last executing test programs: 4.096470912s ago: executing program 0 (id=1116): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x80000001, 0x8) r0 = gettid() process_vm_writev$auto(r0, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) madvise$auto(0x0, 0x2002003f0, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 2.390281285s ago: executing program 0 (id=1130): madvise$auto(0x0, 0x7ffffffffffffffe, 0x1) select$auto(0x5, &(0x7f0000000080)={[0xffffffffffffff54, 0x2, 0x7, 0x6, 0xc, 0xfffffffffffffff8, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x202, 0xd3, 0x1]}, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0xc4}, 0x6, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.23199019s ago: executing program 3 (id=1132): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) pipe$auto(0x0) fcntl$auto(r0, 0x8, 0x1) fcntl$auto(r0, 0x10, 0x2) r1 = socket(0x2, 0x5, 0x0) setsockopt$auto(r1, 0x0, 0x10, 0x0, 0x17) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 2.077406288s ago: executing program 2 (id=1133): r0 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) fanotify_init$auto(0x5, 0x2) pwritev2$auto(0x4, 0x0, 0x4, 0x4, 0x9f4, 0x22) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(r1, 0x8, 0x0) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 2.064527467s ago: executing program 3 (id=1134): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x28, 0x5, 0x0) socket(0xa, 0x801, 0x106) dup3$auto(0x8000000000000001, 0x5, 0x800000000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x2) fstatfs$auto(0x0, 0x0) pipe2$auto(&(0x7f0000000140)=0x2, 0x800) sendto$auto(0x3, 0x0, 0x18, 0x101, &(0x7f0000000140), 0x1c) 1.907207297s ago: executing program 3 (id=1135): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_WG_CMD_GET_DEVICE(r0, 0x0, 0x4000) 1.787153393s ago: executing program 2 (id=1136): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) 1.415461836s ago: executing program 1 (id=1137): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) fcntl$auto(0x8000000000000001, 0x25, 0x8) 1.283366283s ago: executing program 0 (id=1138): io_uring_setup$auto(0x0, &(0x7f0000000000)={0x6, 0x66, 0x2, 0x14, 0x8, 0x4, 0xffffffffffffffff, [0x9, 0x34, 0x7fffffff], {0x101, 0x6, 0x4355, 0x80000000, 0xa5, 0x7, 0xb, 0xba90, 0x5}, {0xfffffc00, 0x6, 0x0, 0x401, 0x8, 0x8, 0x0, 0x7, 0x6}}) lstat$auto(&(0x7f0000000000)='./file1\x00', 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x20044000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x103, 0x0) 1.196893715s ago: executing program 1 (id=1139): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) connect$auto(0x3, 0x0, 0x55) prctl$auto(0x7, 0x2, 0x1, 0x3b70, 0x2) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) 1.112806242s ago: executing program 0 (id=1140): r0 = socket(0x2, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0x7) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x8) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) connect$auto(0x3, &(0x7f0000000140), 0x55) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) io_uring_setup$auto(0x6, 0x0) write$auto(r0, 0x0, 0x8e) 903.446707ms ago: executing program 3 (id=1141): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) read$auto(r1, &(0x7f0000000100)='nl80211\x00', 0xbe62) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000003b40)={'veth0_to_hsr\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 813.185354ms ago: executing program 2 (id=1142): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mknod$auto(&(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0xa240, 0x15e) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) read$auto(0x3, 0x0, 0x80) read$auto(0x3, 0x0, 0x1f40) write$auto(0x3, 0x0, 0xfdf3) 792.30384ms ago: executing program 1 (id=1143): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mremap$auto(0x0, 0x2, 0x2000000000000009, 0x3, 0x7fffffffb000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="010029bd7020fddbdf251400000008000300", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x20000084) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendto$auto(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0, &(0x7f0000000100), 0xd3) socket$nl_generic(0x10, 0x3, 0x10) syslog$auto(0x3, &(0x7f0000000040)='V/\x00', 0x7ff) 702.662873ms ago: executing program 3 (id=1144): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) close_range$auto(0x2, 0x8, 0x0) mknod$auto(&(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0xa240, 0x15e) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) read$auto(0x3, 0x0, 0x80) write$auto(0x3, 0x0, 0xfdef) 493.621715ms ago: executing program 3 (id=1145): ioctl$auto_VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000100)=0x3d2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) r0 = openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, 0x0, 0x2282, 0x0) read$auto(r0, 0x0, 0x80) io_uring_register$auto(0x2, 0x4, 0x0, 0x1) 491.224065ms ago: executing program 1 (id=1153): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9) exit$auto(0x7) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/user\x00') socket(0x2, 0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55) 474.458548ms ago: executing program 2 (id=1146): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x3}, 0x7, 0xe, 0x0) write$auto(0x3, 0x0, 0xfdef) 334.95867ms ago: executing program 1 (id=1147): mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000841) recvmmsg$auto(0x4, 0x0, 0x6, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 259.608908ms ago: executing program 2 (id=1148): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xf, 0x8000) io_uring_setup$auto(0x4a, 0x0) r0 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) 157.521525ms ago: executing program 0 (id=1149): mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000) mincore$auto(0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket(0xf, 0x3, 0x2) socket(0x2, 0xa, 0xe57a) r0 = socket(0x2b, 0x1, 0x1) setsockopt$auto(0x6, 0x8000000000000006, 0x13, 0x0, 0x7ffffc) sendmsg$auto_NL80211_CMD_SET_REG(r0, 0x0, 0x20000000) 107.084439ms ago: executing program 2 (id=1150): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket(0x2, 0x3, 0x100) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3a) socket(0xa, 0x2, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0x14, 0x0, 0x56b) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 51.120118ms ago: executing program 0 (id=1151): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(0x6, 0x84, 0x66, 0x0, &(0x7f00000000c0)=0x10000) 0s ago: executing program 1 (id=1152): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) arch_prctl$auto(0x2001, 0x2) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) msync$auto(0x0, 0x2000000005, 0x6) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0x20000000) acct$auto(0x0) fcntl$auto(0x0, 0x407, 0xffffffff80000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.99' (ED25519) to the list of known hosts. [ 88.311906][ T5823] cgroup: Unknown subsys name 'net' [ 88.455765][ T5823] cgroup: Unknown subsys name 'cpuset' [ 88.464641][ T5823] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 90.285563][ T5823] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.341859][ T5835] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.361086][ T5835] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.390934][ T5835] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.420493][ T5835] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.430893][ T5835] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 92.439359][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.501777][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.520441][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.529361][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.537599][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.574420][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.579806][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.583261][ T5838] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 92.590581][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.597385][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.604763][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.626540][ T5843] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 92.636774][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.668152][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.678926][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.687819][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.698923][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.707332][ T5843] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 92.716961][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.160304][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 93.221076][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 93.339014][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 93.425600][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 93.460222][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.469173][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.477907][ T5832] bridge_slave_0: entered allmulticast mode [ 93.485491][ T5832] bridge_slave_0: entered promiscuous mode [ 93.541675][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.550478][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.560512][ T5832] bridge_slave_1: entered allmulticast mode [ 93.568755][ T5832] bridge_slave_1: entered promiscuous mode [ 93.596622][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.608133][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.616652][ T5840] bridge_slave_0: entered allmulticast mode [ 93.624147][ T5840] bridge_slave_0: entered promiscuous mode [ 93.633640][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.641007][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.648442][ T5840] bridge_slave_1: entered allmulticast mode [ 93.655970][ T5840] bridge_slave_1: entered promiscuous mode [ 93.716498][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.725045][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.732480][ T5836] bridge_slave_0: entered allmulticast mode [ 93.740372][ T5836] bridge_slave_0: entered promiscuous mode [ 93.765937][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.782677][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.792208][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.799528][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.807047][ T5836] bridge_slave_1: entered allmulticast mode [ 93.814502][ T5836] bridge_slave_1: entered promiscuous mode [ 93.839011][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.853443][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.937552][ T5832] team0: Port device team_slave_0 added [ 93.944546][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.955961][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.963824][ T5844] bridge_slave_0: entered allmulticast mode [ 93.970779][ T5844] bridge_slave_0: entered promiscuous mode [ 93.981128][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.993617][ T5840] team0: Port device team_slave_0 added [ 94.002076][ T5832] team0: Port device team_slave_1 added [ 94.019021][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.026605][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.034798][ T5844] bridge_slave_1: entered allmulticast mode [ 94.042151][ T5844] bridge_slave_1: entered promiscuous mode [ 94.052442][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.064556][ T5840] team0: Port device team_slave_1 added [ 94.092882][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.100435][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.131293][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.185381][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.193317][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.221245][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.244826][ T5836] team0: Port device team_slave_0 added [ 94.276544][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.288259][ T5836] team0: Port device team_slave_1 added [ 94.304974][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.312367][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.340452][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.353712][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.360858][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.387339][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.408866][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.439166][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.446577][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.473259][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.486375][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.494491][ T5835] Bluetooth: hci0: command tx timeout [ 94.500107][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.526580][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.550558][ T5844] team0: Port device team_slave_0 added [ 94.582259][ T5844] team0: Port device team_slave_1 added [ 94.625298][ T5840] hsr_slave_0: entered promiscuous mode [ 94.632354][ T5840] hsr_slave_1: entered promiscuous mode [ 94.649384][ T5832] hsr_slave_0: entered promiscuous mode [ 94.652294][ T5843] Bluetooth: hci1: command tx timeout [ 94.661880][ T5835] Bluetooth: hci2: command tx timeout [ 94.669182][ T5832] hsr_slave_1: entered promiscuous mode [ 94.677772][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.686760][ T5832] Cannot create hsr debugfs directory [ 94.735753][ T5836] hsr_slave_0: entered promiscuous mode [ 94.744303][ T5836] hsr_slave_1: entered promiscuous mode [ 94.751014][ T5836] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.759323][ T5836] Cannot create hsr debugfs directory [ 94.767758][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.776935][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.803937][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.815026][ T5835] Bluetooth: hci3: command tx timeout [ 94.823755][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.830963][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.857140][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.995863][ T5844] hsr_slave_0: entered promiscuous mode [ 95.004926][ T5844] hsr_slave_1: entered promiscuous mode [ 95.012744][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.021735][ T5844] Cannot create hsr debugfs directory [ 95.300962][ T5832] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.315701][ T5832] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.341746][ T5832] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.358622][ T5832] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.396842][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.412064][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 95.423494][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.438305][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.507702][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.527308][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.568805][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.582614][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 95.632222][ T5844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.657512][ T5844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 95.689539][ T5844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 95.708486][ T5844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 95.762876][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.827951][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.857683][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.865323][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.898474][ T1328] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.905736][ T1328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.938972][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.020436][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.046207][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.062725][ T1328] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.069889][ T1328] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.093260][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.116749][ T54] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.124337][ T54] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.153218][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.214544][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.226413][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.233835][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.245463][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.252832][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.287814][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.295030][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.328573][ T5840] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 96.344882][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 96.367270][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.374724][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.487007][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.571588][ T5835] Bluetooth: hci0: command tx timeout [ 96.689463][ T5832] veth0_vlan: entered promiscuous mode [ 96.709151][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.732217][ T5835] Bluetooth: hci2: command tx timeout [ 96.738087][ T5835] Bluetooth: hci1: command tx timeout [ 96.764393][ T5832] veth1_vlan: entered promiscuous mode [ 96.890509][ T5840] veth0_vlan: entered promiscuous mode [ 96.893715][ T5835] Bluetooth: hci3: command tx timeout [ 96.904003][ T5832] veth0_macvtap: entered promiscuous mode [ 96.927370][ T5832] veth1_macvtap: entered promiscuous mode [ 96.944667][ T5840] veth1_vlan: entered promiscuous mode [ 96.973258][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.998130][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.017415][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.029669][ T5832] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.039405][ T5832] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.048895][ T5832] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.058254][ T5832] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.088055][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.117750][ T5840] veth0_macvtap: entered promiscuous mode [ 97.133915][ T5840] veth1_macvtap: entered promiscuous mode [ 97.218721][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.233089][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.245351][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.255428][ T5844] veth0_vlan: entered promiscuous mode [ 97.294482][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.305266][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.317418][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.327793][ T5844] veth1_vlan: entered promiscuous mode [ 97.338788][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.353803][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.372270][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.382540][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.392322][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.401853][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.468369][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.477845][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.482017][ T8] cfg80211: failed to load regulatory.db [ 97.537493][ T5844] veth0_macvtap: entered promiscuous mode [ 97.574650][ T5836] veth0_vlan: entered promiscuous mode [ 97.612103][ T5844] veth1_macvtap: entered promiscuous mode [ 97.629063][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.642221][ T5836] veth1_vlan: entered promiscuous mode [ 97.724644][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.730348][ T5836] veth0_macvtap: entered promiscuous mode [ 97.739731][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.788529][ T5836] veth1_macvtap: entered promiscuous mode [ 97.844719][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.857235][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.868036][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.880018][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.894577][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.919106][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.951563][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.963023][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.978205][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.987404][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.999663][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.016456][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.055826][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.069153][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.086074][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.098600][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.108852][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.130732][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.152376][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.177841][ T5844] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.197997][ T5844] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.217523][ T5844] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.229860][ T5844] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.254368][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.275348][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.285847][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.297936][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.308255][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.320192][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.334855][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.345634][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.355126][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.364798][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.374945][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.569730][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.605386][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.650986][ T5835] Bluetooth: hci0: command tx timeout [ 98.701895][ T4918] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.708523][ T5903] netlink: 'syz.2.3': attribute type 33 has an invalid length. [ 98.719557][ T5903] netlink: 322 bytes leftover after parsing attributes in process `syz.2.3'. [ 98.736872][ T4918] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.770942][ T5903] Zero length message leads to an empty skb [ 98.791927][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.810817][ T5835] Bluetooth: hci1: command tx timeout [ 98.811517][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.825950][ T5835] Bluetooth: hci2: command tx timeout [ 98.970958][ T5835] Bluetooth: hci3: command tx timeout [ 99.020469][ T1328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.086336][ T1328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.704357][ T5916] netlink: 322 bytes leftover after parsing attributes in process `syz.1.8'. [ 100.407080][ T5923] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11'. [ 100.732402][ T5835] Bluetooth: hci0: command tx timeout [ 100.833909][ T5929] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13'. [ 100.899448][ T5835] Bluetooth: hci2: command tx timeout [ 100.899491][ T5843] Bluetooth: hci1: command tx timeout [ 101.050782][ T5843] Bluetooth: hci3: command tx timeout [ 103.221071][ T5994] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.146916][ T6043] netlink: 342 bytes leftover after parsing attributes in process `syz.0.48'. [ 106.020956][ T6068] netlink: 322 bytes leftover after parsing attributes in process `syz.0.51'. [ 107.113230][ T6089] netlink: 334 bytes leftover after parsing attributes in process `syz.3.61'. [ 107.577149][ T6108] netlink: 322 bytes leftover after parsing attributes in process `syz.0.68'. [ 107.831705][ T6114] netlink: 'syz.2.71': attribute type 16 has an invalid length. [ 107.839827][ T6114] netlink: 330 bytes leftover after parsing attributes in process `syz.2.71'. [ 108.295820][ T6133] process 'syz.2.78' launched ':,' with NULL argv: empty string added [ 108.664467][ T6148] netlink: 'syz.0.80': attribute type 1 has an invalid length. [ 111.574625][ T6226] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? [ 114.205480][ T6293] netlink: 342 bytes leftover after parsing attributes in process `syz.0.125'. [ 114.299871][ T6295] netlink: 330 bytes leftover after parsing attributes in process `syz.2.127'. [ 118.587201][ T6367] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 118.792824][ T6373] netlink: 334 bytes leftover after parsing attributes in process `syz.1.157'. [ 120.582102][ T6412] netlink: 'syz.1.173': attribute type 4 has an invalid length. [ 120.601631][ T6412] netlink: 314 bytes leftover after parsing attributes in process `syz.1.173'. [ 120.875146][ T6422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.176'. [ 120.901499][ T6420] netlink: 330 bytes leftover after parsing attributes in process `syz.1.177'. [ 120.913635][ T6422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.176'. [ 121.382211][ T6438] netlink: 'syz.2.181': attribute type 4 has an invalid length. [ 122.178069][ T6459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'. [ 122.541724][ T6458] netlink: 74 bytes leftover after parsing attributes in process `syz.0.187'. [ 122.641708][ T6474] netlink: 'syz.2.190': attribute type 27 has an invalid length. [ 122.681173][ T6474] netlink: 334 bytes leftover after parsing attributes in process `syz.2.190'. [ 123.376148][ T6496] netlink: 146 bytes leftover after parsing attributes in process `syz.1.196'. [ 124.439766][ T6518] sp0: Synchronizing with TNC [ 124.492902][ T6520] ======================================================= [ 124.492902][ T6520] WARNING: The mand mount option has been deprecated and [ 124.492902][ T6520] and is ignored by this kernel. Remove the mand [ 124.492902][ T6520] option from the mount to silence this warning. [ 124.492902][ T6520] ======================================================= [ 124.553693][ T6520] Process accounting resumed [ 124.864338][ T6526] netlink: 'syz.1.205': attribute type 4 has an invalid length. [ 124.893967][ T6526] netlink: 'syz.1.205': attribute type 4 has an invalid length. [ 125.991269][ T5843] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 126.591135][ T6563] lo: entered promiscuous mode [ 126.597805][ T6562] netlink: 326 bytes leftover after parsing attributes in process `syz.0.220'. [ 126.787199][ T6563] lo: left promiscuous mode [ 127.205339][ T6580] netlink: 342 bytes leftover after parsing attributes in process `syz.0.225'. [ 127.230816][ T6577] netlink: 334 bytes leftover after parsing attributes in process `syz.2.224'. [ 128.012126][ T6599] netlink: 334 bytes leftover after parsing attributes in process `syz.1.232'. [ 128.020521][ T6600] binder: 6597:6600 ioctl c0306201 9 returned -14 [ 128.306871][ T6604] netlink: 'syz.1.235': attribute type 21 has an invalid length. [ 128.326497][ T6604] netlink: 326 bytes leftover after parsing attributes in process `syz.1.235'. [ 128.675862][ T6612] netlink: 326 bytes leftover after parsing attributes in process `syz.1.237'. [ 129.318079][ T6627] netlink: 330 bytes leftover after parsing attributes in process `syz.1.243'. [ 129.745844][ T6634] netlink: 326 bytes leftover after parsing attributes in process `syz.1.247'. [ 130.411758][ T6648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.250'. [ 132.091274][ T6674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.263'. [ 132.471908][ T6685] netlink: 4 bytes leftover after parsing attributes in process `syz.2.268'. [ 132.612243][ T6688] netlink: 326 bytes leftover after parsing attributes in process `syz.1.267'. [ 132.806816][ T6691] netlink: 146 bytes leftover after parsing attributes in process `syz.2.271'. [ 133.011883][ T6699] netlink: 4 bytes leftover after parsing attributes in process `syz.0.274'. [ 133.644719][ T6720] netlink: 330 bytes leftover after parsing attributes in process `syz.2.281'. [ 133.718107][ T6722] netlink: 12 bytes leftover after parsing attributes in process `syz.0.282'. [ 133.753790][ T6722] netlink: 12 bytes leftover after parsing attributes in process `syz.0.282'. [ 135.236989][ T6749] netlink: 342 bytes leftover after parsing attributes in process `syz.3.290'. [ 135.324924][ T6749] IPv6: NLM_F_CREATE should be specified when creating new route [ 135.910440][ T6765] netlink: 330 bytes leftover after parsing attributes in process `syz.1.297'. [ 138.041398][ T6829] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 