last executing test programs: 10m49.55598974s ago: executing program 0 (id=3566): openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x802, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xffd8) 10m49.320719961s ago: executing program 0 (id=3562): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000) setrlimit$auto(0x1000000007, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) 10m49.197693844s ago: executing program 0 (id=3564): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x2, &(0x7f0000000000), 0xffffffff) 10m48.87368668s ago: executing program 0 (id=3568): close_range$auto(0x2, 0x8, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/ipc\x00') socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x0) 10m48.700769s ago: executing program 0 (id=3570): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 10m47.678264897s ago: executing program 0 (id=3580): close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) ioperm$auto(0x8, 0x9, 0x5) fchdir$auto(0xf4400000000) 10m47.272286801s ago: executing program 32 (id=3580): close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) ioperm$auto(0x8, 0x9, 0x5) fchdir$auto(0xf4400000000) 10m31.089457884s ago: executing program 2 (id=3734): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/sys/kernel/kptr_restrict\x00', 0x202, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) read$auto(r0, 0x0, 0xb5) write$auto(0x3, 0x0, 0xfdef) 10m30.844770994s ago: executing program 2 (id=3738): mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x7f, 0x8000) io_uring_setup$auto(0x3, 0x0) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r0, 0x40104593, 0x0) 10m30.712483082s ago: executing program 2 (id=3740): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x560a, r1) 10m30.496007869s ago: executing program 2 (id=3742): socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) 10m30.253364306s ago: executing program 2 (id=3745): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) tkill$auto(0x80000000000001, 0x7) 10m28.796166646s ago: executing program 2 (id=3756): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x642, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfffffdf3) close_range$auto(0x2, r0, 0x0) 10m28.537439256s ago: executing program 33 (id=3756): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x642, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfffffdf3) close_range$auto(0x2, r0, 0x0) 7m48.201010764s ago: executing program 3 (id=5593): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x34, 0x65f, 0x1ffde, 0x7, 0x3, 0x20000002, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x1, 0x3, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000001, 0x0, 0xffffffffefffffff, 0x200000000000004, 0x0, 0x0, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x8000000000008, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x10006]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 7m48.041213912s ago: executing program 3 (id=5595): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) symlinkat$auto(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00') 7m47.60033554s ago: executing program 3 (id=5598): socket(0x11, 0x80003, 0x300) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(0x6, 0x84, 0x70, 0x0, &(0x7f00000000c0)=0x10000) 7m47.166621042s ago: executing program 3 (id=5602): futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r0, &(0x7f0000000000)='r\x02', 0x2fb) 7m46.95626448s ago: executing program 3 (id=5604): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) tkill$auto(0x1, 0x7) 7m45.848131156s ago: executing program 3 (id=5614): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) lchown$auto(&(0x7f0000000000)='.\x00', 0x0, 0x6) 7m45.633888891s ago: executing program 34 (id=5614): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) lchown$auto(&(0x7f0000000000)='.\x00', 0x0, 0x6) 42.09065923s ago: executing program 6 (id=9801): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0xd, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0xeb1, 0xfffffffffffffffa, 0x8000) fcntl$auto(0x8000000000000001, 0x5, 0x8) clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0) 41.398274876s ago: executing program 6 (id=9807): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) 40.960816698s ago: executing program 6 (id=9812): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x22, 0x2, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, 0x0, 0xe1) setsockopt$auto(0x3, 0x0, 0x32, 0x0, 0x4) 40.451623508s ago: executing program 6 (id=9817): r0 = socket(0x22, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x7f, 0x8000) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000040000fdef}, 0x1) pipe$auto(0x0) write$auto(0x3, 0x0, 0xfff5) tee$auto(0x2000000000000, r0, 0x401, 0x1) close_range$auto(0x2, 0x8000, 0x0) 39.465894246s ago: executing program 6 (id=9825): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) r0 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) tkill$auto(0x1, 0x7) 36.617317155s ago: executing program 6 (id=9839): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) 36.285087226s ago: executing program 35 (id=9839): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) 31.574413088s ago: executing program 7 (id=9840): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) fanotify_mark$auto(0x0, 0x1, 0x7, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0x37, 0x0, 0x0) 31.401464748s ago: executing program 5 (id=9874): r0 = socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r0, 0x0, 0xd, 0x0, 0x0) 31.247058546s ago: executing program 5 (id=9875): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40050) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x2, 0x9}, 0x9}, 0x2, 0x0) 30.961837272s ago: executing program 7 (id=9878): openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80840, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r1, 0x201, 0x70bd2a, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0xa}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004054}, 0x48010) sendmsg$auto(0xffffffffffffffff, 0x0, 0xc) socket(0x22, 0x2, 0x24) 30.83175835s ago: executing program 5 (id=9879): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 30.471919188s ago: executing program 7 (id=9882): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x1, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x2, 0x9) write$auto(0x6, 0x0, 0x100000001) recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0) 30.119155735s ago: executing program 7 (id=9884): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 29.779969963s ago: executing program 5 (id=9885): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe$auto(0x0) close_range$auto(0x2, 0xfffffffffffff000, 0x2) bpf$auto(0x8000000000000020, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x2, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) 29.511978549s ago: executing program 7 (id=9887): syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20040891}, 0x4000000) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8955, 0x0) 29.206860844s ago: executing program 5 (id=9889): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) r0 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) tkill$auto(0x1, 0x7) 28.593490193s ago: executing program 5 (id=9892): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) 28.268124502s ago: executing program 36 (id=9892): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) 14.283974759s ago: executing program 37 (id=9887): syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20040891}, 0x4000000) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8955, 0x0) 3.142041858s ago: executing program 1 (id=10014): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x3ff, 0x0) mprotect$auto(0x0, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) 2.943251505s ago: executing program 1 (id=10016): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x3d, 0x4909b6fb, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x0, 0x0, 0xa, 0x70624ce7, 0x0, 0x6, 0xb, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x800, 0x0, 0x7, 0xffffffffffffffff, 0x5, 0x8000000000008, 0xfffffffffffffffc, 0x3, 0xa38, 0x4, 0x0, 0xfffffffffffffffc, 0x2, 0x3fffffffff, 0x0, 0x4, 0xffff]}, 0x202, 0xd) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="24051c27c100dedbdf250307cc0008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000006000700050000000a00050000000000000000000a00010000000000000000000a0001000000000000000000060006000d00000006000600070000000a00"], 0x6c}}, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044040}, 0x24008890) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.72936316s ago: executing program 1 (id=10018): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mprotect$auto(0x0, 0x8000000000000001, 0x6) shutdown$auto(0x200000003, 0x2) 2.476979703s ago: executing program 8 (id=10020): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio0\x00', 0x1600, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0x4) socket$nl_generic(0x10, 0x3, 0x10) userfaultfd$auto(0x1) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) close_range$auto(0x2, 0x8, 0x0) 1.837414342s ago: executing program 1 (id=10026): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socketpair$auto(0x2, 0x4, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7, 0x9}, 0x4}, 0x7, 0x2) 1.594519392s ago: executing program 1 (id=10028): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x23, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) 1.536727391s ago: executing program 8 (id=10029): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82802, 0x0) readv$auto(0x3, 0x0, 0x8) r0 = io_uring_setup$auto(0x85, 0x0) syz_genetlink_get_family_id$auto_wireguard(0x0, r0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) mincore$auto(0x0, 0x10000, 0x0) ioctl$auto(0x3, 0xc0405626, 0x34) 1.521580556s ago: executing program 9 (id=10030): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) io_uring_setup$auto(0x6, 0x0) semctl$auto(0x3, 0x804, 0x13, 0x0) setsockopt$auto(0x3, 0x29, 0x40, 0x0, 0x10001) 1.46989084s ago: executing program 4 (id=10031): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0x91) 1.352022204s ago: executing program 1 (id=10032): ioperm$auto(0x7, 0x6, 0x2) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89/s\x1cJ\x99\x00:\x00!\r?\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x00'/97, 0xe, 0x3) ioperm$auto(0x162, 0x6, 0xfffffff2) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mlockall$auto(0x3) mmap$auto(0x0, 0x2000b, 0xdf, 0xeb1, 0x8000000000000000, 0x8000) socket(0x15, 0x5, 0x0) mlock$auto(0x81, 0xffff) 1.321298409s ago: executing program 9 (id=10033): statmount$auto(0x0, &(0x7f0000000040)={0xffffffff, 0x0, 0x38, 0xffffff01, 0x9, 0x8000000000000000, 0x8, 0x7, 0x9, 0x5, 0x5, 0x9, 0x2, 0x8, 0x5, 0x8000, 0x0, 0x9, 0x10001, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x100000, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4002000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x40000000007fd, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r0 = socket(0xa, 0x2, 0x3a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x29, 0x1, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\x87\x02\x1c\xfd\xac\xc7\xaa\n\xf9\x19\xc4#<^\x91\x1d\xda\xc4m\xef\xff(i\xc6@\x91_\vBj\x0eQ\xceV\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5', 0x10000110) 1.245703264s ago: executing program 4 (id=10034): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x301, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0x4008ae6a, 0x0) 1.056831238s ago: executing program 9 (id=10035): bpf$auto(0x18, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex, 0xffffffffffffffff, 0x15, 0x8, 0xffffffffffffffff, @relative_id=0x3, 0x841b5c1ff}, 0x92) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a0080"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='J'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 978.444261ms ago: executing program 4 (id=10036): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x6, 0x0) pidfd_open$auto(0x1, 0x0) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 827.087007ms ago: executing program 9 (id=10037): syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) socket(0x11, 0x3, 0x2) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x11, 0x3, 0x2) socket(0x11, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) 774.642058ms ago: executing program 4 (id=10038): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x3f, 0x200000000065f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x2000000000000000, 0x2000, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0x7ff, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) syz_genetlink_get_family_id$auto_gtp(0x0, r0) ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, 0x0) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0x40047452, 0x0) 690.318784ms ago: executing program 8 (id=10039): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd12\x00', 0x24001, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) fcntl$auto(0x8000000000000001, 0x26, 0x8) setresuid$auto(0xf5, 0x8000, 0x67) prctl$auto(0x10000000018, 0x800005, 0x4, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_def_blk_fops_fs(r0, 0xab09, 0x0) 596.775823ms ago: executing program 4 (id=10040): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfdf3) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, 0x0, 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 560.104783ms ago: executing program 9 (id=10041): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffffffffffc3b, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) 456.155858ms ago: executing program 8 (id=10042): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x15, 0x5, 0x0) socket(0xa, 0x801, 0x106) memfd_create$auto(0x0, 0xa) socket(0x2, 0x3, 0xa) socket(0xa, 0x801, 0x84) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) 299.715312ms ago: executing program 8 (id=10043): r0 = socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x402, 0x0, 0x1, 0x0) open(0x0, 0x163340, 0x2a) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) write$auto(0x3, 0x0, 0x3f00) ioctl$auto_SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x541b, 0x0) 184.335494ms ago: executing program 9 (id=10044): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) setns(0xffffffffffffffff, 0x20000000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) 96.183666ms ago: executing program 8 (id=10045): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\xc2\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r0, @ANYBLOB='\nG'], 0x18}, 0x1, 0x0, 0x0, 0x64048001}, 0x80) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000000) 0s ago: executing program 4 (id=10046): mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) kernel console output (not intermixed with test programs): Google 09/13/2024 [ 434.900684][T17275] Call Trace: [ 434.904635][T17275] [ 434.908166][T17275] dump_stack_lvl+0x16c/0x1f0 [ 434.913811][T17275] should_fail_ex+0x497/0x5b0 [ 434.919459][T17275] should_fail_futex+0x4c/0x60 [ 434.925207][T17275] __x64_sys_futex+0x260/0x4c0 [ 434.930963][T17275] ? __pfx___x64_sys_futex+0x10/0x10 [ 434.937332][T17275] ? rcu_is_watching+0x12/0xc0 [ 434.943059][T17275] do_syscall_64+0xcd/0x250 [ 434.948463][T17275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.955535][T17275] RIP: 0033:0x7fbafa785d29 [ 434.960825][T17275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.984360][T17275] RSP: 