last executing test programs: 13m34.361453672s ago: executing program 0 (id=217): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) writev$auto(0x8000, &(0x7f0000000040)={0x0, 0x1000000000005}, 0x2bc) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) 13m34.114538553s ago: executing program 0 (id=220): statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x9, 0x8000000000000000, 0x8, 0x7, 0x9, 0x5, 0x5, 0x9, 0x3, 0x8, 0x5, 0xf, 0x0, 0x9, 0x10001, 0x5}, 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) 13m33.806106573s ago: executing program 0 (id=222): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@HSR_A_NODE_ADDR={0xa, 0x1, @broadcast}, @HSR_A_IFINDEX={0x8, 0x2, r3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000080}, 0x800) 13m33.622158733s ago: executing program 0 (id=224): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x7) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/user\x00') getdents64$auto(r0, 0x0, 0x18) 13m32.508676195s ago: executing program 0 (id=234): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) tkill$auto(0x1, 0x7) 13m31.009059456s ago: executing program 0 (id=243): sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x28, 0x0, 0x13c08e2214dc9a7a, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xa, 0x0, 0x0, @fd}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) read$auto(r0, 0x0, 0x20000000014c) 13m31.007603812s ago: executing program 32 (id=243): sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x28, 0x0, 0x13c08e2214dc9a7a, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xa, 0x0, 0x0, @fd}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) read$auto(r0, 0x0, 0x20000000014c) 3m0.423279267s ago: executing program 1 (id=6145): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a00010000000000000000000600060009000000080003000800000008000400ff"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3m0.136015394s ago: executing program 1 (id=6149): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x4000008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/sctp/remaddr\x00', 0xb00, 0x0) pread64$auto(r0, 0x0, 0x594c, 0x7) 2m58.946886421s ago: executing program 1 (id=6156): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) timerfd_create$auto(0x9, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x0, 0x19, 0xffffffffffffffff, 0x0) sendmsg$auto_BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, 0x0, 0x20008800) semctl$auto(0x1ff, 0x2, 0x13, 0x4) read$auto(0x3, 0x0, 0x80) ioctl$auto(0x3, 0x40085400, 0x5) 2m57.993166304s ago: executing program 1 (id=6163): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0x8}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @HSR_A_IF2_AGE={0x8, 0x4, 0x10}, @HSR_A_IF1_AGE={0x8, 0x3, 0xfffffffa}, @HSR_A_IF2_AGE={0x8, 0x4, 0xb7}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m57.486257708s ago: executing program 1 (id=6168): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) r0 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) tkill$auto(0x1, 0x7) 2m55.354796197s ago: executing program 1 (id=6183): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) timer_create$auto(0xfffffffa, 0x0, 0x0) timer_gettime$auto(0x0, 0x0) socketpair$auto(0x2, 0x4, 0x8000000000000000, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x40, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4605, 0x0) 2m55.046272116s ago: executing program 33 (id=6183): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) timer_create$auto(0xfffffffa, 0x0, 0x0) timer_gettime$auto(0x0, 0x0) socketpair$auto(0x2, 0x4, 0x8000000000000000, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x40, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4605, 0x0) 2m3.240013203s ago: executing program 5 (id=6646): mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x2) r0 = socket(0x2, 0x1, 0x106) sendmsg$auto_OVS_DP_CMD_SET(r0, 0x0, 0x20040810) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) 2m2.969160489s ago: executing program 5 (id=6650): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x3, 0x6) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) 2m2.702088985s ago: executing program 5 (id=6654): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r0 = socket(0xa, 0x2, 0x88) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9) write$auto(r0, 0x0, 0x9dba) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 2m2.388116463s ago: executing program 5 (id=6660): madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) ioctl$NS_GET_PARENT(r0, 0xff02, 0x0) 2m2.03337952s ago: executing program 5 (id=6664): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) r0 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) tkill$auto(0x1, 0x7) 2m0.429640969s ago: executing program 5 (id=6674): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) madvise$auto(0x0, 0x10001, 0x100000003) 2m0.159847058s ago: executing program 34 (id=6674): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) madvise$auto(0x0, 0x10001, 0x100000003) 5.11959971s ago: executing program 2 (id=7522): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) writev$auto(0x8, &(0x7f0000000040)={&(0x7f0000000000), 0x1}, 0xabc) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x8) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 4.329932709s ago: executing program 2 (id=7531): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x3, 0x4, 0x4000000000dc, 0x40eb2, 0xa1c, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x53, 0x9) semctl$auto(0x1ff, 0x2, 0x13, 0x1) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) 3.813263059s ago: executing program 6 (id=7536): mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x4e, 0x0) socket(0xa, 0x3, 0xff) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) socket(0x80000000000000a, 0x1, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x1, &(0x7f0000000000)='+\x00', &(0x7f0000000280), 0x0) 3.379122116s ago: executing program 6 (id=7538): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x11, 0x3, 0x9) clone$auto(0x20003b46, 0x100000000000005, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0xa22c0, 0x155) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0xf, 0x0, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f00000000c0)="4c03", 0x1c000000000}, 0x5, 0x0, 0x1, 0x1}, 0x2005}, 0x2, 0x100) 2.560762353s ago: executing program 4 (id=7539): fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x5) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop11\x00', 0x8001, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x101000, 0x0) pread64$auto(r2, 0x0, 0x100000000008, 0x8000) ioctl$auto_def_blk_fops_fs(r1, 0x1279, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) 2.560117105s ago: executing program 6 (id=7540): socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x161342, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="13000300", @ANYRES16=0x0, @ANYBLOB="0100"], 0x18}, 0x1, 0x0, 0x0, 0x801}, 0x40) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYRES8=0x0, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) r1 = socket(0x10, 0x2, 0xc) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x800000000000000, 0x1}, 0x4000000) 2.294867379s ago: executing program 6 (id=7542): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x15, 0x5, 0x0) r0 = socket(0x2, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x82, 0x0) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x48000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 2.294261881s ago: executing program 4 (id=7550): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b632abd7000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.254780744s ago: executing program 2 (id=7543): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x7f, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xc00caee0, 0x0) 1.952168916s ago: executing program 2 (id=7544): mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x1, 0x0) 1.940529496s ago: executing program 4 (id=7545): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r0, 0x0) epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd) 1.601317552s ago: executing program 3 (id=7546): mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x4) socket(0x10, 0x2, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10001}, 0x80) clock_gettime$auto(0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.579363049s ago: executing program 4 (id=7547): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b6}, {0xe, 0xfc, 0x9, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010072e0fa60fddbdf2500000000000000003c1b73"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b", @ANYRES8], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.558938614s ago: executing program 2 (id=7548): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x68141, 0x0) ioctl$auto(r0, 0x5456, 0xce01) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) r1 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) statx$auto(r1, 0x0, 0x1000, 0x8, 0x0) ioctl$auto(0x3, 0x4b4d, 0x38) 1.352925055s ago: executing program 3 (id=7549): close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/console\x00', 0x2, 0x0) ioctl$auto_TCSBRKP(r0, 0x5425, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) prctl$auto(0x10000000018, 0x800005, 0x4, 0x2, 0x0) writev$auto(0x4, &(0x7f0000002bc0)={0x0, 0x7}, 0x7) 1.222428361s ago: executing program 4 (id=7551): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) 1.177166192s ago: executing program 6 (id=7552): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0xffffffffffffffff, 0x8, 0x4) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptys4\x00', 0x301, 0x0) write$auto(r0, 0x0, 0xdb01) 871.997943ms ago: executing program 3 (id=7553): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0xf, 0xdfffffffffffffff, 0x69c9, 0x2, 0xbcc) 784.819978ms ago: executing program 2 (id=7554): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) 631.795156ms ago: executing program 3 (id=7555): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_NL802154_CMD_SET_BACKOFF_EXPONENT(r0, 0x0, 0x40) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 374.220909ms ago: executing program 3 (id=7556): read$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/0/msr\x00', 0xa0080, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r0 = openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x10082, 0x0) readv$auto(r0, &(0x7f0000001140)={&(0x7f00000010c0)="8050ed2e93ee3a6b2a46b5edd26beec2d055c15721c5e7cce776580e6c6ef2dd1c4ac44057b609e378653184f1301cd895c8afac06", 0x7}, 0x100000001) bpf$auto(0x0, 0x0, 0x6f4) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x101000, 0x0) pread64$auto(r1, 0x0, 0x100000000008, 0x8) 134.434135ms ago: executing program 3 (id=7557): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlockall$auto(0x7) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x200000, 0x2003f0, 0x15) r0 = getpgrp(0x0) prctl$auto(0x8, 0x5, r0, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff) 40.014326ms ago: executing program 4 (id=7558): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1fe, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) uname$auto(0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) shutdown$auto(0x200000003, 0x2) 0s ago: executing program 6 (id=7559): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) setns(0xffffffffffffffff, 0x20000000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) kernel console output (not intermixed with test programs): ng attributes in process `syz.1.1062'. [ 232.797157][ T8855] delete_channel: no stack [ 233.027140][ T8861] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1087'. [ 233.672944][ T8875] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1092'. [ 233.720572][ T8875] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1092'. [ 234.065382][ T8883] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1097'. [ 234.467089][ T8890] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1099'. [ 235.646843][ T8914] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1109'. [ 237.295852][ T8937] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1118'. [ 240.916268][ T8988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1139'. [ 241.272834][ T8992] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1144'. [ 244.066554][ T9044] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1166'. [ 244.633277][ T9052] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1168'. unting resumed [ 245.912259][ T9081] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1179'. [ 246.588890][ T9094] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1185'. [ 247.122001][ T9106] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1189'. [ 247.523154][ T9114] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1191'. [ 247.563472][ T9114] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1191'. [ 247.746189][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 247.871472][ T9122] netlink: 'syz.1.1197': attribute type 1 has an invalid length. [ 247.883392][ T9122] netlink: 'syz.1.1197': attribute type 1 has an invalid length. [ 250.736869][ T9196] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1227'. [ 250.767538][ T9194] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1225'. [ 250.958693][ T9201] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1232'. [ 251.480035][ T9219] netlink: 'syz.1.1238': attribute type 11 has an invalid length. [ 252.312147][ T9240] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1247'. [ 253.197138][ T9263] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1266'. [ 253.393601][ T9270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1260'. [ 253.618872][ T9275] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1262'. [ 253.647902][ T9275] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 254.389884][ T9297] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1272'. [ 254.829097][ T9307] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1276'. [ 254.846049][ T9307] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 255.155362][ T9315] synth uevent: /module/vxlan: unknown uevent action string [ 256.203165][ T9341] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1293'. [ 256.239979][ T9341] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1293'. [ 256.460702][ T9345] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1302'. [ 261.034142][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.041191][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.068199][ T9532] netlink: 'syz.1.1370': attribute type 11 has an invalid length. [ 263.095918][ T9532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1370'. [ 263.389155][ T9537] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1374'. [ 264.218099][ T9554] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 264.852236][ T9560] raw_sendmsg: syz.4.1384 forgot to set AF_INET. Fix it! [ 267.371383][ T9622] binder: BINDER_SET_CONTEXT_MGR already set [ 267.383748][ T9622] binder: 9620:9622 ioctl 4018620d 9 returned -16 [ 269.049259][ T9668] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 269.514534][ T9680] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1431'. [ 271.141382][ T9730] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1452'. [ 271.153145][ T9730] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1452'. [ 272.716306][ T9779] netlink: 'syz.4.1473': attribute type 1 has an invalid length. [ 272.738919][ T9779] netlink: 'syz.4.1473': attribute type 1 has an invalid length. [ 273.195327][ T9792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1479'. [ 273.232600][ T9792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1479'. [ 273.561499][ T9806] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1485'. [ 274.085496][ T9829] netlink: 'syz.2.1496': attribute type 1 has an invalid length. [ 274.098543][ T9829] netlink: 'syz.2.1496': attribute type 1 has an invalid length. [ 275.066214][ T9855] sd 0:0:1:0: PR command failed: 1026 [ 275.096022][ T9855] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 275.102843][ T9855] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 276.035916][ T9885] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1519'. [ 276.287916][ T9895] netlink: 11 bytes leftover after parsing attributes in process `syz.3.1523'. [ 277.003400][ T9917] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1529'. [ 279.326424][ T9988] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1560'. [ 280.111595][T10008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1564'. [ 280.650525][T10023] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1574'. [ 280.966030][T10027] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1574'. [ 281.458190][T10034] Process accounting resumed [ 283.576841][T10082] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1597'. [ 286.176272][ T30] audit: type=1326 audit(1735250565.666:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10100 comm="syz.2.1607" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f77e2b85d29 code=0x0 [ 286.612508][T10120] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1611'. [ 287.178651][T10124] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1614'. [ 