last executing test programs: 1.961445077s ago: executing program 3 (id=11404): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = pidfd_open$auto(0x1, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(r0, 0x0, 0xffffffffffffffff, 0x0, 0x104) 1.771017151s ago: executing program 3 (id=11407): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000340)={&(0x7f0000000200)="4c0300000000000000a3677337f9", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x1d50, 0x100) 1.516081184s ago: executing program 3 (id=11411): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000000)=@generic={0xa, "dfffffffffffffff00"}, 0x4) 1.249755193s ago: executing program 3 (id=11415): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket(0xa, 0x1, 0x84) socket(0x23, 0x5, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) 1.144194753s ago: executing program 2 (id=11418): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x14, 0x7, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffd, 0x4000000000009, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 992.730595ms ago: executing program 3 (id=11419): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) nanosleep$auto(0x0, &(0x7f0000000100)={0x0, 0x864}) 967.810753ms ago: executing program 1 (id=11420): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x2, 0x8, 0xc, 0xe3, 0x3fffffffff, 0x3}, 0x6f4) bpf$auto(0x100000001, 0x0, 0x0) 938.696141ms ago: executing program 0 (id=11421): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, 0x0, 0x4900, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) set_tid_address$auto(0x0) 794.13001ms ago: executing program 0 (id=11422): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="030029bd7000fbdbdf253987f1ec08000300", @ANYRES32=r2], 0x24}, 0x1, 0x1400, 0x0, 0x80}, 0x20000084) 752.579146ms ago: executing program 2 (id=11423): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto_PR_SET_MM_ARG_END(0xf, 0x9, 0x0, 0x56d, 0xfffffffffffffffe) setfsuid$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x80e42, 0x0) 749.342827ms ago: executing program 1 (id=11424): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) timer_create$auto(0x2, 0x0, 0x0) timer_settime$auto(0x0, 0x7ff, &(0x7f0000000000)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x4, 0x4}, {0x0, 0x83}}, 0x0) 598.678501ms ago: executing program 1 (id=11425): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x7, 0x98, 0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) 593.662682ms ago: executing program 2 (id=11426): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) copy_file_range$auto(r0, 0x0, r0, 0x0, 0x2, 0x0) 558.178511ms ago: executing program 0 (id=11427): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x42, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) 443.806728ms ago: executing program 2 (id=11428): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000480)={'dummy0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000e80)={0x20, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_FW_FLASH_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}, 0x1, 0x1000060}, 0x400c080) 408.526603ms ago: executing program 0 (id=11429): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x2001, 0x0) ioctl$auto(r0, 0xc0046209, 0x9) 385.262602ms ago: executing program 1 (id=11430): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001a80)={'wg2\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)={0x2c, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) 268.225914ms ago: executing program 2 (id=11431): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40043d14, 0x0) 224.015439ms ago: executing program 0 (id=11432): r0 = setfsuid$auto(0xee00) r1 = setfsuid$auto(0xee01) setresuid$auto(r0, r1, r0) setresuid$auto(r1, 0xffffffffffffffff, 0x0) 209.284296ms ago: executing program 1 (id=11433): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="57e72cbd700003dcdf250500000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4040854}, 0x8010) 53.283682ms ago: executing program 0 (id=11434): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5) lstat$auto(0x0, &(0x7f0000000180)={0x9, 0x43, 0x7, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x10001, 0x7, 0x8001, 0x401, 0xf8, 0x7, 0x5, 0x61, 0x102}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 36.866165ms ago: executing program 2 (id=11435): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) 18.234121ms ago: executing program 1 (id=11436): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0xa, 0x5, 0x84) getsockopt$auto(r0, 0x84, 0x14, 0x0, 0x0) 0s ago: executing program 3 (id=11437): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010026f7dd46db2ead009500000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x180c0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.118' (ED25519) to the list of known hosts. [ 87.431104][ T5812] cgroup: Unknown subsys name 'net' [ 87.558760][ T5812] cgroup: Unknown subsys name 'cpuset' [ 87.568572][ T5812] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 89.355197][ T5812] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 91.315159][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 91.324119][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 91.332477][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.341892][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 91.360682][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 91.368325][ T5841] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 91.376710][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 91.384352][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 91.384828][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.396608][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 91.405984][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 91.409753][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.420508][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.428141][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 91.436393][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.444447][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.453978][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 91.461450][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.462680][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 91.474104][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.088963][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 92.179097][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 92.213356][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 92.408030][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 92.547481][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.554857][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.562135][ T5823] bridge_slave_0: entered allmulticast mode [ 92.570277][ T5823] bridge_slave_0: entered promiscuous mode [ 92.621604][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.629690][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.637557][ T5823] bridge_slave_1: entered allmulticast mode [ 92.645305][ T5823] bridge_slave_1: entered promiscuous mode [ 92.671715][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.679076][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.686786][ T5826] bridge_slave_0: entered allmulticast mode [ 92.694356][ T5826] bridge_slave_0: entered promiscuous mode [ 92.714449][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.721713][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.729283][ T5825] bridge_slave_0: entered allmulticast mode [ 92.737121][ T5825] bridge_slave_0: entered promiscuous mode [ 92.752331][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.760295][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.767874][ T5826] bridge_slave_1: entered allmulticast mode [ 92.775666][ T5826] bridge_slave_1: entered promiscuous mode [ 92.794740][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.802292][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.809868][ T5825] bridge_slave_1: entered allmulticast mode [ 92.817454][ T5825] bridge_slave_1: entered promiscuous mode [ 92.862234][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.897487][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.904921][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.912308][ T5824] bridge_slave_0: entered allmulticast mode [ 92.920000][ T5824] bridge_slave_0: entered promiscuous mode [ 92.942695][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.955112][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.964590][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.971992][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.980945][ T5824] bridge_slave_1: entered allmulticast mode [ 92.989084][ T5824] bridge_slave_1: entered promiscuous mode [ 92.999594][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.012283][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.035720][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.129194][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.153625][ T5823] team0: Port device team_slave_0 added [ 93.161506][ T5825] team0: Port device team_slave_0 added [ 93.169904][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.181347][ T5826] team0: Port device team_slave_0 added [ 93.189794][ T5823] team0: Port device team_slave_1 added [ 93.197426][ T5825] team0: Port device team_slave_1 added [ 93.216863][ T5826] team0: Port device team_slave_1 added [ 93.283054][ T5824] team0: Port device team_slave_0 added [ 93.289883][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.302283][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.328857][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.365408][ T5824] team0: Port device team_slave_1 added [ 93.371802][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.379411][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.405829][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.418135][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.425297][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.452503][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.465019][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.472005][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.498425][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.511262][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.518712][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.545713][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.545978][ T5829] Bluetooth: hci3: command tx timeout [ 93.556722][ T5144] Bluetooth: hci1: command tx timeout [ 93.562862][ T5844] Bluetooth: hci2: command tx timeout [ 93.567991][ T5835] Bluetooth: hci0: command tx timeout [ 93.593126][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.600451][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.626703][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.677452][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.684815][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.711308][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.724846][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.731835][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.758426][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.836234][ T5823] hsr_slave_0: entered promiscuous mode [ 93.842964][ T5823] hsr_slave_1: entered promiscuous mode [ 93.895584][ T5825] hsr_slave_0: entered promiscuous mode [ 93.902429][ T5825] hsr_slave_1: entered promiscuous mode [ 93.908994][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 93.914873][ T5825] Cannot create hsr debugfs directory [ 93.929333][ T5826] hsr_slave_0: entered promiscuous mode [ 93.936256][ T5826] hsr_slave_1: entered promiscuous mode [ 93.942728][ T5826] debugfs: 'hsr0' already exists in 'hsr' [ 93.948593][ T5826] Cannot create hsr debugfs directory [ 94.008751][ T5824] hsr_slave_0: entered promiscuous mode [ 94.015884][ T5824] hsr_slave_1: entered promiscuous mode [ 94.022197][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 94.028259][ T5824] Cannot create hsr debugfs directory [ 94.542774][ T5823] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.561022][ T5823] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 94.572085][ T5823] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.585391][ T5823] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.677311][ T5825] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 94.689870][ T5825] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 94.714777][ T5825] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 94.740640][ T5825] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 94.808792][ T5824] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 94.832196][ T5824] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 94.865135][ T5824] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 94.876505][ T5824] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 94.946233][ T5826] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 94.966176][ T5826] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 94.981758][ T5826] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.002309][ T5826] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.075390][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.140085][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.172164][ T86] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.179820][ T86] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.205139][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.220058][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.227281][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.268744][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.333072][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.367345][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.374617][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.386383][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.393616][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.432433][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.465963][ T157] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.473184][ T157] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.503360][ T86] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.510813][ T86] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.605123][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.615004][ T5835] Bluetooth: hci2: command tx timeout [ 95.616286][ T5144] Bluetooth: hci3: command tx timeout [ 95.620501][ T5835] Bluetooth: hci0: command tx timeout [ 95.629224][ T5144] Bluetooth: hci1: command tx timeout [ 95.686462][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.750129][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.757414][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.818135][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.825381][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.937890][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.082073][ T5823] veth0_vlan: entered promiscuous mode [ 96.121140][ T5823] veth1_vlan: entered promiscuous mode [ 96.221775][ T5823] veth0_macvtap: entered promiscuous mode [ 96.239890][ T5823] veth1_macvtap: entered promiscuous mode [ 96.258323][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.313025][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.349731][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.398025][ T58] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.424603][ T58] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.448652][ T58] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.461047][ T5825] veth0_vlan: entered promiscuous mode [ 96.479898][ T58] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.499621][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.537391][ T5825] veth1_vlan: entered promiscuous mode [ 96.639252][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.702322][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.714595][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.759174][ T5824] veth0_vlan: entered promiscuous mode [ 96.769000][ T5825] veth0_macvtap: entered promiscuous mode [ 96.800054][ T5825] veth1_macvtap: entered promiscuous mode [ 96.825930][ T5824] veth1_vlan: entered promiscuous mode [ 96.864033][ T86] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.872065][ T86] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.889144][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.915699][ T5826] veth0_vlan: entered promiscuous mode [ 96.939513][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.975301][ T5824] veth0_macvtap: entered promiscuous mode [ 96.987613][ T86] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.012231][ T5826] veth1_vlan: entered promiscuous mode [ 97.021742][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.031363][ T5824] veth1_macvtap: entered promiscuous mode [ 97.055754][ T86] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.066390][ T86] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.075667][ T86] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.153600][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.227261][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.238155][ T798] cfg80211: failed to load regulatory.db [ 97.282392][ T157] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.370035][ T157] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.383058][ T157] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.402364][ T86] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.418759][ T86] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.427303][ T157] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.441442][ T5826] veth0_macvtap: entered promiscuous mode [ 97.538672][ T5826] veth1_macvtap: entered promiscuous mode [ 97.556040][ T157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.579628][ T157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.653125][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.696587][ T5144] Bluetooth: hci0: command tx timeout [ 97.696606][ T5844] Bluetooth: hci3: command tx timeout [ 97.696733][ T5844] Bluetooth: hci2: command tx timeout [ 97.702343][ T5144] Bluetooth: hci1: command tx timeout [ 97.737487][ T5926] nfs: Bad value for 'source' [ 97.785232][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.813291][ T58] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.894601][ T86] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.915188][ T157] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.931841][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.943988][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.970305][ T157] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.189640][ T157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.213558][ T157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.328944][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.351358][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.456580][ T86] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.480491][ T86] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.881823][ T5955] capability: warning: `syz.1.18' uses deprecated v2 capabilities in a way that may be insecure [ 99.774481][ T5835] Bluetooth: hci0: command tx timeout [ 99.774975][ T5844] Bluetooth: hci3: command tx timeout [ 99.779993][ T5144] Bluetooth: hci2: command tx timeout [ 99.787268][ T5844] Bluetooth: hci1: command tx timeout [ 100.324379][ T6009] random: crng reseeded on system resumption [ 101.949529][ T6069] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 102.157373][ T30] audit: type=1800 audit(1776043983.282:2): pid=6076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.78" name="lu_gp_id" dev="configfs" ino=8375 res=0 errno=0 [ 102.423754][ T6089] ptrace attach of "./syz-executor exec"[5826] was attempted by "./syz-executor exec"[6089] [ 106.691505][ T5844] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11 [ 107.143804][ T6281] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.185943][ T5844] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 108.009258][ T6319] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 109.993136][ T6403] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.890529][ T6491] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 112.137862][ T30] audit: type=1800 audit(1843104525.674:3): pid=6503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.288" name="members" dev="configfs" ino=9811 res=0 errno=0 [ 112.202999][ T6465] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 112.226341][ T6465] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.272570][ T6465] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.317992][ T6465] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 112.335320][ T6465] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.344983][ T6465] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.366312][ T6465] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 112.382634][ T6465] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 112.397550][ T6465] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 112.421285][ T6465] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 112.439084][ T6465] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 112.478639][ T6465] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 113.066178][ T30] audit: type=1326 audit(1843104526.589:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.304" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8ec5f9c819 code=0x0 [ 113.469359][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 114.344813][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.413522][ T5844] Bluetooth: hci1: unexpected event 0x34 length: 726 > 6 [ 114.424479][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 114.439685][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout [ 115.039795][ T5844] Bluetooth: hci3: unexpected event 0x34 length: 726 > 6 [ 115.538617][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 116.416958][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout [ 116.493698][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.493840][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout [ 117.354502][ T6717] ptrace attach of "./syz-executor exec"[5824] was attempted by "./syz-executor exec"[6717] [ 117.607814][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout [ 118.212111][ T6763] ======================================================= [ 118.212111][ T6763] WARNING: The mand mount option has been deprecated and [ 118.212111][ T6763] and is ignored by this kernel. Remove the mand [ 118.212111][ T6763] option from the mount to silence this warning. [ 118.212111][ T6763] ======================================================= [ 118.484106][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 118.562877][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout [ 118.563089][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 120.732981][ T6889] Process accounting resumed [ 122.028845][ T6962] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.141643][ T6925] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 122.153012][ T6925] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 122.167696][ T6925] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 122.180487][ T6925] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 123.513031][ T6992] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 123.520453][ T6992] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 123.526813][ T6992] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 123.533958][ T6992] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 123.577880][ T5844] Bluetooth: hci2: unexpected event 0x33 length: 124 > 10 [ 124.771713][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.116184][ T5844] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 125.551811][ T5844] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 125.567848][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout [ 125.573989][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.187084][ T7138] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 126.193385][ T7138] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 126.226125][ T7138] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 126.232329][ T7138] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 127.398940][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout [ 127.623425][ T7262] Unable to find swap-space signature [ 128.191361][ T5144] Bluetooth: hci1: unexpected event 0x23 length: 127 > 13 [ 128.202567][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.276730][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.282939][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.272597][ T7354] Unable to find swap-space signature [ 130.041220][ T30] audit: type=1800 audit(1843123910.656:5): pid=7398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.729" name="features" dev="configfs" ino=13323 res=0 errno=0 [ 132.706271][ T7553] mmap: syz.2.806 (7553) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 132.903897][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.910478][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.068607][ T7676] ima: policy update failed [ 135.085483][ T30] audit: type=1802 audit(1843123915.740:6): pid=7676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.866" res=0 errno=0 [ 135.908627][ T7713] syz.0.885(7713): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 138.497301][ T7818] __vm_enough_memory: pid: 7818, comm: syz.3.935, bytes: 4398046511104 not enough memory for the allocation [ 139.653898][ T7872] Unable to find swap-space signature [ 141.907654][ T5144] Bluetooth: hci0: unknown advertising packet type: 0xea [ 142.214328][ T8014] ptrace attach of "./syz-executor exec"[5826] was attempted by "./syz-executor exec"[8014] [ 142.510637][ T8032] futex_wake_op: syz.3.1042 tries to shift op by -1; fix this program [ 144.350744][ T5144] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 146.474678][ T8206] syz.3.1127 (8206): attempted to duplicate a private mapping with mremap. This is not supported. [ 148.087435][ T30] audit: type=1800 audit(1843123928.808:7): pid=8271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1156" name="trace_pipe" dev="tracefs" ino=1477 res=0 errno=0 [ 149.298868][ T30] audit: type=1800 audit(1843123930.024:8): pid=8320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1182" name="trace_pipe" dev="tracefs" ino=1522 res=0 errno=0 [ 150.834747][ T8364] Process accounting paused [ 152.941559][ T8490] syz.3.1268 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 152.965840][ T5144] Bluetooth: hci3: unexpected event 0x01 length: 124 > 1 [ 156.940787][ T8702] can: request_module (can-proto-5) failed. [ 157.778245][ T30] audit: type=1800 audit(1843123938.538:9): pid=8752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1397" name="dbroot" dev="configfs" ino=16469 res=0 errno=0 [ 158.116999][ T8769] Invalid ELF header magic: != ELF [ 162.230052][ T5144] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 162.230099][ T5144] Bluetooth: hci2: unexpected subevent 0x01 length: 507 > 18 [ 164.043377][ T9071] futex_wake_op: syz.3.1551 tries to shift op by -2048; fix this program [ 164.578497][ T9029] kexec: Could not allocate control_code_buffer [ 168.807964][ T5835] Bluetooth: hci1: unexpected event 0x03 length: 123 > 11 [ 170.406750][ T9424] capability: warning: `syz.2.1725' uses 32-bit capabilities (legacy support in use) [ 172.457187][ T9538] vhci_hcd vhci_hcd.2: invalid port number 16 [ 172.477293][ T9538] vhci_hcd vhci_hcd.2: invalid port number 16 [ 175.200144][ T9685] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 176.332301][ T9661] kexec: Could not allocate control_code_buffer [ 178.262024][ T9824] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.677313][ T5835] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 178.717624][ T9852] synth uevent: /module/null_blk: unknown uevent action string Ijn9_VQ8j@:U%Ux0 R@x@qrIB@[*t ;S;x=Gcqx)Z*16GSu bmIK7 [ 180.713775][ T9957] Process accounting resumed [ 181.657331][T10002] Format for deleting device is "id" (uint). [ 182.081413][T10027] [ 183.374225][T10093] sysfs_service_op_show: Client not running :-5: [ 184.322382][T10149] [ 185.460717][T10212] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 185.777989][T10224] usb usb4: usbfs: process 10224 (syz.3.2116) did not claim interface 0 before use [ 186.365139][T10248] wlan1: mtu less than device minimum [ 187.744771][T10315] bond0: option packets_per_slave: invalid value ( Xnp) [ 187.756440][T10315] bond0: option packets_per_slave: allowed values 0 - 65535 [ 189.288501][T10397] vhci_hcd vhci_hcd.2: invalid port number 16 [ 189.319267][T10397] vhci_hcd vhci_hcd.2: invalid port number 16 [ 194.026494][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.032881][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.240913][T10655] kernel profiling enabled (shift: 0) [ 195.992175][ T5835] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 195.992220][ T5835] Bluetooth: hci1: unexpected subevent 0x06 length: 725 > 10 [ 198.077124][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 200.454420][T10882] bonding: no command found in bonding_masters - use +ifname or -ifname [ 202.550768][T10971] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 202.739160][T10979] WARNING! power/level is deprecated; use power/control instead [ 203.680109][T11023] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 205.705315][ T5835] Bluetooth: hci3: unexpected event 0x31 length: 19 > 6 [ 206.958925][T11168] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 207.138637][T11176] random: crng reseeded on system resumption [ 207.818103][T11208] [U]  [ 207.983666][T11219] vhci_hcd vhci_hcd.2: invalid port number 253 [ 208.000517][T11219] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 208.874962][T11270] binder: 11269:11270 ioctl c0306201 200000000000 returned -14 [ 208.897601][T11271] block2mtd: illegal erase size [ 209.224272][ T5835] Bluetooth: hci1: unexpected event 0x31 length: 19 > 6 [ 210.318055][T11349] syz.1.2665: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 210.355888][T11349] CPU: 1 UID: 0 PID: 11349 Comm: syz.1.2665 Not tainted syzkaller #0 PREEMPT(full) [ 210.355938][T11349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 210.355968][T11349] Call Trace: [ 210.355980][T11349] [ 210.355996][T11349] dump_stack_lvl+0x100/0x190 [ 210.356076][T11349] warn_alloc.cold+0x95/0x1c1 [ 210.356140][T11349] ? __pfx_warn_alloc+0x10/0x10 [ 210.356199][T11349] ? __lock_acquire+0x4a5/0x2630 [ 210.356270][T11349] __vmalloc_node_range_noprof+0x1252/0x1530 [ 210.356322][T11349] ? rcu_is_watching+0x12/0xc0 [ 210.356379][T11349] ? trace_contention_end+0x140/0x180 [ 210.356432][T11349] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 210.356476][T11349] ? dvb_dvr_do_ioctl+0x7e/0x270 [ 210.356522][T11349] ? tomoyo_path_number_perm+0x28f/0x580 [ 210.356566][T11349] ? tomoyo_path_number_perm+0x28f/0x580 [ 210.356613][T11349] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 210.356659][T11349] ? __pfx___mutex_lock+0x10/0x10 [ 210.356706][T11349] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 210.356750][T11349] ? futex_wait+0x125/0x380 [ 210.356820][T11349] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 210.356861][T11349] __vmalloc_node_noprof+0xad/0xf0 [ 210.356908][T11349] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 210.356953][T11349] dvb_dvr_do_ioctl+0x15d/0x270 [ 210.357003][T11349] dvb_usercopy+0x167/0x340 [ 210.357041][T11349] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 210.357085][T11349] ? __pfx_dvb_usercopy+0x10/0x10 [ 210.357141][T11349] ? __fget_files+0x21f/0x3d0 [ 210.357186][T11349] dvb_dvr_ioctl+0x29/0x40 [ 210.357224][T11349] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 210.357265][T11349] __x64_sys_ioctl+0x18e/0x210 [ 210.357322][T11349] do_syscall_64+0x106/0xf80 [ 210.357358][T11349] ? clear_bhb_loop+0x40/0x90 [ 210.357402][T11349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.357437][T11349] RIP: 0033:0x7f138b79c819 [ 210.357473][T11349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 210.357506][T11349] RSP: 002b:00007f138c57c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 210.357543][T11349] RAX: ffffffffffffffda RBX: 00007f138ba15fa0 RCX: 00007f138b79c819 [ 210.357567][T11349] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 210.357588][T11349] RBP: 00007f138b832c91 R08: 0000000000000000 R09: 0000000000000000 [ 210.357609][T11349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 210.357629][T11349] R13: 00007f138ba16038 R14: 00007f138ba15fa0 R15: 00007ffcd686f1b8 [ 210.357675][T11349] [ 210.357692][T11349] Mem-Info: [ 210.622682][T11349] active_anon:5090 inactive_anon:0 isolated_anon:0 [ 210.622682][T11349] active_file:6588 inactive_file:40207 isolated_file:0 [ 210.622682][T11349] unevictable:768 dirty:280 writeback:0 [ 210.622682][T11349] slab_reclaimable:11876 slab_unreclaimable:89959 [ 210.622682][T11349] mapped:24002 shmem:1359 pagetables:1433 [ 210.622682][T11349] sec_pagetables:0 bounce:0 [ 210.622682][T11349] kernel_misc_reclaimable:0 [ 210.622682][T11349] free:1133530 free_pcp:19351 free_cma:0 [ 210.684564][T11353] Process accounting paused [ 210.689774][T11349] Node 0 active_anon:20360kB inactive_anon:0kB active_file:26308kB inactive_file:160632kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:95964kB dirty:1100kB writeback:0kB shmem:3900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11164kB pagetables:5624kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 210.759013][T11349] Node 1 active_anon:0kB inactive_anon:0kB active_file:44kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:20kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:108kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 210.802093][T11349] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 210.837473][T11349] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 210.844042][T11349] Node 0 DMA32 free:604124kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20560kB inactive_anon:0kB active_file:26308kB inactive_file:160632kB unevictable:1536kB writepending:1100kB zspages:0kB present:3129332kB managed:2537256kB mlocked:0kB bounce:0kB free_pcp:53572kB local_pcp:32708kB free_cma:0kB [ 210.883105][T11349] lowmem_reserve[]: 0 0 1 1 1 [ 210.897289][T11349] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1052kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 210.928840][T11349] lowmem_reserve[]: 0 0 0 0 0 [ 210.933947][T11349] Node 1 Normal free:3914624kB boost:0kB min:55584kB low:69480kB high:83376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:44kB inactive_file:196kB unevictable:1536kB writepending:20kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:23832kB