Warning: Permanently added '10.128.0.200' (ECDSA) to the list of known hosts. 2021/07/14 06:31:11 parsed 1 programs 2021/07/14 06:31:11 executed programs: 0 [ 69.958598][ T8467] chnl_net:caif_netlink_parms(): no params data found [ 70.031523][ T8467] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.039635][ T8467] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.051245][ T8467] device bridge_slave_0 entered promiscuous mode [ 70.061830][ T8467] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.069099][ T8467] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.077473][ T8467] device bridge_slave_1 entered promiscuous mode [ 70.109253][ T8467] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.121192][ T8467] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.146354][ T8467] team0: Port device team_slave_0 added [ 70.155375][ T8467] team0: Port device team_slave_1 added [ 70.172184][ T8467] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.179298][ T8467] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.206299][ T8467] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.219780][ T8467] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.227159][ T8467] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.253242][ T8467] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.280085][ T8467] device hsr_slave_0 entered promiscuous mode [ 70.287538][ T8467] device hsr_slave_1 entered promiscuous mode [ 70.396618][ T8467] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.407967][ T8467] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.418992][ T8467] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.430257][ T8467] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.455652][ T8467] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.463016][ T8467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.470831][ T8467] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.477959][ T8467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.524754][ T8467] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.538427][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.549836][ T4835] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.559111][ T4835] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.567510][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 70.581648][ T8467] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.593336][ T2958] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.602310][ T2958] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.609686][ T2958] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.621573][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.630153][ T4835] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.637522][ T4835] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.659097][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.667998][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.681081][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.698034][ T8467] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 70.709414][ T8467] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.721972][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.731462][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.741009][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.758090][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.765580][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.779625][ T8467] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.798953][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.818529][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.827405][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.836498][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.846929][ T8467] device veth0_vlan entered promiscuous mode [ 70.859161][ T8467] device veth1_vlan entered promiscuous mode [ 70.878634][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 70.887256][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 