last executing test programs: 5.539186443s ago: executing program 1 (id=12267): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 4.965097409s ago: executing program 2 (id=12271): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) 4.380643555s ago: executing program 3 (id=12278): close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ppoll$auto(&(0x7f0000000000)={r0, 0xf25f}, 0x5, 0x0, 0x0, 0x8) 4.359246034s ago: executing program 1 (id=12279): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x1e, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_ADVISE(r0, 0x2, &(0x7f0000000040)=',%!/-%,\x00', &(0x7f0000000080), 0x3) 4.158611522s ago: executing program 1 (id=12280): mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x8000001, 0x0, 0x2000000000000003, 0x0, 0x24, 0x1}, 0x401}, 0x800, 0xa0000000) r0 = socket(0xa, 0x5, 0x84) sendto$auto(r0, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 4.03030545s ago: executing program 3 (id=12281): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = fcntl$auto(0x3, 0x401, 0x3) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x3) 3.505210371s ago: executing program 1 (id=12283): setgroups$auto(0xa1, &(0x7f0000000000)=0xc) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xfffffffc}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010) 3.266808737s ago: executing program 2 (id=12284): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x7, 0x98, 0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) 3.069325783s ago: executing program 3 (id=12285): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000000)={'ip_vti0\x00'}) 2.360662636s ago: executing program 3 (id=12288): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 2.348164668s ago: executing program 2 (id=12289): r0 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) getsockopt$auto_SO_DEBUG(r0, 0x6, 0x1, &(0x7f0000000000)='/%\x00', &(0x7f0000000100)=0xfea) 2.205350537s ago: executing program 0 (id=12290): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 1.994403381s ago: executing program 2 (id=12292): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r0) unshare$auto(0x40000080) sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000180)={0x0, 0x30000, &(0x7f0000000100)={&(0x7f00000001c0)={0x2c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@SMC_PNETID_NAME={0xb, 0x1, 'dummy0\x00'}, @SMC_PNETID_ETHNAME={0xb, 0x2, 'dummy0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) 1.227933597s ago: executing program 0 (id=12293): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x48400, 0x41) fchmod$auto(r0, 0x7439) setreuid$auto(0x4, 0x8) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0xfee) 1.061127062s ago: executing program 0 (id=12294): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) clone3$auto(&(0x7f00000000c0)={0xd, 0xb2, 0x0, 0x5, 0x5, 0xc, 0x1, 0xfffffffffffffff9, 0x3, 0x480000, 0x81}, 0x9) socket(0x29, 0x2, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 868.036299ms ago: executing program 0 (id=12295): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44001}, 0x14) 580.895908ms ago: executing program 3 (id=12296): open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getdents$auto(r0, 0x0, 0x400018) 558.167409ms ago: executing program 2 (id=12298): mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0x17, 0x0, 0x2) getsockopt$auto(0x3, 0x6, 0xb, 0x0, 0x0) 438.984393ms ago: executing program 1 (id=12299): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) futex_waitv$auto(&(0x7f0000000180)={0x3fb, 0x6, 0x2, 0xfff}, 0x3, 0xbffffffc, 0x0, 0x81) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101) 426.851524ms ago: executing program 0 (id=12300): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010029bd7000fbdbdf2512e233da08000300", @ANYRES32=r2], 0x24}, 0x1, 0x1400, 0x0, 0x80}, 0x20000084) 230.195992ms ago: executing program 1 (id=12301): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) 194.039148ms ago: executing program 2 (id=12302): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r0 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r0, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993021400"}, 0x1c) 163.481462ms ago: executing program 3 (id=12303): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000002c0)={0x30, r1, 0x1, 0x74bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5, 0x18, 0x1}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) 0s ago: executing program 0 (id=12304): mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioprio_set$auto(0x2, 0x800000000, 0x8) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x710f}, 0xa) kernel console output (not intermixed with test programs): 22][T12342] dev_attr_store+0x58/0x80 [ 260.896892][T12342] ? __pfx_dev_attr_store+0x10/0x10 [ 260.902151][T12342] sysfs_kf_write+0xf2/0x150 [ 260.906985][T12342] kernfs_fop_write_iter+0x3e0/0x5f0 [ 260.912422][T12342] ? __pfx_sysfs_kf_write+0x10/0x10 [ 260.917696][T12342] vfs_write+0x6ac/0x1070 [ 260.922174][T12342] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 260.928046][T12342] ? __pfx_vfs_write+0x10/0x10 [ 260.932902][T12342] ksys_write+0x12a/0x250 [ 260.937292][T12342] ? __pfx_ksys_write+0x10/0x10 [ 260.942287][T12342] ? rcu_is_watching+0x12/0xc0 [ 260.947110][T12342] do_syscall_64+0x10b/0xf80 [ 260.951855][T12342] ? clear_bhb_loop+0x40/0x90 [ 260.956678][T12342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.962638][T12342] RIP: 0033:0x7f70e879c819 [ 260.967119][T12342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 260.986874][T12342] RSP: 002b:00007f70e96c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 260.995525][T12342] RAX: ffffffffffffffda RBX: 00007f70e8a15fa0 RCX: 00007f70e879c819 [ 261.003644][T12342] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 261.011675][T12342] RBP: 00007f70e8832c91 R08: 0000000000000000 R09: 0000000000000000 [ 261.019881][T12342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.027988][T12342] R13: 00007f70e8a16038 R14: 00007f70e8a15fa0 R15: 00007ffcca7bc518 [ 261.036039][T12342] [ 261.889881][ T5839] Bluetooth: hci1: Unexpected cc 0x7c89 with no status [ 263.384030][T12459] kAFS: Invalid Command on /proc/fs/afs/cells file [ 263.556699][T12471] CIFS: VFS: UNC: path must begin with // or \\ [ 263.565202][T12471] Malformed UNC in devname [ 263.565202][T12471] [ 263.572769][T12471] CIFS: VFS: Malformed UNC in devname [ 266.394523][T12601] QAT: failed to copy from user cfg_data. [ 268.952452][T12730] usbip-vudc usbip-vudc.0: gadget not bound [ 269.071063][T12737] ima: policy update failed [ 269.078805][ T29] audit: type=1802 audit(4294970479.900:22): pid=12737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3297" res=0 errno=0 [ 269.826171][ T29] audit: type=1804 audit(4294970480.654:23): pid=12778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.3316" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 270.065103][T12787] block loop4: the capability attribute has been deprecated. [ 272.777811][T12934] ecryptfs_parse_packet_length: Error parsing packet length [ 272.793682][T12934] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 273.118179][T12953] kafs: addr_prefs: Invalid Command [ 275.607294][T13091] kafs: addr_prefs: Invalid Command [ 276.549195][T13156] vhci_hcd vhci_hcd.1: invalid port number 16 [ 276.568473][T13156] vhci_hcd vhci_hcd.1: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 276.723664][T13168] bond0: Unable to set down delay as MII monitoring is disabled [ 277.412227][ T29] audit: type=1800 audit(4294970488.269:24): pid=13205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3486" name="dbroot" dev="configfs" ino=30724 res=0 errno=0 [ 277.876521][T13226] usb usb26: usbfs: process 13226 (syz.2.3497) did not claim interface 0 before use [ 279.132991][ T29] audit: type=1800 audit(4294970489.997:25): pid=13308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3527" name="dbroot" dev="configfs" ino=30849 res=0 errno=0 [ 279.137497][T13308] db_root: cannot open: /dev/audio1 [ 279.169173][T13308] db_root: not a directory: /dev/audio1 Ijn9_VQ8j@:U%Ux0 R@x@qrIB@[*t ;S;x=Gcqx)Z*16GSu bmIK7 [ 282.501668][T13493] program syz.1.3604 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 282.931538][ T29] audit: type=1800 audit(4294970493.815:26): pid=13518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3617" name="discovery_nqn" dev="configfs" ino=32183 res=0 errno=0 [ 283.390204][ T29] audit: type=1800 audit(4294970494.277:27): pid=13544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3629" name="discovery_nqn" dev="configfs" ino=31184 res=0 errno=0 [ 284.609413][T13602] bond0: invalid ARP target specified [ 285.035570][T13624] binder: 13623:13624 ioctl c0046209 9 returned -22 [ 285.351386][T13644] delete_channel: no stack [ 286.022610][T13676] : Can't lookup blockdev [ 286.408817][T13689] Process accounting paused [ 287.915983][T13774] syz.0.3743 (13774): drop_caches: 0 [ 288.080461][T13786] Invalid input. Must be >= 4608 [ 291.795487][T13967] Invalid ELF header magic: != ELF [ 293.157062][T14036] ima: policy update failed [ 293.163496][ T29] audit: type=1802 audit(4294970504.103:28): pid=14036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3873" res=0 errno=0 [ 294.360307][T14099] sd 0:0:1:0: PR command failed: 1026 [ 294.371839][T14099] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 294.389947][T14099] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 295.681703][T14151] could not allocate digest TFM handle [ 299.135939][T14306] vhci_hcd vhci_hcd.2: invalid port number 135 [ 299.152222][T14306] vhci_hcd vhci_hcd.2: invalid port number 135 [ 302.478192][ T29] audit: type=1800 audit(4294970513.457:29): pid=14466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4077" name="lu_gp_id" dev="configfs" ino=34715 res=0 errno=0 [ 303.019765][T14489] nvme_fcloop: unknown parameter or missing value '' [ 303.249122][T14496] Setting dangerous option i915.mitigations - tainting kernel [ 304.826894][T14567] syz.3.4119 uses obsolete (PF_INET,SOCK_PACKET) [ 308.020705][T14688] ceph: Failed to parse sending metrics switch value 'P^' [ 308.569918][T14711] futex_wake_op: syz.2.4170 tries to shift op by -2048; fix this program [ 308.589619][T14711] futex_wake_op: syz.2.4170 tries to shift op by -2048; fix this program [ 311.637992][T14818] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 313.224095][T14899] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 313.268205][T14905] kafs: addr_prefs: Too many elements in string [ 313.873571][T14935] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 314.994441][T14998] ICMPv6: process `syz.3.4303' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 315.992804][T15050] kAFS: unparsable volume name [ 316.357128][T15067] Process accounting resumed [ 316.797289][T15089] zram: Added device: zram1 [ 316.884239][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.894704][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.661175][T15135] block2mtd: illegal erase size [ 318.019919][T15155] vhci_hcd vhci_hcd.2: invalid port number 16 [ 318.039405][T15155] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 318.246413][T15161] RGB/YUV Input: ================= START STATUS ================= [ 318.264239][T15161] RGB/YUV Input: Test Pattern: 75% Colorbar [ 318.285222][T15161] RGB/YUV Input: Show Information: All [ 318.301753][T15161] RGB/YUV Input: Vertical Flip: false [ 318.312340][T15161] RGB/YUV Input: Horizontal Flip: false [ 318.328385][T15161] RGB/YUV Input: Brightness: 128 [ 318.336591][T15161] RGB/YUV Input: Contrast: 128 [ 318.348536][T15161] RGB/YUV Input: Hue: 0 [ 318.361531][T15161] RGB/YUV Input: Saturation: 128 [ 318.376417][T15161] RGB/YUV Input: Pixel Rate: 160000000 [ 318.392413][T15161] RGB/YUV Input: Horizontal Blanking: 800 [ 318.403331][T15161] RGB/YUV Input: Vertical Blanking: 3223 [ 318.409153][T15161] RGB/YUV Input: ================== END STATUS ================== [ 318.799983][ T5839] Bluetooth: hci3: unexpected event 0x3e length: 358 > 260 [ 318.800023][ T5839] Bluetooth: hci3: unexpected subevent 0x1b length: 357 > 260 [ 318.817987][ T5839] Bluetooth: hci3: Malformed LE Event: 0x1b [ 319.470479][T15217] batman_adv: Routing algorithm '7' is not supported [ 319.949591][T15233] Format for deleting device is "id" (uint). [ 320.036863][T15237] zram: Added device: zram2 [ 320.170837][ T29] audit: type=1800 audit(4294970531.230:30): pid=15247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4417" name="sr0" dev="devtmpfs" ino=2843 res=0 errno=0 [ 321.622864][T15305] zram0: detected capacity change from 0 to 16 [ 323.366356][T15382] QAT: failed to copy from user cfg_data. [ 323.453663][T15385] block2mtd: parameter too long [ 324.228357][T15414] [U] 0="/ [ 324.234269][T15414] [U] [ 324.240412][T15414] [U] EeQ@ [ 324.251035][T15416] zram: Cannot change disksize for initialized device [ 324.253107][T15412] [U]  [ 324.300127][T15419] ubi0: attaching mtd0 [ 324.321597][T15419] ubi0 error: ubi_attach_mtd_dev: bad VID header (4095) or data offsets (4159) [ 324.847151][T15447] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 325.563986][T15486] aoe: invalid device specification [ 326.048574][T15510] vhci_hcd vhci_hcd.2: invalid port number 16 [ 326.058152][T15510] vhci_hcd vhci_hcd.2: invalid port number 16 [ 326.176213][T15515] zram: Added device: zram3 [ 326.278947][T15523] virtio-pci 0000:00:03.