138.049056][ T6829] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 138.105978][ T6829] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 138.147953][ T6829] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 138.154393][ T6829] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 138.197584][ T6829] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 138.298505][ T6829] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 138.304736][ T6829] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 138.322577][ T6829] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 138.330529][ T6839] netlink: 'syz.1.326': attribute type 20 has an invalid length. [ 138.350469][ T6829] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 138.355054][ T6839] __nla_validate_parse: 2 callbacks suppressed [ 138.355078][ T6839] netlink: 330 bytes leftover after parsing attributes in process `syz.1.326'. [ 138.356837][ T6829] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 138.390420][ T6838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.327'. [ 138.402090][ T6829] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 138.410071][ T6838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.327'. [ 138.421522][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.428167][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.614767][ T6845] netlink: 342 bytes leftover after parsing attributes in process `syz.0.329'. [ 139.841189][ T6869] netlink: 146 bytes leftover after parsing attributes in process `syz.1.339'. [ 140.091074][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 140.170858][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 140.331017][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 140.410910][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 140.862305][ T6889] netlink: 330 bytes leftover after parsing attributes in process `syz.3.346'. [ 141.499650][ T6905] netlink: 4 bytes leftover after parsing attributes in process `syz.1.354'. [ 141.917519][ T6915] netlink: 342 bytes leftover after parsing attributes in process `syz.1.357'. [ 142.220829][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 142.250783][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 142.409142][ T6922] mkiss: ax0: crc mode is auto. [ 142.421108][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 142.490785][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 142.728922][ T6938] netlink: 'syz.3.366': attribute type 19 has an invalid length. [ 142.748871][ T6938] netlink: 114 bytes leftover after parsing attributes in process `syz.3.366'. [ 143.165470][ T6948] HfR: entered promiscuous mode [ 143.203067][ T6948] openvswitch: HfR: Dropping previously announced user features [ 143.242210][ T6948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.370'. [ 143.986455][ T6961] netlink: 326 bytes leftover after parsing attributes in process `syz.1.376'. [ 144.250880][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 144.331277][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 144.490821][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 144.554688][ T6973] ptrace attach of "./syz-executor exec"[5836] was attempted by "./syz-executor exec"[6973] [ 144.578578][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 145.254648][ T6984] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 146.017161][ T6997] netlink: 330 bytes leftover after parsing attributes in process `syz.2.387'. [ 146.057961][ T6997] : renamed from gre0 (while UP) [ 146.221344][ T6997] netlink: 330 bytes leftover after parsing attributes in process `syz.2.387'. [ 147.267154][ T7017] netlink: 4 bytes leftover after parsing attributes in process `syz.0.393'. [ 148.708542][ T7057] vhci_hcd: not connected 4 [ 149.211368][ T7071] netlink: 330 bytes leftover after parsing attributes in process `syz.3.415'. [ 149.387395][ T7075] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 150.178531][ T7077] raw_sendmsg: syz.0.420 forgot to set AF_INET. Fix it! [ 150.328950][ T7096] syz.1.425 uses obsolete (PF_INET,SOCK_PACKET) [ 151.393189][ T7118] netlink: 266 bytes leftover after parsing attributes in process `syz.1.434'. [ 151.403575][ T7118] IPv6: NLM_F_CREATE should be specified when creating new route [ 152.874821][ T7126] netlink: 146 bytes leftover after parsing attributes in process `syz.1.438'. [ 153.768888][ T7151] netlink: 'syz.0.448': attribute type 2 has an invalid length. [ 153.860407][ T7149] netlink: 'syz.3.447': attribute type 39 has an invalid length. [ 153.885905][ T7149] netlink: 'syz.3.447': attribute type 40 has an invalid length. [ 153.909766][ T7149] netlink: 'syz.3.447': attribute type 41 has an invalid length. [ 153.970840][ T7149] netlink: 'syz.3.447': attribute type 44 has an invalid length. [ 153.987334][ T7149] netlink: 'syz.3.447': attribute type 46 has an invalid length. [ 154.017353][ T7149] netlink: 'syz.3.447': attribute type 47 has an invalid length. [ 154.050801][ T7149] netlink: 'syz.3.447': attribute type 48 has an invalid length. [ 154.101104][ T7149] netlink: 'syz.3.447': attribute type 49 has an invalid length. [ 154.210782][ T7149] netlink: 'syz.3.447': attribute type 50 has an invalid length. [ 154.230937][ T7149] netlink: 6 bytes leftover after parsing attributes in process `syz.3.447'. [ 156.592553][ T7207] netlink: 146 bytes leftover after parsing attributes in process `syz.0.467'. [ 157.491284][ T7226] netlink: 326 bytes leftover after parsing attributes in process `syz.2.473'. [ 158.490586][ T7243] netlink: 330 bytes leftover after parsing attributes in process `syz.2.482'. [ 158.938043][ T7243] syz.2.482 (7243) used greatest stack depth: 20464 bytes left [ 159.362139][ T7257] netlink: 330 bytes leftover after parsing attributes in process `syz.0.488'. [ 159.760846][ T7265] netlink: 146 bytes leftover after parsing attributes in process `syz.0.492'. [ 159.775791][ T7266] capability: warning: `syz.3.491' uses 32-bit capabilities (legacy support in use) [ 160.916629][ T7291] netlink: 330 bytes leftover after parsing attributes in process `syz.0.498'. [ 162.641545][ T7309] netlink: 334 bytes leftover after parsing attributes in process `syz.2.505'. [ 164.272742][ T7333] netlink: 334 bytes leftover after parsing attributes in process `syz.2.513'. [ 164.500075][ T7337] netlink: 342 bytes leftover after parsing attributes in process `syz.1.515'. [ 164.969594][ T7341] validate_nla: 1 callbacks suppressed [ 164.969621][ T7341] netlink: 'syz.1.518': attribute type 5 has an invalid length. [ 165.050974][ T7341] netlink: 314 bytes leftover after parsing attributes in process `syz.1.518'. [ 165.212688][ T7347] netlink: 330 bytes leftover after parsing attributes in process `syz.0.520'. [ 165.607800][ T7345] netlink: 330 bytes leftover after parsing attributes in process `syz.3.519'. [ 165.711345][ T7353] netlink: 342 bytes leftover after parsing attributes in process `syz.0.522'. [ 166.000950][ T7355] block nbd0: Unsupported socket: shutdown callout must be supported. [ 166.334976][ T7360] block nbd0: not configured, cannot reconfigure [ 166.610815][ T7364] netlink: 24 bytes leftover after parsing attributes in process `syz.2.526'. [ 166.823698][ T7367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.528'. [ 