last executing test programs: 1.368530509s ago: executing program 2 (id=2642): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x88) setsockopt$auto(r0, 0x88, 0x1, 0x0, 0x80000e) 1.346343053s ago: executing program 3 (id=2643): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000004c0), r0) sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001a00)={0x0, 0x600, &(0x7f00000019c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="ffff26bd7000fcdbdf251500000008000600020000002000018014000200766574683000000000000000000000000800030006"], 0x3c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) 1.310419277s ago: executing program 0 (id=2644): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x480000, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) 1.205070326s ago: executing program 3 (id=2645): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000780), r0) sendmsg$auto_TIPC_NL_BEARER_GET(r0, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)={0x18, r1, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x40000) 1.118605329s ago: executing program 2 (id=2646): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.unix.gid/content\x00', 0x28102, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 1.10456729s ago: executing program 3 (id=2647): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x80045530, 0x38) 1.067565288s ago: executing program 0 (id=2648): bpf$auto(0x5, &(0x7f0000000000)=@link_create={@map_fd, @target_fd, 0x1, 0x7, @tracing={0x1000, 0x7fffffff}}, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) 955.101536ms ago: executing program 1 (id=2649): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r0) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={0x34, r1, 0x1, 0x70bd25, 0x25dfd3fb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000844}, 0x2000c840) 923.176287ms ago: executing program 3 (id=2650): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda\x00', 0x202, 0x0) setuid$auto(0xe) ioctl$auto_IOC_PR_RELEASE(r0, 0x401070ca, 0x0) 914.232425ms ago: executing program 0 (id=2651): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) ioctl$auto(r0, 0x1, r0) 828.802567ms ago: executing program 2 (id=2652): r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000014c0)={0x28, r0, 0x1, 0x70bd29, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x10, 0x0, 0x1, [@nested={0x4, 0x1f}]}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) 807.050483ms ago: executing program 1 (id=2653): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) close_range$auto(0x2, 0x8, 0x0) 698.035422ms ago: executing program 1 (id=2654): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) fstatfs$auto(0x3, 0x0) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) 686.169289ms ago: executing program 0 (id=2655): r0 = socket(0x2a, 0x2, 0xe) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/numa_zonelist_order\x00', 0x202, 0x0) sendfile$auto(r0, r1, 0x0, 0x3) 569.452649ms ago: executing program 2 (id=2656): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0xa, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x4a, 0x0, 0x9) 471.7707ms ago: executing program 1 (id=2657): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x10, 0x2, 0xa94e, 0x66, 0x0, 0x0, 0x0, 0x1000000006, 0xfffffffffffffffe, 0x7ffffffffffffffd, 0x4, 0x7fffffff, 0x6, 0x7, 0x7, 0x61, 0x40000103}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 466.036906ms ago: executing program 0 (id=2658): r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) umount2$auto(&(0x7f0000000000)='.\x00', 0x8) 390.580237ms ago: executing program 3 (id=2659): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000700), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000780)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010027bd7000fddbdf256000000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000) 371.062414ms ago: executing program 2 (id=2660): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/mode\x00', 0x121102, 0x0) write$auto(0x3, 0x0, 0x7fffffff) 268.695897ms ago: executing program 0 (id=2661): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x10001, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') umount2$auto(&(0x7f0000000040)='.\x00', 0x4) 211.151817ms ago: executing program 1 (id=2662): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sysfs$auto(0x2, 0x4, 0x0) utimes$auto(0x0, 0x0) 129.963436ms ago: executing program 3 (id=2663): sendmsg$auto_NFSD_CMD_LISTENER_SET(0xffffffffffffffff, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)={0x1c, 0x0, 0x1, 0x870bd2b, 0x25dfdbfc, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x8, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) r0 = socket(0x10, 0x3, 0x15) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}}, 0x400c001) write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb) 129.183448ms ago: executing program 2 (id=2664): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r0, 0x6b, 0x2, 0xfffffffffffffffe, 0x0) 0s ago: executing program 1 (id=2665): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x1414, &(0x7f0000000040)={&(0x7f0000000280)={0x24, r0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x80005}]}, 0x24}, 0x1, 0x1400, 0x0, 0x20040810}, 0x20000084) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.170' (ED25519) to the list of known hosts. [ 98.563215][ T5855] cgroup: Unknown subsys name 'net' [ 98.681460][ T5855] cgroup: Unknown subsys name 'cpuset' [ 98.690963][ T5855] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 100.578021][ T5855] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.230763][ T43] cfg80211: failed to load regulatory.db [ 102.834183][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 102.842858][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 102.864566][ T5874] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 102.887341][ T5874] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 102.907735][ T5874] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 102.915802][ T5874] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 102.924366][ T5874] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 102.935653][ T5874] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 102.940204][ T5876] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 102.951372][ T5874] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 102.962166][ T5874] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 102.975807][ T5874] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 102.983948][ T5874] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 102.997264][ T5874] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.005701][ T5874] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.103159][ T5874] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.111977][ T5874] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.120729][ T5874] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.129277][ T5874] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.137590][ T5874] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.581872][ T5875] chnl_net:caif_netlink_parms(): no params data found [ 103.679029][ T5879] chnl_net:caif_netlink_parms(): no params data found [ 103.769112][ T5872] chnl_net:caif_netlink_parms(): no params data found [ 103.890947][ T5883] chnl_net:caif_netlink_parms(): no params data found [ 103.965197][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.972521][ T5875] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.980486][ T5875] bridge_slave_0: entered allmulticast mode [ 103.988729][ T5875] bridge_slave_0: entered promiscuous mode [ 104.006729][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.013959][ T5875] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.021486][ T5875] bridge_slave_1: entered allmulticast mode [ 104.030060][ T5875] bridge_slave_1: entered promiscuous mode [ 104.038089][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.045322][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.053397][ T5879] bridge_slave_0: entered allmulticast mode [ 104.061068][ T5879] bridge_slave_0: entered promiscuous mode [ 104.124984][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.132561][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.140483][ T5879] bridge_slave_1: entered allmulticast mode [ 104.148777][ T5879] bridge_slave_1: entered promiscuous mode [ 104.192902][ T5875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.206929][ T5875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.230256][ T5872] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.237725][ T5872] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.244921][ T5872] bridge_slave_0: entered allmulticast mode [ 104.252624][ T5872] bridge_slave_0: entered promiscuous mode [ 104.294809][ T5872] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.302683][ T5872] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.310025][ T5872] bridge_slave_1: entered allmulticast mode [ 104.318136][ T5872] bridge_slave_1: entered promiscuous mode [ 104.369510][ T5879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.382951][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.407758][ T5883] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.414927][ T5883] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.422218][ T5883] bridge_slave_0: entered allmulticast mode [ 104.429614][ T5883] bridge_slave_0: entered promiscuous mode [ 104.439355][ T5875] team0: Port device team_slave_0 added [ 104.445394][ T5883] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.453149][ T5883] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.460477][ T5883] bridge_slave_1: entered allmulticast mode [ 104.468320][ T5883] bridge_slave_1: entered promiscuous mode [ 104.504854][ T5875] team0: Port device team_slave_1 added [ 104.556396][ T5872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.569821][ T5872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.613944][ T5879] team0: Port device team_slave_0 added [ 104.651644][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.659710][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.686229][ T5875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.700136][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.708020][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.734014][ T5875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.749323][ T5883] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.760450][ T5879] team0: Port device team_slave_1 added [ 104.768891][ T5872] team0: Port device team_slave_0 added [ 104.785011][ T5883] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.828449][ T5872] team0: Port device team_slave_1 added [ 104.850195][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.857411][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.883825][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.939031][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.946022][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.972129][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.992797][ T5883] team0: Port device team_slave_0 added [ 105.014691][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.021928][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.028583][ T5874] Bluetooth: hci1: command tx timeout [ 105.051688][ T51] Bluetooth: hci0: command tx timeout [ 105.054208][ T5872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.073331][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.080390][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.106442][ T5872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.117690][ T51] Bluetooth: hci2: command tx timeout [ 105.120867][ T5883] team0: Port device team_slave_1 added [ 105.187245][ T51] Bluetooth: hci3: command tx timeout [ 105.202337][ T5875] hsr_slave_0: entered promiscuous mode [ 105.209066][ T5875] hsr_slave_1: entered promiscuous mode [ 105.249675][ T5883] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.256670][ T5883] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.282764][ T5883] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.300920][ T5879] hsr_slave_0: entered promiscuous mode [ 105.308239][ T5879] hsr_slave_1: entered promiscuous mode [ 105.314394][ T5879] debugfs: 'hsr0' already exists in 'hsr' [ 105.321052][ T5879] Cannot create hsr debugfs directory [ 105.358123][ T5883] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.365127][ T5883] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.392009][ T5883] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.432751][ T5872] hsr_slave_0: entered promiscuous mode [ 105.439670][ T5872] hsr_slave_1: entered promiscuous mode [ 105.445898][ T5872] debugfs: 'hsr0' already exists in 'hsr' [ 105.451774][ T5872] Cannot create hsr debugfs directory [ 105.636034][ T5883] hsr_slave_0: entered promiscuous mode [ 105.642820][ T5883] hsr_slave_1: entered promiscuous mode [ 105.649735][ T5883] debugfs: 'hsr0' already exists in 'hsr' [ 105.655535][ T5883] Cannot create hsr debugfs directory [ 106.025385][ T5875] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 106.043086][ T5875] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 106.075829][ T5875] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 106.102062][ T5875] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 106.167359][ T5879] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 106.183631][ T5879] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 106.199993][ T5879] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 106.226773][ T5879] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 106.313539][ T5883] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.332280][ T5883] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.350420][ T5883] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.388527][ T5883] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.502285][ T5872] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.513769][ T5872] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.538227][ T5872] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.551848][ T5872] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.681151][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.699737][ T5875] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.756029][ T5879] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.789908][ T5883] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.804782][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.812426][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.842570][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.849796][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.862503][ T5875] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.905473][ T5872] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.916945][ T5883] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.955892][ T1116] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.963147][ T1116] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.976261][ T1116] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.983493][ T1116] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.010369][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.017640][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.031792][ T5872] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.066608][ T30] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.073822][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.089379][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.096710][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.107845][ T51] Bluetooth: hci1: command tx timeout [ 107.107971][ T5874] Bluetooth: hci0: command tx timeout [ 107.135658][ T3523] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.142875][ T3523] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.188182][ T5874] Bluetooth: hci2: command tx timeout [ 107.269010][ T5874] Bluetooth: hci3: command tx timeout [ 107.842192][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.862843][ T5872] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.001204][ T5872] veth0_vlan: entered promiscuous mode [ 108.019246][ T5883] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.049949][ T5879] veth0_vlan: entered promiscuous mode [ 108.062326][ T5872] veth1_vlan: entered promiscuous mode [ 108.076204][ T5875] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.094034][ T5879] veth1_vlan: entered promiscuous mode [ 108.186124][ T5879] veth0_macvtap: entered promiscuous mode [ 108.226747][ T5875] veth0_vlan: entered promiscuous mode [ 108.249382][ T5879] veth1_macvtap: entered promiscuous mode [ 108.266966][ T5883] veth0_vlan: entered promiscuous mode [ 108.276150][ T5872] veth0_macvtap: entered promiscuous mode [ 108.294125][ T5875] veth1_vlan: entered promiscuous mode [ 108.302087][ T5872] veth1_macvtap: entered promiscuous mode [ 108.322847][ T5883] veth1_vlan: entered promiscuous mode [ 108.334773][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.366761][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.382916][ T3523] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.408990][ T3523] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.418053][ T3523] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.432139][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.445258][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.461695][ T3523] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.505426][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.514876][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.579144][ T5875] veth0_macvtap: entered promiscuous mode [ 108.589645][ T30] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.599521][ T30] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.633614][ T5883] veth0_macvtap: entered promiscuous mode [ 108.652684][ T5875] veth1_macvtap: entered promiscuous mode [ 108.672886][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.691702][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.716124][ T5883] veth1_macvtap: entered promiscuous mode [ 108.734378][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.784175][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.829014][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.836974][ T3523] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.837189][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.854860][ T3523] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.872545][ T5883] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.891032][ T3523] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.903003][ T3523] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.933955][ T5883] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.943044][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.965941][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.985360][ T3523] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.021138][ T5879] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.037903][ T3523] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.063327][ T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.073749][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.151143][ T3523] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.173162][ T3523] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.188394][ T5874] Bluetooth: hci0: command tx timeout [ 109.192163][ T51] Bluetooth: hci1: command tx timeout [ 109.268096][ T51] Bluetooth: hci2: command tx timeout [ 109.347450][ T51] Bluetooth: hci3: command tx timeout [ 109.360000][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.383336][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.495960][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.512123][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.566348][ T3523] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.582809][ T3523] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.672315][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.700853][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.275760][ T5977] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 111.267829][ T51] Bluetooth: hci0: command tx timeout [ 111.274568][ T5874] Bluetooth: hci1: command tx timeout [ 111.348179][ T5874] Bluetooth: hci2: command tx timeout [ 111.427332][ T5874] Bluetooth: hci3: command tx timeout [ 112.661184][ T6052] mmap: syz.3.44 (6052) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 113.176883][ T6067] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 113.980091][ T6095] openvswitch: netlink: Flow key attribute not present in set flow. [ 114.615708][ T6111] futex_wake_op: syz.2.73 tries to shift op by -2048; fix this program [ 114.656606][ T6111] futex_wake_op: syz.2.73 tries to shift op by -2048; fix this program [ 115.657445][ T6148] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 115.700256][ T6151] process 'syz.1.90' launched ':,' with NULL argv: empty string added [ 117.833874][ T6223] netlink: 'syz.3.124': attribute type 1 has an invalid length. [ 