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 327.052414][ T5839] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 327.052458][ T5839] Bluetooth: hci3: unexpected subevent 0x06 length: 725 > 10 [ 327.628373][T15599] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 328.192571][T15624] syz_tun: tun_chr_ioctl cmd 1074025692 [ 329.140899][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 332.814444][ T29] audit: type=1800 audit(4294970543.930:31): pid=15829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4702" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 333.146846][T15843] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 333.623580][T15864] kAFS: Invalid Command on /proc/fs/afs/cells file [ 335.018295][T15909] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 337.215841][T16017] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 339.102371][T16116] nvme_fabrics: unknown parameter or missing value '@' in ctrl creation request [ 339.643585][ T5846] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 340.164782][T16173] QAT: Device 250 not found [ 340.426450][T16187] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 340.899034][T16213] QAT: Stopping all acceleration devices. [ 342.726565][T16305] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 343.484004][T16342] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 345.129077][T16425] queue_state_write: operation too long [ 345.169031][T16425] queue_state_write: use 'run', 'start' or 'kick' [ 346.292220][T16468] Process accounting paused [ 347.034624][T16512] < [ 348.068632][T16561] sd 0:0:1:0: PR command failed: 1026 [ 348.088988][T16561] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 348.108337][T16561] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 348.711671][T16593] rnbd_client L213: map_device: Parameters missing [ 348.993932][T16608] ptrace attach of "./syz-executor exec"[5843] was attempted by "./syz-executor exec"[16608] [ 349.387048][T16629] nfs4: Unknown parameter 'ECH];^YىZL`~^g ' [ 349.979500][T16658] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 350.233608][ T5839] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 350.282543][T16678] bond0: no command found in slaves file - use +ifname or -ifname [ 350.942635][ T5839] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 350.942677][ T5839] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 350.957673][ T5839] Bluetooth: hci3: Dropping invalid advertising data [ 350.964625][ T5839] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 350.964673][ T5839] Bluetooth: hci3: unknown advertising packet type: 0x8b [ 350.972129][ T5839] Bluetooth: hci3: unknown advertising packet type: 0xee [ 351.025581][T16727] vhci_hcd: not connected 4 [ 351.171574][T16732] nvme_fcloop: unknown parameter or missing value '0' [ 352.024011][T16771] __vm_enough_memory: pid: 16771, comm: syz.0.5146, bytes: 9223372036854775808 not enough memory for the allocation [ 352.312139][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 352.449608][T16793] vhci_hcd vhci_hcd.2: invalid port number 253 [ 352.456242][T16793] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 352.931831][T16815] bond0: invalid ARP target specified [ 353.070452][T16826] Setting dangerous option i915.mitigations - tainting kernel [ 353.082945][T16826] Bad "i915.mitigations=!CmâUQF\ ", 'CmâUQF\' is unknown [ 353.489793][T16846] usbip-vudc usbip-vudc.0: gadget not bound [ 354.385250][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 354.491995][ T5851] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 355.869371][T16976] scsi_mod.scan: string doesn't fit in 6 chars. [ 356.532331][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 356.610498][T17012] sg_write: data in/out 262364/16 bytes for SCSI command 0x61-- guessing data in; [ 356.610498][T17012] program syz.0.5250 not setting count and/or reply_len properly [ 356.867592][T17025] syz_tun: tun_chr_ioctl cmd 21731 [ 358.612049][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 360.042488][T17169] delete_channel: no stack syzkaller syzkaller login: [ 361.117375][T17208] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.724499][T17325] [ 364.796468][ T5851] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 365.627405][T17429] cougar: G6 mapped to F18 [ 366.883629][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 368.953755][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 369.012856][T17539] blkio.reset_stats is deprecated [ 369.085043][T17541] zswap: compressor Zu~^8acu0|,aRrqP')ޱ`*]T]X؃(ۂTN>_r$z&[+x[DPxe?m3Qz not available [ 370.526651][T17599] ima: policy update failed [ 370.556750][ T29] audit: type=1802 audit(4294988925.844:32): pid=17599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.5511" res=0 errno=0 [ 370.623261][T17606] i2c i2c-0: delete_device: Can't find device in list [ 372.403546][T17663] : Can't lookup blockdev [ 372.998113][T17695] rnbd_client L202: map_device: Unknown parameter or missing value '7' [ 373.000840][T17698] ecryptfs_miscdev_response: (sizeof(*msg) + msg->data_len) = [1067213646]; data_size = [146]. Invalid packet. [ 373.021402][T17698] ecryptfs_miscdev_write: Failed to deliver miscdev response to requesting operation; rc = [-22] [ 374.677659][T17787] kAFS: No cell specified [ 375.854561][T17846] syz_tun: tun_chr_ioctl cmd 1074812117 [ 376.204490][T17859] Process accounting resumed [ 376.547214][T17872] nvme_fcloop: unknown parameter or missing value '1' [ 376.713195][T17876] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 377.270973][T17900] usb usb2: usbfs: process 17900 (syz.0.5656) did not claim interface 4 before use [ 377.336519][T17904] program syz.2.5658 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 377.445199][T17906] qrtr: Invalid version 0 [ 378.077309][T17928] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 378.998920][T17982] Line length is too long: Should be less than 4094 [ 379.396346][T17996] ICMPv6: process `syz.2.5699' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 380.407063][T18050] program syz.2.5727 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 380.427248][T18051] i2c i2c-0: new_device: Can't parse I2C address [ 380.900250][T18075] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 380.901240][T18074] ima: policy update failed [ 380.931723][T18079] i2c i2c-0: delete_device: Can't parse I2C address [ 380.938978][ T29] audit: type=1802 audit(4294988936.293:33): pid=18074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.5739" res=0 errno=0 [ 382.038375][T18133] nvme_fcloop: unknown parameter or missing value '7' [ 383.150953][T18191] i2c i2c-0: new_device: Invalid device name [ 384.025265][T18230] smpboot: CPU 1 is now offline [ 385.485446][ T29] audit: type=1806 audit(4294988940.844:34): xattr="" res=-22 [ 386.145438][T18330] CIFS mount error: No usable UNC path provided in device string! [ 386.145438][T18330] [ 386.191854][T18330] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 386.231707][T18334] [U] ^Z [ 386.713150][T18356] binder: binder_mmap: 18355 0-1000 bad vm_flags failed -1 [ 387.976468][T18412] [U] ^Z [ 393.820845][T18684] bond0: option mode: unable to set because the bond device is up [ 395.801137][T18767] tipc: Can't bind to reserved service type 63 [ 398.173590][T18871] sysfs_service_op_store: Client not running :-5: [ 399.391155][ T29] audit: type=1807 audit(4294988954.820:35): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 399.411031][T18928] ima: policy update failed [ 399.457442][ T29] audit: type=1802 audit(4294988954.850:36): pid=18932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.6151" res=0 errno=0 [ 399.553351][ T29] audit: type=1802 audit(4294988954.870:37): pid=18928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.6151" res=0 errno=0 [ 400.710602][T18988] synth uevent: /module/null_blk: unknown uevent action string [ 401.420783][T19026] kAFS: Invalid Command on /proc/fs/afs/cells file [ 402.232559][T19065] vivid-003: ================= START STATUS ================= [ 402.256256][T19068] ptrace attach of "./syz-executor exec"[5843] was attempted by ""[19068] [ 402.271262][T19065] vivid-003: Radio HW Seek Mode: Bounded [ 402.312534][T19065] vivid-003: Radio Programmable HW Seek: false [ 402.339331][T19065] vivid-003: RDS Rx I/O Mode: Block I/O [ 402.364206][T19065] vivid-003: Generate RBDS Instead of RDS: false [ 402.406573][T19065] vivid-003: RDS Reception: true [ 402.433938][T19065] vivid-003: RDS Program Type: 0 inactive [ 402.456736][T19065] vivid-003: RDS PS Name: inactive [ 402.484695][T19065] vivid-003: RDS Radio Text: inactive [ 402.510534][T19065] vivid-003: RDS Traffic Announcement: false inactive [ 402.541303][T19065] vivid-003: RDS Traffic Program: false inactive [ 402.570124][T19065] vivid-003: RDS Music: false inactive [ 402.595240][T19065] vivid-003: ================== END STATUS ================== [ 403.016636][T19098] program syz.3.6233 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 403.063510][T19098] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 404.758774][ T29] audit: type=1800 audit(4294988960.215:38): pid=19182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6270" name="dbroot" dev="configfs" ino=49184 res=0 errno=0 [ 405.187152][T19201] phram: not enough arguments [ 405.372728][T19207] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20000 [ 405.414189][T19207] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 405.448340][T19207] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 405.488382][T19207] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 405.529988][T19207] page dumped because: unmovable page [ 405.557868][T19207] page_owner tracks the page as allocated [ 405.584476][T19207] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(), pid 0, tgid 0 (swapper), ts 1842097084, free_ts 0 [ 405.633722][T19207] register_early_stack+0x74/0xaf [ 405.652879][T19207] init_page_owner+0x4c/0xa10 [ 405.663980][T19207] page_ext_init+0x71d/0x780 [ 405.669033][T19207] mm_core_init+0x229/0x270 [ 405.677773][T19207] page_owner free stack trace missing [ 406.209964][T19237] Process accounting paused [ 407.113640][T19279] zram0: detected capacity change from 16 to 0 [ 407.862504][T19315] kafs: addr_prefs: Invalid Command [ 408.206128][T19331] mmap: syz.0.6344 (19331): VmData 45879296 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 408.923834][T19365] ubi31: attaching mtd0 [ 408.976795][T19365] ubi31: scanning is finished [ 408.997111][T19365] ubi31: empty MTD device detected [ 409.423737][T19365] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 409.457160][T19365] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes [ 409.515160][T19365] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 409.546570][T19365] ubi31: VID header offset: 514 (aligned 514), data offset: 578 [ 409.592887][T19365] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 409.643320][T19365] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 20 [ 409.686551][T19365] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 579344212 [ 409.775420][T19365] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 409.879925][T19385] ubi31: background thread "ubi_bgt31d" started, PID 19385 [ 411.346639][T19461] ICMPv6: process `syz.0.6407' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 412.145183][ T29] audit: type=1800 audit(4294988967.640:39): pid=19501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6426" name="lu_gp_id" dev="configfs" ino=50216 res=0 errno=0 [ 412.173817][T19501] ALUA LU Group already has a valid ID, ignoring request [ 413.006882][T19541] aoe: copy from user failed [ 413.025197][T19541] aoe: could not set interface list: too many interfaces [ 413.344308][T19556] usb usb22: usbfs: process 19556 (syz.2.6453) did not claim interface 1 before use [ 413.533660][T19565] bond0: no command found in slaves file - use +ifname or -ifname [ 413.726154][T19576] bonding: no command found in bonding_masters - use +ifname or -ifname [ 414.366587][ T5839] Bluetooth: hci3: unexpected event 0x31 length: 19 > 6 [ 414.641013][T19618] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 414.738391][T19616] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 417.017321][T19728] vhci_hcd vhci_hcd.2: invalid port number 16 [ 417.055521][T19728] vhci_hcd vhci_hcd.2: invalid port number 16 [ 422.745168][T19977] kernel profiling enabled (shift: 0) [ 422.987066][T19983] aoe: can't write to that file. [ 426.661657][T20092] [U] ^\ [ 428.487310][ T5839] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 428.986114][T20187] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 429.351438][ T29] audit: type=1806 audit(4294988984.930:40): xattr="." res=0 [ 429.874436][ T5839] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 430.368092][ T29] audit: type=1400 audit(4294988985.945:41): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=20259 comm="syz.3.6794" [ 430.669832][ T5846] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 432.442002][T20364] program syz.2.6836 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 434.628142][T20464] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 434.664923][T20464] vhci_hcd vhci_hcd.1: Wrong hub descriptor type for USB 3.0 roothub. [ 436.077912][T20550] pci 0000:00:01.3: enabling device (0000 -> 0001) [ 436.226523][T20553] Process accounting resumed [ 436.362232][T20550] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 436.412749][T20550] pci 0000:00:01.3: PCI INT A: no GSI [ 439.189944][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.200105][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.349062][ T29] audit: type=1800 audit(4294988994.967:42): pid=20667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6974" name="dbroot" dev="configfs" ino=53904 res=0 errno=0 [ 439.521046][T20671] syz.1.6976: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 439.588213][T20671] CPU: 0 UID: 0 PID: 20671 Comm: syz.1.6976 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 439.588248][T20671] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 439.588256][T20671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 439.588266][T20671] Call Trace: [ 439.588272][T20671] [ 439.588280][T20671] dump_stack_lvl+0x100/0x190 [ 439.588304][T20671] warn_alloc.cold+0x95/0x1c1 [ 439.588331][T20671] ? __pfx_warn_alloc+0x10/0x10 [ 439.588365][T20671] ? __lock_acquire+0x4a5/0x2630 [ 439.588393][T20671] __vmalloc_node_range_noprof+0x136c/0x1630 [ 439.588422][T20671] ? rcu_is_watching+0x12/0xc0 [ 439.588443][T20671] ? trace_contention_end+0x122/0x170 [ 439.588463][T20671] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 439.588486][T20671] ? dvb_dvr_do_ioctl+0x7e/0x270 [ 439.588507][T20671] ? find_held_lock+0x2b/0x80 [ 439.588528][T20671] ? tomoyo_path_number_perm+0x28f/0x580 [ 439.588556][T20671] ? tomoyo_path_number_perm+0x28f/0x580 [ 439.588584][T20671] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 439.588608][T20671] ? __pfx___mutex_lock+0x10/0x10 [ 439.588639][T20671] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 439.588667][T20671] ? futex_wait+0x11e/0x370 [ 439.588693][T20671] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 439.588714][T20671] __vmalloc_node_noprof+0xad/0xf0 [ 439.588737][T20671] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 439.588761][T20671] dvb_dvr_do_ioctl+0x15d/0x270 [ 439.588787][T20671] dvb_usercopy+0x167/0x340 [ 439.588808][T20671] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 439.588832][T20671] ? __pfx_dvb_usercopy+0x10/0x10 [ 439.588863][T20671] ? __fget_files+0x21f/0x3d0 [ 439.588887][T20671] dvb_dvr_ioctl+0x29/0x40 [ 439.588907][T20671] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 439.588929][T20671] __x64_sys_ioctl+0x18e/0x210 [ 439.588948][T20671] do_syscall_64+0x10b/0xf80 [ 439.588973][T20671] ? clear_bhb_loop+0x40/0x90 [ 439.588995][T20671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.589013][T20671] RIP: 0033:0x7f0f4159c819 [ 439.589030][T20671] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.589047][T20671] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.589071][T20671] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 439.589085][T20671] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 439.589096][T20671] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 439.589106][T20671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.589117][T20671] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 439.589140][T20671] [ 439.858179][T20671] Mem-Info: [ 439.862016][T20671] active_anon:14183 inactive_anon:4 isolated_anon:0 [ 439.862016][T20671] active_file:6352 inactive_file:52500 isolated_file:0 [ 439.862016][T20671] unevictable:768 dirty:160 writeback:1 [ 439.862016][T20671] slab_reclaimable:11303 slab_unreclaimable:93183 [ 439.862016][T20671] mapped:24237 shmem:1353 pagetables:1385 [ 439.862016][T20671] sec_pagetables:0 bounce:0 [ 439.862016][T20671] kernel_misc_reclaimable:0 [ 439.862016][T20671] free:1108433 free_pcp:16424 free_cma:0 [ 439.909333][T20671] Node 0 active_anon:56732kB inactive_anon:16kB active_file:25392kB inactive_file:209820kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96888kB dirty:636kB writeback:4kB shmem:3876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:36864kB kernel_stack:10752kB pagetables:5384kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 439.944783][T20671] Node 1 active_anon:0kB inactive_anon:0kB active_file:16kB inactive_file:180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:60kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 439.977883][T20671] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 440.008862][T20671] lowmem_reserve[]: 0 2476 2477 2477 2477 [ 440.015348][T20671] Node 0 DMA32 free:505148kB boost:0kB min:34288kB low:42860kB high:51432kB reserved_highatomic:0KB free_highatomic:0KB active_anon:56732kB inactive_anon:16kB active_file:25392kB inactive_file:209820kB unevictable:1536kB writepending:640kB zspages:0kB present:3129332kB managed:2535488kB mlocked:0kB bounce:0kB free_pcp:39644kB local_pcp:39644kB free_cma:0kB [ 440.049345][T20671] lowmem_reserve[]: 0 0 0 0 0 [ 440.055777][T20671] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1004kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 440.087483][T20671] lowmem_reserve[]: 0 0 0 0 0 [ 440.093088][T20671] Node 1 Normal free:3913212kB boost:0kB min:55596kB low:69492kB high:83388kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:16kB inactive_file:180kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:25984kB local_pcp:25984kB free_cma:0kB [ 440.125911][T20671] lowmem_reserve[]: 0 0 0 0 0 [ 440.135372][T20671] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 440.168529][T20671] Node 0 DMA32: 1868*4kB (UME) 981*8kB (UME) 679*16kB (UME) 383*32kB (UME) 189*64kB (UME) 354*128kB (UME) 301*256kB (UME) 173*512kB (UM) 86*1024kB (UME) 20*2048kB (U) 28*4096kB (UM) = 505192kB [ 440.207391][T20671] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 440.234070][T20671] Node 1 Normal: 1*4kB (M) 7*8kB (UM) 2*16kB (UM) 3*32kB (UM) 5*64kB (UM) 4*128kB (U) 4*256kB (UM) 5*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 952*4096kB (UM) = 3913212kB [ 440.270148][T20671] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 440.293476][T20671] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 440.303176][T20671] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 440.380079][T20671] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 440.440354][T20671] 60201 total pagecache pages [ 440.450662][T20671] 0 pages in swap cache [ 440.460185][T20671] Free swap = 124996kB [ 440.474509][T20671] Total swap = 124996kB [ 440.479167][T20671] 2097051 pages RAM [ 440.490688][T20671] 0 pages HighMem/MovableOnly [ 440.510863][T20671] 431313 pages reserved [ 440.527527][T20671] 0 pages cma reserved [ 440.698982][T20698] Format for adding new port is "id [perm_addr]" (uint MAC). [ 441.546918][T20723] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.004596][T20723] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.211836][T20723] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.363834][T20723] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.123738][T20822] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 444.597343][T20882] kAFS: Invalid Command on /proc/fs/afs/cells file [ 445.267315][T20913] CIFS mount error: No usable UNC path provided in device string! [ 445.267315][T20913] [ 445.318300][T20913] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 447.439604][T21008] ACPI: Can not change Invalid GPE/Fixed Event status [ 447.473048][T21011] block2mtd: Using custom MTD label '' for dev [ 447.505810][T21011] block2mtd: error: cannot open device [ 448.212287][T21042] [ 448.520201][T21055] vivid-007: ================= START STATUS ================= [ 448.577210][T21055] vivid-007: Enable Output Cropping: true [ 448.627840][T21055] vivid-007: Enable Output Composing: true [ 448.644830][T21055] vivid-007: Enable Output Scaler: true [ 448.659756][T21060] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 448.681162][T21055] vivid-007: Tx RGB Quantization Range: Automatic [ 448.703913][T21055] vivid-007: Transmit Mode: HDMI [ 448.722255][T21055] vivid-007: Hotplug Present: 0x00000000 [ 448.745901][T21055] vivid-007: RxSense Present: 0x00000000 [ 448.771186][T21055] vivid-007: EDID Present: 0x00000000 [ 448.789312][T21055] vivid-007: ================== END STATUS ================== [ 449.167946][T21076] warning: `syz.0.7144' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 449.523801][T21090] bond0: option packets_per_slave: invalid value ( Xnp) [ 449.563693][T21090] bond0: option packets_per_slave: allowed values 0 - 65535 [ 454.201224][T21135] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 454.986858][ T29] audit: type=1800 audit(4294989010.681:43): pid=21307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.7242" name="dbroot" dev="configfs" ino=55775 res=0 errno=0 [ 456.597156][T21365] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 457.316420][T21395] vivid-007: ================= START STATUS ================= [ 457.354607][T21395] vivid-007: Generate PTS: true [ 457.387270][T21395] vivid-007: Generate SCR: true [ 457.411172][T21395] tpg source WxH: 320x240 (Y'CbCr) [ 457.439852][T21395] tpg field: 1 [ 457.456507][T21395] tpg crop: (0,0)/320x240 [ 457.478082][T21395] tpg compose: (0,0)/320x240 [ 457.502327][T21395] tpg colorspace: 8 [ 457.519654][T21395] tpg transfer function: 0/0 [ 457.542616][T21395] tpg Y'CbCr encoding: 0/0 [ 457.564726][T21395] tpg quantization: 0/0 [ 457.584289][T21395] tpg RGB range: 0/2 [ 457.606462][T21395] vivid-007: ================== END STATUS ================== [ 458.130672][T21428] ptp ptp0: only physical clock in use now [ 460.185756][T21521] sg_write: data in/out 1685414155/2147479510 bytes for SCSI command 0x3-- guessing data in; [ 460.185756][T21521] program syz.3.7348 not setting count and/or reply_len properly [ 460.257155][ T29] audit: type=1400 audit(4294989015.966:44): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=21522 comm="syz.0.7350" [ 465.426275][T21733] zswap: compressor Z(u not available [ 466.221670][T21779] Process accounting paused [ 466.527786][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 466.538212][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 466.672344][T21801] syz.3.7484 uses obsolete (PF_INET,SOCK_PACKET) [ 467.422548][T21833] i2c i2c-0: delete_device: Extra parameters [ 468.786302][T21888] binder: 21887:21888 ioctl 541b 0 returned -22 [ 470.821539][T21952] mmap: syz.0.7555 (21952) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 474.076186][T22080] bond0: option slaves: interface -]=,Don?I|a CB does not exist! [ 474.291712][T21135] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 474.291743][T21135] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 474.307103][T21135] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 474.351326][T22091] cougar: G6 mapped to space [ 475.203316][T22128] usb usb15: usbfs: process 22128 (syz.3.7641) did not claim interface 0 before use [ 476.300959][T22171] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 476.323977][T22171] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 476.353529][T22171] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 476.386256][T22171] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 476.419140][T22171] page dumped because: unmovable page [ 476.438030][T22171] page_owner info is not present (never set?) [ 476.653897][T22188] synth uevent: /devices/virtual/net/gretap0: unknown uevent action string [ 476.683398][T22188] net gretap0: uevent: failed to send synthetic uevent: -22 [ 478.815178][T22277] vhci_hcd vhci_hcd.2: invalid port number 16 [ 478.850351][T22277] vhci_hcd vhci_hcd.2: invalid port number 16 [ 481.232011][T22382] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 481.344660][ T29] audit: type=1800 audit(4294989037.155:45): pid=22388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.7766" name="lu_gp_id" dev="configfs" ino=59186 res=0 errno=0 [ 481.381360][T22388] kstrtoul() returned -22 for lu_gp_id [ 482.897141][T22405] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 482.992398][T22446] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 482.992398][T22446] M' is too long [ 483.050401][T22446] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 483.050401][T22446] W ' is too long [ 483.320989][T22456] warning: `syz.3.7800' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 483.832078][T22475] vhci_hcd vhci_hcd.2: invalid port number 194 [ 483.867866][T22475] vhci_hcd vhci_hcd.2: invalid port number 194 [ 486.255547][T22582] usb usb13: check_ctrlrecip: process 22582 (syz.0.7861) requesting ep 01 but needs 81 [ 486.301701][T22582] usb usb13: usbfs: process 22582 (syz.0.7861) did not claim interface 0 before use [ 487.024053][T22614] program syz.2.7878 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 487.077217][T22614] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 488.464227][ T29] audit: type=1800 audit(4294989044.308:46): pid=22676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7904" name="lu_gp_id" dev="configfs" ino=60075 res=0 errno=0 [ 490.856943][T22783] sg_write: data in/out 262108/40 bytes for SCSI command 0x61-- guessing data in; [ 490.856943][T22783] program syz.1.7956 not setting count and/or reply_len properly [ 491.332155][T22803] QAT: failed to copy from user cfg_data. [ 491.650953][ T29] audit: type=1800 audit(4294989047.523:47): pid=22816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.7971" name="lu_gp_id" dev="configfs" ino=60538 res=0 errno=0 [ 493.653349][T22903] binder: 22902:22903 ioctl 400c620e 2000000003c0 returned -22 [ 494.348172][T22934] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 494.731245][T22950] ======================================================= [ 494.731245][T22950] WARNING: The mand mount option has been deprecated and [ 494.731245][T22950] and is ignored by this kernel. Remove the mand [ 494.731245][T22950] option from the mount to silence this warning. [ 494.731245][T22950] ======================================================= [ 496.192883][T23015] openvswitch: netlink: Duplicate or invalid key (type 0). [ 496.312234][T23015] Process accounting resumed [ 496.458119][T23025] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 497.541689][T23071] openvswitch: netlink: Duplicate or invalid key (type 0). [ 497.590531][T23075] netlink: zone id is out of range [ 497.615423][T23075] netlink: zone id is out of range [ 497.636467][T23075] netlink: zone id is out of range [ 497.661774][T23075] netlink: zone id is out of range [ 497.686228][T23075] netlink: zone id is out of range [ 497.705996][T23075] netlink: zone id is out of range [ 497.722894][T23075] netlink: zone id is out of range [ 497.741209][T23075] netlink: zone id is out of range [ 498.061680][T23093] netlink: 'syz.3.8104': attribute type 11 has an invalid length. [ 498.093032][T23093] netlink: 'syz.3.8104': attribute type 11 has an invalid length. [ 498.120696][T23093] netlink: 'syz.3.8104': attribute type 11 has an invalid length. [ 500.069266][T23181] process 'syz.1.8145' launched '/dev/fd/0' with NULL argv: empty string added [ 500.340415][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.352006][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.755356][T23209] netlink: 