last executing test programs:

20.234159728s ago: executing program 2 (id=3403):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg$can_raw(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000540)=""/165, 0xa5}], 0x1}, 0x100)

20.108674159s ago: executing program 2 (id=3407):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
connect$unix(r1, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e23}, 0x6e)

19.951253739s ago: executing program 2 (id=3410):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4400, 0x3, @dev={0xfe, 0x80, '\x00', 0x33}, 0x3}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl(r0, 0x8b2c, &(0x7f0000000040))

19.901016367s ago: executing program 2 (id=3412):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000b40)={'wpan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)={0x98, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x3c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xb0}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x6}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x9}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}]}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x81}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x8}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_SEC_LEVEL={0x24, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x3}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x20008894}, 0x4c010)

19.790270515s ago: executing program 2 (id=3416):
r0 = socket$caif_seqpacket(0x25, 0x5, 0x5)
connect$caif(r0, &(0x7f0000000e00)=@dgm={0x25, 0x2, 0x9}, 0x18)

19.731691219s ago: executing program 2 (id=3419):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r1, @ANYBLOB="2f0429bd7000fbdbdf25030000000c0002000700000000000000080001000000000005000a00ff000000400007800c000180", @ANYRES32], 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800)

19.018654432s ago: executing program 1 (id=3439):
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
splice(r2, 0x0, r0, 0x0, 0x9, 0x1200000000000000)

18.917177365s ago: executing program 1 (id=3440):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071103e000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)

18.916984051s ago: executing program 1 (id=3441):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000500)=@polexpire={0xd4, 0x1b, 0x1, 0x0, 0x0, {{{@in6=@private0, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}}, [@mark={0xc}, @XFRMA_IF_ID={0x8}]}, 0xd4}, 0x1, 0x0, 0x0, 0x400c001}, 0x0)

18.860915063s ago: executing program 1 (id=3442):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r1, @ANYBLOB="140001"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

18.86056521s ago: executing program 1 (id=3443):
r0 = socket(0xa, 0x2400000001, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0x90)

18.781768197s ago: executing program 1 (id=3444):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}}, 0x24}}, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x8)
setsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000080)=0x9, 0x4)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11, 0x1, 0x0, 0x40}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x810}, 0x20004000)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000cc0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB], 0x20}}, 0x40090)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x1c, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000828500000017000000bf91000000000000b7020000000000008500000085000000b700"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x1c, 0x2d, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x4, 0x800}, @nested={0x6, 0x11, 0x0, 0x1, [@generic="2fe5"]}]}, 0x1c}], 0x1}, 0x0)
close(r0)

16.241953025s ago: executing program 0 (id=3464):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f0000001500)=0x5, 0x4)

16.241692519s ago: executing program 0 (id=3465):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r0, 0x1)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000340)=@assoc_value={r2, 0x800}, &(0x7f0000000380)=0x8)

16.121795766s ago: executing program 0 (id=3466):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000540)=0x5, 0x4)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
close(0x4)

15.91972243s ago: executing program 0 (id=3467):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)="842a0a65bd8c2b", 0x7)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

15.919356845s ago: executing program 0 (id=3468):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000002c80)=@file={0x0, './file0\x00'}, 0x6e)

15.91924895s ago: executing program 0 (id=3469):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000001dcdf251700000008000300", @ANYRES32=r2, @ANYBLOB="5c00308014000400dfeedc2634e7d49e20f73e16e79faba03c0001803000038006000200ffff0000190002000300000006000300ffff00000600010001000000430004000200aaaaaaaaaaaa08000100000000000500020009000000c338f28d300c54e92fc9aac2bb34a6c0d20946571ea89d29b9a6a824ae6cb225a222cb178f486901"], 0x78}, 0x1, 0x0, 0x0, 0x8010}, 0x48804)

4.003238831s ago: executing program 32 (id=3419):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r1, @ANYBLOB="2f0429bd7000fbdbdf25030000000c0002000700000000000000080001000000000005000a00ff000000400007800c000180", @ANYRES32], 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800)

2.998586187s ago: executing program 33 (id=3444):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}}, 0x24}}, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x8)
setsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000080)=0x9, 0x4)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11, 0x1, 0x0, 0x40}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x810}, 0x20004000)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000cc0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB], 0x20}}, 0x40090)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x1c, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000828500000017000000bf91000000000000b7020000000000008500000085000000b700"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x1c, 0x2d, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x4, 0x800}, @nested={0x6, 0x11, 0x0, 0x1, [@generic="2fe5"]}]}, 0x1c}], 0x1}, 0x0)
close(r0)

