attribute type 10 has an invalid length. [ 928.280254][T16216] netlink: 'syz.2.21301': attribute type 21 has an invalid length. [ 928.316785][T16216] __nla_validate_parse: 6 callbacks suppressed [ 928.316802][T16216] netlink: 168 bytes leftover after parsing attributes in process `syz.2.21301'. [ 929.211195][T16268] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21322'. [ 929.240567][T16268] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21322'. [ 929.269881][T16267] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21322'. [ 929.289302][T16268] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21322'. [ 929.325792][T16270] tun0: tun_chr_ioctl cmd 1074025677 [ 929.361911][T16270] tun0: linktype set to 768 [ 929.506318][T16279] pim6reg: tun_chr_ioctl cmd 1074025677 [ 929.512172][T16279] pim6reg: linktype set to 778 [ 929.842831][T16293] tap0: tun_chr_ioctl cmd 1074025677 [ 929.853641][T16293] tap0: linktype set to 6 [ 931.200201][T16357] netlink: 'syz.2.21367': attribute type 3 has an invalid length. [ 931.212726][T16357] netlink: 'syz.2.21367': attribute type 1 has an invalid length. [ 931.222153][T16357] netlink: 5886 bytes leftover after parsing attributes in process `syz.2.21367'. [ 931.327549][T16362] netlink: 199824 bytes leftover after parsing attributes in process `syz.4.21370'. [ 931.485576][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.491953][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 931.501553][T16375] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 932.102194][T16408] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.21391'. [ 933.395717][T16467] tap0: tun_chr_ioctl cmd 1074025677 [ 933.408116][T16467] tap0: linktype set to 773 [ 933.802438][T16496] netlink: 'syz.3.21431': attribute type 21 has an invalid length. [ 933.818167][T16496] netlink: 128 bytes leftover after parsing attributes in process `syz.3.21431'. [ 933.859170][T16496] netlink: 'syz.3.21431': attribute type 4 has an invalid length. [ 933.869781][T16496] netlink: 'syz.3.21431': attribute type 5 has an invalid length. [ 933.916772][T16496] netlink: 3 bytes leftover after parsing attributes in process `syz.3.21431'. [ 933.982201][T16502] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.21433'. [ 934.444656][T16505] netlink: 'syz.3.21435': attribute type 9 has an invalid length. [ 934.452801][T16505] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.21435'. [ 934.916804][T16539] netlink: 188 bytes leftover after parsing attributes in process `syz.3.21453'. [ 935.028746][T16545] netlink: 48 bytes leftover after parsing attributes in process `syz.4.21455'. [ 935.225057][T16554] tap0: tun_chr_ioctl cmd 2147767519 [ 935.388485][ T4183] cgroup: fork rejected by pids controller in /syz0 [ 936.283764][T16597] tap0: tun_chr_ioctl cmd 35108 [ 936.478426][T16607] netlink: 64023 bytes leftover after parsing attributes in process `syz.1.21483'. [ 936.575170][T16610] netlink: 'syz.3.21487': attribute type 10 has an invalid length. [ 936.597055][T16610] netlink: 'syz.3.21487': attribute type 19 has an invalid length. [ 936.618538][T16610] netlink: 14536 bytes leftover after parsing attributes in process `syz.3.21487'. [ 936.796929][T16618] netlink: 'syz.4.21491': attribute type 10 has an invalid length. [ 936.817903][T16624] netlink: 204732 bytes leftover after parsing attributes in process `syz.2.21493'. [ 936.834077][T16618] netlink: 'syz.4.21491': attribute type 19 has an invalid length. [ 936.845063][T16618] netlink: 156 bytes leftover after parsing attributes in process `syz.4.21491'. [ 937.108602][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 937.260227][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 937.287948][T16647] netlink: 'syz.2.21505': attribute type 21 has an invalid length. [ 937.300042][T16647] netlink: 'syz.2.21505': attribute type 1 has an invalid length. [ 937.323898][T16649] netlink: 'syz.4.21507': attribute type 2 has an invalid length. [ 937.332262][T16651] netlink: 'syz.2.21505': attribute