'syz.3.8158': attribute type 1 has an invalid length. [ 501.946249][T23256] netlink: 'syz.1.8182': attribute type 11 has an invalid length. [ 501.991285][T23256] netlink: 'syz.1.8182': attribute type 11 has an invalid length. [ 502.028781][T23256] netlink: 'syz.1.8182': attribute type 11 has an invalid length. [ 502.260543][T23267] net_ratelimit: 49 callbacks suppressed [ 502.260561][T23267] netlink: zone id is out of range [ 502.326490][T23267] netlink: zone id is out of range [ 502.345655][T23267] netlink: zone id is out of range [ 502.369412][T23267] netlink: zone id is out of range [ 502.395502][T23267] netlink: zone id is out of range [ 502.417061][T23267] netlink: zone id is out of range [ 502.439434][T23267] netlink: zone id is out of range [ 502.449936][T23276] openvswitch: netlink: Flow key attribute not present in set flow. [ 502.478117][T23267] netlink: zone id is out of range [ 502.499084][T23267] netlink: zone id is out of range [ 504.413512][T23368] Zero length message leads to an empty skb [ 506.156188][T21135] Bluetooth: hci2: unexpected subevent 0x18 length: 123 > 19 [ 506.164243][T21135] Bluetooth: hci2: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 506.837654][T21135] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 506.837685][T21135] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 506.854328][T21135] Bluetooth: hci1: Dropping invalid advertising data [ 506.861716][T21135] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 506.861743][T21135] Bluetooth: hci1: Dropping invalid advertising data [ 506.878820][T21135] Bluetooth: hci1: Malformed LE Event: 0x02 [ 508.872707][T21135] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 508.872734][T21135] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 508.891556][T21135] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 508.891577][T21135] Bluetooth: hci1: Unknown advertising packet type: 0x57 [ 508.903384][T21135] Bluetooth: hci1: adv larger than maximum supported [ 508.910740][T21135] Bluetooth: hci1: Unknown advertising packet type: 0x7d [ 508.918938][T21135] Bluetooth: hci1: Malformed LE Event: 0x0d [ 510.028890][T23596] net_ratelimit: 52 callbacks suppressed [ 510.028908][T23596] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 511.064591][T23649] bond0: option lp_interval: invalid value () [ 511.108047][T23649] bond0: option lp_interval: allowed values 1 - 2147483647 [ 512.592920][T23709] nfs: Unknown parameter 'nl802154' [ 512.640571][T23711] program syz.3.8346 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 512.868675][T23718] netlink: 'syz.1.8351': attribute type 11 has an invalid length. [ 512.915159][T23718] netlink: 'syz.1.8351': attribute type 11 has an invalid length. [ 512.953704][T23718] netlink: 'syz.1.8351': attribute type 11 has an invalid length. [ 512.994788][T23718] netlink: 'syz.1.8351': attribute type 11 has an invalid length. [ 514.528152][T21135] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 514.528181][T21135] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 514.545409][T21135] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 514.545433][T21135] Bluetooth: hci0: adv larger than maximum supported [ 514.553617][T21135] Bluetooth: hci0: Unknown advertising packet type: 0x71 [ 514.561056][T21135] Bluetooth: hci0: Unknown advertising packet type: 0x3d [ 514.571715][T21135] Bluetooth: hci0: Malformed LE Event: 0x0d [ 516.683748][T23873] openvswitch: netlink: Key 15 has unexpected len 16 expected 4 [ 516.946677][ T29] audit: type=1107 audit(4294989072.932:48): pid=23881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 517.014684][ T29] audit: type=1107 audit(4294989072.982:49): pid=23881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 517.260986][T23895] openvswitch: netlink: Message has 4 unknown bytes. [ 517.870431][T23921] netlink: 'syz.2.8434': attribute type 11 has an invalid length. [ 517.908347][T23921] netlink: 'syz.2.8434': attribute type 11 has an invalid length. [ 517.936458][T23921] netlink: 'syz.2.8434': attribute type 11 has an invalid length. [ 518.156091][T23934] openvswitch: netlink: Key 15 has unexpected len 16 expected 4 [ 518.190217][T21135] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 518.190246][T21135] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 518.207037][T21135] Bluetooth: hci3: Dropping invalid advertising data [ 518.213927][T21135] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 518.213956][T21135] Bluetooth: hci3: Dropping invalid advertising data [ 518.228578][T21135] Bluetooth: hci3: Malformed LE Event: 0x02 [ 520.361232][T24055] netlink: 'syz.1.8463': attribute type 11 has an invalid length. [ 520.402131][T24055] netlink: 'syz.1.8463': attribute type 11 has an invalid length. [ 520.445872][T24055] netlink: 'syz.1.8463': attribute type 11 has an invalid length. [ 521.971071][T21135] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 521.971099][T21135] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 521.986353][T21135] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 521.986372][T21135] Bluetooth: hci2: Unknown advertising packet type: 0x3d [ 521.993417][T21135] Bluetooth: hci2: adv larger than maximum supported [ 522.000914][T21135] Bluetooth: hci2: adv larger than maximum supported [ 522.008033][T21135] Bluetooth: hci2: Malformed LE Event: 0x0d [ 522.188068][T24112] HfR: entered promiscuous mode [ 522.215868][T24122] netlink: 'syz.2.8493': attribute type 11 has an invalid length. [ 522.259950][T24122] netlink: 'syz.2.8493': attribute type 11 has an invalid length. [ 522.298483][T24122] netlink: 'syz.2.8493': attribute type 11 has an invalid length. [ 523.214835][T24156] netlink: 'syz.2.8508': attribute type 1 has an invalid length. [ 524.101940][T21135] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 524.101966][T21135] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 524.118785][T21135] Bluetooth: hci0: Dropping invalid advertising data [ 524.125881][T21135] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 524.125910][T21135] Bluetooth: hci0: Dropping invalid advertising data [ 524.142247][T21135] Bluetooth: hci0: Malformed LE Event: 0x02 [ 525.074469][T24242] tc_dump_action: action bad kind [ 525.246166][T24246] netlink: NAT attribute has 8 unknown bytes [ 526.122151][T21135] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 526.122178][T21135] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 526.138479][T21135] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 526.138502][T21135] Bluetooth: hci3: Unknown advertising packet type: 0x1e [ 526.148041][T21135] Bluetooth: hci3: Unknown advertising packet type: 0x5c [ 526.156024][T21135] Bluetooth: hci3: adv larger than maximum supported [ 526.164660][T21135] Bluetooth: hci3: Malformed LE Event: 0x0d [ 526.335277][T24289] Process accounting paused [ 526.803456][T24306] syz.0.8567 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 527.941280][T21135] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 527.941309][T21135] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 527.960319][T21135] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 527.960344][T21135] Bluetooth: hci1: Unknown advertising packet type: 0x31 [ 527.969742][T21135] Bluetooth: hci1: Unknown advertising packet type: 0x19 [ 527.976994][T21135] Bluetooth: hci1: adv larger than maximum supported [ 527.984099][T21135] Bluetooth: hci1: Malformed LE Event: 0x0d [ 529.584678][T24415] netlink: 'syz.3.8603': attribute type 11 has an invalid length. [ 529.623230][T24415] netlink: 'syz.3.8603': attribute type 11 has an invalid length. [ 529.668772][T24415] netlink: 'syz.3.8603': attribute type 11 has an invalid length. [ 531.091826][T24481] FAULT_INJECTION: forcing a failure. [ 531.091826][T24481] name failslab, interval 1, probability 0, space 0, times 1 [ 531.159353][T24481] CPU: 0 UID: 0 PID: 24481 Comm: syz.0.8625 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 531.159389][T24481] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 531.159397][T24481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 531.159407][T24481] Call Trace: [ 531.159414][T24481] [ 531.159421][T24481] dump_stack_lvl+0x100/0x190 [ 531.159445][T24481] should_fail_ex.cold+0x5/0xa [ 531.159468][T24481] should_failslab+0xc2/0x120 [ 531.159490][T24481] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 531.159512][T24481] ? kstrdup_const+0x63/0x80 [ 531.159535][T24481] kstrdup+0x51/0xe0 [ 531.159553][T24481] kstrdup_const+0x63/0x80 [ 531.159571][T24481] alloc_vfsmnt+0xe5/0x6a0 [ 531.159594][T24481] ? __pfx___might_resched+0x10/0x10 [ 531.159616][T24481] clone_mnt+0x4b/0x930 [ 531.159635][T24481] copy_tree+0xfc/0xbf0 [ 531.159655][T24481] ? __pfx_down_write+0x10/0x10 [ 531.159678][T24481] copy_mnt_ns+0x3fa/0x1180 [ 531.159707][T24481] ? __pfx_copy_mnt_ns+0x10/0x10 [ 531.159733][T24481] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 531.159760][T24481] ? create_new_namespaces+0x30/0xac0 [ 531.159782][T24481] ? rcu_is_watching+0x12/0xc0 [ 531.159806][T24481] create_new_namespaces+0xd3/0xac0 [ 531.159828][T24481] ? bpf_lsm_capable+0x9/0x10 [ 531.159852][T24481] ? security_capable+0x80/0x260 [ 531.159878][T24481] unshare_nsproxy_namespaces+0xf2/0x220 [ 531.159903][T24481] ksys_unshare+0x438/0xab0 [ 531.159931][T24481] ? __pfx_ksys_unshare+0x10/0x10 [ 531.159955][T24481] ? xfd_validate_state+0x129/0x190 [ 531.159973][T24481] ? ksys_write+0x1ac/0x250 [ 531.160000][T24481] __x64_sys_unshare+0x31/0x40 [ 531.160025][T24481] do_syscall_64+0x10b/0xf80 [ 531.160056][T24481] ? clear_bhb_loop+0x40/0x90 [ 531.160078][T24481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.160096][T24481] RIP: 0033:0x7f4b6f99c819 [ 531.160111][T24481] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 531.160127][T24481] RSP: 002b:00007f4b7091e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 531.160145][T24481] RAX: ffffffffffffffda RBX: 00007f4b6fc15fa0 RCX: 00007f4b6f99c819 [ 531.160156][T24481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 531.160166][T24481] RBP: 00007f4b6fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 531.160177][T24481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 531.160274][T24481] R13: 00007f4b6fc16038 R14: 00007f4b6fc15fa0 R15: 00007ffe179e0938 [ 531.160302][T24481] [ 532.013479][T24528] netlink: 'syz.0.8638': attribute type 11 has an invalid length. [ 532.090195][T24528] netlink: 'syz.0.8638': attribute type 11 has an invalid length. [ 532.132323][T24528] netlink: 'syz.0.8638': attribute type 11 has an invalid length. [ 532.846219][T24559] netlink: Conntrack attr has 5 unknown bytes [ 533.499325][T24595] ucma_write: process 4381 (syz.0.8655) changed security contexts after opening file descriptor, this is not allowed. [ 534.307816][T24620] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 535.126869][T24657] netlink: 'syz.1.8685': attribute type 1 has an invalid length. [ 535.519939][T24675] netlink: 'syz.1.8692': attribute type 11 has an invalid length. [ 535.552469][T24675] netlink: 'syz.1.8692': attribute type 11 has an invalid length. [ 535.584444][T24675] netlink: 'syz.1.8692': attribute type 11 has an invalid length. [ 536.292929][T24710] netlink: 'syz.3.8707': attribute type 8 has an invalid length. [ 536.817562][T24704] NFSD: Failed to start, no listeners configured. [ 536.829543][T24732] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8713'. [ 537.649211][T24759] nbd: must specify an index to disconnect [ 539.249095][T24838] zero sized request [ 540.353287][T24884] nbd: couldn't find a device at index 18109 [ 540.416486][T24887] netlink: 'syz.3.8772': attribute type 11 has an invalid length. [ 540.461824][T24887] netlink: 'syz.3.8772': attribute type 11 has an invalid length. [ 540.502556][T24887] netlink: 'syz.3.8772': attribute type 11 has an invalid length. [ 541.950223][T24953] NFSD: Failed to start, no listeners configured. [ 542.411875][ T29] audit: type=1800 audit(4294989098.522:50): pid=24970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8797" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 543.041401][T24993] netlink: 'syz.0.8807': attribute type 11 has an invalid length. [ 543.084959][T24993] netlink: 'syz.0.8807': attribute type 11 has an invalid length. [ 543.120862][T24993] netlink: 'syz.0.8807': attribute type 11 has an invalid length. [ 544.924179][T25053] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8831'. [ 545.520890][T25079] openvswitch: netlink: IPv4 tunnel dst address is zero [ 546.431119][T25117] netlink: 'syz.3.8861': attribute type 1 has an invalid length. [ 546.465746][T25119] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8862'. [ 547.632505][T21135] Bluetooth: hci1: ACL packet too small [ 549.701954][T25242] NFSD: Failed to start, no listeners configured. [ 550.018098][ T29] audit: type=1800 audit(4294989106.158:51): pid=25264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="dbroot" dev="configfs" ino=68814 res=0 errno=0 [ 551.426182][T25317] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 552.219471][T25347] openvswitch: netlink: IP tunnel dst address not specified [ 554.350343][T25424] netlink: Failed to add  helper -22 [ 554.767666][T25447] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 554.943929][T25453] nfs: Unknown parameter 'm?LH>「^eko}* ' [ 556.380906][T25501] Process accounting resumed [ 557.171569][T25532] .