002b:00007ffe2bd379f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 434.994457][T17275] RAX: ffffffffffffffda RBX: 00007ffe2bd37b20 RCX: 00007fbafa785d29 [ 435.004012][T17275] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbafa975fac [ 435.013568][T17275] RBP: 00007fbafa975fac R08: 00007fbafb669000 R09: 00007ffe2bd37cef [ 435.023130][T17275] R10: 00007ffe2bd37b00 R11: 0000000000000246 R12: 000000000006a2b0 [ 435.032686][T17275] R13: 00007ffe2bd37b00 R14: 0000000000000032 R15: 000000000006a27e [ 435.042255][T17275] [ 435.667758][T17291] netlink: 'syz.4.4615': attribute type 1 has an invalid length. [ 435.691860][T17291] netlink: 'syz.4.4615': attribute type 1 has an invalid length. [ 437.753215][T17334] IPVS: length: 11322 != 24 [ 437.992552][T17344] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4637'. [ 438.672529][T17367] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 438.706918][T17367] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 440.164990][T17425] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4672'. [ 440.241229][T17425] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4672'. [ 440.516581][T17437] sd 0:0:1:0: PR command failed: 1026 [ 440.553778][T17437] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 440.588429][T17437] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 440.649247][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.661525][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.165791][T17457] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4686'. [ 441.257693][T17457] bridge0: port 3(syz_tun) entered disabled state [ 441.265767][T17457] bridge0: port 2(bridge_slave_1) entered disabled state [ 441.274581][T17457] bridge0: port 1(bridge_slave_0) entered disabled state [ 441.357267][T17457] bridge0: entered allmulticast mode [ 441.573960][T17469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4691'. [ 443.811429][T17508] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4705'. [ 443.858429][T17508] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4705'. [ 444.574077][T17524] netlink: 244 bytes leftover after parsing attributes in process `syz.5.4711'. [ 445.164094][T17550] IPVS: length: 11322 != 8 [ 446.613364][T17579] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4735'. [ 446.766645][T17585] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4737'. [ 446.858811][T17590] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4740'. [ 447.408386][T17602] dyndbg: bad flag-op , at start of  [ 447.427564][T17602] dyndbg: flags parse failed [ 449.783847][T17666] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4773'. [ 451.607439][T17719] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4793'. [ 452.507750][T17750] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4806'. [ 452.534887][T17750] ip_vti0: entered promiscuous mode [ 453.170565][T17772] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4814'. [ 453.253557][T17776] nvme_fcloop: unknown parameter or missing value '/d' [ 454.180037][T17805] Process accounting resumed [ 454.873126][T17823] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4835'. [ 456.261074][T17864] ICMPv6: process `syz.3.4851' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 457.931993][T17914] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4871'. [ 457.973380][T17914] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4871'. [ 458.051912][T17919] kAFS: Invalid Command on /proc/fs/afs/cells file [ 458.839757][T17946] Process accounting resumed [ 462.221886][T18077] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4932'. [ 462.266722][T18080] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4931'. [ 462.810331][T18101] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 464.701887][T18164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4964'. [ 470.993504][T18318] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5025'. [ 472.346179][T18353] netlink: 74 bytes leftover after parsing attributes in process `syz.3.5038'. [ 476.021651][T18462] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5086'. [ 476.994425][T18497] kAFS: bad VL server IP address [ 477.540612][T18512] Process accounting resumed [ 478.597118][T18549] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5125'. [ 478.664840][T18552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5125'. [ 479.797241][T18571] netlink: 'syz.4.5133': attribute type 2 has an invalid length. [ 479.833932][T18571] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5133'. [ 480.367048][T18595] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5144'. [ 480.379641][T18593] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5142'. [ 480.534254][T18601] bond0: no command found in slaves file - use +ifname or -ifname [ 484.238821][T18695] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5183'. [ 484.257554][T18695] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5183'. [ 484.355534][T18695] Process accounting paused [ 484.586348][T18700] nbd2: detected capacity change from 0 to 68719476736 [ 484.640564][T18709] block nbd2: Send control failed (result -22) [ 484.659505][T18709] block nbd2: Request send failed, requeueing [ 484.690702][ T5837] block nbd2: Receive control failed (result -32) [ 484.710372][ T41] block nbd2: Dead connection, failed to find a fallback [ 484.720473][ T41] block nbd2: shutting down sockets [ 484.728323][ T41] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 484.740365][ T41] Buffer I/O error on dev nbd2, logical block 0, async page read [ 484.751496][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 484.754065][T18712] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5189'. [ 484.774411][T18712] ksmbd: Unknown IPC event: 0, ignore. [ 484.776011][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 484.855099][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 484.890096][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 484.936226][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 484.976034][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 484.985510][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 485.006681][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 485.021075][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 485.034002][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 485.057720][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 485.100396][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 485.116219][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 485.156009][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 485.165502][T18709] ldm_validate_partition_table(): Disk read failed. [ 485.184580][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 485.220946][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 485.232283][T18709] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 485.260626][T18709] Buffer I/O error on dev nbd2, logical block 0, async page read [ 485.287861][T18709] Dev nbd2: unable to read RDB block 0 [ 485.306723][T18709] nbd2: unable to read partition table [ 485.329748][T18728] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5196'. [ 485.334107][T18709] ldm_validate_partition_table(): Disk read failed. [ 485.363304][T18709] Dev nbd2: unable to read RDB block 0 [ 485.371183][T18709] nbd2: unable to read partition table [ 485.629986][T18735] bond0: option arp_validate: invalid value (262144) [ 485.674348][T18737] netlink: 178 bytes leftover after parsing attributes in process `syz.5.5199'. [ 486.188696][T18750] netlink: 346 bytes leftover after parsing attributes in process `syz.5.5205'. [ 489.238236][T18848] tipc: Trying to set illegal importance in message [ 490.725780][T18897] TCP: TCP_TX_DELAY enabled [ 490.987284][T18911] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5273'. [ 492.630434][T18949] Process accounting resumed [ 493.059646][T18961] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5292'. [ 493.128507][T18961] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5292'. [ 493.557115][T18975] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5298'. [ 495.495608][T19026] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5318'. [ 495.536464][T19026] ipvlan0: entered allmulticast mode [ 495.542884][T19026] veth0_vlan: entered allmulticast mode [ 496.724971][T19055] synth uevent: /module/vxlan: unknown uevent action string [ 497.214530][T19070] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5334'. [ 499.156194][T19105] netlink: 'syz.3.5348': attribute type 11 has an invalid length. [ 499.172653][T19105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5348'. [ 499.876224][T19108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5349'. [ 500.046557][T19116] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5352'. [ 500.065999][T19116] macvlan1: entered allmulticast mode [ 500.082818][T19116] veth1_vlan: entered allmulticast mode [ 500.144681][T19120] netlink: 346 bytes leftover after parsing attributes in process `syz.3.5354'. [ 501.010368][T19150] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5365'. [ 501.363543][T19166] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5371'. [ 501.527734][T19178] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5377'. [ 501.570014][T19178] ipvlan0: entered allmulticast mode [ 501.597575][T19178] veth0_vlan: entered allmulticast mode [ 502.020956][T19197] netlink: 338 bytes leftover after parsing attributes in process `syz.3.5385'. [ 502.089016][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.101509][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.839425][T19225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5396'. [ 502.878060][T19227] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5397'. [ 503.891709][T19268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5414'. [ 503.927661][T19268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5414'. [ 509.500572][T19419] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5476'. [ 509.763188][T19422] netlink: 'syz.1.5477': attribute type 11 has an invalid length. [ 511.019849][T19469] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5496'. [ 512.459091][T19517] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5517'. [ 514.246272][T19591] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5549'. [ 514.531985][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 514.544079][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 514.618709][T19598] Process accounting resumed [ 515.894498][T19635] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5567'. [ 516.120494][T19647] netlink: 'syz.5.5573': attribute type 19 has an invalid length. [ 516.135178][T19647] netlink: 334 bytes leftover after parsing attributes in process `syz.5.5573'. [ 517.325080][T19696] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5593'. [ 517.887240][T19706] nfsd: Unknown parameter 'IPVS' [ 518.563950][T19721] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5603'. [ 520.845602][T19766] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 520.860841][T19766] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 520.872632][T19766] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 520.896012][T19766] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 520.905081][T19766] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 520.919143][T19766] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 521.136857][T19778] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5627'. [ 521.425682][T19761] chnl_net:caif_netlink_parms(): no params data found [ 521.597631][T19761] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.609653][T19761] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.628904][T19761] bridge_slave_0: entered allmulticast mode [ 521.635215][T19794] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5631'. [ 521.647538][T19761] bridge_slave_0: entered promiscuous mode [ 521.666889][T19761] bridge0: port 2(bridge_slave_1) entered blocking state [ 521.675442][T19761] bridge0: port 2(bridge_slave_1) entered disabled state [ 521.700276][T19761] bridge_slave_1: entered allmulticast mode [ 521.721872][T19761] bridge_slave_1: entered promiscuous mode [ 521.856364][T19761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 521.878693][T19761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 522.078392][T19761] team0: Port device team_slave_0 added [ 522.106915][T19761] team0: Port device team_slave_1 added [ 522.198720][T19761] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 522.217643][T19761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 522.283347][T19761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 522.298691][T19761] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 522.314266][T19761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 522.376283][T19761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 522.686195][T19761] hsr_slave_0: entered promiscuous mode [ 522.762387][T19761] hsr_slave_1: entered promiscuous mode [ 522.784292][T19761] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 522.801628][T19761] Cannot create hsr debugfs directory [ 522.966237][ T5837] Bluetooth: hci2: command tx timeout [ 523.068080][T19761] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 523.089013][T19761] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 523.104644][T19761] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 523.149757][T19761] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 523.355561][T19761] 8021q: adding VLAN 0 to HW filter on device bond0 [ 523.409683][T19761] 8021q: adding VLAN 0 to HW filter on device team0 [ 523.444586][ T3460] bridge0: port 1(bridge_slave_0) entered blocking state [ 523.453183][ T3460] bridge0: port 1(bridge_slave_0) entered forwarding state [ 523.500581][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 523.509165][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 523.627988][T19761] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 523.686188][T19761] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 524.018127][T19761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 524.471136][T19761] veth0_vlan: entered promiscuous mode [ 524.509381][T19761] veth1_vlan: entered promiscuous mode [ 524.571151][T19761] veth0_macvtap: entered promiscuous mode [ 524.603649][T19761] veth1_macvtap: entered promiscuous mode [ 524.631084][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 524.643941][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.656136][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 524.669317][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.681750][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 524.694599][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.706835][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 524.719613][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.733123][T19761] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 524.747379][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 524.760108][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.772429][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 524.785283][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.797194][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 524.810265][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.822391][T19761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 