local_pcp:2520kB free_cma:0kB [ 210.968311][T11349] lowmem_reserve[]: 0 0 0 0 0 [ 210.973316][T11349] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 210.987487][T11349] Node 0 DMA32: 1281*4kB (UME) 571*8kB (UM) 426*16kB (UME) 249*32kB (UM) 203*64kB (UME) 187*128kB (UME) 78*256kB (UM) 51*512kB (UM) 39*1024kB (UM) 13*2048kB (UM) 105*4096kB (UME) = 604124kB [ 211.077371][T11349] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 211.150349][T11364] nvme_fabrics: missing parameter 'transport=%s' [ 211.166873][T11364] nvme_fabrics: missing parameter 'nqn=%s' [ 211.174957][T11349] Node 1 Normal: 1*4kB (M) 6*8kB (U) 10*16kB (U) 13*32kB (UM) 5*64kB (U) 6*128kB (U) 3*256kB (U) 3*512kB (U) 3*1024kB (U) 4*2048kB (U) 952*4096kB (UM) = 3914676kB [ 211.206734][T11349] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 211.256773][T11349] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 211.296151][T11349] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 211.305865][T11349] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 211.334541][T11349] 48151 total pagecache pages [ 211.344614][T11349] 1 pages in swap cache [ 211.355531][T11349] Free swap = 124992kB [ 211.360353][T11349] Total swap = 124996kB [ 211.365129][T11349] 2097051 pages RAM [ 211.389359][T11349] 0 pages HighMem/MovableOnly [ 211.394176][T11349] 430859 pages reserved [ 211.399428][T11349] 0 pages cma reserved [ 212.384236][T11416] ubi31: attaching mtd0 [ 212.396822][T11416] ubi31: scanning is finished [ 212.405638][T11416] ubi31: empty MTD device detected [ 212.638909][T11416] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 212.648362][T11416] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes [ 212.674066][T11416] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 212.691433][T11416] ubi31: VID header offset: 514 (aligned 514), data offset: 578 [ 212.719421][T11416] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 212.726408][T11416] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 20 [ 212.768891][T11416] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 631808458 [ 212.796230][T11416] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 212.838377][T11426] ubi31: background thread "ubi_bgt31d" started, PID 11426 [ 216.852538][T11618] vmstat_refresh: nr_hugetlb -2048 [ 217.008293][T11624] ubi: mtd0 is already attached to ubi31 [ 218.442396][T11692] vivid-007: ================= START STATUS ================= [ 218.479351][T11692] vivid-007: Enable Output Cropping: true [ 218.487162][T11692] vivid-007: Enable Output Composing: true [ 218.508595][T11692] vivid-007: Enable Output Scaler: true [ 218.515113][T11692] vivid-007: Tx RGB Quantization Range: Automatic [ 218.529271][T11692] vivid-007: Transmit Mode: HDMI [ 218.545912][T11692] vivid-007: Hotplug Present: 0x00000000 [ 218.558371][T11692] vivid-007: RxSense Present: 0x00000000 [ 218.577055][T11692] vivid-007: EDID Present: 0x00000000 [ 218.608050][T11692] vivid-007: ================== END STATUS ================== [ 219.078269][T11725] kAFS: Invalid Command on /proc/fs/afs/cells file [ 219.697470][T11759] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.1.2865: 7 [ 220.617632][T11807] blkio.reset_stats is deprecated [ 222.477618][ T30] audit: type=1400 audit(4294968385.728:10): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=11901 comm="syz.1.2932" [ 223.050593][T11935] nvme_fcloop: unknown parameter or missing value '0' [ 223.176659][T11939] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.3.2950: 7 [ 224.428721][T12007] nvme_fabrics: unknown parameter or missing value '@' in ctrl creation request [ 224.516926][T12011] bond0: option slaves: interface - does not exist! [ 225.087750][T12033] program syz.2.2996 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 225.106876][T12032] ima: policy update failed [ 225.111658][ T30] audit: type=1802 audit(4294968388.382:11): pid=12032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2997" res=0 errno=0 [ 225.341898][ T30] audit: type=1800 audit(4294968388.603:12): pid=12045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3003" name="lu_gp_id" dev="configfs" ino=26762 res=0 errno=0 [ 225.370530][T12045] kstrtoul() returned -22 for lu_gp_id [ 227.104182][T12144] Setting dangerous option i915.mitigations - tainting kernel [ 228.144156][T12200] kAFS: Invalid Command on /proc/fs/afs/cells file [ 229.123810][T12254] Setting dangerous option i915.mitigations - tainting kernel [ 229.950584][ T30] audit: type=1800 audit(4294968393.247:13): pid=12292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3126" name="members" dev="configfs" ino=28120 res=0 errno=0 [ 230.821762][T12337] QAT: failed to copy from user cfg_data. [ 230.994588][T12349] kernel read not supported for file /\*)A (pid: 12349 comm: syz.0.3154) [ 231.013934][ T30] audit: type=1800 audit(4294968394.313:14): pid=12349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3154" name="\*)A" dev="mqueue" ino=27234 res=0 errno=0 [ 231.360798][T12368] rnbd_client L202: map_device: Unknown parameter or missing value '7' [ 231.981958][T12400] overlayfs: "check_copy_up" module option is obsolete [ 232.429697][T12425] writes to the poll attribute are ignored. [ 232.476669][T12425] please use driver specific parameters instead. [ 233.533413][T12492] block loop4: the capability attribute has been deprecated. [ 234.120894][T12525] ecryptfs_parse_packet_length: Five-byte packet length not supported [ 234.155420][T12525] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 234.612144][ T5835] Bluetooth: hci3: unexpected subevent 0x0c length: 118 > 5 [ 237.858494][T12703] : Can't lookup blockdev [ 238.906408][T12753] ima: policy update failed [ 238.911295][ T30] audit: type=1802 audit(4294968402.244:15): pid=12753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.3353" res=0 errno=0 [ 240.620700][T12846] Process accounting resumed [ 240.658386][ T30] audit: type=1326 audit(4294968404.003:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12851 comm="syz.1.3400" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f138b79c819 code=0x0 [ 241.675382][T12896] delete_channel: no stack [ 241.888145][ T5835] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 243.678488][T12986] GUP no longer grows the stack in syz.0.3461 (12986): 10000-411000 (0) [ 243.678822][T12986] CPU: 0 UID: 0 PID: 12986 Comm: syz.0.3461 Tainted: G U syzkaller #0 PREEMPT(full) [ 243.678872][T12986] Tainted: [U]=USER [ 243.678883][T12986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 243.678908][T12986] Call Trace: [ 243.678919][T12986] [ 243.678953][T12986] dump_stack_lvl+0x100/0x190 [ 243.679015][T12986] gup_vma_lookup.cold+0x83/0x96 [ 243.679067][T12986] __get_user_pages+0x241/0x34d0 [ 243.679120][T12986] ? down_read_killable+0x30e/0x4c0 [ 243.679169][T12986] ? __pfx___get_user_pages+0x10/0x10 [ 243.679225][T12986] __gup_longterm_locked+0x87d/0x16f0 [ 243.679269][T12986] ? is_bpf_text_address+0x8a/0x1a0 [ 243.679336][T12986] ? __pfx___gup_longterm_locked+0x10/0x10 [ 243.679387][T12986] ? find_held_lock+0x2b/0x80 [ 243.679420][T12986] ? gup_fast_fallback+0x7e5/0x2460 [ 243.679479][T12986] gup_fast_fallback+0x18c6/0x2460 [ 243.679549][T12986] ? __pfx_gup_fast_fallback+0x10/0x10 [ 243.679613][T12986] get_user_pages_fast+0xa7/0xf0 [ 243.679663][T12986] ? __pfx_get_user_pages_fast+0x10/0x10 [ 243.679728][T12986] get_futex_key+0x2c8/0x1620 [ 243.679778][T12986] ? __pfx_get_futex_key+0x10/0x10 [ 243.679826][T12986] ? kasan_save_track+0x14/0x30 [ 243.679864][T12986] ? __kasan_kmalloc+0xaa/0xb0 [ 243.679903][T12986] futex_lock_pi+0x1dc/0x7b0 [ 243.679970][T12986] ? __pfx_futex_lock_pi+0x10/0x10 [ 243.680032][T12986] ? tomoyo_path_number_perm+0x46d/0x580 [ 243.680089][T12986] ? find_held_lock+0x2b/0x80 [ 243.680136][T12986] ? tomoyo_path_number_perm+0x188/0x580 [ 243.680187][T12986] ? __pfx_futex_wake_mark+0x10/0x10 [ 243.680252][T12986] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 243.680292][T12986] ? __lock_acquire+0x4a5/0x2630 [ 243.680344][T12986] do_futex+0x18a/0x350 [ 243.680392][T12986] ? __pfx_do_futex+0x10/0x10 [ 243.680442][T12986] ? do_raw_spin_lock+0x128/0x260 [ 243.680501][T12986] __x64_sys_futex+0x34f/0x4d0 [ 243.680553][T12986] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 243.680612][T12986] ? __pfx___x64_sys_futex+0x10/0x10 [ 243.680664][T12986] ? kcov_ioctl+0x16a/0x720 [ 243.680709][T12986] do_syscall_64+0x106/0xf80 [ 243.680746][T12986] ? clear_bhb_loop+0x40/0x90 [ 243.680789][T12986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.680825][T12986] RIP: 0033:0x7f9ca059c819 [ 243.680853][T12986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 243.680886][T12986] RSP: 002b:00007f9ca14b9028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 243.680919][T12986] RAX: ffffffffffffffda RBX: 00007f9ca0816090 RCX: 00007f9ca059c819 [ 243.680942][T12986] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 243.680974][T12986] RBP: 00007f9ca0632c91 R08: 0000000000000000 R09: 0000000080000001 [ 243.680996][T12986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.681016][T12986] R13: 00007f9ca0816128 R14: 00007f9ca0816090 R15: 00007ffc773d1028 [ 243.681061][T12986] [ 246.280547][T13085] smpboot: CPU 1 is now offline [ 248.693440][ T30] audit: type=1806 audit(4294967304.644:17): res=-14 [ 253.042687][T13340] hub 1-0:1.0: USB hub found [ 253.070150][T13340] hub 1-0:1.0: 1 port detected [ 253.506404][T13353] random: crng reseeded on system resumption [ 253.873965][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 253.886770][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 254.445698][T13382] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff81b121fa (__mcheck_cpu_init_prepare_banks+0x18a/0x380) [ 254.461710][T13382] Call Trace: [ 254.465040][T13382] [ 254.467994][T13382] ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10 [ 254.474718][T13382] ? __pfx_debug_object_deactivate+0x10/0x10 [ 254.480744][T13382] mce_cpu_restart+0xd5/0x1f0 [ 254.485467][T13382] ? __pfx_mce_cpu_restart+0x10/0x10 [ 254.490788][T13382] smp_call_function_many_cond+0x11fc/0x1500 [ 254.496816][T13382] ? __pfx_mce_cpu_restart+0x10/0x10 [ 254.502178][T13382] ? mark_held_locks+0x40/0x70 [ 254.506996][T13382] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 254.512855][T13382] ? lockdep_hardirqs_on+0x78/0x100 [ 254.518118][T13382] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 254.524051][T13382] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 254.530422][T13382] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 254.536520][T13382] ? __timer_delete_sync+0x151/0x1c0 [ 254.541826][T13382] ? __pfx_mce_cpu_restart+0x10/0x10 [ 254.547153][T13382] on_each_cpu_cond_mask+0x40/0x90 [ 254.552318][T13382] set_bank+0x240/0x3a0 [ 254.556523][T13382] ? __pfx_set_bank+0x10/0x10 [ 254.561231][T13382] ? find_held_lock+0x2b/0x80 [ 254.565924][T13382] ? sysfs_file_kobj+0xe4/0x290 [ 254.570812][T13382] ? sysfs_file_kobj+0xe4/0x290 [ 254.575697][T13382] ? __pfx_set_bank+0x10/0x10 [ 254.580425][T13382] dev_attr_store+0x58/0x80 [ 254.584958][T13382] ? __pfx_dev_attr_store+0x10/0x10 [ 254.590195][T13382] sysfs_kf_write+0xf2/0x150 [ 254.594817][T13382] kernfs_fop_write_iter+0x3e0/0x5f0 [ 254.600139][T13382] ? __pfx_sysfs_kf_write+0x10/0x10 [ 254.605395][T13382] vfs_write+0x6ac/0x1070 [ 254.609763][T13382] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 254.615694][T13382] ? __pfx_vfs_write+0x10/0x10 [ 254.620517][T13382] ksys_write+0x12a/0x250 [ 254.624882][T13382] ? __pfx_ksys_write+0x10/0x10 [ 254.629790][T13382] do_syscall_64+0x106/0xf80 [ 254.634404][T13382] ? clear_bhb_loop+0x40/0x90 [ 254.639120][T13382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.645046][T13382] RIP: 0033:0x7f2d1e39c819 [ 254.649497][T13382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.669240][T13382] RSP: 002b:00007f2d1f1e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 254.677682][T13382] RAX: ffffffffffffffda RBX: 00007f2d1e615fa0 RCX: 00007f2d1e39c819 [ 254.685688][T13382] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 254.693676][T13382] RBP: 00007f2d1e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 254.701771][T13382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.709766][T13382] R13: 00007f2d1e616038 R14: 00007f2d1e615fa0 R15: 00007ffef456c508 [ 254.717780][T13382] [ 255.881815][T13410] Invalid ELF header magic: != ELF [ 258.927267][T13484] hub 1-0:1.0: USB hub found [ 258.961000][T13484] hub 1-0:1.0: 1 port detected [ 258.966135][T13487] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 259.219999][T13495] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 260.006884][T13518] block2mtd: device name too long [ 263.263414][T13609] delete_channel: no stack [ 263.722967][T13625] Invalid input. Must be >= 4608 [ 265.175251][T13662] usb usb2: usbfs: process 13662 (syz.3.3789) did not claim interface 4 before use [ 266.124645][T13698] usb usb13: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 266.223105][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.229475][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.113152][T13737] syz.1.3827 uses obsolete (PF_INET,SOCK_PACKET) [ 268.688007][T13799] batman_adv: Routing algorithm '7' is not supported [ 270.012043][T13842] QAT: failed to copy from user cfg_data. [ 270.660436][T13866] [U] ^Z [ 270.763677][T13867] Process accounting paused [ 272.376744][T13931] kAFS: Invalid Command on /proc/fs/afs/cells file [ 276.431601][T14078] zswap: compressor Zu~^8acu0|,aRrqP')ޱ`*]T]X؃(ۂTN>_r$z&[+x[DPxe?m3Qz not available [ 278.745772][T14158] sd 0:0:1:0: PR command failed: 1026 [ 278.766366][T14158] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 278.815394][T14158] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 279.901986][T14204] i2c i2c-0: delete_device: Can't find device in list [ 280.071707][T14210] QAT: Invalid ioctl 21531 [ 281.501594][T14266] usb usb35: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 281.543090][T14266] vhci_hcd vhci_hcd.1: SetHubDepth req not supported for USB 2.0 roothub [ 282.790568][T14316] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to -1. Contact your vendor for updates. [ 283.516572][T14343] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 283.844899][T14349] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 283.883666][T14349] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 285.516088][ T30] audit: type=1800 audit(4294967341.665:18): pid=14405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4135" name="lu_gp_id" dev="configfs" ino=34480 res=0 errno=0 [ 285.759181][ T5835] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 289.631958][T14567] i8042 aux 00:02: in use; can't configure [ 291.598670][T14641] sd 0:0:1:0: PR command failed: 1026 [ 291.628910][T14641] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 291.661780][T14641] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 294.010345][T14732] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 296.669953][T14811] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[14811] [ 298.135102][T14844] Malformed UNC in devname [ 298.135102][T14844] [ 298.141950][T14844] CIFS: VFS: Malformed UNC in devname [ 299.007664][T14864] program syz.2.4359 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 301.126207][T14903] Process accounting resumed [ 305.713276][ T30] audit: type=1800 audit(4294967361.960:19): pid=15051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4449" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 309.694684][T15182] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 310.121575][T15191] : Can't lookup blockdev [ 312.728873][T15257] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 313.023117][T15265] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 313.218531][T15270] ima: policy update failed [ 313.224171][ T30] audit: type=1802 audit(4294967369.509:20): pid=15270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4556" res=0 errno=0 [ 314.590258][T15314] queue_state_write: operation too long [ 314.596158][T15314] queue_state_write: use 'run', 'start' or 'kick' [ 314.643600][T15316] usb usb13: check_ctrlrecip: process 15316 (syz.2.4578) requesting ep 01 but needs 81 [ 314.702046][T15316] usb usb13: usbfs: process 15316 (syz.2.4578) did not claim interface 0 before use [ 316.269813][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.276275][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.456395][T15395] qrtr: Invalid version 0 [ 318.761497][T15446] bond0: invalid ARP target specified [ 321.445372][ T30] audit: type=1806 audit(4294967377.782:21): xattr="" res=-22 [ 321.909876][T15543] ceph: Failed to parse sending metrics switch value 'P^' [ 323.093219][T15565] ecryptfs_miscdev_write: Error while inspecting packet size [ 324.434364][T15605] i2c i2c-0: new_device: Missing parameters [ 324.519516][T15609] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 326.159585][T15658] sysfs_service_op_store: Client not running :-5: [ 327.010011][ T30] audit: type=1806 audit(4294967383.361:22): xattr="" res=-22 [ 330.088156][T15772] cougar: G6 mapped to F18 [ 330.717116][ T30] audit: type=1800 audit(4294967387.100:23): pid=15794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4772" name="discovery_nqn" dev="configfs" ino=38668 res=0 errno=0 [ 331.098684][T15796] Process accounting paused [ 331.909243][T15828] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 332.703781][T15852] program syz.3.4799 