^: entered promiscuous mode [ 557.374392][T25524] NFSD: Failed to start, no listeners configured. [ 558.348381][T25570] NFSD: Failed to start, no listeners configured. [ 558.747109][T25590] NFSD: Failed to start, no listeners configured. [ 559.624915][T25629] netlink: Invalid conntrack helper [ 560.362732][T25655] NFSD: Failed to start, no listeners configured. [ 561.496817][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 561.505488][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 561.672443][T25709] netlink: 'syz.1.9121': attribute type 12 has an invalid length. [ 562.624463][T25737] NFSD: Failed to start, no listeners configured. [ 563.576763][T25767] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 563.714006][T25769] block nbd2: not configured, cannot reconfigure [ 564.290160][T25786] netlink: 'syz.0.9151': attribute type 1 has an invalid length. [ 564.352362][T25790] vivid-005: ================= START STATUS ================= [ 564.377702][T25790] vivid-005: Radio HW Seek Mode: Bounded [ 564.402192][T25790] vivid-005: Radio Programmable HW Seek: false [ 564.437653][T25790] vivid-005: RDS Rx I/O Mode: Block I/O [ 564.462292][T25790] vivid-005: Generate RBDS Instead of RDS: false [ 564.490271][T25790] vivid-005: RDS Reception: true [ 564.513441][T25790] vivid-005: RDS Program Type: 0 inactive [ 564.546222][T25790] vivid-005: RDS PS Name: inactive [ 564.571412][T25790] vivid-005: RDS Radio Text: inactive [ 564.603782][T25790] vivid-005: RDS Traffic Announcement: false inactive [ 564.632589][T25790] vivid-005: RDS Traffic Program: false inactive [ 564.663573][T25790] vivid-005: RDS Music: false inactive [ 564.693069][T25790] vivid-005: ================== END STATUS ================== [ 565.095374][T25810] FAULT_INJECTION: forcing a failure. [ 565.095374][T25810] name failslab, interval 1, probability 0, space 0, times 0 [ 565.150267][T25810] CPU: 0 UID: 0 PID: 25810 Comm: syz.2.9160 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 565.150301][T25810] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 565.150309][T25810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 565.150320][T25810] Call Trace: [ 565.150326][T25810] [ 565.150333][T25810] dump_stack_lvl+0x100/0x190 [ 565.150359][T25810] should_fail_ex.cold+0x5/0xa [ 565.150381][T25810] should_failslab+0xc2/0x120 [ 565.150406][T25810] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 565.150434][T25810] ? alloc_empty_file+0x5b/0x1c0 [ 565.150465][T25810] alloc_empty_file+0x5b/0x1c0 [ 565.150491][T25810] alloc_file_pseudo+0x13a/0x230 [ 565.150518][T25810] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 565.150545][T25810] ? hugetlbfs_get_inode+0x3f5/0x700 [ 565.150572][T25810] hugetlb_file_setup+0x2a8/0x5b0 [ 565.150599][T25810] ksys_mmap_pgoff+0x242/0x610 [ 565.150619][T25810] ? __UNIQUE_ID_modinfo_714+0x63da8c83/0xffffffffffec9583 [ 565.150646][T25810] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 565.150667][T25810] ? xfd_validate_state+0x129/0x190 [ 565.150684][T25810] ? ksys_write+0x1ac/0x250 [ 565.150707][T25810] __x64_sys_mmap+0x125/0x190 [ 565.150725][T25810] ? __UNIQUE_ID_modinfo_714+0x63da8c83/0xffffffffffec9583 [ 565.150751][T25810] do_syscall_64+0x10b/0xf80 [ 565.150776][T25810] ? clear_bhb_loop+0x40/0x90 [ 565.150798][T25810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.150816][T25810] RIP: 0033:0x7f70e879c819 [ 565.150831][T25810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 565.150855][T25810] RSP: 002b:00007f70e96c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 565.150873][T25810] RAX: ffffffffffffffda RBX: 00007f70e8a15fa0 RCX: 00007f70e879c819 [ 565.150884][T25810] RDX: 0000000000000002 RSI: 0000000000000005 RDI: ffffffffff600700 [ 565.150894][T25810] RBP: 00007f70e8832c91 R08: 0000000000000401 R09: 0000300000000000 [ 565.150905][T25810] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 565.150915][T25810] R13: 00007f70e8a16038 R14: 00007f70e8a15fa0 R15: 00007ffcca7bc518 [ 565.150933][T25810] ? __UNIQUE_ID_modinfo_714+0x63da8c83/0xffffffffffec9583 [ 565.150959][T25810] [ 566.137967][T25845] zero sized request [ 567.945373][T25914] netlink: zone id is out of range [ 569.484434][T25958] NFSD: Failed to start, no listeners configured. [ 570.419147][T26001] openvswitch: netlink: IP tunnel dst address not specified [ 572.147361][T26062] binder: 26059:26062 ioctl c0306201 2000000000c0 returned -14 syzkaller syzkaller login: [ 572.553070][T26072] NFSD: Failed to start, no listeners configured. [ 573.141027][T26104] queue_state_write: unsupported operation '' [ 573.188368][T26104] queue_state_write: use 'run', 'start' or 'kick' [ 573.789967][T26125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9300'. [ 574.180560][T26139] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9308'. [ 574.223458][T26139] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9308'. [ 574.235047][T26142] netlink: Unknown NAT attribute (type=262, max=9) [ 574.304243][T26144] netlink: 'syz.2.9309': attribute type 2 has an invalid length. [ 574.643234][T26153] NFSD: Failed to start, no listeners configured. [ 576.791377][T26222] program syz.2.9343 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 578.188679][T26270] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 578.262725][T26273] netlink: 'syz.3.9371': attribute type 11 has an invalid length. [ 578.951124][T26301] netlink: Invalid conntrack timeout [ 579.041766][T26302] NFSD: Failed to start, no listeners configured. [ 579.413990][T26321] netlink: 'syz.1.9387': attribute type 1 has an invalid length. [ 579.797976][T26335] binder: 26334:26335 ioctl c0306201 2000000000c0 returned -14 [ 580.060618][T26340] NFSD: Failed to start, no listeners configured. [ 580.496740][T26363] binder: 26360:26363 ioctl c0306201 2000000000c0 returned -14 [ 582.274334][T26437] delete_channel: no stack [ 583.218263][T26476] futex_wake_op: syz.0.9451 tries to shift op by -1; fix this program [ 583.468841][T26478] sctp: [Deprecated]: syz.2.9453 (pid 26478) Use of struct sctp_assoc_value in delayed_ack socket option. [ 583.468841][T26478] Use struct sctp_sack_info instead [ 583.574834][T26480] netlink: 'syz.3.9454': attribute type 3 has an invalid length. [ 585.470874][T26543] futex_wake_op: syz.3.9484 tries to shift op by -1; fix this program [ 585.964377][T26555] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9491'. [ 586.011672][T26555] nbd: illegal input index -2113925087 [ 586.340108][T26560] Process accounting paused [ 586.728518][T26579] futex_wake_op: syz.2.9503 tries to shift op by -1; fix this program [ 589.327393][T26654] netlink: ct_mark mask cannot be 0 [ 589.495317][T26658] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 590.456812][T26695] FAULT_INJECTION: forcing a failure. [ 590.456812][T26695] name failslab, interval 1, probability 0, space 0, times 0 [ 590.518036][T26695] CPU: 0 UID: 0 PID: 26695 Comm: syz.3.9557 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 590.518071][T26695] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 590.518079][T26695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 590.518089][T26695] Call Trace: [ 590.518095][T26695] [ 590.518102][T26695] dump_stack_lvl+0x100/0x190 [ 590.518127][T26695] should_fail_ex.cold+0x5/0xa [ 590.518149][T26695] should_failslab+0xc2/0x120 [ 590.518171][T26695] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 590.518199][T26695] ? dup_fd+0x4d/0xd10 [ 590.518218][T26695] ? trace_kmalloc+0xe3/0x110 [ 590.518241][T26695] dup_fd+0x4d/0xd10 [ 590.518264][T26695] ? apparmor_task_alloc+0x2c1/0x3b0 [ 590.518291][T26695] copy_process+0x2965/0x7fa0 [ 590.518327][T26695] ? __pfx_copy_process+0x10/0x10 [ 590.518354][T26695] ? futex_hash+0x141/0x370 [ 590.518375][T26695] kernel_clone+0x12e/0x9c0 [ 590.518398][T26695] ? __pfx_futex_wait+0x10/0x10 [ 590.518422][T26695] ? __pfx_kernel_clone+0x10/0x10 [ 590.518458][T26695] __do_sys_clone+0xd9/0x120 [ 590.518483][T26695] ? __pfx___do_sys_clone+0x10/0x10 [ 590.518517][T26695] ? ksys_write+0x1ac/0x250 [ 590.518539][T26695] ? rcu_is_watching+0x12/0xc0 [ 590.518570][T26695] do_syscall_64+0x10b/0xf80 [ 590.518597][T26695] ? clear_bhb_loop+0x40/0x90 [ 590.518618][T26695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.518636][T26695] RIP: 0033:0x7f81b019c819 [ 590.518651][T26695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 590.518668][T26695] RSP: 002b:00007f81b100afd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 590.518686][T26695] RAX: ffffffffffffffda RBX: 00007f81b0415fa0 RCX: 00007f81b019c819 [ 590.518697][T26695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 590.518708][T26695] RBP: 00007f81b0232c91 R08: 0000000000000000 R09: 0000000000000000 [ 590.518719][T26695] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 590.518729][T26695] R13: 00007f81b0416038 R14: 00007f81b0415fa0 R15: 00007ffe80c81308 [ 590.518751][T26695] [ 592.799490][T26781] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 592.825489][T26783] futex_wake_op: syz.1.9589 tries to shift op by -1; fix this program [ 594.244027][T26826] futex_wake_op: syz.0.9610 tries to shift op by -1; fix this program [ 594.440733][T26831] netlink: 'syz.2.9613': attribute type 1 has an invalid length. [ 594.879502][T26847] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 595.076744][T26855] netlink: 'syz.0.9625': attribute type 1 has an invalid length. [ 595.461467][T26869] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 596.003015][T26890] netlink: 148 bytes leftover after parsing attributes in process `syz.0.9642'. [ 596.932213][T26913] &#$@\]\-: entered promiscuous mode [ 597.754574][T26950] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 598.370946][T26977] futex_wake_op: syz.0.9682 tries to shift op by -1; fix this program [ 598.490607][T26981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9684'. [ 598.609727][T26982] delete_channel: no stack [ 598.705686][T26987] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd1f [ 599.529690][T27016] futex_wake_op: syz.3.9698 tries to shift op by -1; fix this program [ 600.778663][T27052] futex_wake_op: syz.2.9714 tries to shift op by -1; fix this program [ 601.157556][T27060] tipc: Started in network mode [ 601.180227][T27060] tipc: Node identity ee00, cluster identity 4711 [ 601.215286][T27060] tipc: Node number set to 60928 [ 601.445357][T27068] netlink: 'syz.0.9723': attribute type 11 has an invalid length. [ 601.672328][T27074] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 603.902413][T27149] netlink: NAT attribute type 0 has unexpected length (4 != 0) [ 604.543970][T27171] netlink: 'syz.0.9770': attribute type 1 has an invalid length. [ 604.590296][T27171] nbd: error processing sock list [ 605.309961][T27195] __vm_enough_memory: pid: 27195, comm: syz.0.9781, bytes: 4398046511104 not enough memory for the allocation [ 606.261628][T27233] nbd: must specify a device to reconfigure [ 606.857006][T27256] dyndbg: expected <4096 bytes into control [ 608.409166][T27314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 608.478621][T27314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 608.499374][T27318] FAULT_INJECTION: forcing a failure. [ 608.499374][T27318] name failslab, interval 1, probability 0, space 0, times 0 [ 608.560079][T27318] CPU: 0 UID: 0 PID: 27318 Comm: syz.3.9835 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 608.560115][T27318] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 608.560123][T27318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 608.560133][T27318] Call Trace: [ 608.560140][T27318] [ 608.560147][T27318] dump_stack_lvl+0x100/0x190 [ 608.560171][T27318] should_fail_ex.cold+0x5/0xa [ 608.560195][T27318] should_failslab+0xc2/0x120 [ 608.560217][T27318] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 608.560245][T27318] ? alloc_empty_file+0x5b/0x1c0 [ 608.560276][T27318] alloc_empty_file+0x5b/0x1c0 [ 608.560302][T27318] alloc_file_pseudo+0x13a/0x230 [ 608.560329][T27318] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 608.560361][T27318] __shmem_file_setup+0x205/0x460 [ 608.560387][T27318] ? __pfx___shmem_file_setup+0x10/0x10 [ 608.560413][T27318] ? vm_area_alloc+0x1f/0x160 [ 608.560441][T27318] shmem_zero_setup+0x96/0x1b0 [ 608.560460][T27318] __mmap_region+0x24e7/0x2da0 [ 608.560500][T27318] ? __pfx___mmap_region+0x10/0x10 [ 608.560528][T27318] ? lock_acquire+0x1b1/0x370 [ 608.560559][T27318] ? do_raw_spin_lock+0x128/0x260 [ 608.560594][T27318] ? do_raw_spin_lock+0x128/0x260 [ 608.560614][T27318] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 608.560642][T27318] ? hrtimer_start_range_ns+0x860/0x1a50 [ 608.560665][T27318] ? find_held_lock+0x2b/0x80 [ 608.560687][T27318] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 608.560745][T27318] mmap_region+0x35d/0x620 [ 608.560774][T27318] ? rcu_is_watching+0x12/0xc0 [ 608.560795][T27318] ? __pfx_mmap_region+0x10/0x10 [ 608.560825][T27318] ? cap_mmap_addr+0x4b/0x120 [ 608.560848][T27318] ? bpf_lsm_mmap_addr+0x9/0x30 [ 608.560864][T27318] ? security_mmap_addr+0x71/0x1e0 [ 608.560882][T27318] ? __get_unmapped_area+0x255/0x3e0 [ 608.560906][T27318] do_mmap+0xc63/0x12f0 [ 608.560930][T27318] ? __pfx_do_mmap+0x10/0x10 [ 608.560951][T27318] ? __pfx_down_write_killable+0x10/0x10 [ 608.560984][T27318] vm_mmap_pgoff+0x29e/0x470 [ 608.561010][T27318] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 608.561034][T27318] ? do_futex+0x192/0x350 [ 608.561054][T27318] ? __pfx_do_futex+0x10/0x10 [ 608.561082][T27318] ksys_mmap_pgoff+0xe4/0x610 [ 608.561104][T27318] ? __x64_sys_futex+0x358/0x4d0 [ 608.561124][T27318] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 608.561144][T27318] ? xfd_validate_state+0x129/0x190 [ 608.561162][T27318] ? ksys_write+0x1ac/0x250 [ 608.561185][T27318] __x64_sys_mmap+0x125/0x190 [ 608.561207][T27318] do_syscall_64+0x10b/0xf80 [ 608.561233][T27318] ? clear_bhb_loop+0x40/0x90 [ 608.561254][T27318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.561272][T27318] RIP: 0033:0x7f81b019c819 [ 608.561288][T27318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 608.561305][T27318] RSP: 002b:00007f81b100b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 608.561322][T27318] RAX: ffffffffffffffda RBX: 00007f81b0415fa0 RCX: 00007f81b019c819 [ 608.561334][T27318] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 608.561344][T27318] RBP: 00007f81b0232c91 R08: fffffffffffffffa R09: 0000000000008000 [ 