524.835303][T19761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 524.848893][T19761] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 524.895107][T19761] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 524.906196][T19761] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 524.936255][T19761] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 524.953990][T19761] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 525.047429][ T5837] Bluetooth: hci2: command tx timeout [ 525.317451][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 525.326990][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 525.338612][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 525.348386][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 525.476974][T19858] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 525.520767][T19858] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 525.546658][T19858] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 525.654343][T19858] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 525.696096][T19858] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 525.796707][T19858] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 527.367694][T19891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5663'. [ 527.526264][ T5837] Bluetooth: hci0: command 0x0419 tx timeout [ 527.534175][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 527.616020][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 527.695419][ T5837] Bluetooth: hci2: command 0x0419 tx timeout [ 528.129585][T19913] Invalid ELF header magic: != ELF [ 528.535441][T19928] erspan0: entered allmulticast mode [ 528.754261][T19933] netlink: 'syz.4.5681': attribute type 13 has an invalid length. [ 529.086842][T19942] netlink: 'syz.4.5685': attribute type 1 has an invalid length. [ 529.157138][T19942] netlink: 'syz.4.5685': attribute type 1 has an invalid length. [ 529.765960][ T5837] Bluetooth: hci2: command 0x0419 tx timeout [ 530.686166][T19982] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 530.776978][T19982] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 530.784262][T19982] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 530.913282][T19982] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 532.725932][T19766] Bluetooth: hci1: command 0x0406 tx timeout [ 532.806142][T19766] Bluetooth: hci3: command 0x0c1a tx timeout [ 532.806499][ T5837] Bluetooth: hci0: command 0x0419 tx timeout [ 532.966321][ T5837] Bluetooth: hci2: command 0x0419 tx timeout [ 534.973226][T20064] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5738'. [ 535.046020][ T5837] Bluetooth: hci2: command 0x0419 tx timeout [ 536.149357][T20099] netlink: 334 bytes leftover after parsing attributes in process `syz.6.5749'. [ 536.907254][T20119] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 537.006156][T20119] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 537.013599][T20119] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 537.022790][T20119] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 537.697180][T20134] netlink: 11 bytes leftover after parsing attributes in process `syz.5.5762'. [ 538.047345][T20144] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5768'. [ 538.183770][T20145] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5767'. [ 538.203727][T20145] macsec0: entered allmulticast mode [ 538.231582][T20145] veth1_macvtap: entered allmulticast mode [ 538.531270][T20161] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5775'. [ 538.574238][T20164] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5776'. [ 538.604909][T20164] : renamed from team0 (while UP) [ 538.686353][T20159] binder: 20158:20159 ioctl c0306201 0 returned -14 [ 538.966111][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 539.046106][ T5837] Bluetooth: hci2: command 0x0419 tx timeout [ 539.053486][T19766] Bluetooth: hci3: command 0x0c1a tx timeout [ 539.060855][T19766] Bluetooth: hci0: command 0x0419 tx timeout [ 539.918052][T20203] Process accounting resumed [ 541.812534][T20224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5800'. [ 543.020352][T20267] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5817'. [ 544.297864][T20301] bridge0: port 3(veth1_to_hsr) entered blocking state [ 544.306614][T20301] bridge0: port 3(veth1_to_hsr) entered disabled state [ 544.315044][T20301] veth1_to_hsr: entered allmulticast mode [ 544.324199][T20301] veth1_to_hsr: entered promiscuous mode [ 544.333299][T20301] bridge0: port 3(veth1_to_hsr) entered blocking state [ 544.341704][T20301] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 544.429182][T20303] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5833'. [ 544.527330][T20303] veth0_macvtap: left promiscuous mode [ 544.546060][T20303] macvtap0: entered allmulticast mode [ 544.899427][T20310] Process accounting paused [ 545.033245][T20323] netlink: 'syz.1.5841': attribute type 19 has an invalid length. [ 545.053652][T20323] netlink: 310 bytes leftover after parsing attributes in process `syz.1.5841'. [ 547.346435][T20389] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5866'. [ 547.370330][T20389] veth0_macvtap: left promiscuous mode [ 547.378339][T20389] macvtap0: entered allmulticast mode [ 550.962150][T20467] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5898'. [ 550.980021][T20467] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 551.223631][T20483] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5904'. unting resumed [ 552.618775][T20521] batman_adv: Routing algorithm '4194304' is not supported [ 552.870277][T20537] workqueue: max_active 110439467 requested for scsi_tmf_0 is out of range, clamping between 1 and 2048 [ 554.103698][T20585] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5946'. [ 554.233326][T20589] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5945'. [ 554.282874][T20586] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5945'. [ 554.411895][T20592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5949'. [ 554.847939][T20597] : entered promiscuous mode [ 555.415617][T20619] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5960'. [ 556.207653][T20647] netlink: 'syz.4.5972': attribute type 1 has an invalid length. [ 556.681089][ T55] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 558.070505][T20692] nbd: socks must be embedded in a SOCK_ITEM attr [ 558.166693][T20692] block nbd4: shutting down sockets [ 558.411516][T20705] netlink: 350 bytes leftover after parsing attributes in process `syz.1.5995'. [ 561.356714][T20787] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6028'. [ 561.395296][T20787] veth1_macvtap: entered allmulticast mode [ 563.541203][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.549028][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.761526][T20848] netlink: 'syz.6.6054': attribute type 9 has an invalid length. [ 563.790623][T20848] netlink: 330 bytes leftover after parsing attributes in process `syz.6.6054'. [ 565.604019][T20895] Process accounting resumed [ 565.633227][T20897] netlink: 'syz.4.6074': attribute type 9 has an invalid length. [ 567.281212][T20948] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6095'. [ 567.437778][T20952] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6097'. [ 567.479253][T20952] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.504780][T20955] openvswitch: netlink: VXLAN extension 0 has unexpected len 1 expected 0 [ 567.607667][T20952] bridge_slave_1 (unregistering): left allmulticast mode [ 567.625914][T20952] bridge_slave_1 (unregistering): left promiscuous mode [ 567.677132][T20952] bridge0: port 2(bridge_slave_1) entered disabled state [ 568.282517][T20976] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6106'. [ 570.187306][T21018] Process accounting resumed [ 572.309072][T21081] netlink: 'syz.4.6149': attribute type 11 has an invalid length. [ 573.870158][T21134] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6170'. [ 574.053849][T21143] netlink: 'syz.5.6174': attribute type 3 has an invalid length. [ 574.671525][T21162] sctp: [Deprecated]: syz.6.6182 (pid 21162) Use of struct sctp_assoc_value in delayed_ack socket option. [ 574.671525][T21162] Use struct sctp_sack_info instead [ 574.778450][T21166] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6183'. [ 575.015227][T21172] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6185'. [ 575.075830][T21172] bridge0: port 2(bridge_slave_1) entered disabled state [ 575.143931][T21152] Process accounting resumed [ 575.223838][T21172] bridge_slave_1 (unregistering): left allmulticast mode [ 575.243266][T21172] bridge_slave_1 (unregistering): left promiscuous mode [ 575.279442][T21172] bridge0: port 2(bridge_slave_1) entered disabled state [ 575.430304][T21184] netlink: 'syz.4.6191': attribute type 21 has an invalid length. [ 575.440449][T21184] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6191'. [ 575.463382][T21186] netlink: 326 bytes leftover after parsing attributes in process `syz.1.6190'. [ 575.977415][T21212] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6202'. [ 576.154145][T21217] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6204'. [ 576.910627][T21245] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6214'. [ 576.931283][T21245] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.047711][T21245] bridge_slave_1 (unregistering): left allmulticast mode [ 577.057493][T21245] bridge_slave_1 (unregistering): left promiscuous mode [ 577.065985][T21245] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.079947][T21248] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6215'. [ 577.753525][T21268] erspan0: left allmulticast mode [ 578.075194][T21287] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6233'. [ 580.437394][T21346] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6255'. [ 580.459993][T21348] netlink: 'syz.6.6254': attribute type 1 has an invalid length. [ 582.696859][T21405] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6276'. [ 582.749219][T21405] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6276'. [ 584.171113][T21446] netlink: 338 bytes leftover after parsing attributes in process `syz.5.6291'. [ 585.384816][T21471] netlink: 2 bytes leftover after parsing attributes in process `syz.1.6301'. [ 585.763504][T21483] random: crng reseeded on system resumption [ 586.281399][T21498] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6311'. [ 587.428886][T21526] binder: 21525:21526 ioctl c0306201 9 returned -14 [ 587.679698][T21540] netlink: 'syz.4.6330': attribute type 2 has an invalid length. [ 587.697145][T21540] netlink: 'syz.4.6330': attribute type 2 has an invalid length. [ 587.820483][T21546] netlink: 130 bytes leftover after parsing attributes in process `syz.5.6334'. [ 589.834057][T21608] ERROR: Out of memory at tomoyo_memory_ok. [ 589.878329][T21608] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor /newroot/1504/:,' not defined. [ 590.365703][T21621] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6362'. [ 590.814982][T21630] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6365'. [ 591.312777][T21644] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6370'. [ 591.683901][T21650] netlink: 338 bytes leftover after parsing attributes in process `syz.5.6373'. [ 591.744953][T21650] netlink: 338 bytes leftover after parsing attributes in process `syz.5.6373'. [ 593.390592][T21690] usb usb6: check_ctrlrecip: process 21690 (syz.5.6389) requesting ep 01 but needs 81 [ 593.434532][T21690] usb usb6: usbfs: process 21690 (syz.5.6389) did not claim interface 0 before use [ 594.121700][T21704] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6397'. [ 594.287691][T21709] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6398'. [ 596.337054][T21744] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6413'. [ 596.458708][T21744] bond0: (slave bond_slave_0): Releasing backup interface [ 597.036723][T21754] netlink: 'syz.4.6415': attribute type 2 has an invalid length. [ 598.181866][T21783] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6428'. [ 598.226436][T21783] vcan0: entered promiscuous mode [ 598.268071][T21785] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6430'. [ 598.677129][T21799] netlink: 326 bytes leftover after parsing attributes in process `syz.1.6437'. [ 599.346637][T21822] Invalid ELF header magic: != ELF [ 599.769089][T21826] Invalid ELF header magic: != ELF [ 600.755175][T21858] netlink: 'syz.6.6462': attribute type 22 has an invalid length. [ 600.762485][T21858] netlink: 334 bytes leftover after parsing attributes in process `syz.6.6462'. [ 600.893653][T21862] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6464'. [ 601.678387][T21895] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6476'. [ 602.527673][T21924] ERROR: Out of memory at tomoyo_memory_ok. [ 602.945029][ T27] ERROR: Out of memory at tomoyo_memory_ok. [ 603.471971][T21959] HfR: entered promiscuous mode [ 603.516845][T21959] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6502'. [ 603.525033][T21959] HfR: left promiscuous mode [ 604.493087][T21978] netlink: 'syz.6.6511': attribute type 3 has an invalid length. [ 604.763173][T21988] netlink: 'syz.5.6515': attribute type 1 has an invalid length. [ 605.169839][T22004] ALSA: mixer_oss: invalid OSS volume '' [ 605.199453][T22003] Process accounting paused [ 605.486241][T22013] netlink: 'syz.1.6525': attribute type 27 has an invalid length. [ 605.510132][T22013] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6525'. [ 605.717906][T22018] ERROR: Out of memory at tomoyo_memory_ok. [ 607.306182][T22044] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6536'. [ 610.438287][T22098] ERROR: Out of memory at tomoyo_memory_ok. [ 611.547969][T22119] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6566'. [ 612.334088][T22127] delete_channel: no stack [ 613.755707][T22157] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6583'. [ 614.052844][T22169] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6589'. [ 614.206223][T22169] hsr_slave_1 (unregistering): left promiscuous mode [ 614.240464][T22179] netlink: 350 bytes leftover after parsing attributes in process `syz.4.6595'. [ 614.318743][T22181] ERROR: Out of memory at tomoyo_memory_ok. [ 614.345485][T22184] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6596'. [ 614.366805][T22184] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6596'. [ 615.011870][T22212] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6608'. [ 615.307125][T22225] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6613'. [ 615.321648][T22227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6614'. [ 615.398943][T22227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6614'. [ 618.024922][T22319] netlink: 334 bytes leftover after parsing attributes in process `syz.6.6651'. [ 618.038038][T22319] IPv6: NLM_F_CREATE should be specified when creating new route [ 619.999024][T22387] random: crng reseeded on system resumption [ 621.469979][T22445] random: crng reseeded on system resumption [ 622.006134][T22459] ERROR: Out of memory at tomoyo_memory_ok. [ 622.947974][T22488] ERROR: Out of memory at tomoyo_memory_ok. [ 623.760868][T22511] netlink: 'syz.6.6727': attribute type 4 has an invalid length. [ 623.791149][T22511] __nla_validate_parse: 1 callbacks suppressed [ 623.791170][T22511] netlink: 110 bytes leftover after parsing attributes in process `syz.6.6727'. [ 623.816841][T22515] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6729'. [ 