type 21 has an invalid length. [ 937.353638][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 937.481789][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 937.522726][T16623] chnl_net:caif_netlink_parms(): no params data found [ 937.832353][T16623] bridge0: port 1(bridge_slave_0) entered blocking state [ 937.871941][T16623] bridge0: port 1(bridge_slave_0) entered disabled state [ 937.904491][T16623] device bridge_slave_0 entered promiscuous mode [ 937.915062][T16623] bridge0: port 2(bridge_slave_1) entered blocking state [ 937.922313][T16623] bridge0: port 2(bridge_slave_1) entered disabled state [ 937.930674][T16623] device bridge_slave_1 entered promiscuous mode [ 938.088862][T16677] tap0: tun_chr_ioctl cmd 2147767519 [ 938.119129][T16623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 938.187228][T16623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 938.435959][T16701] ksmbd: Daemon and kernel module version mismatch. ksmbd: 36, kernel module: 1. User-space ksmbd should terminate. [ 938.590791][T16623] team0: Port device team_slave_0 added [ 938.665308][T16623] team0: Port device team_slave_1 added [ 938.828562][T16623] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 938.847334][T16623] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 938.895715][T16623] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 938.910861][T16623] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 938.918436][T10694] Bluetooth: hci1: command 0x0409 tx timeout [ 938.924940][T16623] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 938.962445][T16623] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 939.070339][T16721] __nla_validate_parse: 5 callbacks suppressed [ 939.070357][T16721] netlink: 152 bytes leftover after parsing attributes in process `syz.4.21535'. [ 939.102823][T16721] tc_dump_action: action bad kind [ 939.176534][T16623] device hsr_slave_0 entered promiscuous mode [ 939.198316][T16623] device hsr_slave_1 entered promiscuous mode [ 939.206801][T16623] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 939.241979][T16623] Cannot create hsr debugfs directory [ 939.254440][T16725] netlink: 'syz.3.21538': attribute type 10 has an invalid length. [ 939.262523][T16725] netlink: 65015 bytes leftover after parsing attributes in process `syz.3.21538'. [ 939.450084][T16744] netlink: 15999 bytes leftover after parsing attributes in process `syz.2.21545'. [ 940.068188][T16782] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.21565'. [ 940.124980][T16623] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 940.180351][T16623] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 940.230602][T16623] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 940.261795][T16623] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 940.549416][T16814] netlink: 9275 bytes leftover after parsing attributes in process `syz.4.21589'. [ 940.618781][T16623] 8021q: adding VLAN 0 to HW filter on device bond0 [ 940.669074][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 940.689473][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 940.737431][T16623] 8021q: adding VLAN 0 to HW filter on device team0 [ 940.758044][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 940.798466][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 940.810779][T18895] bridge0: port 1(bridge_slave_0) entered blocking state [ 940.817950][T18895] bridge0: port 1(bridge_slave_0) entered forwarding state [ 940.862307][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 940.932592][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 940.958927][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 940.989263][T18895] bridge0: port 2(bridge_slave_1) entered blocking state [ 940.997446][T18895] bridge0: port 2(bridge_slave_1) entered forwarding state [ 941.003449][ T7482] Bluetooth: hci1: command 0x041b tx timeout [ 941.019205][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 941.099995][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 