70.895969][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.908650][ T8467] device veth0_macvtap entered promiscuous mode [ 70.919072][ T8467] device veth1_macvtap entered promiscuous mode [ 70.935697][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 70.947518][ T8467] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.955448][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 70.964526][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 70.978474][ T8467] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.985855][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 70.995429][ T8678] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.006502][ T8467] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.015685][ T8467] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.024857][ T8467] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.036782][ T8467] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.056866][ T3264] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.063606][ T3264] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.153962][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.161949][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.187542][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 71.208505][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.217041][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.227516][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 71.280580][ C1] hrtimer: interrupt took 47666 ns [ 71.297621][ T8698] [ 71.299979][ T8698] ====================================================== [ 71.306993][ T8698] WARNING: possible circular locking dependency detected [ 71.314010][ T8698] 5.14.0-rc1-syzkaller #0 Not tainted [ 71.319388][ T8698] ------------------------------------------------------ [ 71.326417][ T8698] syz-executor.0/8698 is trying to acquire lock: [ 71.332745][ T8698] ffffffff8ba9c460 (fs_reclaim){+.+.}-{0:0}, at: fs_reclaim_acquire+0xf7/0x160 [ 71.341749][ T8698] [ 71.341749][ T8698] but task is already holding lock: [ 71.349111][ T8698] ffff8880b9d4d660 (lock#2){-.-.}-{2:2}, at: __alloc_pages_bulk+0x4ad/0x1870 [ 71.357979][ T8698] [ 71.357979][ T8698] which lock already depends on the new lock. [ 71.357979][ T8698] [ 71.368432][ T8698] [ 71.368432][ T8698] the existing dependency chain (in reverse order) is: [ 71.377650][ T8698] [ 71.377650][ T8698] -> #2 (lock#2){-.-.}-{2:2}: [ 71.384616][ T8698] get_page_from_freelist+0x4aa/0x2f80 [ 71.390599][ T8698] __alloc_pages+0x1b2/0x500 [ 71.395741][ T8698] alloc_page_interleave+0x1e/0x200 [ 71.401456][ T8698] alloc_pages+0x238/0x2a0 [ 71.406396][ T8698] stack_depot_save+0x39d/0x4e0 [ 71.411936][ T8698] kasan_save_stack+0x32/0x40 [ 71.417122][ T8698] kasan_record_aux_stack+0xe5/0x110 [ 71.422919][ T8698] insert_work+0x48/0x370 [ 71.427781][ T8698] __queue_work+0x5c1/0xed0 [ 71.432811][ T8698] __queue_delayed_work+0x1c8/0x270 [ 71.438523][ T8698] mod_delayed_work_on+0xdd/0x220 [ 71.444063][ T8698] kblockd_mod_delayed_work_on+0x26/0x30 [ 71.450219][ T8698] __blk_mq_delay_run_hw_queue+0x38d/0x640 [ 71.456534][ T8698] blk_mq_run_hw_queue+0x16c/0x2f0 [ 71.462151][ T8698] blk_mq_sched_insert_request+0x368/0x450 [ 71.468482][ T8698] blk_mq_submit_bio+0xe5f/0x1860 [ 71.474013][ T8698] submit_bio_noacct+0xad2/0xf20 [ 71.479457][ T8698] submit_bio+0x1ea/0x470 [ 71.484324][ T8698] submit_bh_wbc+0x5eb/0x7f0 [ 71.489434][ T8698] ext4_read_bh_nowait+0x155/0x220 [ 71.495055][ T8698] ext4_read_bh_lock+0x5e/0x180 [ 71.500591][ T8698] ext4_bread_batch+0x396/0x550 [ 71.505951][ T8698] __ext4_find_entry+0x482/0x1050 [ 71.511490][ T8698] ext4_lookup+0x4fc/0x730 [ 71.516416][ T8698] __lookup_slow+0x24c/0x480 [ 71.521529][ T8698] walk_component+0x40f/0x6a0 [ 71.526715][ T8698] path_lookupat+0x1bb/0x860 [ 71.531809][ T8698] filename_lookup+0x1c6/0x5b0 [ 71.537099][ T8698] init_mount+0x7e/0xf4 [ 71.541777][ T8698] devtmpfs_mount+0x54/0x97 [ 71.546788][ T8698] prepare_namespace+0x209/0x234 [ 71.552235][ T8698] kernel_init_freeable+0x729/0x741 [ 71.557946][ T8698] kernel_init+0x1a/0x1d0 [ 71.562799][ T8698] ret_from_fork+0x1f/0x30 [ 71.567723][ T8698] [ 71.567723][ T8698] -> #1 (&pool->lock){-.