623.943410][T22517] ERROR: Out of memory at tomoyo_memory_ok. [ 624.638628][T22543] netlink: 338 bytes leftover after parsing attributes in process `syz.6.6739'. [ 624.667816][T22543] netlink: 338 bytes leftover after parsing attributes in process `syz.6.6739'. [ 624.979780][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.996108][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.111204][T22549] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6741'. [ 625.846553][T22569] netlink: 334 bytes leftover after parsing attributes in process `syz.5.6748'. [ 626.027742][T22575] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 627.737811][T22607] netlink: 'syz.5.6770': attribute type 4 has an invalid length. [ 627.755097][T22607] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6770'. [ 629.645171][T22629] netlink: 'syz.6.6768': attribute type 2 has an invalid length. [ 630.047721][T22643] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6776'. [ 630.104498][T22643] bond0: (slave bond_slave_0): Releasing backup interface [ 630.181470][T22645] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6784'. [ 630.307599][T22649] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 630.402026][T22654] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6789'. [ 630.465518][T22654] bond0: (slave bond_slave_0): Releasing backup interface [ 630.911116][T22668] Invalid ELF header magic: != ELF [ 631.118929][T22671] Invalid ELF header magic: != ELF [ 631.677033][T22685] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 632.000513][T22697] Invalid ELF header magic: != ELF [ 632.310828][T22697] Invalid ELF header magic: != ELF [ 634.666137][T22780] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6833'. [ 635.218700][ T27] ERROR: Out of memory at tomoyo_memory_ok. [ 635.530734][T22813] ERROR: Out of memory at tomoyo_memory_ok. [ 635.586781][T22816] HfR: entered promiscuous mode [ 635.615336][T22816] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6848'. [ 635.624141][T22816] HfR: left promiscuous mode [ 636.231540][T22840] netlink: 'syz.5.6857': attribute type 3 has an invalid length. [ 638.809066][T22899] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6877'. [ 639.407093][T22916] ERROR: Out of memory at tomoyo_memory_ok. [ 639.960023][T22936] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6894'. [ 639.983090][T22938] ERROR: Out of memory at tomoyo_memory_ok. [ 639.993538][T22936] veth0_macvtap: left promiscuous mode [ 640.896318][T22958] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6904'. [ 641.461189][T22971] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6907'. [ 641.502499][T22971] veth0_macvtap: left promiscuous mode [ 641.741659][T22977] delete_channel: no stack [ 641.857697][T22984] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6913'. [ 642.752582][T23012] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6925'. [ 643.197163][T23020] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6927'. [ 643.952366][T23037] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6935'. [ 645.232478][T23070] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6948'. [ 645.613272][T23078] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6952'. [ 645.644361][T23078] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6952'. [ 646.257489][T23092] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6959'. [ 646.605182][T23101] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6961'. [ 647.007172][T23114] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6974'. [ 647.055487][T23118] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6968'. [ 647.505929][T23124] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6969'. [ 647.710451][T23135] ERROR: Out of memory at tomoyo_memory_ok. [ 648.030784][T23124] hsr_slave_1 (unregistering): left promiscuous mode [ 648.647742][T23163] ERROR: Out of memory at tomoyo_memory_ok. [ 649.306930][T23178] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6993'. [ 649.413607][T23178] hsr_slave_1 (unregistering): left promiscuous mode [ 649.641493][T23182] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6995'. [ 650.571307][T23196] netlink: 'syz.6.7001': attribute type 3 has an invalid length. [ 650.588172][T23196] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7001'. [ 650.601965][T23198] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7000'. [ 650.784894][T23203] ERROR: Out of memory at tomoyo_memory_ok. [ 652.468681][T23247] netlink: 342 bytes leftover after parsing attributes in process `syz.5.7021'. [ 652.478749][T23247] netlink: 342 bytes leftover after parsing attributes in process `syz.5.7021'. [ 652.605562][T23251] netlink: 334 bytes leftover after parsing attributes in process `syz.5.7025'. [ 652.613998][T23251] IPv6: NLM_F_CREATE should be specified when creating new route [ 652.736757][T23255] netlink: 334 bytes leftover after parsing attributes in process `syz.5.7027'. [ 656.507867][T23317] tc_dump_action: action bad kind [ 659.413092][T23399] netlink: 334 bytes leftover after parsing attributes in process `syz.1.7082'. [ 659.458205][T23401] sctp: [Deprecated]: syz.4.7079 (pid 23401) Use of struct sctp_assoc_value in delayed_ack socket option. [ 659.458205][T23401] Use struct sctp_sack_info instead [ 659.779087][T23403] netlink: 130 bytes leftover after parsing attributes in process `syz.1.7091'. [ 659.885197][T23407] ERROR: Out of memory at tomoyo_memory_ok. [ 660.924325][T23439] ERROR: Out of memory at tomoyo_memory_ok. [ 661.304239][T23448] openvswitch: netlink: IP tunnel dst address not specified [ 661.312862][T23448] openvswitch: netlink: IP tunnel dst address not specified [ 661.840548][T23469] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7111'. [ 663.525198][T23502] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7122'. [ 663.681017][T23507] random: crng reseeded on system resumption [ 665.478403][T23543] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7149'. [ 665.656273][T23552] netlink: 350 bytes leftover after parsing attributes in process `syz.6.7143'. [ 666.821403][T23605] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7170'. [ 667.560041][T23615] netlink: 306 bytes leftover after parsing attributes in process `syz.6.7180'. [ 668.539212][T23641] netlink: 306 bytes leftover after parsing attributes in process `syz.4.7183'. [ 668.850649][T23653] netlink: 'syz.4.7189': attribute type 16 has an invalid length. [ 668.885888][T23653] netlink: 322 bytes leftover after parsing attributes in process `syz.4.7189'.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         756.64719326029 .%4,).+: '39:.6.8166': !442)"54% 490% 28 (!3 !. ).6!,)$ ,%.'4(.  756.67666726029 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8166'.  756.72548326033 : 2$3").$ #/5,$ ./4 &).$ ! 42!.30/24 &/2 ::&&&&:172.20.20.187, ,/!$ 2$34#0 /2 2$32$-!?  757.43463826039 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8170'.  757.44606419766 ,5%4//4(: (#)3: #/--!.$ 080#1! 48 4)-%/54  757.45098719766 ,5%4//4(: (#)0: #/--!.$ 080419 48 4)-%/54  757.456032 5837 ,5%4//4(: (#)1: #/--!.$ 080406 48 4)-%/54  757.52638719766 ,5%4//4(: (#)2: #/--!.$ 080419 48 4)-%/54  757.74691526065 2/#%33 !##/5.4).' 2%35-%$  758.11839826076 ").$%2: 26075:26076 )/#4, #010550% 4 2%452.%$ -22  758.14635626076 ").$%2: 26075:26076 )/#4, #0306201 9 2%452.%$ -11  760.01634826133 .%4,).+: '39:.4.8202': !442)"54% 490% 27 (!3 !. ).6!,)$ ,%.'4(.  760.02268826133 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8202'.  760.21340726136 .%4,).+: 342 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8214'.  761.58301426150 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8211'.  762.08194626166 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  764.79640526237 ,5%4//4(: (#)1: 0#/$% 080#1! &!),%$: -4  764.80292926237 ,5%4//4(: (#)0: 0#/$% 080#1! &!),%$: -4  764.81529826237 ,5%4//4(: (#)3: 0#/$% 080#1! &!),%$: -4  764.84783926237 ,5%4//4(: (#)2: 0#/$% 080#1! &!),%$: -4  765.33079826254 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8250'.  766.47617126293 .%4,).+: '39:.4.8257': !442)"54% 490% 4 (!3 !. ).6!,)$ ,%.'4(.  766.80587719766 ,5%4//4(: (#)0: #/--!.$ 080419 48 4)-%/54  766.81089419766 ,5%4//4(: (#)1: #/--!.$ 080406 48 4)-%/54  766.88584419766 ,5%4//4(: (#)2: #/--!.$ 080419 48 4)-%/54  766.890831 5837 ,5%4//4(: (#)3: #/--!.$ 080#1! 48 4)-%/54  770.23293826366 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8284'.  770.34598226362 ,5%4//4(: (#)1: 0#/$% 080#1! &!),%$: -4  770.35094126362 ,5%4//4(: (#)0: 0#/$% 080#1! &!),%$: -4  770.37878126362 ,5%4//4(: (#)3: 0#/$% 080#1! &!),%$: -4  770.42758726370 .%4,).+: 342 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8285'.  770.52610926362 ,5%4//4(: (#)2: 0#/$% 080#1! &!),%$: -4  772.12351026403 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8296'.  772.406227 5837 ,5%4//4(: (#)0: #/--!.$ 080419 48 4)-%/54  772.41147725336 ,5%4//4(: (#)1: #/--!.$ 080406 48 4)-%/54  772.41681619766 ,5%4//4(: (#)3: #/--!.$ 080#1! 48 4)-%/54  772.47723726410 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8302'.  772.55420026414 .%4,).+: '39:.1.8303': !442)"54% 490% 33 (!3 !. ).6!,)$ ,%.'4(.  772.56431926414 .%4,).+: 322 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8303'.  772.57262719766 ,5%4//4(: (#)2: #/--!.$ 080419 48 4)-%/54  772.57800126414 .%4,).+: '39:.1.8303': !442)"54% 490% 33 (!3 !. ).6!,)$ ,%.'4(.  772.65341726414 .%4,).+: 322 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8303'.  773.21513226434 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8309'.  773.26598326434 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8309'.  775.45170226445 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8316'.  775.78653526454 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8319'.  776.14137726467 .%4,).+: '39:.1.8324': !442)"54% 490% 1 (!3 !. ).6!,)$ ,%.'4(.  776.14977026467 .%4,).+: 306 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8324'.  777.26630526497 .%4,).+: '39:.5.8335': !442)"54% 490% 4 (!3 !. ).6!,)$ ,%.'4(.  777.49253226502 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8337'.  777.52791526502 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8337'.  777.75186226510 .%4,).+: 326 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8341'.  780.57837726597 .%4,).+: 28 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8361'.  780.67142626597 ,/: %.4%2%$ 02/-)3#5/53 -/$%  780.67981626597 ,/: %.4%2%$ !,,-5,4)#!34 -/$%  783.10316626668 /0%.637)4#(: .%4,).+:   %84%.3)/. 13870 /54 /& 2!.'% -!8 1  783.13762226670 .%4,).+: 12 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8381'.  783.66025926680 ",+42!#%: /.#522%.4 ",+42!#%3 !2% ./4 !,,/7%$ /. 3'0  784.65353826690 .%4,).+: '39:.1.8396': !442)"54% 490% 3 (!3 !. ).6!,)$ ,%.'4(.  784.66593826690 .%4,).+: 332 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8396'.  784.69511826690 .%4,).+: '39:.1.8396': !442)"54% 490% 3 (!3 !. ).6!,)$ ,%.'4(.  784.71484326690 .%4,).+: 332 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8396'.  787.36819126734 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8403'.  788.13791826741 .%4,).+: '39:.4.8407': !442)"54% 490% 28 (!3 !. ).6!,)$ ,%.'4(.  788.17662026741 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8407'.  792.50928526839 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  792.84048526851 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  793.00868226853 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  794.56801926894 .%4,).+: 338 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8462'.  794.72858426899 .%4,).+: 326 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8464'.  795.28330126919 .%4,).+: '39:.5.8469': !442)"54% 490% 27 (!3 !. ).6!,)$ ,%.'4(.  795.31556926919 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8469'.  795.58291626926 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8473'.  795.65053326930 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8475'.  796.46108326958 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8488'.  796.60720826962 .%4,).+: '39:.1.8490': !442)"54% 490% 1 (!3 !. ).6!,)$ ,%.'4(.  796.61359726962 .%4,).+: 318 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8490'.  796.77197419766 ,5%4//4(: (#)1:  0!#+%4 &/2 5.+./7. #/..%#4)/. (!.$,% 0  797.30360826978 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8496'.  798.17767327002 .%4,).+: '39:.6.8505': !442)"54% 490% 28 (!3 !. ).6!,)$ ,%.'4(.  798.19899227002 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8505'.  798.80766327025 .%4,).+: 2 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8514'.  799.69374927051 .%4,).+: 342 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8525'.  800.82102427084 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  801.24037827096 .%4,).+: 20 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8543'.  802.01419427120 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  805.32065719766 ,5%4//4(: (#)1:  0!#+%4 4// 3-!,,  807.64519227242 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8601'.  809.14441227264   809.14666427264   809.14887027264   809.15107627264   809.25869127265   809.289214 1295 )%%%802154 0(90 70!.0: %.#2904)/. &!),%$: -22  809.294325 1295 )%%%802154 0(91 70!.1: %.#2904)/. &!),%$: -22  809.69894827273 .%4,).+: 130 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8610'.  812.42499127321 .%4,).+: 322 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8630'.  812.86951627329 .%4,).+: 12 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8634'.  812.90220727329 .%4,).+: 12 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8634'.  815.20666527374 3#40: %02%#!4%$: 39:.5.8648 (0)$ 27374) 3% /& 3425#4 3#40!33/#6!,5% ). $%,!9%$!#+ 3/#+%4 /04)/..  815.20666527374 3% 3425#4 3#403!#+).&/ ).34%!$  816.55696027395 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8656'.  816.96633527403 .%4,).+: 326 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8659'.  818.42225027428 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8669'.  818.44549427430 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  818.60322027440 .%4,).+: 326 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8674'.  818.72777827445 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8677'.  818.86669027452 .%4,).+: 342 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8679'.  819.00419327458 -+)33: !80: #2# -/$% )3 !54/.  819.80112827477 .%4,).+: '39:.1.8688': !442)"54% 490% 4 (!3 !. ).6!,)$ ,%.'4(.  819.84250427477 .%4,).+: '39:.1.8688': !442)"54% 490% 4 (!3 !. ).6!,)$ ,%.'4(.  819.96607527479 .%4,).+: 322 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8689'.  821.47624327511 .%4,).+: 322 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8701'.  822.27232127545 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8713'.  823.67749927582 -+)33: !80: #2# -/$% )3 !54/.  824.00142727596 .%4,).+: 350 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8732'.  824.49410427608 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8737'.  824.52115827610 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8738'.  825.17517927616 2/#%33 !##/5.4).' 2%35-%$  825.49863027622 .%4,).+: 28 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8743'.  826.42112227640 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8750'.  826.76468027649 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8753'.  