608.561355][T27318] R10: 0000009000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 608.561365][T27318] R13: 00007f81b0416038 R14: 00007f81b0415fa0 R15: 00007ffe80c81308 [ 608.561387][T27318] [ 610.581471][T27367] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 611.911268][T27416] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9884'. [ 612.185834][T27430] netlink: 'syz.2.9889': attribute type 2 has an invalid length. [ 613.956684][T27496] openvswitch: netlink: Duplicate key (type 15). [ 614.316742][T27508] netlink: 'syz.0.9921': attribute type 2 has an invalid length. [ 614.356551][T27508] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9921'. [ 614.955138][T27529] openvswitch: netlink: Multiple metadata blocks provided [ 616.147780][T27580] openvswitch: netlink: Key type 261 is out of range max 32 [ 616.254390][T27580] Process accounting resumed [ 616.947995][T21135] Bluetooth: hci2: SCO packet too small [ 617.335991][T27630] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 617.941107][T27650] netlink: 'syz.1.9991': attribute type 1 has an invalid length. [ 618.005737][T27652] capability: warning: `syz.3.9992' uses 32-bit capabilities (legacy support in use) [ 618.035769][T27654] nbd: illegal input index 37139 [ 618.283010][T27659] nbd: couldn't find device at index 33904 [ 618.761434][ T29] audit: type=1800 audit(4294989175.231:52): pid=27672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.10002" name="SYSV80000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 618.813764][T27677] netlink: 'syz.2.10004': attribute type 1 has an invalid length. [ 620.158708][ T29] audit: type=1800 audit(4294989176.627:53): pid=27728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.10028" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 620.418872][T27742] netlink: 'syz.1.10035': attribute type 3 has an invalid length. [ 621.435303][T27788] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 621.444303][T27788] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 621.587976][T27794] netlink: 'syz.3.10059': attribute type 2 has an invalid length. [ 622.647585][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 622.658071][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 623.511100][T27857] __vm_enough_memory: pid: 27857, comm: syz.2.10088, bytes: 4398046457856 not enough memory for the allocation [ 623.837710][T27867] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 625.407439][T27934] FAULT_INJECTION: forcing a failure. [ 625.407439][T27934] name failslab, interval 1, probability 0, space 0, times 0 [ 625.450928][T27934] CPU: 0 UID: 0 PID: 27934 Comm: syz.1.10122 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 625.450970][T27934] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 625.450978][T27934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 625.450987][T27934] Call Trace: [ 625.450994][T27934] [ 625.451001][T27934] dump_stack_lvl+0x100/0x190 [ 625.451026][T27934] should_fail_ex.cold+0x5/0xa [ 625.451049][T27934] ? tomoyo_encode2+0xfb/0x3c0 [ 625.451068][T27934] should_failslab+0xc2/0x120 [ 625.451090][T27934] __kmalloc_noprof+0xe0/0x850 [ 625.451122][T27934] tomoyo_encode2+0xfb/0x3c0 [ 625.451145][T27934] tomoyo_encode+0x29/0x50 [ 625.451163][T27934] tomoyo_mount_acl+0x14c/0x8b0 [ 625.451184][T27934] ? is_bpf_text_address+0x8a/0x1a0 [ 625.451208][T27934] ? bpf_ksym_find+0x124/0x1c0 [ 625.451227][T27934] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 625.451263][T27934] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 625.451279][T27934] ? kernel_text_address+0x8d/0x100 [ 625.451298][T27934] ? unwind_get_return_address+0x59/0xa0 [ 625.451344][T27934] ? tomoyo_domain+0xb2/0x150 [ 625.451365][T27934] ? tomoyo_profile+0x47/0x60 [ 625.451391][T27934] tomoyo_mount_permission+0x214/0x460 [ 625.451408][T27934] ? tomoyo_mount_permission+0x1f6/0x460 [ 625.451428][T27934] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 625.451460][T27934] security_sb_mount+0xdd/0x270 [ 625.451487][T27934] path_mount+0x158/0x23d0 [ 625.451515][T27934] ? __pfx_path_mount+0x10/0x10 [ 625.451537][T27934] ? lockdep_hardirqs_on+0x78/0x100 [ 625.451566][T27934] ? putname+0xb1/0x110 [ 625.451588][T27934] ? kmem_cache_free+0x127/0x6c0 [ 625.451621][T27934] ? __x64_sys_mount+0x293/0x310 [ 625.451644][T27934] __x64_sys_mount+0x293/0x310 [ 625.451668][T27934] ? __pfx___x64_sys_mount+0x10/0x10 [ 625.451695][T27934] ? rcu_is_watching+0x12/0xc0 [ 625.451718][T27934] do_syscall_64+0x10b/0xf80 [ 625.451745][T27934] ? clear_bhb_loop+0x40/0x90 [ 625.451767][T27934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.451785][T27934] RIP: 0033:0x7f0f4159c819 [ 625.451801][T27934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 625.451818][T27934] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 625.451836][T27934] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 625.451847][T27934] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 625.451857][T27934] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 625.451867][T27934] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 625.451877][T27934] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 625.451900][T27934] [ 626.604607][T27973] openvswitch: netlink: Message has 4 unknown bytes. [ 626.884343][T27983] openvswitch: netlink: IP tunnel dst address not specified [ 626.994220][T27987] netlink: 206 bytes leftover after parsing attributes in process `syz.3.10146'. [ 627.567919][T28009] tipc: Started in network mode [ 627.594835][T28009] tipc: Node identity ffffffff, cluster identity 4711 [ 627.622699][T28009] tipc: Node number set to 4294967295 [ 627.948080][T28019] : entered promiscuous mode [ 628.984209][T28064] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 629.192367][T28071] openvswitch: netlink: Message has 4 unknown bytes. [ 629.423284][T28081] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 631.444676][T28168] FAULT_INJECTION: forcing a failure. [ 631.444676][T28168] name failslab, interval 1, probability 0, space 0, times 0 [ 631.518690][T28168] CPU: 0 UID: 0 PID: 28168 Comm: syz.0.10231 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 631.518726][T28168] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 631.518734][T28168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 631.518744][T28168] Call Trace: [ 631.518750][T28168] [ 631.518757][T28168] dump_stack_lvl+0x100/0x190 [ 631.518782][T28168] should_fail_ex.cold+0x5/0xa [ 631.518806][T28168] should_failslab+0xc2/0x120 [ 631.518827][T28168] __kvmalloc_node_noprof+0xfa/0xa00 [ 631.518845][T28168] ? io_alloc_cache_init+0x38/0x170 [ 631.518868][T28168] ? lockdep_init_map_type+0x5c/0x250 [ 631.518890][T28168] io_alloc_cache_init+0x38/0x170 [ 631.518914][T28168] io_uring_setup.cold+0x3cd/0x1c6e [ 631.518945][T28168] ? __pfx_io_uring_setup+0x10/0x10 [ 631.518969][T28168] ? do_futex+0x192/0x350 [ 631.518989][T28168] ? __pfx_do_futex+0x10/0x10 [ 631.519018][T28168] ? xfd_validate_state+0x129/0x190 [ 631.519035][T28168] ? ksys_write+0x1ac/0x250 [ 631.519060][T28168] __x64_sys_io_uring_setup+0xc2/0x170 [ 631.519079][T28168] do_syscall_64+0x10b/0xf80 [ 631.519106][T28168] ? clear_bhb_loop+0x40/0x90 [ 631.519127][T28168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.519145][T28168] RIP: 0033:0x7f4b6f99c819 [ 631.519160][T28168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 631.519177][T28168] RSP: 002b:00007f4b7091e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 631.519195][T28168] RAX: ffffffffffffffda RBX: 00007f4b6fc15fa0 RCX: 00007f4b6f99c819 [ 631.519206][T28168] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000001 [ 631.519216][T28168] RBP: 00007f4b6fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 631.519226][T28168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 631.519236][T28168] R13: 00007f4b6fc16038 R14: 00007f4b6fc15fa0 R15: 00007ffe179e0938 [ 631.519265][T28168] [ 631.747504][T28172] openvswitch: netlink: Missing valid actions attribute. [ 632.136297][T28192] netlink: 276 bytes leftover after parsing attributes in process `syz.3.10243'. [ 632.734965][T28214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10254'. [ 634.006837][T28263] openvswitch: netlink: Flow actions attr not present in new flow. [ 634.893387][T28295] No such timeout policy "" [ 634.932203][T28295] netlink: Failed to associated timeout policy '' [ 635.078089][T28300] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10292'. [ 635.742026][T28326] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 636.286051][T28345] netlink: 'syz.1.10313': attribute type 4 has an invalid length. [ 636.308950][T28350] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 636.325824][T28345] netlink: 'syz.1.10313': attribute type 1 has an invalid length. [ 636.349650][T28350] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 636.408956][T28350] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 636.455866][T28352] ALSA: mixer_oss: invalid OSS volume ',e&ER$o i<\#Z\' [ 636.469016][ T5922] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 636.507919][T28346] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 636.771326][T28365] netlink: ct family unspecified [ 638.078943][T28422] netlink: 'syz.3.10348': attribute type 1 has an invalid length. [ 639.214066][T28446] ima: policy update failed [ 639.240930][ T29] audit: type=1802 audit(4294967300.848:54): pid=28446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.10359" res=0 errno=0 [ 639.590099][T28462] program syz.3.10367 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 640.354330][T21135] Bluetooth: hci3: unexpected event 0x3e length: 358 > 260 [ 640.354359][T21135] Bluetooth: hci3: unexpected subevent 0x1b length: 357 > 260 [ 642.187353][T28553] netlink: 'syz.2.10408': attribute type 1 has an invalid length. [ 642.752322][T28569] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10416'. [ 643.147809][T28583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10421'. [ 643.498932][T28597] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10429'. [ 643.736038][T28609] netlink: NAT attribute has 4 unknown bytes [ 643.948368][T28619] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10440'. [ 643.957873][T28618] tc_dump_action: action bad kind [ 645.104996][T28668] openvswitch: netlink: Flow key attr not present in new flow. [ 645.798238][T28694] netlink: 'syz.3.10476': attribute type 1 has an invalid length. [ 646.485183][T28728] mmap: syz.2.10491 (28728): VmData 45879296 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 646.885437][T28744] netlink: 3 bytes leftover after parsing attributes in process `syz.1.10499'. [ 647.708303][T28774] netlink: Unknown conntrack attr (type=257, max=9) [ 648.943503][T28828] FAULT_INJECTION: forcing a failure. [ 648.943503][T28828] name failslab, interval 1, probability 0, space 0, times 0 [ 649.007639][T28828] CPU: 0 UID: 0 PID: 28828 Comm: syz.1.10539 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 649.007676][T28828] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 649.007685][T28828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 649.007695][T28828] Call Trace: [ 649.007701][T28828] [ 649.007709][T28828] dump_stack_lvl+0x100/0x190 [ 649.007733][T28828] should_fail_ex.cold+0x5/0xa [ 649.007758][T28828] should_failslab+0xc2/0x120 [ 649.007779][T28828] __kmalloc_node_noprof+0xe6/0x850 [ 649.007808][T28828] ? get_callchain_buffers+0x1e5/0x380 [ 649.007837][T28828] get_callchain_buffers+0x1e5/0x380 [ 649.007860][T28828] ? security_capable+0x80/0x260 [ 649.007885][T28828] stack_map_alloc+0x316/0x610 [ 649.007907][T28828] ? __pfx_stack_map_mem_usage+0x10/0x10 [ 649.007928][T28828] map_create+0x84e/0x2bc0 [ 649.007953][T28828] ? futex_unqueue+0x13d/0x2c0 [ 649.007973][T28828] ? __futex_wait+0x256/0x300 [ 649.008000][T28828] ? __pfx_map_create+0x10/0x10 [ 649.008026][T28828] ? __might_fault+0xc5/0x140 [ 649.008052][T28828] ? __might_fault+0xc5/0x140 [ 649.008093][T28828] __sys_bpf+0x2091/0x4b90 [ 649.008114][T28828] ? __pfx___sys_bpf+0x10/0x10 [ 649.008131][T28828] ? __pfx_futex_wait+0x10/0x10 [ 649.008159][T28828] ? ksys_write+0x190/0x250 [ 649.008178][T28828] ? ksys_write+0x190/0x250 [ 649.008202][T28828] ? do_futex+0x192/0x350 [ 649.008233][T28828] ? xfd_validate_state+0x129/0x190 [ 649.008251][T28828] ? ksys_write+0x1ac/0x250 [ 649.008275][T28828] __x64_sys_bpf+0x7b/0xc0 [ 649.008293][T28828] ? lockdep_hardirqs_on+0x78/0x100 [ 649.008321][T28828] do_syscall_64+0x10b/0xf80 [ 649.008354][T28828] ? clear_bhb_loop+0x40/0x90 [ 649.008377][T28828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.008396][T28828] RIP: 0033:0x7f0f4159c819 [ 649.008412][T28828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 649.008429][T28828] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 649.008448][T28828] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 649.008460][T28828] RDX: 00000000000006f4 RSI: 0000200000000580 RDI: 0000000000000000 [ 649.008470][T28828] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 649.008481][T28828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 649.008491][T28828] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 649.008515][T28828] [ 649.472854][T28838] netlink: Unknown nat attribute (0) [ 649.515220][T28840] netlink: 'syz.1.10543': attribute type 1 has an invalid length. [ 650.320347][T28877] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 650.326962][T28877] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 651.856755][T28941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10589'. [ 653.797947][T29019] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 654.479678][T29030] openvswitch: netlink: IP tunnel dst address not specified [ 655.389108][T29069] netlink: get zone limit has 4 unknown bytes [ 656.862776][T29138] openvswitch: netlink: IP tunnel dst address not specified [ 657.022087][T29147] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 7 [ 