-.}-{2:2}: [ 71.575004][ T8698] _raw_spin_lock+0x2a/0x40 [ 71.580191][ T8698] __queue_work+0x366/0xed0 [ 71.585220][ T8698] queue_work_on+0xee/0x110 [ 71.590257][ T8698] vfree_atomic+0xac/0xe0 [ 71.595091][ T8698] put_task_stack+0x2e0/0x4e0 [ 71.600321][ T8698] finish_task_switch.isra.0+0x77f/0xa50 [ 71.606457][ T8698] __schedule+0x942/0x26f0 [ 71.611378][ T8698] preempt_schedule_irq+0x4e/0x90 [ 71.616903][ T8698] irqentry_exit+0x31/0x80 [ 71.621822][ T8698] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 71.628303][ T8698] lock_acquire+0x1ef/0x510 [ 71.633309][ T8698] fs_reclaim_acquire+0x117/0x160 [ 71.638842][ T8698] kmem_cache_alloc+0x3e/0x3a0 [ 71.644112][ T8698] copy_process+0x2427/0x74d0 [ 71.649294][ T8698] kernel_clone+0xe7/0xac0 [ 71.654225][ T8698] kernel_thread+0xb5/0xf0 [ 71.659146][ T8698] call_usermodehelper_exec_work+0xcc/0x180 [ 71.665543][ T8698] process_one_work+0x98d/0x1630 [ 71.670999][ T8698] worker_thread+0x658/0x11f0 [ 71.676186][ T8698] kthread+0x3e5/0x4d0 [ 71.680756][ T8698] ret_from_fork+0x1f/0x30 [ 71.685678][ T8698] [ 71.685678][ T8698] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 71.692868][ T8698] __lock_acquire+0x2a07/0x54a0 [ 71.698227][ T8698] lock_acquire+0x1ab/0x510 [ 71.703234][ T8698] fs_reclaim_acquire+0x117/0x160 [ 71.708764][ T8698] prepare_alloc_pages+0x15c/0x580 [ 71.714466][ T8698] __alloc_pages+0x12f/0x500 [ 71.719557][ T8698] alloc_pages+0x18c/0x2a0 [ 71.724479][ T8698] stack_depot_save+0x39d/0x4e0 [ 71.729836][ T8698] save_stack+0x15e/0x1e0 [ 71.734671][ T8698] __set_page_owner+0x50/0x290 [ 71.739951][ T8698] __alloc_pages_bulk+0x8b9/0x1870 [ 71.745563][ T8698] __vmalloc_node_range+0x39d/0x960 [ 71.751265][ T8698] vmalloc+0x67/0x80 [ 71.755676][ T8698] netlink_sendmsg+0x5f0/0xdb0 [ 71.760951][ T8698] sock_sendmsg+0xcf/0x120 [ 71.765868][ T8698] ____sys_sendmsg+0x6e8/0x810 [ 71.771165][ T8698] ___sys_sendmsg+0xf3/0x170 [ 71.776345][ T8698] __sys_sendmsg+0xe5/0x1b0 [ 71.781458][ T8698] do_syscall_64+0x35/0xb0 [ 71.786389][ T8698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 71.792790][ T8698] [ 71.792790][ T8698] other info that might help us debug this: [ 71.792790][ T8698] [ 71.802990][ T8698] Chain exists of: [ 71.802990][ T8698] fs_reclaim --> &pool->lock --> lock#2 [ 71.802990][ T8698] [ 71.814452][ T8698] Possible unsafe locking scenario: [ 71.814452][ T8698] [ 71.821879][ T8698] CPU0 CPU1 [ 71.827222][ T8698] ---- ---- [ 71.832567][ T8698] lock(lock#2); [ 71.836188][ T8698] lock(&pool->lock); [ 71.842753][ T8698] lock(lock#2); [ 71.848888][ T8698] lock(fs_reclaim); [ 71.852859][ T8698] [ 71.852859][ T8698] *** DEADLOCK *** [ 71.852859][ T8698] [ 71.860991][ T8698] 1 lock held by syz-executor.0/8698: [ 71.866339][ T8698] #0: ffff8880b9d4d660 (lock#2){-.-.}-{2:2}, at: __alloc_pages_bulk+0x4ad/0x1870 [ 71.875635][ T8698] [ 71.875635][ T8698] stack backtrace: [ 71.881509][ T8698] CPU: 1 PID: 8698 Comm: syz-executor.0 Not tainted 5.14.0-rc1-syzkaller #0 [ 71.890166][ T8698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.900213][ T8698] Call Trace: [ 71.903479][ T8698] dump_stack_lvl+0xcd/0x134 [ 71.908063][ T8698] check_noncircular+0x25f/0x2e0 [ 71.912987][ T8698] ? print_circular_bug+0x1e0/0x1e0 [ 71.918170][ T8698] ? mark_lock+0xef/0x17b0 [ 71.922590][ T8698] ? lockdep_lock+0xc6/0x200 [ 71.929637][ T8698] ? call_rcu_zapped+0xb0/0xb0 [ 71.934398][ T8698] __lock_acquire+0x2a07/0x54a0 [ 71.939252][ T8698] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 71.945227][ T8698] lock_acquire+0x1ab/0x510 [ 71.949724][ T8698] ? fs_reclaim_acquire+0xf7/0x160 [ 71.955259][ T8698] ? lock_release+0x720/0x720 [ 71.959918][ T8698] ? find_held_lock+0x2d/0x110 [ 71.964671][ T8698] fs_reclaim_acquire+0x117/0x160 [ 71.969692][ T8698] ? fs_reclaim_acquire+0xf7/0x160 [ 71.975937][ T8698] prepare_alloc_pages+0x15c/0x580 [ 71.981048][ T8698] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 