826.82442427650   826.82670627650   826.82891027650   826.83111427650   826.84608527650   826.84833427650   826.85053627650   826.85273727650   826.86610027650   826.86834927650   826.87054927650   826.87274927650   826.89602127650   826.89827127650   826.90048327650   826.90269127650   826.91388927651   827.52264627653 .%4,).+: 74 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8755'.  829.46063627694 .%4,).+: '39:.4.8772': !442)"54% 490% 14 (!3 !. ).6!,)$ ,%.'4(.  829.47583127694 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8772'.  829.64490827703 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8777'.  829.67823927703 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8777'.  830.40562227726 -+)33: !80: #2# -/$% )3 !54/.  831.60473427759 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8801'.  831.78388827764 .%4,).+: '39:.4.8802': !442)"54% 490% 1 (!3 !. ).6!,)$ ,%.'4(.  831.81147627764 .%4,).+: 230 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8802'.  831.89832027771 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8805'.  831.98634327773 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8806'.  832.00690427773 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8806'.  832.10987127775 .%4,).+: 330 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8807'.  834.25399927826 : 2$3").$ #/5,$ ./4 &).$ ! 42!.30/24 &/2 &%80::3030:3030:3!30:302&, ,/!$ 2$34#0 /2 2$32$-!?  834.46417027832 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8829'.  836.63151927884 -!#80211(73)-: 7-%$)5-$ 2%,%!3%$ .%4,).+ 3/#+%4, 37)4#().' 4/ 0%2&%#4 #(!..%, -%$)5-  838.42163527920 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.8864'.  838.43003219766 ,5%4//4(: (#)1: !,&/2-%$ 6%.4: 082&  838.48473227924 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8866'.  838.49472827924 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8866'.  838.66789327927 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8867'.  838.67524127930 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  838.88943127933 : 54 /& -%-/29 !4 4/-/9/-%-/29/+.  839.77599027974 .%4,).+: 28 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8887'.  840.96613228013 .%4,).+: '39:.1.8902': !442)"54% 490% 27 (!3 !. ).6!,)$ ,%.'4(.  840.98157628013 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8902'.  841.77242528031 .%4,).+: 338 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8917'.  841.78197328031 .%4,).+: 338 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8917'.  843.04166728064 .%4,).+: '39:.4.8919': !442)"54% 490% 4 (!3 !. ).6!,)$ ,%.'4(.  843.05858428064 .%4,).+: 314 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8919'.  843.39626628071 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8922'.  843.97447828084 .%4,).+: 326 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8927'.  844.59702028104 .%4,).+: '39:.6.8936': !442)"54% 490% 29 (!3 !. ).6!,)$ ,%.'4(.  844.59705028104 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8936'.  844.76221428108 .%4,).+: 322 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8938'.  847.00443428151 2!.$/-: #2.' 2%3%%$%$ /. 3934%- 2%35-04)/.  848.05587828169 .%4,).+: 12 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8967'.  848.09769728169 .%4,).+: 12 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8967'.  848.30272028173 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.8960'.  849.90972528212 /0%.637)4#(: .%4,).+: 5..%, !442 8192 /54 /& 2!.'% -!8 16  850.10422228214 .%4,).+: 326 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.8978'.  851.45015228246 .%4,).+: '39:.1.8989': !442)"54% 490% 4 (!3 !. ).6!,)$ ,%.'4(.  851.64521828251 .%4,).+: 12 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8991'.  851.67791728251 .%4,).+: 12 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.8991'.  852.48045528268 2/#%33 !##/5.4).' 2%35-%$  852.80659028274 .%4,).+: 36 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.9001'.  853.69666128300 .%4,).+: 146 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.4.9012'.  854.18197828313 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.9015'.  854.23214528313 .%4,).+: 8 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.9015'.  854.78608428330 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.6.9022'.  856.67210528370 .%4,).+: 306 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.5.9037'.  856.79887628369 .%4,).+: 4 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.9035'.  858.26559928402 /63: %.4%2%$ 02/-)3#5/53 -/$%  858.50833328416 ,/: %.4%2%$ !,,-5,4)#!34 -/$%  858.58292128421 ,/: ,%&4 !,,-5,4)#!34 -/$%  860.18456928467 .%4,).+: 334 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.9063'.  861.37905128487 .%4,).+: 74 "94%3 ,%&4/6%2 !&4%2 0!23).' !442)"54%3 ). 02/#%33 39:.1.9067'.  861.66687728496 : 54 /& -%-/29 !4 4/-/9/-%-/29/+. [ 863.364861][T28548] ima: policy update failed [ 863.394683][ T29] audit: type=1802 audit(4294967493.847:19): pid=28548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.9090" res=0 errno=0 [ 863.697748][T28566] delete_channel: no stack [ 863.708587][T28569] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9098'. [ 864.635443][T28589] proc: Bad value for 'gid' [ 865.102941][T28606] netlink: 'syz.1.9109': attribute type 16 has an invalid length. [ 865.111202][T28606] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9109'. [ 865.435078][T28613] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9113'. [ 865.705545][T28618] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9114'. [ 865.834708][T28620] netlink: 'syz.5.9115': attribute type 1 has an invalid length. [ 866.141738][T28635] netlink: 146 bytes leftover after parsing attributes in process `syz.6.9121'. [ 868.198555][T28704] netlink: 334 bytes leftover after parsing attributes in process `syz.4.9147'. [ 868.323892][T28708] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9150'. [ 868.619937][T28723] netlink: 338 bytes leftover after parsing attributes in process `syz.6.9156'. [ 869.680531][T28758] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9169'. [ 870.099058][T28773] netlink: 266 bytes leftover after parsing attributes in process `syz.4.9171'. [ 870.133440][T28773] IPv6: NLM_F_CREATE should be specified when creating new route [ 870.142544][T28775] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9172'. [ 870.729554][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.735982][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.145839][T28812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9180'. [ 871.249958][T28814] netlink: 146 bytes leftover after parsing attributes in process `syz.1.9181'. [ 871.377866][T28818] netlink: 326 bytes leftover after parsing attributes in process `syz.6.9183'. [ 871.708218][T28831] netlink: 330 bytes leftover after parsing attributes in process `syz.4.9189'. [ 871.957886][T28838] netlink: 342 bytes leftover after parsing attributes in process `syz.4.9191'. [ 873.058041][T28872] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9204'. [ 875.276985][T28941] netlink: 146 bytes leftover after parsing attributes in process `syz.4.9221'. [ 875.386116][T28945] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9222'. [ 875.489064][T28950] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9223'. [ 875.747658][T28961] netlink: 330 bytes leftover after parsing attributes in process `syz.4.9226'. [ 875.814600][T28961] veth1_macvtap: left allmulticast mode [ 875.866033][T28961] syz.4.9226 (28961) used greatest stack depth: 20224 bytes left [ 876.002620][T28970] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9228'. [ 876.013814][T28970] lo: left promiscuous mode [ 876.024231][T28970] lo: left allmulticast mode [ 876.454191][T28978] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9233'. [ 876.504833][T28978] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9233'. [ 876.850997][T28989] netlink: 326 bytes leftover after parsing attributes in process `syz.6.9238'. [ 877.199153][T28996] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9242'. [ 877.213542][T28998] netlink: 342 bytes leftover after parsing attributes in process `syz.4.9243'. [ 877.235770][T28998] IPv6: NLM_F_CREATE should be specified when creating new route [ 877.253746][T28998] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 877.261796][T28998] IPv6: NLM_F_CREATE should be set when creating new route [ 877.269129][T28998] IPv6: NLM_F_CREATE should be set when creating new route [ 879.269460][T29050] lo: entered promiscuous mode [ 879.292791][T29050] lo: entered allmulticast mode [ 880.099971][T29075] netlink: 'syz.5.9273': attribute type 19 has an invalid length. [ 880.387648][T29085] __nla_validate_parse: 5 callbacks suppressed [ 880.387669][T29085] netlink: 326 bytes leftover after parsing attributes in process `syz.6.9277'. [ 880.612683][T29090] netlink: 326 bytes leftover after parsing attributes in process `syz.6.9280'. [ 880.844106][T29102] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9285'. [ 881.000980][T29105] netlink: 334 bytes leftover after parsing attributes in process `syz.6.9286'. [ 881.245882][T29110] netlink: 146 bytes leftover after parsing attributes in process `syz.6.9288'. [ 881.741153][T29120] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9291'. [ 881.761824][T29120] unsupported nlmsg_type 40 [ 883.689869][T29160] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9305'. [ 883.705371][T29160] lo: entered promiscuous mode [ 883.723011][T29160] lo: entered allmulticast mode [ 883.928026][T29180] netlink: 326 bytes leftover after parsing attributes in process `syz.1.9313'. [ 884.475542][T29191] netlink: 330 bytes leftover after parsing attributes in process `syz.6.9317'. [ 885.827312][T29221] netlink: 'syz.4.9327': attribute type 28 has an invalid length. [ 885.835197][T29221] netlink: 'syz.4.9327': attribute type 29 has an invalid length. [ 885.843890][T29221] netlink: 'syz.4.9327': attribute type 30 has an invalid length. [ 885.853392][T29221] netlink: 'syz.4.9327': attribute type 31 has an invalid length. [ 885.861435][T29221] netlink: 'syz.4.9327': attribute type 32 has an invalid length. [ 885.870650][T29221] netlink: 'syz.4.9327': attribute type 33 has an invalid length. [ 885.880510][T29221] netlink: 'syz.4.9327': attribute type 35 has an invalid length. [ 885.889239][T29221] netlink: 'syz.4.9327': attribute type 37 has an invalid length. [ 885.898157][T29221] netlink: 'syz.4.9327': attribute type 39 has an invalid length. [ 885.906394][T29221] netlink: 'syz.4.9327': attribute type 40 has an invalid length. [ 885.914648][T29221] netlink: 18 bytes leftover after parsing attributes in process `syz.4.9327'. [ 885.924800][T29224] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9329'. [ 885.972495][T29224] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9329'. [ 886.431022][T29241] netlink: 326 bytes leftover after parsing attributes in process `syz.5.9334'. [ 886.566394][T29244] netlink: 266 bytes leftover after parsing attributes in process `syz.6.9336'. [ 888.348234][T29296] netlink: 146 bytes leftover after parsing attributes in process `syz.4.9355'. [ 888.389782][T29298] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9356'. [ 889.616229][T29330] netlink: 326 bytes leftover after parsing attributes in process `syz.4.9368'. [ 890.007544][T29340] netlink: 146 bytes leftover after parsing attributes in process `syz.4.9372'. [ 892.246297][T29382] netlink: 4755 bytes leftover after parsing attributes in process `syz.1.9385'. [ 893.670214][T29410] netlink: 2 bytes leftover after parsing attributes in process `syz.6.9395'. [ 894.422483][T29421] netlink: 338 bytes leftover after parsing attributes in process `syz.6.9400'. [ 894.438688][T29421] netlink: 338 bytes leftover after parsing attributes in process `syz.6.9400'. [ 894.454464][T29421] netlink: 210 bytes leftover after parsing attributes in process `syz.6.9400'. [ 894.627048][T29424] netlink: 326 bytes leftover after parsing attributes in process `syz.1.9401'. [ 895.246089][T29434] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9407'. [ 895.692978][T29447] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9411'. [ 896.123841][T29456] netlink: 326 bytes leftover after parsing attributes in process `syz.4.9414'. [ 896.750100][T29466] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9418'. [ 896.996427][T29471] syz.1.9419 (29471) used greatest stack depth: 19552 bytes left [ 897.005378][T29478] validate_nla: 2 callbacks suppressed [ 897.005400][T29478] netlink: 'syz.4.9422': attribute type 1 has an invalid length. [ 897.051482][T29478] netlink: 'syz.4.9422': attribute type 1 has an invalid length. [ 898.529578][T29536] __nla_validate_parse: 3 callbacks suppressed [ 898.529601][T29536] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9435'. [ 898.686608][T29540] ERROR: Out of memory at tomoyo_memory_ok. [ 898.803620][T29545] ERROR: Out of memory at tomoyo_memory_ok. [ 898.861633][T29544] netlink: 146 bytes leftover after parsing attributes in process `syz.1.9438'. [ 898.938107][T29549] netlink: 'syz.5.9439': attribute type 1 has an invalid length. [ 898.947494][T29540] ERROR: Out of memory at tomoyo_memory_ok. [ 899.201741][T29558] netlink: 330 bytes leftover after parsing attributes in process `syz.6.9444'. [ 899.214331][T29559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9442'. [ 899.253899][T29559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9442'. [ 899.354038][T29564] netlink: 'syz.6.9446': attribute type 3 has an invalid length. [ 899.532972][T29570] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9449'. [ 899.572818][T29570] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9449'. [ 900.328128][T29595] mkiss: ax0: crc mode is auto. [ 900.410383][T29592] netlink: 306 bytes leftover after parsing attributes in process `syz.1.9457'. [ 900.449190][T29597] netlink: 'syz.6.9459': attribute type 4 has an invalid length. [ 900.475824][T29597] netlink: 314 bytes leftover after parsing attributes in process `syz.6.9459'. [ 900.736397][T29610] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9463'. [ 901.077454][T29599] ptrace attach of "./syz-executor exec"[14338] was attempted by "./syz-executor exec"[29599] [ 901.127091][T29618] netlink: 'syz.6.9466': attribute type 4 has an invalid length. [ 902.295807][T19766] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 905.009770][T29695] __nla_validate_parse: 5 callbacks suppressed [ 905.009797][T29695] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9495'. [ 906.303694][T29717] netlink: 'syz.6.9505': attribute type 39 has an invalid length. [ 906.337558][T29717] netlink: 'syz.6.9505': attribute type 40 has an invalid length. [ 906.345561][T29717] netlink: 'syz.6.9505': attribute type 41 has an invalid length. [ 906.404469][T29717] netlink: 'syz.6.9505': attribute type 44 has an invalid length. [ 906.442683][T29717] netlink: 'syz.6.9505': attribute type 46 has an invalid length. [ 906.470471][T29717] netlink: 'syz.6.9505': attribute type 47 has an invalid length. [ 906.512506][T29717] netlink: 'syz.6.9505': attribute type 48 has an invalid length. [ 906.535986][T29717] netlink: 'syz.6.9505': attribute type 49 has an invalid length. [ 906.563928][T29717] netlink: 'syz.6.9505': attribute type 50 has an invalid length. [ 906.576783][T29725] netlink: 4707 bytes leftover after parsing attributes in process `syz.5.9507'. [ 906.625139][T29717] netlink: 6 bytes leftover after parsing attributes in process `syz.6.9505'. [ 