0s ago: executing program 34 (id=3469):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000001dcdf251700000008000300", @ANYRES32=r2, @ANYBLOB="5c00308014000400dfeedc2634e7d49e20f73e16e79faba03c0001803000038006000200ffff0000190002000300000006000300ffff00000600010001000000430004000200aaaaaaaaaaaa08000100000000000500020009000000c338f28d300c54e92fc9aac2bb34a6c0d20946571ea89d29b9a6a824ae6cb225a222cb178f486901"], 0x78}, 0x1, 0x0, 0x0, 0x8010}, 0x48804)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:14222' (ED25519) to the list of known hosts.
syzkaller login: [   49.422821][ T5771] cgroup: Unknown subsys name 'net'
[   49.520407][ T5771] cgroup: Unknown subsys name 'cpuset'
[   49.526678][ T5771] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   51.102423][ T5771] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   59.541786][ T5868] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   59.549590][ T5868] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   59.553388][ T5868] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   59.564051][ T5868] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   59.567615][ T5868] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   59.590401][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   59.594566][ T5868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   59.598278][ T5868] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   59.602086][ T5868] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   59.606815][ T5868] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   59.632684][ T5868] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   59.639450][ T5868] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   59.642816][ T5868] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   59.654269][ T5868] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   59.657374][ T5868] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   59.998762][ T5869] chnl_net:caif_netlink_parms(): no params data found
[   60.053711][ T5866] chnl_net:caif_netlink_parms(): no params data found
[   60.090923][ T5872] chnl_net:caif_netlink_parms(): no params data found
[   60.167630][ T5869] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.171090][ T5869] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.176132][ T5869] bridge_slave_0: entered allmulticast mode
[   60.180004][ T5869] bridge_slave_0: entered promiscuous mode
[   60.200280][ T5869] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.203493][ T5869] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.206452][ T5869] bridge_slave_1: entered allmulticast mode
[   60.210140][ T5869] bridge_slave_1: entered promiscuous mode
[   60.258469][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.261428][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.265497][ T5866] bridge_slave_0: entered allmulticast mode
[   60.269469][ T5866] bridge_slave_0: entered promiscuous mode
[   60.292541][ T5869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.296064][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.298765][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.301550][ T5866] bridge_slave_1: entered allmulticast mode
[   60.305390][ T5866] bridge_slave_1: entered promiscuous mode
[   60.322153][ T5872] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.325524][ T5872] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.327852][ T5872] bridge_slave_0: entered allmulticast mode
[   60.330837][ T5872] bridge_slave_0: entered promiscuous mode
[   60.335748][ T5869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.339380][ T5872] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.342069][ T5872] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.345286][ T5872] bridge_slave_1: entered allmulticast mode
[   60.348745][ T5872] bridge_slave_1: entered promiscuous mode
[   60.364998][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.384527][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.396986][ T5869] team0: Port device team_slave_0 added
[   60.419294][ T5869] team0: Port device team_slave_1 added
[   60.424917][ T5872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.461683][ T5872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.478135][ T5866] team0: Port device team_slave_0 added
[   60.482012][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.485577][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.495263][ T5869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.509232][ T5866] team0: Port device team_slave_1 added
[   60.512519][ T5872] team0: Port device team_slave_0 added
[   60.516229][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.518945][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.530428][ T5869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.537000][ T5872] team0: Port device team_slave_1 added
[   60.579874][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.582170][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.591528][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.606610][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.608999][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.619396][ T5872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.625217][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.627404][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.637453][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.663001][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.665907][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.676540][ T5872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.692168][ T5869] hsr_slave_0: entered promiscuous mode
[   60.697684][ T5869] hsr_slave_1: entered promiscuous mode
[   60.759517][ T5866] hsr_slave_0: entered promiscuous mode
[   60.761940][ T5866] hsr_slave_1: entered promiscuous mode
[   60.767285][ T5866] debugfs: 'hsr0' already exists in 'hsr'
[   60.769713][ T5866] Cannot create hsr debugfs directory
[   60.797289][ T5872] hsr_slave_0: entered promiscuous mode
[   60.800604][ T5872] hsr_slave_1: entered promiscuous mode
[   60.803642][ T5872] debugfs: 'hsr0' already exists in 'hsr'
[   60.806016][ T5872] Cannot create hsr debugfs directory
[   61.091622][ T5866] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   61.102452][ T5866] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   61.110531][ T5866] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   61.126184][ T5866] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   61.167488][ T5872] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   61.192877][ T5872] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.198000][ T5872] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.205736][ T5872] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.246821][ T5869] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.265402][ T5869] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.270603][ T5869] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.278270][ T5869] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   61.371178][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.406359][ T5872] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.413944][ T5866] 8021q: adding VLAN 0 to HW filter on device team0
[   61.428907][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.431811][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.444555][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.447641][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.456968][ T5872] 8021q: adding VLAN 0 to HW filter on device team0
[   61.473681][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.476113][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.485790][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.488048][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.499197][ T5869] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.528425][ T5869] 8021q: adding VLAN 0 to HW filter on device team0
[   61.540996][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.543676][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.563859][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.566820][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.574746][   T55] Bluetooth: hci0: command tx timeout
[   61.599239][ T5872] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   61.606243][ T5872] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.653487][   T55] Bluetooth: hci1: command tx timeout
[   61.710702][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.733681][   T55] Bluetooth: hci2: command tx timeout
[   61.758340][ T5866] veth0_vlan: entered promiscuous mode
[   61.786422][ T5866] veth1_vlan: entered promiscuous mode
[   61.792261][ T5872] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.826530][ T5866] veth0_macvtap: entered promiscuous mode
[   61.830844][ T5866] veth1_macvtap: entered promiscuous mode
[   61.847600][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.859240][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.877702][ T5872] veth0_vlan: entered promiscuous mode
[   61.888452][ T5706] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.891293][ T5706] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.901264][ T5706] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.905972][ T5706] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.911597][ T5869] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.920832][ T5872] veth1_vlan: entered promiscuous mode
[   62.017323][ T5872] veth0_macvtap: entered promiscuous mode
[   62.022246][  T199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.023971][ T5869] veth0_vlan: entered promiscuous mode
[   62.032477][  T199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.035085][ T5869] veth1_vlan: entered promiscuous mode
[   62.048332][ T5872] veth1_macvtap: entered promiscuous mode
[   62.079749][  T199] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.082630][  T199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.087201][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.101868][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.116838][   T14] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.122523][ T5869] veth0_macvtap: entered promiscuous mode
[   62.131055][ T5869] veth1_macvtap: entered promiscuous mode
[   62.138503][   T14] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.151785][ T5866] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   62.153472][   T14] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.173683][   T14] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.240779][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.255826][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.272173][ T5929] netlink: 16 bytes leftover after parsing attributes in process `syz.1.15'.
[   62.282849][   T14] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.286343][   T14] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.289569][   T14] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.326451][   T14] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.391756][ T5933] 8021q: adding VLAN 0 to HW filter on device bond1
[   62.396964][ T5933] bridge0: port 3(bond1) entered blocking state
[   62.399784][ T5933] bridge0: port 3(bond1) entered disabled state
[   62.402564][ T5933] bond1: entered allmulticast mode
[   62.406758][ T5933] bond1: entered promiscuous mode
[   62.410709][ T5933] bridge0: port 3(bond1) entered blocking state
[   62.413731][ T5933] bridge0: port 3(bond1) entered forwarding state
[   62.442462][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.448017][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.452868][ T4544] bridge0: port 3(bond1) entered disabled state
[   62.502992][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.512045][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.542398][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.555964][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.658516][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.661776][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.789029][ T5945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20'.
[   63.070971][ T5961] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27'.
[   63.210576][ T5970] netlink: 'syz.1.31': attribute type 10 has an invalid length.
[   63.354644][ T5978] netlink: 36 bytes leftover after parsing attributes in process `syz.1.35'.
[   63.358591][ T5978] netlink: 16 bytes leftover after parsing attributes in process `syz.1.35'.
[   63.362530][ T5978] netlink: 36 bytes leftover after parsing attributes in process `syz.1.35'.
[   63.367576][ T5978] netlink: 36 bytes leftover after parsing attributes in process `syz.1.35'.
[   63.428937][ T5984] bond0: default FDB implementation only supports local addresses
[   63.443416][ T5982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.37'.
[   63.460511][ T5982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.37'.
[   63.536880][ T5992] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   63.656122][   T55] Bluetooth: hci0: command tx timeout
[   63.734125][   T55] Bluetooth: hci1: command tx timeout
[   63.813451][   T55] Bluetooth: hci2: command tx timeout
[   63.872404][ T6012] syz.0.50 uses obsolete (PF_INET,SOCK_PACKET)
[   63.884757][ T6014] netlink: 'syz.1.51': attribute type 11 has an invalid length.
[   63.950768][ T6016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.52'.
[   63.975535][ T6016] batadv0: entered promiscuous mode
[   63.978043][ T6016] macsec1: entered promiscuous mode
[   63.990113][ T6016] batadv0: left promiscuous mode
[   64.029146][ T6018] tipc: Started in network mode
[   64.031176][ T6018] tipc: Node identity b66c7d54e142, cluster identity 4711
[   64.041402][ T6018] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   64.045052][ T6018] syzkaller0: entered promiscuous mode
[   64.047877][ T6018] syzkaller0: entered allmulticast mode
[   64.066478][ T6018] tipc: Resetting bearer <eth:syzkaller0>
[   64.069637][ T6018] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   64.075640][ T6017] tipc: Resetting bearer <eth:syzkaller0>
[   64.084300][ T6017] tipc: Disabling bearer <eth:syzkaller0>
[   64.132899][ T6020] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   64.285011][ T6024] Illegal XDP return value 4294967274 on prog  (id 9) dev N/A, expect packet loss!
[   64.675243][ T6042] tipc: Started in network mode
[   64.677340][ T6042] tipc: Node identity ff, cluster identity 4711
[   64.680064][ T6042] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   65.404050][ T6088] netlink: 'syz.1.84': attribute type 32 has an invalid length.
[   65.733997][   T55] Bluetooth: hci0: command tx timeout
[   65.815055][   T55] Bluetooth: hci1: command tx timeout
[   65.838724][ T6114] Bluetooth: MGMT ver 1.23
[   65.893600][ T5868] Bluetooth: hci2: command tx timeout
[   67.411559][ T6180] 8021q: adding VLAN 0 to HW filter on device bond1
[   67.422006][ T6180] bond0: (slave bond1): Enslaving as an active interface with an up link
[   67.558943][ T6187] __nla_validate_parse: 5 callbacks suppressed
[   67.558958][ T6187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.128'.
[   67.597091][ T6189] netlink: 12 bytes leftover after parsing attributes in process `syz.2.125'.
[   67.598235][ T6187] Zero length message leads to an empty skb
[   67.769237][ T6207] netlink: 134820 bytes leftover after parsing attributes in process `syz.0.133'.
[   67.815249][ T5868] Bluetooth: hci0: command tx timeout
[   67.846923][   T52] IPVS: starting estimator thread 0...
[   67.865884][ T6213] tipc: Enabled bearer <udp:s>, priority 10
[   67.894254][   T55] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   67.896254][ T5868] Bluetooth: hci1: command tx timeout
[   67.934904][ T6214] IPVS: using max 81 ests per chain, 194400 per kthread
[   67.958003][ T6221] netlink: 'syz.2.141': attribute type 3 has an invalid length.
[   67.983308][   T55] Bluetooth: hci2: command tx timeout
[   68.048823][ T6230] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[   68.142975][ T6237] netlink: 12 bytes leftover after parsing attributes in process `syz.1.148'.
[   68.168284][ T6237] bridge1: port 1(veth3) entered blocking state
[   68.170668][ T6237] bridge1: port 1(veth3) entered disabled state
[   68.174839][ T6237] veth3: entered allmulticast mode
[   68.178526][ T6237] veth3: entered promiscuous mode
[   68.203814][ T6237] bridge1: port 2(veth0_to_bond) entered blocking state
[   68.210190][ T6237] bridge1: port 2(veth0_to_bond) entered disabled state
[   68.215330][ T6237] veth0_to_bond: entered allmulticast mode
[   68.217587][ T6239] sock: sock_set_timeout: `syz.2.149' (pid 6239) tries to set negative timeout
[   68.220603][ T6237] veth0_to_bond: entered promiscuous mode
[   68.349083][ T6249] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[   68.695693][   T33] audit: type=1800 audit(1757440862.068:2): pid=6260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.158" name="memory.events" dev="tmpfs" ino=343 res=0 errno=0
[   68.849400][ T6263] tipc: Enabling of bearer <udp:s> rejected, already enabled
[   68.864337][ T5893] tipc: Node number set to 4278190080
[   68.901798][ T6266] warning: `syz.1.162' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   69.215159][ T6292] netlink: 'syz.2.168': attribute type 13 has an invalid length.
[   69.876454][ T6334] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   69.885288][ T6334] syzkaller0: entered promiscuous mode
[   69.887973][ T6334] syzkaller0: entered allmulticast mode
[   69.893232][   T55] Bluetooth: hci0: command 0x0c1a tx timeout
[   69.909889][ T6334] tipc: Resetting bearer <eth:syzkaller0>
[   69.917790][ T6334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   69.921371][ T6334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   69.939308][ T6333] tipc: Resetting bearer <eth:syzkaller0>
[   69.957839][ T6333] tipc: Disabling bearer <eth:syzkaller0>
[   70.116367][ T6349] geneve2: entered promiscuous mode
[   70.199159][ T6357] netlink: 348 bytes leftover after parsing attributes in process `syz.1.184'.
[   70.347679][ T6371] netlink: 240 bytes leftover after parsing attributes in process `syz.1.189'.
[   70.592584][ T6389] netlink: 8 bytes leftover after parsing attributes in process `syz.1.194'.
[   70.596824][ T6389] netlink: 24 bytes leftover after parsing attributes in process `syz.1.194'.
[   71.055762][ T6410] syz_tun: entered allmulticast mode
[   71.099484][ T6410] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.103008][ T6410] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.162651][ T6410] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.172533][ T6410] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.221513][ T6410] geneve2: left promiscuous mode
[   71.246004][   T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.260744][   T12] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.272830][   T12] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.307681][   T12] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.309712][ T6414] netlink: 8 bytes leftover after parsing attributes in process `syz.2.203'.
[   71.349050][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[   71.351519][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[   71.632560][ T6450] netlink: 32 bytes leftover after parsing attributes in process `syz.1.220'.
[   71.688897][ T5925] IPVS: starting estimator thread 0...
[   71.725155][ T6462] netlink: 'syz.0.226': attribute type 1 has an invalid length.
[   71.785061][ T6459] IPVS: using max 40 ests per chain, 96000 per kthread