166.898929][ T7367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.528'. [ 166.901036][ T7364] netlink: 24 bytes leftover after parsing attributes in process `syz.2.526'. [ 166.980196][ T7369] netlink: 244 bytes leftover after parsing attributes in process `syz.0.529'. [ 167.361037][ T7374] IPv6: NLM_F_CREATE should be specified when creating new route [ 167.410828][ T7374] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 167.418527][ T7374] IPv6: NLM_F_CREATE should be set when creating new route [ 167.425884][ T7374] IPv6: NLM_F_CREATE should be set when creating new route [ 167.738847][ T7378] IPv6: NLM_F_CREATE should be specified when creating new route [ 169.811251][ T7395] netlink: 'syz.0.540': attribute type 3 has an invalid length. [ 170.673137][ T7399] __nla_validate_parse: 3 callbacks suppressed [ 170.673165][ T7399] netlink: 326 bytes leftover after parsing attributes in process `syz.0.543'. [ 171.199582][ T7405] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 172.501356][ T7413] netlink: 290 bytes leftover after parsing attributes in process `syz.0.548'. [ 173.490175][ T7431] netlink: 330 bytes leftover after parsing attributes in process `syz.1.554'. [ 173.976997][ T7437] netlink: 'syz.0.557': attribute type 17 has an invalid length. [ 174.000779][ T7437] netlink: 326 bytes leftover after parsing attributes in process `syz.0.557'. [ 174.093323][ T7439] netlink: 314 bytes leftover after parsing attributes in process `syz.1.558'. [ 175.334741][ T7462] netlink: 'syz.1.569': attribute type 21 has an invalid length. [ 175.359254][ T7462] netlink: 326 bytes leftover after parsing attributes in process `syz.1.569'. [ 176.302608][ T7485] netlink: 330 bytes leftover after parsing attributes in process `syz.1.578'. [ 176.490347][ T7488] netlink: 28 bytes leftover after parsing attributes in process `syz.2.579'. [ 176.541726][ T7491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.579'. [ 177.914449][ T7510] netlink: 'syz.3.587': attribute type 4 has an invalid length. [ 177.952494][ T7511] netlink: 330 bytes leftover after parsing attributes in process `syz.0.588'. [ 178.058346][ T7516] netlink: 146 bytes leftover after parsing attributes in process `syz.1.589'. [ 178.250937][ T7520] netlink: 326 bytes leftover after parsing attributes in process `syz.0.592'. [ 179.347016][ T7558] netlink: 326 bytes leftover after parsing attributes in process `syz.3.607'. [ 179.461192][ T7558] veth0_macvtap: left promiscuous mode [ 180.004164][ T7568] netlink: 28 bytes leftover after parsing attributes in process `syz.0.610'. [ 180.032071][ T7568] veth1_macvtap: left promiscuous mode [ 180.583749][ T7580] netlink: 'syz.3.616': attribute type 64 has an invalid length. [ 180.620386][ T7580] netlink: 74 bytes leftover after parsing attributes in process `syz.3.616'. [ 180.627450][ T7582] netlink: 306 bytes leftover after parsing attributes in process `syz.1.615'. [ 181.713063][ T7593] __nla_validate_parse: 2 callbacks suppressed [ 181.713090][ T7593] netlink: 12 bytes leftover after parsing attributes in process `syz.1.622'. [ 182.344653][ T7623] netlink: 330 bytes leftover after parsing attributes in process `syz.0.633'. [ 182.413010][ T7624] netlink: 326 bytes leftover after parsing attributes in process `syz.1.631'. [ 182.637071][ T7629] netlink: 334 bytes leftover after parsing attributes in process `syz.0.635'. [ 183.100309][ T7639] netlink: 266 bytes leftover after parsing attributes in process `syz.0.639'. [ 183.969187][ T7659] netlink: 'syz.0.648': attribute type 4 has an invalid length. [ 183.986116][ T7659] netlink: 314 bytes leftover after parsing attributes in process `syz.0.648'. [ 185.998737][ T7696] netlink: 4755 bytes leftover after parsing attributes in process `syz.3.662'. [ 191.383578][ T7756] netlink: 146 bytes leftover after parsing attributes in process `syz.2.683'. [ 191.659544][ T7778] netlink: 146 bytes leftover after parsing attributes in process `syz.0.693'. [ 191.879278][ T7785] netlink: 4 bytes leftover after parsing attributes in process `syz.3.695'. [ 191.925002][ T7785] netlink: 4 bytes leftover after parsing attributes in process `syz.3.695'. [ 192.146236][ T7791] mmap: syz.3.700 (7791) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 194.225239][ T7807] netlink: 342 bytes leftover after parsing attributes in process `syz.3.704'. [ 194.270791][ T7807] IPv6: Can't replace route, no match found [ 194.764135][ T7819] netlink: 330 bytes leftover after parsing attributes in process `syz.0.709'. [ 194.955829][ T7823] netlink: 20 bytes leftover after parsing attributes in process `syz.1.708'. [ 195.375421][ T7834] netlink: 146 bytes leftover after parsing attributes in process `syz.0.717'. [ 195.608673][ T7840] netlink: 'syz.0.718': attribute type 39 has an invalid length. [ 195.645010][ T7840] netlink: 330 bytes leftover after parsing attributes in process `syz.0.718'. [ 199.854665][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.861208][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.306160][ T7926] netlink: 'syz.3.744': attribute type 33 has an invalid length. [ 201.321090][ T7926] netlink: 322 bytes leftover after parsing attributes in process `syz.3.744'. [ 202.723178][ T7955] netlink: 'syz.3.756': attribute type 10 has an invalid length. [ 202.754851][ T7955] netlink: 330 bytes leftover after parsing attributes in process `syz.3.756'. [ 202.975305][ T7960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.758'. [ 203.004252][ T7960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.758'. [ 203.064021][ T7962] netlink: 'syz.3.759': attribute type 27 has an invalid length. [ 203.085824][ T7962] netlink: 'syz.3.759': attribute type 28 has an invalid length. [ 203.100767][ T7962] netlink: 'syz.3.759': attribute type 29 has an invalid length. [ 203.140768][ T7962] netlink: 'syz.3.759': attribute type 30 has an invalid length. [ 203.176080][ T7962] netlink: 'syz.3.759': attribute type 31 has an invalid length. [ 203.198180][ T7962] netlink: 'syz.3.759': attribute type 32 has an invalid length. [ 203.215320][ T7962] netlink: 'syz.3.759': attribute type 33 has an invalid length. [ 203.234538][ T7962] netlink: 'syz.3.759': attribute type 35 has an invalid length. [ 203.254804][ T7962] netlink: 14 bytes leftover after parsing attributes in process `syz.3.759'. [ 204.012567][ T7981] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 204.031696][ T7981] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 204.050751][ T7981] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 204.067768][ T7981] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 204.232395][ T7986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.769'. [ 204.265410][ T7986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.769'. [ 206.034686][ T8018] netlink: 330 bytes leftover after parsing attributes in process `syz.3.781'. [ 206.045901][ T7540] syz.2.599 (7540) used greatest stack depth: 16496 bytes left [ 206.090766][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 206.097008][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 206.097036][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout [ 206.103245][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout [ 207.022549][ T8029] netlink: 342 bytes leftover after parsing attributes in process `syz.0.786'. [ 211.153134][ T8081] delete_channel: no stack [ 211.663609][ T8100] netlink: 314 bytes leftover after parsing attributes in process `syz.3.813'. [ 213.253978][ T8136] netlink: 28 bytes leftover after parsing attributes in process `syz.3.827'. [ 213.268877][ T8136] vcan0: entered promiscuous mode [ 213.424024][ T8139] netlink: 178 bytes leftover after parsing attributes in process `syz.3.828'. [ 214.427100][ T8165] netlink: 36 bytes leftover after parsing attributes in process `syz.1.836'. [ 215.667442][ T8176] mkiss: ax0: crc mode is auto. [ 216.138045][ T8178] delete_channel: no stack [ 216.367385][ T8196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'. [ 216.380425][ T8196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'. [ 217.670507][ T8224] netlink: 322 bytes leftover after parsing attributes in process `syz.0.857'. [ 217.871404][ T8226] netlink: 342 bytes leftover after parsing attributes in process `syz.2.858'. [ 217.904642][ T8226] IPv6: NLM_F_CREATE should be specified when creating new route [ 217.932582][ T8226] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 217.939866][ T8226] IPv6: NLM_F_CREATE should be set when creating new route [ 217.947266][ T8226] IPv6: NLM_F_CREATE should be set when creating new route [ 217.954587][ T8226] IPv6: NLM_F_CREATE should be set when creating new route [ 218.798151][ T8247] sock: sock_set_timeout: `syz.2.866' (pid 8247) tries to set negative timeout [ 222.017513][ T8299] netlink: 222 bytes leftover after parsing attributes in process `syz.0.884'. [ 222.044185][ T8299] netlink: 222 bytes leftover after parsing attributes in process `syz.0.884'. [ 222.220688][ T8303] sp0: Synchronizing with TNC [ 222.770912][ T8317] netlink: 342 bytes leftover after parsing attributes in process `syz.1.889'. [ 223.607782][ T8338] netlink: 330 bytes leftover after parsing attributes in process `syz.1.897'. [ 223.761535][ T8344] sctp: [Deprecated]: syz.2.901 (pid 8344) Use of int in maxseg socket option. [ 223.761535][ T8344] Use struct sctp_assoc_value instead [ 224.365962][ T8358] netlink: 322 bytes leftover after parsing attributes in process `syz.1.903'. [ 224.441224][ T8358] vcan0: entered promiscuous mode [ 224.740772][ T8364] netlink: 4 bytes leftover after parsing attributes in process `syz.3.906'. [ 224.981652][ T8370] netlink: 326 bytes leftover after parsing attributes in process `syz.3.910'. [ 226.428112][ T8398] tipc: Started in network mode [ 226.439992][ T8398] tipc: Node identity ffffffff, cluster identity 4711 [ 226.452108][ T8398] tipc: Node number set to 4294967295 [ 227.547910][ T8408] netlink: 50 bytes leftover after parsing attributes in process `syz.0.923'. [ 228.168099][ T8420] validate_nla: 3 callbacks suppressed [ 228.168123][ T8420] netlink: 'syz.1.929': attribute type 39 has an invalid length. [ 228.220726][ T8420] netlink: 'syz.1.929': attribute type 40 has an invalid length. [ 228.251087][ T8420] netlink: 'syz.1.929': attribute type 41 has an invalid length. [ 228.276449][ T8420] netlink: 'syz.1.929': attribute type 44 has an invalid length. [ 228.312121][ T8420] netlink: 'syz.1.929': attribute type 46 has an invalid length. [ 228.319940][ T8420] netlink: 'syz.1.929': attribute type 47 has an invalid length. [ 228.350725][ T8420] netlink: 'syz.1.929': attribute type 48 has an invalid length. [ 228.387205][ T8420] netlink: 'syz.1.929': attribute type 49 has an invalid length. [ 228.410758][ T8420] netlink: 'syz.1.929': attribute type 50 has an invalid length. [ 228.418563][ T8420] netlink: 6 bytes leftover after parsing attributes in process `syz.1.929'. [ 232.671276][ T8494] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 235.519267][ T8559] netlink: 146 bytes leftover after parsing attributes in process `syz.2.977'. [ 236.889273][ T8588] netlink: 334 bytes leftover after parsing attributes in process `syz.2.987'. [ 237.783996][ T8612] netlink: 342 bytes leftover after parsing attributes in process `syz.3.997'. [ 237.797133][ T8612] netlink: 342 bytes leftover after parsing attributes in process `syz.3.997'. [ 237.837538][ T8612] netlink: 102 bytes leftover after parsing attributes in process `syz.3.997'. [ 238.185767][ T8623] netlink: 'syz.3.1002': attribute type 5 has an invalid length. [ 238.195408][ T8623] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1002'. [ 239.406159][ T8654] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1014'. [ 239.423874][ T8654] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1014'. [ 239.448536][ T8654] netlink: 210 bytes leftover after parsing attributes in process `syz.2.1014'. [ 240.092970][ T8666] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1019'. [ 240.825650][ T8688] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1026'. [ 241.388215][ T8697] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1030'. [ 242.800098][ T8727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1041'. [ 244.791981][ T8755] netlink: 'syz.2.1050': attribute type 33 has an invalid length. [ 244.799876][ T8755] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1050'. [ 245.747579][ T8779] netlink: 22 bytes leftover after parsing attributes in process `syz.2.1058'. [ 247.305364][ T8808] netlink: 'syz.1.1070': attribute type 19 has an invalid length. [ 247.313605][ T8808] netlink: 'syz.1.1070': attribute type 27 has an invalid length. [ 247.325341][ T8808] netlink: 'syz.1.1070': attribute type 28 has an invalid length. [ 247.353352][ T8808] netlink: 'syz.1.1070': attribute type 29 has an invalid length. [ 247.370428][ T8808] netlink: 38 bytes leftover after parsing attributes in process `syz.1.1070'. [ 249.363387][ T8853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1085'. [ 249.391732][ T8853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1085'. [ 250.131284][ T8859] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1087'. [ 250.186283][ T8859] lo: entered promiscuous mode [ 250.201760][ T8859] lo: entered allmulticast mode [ 250.353569][ T8879] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1094'. [ 250.436853][ T8879] mac80211_hwsim hwsim4 ›: renamed from wlan0 (while UP) [ 251.101036][ T8894] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1100'. [ 251.156573][ T8894] netlink: 'syz.3.1100': attribute type 1 has an invalid length. [ 251.183419][ T8894] netlink: 'syz.3.1100': attribute type 1 has an invalid length. [ 252.266926][ T8916] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1109'. [ 252.279008][ T8916] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1109'. [ 252.304766][ T8916] netlink: 130 bytes leftover after parsing attributes in process `syz.2.1109'. [ 253.068563][ T8931] netlink: 'syz.1.1115': attribute type 4 has an invalid length. [ 253.130722][ T8931] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1115'. [ 253.204563][ T8931] IPv6: NLM_F_REPLACE set, but no existing node found! [ 253.655739][ T8943] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1119'. [ 253.877916][ T8926] kexec: Could not allocate control_code_buffer [ 254.296917][ T8952] netlink: 'syz.1.1124': attribute type 10 has an invalid length. [ 254.330627][ T8952] netlink: 'syz.1.1124': attribute