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 332.748192][T15852] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 333.511423][T15876] nfs4: Unknown parameter 'ECH];^YىZL`~^g ' [ 337.832539][ T30] audit: type=1400 audit(4294967394.247:24): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=16014 comm="syz.3.4879" [ 338.378027][T16034] block2mtd: illegal erase size [ 338.695793][T16045] i2c i2c-0: delete_device: Extra parameters [ 339.974094][T16097] kAFS: Invalid Command on /proc/fs/afs/cells file [ 341.616373][T16165] program syz.3.4953 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 342.683545][T16204] block2mtd: Using custom MTD label '' for dev [ 342.706847][T16204] block2mtd: error: cannot open device [ 344.036188][T16253] aoe: invalid device specification [ 347.651574][T16396] ICMPv6: process `syz.0.5068' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 349.528919][T16465] random: crng reseeded on system resumption [ 351.034782][T16522] block2mtd: parameter too long [ 351.263860][T16531] usb usb11: usbfs: interface 0 claimed by hub while 'syz.0.5134' sets config #7 [ 351.522685][ T30] audit: type=1804 audit(4294967408.008:25): pid=16539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.5138" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 356.744394][T16743] bond0: option slaves: interface -]=,Don?I|a CB does not exist! [ 358.726955][T16817] bond0: option mode: unable to set because the bond device is up [ 360.985002][T16904] Process accounting resumed [ 362.431526][T16960] [U] ^R [ 365.275869][T17066] nvme_fcloop: unknown parameter or missing value '7' [ 365.970504][T17097] Setting dangerous option i915.mitigations - tainting kernel [ 366.010452][T17097] Bad "i915.mitigations=CmâUQF\ ", 'CmâUQF\' is unknown [ 366.494095][T17116] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 367.281374][T17145] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 368.615965][T17198] synth uevent: /devices/virtual/net/gretap0: unknown uevent action string [ 368.654646][T17198] net gretap0: uevent: failed to send synthetic uevent: -22 [ 369.586648][T17237] misc userio: Invalid payload size [ 370.916279][T17284] kAFS: unparsable volume name [ 371.966902][T17318] synth uevent: /devices/virtual/net/gretap0: unknown uevent action string [ 372.006939][T17318] net gretap0: uevent: failed to send synthetic uevent: -22 [ 373.037848][T17362] vivid-007: ================= START STATUS ================= [ 373.069194][T17362] vivid-007: Generate PTS: true [ 373.097772][T17362] vivid-007: Generate SCR: true [ 373.121301][T17362] tpg source WxH: 320x240 (Y'CbCr) [ 373.151162][T17362] tpg field: 1 [ 373.176832][T17362] tpg crop: (0,0)/320x240 [ 373.198171][T17362] tpg compose: (0,0)/320x240 [ 373.234684][T17362] tpg colorspace: 8 [ 373.255330][T17362] tpg transfer function: 0/0 [ 373.283817][T17362] tpg Y'CbCr encoding: 0/0 [ 373.293925][T17362] tpg quantization: 0/0 [ 373.316332][T17362] tpg RGB range: 0/2 [ 373.335262][T17362] vivid-007: ================== END STATUS ================== [ 375.333691][ T30] audit: type=1800 audit(4294967431.942:26): pid=17438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5579" name="dbroot" dev="configfs" ino=43896 res=0 errno=0 [ 375.478378][T17443] vhci_hcd vhci_hcd.2: invalid port number 135 [ 375.502278][T17443] vhci_hcd vhci_hcd.2: invalid port number 135 [ 376.040476][T17463] hub 3-0:1.0: USB hub found [ 376.079253][T17463] hub 3-0:1.0: 1 port detected [ 376.148408][T17463] usb usb3: authorized to connect [ 376.279842][T17473] Setting dangerous option i915.mitigations - tainting kernel [ 376.287414][T17473] Bad "i915.mitigations=!CmâUQF\ ", 'CmâUQF\' is unknown [ 376.756953][ T30] audit: type=1800 audit(4294967433.370:27): pid=17489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5603" name="discovery_nqn" dev="configfs" ino=44049 res=0 errno=0 [ 377.392509][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.398986][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.497306][T17591] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 381.559834][T17663] random: crng reseeded on system resumption [ 382.734638][T17702] ACPI: Can not change Invalid GPE/Fixed Event status [ 383.636055][T17736] QAT: Device 250 not found [ 383.963802][T17746] bond0: invalid ARP target specified [ 384.239518][T17756] bond0: no command found in slaves file - use +ifname or -ifname [ 386.563399][T17828] ecryptfs_miscdev_write: Invalid packet size [192] [ 387.451530][ T5835] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 388.823620][T17903] random: crng reseeded on system resumption [ 389.482661][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 390.299622][T17951] block nbd0: NBD_DISCONNECT [ 391.123907][T17980] i2c i2c-0: delete_device: Can't parse I2C address [ 391.158580][T17974] Process accounting paused [ 391.554355][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 392.956756][T18039] kafs: addr_prefs: Invalid Command [ 393.627758][T18066] bond0: invalid ARP target specified [ 394.657445][T18101] kAFS: Invalid Command on /proc/fs/afs/cells file [ 395.933037][T18149] vhci_hcd vhci_hcd.1: invalid port number 14 [ 395.968968][T18149] vhci_hcd vhci_hcd.1: Wrong hub descriptor type for USB 3.0 roothub. [ 396.078497][T18155] random: crng reseeded on system resumption [ 396.156069][T18155] Restarting kernel threads ... [ 396.173672][T18155] Done restarting kernel threads. [ 396.475228][T18169] process 'syz.1.5918' launched '/dev/fd/3' with NULL argv: empty string added [ 396.649193][ T5144] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 397.619123][T18226] Line length is too long: Should be less than 4094 [ 398.712426][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 399.334713][T18297] kafs: addr_prefs: Too many elements in string [ 400.784971][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 402.999232][T18454] futex_wake_op: syz.1.6023 tries to shift op by -2048; fix this program [ 403.007922][T18454] futex_wake_op: syz.1.6023 tries to shift op by -2048; fix this program [ 404.184113][ T5835] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 405.440072][ T5835] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 406.193083][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout [ 407.468345][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout [ 407.618869][ T30] audit: type=1800 audit(4294967464.400:28): pid=18681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6098" name="members" dev="configfs" ino=47531 res=0 errno=0 [ 408.264899][T18571] Bluetooth: hci1: command 0x0c1a tx timeout [ 409.539206][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout [ 409.683761][T18752] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.898750][T18752] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 410.046460][T18752] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 410.214054][T18752] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 411.807948][ T30] audit: type=1800 audit(4294967468.612:29): pid=18836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6169" name="dbroot" dev="configfs" ino=48006 res=0 errno=0 [ 411.832947][T18836] db_root: cannot open: /dev/audio1 [ 411.864392][T18836] db_root: not a directory: /dev/audio1 [ 412.939987][T18817] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 413.188839][T18878] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 413.904927][T18903] < [ 413.970950][T18907] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 414.176276][T18914] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 414.485903][T18927] nvme_fcloop: unknown parameter or missing value '' [ 414.624280][T18931] : Can't lookup blockdev [ 415.664805][T18971] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 420.101807][T19161] QAT: failed to copy from user. [ 420.385553][T19172] bond0: invalid ARP target specified [ 420.628342][T19180] delete_channel: no stack [ 421.193756][T19197] Process accounting resumed [ 424.725361][T19351] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 424.843196][T19351] CIFS mount error: No usable UNC path provided in device string! [ 424.843196][T19351] [ 424.900430][T19351] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 426.277618][ T5835] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 426.277651][ T5835] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 426.294392][ T5835] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 429.489960][T19543] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 429.998793][T19559] scsi_mod.scan: string doesn't fit in 6 chars. [ 430.417210][T19566] zram: Added device: zram1 [ 431.017608][T19606] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 433.805389][T19685] warning: `syz.0.6526' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 435.519119][T19738] zram: Added device: zram2 [ 438.513428][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 438.519847][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 438.934132][T19862] usbip-vudc usbip-vudc.0: gadget not bound [ 440.490023][T19915] kfence: disabled [ 442.153420][T19991] delete_channel: no stack [ 445.642288][T20108] Scaler: ================= START STATUS ================= [ 445.679021][T20108] Scaler: ================== END STATUS ================== [ 446.823060][T20147] pci 0000:00:01.3: enabling device (0000 -> 0001) [ 446.907556][T20151] [U] 0="/ [ 446.926932][T20151] [U] [ 446.929768][T20151] [U] EeQ@ [ 446.959123][T20150] [U]  [ 447.001263][T20147] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 447.036479][T20147] pci 0000:00:01.3: PCI INT A: no GSI [ 447.577887][T20173] ptrace attach of "./syz-executor exec"[5825] was attempted by "./syz-executor exec"[20173] [ 448.641596][ T30] audit: type=1807 audit(4294967505.633:30): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 448.662424][T20216] ima: policy update failed [ 448.726083][ T30] audit: type=1802 audit(4294967505.664:31): pid=20220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.6762" res=0 errno=0 [ 448.831010][ T30] audit: type=1802 audit(4294967505.684:32): pid=20216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.6762" res=0 errno=0 [ 451.142171][T20310] Process accounting paused [ 451.971762][T20337] zswap: compressor Z(u not available [ 452.932944][T20384] vhci_hcd vhci_hcd.2: invalid port number 16 [ 452.959370][T20384] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 455.361438][T20472] ptp ptp0: only physical clock in use now [ 456.536807][T20520] QAT: failed to copy from user cfg_data. [ 457.290033][T20544] busy [ 458.585993][T20590] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 458.622222][T20593] cougar: G6 mapped to space [ 458.839012][T20600] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 461.341267][T20690] i2c i2c-0: new_device: Invalid device name [ 462.006539][ T5835] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 462.014290][ T5835] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 462.092017][T20722] kAFS: No cell specified [ 462.851942][T20761] usb usb3: usbfs: process 20761 (syz.3.7017) did not claim interface 0 before use [ 464.860858][T20836] usb usb15: usbfs: process 20836 (syz.1.7053) did not claim interface 0 before use [ 465.119979][T20844] vhci_hcd vhci_hcd.2: invalid port number 16 [ 465.140674][T20844] vhci_hcd vhci_hcd.2: invalid port number 16 [ 465.989602][T20880] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 467.016613][T20914] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 467.016613][T20914] M' is too long [ 467.071561][T20914] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 467.071561][T20914] W ' is too long [ 467.418675][T20929] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 468.450752][T20971] bond0: invalid ARP target specified [ 471.095947][T21076] CIFS mount error: No usable UNC path provided in device string! [ 471.095947][T21076] [ 471.161011][T21076] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 471.690413][T21098] : Can't lookup blockdev [ 474.379675][T21187] bond0: no command found in slaves file - use +ifname or -ifname [ 475.011817][ T5835] Bluetooth: hci2: Unexpected cc 0x7c89 with no status [ 477.663591][T21313] program syz.0.7268 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 478.271512][T21336] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 478.271813][T21333] ima: policy update failed [ 478.317003][ T30] audit: type=1802 audit(4294967535.458:33): pid=21333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.7278" res=0 errno=0 [ 479.161462][T21369] nvme_fcloop: unknown parameter or missing value '1' [ 480.771251][T21435] virtio-pci 0000:00:03.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 481.155993][T21442] Process accounting resumed [ 483.093163][T21524] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 486.674774][T21674] program syz.1.7439 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 487.022899][T21687] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 488.345380][T21738] ICMPv6: process `syz.1.7471' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 493.525919][ T30] audit: type=1800 audit(4294967550.737:34): pid=21900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.7547" name="sr0" dev="devtmpfs" ino=2819 res=0 errno=0 [ 493.944046][ T5897] Process accounting resumed [ 495.383991][T21956] bonding: no command found in bonding_masters - use +ifname or -ifname [ 497.008295][ T5835] Bluetooth: hci3: unexpected event 0x3e length: 0 < 1 [ 499.324141][T22064] random: crng reseeded on system resumption [ 499.637233][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.643621][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.339567][T22091] Debayer A: ================= START STATUS ================= [ 500.364668][T22091] Debayer A: Debayer Mean Window Size: 3 [ 500.402685][T22091] Debayer A: ================== END STATUS ================== [ 501.914735][T22137] bond0: invalid ARP target specified [ 502.119423][ T5835] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 502.119455][ T5835] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 502.135906][ T5835] Bluetooth: hci1: Dropping invalid advertising data [ 502.142780][ T5835] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 502.142814][ T5835] Bluetooth: hci1: unknown advertising packet type: 0x8b [ 502.150250][ T5835] Bluetooth: hci1: unknown advertising packet type: 0xee [ 504.408163][T22227] zram0: detected capacity change from 0 to 16 [ 505.436502][T22269] kafs: addr_prefs: Invalid Command [ 506.224865][T22304] i2c i2c-0: new_device: Can't parse I2C address [ 508.978068][T22413] syz.2.7793 (22413): drop_caches: 0 [ 511.083814][T22489] Process accounting paused [ 511.247682][T22500] vhci_hcd vhci_hcd.2: invalid port number 194 [ 511.281996][T22500] vhci_hcd vhci_hcd.2: invalid port number 194 [ 512.390376][T22559] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 512.400087][T22559] ep_00: uevent: failed to send synthetic uevent: -22 [ 515.762801][T22689] aoe: copy from user failed [ 515.767465][T22689] aoe: could not set interface list: too many interfaces [ 516.454826][T22718] program syz.1.7933 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 516.501115][T22718] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 517.757247][T22756] mmap: syz.0.7950 (22756) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 523.961780][T22965] capability: warning: `syz.2.8031' uses deprecated v2 capabilities in a way that may be insecure [ 524.570524][T22981] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 525.739014][T23016] __vm_enough_memory: pid: 23016, comm: syz.1.8054, bytes: 9223372036854775808 not enough memory for the allocation [ 526.717754][T23044] vhci_hcd: not connected 4 [ 527.024275][T23053] warning: `syz.1.8072' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 528.734102][T23101] bond0: Unable to set down delay as MII monitoring is disabled [ 529.334911][T23117] rnbd_client L213: map_device: Parameters missing [ 533.583771][T23274] netlink: 'syz.2.8171': attribute type 11 has an invalid length. [ 533.628420][T23274] netlink: 'syz.2.8171': attribute type 11 has an invalid length. [ 533.680092][T23274] netlink: 'syz.2.8171': attribute type 11 has an invalid length. [ 533.912962][T23285] netlink: 'syz.2.8176': attribute type 2 has an invalid length. [ 534.974176][T23320] FAULT_INJECTION: forcing a failure. [ 534.974176][T23320] name fail_futex, interval 1, probability 0, space 0, times 1 [ 534.974276][T23320] CPU: 0 UID: 0 PID: 23320 Comm: syz.1.8192 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 534.974317][T23320] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 534.974328][T23320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 534.974345][T23320] Call Trace: [ 534.974353][T23320] [ 534.974362][T23320] dump_stack_lvl+0x100/0x190 [ 534.974404][T23320] should_fail_ex.cold+0x5/0xa [ 534.974434][T23320] should_fail_futex+0x4c/0x60 [ 534.974465][T23320] futex_lock_pi_atomic+0xe7/0xaf0 [ 534.974511][T23320] futex_lock_pi+0x24f/0x7b0 [ 534.974553][T23320] ? __pfx_futex_lock_pi+0x10/0x10 [ 534.974594][T23320] ? __pfx___futex_wait+0x10/0x10 [ 534.974660][T23320] ? __pfx_futex_wake_mark+0x10/0x10 [ 534.974707][T23320] ? ksys_write+0x190/0x250 [ 534.974731][T23320] ? ksys_write+0x190/0x250 [ 534.974760][T23320] do_futex+0x18a/0x350 [ 534.974793][T23320] ? __pfx_do_futex+0x10/0x10 [ 534.974835][T23320] __x64_sys_futex+0x34f/0x4d0 [ 534.974873][T23320] ? __pfx___x64_sys_futex+0x10/0x10 [ 534.974919][T23320] do_syscall_64+0x106/0xf80 [ 