[   72.097635][ T6502] bridge0: entered allmulticast mode
[   72.100462][ T6502] bridge_slave_1: left allmulticast mode
[   72.102955][ T6502] bridge_slave_1: left promiscuous mode
[   72.105789][ T6502] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.111623][ T6502] bridge_slave_0: left allmulticast mode
[   72.115818][ T6502] bridge_slave_0: left promiscuous mode
[   72.118435][ T6502] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.135406][ T6502] bridge0 (unregistering): left allmulticast mode
[   72.410526][ T6524] netlink: 'syz.1.256': attribute type 3 has an invalid length.
[   72.488540][ T6530] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   72.492994][ T6530] syzkaller0: entered promiscuous mode
[   72.497133][ T6530] syzkaller0: entered allmulticast mode
[   72.510553][ T6530] tipc: Resetting bearer <eth:syzkaller0>
[   72.532986][ T6530] tipc: Resetting bearer <eth:syzkaller0>
[   72.549054][ T6530] tipc: Disabling bearer <eth:syzkaller0>
[   72.636403][ T6536] __nla_validate_parse: 5 callbacks suppressed
[   72.636419][ T6536] netlink: 24 bytes leftover after parsing attributes in process `syz.0.261'.
[   72.945128][ T6553] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[   72.950901][ T6553] netlink: 8 bytes leftover after parsing attributes in process `syz.0.269'.
[   72.955736][ T6553] netlink: 12 bytes leftover after parsing attributes in process `syz.0.269'.
[   73.182903][ T6567] netlink: 16 bytes leftover after parsing attributes in process `syz.2.276'.
[   73.191429][ T6567] netlink: 28 bytes leftover after parsing attributes in process `syz.2.276'.
[   73.249365][ T6569] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   73.289268][ T6571] syzkaller1: entered promiscuous mode
[   73.291796][ T6571] syzkaller1: entered allmulticast mode
[   73.419062][ T6576] team_slave_0: entered promiscuous mode
[   73.421707][ T6576] team_slave_1: entered promiscuous mode
[   73.425884][ T6576] macsec1: entered promiscuous mode
[   73.428887][ T6576] team0: entered promiscuous mode
[   73.728039][ T6592] netlink: 32 bytes leftover after parsing attributes in process `syz.2.287'.
[   73.998204][ T6614] netlink: 12 bytes leftover after parsing attributes in process `syz.2.298'.
[   74.012986][ T6614] netlink: 12 bytes leftover after parsing attributes in process `syz.2.298'.
[   74.282118][ T6631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.306'.
[   74.371681][ T6638] netlink: 8 bytes leftover after parsing attributes in process `syz.0.309'.
[   75.553551][ T6683] IPVS: set_ctl: invalid protocol: 137 172.20.20.187:20004
[   75.664773][ T6683] nbd0: detected capacity change from 0 to 127
[   75.671130][   T56] block nbd0: Receive control failed (result -104)
[   75.671246][ T5858] block nbd0: Send control failed (result -32)
[   75.677543][ T5858] block nbd0: Request send failed, requeueing
[   75.682438][   T97] block nbd0: Dead connection, failed to find a fallback
[   75.685949][   T97] block nbd0: shutting down sockets
[   75.689694][   T97] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   75.693946][   T97] Buffer I/O error on dev nbd0, logical block 2, async page read
[   75.699790][ T5858] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   75.703883][ T5858] Buffer I/O error on dev nbd0, logical block 3, async page read
[   75.925908][ T6707] netlink: 'syz.1.340': attribute type 1 has an invalid length.
[   76.196467][ T6730] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[   76.398264][ T6751] bond2: entered promiscuous mode
[   76.400468][ T6751] 8021q: adding VLAN 0 to HW filter on device bond2
[   76.403907][ T6756] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[   76.451706][ T6760] netlink: 'syz.2.365': attribute type 3 has an invalid length.
[   76.535403][ T6751] bond2 (unregistering): Released all slaves
[   76.854870][ T6783] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[   77.151818][ T6799] ieee802154 phy0 wpan0: encryption failed: -90
[   77.196063][ T6801] openvswitch: netlink: nsh attr 0 has unexpected len 33788 expected 0
[   77.199682][ T6801] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   77.310575][ T6813] netlink: 'syz.0.389': attribute type 2 has an invalid length.
[   77.360654][ T6819] netlink: 'syz.0.392': attribute type 28 has an invalid length.
[   77.449364][ T6822] bridge_slave_0: left allmulticast mode
[   77.451702][ T6822] bridge_slave_0: left promiscuous mode
[   77.460621][ T6822] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.481558][ T6822] bridge_slave_1: left allmulticast mode
[   77.486054][ T6822] bridge_slave_1: left promiscuous mode
[   77.488927][ T6822] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.495124][ T6822] veth0_to_bond: left allmulticast mode
[   77.497098][ T6822] veth0_to_bond: left promiscuous mode
[   77.499323][ T6822] bridge1: port 2(veth0_to_bond) entered disabled state
[   77.509760][ T6822] bond0: (slave bond_slave_0): Releasing backup interface
[   77.518968][ T6822] bond0: (slave bond_slave_1): Releasing backup interface
[   77.537107][ T6822] team0: Port device team_slave_0 removed
[   77.542288][ T6822] team0: Port device team_slave_1 removed
[   77.547404][ T6822] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.550216][ T6822] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.555568][ T6822] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.567630][ T6822] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.580194][ T6822] bond1: left allmulticast mode
[   77.587568][ T6822] bond1: left promiscuous mode
[   77.589877][ T6822] bridge0: port 3(bond1) entered disabled state
[   77.605115][ T6822] veth3: left allmulticast mode
[   77.607272][ T6822] veth3: left promiscuous mode
[   77.609418][ T6822] bridge1: port 1(veth3) entered disabled state
[   77.654928][ T6822] netlink: 'syz.1.391': attribute type 10 has an invalid length.
[   77.668302][ T6822] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.675458][ T6822] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   77.701209][ T6838] netlink: 'syz.0.400': attribute type 7 has an invalid length.
[   77.717463][ T6840] netlink: 'syz.2.401': attribute type 1 has an invalid length.
[   78.027237][ T6866] __nla_validate_parse: 6 callbacks suppressed
[   78.027250][ T6866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.414'.
[   78.244356][   T10] cfg80211: failed to load regulatory.db
[   78.299579][ T6876] netlink: zone id is out of range
[   78.302249][ T6876] netlink: zone id is out of range
[   78.314189][ T6876] netlink: zone id is out of range
[   78.381138][ T6876] netlink: set zone limit has 4 unknown bytes
[   78.389582][ T6881] netlink: del zone limit has 4 unknown bytes
[   78.623899][ T6904] netlink: 12 bytes leftover after parsing attributes in process `syz.2.430'.
[   79.076461][ T6937] netlink: 'syz.1.443': attribute type 2 has an invalid length.
[   79.086076][ T6937] netlink: 16 bytes leftover after parsing attributes in process `syz.1.443'.
[   79.246418][ T6946] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0
[   79.591801][ T6964] netlink: 32 bytes leftover after parsing attributes in process `syz.2.453'.
[   80.021140][ T6990] netlink: 56 bytes leftover after parsing attributes in process `syz.2.466'.
[   80.168440][ T7000] netlink: 'syz.2.471': attribute type 1 has an invalid length.
[   80.172266][ T7000] netlink: 244 bytes leftover after parsing attributes in process `syz.2.471'.
[   80.342620][ T7006] netlink: 164 bytes leftover after parsing attributes in process `syz.1.474'.
[   80.843359][ T7040] nbd2: detected capacity change from 0 to 63
[   80.847650][ T7051] block nbd2: NBD_DISCONNECT
[   80.851215][ T7051] block nbd2: Disconnected due to user request.
[   80.877893][ T7051] block nbd2: shutting down sockets
[   80.902487][ T7040] bond1: entered promiscuous mode
[   80.905956][ T7040] bond1: entered allmulticast mode
[   80.908729][ T7040] 8021q: adding VLAN 0 to HW filter on device bond1
[   80.963319][    C1] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   80.967319][    C1] Buffer I/O error on dev nbd2, logical block 0, async page read
[   80.970662][    C1] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   80.974562][    C1] Buffer I/O error on dev nbd2, logical block 1, async page read
[   80.977907][    C1] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   80.981787][    C1] Buffer I/O error on dev nbd2, logical block 2, async page read
[   80.985257][    C1] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   80.989091][    C1] Buffer I/O error on dev nbd2, logical block 3, async page read
[   80.993825][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   80.997501][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   81.000788][ T6319] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   81.003892][ T6319] Buffer I/O error on dev nbd2, logical block 1, async page read
[   81.006435][ T6319] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   81.009469][ T6319] Buffer I/O error on dev nbd2, logical block 2, async page read
[   81.012124][ T6319] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   81.017018][ T6319] Buffer I/O error on dev nbd2, logical block 3, async page read
[   81.020194][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   81.024164][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   81.027469][ T6319] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   81.031127][ T6319] Buffer I/O error on dev nbd2, logical block 1, async page read
[   81.038811][ T6319] ldm_validate_partition_table(): Disk read failed.
[   81.044599][ T6319] Dev nbd2: unable to read RDB block 0
[   81.049230][ T6319]  nbd2: unable to read partition table
[   81.080369][ T6319] ldm_validate_partition_table(): Disk read failed.
[   81.085945][ T6319] Dev nbd2: unable to read RDB block 0
[   81.089995][ T6319]  nbd2: unable to read partition table
[   81.267873][ T7076] netlink: 4 bytes leftover after parsing attributes in process `syz.1.495'.
[   81.297418][ T7076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.495'.
[   81.301082][ T7076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.495'.
[   81.574573][ T7100] net_ratelimit: 1 callbacks suppressed
[   81.574583][ T7100] openvswitch: netlink: Geneve opt len 30 is not a multiple of 4.
[   81.815175][ T7119] syz_tun: left allmulticast mode
[   81.820244][ T7119] lo speed is unknown, defaulting to 1000
[   81.825870][ T7119] lo speed is unknown, defaulting to 1000
[   81.829780][ T7119] lo speed is unknown, defaulting to 1000
[   81.831476][ T7121] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[   81.845869][ T7121] bridge_slave_0: left allmulticast mode
[   81.848072][ T7121] bridge_slave_0: left promiscuous mode
[   81.850732][ T7121] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.859046][ T7121] bridge_slave_1: left allmulticast mode
[   81.861535][ T7121] bridge_slave_1: left promiscuous mode
[   81.865178][ T7121] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.874663][ T7121] bond0: (slave bond_slave_0): Releasing backup interface
[   81.880622][ T7121] bond0: (slave bond_slave_1): Releasing backup interface
[   81.887170][ T7121] team_slave_0: left promiscuous mode
[   81.891166][ T7121] team0: Port device team_slave_0 removed
[   81.896850][ T7121] team_slave_1: left promiscuous mode
[   81.900727][ T7121] team0: Port device team_slave_1 removed
[   81.906018][ T7121] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.909350][ T7121] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.918622][ T7121] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.922855][ T7121] batman_adv: batadv0: Removing interface: batadv_slave_1
[   81.995798][ T7119] infiniband syz0: set active
[   81.999580][ T7119] infiniband syz0: added lo
[   82.011839][ T7121] netlink: 'syz.2.515': attribute type 10 has an invalid length.
[   82.022440][ T7122] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.026235][ T7122] 8021q: adding VLAN 0 to HW filter on device team0
[   82.032169][ T7122] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.072636][ T5893] lo speed is unknown, defaulting to 1000
[   82.075829][ T5893] syz0: Port: 1 Link ACTIVE
[   82.078694][ T7121] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[   82.110290][ T7119] RDS/IB: syz0: added
[   82.112591][ T7119] smc: adding ib device syz0 with port count 1
[   82.116506][ T7121] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.122153][ T7119] smc:    ib device syz0 port 1 has no pnetid
[   82.127503][ T7121] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   82.138396][ T5870] lo speed is unknown, defaulting to 1000
[   82.154306][ T7119] lo speed is unknown, defaulting to 1000
[   82.157166][ T7123] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[   82.166204][ T7123] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[   82.368075][ T7119] lo speed is unknown, defaulting to 1000
[   82.587811][ T7119] lo speed is unknown, defaulting to 1000
[   82.844675][ T7119] syz.0.513 (7119) used greatest stack depth: 18208 bytes left
[   83.164400][ T7189] sch_tbf: burst 5 is lower than device lo mtu (65550) !
[   83.338058][ T7202] __nla_validate_parse: 4 callbacks suppressed
[   83.338068][ T7202] netlink: 8 bytes leftover after parsing attributes in process `syz.0.547'.
[   83.391523][ T7204] netlink: 16 bytes leftover after parsing attributes in process `syz.0.548'.
[   83.550491][ T7206] lo speed is unknown, defaulting to 1000
[   84.229332][ T7223] netlink: 24 bytes leftover after parsing attributes in process `syz.2.555'.
[   84.241694][ T7223] netlink: 24 bytes leftover after parsing attributes in process `syz.2.555'.
[   84.343924][ T7232] netlink: 32 bytes leftover after parsing attributes in process `syz.0.560'.
[   84.347611][ T7232] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   84.511760][ T7250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.569'.
[   84.631806][ T7257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.572'.
[   84.638907][ T7257] netlink: 120 bytes leftover after parsing attributes in process `syz.0.572'.
[   84.646056][ T7257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.572'.
[   84.982692][ T7277] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20003
[   85.200850][ T7286] netlink: 'syz.1.582': attribute type 1 has an invalid length.
[   85.206004][ T7286] netlink: 'syz.1.582': attribute type 1 has an invalid length.
[   85.210178][ T7286] netlink: 224 bytes leftover after parsing attributes in process `syz.1.582'.
[   85.928424][ T7323] netlink: 'syz.0.599': attribute type 1 has an invalid length.
[   86.067988][ T7333] lo speed is unknown, defaulting to 1000
[   86.722170][ T7372] bridge_slave_0: entered allmulticast mode
[   86.760978][ T7378] batadv_slave_0: entered promiscuous mode
[   86.816222][   T14] nci: nci_ntf_packet: unknown ntf opcode 0x127
[   87.662999][ T7420] netlink: 'syz.0.643': attribute type 3 has an invalid length.
[   87.666097][ T7420] netlink: 'syz.0.643': attribute type 3 has an invalid length.
[   87.677191][ T7421] netlink: 'syz.1.644': attribute type 16 has an invalid length.
[   87.679969][ T7421] netlink: 'syz.1.644': attribute type 17 has an invalid length.
[   87.745376][ T7424] IPv6: NLM_F_REPLACE set, but no existing node found!
[   87.922292][   T14] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.930851][   T14] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.943731][   T14] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.949743][   T14] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.124148][ T7446] netlink: 'syz.2.656': attribute type 14 has an invalid length.
[   88.158818][ T7444] lo speed is unknown, defaulting to 1000
[   88.386457][ T7458] lo speed is unknown, defaulting to 1000
[   89.184439][ T7477] lo speed is unknown, defaulting to 1000
[   89.214125][ T7478] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.798011][ T7490] netlink: 'syz.2.671': attribute type 1 has an invalid length.
[   90.555136][ T7511] netlink: 'syz.0.680': attribute type 83 has an invalid length.
[   90.829577][ T7523] macvlan3: entered allmulticast mode
[   90.831493][ T7523] veth1_vlan: entered allmulticast mode
[   90.835192][ T7523] veth1_vlan: left allmulticast mode
[   91.131665][ T7531] __nla_validate_parse: 13 callbacks suppressed
[   91.131679][ T7531] netlink: 20 bytes leftover after parsing attributes in process `syz.1.689'.
[   91.185514][ T7535] netlink: 16 bytes leftover after parsing attributes in process `syz.0.690'.
[   91.191518][ T7531] nbd: socks must be embedded in a SOCK_ITEM attr
[   91.203429][ T5857] block nbd64: NBD_DISCONNECT
[   92.846217][ T7574] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   92.852529][  T792] lo speed is unknown, defaulting to 1000
[   92.922083][ T7558] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   92.934667][ T7580] netlink: 64 bytes leftover after parsing attributes in process `syz.0.709'.
[   92.938560][ T7580] trusted_key: syz.0.709 sent an empty control message without MSG_MORE.
[   94.630160][ T7626] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe
[   94.767585][ T7632] netlink: 'syz.2.732': attribute type 21 has an invalid length.
[   94.770550][ T7632] netlink: 132 bytes leftover after parsing attributes in process `syz.2.732'.
[   94.779475][ T7630] netlink: 516 bytes leftover after parsing attributes in process `syz.1.731'.
[   94.866193][ T7636] netlink: 44 bytes leftover after parsing attributes in process `syz.1.734'.
[   94.878518][ T7636] netlink: 44 bytes leftover after parsing attributes in process `syz.1.734'.
[   95.172982][ T7674] netlink: 44 bytes leftover after parsing attributes in process `syz.2.752'.
[   95.180563][ T7674] netlink: 16 bytes leftover after parsing attributes in process `syz.2.752'.
[   95.512580][ T7685] netlink: 4 bytes leftover after parsing attributes in process `syz.2.756'.
[   96.850130][ T7731] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   97.168781][ T7765] tipc: Started in network mode
[   97.170887][ T7765] tipc: Node identity 080211, cluster identity 4711
[   97.174728][ T7765] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   97.179241][ T7765] mac80211_hwsim hwsim4 syzkaller0: entered promiscuous mode
[   97.182143][ T7765] mac80211_hwsim hwsim4 syzkaller0: entered allmulticast mode
[   97.200646][ T7765] tipc: Resetting bearer <eth:syzkaller0>
[   97.385366][ T7787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.801'.
[   97.615570][ T5893] IPVS: starting estimator thread 0...
[   97.626585][ T7809] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   97.685715][ T7816] netlink: 'syz.1.813': attribute type 1 has an invalid length.
[   97.703333][ T7811] IPVS: using max 81 ests per chain, 194400 per kthread
[   97.715050][ T7818] netlink: 12 bytes leftover after parsing attributes in process `syz.1.814'.
[   98.113984][ T7831] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   98.117741][ T7831] syzkaller0: entered promiscuous mode
[   98.120134][ T7831] syzkaller0: entered allmulticast mode
[   98.135680][ T7831] tipc: Resetting bearer <eth:syzkaller0>
[   98.145900][ T7830] tipc: Resetting bearer <eth:syzkaller0>
[   98.169900][ T7830] tipc: Disabling bearer <eth:syzkaller0>
[   98.184710][  T792] tipc: Node number set to 134353152
[   98.332818][ T7844] batadv1: entered allmulticast mode
[   98.339194][ T7844] 8021q: adding VLAN 0 to HW filter on device batadv1
[   98.379988][ T7847] netlink: 24 bytes leftover after parsing attributes in process `syz.0.827'.
[   98.452996][ T7847] netlink: 'syz.0.827': attribute type 10 has an invalid length.
[   98.459627][ T7847] Set syz1 is full, maxelem 0 reached