287.227830][T10124] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1614'. [ 288.031184][T10145] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1622'. [ 289.376369][T10189] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1640'. [ 289.716445][T10195] nbd: socks must be embedded in a SOCK_ITEM attr [ 289.725650][T10195] block nbd3: shutting down sockets [ 290.756647][T10226] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1659'. [ 290.775997][T10226] : renamed from team0 (while UP) [ 291.045120][T10230] nbd: socks must be embedded in a SOCK_ITEM attr [ 291.063921][T10230] block nbd3: shutting down sockets [ 291.298862][T10236] netlink: 'syz.4.1669': attribute type 6 has an invalid length. [ 291.326062][T10236] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1669'. [ 292.246074][T10260] nbd: socks must be embedded in a SOCK_ITEM attr [ 292.261074][T10260] block nbd3: shutting down sockets [ 293.611673][T10289] Invalid ELF header magic: != ELF [ 293.951271][T10301] netlink: 'syz.1.1692': attribute type 6 has an invalid length. [ 293.994897][T10301] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1692'. [ 294.216050][T10309] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1693'. [ 294.238007][T10309] : renamed from team0 [ 294.658922][T10321] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1697'. [ 296.257657][T10356] netlink: 'syz.1.1713': attribute type 21 has an invalid length. [ 296.266956][T10356] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1713'. [ 298.892092][T10400] Invalid ELF header magic: != ELF [ 300.242304][T10436] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1741'. [ 300.276027][T10436] : renamed from team0 [ 300.322540][T10435] Invalid ELF header magic: != ELF [ 303.366432][T10461] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1750'. [ 303.381860][T10461] ksmbd: Unknown IPC event: 0, ignore. [ 307.712294][T10527] Invalid ELF header magic: != ELF [ 311.592164][T10583] Process accounting paused [ 314.379835][T10637] netlink: 178 bytes leftover after parsing attributes in process `syz.1.1821'. [ 314.565429][T10641] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1822'. [ 314.586993][T10641] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 315.952847][T10676] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1836'. [ 316.016167][T10676] ipvlan0: entered allmulticast mode [ 316.021822][T10676] veth0_vlan: entered allmulticast mode [ 316.208009][T10684] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1837'. [ 316.239730][T10684] veth0_macvtap: left promiscuous mode [ 316.284715][T10684] macvtap0: entered allmulticast mode [ 317.183587][T10708] netlink: 'syz.1.1849': attribute type 1 has an invalid length. [ 319.285195][T10742] syz.1.1862 uses obsolete (PF_INET,SOCK_PACKET) [ 319.310665][T10740] netlink: 'syz.4.1861': attribute type 1 has an invalid length. [ 319.892824][T10758] netlink: 74 bytes leftover after parsing attributes in process `syz.4.1870'. [ 320.496334][T10777] nbd: socks must be embedded in a SOCK_ITEM attr [ 320.504341][T10777] block nbd3: shutting down sockets [ 321.674332][T10808] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1892'. [ 321.815152][T10810] : entered promiscuous mode [ 321.932057][T10813] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1894'. [ 322.471344][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.477852][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.541036][T10872] : entered promiscuous mode [ 327.267227][T10950] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1947'. [ 337.967457][T11146] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2026'. [ 338.843925][T11157] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2031'. [ 338.910141][T11159] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2030'. [ 340.696006][T11192] bridge0: port 3(veth1_to_hsr) entered blocking state [ 340.703149][T11192] bridge0: port 3(veth1_to_hsr) entered disabled state [ 340.726454][T11192] veth1_to_hsr: entered allmulticast mode [ 340.746268][T11192] veth1_to_hsr: entered promiscuous mode [ 340.752555][T11192] bridge0: port 3(veth1_to_hsr) entered blocking state [ 340.759726][T11192] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 341.779618][T11208] Process accounting resumed [ 341.899637][T11211] netlink: 'syz.1.2053': attribute type 9 has an invalid length. [ 341.929547][T11211] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2053'. [ 343.295521][T11237] bridge0: port 3(veth1_to_hsr) entered blocking state [ 343.315270][T11237] bridge0: port 3(veth1_to_hsr) entered disabled state [ 343.330770][T11237] veth1_to_hsr: entered allmulticast mode [ 343.352734][T11237] veth1_to_hsr: entered promiscuous mode [ 343.754544][T11245] netlink: 'syz.4.2065': attribute type 9 has an invalid length. [ 343.817024][T11248] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2067'. [ 343.844434][T11245] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2065'. [ 344.740225][T11276] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2079'. [ 346.079158][T11296] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2088'. [ 346.285964][T11304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2092'. [ 347.300993][T11323] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2101'. [ 351.576296][T11427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2144'. [ 353.397266][T11462] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2158'. [ 356.798507][T11538] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2188'. [ 360.525122][T11635] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2230'. [ 361.335441][T11664] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2241'. [ 361.628640][T11670] netlink: 306 bytes leftover after parsing attributes in process `syz.3.2244'. [ 365.151107][T11769] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2284'. [ 365.418676][T11776] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2294'. [ 365.459420][T11776] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2294'. [ 365.794834][T11795] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2295'. [ 367.993255][T11863] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2323'. [ 368.005570][T11863] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2323'. [ 368.140954][T11869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2325'. [ 368.501191][T11881] netlink: 'syz.1.2330': attribute type 29 has an invalid length. [ 368.524708][T11881] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2330'. [ 369.108660][T11897] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 369.125461][T11897] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 369.159782][T11897] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 369.182860][T11897] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 369.239144][T11897] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 369.252007][T11897] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 369.261716][T11897] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 369.269610][T11897] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 370.048188][T11927] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2351'. [ 370.670926][T11948] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2356'. [ 370.897824][T11954] netlink: 'syz.3.2358': attribute type 29 has an invalid length. [ 370.906036][T11954] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2358'. [ 371.185943][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 371.192105][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 371.265809][ T5853] Bluetooth: hci0: command 0x0406 tx timeout [ 371.272081][ T5853] Bluetooth: hci3: command 0x0406 tx timeout [ 371.884352][T11959] Process accounting paused [ 371.919102][T11981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2368'. [ 372.540093][T12008] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2388'. [ 373.210452][T12017] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2392'. [ 373.285835][ T5853] Bluetooth: hci1: command 0x0406 tx timeout [ 373.285848][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 373.345849][ T5853] Bluetooth: hci3: command 0x0406 tx timeout [ 373.350353][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 374.560708][T12041] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 374.567248][T12041] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 374.576391][T12041] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 374.582684][T12041] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 375.477667][T12069] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2406'. [ 376.220978][T12095] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 376.253889][T12095] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 376.262780][T12095] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 376.273870][T12095] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 377.452149][T12135] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2428'. [ 378.306200][ T5853] Bluetooth: hci3: command 0x0406 tx timeout [ 378.312324][ T5853] Bluetooth: hci2: command 0x0406 tx timeout [ 378.318514][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 378.335826][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 378.414849][T12162] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2440'. [ 378.641539][T12169] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2443'. [ 379.197368][T12186] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2451'. [ 379.924926][T12211] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2461'. [ 380.040234][T12211] hsr_slave_1 (unregistering): left promiscuous mode [ 380.229690][T12221] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2465'. [ 381.031388][T12245] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2474'. [ 381.553235][T12266] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2485'. [ 381.599601][T12268] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2482'. [ 381.636394][T12268] bridge0: port 3(veth1_to_hsr) entered disabled state [ 381.723046][T12270] Invalid ELF header magic: != ELF [ 381.802454][T12268] hsr_slave_1 (unregistering): left promiscuous mode [ 381.929670][T12268] veth1_to_hsr (unregistering): left allmulticast mode [ 381.967242][T12268] veth1_to_hsr (unregistering): left promiscuous mode [ 381.975932][T12268] bridge0: port 3(veth1_to_hsr) entered disabled state [ 382.001671][T12281] Invalid ELF header magic: != ELF [ 382.903933][T12302] openvswitch: netlink: IP tunnel dst address not specified [ 382.937383][T12302] openvswitch: netlink: IP tunnel dst address not specified [ 383.933558][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.940132][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.017781][T12338] openvswitch: netlink: IP tunnel dst address not specified [ 384.043780][T12338] openvswitch: netlink: IP tunnel dst address not specified [ 385.047593][T12371] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2525'. [ 385.162343][T12371] hsr_slave_1 (unregistering): left promiscuous mode [ 386.210404][T12402] netlink: 'syz.4.2541': attribute type 9 has an invalid length. [ 386.456033][T12412] netlink: 'syz.4.2543': attribute type 1 has an invalid length. [ 387.333116][T12440] netlink: 130 bytes leftover after parsing attributes in process `syz.3.2555'. [ 387.909471][T12450] Invalid ELF header magic: != ELF [ 388.112170][T12453] Invalid ELF header magic: != ELF [ 389.928050][T12480] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2569'. [ 390.538184][T12491] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2573'. [ 391.362874][T12510] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2582'. [ 393.179006][T12552] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2598'. [ 394.132162][T12573] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2609'. [ 395.347278][T12608] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2623'. [ 395.640102][T12614] ERROR: Out of memory at tomoyo_memory_ok. [ 395.674949][T12614] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor tmpfs:/newroot/683/file0' not defined. [ 395.750111][T12618] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2627'. [ 396.521368][T12641] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2637'. [ 398.264680][ C1] sd 0:0:1:0: [sda] tag#2644 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 398.275392][ C1] sd 0:0:1:0: [sda] tag#2644 CDB: Write(6) 0a 00 00 00 00 00 00 00 00 00 00 00 [ 398.405005][T12675] ERROR: Out of memory at tomoyo_memory_ok. [ 398.668822][T12681] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2652'. [ 398.904619][T12689] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2655'. [ 399.138429][T12697] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2659'. [ 399.806237][T12706] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2662'. [ 399.946195][T12708] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2663'. [ 400.116816][T12714] lo: entered allmulticast mode [ 400.196185][T12717] lo: left allmulticast mode [ 400.974244][T12743] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2677'. [ 401.265221][ T27] ERROR: Out of memory at tomoyo_memory_ok. [ 401.987532][T12773] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2689'. [ 402.036766][T12770] Process accounting resumed [ 402.131446][T12776] i2c i2c-0: Invalid block write size 128 [ 403.739140][T12835] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2715'. [ 406.010808][T12902] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2740'. [ 406.670472][T12920] ERROR: Out of memory at tomoyo_memory_ok. [ 407.244001][T12928] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2751'. [ 407.404366][T12938] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2754'. [ 407.730192][T12943] lo: entered allmulticast mode [ 407.735339][T12943] lo: left allmulticast mode [ 407.816476][T12949] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2759'. [ 408.475004][T12958] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2762'. [ 408.971554][T12967] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2765'. [ 409.014153][T12969] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 409.058052][T12969] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 412.237490][T13032] ERROR: Out of memory at tomoyo_memory_ok. [ 413.425166][T13059] lo: entered allmulticast mode [ 413.500883][T13061] lo: left allmulticast mode [ 415.864815][T13100] lo: entered allmulticast mode [ 415.892325][T13098] lo: entered promiscuous mode [ 415.912354][T13097] lo: left promiscuous mode [ 415.954091][T13103] lo: left allmulticast mode [ 417.245479][T13113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2816'. [ 418.713570][T13148] lo: entered allmulticast mode [ 418.810225][T13153] lo: left allmulticast mode [ 420.300199][T13178] lo: entered allmulticast mode [ 420.305485][T13178] lo: left allmulticast mode [ 420.738040][T13182] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2838'. [ 424.837686][T13259] ima: policy update failed [ 424.842610][ T30] audit: type=1802 audit(1735250704.336:4): pid=13259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2871" res=0 errno=0 [ 425.390210][T13276] lo: entered allmulticast mode [ 425.462900][T13277] lo: left allmulticast mode [ 425.725186][T13283] ima: policy update failed [ 425.746762][ T30] audit: type=1802 audit(1735250705.246:5): pid=13283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2881" res=0 errno=0 [ 426.666592][T13305] netlink: 'syz.1.2889': attribute type 3 has an invalid length. [ 429.086961][T13364] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2913'. [ 429.342717][T13359] erspan0: left allmulticast mode [ 430.733200][T13393] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2924'. [ 430.905463][T13395] netlink: 'syz.3.2925': attribute type 3 has an invalid length. [ 431.801415][T13407] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2931'. [ 432.139503][T13405] Process accounting paused [ 434.602650][T13456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2956'. [ 435.401216][T13453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2948'. [ 435.710883][T13482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2960'. [ 435.763925][T13484] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2962'. [ 435.856948][T13490] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2964'. [ 436.027262][T13494] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2966'. [ 437.113541][T13506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2971'. [ 437.915407][T13528] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2979'. [ 438.532110][T13551] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2989'. [ 438.552685][T13551] vcan0: entered promiscuous mode [ 439.289012][T13564] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2996'. [ 439.785943][T13569] __nla_validate_parse: 1 callbacks suppressed [ 439.785969][T13569] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2997'. [ 440.073913][T13584] delete_channel: no stack [ 441.527082][T13631] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3023'. [ 441.563839][T13631] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3023'. [ 441.755780][T13633] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3022'. [ 441.776355][T13633] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3022'. [ 