118.102827][ T6235] futex_wake_op: syz.2.125 tries to shift op by 64; fix this program [ 118.609785][ T6253] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 119.244616][ T6278] netlink: set zone limit has 4 unknown bytes [ 119.727905][ T6290] netlink: 'syz.3.145': attribute type 11 has an invalid length. [ 119.741985][ T6290] netlink: 'syz.3.145': attribute type 11 has an invalid length. [ 119.755196][ T6290] netlink: 4 bytes leftover after parsing attributes in process `syz.3.145'. [ 119.768303][ T6290] netlink: 'syz.3.145': attribute type 11 has an invalid length. [ 119.776583][ T6290] netlink: 20 bytes leftover after parsing attributes in process `syz.3.145'. [ 119.790786][ T6290] netlink: 200 bytes leftover after parsing attributes in process `syz.3.145'. [ 121.733731][ T6358] usb usb37: usbfs: process 6358 (syz.0.164) did not claim interface 0 before use [ 122.514208][ T6386] netlink: 'syz.1.173': attribute type 1 has an invalid length. [ 122.544445][ T6388] FAULT_INJECTION: forcing a failure. [ 122.544445][ T6388] name failslab, interval 1, probability 0, space 0, times 1 [ 122.572751][ T6388] CPU: 0 UID: 0 PID: 6388 Comm: syz.2.174 Not tainted syzkaller #0 PREEMPT(full) [ 122.572794][ T6388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 122.572820][ T6388] Call Trace: [ 122.572835][ T6388] [ 122.572847][ T6388] dump_stack_lvl+0x16c/0x1f0 [ 122.572898][ T6388] should_fail_ex+0x512/0x640 [ 122.572942][ T6388] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 122.572987][ T6388] should_failslab+0xc2/0x120 [ 122.573029][ T6388] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 122.573069][ T6388] ? __d_alloc+0x32/0xae0 [ 122.573113][ T6388] __d_alloc+0x32/0xae0 [ 122.573156][ T6388] path_from_stashed+0x427/0x750 [ 122.573193][ T6388] ? alloc_fd+0x471/0x7d0 [ 122.573233][ T6388] pidfs_alloc_file+0xf8/0x290 [ 122.573264][ T6388] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 122.573300][ T6388] ? _raw_spin_unlock_irq+0x23/0x50 [ 122.573340][ T6388] pidfd_prepare+0x129/0x200 [ 122.573391][ T6388] __x64_sys_pidfd_open+0x105/0x1a0 [ 122.573442][ T6388] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 122.573497][ T6388] ? rcu_is_watching+0x12/0xc0 [ 122.573543][ T6388] do_syscall_64+0xcd/0x490 [ 122.573589][ T6388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.573638][ T6388] RIP: 0033:0x7fdd56b8ebe9 [ 122.573672][ T6388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.573704][ T6388] RSP: 002b:00007fdd57a81038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 122.573736][ T6388] RAX: ffffffffffffffda RBX: 00007fdd56db5fa0 RCX: 00007fdd56b8ebe9 [ 122.573756][ T6388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 122.573775][ T6388] RBP: 00007fdd56c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 122.573793][ T6388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.573811][ T6388] R13: 00007fdd56db6038 R14: 00007fdd56db5fa0 R15: 00007ffead5540f8 [ 122.573851][ T6388] [ 122.768009][ C0] vkms_vblank_simulate: vblank timer overrun [ 123.406271][ T6412] syz.1.184 uses obsolete (PF_INET,SOCK_PACKET) [ 123.900021][ T6427] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 125.685489][ T6486] perf: Dynamic interrupt throttling disabled, can hang your system! [ 126.619274][ T6514] capability: warning: `syz.1.220' uses 32-bit capabilities (legacy support in use) [ 127.641762][ T6548] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 129.322264][ T6596] netlink: 'syz.2.253': attribute type 1 has an invalid length. [ 129.335525][ T6600] FAULT_INJECTION: forcing a failure. [ 129.335525][ T6600] name failslab, interval 1, probability 0, space 0, times 0 [ 129.407767][ T6600] CPU: 1 UID: 0 PID: 6600 Comm: syz.3.257 Not tainted syzkaller #0 PREEMPT(full) [ 129.407836][ T6600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 129.407869][ T6600] Call Trace: [ 129.407880][ T6600] [ 129.407891][ T6600] dump_stack_lvl+0x16c/0x1f0 [ 129.407937][ T6600] should_fail_ex+0x512/0x640 [ 129.407983][ T6600] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 129.408019][ T6600] should_failslab+0xc2/0x120 [ 129.408062][ T6600] __kmalloc_cache_noprof+0x6a/0x3e0 [ 129.408095][ T6600] ? evm_inode_alloc_security+0x49/0xc0 [ 129.408130][ T6600] ? alloc_pipe_info+0x10e/0x590 [ 129.408181][ T6600] alloc_pipe_info+0x10e/0x590 [ 129.408235][ T6600] create_pipe_files+0x8c/0x9a0 [ 129.408284][ T6600] do_pipe2+0xaf/0x1c0 [ 129.408324][ T6600] ? __pfx_do_pipe2+0x10/0x10 [ 129.408367][ T6600] ? xfd_validate_state+0x61/0x180 [ 129.408426][ T6600] __x64_sys_pipe2+0x54/0x80 [ 129.408469][ T6600] do_syscall_64+0xcd/0x490 [ 129.408515][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.408547][ T6600] RIP: 0033:0x7fd7e8f8ebe9 [ 129.408571][ T6600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.408601][ T6600] RSP: 002b:00007fd7e9d44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 129.408629][ T6600] RAX: ffffffffffffffda RBX: 00007fd7e91b5fa0 RCX: 00007fd7e8f8ebe9 [ 129.408649][ T6600] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000 [ 129.408666][ T6600] RBP: 00007fd7e9011e19 R08: 0000000000000000 R09: 0000000000000000 [ 129.408685][ T6600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.408702][ T6600] R13: 00007fd7e91b6038 R14: 00007fd7e91b5fa0 R15: 00007ffdbd656758 [ 129.408741][ T6600] [ 131.764694][ T6669] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 132.996440][ T6710] nbd: couldn't find device at index 33904 [ 133.449237][ T6726] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 133.886544][ T6740] netlink: Conntrack attr has 16 unknown bytes [ 209.376796][ T9146] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1441'. [ 209.404949][ T9146] netlink: 120 bytes leftover after parsing attributes in process `syz.3.1441'. [ 209.587192][ T5878] Bluetooth: hci0: command 0x0c1a tx timeout [ 210.387223][ T5874] Bluetooth: hci1: command 0x0c1a tx timeout [ 210.387223][ T5878] Bluetooth: hci3: command 0x0c1a tx timeout [ 210.387277][ T5874] Bluetooth: hci2: command 0x0c1a tx timeout [ 211.400756][ T9218] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 211.669369][ T5874] Bluetooth: hci0: command 0x0c1a tx timeout [ 211.736191][ T9230] device-mapper: ioctl: Invalid ioctl structure: name , dev 7f00010002 [ 211.771290][ T9232] netlink: 'syz.3.1481': attribute type 4 has an invalid length. [ 211.779760][ T9232] netlink: 'syz.3.1481': attribute type 1 has an invalid length. [ 211.864997][ T31] audit: type=1800 audit(1755942885.000:4): pid=9235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1482" name="lu_gp_id" dev="configfs" ino=19631 res=0 errno=0 [ 211.885329][ C1] vkms_vblank_simulate: vblank timer overrun [ 212.469493][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 212.469499][ T5878] Bluetooth: hci1: command 0x0c1a tx timeout [ 212.481795][ T5874] Bluetooth: hci2: command 0x0c1a tx timeout [ 213.602473][ T9296] FAULT_INJECTION: forcing a failure. [ 213.602473][ T9296] name failslab, interval 1, probability 0, space 0, times 0 [ 213.615482][ T9296] CPU: 1 UID: 