941.128875][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 941.178676][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 941.212028][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 941.257035][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 941.306309][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 941.375941][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 941.400185][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 941.464667][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 941.485894][T18895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 941.523226][T16623] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 942.023716][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 942.031238][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 942.109633][T16623] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 942.365703][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 942.383683][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 942.549919][T16844] netlink: 144 bytes leftover after parsing attributes in process `syz.4.21586'. [ 942.596510][T16848] netlink: 'syz.2.21587': attribute type 3 has an invalid length. [ 942.627609][T16848] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.21587'. [ 942.727684][T16623] device veth0_vlan entered promiscuous mode [ 942.738309][T16846] pim6reg0: tun_chr_ioctl cmd 1074025680 [ 942.745022][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 942.768025][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 942.811886][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 942.830383][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 942.845010][T16855] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.21591'. [ 943.017584][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 943.027150][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 943.036148][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 943.044685][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 943.083942][ T7482] Bluetooth: hci1: command 0x040f tx timeout [ 943.159843][ T9] team0 (unregistering): Port device geneve1 removed [ 943.199846][ T9] team0 (unregistering): Port device team_slave_1 removed [ 943.331756][T16623] device veth1_vlan entered promiscuous mode [ 943.405467][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 943.415442][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 943.425067][T16865] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 943.431223][T16865] syzkaller0: linktype set to 270 [ 943.439194][T16623] device veth0_macvtap entered promiscuous mode [ 943.466226][T16623] device veth1_macvtap entered promiscuous mode [ 943.497547][T16623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 943.510299][T16623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.538298][T16623] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 943.556119][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 943.578522][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 943.587228][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 943.597656][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 943.617934][T16623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 943.629463][T16623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.640722][T16623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 943.672196][T16623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.702283][T16623] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 943.710540][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 943.720922][T16249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 943.741790][T16623] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 943.761897][T16623] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 943.788884][T16623] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 943.818469][T16623] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 