534.974945][T23320] ? clear_bhb_loop+0x40/0x90 [ 534.974975][T23320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.975000][T23320] RIP: 0033:0x7f138b79c819 [ 534.975020][T23320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 534.975044][T23320] RSP: 002b:00007f138c57c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 534.975070][T23320] RAX: ffffffffffffffda RBX: 00007f138ba15fa0 RCX: 00007f138b79c819 [ 534.975087][T23320] RDX: 0000000000000007 RSI: 0000000000000006 RDI: 0000200000000040 [ 534.975106][T23320] RBP: 00007f138b832c91 R08: 0000000000000000 R09: 000000000000c687 [ 534.975121][T23320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.975136][T23320] R13: 00007f138ba16038 R14: 00007f138ba15fa0 R15: 00007ffcd686f1b8 [ 534.975172][T23320] [ 535.458168][T23334] ucma_write: process 4168 (syz.0.8199) changed security contexts after opening file descriptor, this is not allowed. [ 538.099500][T23424] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 538.357421][T23434] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 538.854342][T23451] sd 0:0:1:0: PR command failed: 1026 [ 538.882604][T23451] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 538.912393][T23451] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 540.059104][T23490] random: crng reseeded on system resumption [ 541.680677][T23542] netlink: 10 bytes leftover after parsing attributes in process `syz.1.8287'. [ 542.132124][T23553] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 543.321513][T23584] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8306'. [ 543.761610][T23593] ======================================================= [ 543.761610][T23593] WARNING: The mand mount option has been deprecated and [ 543.761610][T23593] and is ignored by this kernel. Remove the mand [ 543.761610][T23593] option from the mount to silence this warning. [ 543.761610][T23593] ======================================================= [ 544.775029][T23622] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 546.030360][T23440] Process accounting resumed [ 546.515894][T23679] Zero length message leads to an empty skb [ 546.651574][T23685] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 546.851514][T23690] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8356'. [ 547.179510][T23704] netlink: zone id is out of range [ 547.224589][T23704] netlink: zone id is out of range [ 547.234943][T23704] netlink: zone id is out of range [ 547.270972][T23704] netlink: zone id is out of range [ 547.305160][T23704] netlink: zone id is out of range [ 547.328680][T23704] netlink: zone id is out of range [ 547.361397][T23704] netlink: zone id is out of range [ 547.371617][T23704] netlink: zone id is out of range [ 547.407959][T23704] netlink: zone id is out of range [ 550.009118][T23820] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 550.266845][T22179] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 550.266875][T22179] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 550.281999][T22179] Bluetooth: hci3: Dropping invalid advertising data [ 550.288916][T22179] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 550.288945][T22179] Bluetooth: hci3: Dropping invalid advertising data [ 550.304471][T22179] Bluetooth: hci3: Malformed LE Event: 0x02 [ 552.363884][T23937] net_ratelimit: 49 callbacks suppressed [ 552.363904][T23937] openvswitch: netlink: Key type 261 is out of range max 32 [ 554.080871][T24015] netlink: 'syz.0.8470': attribute type 1 has an invalid length. [ 554.116091][T24015] netlink: 'syz.0.8470': attribute type 1 has an invalid length. [ 554.155966][T24015] netlink: 124 bytes leftover after parsing attributes in process `syz.0.8470'. [ 554.196776][T24015] netlink: 100 bytes leftover after parsing attributes in process `syz.0.8470'. [ 558.762947][T24145] NFSD: Failed to start, no listeners configured. [ 560.756639][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 560.765818][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 561.529989][T24237] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 561.817672][T24255] process 'syz.1.8574' launched '/dev/fd/0' with NULL argv: empty string added [ 563.246282][T24316] netlink: 'syz.1.8598': attribute type 1 has an invalid length. [ 564.754315][T22179] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 564.754347][T22179] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 564.770332][T22179] Bluetooth: hci0: Dropping invalid advertising data [ 564.777283][T22179] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 564.777315][T22179] Bluetooth: hci0: Dropping invalid advertising data [ 564.791405][T22179] Bluetooth: hci0: Malformed LE Event: 0x02 [ 565.899572][T24444] tipc: Started in network mode [ 565.921338][T24444] tipc: Node identity ee00, cluster identity 4711 [ 565.954718][T24444] tipc: Node number set to 60928 [ 566.709581][T24467] openvswitch: netlink: IPv4 tunnel dst address is zero [ 567.687588][T24489] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8660'. [ 567.738658][T24491] netlink: 29 bytes leftover after parsing attributes in process `syz.2.8660'. [ 569.601453][T24531] netlink: 342 bytes leftover after parsing attributes in process `syz.0.8678'. [ 570.270951][T24551] netlink: NAT attribute type 0 has unexpected length (4 != 0) [ 570.947700][T24572] queue_state_write: unsupported operation '' [ 570.953838][T24572] queue_state_write: use 'run', 'start' or 'kick' [ 571.380043][T24584] sctp: [Deprecated]: syz.3.8702 (pid 24584) Use of int in max_burst socket option deprecated. [ 571.380043][T24584] Use struct sctp_assoc_value instead [ 572.604961][T24620] FAULT_INJECTION: forcing a failure. [ 572.604961][T24620] name failslab, interval 1, probability 0, space 0, times 1 [ 572.660970][T24620] CPU: 0 UID: 0 PID: 24620 Comm: syz.0.8717 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 572.661026][T24620] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 572.661037][T24620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 572.661052][T24620] Call Trace: [ 572.661061][T24620] [ 572.661071][T24620] dump_stack_lvl+0x100/0x190 [ 572.661115][T24620] should_fail_ex.cold+0x5/0xa [ 572.661145][T24620] ? tomoyo_encode2+0xfb/0x3c0 [ 572.661179][T24620] should_failslab+0xc2/0x120 [ 572.661208][T24620] __kmalloc_noprof+0xe0/0x850 [ 572.661254][T24620] tomoyo_encode2+0xfb/0x3c0 [ 572.661294][T24620] tomoyo_encode+0x29/0x50 [ 572.661328][T24620] tomoyo_mount_acl+0x14c/0x8b0 [ 572.661361][T24620] ? is_bpf_text_address+0x8a/0x1a0 [ 572.661402][T24620] ? bpf_ksym_find+0x124/0x1c0 [ 572.661433][T24620] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 572.661463][T24620] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 572.661496][T24620] ? kernel_text_address+0x8d/0x100 [ 572.661536][T24620] ? unwind_get_return_address+0x59/0xa0 [ 572.661591][T24620] ? tomoyo_domain+0xb2/0x150 [ 572.661612][T24620] ? tomoyo_profile+0x47/0x60 [ 572.661655][T24620] tomoyo_mount_permission+0x214/0x460 [ 572.661689][T24620] ? tomoyo_mount_permission+0x1f6/0x460 [ 572.661725][T24620] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 572.661777][T24620] security_sb_mount+0xdd/0x270 [ 572.661807][T24620] path_mount+0x158/0x23d0 [ 572.661842][T24620] ? __pfx_path_mount+0x10/0x10 [ 572.661871][T24620] ? lockdep_hardirqs_on+0x78/0x100 [ 572.661900][T24620] ? putname+0xb1/0x110 [ 572.661926][T24620] ? kmem_cache_free+0x124/0x6a0 [ 572.661972][T24620] ? __x64_sys_mount+0x293/0x310 [ 572.662008][T24620] __x64_sys_mount+0x293/0x310 [ 572.662039][T24620] ? __pfx___x64_sys_mount+0x10/0x10 [ 572.662080][T24620] do_syscall_64+0x106/0xf80 [ 572.662106][T24620] ? clear_bhb_loop+0x40/0x90 [ 572.662137][T24620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.662162][T24620] RIP: 0033:0x7f9ca059c819 [ 572.662182][T24620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 572.662205][T24620] RSP: 002b:00007f9ca14da028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 572.662228][T24620] RAX: ffffffffffffffda RBX: 00007f9ca0815fa0 RCX: 00007f9ca059c819 [ 572.662244][T24620] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 572.662260][T24620] RBP: 00007f9ca0632c91 R08: 0000000000000000 R09: 0000000000000000 [ 572.662275][T24620] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 572.662294][T24620] R13: 00007f9ca0816038 R14: 00007f9ca0815fa0 R15: 00007ffc773d1028 [ 572.662325][T24620] [ 573.255935][T24633] openvswitch: netlink: Multiple metadata blocks provided [ 574.507389][T24692] netlink: 148 bytes leftover after parsing attributes in process `syz.3.8739'. [ 574.862661][T24706] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input39 [ 575.411066][T24727] random: crng reseeded on system resumption [ 575.512125][T24729] ima: policy update failed [ 575.542050][ T30] audit: type=1802 audit(4295033170.187:35): pid=24729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.8756" res=0 errno=0 [ 575.820115][T24740] Unable to find swap-space signature [ 576.500041][T24755] tc_dump_action: action bad kind [ 576.661582][T24741] Process accounting paused [ 576.841882][T24768] batman_adv: Routing algorithm '' is not supported [ 577.244452][T24782] FAULT_INJECTION: forcing a failure. [ 577.244452][T24782] name failslab, interval 1, probability 0, space 0, times 0 [ 577.304546][T24782] CPU: 0 UID: 0 PID: 24782 Comm: syz.3.8777 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 577.304601][T24782] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 577.304612][T24782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 577.304626][T24782] Call Trace: [ 577.304633][T24782] [ 577.304642][T24782] dump_stack_lvl+0x100/0x190 [ 577.304685][T24782] should_fail_ex.cold+0x5/0xa [ 577.304714][T24782] should_failslab+0xc2/0x120 [ 577.304742][T24782] __kmalloc_cache_noprof+0x7a/0x6f0 [ 577.304777][T24782] ? sctp_endpoint_new+0xfc/0xb20 [ 577.304810][T24782] sctp_endpoint_new+0xfc/0xb20 [ 577.304841][T24782] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 577.304867][T24782] ? lockdep_init_map_type+0x5c/0x250 [ 577.304904][T24782] ? lockdep_init_map_type+0x5c/0x250 [ 577.304938][T24782] ? lockdep_init_map_type+0x5c/0x250 [ 577.304972][T24782] ? lockdep_init_map_type+0x5c/0x250 [ 577.305011][T24782] sctp_init_sock+0xe2b/0x1300 [ 577.305036][T24782] ? __pfx_sctp_init_sock+0x10/0x10 [ 577.305062][T24782] inet_create+0x94c/0x1060 [ 577.305096][T24782] ? inet_create+0x94/0x1060 [ 577.305132][T24782] __sock_create+0x339/0x860 [ 577.305171][T24782] __sys_socket+0x14d/0x260 [ 577.305205][T24782] ? __pfx___sys_socket+0x10/0x10 [ 577.305247][T24782] __x64_sys_socket+0x72/0xb0 [ 577.305279][T24782] ? lockdep_hardirqs_on+0x78/0x100 [ 577.305306][T24782] do_syscall_64+0x106/0xf80 [ 577.305331][T24782] ? clear_bhb_loop+0x40/0x90 [ 577.305361][T24782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.305386][T24782] RIP: 0033:0x7f2d1e39c819 [ 577.305406][T24782] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 577.305429][T24782] RSP: 002b:00007f2d1f1e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 577.305453][T24782] RAX: ffffffffffffffda RBX: 00007f2d1e615fa0 RCX: 00007f2d1e39c819 [ 577.305469][T24782] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 577.305483][T24782] RBP: 00007f2d1e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 577.305497][T24782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 577.305511][T24782] R13: 00007f2d1e616038 R14: 00007f2d1e615fa0 R15: 00007ffef456c508 [ 577.305542][T24782] [ 578.394159][T24814] delete_channel: no stack [ 578.560924][T24819] openvswitch: netlink: IPv6 tunnel dst address is zero [ 579.474203][T24857] mmap: syz.0.8810 (24857): VmData 45879296 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 579.839284][T24867] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 581.310827][T24920] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 582.169608][T24956] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8851'. [ 582.911294][T24980] FAULT_INJECTION: forcing a failure. [ 582.911294][T24980] name failslab, interval 1, probability 0, space 0, times 0 [ 582.974374][T24982] FAULT_INJECTION: forcing a failure. [ 582.974374][T24982] name failslab, interval 1, probability 0, space 0, times 0 [ 583.002941][T24980] CPU: 0 UID: 0 PID: 24980 Comm: syz.0.8857 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 583.002991][T24980] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 583.003002][T24980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 583.003017][T24980] Call Trace: [ 583.003025][T24980] [ 583.003034][T24980] dump_stack_lvl+0x100/0x190 [ 583.003086][T24980] should_fail_ex.cold+0x5/0xa [ 583.003116][T24980] should_failslab+0xc2/0x120 [ 583.003145][T24980] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 583.003185][T24980] ? __d_alloc+0x34/0xa80 [ 583.003214][T24980] ? make_vfsgid+0xf1/0x140 [ 583.003255][T24980] __d_alloc+0x34/0xa80 [ 583.003282][T24980] ? bpf_lsm_inode_permission+0x9/0x10 [ 583.003325][T24980] d_alloc+0x4a/0x1e0 [ 583.003355][T24980] vfs_tmpfile+0x148/0x9a0 [ 583.003389][T24980] path_openat+0x164e/0x31a0 [ 583.003415][T24980] ? kasan_save_stack+0x3f/0x50 [ 583.003437][T24980] ? kasan_save_stack+0x30/0x50 [ 583.003458][T24980] ? __kasan_slab_alloc+0x89/0x90 [ 583.003482][T24980] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 583.003521][T24980] ? do_getname+0x35/0x390 [ 583.003554][T24980] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.003583][T24980] ? __pfx_path_openat+0x10/0x10 [ 583.003621][T24980] do_file_open+0x20e/0x430 [ 583.003650][T24980] ? __pfx_do_file_open+0x10/0x10 [ 583.003698][T24980] ? _raw_spin_unlock+0x28/0x50 [ 583.003743][T24980] ? alloc_fd+0x476/0x790 [ 583.003777][T24980] do_sys_openat2+0x10d/0x1e0 [ 583.003820][T24980] ? __pfx_do_sys_openat2+0x10/0x10 [ 583.003867][T24980] __x64_sys_open+0xfe/0x1d0 [ 583.003902][T24980] ? __pfx___x64_sys_open+0x10/0x10 [ 583.003948][T24980] do_syscall_64+0x106/0xf80 [ 583.003974][T24980] ? clear_bhb_loop+0x40/0x90 [ 583.004004][T24980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.004029][T24980] RIP: 0033:0x7f9ca059c819 [ 583.004049][T24980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 583.004073][T24980] RSP: 002b:00007f9ca14da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 583.004100][T24980] RAX: ffffffffffffffda RBX: 00007f9ca0815fa0 RCX: 00007f9ca059c819 [ 583.004116][T24980] RDX: 0000000000000408 RSI: 0000000000595002 RDI: 0000200000000100 [ 583.004132][T24980] RBP: 00007f9ca0632c91 R08: 0000000000000000 R09: 0000000000000000 [ 583.004146][T24980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.004161][T24980] R13: 00007f9ca0816038 R14: 00007f9ca0815fa0 R15: 00007ffc773d1028 [ 583.004192][T24980] [ 583.411266][T24982] CPU: 0 UID: 0 PID: 24982 Comm: syz.1.8858 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 583.411311][T24982] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 583.411323][T24982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 583.411337][T24982] Call Trace: [ 583.411345][T24982] [ 583.411354][T24982] dump_stack_lvl+0x100/0x190 [ 583.411397][T24982] should_fail_ex.cold+0x5/0xa [ 583.411426][T24982] should_failslab+0xc2/0x120 [ 583.411454][T24982] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 583.411495][T24982] ? __d_alloc+0x34/0xa80 [ 583.411522][T24982] ? lockdep_hardirqs_on+0x78/0x100 [ 583.411549][T24982] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 583.411587][T24982] __d_alloc+0x34/0xa80 [ 583.411619][T24982] d_alloc_pseudo+0x1c/0xc0 [ 583.411657][T24982] alloc_file_pseudo+0xcf/0x230 [ 583.411692][T24982] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 583.411724][T24982] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 583.411755][T24982] create_pipe_files+0x360/0x970 [ 583.411786][T24982] do_pipe2+0xbd/0x1e0 [ 583.411813][T24982] ? __pfx_do_pipe2+0x10/0x10 [ 583.411850][T24982] __x64_sys_pipe+0x33/0x50 [ 583.411877][T24982] do_syscall_64+0x106/0xf80 [ 583.411902][T24982] ? clear_bhb_loop+0x40/0x90 [ 583.411932][T24982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.411958][T24982] RIP: 0033:0x7f138b79c819 [ 583.411981][T24982] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 583.412004][T24982] RSP: 002b:00007f138c57c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 583.412027][T24982] RAX: ffffffffffffffda RBX: 00007f138ba15fa0 RCX: 00007f138b79c819 [ 583.412050][T24982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 583.412064][T24982] RBP: 00007f138b832c91 R08: 0000000000000000 R09: 0000000000000000 [ 583.412079][T24982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.412093][T24982] R13: 00007f138ba16038 R14: 00007f138ba15fa0 R15: 00007ffcd686f1b8 [ 583.412124][T24982] [ 583.880628][T24990] NFSD: Failed to start, no listeners configured. [ 585.252231][T25063] netlink: 'syz.1.8881': attribute type 9 has an invalid length. [ 585.524270][T25071] netlink: 'syz.1.8885': attribute type 1 has an invalid length. [ 585.563839][T25075] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 587.144180][T25127] dyndbg: expected <4096 bytes into control [ 588.621834][T22179] Bluetooth: hci3: unexpected subevent 0x18 length: 123 > 19 [ 588.629645][T22179] Bluetooth: hci3: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 588.700814][T25181] netlink: 'syz.0.8937': attribute type 1 has an invalid length. [ 589.473393][T25203] IPVS: length: 131 != 8 [ 591.124740][T25276] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 591.394628][T25281] netlink: 'syz.3.8974': attribute type 1 has an invalid length. [ 591.432624][T25281] nbd: error processing sock list [ 594.643955][T25375] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 594.783785][T25377] netlink: 'syz.2.9006': attribute type 1 has an invalid length. [ 594.791569][T25377] nbd: error processing sock list [ 595.223954][T25392] netlink: 'syz.0.9015': attribute type 11 has an invalid length. [ 595.332321][T25398] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 595.588556][T25404] FAULT_INJECTION: forcing a failure. [ 595.588556][T25404] name failslab, interval 1, probability 0, space 0, times 0 [ 595.646882][T25404] CPU: 0 UID: 0 PID: 25404 Comm: syz.3.9020 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 595.646927][T25404] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 595.646939][T25404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 595.646953][T25404] Call Trace: [ 595.646961][T25404] [ 595.646969][T25404] dump_stack_lvl+0x100/0x190 [ 595.647012][T25404] should_fail_ex.cold+0x5/0xa [ 595.647054][T25404] should_failslab+0xc2/0x120 [ 595.647082][T25404] __kvmalloc_node_noprof+0xfa/0xa00 [ 595.647106][T25404] ? io_alloc_cache_init+0x38/0x170 [ 595.647133][T25404] ? lockdep_init_map_type+0x5c/0x250 [ 595.647177][T25404] io_alloc_cache_init+0x38/0x170 [ 595.647206][T25404] io_uring_setup.cold+0x3cd/0x1d79 [ 595.647245][T25404] ? ksys_write+0x190/0x250 [ 595.647271][T25404] ? __pfx_io_uring_setup+0x10/0x10 [ 595.647311][T25404] ? do_futex+0x192/0x350 [ 595.647345][T25404] ? __pfx_do_futex+0x10/0x10 [ 595.647392][T25404] ? xfd_validate_state+0x129/0x190 [ 595.647437][T25404] __x64_sys_io_uring_setup+0xc2/0x170 [ 595.647481][T25404] do_syscall_64+0x106/0xf80 [ 595.647508][T25404] ? clear_bhb_loop+0x40/0x90 [ 595.647538][T25404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.647563][T25404] RIP: 0033:0x7f2d1e39c819 [ 595.647583][T25404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 595.647606][T25404] RSP: 002b:00007f2d1f1e0028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 595.647629][T25404] RAX: ffffffffffffffda RBX: 00007f2d1e615fa0 RCX: 00007f2d1e39c819 [ 595.647646][T25404] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 595.647660][T25404] RBP: 00007f2d1e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 595.647675][T25404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.647689][T25404] R13: 00007f2d1e616038 R14: 00007f2d1e615fa0 R15: 00007ffef456c508 [ 595.647720][T25404] [ 597.139621][T25434] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 597.337820][T25441] program syz.2.9037 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 597.988369][T25479] netlink: 'syz.2.9045': attribute type 1 has an invalid length. [ 598.225990][T25481] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 598.771872][T25498] netlink: 'syz.2.9053': attribute type 11 has an invalid length. [ 600.563232][T25561] netlink: 'syz.0.9081': attribute type 1 has an invalid length. [ 601.100440][T25583] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 602.121965][T25609] NFSD: Failed to start, no listeners configured. [ 602.208634][T25619] openvswitch: netlink: Key type 29 is not supported [ 602.362178][T25622] .^: entered promiscuous mode [ 602.645154][T25579] kexec: Could not allocate control_code_buffer [ 603.765734][T25673] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 603.799131][T25675] netlink: Invalid conntrack helper [ 604.044074][T25686] netlink: zone id is out of range [ 604.073479][T25686] netlink: zone id is out of range [ 604.101752][T25686] netlink: zone id is out of range [ 604.128489][T25686] netlink: zone id is out of range [ 604.146051][T25686] netlink: zone id is out of range [ 604.173031][T25686] netlink: zone id is out of range [ 604.195975][T25686] netlink: zone id is out of range [ 606.404986][T25786] nbd: couldn't find device at index 33904 [ 606.422218][T25788] netlink: 'syz.2.9175': attribute type 23 has an invalid length. [ 606.574734][T25792] ksmbd: Unknown IPC event: 14, ignore. [ 606.665997][T25792] Process accounting resumed [ 606.782833][T25798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 606.832355][T25798] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 606.870750][T25804] netlink: 'syz.1.9182': attribute type 1 has an invalid length. [ 607.128327][T25814] netlink: 'syz.1.9187': attribute type 1 has an invalid length. [ 609.427038][T25930] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9219'. [ 609.952174][T25947] net_ratelimit: 6 callbacks suppressed [ 609.952194][T25947] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 610.226532][T25958] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 611.224291][T25995] openvswitch: netlink: IP tunnel TTL not specified. [ 611.241795][T25994] netlink: 'syz.1.9249': attribute type 2 has an invalid length. [ 611.331965][T25999] netlink: 'syz.0.9251': attribute type 1 has an invalid length. [ 611.798922][T26014] tc_dump_action: action bad kind [ 612.569595][T26043] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 614.483348][T26115] openvswitch: netlink: Duplicate or invalid key (type 0). [ 614.606025][T26119] netlink: 'syz.3.9307': attribute type 4 has an invalid length. [ 614.650548][T26119] netlink: 'syz.3.9307': attribute type 1 has an invalid length. [ 614.762323][T26125] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 616.274694][T26121] kexec: Could not allocate control_code_buffer [ 617.020135][T26198] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 618.577372][T26194] kexec: Could not allocate control_code_buffer [ 619.413481][T26267] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 621.125059][T26266] kexec: Could not allocate control_code_buffer [ 621.496530][T26346] binder: 26345:26346 ioctl c0306201 0 returned -14 [ 621.562699][T26348] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 621.885102][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 621.894761][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 622.797620][T26392] FAULT_INJECTION: forcing a failure. [ 622.797620][T26392] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 622.856148][T26392] CPU: 0 UID: 0 PID: 26392 Comm: syz.0.9425 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 622.856203][T26392] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 622.856215][T26392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 622.856230][T26392] Call Trace: [ 622.856238][T26392] [ 622.856247][T26392] dump_stack_lvl+0x100/0x190 [ 622.856290][T26392] should_fail_ex.cold+0x5/0xa [ 622.856320][T26392] core_sys_select+0x938/0xbb0 [ 622.856351][T26392] ? __pfx_core_sys_select+0x10/0x10 [ 622.856405][T26392] ? ktime_get_ts64+0x2d2/0x3f0 [ 622.856434][T26392] ? read_tsc+0x9/0x20 [ 622.856462][T26392] ? ktime_get_ts64+0x256/0x3f0 [ 622.856494][T26392] kern_select+0x20c/0x270 [ 622.856520][T26392] ? __pfx_kern_select+0x10/0x10 [ 622.856554][T26392] __x64_sys_select+0xbd/0x160 [ 622.856585][T26392] ? do_syscall_64+0x95/0xf80 [ 622.856612][T26392] ? lockdep_hardirqs_on+0x78/0x100 [ 622.856639][T26392] do_syscall_64+0x106/0xf80 [ 622.856664][T26392] ? clear_bhb_loop+0x40/0x90 [ 622.856695][T26392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.856727][T26392] RIP: 0033:0x7f9ca059c819 [ 622.856747][T26392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 622.856770][T26392] RSP: 002b:00007f9ca14da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 622.856796][T26392] RAX: ffffffffffffffda RBX: 00007f9ca0815fa0 RCX: 00007f9ca059c819 [ 622.856812][T26392] RDX: 0000200000000100 RSI: 0000200000000080 RDI: 0000000000000001 [ 622.856827][T26392] RBP: 00007f9ca0632c91 R08: 0000200000000200 R09: 0000000000000000 [ 622.856842][T26392] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 622.856857][T26392] R13: 00007f9ca0816038 R14: 00007f9ca0815fa0 R15: 00007ffc773d1028 [ 622.856887][T26392] [ 623.498934][T26427] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 625.303551][T26505] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 626.642847][T26565] syz.1.9474 (26565) used greatest stack depth: 19672 bytes left [ 627.443159][T26596] delete_channel: no stack [ 627.830354][T26614] openvswitch: netlink: IP tunnel dst address not specified [ 630.217939][T26719] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 630.965815][T26747] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 633.379330][T26836] FAULT_INJECTION: forcing a failure. [ 633.379330][T26836] name failslab, interval 1, probability 0, space 0, times 0 [ 633.436379][T26836] CPU: 0 UID: 0 PID: 26836 Comm: syz.1.9593 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 633.436426][T26836] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 633.436437][T26836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 633.436451][T26836] Call Trace: [ 633.436459][T26836] [ 633.436468][T26836] dump_stack_lvl+0x100/0x190 [ 633.436512][T26836] should_fail_ex.cold+0x5/0xa [ 633.436541][T26836] should_failslab+0xc2/0x120 [ 633.436569][T26836] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 633.436610][T26836] ? __d_alloc+0x34/0xa80 [ 633.436645][T26836] __d_alloc+0x34/0xa80 [ 633.436672][T26836] ? new_inode+0x15a/0x1c0 [ 633.436709][T26836] d_alloc_pseudo+0x1c/0xc0 [ 633.436746][T26836] alloc_file_pseudo+0xcf/0x230 [ 633.436781][T26836] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 633.436827][T26836] ? hugetlbfs_get_inode+0x36e/0x750 [ 633.436860][T26836] hugetlb_file_setup+0x2a8/0x5b0 [ 633.436893][T26836] ksys_mmap_pgoff+0x232/0x650 [ 633.436919][T26836] ? __UNIQUE_ID_modinfo_711+0x63e0845f/0xffffffffffec9d5f [ 633.436950][T26836] ? __x64_sys_futex+0x358/0x4d0 [ 633.436985][T26836] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 633.437014][T26836] ? xfd_validate_state+0x129/0x190 [ 633.437057][T26836] __x64_sys_mmap+0x125/0x190 [ 633.437094][T26836] ? __UNIQUE_ID_modinfo_711+0x63e0845f/0xffffffffffec9d5f [ 633.437126][T26836] do_syscall_64+0x106/0xf80 [ 633.437152][T26836] ? clear_bhb_loop+0x40/0x90 [ 633.437182][T26836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.437207][T26836] RIP: 0033:0x7f138b79c819 [ 633.437226][T26836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 633.437250][T26836] RSP: 002b:00007f138c57c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 633.437273][T26836] RAX: ffffffffffffffda RBX: 00007f138ba15fa0 RCX: 00007f138b79c819 [ 633.437289][T26836] RDX: 0000000000000002 RSI: 0000000000000005 RDI: ffffffffff600700 [ 633.437304][T26836] RBP: 00007f138b832c91 R08: 0000000000000401 R09: 0000300000000000 [ 633.437319][T26836] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 633.437334][T26836] R13: 00007f138ba16038 R14: 00007f138ba15fa0 R15: 00007ffcd686f1b8 [ 633.437359][T26836] ? __UNIQUE_ID_modinfo_711+0x63e0845f/0xffffffffffec9d5f [ 633.437392][T26836] [ 634.431144][T26865] NFSD: Failed to start, no listeners configured. [ 635.407507][T26909] openvswitch: netlink: Key 15 has unexpected len 16 expected 4 [ 635.725474][T26917] netlink: 'syz.2.9628': attribute type 11 has an invalid length. [ 635.761101][T26917] netlink: 'syz.2.9628': attribute type 11 has an invalid length. [ 635.795531][T26917] netlink: 'syz.2.9628': attribute type 11 has an invalid length. [ 636.435379][T26948] netlink: zone id is out of range [ 636.649617][T26955] netlink: 'syz.3.9641': attribute type 2 has an invalid length. [ 636.722772][T26956] Process accounting paused [ 637.444456][T26984] nbd: illegal input index 37139 [ 637.456375][T26986] syz.1.9656 uses obsolete (PF_INET,SOCK_PACKET) [ 638.522758][T27023] netlink: 'syz.2.9674': attribute type 1 has an invalid length. [ 639.254014][T27050] ptrace attach of "./syz-executor exec"[5825] was attempted by ""[27050] [ 639.853976][ T30] audit: type=1326 audit(4295033234.842:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27070 comm="syz.0.9697" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9ca059c819 code=0x0 [ 640.255921][T27082] netlink: 'syz.3.9703': attribute type 11 has an invalid length. [ 640.291724][T27082] netlink: 'syz.3.9703': attribute type 11 has an invalid length. [ 640.320607][T27082] netlink: 'syz.3.9703': attribute type 11 has an invalid length. [ 643.330636][T27178] delete_channel: no stack [ 643.717308][T27191] capability: warning: `syz.0.9752' uses 32-bit capabilities (legacy support in use) [ 644.181643][T27208] openvswitch: netlink: IP tunnel dst address not specified [ 645.475648][T27252] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 645.847592][T27264] openvswitch: netlink: Message has 4 unknown bytes. [ 646.119211][T27276] netlink: 'syz.3.9795': attribute type 11 has an invalid length. [ 646.160970][T27276] netlink: 'syz.3.9795': attribute type 11 has an invalid length. [ 646.197266][T27276] netlink: 'syz.3.9795': attribute type 11 has an invalid length. [ 647.860955][T27330] netlink: 'syz.2.9818': attribute type 1 has an invalid length. [ 650.457290][T27410] nfsd: Unknown parameter '' [ 650.909076][T27427] netlink: ct family unspecified [ 650.941128][T27428] openvswitch: netlink: IP tunnel dst address not specified [ 650.999152][ T30] audit: type=1107 audit(4295033246.029:37): pid=27429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 651.058887][ T30] audit: type=1107 audit(4295033246.039:38): pid=27429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 651.245923][T27440] sctp: [Deprecated]: syz.1.9873 (pid 27440) Use of struct sctp_assoc_value in delayed_ack socket option. [ 651.245923][T27440] Use struct sctp_sack_info instead [ 651.395262][T27444] netlink: Invalid conntrack timeout [ 653.269235][ T30] audit: type=1800 audit(4295033248.331:39): pid=27501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="dbroot" dev="configfs" ino=74478 res=0 errno=0 [ 655.238198][T27585] nbd: couldn't find a device at index 35644 [ 657.030920][T27664] HSR: entered promiscuous mode [ 658.593727][T27716] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9984'. [ 658.960860][T27726] No such timeout policy "" [ 659.000385][T27726] netlink: Failed to associated timeout policy '' [ 659.480348][T27740] netlink: NAT attribute has 4 unknown bytes [ 661.030089][T27803] netlink: set zone limit has 8 unknown bytes [ 662.986012][T27879] openvswitch: netlink: IP tunnel dst address not specified [ 664.539299][T27940] netlink: 'syz.1.10081': attribute type 11 has an invalid length. [ 664.547270][T27940] netlink: 'syz.1.10081': attribute type 11 has an invalid length. [ 664.603478][T27940] netlink: 'syz.1.10081': attribute type 11 has an invalid length. [ 664.640529][T27940] netlink: 'syz.1.10081': attribute type 11 has an invalid length. [ 666.108952][T28001] random: crng reseeded on system resumption [ 666.452203][T28013] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10116'. [ 666.634318][T28016] Process accounting resumed [ 666.890031][T28030] netlink: 338 bytes leftover after parsing attributes in process `syz.2.10123'. [ 666.932749][T28030] netlink: 338 bytes leftover after parsing attributes in process `syz.2.10123'. [ 668.275993][T28078] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 668.911999][T28100] netlink: 'syz.2.10154': attribute type 2 has an invalid length. [ 668.946425][T28100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10154'. [ 670.001369][T28148] FAULT_INJECTION: forcing a failure. [ 670.001369][T28148] name failslab, interval 1, probability 0, space 0, times 0 [ 670.070687][T28148] CPU: 0 UID: 0 PID: 28148 Comm: syz.0.10167 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 670.070732][T28148] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 670.070744][T28148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 670.070758][T28148] Call Trace: [ 670.070766][T28148] [ 670.070775][T28148] dump_stack_lvl+0x100/0x190 [ 670.070819][T28148] should_fail_ex.cold+0x5/0xa [ 670.070848][T28148] should_failslab+0xc2/0x120 [ 670.070876][T28148] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 670.070915][T28148] ? alloc_empty_file+0x55/0x1c0 [ 670.070954][T28148] alloc_empty_file+0x55/0x1c0 [ 670.070987][T28148] alloc_file_pseudo+0x13a/0x230 [ 670.071022][T28148] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 670.071054][T28148] ? alloc_fd+0x476/0x790 [ 670.071081][T28148] ? do_raw_spin_unlock+0x145/0x1e0 [ 670.071124][T28148] __anon_inode_getfile+0xe8/0x280 [ 670.071159][T28148] anon_inode_getfile_fmode+0x37/0xa0 [ 670.071193][T28148] __do_sys_fanotify_init+0xa79/0xe50 [ 670.071238][T28148] do_syscall_64+0x106/0xf80 [ 670.071264][T28148] ? clear_bhb_loop+0x40/0x90 [ 670.071294][T28148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.071319][T28148] RIP: 0033:0x7f9ca059c819 [ 670.071339][T28148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 670.071362][T28148] RSP: 002b:00007f9ca14da028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 670.071386][T28148] RAX: ffffffffffffffda RBX: 00007f9ca0815fa0 RCX: 00007f9ca059c819 [ 670.071402][T28148] RDX: 0000000000000000 RSI: 0002010000000000 RDI: 0000000000000200 [ 670.071417][T28148] RBP: 00007f9ca0632c91 R08: 0000000000000000 R09: 0000000000000000 [ 670.071431][T28148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 670.071446][T28148] R13: 00007f9ca0816038 R14: 00007f9ca0815fa0 R15: 00007ffc773d1028 [ 670.071476][T28148] [ 670.323143][T28152] nbd: illegal input index -1073741824 [ 671.549317][T28188] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 673.777347][T28271] netlink: ct_mark mask cannot be 0 [ 674.007874][T28278] netlink: 'syz.0.10217': attribute type 1 has an invalid length. [ 676.514263][T28347] HfR: entered promiscuous mode [ 