0 PID: 9296 Comm: syz.3.1510 Not tainted syzkaller #0 PREEMPT(full) [ 213.615520][ T9296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 213.615536][ T9296] Call Trace: [ 213.615545][ T9296] [ 213.615555][ T9296] dump_stack_lvl+0x16c/0x1f0 [ 213.615597][ T9296] should_fail_ex+0x512/0x640 [ 213.615635][ T9296] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 213.615667][ T9296] should_failslab+0xc2/0x120 [ 213.615709][ T9296] __kmalloc_cache_noprof+0x6a/0x3e0 [ 213.615740][ T9296] ? rcu_is_watching+0x12/0xc0 [ 213.615771][ T9296] ? call_usermodehelper_setup+0xaf/0x360 [ 213.615805][ T9296] ? __pfx_free_modprobe_argv+0x10/0x10 [ 213.615856][ T9296] call_usermodehelper_setup+0xaf/0x360 [ 213.615894][ T9296] __request_module+0x3bd/0x690 [ 213.615946][ T9296] ? __pfx___request_module+0x10/0x10 [ 213.616004][ T9296] ? rcu_is_watching+0x12/0xc0 [ 213.616035][ T9296] ? lockdep_hardirqs_on+0x7c/0x110 [ 213.616083][ T9296] netlink_create+0x226/0x620 [ 213.616149][ T9296] __sock_create+0x338/0x8d0 [ 213.616191][ T9296] __sys_socket+0x14d/0x260 [ 213.616226][ T9296] ? __pfx___sys_socket+0x10/0x10 [ 213.616261][ T9296] ? xfd_validate_state+0x61/0x180 [ 213.616310][ T9296] ? __pfx_ksys_write+0x10/0x10 [ 213.616359][ T9296] __x64_sys_socket+0x72/0xb0 [ 213.616391][ T9296] ? lockdep_hardirqs_on+0x7c/0x110 [ 213.616433][ T9296] do_syscall_64+0xcd/0x490 [ 213.616481][ T9296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.616514][ T9296] RIP: 0033:0x7fd7e8f8ebe9 [ 213.616540][ T9296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.616571][ T9296] RSP: 002b:00007fd7e9d44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 213.616603][ T9296] RAX: ffffffffffffffda RBX: 00007fd7e91b5fa0 RCX: 00007fd7e8f8ebe9 [ 213.616624][ T9296] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 213.616643][ T9296] RBP: 00007fd7e9011e19 R08: 0000000000000000 R09: 0000000000000000 [ 213.616662][ T9296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.616680][ T9296] R13: 00007fd7e91b6038 R14: 00007fd7e91b5fa0 R15: 00007ffdbd656758 [ 213.616721][ T9296] [ 214.270752][ T9310] netlink: 'syz.2.1514': attribute type 1 has an invalid length. [ 215.867888][ T9358] netlink: set zone limit has 8 unknown bytes [ 217.652157][ T9408] netlink: 'syz.2.1559': attribute type 2 has an invalid length. [ 217.912013][ T9418] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1564'. [ 217.921708][ T9416] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 218.296281][ T9432] tc_dump_action: action bad kind [ 218.497837][ T9434] MTRR 1 not used [ 218.820182][ T9444] netlink: 'syz.3.1578': attribute type 1 has an invalid length. [ 219.590060][ T9469] random: crng reseeded on system resumption [ 219.661674][ T9469] Unrecognized hibernate image header format! [ 219.703390][ T9469] PM: hibernation: Image mismatch: architecture specific data [ 219.942171][ T9481] syz.0.1594 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 220.714860][ T9507] random: crng reseeded on system resumption [ 221.821222][ T9547] program syz.3.1624 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 222.225433][ T9564] binder: 9562:9564 ioctl 400c620e 0 returned -14 [ 224.763720][ T9656] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1676'. [ 227.252369][ T9737] netlink: 'syz.0.1711': attribute type 1 has an invalid length. [ 227.313805][ T9737] nbd: error processing sock list [ 228.386259][ T9775] vivid-003: ================= START STATUS ================= [ 228.447535][ T9775] vivid-003: Radio HW Seek Mode: Bounded [ 228.453551][ T9775] vivid-003: Radio Programmable HW Seek: false [ 228.466909][ T9775] vivid-003: RDS Rx I/O Mode: Block I/O [ 228.487749][ T9775] vivid-003: Generate RBDS Instead of RDS: false [ 228.494077][ T9781] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1732'. [ 228.494308][ T9775] vivid-003: RDS Reception: true [ 228.512728][ T9775] vivid-003: RDS Program Type: 0 inactive [ 228.522756][ T9775] vivid-003: RDS PS Name: inactive [ 228.528362][ T9775] vivid-003: RDS Radio Text: inactive [ 228.533906][ T9775] vivid-003: RDS Traffic Announcement: false inactive [ 228.582326][ T9775] vivid-003: RDS Traffic Program: false inactive [ 228.589914][ T9775] vivid-003: RDS Music: false inactive [ 228.595599][ T9775] vivid-003: ================== END STATUS ================== [ 228.624204][ T9784] openvswitch: netlink: IP tunnel dst address not specified [ 231.588352][ T9878] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 232.862432][ T9919] nvme_fabrics: missing parameter 'transport=%s' [ 232.907133][ T9919] nvme_fabrics: missing parameter 'nqn=%s' [ 233.011126][ T9922] nvme_fabrics: missing parameter 'transport=%s' [ 233.017845][ T9922] nvme_fabrics: missing parameter 'nqn=%s' [ 233.335578][ T9935] HSR: entered promiscuous mode [ 234.335396][ T9972] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 235.425313][T10009] blktrace: Concurrent blktraces are not allowed on loop2 [ 236.020668][T10023] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1826'. [ 238.711496][T10109] program syz.2.1865 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 239.885502][T10148] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 239.892355][T10148] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 240.287301][T10161] openvswitch: netlink: Flow actions attr not present in new flow. [ 241.240042][T10185] FAULT_INJECTION: forcing a failure. [ 241.240042][T10185] name failslab, interval 1, probability 0, space 0, times 0 [ 241.311405][T10185] CPU: 0 UID: 0 PID: 10185 Comm: syz.3.1901 Not tainted syzkaller #0 PREEMPT(full) [ 241.311449][T10185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 241.311469][T10185] Call Trace: [ 241.311480][T10185] [ 241.311492][T10185] dump_stack_lvl+0x16c/0x1f0 [ 241.311542][T10185] should_fail_ex+0x512/0x640 [ 241.311592][T10185] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 241.311639][T10185] should_failslab+0xc2/0x120 [ 241.311685][T10185] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 241.311727][T10185] ? d_instantiate+0x77/0x90 [ 241.311770][T10185] ? alloc_empty_file+0x55/0x1e0 [ 241.311828][T10185] alloc_empty_file+0x55/0x1e0 [ 241.311880][T10185] alloc_file_pseudo+0x13a/0x230 [ 241.311935][T10185] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 241.311992][T10185] ? do_raw_spin_unlock+0x172/0x230 [ 241.312051][T10185] __anon_inode_getfile+0xe8/0x280 [ 241.312099][T10185] anon_inode_getfile_fmode+0x37/0xa0 [ 241.312145][T10185] __do_sys_fanotify_init+0x96d/0xc00 [ 241.312212][T10185] do_syscall_64+0xcd/0x490 [ 241.312262][T10185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.312297][T10185] RIP: 0033:0x7fd7e8f8ebe9 [ 241.312322][T10185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.312354][T10185] RSP: 002b:00007fd7e9d44038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 241.312384][T10185] RAX: ffffffffffffffda RBX: 00007fd7e91b5fa0 RCX: 00007fd7e8f8ebe9 [ 241.312405][T10185] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 241.312423][T10185] RBP: 00007fd7e9011e19 R08: 