444.327903][T13716] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3056'. [ 444.362818][T13716] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3056'. [ 444.428374][T13723] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3061'. [ 445.366162][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.371930][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.532356][T13753] ptrace attach of "./syz-executor exec"[5837] was attempted by ""[13753] [ 447.589043][T13811] ERROR: Out of memory at tomoyo_memory_ok. [ 447.739884][T13815] netlink: 346 bytes leftover after parsing attributes in process `syz.1.3097'. [ 448.035967][T13827] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3102'. [ 448.671003][T13847] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3112'. [ 448.964906][T13858] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3116'. [ 448.980312][T13858] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3116'. [ 449.147999][T13861] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3118'. [ 449.191591][T13861] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3118'. [ 449.380635][T13867] netlink: 130 bytes leftover after parsing attributes in process `syz.2.3121'. [ 449.604077][T13872] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3122'. [ 449.824056][T13875] ERROR: Out of memory at tomoyo_memory_ok. [ 450.051522][T13881] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3125'. [ 451.325546][T13913] netlink: 'syz.1.3149': attribute type 1 has an invalid length. [ 451.346352][T13913] netlink: 'syz.1.3149': attribute type 1 has an invalid length. [ 452.825229][T13952] syz.2.3157 (13952) used greatest stack depth: 19744 bytes left [ 452.873804][T13958] __nla_validate_parse: 7 callbacks suppressed [ 452.873833][T13958] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3160'. [ 453.068648][T13967] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3164'. [ 454.280764][T14001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3178'. [ 455.096162][T14020] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3185'. [ 456.199110][T14043] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3194'. [ 457.296495][T14071] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3206'. [ 457.336056][T14071] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3206'. [ 460.604664][T14134] netlink: 74 bytes leftover after parsing attributes in process `syz.1.3231'. [ 461.151472][T14152] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3238'. [ 461.180599][T14152] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3238'. [ 462.230529][T14172] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3245'. [ 462.772981][T14184] netlink: 130 bytes leftover after parsing attributes in process `syz.1.3251'. [ 463.347186][T14197] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3258'. [ 463.562914][T14196] netlink: 74 bytes leftover after parsing attributes in process `syz.2.3259'. [ 464.592655][T14216] netlink: 130 bytes leftover after parsing attributes in process `syz.2.3265'. [ 464.689753][T14218] Invalid ELF header magic: != ELF [ 466.122106][T14252] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3279'. [ 467.770615][T14288] netlink: 'syz.1.3291': attribute type 3 has an invalid length. [ 467.791099][T14288] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3291'. [ 469.378731][T14319] netlink: 'syz.3.3304': attribute type 3 has an invalid length. [ 469.389474][T14319] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3304'. [ 472.924144][ T5847] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 473.722701][T14403] Invalid ELF header magic: != ELF [ 475.146900][T14428] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3340'. [ 475.705352][T14441] netlink: 'syz.3.3346': attribute type 27 has an invalid length. [ 475.725165][T14441] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3346'. [ 475.994262][T14445] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3348'. [ 476.652572][T14458] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3353'. [ 476.699511][T14458] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3353'. [ 477.946018][T14478] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 479.277810][T14492] openvswitch: netlink: VXLAN extension 0 has unexpected len 1 expected 0 [ 483.762921][T14573] tc_dump_action: action bad kind [ 484.023821][T14577] ERROR: Out of memory at tomoyo_memory_ok. [ 484.710565][T14580] Invalid ELF header magic: != ELF [ 487.097677][T14624] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3416'. [ 487.357526][T14630] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3419'. [ 487.378290][T14630] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3419'. [ 488.873271][T14660] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3429'. [ 489.526362][T14670] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3434'. [ 490.296867][T14685] kernel read not supported for file /#)-\"[} (pid: 14685 comm: syz.2.3441) [ 490.305432][ T30] audit: type=1800 audit(1735250769.796:6): pid=14685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3441" name=23292D5C225B7D dev="mqueue" ino=35263 res=0 errno=0 [ 490.811564][T14692] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3445'. [ 491.258422][T14696] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3447'. [ 493.042032][T14740] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3463'. [ 495.533525][T14799] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3486'. [ 495.682131][T14803] netlink: 'syz.2.3491': attribute type 11 has an invalid length. [ 497.384523][T14842] ERROR: Out of memory at tomoyo_memory_ok. [ 497.525037][T14846] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3507'. [ 497.830394][T14852] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3510'. [ 498.285962][T14859] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3513'. [ 498.595934][T14872] ERROR: Out of memory at tomoyo_memory_ok. [ 498.763881][T14877] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3518'. [ 499.398287][T14896] openvswitch: netlink: Unknown nsh attribute 0 [ 499.448690][T14898] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3527'. [ 499.649467][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3530'. [ 499.677580][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3530'. [ 499.926350][T14903] sctp: [Deprecated]: syz.2.3531 (pid 14903) Use of struct sctp_assoc_value in delayed_ack socket option. [ 499.926350][T14903] Use struct sctp_sack_info instead [ 500.264501][T14917] netlink: 'syz.2.3543': attribute type 1 has an invalid length. [ 500.352139][T14919] ERROR: Out of memory at tomoyo_memory_ok. [ 500.718452][T14929] openvswitch: netlink: Unknown nsh attribute 0 [ 500.998857][T14936] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3552'. [ 500.999507][T14938] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3544'. [ 501.528806][T14950] ERROR: Out of memory at tomoyo_memory_ok. [ 501.624478][T14952] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3550'. [ 502.265079][T14969] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3556'. [ 502.554551][T14978] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3559'. [ 503.724382][T15021] __nla_validate_parse: 1 callbacks suppressed [ 503.724409][T15021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3581'. [ 503.939781][T15026] HfR: entered promiscuous mode [ 503.975330][T15026] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3583'. [ 504.017634][T15026] HfR: left promiscuous mode [ 504.087804][T15034] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3586'. [ 504.720599][T15058] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3595'. [ 505.147783][T15074] netlink: 74 bytes leftover after parsing attributes in process `syz.2.3600'. [ 505.749765][T15096] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3610'. [ 505.947203][T15106] sctp: [Deprecated]: syz.2.3614 (pid 15106) Use of int in maxseg socket option. [ 505.947203][T15106] Use struct sctp_assoc_value instead [ 506.071455][T15109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3615'. [ 506.257987][T15113] Process accounting resumed [ 506.794776][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.801635][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.596164][T15164] devpts: called with bogus options [ 509.619925][T15225] ERROR: Out of memory at tomoyo_memory_ok. [ 510.103049][T15242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3670'. [ 514.137018][T15326] netlink: 'syz.1.3704': attribute type 2 has an invalid length. [ 514.913683][T15344] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3711'. [ 515.566145][T15356] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3717'. [ 516.385863][T15375] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3725'. [ 516.756120][T15383] netlink: 'syz.1.3729': attribute type 22 has an invalid length. [ 516.766414][T15382] netlink: 'syz.3.3730': attribute type 2 has an invalid length. [ 516.796096][T15383] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3729'. [ 516.827058][T15382] netlink: 'syz.3.3730': attribute type 2 has an invalid length. [ 517.185186][T15392] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3734'. [ 518.146168][T15422] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3746'. [ 518.991238][T15447] netlink: 'syz.3.3760': attribute type 28 has an invalid length. [ 519.005811][T15447] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3760'. [ 519.443198][T15459] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3764'. [ 520.873642][T15487] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3775'. [ 520.904512][T15487] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3775'. [ 522.930632][T15520] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3789'. [ 523.478256][T15533] netlink: 'syz.4.3795': attribute type 1 has an invalid length. [ 523.505027][T15533] netlink: 'syz.4.3795': attribute type 1 has an invalid length. [ 524.003142][T15549] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3809'. [ 526.063834][T15581] netlink: 74 bytes leftover after parsing attributes in process `syz.4.3813'. [ 526.961843][T15604] ERROR: Out of memory at tomoyo_memory_ok. [ 526.970401][T15607] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3830'. [ 528.431564][T15652] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3848'. [ 528.629675][T15659] ERROR: Out of memory at tomoyo_memory_ok. [ 529.523941][T15681] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3850'. [ 529.582817][T15683] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3851'. [ 529.798992][T15691] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3857'. [ 529.906056][T15691] bridge0: port 2(bridge_slave_1) entered disabled state [ 530.092397][T15691] bridge_slave_1 (unregistering): left allmulticast mode [ 530.112047][T15691] bridge_slave_1 (unregistering): left promiscuous mode [ 530.131960][T15691] bridge0: port 2(bridge_slave_1) entered disabled state [ 530.367765][T15703] ERROR: Out of memory at tomoyo_memory_ok. [ 531.685126][T15733] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3872'. [ 531.995110][T15743] ERROR: Out of memory at tomoyo_memory_ok. [ 535.465256][T15824] netlink: 350 bytes leftover after parsing attributes in process `syz.3.3911'. [ 536.011236][T15847] netlink: 'syz.2.3922': attribute type 4 has an invalid length. [ 536.036538][T15847] netlink: 'syz.2.3922': attribute type 4 has an invalid length. [ 536.582776][T15866] ERROR: Out of memory at tomoyo_memory_ok. [ 537.110047][T15876] ERROR: Out of memory at tomoyo_memory_ok. [ 538.158735][T15901] ERROR: Out of memory at tomoyo_memory_ok. [ 539.023710][T15923] ERROR: Out of memory at tomoyo_memory_ok. [ 539.410324][T15937] netlink: 'syz.1.3959': attribute type 21 has an invalid length. [ 539.435831][T15937] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3959'. [ 539.801060][T15950] netlink: 'syz.3.3967': attribute type 19 has an invalid length. [ 539.818575][T15950] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3967'. [ 540.726975][T15972] netlink: 'syz.2.3972': attribute type 16 has an invalid length. [ 540.734103][T15972] netlink: 322 bytes leftover after parsing attributes in process `syz.2.3972'. [ 540.763470][T15974] ERROR: Out of memory at tomoyo_memory_ok. [ 540.990772][T15981] netlink: 'syz.1.3976': attribute type 10 has an invalid length. [ 541.004371][T15981] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3976'. [ 541.597992][T15999] RDS: rds_bind could not find a transport for 86a4:131b:e300:1000::, load rds_tcp or rds_rdma? [ 543.141558][T16031] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3995'. [ 544.383526][T16064] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4009'. [ 544.409119][T16062] sctp: [Deprecated]: syz.1.4007 (pid 16062) Use of struct sctp_assoc_value in delayed_ack socket option. [ 544.409119][T16062] Use struct sctp_sack_info instead [ 544.520048][T16068] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4011'. [ 544.527978][T16070] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4012'. [ 544.582590][T16070] bond0: (slave bond_slave_0): Releasing backup interface [ 544.909621][T16079] netlink: 'syz.3.4015': attribute type 16 has an invalid length. [ 544.917082][T16079] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4015'. [ 545.803832][T16113] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4030'. [ 546.537488][T16137] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4039'. [ 549.236506][T16206] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4068'. [ 550.166172][T16237] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4079'. [ 551.153976][T16253] netlink: 'syz.4.4087': attribute type 4 has an invalid length. [ 551.165795][T16253] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4087'. [ 551.661123][T16267] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4092'. [ 551.706684][T16267] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4092'. [ 552.546129][T16297] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4102'. [ 552.599906][T16297] veth0_macvtap: left promiscuous mode [ 554.432035][T16359] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4128'. [ 554.722204][T16366] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4132'. [ 554.799050][T16366] bond0: (slave bond_slave_0): Releasing backup interface [ 554.892427][T16368] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4133'. [ 554.942626][T16368] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4133'. [ 555.818428][T16389] netlink: 'syz.4.4142': attribute type 27 has an invalid length. [ 555.825802][T16389] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4142'. [ 556.516568][T16392] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? [ 556.565422][T16394] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4143'. [ 556.723115][T16394] bond0: (slave bond_slave_0): Releasing backup interface [ 557.328960][T16414] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4152'. [ 559.979998][T16500] delete_channel: no stack [ 561.082698][T16540] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4193'. [ 561.334766][T16548] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4195'. [ 561.597008][T16555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4198'. [ 562.596524][T16571] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4202'. [ 562.669698][T16571] bond0: (slave bond_slave_0): Releasing backup interface [ 562.849902][T16578] ERROR: Out of memory at tomoyo_memory_ok. [ 562.877216][T16580] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4208'. [ 562.991687][T16586] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4211'. [ 563.675936][T16608] UHID_CREATE from different security context by process 2419 (syz.3.4219), this is not allowed. [ 563.778778][T16610] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4220'. [ 564.824623][T16640] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4233'. [ 565.907602][T16657] relay: one or more items not logged [item size (48) > sub-buffer size (28)] [ 566.185998][T16676] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4246'. [ 566.216162][T16673] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4244'. [ 567.330308][T16717] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4263'. [ 567.338675][T16717] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 567.345413][T16717] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 567.383439][T16717] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 567.393256][T16717] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 568.084653][T16738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4270'. [ 568.115212][T16738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4270'. [ 568.231789][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.237643][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.258840][T16755] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4276'. [ 569.880758][T16772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4280'. [ 570.090911][T16777] sctp: [Deprecated]: syz.4.4282 (pid 16777) Use of int in max_burst socket option. [ 570.090911][T16777] Use struct sctp_assoc_value instead [ 571.386264][T16808] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4294'. [ 571.778192][T16815] netlink: 322 bytes leftover