71.987118][ T8698] __alloc_pages+0x12f/0x500 [ 71.991691][ T8698] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 71.998449][ T8698] ? __kernel_text_address+0x9/0x30 [ 72.003651][ T8698] alloc_pages+0x18c/0x2a0 [ 72.008373][ T8698] stack_depot_save+0x39d/0x4e0 [ 72.013245][ T8698] save_stack+0x15e/0x1e0 [ 72.017572][ T8698] ? register_early_stack+0xb0/0xb0 [ 72.022760][ T8698] ? __alloc_pages_bulk+0x8b9/0x1870 [ 72.028041][ T8698] ? __vmalloc_node_range+0x39d/0x960 [ 72.033432][ T8698] ? vmalloc+0x67/0x80 [ 72.037557][ T8698] ? netlink_sendmsg+0x5f0/0xdb0 [ 72.042520][ T8698] ? sock_sendmsg+0xcf/0x120 [ 72.047120][ T8698] ? ____sys_sendmsg+0x6e8/0x810 [ 72.052040][ T8698] ? ___sys_sendmsg+0xf3/0x170 [ 72.056787][ T8698] ? __sys_sendmsg+0xe5/0x1b0 [ 72.061449][ T8698] ? do_syscall_64+0x35/0xb0 [ 72.066023][ T8698] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 72.072089][ T8698] ? lock_release+0x720/0x720 [ 72.076765][ T8698] ? preempt_count_add+0x74/0x140 [ 72.081779][ T8698] __set_page_owner+0x50/0x290 [ 72.086536][ T8698] ? post_alloc_hook+0x145/0x1e0 [ 72.091483][ T8698] __alloc_pages_bulk+0x8b9/0x1870 [ 72.096585][ T8698] ? __alloc_pages+0x500/0x500 [ 72.101426][ T8698] ? rcu_read_lock_sched_held+0x3a/0x70 [ 72.106967][ T8698] ? trace_kmalloc_node+0x32/0x100 [ 72.112065][ T8698] __vmalloc_node_range+0x39d/0x960 [ 72.117262][ T8698] ? vfree_atomic+0xe0/0xe0 [ 72.122045][ T8698] ? __netlink_dump_start+0x900/0x900 [ 72.127517][ T8698] ? netlink_sendmsg+0x5f0/0xdb0 [ 72.132452][ T8698] vmalloc+0x67/0x80 [ 72.136341][ T8698] ? netlink_sendmsg+0x5f0/0xdb0 [ 72.141282][ T8698] netlink_sendmsg+0x5f0/0xdb0 [ 72.146043][ T8698] ? netlink_unicast+0x7d0/0x7d0 [ 72.150983][ T8698] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 72.157217][ T8698] ? netlink_unicast+0x7d0/0x7d0 [ 72.162922][ T8698] sock_sendmsg+0xcf/0x120 [ 72.167326][ T8698] ____sys_sendmsg+0x6e8/0x810 [ 72.172085][ T8698] ? kernel_sendmsg+0x50/0x50 [ 72.176832][ T8698] ? do_recvmmsg+0x6d0/0x6d0 [ 72.181407][ T8698] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 72.187472][ T8698] ? lock_chain_count+0x20/0x20 [ 72.192347][ T8698] ___sys_sendmsg+0xf3/0x170 [ 72.196924][ T8698] ? sendmsg_copy_msghdr+0x160/0x160 [ 72.202210][ T8698] ? __fget_files+0x21b/0x3e0 [ 72.206891][ T8698] ? lock_downgrade+0x6e0/0x6e0 [ 72.211734][ T8698] ? __fget_files+0x23d/0x3e0 [ 72.216400][ T8698] ? __fget_light+0xea/0x280 [ 72.220981][ T8698] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 72.227209][ T8698] __sys_sendmsg+0xe5/0x1b0 [ 72.231698][ T8698] ? __sys_sendmsg_sock+0x30/0x30 [ 72.236725][ T8698] ? syscall_enter_from_user_mode+0x21/0x70 [ 72.242694][ T8698] do_syscall_64+0x35/0xb0 [ 72.247114][ T8698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 72.253004][ T8698] RIP: 0033:0x4665d9 [ 72.256897][ T8698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 72.276488][ T8698] RSP: 002b:00007fb18e91c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.284884][ T8698] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 72.292836][ T8698] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 72.300805][ T8698] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 72.308770][ T8698] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 72.316726][ T8698] R13: 0000000000a9fb1f R14: 00007fb18e91c300 R15: 0000000000022000 [ 72.324700][ T8698] BUG: sleeping function called from invalid context at mm/page_alloc.c:5167 [ 72.334310][ T8698] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 8698, name: syz-executor.0 [ 72.343686][ T8698] INFO: lockdep is turned off. [ 72.348425][ T8698] irq event stamp: 712 [ 72.352503][ T8698] hardirqs last enabled at (711): [] _raw_spin_unlock_irqrestore+0x50/0x70 [ 72.362747][ T8698] hardirqs last disabled at (712): [] __alloc_pages_bulk+0x1017/0x1870 [ 72.372539][ T8698] softirqs last enabled at (656): [] netlink_insert+0x187/0x1690 [ 72.381895][ T8698] softirqs last disabled at (654): [] release_sock+0x1b/0x1b0 [ 72.390913][ T8698] CPU: 1 PID: 8698 Comm: syz-executor.0 