0000000000000000 R09: 0000000000000000 [ 241.312442][T10185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.312461][T10185] R13: 00007fd7e91b6038 R14: 00007fd7e91b5fa0 R15: 00007ffdbd656758 [ 241.312502][T10185] [ 241.584434][T10190] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1903'. [ 241.859947][T10195] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 242.468794][T10213] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input9 [ 242.655838][T10217] netlink: get zone limit has 8 unknown bytes [ 243.555676][T10241] openvswitch: netlink: IP tunnel dst address not specified [ 244.369540][T10274] perf: Dynamic interrupt throttling disabled, can hang your system! [ 246.762178][T10361] netlink: 'syz.3.1982': attribute type 1 has an invalid length. [ 247.487741][T10387] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 247.959716][T10405] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 247.966691][T10405] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 249.281371][T10451] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 249.419202][T10456] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 251.032087][T10513] netlink: Unknown conntrack attr (type=146, max=9) [ 251.469227][T10530] __vm_enough_memory: pid: 10530, comm: syz.0.2060, bytes: 4398046511104 not enough memory for the allocation [ 251.861103][T10541] nbd: must specify at least one socket [ 252.206668][T10554] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2071'. [ 253.166468][T10584] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 255.567365][T10654] openvswitch: netlink: Flow key attr not present in new flow. [ 257.411237][T10718] FAULT_INJECTION: forcing a failure. [ 257.411237][T10718] name failslab, interval 1, probability 0, space 0, times 0 [ 257.444649][T10718] CPU: 1 UID: 0 PID: 10718 Comm: syz.1.2146 Not tainted syzkaller #0 PREEMPT(full) [ 257.444695][T10718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 257.444713][T10718] Call Trace: [ 257.444724][T10718] [ 257.444737][T10718] dump_stack_lvl+0x16c/0x1f0 [ 257.444788][T10718] should_fail_ex+0x512/0x640 [ 257.444836][T10718] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 257.444894][T10718] should_failslab+0xc2/0x120 [ 257.444941][T10718] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 257.444983][T10718] ? __d_alloc+0x32/0xae0 [ 257.445031][T10718] __d_alloc+0x32/0xae0 [ 257.445077][T10718] d_alloc_pseudo+0x1c/0xc0 [ 257.445126][T10718] alloc_file_pseudo+0xcf/0x230 [ 257.445180][T10718] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 257.445232][T10718] ? alloc_fd+0x471/0x7d0 [ 257.445274][T10718] sock_alloc_file+0x50/0x210 [ 257.445322][T10718] __sys_socket+0x1c0/0x260 [ 257.445357][T10718] ? __pfx___sys_socket+0x10/0x10 [ 257.445390][T10718] ? xfd_validate_state+0x61/0x180 [ 257.445438][T10718] ? __pfx_ksys_write+0x10/0x10 [ 257.445486][T10718] __x64_sys_socket+0x72/0xb0 [ 257.445518][T10718] ? lockdep_hardirqs_on+0x7c/0x110 [ 257.445560][T10718] do_syscall_64+0xcd/0x490 [ 257.445606][T10718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.445639][T10718] RIP: 0033:0x7fce3498ebe9 [ 257.445665][T10718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.445697][T10718] RSP: 002b:00007fce3579b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 257.445728][T10718] RAX: ffffffffffffffda RBX: 00007fce34bb5fa0 RCX: 00007fce3498ebe9 [ 257.445749][T10718] RDX: 0000000000000000 RSI: 0000000000080003 RDI: 0000000000000011 [ 257.445768][T10718] RBP: 00007fce34a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 257.445788][T10718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.445806][T10718] R13: 00007fce34bb6038 R14: 00007fce34bb5fa0 R15: 00007ffd62a46378 [ 257.445847][T10718] [ 257.720611][T10725] tipc: Started in network mode [ 257.725791][T10725] tipc: Node identity 30303030, cluster identity 4711 [ 257.781859][T10725] tipc: Node number set to 808464432 [ 259.729016][T10786] FAULT_INJECTION: forcing a failure. [ 259.729016][T10786] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 259.746302][T10786] CPU: 0 UID: 0 PID: 10786 Comm: syz.3.2176 Not tainted syzkaller #0 PREEMPT(full) [ 259.746350][T10786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 259.746369][T10786] Call Trace: [ 259.746379][T10786] [ 259.746392][T10786] dump_stack_lvl+0x16c/0x1f0 [ 259.746441][T10786] should_fail_ex+0x512/0x640 [ 259.746494][T10786] core_sys_select+0x9ca/0xc10 [ 259.746542][T10786] ? __pfx_core_sys_select+0x10/0x10 [ 259.746620][T10786] ? read_tsc+0x9/0x20 [ 259.746658][T10786] ? ktime_get_ts64+0x256/0x400 [ 259.746711][T10786] kern_select+0x15d/0x1e0 [ 259.746746][T10786] ? __pfx_kern_select+0x10/0x10 [ 259.746794][T10786] ? xfd_validate_state+0x61/0x180 [ 259.746843][T10786] ? __pfx_ksys_write+0x10/0x10 [ 259.746890][T10786] __x64_sys_select+0xbd/0x160 [ 259.746928][T10786] ? do_syscall_64+0x91/0x490 [ 259.746970][T10786] ? lockdep_hardirqs_on+0x7c/0x110 [ 259.747010][T10786] do_syscall_64+0xcd/0x490 [ 259.747058][T10786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.747090][T10786] RIP: 0033:0x7fd7e8f8ebe9 [ 259.747115][T10786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.747146][T10786] RSP: 002b:00007fd7e9d44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 259.747176][T10786] RAX: ffffffffffffffda RBX: 00007fd7e91b5fa0 RCX: 00007fd7e8f8ebe9 [ 259.747197][T10786] RDX: 00002000000007c0 RSI: 0000200000000740 RDI: 0000000000000000 [ 259.747216][T10786] RBP: 00007fd7e9011e19 R08: 00002000000008c0 R09: 0000000000000000 [ 259.747235][T10786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.747253][T10786] R13: 00007fd7e91b6038 R14: 00007fd7e91b5fa0 R15: 00007ffdbd656758 [ 259.747292][T10786] [ 259.834053][T10788] HfR: entered promiscuous mode [ 260.379308][T10802] zswap: zpool not available [ 260.912850][T10824] netlink: 'syz.1.2194': attribute type 1 has an invalid length. [ 261.016681][T10828] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 261.578843][T10845] sd 0:0:1:0: PR command failed: 1026 [ 261.588938][T10845] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 261.596002][T10845] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 261.712026][T10850] bond0: option lp_interval: invalid value () [ 261.737375][T10850] bond0: option lp_interval: allowed values 1 - 2147483647 [ 261.922233][ T31] audit: type=1800 audit(4294967338.480:5): pid=10859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2209" name="dbroot" dev="configfs" ino=24595 res=0 errno=0 [ 262.487821][T10874] openvswitch: netlink: IPv4 tunnel dst address is zero [ 263.261881][T10903] .