[   98.637648][ T7861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.834'.
[   98.732207][ T7871] netlink: 'syz.2.839': attribute type 4 has an invalid length.
[   98.889574][ T7890] netlink: 'syz.2.848': attribute type 21 has an invalid length.
[   98.903784][ T7890] netlink: 132 bytes leftover after parsing attributes in process `syz.2.848'.
[   99.068700][ T7908] netlink: 788 bytes leftover after parsing attributes in process `syz.0.856'.
[   99.814163][   T27] wlan0: Trigger new scan to find an IBSS to join
[  100.408315][ T7958] netlink: 'syz.2.877': attribute type 1 has an invalid length.
[  100.411641][ T7958] netlink: 144 bytes leftover after parsing attributes in process `syz.2.877'.
[  100.415181][ T7958] netlink: 96 bytes leftover after parsing attributes in process `syz.2.877'.
[  100.535972][ T7971] 8021q: adding VLAN 0 to HW filter on device bond3
[  100.738800][ T7987] netlink: 'syz.2.889': attribute type 4 has an invalid length.
[  101.090587][ T8017] dummy0: entered promiscuous mode
[  101.099243][ T8017] hsr1: Slave B (batadv_slave_0) is not up; please bring it up to get a fully working HSR network
[  101.109869][ T8017] hsr1: entered allmulticast mode
[  101.112485][ T8017] dummy0: entered allmulticast mode
[  101.115007][ T8017] batadv_slave_0: entered allmulticast mode
[  101.129372][ T8021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.904'.
[  101.132902][ T8021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.904'.
[  101.137121][ T8021] netlink: 'syz.1.904': attribute type 4 has an invalid length.
[  102.090609][ T5706] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  102.426511][ T8083] __nla_validate_parse: 2 callbacks suppressed
[  102.426524][ T8083] netlink: 4 bytes leftover after parsing attributes in process `syz.1.933'.
[  102.714765][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.940'.
[  102.719533][ T8099] netlink: 12 bytes leftover after parsing attributes in process `syz.1.940'.
[  102.786846][  T199] wlan0: Trigger new scan to find an IBSS to join
[  102.907226][ T8113] bond4: entered promiscuous mode
[  102.909696][ T8113] 8021q: adding VLAN 0 to HW filter on device bond4
[  102.928379][ T8119] syz.0.949 (8119) used obsolete PPPIOCDETACH ioctl
[  103.148991][ T8138] netlink: 8 bytes leftover after parsing attributes in process `syz.0.958'.
[  103.276600][ T8147] netlink: 16 bytes leftover after parsing attributes in process `syz.0.963'.
[  103.810477][ T8172] lo speed is unknown, defaulting to 1000
[  103.936065][ T8177] netlink: 64 bytes leftover after parsing attributes in process `syz.0.975'.
[  104.262713][ T8196] netlink: 56 bytes leftover after parsing attributes in process `syz.2.982'.
[  104.428000][ T8205] lo speed is unknown, defaulting to 1000
[  104.876032][ T8229] ip6erspan0: entered allmulticast mode
[  105.053009][ T8251] delete_channel: no stack
[  105.182178][ T8257] bond0: (slave wlan1): Releasing backup interface
[  105.337659][ T8266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1012'.
[  105.341378][ T8266] netlink: 'syz.0.1012': attribute type 19 has an invalid length.
[  105.344943][ T8266] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1012'.
[  105.349693][ T8266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1012'.
[  105.352789][ T8257] team0: Mode changed to "activebackup"
[  105.353845][ T8266] netlink: 'syz.0.1012': attribute type 19 has an invalid length.
[  105.511994][ T8281] lo speed is unknown, defaulting to 1000
[  105.813756][ T4597] wlan0: Trigger new scan to find an IBSS to join
[  105.913620][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 30 seconds
[  105.918628][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 30 seconds
[  106.086606][ T8320] openvswitch: netlink: Key type 29 is not supported
[  106.725928][  T199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.011410][ T8379] xt_socket: unknown flags 0xd0
[  107.938251][ T8428] __nla_validate_parse: 7 callbacks suppressed
[  107.938265][ T8428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1084'.
[  108.182713][ T8446] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1092'.
[  108.621287][ T8464] lo speed is unknown, defaulting to 1000
[  109.060446][ T8486] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1109'.
[  109.508961][ T8498] lo speed is unknown, defaulting to 1000
[  110.114563][ T8524] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1125'.
[  110.569452][ T8559] lo speed is unknown, defaulting to 1000
[  111.296120][ T8569] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1143'.
[  111.310368][ T8569] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1143'.
[  111.578915][ T8578] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.1147'.
[  111.689062][ T8593] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1153'.
[  113.087447][ T8648] sctp: [Deprecated]: syz.0.1168 (pid 8648) Use of int in max_burst socket option.
[  113.087447][ T8648] Use struct sctp_assoc_value instead
[  113.254958][ T8663] netlink: 34 bytes leftover after parsing attributes in process `syz.2.1174'.
[  113.573368][ T5868] Bluetooth: hci2: command 0x0405 tx timeout
[  114.333764][ T8698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1188'.
[  114.376857][   T33] audit: type=1800 audit(1757440907.738:3): pid=8694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1184" name="memory.events" dev="tmpfs" ino=2043 res=0 errno=0
[  114.447686][ T8702] syz.0.1190 uses old SIOCAX25GETINFO
[  114.804593][ T8732] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.971075][ T8732] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.082461][ T8732] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.171835][ T8732] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.267406][ T6315] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.292418][ T6315] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.307484][   T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.318190][   T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.645186][ T8740] Bluetooth: MGMT ver 1.23
[  115.648026][ T8740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1207'.
[  115.651904][ T8740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1207'.
[  115.671045][ T8744] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1206'.
[  115.675051][ T8744] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1206'.
[  115.682520][ T8744] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1206'.
[  115.716453][ T8744] 8021q: adding VLAN 0 to HW filter on device bond2
[  115.722146][ T8749] netlink: 'syz.2.1210': attribute type 1 has an invalid length.
[  115.730104][ T8749] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1210'.
[  116.008640][   T33] audit: type=1800 audit(1757440909.378:4): pid=8744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1206" name="cgroup.controllers" dev="tmpfs" ino=1823 res=0 errno=0
[  116.366872][ T8770] lo speed is unknown, defaulting to 1000
[  116.369676][ T8770] lo speed is unknown, defaulting to 1000
[  116.403679][ T8770] lo speed is unknown, defaulting to 1000
[  116.429980][ T8770] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  116.491406][ T8770] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  116.717449][ T8770] lo speed is unknown, defaulting to 1000
[  116.721556][ T8770] lo speed is unknown, defaulting to 1000
[  116.725643][ T8770] lo speed is unknown, defaulting to 1000
[  117.132814][ T8807] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  117.252348][ T8819] dvmrp8: entered allmulticast mode
[  117.289094][ T8819] lo speed is unknown, defaulting to 1000
[  117.413459][ T8834] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1244'.
[  117.417859][ T8834] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1244'.
[  117.438973][ T8819] lo speed is unknown, defaulting to 1000
[  117.927126][ T8859] netlink: 'syz.2.1255': attribute type 21 has an invalid length.
[  118.266850][ T8876] __nla_validate_parse: 2 callbacks suppressed
[  118.266864][ T8876] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1262'.
[  118.457036][ T8890] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1268'.
[  118.460428][ T8889] netlink: 'syz.1.1267': attribute type 13 has an invalid length.
[  118.468125][ T8889] netlink: 'syz.1.1267': attribute type 17 has an invalid length.
[  118.538510][ T8889] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.543545][ T8889] 8021q: adding VLAN 0 to HW filter on device team0
[  118.550937][ T8889] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  118.609979][ T8896] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  119.037583][ T8917] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  119.328666][ T8934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1286'.
[  119.416277][ T8942] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1289'.
[  119.608757][ T8956] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1296'.
[  120.130622][ T8976] netlink: 'syz.0.1307': attribute type 58 has an invalid length.
[  120.143497][ T8976] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1307'.
[  120.560769][ T8989] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1313'.
[  120.624923][ T8993] netlink: 'syz.0.1314': attribute type 11 has an invalid length.
[  121.005092][ T9023] netlink: 'syz.2.1328': attribute type 10 has an invalid length.
[  121.008508][ T9023] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1328'.
[  121.014449][ T9023] bridge0: port 1(dummy0) entered blocking state
[  121.017665][ T9023] bridge0: port 1(dummy0) entered disabled state
[  121.021923][ T9023] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  121.222573][ T9049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1341'.
[  121.257041][ T9054] netlink: 'syz.2.1344': attribute type 1 has an invalid length.
[  121.259015][ T9055] netlink: 'syz.1.1343': attribute type 10 has an invalid length.
[  121.266617][ T9055] team0: Device dummy0 is up. Set it down before adding it as a team port
[  121.301273][ T9059] netlink: 'syz.1.1346': attribute type 1 has an invalid length.
[  121.534582][ T9074] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1353'.
[  121.551483][ T9074] bond0 (unregistering): Released all slaves
[  121.789211][ T9092] syz_tun: entered allmulticast mode
[  121.819710][ T9092] lo speed is unknown, defaulting to 1000
[  121.949291][ T9092] lo speed is unknown, defaulting to 1000
[  122.052416][ T9091] syz_tun: left allmulticast mode
[  122.399020][ T9138] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (255)
[  122.472462][ T9142] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.497196][ T9149] IPv6: Can't replace route, no match found
[  122.709078][ T9172] bridge0: entered promiscuous mode
[  122.712406][ T9172] macsec1: entered promiscuous mode
[  122.715582][ T9172] bridge0: port 1(macsec1) entered blocking state
[  122.718381][ T9172] bridge0: port 1(macsec1) entered disabled state
[  122.721083][ T9172] macsec1: entered allmulticast mode
[  122.743216][ T9172] bridge0: entered allmulticast mode
[  122.747371][ T9172] macsec1: left allmulticast mode
[  122.749554][ T9172] bridge0: left allmulticast mode
[  122.753740][ T9172] bridge0: left promiscuous mode
[  122.881146][ T5706] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  123.789015][ T9205] __nla_validate_parse: 5 callbacks suppressed
[  123.789024][ T9205] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1410'.
[  123.983477][ T9220] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1417'.
[  125.472303][ T9272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1441'.
[  125.762717][ T9291] lo speed is unknown, defaulting to 1000
[  126.512084][ T9291] lo speed is unknown, defaulting to 1000
[  127.164303][ T9331] syzkaller1: entered allmulticast mode
[  127.187079][ T9335] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  127.238198][ T9337] smc: net device bond0 applied user defined pnetid SYZ0
[  127.241832][ T9337] smc: net device bond0 erased user defined pnetid SYZ0
[  127.597314][ T9356] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[  127.658087][ T9360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1479'.
[  127.662013][ T9360] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  127.739333][ T9364] netlink: 'syz.0.1481': attribute type 5 has an invalid length.
[  128.767301][ T9437] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1517'.
[  128.947344][ T9448] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1519'.
[  130.775834][ T9533] lo speed is unknown, defaulting to 1000
[  130.951125][ T9549] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1568'.
[  130.954364][ T9549] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1568'.
[  131.079753][ T9561] lo speed is unknown, defaulting to 1000
[  131.237383][ T9566] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1573'.
[  131.418875][ T9579] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  131.461686][ T9573] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.531133][ T9584] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1580'.
[  132.049025][ T9596] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  132.053669][ T9596] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  132.605048][ T9609] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1591'.
[  132.701534][ T9615] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1594'.
[  132.777898][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  132.780532][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  132.978583][ T9639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1605'.
[  133.801076][ T9671] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1619'.
[  133.843466][ T9673] netlink: 'syz.1.1620': attribute type 2 has an invalid length.
[  133.879405][ T9675] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  134.321374][ T9695] netlink: 'syz.0.1630': attribute type 21 has an invalid length.
[  134.327405][ T9695] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1630'.
[  134.332157][ T9695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1630'.
[  134.384214][ T9697] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1631'.
[  134.592568][ T9701] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  134.824090][ T9725] netlink: 'syz.0.1643': attribute type 11 has an invalid length.
[  134.826938][ T9725] netlink: 'syz.0.1643': attribute type 4 has an invalid length.
[  134.829741][ T9725] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1643'.
[  135.135802][ T9753] syzkaller1: entered promiscuous mode
[  135.138278][ T9753] syzkaller1: entered allmulticast mode
[  135.150154][ T9753] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1657'.
[  135.155984][ T9753] netlink: 'syz.2.1657': attribute type 13 has an invalid length.
[  135.178628][ T9756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1658'.
[  135.235268][ T9760] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1660'.
[  135.439101][ T9776] batadv1: entered promiscuous mode
[  135.463989][ T9780] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1670'.
[  135.500469][ T9781] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  135.543634][ T9789] team_slave_1: Caught tx_queue_len zero misconfig
[  135.829317][ T9816] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1685'.
[  135.981055][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 60 seconds
[  135.985379][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 60 seconds
[  136.003339][ T9837] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1696'.
[  136.009378][ T9838] openvswitch: netlink: IP tunnel dst address not specified
[  136.079645][ T9845] netlink: 'syz.1.1700': attribute type 1 has an invalid length.
[  136.142555][ T9845] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  136.151081][   T12] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  136.151576][ T9845] 8021q: adding VLAN 0 to HW filter on device bond3
[  136.204919][ T9845] veth5: entered promiscuous mode
[  136.212560][ T9845] bond3: (slave veth5): Enslaving as a backup interface with a down link
[  136.228738][ T9845] bond0: (slave wlan1): Releasing backup interface
[  136.234727][ T9845] bond3: (slave ip6gretap1): Removing an active aggregator
[  136.238619][ T9845] bond3: (slave ip6gretap1): Releasing backup interface
[  136.241569][ T9845] bond3: (slave ip6gretap1): the permanent HWaddr of slave - ba:4f:4c:78:79:51 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  136.252124][ T9845] bond3: (slave veth5): Releasing backup interface
[  136.353478][ T9856] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input4
[  136.877816][ T9909] lo speed is unknown, defaulting to 1000
[  136.906992][ T9914] netlink: 'syz.1.1728': attribute type 1 has an invalid length.
[  137.359824][ T9941] vlan3: entered promiscuous mode
[  137.361919][ T9941] bridge0: entered promiscuous mode
[  137.374615][ T9941] bridge0: port 1(vlan3) entered blocking state
[  137.378056][ T9941] bridge0: port 1(vlan3) entered disabled state
[  137.383317][ T9941] vlan3: entered allmulticast mode
[  137.385030][ T9941] bridge0: entered allmulticast mode
[  137.395970][ T9941] vlan3: left allmulticast mode
[  137.397623][ T9941] bridge0: left allmulticast mode
[  137.711298][ T9963] netlink: 'syz.0.1750': attribute type 12 has an invalid length.
[  137.853509][ T9974] IPv6: Can't replace route, no match found
[  137.929872][ T9984] batadv2: entered promiscuous mode
[  137.932103][ T9984] batadv2: entered allmulticast mode
[  137.966284][ T9986] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check.
[  138.142172][T10005] netlink: 'syz.2.1769': attribute type 1 has an invalid length.
[  138.374497][T10026] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  138.432438][T10031] rdma_rxe: rxe_newlink: failed to add veth0_vlan
[  138.529108][T10040] netlink: 'syz.1.1785': attribute type 1 has an invalid length.
[  138.618950][T10046] bridge1: entered allmulticast mode
[  138.746885][T10055] atomic_op ffff888028e9c198 conn xmit_atomic 0000000000000000
[  139.796013][T10119] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  140.078519][T10123] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  140.932259][T10149] __nla_validate_parse: 15 callbacks suppressed
[  140.932273][T10149] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1835'.
[  141.210908][T10167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1842'.
[  141.215188][T10167] netlink: 348 bytes leftover after parsing attributes in process `syz.2.1842'.
[  141.219095][T10167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1842'.
[  141.222935][T10167] netlink: 348 bytes leftover after parsing attributes in process `syz.2.1842'.
[  141.228882][T10167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1842'.
[  141.338050][T10176] netlink: 'syz.0.1848': attribute type 7 has an invalid length.
[  141.341000][T10176] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1848'.
[  141.380348][T10179] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1849'.
[  141.421713][T10183] netlink: 'syz.0.1851': attribute type 1 has an invalid length.
[  141.454340][T10183] bond3: entered promiscuous mode
[  141.457112][T10183] 8021q: adding VLAN 0 to HW filter on device bond3
[  141.476770][T10183] 8021q: adding VLAN 0 to HW filter on device bond3
[  141.479613][T10183] bond3: (slave wireguard0): The slave device specified does not support setting the MAC address
[  141.485253][T10183] bond3: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  141.495889][T10183] bond3: (slave wireguard0): making interface the new active one
[  141.499261][T10183] wireguard0: entered promiscuous mode