944.012011][T16888] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.21609'. [ 944.077043][T16249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 944.096977][T16249] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 944.162481][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 944.190909][ T4355] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 944.231380][ T4355] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 944.268452][T18885] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 945.154139][T16678] Bluetooth: hci1: command 0x0419 tx timeout [ 946.876231][T17001] syzkaller0: tun_chr_ioctl cmd 35111 [ 947.474855][T17009] tun0: tun_chr_ioctl cmd 1074025677 [ 947.494211][T17009] tun0: linktype set to 805 [ 947.660224][T17022] netlink: 64859 bytes leftover after parsing attributes in process `syz.1.21671'. [ 947.700305][T17027] netlink: 60 bytes leftover after parsing attributes in process `syz.3.21673'. [ 947.713209][T17028] netlink: 'syz.4.21670': attribute type 29 has an invalid length. [ 947.747265][T17028] netlink: 'syz.4.21670': attribute type 29 has an invalid length. [ 947.759562][T17023] netlink: 'syz.4.21670': attribute type 29 has an invalid length. [ 947.773721][T17028] netlink: 'syz.4.21670': attribute type 29 has an invalid length. [ 948.848963][T17093] netlink: 'syz.2.21703': attribute type 33 has an invalid length. [ 948.879021][T17093] netlink: 152 bytes leftover after parsing attributes in process `syz.2.21703'. [ 948.928708][T17095] netlink: 11562 bytes leftover after parsing attributes in process `syz.1.21705'. [ 949.397715][T17130] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.21718'. [ 950.463755][T17159] syzkaller1: tun_chr_ioctl cmd 1074025688 [ 950.541880][T17163] netlink: 164 bytes leftover after parsing attributes in process `syz.2.21739'. [ 950.954321][T17183] netlink: 'syz.1.21748': attribute type 2 has an invalid length. [ 950.994642][T17183] netlink: 164 bytes leftover after parsing attributes in process `syz.1.21748'. [ 951.015330][T17186] netlink: 144 bytes leftover after parsing attributes in process `syz.2.21747'. [ 952.114069][T17229] netlink: 'syz.2.21769': attribute type 21 has an invalid length. [ 952.152606][T17229] netlink: 'syz.2.21769': attribute type 4 has an invalid length. [ 952.201240][T17229] netlink: 132 bytes leftover after parsing attributes in process `syz.2.21769'. [ 952.327466][T17240] netlink: 56 bytes leftover after parsing attributes in process `syz.3.21777'. [ 953.029257][T17267] netlink: 'syz.2.21785': attribute type 28 has an invalid length. [ 953.554735][T17282] __nla_validate_parse: 3 callbacks suppressed [ 953.554754][T17282] netlink: 4 bytes leftover after parsing attributes in process `syz.1.21796'. [ 953.791767][T17291] netlink: 144 bytes leftover after parsing attributes in process `syz.4.21809'. [ 956.127431][T17328] netlink: 144 bytes leftover after parsing attributes in process `syz.3.21815'. [ 958.491195][T17332] tun1: tun_chr_ioctl cmd 1074025677 [ 958.510179][T17332] tun1: linktype set to 804 [ 958.516550][T17336] netlink: 'syz.1.21817': attribute type 3 has an invalid length. [ 958.536132][T17336] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.21817'. [ 958.773668][T17352] netlink: 14548 bytes leftover after parsing attributes in process `syz.3.21826'. [ 959.266267][T17369] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.21834'. [ 959.308121][T17369] net_ratelimit: 158 callbacks suppressed [ 959.308140][T17369] netlink: del zone limit has 8 unknown bytes [ 959.357128][T17371] netlink: 144 bytes leftover after parsing attributes in process `syz.1.21836'. [ 960.729662][T17410] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.21855'. [ 960.921724][T17420] netlink: 'syz.4.21859': attribute type 9 has an invalid length. [ 960.931887][T17420] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.21859'. [ 961.288349][T17361] ODEBUG: Out of memory. ODEBUG disabled [ 961.289341][T17361] [ 961.289346][T17361] ====================================================== [ 