676.526812][T28349] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 676.535018][T28349] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 678.105441][T28397] openvswitch: HfR: Dropping previously announced user features [ 678.546590][T28410] netlink: 'syz.0.10282': attribute type 11 has an invalid length. [ 678.834288][T22179] Bluetooth: hci3: ACL packet too small [ 679.035649][T28428] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 680.110241][T28464] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 680.116990][T28464] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 682.288651][T28538] netlink: NAT attribute has 18 unknown bytes [ 683.004295][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 683.010893][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 683.156999][T28575] smc: net device dummy0 erased user defined pnetid DUMMY0 [ 683.492192][T28588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10370'. [ 684.004420][T28606] nbd: must specify a size in bytes for the device [ 685.097920][T22179] Bluetooth: hci2: unexpected event 0x36 length: 123 > 7 [ 687.164373][T28724] bond0: option lp_interval: invalid value () [ 687.221201][T28724] bond0: option lp_interval: allowed values 1 - 2147483647 [ 689.886929][T28824] netlink: 'syz.0.10485': attribute type 1 has an invalid length. [ 690.520067][T28844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10495'. [ 691.914615][T28890] &#$@\]\-: entered promiscuous mode [ 693.459823][T22179] Bluetooth: hci2: SCO packet too small [ 693.662000][T28957] openvswitch: netlink: Flow actions attr not present in new flow. [ 694.367061][T28984] openvswitch: netlink: Missing valid actions attribute. [ 696.569106][T29056] netlink: 'syz.0.10591': attribute type 2 has an invalid length. [ 696.679081][T29056] Process accounting paused [ 698.114883][T29115] program syz.1.10620 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 699.318743][T29157] openvswitch: netlink: Duplicate key (type 15). [ 700.142824][T29190] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 700.531214][T29200] FAULT_INJECTION: forcing a failure. [ 700.531214][T29200] name failslab, interval 1, probability 0, space 0, times 0 [ 700.591786][T29200] CPU: 0 UID: 0 PID: 29200 Comm: syz.1.10661 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 700.591843][T29200] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 700.591855][T29200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 700.591869][T29200] Call Trace: [ 700.591877][T29200] [ 700.591886][T29200] dump_stack_lvl+0x100/0x190 [ 700.591929][T29200] should_fail_ex.cold+0x5/0xa [ 700.591959][T29200] should_failslab+0xc2/0x120 [ 700.591991][T29200] __kmalloc_node_noprof+0xe6/0x850 [ 700.592031][T29200] ? get_callchain_buffers+0x1e5/0x380 [ 700.592071][T29200] get_callchain_buffers+0x1e5/0x380 [ 700.592144][T29200] ? security_capable+0x80/0x260 [ 700.592171][T29200] stack_map_alloc+0x316/0x610 [ 700.592202][T29200] ? __pfx_stack_map_mem_usage+0x10/0x10 [ 700.592233][T29200] map_create+0x84e/0x2ba0 [ 700.592256][T29200] ? futex_unqueue+0x13d/0x2c0 [ 700.592297][T29200] ? __futex_wait+0x256/0x300 [ 700.592344][T29200] ? __pfx_map_create+0x10/0x10 [ 700.592373][T29200] ? __might_fault+0xc5/0x140 [ 700.592410][T29200] ? __might_fault+0xc5/0x140 [ 700.592459][T29200] __sys_bpf+0x2091/0x4b90 [ 700.592492][T29200] ? __pfx___sys_bpf+0x10/0x10 [ 700.592522][T29200] ? __pfx_futex_wait+0x10/0x10 [ 700.592568][T29200] ? ksys_write+0x190/0x250 [ 700.592599][T29200] ? do_futex+0x192/0x350 [ 700.592649][T29200] ? xfd_validate_state+0x129/0x190 [ 700.592694][T29200] __x64_sys_bpf+0x7b/0xc0 [ 700.592724][T29200] ? lockdep_hardirqs_on+0x78/0x100 [ 700.592751][T29200] do_syscall_64+0x106/0xf80 [ 700.592777][T29200] ? clear_bhb_loop+0x40/0x90 [ 700.592808][T29200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 700.592834][T29200] RIP: 0033:0x7f138b79c819 [ 700.592853][T29200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 700.592877][T29200] RSP: 002b:00007f138c57c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 700.592899][T29200] RAX: ffffffffffffffda RBX: 00007f138ba15fa0 RCX: 00007f138b79c819 [ 700.592915][T29200] RDX: 00000000000006f4 RSI: 0000200000000580 RDI: 0000000000000000 [ 700.592930][T29200] RBP: 00007f138b832c91 R08: 0000000000000000 R09: 0000000000000000 [ 700.592945][T29200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 700.592959][T29200] R13: 00007f138ba16038 R14: 00007f138ba15fa0 R15: 00007ffcd686f1b8 [ 700.592990][T29200] [ 701.058213][T29210] block nbd2: not configured, cannot reconfigure [ 703.883070][T29295] netlink: 'syz.3.10705': attribute type 11 has an invalid length. [ 703.928690][T29295] netlink: 'syz.3.10705': attribute type 11 has an invalid length. [ 703.972864][T29295] netlink: 'syz.3.10705': attribute type 11 has an invalid length. [ 709.603897][T29434] delete_channel: no stack [ 710.063403][T29443] netlink: 3 bytes leftover after parsing attributes in process `syz.0.10773'. [ 710.612382][T29461] nfs: Unknown parameter 'nl802154' [ 713.922020][T29551] nfs: Unknown parameter 'm?LH>「^eko}* ' [ 714.798110][T29586] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 260 [ 722.774603][T22179] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 722.795235][T22179] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 722.795269][T22179] Bluetooth: hci1: adv larger than maximum supported [ 722.803286][T22179] Bluetooth: hci1: adv larger than maximum supported [ 722.810293][T22179] Bluetooth: hci1: adv larger than maximum supported [ 722.817115][T22179] Bluetooth: hci1: Malformed LE Event: 0x0d [ 724.094636][T29881] netlink: 'syz.2.10960': attribute type 3 has an invalid length. [ 726.575594][T29945] Process accounting resumed [ 726.960935][T29959] netlink: 'syz.1.10995': attribute type 1 has an invalid length. [ 727.703273][T29987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11005'. [ 727.967173][T30008] netlink: 'syz.3.11007': attribute type 3 has an invalid length. [ 730.199332][T30069] netlink: 'syz.2.11038': attribute type 2 has an invalid length. [ 730.319174][T30071] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11037'. [ 730.994179][T30086] netlink: 'syz.3.11045': attribute type 2 has an invalid length. [ 731.538276][T30094] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 732.835085][T30123] netlink: 206 bytes leftover after parsing attributes in process `syz.2.11063'. [ 733.221303][T30131] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 733.799387][T30143] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11073'. [ 734.491131][T22179] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 734.491164][T22179] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 734.507018][T22179] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 734.507072][T22179] Bluetooth: hci3: Malformed LE Event: 0x0d [ 735.909264][T30201] syz.3.11100 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 736.139080][T30206] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11102'. [ 736.923043][T30227] openvswitch: netlink: Message has 20 unknown bytes. [ 739.047147][T30306] netlink: Setting conntrack mark requires 'commit' flag. [ 739.182309][T30310] netlink: 'syz.1.11139': attribute type 2 has an invalid length. [ 741.576446][T30373] ptrace attach of "./syz-executor exec"[5826] was attempted by ""[30373] [ 741.754715][T30375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11173'. [ 744.120795][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 744.127295][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.006370][T30510] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input40 [ 751.887348][T30656] ptrace attach of "./syz-executor exec"[5824] was attempted by "S]\x0d(Mc\x0b3gQ!|Ĺւ,_JNs/aAQ\x09'&@H8\x09B;^?gr&\x1b9{&F9j\x0aXn97_&gAc\x0cxP\x0bJ\x22̼EzP8[\x0a[!eդAswΥ5˦unN%.yƝY}:UiÑ\x5c6cAU_LHt5Hvcּ.AlVVfT@4G}%]q2_l?U#fv9͉|CҶA89t5g&\x09o-U$!&>|!)VWAPtrOY1a!D;\x07\x1b܉FhPp]mC9:9S Ҏ̯t7mb߇M&$\x1by\x0c.6`Hָ\x09͞ضKԫWUXI\x5cevU3fp)t ɨS\x0dPg 3ʵtP;LSJi9$^i[Hd6u?&J'gdT_NsĖIF~l9\x0d#5/]W+#2]}MǦ@\x5c'D9%'Mz?_y0I\x07p.ih3dNMLݗ0mZ![;o\x5cmSkN,|.0lC]D\x0dz2Lz1y:12νD4=EIƌ55UtF ɘr~_krc\x07YN`WhC\x07Esg*.ڷ*>$~gk\x0c [ 752.480661][T22179] Bluetooth: hci1: Malformed Event: 0x13 [ 752.876318][T30690] NFSD: Failed to start, no listeners configured. [ 753.783880][T30722] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11314'. [ 753.950311][T30729] FAULT_INJECTION: forcing a failure. [ 753.950311][T30729] name failslab, interval 1, probability 0, space 0, times 0 [ 754.019974][T30729] CPU: 0 UID: 0 PID: 30729 Comm: syz.0.11318 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 754.020028][T30729] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 754.020040][T30729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 754.020056][T30729] Call Trace: [ 754.020064][T30729] [ 754.020074][T30729] dump_stack_lvl+0x100/0x190 [ 754.020119][T30729] should_fail_ex.cold+0x5/0xa [ 754.020148][T30729] ? sk_prot_alloc+0x10b/0x2a0 [ 754.020176][T30729] should_failslab+0xc2/0x120 [ 754.020205][T30729] __kmalloc_noprof+0xe0/0x850 [ 754.020252][T30729] sk_prot_alloc+0x10b/0x2a0 [ 754.020284][T30729] sk_alloc+0x36/0xe80 [ 754.020323][T30729] packet_create+0x127/0x8e0 [ 754.020359][T30729] __sock_create+0x339/0x860 [ 754.020397][T30729] __sys_socket+0x14d/0x260 [ 754.020431][T30729] ? __pfx___sys_socket+0x10/0x10 [ 754.020474][T30729] __x64_sys_socket+0x72/0xb0 [ 754.020507][T30729] ? lockdep_hardirqs_on+0x78/0x100 [ 754.020534][T30729] do_syscall_64+0x106/0xf80 [ 754.020559][T30729] ? clear_bhb_loop+0x40/0x90 [ 754.020599][T30729] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.020625][T30729] RIP: 0033:0x7f9ca059c819 [ 754.020645][T30729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.020670][T30729] RSP: 002b:00007f9ca14da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 754.020694][T30729] RAX: ffffffffffffffda RBX: 00007f9ca0815fa0 RCX: 00007f9ca059c819 [ 754.020711][T30729] RDX: 0000000000000300 RSI: 0000000000080003 RDI: 0000000000000011 [ 754.020726][T30729] RBP: 00007f9ca0632c91 R08: 0000000000000000 R09: 0000000000000000 [ 754.020741][T30729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.020756][T30729] R13: 00007f9ca0816038 R14: 00007f9ca0815fa0 R15: 00007ffc773d1028 [ 754.020787][T30729] [ 754.542314][T30734] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11321'. [ 756.568045][T30771] Process accounting paused [ 756.985704][T30787] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.11346'. [ 758.357857][T30844] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11362'. [ 759.704196][T30880] syz.1.11375 (30880) used obsolete PPPIOCDETACH ioctl [ 761.062866][T30917] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 761.682432][ T30] audit: type=1804 audit(4294985738.128:40): pid=30948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.11398" name="file0" dev="tmpfs" ino=14541 res=1 errno=0 [ 762.376783][T30994] bridge0: port 3(veth0_to_bridge) entered blocking state [ 762.412861][T30994] bridge0: port 3(veth0_to_bridge) entered disabled state [ 762.445903][T30994] veth0_to_bridge: entered allmulticast mode [ 762.480153][T30994] veth0_to_bridge: entered promiscuous mode [ 762.518108][T30994] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 762.579095][T30994] bridge0: port 3(veth0_to_bridge) entered blocking state [ 762.586806][T30994] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 763.385368][T31029] bridge0: port 4(batadv0) entered blocking state [ 763.431337][T31029] bridge0: port 4(batadv0) entered disabled state [ 763.464805][T31029] batadv0: entered allmulticast mode [ 763.494524][T31029] batadv0: entered promiscuous mode [ 763.526181][T31029] bridge0: port 4(batadv0) entered blocking state [ 763.532778][T31029] bridge0: port 4(batadv0) entered forwarding state [ 763.647400][T22198] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 763.657199][T22198] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 763.755522][T31039] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11422'. [ 835.083069][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 873.173965][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 873.181414][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P31068/1:b..l P31067/1:b..l P30827/1:b..l P5828/1:b..l P31061/1:b..l [ 873.195082][ C0] rcu: (detected by 0, t=10502 jiffies, g=158597, q=1094 ncpus=1) [ 873.203117][ C0] task:syz.0.11434 state:R running task stack:27912 pid:31061 tgid:31061 ppid:5824 task_flags:0x40004c flags:0x00080000 [ 873.218341][ C0] Call Trace: [ 873.221764][ C0] [ 873.224736][ C0] __schedule+0xfee/0x6120 [ 873.229207][ C0] ? __pfx___schedule+0x10/0x10 [ 873.234120][ C0] ? find_held_lock+0x2b/0x80 [ 873.238922][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 873.244475][ C0] preempt_schedule_common+0x42/0xc0 [ 873.249796][ C0] preempt_schedule_thunk+0x16/0x30 [ 873.255027][ C0] _raw_spin_unlock+0x3e/0x50 [ 873.259777][ C0] unmap_page_range+0x152f/0x4840 [ 873.264867][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 873.270260][ C0] ? mas_next_slot+0x1003/0x18b0 [ 873.275220][ C0] ? uprobe_munmap+0x9e/0x700 [ 873.279929][ C0] unmap_single_vma+0x153/0x240 [ 873.284802][ C0] unmap_vmas+0x295/0x590 [ 873.289166][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 873.294049][ C0] ? mas_next_slot+0x1003/0x18b0 [ 873.299043][ C0] exit_mmap+0x1ef/0xa30 [ 873.303317][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 873.308232][ C0] __mmput+0x12a/0x410 [ 873.312377][ C0] mmput+0x67/0x80 [ 873.316176][ C0] do_exit+0x819/0x2b60 [ 873.320381][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 873.325805][ C0] ? __pfx_do_exit+0x10/0x10 [ 873.330447][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 873.335950][ C0] do_group_exit+0xd5/0x2a0 [ 873.340571][ C0] __x64_sys_exit_group+0x3e/0x50 [ 873.345659][ C0] x64_sys_call+0x102c/0x1530 [ 873.350469][ C0] do_syscall_64+0x106/0xf80 [ 873.355119][ C0] ? clear_bhb_loop+0x40/0x90 [ 873.359829][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 873.365745][ C0] RIP: 0033:0x7f9ca059c819 [ 873.370627][ C0] RSP: 002b:00007ffc773d1368 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 873.379090][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9ca059c819 [ 873.387101][ C0] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 873.395113][ C0] RBP: 00007ffc773d13cc R08: 0000000000000000 R09: 00000000000927c0 [ 873.403117][ C0] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000b21 [ 873.411115][ C0] R13: 00000000000927c0 R14: 00000000000bb6c7 R15: 00007ffc773d1420 [ 873.419122][ C0] [ 873.422477][ C0] task:kworker/0:3 state:R running task stack:24824 pid:5828 tgid:5828 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 873.436846][ C0] Workqueue: events_power_efficient gc_worker [ 873.444278][ C0] Call Trace: [ 873.447581][ C0] [ 873.450808][ C0] __schedule+0xfee/0x6120 [ 873.455428][ C0] ? kasan_save_stack+0x3f/0x50 [ 873.460351][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 873.465639][ C0] ? __pfx___schedule+0x10/0x10 [ 873.470551][ C0] ? mark_held_locks+0x40/0x70 [ 873.475407][ C0] preempt_schedule_irq+0x50/0x90 [ 873.480509][ C0] irqentry_exit+0x17b/0x670 [ 873.485123][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 873.491132][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x3f/0x70 [ 873.497310][ C0] Code: 05 12 a9 00 01 ff 00 74 1b f6 c4 01 74 07 a9 00 00 ff 00 74 05 e9 11 87 89 09 8b 82 a4 16 00 00 85 c0 74 f1 8b 82 80 16 00 00 <83> f8 02 75 e6 48 8b 8a 88 16 00 00 8b 92 84 16 00 00 48 8b 01 48 [ 873.517632][ C0] RSP: 0018:ffffc90003b77b40 EFLAGS: 00000246 [ 873.523753][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff89ac814e [ 873.531931][ C0] RDX: ffff88807de2db80 RSI: ffffffff89ac815c RDI: ffff88807de2db80 [ 873.540021][ C0] RBP: ffff88814ac00000 R08: 0000000000000004 R09: 0000000000003240 [ 873.548398][ C0] R10: 0000000000040000 R11: 0000000000000000 R12: dffffc0000000000 [ 873.556485][ C0] R13: 0000000000040000 R14: 0000000000003240 R15: 0000000000001770 [ 873.564662][ C0] ? gc_worker+0x31e/0x1630 [ 873.569189][ C0] ? gc_worker+0x32c/0x1630 [ 873.573731][ C0] gc_worker+0x32c/0x1630 [ 873.578177][ C0] ? __pfx_gc_worker+0x10/0x10 [ 873.583065][ C0] ? rcu_is_watching+0x12/0xc0 [ 873.587864][ C0] process_one_work+0xa23/0x19a0 [ 873.592861][ C0] ? __pfx_process_one_work+0x10/0x10 [ 873.598272][ C0] ? __pfx_gc_worker+0x10/0x10 [ 873.603100][ C0] worker_thread+0x5ef/0xe50 [ 873.607750][ C0] ? kthread+0x13a/0x450 [ 873.612123][ C0] ? __pfx_worker_thread+0x10/0x10 [ 873.617289][ C0] kthread+0x370/0x450 [ 873.621386][ C0] ? __pfx_kthread+0x10/0x10 [ 873.626015][ C0] ret_from_fork+0x754/0xd80 [ 873.630647][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 873.635797][ C0] ? __switch_to+0x7b4/0x1120 [ 873.640516][ C0] ? __pfx_kthread+0x10/0x10 [ 873.645155][ C0] ret_from_fork_asm+0x1a/0x30 [ 873.649955][ C0] [ 873.652996][ C0] task:udevd state:R running task stack:27912 pid:30827 tgid:30827 ppid:5194 task_flags:0x40014c flags:0x00080000 [ 873.666572][ C0] Call Trace: [ 873.669872][ C0] [ 873.672822][ C0] __schedule+0xfee/0x6120 [ 873.677567][ C0] ? __lock_acquire+0x4a5/0x2630 [ 873.682550][ C0] ? __pfx___schedule+0x10/0x10 [ 873.687420][ C0] ? mark_held_locks+0x40/0x70 [ 873.692397][ C0] preempt_schedule_irq+0x50/0x90 [ 873.697511][ C0] irqentry_exit+0x17b/0x670 [ 873.702144][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 873.708160][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x3f/0x70 [ 