after parsing attributes in process `syz.3.4297'. [ 572.066877][T16827] delete_channel: no stack [ 572.472606][T16839] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4307'. [ 573.095372][T16852] netlink: 306 bytes leftover after parsing attributes in process `syz.4.4312'. [ 573.633849][T16867] netlink: 'syz.2.4318': attribute type 4 has an invalid length. [ 573.659606][T16867] netlink: 314 bytes leftover after parsing attributes in process `syz.2.4318'. [ 576.087158][T16918] netlink: 'syz.4.4337': attribute type 3 has an invalid length. [ 576.100302][T16918] netlink: 332 bytes leftover after parsing attributes in process `syz.4.4337'. [ 576.147763][T16918] netlink: 'syz.4.4337': attribute type 3 has an invalid length. [ 576.154898][T16918] netlink: 332 bytes leftover after parsing attributes in process `syz.4.4337'. [ 576.307249][T16912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4335'. [ 577.146976][T16938] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4341'. [ 577.189093][T16938] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4341'. [ 578.146084][T16959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4351'. [ 578.260563][T16962] openvswitch: netlink: VXLAN extension 13870 out of range max 1 [ 579.034642][T16978] netlink: 266 bytes leftover after parsing attributes in process `syz.1.4359'. [ 579.064453][T16978] IPv6: NLM_F_CREATE should be specified when creating new route [ 579.450424][T16987] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4363'. [ 580.440591][T17013] netlink: 'syz.4.4372': attribute type 4 has an invalid length. [ 581.008670][T17029] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4380'. [ 582.176670][T17056] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4390'. [ 583.297362][T17082] netlink: 'syz.1.4402': attribute type 4 has an invalid length. [ 584.373311][T17091] netlink: 322 bytes leftover after parsing attributes in process `syz.4.4406'. [ 585.058050][T17107] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4414'. [ 586.511801][T17137] netlink: 146 bytes leftover after parsing attributes in process `syz.3.4427'. [ 587.076573][T17152] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4433'. [ 587.336867][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4435'. [ 587.448169][T17161] : Can't lookup blockdev [ 587.726140][T17167] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4439'. [ 589.057814][T17197] netlink: 'syz.4.4453': attribute type 14 has an invalid length. [ 589.066082][T17197] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4453'. [ 589.175713][T17199] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4452'. [ 590.295230][T17236] netlink: 'syz.3.4468': attribute type 4 has an invalid length. [ 590.732493][T17251] mkiss: ax0: crc mode is auto. [ 591.542389][T17281] netlink: 322 bytes leftover after parsing attributes in process `syz.1.4488'. [ 591.659594][T17286] netlink: 'syz.2.4491': attribute type 21 has an invalid length. [ 591.686430][T17286] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4491'. [ 592.418347][T17324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4503'. [ 592.459692][T17324] lo: entered promiscuous mode [ 592.475102][T17324] lo: entered allmulticast mode [ 594.067777][T17386] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4520'. [ 595.051540][T17425] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4537'. [ 595.521550][T17445] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4544'. [ 596.409691][T17473] netlink: 'syz.4.4556': attribute type 4 has an invalid length. [ 597.018499][T17494] mkiss: ax0: crc mode is auto. [ 597.760176][T17522] netlink: 'syz.1.4584': attribute type 29 has an invalid length. [ 597.775879][T17522] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4584'. [ 598.416973][T17547] capability: warning: `syz.2.4583' uses 32-bit capabilities (legacy support in use) [ 598.657706][T17557] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4587'. [ 599.035695][T17572] openvswitch: netlink: Tunnel attr 8192 out of range max 16 [ 599.130473][T17576] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4592'. [ 599.699593][T17595] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4595'. [ 600.412825][T17617] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4600'. [ 600.464015][T17617] lo: entered promiscuous mode [ 600.489622][T17617] lo: entered allmulticast mode [ 601.981707][T17664] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4613'. [ 602.009494][T17664] lo: entered promiscuous mode [ 602.014042][T17664] lo: entered allmulticast mode [ 602.435328][T17671] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4619'. [ 602.464012][T17671] vcan0: entered promiscuous mode [ 606.126900][T17758] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4646'. [ 606.169575][T17758] lo: entered promiscuous mode [ 606.174336][T17758] lo: entered allmulticast mode [ 606.357431][T17761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4647'. [ 608.151858][T17800] netlink: 306 bytes leftover after parsing attributes in process `syz.2.4661'. [ 609.350523][T17843] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4669'. [ 609.540364][T17850] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4671'. [ 609.603267][T17850] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 609.627022][T17850] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 609.635086][T17850] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 609.675689][T17850] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 610.929391][T17891] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4686'. [ 611.570812][T17906] netlink: 130 bytes leftover after parsing attributes in process `syz.3.4692'. [ 612.456336][T17930] netlink: 'syz.1.4709': attribute type 4 has an invalid length. [ 612.623036][T17935] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4703'. [ 613.082526][T17948] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4704'. [ 613.122116][T17948] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 613.143875][T17948] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 613.160140][T17948] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 613.167884][T17948] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 614.113527][T17984] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4720'. [ 614.125101][T17984] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4720'. [ 614.257776][T17986] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4722'. [ 614.285945][T17986] macvlan1: entered promiscuous mode [ 614.290956][T17986] macvlan1: left allmulticast mode [ 614.302605][T17986] veth1_vlan: left allmulticast mode [ 614.407979][T17992] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4725'. [ 614.422345][T17992] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 614.432047][T17992] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 614.440096][T17992] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 614.447480][T17992] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 614.876284][T18004] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4729'. [ 614.899195][T18004] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4729'. [ 616.241972][T18047] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4745'. [ 617.216108][T18072] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4755'. [ 617.240366][T18075] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4756'. [ 617.416041][T18079] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4758'. [ 617.571780][T18083] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4759'. [ 618.590165][T18110] netlink: 'syz.2.4769': attribute type 4 has an invalid length. [ 618.932352][T18121] netlink: 'syz.4.4772': attribute type 27 has an invalid length. [ 618.948812][T18121] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4772'. [ 620.084780][T18148] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4783'. [ 621.906494][T18195] ERROR: Out of memory at tomoyo_memory_ok. [ 622.304960][T18206] Process accounting resumed [ 622.623859][T18213] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4807'. [ 623.874268][T18242] netlink: 'syz.1.4819': attribute type 1 has an invalid length. [ 623.885752][T18242] netlink: 318 bytes leftover after parsing attributes in process `syz.1.4819'. [ 624.037989][T18247] netlink: 'syz.1.4821': attribute type 27 has an invalid length. [ 624.075992][T18247] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4821'. [ 624.540891][T18261] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4826'. [ 625.425739][T18283] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4834'. [ 625.457377][T18283] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4834'. [ 625.913736][T18294] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4838'. [ 627.136983][T18320] ERROR: Out of memory at tomoyo_memory_ok. [ 627.490506][T18322] ERROR: Out of memory at tomoyo_memory_ok. [ 628.923684][T18353] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4861'. [ 629.239821][T18362] netlink: 146 bytes leftover after parsing attributes in process `syz.2.4865'. [ 629.594819][T18373] netlink: 25 bytes leftover after parsing attributes in process `syz.1.4867'. [ 629.673475][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.685644][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.881134][T18381] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4871'. [ 630.396136][T18389] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4876'. [ 630.718323][T18401] ovs_: entered promiscuous mode [ 631.192222][T18419] netlink: 'syz.3.4886': attribute type 1 has an invalid length. [ 631.430241][T18423] RDS: rds_bind could not find a transport for fe80::3030:3030:3a30:302f, load rds_tcp or rds_rdma? [ 631.691517][T18429] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4891'. [ 635.778194][T18538] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4919'. [ 635.850630][T18538] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4919'. [ 636.350378][T18552] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4924'. [ 637.057838][ T30] audit: type=1806 audit(4294967407.800:7): xattr="security.apparm" res=0 [ 638.800284][T18615] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4949'. [ 639.464089][T18635] ERROR: Out of memory at tomoyo_memory_ok. [ 639.570637][T18635] vivid-009: ================= START STATUS ================= [ 639.620681][T18635] vivid-009: Enable Output Cropping: true [ 639.635803][T18635] vivid-009: Enable Output Composing: true [ 639.675673][T18635] vivid-009: Enable Output Scaler: true [ 639.680872][T18635] vivid-009: Tx RGB Quantization Range: Automatic [ 639.706120][T18635] vivid-009: Transmit Mode: HDMI [ 639.710691][T18635] vivid-009: Hotplug Present: 0x00000000 [ 639.735720][T18635] vivid-009: RxSense Present: 0x00000000 [ 639.746246][T18635] vivid-009: EDID Present: 0x00000000 [ 639.773677][T18635] vivid-009: ================== END STATUS ================== [ 640.354715][T18667] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4965'. [ 640.450609][T18675] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4967'. [ 641.820002][T18739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4987'. [ 643.004561][T18783] netlink: 74 bytes leftover after parsing attributes in process `syz.1.5003'. [ 645.016333][T18826] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5022'. [ 645.136268][T18830] netlink: 'syz.2.5024': attribute type 1 has an invalid length. [ 645.167568][T18830] netlink: 230 bytes leftover after parsing attributes in process `syz.2.5024'. [ 645.498177][T18834] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5026'. [ 645.580997][T18836] netlink: 322 bytes leftover after parsing attributes in process `syz.3.5027'. [ 646.996946][T18874] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5042'. [ 647.005346][T18874] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5042'. [ 649.578509][T18921] netlink: 322 bytes leftover after parsing attributes in process `syz.1.5060'. [ 650.519005][T18937] netlink: 130 bytes leftover after parsing attributes in process `syz.2.5065'. [ 650.527647][T18939] netlink: 326 bytes leftover after parsing attributes in process `syz.3.5067'. [ 650.585501][T18939] lo: left promiscuous mode [ 650.593487][T18939] lo: left allmulticast mode [ 650.937164][T18948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5071'. [ 650.967575][T18948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5071'. [ 652.618513][T18955] random: crng reseeded on system resumption [ 653.552677][T18980] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5085'. [ 655.386539][T19042] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5107'. [ 655.938745][T19056] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5114'. [ 656.493431][T19078] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5124'. [ 658.124259][T19126] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5140'. [ 658.274155][T19128] ERROR: Out of memory at tomoyo_memory_ok. [ 659.102770][T19151] netlink: 'syz.3.5151': attribute type 33 has an invalid length. [ 659.115222][T19151] netlink: 322 bytes leftover after parsing attributes in process `syz.3.5151'. [ 660.977147][T19183] Process accounting resumed [ 661.396774][T19192] netlink: 'syz.1.5166': attribute type 33 has an invalid length. [ 661.403984][T19192] netlink: 322 bytes leftover after parsing attributes in process `syz.1.5166'. [ 662.098639][T19201] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5178'. [ 662.130823][T19201] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5178'. [ 662.249917][T19207] ERROR: Out of memory at tomoyo_memory_ok. [ 666.328184][T19284] lo: entered allmulticast mode [ 666.426190][T19287] lo: left allmulticast mode [ 667.678698][T19318] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5213'. [ 667.871413][T19322] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5217'. [ 667.882381][T19322] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5217'. [ 669.263154][T19348] netlink: 146 bytes leftover after parsing attributes in process `syz.1.5225'. [ 669.311039][T19346] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5224'. [ 669.648266][T19355] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5227'. [ 672.175773][T19397] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5241'. [ 672.366154][T19399] netlink: 'syz.1.5242': attribute type 1 has an invalid length. [ 673.575056][T19427] ovs_: entered promiscuous mode [ 675.535340][T19460] ovs_: entered promiscuous mode [ 676.600865][T19499] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5283'. [ 676.641701][T19499] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5283'. [ 677.366245][T19511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5289'. [ 677.395136][T19511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5289'. [ 680.190670][T19579] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5312'. [ 680.210112][T19579] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5312'. [ 682.553452][ T5847] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 682.596491][T19643] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5335'. [ 682.676901][T19647] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5336'. [ 682.850116][T19655] netlink: 326 bytes leftover after parsing attributes in process `syz.3.5337'. [ 683.310930][T19675] mkiss: ax0: crc mode is auto. [ 683.692052][T19690] netlink: 338 bytes leftover after parsing attributes in process `syz.2.5349'. [ 683.726755][T19690] IPv6: NLM_F_CREATE should be specified when creating new route [ 684.021138][T19705] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5351'. [ 684.057814][T19706] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5352'. [ 685.076643][T19740] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5373'. [ 685.252899][T19749] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5368'. [ 686.079275][T19778] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5379'. [ 686.278668][T19781] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5382'. [ 686.790096][T19801] ERROR: Out of memory at tomoyo_memory_ok. [ 687.872641][T19837] __nla_validate_parse: 1 callbacks suppressed [ 687.872667][T19837] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5398'. [ 688.674755][T19850] netlink: 326 bytes leftover after parsing attributes in process `syz.3.5405'. [ 691.110492][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.116876][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.551904][T19912] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5429'. [ 692.096402][T19925] netlink: 338 bytes leftover after parsing attributes in process `syz.2.5437'. [ 692.112350][T19925] netlink: 338 bytes leftover after parsing attributes in process `syz.2.5437'. [ 692.346033][T19936] mkiss: ax0: crc mode is auto. [ 692.431913][T19934] netlink: 74 bytes leftover after parsing attributes in process `syz.2.5440'. [ 693.355103][T19959] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5449'. [ 693.376751][T19959] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5449'. [ 693.907073][T19976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5457'. [ 694.276330][T19985] ERROR: Out of memory at tomoyo_memory_ok. [ 694.437097][T19989] netlink: 'syz.2.5461': attribute type 33 has an