961.289351][T17361] WARNING: possible circular locking dependency detected [ 961.289366][T17361] 5.15.189-syzkaller #0 Not tainted [ 961.289373][T17361] ------------------------------------------------------ [ 961.289377][T17361] syz.3.21829/17361 is trying to acquire lock: [ 961.289384][T17361] ffffffff8c110da0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x2c/0x60 [ 961.289420][T17361] [ 961.289420][T17361] but task is already holding lock: [ 961.289423][T17361] ffff8880249d55b8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xc50 [ 961.289452][T17361] [ 961.289452][T17361] which lock already depends on the new lock. [ 961.289452][T17361] [ 961.289456][T17361] [ 961.289456][T17361] the existing dependency chain (in reverse order) is: [ 961.289459][T17361] [ 961.289459][T17361] -> #5 (&trie->lock){....}-{2:2}: [ 961.289475][T17361] _raw_spin_lock_irqsave+0xa4/0xf0 [ 961.289492][T17361] trie_delete_elem+0x90/0x710 [ 961.289504][T17361] 0xffffffffa002cbf9 [ 961.289513][T17361] bpf_trace_run2+0x15b/0x2d0 [ 961.289527][T17361] trace_tlb_flush+0xe6/0x110 [ 961.289539][T17361] switch_mm_irqs_off+0x6e3/0x9a0 [ 961.289550][T17361] __schedule+0x1021/0x43b0 [ 961.289563][T17361] preempt_schedule_common+0x82/0xd0 [ 961.289576][T17361] preempt_schedule+0xa7/0xb0 [ 961.289588][T17361] preempt_schedule_thunk+0x16/0x18 [ 961.289602][T17361] try_to_wake_up+0x701/0x1050 [ 961.289616][T17361] wake_up_q+0x78/0xc0 [ 961.289628][T17361] futex_wake+0x49f/0x530 [ 961.289641][T17361] do_futex+0xcde/0x1240 [ 961.289653][T17361] __se_sys_futex+0x3a3/0x430 [ 961.289665][T17361] do_syscall_64+0x4c/0xa0 [ 961.289680][T17361] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 961.289696][T17361] [ 961.289696][T17361] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 961.289712][T17361] _raw_spin_lock_nested+0x2e/0x40 [ 961.289727][T17361] raw_spin_rq_lock_nested+0x26/0x140 [ 961.289740][T17361] task_fork_fair+0x5c/0x350 [ 961.289751][T17361] sched_cgroup_fork+0x2c6/0x320 [ 961.289765][T17361] copy_process+0x22d1/0x3e00 [ 961.289783][T17361] kernel_clone+0x219/0x930 [ 961.289795][T17361] kernel_thread+0xc8/0x120 [ 961.289806][T17361] rest_init+0x21/0x330 [ 961.289818][T17361] start_kernel+0x486/0x530 [ 961.289832][T17361] secondary_startup_64_no_verify+0xb1/0xbb [ 961.289846][T17361] [ 961.289846][T17361] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 961.289862][T17361] _raw_spin_lock_irqsave+0xa4/0xf0 [ 961.289876][T17361] try_to_wake_up+0x5c/0x1050 [ 961.289889][T17361] __wake_up_common+0x2a4/0x4e0 [ 961.289903][T17361] __wake_up+0x108/0x180 [ 961.289916][T17361] tty_port_default_wakeup+0xa5/0xf0 [ 961.289930][T17361] serial8250_tx_chars+0x629/0x830 [ 961.289944][T17361] serial8250_handle_irq+0x519/0x610 [ 961.289957][T17361] serial8250_default_handle_irq+0xb4/0x1a0 [ 961.289972][T17361] serial8250_interrupt+0x9b/0x1c0 [ 961.289985][T17361] __handle_irq_event_percpu+0x291/0x9b0 [ 961.289998][T17361] handle_irq_event+0xa5/0x220 [ 961.290011][T17361] handle_edge_irq+0x243/0xb20 [ 961.290024][T17361] __common_interrupt+0xd7/0x1e0 [ 961.290037][T17361] common_interrupt+0x59/0xd0 [ 961.290048][T17361] asm_common_interrupt+0x22/0x40 [ 961.290059][T17361] handle_softirqs+0x1a9/0x820 [ 961.290071][T17361] __irq_exit_rcu+0x12f/0x220 [ 961.290082][T17361] irq_exit_rcu+0x5/0x20 [ 961.290092][T17361] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 961.290105][T17361] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 961.290118][T17361] finish_lock_switch+0x134/0x280 [ 961.290131][T17361] finish_task_switch+0x12f/0x640 [ 961.290144][T17361] __schedule+0x11c0/0x43b0 [ 961.290156][T17361] schedule+0x11b/0x1e0 [ 961.290168][T17361] schedule_timeout+0x97/0x280 [ 961.290181][T17361] __skb_wait_for_more_packets+0x39a/0x580 [ 961.290196][T17361] __unix_dgram_recvmsg+0x284/0xd50 [ 961.290209][T17361] sock_read_iter+0x2a2/0x340 [ 961.290222][T17361] vfs_read+0x725/0xcf0 [ 961.290233][T17361] ksys_read+0x14d/0x250 [ 961.290243][T17361] do_syscall_64+0x4c/0xa0 [ 961.290257][T17361] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 961.290273][T17361] [ 961.290273][T17361] -> #2 (&tty->write_wait){-.