873.714341][ C0] Code: 05 12 a9 00 01 ff 00 74 1b f6 c4 01 74 07 a9 00 00 ff 00 74 05 e9 11 87 89 09 8b 82 a4 16 00 00 85 c0 74 f1 8b 82 80 16 00 00 <83> f8 02 75 e6 48 8b 8a 88 16 00 00 8b 92 84 16 00 00 48 8b 01 48 [ 873.734262][ C0] RSP: 0018:ffffc90004f37668 EFLAGS: 00000246 [ 873.740463][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8218f022 [ 873.748749][ C0] RDX: ffff888020379e80 RSI: ffffffff82182b4b RDI: ffffffff8e411470 [ 873.756767][ C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 873.764781][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 00007f6f1fcf16c5 [ 873.772786][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888020379e80 [ 873.780794][ C0] ? is_bpf_text_address+0xb2/0x1a0 [ 873.786069][ C0] ? bpf_ksym_find+0xeb/0x1c0 [ 873.790801][ C0] bpf_ksym_find+0xeb/0x1c0 [ 873.795361][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 873.801660][ C0] is_bpf_text_address+0x58/0x1a0 [ 873.806750][ C0] kernel_text_address+0x8d/0x100 [ 873.811926][ C0] __kernel_text_address+0xd/0x30 [ 873.817096][ C0] unwind_get_return_address+0x59/0xa0 [ 873.822899][ C0] arch_stack_walk+0xa6/0xf0 [ 873.827678][ C0] ? tear_down_vmas+0x2a5/0x600 [ 873.832660][ C0] stack_trace_save+0x8e/0xc0 [ 873.837387][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 873.842907][ C0] ? do_raw_spin_lock+0x128/0x260 [ 873.848178][ C0] kasan_save_stack+0x30/0x50 [ 873.853439][ C0] ? kasan_save_stack+0x30/0x50 [ 873.858313][ C0] ? kasan_save_track+0x14/0x30 [ 873.863209][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 873.868002][ C0] ? kmem_cache_free+0x41f/0x6a0 [ 873.873247][ C0] ? tear_down_vmas+0x2a5/0x600 [ 873.878133][ C0] ? exit_mmap+0x469/0xa30 [ 873.882683][ C0] ? __mmput+0x12a/0x410 [ 873.887231][ C0] ? mmput+0x67/0x80 [ 873.891160][ C0] ? do_exit+0x819/0x2b60 [ 873.895678][ C0] ? do_group_exit+0xd5/0x2a0 [ 873.900416][ C0] ? __x64_sys_exit_group+0x3e/0x50 [ 873.905947][ C0] ? x64_sys_call+0x102c/0x1530 [ 873.910967][ C0] ? do_syscall_64+0x106/0xf80 [ 873.916052][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 873.922392][ C0] kasan_save_track+0x14/0x30 [ 873.927298][ C0] __kasan_kmalloc+0xaa/0xb0 [ 873.931963][ C0] kmem_cache_free+0x41f/0x6a0 [ 873.936777][ C0] tear_down_vmas+0x2a5/0x600 [ 873.941524][ C0] exit_mmap+0x469/0xa30 [ 873.945798][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 873.950604][ C0] ? trace_contention_end+0x140/0x180 [ 873.956010][ C0] ? uprobe_clear_state+0x5f/0x360 [ 873.961151][ C0] ? uprobe_clear_state+0x5f/0x360 [ 873.966302][ C0] ? __lock_acquire+0x4a5/0x2630 [ 873.971623][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 873.977299][ C0] __mmput+0x12a/0x410 [ 873.981414][ C0] mmput+0x67/0x80 [ 873.985183][ C0] do_exit+0x819/0x2b60 [ 873.989396][ C0] ? do_raw_spin_lock+0x128/0x260 [ 873.994566][ C0] ? __pfx_do_exit+0x10/0x10 [ 873.999280][ C0] ? do_group_exit+0x1bd/0x2a0 [ 874.004072][ C0] ? rcu_is_watching+0x12/0xc0 [ 874.008870][ C0] do_group_exit+0xd5/0x2a0 [ 874.013489][ C0] __x64_sys_exit_group+0x3e/0x50 [ 874.018537][ C0] x64_sys_call+0x102c/0x1530 [ 874.023235][ C0] do_syscall_64+0x106/0xf80 [ 874.027957][ C0] ? clear_bhb_loop+0x40/0x90 [ 874.032677][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 874.038602][ C0] RIP: 0033:0x7f6f1fcf16c5 [ 874.043087][ C0] RSP: 002b:00007ffde0cab068 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 874.051556][ C0] RAX: ffffffffffffffda RBX: 00005597a9616090 RCX: 00007f6f1fcf16c5 [ 874.059578][ C0] RDX: 00000000000000e7 RSI: fffffffffffffe68 RDI: 0000000000000000 [ 874.067587][ C0] RBP: 00005597a95f5910 R08: 0000000000000000 R09: 0000000000000000 [ 874.075597][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 874.083601][ C0] R13: 00007ffde0cab0b0 R14: 0000000000000000 R15: 0000000000000000 [ 874.091621][ C0] [ 874.094666][ C0] task:syz.1.11436 state:R running task stack:27496 pid:31067 tgid:31065 ppid:5823 task_flags:0x400140 flags:0x00080000 [ 874.108230][ C0] Call Trace: [ 874.111540][ C0] [ 874.114494][ C0] __schedule+0xfee/0x6120 [ 874.118938][ C0] ? __lock_acquire+0x4a5/0x2630 [ 874.123912][ C0] ? find_held_lock+0x2b/0x80 [ 874.128620][ C0] ? page_table_check_set+0x49a/0xa10 [ 874.134018][ C0] ? __pfx___schedule+0x10/0x10 [ 874.138890][ C0] ? mark_held_locks+0x40/0x70 [ 874.143679][ C0] preempt_schedule_irq+0x50/0x90 [ 874.148721][ C0] irqentry_exit+0x17b/0x670 [ 874.153330][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 874.159335][ C0] RIP: 0010:lock_acquire+0x2d/0x380 [ 874.164652][ C0] Code: fa 41 57 41 56 41 89 f6 41 55 45 89 c5 41 54 41 89 cc 55 48 89 fd 53 89 d3 48 83 ec 38 65 4c 8b 3d a0 95 29 12 4c 89 7c 24 30 <4d> 89 cf 66 90 65 8b 05 bb 95 29 12 83 f8 07 0f 87 f0 00 00 00 48 [ 874.184735][ C0] RSP: 0018:ffffc900033ef820 EFLAGS: 00000282 [ 874.190854][ C0] RAX: ffffffff81b7bd3d RBX: 0000000000000000 RCX: 0000000000000002 [ 874.200091][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8e7e75e0 [ 874.208123][ C0] RBP: ffffffff8e7e75e0 R08: 0000000000000000 R09: 0000000000000000 [ 874.216148][ C0] R10: 0000000000000200 R11: 00000000000164ee R12: 0000000000000002 [ 874.224272][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 9f14bd6b57466f00 [ 874.232334][ C0] ? unwind_next_frame+0xbd/0x1ea0 [ 874.237751][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 874.242988][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 874.248262][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 874.254757][ C0] unwind_next_frame+0xd1/0x1ea0 [ 874.259807][ C0] ? unwind_next_frame+0xbd/0x1ea0 [ 874.264956][ C0] ? qlist_free_all+0x47/0xe0 [ 874.269689][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 874.275880][ C0] arch_stack_walk+0x94/0xf0 [ 874.280607][ C0] ? qlist_free_all+0x47/0xe0 [ 874.285329][ C0] stack_trace_save+0x8e/0xc0 [ 874.290046][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 874.295479][ C0] ? __lock_acquire+0x4a5/0x2630 [ 874.300776][ C0] ? __lock_acquire+0x4a5/0x2630 [ 874.305885][ C0] save_stack+0x162/0x1e0 [ 874.310612][ C0] ? __pfx_save_stack+0x10/0x10 [ 874.315518][ C0] ? __free_frozen_pages+0x7e1/0x10d0 [ 874.321033][ C0] ? qlist_free_all+0x47/0xe0 [ 874.325770][ C0] ? page_ext_put+0x3e/0xd0 [ 874.330311][ C0] __reset_page_owner+0x84/0x190 [ 874.335278][ C0] __free_frozen_pages+0x7e1/0x10d0 [ 874.340515][ C0] qlist_free_all+0x47/0xe0 [ 874.345086][ C0] kasan_quarantine_reduce+0x1a0/0x1f0 [ 874.350606][ C0] __kasan_slab_alloc+0x69/0x90 [ 874.355509][ C0] __kmalloc_cache_noprof+0x243/0x6f0 [ 874.360932][ C0] ? io_uring_setup.cold+0x6c/0x1d79 [ 874.366590][ C0] io_uring_setup.cold+0x6c/0x1d79 [ 874.371789][ C0] ? __pfx_io_uring_setup+0x10/0x10 [ 874.377064][ C0] ? do_futex+0x192/0x350 [ 874.381434][ C0] ? __pfx_do_futex+0x10/0x10 [ 874.386266][ C0] ? xfd_validate_state+0x129/0x190 [ 874.391501][ C0] __x64_sys_io_uring_setup+0xc2/0x170 [ 874.397017][ C0] do_syscall_64+0x106/0xf80 [ 874.401780][ C0] ? clear_bhb_loop+0x40/0x90 [ 874.406574][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 874.412641][ C0] RIP: 0033:0x7f138b79c819 [ 874.417112][ C0] RSP: 002b:00007f138c57c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 874.425748][ C0] RAX: ffffffffffffffda RBX: 00007f138ba15fa0 RCX: 00007f138b79c819 [ 874.433848][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 874.441869][ C0] RBP: 00007f138b832c91 R08: 0000000000000000 R09: 0000000000000000 [ 874.450144][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 874.458320][ C0] R13: 00007f138ba16038 R14: 00007f138ba15fa0 R15: 00007ffcd686f1b8 [ 874.466411][ C0] [ 874.469457][ C0] task:syz.3.11437 state:R running task stack:27320 pid:31068 tgid:31066 ppid:5825 task_flags:0x40054c flags:0x00080000 [ 874.483011][ C0] Call Trace: [ 874.486314][ C0] [ 874.489299][ C0] __schedule+0xfee/0x6120 [ 874.494028][ C0] ? __pfx___schedule+0x10/0x10 [ 874.498992][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 874.504420][ C0] preempt_schedule_common+0x42/0xc0 [ 874.509746][ C0] preempt_schedule_thunk+0x16/0x30 [ 874.515011][ C0] _raw_spin_unlock+0x3e/0x50 [ 874.519835][ C0] unmap_page_range+0x152f/0x4840 [ 874.525035][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 874.530446][ C0] ? mas_next_slot+0x1003/0x18b0 [ 874.535463][ C0] ? uprobe_munmap+0x9e/0x700 [ 874.540206][ C0] unmap_single_vma+0x153/0x240 [ 874.545176][ C0] unmap_vmas+0x295/0x590 [ 874.549543][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 874.554425][ C0] ? mas_next_slot+0x1003/0x18b0 [ 874.559412][ C0] exit_mmap+0x1ef/0xa30 [ 874.563712][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 874.568572][ C0] __mmput+0x12a/0x410 [ 874.572692][ C0] mmput+0x67/0x80 [ 874.576441][ C0] do_exit+0x819/0x2b60 [ 874.580733][ C0] ? __pfx_do_exit+0x10/0x10 [ 874.585453][ C0] ? do_raw_spin_lock+0x128/0x260 [ 874.590537][ C0] ? find_held_lock+0x2b/0x80 [ 874.595254][ C0] ? get_signal+0x7e0/0x21e0 [ 874.599911][ C0] do_group_exit+0xd5/0x2a0 [ 874.604655][ C0] get_signal+0x1ec7/0x21e0 [ 874.609225][ C0] ? __pfx_get_signal+0x10/0x10 [ 874.614131][ C0] ? do_futex+0x192/0x350 [ 874.618522][ C0] arch_do_signal_or_restart+0x91/0x770 [ 874.624110][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 874.630326][ C0] ? __pfx___x64_sys_futex+0x10/0x10 [ 874.635689][ C0] exit_to_user_mode_loop+0x86/0x4a0 [ 874.641019][ C0] do_syscall_64+0x668/0xf80 [ 874.645830][ C0] ? clear_bhb_loop+0x40/0x90 [ 874.650641][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 874.656559][ C0] RIP: 0033:0x7f2d1e39c819 [ 874.660992][ C0] RSP: 002b:00007f2d1f1e00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 874.669473][ C0] RAX: fffffffffffffe00 RBX: 00007f2d1e615fa8 RCX: 00007f2d1e39c819 [ 874.677484][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2d1e615fa8 [ 874.685494][ C0] RBP: 00007f2d1e615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 874.693510][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 874.701516][ C0] R13: 00007f2d1e616038 R14: 00007ffef456c420 R15: 00007ffef456c508 [ 874.709574][ C0] [ 874.712729][ C0] rcu: rcu_preempt kthread starved for 712 jiffies! g158597 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 874.723869][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 874.733876][ C0] rcu: RCU grace-period kthread stack dump: [ 874.739975][ C0] task:rcu_preempt state:R running task stack:27736 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 874.753515][ C0] Call Trace: [ 874.756825][ C0] [ 874.759890][ C0] __schedule+0xfee/0x6120 [ 874.764335][ C0] ? __lock_acquire+0x4a5/0x2630 [ 874.769318][ C0] ? __pfx___schedule+0x10/0x10 [ 874.774185][ C0] ? find_held_lock+0x2b/0x80 [ 874.778882][ C0] ? schedule+0x2bf/0x390 [ 874.783236][ C0] schedule+0xdd/0x390 [ 874.787335][ C0] schedule_timeout+0x127/0x280 [ 874.792245][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 874.797743][ C0] ? __pfx_process_timeout+0x10/0x10 [ 874.803098][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 874.808956][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 874.814450][ C0] rcu_gp_fqs_loop+0x1a9/0x900 [ 874.819245][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 874.824578][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 874.829556][ C0] ? __pfx_rcu_gp_cleanup+0x10/0x10 [ 874.834800][ C0] ? rcu_is_watching+0x12/0xc0 [ 874.839656][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 874.845649][ C0] rcu_gp_kthread+0x179/0x230 [ 874.850474][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 874.855696][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 874.861715][ C0] ? __kthread_parkme+0x18c/0x230 [ 874.866872][ C0] ? kthread+0x13a/0x450 [ 874.871240][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 874.876482][ C0] kthread+0x370/0x450 [ 874.880608][ C0] ? __pfx_kthread+0x10/0x10 [ 874.885223][ C0] ret_from_fork+0x754/0xd80 [ 874.889841][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 874.894984][ C0] ? __switch_to+0x7b4/0x1120 [ 874.899697][ C0] ? __pfx_kthread+0x10/0x10 [ 874.904333][ C0] ret_from_fork_asm+0x1a/0x30 [ 874.909231][ C0] [ 874.912360][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 874.918711][ C0] CPU: 0 UID: 0 PID: 3408 Comm: kworker/R-bat_e Tainted: G U I L syzkaller #0 PREEMPT(full) [ 874.930029][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 874.937410][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 874.947505][ C0] Workqueue: bat_events batadv_tt_purge [ 874.953120][ C0] RIP: 0010:preempt_count_sub+0xc/0x160 [ 874.958702][ C0] Code: 1e fa 48 c7 c7 20 ad 14 94 e9 30 00 6b 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 c7 c0 c0 83 1d 9b 53 <89> fb 48 ba 00 00 00 00 00 fc ff df 48 89 c1 83 e0 07 48 c1 e9 03 [ 874.978424][ C0] RSP: 0018:ffffc90000007498 EFLAGS: 00000246 [ 874.984783][ C0] RAX: ffffffff9b1d83c0 RBX: ffffffff906c0ee0 RCX: 0000000000000004 [ 874.992804][ C0] RDX: 0000000000000000 RSI: ffffffff8de83a76 RDI: 0000000000000001 [ 875.001027][ C0] RBP: 0000000000000246 R08: 0000000000000001 R09: 0000000000000000 [ 875.009041][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000246 [ 875.017107][ C0] R13: 0000000000000000 R14: ffff88802d42b000 R15: 0000000000000003 [ 875.025142][ C0] FS: 0000000000000000(0000) GS:ffff888124340000(0000) knlGS:0000000000000000 [ 875.034269][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 875.040869][ C0] CR2: 000055555d7477d0 CR3: 0000000038f6c000 CR4: 00000000003526f0 [ 875.048905][ C0] Call Trace: [ 875.052295][ C0] [ 875.055161][ C0] _raw_read_unlock_irqrestore+0x3b/0x80 [ 875.060902][ C0] netlink_broadcast_filtered+0x112/0xf50 [ 875.066645][ C0] ? nla_put+0x101/0x140 [ 875.070937][ C0] ? fdb_fill_info+0x80a/0xd90 [ 875.075729][ C0] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 875.081997][ C0] ? __pfx_fdb_fill_info+0x10/0x10 [ 875.087145][ C0] ? __alloc_skb+0x4e9/0x710 [ 875.091804][ C0] ? __alloc_skb+0x5b7/0x710 [ 875.096447][ C0] nlmsg_notify+0xb1/0x290 [ 875.100921][ C0] fdb_notify+0xfb/0x190 [ 875.105211][ C0] br_fdb_update+0x324/0x720 [ 875.109837][ C0] ? __pfx_br_fdb_update+0x10/0x10 [ 875.115010][ C0] br_handle_frame_finish+0xe9a/0x1f60 [ 875.120524][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 875.126472][ C0] ? find_held_lock+0x2b/0x80 [ 875.131181][ C0] ? net_generic+0xea/0x2a0 [ 875.135809][ C0] ? net_generic+0xea/0x2a0 [ 875.140350][ C0] ? net_generic+0xf4/0x2a0 [ 875.144983][ C0] ? br_nf_pre_routing+0x775/0x1550 [ 875.150257][ C0] br_handle_frame+0x977/0x1520 [ 875.155158][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 875.160502][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 875.166449][ C0] ? kasan_quarantine_put+0x104/0x240 [ 875.171894][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 875.177222][ C0] __netif_receive_skb_core.constprop.0+0x6c5/0x3550 [ 875.183937][ C0] ? skb_release_data+0x7a0/0x9d0 [ 875.189082][ C0] ? kfree_skbmem+0x19f/0x210 [ 875.193790][ C0] ? dst_release+0x9a/0x330 [ 875.198489][ C0] ? arp_process+0x237/0x2440 [ 875.203372][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 875.210523][ C0] ? __pfx_arp_process+0x10/0x10 [ 875.215481][ C0] ? __pfx_arp_process+0x10/0x10 [ 875.220446][ C0] ? __pfx_nf_hook.constprop.0+0x10/0x10 [ 875.226108][ C0] ? __pfx_arp_process+0x10/0x10 [ 875.231064][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 875.236906][ C0] ? __lock_acquire+0x4a5/0x2630 [ 875.241873][ C0] ? process_backlog+0x32a/0x1580 [ 875.246921][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 875.252768][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 875.259238][ C0] ? lock_acquire+0x1cf/0x380 [ 875.263955][ C0] ? process_backlog+0x32a/0x1580 [ 875.269024][ C0] ? process_backlog+0x32a/0x1580 [ 875.274090][ C0] __netif_receive_skb+0x1f/0x120 [ 875.279251][ C0] process_backlog+0x37a/0x1580 [ 875.284144][ C0] __napi_poll.constprop.0+0xaf/0x450 [ 875.289567][ C0] net_rx_action+0xa40/0xf20 [ 875.294307][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 875.299472][ C0] ? mark_held_locks+0x40/0x70 [ 875.304374][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 875.309695][ C0] ? tmigr_handle_remote+0x132/0x380 [ 875.315014][ C0] ? run_timer_base+0x121/0x190 [ 875.320002][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 875.325225][ C0] handle_softirqs+0x1eb/0x9e0 [ 875.330028][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 875.335338][ C0] ? batadv_tt_purge+0x25d/0xbd0 [ 875.340324][ C0] do_softirq+0xac/0xe0 [ 875.344519][ C0] [ 875.347491][ C0] [ 875.350444][ C0] __local_bh_enable_ip+0xf8/0x120 [ 875.355588][ C0] batadv_tt_purge+0x25d/0xbd0 [ 875.360384][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 875.365870][ C0] ? rcu_is_watching+0x12/0xc0 [ 875.370692][ C0] process_one_work+0xa23/0x19a0 [ 875.375676][ C0] ? __pfx_process_one_work+0x10/0x10 [ 875.381082][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 875.386406][ C0] rescuer_thread+0x905/0x14a0 [ 875.391202][ C0] ? rescuer_thread+0x240/0x14a0 [ 875.396161][ C0] ? rescuer_thread+0x118/0x14a0 [ 875.401245][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 875.406485][ C0] ? __kthread_parkme+0x18c/0x230 [ 875.411544][ C0] ? kthread+0x13a/0x450 [ 875.415844][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 875.421072][ C0] kthread+0x370/0x450 [ 875.425453][ C0] ? __pfx_kthread+0x10/0x10 [ 875.430106][ C0] ret_from_fork+0x754/0xd80 [ 875.434829][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 875.439980][ C0] ? __switch_to+0x7b4/0x1120 [ 875.444714][ C0] ? __pfx_kthread+0x10/0x10 [ 875.449348][ C0] ret_from_fork_asm+0x1a/0x30 [ 875.454181][ C0] [ 875.510025][T31061] Process accounting resumed