906.909305][T29728] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9509'. [ 906.938869][T29728] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9509'. [ 907.312744][T29734] netlink: 306 bytes leftover after parsing attributes in process `syz.4.9511'. [ 909.090770][T29757] netlink: 326 bytes leftover after parsing attributes in process `syz.4.9520'. [ 909.176858][T29746] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9515'. [ 910.462842][T29780] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(3) [ 910.648048][T29785] team0: mtu greater than device maximum [ 910.982592][T29792] netlink: 'syz.4.9533': attribute type 4 has an invalid length. [ 911.008754][T29792] netlink: 314 bytes leftover after parsing attributes in process `syz.4.9533'. [ 911.596526][T29812] netlink: 342 bytes leftover after parsing attributes in process `syz.6.9541'. [ 912.755409][T29837] netlink: 306 bytes leftover after parsing attributes in process `syz.4.9551'. [ 913.409934][T29856] netlink: 'syz.5.9558': attribute type 4 has an invalid length. [ 913.703660][T29863] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9560'. [ 915.048185][T29895] lo: entered promiscuous mode [ 915.117407][T29895] lo: left promiscuous mode [ 915.424117][T29908] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9579'. [ 915.953799][T29922] netlink: 146 bytes leftover after parsing attributes in process `syz.6.9585'. [ 916.414680][T29932] blktrace: Concurrent blktraces are not allowed on sg0 [ 917.700940][T29953] netlink: 326 bytes leftover after parsing attributes in process `syz.5.9600'. [ 917.840399][T29945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 917.937995][T29960] netlink: 'syz.4.9601': attribute type 4 has an invalid length. [ 917.955932][T29960] netlink: 314 bytes leftover after parsing attributes in process `syz.4.9601'. [ 918.205517][T29969] netlink: 20 bytes leftover after parsing attributes in process `syz.6.9606'. [ 918.406109][T29974] netlink: 244 bytes leftover after parsing attributes in process `syz.6.9609'. [ 918.679561][T29981] mkiss: ax0: crc mode is auto. [ 919.222792][T29996] netlink: 330 bytes leftover after parsing attributes in process `syz.4.9617'. [ 919.248804][T29998] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9618'. [ 919.259969][T29996] : renamed from gre0 (while UP) [ 919.310948][T29996] netlink: 330 bytes leftover after parsing attributes in process `syz.4.9617'. [ 919.471736][T30003] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9621'. [ 920.238014][T30028] netlink: 146 bytes leftover after parsing attributes in process `syz.4.9628'. [ 920.424854][T30032] netlink: 'syz.1.9630': attribute type 5 has an invalid length. [ 920.433650][T30032] netlink: 314 bytes leftover after parsing attributes in process `syz.1.9630'. [ 922.790176][T30086] __nla_validate_parse: 7 callbacks suppressed [ 922.790201][T30086] netlink: 342 bytes leftover after parsing attributes in process `syz.6.9650'. [ 927.883878][T30197] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 927.899716][T30197] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 927.911033][T30200] netlink: 'syz.1.9679': attribute type 20 has an invalid length. [ 927.925978][T30200] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9679'. [ 928.346846][T30217] netlink: 'syz.5.9687': attribute type 19 has an invalid length. [ 928.381179][T30217] netlink: 114 bytes leftover after parsing attributes in process `syz.5.9687'. [ 928.502951][T30222] netlink: 206 bytes leftover after parsing attributes in process `syz.6.9689'. [ 929.190124][T30232] netlink: 342 bytes leftover after parsing attributes in process `syz.6.9693'. [ 929.199705][T30230] netlink: 93 bytes leftover after parsing attributes in process `syz.5.9692'. [ 929.225283][T30228] netlink: 93 bytes leftover after parsing attributes in process `syz.5.9692'. [ 929.291711][T30235] netlink: 330 bytes leftover after parsing attributes in process `syz.4.9694'. [ 929.295959][T30232] netlink: 102 bytes leftover after parsing attributes in process `syz.6.9693'. [ 929.627062][T30245] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9698'. [ 930.041019][T30257] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9705'. [ 932.172467][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.185780][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.585469][T30308] netlink: 'syz.5.9721': attribute type 27 has an invalid length. [ 933.073207][T30315] __nla_validate_parse: 1 callbacks suppressed [ 933.073234][T30315] netlink: 330 bytes leftover after parsing attributes in process `syz.6.9724'. [ 933.731190][T30330] netlink: 326 bytes leftover after parsing attributes in process `syz.6.9731'. [ 934.002290][T30338] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9734'. [ 934.053929][T30338] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9734'. [ 935.665426][T30370] netlink: 146 bytes leftover after parsing attributes in process `syz.1.9747'. [ 935.758325][T30374] netlink: 342 bytes leftover after parsing attributes in process `syz.5.9748'. [ 937.260709][T30406] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9761'. [ 937.315449][T30406] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9761'. [ 938.496006][T30429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9768'. [ 938.510244][T30429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9768'. [ 939.955818][T30454] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 941.756631][T30484] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9790'. [ 941.916247][T30484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9790'. [ 942.217327][T30493] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9794'. [ 942.454927][T30497] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9796'. [ 942.788743][T30497] team0: Port device team_slave_0 removed [ 945.103933][T30548] block nbd0: must specify backend [ 946.172052][T30578] syz.1.9826: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 946.245758][T30578] CPU: 0 UID: 0 PID: 30578 Comm: syz.1.9826 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 946.256612][T30578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 946.266717][T30578] Call Trace: [ 946.270140][T30578] [ 946.273289][T30578] dump_stack_lvl+0x16c/0x1f0 [ 946.278060][T30578] warn_alloc+0x24d/0x3a0 [ 946.282462][T30578] ? __pfx_warn_alloc+0x10/0x10 [ 946.287396][T30578] ? __pfx_mark_lock+0x10/0x10 [ 946.292230][T30578] ? lock_acquire.part.0+0x11b/0x380 [ 946.297720][T30578] __vmalloc_node_range_noprof+0x10df/0x1530 [ 946.303809][T30578] ? rcu_is_watching+0x12/0xc0 [ 946.308657][T30578] ? trace_contention_end+0xee/0x140 [ 946.314036][T30578] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 946.320085][T30578] ? dvb_demux_do_ioctl+0x496/0x1340 [ 946.325486][T30578] ? __pfx___mutex_lock+0x10/0x10 [ 946.330573][T30578] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 946.336967][T30578] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 946.342922][T30578] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 946.348281][T30578] vmalloc_noprof+0x6b/0x90 [ 946.352874][T30578] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 946.358222][T30578] dvb_demux_do_ioctl+0x54d/0x1340 [ 946.363412][T30578] dvb_usercopy+0x165/0x320 [ 946.367964][T30578] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 946.373538][T30578] ? __pfx_dvb_usercopy+0x10/0x10 [ 946.378578][T30578] ? __pfx_lock_release+0x10/0x10 [ 946.383729][T30578] ? __fget_files+0x206/0x3a0 [ 946.388442][T30578] dvb_demux_ioctl+0x29/0x40 [ 946.393152][T30578] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 946.398467][T30578] __x64_sys_ioctl+0x190/0x200 [ 946.403345][T30578] do_syscall_64+0xcd/0x250 [ 946.408689][T30578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 946.414986][T30578] RIP: 0033:0x7f4c4d385d29 [ 946.419518][T30578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 946.439371][T30578] RSP: 002b:00007f4c4b1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 946.447909][T30578] RAX: ffffffffffffffda RBX: 00007f4c4d575fa0 RCX: 00007f4c4d385d29 [ 946.455909][T30578] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 946.463908][T30578] RBP: 00007f4c4d401b08 R08: 0000000000000000 R09: 0000000000000000 [ 946.471982][T30578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 946.480149][T30578] R13: 0000000000000000 R14: 00007f4c4d575fa0 R15: 00007ffde8f2a618 [ 946.488156][T30578] [ 946.574918][T30589] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9830'. [ 946.577613][T30578] Mem-Info: [ 946.635348][T30578] active_anon:69157 inactive_anon:0 isolated_anon:0 [ 946.635348][T30578] active_file:2171 inactive_file:57071 isolated_file:0 [ 946.635348][T30578] unevictable:768 dirty:537 writeback:0 [ 946.635348][T30578] slab_reclaimable:7079 slab_unreclaimable:98519 [ 946.635348][T30578] mapped:26315 shmem:56726 pagetables:1010 [ 946.635348][T30578] sec_pagetables:0 bounce:0 [ 946.635348][T30578] kernel_misc_reclaimable:0 [ 946.635348][T30578] free:1262178 free_pcp:11970 free_cma:0 [ 946.737935][T30578] Node 0 active_anon:277328kB inactive_anon:0kB active_file:8684kB inactive_file:228208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:105256kB dirty:2148kB writeback:0kB shmem:226068kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11052kB pagetables:4040kB sec_pagetables:0kB all_unreclaimable? no [ 946.787446][T30578] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 946.855692][T30578] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 946.932722][T30578] lowmem_reserve[]: 0 2465 2466 0 0 [ 946.951418][T30578] Node 0 DMA32 free:1175908kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:277492kB inactive_anon:0kB active_file:8684kB inactive_file:227368kB unevictable:1536kB writepending:2148kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:4728kB local_pcp:3448kB free_cma:0kB [ 947.012719][T30578] lowmem_reserve[]: 0 0 0 0 0 [ 947.026558][T30578] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:840kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 947.105700][T30578] lowmem_reserve[]: 0 0 0 0 0 [ 947.155697][T30578] Node 1 Normal free:3858828kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:40456kB local_pcp:19180kB free_cma:0kB [ 947.269089][T30578] lowmem_reserve[]: 0 0 0 0 0 [ 947.273912][T30578] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 947.325751][T30578] Node 0 DMA32: 4765*4kB (UME) 1921*8kB (UME) 802*16kB (UME) 826*32kB (UME) 486*64kB (UME) 353*128kB (UME) 149*256kB (UME) 50*512kB (UME) 67*1024kB (UME) 22*2048kB (UME) 213*4096kB (UME) = 1199836kB [ 947.385661][T30578] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 947.415767][T30578] Node 1 Normal: 236*4kB (UME) 50*8kB (UME) 50*16kB (UME) 207*32kB (UME) 134*64kB (UME) 60*128kB (UME) 44*256kB (UME) 32*512kB (UM) 15*1024kB (UME) 9*2048kB (UME) 921*4096kB (M) = 3858880kB [ 947.461305][T30578] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 947.500356][T30578] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 947.555670][T30578] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 947.565308][T30578] Node 1 hugepages_total=5 hugepages_free=5 hugepages_surp=0 hugepages_size=2048kB [ 947.635786][T30578] 106198 total pagecache pages [ 947.640653][T30578] 0 pages in swap cache [ 947.644847][T30578] Free swap = 124344kB [ 947.665746][T30578] Total swap = 124996kB [ 947.670078][T30578] 2097051 pages RAM [ 947.695688][T30578] 0 pages HighMem/MovableOnly [ 947.700428][T30578] 427367 pages reserved [ 947.704596][T30578] 0 pages cma reserved [ 948.444858][T30614] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9836'. [ 949.231346][T30627] netlink: 'syz.5.9843': attribute type 10 has an invalid length. [ 949.251180][T30627] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9843'. [ 949.697224][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 949.722520][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 949.734629][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 949.734722][T30637] sock: sock_set_timeout: `syz.5.9846' (pid 30637) tries to set negative timeout [ 949.762705][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 949.770720][ T5837] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 949.778709][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 950.308200][T30634] chnl_net:caif_netlink_parms(): no params data found [ 950.472220][T30634] bridge0: port 1(bridge_slave_0) entered blocking state [ 950.486096][T30634] bridge0: port 1(bridge_slave_0) entered disabled state [ 950.493397][T30634] bridge_slave_0: entered allmulticast mode [ 950.517207][T30634] bridge_slave_0: entered promiscuous mode [ 950.537442][T30634] bridge0: port 2(bridge_slave_1) entered blocking state [ 950.555832][T30634] bridge0: port 2(bridge_slave_1) entered disabled state [ 950.566209][T30634] bridge_slave_1: entered allmulticast mode [ 950.585967][T30634] bridge_slave_1: entered promiscuous mode [ 950.603330][ T29] audit: type=1800 audit(4294967581.077:20): pid=30650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9849" name="lu_gp_id" dev="configfs" ino=97521 res=0 errno=0 [ 950.734395][T30634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 950.749945][T30634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 950.791524][T30659] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9851'. [ 950.876955][T30634] team0: Port device team_slave_0 added [ 950.898315][T30634] team0: Port device team_slave_1 added [ 951.132508][T30634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 951.148742][T30634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 951.207786][T30634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 951.246583][T30634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 951.254125][T30634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 951.316099][T30634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 951.404556][T30634] hsr_slave_0: entered promiscuous mode [ 951.420656][T30634] hsr_slave_1: entered promiscuous mode [ 951.440583][T30634] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 951.450127][T30634] Cannot create hsr debugfs directory [ 951.843160][T30634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 951.866387][T19766] Bluetooth: hci2: command tx timeout [ 951.895352][T30634] 8021q: adding VLAN 0 to HW filter on device team0 [ 951.964014][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 951.971962][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 952.039728][T28001] bridge0: port 2(bridge_slave_1) entered blocking state [ 952.046907][T28001] bridge0: port 2(bridge_slave_1) entered forwarding state [ 952.247045][T30683] netlink: 330 bytes leftover after parsing attributes in process `syz.5.9861'. [ 952.457792][T30634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 952.770199][T30634] veth0_vlan: entered promiscuous mode [ 952.808010][T30634] veth1_vlan: entered promiscuous mode [ 952.969226][T30634] veth0_macvtap: entered promiscuous mode [ 952.999387][T30634] veth1_macvtap: entered promiscuous mode [ 953.055099][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 953.066033][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.095866][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 953.115101][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.135374][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 953.146102][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.165642][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 