[  141.506673][T10183] bond3: (slave wireguard0): Enslaving as an active interface with an up link
[  141.521750][T10183] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  141.525100][T10183] IPv6: NLM_F_CREATE should be set when creating new route
[  141.528266][T10183] IPv6: NLM_F_CREATE should be set when creating new route
[  141.537125][T10183] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  141.550429][T10183] bond3: (slave wireguard1): The slave device specified does not support setting the MAC address
[  141.562012][T10183] bond3: (slave wireguard1): Enslaving as a backup interface with an up link
[  141.566167][T10192] netlink: 404 bytes leftover after parsing attributes in process `syz.2.1854'.
[  141.577942][T10192] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1854'.
[  142.430860][T10259] bond0: Caught tx_queue_len zero misconfig
[  142.475886][T10265] netlink: 'syz.2.1890': attribute type 11 has an invalid length.
[  142.672720][T10277] vlan2: entered promiscuous mode
[  142.675196][T10277] macvtap0: entered promiscuous mode
[  142.789942][T10284] netlink: 'syz.2.1899': attribute type 1 has an invalid length.
[  143.414168][T10324] tun0: tun_chr_ioctl cmd 1074025672
[  143.416766][T10324] tun0: ignored: set checksum disabled
[  143.566180][T10328] sctp: [Deprecated]: syz.1.1919 (pid 10328) Use of struct sctp_assoc_value in delayed_ack socket option.
[  143.566180][T10328] Use struct sctp_sack_info instead
[  143.737787][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.747682][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.156289][T10377] syzkaller1: entered promiscuous mode
[  144.158738][T10377] syzkaller1: entered allmulticast mode
[  144.352692][T10400] netlink: 'syz.0.1934': attribute type 20 has an invalid length.
[  144.358052][T10400] netlink: 'syz.0.1934': attribute type 20 has an invalid length.
[  144.682364][T10442] batman_adv: batadv0: Adding interface: dummy0
[  144.686271][T10442] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.697227][T10442] batman_adv: batadv0: Interface activated: dummy0
[  144.706910][T10442] batadv0: mtu less than device minimum
[  144.709636][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.713854][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.718894][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.724239][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.729564][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.734979][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.740408][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.745796][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  144.750887][T10442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  145.413005][T10511] 8021q: VLANs not supported on bond0
[  145.647233][T10526] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  145.991137][T10547] siw: device registration error -23
[  145.998087][T10551] mac80211_hwsim hwsim4 syzkaller0: Caught tx_queue_len zero misconfig
[  146.333348][T10583] batadv_slave_1: entered promiscuous mode
[  146.338545][T10580] batadv_slave_1: left promiscuous mode
[  146.388473][T10591] __nla_validate_parse: 18 callbacks suppressed
[  146.388483][T10591] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2002'.
[  147.307039][T10681] netlink: 'syz.2.2044': attribute type 8 has an invalid length.
[  147.442920][T10686] lo speed is unknown, defaulting to 1000
[  147.881043][T10703] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2053'.
[  147.884584][T10703] netlink: 'syz.0.2053': attribute type 1 has an invalid length.
[  147.932686][T10702] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2053'.
[  148.016275][T10709] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2056'.
[  148.019979][T10709] netlink: 'syz.1.2056': attribute type 7 has an invalid length.
[  148.026866][T10709] netlink: 'syz.1.2056': attribute type 8 has an invalid length.
[  148.031004][T10709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2056'.
[  148.035818][T10707] netlink: 'syz.0.2055': attribute type 1 has an invalid length.
[  148.042103][T10709] syz_tun: entered promiscuous mode
[  148.044884][T10709] batadv_slave_1: entered promiscuous mode
[  148.047636][T10709] erspan0: entered promiscuous mode
[  148.050594][T10709] debugfs: 'hsr1' already exists in 'hsr'
[  148.055781][T10709] Cannot create hsr debugfs directory
[  148.058289][T10709] hsr1: Slave A (syz_tun) is not up; please bring it up to get a fully working HSR network
[  148.062746][T10709] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network
[  148.067608][T10709] hsr1: Interlink (erspan0) is not up; please bring it up to get a fully working HSR network
[  148.127112][T10711] bond4: (slave gretap1): making interface the new active one
[  148.130576][T10711] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  149.560810][T10765] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  149.727359][T10778] netlink: 'syz.0.2087': attribute type 1 has an invalid length.
[  149.891289][T10790] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2091'.
[  149.906594][T10790] macvtap2: entered promiscuous mode
[  149.908965][T10790] vlan0: entered promiscuous mode
[  149.911924][T10790] macvtap2: entered allmulticast mode
[  149.914654][T10790] vlan0: entered allmulticast mode
[  149.916925][T10790] veth0_vlan: entered allmulticast mode
[  149.932017][T10790] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2091'.
[  149.951995][T10790] macvtap3: entered promiscuous mode
[  149.956952][T10790] macvtap3: entered allmulticast mode
[  150.633685][T10817] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  150.648424][T10817] bond0: (slave bond_slave_0): Releasing backup interface
[  150.654063][T10817] bond0: (slave bond_slave_1): Releasing backup interface
[  150.659844][T10817] team0: Port device team_slave_0 removed
[  150.672063][T10817] team0: Port device team_slave_1 removed
[  150.674699][T10817] batman_adv: batadv0: Removing interface: batadv_slave_0
[  150.681604][T10817] batman_adv: batadv0: Removing interface: batadv_slave_1
[  150.687072][T10817] bond0: (slave bond1): Releasing backup interface
[  150.695142][T10817] bond3: (slave wireguard0): Releasing backup interface
[  150.698012][T10817] wireguard0: left promiscuous mode
[  150.700362][T10817] bond3: (slave wireguard1): making interface the new active one
[  150.705537][T10817] wireguard1: entered promiscuous mode
[  150.714635][T10817] bond3: (slave wireguard1): Releasing backup interface
[  150.717719][T10817] wireguard1: left promiscuous mode
[  150.745179][T10817] bond4: (slave gretap1): Releasing active interface
[  150.751924][T10826] netlink: 'syz.0.2105': attribute type 10 has an invalid length.
[  150.758986][T10826] mac80211_hwsim hwsim7 wlan1: left allmulticast mode
[  150.767252][T10826] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.775728][T10826] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  150.808839][T10817] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  150.812470][T10817] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  150.897150][T10839] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2114'.
[  151.095734][T10854] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2121'.
[  151.186642][T10864] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2126'.
[  151.238306][T10868] net_ratelimit: 13 callbacks suppressed
[  151.238320][T10868] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  152.138418][T10903] __nla_validate_parse: 1 callbacks suppressed
[  152.138430][T10903] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2145'.
[  152.796100][T10926] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2154'.
[  152.801756][T10926] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  153.085778][T10950] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2165'.
[  153.140869][T10956] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  153.148537][T10956] syzkaller0: entered promiscuous mode
[  153.150719][T10956] syzkaller0: entered allmulticast mode
[  153.157966][T10956] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  153.402881][T10956] tipc: Resetting bearer <eth:syzkaller0>
[  153.409787][T10955] tipc: Resetting bearer <eth:syzkaller0>
[  153.421230][T10955] tipc: Disabling bearer <eth:syzkaller0>
[  153.758702][T10990] lo speed is unknown, defaulting to 1000
[  153.807699][T10992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2184'.
[  154.522870][T11003] netlink: 'syz.0.2188': attribute type 1 has an invalid length.
[  154.527715][T11003] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2188'.
[  154.679398][T11021] netlink: 'syz.2.2196': attribute type 10 has an invalid length.
[  155.472476][T11047] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2207'.
[  155.480377][T11047] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2207'.
[  155.489673][T11047] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  155.498389][T11047] gretap2: entered promiscuous mode
[  155.500634][T11047] gretap2: entered allmulticast mode
[  155.990855][T11094] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2230'.
[  156.082166][T11106] ipvlan0: entered promiscuous mode
[  156.126863][T11111] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[  156.146163][T11113] netlink: 'syz.0.2237': attribute type 2 has an invalid length.
[  156.149659][T11113] netlink: 4856 bytes leftover after parsing attributes in process `syz.0.2237'.
[  156.783253][   T55] Bluetooth: hci2: command 0x0405 tx timeout
[  157.282878][T11157] : entered promiscuous mode
[  157.367088][T11161] lo speed is unknown, defaulting to 1000
[  157.533425][T11180] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2268'.
[  157.580317][T11186] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  157.652652][T11186] batman_adv: batadv0: Interface deactivated: dummy0
[  157.906495][  T792] syz1: Port: 1 Link DOWN
[  157.908727][ T6315] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  157.912018][ T6315] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  157.922113][ T6315] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  157.925715][ T6315] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.036340][T11218] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  158.078475][T11223] netlink: 'syz.2.2289': attribute type 10 has an invalid length.
[  158.269596][T11240] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2297'.
[  158.524143][T11266] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2310'.
[  158.872694][T11303] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2328'.
[  159.250231][T11353] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2351'.
[  159.357097][T11357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2353'.
[  160.125892][T11395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2370'.
[  160.266856][T11406] syzkaller0: entered promiscuous mode
[  160.268826][T11406] syzkaller0: entered allmulticast mode
[  160.408913][T11413] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2377'.
[  160.412103][T11413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2377'.
[  160.416235][T11413] netlink: 'syz.1.2377': attribute type 12 has an invalid length.
[  160.728559][T11425] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2382'.
[  161.518854][T11469] lo speed is unknown, defaulting to 1000
[  162.337183][T11521] !: renamed from dummy0 (while UP)
[  162.355175][T11521] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  162.367479][T11521] lo speed is unknown, defaulting to 1000
[  162.689107][T11527] __nla_validate_parse: 3 callbacks suppressed
[  162.689120][T11527] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2428'.
[  162.948262][T11553] netlink: 'syz.0.2434': attribute type 11 has an invalid length.
[  163.069264][T11569] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.232780][T11577] pimreg: entered allmulticast mode
[  163.239053][T11576] pimreg: left allmulticast mode
[  163.277498][T11588] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  163.526772][T11620] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2468'.
[  163.530642][T11620] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2468'.
[  163.535805][T11620] netlink: 124 bytes leftover after parsing attributes in process `syz.2.2468'.
[  163.750907][T11647] xt_limit: Overflow, try lower: 604147548/4200216962
[  163.781178][T11649] netlink: 45 bytes leftover after parsing attributes in process `syz.0.2478'.
[  163.784924][T11651] netlink: 'syz.2.2479': attribute type 23 has an invalid length.
[  164.026982][T11673] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (6)
[  164.182654][T11681] sctp: [Deprecated]: syz.1.2493 (pid 11681) Use of struct sctp_assoc_value in delayed_ack socket option.
[  164.182654][T11681] Use struct sctp_sack_info instead
[  164.651371][T11722] geneve0: entered allmulticast mode
[  165.470865][T11741] sctp: [Deprecated]: syz.1.2520 (pid 11741) Use of int in max_burst socket option.
[  165.470865][T11741] Use struct sctp_assoc_value instead
[  165.837878][T11774] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  165.894890][T11779] ip6tnl0: Caught tx_queue_len zero misconfig
[  166.054451][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 90 seconds
[  166.058070][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 90 seconds
[  166.125618][T11801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2547'.
[  166.129454][T11801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2547'.
[  166.698025][T11831] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  166.865700][T11845] ieee802154 phy1 wpan1: encryption failed: -22
[  166.947503][T11851] netlink: 'syz.0.2570': attribute type 12 has an invalid length.
[  167.333780][T11876] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2580'.
[  167.368289][T11876] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2580'.
[  167.388968][T11882] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input5
[  167.559896][T11897] 8021q: adding VLAN 0 to HW filter on device bond4
[  167.658167][T11908] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.2594'.
[  167.665010][T11907] netlink: 'syz.1.2595': attribute type 1 has an invalid length.
[  167.672435][T11907] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  167.741637][T11914] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2597'.
[  167.750540][T11914] batadv0: entered promiscuous mode
[  167.755069][T11914] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  167.759440][T11914] batadv0: left promiscuous mode
[  167.897671][T11926] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2604'.
[  168.031113][T11934] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2609'.
[  168.034595][T11934] netem: unknown loss type 12
[  168.036821][T11934] netem: change failed
[  168.097886][T11940] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2611'.
[  168.174692][T11943] lo speed is unknown, defaulting to 1000
[  169.057280][T11962] nftables ruleset with unbound set
[  169.558843][T11981] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.2628'.
[  169.639733][T11983] lo speed is unknown, defaulting to 1000
[  169.842805][T11984] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2629'.
[  169.850495][T11984] netlink: 'syz.1.2629': attribute type 13 has an invalid length.
[  169.853993][T11984] netlink: 'syz.1.2629': attribute type 17 has an invalid length.
[  169.874046][T11984] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.877089][T11984] 8021q: adding VLAN 0 to HW filter on device team0
[  169.882536][T11984] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  170.192068][T12001] netlink: 'syz.1.2636': attribute type 1 has an invalid length.
[  170.317383][T12003] veth5: left promiscuous mode
[  170.382734][T12004] lo speed is unknown, defaulting to 1000
[  170.892214][T12021] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2643'.
[  170.942128][T12023] syzkaller1: entered promiscuous mode
[  170.952206][T12023] syzkaller1: entered allmulticast mode
[  171.831162][T12073] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2667'.
[  172.580708][T12097] netlink: 'syz.1.2674': attribute type 1 has an invalid length.
[  172.588047][T12097] netlink: 'syz.1.2674': attribute type 1 has an invalid length.
[  172.596064][T12097] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2674'.
[  172.705562][T12109] nbd: must specify a size in bytes for the device
[  172.801428][T12115] netlink: 'syz.1.2683': attribute type 1 has an invalid length.
[  172.806813][T12115] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2683'.
[  172.810137][T12115] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2683'.
[  172.965062][T12126] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2688'.
[  173.139066][T12151] netlink: 'syz.1.2699': attribute type 11 has an invalid length.
[  173.142443][T12151] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2699'.
[  173.190555][T12153] netlink: 'syz.0.2701': attribute type 3 has an invalid length.
[  173.206930][T12157] netlink: 'syz.2.2702': attribute type 1 has an invalid length.
[  173.239409][T12157] bond5: (slave bridge8): making interface the new active one
[  173.242943][T12157] bond5: (slave bridge8): Enslaving as an active interface with an up link
[  173.408445][T12177] geneve1: Caught tx_queue_len zero misconfig
[  173.422818][T12179] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  173.426639][T12177] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2712'.
[  173.521220][T12191] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2719'.
[  173.524589][T12191] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2719'.
[  173.559153][T12193] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2720'.
[  174.051800][T12234] netlink: 172 bytes leftover after parsing attributes in process `syz.0.2737'.
[  174.320422][T12258] bond0 (unregistering): Released all slaves
[  174.638091][T12256] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  174.641530][T12256] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  174.646458][T12280] netlink: 'syz.2.2756': attribute type 1 has an invalid length.
[  174.649703][T12280] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2756'.
[  175.377471][   T57] block nbd1: Receive control failed (result -107)
[  175.734066][T12300] nbd1: detected capacity change from 0 to 32
[  175.782217][T12314] openvswitch: netlink: Message has 16 unknown bytes.
[  175.817066][T12318] unsupported nlmsg_type 40
[  176.117626][T12346] netlink: 'syz.1.2788': attribute type 13 has an invalid length.
[  176.121214][T12346] netlink: 'syz.1.2788': attribute type 17 has an invalid length.
[  176.158627][T12346] 8021q: adding VLAN 0 to HW filter on device team0
[  176.166057][T12346] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  176.200981][T12349] lo speed is unknown, defaulting to 1000
[  176.259389][T12353] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  176.789262][T12371] 8021q: adding VLAN 0 to HW filter on device bond6
[  176.819570][T12371] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  176.825706][T12371] bond6: (slave macvlan2): Enslaving as a backup interface with a down link
[  176.844442][T12371] batman_adv: batadv0: Removing interface: dummy0
[  176.858590][T12371] bond5: (slave bridge8): Releasing active interface
[  176.880378][T12371] bond6: (slave macvlan2): Releasing backup interface
[  176.971344][T12383] lo speed is unknown, defaulting to 1000
[  177.404112][T12407] vti0: entered promiscuous mode
[  177.699772][T12419] macsec0: entered allmulticast mode
[  177.791433][T12427] netlink: 'syz.1.2822': attribute type 4 has an invalid length.