-.}-{2:2}: [ 961.290289][T17361] _raw_spin_lock_irqsave+0xa4/0xf0 [ 961.290303][T17361] __wake_up+0xed/0x180 [ 961.290315][T17361] tty_port_default_wakeup+0xa5/0xf0 [ 961.290327][T17361] serial8250_tx_chars+0x629/0x830 [ 961.290341][T17361] serial8250_handle_irq+0x519/0x610 [ 961.290354][T17361] serial8250_default_handle_irq+0xb4/0x1a0 [ 961.290368][T17361] serial8250_interrupt+0x9b/0x1c0 [ 961.290381][T17361] __handle_irq_event_percpu+0x291/0x9b0 [ 961.290394][T17361] handle_irq_event+0xa5/0x220 [ 961.290406][T17361] handle_edge_irq+0x243/0xb20 [ 961.290419][T17361] __common_interrupt+0xd7/0x1e0 [ 961.290431][T17361] common_interrupt+0xb0/0xd0 [ 961.290442][T17361] asm_common_interrupt+0x22/0x40 [ 961.290453][T17361] _raw_spin_unlock_irqrestore+0xa5/0x100 [ 961.290468][T17361] uart_write+0x62f/0x880 [ 961.290479][T17361] n_tty_write+0xd21/0x1210 [ 961.290494][T17361] file_tty_write+0x557/0x910 [ 961.290507][T17361] vfs_write+0x712/0xd00 [ 961.290517][T17361] ksys_write+0x14d/0x250 [ 961.290528][T17361] do_syscall_64+0x4c/0xa0 [ 961.290542][T17361] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 961.290557][T17361] [ 961.290557][T17361] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 961.290573][T17361] _raw_spin_lock_irqsave+0xa4/0xf0 [ 961.290587][T17361] serial8250_console_write+0x170/0xf80 [ 961.290602][T17361] console_unlock+0xc86/0x1200 [ 961.290616][T17361] vprintk_emit+0xc0/0x150 [ 961.290630][T17361] _printk+0xcc/0x110 [ 961.290642][T17361] register_console+0x682/0x960 [ 961.290653][T17361] univ8250_console_init+0x41/0x50 [ 961.290667][T17361] console_init+0x177/0x5d0 [ 961.290679][T17361] start_kernel+0x2f9/0x530 [ 961.290690][T17361] secondary_startup_64_no_verify+0xb1/0xbb [ 961.290704][T17361] [ 961.290704][T17361] -> #0 (console_owner){-.-.}-{0:0}: [ 961.290720][T17361] __lock_acquire+0x2c33/0x7c60 [ 961.290734][T17361] lock_acquire+0x197/0x3f0 [ 961.290747][T17361] console_lock_spinning_enable+0x51/0x60 [ 961.290759][T17361] console_unlock+0x9f8/0x1200 [ 961.290822][T17361] vprintk_emit+0xc0/0x150 [ 961.290836][T17361] _printk+0xcc/0x110 [ 961.290847][T17361] debug_objects_oom+0x89/0x2f0 [ 961.290861][T17361] debug_object_activate+0x409/0x480 [ 961.290877][T17361] kvfree_call_rcu+0xb5/0x7c0 [ 961.290888][T17361] trie_update_elem+0x86e/0xc50 [ 961.290900][T17361] bpf_map_update_value+0x57d/0x650 [ 961.290914][T17361] generic_map_update_batch+0x525/0x7c0 [ 961.290927][T17361] bpf_map_do_batch+0x466/0x600 [ 961.290940][T17361] __sys_bpf+0x601/0x670 [ 961.290952][T17361] __x64_sys_bpf+0x78/0x90 [ 961.290964][T17361] do_syscall_64+0x4c/0xa0 [ 961.290978][T17361] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 961.290993][T17361] [ 961.290993][T17361] other info that might help us debug this: [ 961.290993][T17361] [ 961.290997][T17361] Chain exists of: [ 961.290997][T17361] console_owner --> &rq->__lock --> &trie->lock [ 961.290997][T17361] [ 961.291015][T17361] Possible unsafe locking scenario: [ 961.291015][T17361] [ 961.291018][T17361] CPU0 CPU1 [ 961.291021][T17361] ---- ---- [ 961.291024][T17361] lock(&trie->lock); [ 961.291031][T17361] lock(&rq->__lock); [ 961.291039][T17361] lock(&trie->lock); [ 961.291047][T17361] lock(console_owner); [ 961.291054][T17361] [ 961.291054][T17361] *** DEADLOCK *** [ 961.291054][T17361] [ 961.291056][T17361] 3 locks held by syz.3.21829/17361: [ 961.291064][T17361] #0: ffffffff8c11c360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 961.291094][T17361] #1: ffff8880249d55b8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xc50 [ 961.291124][T17361] #2: ffffffff8c110e80 (console_lock){+.+.