953.186378][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.205772][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 953.216724][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.229983][T30634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 953.243185][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 953.253911][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.264061][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 953.274634][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.284648][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 953.295301][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.305393][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 953.316500][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.326930][T30634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 953.337837][T30634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 953.349341][T30634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 953.529184][ T3460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 953.542291][T30712] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9868'. [ 953.551852][T30709] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 953.558028][ T3460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 953.597494][T30709] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 953.598642][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 953.626838][T30709] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 953.644895][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 953.703621][T30709] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 953.715054][T30709] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 953.805909][T30709] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 953.817020][T30719] netlink: 338 bytes leftover after parsing attributes in process `syz.5.9871'. [ 953.884540][T30721] netlink: 338 bytes leftover after parsing attributes in process `syz.5.9871'. [ 953.936745][T30719] netlink: 210 bytes leftover after parsing attributes in process `syz.5.9871'. [ 954.299742][T30733] netlink: 'syz.5.9875': attribute type 39 has an invalid length. [ 954.316239][T30733] netlink: 'syz.5.9875': attribute type 40 has an invalid length. [ 954.324126][T30733] netlink: 'syz.5.9875': attribute type 41 has an invalid length. [ 954.363391][T30733] netlink: 'syz.5.9875': attribute type 44 has an invalid length. [ 954.389274][T30733] netlink: 'syz.5.9875': attribute type 46 has an invalid length. [ 954.409824][T30733] netlink: 'syz.5.9875': attribute type 47 has an invalid length. [ 954.437105][T30733] netlink: 'syz.5.9875': attribute type 48 has an invalid length. [ 954.449618][T30733] netlink: 'syz.5.9875': attribute type 49 has an invalid length. [ 954.465700][T30733] netlink: 'syz.5.9875': attribute type 50 has an invalid length. [ 954.494202][T30733] netlink: 6 bytes leftover after parsing attributes in process `syz.5.9875'. [ 954.934540][T30739] delete_channel: no stack [ 955.606317][T19766] Bluetooth: hci0: command 0x0419 tx timeout [ 955.612401][T19766] Bluetooth: hci1: command 0x0406 tx timeout [ 955.686088][T19766] Bluetooth: hci2: command 0x040f tx timeout [ 955.693648][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 956.332236][T30772] netlink: 'syz.4.9888': attribute type 39 has an invalid length. [ 956.365987][T30772] netlink: 6 bytes leftover after parsing attributes in process `syz.4.9888'. [ 957.646200][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 957.658537][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 957.669978][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 957.683776][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 957.691828][ T5837] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 957.701121][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 957.775841][ T5837] Bluetooth: hci2: command 0x040f tx timeout [ 957.909069][T30784] delete_channel: no stack [ 958.037865][T30790] netlink: 314 bytes leftover after parsing attributes in process `syz.1.9894'. [ 958.208657][T30786] chnl_net:caif_netlink_parms(): no params data found [ 958.671923][T30786] bridge0: port 1(bridge_slave_0) entered blocking state [ 958.685976][T30786] bridge0: port 1(bridge_slave_0) entered disabled state [ 958.706734][T30786] bridge_slave_0: entered allmulticast mode [ 958.713844][T30786] bridge_slave_0: entered promiscuous mode [ 958.738167][T30786] bridge0: port 2(bridge_slave_1) entered blocking state [ 958.745363][T30786] bridge0: port 2(bridge_slave_1) entered disabled state [ 958.765781][T30786] bridge_slave_1: entered allmulticast mode [ 958.772886][T30786] bridge_slave_1: entered promiscuous mode [ 959.023256][T30786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 959.069101][T30786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 959.172813][T30786] team0: Port device team_slave_0 added [ 959.205334][T30786] team0: Port device team_slave_1 added [ 959.301225][T30786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 959.324940][T30786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 959.399870][T30786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 959.445982][T30786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 959.471862][T30786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 959.555219][T30786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 959.686508][T30786] hsr_slave_0: entered promiscuous mode [ 959.706878][T30786] hsr_slave_1: entered promiscuous mode [ 959.745870][T30786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 959.773964][T30786] Cannot create hsr debugfs directory [ 959.779687][ T5837] Bluetooth: hci3: command tx timeout [ 959.846307][ T5837] Bluetooth: hci2: command 0x040f tx timeout [ 959.968030][T30786] bridge0: port 2(bridge_slave_1) entered blocking state [ 959.975193][T30786] bridge0: port 2(bridge_slave_1) entered forwarding state [ 959.982767][T30786] bridge0: port 1(bridge_slave_0) entered blocking state [ 959.989958][T30786] bridge0: port 1(bridge_slave_0) entered forwarding state [ 960.032295][T30812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9900'. [ 960.162415][T30786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 960.208928][T30786] 8021q: adding VLAN 0 to HW filter on device team0 [ 960.597705][T30786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 960.997896][T30786] veth0_vlan: entered promiscuous mode [ 961.021110][T30786] veth1_vlan: entered promiscuous mode [ 961.089532][T30786] veth0_macvtap: entered promiscuous mode [ 961.111462][T30786] veth1_macvtap: entered promiscuous mode [ 961.153014][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 961.171883][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.200769][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 961.222061][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.235189][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 961.255124][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.266940][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 961.290150][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.315171][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 961.334476][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.344885][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 961.360170][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.372271][T30786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 961.463348][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 961.485666][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.516951][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 961.545658][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.569120][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 961.598709][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.642546][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 961.671980][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.692302][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 961.714442][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.724910][T30786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 961.745667][T30786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 961.798483][T30786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 961.845961][ T5837] Bluetooth: hci3: command tx timeout [ 961.926960][ T5837] Bluetooth: hci2: command 0x040f tx timeout [ 962.089394][ T3552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 962.097412][ T3552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 962.104945][ T3552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 962.113311][ T3552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 962.677803][T30838] delete_channel: no stack [ 963.457711][T30856] netlink: 206 bytes leftover after parsing attributes in process `syz.4.9911'. [ 963.475366][T30850] ERROR: Out of memory at tomoyo_memory_ok. [ 963.500053][T30850] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor proc:/self/fd/3 proc:/self/fd/3' not defined. [ 963.926315][ T5837] Bluetooth: hci3: command tx timeout [ 964.006063][ T5837] Bluetooth: hci2: command 0x040f tx timeout [ 964.273394][T30867] delete_channel: no stack [ 965.938734][T30903] delete_channel: no stack [ 966.006780][ T5837] Bluetooth: hci3: command tx timeout [ 967.737342][T30931] netlink: 322 bytes leftover after parsing attributes in process `syz.1.9936'. [ 967.796883][T30934] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9939'. [ 967.825169][T30934] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9939'. [ 968.216834][T30942] ERROR: Out of memory at tomoyo_memory_ok. [ 968.679331][T30957] netlink: 334 bytes leftover after parsing attributes in process `syz.8.9948'. [ 969.308987][T30966] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9952'. [ 969.361026][T30966] vcan0: entered promiscuous mode [ 971.511046][T31001] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9966'. [ 971.557822][T31001] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9966'. [ 971.600637][ T2898] bridge_slave_1: left allmulticast mode [ 971.603070][T31004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9967'. [ 971.625859][ T2898] bridge_slave_1: left promiscuous mode [ 971.633729][ T2898] bridge0: port 2(bridge_slave_1) entered disabled state [ 971.667123][ T2898] bridge_slave_0: left allmulticast mode [ 971.675844][T31004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9967'. [ 971.685417][ T2898] bridge_slave_0: left promiscuous mode [ 971.706055][ T2898] bridge0: port 1(bridge_slave_0) entered disabled state [ 971.894212][T19766] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 971.920212][T19766] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 971.939608][T19766] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 971.961961][T19766] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 971.971353][T19766] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 971.978857][T19766] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 972.349627][T31016] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9971'. [ 972.714097][ T2898] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 972.761036][ T2898] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 972.772853][ T2898] bond0 (unregistering): Released all slaves [ 972.800703][T31006] validate_nla: 9 callbacks suppressed [ 972.800725][T31006] netlink: 'syz.8.9968': attribute type 4 has an invalid length. [ 972.815900][T31006] netlink: 314 bytes leftover after parsing attributes in process `syz.8.9968'. [ 972.832491][T31006] IPv6: NLM_F_CREATE should be specified when creating new route [ 972.846148][T31006] IPv6: NLM_F_REPLACE set, but no existing node found! [ 973.167977][T31028] netlink: 342 bytes leftover after parsing attributes in process `syz.4.9975'. [ 973.239104][T31028] netlink: 126 bytes leftover after parsing attributes in process `syz.4.9975'. [ 973.622098][T31007] chnl_net:caif_netlink_parms(): no params data found [ 973.721948][T31043] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9981'. [ 973.997031][ T2898] hsr_slave_0: left promiscuous mode [ 974.025671][ T2898] hsr_slave_1: left promiscuous mode [ 974.085726][ T5837] Bluetooth: hci2: command tx timeout [ 974.095187][ T2898] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 974.102866][ T2898] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 974.126513][ T2898] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 974.134047][ T2898] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 974.219686][ T2898] veth1_macvtap: left promiscuous mode [ 974.225283][ T2898] veth0_macvtap: left promiscuous mode [ 974.234926][ T2898] veth1_vlan: left promiscuous mode [ 974.246046][ T2898] veth0_vlan: left promiscuous mode [ 975.106526][T31060] Invalid ELF header magic: != ELF [ 976.046933][ T2898] team0 (unregistering): Port device team_slave_1 removed [ 976.165722][ T5837] Bluetooth: hci2: command tx timeout [ 976.251905][ T2898] team0 (unregistering): Port device team_slave_0 removed [ 978.222235][T31059] netlink: 342 bytes leftover after parsing attributes in process `syz.8.9987'. [ 978.242532][T31059] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 978.249885][T31059] IPv6: NLM_F_CREATE should be set when creating new route [ 978.257299][T31059] IPv6: NLM_F_CREATE should be set when creating new route [ 978.264554][T31059] IPv6: NLM_F_CREATE should be set when creating new route [ 978.294288][ T5837] Bluetooth: hci2: command tx timeout [ 978.317023][T31071] netlink: 314 bytes leftover after parsing attributes in process `syz.4.9990'. [ 978.671363][T31007] bridge0: port 1(bridge_slave_0) entered blocking state [ 978.678972][T31007] bridge0: port 1(bridge_slave_0) entered disabled state [ 978.687083][T31007] bridge_slave_0: entered allmulticast mode [ 978.694315][T31007] bridge_slave_0: entered promiscuous mode [ 978.709556][T31007] bridge0: port 2(bridge_slave_1) entered blocking state [ 978.725823][T31007] bridge0: port 2(bridge_slave_1) entered disabled state [ 978.733315][T31007] bridge_slave_1: entered allmulticast mode [ 978.741230][T31007] bridge_slave_1: entered promiscuous mode [ 979.002398][T31091] netlink: 'syz.1.9997': attribute type 33 has an invalid length. [ 979.019562][T31007] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 979.039065][T31007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 979.048365][T31091] netlink: 322 bytes leftover after parsing attributes in process `syz.1.9997'. [ 979.231904][T31093] mkiss: ax0: crc mode is auto. [ 979.262477][T31007] team0: Port device team_slave_0 added [ 979.290656][T31007] team0: Port device team_slave_1 added [ 979.455698][T31007] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 979.471304][T31007] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 979.507622][T31007] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 979.542168][T31098] netlink: 326 bytes leftover after parsing attributes in process `syz.1.9998'. [ 979.606248][T31007] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 979.613257][T31007] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 979.694613][T31007] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 979.811367][T31007] hsr_slave_0: entered promiscuous mode [ 979.834375][T31007] hsr_slave_1: entered promiscuous mode [ 979.915746][T31007] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 979.923459][T31007] Cannot create hsr debugfs directory [ 980.266959][T31106] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10002'. [ 