[  177.815413][T12427] netlink: 'syz.1.2822': attribute type 4 has an invalid length.
[  178.202968][T12458] __nla_validate_parse: 6 callbacks suppressed
[  178.202981][T12458] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2833'.
[  178.391033][T12477] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.2845'.
[  179.156371][T12528] netlink: 'syz.2.2868': attribute type 12 has an invalid length.
[  179.205906][T12534] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2871'.
[  179.247753][T12538] netlink: 'syz.2.2873': attribute type 1 has an invalid length.
[  179.250935][T12538] netlink: 'syz.2.2873': attribute type 2 has an invalid length.
[  179.257088][T12540] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  179.307469][T12544] vxcan1 speed is unknown, defaulting to 1000
[  179.312045][T12544] vxcan1 speed is unknown, defaulting to 1000
[  179.319182][T12544] vxcan1 speed is unknown, defaulting to 1000
[  179.338634][T12548] netlink: 'syz.1.2878': attribute type 1 has an invalid length.
[  179.539012][T12544] infiniband syz2: set down
[  179.540951][   T52] vxcan1 speed is unknown, defaulting to 1000
[  179.553220][T12544] infiniband syz2: added vxcan1
[  179.594538][T12544] RDS/IB: syz2: added
[  179.596228][T12544] smc: adding ib device syz2 with port count 1
[  179.598759][T12544] smc:    ib device syz2 port 1 has no pnetid
[  179.601335][   T52] vxcan1 speed is unknown, defaulting to 1000
[  179.621837][T12544] vxcan1 speed is unknown, defaulting to 1000
[  179.669950][T12575] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2891'.
[  179.864264][T12544] vxcan1 speed is unknown, defaulting to 1000
[  179.936886][T12596] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2901'.
[  180.022241][T12544] vxcan1 speed is unknown, defaulting to 1000
[  180.075256][T12607] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2907'.
[  180.146501][T12614] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2910'.
[  180.439308][T12637] vlan0 (unregistering): left allmulticast mode
[  180.441380][T12637] veth0_vlan (unregistering): left allmulticast mode
[  180.444109][T12637] vlan0 (unregistering): left promiscuous mode
[  180.557637][T12641] batadv_slave_0: entered promiscuous mode
[  180.576477][T12640] batadv_slave_0: left promiscuous mode
[  180.660898][T12647] netlink: 'syz.1.2924': attribute type 5 has an invalid length.
[  181.243357][   T12] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  181.940003][T12688] lo speed is unknown, defaulting to 1000
[  182.154460][T12688] vxcan1 speed is unknown, defaulting to 1000
[  182.357590][T12702] netlink: 'syz.1.2939': attribute type 6 has an invalid length.
[  182.572705][T12721] netlink: 'syz.2.2953': attribute type 5 has an invalid length.
[  183.635623][T12744] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2964'.
[  183.726152][T12750] veth0_to_bridge: entered promiscuous mode
[  183.729351][T12749] veth0_to_bridge: left promiscuous mode
[  183.803197][T12753] netlink: 'syz.2.2969': attribute type 1 has an invalid length.
[  184.757930][T12788] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2984'.
[  184.889298][T12797] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2989'.
[  184.899775][T12793] lo speed is unknown, defaulting to 1000
[  184.940863][T12800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2987'.
[  185.099794][T12793] vxcan1 speed is unknown, defaulting to 1000
[  185.292798][T12824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3002'.
[  185.352918][T12829] netlink: 664 bytes leftover after parsing attributes in process `syz.2.3004'.
[  185.360615][T12829] netlink: 664 bytes leftover after parsing attributes in process `syz.2.3004'.
[  185.701720][T12851] netlink: 'syz.0.3014': attribute type 1 has an invalid length.
[  185.770636][T12859] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3018'.
[  185.871537][T12867] syzkaller1: entered promiscuous mode
[  185.873758][T12867] syzkaller1: entered allmulticast mode
[  185.877651][T12867] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324
[  186.053323][ T5868] Bluetooth: hci1: command 0x0406 tx timeout
[  186.577069][T12889] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  186.655879][T12891] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3030'.
[  186.660860][T12891] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3030'.
[  186.816720][T12897] lo speed is unknown, defaulting to 1000
[  186.987267][T12897] vxcan1 speed is unknown, defaulting to 1000
[  187.322084][T12919] netlink: 'syz.2.3043': attribute type 4 has an invalid length.
[  188.782984][T12969] lo speed is unknown, defaulting to 1000
[  188.898872][T12981] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  188.996138][T12969] vxcan1 speed is unknown, defaulting to 1000
[  189.481971][T13042] __nla_validate_parse: 5 callbacks suppressed
[  189.481985][T13042] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3097'.
[  189.498169][T13048] tipc: Failed to remove unknown binding: 66,1,1/0:3472039559/3472039561
[  189.548583][T13042] nbd: socks must be embedded in a SOCK_ITEM attr
[  190.048121][T13095] netlink: 'syz.2.3119': attribute type 8 has an invalid length.
[  190.945068][T13169] nftables ruleset with unbound chain
[  191.106200][T13186] syzkaller1: entered promiscuous mode
[  191.108078][T13186] syzkaller1: entered allmulticast mode
[  191.310965][T13205] lo: Caught tx_queue_len zero misconfig
[  191.352383][T13210] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3174'.
[  191.639645][T13253] C`: renamed from lo
[  191.651239][T13253] A link change request failed with some changes committed already. Interface C` may have been left with an inconsistent configuration, please check.
[  191.927030][T13287] gtp0: entered promiscuous mode
[  191.928935][T13287] gtp0: entered allmulticast mode
[  191.985768][T13294] netlink: 'syz.1.3215': attribute type 3 has an invalid length.
[  192.041531][T13301] netlink: 'syz.1.3219': attribute type 17 has an invalid length.
[  192.046420][T13301] A link change request failed with some changes committed already. Interface C` may have been left with an inconsistent configuration, please check.
[  192.140801][T13315] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3224'.
[  192.464904][T13352] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3237'.
[  192.611406][T13363] netlink: 1 bytes leftover after parsing attributes in process `syz.0.3244'.
[  192.719339][T13373] batadv0: entered promiscuous mode
[  192.781105][T13377] IPVS: length: 91191230 != 8
[  192.846673][T13381] netlink: 'syz.1.3253': attribute type 1 has an invalid length.
[  192.857941][T13381] bond4: (slave vcan1): The slave device specified does not support setting the MAC address
[  192.862384][T13381] bond4: (slave vcan1): Error -95 calling set_mac_address
[  192.907961][T13391] bond4: (slave vcan1): The slave device specified does not support setting the MAC address
[  192.912984][T13392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3257'.
[  192.914580][T13391] bond4: (slave vcan1): Error -95 calling set_mac_address
[  192.957896][T13381] 8021q: adding VLAN 0 to HW filter on device bond4
[  194.046246][T13484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3300'.
[  194.065586][T13486] netlink: 'syz.2.3301': attribute type 1 has an invalid length.
[  194.070264][T13486] netlink: 172 bytes leftover after parsing attributes in process `syz.2.3301'.
[  194.196505][T13488] nbd2: detected capacity change from 0 to 549764202496
[  194.202424][   T57] block nbd2: Receive control failed (result -32)
[  194.218338][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  194.265859][T13502] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode broadcast(3)
[  194.299016][T13504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3311'.
[  194.302985][T13504] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3311'.
[  194.308672][T13504] netlink: 'syz.2.3311': attribute type 6 has an invalid length.
[  194.327146][T13508] batadv_slave_0: entered promiscuous mode
[  194.341488][T13507] batadv_slave_0: left promiscuous mode
[  194.376113][T13512] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551615)
[  194.383267][T13512] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647
[  194.561773][T13535] netlink: 'syz.2.3324': attribute type 1 has an invalid length.
[  194.565707][T13535] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3324'.
[  194.625932][T13541] netlink: 'syz.1.3326': attribute type 12 has an invalid length.
[  194.703224][T13545] netlink: 'syz.2.3328': attribute type 2 has an invalid length.
[  194.735935][T13547] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3330'.
[  194.744656][T13547] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  194.954366][T13571] nbd3: detected capacity change from 0 to 127
[  194.961680][   T57] block nbd3: Receive control failed (result -32)
[  195.021673][T13585] Unsupported ieee802154 address type: 0
[  195.135261][T13594] netlink: 'syz.1.3352': attribute type 1 has an invalid length.
[  195.141509][T13594] netlink: 'syz.1.3352': attribute type 1 has an invalid length.
[  195.145282][T13594] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3352'.
[  195.149281][T13594] block nbd4: shutting down sockets
[  195.439624][T13622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3366'.
[  195.664989][T13645] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3377'.
[  195.668786][T13645] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3377'.
[  195.672518][T13645] netlink: 31 bytes leftover after parsing attributes in process `syz.0.3377'.
[  195.676660][T13645] netlink: 'syz.0.3377': attribute type 3 has an invalid length.
[  195.680134][T13645] netlink: 'syz.0.3377': attribute type 2 has an invalid length.
[  195.685355][T13645] netlink: 31 bytes leftover after parsing attributes in process `syz.0.3377'.
[  195.689940][T13645] netlink: 'syz.0.3377': attribute type 2 has an invalid length.
[  195.937210][T13657] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3382'.
[  195.941093][T13657] netlink: 'syz.0.3382': attribute type 20 has an invalid length.
[  195.945642][T13657] netlink: 'syz.0.3382': attribute type 21 has an invalid length.
[  196.137808][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 120 seconds
[  196.142689][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 120 seconds
[  196.147832][T13666] netlink: 176 bytes leftover after parsing attributes in process `syz.0.3386'.
[  197.099080][T13708] syz_tun (unregistering): left promiscuous mode
[  197.142942][T13714] lo speed is unknown, defaulting to 1000
[  197.352887][T13714] vxcan1 speed is unknown, defaulting to 1000
[  197.621822][T13753] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.630886][T13753] 8021q: adding VLAN 0 to HW filter on device team0
[  197.634655][T13753] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  199.513356][T13809] netlink: 'syz.0.3447': attribute type 2 has an invalid length.
[  199.522061][T13809] k*]: entered promiscuous mode
[  199.590527][T13813] __nla_validate_parse: 8 callbacks suppressed
[  199.590541][T13813] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3449'.
[  200.038201][   T33] audit: type=1804 audit(1757440993.408:5): pid=13841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3462" name="/newroot/1221/cgroup.controllers" dev="tmpfs" ino=6168 res=1 errno=0
[  200.050955][   T33] audit: type=1800 audit(1757440993.408:6): pid=13841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3462" name="cgroup.controllers" dev="tmpfs" ino=6168 res=0 errno=0
[  201.258803][T13854] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3467'.
[  213.335589][ T5868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  213.339373][ T5868] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  213.342962][ T5868] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  213.347220][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  213.350876][ T5868] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  213.382762][T13863] lo speed is unknown, defaulting to 1000
[  213.460771][T13863] vxcan1 speed is unknown, defaulting to 1000
[  213.603530][T13863] chnl_net:caif_netlink_parms(): no params data found
[  213.650181][T13863] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.652499][T13863] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.654901][T13863] bridge_slave_0: entered allmulticast mode
[  213.657627][T13863] bridge_slave_0: entered promiscuous mode
[  213.661363][T13863] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.663867][T13863] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.666209][T13863] bridge_slave_1: entered allmulticast mode
[  213.669116][T13863] bridge_slave_1: entered promiscuous mode
[  213.689125][T13863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.693947][T13863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.716032][T13863] team0: Port device team_slave_0 added
[  213.719669][T13863] team0: Port device team_slave_1 added
[  213.738226][T13863] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.740579][T13863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.749826][T13863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.755297][T13863] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.757621][T13863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.766004][T13863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.792241][T13863] hsr_slave_0: entered promiscuous mode
[  213.795038][T13863] hsr_slave_1: entered promiscuous mode
[  213.797300][T13863] debugfs: 'hsr0' already exists in 'hsr'
[  213.799278][T13863] Cannot create hsr debugfs directory
[  214.329910][   T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  214.336013][   T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  214.338867][   T55] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  214.341939][   T55] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  214.345197][   T55] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  214.370570][T13872] lo speed is unknown, defaulting to 1000
[  214.462433][T13872] vxcan1 speed is unknown, defaulting to 1000
[  214.701359][T13872] chnl_net:caif_netlink_parms(): no params data found
[  214.759034][T13872] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.762127][T13872] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.765690][T13872] bridge_slave_0: entered allmulticast mode
[  214.769539][T13872] bridge_slave_0: entered promiscuous mode
[  214.774570][T13872] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.777605][T13872] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.780813][T13872] bridge_slave_1: entered allmulticast mode
[  214.785269][T13872] bridge_slave_1: entered promiscuous mode
[  214.813477][T13872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.817973][T13872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.837185][T13872] team0: Port device team_slave_0 added
[  214.840537][T13872] team0: Port device team_slave_1 added
[  214.857966][T13872] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.860422][T13872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.869978][T13872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.875001][T13872] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.877218][T13872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.885612][T13872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  214.912854][T13872] hsr_slave_0: entered promiscuous mode
[  214.915417][T13872] hsr_slave_1: entered promiscuous mode
[  214.917518][T13872] debugfs: 'hsr0' already exists in 'hsr'
[  214.919364][T13872] Cannot create hsr debugfs directory
[  215.413470][   T55] Bluetooth: hci3: command tx timeout
[  216.373299][   T55] Bluetooth: hci4: command tx timeout
[  217.338893][ T5868] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  217.342500][ T5868] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  217.348076][ T5868] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  217.351344][ T5868] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  217.354434][ T5868] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  217.375400][T13881] lo speed is unknown, defaulting to 1000
[  217.466315][T13881] vxcan1 speed is unknown, defaulting to 1000
[  217.493551][ T5868] Bluetooth: hci3: command tx timeout
[  217.666451][T13881] chnl_net:caif_netlink_parms(): no params data found
[  217.717843][T13881] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.720453][T13881] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.723451][T13881] bridge_slave_0: entered allmulticast mode
[  217.726323][T13881] bridge_slave_0: entered promiscuous mode
[  217.729840][T13881] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.732285][T13881] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.735074][T13881] bridge_slave_1: entered allmulticast mode
[  217.737886][T13881] bridge_slave_1: entered promiscuous mode
[  217.758581][T13881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.763501][T13881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.781386][T13881] team0: Port device team_slave_0 added
[  217.784938][T13881] team0: Port device team_slave_1 added
[  217.800863][T13881] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.803720][T13881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.812266][T13881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.817062][T13881] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.819593][T13881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.828509][T13881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.855358][T13881] hsr_slave_0: entered promiscuous mode
[  217.857668][T13881] hsr_slave_1: entered promiscuous mode
[  217.860394][T13881] debugfs: 'hsr0' already exists in 'hsr'
[  217.862304][T13881] Cannot create hsr debugfs directory
[  218.463390][ T5868] Bluetooth: hci4: command tx timeout
[  219.413308][ T5868] Bluetooth: hci5: command tx timeout
[  219.573288][ T5868] Bluetooth: hci3: command tx timeout
[  220.533382][ T5868] Bluetooth: hci4: command tx timeout
[  221.493734][ T5868] Bluetooth: hci5: command tx timeout
[  221.653382][ T5868] Bluetooth: hci3: command tx timeout
[  222.613341][ T5868] Bluetooth: hci4: command tx timeout
[  223.573360][ T5868] Bluetooth: hci5: command tx timeout
[  225.653316][ T5868] Bluetooth: hci5: command tx timeout
[  226.214413][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 150 seconds
[  226.218952][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 150 seconds
[  255.657114][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  256.293588][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 180 seconds
[  256.297667][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 180 seconds
[  274.393617][   T55] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  274.398224][   T55] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  274.401672][   T55] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  274.410222][   T55] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  274.414155][   T55] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  274.440475][T13894] lo speed is unknown, defaulting to 1000
[  274.526515][T13894] vxcan1 speed is unknown, defaulting to 1000
[  274.695317][T13894] chnl_net:caif_netlink_parms(): no params data found
[  274.740035][T13894] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.742891][T13894] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.746050][T13894] bridge_slave_0: entered allmulticast mode
[  274.748908][T13894] bridge_slave_0: entered promiscuous mode