Not tainted 5.14.0-rc1-syzkaller #0 [ 72.399570][ T8698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.409606][ T8698] Call Trace: [ 72.412869][ T8698] dump_stack_lvl+0xcd/0x134 [ 72.417454][ T8698] ___might_sleep.cold+0x1f1/0x237 [ 72.422553][ T8698] prepare_alloc_pages+0x3da/0x580 [ 72.427654][ T8698] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 72.433712][ T8698] __alloc_pages+0x12f/0x500 [ 72.438305][ T8698] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 72.445295][ T8698] ? __kernel_text_address+0x9/0x30 [ 72.450508][ T8698] alloc_pages+0x18c/0x2a0 [ 72.454947][ T8698] stack_depot_save+0x39d/0x4e0 [ 72.459808][ T8698] save_stack+0x15e/0x1e0 [ 72.464129][ T8698] ? register_early_stack+0xb0/0xb0 [ 72.469490][ T8698] ? __alloc_pages_bulk+0x8b9/0x1870 [ 72.474774][ T8698] ? __vmalloc_node_range+0x39d/0x960 [ 72.480137][ T8698] ? vmalloc+0x67/0x80 [ 72.484195][ T8698] ? netlink_sendmsg+0x5f0/0xdb0 [ 72.489121][ T8698] ? sock_sendmsg+0xcf/0x120 [ 72.493696][ T8698] ? ____sys_sendmsg+0x6e8/0x810 [ 72.498618][ T8698] ? ___sys_sendmsg+0xf3/0x170 [ 72.503374][ T8698] ? __sys_sendmsg+0xe5/0x1b0 [ 72.508057][ T8698] ? do_syscall_64+0x35/0xb0 [ 72.512648][ T8698] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 72.518717][ T8698] ? lock_release+0x720/0x720 [ 72.523398][ T8698] ? preempt_count_add+0x74/0x140 [ 72.528420][ T8698] __set_page_owner+0x50/0x290 [ 72.533362][ T8698] ? post_alloc_hook+0x145/0x1e0 [ 72.538810][ T8698] __alloc_pages_bulk+0x8b9/0x1870 [ 72.543913][ T8698] ? __alloc_pages+0x500/0x500 [ 72.548764][ T8698] ? rcu_read_lock_sched_held+0x3a/0x70 [ 72.554309][ T8698] ? trace_kmalloc_node+0x32/0x100 [ 72.559413][ T8698] __vmalloc_node_range+0x39d/0x960 [ 72.564687][ T8698] ? vfree_atomic+0xe0/0xe0 [ 72.569178][ T8698] ? __netlink_dump_start+0x900/0x900 [ 72.574546][ T8698] ? netlink_sendmsg+0x5f0/0xdb0 [ 72.579475][ T8698] vmalloc+0x67/0x80 [ 72.583359][ T8698] ? netlink_sendmsg+0x5f0/0xdb0 [ 72.588377][ T8698] netlink_sendmsg+0x5f0/0xdb0 [ 72.593131][ T8698] ? netlink_unicast+0x7d0/0x7d0 [ 72.598069][ T8698] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 72.604406][ T8698] ? netlink_unicast+0x7d0/0x7d0 [ 72.609339][ T8698] sock_sendmsg+0xcf/0x120 [ 72.613741][ T8698] ____sys_sendmsg+0x6e8/0x810 [ 72.618522][ T8698] ? kernel_sendmsg+0x50/0x50 [ 72.623196][ T8698] ? do_recvmmsg+0x6d0/0x6d0 [ 72.627773][ T8698] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 72.633746][ T8698] ? lock_chain_count+0x20/0x20 [ 72.638580][ T8698] ___sys_sendmsg+0xf3/0x170 [ 72.643167][ T8698] ? sendmsg_copy_msghdr+0x160/0x160 [ 72.648438][ T8698] ? __fget_files+0x21b/0x3e0 [ 72.653101][ T8698] ? lock_downgrade+0x6e0/0x6e0 [ 72.657936][ T8698] ? __fget_files+0x23d/0x3e0 [ 72.662612][ T8698] ? __fget_light+0xea/0x280 [ 72.667187][ T8698] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 72.673425][ T8698] __sys_sendmsg+0xe5/0x1b0 [ 72.677911][ T8698] ? __sys_sendmsg_sock+0x30/0x30 [ 72.682920][ T8698] ? syscall_enter_from_user_mode+0x21/0x70 [ 72.688800][ T8698] do_syscall_64+0x35/0xb0 [ 72.693207][ T8698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 72.699087][ T8698] RIP: 0033:0x4665d9 [ 72.702979][ T8698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 72.722601][ T8698] RSP: 002b:00007fb18e91c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.730995][ T8698] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 72.739036][ T8698] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 72.747271][ T8698] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 72.755241][ T8698] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 72.763434][ T8698] R13: 0000000000a9fb1f R14: 00007fb18e91c300 R15: 0000000000022000 [ 72.798640][ T8678] Bluetooth: hci0: command 0x0409 tx timeout [ 72.853127][ T8698] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 72.861418][ T8698] netlink: 209848 bytes leftover after parsing attributes in process `syz-executor.0'. [ 72.880409][ T8698] ieee80211 phy5: Selected rate control algorithm 'minstrel_ht'