invalid length. [ 694.451518][T19989] netlink: 322 bytes leftover after parsing attributes in process `syz.2.5461'. [ 694.473000][T19989] netlink: 'syz.2.5461': attribute type 33 has an invalid length. [ 694.490863][T19989] netlink: 322 bytes leftover after parsing attributes in process `syz.2.5461'. [ 694.500845][T19992] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5462'. [ 695.795693][ T5847] Bluetooth: hci0: ISO packet too small [ 696.414385][T20040] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5480'. [ 696.446114][ T30] audit: type=1326 audit(4294967485.193:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20036 comm="syz.2.5482" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f77e2b85d29 code=0x0 [ 698.096150][T20085] netlink: 'syz.1.5500': attribute type 1 has an invalid length. [ 698.103828][T20085] netlink: 306 bytes leftover after parsing attributes in process `syz.1.5500'. [ 698.690227][T20108] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5510'. [ 699.126800][T20120] netlink: 350 bytes leftover after parsing attributes in process `syz.2.5514'. [ 700.372819][T20161] ERROR: Out of memory at tomoyo_memory_ok. [ 700.847737][T20177] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5533'. [ 701.268400][T20190] sctp: [Deprecated]: syz.2.5539 (pid 20190) Use of struct sctp_assoc_value in delayed_ack socket option. [ 701.268400][T20190] Use struct sctp_sack_info instead [ 701.991675][T20210] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5547'. [ 702.429069][T20221] netlink: 'syz.3.5551': attribute type 4 has an invalid length. [ 702.486229][T20221] netlink: 'syz.3.5551': attribute type 4 has an invalid length. [ 703.431291][T20255] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5565'. [ 703.726142][T20261] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5567'. [ 704.183087][T20275] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5572'. [ 704.638107][T20287] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 705.405926][T20302] netlink: 146 bytes leftover after parsing attributes in process `syz.1.5582'. [ 706.029773][T20311] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5584'. [ 706.326581][T20327] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5590'. [ 706.887091][ T5847] Bluetooth: hci2: Malformed Event: 0x2f [ 707.166435][T20350] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5599'. [ 707.216226][T20350] ERROR: Out of memory at tomoyo_memory_ok. [ 707.599162][T20363] mkiss: ax0: crc mode is auto. [ 708.208598][T20383] netlink: 'syz.1.5614': attribute type 28 has an invalid length. [ 708.216481][T20383] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5614'. [ 709.046684][T20410] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5622'. [ 709.153526][T20414] netlink: 306 bytes leftover after parsing attributes in process `syz.3.5624'. [ 709.231262][T20417] ERROR: Out of memory at tomoyo_memory_ok. [ 709.517583][T20419] ERROR: Out of memory at tomoyo_memory_ok. [ 709.768199][T20432] netlink: 'syz.3.5630': attribute type 28 has an invalid length. [ 709.775328][T20432] netlink: 334 bytes leftover after parsing attributes in process `syz.3.5630'. [ 711.444430][T20491] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5653'. [ 712.499647][T20524] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5666'. [ 712.940060][T20538] netlink: 74 bytes leftover after parsing attributes in process `syz.1.5672'. [ 713.337240][T20549] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5678'. [ 713.387326][T20551] syz.3.5677: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 713.432894][T20551] CPU: 1 UID: 0 PID: 20551 Comm: syz.3.5677 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 713.442702][T20551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 713.451830][T20551] Call Trace: [ 713.454542][T20553] netlink: 'syz.2.5680': attribute type 3 has an invalid length. [ 713.454814][T20551] [ 713.454841][T20551] dump_stack_lvl+0x16c/0x1f0 [ 713.469150][T20551] warn_alloc+0x24d/0x3a0 [ 713.473212][T20551] ? __pfx_warn_alloc+0x10/0x10 [ 713.477661][T20551] ? __pfx_mark_lock+0x10/0x10 [ 713.482047][T20551] ? lock_acquire.part.0+0x11b/0x380 [ 713.486898][T20551] __vmalloc_node_range_noprof+0x10df/0x1530 [ 713.492368][T20551] ? rcu_is_watching+0x12/0xc0 [ 713.496742][T20551] ? trace_contention_end+0xee/0x140 [ 713.501581][T20551] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 713.506423][T20551] ? dvb_demux_do_ioctl+0x496/0x1340 [ 713.511272][T20551] ? __pfx___mutex_lock+0x10/0x10 [ 713.515874][T20551] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 713.521662][T20551] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 713.527047][T20551] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 713.531887][T20551] vmalloc_noprof+0x6b/0x90 [ 713.536095][T20551] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 713.540941][T20551] dvb_demux_do_ioctl+0x54d/0x1340 [ 713.545620][T20551] dvb_usercopy+0x165/0x320 [ 713.549754][T20551] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 713.554805][T20551] ? __pfx_dvb_usercopy+0x10/0x10 [ 713.559377][T20551] ? __pfx_lock_release+0x10/0x10 [ 713.563949][T20551] ? __fget_files+0x206/0x3a0 [ 713.568210][T20551] dvb_demux_ioctl+0x29/0x40 [ 713.572560][T20551] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 713.577367][T20551] __x64_sys_ioctl+0x190/0x200 [ 713.581787][T20551] do_syscall_64+0xcd/0x250 [ 713.585904][T20551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.591255][T20551] RIP: 0033:0x7f6841185d29 [ 713.595275][T20551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.612980][T20551] RSP: 002b:00007f6842065038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 713.620596][T20551] RAX: ffffffffffffffda RBX: 00007f6841375fa0 RCX: 00007f6841185d29 [ 713.627837][T20551] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 713.635046][T20551] RBP: 00007f6841201b08 R08: 0000000000000000 R09: 0000000000000000 [ 713.642256][T20551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 713.649481][T20551] R13: 0000000000000000 R14: 00007f6841375fa0 R15: 00007ffd2c1744c8 [ 713.656717][T20551] [ 713.669827][T20551] Mem-Info: [ 713.672967][T20551] active_anon:38549 inactive_anon:0 isolated_anon:0 [ 713.672967][T20551] active_file:7818 inactive_file:51234 isolated_file:0 [ 713.672967][T20551] unevictable:768 dirty:413 writeback:0 [ 713.672967][T20551] slab_reclaimable:6354 slab_unreclaimable:94819 [ 713.672967][T20551] mapped:23629 shmem:31743 pagetables:938 [ 713.672967][T20551] sec_pagetables:0 bounce:0 [ 713.672967][T20551] kernel_misc_reclaimable:0 [ 713.672967][T20551] free:1292371 free_pcp:16549 free_cma:0 [ 713.761843][T20551] Node 0 active_anon:144696kB inactive_anon:0kB active_file:31272kB inactive_file:204864kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:94516kB dirty:1652kB writeback:0kB shmem:116036kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:10556kB pagetables:3752kB sec_pagetables:0kB all_unreclaimable? no [ 713.824027][T20551] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 713.827412][T20549] team0: Port device team_slave_0 removed [ 713.855029][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5681'. [ 713.867790][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5681'. [ 713.882841][T20551] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 713.939429][T20551] lowmem_reserve[]: 0 2465 2466 0 0 [ 713.950363][T20551] Node 0 DMA32 free:1296916kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:125856kB inactive_anon:0kB active_file:31272kB inactive_file:204036kB unevictable:1536kB writepending:1652kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:43696kB local_pcp:21436kB free_cma:0kB [ 713.966488][T20555] netlink: 266 bytes leftover after parsing attributes in process `syz.4.5679'. [ 714.010330][T20551] lowmem_reserve[]: 0 0 0 0 0 [ 714.020259][T20555] IPv6: NLM_F_CREATE should be specified when creating new route [ 714.030820][T20551] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 714.096151][T20551] lowmem_reserve[]: 0 0 0 0 0 [ 714.100802][T20551] Node 1 Normal free:3864544kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:43020kB local_pcp:32576kB free_cma:0kB [ 714.205659][T20551] lowmem_reserve[]: 0 0 0 0 0 [ 714.210051][T20551] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 714.233300][T20551] Node 0 DMA32: 7630*4kB (UME) 876*8kB (UME) 856*16kB (UME) 360*32kB (UME) 145*64kB (UME) 274*128kB (UME) 197*256kB (UME) 68*512kB (UME) 50*1024kB (UME) 7*2048kB (UME) 264*4096kB (UM) = 1339224kB [ 714.251509][T20551] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 714.262452][T20551] Node 1 Normal: 210*4kB (UME) 27*8kB (UME) 42*16kB (UM) 193*32kB (UME) 84*64kB (UME) 32*128kB (UME) 20*256kB (UME) 10*512kB (UM) 3*1024kB (UM) 8*2048kB (UME) 932*4096kB (UM) = 3864544kB [ 714.280148][T20551] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 714.288866][T20551] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 714.297454][T20551] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 714.306346][T20551] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 714.314852][T20551] 77372 total pagecache pages [ 714.319173][T20551] 0 pages in swap cache [ 714.322958][T20551] Free swap = 124616kB [ 714.326885][T20551] Total swap = 124996kB [ 714.330670][T20551] 2097051 pages RAM [ 714.334134][T20551] 0 pages HighMem/MovableOnly [ 714.338629][T20551] 427367 pages reserved [ 714.342416][T20551] 0 pages cma reserved [ 714.810195][T20580] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5691'. [ 714.824515][T20580] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5691'. [ 715.189235][T20587] netlink: 146 bytes leftover after parsing attributes in process `syz.1.5694'. [ 715.445936][T20601] ERROR: Out of memory at tomoyo_memory_ok. [ 716.407718][T20635] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5714'. [ 716.507682][T20637] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 716.513280][T20637] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 716.522763][T20637] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 716.528411][T20637] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 717.818166][T20679] netlink: 326 bytes leftover after parsing attributes in process `syz.4.5730'. [ 718.340872][T20696] netlink: 338 bytes leftover after parsing attributes in process `syz.4.5738'. [ 718.546529][ T5853] Bluetooth: hci0: command 0x0406 tx timeout [ 718.552039][ T5853] Bluetooth: hci3: command 0x0406 tx timeout [ 718.557892][ T5853] Bluetooth: hci2: command 0x0406 tx timeout [ 718.563637][ T5853] Bluetooth: hci1: command 0x0406 tx timeout [ 718.840071][T20714] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5746'. [ 718.909064][T20716] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5745'. [ 719.066801][T20719] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5747'. [ 719.734604][T20737] netlink: 334 bytes leftover after parsing attributes in process `syz.3.5754'. [ 719.948963][T20745] netlink: 146 bytes leftover after parsing attributes in process `syz.3.5757'. [ 720.241304][T20756] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5759'. [ 720.345177][T20759] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5762'. [ 720.663256][T20768] netlink: 306 bytes leftover after parsing attributes in process `syz.1.5766'. [ 720.994709][T20778] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5769'. [ 721.512475][T20794] netlink: 146 bytes leftover after parsing attributes in process `syz.1.5774'. [ 721.560299][T20798] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5776'. [ 721.596365][T20798] : renamed from gre0 (while UP) [ 721.665865][T20798] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5776'. [ 722.495803][T20828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5787'. [ 722.519111][T20828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5787'. [ 723.302189][T20850] netlink: 'syz.1.5795': attribute type 21 has an invalid length. [ 723.749667][T20865] mkiss: ax0: crc mode is auto. [ 724.977745][T20901] netlink: 'syz.2.5815': attribute type 19 has an invalid length. [ 724.984876][T20901] __nla_validate_parse: 3 callbacks suppressed [ 724.984898][T20901] netlink: 114 bytes leftover after parsing attributes in process `syz.2.5815'. [ 725.445229][T20910] syz.1.5818 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 727.313153][T20952] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5832'. [ 727.427173][T20956] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5833'. [ 728.252482][T20977] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5841'. [ 729.077444][T20994] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5848'. [ 729.501254][T20997] netlink: 'syz.1.5850': attribute type 21 has an invalid length. [ 729.525613][T20997] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5850'. [ 730.138749][T21016] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5858'. [ 730.997976][T21037] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5865'. [ 731.267554][T21041] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5867'. [ 731.285754][T21041] IPv6: NLM_F_CREATE should be specified when creating new route [ 731.318649][T21041] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 731.325935][T21041] IPv6: NLM_F_CREATE should be set when creating new route [ 731.332558][T21041] IPv6: NLM_F_CREATE should be set when creating new route [ 732.090802][T21059] netlink: 266 bytes leftover after parsing attributes in process `syz.4.5875'. [ 732.517115][T21075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5881'. [ 732.547257][T21075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5881'. [ 732.791707][T21082] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5884'. [ 732.985201][T21090] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5888'. [ 733.189258][T21099] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5891'. [ 733.722258][T21116] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5898'. [ 735.622369][T21182] __nla_validate_parse: 4 callbacks suppressed [ 735.622396][T21182] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5922'. [ 735.954732][T21190] netlink: 138 bytes leftover after parsing attributes in process `syz.4.5926'. [ 736.237506][T21205] netlink: 'syz.4.5932': attribute type 4 has an invalid length. [ 736.244700][T21205] netlink: 314 bytes leftover after parsing attributes in process `syz.4.5932'. [ 736.643767][T21222] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5939'. [ 737.223317][T21244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5947'. [ 737.245393][T21244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5947'. [ 737.354537][T21246] netlink: 146 bytes leftover after parsing attributes in process `syz.4.5949'. [ 738.002878][T21271] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5957'. [ 738.033219][T21271] veth1_macvtap: left allmulticast mode [ 738.590261][T21304] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5967'. [ 738.785329][T21314] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5969'. [ 739.728317][T21353] unsupported nlmsg_type 40 [ 740.487144][T21386] mkiss: ax0: crc mode is auto. [ 741.785859][T21429] __nla_validate_parse: 4 callbacks suppressed [ 741.786035][T21429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6015'. [ 741.847763][T21429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6015'. [ 742.411610][T21446] netlink: 'syz.4.6019': attribute type 39 has an invalid length. [ 742.434396][T21446] netlink: 'syz.4.6019': attribute type 40 has an invalid length. [ 742.444589][T21446] netlink: 'syz.4.6019': attribute type 41 has an invalid length. [ 742.464107][T21446] netlink: 'syz.4.6019': attribute type 44 has an invalid length. [ 742.475772][T21446] netlink: 'syz.4.6019': attribute type 46 has an invalid length. [ 742.494635][T21446] netlink: 'syz.4.6019': attribute type 47 has an invalid length. [ 742.502320][T21446] netlink: 'syz.4.6019': attribute type 48 has an invalid length. [ 742.519873][T21446] netlink: 'syz.4.6019': attribute type 49 has an invalid length. [ 742.533486][T21446] netlink: 'syz.4.6019': attribute type 50 has an invalid length. [ 742.552762][T21446] netlink: 6 bytes leftover after parsing attributes in process `syz.4.6019'. [ 743.288103][T21472] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6031'. [ 743.314724][T21472] lo: left promiscuous mode [ 743.319438][T21472] lo: left allmulticast mode [ 743.466568][T21477] netlink: 93 bytes leftover after parsing attributes in process `syz.2.6032'. [ 743.469034][T21474] netlink: 93 bytes leftover after parsing attributes in process `syz.2.6032'. [ 743.505117][T21479] netlink: 306 bytes leftover after parsing attributes in process `syz.4.6034'. [ 743.721996][T21487] netlink: 146 bytes leftover after parsing attributes in process `syz.2.6038'. [ 744.178321][T21503] netlink: 504 bytes leftover after parsing attributes in process `syz.1.6043'. [ 744.196671][T21505] netlink: 'syz.2.6044': attribute type 4 has an invalid length. [ 744.214120][T21505] netlink: 314 bytes leftover after parsing attributes in process `syz.2.6044'. [ 745.715747][ T30] audit: type=1800 audit(4294967534.453:9): pid=21543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6052" name="dbroot" dev="configfs" ino=56076 res=0 errno=0 [ 745.728252][T21543] db_root: cannot open:  [ 746.882874][T21572] __nla_validate_parse: 4 callbacks suppressed [ 746.882902][T21572] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6066'. [ 747.276596][T21583] |: mtu less than device minimum [ 748.412385][T21612] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6083'. [ 748.524883][T20706] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 748.546819][T21615] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6084'. [ 749.659918][T21646] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6097'. [ 749.672761][T21646] netlink: 102 bytes leftover after parsing attributes in process `syz.2.6097'. [ 750.113261][T21658] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6101'. [ 750.337208][T21666] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[21666] [ 750.904009][T21677] netlink: 'syz.2.6107': attribute type 17 has an invalid length. [ 750.912293][T21677] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6107'. [ 751.049679][T21681] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6108'. [ 751.574555][T21705] lo: entered promiscuous mode [ 751.639830][T21711] lo: left promiscuous mode [ 751.702271][T21704] netlink: zone id is out of range [ 751.822228][T21704] netlink: zone id is out of range [ 751.868380][T21704] netlink: set zone limit has 8 unknown bytes [ 752.317169][T21732] netlink: 'syz.1.6119': attribute type 4 has an invalid length. [ 752.367028][T21734] netlink: 334 bytes leftover after parsing attributes in process `syz.2.6120'. [ 752.580948][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.588372][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.762555][T21742] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6124'. [ 753.574277][T21773] netlink: 350 bytes leftover after parsing attributes in process `syz.2.6131'. [ 754.577355][T21797] netlink: 146 bytes leftover after parsing attributes in process `syz.4.6140'. [ 754.837374][T21799] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6143'. [ 754.933412][T21803] netlink: 146 bytes leftover after parsing attributes in process `syz.3.6142'. [ 755.007034][T21807] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6145'. [ 756.307053][T21831] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 756.313728][T21831] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 757.272682][T21854] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6161'. [ 757.479818][T21860] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6163'. [ 757.542150][T21857] netlink: 334 bytes leftover after parsing attributes in process `syz.2.6164'. [ 758.195934][T21875] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6170'. [ 758.655574][T21884] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6174'. [ 758.695660][T21779] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 758.898095][T21886] ERROR: Out of memory at tomoyo_memory_ok. [ 759.744660][T21902] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 760.745901][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 760.756723][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 760.771391][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 760.780292][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 760.787458][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 760.794139][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 761.276829][T21916] chnl_net:caif_netlink_parms(): no params data found [ 761.393354][T21928] netlink: 326 bytes leftover after parsing attributes in process `syz.3.6189'. [ 761.708657][T21916] bridge0: port 1(bridge_slave_0) entered blocking state [ 761.715363][T21916] bridge0: port 1(bridge_slave_0) entered disabled state [ 761.723170][T21916] bridge_slave_0: entered allmulticast mode [ 761.733610][T21916] bridge_slave_0: entered promiscuous mode [ 761.750378][T21916] bridge0: port 2(bridge_slave_1) entered blocking state [ 761.760913][T21916] bridge0: port 2(bridge_slave_1) entered disabled state [ 761.775752][T21916] bridge_slave_1: entered allmulticast mode [ 761.784392][T21916] bridge_slave_1: entered promiscuous mode [ 761.855577][T21942] ERROR: Out of memory at tomoyo_memory_ok. [ 761.950973][T21916] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 761.984741][T21916] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 762.122941][T21916] team0: Port device team_slave_0 added [ 762.156448][T21916] team0: Port device team_slave_1 added [ 762.361289][T21916] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 762.375935][T21916] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 762.405997][T21916] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 762.419753][T21916] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 762.431794][T21916] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 762.459027][T21916] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 762.551440][T21916] hsr_slave_0: entered promiscuous mode [ 762.565323][T21916] hsr_slave_1: entered promiscuous mode [ 762.576198][T21916] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 762.594500][T21916] Cannot create hsr debugfs directory [ 762.763513][T21957] netlink: 146 bytes leftover after parsing attributes in process `syz.2.6200'. [ 762.865661][ T5847] Bluetooth: hci1: command tx timeout [ 762.963709][T21916] 8021q: adding VLAN 0 to HW filter on device bond0 [ 763.160251][T21916] 8021q: adding VLAN 0 to HW filter on device team0 [ 763.185834][ T3012] bridge0: port 1(bridge_slave_0) entered blocking state [ 763.192362][ T3012] bridge0: port 1(bridge_slave_0) entered forwarding state [ 763.213405][ T3012] bridge0: port 2(bridge_slave_1) entered blocking state [ 763.220009][ T3012] bridge0: port 2(bridge_slave_1) entered forwarding state [ 763.488620][T21975] HfR: entered promiscuous mode [ 763.505908][T21975] openvswitch: HfR: Dropping previously announced user features [ 763.524663][T21975] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6206'. [ 763.715943][T21916] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 764.080542][T21916] veth0_vlan: entered promiscuous mode [ 764.106398][T21916] veth1_vlan: entered promiscuous mode [ 764.141404][T21916] veth0_macvtap: entered promiscuous mode [ 764.151850][T21916] veth1_macvtap: entered promiscuous mode [ 764.174824][T21916] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 764.189801][T21916] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 764.278856][ T3003] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.291888][ T3003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.330542][ T1329] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.338020][ T1329] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.448935][T22000] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6184'. [ 764.460318][T22000] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6184'. [ 764.599356][T22005] netlink: 326 bytes leftover after parsing attributes in process `syz.5.6212'. [ 764.805314][T22010] random: crng reseeded on system resumption [ 764.946361][ T5847] Bluetooth: hci1: command tx timeout [ 765.095139][T22019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6218'. [ 766.421369][T22051] netlink: 'syz.2.6228': attribute type 27 has an invalid length. [ 766.439661][T22051] netlink: 334 bytes leftover after parsing attributes in process `syz.2.6228'. [ 766.923022][T22056] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6231'. [ 766.944021][T22056] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6231'. [ 767.025642][ T5847] Bluetooth: hci1: command tx timeout [ 767.837737][T22073] netlink: 266 bytes leftover after parsing attributes in process `syz.5.6238'. [ 767.859218][T22073] IPv6: NLM_F_CREATE should be specified when creating new route [ 768.986731][T22093] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6246'. [ 769.129926][ T5847] Bluetooth: hci1: command tx timeout [ 769.741941][T22118] netlink: 1 bytes leftover after parsing attributes in process `syz.4.6256'. [ 769.925250][T22119] netlink: 146 bytes leftover after parsing attributes in process `syz.3.6255'. [ 770.011028][T22125] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6258'. [ 770.020590][T22125] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6258'. [ 770.045197][T22125] netlink: 210 bytes leftover after parsing attributes in process `syz.2.6258'. [ 770.336282][T22130] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(3) [ 770.570966][T22139] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 770.715390][T22146] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6267'. [ 770.750081][T22146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6267'. [ 770.970425][T22152] sctp: [Deprecated]: syz.5.6270 (pid 22152) Use of int in maxseg socket option. [ 770.970425][T22152] Use struct sctp_assoc_value instead [ 771.406820][T22168] netlink: 'syz.4.6276': attribute type 1 has an invalid length. [ 771.415249][T22168] netlink: 306 bytes leftover after parsing attributes in process `syz.4.6276'. [ 774.255623][T22234] __nla_validate_parse: 2 callbacks suppressed [ 774.255651][T22234] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6301'. [ 775.089927][T22246] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6306'. [ 775.248072][ T5847] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 775.445691][T22253] netlink: 'syz.5.6308': attribute type 33 has an invalid length. [ 775.452900][T22253] netlink: 322 bytes leftover after parsing attributes in process `syz.5.6308'. [ 775.477308][T22253] netlink: 'syz.5.6308': attribute type 33 has an invalid length. [ 775.484452][T22253] netlink: 322 bytes leftover after parsing attributes in process `syz.5.6308'. [ 775.607986][T22258] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6310'. [ 775.900635][T22272] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6315'. [ 776.442228][T22280] netlink: 'syz.2.6319': attribute type 4 has an invalid length. [ 776.463407][T22280] netlink: 'syz.2.6319': attribute type 4 has an invalid length. [ 777.060209][T22295] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6326'. [ 777.377637][T22301] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 777.576434][T22307] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6330'. [ 777.984352][T22315] netlink: 334 bytes leftover after parsing attributes in process `syz.3.6332'. [ 781.559722][T22370] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6350'. [ 782.336836][T22377] netlink: 'syz.3.6354': attribute type 28 has an invalid length. [ 782.378332][T22377] netlink: 334 bytes leftover after parsing attributes in process `syz.3.6354'. [ 782.903024][T22394] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6360'. [ 782.973940][T22397] netlink: 306 bytes leftover after parsing attributes in process `syz.5.6361'. [ 783.199839][T22404] netlink: 'syz.5.6364': attribute type 28 has an invalid length. [ 783.216223][T22404] netlink: 334 bytes leftover after parsing attributes in process `syz.5.6364'. [ 783.818616][T22420] [U] [ 783.821443][T22420] [U] [ 783.823944][T22420] [U] [ 783.826454][T22420] [U] [ 783.875930][T22420] [U] [ 783.878485][T22420] [U] [ 783.880993][T22420] [U] [ 783.883497][T22420] [U] [ 783.918580][T22420] [U] [ 783.921131][T22420] [U] [ 783.923635][T22420] [U] [ 783.926143][T22420] [U] [ 783.958287][T22423] [U] [ 784.983485][T22450] netlink: 334 bytes leftover after parsing attributes in process `syz.5.6383'. [ 786.259978][T22486] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6399'. [ 786.841977][T22504] netlink: 74 bytes leftover after parsing attributes in process `syz.3.6405'. [ 787.131011][T22512] netlink: 'syz.4.6409': attribute type 3 has an invalid length. [ 787.187051][T22514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6410'. [ 787.207957][T22514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6410'. [ 787.425699][T22520] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6411'. [ 787.427324][T22518] netlink: 266 bytes leftover after parsing attributes in process `syz.2.6413'. [ 787.793982][T22520] |: Port device team_slave_0 removed [ 788.176668][T22536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6419'. [ 788.218917][T22536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6419'. [ 788.778137][T22553] ERROR: Out of memory at tomoyo_memory_ok. [ 788.818256][T22545] netlink: 146 bytes leftover after parsing attributes in process `syz.2.6424'. [ 790.057459][T22581] netlink: 326 bytes leftover after parsing attributes in process `syz.5.6439'. [ 790.330925][T22590] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 790.346592][T22590] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 790.367389][T22590] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 790.375089][T22590] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 790.382176][T22590] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 790.456457][T22590] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 791.236971][T22616] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6453'. [ 791.801495][T22623] netlink: 'syz.4.6464': attribute type 21 has an invalid length. [ 792.403598][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout [ 792.408533][T20706] Bluetooth: hci0: command 0x0406 tx timeout [ 792.409526][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 792.414828][T20706] Bluetooth: hci2: command 0x0406 tx timeout [ 792.483271][T22645] __nla_validate_parse: 1 callbacks suppressed [ 792.483295][T22645] netlink: 334 bytes leftover after parsing attributes in process `syz.3.6462'. [ 793.172603][T22659] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6471'. [ 793.448147][T22671] netlink: 306 bytes leftover after parsing attributes in process `syz.2.6474'. [ 793.658549][T22675] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6475'. [ 793.669694][T22677] netlink: 146 bytes leftover after parsing attributes in process `syz.4.6476'. [ 793.810169][T22683] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6479'. [ 794.140781][T22694] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6483'. [ 794.465689][T22642] Bluetooth: hci1: command 0x0c1a tx timeout [ 794.734596][T22711] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6490'. [ 794.865887][T22712] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6491'. [ 794.874121][T22712] IPv6: NLM_F_CREATE should be specified when creating new route [ 795.129827][T22719] netlink: 138 bytes leftover after parsing attributes in process `syz.3.6503'. [ 796.545687][T22642] Bluetooth: hci1: command 0x0c1a tx timeout [ 797.171656][T22771] lo: entered promiscuous mode [ 797.180550][T22771] lo: entered allmulticast mode [ 797.686497][T22788] __nla_validate_parse: 6 callbacks suppressed [ 797.686524][T22788] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6520'. [ 798.766343][T22820] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6528'. [ 798.983648][T22831] netlink: 334 bytes leftover after parsing attributes in process `syz.3.6530'. [ 799.278743][T22846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6533'. [ 800.804109][T22898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6552'. [ 800.828771][T22898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6552'. [ 800.960808][T22901] netlink: 326 bytes leftover after parsing attributes in process `syz.3.6555'. [ 801.584009][T22918] netlink: 'syz.2.6562': attribute type 39 has an invalid length. [ 801.634031][T22918] netlink: 'syz.2.6562': attribute type 40 has an invalid length. [ 801.667882][T22918] netlink: 'syz.2.6562': attribute type 41 has an invalid length. [ 801.696003][T22918] netlink: 'syz.2.6562': attribute type 44 has an invalid length. [ 801.699154][T22920] netlink: 306 bytes leftover after parsing attributes in process `syz.5.6563'. [ 801.713425][T22918] netlink: 'syz.2.6562': attribute type 46 has an invalid length. [ 801.732173][T22918] netlink: 'syz.2.6562': attribute type 47 has an invalid length. [ 801.762991][T22918] netlink: 'syz.2.6562': attribute type 48 has an invalid length. [ 801.791360][T22918] netlink: 'syz.2.6562': attribute type 49 has an invalid length. [ 801.835504][T22918] netlink: 'syz.2.6562': attribute type 50 has an invalid length. [ 801.862563][T22918] netlink: 6 bytes leftover after parsing attributes in process `syz.2.6562'. [ 802.358315][T22932] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6576'. [ 802.786034][T22941] __nla_validate_parse: 2 callbacks suppressed [ 802.786060][T22941] netlink: 74 bytes leftover after parsing attributes in process `syz.4.6571'. [ 802.973183][T22952] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6575'. [ 803.280983][T22961] netlink: 'syz.4.6580': attribute type 4 has an invalid length. [ 803.289748][T22961] netlink: 314 bytes leftover after parsing attributes in process `syz.4.6580'. [ 803.595670][T22962] netlink: 93 bytes leftover after parsing attributes in process `syz.5.6581'. [ 803.784169][T22973] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6584'. [ 803.866260][T22973] veth0_vlan: left promiscuous mode [ 804.176943][T22981] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6587'. [ 804.474218][T22986] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6588'. [ 804.889471][T22998] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6592'. [ 