[  274.752438][T13894] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.755437][T13894] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.758450][T13894] bridge_slave_1: entered allmulticast mode
[  274.762064][T13894] bridge_slave_1: entered promiscuous mode
[  274.780905][T13894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.786346][T13894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.804250][T13894] team0: Port device team_slave_0 added
[  274.807956][T13894] team0: Port device team_slave_1 added
[  274.827279][T13894] batman_adv: batadv0: Adding interface: batadv_slave_0
[  274.829595][T13894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.838760][T13894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  274.843342][T13894] batman_adv: batadv0: Adding interface: batadv_slave_1
[  274.845790][T13894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.855138][T13894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  274.880191][T13894] hsr_slave_0: entered promiscuous mode
[  274.882925][T13894] hsr_slave_1: entered promiscuous mode
[  274.885557][T13894] debugfs: 'hsr0' already exists in 'hsr'
[  274.887726][T13894] Cannot create hsr debugfs directory
[  275.417323][ T5868] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  275.421293][ T5868] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  275.425269][ T5868] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  275.429569][ T5868] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  275.434724][ T5868] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  275.461277][T13903] lo speed is unknown, defaulting to 1000
[  275.603358][T13903] vxcan1 speed is unknown, defaulting to 1000
[  275.887077][T13903] chnl_net:caif_netlink_parms(): no params data found
[  275.959544][T13903] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.962509][T13903] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.965485][T13903] bridge_slave_0: entered allmulticast mode
[  275.970737][T13903] bridge_slave_0: entered promiscuous mode
[  275.974322][T13903] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.977095][T13903] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.979554][T13903] bridge_slave_1: entered allmulticast mode
[  275.982664][T13903] bridge_slave_1: entered promiscuous mode
[  276.005146][T13903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  276.010273][T13903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  276.030752][T13903] team0: Port device team_slave_0 added
[  276.034959][T13903] team0: Port device team_slave_1 added
[  276.053821][T13903] batman_adv: batadv0: Adding interface: batadv_slave_0
[  276.056392][T13903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.066868][T13903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  276.071704][T13903] batman_adv: batadv0: Adding interface: batadv_slave_1
[  276.074391][T13903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.082928][T13903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  276.110481][T13903] hsr_slave_0: entered promiscuous mode
[  276.112827][T13903] hsr_slave_1: entered promiscuous mode
[  276.115613][T13903] debugfs: 'hsr0' already exists in 'hsr'
[  276.117823][T13903] Cannot create hsr debugfs directory
[  276.453410][ T5868] Bluetooth: hci6: command tx timeout
[  277.493531][ T5868] Bluetooth: hci7: command tx timeout
[  278.409763][   T55] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  278.412983][   T55] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  278.416640][   T55] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  278.420047][   T55] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  278.428514][   T55] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  278.458809][T13912] lo speed is unknown, defaulting to 1000
[  278.533359][ T5868] Bluetooth: hci6: command tx timeout
[  278.574868][T13912] vxcan1 speed is unknown, defaulting to 1000
[  278.780110][T13912] chnl_net:caif_netlink_parms(): no params data found
[  278.824131][T13912] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.826605][T13912] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.829054][T13912] bridge_slave_0: entered allmulticast mode
[  278.831817][T13912] bridge_slave_0: entered promiscuous mode
[  278.835565][T13912] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.838023][T13912] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.840640][T13912] bridge_slave_1: entered allmulticast mode
[  278.843955][T13912] bridge_slave_1: entered promiscuous mode
[  278.863594][T13912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.871139][T13912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.894158][T13912] team0: Port device team_slave_0 added
[  278.898436][T13912] team0: Port device team_slave_1 added
[  278.923671][T13912] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.926149][T13912] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.938158][T13912] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.942743][T13912] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.945420][T13912] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.955042][T13912] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.980230][T13912] hsr_slave_0: entered promiscuous mode
[  278.982573][T13912] hsr_slave_1: entered promiscuous mode
[  278.984973][T13912] debugfs: 'hsr0' already exists in 'hsr'
[  278.986966][T13912] Cannot create hsr debugfs directory
[  279.573375][ T5868] Bluetooth: hci7: command tx timeout
[  280.463554][ T5868] Bluetooth: hci8: command tx timeout
[  280.613344][ T5868] Bluetooth: hci6: command tx timeout
[  281.653436][ T5868] Bluetooth: hci7: command tx timeout
[  282.533518][ T5868] Bluetooth: hci8: command tx timeout
[  282.693382][ T5868] Bluetooth: hci6: command tx timeout
[  283.733802][ T5868] Bluetooth: hci7: command tx timeout
[  284.623628][ T5868] Bluetooth: hci8: command tx timeout
[  286.376913][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 210 seconds
[  286.381531][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 210 seconds
[  286.693533][ T5868] Bluetooth: hci8: command tx timeout
[  303.813369][   T55] Bluetooth: hci2: command 0x0405 tx timeout
[  316.461508][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 240 seconds
[  316.466409][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 240 seconds
[  317.095406][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  335.399541][   T55] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  335.402695][   T55] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  335.406421][   T55] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  335.409625][   T55] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  335.412518][   T55] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  335.439998][T13921] lo speed is unknown, defaulting to 1000
[  335.561776][T13921] vxcan1 speed is unknown, defaulting to 1000
[  335.754984][T13921] chnl_net:caif_netlink_parms(): no params data found
[  335.835529][T13921] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.838703][T13921] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.841922][T13921] bridge_slave_0: entered allmulticast mode
[  335.846385][T13921] bridge_slave_0: entered promiscuous mode
[  335.851392][T13921] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.854846][T13921] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.858261][T13921] bridge_slave_1: entered allmulticast mode
[  335.862148][T13921] bridge_slave_1: entered promiscuous mode
[  335.895455][T13921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  335.902126][T13921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  335.931973][T13921] team0: Port device team_slave_0 added
[  335.936301][T13921] team0: Port device team_slave_1 added
[  335.955284][T13921] batman_adv: batadv0: Adding interface: batadv_slave_0
[  335.957752][T13921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.972434][T13921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.979196][T13921] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.982057][T13921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.998629][T13921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.051370][T13921] hsr_slave_0: entered promiscuous mode
[  336.055290][T13921] hsr_slave_1: entered promiscuous mode
[  336.058277][T13921] debugfs: 'hsr0' already exists in 'hsr'
[  336.060632][T13921] Cannot create hsr debugfs directory
[  336.388821][ T5868] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  336.392898][ T5868] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  336.399044][ T5868] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  336.404434][ T5868] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  336.408883][ T5868] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  336.489437][T13930] lo speed is unknown, defaulting to 1000
[  336.638422][T13930] vxcan1 speed is unknown, defaulting to 1000
[  336.896200][T13930] chnl_net:caif_netlink_parms(): no params data found
[  336.951384][T13930] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.954363][T13930] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.957164][T13930] bridge_slave_0: entered allmulticast mode
[  336.960778][T13930] bridge_slave_0: entered promiscuous mode
[  336.965142][T13930] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.967992][T13930] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.970601][T13930] bridge_slave_1: entered allmulticast mode
[  336.973708][T13930] bridge_slave_1: entered promiscuous mode
[  336.992763][T13930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.999978][T13930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  337.022628][T13930] team0: Port device team_slave_0 added
[  337.027787][T13930] team0: Port device team_slave_1 added
[  337.045250][T13930] batman_adv: batadv0: Adding interface: batadv_slave_0
[  337.047809][T13930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  337.056770][T13930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  337.062041][T13930] batman_adv: batadv0: Adding interface: batadv_slave_1
[  337.065508][T13930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  337.075689][T13930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  337.107533][T13930] hsr_slave_0: entered promiscuous mode
[  337.110384][T13930] hsr_slave_1: entered promiscuous mode
[  337.112761][T13930] debugfs: 'hsr0' already exists in 'hsr'
[  337.115151][T13930] Cannot create hsr debugfs directory
[  337.493302][   T55] Bluetooth: hci9: command tx timeout
[  338.453493][ T5235] Bluetooth: hci10: command tx timeout
[  339.448949][T13942] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  339.453503][T13942] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  339.457147][T13942] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  339.462463][T13942] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  339.466295][T13942] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  339.494718][T13941] lo speed is unknown, defaulting to 1000
[  339.573521][T13942] Bluetooth: hci9: command tx timeout
[  339.637433][T13941] vxcan1 speed is unknown, defaulting to 1000
[  339.654246][ T5235] Bluetooth: hci4: command 0x0406 tx timeout
[  339.658493][T13942] Bluetooth: hci5: command 0x0406 tx timeout
[  339.660517][T13942] Bluetooth: hci3: command 0x0406 tx timeout
[  339.834921][T13941] chnl_net:caif_netlink_parms(): no params data found
[  339.886986][T13941] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.889361][T13941] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.891658][T13941] bridge_slave_0: entered allmulticast mode
[  339.894937][T13941] bridge_slave_0: entered promiscuous mode
[  339.898274][T13941] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.900613][T13941] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.902994][T13941] bridge_slave_1: entered allmulticast mode
[  339.907462][T13941] bridge_slave_1: entered promiscuous mode
[  339.930809][T13941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.936092][T13941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.959785][T13941] team0: Port device team_slave_0 added
[  339.963818][T13941] team0: Port device team_slave_1 added
[  339.982812][T13941] batman_adv: batadv0: Adding interface: batadv_slave_0
[  339.986455][T13941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.996553][T13941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  340.001881][T13941] batman_adv: batadv0: Adding interface: batadv_slave_1
[  340.005125][T13941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.014423][T13941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.042250][T13941] hsr_slave_0: entered promiscuous mode
[  340.045284][T13941] hsr_slave_1: entered promiscuous mode
[  340.047533][T13941] debugfs: 'hsr0' already exists in 'hsr'
[  340.049645][T13941] Cannot create hsr debugfs directory
[  340.533300][ T5868] Bluetooth: hci10: command tx timeout
[  341.493374][ T5868] Bluetooth: hci11: command tx timeout
[  341.663440][ T5868] Bluetooth: hci9: command tx timeout
[  342.613409][ T5868] Bluetooth: hci10: command tx timeout
[  343.573335][ T5868] Bluetooth: hci11: command tx timeout
[  343.735288][ T5868] Bluetooth: hci9: command tx timeout
[  344.703321][ T5868] Bluetooth: hci10: command tx timeout
[  345.653332][ T5868] Bluetooth: hci11: command tx timeout
[  346.538294][   T97] block nbd0: Possible stuck request ffff888020a50000: control (read@0,1024B). Runtime 270 seconds
[  346.543266][   T97] block nbd0: Possible stuck request ffff888020a50200: control (read@1024,1024B). Runtime 270 seconds
[  347.733505][ T5868] Bluetooth: hci11: command tx timeout
[  356.133538][   T34] INFO: task syz.2.3419:13743 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
[  356.136641][   T34]       Not tainted syzkaller #0
[  356.138887][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  356.143649][   T34] task:syz.2.3419      state:D stack:26024 pid:13743 tgid:13742 ppid:5872   task_flags:0x480140 flags:0x00004004
[  356.148055][   T34] Call Trace:
[  356.149571][   T34]  <TASK>
[  356.150894][   T34]  __schedule+0x1798/0x4cc0
[  356.152917][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.155224][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.157042][   T34]  ? __pfx___schedule+0x10/0x10
[  356.158973][   T34]  ? schedule+0x91/0x360
[  356.160855][   T34]  schedule+0x165/0x360
[  356.162445][   T34]  blk_mq_freeze_queue_wait+0xf4/0x170
[  356.165005][   T34]  ? __pfx_blk_mq_freeze_queue_wait+0x10/0x10
[  356.167597][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  356.170125][   T34]  ? percpu_ref_kill_and_confirm+0xa3/0x130
[  356.172702][   T34]  queue_limits_commit_update_frozen+0x5d/0x3e0
[  356.175901][   T34]  nbd_set_size+0x47e/0x6a0
[  356.177447][   T34]  ? __pfx_nbd_set_size+0x10/0x10
[  356.179524][   T34]  ? nla_memcpy+0x5b/0xc0
[  356.181978][   T34]  nbd_genl_size_set+0x2eb/0x3c0
[  356.213442][   T34]  ? __pfx_nbd_genl_size_set+0x10/0x10
[  356.215950][   T34]  ? __pfx_nbd_get_config_unlocked+0x10/0x10
[  356.218585][   T34]  ? bpf_lsm_capable+0x9/0x20
[  356.220691][   T34]  ? security_capable+0x7e/0x2e0
[  356.222653][   T34]  ? radix_tree_lookup+0x240/0x290
[  356.227754][   T34]  nbd_genl_reconfigure+0x409/0x1870
[  356.231487][   T34]  ? __pfx_nbd_genl_reconfigure+0x10/0x10
[  356.236357][   T34]  ? __nla_parse+0x40/0x60
[  356.238330][   T34]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  356.241070][   T34]  genl_family_rcv_msg_doit+0x215/0x300
[  356.245513][   T34]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  356.247787][   T34]  ? stack_trace_save+0x9c/0xe0
[  356.249909][   T34]  genl_rcv_msg+0x60e/0x790
[  356.251984][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.254499][   T34]  ? __pfx_nbd_genl_reconfigure+0x10/0x10
[  356.256527][   T34]  netlink_rcv_skb+0x208/0x470
[  356.258275][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.260399][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.262600][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  356.264957][   T34]  ? down_read+0x1ad/0x2e0
[  356.266958][   T34]  genl_rcv+0x28/0x40
[  356.268731][   T34]  netlink_unicast+0x82f/0x9e0
[  356.271017][   T34]  ? __pfx_netlink_unicast+0x10/0x10
[  356.273365][   T34]  ? netlink_sendmsg+0x642/0xb30
[  356.275514][   T34]  ? skb_put+0x11b/0x210
[  356.277375][   T34]  netlink_sendmsg+0x805/0xb30
[  356.279222][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.281262][   T34]  ? aa_sock_msg_perm+0xf1/0x1d0
[  356.283104][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  356.284874][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.286605][   T34]  __sock_sendmsg+0x21c/0x270
[  356.288520][   T34]  ____sys_sendmsg+0x505/0x830
[  356.290662][   T34]  ? __pfx_____sys_sendmsg+0x10/0x10
[  356.292923][   T34]  ? import_iovec+0x74/0xa0
[  356.295535][   T34]  ___sys_sendmsg+0x21f/0x2a0
[  356.297175][   T34]  ? __pfx____sys_sendmsg+0x10/0x10
[  356.299289][   T34]  ? __fget_files+0x2a/0x420
[  356.301271][   T34]  ? __fget_files+0x3a0/0x420
[  356.303448][   T34]  __x64_sys_sendmsg+0x19b/0x260
[  356.305556][   T34]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  356.307928][   T34]  ? rcu_is_watching+0x15/0xb0
[  356.310037][   T34]  ? do_syscall_64+0xbe/0x3b0
[  356.312155][   T34]  do_syscall_64+0xfa/0x3b0
[  356.314294][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.316589][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.319228][   T34]  ? exc_page_fault+0x9f/0xf0
[  356.321200][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.324048][   T34] RIP: 0033:0x7fdfdfd8ebe9
[  356.326021][   T34] RSP: 002b:00007fdfe0c24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  356.329654][   T34] RAX: ffffffffffffffda RBX: 00007fdfdffc5fa0 RCX: 00007fdfdfd8ebe9
[  356.333225][   T34] RDX: 0000000020000800 RSI: 0000200000000200 RDI: 0000000000000004
[  356.336701][   T34] RBP: 00007fdfdfe11e19 R08: 0000000000000000 R09: 0000000000000000
[  356.340143][   T34] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  356.343762][   T34] R13: 00007fdfdffc6038 R14: 00007fdfdffc5fa0 R15: 00007ffcc2d8a998
[  356.346751][   T34]  </TASK>
[  356.347922][   T34] INFO: task syz.1.3444:13799 blocked for more than 143 seconds.
[  356.351064][   T34]       Not tainted syzkaller #0
[  356.352823][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  356.355999][   T34] task:syz.1.3444      state:D stack:24904 pid:13799 tgid:13798 ppid:5866   task_flags:0x400140 flags:0x00004004
[  356.360711][   T34] Call Trace:
[  356.362197][   T34]  <TASK>
[  356.363531][   T34]  __schedule+0x1798/0x4cc0
[  356.365518][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.367685][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.369840][   T34]  ? __pfx___schedule+0x10/0x10
[  356.371709][   T34]  ? schedule+0x91/0x360
[  356.373302][   T34]  schedule+0x165/0x360
[  356.374725][   T34]  schedule_preempt_disabled+0x13/0x30
[  356.376573][   T34]  __mutex_lock+0x7e6/0x1350
[  356.378212][   T34]  ? __mutex_lock+0x5bb/0x1350
[  356.380340][   T34]  ? genl_rcv_msg+0x10d/0x790
[  356.382358][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  356.384429][   T34]  ? stack_trace_save+0x9c/0xe0
[  356.386030][   T34]  ? __pfx_stack_trace_save+0x10/0x10
[  356.387810][   T34]  ? radix_tree_lookup+0x240/0x290
[  356.390015][   T34]  genl_rcv_msg+0x10d/0x790
[  356.391914][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.394126][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.396275][   T34]  netlink_rcv_skb+0x208/0x470
[  356.398396][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.400549][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.402610][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  356.404644][   T34]  ? down_read+0x1ad/0x2e0