}-{0:0}, at: vprintk_emit+0xa7/0x150 [ 961.291155][T17361] [ 961.291155][T17361] stack backtrace: [ 961.291159][T17361] CPU: 0 PID: 17361 Comm: syz.3.21829 Not tainted 5.15.189-syzkaller #0 [ 961.291172][T17361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 961.291181][T17361] Call Trace: [ 961.291185][T17361] [ 961.291190][T17361] dump_stack_lvl+0x168/0x230 [ 961.291206][T17361] ? load_image+0x3b0/0x3b0 [ 961.291220][T17361] ? show_regs_print_info+0x20/0x20 [ 961.291238][T17361] ? print_circular_bug+0x12b/0x1a0 [ 961.291251][T17361] check_noncircular+0x274/0x310 [ 961.291265][T17361] ? add_chain_block+0x940/0x940 [ 961.291276][T17361] ? lockdep_lock+0xdc/0x1e0 [ 961.291292][T17361] ? lockdep_unlock+0x134/0x2d0 [ 961.291306][T17361] ? lockdep_lock+0x1e0/0x1e0 [ 961.291321][T17361] ? mark_lock+0x94/0x320 [ 961.291336][T17361] __lock_acquire+0x2c33/0x7c60 [ 961.291351][T17361] ? put_dec_trunc8+0x1fd/0x340 [ 961.291376][T17361] ? verify_lock_unused+0x140/0x140 [ 961.291396][T17361] ? sprintf+0xd6/0x120 [ 961.291413][T17361] lock_acquire+0x197/0x3f0 [ 961.291427][T17361] ? console_lock_spinning_enable+0x2c/0x60 [ 961.291441][T17361] ? prb_read_valid+0x60/0x60 [ 961.291455][T17361] ? read_lock_is_recursive+0x10/0x10 [ 961.291470][T17361] ? do_raw_spin_lock+0x11d/0x280 [ 961.291484][T17361] ? __rwlock_init+0x140/0x140 [ 961.291498][T17361] ? do_raw_spin_unlock+0x11d/0x230 [ 961.291512][T17361] console_lock_spinning_enable+0x51/0x60 [ 961.291525][T17361] ? console_lock_spinning_enable+0x2c/0x60 [ 961.291537][T17361] console_unlock+0x9f8/0x1200 [ 961.291555][T17361] ? console_trylock_spinning+0x350/0x350 [ 961.291573][T17361] ? __down_trylock_console_sem+0x184/0x1e0 [ 961.291586][T17361] ? vprintk_emit+0xa7/0x150 [ 961.291601][T17361] ? printk_parse_prefix+0x330/0x330 [ 961.291616][T17361] ? vprintk_emit+0xa7/0x150 [ 961.291631][T17361] ? console_trylock+0x70/0x70 [ 961.291648][T17361] ? vprintk_emit+0x150/0x150 [ 961.291663][T17361] ? 0xffffffffa002a000 [ 961.291674][T17361] ? __kernel_text_address+0x9a/0x100 [ 961.291690][T17361] ? unwind_get_return_address+0x49/0x80 [ 961.291707][T17361] vprintk_emit+0xc0/0x150 [ 961.291723][T17361] _printk+0xcc/0x110 [ 961.291739][T17361] ? load_image+0x3b0/0x3b0 [ 961.291753][T17361] ? __lock_acquire+0x7c60/0x7c60 [ 961.291768][T17361] ? do_raw_spin_lock+0x11d/0x280 [ 961.291787][T17361] debug_objects_oom+0x89/0x2f0 [ 961.291801][T17361] ? do_raw_spin_unlock+0x11d/0x230 [ 961.291816][T17361] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 961.291831][T17361] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 961.291850][T17361] debug_object_activate+0x409/0x480 [ 961.291868][T17361] kvfree_call_rcu+0xb5/0x7c0 [ 961.291882][T17361] ? call_rcu+0x930/0x930 [ 961.291899][T17361] trie_update_elem+0x86e/0xc50 [ 961.291920][T17361] bpf_map_update_value+0x57d/0x650 [ 961.291935][T17361] generic_map_update_batch+0x525/0x7c0 [ 961.291955][T17361] ? rcu_read_unlock+0x90/0x90 [ 961.291970][T17361] ? __fdget+0x18b/0x210 [ 961.291983][T17361] ? rcu_read_unlock+0x90/0x90 [ 961.291995][T17361] bpf_map_do_batch+0x466/0x600 [ 961.292011][T17361] __sys_bpf+0x601/0x670 [ 961.292026][T17361] ? bpf_link_show_fdinfo+0x340/0x340 [ 961.292044][T17361] ? vtime_user_exit+0x2dc/0x400 [ 961.292061][T17361] __x64_sys_bpf+0x78/0x90 [ 961.292075][T17361] do_syscall_64+0x4c/0xa0 [ 961.292090][T17361] ? clear_bhb_loop+0x30/0x80 [ 961.292102][T17361] ? clear_bhb_loop+0x30/0x80 [ 961.292115][T17361] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 961.292132][T17361] RIP: 0033:0x7f730bf77be9 [ 961.292144][T17361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 961.292156][T17361] RSP: 002b:00007f730a1df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 961.292170][T17361] RAX: ffffffffffffffda RBX: 00007f730c19efa0 RCX: 00007f730bf77be9 [ 961.292180][T17361] RDX: 0000000000000038 RSI: 0000200000000000 RDI: 000000000000001a [ 961.292189][T17361] RBP: 00007f730bffae19 R08: 0000000000000000 R09: 0000000000000000 [ 961.292197][T17361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 961.292205][T17361] R13: 00007f730c19f038 R14: 00007f730c19efa0 R15: 00007ffc4ee48d48 [ 961.292220][T17361]