^: entered promiscuous mode [ 263.283737][ T31] audit: type=1800 audit(4294967339.850:6): pid=10905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2231" name="dbroot" dev="configfs" ino=24419 res=0 errno=0 [ 263.329408][T10864] NFSD: Unable to initialize client recovery tracking! (-110) [ 263.344001][T10864] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 263.367427][T10864] NFSD: starting 90-second grace period (net f00003ce) [ 263.523867][T10915] netlink: 'syz.0.2234': attribute type 1 has an invalid length. [ 264.232969][T10941] sd 0:0:1:0: PR command failed: 1026 [ 264.248557][T10941] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 264.254988][T10942] netlink: 'syz.3.2244': attribute type 1 has an invalid length. [ 264.256141][T10941] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 265.065762][T10965] netlink: 'syz.1.2256': attribute type 2 has an invalid length. [ 266.072341][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.081226][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 271.099466][T11145] MTRR 1 not used [ 272.222450][T11174] ======================================================= [ 272.222450][T11174] WARNING: The mand mount option has been deprecated and [ 272.222450][T11174] and is ignored by this kernel. Remove the mand [ 272.222450][T11174] option from the mount to silence this warning. [ 272.222450][T11174] ======================================================= [ 272.866087][T11193] netlink: 'syz.1.2361': attribute type 1 has an invalid length. [ 273.059062][T11198] netlink: 'syz.1.2363': attribute type 1 has an invalid length. [ 274.001321][T11229] .SR: entered promiscuous mode [ 276.150337][T11293] netlink: 'syz.2.2408': attribute type 1 has an invalid length. [ 277.439501][T11328] kafs: addr_prefs: Invalid Command [ 277.774468][T11340] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 277.777476][T11340] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 278.516113][T11366] sock: sock_set_timeout: `syz.1.2440' (pid 11366) tries to set negative timeout [ 281.217443][T11428] vhci_hcd: invalid port number 21 [ 284.258292][T11511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2507'. [ 284.468867][T11521] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 285.655078][T11559] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 285.920828][T11563] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 286.639554][T11585] openvswitch: netlink: Multiple metadata blocks provided [ 287.475079][T11613] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 287.664710][ T31] audit: type=1800 audit(4294967364.230:7): pid=11621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2553" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 289.187885][T11667] ksmbd: Unknown IPC event: 14, ignore. [ 290.947798][T11730] FAULT_INJECTION: forcing a failure. [ 290.947798][T11730] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 291.046352][T11730] CPU: 1 UID: 0 PID: 11730 Comm: syz.2.2603 Not tainted syzkaller #0 PREEMPT(full) [ 291.046397][T11730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 291.046416][T11730] Call Trace: [ 291.046427][T11730] [ 291.046440][T11730] dump_stack_lvl+0x16c/0x1f0 [ 291.046489][T11730] should_fail_ex+0x512/0x640 [ 291.046541][T11730] should_fail_alloc_page+0xe7/0x130 [ 291.046592][T11730] prepare_alloc_pages+0x3c2/0x610 [ 291.046650][T11730] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 291.046691][T11730] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 291.046753][T11730] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 291.046792][T11730] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 291.046869][T11730] ? __lock_acquire+0xb97/0x1ce0 [ 291.046914][T11730] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 291.046966][T11730] ? policy_nodemask+0xea/0x4e0 [ 291.047011][T11730] alloc_pages_mpol+0x1fb/0x550 [ 291.047057][T11730] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 291.047101][T11730] ? do_raw_spin_lock+0x12c/0x2b0 [ 291.047153][T11730] ? find_held_lock+0x2b/0x80 [ 291.047192][T11730] alloc_pages_noprof+0x131/0x390 [ 291.047239][T11730] __pmd_alloc+0x3b/0x930 [ 291.047286][T11730] ? __pud_alloc+0x526/0x750 [ 291.047340][T11730] walk_to_pmd+0x3a6/0x4c0 [ 291.047394][T11730] __get_locked_pte+0x25/0xc0 [ 291.047449][T11730] map_ldt_struct+0x3b0/0xa60 [ 291.047493][T11730] ? __pfx_map_ldt_struct+0x10/0x10 [ 291.047528][T11730] ? alloc_pages_noprof+0x23c/0x390 [ 291.047580][T11730] write_ldt+0x8fa/0xd20 [ 291.047623][T11730] ? __pfx_write_ldt+0x10/0x10 [ 291.047657][T11730] ? fput+0x9b/0xd0 [ 291.047704][T11730] ? __pfx___x64_sys_futex+0x10/0x10 [ 291.047746][T11730] ? ksys_write+0x1ac/0x250 [ 291.047784][T11730] ? __pfx_ksys_write+0x10/0x10 [ 291.047840][T11730] __x64_sys_modify_ldt+0xb1/0x170 [ 291.047879][T11730] do_syscall_64+0xcd/0x490 [ 291.047928][T11730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.047962][T11730] RIP: 0033:0x7fdd56b8ebe9 [ 291.047987][T11730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.048018][T11730] RSP: 002b:00007fdd57a81038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 291.048048][T11730] RAX: ffffffffffffffda RBX: 00007fdd56db5fa0 RCX: 00007fdd56b8ebe9 [ 291.048070][T11730] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 291.048089][T11730] RBP: 00007fdd56c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 291.048109][T11730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.048127][T11730] R13: 00007fdd56db6038 R14: 00007fdd56db5fa0 R15: 00007ffead5540f8 [ 291.048170][T11730] [ 291.216611][T11741] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 292.434283][T11771] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 292.687768][T11772] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 293.720204][T11810] random: crng reseeded on system resumption [ 294.391562][T11832] program syz.0.2651 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 294.602369][T11833] sd 0:0:1:0: PR command failed: 1026 [ 294.611744][T11833] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 294.632698][T11833] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 295.141405][ T5872] ------------[ cut here ]------------ [ 295.148280][ T5872] ODEBUG: free active (active state 0) object: ffff88807c6e1360 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 295.173771][ T5872] WARNING: CPU: 0 PID: 5872 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 295.184240][ T5872] Modules linked in: [ 295.189381][ T5872] CPU: 0 UID: 0 PID: 5872 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 295.199967][ T5872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 295.210804][ T5872] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 295.216679][ T5872] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd e0 3d 16 8c 4c 89 e6 48 c7 c7 60 32 16 8c e8 df 08 92 fc 90 <0f> 0b 90 90 58 83 05 e6 b2 c3 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 295.236950][ T5872] RSP: 0018:ffffc900040df988 EFLAGS: 00010286 [ 295.244338][ T5872] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a02c8 [ 295.253332][ T5872] RDX: ffff88802da43c00 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 295.255706][T11857] netlink: 'syz.3.2663': attribute type 1 has an invalid length. [ 295.262252][ T5872] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 295.277995][ T5872] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c163900 [ 295.286013][ T5872] R13: ffffffff8bafeb80 R14: ffffffff8a9a7440 R15: ffffc900040dfa88 [ 295.294516][ T5872] FS: 