805.002967][T23000] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6603'. [ 805.062051][T23000] netlink: 114 bytes leftover after parsing attributes in process `syz.4.6603'. [ 805.665879][T23017] |: mtu less than device minimum [ 805.891319][ T30] audit: type=1800 audit(4294967594.633:10): pid=23020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6596" name="dbroot" dev="configfs" ino=62545 res=0 errno=0 [ 805.930872][T23020] db_root: cannot open:  [ 806.607292][T23030] netlink: 'syz.4.6615': attribute type 4 has an invalid length. [ 808.259326][T23068] netlink: zone id is out of range [ 808.504760][T23068] netlink: zone id is out of range [ 808.609833][T23068] netlink: set zone limit has 8 unknown bytes [ 808.858790][T23095] __nla_validate_parse: 3 callbacks suppressed [ 808.858816][T23095] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6634'. [ 810.212362][T23139] netlink: 146 bytes leftover after parsing attributes in process `syz.2.6637'. [ 811.411456][T23162] netlink: 334 bytes leftover after parsing attributes in process `syz.3.6643'. [ 812.232766][T23177] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6647'. [ 812.922554][T23196] netlink: 326 bytes leftover after parsing attributes in process `syz.4.6658'. [ 813.169787][T23202] netlink: 146 bytes leftover after parsing attributes in process `syz.3.6659'. [ 813.988954][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.994726][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.057101][T23231] HfR: entered promiscuous mode [ 814.083136][T23231] openvswitch: HfR: Dropping previously announced user features [ 814.113006][T23231] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6671'. [ 815.573897][ T5853] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 815.587493][ T5853] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 815.595025][ T5853] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 815.613751][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 815.625342][ T5853] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 815.633447][ T5853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 815.911001][T23246] chnl_net:caif_netlink_parms(): no params data found [ 816.039342][T23252] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6678'. [ 816.207176][T23246] bridge0: port 1(bridge_slave_0) entered blocking state [ 816.228963][T23246] bridge0: port 1(bridge_slave_0) entered disabled state [ 816.245661][T23246] bridge_slave_0: entered allmulticast mode [ 816.263695][T23246] bridge_slave_0: entered promiscuous mode [ 816.275117][T23246] bridge0: port 2(bridge_slave_1) entered blocking state [ 816.291563][T23246] bridge0: port 2(bridge_slave_1) entered disabled state [ 816.301380][T23246] bridge_slave_1: entered allmulticast mode [ 816.314029][T23246] bridge_slave_1: entered promiscuous mode [ 816.381163][T23246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 816.399832][T23246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 816.449659][T23246] team0: Port device team_slave_0 added [ 816.462040][T23246] team0: Port device team_slave_1 added [ 816.512006][T23246] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 816.521188][T23246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 816.568227][T23246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 816.591822][T23246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 816.599847][T23246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 816.635509][T23246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 817.022672][T23246] hsr_slave_0: entered promiscuous mode [ 817.037327][T23246] hsr_slave_1: entered promiscuous mode [ 817.071633][T23246] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 817.086285][T23246] Cannot create hsr debugfs directory [ 817.560660][T23246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 817.603101][T23246] 8021q: adding VLAN 0 to HW filter on device team0 [ 817.643455][ T3003] bridge0: port 1(bridge_slave_0) entered blocking state [ 817.649960][ T3003] bridge0: port 1(bridge_slave_0) entered forwarding state [ 817.665591][ T5853] Bluetooth: hci1: command tx timeout [ 817.699753][ T3003] bridge0: port 2(bridge_slave_1) entered blocking state [ 817.706263][ T3003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 818.155301][T23246] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 818.483530][T23246] veth0_vlan: entered promiscuous mode [ 818.500194][T23246] veth1_vlan: entered promiscuous mode [ 818.534532][T23246] veth0_macvtap: entered promiscuous mode [ 818.549774][T23246] veth1_macvtap: entered promiscuous mode [ 818.571934][T23246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 818.584348][T23246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 818.595112][T23246] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 818.614001][T23246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 818.628200][T23246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 818.639412][T23246] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 818.726110][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 818.726138][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 818.763649][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 818.777363][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 818.960398][T23304] netlink: 146 bytes leftover after parsing attributes in process `syz.3.6703'. [ 819.272693][T23311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6696'. [ 819.349663][T23311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6696'. [ 819.747181][ T5853] Bluetooth: hci1: command tx timeout [ 820.019374][T23330] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6704'. [ 820.195735][T23334] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6707'. [ 820.208680][T23334] ERROR: Out of memory at tomoyo_memory_ok. [ 820.595562][T23348] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6711'. [ 820.628206][T23348] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6711'. [ 820.837580][T23354] netlink: 350 bytes leftover after parsing attributes in process `syz.4.6714'. [ 821.827359][ T5853] Bluetooth: hci1: command tx timeout [ 822.928979][T23402] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6730'. [ 823.714792][T23419] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6739'. [ 823.906247][ T5853] Bluetooth: hci1: command tx timeout [ 825.723620][T23463] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6747'. [ 827.401998][T23497] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6759'. [ 831.675690][T23557] [U] [ 831.678245][T23557] [U] [ 831.680756][T23557] [U] [ 831.683263][T23557] [U] [ 831.699882][T23557] [U] [ 831.702423][T23557] [U] [ 831.704926][T23557] [U] [ 831.707437][T23557] [U] [ 831.716457][T23557] [U] [ 831.719002][T23557] [U] [ 831.721514][T23557] [U] [ 831.724026][T23557] [U] [ 831.733440][T23557] [U] [ 831.735977][T23557] [U] [ 831.738486][T23557] [U] [ 831.740986][T23557] [U] [ 831.786381][T23557] [U] [ 831.788924][T23557] [U] [ 831.791500][T23557] [U] [ 831.794011][T23557] [U] [ 831.805797][T23561] [U] [ 835.626841][T23640] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6804'. [ 837.121421][T23661] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6813'. [ 838.580898][T23699] netlink: 'syz.3.6829': attribute type 4 has an invalid length. [ 838.588639][T23699] netlink: 314 bytes leftover after parsing attributes in process `syz.3.6829'. [ 839.357396][T23720] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6836'. [ 839.529816][T23725] netlink: 326 bytes leftover after parsing attributes in process `syz.4.6838'. [ 839.713886][T23729] netlink: 326 bytes leftover after parsing attributes in process `syz.6.6839'. [ 839.924920][T23734] netlink: 326 bytes leftover after parsing attributes in process `syz.4.6841'. [ 840.665205][T23749] netlink: 'syz.4.6845': attribute type 5 has an invalid length. [ 840.695920][T23749] netlink: 314 bytes leftover after parsing attributes in process `syz.4.6845'. [ 844.702669][T23815] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6870'. [ 844.849982][T23815] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6870'. [ 845.831549][T23854] netlink: 206 bytes leftover after parsing attributes in process `syz.4.6878'. [ 846.139414][T23857] netlink: 4755 bytes leftover after parsing attributes in process `syz.3.6877'. [ 846.726675][T23875] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6884'. [ 847.001223][T23878] netlink: 'syz.2.6885': attribute type 1 has an invalid length. [ 850.410276][T23902] netlink: 'syz.6.6893': attribute type 20 has an invalid length. [ 850.439982][T23902] netlink: 330 bytes leftover after parsing attributes in process `syz.6.6893'. [ 850.485558][T23902] IPv6: NLM_F_CREATE should be specified when creating new route [ 850.595048][T23906] ERROR: Out of memory at tomoyo_memory_ok. [ 852.680223][T23964] netlink: 326 bytes leftover after parsing attributes in process `syz.6.6907'. [ 852.738658][T23964] veth0_macvtap: left promiscuous mode [ 852.876689][T23968] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6908'. [ 853.070088][T23974] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6910'. [ 853.085771][T23974] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6910'. [ 853.572563][T23992] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6918'. [ 854.051704][T24006] netlink: 244 bytes leftover after parsing attributes in process `syz.3.6923'. [ 854.559328][T24017] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6927'. [ 854.824966][T24023] netlink: 'syz.2.6929': attribute type 1 has an invalid length. [ 854.850595][T24023] netlink: 53 bytes leftover after parsing attributes in process `syz.2.6929'. [ 854.883057][T24023] netlink: 'syz.2.6929': attribute type 1 has an invalid length. [ 854.932939][T24023] netlink: 53 bytes leftover after parsing attributes in process `syz.2.6929'. [ 854.957219][T24026] netlink: 314 bytes leftover after parsing attributes in process `syz.4.6930'. [ 857.790734][T24093] __nla_validate_parse: 3 callbacks suppressed [ 857.790759][T24093] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6956'. [ 858.104990][T24105] netlink: 330 bytes leftover after parsing attributes in process `syz.6.6961'. [ 858.528078][T24119] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6967'. [ 858.571708][T24119] veth1_macvtap: left allmulticast mode [ 858.608133][T24121] netlink: 146 bytes leftover after parsing attributes in process `syz.6.6968'. [ 858.784204][T24123] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6969'. [ 858.855344][T24125] netlink: 'syz.6.6971': attribute type 28 has an invalid length. [ 858.884391][T24125] netlink: 'syz.6.6971': attribute type 29 has an invalid length. [ 858.894497][T24125] netlink: 'syz.6.6971': attribute type 30 has an invalid length. [ 858.906705][T24125] netlink: 'syz.6.6971': attribute type 31 has an invalid length. [ 858.917163][T24125] netlink: 'syz.6.6971': attribute type 32 has an invalid length. [ 858.924688][T24125] netlink: 'syz.6.6971': attribute type 33 has an invalid length. [ 858.932763][T24125] netlink: 'syz.6.6971': attribute type 35 has an invalid length. [ 858.955871][T24125] netlink: 'syz.6.6971': attribute type 37 has an invalid length. [ 858.975586][T24125] netlink: 18 bytes leftover after parsing attributes in process `syz.6.6971'. [ 859.133876][T24136] netlink: 330 bytes leftover after parsing attributes in process `syz.6.6976'. [ 859.609673][T24149] netlink: 314 bytes leftover after parsing attributes in process `syz.6.6980'. [ 859.847732][T24151] netlink: 146 bytes leftover after parsing attributes in process `syz.3.6982'. [ 859.897596][T24159] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6984'. [ 860.625946][T24185] validate_nla: 5 callbacks suppressed [ 860.625972][T24185] netlink: 'syz.4.6993': attribute type 2 has an invalid length. [ 861.433929][T24213] IPv6: Can't replace route, no match found [ 861.595175][T24219] netlink: 'syz.6.7006': attribute type 19 has an invalid length. [ 863.124226][T24282] netlink: 'syz.3.7032': attribute type 4 has an invalid length. [ 864.162189][T24322] netlink: 'syz.3.7047': attribute type 5 has an invalid length. [ 864.169424][T24322] __nla_validate_parse: 9 callbacks suppressed [ 864.169445][T24322] netlink: 314 bytes leftover after parsing attributes in process `syz.3.7047'. [ 866.287661][T24357] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7060'. [ 866.296910][T24359] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7061'. [ 869.853924][T24423] netlink: 146 bytes leftover after parsing attributes in process `syz.3.7083'. [ 870.121779][T24435] netlink: 330 bytes leftover after parsing attributes in process `syz.2.7089'. [ 870.261670][T24436] netlink: 146 bytes leftover after parsing attributes in process `syz.4.7088'. [ 870.387205][T24446] netlink: 350 bytes leftover after parsing attributes in process `syz.3.7093'. [ 870.779603][T24453] netlink: zone id is out of range [ 870.891425][T24460] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7098'. [ 870.906884][T24453] netlink: zone id is out of range [ 870.960274][T24453] netlink: set zone limit has 8 unknown bytes [ 871.379354][T24475] netlink: 342 bytes leftover after parsing attributes in process `syz.6.7104'. [ 871.730442][T24483] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7107'. [ 872.218829][T24492] netlink: 504 bytes leftover after parsing attributes in process `syz.3.7112'. [ 873.480032][T24533] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7128'. [ 874.005496][T24545] netlink: 330 bytes leftover after parsing attributes in process `syz.2.7132'. [ 874.079935][T24543] blktrace: Concurrent blktraces are not allowed on sg0 [ 874.926063][T24575] __nla_validate_parse: 5 callbacks suppressed [ 874.926092][T24575] netlink: 326 bytes leftover after parsing attributes in process `syz.2.7143'. [ 875.428610][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.437136][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 875.591406][T24597] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7155'. [ 875.876963][T24606] sctp: [Deprecated]: syz.2.7157 (pid 24606) Use of int in maxseg socket option. [ 875.876963][T24606] Use struct sctp_assoc_value instead [ 876.607339][T24616] netlink: 326 bytes leftover after parsing attributes in process `syz.4.7163'. [ 876.862928][T24622] netlink: 'syz.4.7165': attribute type 19 has an invalid length. [ 876.898036][T24622] netlink: 114 bytes leftover after parsing attributes in process `syz.4.7165'. [ 877.536001][T24640] netlink: 1 bytes leftover after parsing attributes in process `syz.3.7172'. [ 878.088060][T24646] ERROR: Out of memory at tomoyo_memory_ok. [ 880.007025][T24671] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7182'. [ 880.126260][T24671] veth1_macvtap: left promiscuous mode [ 881.045593][T24689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7190'. [ 881.566310][T24701] ERROR: Out of memory at tomoyo_memory_ok. [ 881.808514][T24703] ERROR: Out of memory at tomoyo_memory_ok. [ 882.423179][T24711] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7196'. [ 886.177043][T24734] netlink: 322 bytes leftover after parsing attributes in process `syz.6.7206'. [ 886.421144][T24742] mkiss: ax0: crc mode is auto. [ 889.259577][T24802] HfR: entered promiscuous mode [ 889.294191][T24802] openvswitch: HfR: Dropping previously announced user features [ 889.321808][T24802] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7232'. [ 891.427008][T24831] ERROR: Out of memory at tomoyo_memory_ok. [ 891.499901][T24835] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7242'. [ 892.304677][T24852] HfR: entered promiscuous mode [ 892.312503][T24854] openvswitch: HfR: Dropping previously announced user features [ 892.328786][T24852] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7244'. [ 893.977495][T24885] netlink: 330 bytes leftover after parsing attributes in process `syz.2.7256'. [ 894.160459][T24894] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7257'. [ 894.401322][T24897] openvswitch: HfR: Dropping previously announced user features [ 894.414392][T24897] openvswitch: HfR: Dropping previously announced user features [ 894.429280][T24897] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7259'. [ 895.113602][T24915] netlink: 'syz.4.7268': attribute type 8 has an invalid length. [ 895.131330][T24915] netlink: 'syz.4.7268': attribute type 9 has an invalid length. [ 895.149835][T24915] netlink: 162 bytes leftover after parsing attributes in process `syz.4.7268'. [ 895.488949][T24927] netlink: 'syz.2.7271': attribute type 4 has an invalid length. [ 895.515605][T24927] netlink: 314 bytes leftover after parsing attributes in process `syz.2.7271'. [ 897.523565][T24938] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7276'. [ 897.576628][T24938] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7276'. [ 897.820284][T24949] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7279'. [ 897.925984][T24942] ptrace attach of "./syz-executor exec"[23246] was attempted by "./syz-executor exec"[24942] [ 900.288383][T24975] netlink: 146 bytes leftover after parsing attributes in process `syz.4.7286'. [ 900.663549][T24983] netlink: 326 bytes leftover after parsing attributes in process `syz.4.7289'. [ 900.736064][T24983] bridge0: port 