980.325820][ T5837] Bluetooth: hci2: command tx timeout [ 980.424868][T31007] 8021q: adding VLAN 0 to HW filter on device bond0 [ 980.468749][T31007] 8021q: adding VLAN 0 to HW filter on device team0 [ 980.513766][ T3552] bridge0: port 1(bridge_slave_0) entered blocking state [ 980.520995][ T3552] bridge0: port 1(bridge_slave_0) entered forwarding state [ 980.565359][ T3552] bridge0: port 2(bridge_slave_1) entered blocking state [ 980.572627][ T3552] bridge0: port 2(bridge_slave_1) entered forwarding state [ 981.119092][T31007] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 981.709660][T31007] veth0_vlan: entered promiscuous mode [ 981.747977][T31007] veth1_vlan: entered promiscuous mode [ 981.841274][T31007] veth0_macvtap: entered promiscuous mode [ 981.873972][T31007] veth1_macvtap: entered promiscuous mode [ 981.908051][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 981.928988][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 981.959209][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 981.976342][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 981.990817][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 982.005463][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.017830][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 982.030297][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.049853][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 982.072403][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.103193][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 982.118458][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.130585][T31007] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 982.147926][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 982.161074][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.172627][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 982.205641][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.251601][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 982.275718][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.308967][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 982.321155][T31148] netlink: 322 bytes leftover after parsing attributes in process `syz.8.10013'. [ 982.335400][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.346869][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 982.357870][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.368209][T31007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 982.384158][T31007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 982.398216][T31007] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 982.597396][T31153] netlink: 326 bytes leftover after parsing attributes in process `syz.1.10016'. [ 982.630563][ T3579] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 982.656227][ T3579] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 982.738269][ T2928] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 982.763301][ T2928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 983.432973][T31176] netlink: 326 bytes leftover after parsing attributes in process `syz.9.10023'. [ 983.458714][T31176] bridge0: port 2(bridge_slave_1) entered disabled state [ 983.466376][T31176] bridge0: port 1(bridge_slave_0) entered disabled state [ 983.532430][T31178] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10024'. [ 983.548407][T31178] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10024'. [ 984.510341][T31209] netlink: 334 bytes leftover after parsing attributes in process `syz.9.10035'. [ 984.559741][T31211] netlink: 130 bytes leftover after parsing attributes in process `syz.4.10036'. [ 984.750091][T31213] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10038'. [ 985.013754][T31222] netlink: 342 bytes leftover after parsing attributes in process `syz.9.10041'. [ 985.057697][T31222] netlink: 342 bytes leftover after parsing attributes in process `syz.9.10041'. [ 985.094956][T31222] netlink: 342 bytes leftover after parsing attributes in process `syz.9.10041'. [ 985.135257][T31222] netlink: 342 bytes leftover after parsing attributes in process `syz.9.10041'. [ 985.162970][T31222] netlink: 342 bytes leftover after parsing attributes in process `syz.9.10041'. [ 985.439545][T31232] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10045'. [ 985.449014][T31230] [ 985.451374][T31230] ====================================================== [ 985.458428][T31230] WARNING: possible circular locking dependency detected [ 985.465465][T31230] 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 Not tainted [ 985.472591][T31230] ------------------------------------------------------ [ 985.479625][T31230] syz.9.10044/31230 is trying to acquire lock: [ 985.485790][T31230] ffff8880236659c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x750 [ 985.496638][T31230] [ 985.496638][T31230] but task is already holding lock: [ 985.504023][T31230] ffff888026f44fe0 (&mm->mmap_lock){++++}-{4:4}, at: faultin_page_range+0x348/0x980 [ 985.513472][T31230] [ 985.513472][T31230] which lock already depends on the new lock. [ 985.513472][T31230] [ 985.523915][T31230] [ 985.523915][T31230] the existing dependency chain (in reverse order) is: [ 985.532951][T31230] [ 985.532951][T31230] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 985.540551][T31230] __might_fault+0x11b/0x190 [ 985.545701][T31230] _copy_from_user+0x29/0xd0 [ 985.550842][T31230] __blk_trace_setup+0xa8/0x180 [ 985.556251][T31230] blk_trace_setup+0x47/0x70 [ 985.561412][T31230] sg_ioctl+0x7a3/0x26b0 [ 985.566218][T31230] __x64_sys_ioctl+0x190/0x200 [ 985.571532][T31230] do_syscall_64+0xcd/0x250 [ 985.576588][T31230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.583039][T31230] [ 985.583039][T31230] -> #4 (&q->debugfs_mutex){+.+.}-{4:4}: [ 985.590901][T31230] __mutex_lock+0x19b/0xa60 [ 985.595962][T31230] blk_mq_init_sched+0x42b/0x640 [ 985.601457][T31230] elevator_init_mq+0x2cd/0x420 [ 985.606871][T31230] add_disk_fwnode+0x113/0x1300 [ 985.612290][T31230] sd_probe+0xa66/0xfa0 [ 985.617004][T31230] really_probe+0x23e/0xa90 [ 985.622065][T31230] __driver_probe_device+0x1de/0x440 [ 985.627914][T31230] driver_probe_device+0x4c/0x1b0 [ 985.633500][T31230] __device_attach_driver+0x1df/0x310 [ 985.639436][T31230] bus_for_each_drv+0x157/0x1e0 [ 985.644844][T31230] __device_attach_async_helper+0x1d3/0x290 [ 985.651304][T31230] async_run_entry_fn+0x9c/0x530 [ 985.656796][T31230] process_one_work+0x958/0x1b30 [ 985.662281][T31230] worker_thread+0x6c8/0xf00 [ 985.667419][T31230] kthread+0x2c1/0x3a0 [ 985.672039][T31230] ret_from_fork+0x45/0x80 [ 985.676999][T31230] ret_from_fork_asm+0x1a/0x30 [ 985.682326][T31230] [ 985.682326][T31230] -> #3 (&q->q_usage_counter(queue)#50){++++}-{0:0}: [ 985.691253][T31230] blk_queue_enter+0x50f/0x640 [ 985.696584][T31230] blk_mq_alloc_request+0x59b/0x950 [ 985.702343][T31230] scsi_execute_cmd+0x1f1/0xff0 [ 985.707757][T31230] read_capacity_16+0x21a/0xe20 [ 985.713179][T31230] sd_revalidate_disk.isra.0+0x1a06/0xa8d0 [ 985.719550][T31230] sd_probe+0x8ee/0xfa0 [ 985.724266][T31230] really_probe+0x23e/0xa90 [ 985.729327][T31230] __driver_probe_device+0x1de/0x440 [ 985.735181][T31230] driver_probe_device+0x4c/0x1b0 [ 985.740770][T31230] __device_attach_driver+0x1df/0x310 [ 985.746706][T31230] bus_for_each_drv+0x157/0x1e0 [ 985.752114][T31230] __device_attach_async_helper+0x1d3/0x290 [ 985.758570][T31230] async_run_entry_fn+0x9c/0x530 [ 985.764067][T31230] process_one_work+0x958/0x1b30 [ 985.769552][T31230] worker_thread+0x6c8/0xf00 [ 985.774692][T31230] kthread+0x2c1/0x3a0 [ 985.779336][T31230] ret_from_fork+0x45/0x80 [ 985.784322][T31230] ret_from_fork_asm+0x1a/0x30 [ 985.789659][T31230] [ 985.789659][T31230] -> #2 (&q->limits_lock){+.+.}-{4:4}: [ 985.797345][T31230] __mutex_lock+0x19b/0xa60 [ 985.802416][T31230] __nbd_set_size+0x2c0/0x730 [ 985.807644][T31230] nbd_start_device+0x8fd/0xd70 [ 985.813043][T31230] nbd_genl_connect+0x1204/0x1c00 [ 985.818620][T31230] genl_family_rcv_msg_doit+0x202/0x2f0 [ 985.824724][T31230] genl_rcv_msg+0x565/0x800 [ 985.829783][T31230] netlink_rcv_skb+0x165/0x410 [ 985.835093][T31230] genl_rcv+0x28/0x40 [ 985.839623][T31230] netlink_unicast+0x53c/0x7f0 [ 985.844935][T31230] netlink_sendmsg+0x8b8/0xd70 [ 985.850245][T31230] ____sys_sendmsg+0x9ae/0xb40 [ 985.855568][T31230] ___sys_sendmsg+0x135/0x1e0 [ 985.860805][T31230] __sys_sendmsg+0x16e/0x220 [ 985.865956][T31230] do_syscall_64+0xcd/0x250 [ 985.871012][T31230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.877467][T31230] [ 985.877467][T31230] -> #1 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 985.886119][T31230] blk_mq_submit_bio+0x1fb6/0x24c0 [ 985.891798][T31230] __submit_bio+0x384/0x540 [ 985.896862][T31230] submit_bio_noacct_nocheck+0x698/0xd70 [ 985.903056][T31230] submit_bio_noacct+0x93a/0x1e20 [ 985.908640][T31230] mpage_readahead+0x41d/0x590 [ 985.913961][T31230] read_pages+0x1a8/0xdc0 [ 985.918843][T31230] page_cache_ra_unbounded+0x3dc/0x750 [ 985.924855][T31230] force_page_cache_ra+0x24b/0x340 [ 985.930521][T31230] page_cache_sync_ra+0x110/0x9c0 [ 985.936101][T31230] filemap_get_pages+0xd7b/0x1be0 [ 985.941687][T31230] filemap_read+0x3ca/0xd70 [ 985.946754][T31230] blkdev_read_iter+0x187/0x480 [ 985.952154][T31230] vfs_read+0x87f/0xbe0 [ 985.956859][T31230] ksys_read+0x12b/0x250 [ 985.961650][T31230] do_syscall_64+0xcd/0x250 [ 985.966706][T31230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.973158][T31230] [ 985.973158][T31230] -> #0 (mapping.invalidate_lock#2){++++}-{4:4}: [ 985.981725][T31230] __lock_acquire+0x249e/0x3c40 [ 985.987131][T31230] lock_acquire.part.0+0x11b/0x380 [ 985.992795][T31230] down_read+0x9a/0x330 [ 985.997511][T31230] page_cache_ra_unbounded+0x173/0x750 [ 986.003525][T31230] page_cache_ra_order+0x8f2/0xc80 [ 986.009189][T31230] filemap_fault+0x14a5/0x2820 [ 986.014524][T31230] __do_fault+0x10a/0x490 [ 986.019400][T31230] do_pte_missing+0x1a8/0x3e00 [ 986.024724][T31230] __handle_mm_fault+0x103c/0x2a40 [ 986.030482][T31230] handle_mm_fault+0x3fa/0xaa0 [ 986.035823][T31230] __get_user_pages+0x8d9/0x3b50 [ 986.041314][T31230] faultin_page_range+0x3a8/0x980 [ 986.046905][T31230] do_madvise+0x504/0x770 [ 986.051806][T31230] __x64_sys_madvise+0xa9/0x110 [ 986.057222][T31230] do_syscall_64+0xcd/0x250 [ 986.062279][T31230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.068908][T31230] [ 986.068908][T31230] other info that might help us debug this: [ 986.068908][T31230] [ 986.079164][T31230] Chain exists of: [ 986.079164][T31230] mapping.invalidate_lock#2 --> &q->debugfs_mutex --> &mm->mmap_lock [ 986.079164][T31230] [ 986.093211][T31230] Possible unsafe locking scenario: [ 986.093211][T31230] [ 986.100681][T31230] CPU0 CPU1 [ 986.106063][T31230] ---- ---- [ 986.111460][T31230] rlock(&mm->mmap_lock); [ 986.115904][T31230] lock(&q->debugfs_mutex); [ 986.123038][T31230] lock(&mm->mmap_lock); [ 986.129921][T31230] rlock(mapping.invalidate_lock#2); [ 986.135331][T31230] [ 986.135331][T31230] *** DEADLOCK *** [ 986.135331][T31230] [ 986.143530][T31230] 1 lock held by syz.9.10044/31230: [ 986.148772][T31230] #0: ffff888026f44fe0 (&mm->mmap_lock){++++}-{4:4}, at: faultin_page_range+0x348/0x980 [ 986.158670][T31230] [ 986.158670][T31230] stack backtrace: [ 986.164575][T31230] CPU: 1 UID: 0 PID: 31230 Comm: syz.9.10044 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 986.175463][T31230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 986.185541][T31230] Call Trace: [ 986.188837][T31230] [ 986.191785][T31230] dump_stack_lvl+0x116/0x1f0 [ 986.196495][T31230] print_circular_bug+0x41c/0x610 [ 986.201556][T31230] check_noncircular+0x31a/0x400 [ 986.206530][T31230] ? __pfx_check_noncircular+0x10/0x10 [ 986.212028][T31230] ? __pfx___lock_acquire+0x10/0x10 [ 986.217253][T31230] ? lockdep_lock+0xc6/0x200 [ 986.221877][T31230] ? __pfx_lockdep_lock+0x10/0x10 [ 986.226939][T31230] ? find_held_lock+0x2d/0x110 [ 986.231742][T31230] __lock_acquire+0x249e/0x3c40 [ 986.236631][T31230] ? __pfx___lock_acquire+0x10/0x10 [ 986.241878][T31230] ? __pfx_mark_lock+0x10/0x10 [ 986.246692][T31230] lock_acquire.part.0+0x11b/0x380 [ 986.251842][T31230] ? page_cache_ra_unbounded+0x173/0x750 [ 986.257517][T31230] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 986.263191][T31230] ? rcu_is_watching+0x12/0xc0 [ 986.267992][T31230] ? trace_lock_acquire+0x14e/0x1f0 [ 986.273234][T31230] ? page_cache_ra_unbounded+0x173/0x750 [ 986.278904][T31230] ? lock_acquire+0x2f/0xb0 [ 986.283440][T31230] ? page_cache_ra_unbounded+0x173/0x750 [ 986.289111][T31230] down_read+0x9a/0x330 [ 986.293342][T31230] ? page_cache_ra_unbounded+0x173/0x750 [ 986.299014][T31230] ? __pfx_down_read+0x10/0x10 [ 986.303819][T31230] ? hlock_class+0x4e/0x130 [ 986.308369][T31230] ? mark_lock+0xb5/0xc60 [ 986.312743][T31230] ? __pfx___lock_acquire+0x10/0x10 [ 986.317971][T31230] ? xas_load+0x49/0x5b0 [ 986.322253][T31230] page_cache_ra_unbounded+0x173/0x750 [ 986.327747][T31230] ? find_held_lock+0x2d/0x110 [ 986.332570][T31230] page_cache_ra_order+0x8f2/0xc80 [ 986.337723][T31230] filemap_fault+0x14a5/0x2820 [ 986.342532][T31230] ? __pfx_filemap_fault+0x10/0x10 [ 986.347688][T31230] ? mark_held_locks+0x9f/0xe0 [ 986.352493][T31230] ? pte_alloc_one+0x2a3/0x390 [ 986.357292][T31230] ? __pfx_filemap_map_pages+0x10/0x10 [ 986.362798][T31230] __do_fault+0x10a/0x490 [ 986.367162][T31230] ? __pfx_filemap_map_pages+0x10/0x10 [ 986.372659][T31230] do_pte_missing+0x1a8/0x3e00 [ 986.377465][T31230] __handle_mm_fault+0x103c/0x2a40 [ 986.382621][T31230] ? __pfx_lock_release+0x10/0x10 [ 986.387677][T31230] ? trace_lock_acquire+0x14e/0x1f0 [ 986.392915][T31230] ? __pfx___handle_mm_fault+0x10/0x10 [ 986.398426][T31230] handle_mm_fault+0x3fa/0xaa0 [ 986.403261][T31230] __get_user_pages+0x8d9/0x3b50 [ 986.408244][T31230] ? __pfx___get_user_pages+0x10/0x10 [ 986.413656][T31230] ? down_read_killable+0xcc/0x380 [ 986.418811][T31230] ? __pfx_down_read_killable+0x10/0x10 [ 986.424394][T31230] ? gup_signal_pending+0x4f/0x190 [ 986.429547][T31230] ? __sanitizer_cov_trace_pc+0x4/0x70 [ 986.435049][T31230] faultin_page_range+0x3a8/0x980 [ 986.440129][T31230] do_madvise+0x504/0x770 [ 986.444516][T31230] ? __pfx_do_madvise+0x10/0x10 [ 986.449421][T31230] ? __x64_sys_futex+0x1e1/0x4c0 [ 986.454411][T31230] ? rcu_is_watching+0x12/0xc0 [ 986.459216][T31230] __x64_sys_madvise+0xa9/0x110 [ 986.464100][T31230] ? lockdep_hardirqs_on+0x7c/0x110 [ 986.469339][T31230] do_syscall_64+0xcd/0x250 [ 986.473880][T31230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.479809][T31230] RIP: 0033:0x7fbbc4d85d29 [ 986.484342][T31230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.503980][T31230] RSP: 002b:00007fbbc5b31038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 986.512427][T31230] RAX: ffffffffffffffda RBX: 00007fbbc4f75fa0 RCX: 00007fbbc4d85d29 [ 986.520430][T31230] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 986.528431][T31230] RBP: 00007fbbc4e01b08 R08: 0000000000000000 R09: 0000000000000000 [ 986.536513][T31230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 986.544513][T31230] R13: 0000000000000000 R14: 00007fbbc4f75fa0 R15: 00007ffda4cf6c78 [ 986.552528][T31230] [ 987.279170][T31251] syz_tun (unregistering): left allmulticast mode [ 987.291609][T31251] syz_tun (unregistering): left promiscuous mode [ 987.317801][T31251] bridge0: port 3(syz_tun) entered disabled state [ 993.616984][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.623315][ T1295] ieee802154 phy1 wpan1: encryption failed: -22