0000000000000000(0000) GS:ffff8881246c3000(0000) knlGS:0000000000000000 [ 295.303906][ T5872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 295.311079][ T5872] CR2: 00007fd7e9d43f98 CR3: 00000000337dc000 CR4: 00000000003526f0 [ 295.320064][ T5872] Call Trace: [ 295.324084][ T5872] [ 295.327672][ T5872] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 295.333287][ T5872] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 295.339817][ T5872] debug_check_no_obj_freed+0x4b7/0x600 [ 295.345792][ T5872] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 295.352375][ T5872] ? rcu_is_watching+0x12/0xc0 [ 295.358251][ T5872] ? kmem_cache_free+0x2d1/0x4d0 [ 295.364064][ T5872] kfree+0x28f/0x4d0 [ 295.368733][ T5872] ? hci_release_dev+0x4ef/0x610 [ 295.374188][ T5872] hci_release_dev+0x4ef/0x610 [ 295.379672][ T5872] ? __pfx_hci_release_dev+0x10/0x10 [ 295.385018][ T5872] ? rcu_is_watching+0x12/0xc0 [ 295.390264][ T5872] ? kfree+0x24f/0x4d0 [ 295.394399][ T5872] bt_host_release+0x6a/0xb0 [ 295.399652][ T5872] ? __pfx_bt_host_release+0x10/0x10 [ 295.405098][ T5872] device_release+0xa1/0x240 [ 295.410269][ T5872] kobject_put+0x1e7/0x5a0 [ 295.414854][ T5872] ? __pfx_vhci_release+0x10/0x10 [ 295.420393][ T5872] put_device+0x1f/0x30 [ 295.424702][ T5872] vhci_release+0x81/0xf0 [ 295.429501][ T5872] __fput+0x3ff/0xb70 [ 295.433570][ T5872] task_work_run+0x14d/0x240 [ 295.438814][ T5872] ? __pfx_task_work_run+0x10/0x10 [ 295.443996][ T5872] ? switch_task_namespaces+0xeb/0x100 [ 295.450322][ T5872] do_exit+0x86f/0x2bf0 [ 295.455392][ T5872] ? do_raw_spin_lock+0x12c/0x2b0 [ 295.461867][ T5872] ? __pfx_do_exit+0x10/0x10 [ 295.466631][ T5872] ? rcu_is_watching+0x12/0xc0 [ 295.471686][ T5872] do_group_exit+0xd3/0x2a0 [ 295.476260][ T5872] __x64_sys_exit_group+0x3e/0x50 [ 295.481597][ T5872] x64_sys_call+0x14fa/0x1720 [ 295.486514][ T5872] do_syscall_64+0xcd/0x490 [ 295.491179][ T5872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.497203][ T5872] RIP: 0033:0x7f094b38ebe9 [ 295.501663][ T5872] Code: Unable to access opcode bytes at 0x7f094b38ebbf. [ 295.508992][ T5872] RSP: 002b:00007ffe7d4f31e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 295.517597][ T5872] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f094b38ebe9 [ 295.525608][ T5872] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 295.533768][ T5872] RBP: 00007f094b413643 R08: 00007ffe7d4f0f86 R09: 00000000000927c0 [ 295.542212][ T5872] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 295.551100][ T5872] R13: 00000000000927c0 R14: 0000000000047f95 R15: 00007ffe7d4f33a0 [ 295.559615][ T5872] [ 295.562687][ T5872] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 295.570406][ T5872] CPU: 0 UID: 0 PID: 5872 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 295.579926][ T5872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 295.590134][ T5872] Call Trace: [ 295.593440][ T5872] [ 295.596450][ T5872] dump_stack_lvl+0x3d/0x1f0 [ 295.601347][ T5872] vpanic+0x6e8/0x7a0 [ 295.605377][ T5872] ? __pfx_vpanic+0x10/0x10 [ 295.609929][ T5872] ? debug_print_object+0x1a2/0x2b0 [ 295.615161][ T5872] panic+0xca/0xd0 [ 295.618945][ T5872] ? __pfx_panic+0x10/0x10 [ 295.623444][ T5872] ? check_panic_on_warn+0x1f/0xb0 [ 295.628610][ T5872] check_panic_on_warn+0xab/0xb0 [ 295.633588][ T5872] __warn+0xf6/0x3c0 [ 295.637542][ T5872] ? debug_print_object+0x1a2/0x2b0 [ 295.642773][ T5872] report_bug+0x3c3/0x580 [ 295.647133][ T5872] ? debug_print_object+0x1a2/0x2b0 [ 295.652356][ T5872] handle_bug+0x184/0x210 [ 295.656723][ T5872] exc_invalid_op+0x17/0x50 [ 295.661269][ T5872] asm_exc_invalid_op+0x1a/0x20 [ 295.666151][ T5872] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 295.671983][ T5872] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd e0 3d 16 8c 4c 89 e6 48 c7 c7 60 32 16 8c e8 df 08 92 fc 90 <0f> 0b 90 90 58 83 05 e6 b2 c3 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 295.691614][ T5872] RSP: 0018:ffffc900040df988 EFLAGS: 00010286 [ 295.697707][ T5872] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a02c8 [ 295.705710][ T5872] RDX: ffff88802da43c00 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 295.713878][ T5872] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 295.721865][ T5872] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c163900 [ 295.730172][ T5872] R13: ffffffff8bafeb80 R14: ffffffff8a9a7440 R15: ffffc900040dfa88 [ 295.738166][ T5872] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 295.743655][ T5872] ? __warn_printk+0x198/0x350 [ 295.748455][ T5872] ? __warn_printk+0x1a5/0x350 [ 295.753258][ T5872] ? debug_print_object+0x1a1/0x2b0 [ 295.758499][ T5872] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 295.763983][ T5872] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 295.769838][ T5872] debug_check_no_obj_freed+0x4b7/0x600 [ 295.775430][ T5872] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 295.781610][ T5872] ? rcu_is_watching+0x12/0xc0 [ 295.786407][ T5872] ? kmem_cache_free+0x2d1/0x4d0 [ 295.791388][ T5872] kfree+0x28f/0x4d0 [ 295.795304][ T5872] ? hci_release_dev+0x4ef/0x610 [ 295.800271][ T5872] hci_release_dev+0x4ef/0x610 [ 295.805053][ T5872] ? __pfx_hci_release_dev+0x10/0x10 [ 295.810361][ T5872] ? rcu_is_watching+0x12/0xc0 [ 295.815145][ T5872] ? kfree+0x24f/0x4d0 [ 295.819238][ T5872] bt_host_release+0x6a/0xb0 [ 295.823859][ T5872] ? __pfx_bt_host_release+0x10/0x10 [ 295.829170][ T5872] device_release+0xa1/0x240 [ 295.833787][ T5872] kobject_put+0x1e7/0x5a0 [ 295.838236][ T5872] ? __pfx_vhci_release+0x10/0x10 [ 295.843290][ T5872] put_device+0x1f/0x30 [ 295.847490][ T5872] vhci_release+0x81/0xf0 [ 295.852033][ T5872] __fput+0x3ff/0xb70 [ 295.856064][ T5872] task_work_run+0x14d/0x240 [ 295.860700][ T5872] ? __pfx_task_work_run+0x10/0x10 [ 295.865933][ T5872] ? switch_task_namespaces+0xeb/0x100 [ 295.871434][ T5872] do_exit+0x86f/0x2bf0 [ 295.875639][ T5872] ? do_raw_spin_lock+0x12c/0x2b0 [ 295.880699][ T5872] ? __pfx_do_exit+0x10/0x10 [ 295.885327][ T5872] ? rcu_is_watching+0x12/0xc0 [ 295.890145][ T5872] do_group_exit+0xd3/0x2a0 [ 295.894686][ T5872] __x64_sys_exit_group+0x3e/0x50 [ 295.899745][ T5872] x64_sys_call+0x14fa/0x1720 [ 295.904453][ T5872] do_syscall_64+0xcd/0x490 [ 295.909113][ T5872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.915040][ T5872] RIP: 0033:0x7f094b38ebe9 [ 295.919470][ T5872] Code: Unable to access opcode bytes at 0x7f094b38ebbf. [ 295.926505][ T5872] RSP: 002b:00007ffe7d4f31e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 295.935743][ T5872] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f094b38ebe9 [ 295.943936][ T5872] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 295.952028][ T5872] RBP: 00007f094b413643 R08: 00007ffe7d4f0f86 R09: 00000000000927c0 [ 295.960305][ T5872] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 295.968300][ T5872] R13: 00000000000927c0 R14: 0000000000047f95 R15: 00007ffe7d4f33a0 [ 295.976307][ T5872] [ 295.979679][ T5872] Kernel Offset: disabled [ 295.984050][ T5872] Rebooting in 86400 seconds..