[  356.406185][   T34]  genl_rcv+0x28/0x40
[  356.407635][   T34]  netlink_unicast+0x82f/0x9e0
[  356.409668][   T34]  ? __pfx_netlink_unicast+0x10/0x10
[  356.412012][   T34]  ? netlink_sendmsg+0x642/0xb30
[  356.414472][   T34]  ? skb_put+0x11b/0x210
[  356.416360][   T34]  netlink_sendmsg+0x805/0xb30
[  356.418464][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.420813][   T34]  ? aa_sock_msg_perm+0xf1/0x1d0
[  356.422628][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  356.424600][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.426547][   T34]  __sock_sendmsg+0x21c/0x270
[  356.428307][   T34]  __sys_sendto+0x3bd/0x520
[  356.430330][   T34]  ? __pfx___sys_sendto+0x10/0x10
[  356.432579][   T34]  ? count_memcg_event_mm+0x21/0x260
[  356.434699][   T34]  ? exc_page_fault+0x76/0xf0
[  356.436322][   T34]  ? do_user_addr_fault+0xc8a/0x1390
[  356.438204][   T34]  __x64_sys_sendto+0xde/0x100
[  356.440257][   T34]  do_syscall_64+0xfa/0x3b0
[  356.442189][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.444504][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.447041][   T34]  ? exc_page_fault+0x9f/0xf0
[  356.449042][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.451546][   T34] RIP: 0033:0x7efc44190a7c
[  356.454427][   T34] RSP: 002b:00007efc44ffaec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  356.457796][   T34] RAX: ffffffffffffffda RBX: 00007efc44ffafc0 RCX: 00007efc44190a7c
[  356.460608][   T34] RDX: 0000000000000020 RSI: 00007efc44ffb010 RDI: 0000000000000008
[  356.463623][   T34] RBP: 0000000000000000 R08: 00007efc44ffaf14 R09: 000000000000000c
[  356.466897][   T34] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008
[  356.470205][   T34] R13: 00007efc44ffaf68 R14: 00007efc44ffb010 R15: 0000000000000000
[  356.473663][   T34]  </TASK>
[  356.474982][   T34] INFO: task syz.1.3444:13800 blocked for more than 143 seconds.
[  356.477948][   T34]       Not tainted syzkaller #0
[  356.479648][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  356.482777][   T34] task:syz.1.3444      state:D stack:26536 pid:13800 tgid:13798 ppid:5866   task_flags:0x400140 flags:0x00004004
[  356.487779][   T34] Call Trace:
[  356.489202][   T34]  <TASK>
[  356.490424][   T34]  __schedule+0x1798/0x4cc0
[  356.492125][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.493885][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.495583][   T34]  ? __pfx___schedule+0x10/0x10
[  356.497426][   T34]  ? schedule+0x91/0x360
[  356.499114][   T34]  schedule+0x165/0x360
[  356.500840][   T34]  schedule_preempt_disabled+0x13/0x30
[  356.503448][   T34]  __mutex_lock+0x7e6/0x1350
[  356.505203][   T34]  ? __mutex_lock+0x5bb/0x1350
[  356.506961][   T34]  ? genl_rcv_msg+0x10d/0x790
[  356.508750][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  356.510635][   T34]  ? stack_trace_save+0x9c/0xe0
[  356.512393][   T34]  ? __pfx_stack_trace_save+0x10/0x10
[  356.514528][   T34]  ? radix_tree_lookup+0x240/0x290
[  356.516314][   T34]  genl_rcv_msg+0x10d/0x790
[  356.517851][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.519523][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.521404][   T34]  netlink_rcv_skb+0x208/0x470
[  356.523269][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.524966][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.526892][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  356.528776][   T34]  ? down_read+0x1ad/0x2e0
[  356.530398][   T34]  genl_rcv+0x28/0x40
[  356.531844][   T34]  netlink_unicast+0x82f/0x9e0
[  356.533786][   T34]  ? __pfx_netlink_unicast+0x10/0x10
[  356.535600][   T34]  ? netlink_sendmsg+0x642/0xb30
[  356.537292][   T34]  ? skb_put+0x11b/0x210
[  356.538718][   T34]  netlink_sendmsg+0x805/0xb30
[  356.540353][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.542433][   T34]  ? aa_sock_msg_perm+0xf1/0x1d0
[  356.544355][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  356.546181][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.547988][   T34]  __sock_sendmsg+0x21c/0x270
[  356.549601][   T34]  ____sys_sendmsg+0x505/0x830
[  356.551295][   T34]  ? __pfx_____sys_sendmsg+0x10/0x10
[  356.553250][   T34]  ? import_iovec+0x74/0xa0
[  356.554958][   T34]  ___sys_sendmsg+0x21f/0x2a0
[  356.556570][   T34]  ? __pfx____sys_sendmsg+0x10/0x10
[  356.558299][   T34]  ? __fget_files+0x2a/0x420
[  356.559881][   T34]  ? __fget_files+0x3a0/0x420
[  356.561720][   T34]  __x64_sys_sendmsg+0x19b/0x260
[  356.563908][   T34]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  356.565841][   T34]  ? do_syscall_64+0xbe/0x3b0
[  356.567510][   T34]  do_syscall_64+0xfa/0x3b0
[  356.569146][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.571332][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.573766][   T34]  ? exc_page_fault+0x9f/0xf0
[  356.575657][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.577918][   T34] RIP: 0033:0x7efc4418ebe9
[  356.579627][   T34] RSP: 002b:00007efc44fdb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  356.582516][   T34] RAX: ffffffffffffffda RBX: 00007efc443c6090 RCX: 00007efc4418ebe9
[  356.585324][   T34] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[  356.588265][   T34] RBP: 00007efc44211e19 R08: 0000000000000000 R09: 0000000000000000
[  356.591136][   T34] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  356.593873][   T34] R13: 00007efc443c6128 R14: 00007efc443c6090 R15: 00007ffc7848c908
[  356.596966][   T34]  </TASK>
[  356.598193][   T34] INFO: task syz.0.3469:13858 blocked for more than 143 seconds.
[  356.600666][   T34]       Not tainted syzkaller #0
[  356.602332][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  356.607969][   T34] task:syz.0.3469      state:D stack:28328 pid:13858 tgid:13857 ppid:5869   task_flags:0x400140 flags:0x00004004
[  356.612248][   T34] Call Trace:
[  356.613550][   T34]  <TASK>
[  356.614628][   T34]  __schedule+0x1798/0x4cc0
[  356.616474][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.618385][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.620108][   T34]  ? __pfx___schedule+0x10/0x10
[  356.622067][   T34]  ? schedule+0x91/0x360
[  356.624270][   T34]  schedule+0x165/0x360
[  356.625976][   T34]  schedule_preempt_disabled+0x13/0x30
[  356.628059][   T34]  __mutex_lock+0x7e6/0x1350
[  356.629692][   T34]  ? __mutex_lock+0x5bb/0x1350
[  356.631345][   T34]  ? genl_rcv_msg+0x10d/0x790
[  356.632967][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  356.634771][   T34]  ? __dev_queue_xmit+0x27b/0x3b50
[  356.636859][   T34]  ? radix_tree_lookup+0x240/0x290
[  356.638603][   T34]  genl_rcv_msg+0x10d/0x790
[  356.640106][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.641790][   T34]  ? ref_tracker_free+0x63a/0x7d0
[  356.643574][   T34]  ? __asan_memcpy+0x40/0x70
[  356.645113][   T34]  ? __pfx_ref_tracker_free+0x10/0x10
[  356.646930][   T34]  netlink_rcv_skb+0x208/0x470
[  356.648651][   T34]  ? __lock_acquire+0xab9/0xd20
[  356.650509][   T34]  ? __pfx_genl_rcv_msg+0x10/0x10
[  356.652339][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  356.654687][   T34]  ? down_read+0x1ad/0x2e0
[  356.656587][   T34]  genl_rcv+0x28/0x40
[  356.658269][   T34]  netlink_unicast+0x82f/0x9e0
[  356.660324][   T34]  ? __pfx_netlink_unicast+0x10/0x10
[  356.662573][   T34]  ? netlink_sendmsg+0x642/0xb30
[  356.664858][   T34]  ? skb_put+0x11b/0x210
[  356.666673][   T34]  netlink_sendmsg+0x805/0xb30
[  356.668751][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.670948][   T34]  ? aa_sock_msg_perm+0xf1/0x1d0
[  356.673185][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  356.675407][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.677661][   T34]  __sock_sendmsg+0x21c/0x270
[  356.679684][   T34]  __sys_sendto+0x3bd/0x520
[  356.681649][   T34]  ? __pfx___sys_sendto+0x10/0x10
[  356.684325][   T34]  ? count_memcg_event_mm+0x21/0x260
[  356.686678][   T34]  ? exc_page_fault+0x76/0xf0
[  356.688721][   T34]  ? do_user_addr_fault+0xc8a/0x1390
[  356.690932][   T34]  __x64_sys_sendto+0xde/0x100
[  356.692973][   T34]  do_syscall_64+0xfa/0x3b0
[  356.695119][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.697362][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.699859][   T34]  ? exc_page_fault+0x9f/0xf0
[  356.701866][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.704519][   T34] RIP: 0033:0x7f3ca3390a7c
[  356.706347][   T34] RSP: 002b:00007f3ca41dfec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  356.709714][   T34] RAX: ffffffffffffffda RBX: 00007f3ca41dffc0 RCX: 00007f3ca3390a7c
[  356.712997][   T34] RDX: 0000000000000024 RSI: 00007f3ca41e0010 RDI: 0000000000000003
[  356.716334][   T34] RBP: 0000000000000000 R08: 00007f3ca41dff14 R09: 000000000000000c
[  356.719654][   T34] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  356.723349][   T34] R13: 00007f3ca41dff68 R14: 00007f3ca41e0010 R15: 0000000000000000
[  356.726594][   T34]  </TASK>
[  356.727970][   T34] 
[  356.727970][   T34] Showing all locks held in the system:
[  356.731548][   T34] 1 lock held by khungtaskd/34:
[  356.733814][   T34]  #0: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  356.737742][   T34] 2 locks held by getty/5671:
[  356.739604][   T34]  #0: ffff888107ccf0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  356.743671][   T34]  #1: ffffc900029032f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  356.747842][   T34] 1 lock held by udevd/5858:
[  356.749791][   T34]  #0: ffff8880209d8358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  356.753901][   T34] 6 locks held by syz.2.3419/13743:
[  356.756113][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.759624][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.763461][   T34]  #2: ffff888020923a30 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_reconfigure+0x36f/0x1870
[  356.767297][   T34]  #3: ffff8880209c10d8 (&q->limits_lock){+.+.}-{4:4}, at: nbd_set_size+0x292/0x6a0
[  356.771228][   T34]  #4: ffff8880209c0a78 (&q->q_usage_counter(io)#49){++++}-{0:0}, at: queue_limits_commit_update_frozen+0x5d/0x3e0
[  356.777302][   T34]  #5: ffff8880209c0ab0 (&q->q_usage_counter(queue)#33){+.+.}-{0:0}, at: queue_limits_commit_update_frozen+0x5d/0x3e0
[  356.782431][   T34] 2 locks held by syz.1.3444/13799:
[  356.784965][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.788441][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.792239][   T34] 2 locks held by syz.1.3444/13800:
[  356.794591][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.798109][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.801871][   T34] 2 locks held by syz.0.3469/13858:
[  356.804249][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.807717][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.811489][   T34] 2 locks held by syz-executor/13863:
[  356.814066][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.817513][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.821297][   T34] 2 locks held by syz-executor/13872:
[  356.823695][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.827133][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.830851][   T34] 2 locks held by syz-executor/13881:
[  356.833319][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.836736][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.840519][   T34] 2 locks held by syz-executor/13894:
[  356.842815][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.846660][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.850503][   T34] 2 locks held by syz-executor/13903:
[  356.852881][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.856764][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.860638][   T34] 2 locks held by syz-executor/13912:
[  356.862980][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.866464][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.870231][   T34] 2 locks held by syz-executor/13921:
[  356.872527][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.876271][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.880035][   T34] 2 locks held by syz-executor/13930:
[  356.882367][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.885845][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.889693][   T34] 2 locks held by syz-executor/13941:
[  356.891976][   T34]  #0: ffffffff8f59ea90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  356.895545][   T34]  #1: ffffffff8f59e8a8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  356.899354][   T34] 
[  356.900398][   T34] =============================================
[  356.900398][   T34] 
[  356.904221][   T34] NMI backtrace for cpu 0
[  356.904233][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  356.904246][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  356.904252][   T34] Call Trace:
[  356.904259][   T34]  <TASK>
[  356.904265][   T34]  dump_stack_lvl+0x189/0x250
[  356.904285][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  356.904298][   T34]  ? __pfx__printk+0x10/0x10
[  356.904322][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  356.904341][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  356.904359][   T34]  ? __pfx__printk+0x10/0x10
[  356.904378][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  356.904398][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  356.904416][   T34]  watchdog+0xf93/0xfe0
[  356.904438][   T34]  ? watchdog+0x1de/0xfe0
[  356.904456][   T34]  kthread+0x711/0x8a0
[  356.904474][   T34]  ? __pfx_watchdog+0x10/0x10
[  356.904488][   T34]  ? __pfx_kthread+0x10/0x10
[  356.904504][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  356.904521][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.904532][   T34]  ? __pfx_kthread+0x10/0x10
[  356.904547][   T34]  ret_from_fork+0x3fc/0x770
[  356.904561][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  356.904578][   T34]  ? __switch_to_asm+0x39/0x70
[  356.904591][   T34]  ? __switch_to_asm+0x33/0x70
[  356.904604][   T34]  ? __pfx_kthread+0x10/0x10
[  356.904620][   T34]  ret_from_fork_asm+0x1a/0x30
[  356.904645][   T34]  </TASK>
[  356.904650][   T34] Sending NMI from CPU 0 to CPUs 1:
[  356.960266][    C1] NMI backtrace for cpu 1
[  356.960278][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  356.960286][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  356.960290][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  356.960301][    C1] Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 73 b7 0d 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  356.960306][    C1] RSP: 0018:ffffc90000177de0 EFLAGS: 00000282
[  356.960313][    C1] RAX: 42b1297071443a00 RBX: ffffffff819683f8 RCX: 42b1297071443a00
[  356.960317][    C1] RDX: 0000000000000001 RSI: ffffffff8d9b9d08 RDI: ffffffff8be33880
[  356.960322][    C1] RBP: ffffc90000177f20 R08: ffff888136632f9b R09: 1ffff11026cc65f3
[  356.960326][    C1] R10: dffffc0000000000 R11: ffffed1026cc65f4 R12: ffffffff8fa39230
[  356.960330][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110200d5000
[  356.960334][    C1] FS:  0000000000000000(0000) GS:ffff8881a3c14000(0000) knlGS:0000000000000000
[  356.960339][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  356.960344][    C1] CR2: 000055c532624600 CR3: 000000000df36000 CR4: 00000000000006f0
[  356.960373][    C1] Call Trace:
[  356.960379][    C1]  <TASK>
[  356.960381][    C1]  default_idle+0x13/0x20
[  356.960390][    C1]  default_idle_call+0x74/0xb0
[  356.960405][    C1]  do_idle+0x1e8/0x510
[  356.960412][    C1]  ? __pfx_do_idle+0x10/0x10
[  356.960421][    C1]  cpu_startup_entry+0x44/0x60
[  356.960427][    C1]  start_secondary+0x101/0x110
[  356.960437][    C1]  common_startup_64+0x13e/0x147
[  356.960449][    C1]  </TASK>
[  356.961234][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  357.021998][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  357.025714][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  357.029995][   T34] Call Trace:
[  357.031446][   T34]  <TASK>
[  357.032701][   T34]  dump_stack_lvl+0x99/0x250
[  357.034680][   T34]  ? __asan_memcpy+0x40/0x70
[  357.036648][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  357.038850][   T34]  ? __pfx__printk+0x10/0x10
[  357.040805][   T34]  vpanic+0x281/0x750
[  357.042516][   T34]  ? __pfx_vpanic+0x10/0x10
[  357.044424][   T34]  ? preempt_schedule+0xae/0xc0
[  357.046461][   T34]  ? preempt_schedule_common+0x83/0xd0
[  357.048800][   T34]  panic+0xb9/0xc0
[  357.050409][   T34]  ? __pfx_panic+0x10/0x10
[  357.052316][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  357.054610][   T34]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  357.057169][   T34]  watchdog+0xfd2/0xfe0
[  357.058970][   T34]  ? watchdog+0x1de/0xfe0
[  357.060782][   T34]  kthread+0x711/0x8a0
[  357.062532][   T34]  ? __pfx_watchdog+0x10/0x10
[  357.064539][   T34]  ? __pfx_kthread+0x10/0x10
[  357.066495][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  357.068646][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  357.070858][   T34]  ? __pfx_kthread+0x10/0x10
[  357.072817][   T34]  ret_from_fork+0x3fc/0x770
[  357.074751][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  357.076925][   T34]  ? __switch_to_asm+0x39/0x70
[  357.078903][   T34]  ? __switch_to_asm+0x33/0x70
[  357.080901][   T34]  ? __pfx_kthread+0x10/0x10
[  357.082886][   T34]  ret_from_fork_asm+0x1a/0x30
[  357.084938][   T34]  </TASK>
[  357.087061][   T34] Kernel Offset: disabled
[  357.088897][   T34] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:05:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000036 RBX=0000000000000036 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000068f6b0
R8 =ffff88801fca8237 R9 =1ffff11003f95046 R10=dffffc0000000000 R11=ffffffff854f4b80
R12=dffffc0000000000 R13=ffffffff99b018c6 R14=ffffffff99df6420 R15=0000000000000000
RIP=ffffffff854f4bfc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8614000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2b8b059457 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000080000010015 0000000c00000028 XMM01=0000000e00000001 0000000000000006
XMM02=0043004400010015 0000000000000040 XMM03=0000000000000000 0000000000000000
XMM04=0000ff0000000000 00000000000000ff XMM05=0031313230382f65 65692f316968702f
XMM06=0000000000000000 0000000000000000 XMM07=000000000000ff00 0000ff00000000ff
XMM08=ff00000000000000 0000000000000000 XMM09=3435313230386565 65692f6d69737768
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81b44fbb RBX=1ffff11009608341 RCX=ffff888021683980 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc90002fe7700 RSP=ffffc90002fe7580
R8 =ffffffff8fa39237 R9 =1ffffffff1f47246 R10=dffffc0000000000 R11=fffffbfff1f47247
R12=ffff88804b041a08 R13=dffffc0000000000 R14=ffff88813663b1c0 R15=0000000000000000
RIP=ffffffff81b44fa3 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c14000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2b8def7d60 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00007f2b8d3976c3 00007f2b8d3976c3 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 00ff000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000ff0000 XMM05=0000000000000000 000000000003bf12
XMM06=06015b9000080001 e003001000000007 XMM07=0010000100000000 0001b00303801000
XMM08=1003020007df001e ac00010000000006 XMM09=2e6b726f775f6e65 7473696c5f706374
XMM10=6139666666666666 66660a79656b5f5f XMM11=656e705f636d7320 6220303237303130
XMM12=2030383132313061 3966666666666666 XMM13=5f2e77656e5f7968 705f6e6170772062
XMM14=3966666666666666 660a332e79656b5f XMM15=705f6e6170772062 2030613132313061