2(bridge_slave_1) entered disabled state [ 900.742765][T24983] bridge0: port 1(bridge_slave_0) entered disabled state [ 901.368002][T24992] ptrace attach of "./syz-executor exec"[6506] was attempted by "./syz-executor exec"[24992] [ 901.970308][T24997] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7290'. [ 904.908153][T25030] netlink: 342 bytes leftover after parsing attributes in process `syz.2.7301'. [ 904.930690][T25032] netlink: 330 bytes leftover after parsing attributes in process `syz.6.7299'. [ 905.465009][T25042] blktrace: Concurrent blktraces are not allowed on sg0 [ 906.882717][T25075] sp0: Synchronizing with TNC [ 907.215827][T25089] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7323'. [ 907.275237][T25086] netlink: 'syz.2.7321': attribute type 33 has an invalid length. [ 907.292268][T25086] netlink: 322 bytes leftover after parsing attributes in process `syz.2.7321'. [ 907.517253][T25094] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7325'. [ 907.983659][T25110] netlink: 222 bytes leftover after parsing attributes in process `syz.3.7329'. [ 908.009625][T25110] netlink: 222 bytes leftover after parsing attributes in process `syz.3.7329'. [ 908.073598][T25112] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7331'. [ 908.802721][T25130] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7337'. [ 912.242936][T25200] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7372'. [ 912.299337][T25200] netlink: 102 bytes leftover after parsing attributes in process `syz.4.7372'. [ 912.515490][T25206] netlink: 334 bytes leftover after parsing attributes in process `syz.6.7364'. [ 913.971580][T25242] netlink: 330 bytes leftover after parsing attributes in process `syz.2.7380'. [ 915.008865][T25279] netlink: 146 bytes leftover after parsing attributes in process `syz.2.7394'. [ 915.790827][T25303] netlink: 'syz.6.7404': attribute type 27 has an invalid length. [ 915.808072][T25303] netlink: 'syz.6.7404': attribute type 28 has an invalid length. [ 915.871926][T25303] netlink: 'syz.6.7404': attribute type 29 has an invalid length. [ 915.920896][T25303] netlink: 'syz.6.7404': attribute type 30 has an invalid length. [ 915.959699][T25303] netlink: 'syz.6.7404': attribute type 31 has an invalid length. [ 916.005402][T25303] netlink: 'syz.6.7404': attribute type 32 has an invalid length. [ 916.031256][T25303] netlink: 'syz.6.7404': attribute type 33 has an invalid length. [ 916.045402][T25303] netlink: 'syz.6.7404': attribute type 35 has an invalid length. [ 916.062826][T25303] netlink: 'syz.6.7404': attribute type 37 has an invalid length. [ 916.075427][T25303] netlink: 'syz.6.7404': attribute type 39 has an invalid length. [ 916.082540][T25303] netlink: 14 bytes leftover after parsing attributes in process `syz.6.7404'. [ 917.152690][T25335] netlink: 322 bytes leftover after parsing attributes in process `syz.2.7415'. [ 917.583444][T25346] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7419'. [ 918.999636][T25381] netlink: 50 bytes leftover after parsing attributes in process `syz.6.7431'. [ 921.258181][T25434] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr [ 922.696181][T25479] sock: sock_set_timeout: `syz.2.7468' (pid 25479) tries to set negative timeout [ 924.924922][T25519] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7484'. [ 925.638025][T25532] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:0: corrupted in-inode xattr: bad magic number in in-inode xattr [ 925.668513][T25533] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:0: corrupted in-inode xattr: bad magic number in in-inode xattr [ 925.978388][T25538] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:11: corrupted in-inode xattr: bad magic number in in-inode xattr [ 926.320494][T25543] netlink: 334 bytes leftover after parsing attributes in process `syz.3.7492'. [ 927.306073][T25557] netlink: 314 bytes leftover after parsing attributes in process `syz.4.7498'. [ 927.567040][T25566] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:3: corrupted in-inode xattr: bad magic number in in-inode xattr [ 928.169306][T25579] netlink: 326 bytes leftover after parsing attributes in process `syz.4.7507'. [ 929.549771][T25603] netlink: 338 bytes leftover after parsing attributes in process `syz.4.7516'. [ 929.988629][T25611] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:3: corrupted in-inode xattr: bad magic number in in-inode xattr [ 930.183975][T25614] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:3: corrupted in-inode xattr: bad magic number in in-inode xattr [ 930.848061][T25631] netlink: 130 bytes leftover after parsing attributes in process `syz.4.7528'. [ 931.157451][T25641] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7533'. [ 931.966859][T25655] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7537'. [ 932.849859][T25665] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7540'. [ 932.882435][T25665] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7540'. [ 933.162260][T25671] validate_nla: 2 callbacks suppressed [ 933.162286][T25671] netlink: 'syz.4.7550': attribute type 4 has an invalid length. [ 933.178927][T25671] netlink: 314 bytes leftover after parsing attributes in process `syz.4.7550'. [ 933.842209][T25684] netlink: 206 bytes leftover after parsing attributes in process `syz.4.7547'. [ 934.506660][T25699] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:3: corrupted in-inode xattr: bad magic number in in-inode xattr [ 935.546296][T25716] [ 935.548506][T25716] ====================================================== [ 935.554861][T25716] WARNING: possible circular locking dependency detected [ 935.561232][T25716] 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 Not tainted [ 935.568230][T25716] ------------------------------------------------------ [ 935.574590][T25716] syz.6.7559/25716 is trying to acquire lock: [ 935.576842][T25719] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:11: corrupted in-inode xattr: bad magic number in in-inode xattr [ 935.580077][T25716] ffff888148ccd9c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x750 [ 935.603596][T25716] [ 935.603596][T25716] but task is already holding lock: [ 935.610364][T25716] ffff88804061ed20 (&mm->mmap_lock){++++}-{4:4}, at: faultin_page_range+0x348/0x980 [ 935.618936][T25716] [ 935.618936][T25716] which lock already depends on the new lock. [ 935.618936][T25716] [ 935.628422][T25716] [ 935.628422][T25716] the existing dependency chain (in reverse order) is: [ 935.636583][T25716] [ 935.636583][T25716] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 935.643719][T25716] __might_fault+0x11b/0x190 [ 935.648561][T25716] _copy_from_user+0x29/0xd0 [ 935.653241][T25716] __blk_trace_setup+0xa8/0x180 [ 935.658146][T25716] blk_trace_setup+0x47/0x70 [ 935.662814][T25716] sg_ioctl+0x7a3/0x26b0 [ 935.667170][T25716] __x64_sys_ioctl+0x190/0x200 [ 935.671984][T25716] do_syscall_64+0xcd/0x250 [ 935.676573][T25716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.682454][T25716] [ 935.682454][T25716] -> #4 (&q->debugfs_mutex){+.+.}-{4:4}: [ 935.689607][T25716] __mutex_lock+0x19b/0xa60 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 935.694194][T25716] blk_mq_init_sched+0x42b/0x640 [ 935.699181][T25716] elevator_init_mq+0x2cd/0x420 [ 935.704177][T25716] add_disk_fwnode+0x113/0x1300 [ 935.709089][T25716] sd_probe+0xa66/0xfa0 [ 935.713369][T25716] really_probe+0x23e/0xa90 [ 935.717956][T25716] __driver_probe_device+0x1de/0x440 [ 935.723232][T25716] driver_probe_device+0x4c/0x1b0 [ 935.728270][T25716] __device_attach_driver+0x1df/0x310 [ 935.733636][T25716] bus_for_each_drv+0x157/0x1e0 [ 935.738509][T25716] __device_attach_async_helper+0x1d3/0x290 [ 935.744543][T25716] async_run_entry_fn+0x9c/0x530 [ 935.749654][T25716] process_one_work+0x958/0x1b30 [ 935.754615][T25716] worker_thread+0x6c8/0xf00 [ 935.759252][T25716] kthread+0x2c1/0x3a0 [ 935.763424][T25716] ret_from_fork+0x45/0x80 [ 935.767899][T25716] ret_from_fork_asm+0x1a/0x30 [ 935.772707][T25716] [ 935.772707][T25716] -> #3 (&q->q_usage_counter(queue)#50){++++}-{0:0}: [ 935.780751][T25716] blk_queue_enter+0x50f/0x640 [ 935.785586][T25716] blk_mq_alloc_request+0x59b/0x950 [ 935.790797][T25716] scsi_execute_cmd+0x1f1/0xff0 [ 935.795721][T25716] read_capacity_16+0x21a/0xe20 [ 935.800660][T25716] sd_revalidate_disk.isra.0+0x1a06/0xa8d0 [ 935.806420][T25716] sd_probe+0x8ee/0xfa0 [ 935.810681][T25716] really_probe+0x23e/0xa90 [ 935.815247][T25716] __driver_probe_device+0x1de/0x440 [ 935.820675][T25716] driver_probe_device+0x4c/0x1b0 [ 935.825715][T25716] __device_attach_driver+0x1df/0x310 [ 935.831084][T25716] bus_for_each_drv+0x157/0x1e0 [ 935.836191][T25716] __device_attach_async_helper+0x1d3/0x290 [ 935.842008][T25716] async_run_entry_fn+0x9c/0x530 [ 935.846962][T25716] process_one_work+0x958/0x1b30 [ 935.851932][T25716] worker_thread+0x6c8/0xf00 [ 935.857323][T25716] kthread+0x2c1/0x3a0 [ 935.861496][T25716] ret_from_fork+0x45/0x80 [ 935.866143][T25716] ret_from_fork_asm+0x1a/0x30 [ 935.871059][T25716] [ 935.871059][T25716] -> #2 (&q->limits_lock){+.+.}-{4:4}: [ 935.877988][T25716] __mutex_lock+0x19b/0xa60 [ 935.882561][T25716] __nbd_set_size+0x2c0/0x730 [ 935.887510][T25716] nbd_start_device+0x8fd/0xd70 [ 935.892379][T25716] nbd_genl_connect+0x1204/0x1c00 [ 935.897441][T25716] genl_family_rcv_msg_doit+0x202/0x2f0 [ 935.902944][T25716] genl_rcv_msg+0x565/0x800 [ 935.907512][T25716] netlink_rcv_skb+0x165/0x410 [ 935.912305][T25716] genl_rcv+0x28/0x40 [ 935.916395][T25716] netlink_unicast+0x53c/0x7f0 [ 935.921190][T25716] netlink_sendmsg+0x8b8/0xd70 [ 935.925988][T25716] ____sys_sendmsg+0x9ae/0xb40 [ 935.930888][T25716] ___sys_sendmsg+0x135/0x1e0 [ 935.935696][T25716] __sys_sendmsg+0x16e/0x220 [ 935.940338][T25716] do_syscall_64+0xcd/0x250 [ 935.944903][T25716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.950719][T25716] [ 935.950719][T25716] -> #1 (&q->q_usage_counter(io)#49){++++}-{0:0}: [ 935.958520][T25716] blk_mq_submit_bio+0x1fb6/0x24c0 [ 935.963684][T25716] __submit_bio+0x384/0x540 [ 935.968256][T25716] submit_bio_noacct_nocheck+0x698/0xd70 [ 935.973842][T25716] submit_bio_noacct+0x93a/0x1e20 [ 935.978881][T25716] mpage_readahead+0x41d/0x590 [ 935.983696][T25716] read_pages+0x1a8/0xdc0 [ 935.988107][T25716] page_cache_ra_unbounded+0x3dc/0x750 [ 935.993546][T25716] force_page_cache_ra+0x24b/0x340 [ 935.998664][T25716] page_cache_sync_ra+0x110/0x9c0 [ 936.003693][T25716] filemap_get_pages+0xd7b/0x1be0 [ 936.008762][T25716] filemap_read+0x3ca/0xd70 [ 936.013323][T25716] blkdev_read_iter+0x187/0x480 [ 936.018190][T25716] vfs_read+0x87f/0xbe0 [ 936.022441][T25716] ksys_read+0x12b/0x250 [ 936.026760][T25716] do_syscall_64+0xcd/0x250 [ 936.031325][T25716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.037139][T25716] [ 936.037139][T25716] -> #0 (mapping.invalidate_lock#2){++++}-{4:4}: [ 936.044967][T25716] __lock_acquire+0x249e/0x3c40 [ 936.049832][T25716] lock_acquire.part.0+0x11b/0x380 [ 936.054929][T25716] down_read+0x9a/0x330 [ 936.059182][T25716] page_cache_ra_unbounded+0x173/0x750 [ 936.064606][T25716] page_cache_ra_order+0x8f2/0xc80 [ 936.069791][T25716] filemap_fault+0x14a5/0x2820 [ 936.074592][T25716] __do_fault+0x10a/0x490 [ 936.079007][T25716] do_pte_missing+0x1a8/0x3e00 [ 936.083817][T25716] __handle_mm_fault+0x103c/0x2a40 [ 936.089027][T25716] handle_mm_fault+0x3fa/0xaa0 [ 936.093996][T25716] __get_user_pages+0x8d9/0x3b50 [ 936.098958][T25716] faultin_page_range+0x3a8/0x980 [ 936.104026][T25716] do_madvise+0x504/0x770 [ 936.108449][T25716] __x64_sys_madvise+0xa9/0x110 [ 936.113318][T25716] do_syscall_64+0xcd/0x250 [ 936.117880][T25716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.123696][T25716] [ 936.123696][T25716] other info that might help us debug this: [ 936.123696][T25716] [ 936.132918][T25716] Chain exists of: [ 936.132918][T25716] mapping.invalidate_lock#2 --> &q->debugfs_mutex --> &mm->mmap_lock [ 936.132918][T25716] [ 936.145575][T25716] Possible unsafe locking scenario: [ 936.145575][T25716] [ 936.152377][T25716] CPU0 CPU1 [ 936.157304][T25716] ---- ---- [ 936.162148][T25716] rlock(&mm->mmap_lock); [ 936.166546][T25716] lock(&q->debugfs_mutex); [ 936.173055][T25716] lock(&mm->mmap_lock); [ 936.179252][T25716] rlock(mapping.invalidate_lock#2); [ 936.184137][T25716] [ 936.184137][T25716] *** DEADLOCK *** [ 936.184137][T25716] [ 936.191482][T25716] 1 lock held by syz.6.7559/25716: [ 936.196101][T25716] #0: ffff88804061ed20 (&mm->mmap_lock){++++}-{4:4}, at: faultin_page_range+0x348/0x980 [ 936.205032][T25716] [ 936.205032][T25716] stack backtrace: [ 936.210433][T25716] CPU: 1 UID: 0 PID: 25716 Comm: syz.6.7559 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 936.220150][T25716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 936.229302][T25716] Call Trace: [ 936.232273][T25716] [ 936.234934][T25716] dump_stack_lvl+0x116/0x1f0 [ 936.239188][T25716] print_circular_bug+0x41c/0x610 [ 936.243762][T25716] check_noncircular+0x31a/0x400 [ 936.248412][T25716] ? __pfx_check_noncircular+0x10/0x10 [ 936.253380][T25716] ? hlock_class+0x4e/0x130 [ 936.257553][T25716] ? lockdep_lock+0xc6/0x200 [ 936.261726][T25716] ? __pfx_lockdep_lock+0x10/0x10 [ 936.266295][T25716] __lock_acquire+0x249e/0x3c40 [ 936.270723][T25716] ? __pfx___lock_acquire+0x10/0x10 [ 936.275439][T25716] ? __pfx_mark_lock+0x10/0x10 [ 936.279795][T25716] lock_acquire.part.0+0x11b/0x380 [ 936.284437][T25716] ? page_cache_ra_unbounded+0x173/0x750 [ 936.289569][T25716] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 936.294698][T25716] ? rcu_is_watching+0x12/0xc0 [ 936.299030][T25716] ? trace_lock_acquire+0x14e/0x1f0 [ 936.303755][T25716] ? page_cache_ra_unbounded+0x173/0x750 [ 936.308865][T25716] ? lock_acquire+0x2f/0xb0 [ 936.313035][T25716] ? page_cache_ra_unbounded+0x173/0x750 [ 936.318316][T25716] down_read+0x9a/0x330 [ 936.322105][T25716] ? page_cache_ra_unbounded+0x173/0x750 [ 936.327214][T25716] ? __pfx_down_read+0x10/0x10 [ 936.331552][T25716] ? hlock_class+0x4e/0x130 [ 936.335645][T25716] ? mark_lock+0xb5/0xc60 [ 936.339616][T25716] ? __pfx___lock_acquire+0x10/0x10 [ 936.344328][T25716] ? xas_load+0x49/0x5b0 [ 936.348269][T25716] page_cache_ra_unbounded+0x173/0x750 [ 936.353250][T25716] ? find_held_lock+0x2d/0x110 [ 936.357673][T25716] page_cache_ra_order+0x8f2/0xc80 [ 936.362419][T25716] filemap_fault+0x14a5/0x2820 [ 936.366928][T25716] ? __pfx_filemap_fault+0x10/0x10 [ 936.371593][T25716] ? mark_held_locks+0x9f/0xe0 [ 936.376018][T25716] ? pte_alloc_one+0x2a3/0x390 [ 936.380350][T25716] ? __pfx_filemap_map_pages+0x10/0x10 [ 936.385318][T25716] __do_fault+0x10a/0x490 [ 936.389256][T25716] ? __pfx_filemap_map_pages+0x10/0x10 [ 936.394211][T25716] do_pte_missing+0x1a8/0x3e00 [ 936.398549][T25716] __handle_mm_fault+0x103c/0x2a40 [ 936.403198][T25716] ? __pfx_lock_release+0x10/0x10 [ 936.407751][T25716] ? trace_lock_acquire+0x14e/0x1f0 [ 936.412472][T25716] ? __pfx___handle_mm_fault+0x10/0x10 [ 936.417451][T25716] handle_mm_fault+0x3fa/0xaa0 [ 936.421790][T25716] __get_user_pages+0x8d9/0x3b50 [ 936.426280][T25716] ? __pfx___get_user_pages+0x10/0x10 [ 936.431155][T25716] ? down_read_killable+0xcc/0x380 [ 936.435799][T25716] ? __pfx_down_read_killable+0x10/0x10 [ 936.440834][T25716] ? lock_acquire+0x2f/0xb0 [ 936.445001][T25716] faultin_page_range+0x3a8/0x980 [ 936.449573][T25716] do_madvise+0x504/0x770 [ 936.453519][T25716] ? __pfx_do_madvise+0x10/0x10 [ 936.457932][T25716] ? __x64_sys_futex+0x1e1/0x4c0 [ 936.462440][T25716] ? rcu_is_watching+0x12/0xc0 [ 936.466768][T25716] __x64_sys_madvise+0xa9/0x110 [ 936.471168][T25716] ? lockdep_hardirqs_on+0x7c/0x110 [ 936.475886][T25716] do_syscall_64+0xcd/0x250 [ 936.479981][T25716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.485333][T25716] RIP: 0033:0x7f1833b85d29 [ 936.489334][T25716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 936.507024][T25716] RSP: 002b:00007f1834935038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 936.514631][T25716] RAX: ffffffffffffffda RBX: 00007f1833d75fa0 RCX: 00007f1833b85d29 [ 936.521836][T25716] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 936.529119][T25716] RBP: 00007f1833c01b08 R08: 0000000000000000 R09: 0000000000000000 [ 936.536328][T25716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 936.543528][T25716] R13: 0000000000000000 R14: 00007f1833d75fa0 R15: 00007fffa3254c28 [ 936.550749][T25716] [ 936.868463][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 936.874203][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 937.526633][T25717] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz.4.7558: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 937.541014][T25717] EXT4-fs error (device sda1) in ext4_free_inode:361: Filesystem failed CRC [ 937.581680][T25717] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 937.624032][T13843] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 937.697674][T13843] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 937.711239][T25691] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 937.894265][T25691] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 937.932182][T25691] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 938.064096][T25691] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 938.945499][ T5853] Bluetooth: hci1: command 0x0406 tx timeout