type 13 has an invalid length. [ 255.884585][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1138'. [ 255.902035][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1138'. [ 257.134999][ T9029] [ 257.137398][ T9029] ====================================================== [ 257.144449][ T9029] WARNING: possible circular locking dependency detected [ 257.151511][ T9029] 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 Not tainted [ 257.158653][ T9029] ------------------------------------------------------ [ 257.165714][ T9029] syz.2.1150/9029 is trying to acquire lock: [ 257.171726][ T9029] ffff888060878258 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 257.181144][ T9029] [ 257.181144][ T9029] but task is already holding lock: [ 257.188539][ T9029] ffffffff8fabfc48 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x1f4d/0x4660 [ 257.197861][ T9029] [ 257.197861][ T9029] which lock already depends on the new lock. [ 257.197861][ T9029] [ 257.208277][ T9029] [ 257.208277][ T9029] the existing dependency chain (in reverse order) is: [ 257.217302][ T9029] [ 257.217302][ T9029] -> #2 (rtnl_mutex){+.+.}-{4:4}: [ 257.224547][ T9029] __mutex_lock+0x19b/0xa60 [ 257.229606][ T9029] do_ip_setsockopt+0xf9/0x38c0 [ 257.235003][ T9029] ip_setsockopt+0x59/0xf0 [ 257.239963][ T9029] ipv6_setsockopt+0x155/0x170 [ 257.245280][ T9029] tcp_setsockopt+0xa4/0x100 [ 257.250419][ T9029] smc_setsockopt+0x1b4/0xc00 [ 257.255656][ T9029] do_sock_setsockopt+0x222/0x480 [ 257.261317][ T9029] __sys_setsockopt+0x1a0/0x230 [ 257.266767][ T9029] __x64_sys_setsockopt+0xbd/0x160 [ 257.272433][ T9029] do_syscall_64+0xcd/0x250 [ 257.277553][ T9029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.284006][ T9029] [ 257.284006][ T9029] -> #1 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 257.292640][ T9029] __mutex_lock+0x19b/0xa60 [ 257.297706][ T9029] smc_switch_to_fallback+0x2d/0xa00 [ 257.303549][ T9029] smc_sendmsg+0x13d/0x520 [ 257.308524][ T9029] ____sys_sendmsg+0x9ae/0xb40 [ 257.313832][ T9029] ___sys_sendmsg+0x135/0x1e0 [ 257.319065][ T9029] __sys_sendmmsg+0x201/0x420 [ 257.324296][ T9029] __x64_sys_sendmmsg+0x9c/0x100 [ 257.329788][ T9029] do_syscall_64+0xcd/0x250 [ 257.334840][ T9029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.341288][ T9029] [ 257.341288][ T9029] -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 257.349052][ T9029] __lock_acquire+0x249e/0x3c40 [ 257.354464][ T9029] lock_acquire.part.0+0x11b/0x380 [ 257.360116][ T9029] lock_sock_nested+0x3a/0xf0 [ 257.365349][ T9029] sockopt_lock_sock+0x54/0x70 [ 257.370675][ T9029] do_ipv6_setsockopt+0x1f55/0x4660 [ 257.376421][ T9029] ipv6_setsockopt+0xcb/0x170 [ 257.381649][ T9029] do_sock_setsockopt+0x222/0x480 [ 257.387221][ T9029] __sys_setsockopt+0x1a0/0x230 [ 257.392629][ T9029] __x64_sys_setsockopt+0xbd/0x160 [ 257.398304][ T9029] do_syscall_64+0xcd/0x250 [ 257.403358][ T9029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.409804][ T9029] [ 257.409804][ T9029] other info that might help us debug this: [ 257.409804][ T9029] [ 257.420049][ T9029] Chain exists of: [ 257.420049][ T9029] sk_lock-AF_INET6 --> &smc->clcsock_release_lock --> rtnl_mutex [ 257.420049][ T9029] [ 257.433731][ T9029] Possible unsafe locking scenario: [ 257.433731][ T9029] [ 257.441188][ T9029] CPU0 CPU1 [ 257.446561][ T9029] ---- ---- [ 257.451950][ T9029] lock(rtnl_mutex); [ 257.455954][ T9029] lock(&smc->clcsock_release_lock); [ 257.463860][ T9029] lock(rtnl_mutex); [ 257.470378][ T9029] lock(sk_lock-AF_INET6); [ 257.474901][ T9029] [ 257.474901][ T9029] *** DEADLOCK *** [ 257.474901][ T9029] [ 257.483053][ T9029] 1 lock held by syz.2.1150/9029: [ 257.488089][ T9029] #0: ffffffff8fabfc48 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x1f4d/0x4660 [ 257.497814][ T9029] [ 257.497814][ T9029] stack backtrace: [ 257.503764][ T9029] CPU: 1 UID: 0 PID: 9029 Comm: syz.2.1150 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 257.514467][ T9029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 257.524547][ T9029] Call Trace: [ 257.527841][ T9029] [ 257.530790][ T9029] dump_stack_lvl+0x116/0x1f0 [ 257.535503][ T9029] print_circular_bug+0x41c/0x610 [ 257.540578][ T9029] check_noncircular+0x31a/0x400 [ 257.545563][ T9029] ? __pfx_check_noncircular+0x10/0x10 [ 257.551065][ T9029] ? lockdep_lock+0xc6/0x200 [ 257.555687][ T9029] ? __pfx_lockdep_lock+0x10/0x10 [ 257.560771][ T9029] ? find_held_lock+0x2d/0x110 [ 257.565572][ T9029] __lock_acquire+0x249e/0x3c40 [ 257.570476][ T9029] ? __pfx___lock_acquire+0x10/0x10 [ 257.575745][ T9029] ? rcu_is_watching+0x12/0xc0 [ 257.580557][ T9029] lock_acquire.part.0+0x11b/0x380 [ 257.585714][ T9029] ? sockopt_lock_sock+0x54/0x70 [ 257.590711][ T9029] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 257.596373][ T9029] ? rcu_is_watching+0x12/0xc0 [ 257.601174][ T9029] ? trace_lock_acquire+0x14e/0x1f0 [ 257.606407][ T9029] ? sockopt_lock_sock+0x54/0x70 [ 257.611382][ T9029] ? lock_acquire+0x2f/0xb0 [ 257.615905][ T9029] ? sockopt_lock_sock+0x54/0x70 [ 257.620885][ T9029] lock_sock_nested+0x3a/0xf0 [ 257.625602][ T9029] ? sockopt_lock_sock+0x54/0x70 [ 257.630751][ T9029] sockopt_lock_sock+0x54/0x70 [ 257.635580][ T9029] do_ipv6_setsockopt+0x1f55/0x4660 [ 257.640816][ T9029] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 257.646568][ T9029] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 257.652009][ T9029] ? futex_unqueue+0xba/0x140 [ 257.656741][ T9029] ? __pfx___futex_wait+0x10/0x10 [ 257.661802][ T9029] ? __pfx___might_resched+0x10/0x10 [ 257.667122][ T9029] ? aa_sk_perm+0x2f5/0xb20 [ 257.671667][ T9029] ? __pfx_aa_sk_perm+0x10/0x10 [ 257.676560][ T9029] ? ipv6_setsockopt+0xcb/0x170 [ 257.681442][ T9029] ? sock_common_setsockopt+0x2e/0xf0 [ 257.686837][ T9029] ipv6_setsockopt+0xcb/0x170 [ 257.691553][ T9029] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 257.697502][ T9029] do_sock_setsockopt+0x222/0x480 [ 257.702553][ T9029] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 257.708122][ T9029] ? __pfx_do_futex+0x10/0x10 [ 257.712840][ T9029] ? __x64_sys_futex+0x1e1/0x4c0 [ 257.717816][ T9029] ? __x64_sys_futex+0x1ea/0x4c0 [ 257.722815][ T9029] __sys_setsockopt+0x1a0/0x230 [ 257.727704][ T9029] __x64_sys_setsockopt+0xbd/0x160 [ 257.732849][ T9029] ? do_syscall_64+0x91/0x250 [ 257.737579][ T9029] ? lockdep_hardirqs_on+0x7c/0x110 [ 257.742809][ T9029] do_syscall_64+0xcd/0x250 [ 257.747345][ T9029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.753275][ T9029] RIP: 0033:0x7f9db4b85d29 [ 257.757721][ T9029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.777368][ T9029] RSP: 002b:00007f9db5a8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 257.785814][ T9029] RAX: ffffffffffffffda RBX: 00007f9db4d75fa0 RCX: 00007f9db4b85d29 [ 257.793810][ T9029] RDX: 0000000000000014 RSI: 0000000000000029 RDI: 0400000000000003 [ 257.801803][ T9029] RBP: 00007f9db4c01aa8 R08: 000000000000056b R09: 0000000000000000 [ 257.809793][ T9029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.817782][ T9029] R13: 0000000000000000 R14: 00007f9db4d75fa0 R15: 00007ffd32ddd7f8 [ 257.825960][ T9029] [ 261.292476][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.298818][ T1296] ieee802154 phy1 wpan1: encryption failed: -22