677.897363][T29944] netlink: 'syz.3.11048': attribute type 11 has an invalid length. [ 678.155610][T29954] netlink: 'syz.3.11054': attribute type 2 has an invalid length. [ 679.269355][T29999] vhci_hcd: not connected 4 [ 679.790044][T30017] net_ratelimit: 5 callbacks suppressed [ 679.790060][T30017] openvswitch: netlink: Message has 4 unknown bytes. [ 680.621776][T30045] syz_tun: tun_chr_ioctl cmd 1074025694 [ 680.803438][T30054] device-mapper: ioctl: Unable to rename non-existent device,  to [ 681.876128][T30099] openvswitch: netlink: Message has 4 unknown bytes. [ 682.966522][T30137] block nbd1: Unsupported socket: should be TCP or UNIX. [ 683.797008][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 683.809784][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.729006][T30280] sctp: [Deprecated]: syz.0.11181 (pid 30280) Use of int in max_burst socket option. [ 686.729006][T30280] Use struct sctp_assoc_value instead [ 686.881535][T30286] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ekl*[GCHFx^ĒPktkyve' [ 687.080995][ T29] audit: type=1804 audit(4295032885.906:56): pid=30287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.11183" name="/newroot/2770/file0" dev="tmpfs" ino=13923 res=1 errno=0 [ 689.100819][T30366] bridge0: port 3(batadv0) entered blocking state [ 689.124125][T30366] bridge0: port 3(batadv0) entered disabled state [ 689.152286][T30366] batadv0: entered allmulticast mode [ 689.176949][T30366] batadv0: entered promiscuous mode [ 689.209790][T30366] bridge0: port 3(batadv0) entered blocking state [ 689.217884][T30366] bridge0: port 3(batadv0) entered forwarding state [ 689.248718][T30370] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11218'. [ 689.439521][T30375] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 689.470348][T21198] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 689.480139][T21198] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 689.864076][T30394] bridge0: port 3(veth0_to_bridge) entered blocking state [ 689.910972][T30394] bridge0: port 3(veth0_to_bridge) entered disabled state [ 689.942908][T30394] veth0_to_bridge: entered allmulticast mode [ 689.981047][T30394] veth0_to_bridge: entered promiscuous mode [ 690.011433][T30394] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 690.079239][T30394] bridge0: port 3(veth0_to_bridge) entered blocking state [ 690.086532][T30394] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 690.815116][ T29] audit: type=1804 audit(4295032889.663:57): pid=30425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.11243" name="/newroot/2807/file0" dev="tmpfs" ino=14118 res=1 errno=0 [ 691.076368][T30435] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11250'. [ 691.449466][T30447] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 691.455977][T30447] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 693.350818][T30527] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11292'. [ 693.379861][T30529] bridge0: port 4(ipvlan1) entered blocking state [ 693.402275][T30529] bridge0: port 4(ipvlan1) entered disabled state [ 693.427129][T30529] ipvlan1: entered allmulticast mode [ 693.450316][T30529] veth0_vlan: entered allmulticast mode [ 693.517383][T30529] ipvlan1: left allmulticast mode [ 693.535469][T30529] veth0_vlan: left allmulticast mode [ 695.599457][T30601] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11326'. [ 696.358471][T30623] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11335'. [ 696.527642][T30629] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11338'. [ 697.931526][T30669] syz_tun: tun_chr_ioctl cmd 1074025688 [ 699.772936][T30714] GUP no longer grows the stack in syz.3.11372 (30714): 5000-401000 (4000) [ 699.817929][T30714] CPU: 0 UID: 0 PID: 30714 Comm: syz.3.11372 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 699.817964][T30714] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 699.817973][T30714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 699.817984][T30714] Call Trace: [ 699.817991][T30714] [ 699.817998][T30714] dump_stack_lvl+0x100/0x190 [ 699.818022][T30714] gup_vma_lookup.cold+0x83/0x96 [ 699.818049][T30714] __get_user_pages+0x241/0x32a0 [ 699.818079][T30714] ? register_lock_class+0x40/0x560 [ 699.818097][T30714] ? __kmalloc_noprof+0x301/0x850 [ 699.818124][T30714] ? __pfx___get_user_pages+0x10/0x10 [ 699.818145][T30714] ? do_syscall_64+0x10b/0xf80 [ 699.818178][T30714] __gup_longterm_locked+0x87d/0x16f0 [ 699.818200][T30714] ? __lock_acquire+0x4a5/0x2630 [ 699.818220][T30714] ? __pfx___gup_longterm_locked+0x10/0x10 [ 699.818253][T30714] pin_user_pages_remote+0xed/0x140 [ 699.818277][T30714] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 699.818309][T30714] process_vm_rw_core.constprop.0+0x412/0x950 [ 699.818343][T30714] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 699.818364][T30714] ? import_ubuf+0x1b6/0x220 [ 699.818400][T30714] ? iovec_from_user+0xda/0x140 [ 699.818428][T30714] process_vm_rw+0x226/0x2d0 [ 699.818448][T30714] ? __pfx_process_vm_rw+0x10/0x10 [ 699.818472][T30714] ? __pfx___do_sys_mremap+0x10/0x10 [ 699.818524][T30714] ? xfd_validate_state+0x129/0x190 [ 699.818543][T30714] ? __task_pid_nr_ns+0x1ca/0x510 [ 699.818573][T30714] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 699.818593][T30714] ? do_syscall_64+0x90/0xf80 [ 699.818618][T30714] ? lockdep_hardirqs_on+0x78/0x100 [ 699.818644][T30714] do_syscall_64+0x10b/0xf80 [ 699.818670][T30714] ? clear_bhb_loop+0x40/0x90 [ 699.818691][T30714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.818710][T30714] RIP: 0033:0x7f81b019c819 [ 699.818726][T30714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 699.818743][T30714] RSP: 002b:00007f81b100b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 699.818762][T30714] RAX: ffffffffffffffda RBX: 00007f81b0415fa0 RCX: 00007f81b019c819 [ 699.818775][T30714] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 00000000000016a6 [ 699.818786][T30714] RBP: 00007f81b0232c91 R08: 0000000000000006 R09: 0000000000000000 [ 699.818797][T30714] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 699.818808][T30714] R13: 00007f81b0416038 R14: 00007f81b0415fa0 R15: 00007ffe80c81308 [ 699.818831][T30714] [ 706.247964][T30886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11433'. [ 708.320363][T30936] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11456'. [ 708.890926][T30953] sctp: [Deprecated]: syz.3.11464 (pid 30953) Use of int in maxseg socket option. [ 708.890926][T30953] Use struct sctp_assoc_value instead [ 709.914626][T30987] tunl0: entered allmulticast mode [ 711.219537][T31028] FAULT_INJECTION: forcing a failure. [ 711.219537][T31028] name failslab, interval 1, probability 0, space 0, times 0 [ 711.278116][T31028] CPU: 0 UID: 0 PID: 31028 Comm: syz.1.11495 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 711.278152][T31028] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 711.278161][T31028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 711.278172][T31028] Call Trace: [ 711.278178][T31028] [ 711.278185][T31028] dump_stack_lvl+0x100/0x190 [ 711.278209][T31028] should_fail_ex.cold+0x5/0xa [ 711.278233][T31028] should_failslab+0xc2/0x120 [ 711.278254][T31028] __kvmalloc_node_noprof+0xfa/0xa00 [ 711.278272][T31028] ? alloc_fdtable+0x110/0x2d0 [ 711.278297][T31028] alloc_fdtable+0x110/0x2d0 [ 711.278318][T31028] dup_fd+0x995/0xd10 [ 711.278345][T31028] __x64_sys_close_range+0x50f/0x5d0 [ 711.278370][T31028] ? __pfx___x64_sys_close_range+0x10/0x10 [ 711.278394][T31028] ? rcu_is_watching+0x12/0xc0 [ 711.278418][T31028] do_syscall_64+0x10b/0xf80 [ 711.278444][T31028] ? clear_bhb_loop+0x40/0x90 [ 711.278474][T31028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.278493][T31028] RIP: 0033:0x7f0f4159c819 [ 711.278509][T31028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 711.278527][T31028] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 711.278544][T31028] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 711.278556][T31028] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: 0000000000000003 [ 711.278566][T31028] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 711.278577][T31028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 711.278587][T31028] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 711.278609][T31028] [ 711.878117][T31041] netlink: 346 bytes leftover after parsing attributes in process `syz.1.11503'. [ 712.807013][T31068] netlink: 350 bytes leftover after parsing attributes in process `syz.3.11513'. [ 713.280172][T31085] netlink: 'syz.0.11519': attribute type 33 has an invalid length. [ 713.888292][T31119] FAULT_INJECTION: forcing a failure. [ 713.888292][T31119] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 713.958893][T31119] CPU: 0 UID: 0 PID: 31119 Comm: syz.0.11526 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 713.958930][T31119] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 713.958938][T31119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 713.958948][T31119] Call Trace: [ 713.958954][T31119] [ 713.958961][T31119] dump_stack_lvl+0x100/0x190 [ 713.958986][T31119] should_fail_ex.cold+0x5/0xa [ 713.959009][T31119] core_sys_select+0x5d1/0xbb0 [ 713.959035][T31119] ? __pfx_core_sys_select+0x10/0x10 [ 713.959077][T31119] ? ktime_get_ts64+0x306/0x420 [ 713.959107][T31119] ? ktime_get_ts64+0x318/0x420 [ 713.959133][T31119] ? ktime_get_ts64+0x257/0x420 [ 713.959163][T31119] kern_select+0x20c/0x270 [ 713.959185][T31119] ? __pfx_kern_select+0x10/0x10 [ 713.959205][T31119] ? xfd_validate_state+0x129/0x190 [ 713.959230][T31119] __x64_sys_select+0xbd/0x160 [ 713.959249][T31119] ? do_syscall_64+0x90/0xf80 [ 713.959275][T31119] ? lockdep_hardirqs_on+0x78/0x100 [ 713.959301][T31119] do_syscall_64+0x10b/0xf80 [ 713.959327][T31119] ? clear_bhb_loop+0x40/0x90 [ 713.959348][T31119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.959367][T31119] RIP: 0033:0x7f4b6f99c819 [ 713.959382][T31119] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 713.959399][T31119] RSP: 002b:00007f4b7091e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 713.959427][T31119] RAX: ffffffffffffffda RBX: 00007f4b6fc15fa0 RCX: 00007f4b6f99c819 [ 713.959439][T31119] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 713.959450][T31119] RBP: 00007f4b6fa32c91 R08: 0000200000000200 R09: 0000000000000000 [ 713.959461][T31119] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 713.959472][T31119] R13: 00007f4b6fc16038 R14: 00007f4b6fc15fa0 R15: 00007ffe179e0938 [ 713.959494][T31119] [ 716.121046][T31159] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11544'. [ 716.528484][T31180] FAULT_INJECTION: forcing a failure. [ 716.528484][T31180] name failslab, interval 1, probability 0, space 0, times 0 [ 716.595827][T31180] CPU: 0 UID: 0 PID: 31180 Comm: syz.1.11553 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 716.595863][T31180] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 716.595872][T31180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 716.595883][T31180] Call Trace: [ 716.595889][T31180] [ 716.595896][T31180] dump_stack_lvl+0x100/0x190 [ 716.595922][T31180] should_fail_ex.cold+0x5/0xa [ 716.595945][T31180] should_failslab+0xc2/0x120 [ 716.595966][T31180] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 716.595985][T31180] ? key_alloc+0x423/0x1310 [ 716.596002][T31180] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 716.596033][T31180] kmemdup_noprof+0x29/0x60 [ 716.596052][T31180] key_alloc+0x423/0x1310 [ 716.596077][T31180] ? __pfx_key_alloc+0x10/0x10 [ 716.596099][T31180] keyring_alloc+0x44/0xc0 [ 716.596120][T31180] install_session_keyring_to_cred+0x190/0x230 [ 716.596150][T31180] join_session_keyring+0x1bc/0x350 [ 716.596178][T31180] lookup_user_key+0x32f/0x1300 [ 716.596207][T31180] ? __pfx_lookup_user_key+0x10/0x10 [ 716.596235][T31180] ? __pfx_futex_wait+0x10/0x10 [ 716.596261][T31180] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 716.596298][T31180] keyctl_get_persistent+0x197/0x8b0 [ 716.596319][T31180] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 716.596344][T31180] ? map_id_range_down+0x2bc/0x3b0 [ 716.596370][T31180] ? __x64_sys_futex+0x34f/0x4d0 [ 716.596388][T31180] ? __x64_sys_futex+0x358/0x4d0 [ 716.596409][T31180] ? xfd_validate_state+0x129/0x190 [ 716.596432][T31180] __do_sys_keyctl+0x3b2/0x5a0 [ 716.596458][T31180] do_syscall_64+0x10b/0xf80 [ 716.596485][T31180] ? clear_bhb_loop+0x40/0x90 [ 716.596507][T31180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.596525][T31180] RIP: 0033:0x7f0f4159c819 [ 716.596541][T31180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 716.596559][T31180] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 716.596577][T31180] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 716.596589][T31180] RDX: 7ffffffffffffffd RSI: 0000000000000000 RDI: 0000000000000016 [ 716.596600][T31180] RBP: 00007f0f41632c91 R08: 0010000000000004 R09: 0000000000000000 [ 716.596611][T31180] R10: ffffffffffffe6d6 R11: 0000000000000246 R12: 0000000000000000 [ 716.596621][T31180] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 716.596644][T31180] [ 717.276125][T31201] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11564'. [ 717.645845][T31213] FAULT_INJECTION: forcing a failure. [ 717.645845][T31213] name fail_futex, interval 1, probability 0, space 0, times 1 [ 717.703010][T31213] CPU: 0 UID: 0 PID: 31213 Comm: syz.1.11568 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 717.703047][T31213] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 717.703056][T31213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 717.703067][T31213] Call Trace: [ 717.703073][T31213] [ 717.703080][T31213] dump_stack_lvl+0x100/0x190 [ 717.703105][T31213] should_fail_ex.cold+0x5/0xa [ 717.703128][T31213] get_futex_key+0x1d2/0x1510 [ 717.703149][T31213] ? __pfx_get_futex_key+0x10/0x10 [ 717.703171][T31213] ? __sys_bpf+0x173/0x4b90 [ 717.703191][T31213] futex_wake+0xea/0x530 [ 717.703239][T31213] ? __pfx___sys_bpf+0x10/0x10 [ 717.703256][T31213] ? __pfx_futex_wait+0x10/0x10 [ 717.703279][T31213] ? __pfx_futex_wake+0x10/0x10 [ 717.703304][T31213] ? lockdep_hardirqs_on+0x78/0x100 [ 717.703336][T31213] do_futex+0x32b/0x350 [ 717.703356][T31213] ? __pfx_do_futex+0x10/0x10 [ 717.703382][T31213] __x64_sys_futex+0x34f/0x4d0 [ 717.703404][T31213] ? __pfx___x64_sys_futex+0x10/0x10 [ 717.703433][T31213] ? rcu_is_watching+0x12/0xc0 [ 717.703457][T31213] do_syscall_64+0x10b/0xf80 [ 717.703483][T31213] ? clear_bhb_loop+0x40/0x90 [ 717.703505][T31213] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.703523][T31213] RIP: 0033:0x7f0f4159c819 [ 717.703539][T31213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 717.703557][T31213] RSP: 002b:00007f0f4244a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 717.703575][T31213] RAX: ffffffffffffffda RBX: 00007f0f41815fa8 RCX: 00007f0f4159c819 [ 717.703588][T31213] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0f41815fac [ 717.703599][T31213] RBP: 00007f0f41815fa0 R08: 0000000000000001 R09: 0000000000000000 [ 717.703609][T31213] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 717.703620][T31213] R13: 00007f0f41816038 R14: 00007fff41da7250 R15: 00007fff41da7338 [ 717.703642][T31213] [ 718.447867][T31239] zswap: compressor not available [ 719.082158][T31264] FAULT_INJECTION: forcing a failure. [ 719.082158][T31264] name failslab, interval 1, probability 0, space 0, times 0 [ 719.126935][T31264] CPU: 0 UID: 0 PID: 31264 Comm: syz.0.11590 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 719.126972][T31264] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 719.126980][T31264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 719.126990][T31264] Call Trace: [ 719.126997][T31264] [ 719.127004][T31264] dump_stack_lvl+0x100/0x190 [ 719.127029][T31264] should_fail_ex.cold+0x5/0xa [ 719.127051][T31264] ? lsm_blob_alloc+0x68/0x90 [ 719.127077][T31264] should_failslab+0xc2/0x120 [ 719.127098][T31264] __kmalloc_noprof+0xe0/0x850 [ 719.127125][T31264] ? trace_kmem_cache_alloc+0xd5/0x100 [ 719.127151][T31264] lsm_blob_alloc+0x68/0x90 [ 719.127172][T31264] security_sk_alloc+0x2d/0x290 [ 719.127199][T31264] sk_prot_alloc+0x1d1/0x2a0 [ 719.127224][T31264] sk_alloc+0x36/0xe80 [ 719.127241][T31264] rxrpc_create+0x116/0x8d0 [ 719.127261][T31264] __sock_create+0x339/0x860 [ 719.127290][T31264] __sys_socket+0x14d/0x260 [ 719.127317][T31264] ? __pfx___sys_socket+0x10/0x10 [ 719.127348][T31264] __x64_sys_socket+0x72/0xb0 [ 719.127372][T31264] ? lockdep_hardirqs_on+0x78/0x100 [ 719.127442][T31264] do_syscall_64+0x10b/0xf80 [ 719.127469][T31264] ? clear_bhb_loop+0x40/0x90 [ 719.127491][T31264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.127510][T31264] RIP: 0033:0x7f4b6f99c819 [ 719.127526][T31264] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 719.127544][T31264] RSP: 002b:00007f4b7091e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 719.127562][T31264] RAX: ffffffffffffffda RBX: 00007f4b6fc15fa0 RCX: 00007f4b6f99c819 [ 719.127574][T31264] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021 [ 719.127585][T31264] RBP: 00007f4b6fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 719.127596][T31264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 719.127606][T31264] R13: 00007f4b6fc16038 R14: 00007f4b6fc15fa0 R15: 00007ffe179e0938 [ 719.127629][T31264] [ 722.095418][T31358] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 723.374536][T31400] zswap: compressor not available [ 723.572744][T31415] bridge_slave_1: left allmulticast mode [ 723.602253][T31415] bridge_slave_1: left promiscuous mode [ 723.635469][T31415] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.094360][T31535] sock: sock_timestamping_bind_phc: sock not bind to device [ 732.381258][T31717] ovs_?: entered promiscuous mode [ 732.886972][T31737] ovs_: entered promiscuous mode [ 733.834288][T31769] FAULT_INJECTION: forcing a failure. [ 733.834288][T31769] name failslab, interval 1, probability 0, space 0, times 0 [ 733.891515][T31769] CPU: 0 UID: 0 PID: 31769 Comm: syz.1.11759 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 733.891550][T31769] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 733.891558][T31769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 733.891568][T31769] Call Trace: [ 733.891576][T31769] [ 733.891583][T31769] dump_stack_lvl+0x100/0x190 [ 733.891609][T31769] should_fail_ex.cold+0x5/0xa [ 733.891632][T31769] should_failslab+0xc2/0x120 [ 733.891653][T31769] __kvmalloc_node_noprof+0xfa/0xa00 [ 733.891670][T31769] ? alloc_fdtable+0x110/0x2d0 [ 733.891695][T31769] alloc_fdtable+0x110/0x2d0 [ 733.891715][T31769] dup_fd+0x995/0xd10 [ 733.891742][T31769] ksys_unshare+0x802/0xab0 [ 733.891775][T31769] ? __pfx_ksys_unshare+0x10/0x10 [ 733.891800][T31769] ? xfd_validate_state+0x129/0x190 [ 733.891817][T31769] ? ksys_write+0x1ac/0x250 [ 733.891844][T31769] __x64_sys_unshare+0x31/0x40 [ 733.891870][T31769] do_syscall_64+0x10b/0xf80 [ 733.891897][T31769] ? clear_bhb_loop+0x40/0x90 [ 733.891919][T31769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.891937][T31769] RIP: 0033:0x7f0f4159c819 [ 733.891952][T31769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 733.891970][T31769] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 733.891988][T31769] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 733.892000][T31769] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 733.892010][T31769] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 733.892021][T31769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 733.892031][T31769] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 733.892053][T31769] [ 737.160792][T31857] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 737.205136][T31857] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 737.842688][T31881] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11808'. [ 737.971993][T31887] netlink: 21 bytes leftover after parsing attributes in process `syz.2.11811'. [ 738.583986][T31910] bridge0: port 4(team0) entered blocking state [ 738.620948][T31910] bridge0: port 4(team0) entered disabled state [ 738.658176][T31910] team0: entered allmulticast mode [ 738.686332][T31910] team_slave_0: entered allmulticast mode [ 738.723152][T31910] team_slave_1: entered allmulticast mode [ 738.769103][T31910] team0: entered promiscuous mode [ 738.794895][T31910] team_slave_0: entered promiscuous mode [ 738.818816][T31910] team_slave_1: entered promiscuous mode [ 738.852336][T31910] bridge0: port 4(team0) entered blocking state [ 738.858815][T31910] bridge0: port 4(team0) entered forwarding state [ 740.039003][T31951] netlink: 'syz.3.11839': attribute type 2 has an invalid length. [ 741.880225][T31994] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11856'. [ 742.013512][T31996] ptrace attach of "./syz-executor exec"[5845] was attempted by ""[31996] [ 742.411728][ T29] audit: type=1326 audit(4295032941.506:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32003 comm="syz.2.11861" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f70e879c819 code=0x0 [ 742.482216][T32008] netlink: 350 bytes leftover after parsing attributes in process `syz.1.11862'. [ 744.950059][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 744.961272][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 745.197708][T32086] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 748.719684][T32212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11938'. [ 750.266608][T32263] IPVS: length: 7562853 != 24 [ 750.881178][T32288] netlink: 338 bytes leftover after parsing attributes in process `syz.2.11971'. [ 751.800497][T32325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11985'. [ 752.190880][T32336] FAULT_INJECTION: forcing a failure. [ 752.190880][T32336] name failslab, interval 1, probability 0, space 0, times 0 [ 752.248501][T32336] CPU: 0 UID: 0 PID: 32336 Comm: syz.1.11990 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 752.248536][T32336] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 752.248544][T32336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 752.248555][T32336] Call Trace: [ 752.248563][T32336] [ 752.248570][T32336] dump_stack_lvl+0x100/0x190 [ 752.248594][T32336] should_fail_ex.cold+0x5/0xa [ 752.248618][T32336] should_failslab+0xc2/0x120 [ 752.248640][T32336] __kmalloc_cache_noprof+0x7a/0x6f0 [ 752.248666][T32336] ? do_epoll_create+0x62/0x4b0 [ 752.248692][T32336] do_epoll_create+0x62/0x4b0 [ 752.248715][T32336] __x64_sys_epoll_create+0x45/0x70 [ 752.248738][T32336] do_syscall_64+0x10b/0xf80 [ 752.248765][T32336] ? clear_bhb_loop+0x40/0x90 [ 752.248789][T32336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.248807][T32336] RIP: 0033:0x7f0f4159c819 [ 752.248823][T32336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 752.248840][T32336] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 752.248859][T32336] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 752.248870][T32336] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 752.248881][T32336] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 752.248891][T32336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.248902][T32336] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 752.248925][T32336] [ 753.567166][T32393] netlink: 206 bytes leftover after parsing attributes in process `syz.1.12004'. [ 753.931981][T32413] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12009'. [ 755.064729][T32456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12020'. [ 757.503390][T32544] netlink: 29 bytes leftover after parsing attributes in process `syz.0.12047'. [ 759.038154][T32594] FAULT_INJECTION: forcing a failure. [ 759.038154][T32594] name failslab, interval 1, probability 0, space 0, times 0 [ 759.083234][T32594] CPU: 0 UID: 0 PID: 32594 Comm: syz.0.12067 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 759.083269][T32594] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 759.083278][T32594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 759.083289][T32594] Call Trace: [ 759.083295][T32594] [ 759.083303][T32594] dump_stack_lvl+0x100/0x190 [ 759.083327][T32594] should_fail_ex.cold+0x5/0xa [ 759.083349][T32594] should_failslab+0xc2/0x120 [ 759.083370][T32594] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 759.083398][T32594] ? alloc_uid+0x13d/0x4c0 [ 759.083423][T32594] ? rcu_is_watching+0x12/0xc0 [ 759.083448][T32594] alloc_uid+0x13d/0x4c0 [ 759.083473][T32594] ? __pfx_alloc_uid+0x10/0x10 [ 759.083498][T32594] ? bpf_lsm_cred_prepare+0x9/0x10 [ 759.083518][T32594] ? security_prepare_creds+0xa8/0x290 [ 759.083543][T32594] __sys_setresuid+0x4f2/0x1280 [ 759.083568][T32594] do_syscall_64+0x10b/0xf80 [ 759.083594][T32594] ? clear_bhb_loop+0x40/0x90 [ 759.083616][T32594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 759.083634][T32594] RIP: 0033:0x7f4b6f99c819 [ 759.083650][T32594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 759.083668][T32594] RSP: 002b:00007f4b7091e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 759.083685][T32594] RAX: ffffffffffffffda RBX: 00007f4b6fc15fa0 RCX: 00007f4b6f99c819 [ 759.083697][T32594] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 759.083707][T32594] RBP: 00007f4b6fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 759.083717][T32594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 759.083728][T32594] R13: 00007f4b6fc16038 R14: 00007f4b6fc15fa0 R15: 00007ffe179e0938 [ 759.083751][T32594] [ 760.273503][T32624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12081'. [ 761.230293][T32652] netlink: 'syz.3.12093': attribute type 4 has an invalid length. [ 761.257337][T32652] netlink: 62 bytes leftover after parsing attributes in process `syz.3.12093'. [ 762.035454][T32679] bridge0: port 2(bond0) entered blocking state [ 762.063160][T32679] bridge0: port 2(bond0) entered disabled state [ 762.085317][T32679] bond0: entered allmulticast mode [ 762.101574][T32679] bond_slave_0: entered allmulticast mode [ 762.127776][T32679] bond_slave_1: entered allmulticast mode [ 762.151786][T32679] bond0: entered promiscuous mode [ 762.172804][T32679] bond_slave_0: entered promiscuous mode [ 762.193168][T32679] bond_slave_1: entered promiscuous mode [ 762.201683][T32685] FAULT_INJECTION: forcing a failure. [ 762.201683][T32685] name failslab, interval 1, probability 0, space 0, times 0 [ 762.225503][T32679] bridge0: port 2(bond0) entered blocking state [ 762.231901][T32679] bridge0: port 2(bond0) entered forwarding state [ 762.243797][T32685] CPU: 0 UID: 0 PID: 32685 Comm: syz.3.12108 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 762.243832][T32685] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 762.243840][T32685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 762.243851][T32685] Call Trace: [ 762.243857][T32685] [ 762.243864][T32685] dump_stack_lvl+0x100/0x190 [ 762.243889][T32685] should_fail_ex.cold+0x5/0xa [ 762.243913][T32685] should_failslab+0xc2/0x120 [ 762.243934][T32685] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 762.243961][T32685] ? prepare_creds+0x2c/0x950 [ 762.243986][T32685] prepare_creds+0x2c/0x950 [ 762.244016][T32685] __sys_setuid+0x9c/0x440 [ 762.244038][T32685] do_syscall_64+0x10b/0xf80 [ 762.244065][T32685] ? clear_bhb_loop+0x40/0x90 [ 762.244088][T32685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 762.244107][T32685] RIP: 0033:0x7f81b019c819 [ 762.244122][T32685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 762.244140][T32685] RSP: 002b:00007f81b100b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 762.244158][T32685] RAX: ffffffffffffffda RBX: 00007f81b0415fa0 RCX: 00007f81b019c819 [ 762.244169][T32685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 762.244179][T32685] RBP: 00007f81b0232c91 R08: 0000000000000000 R09: 0000000000000000 [ 762.244190][T32685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 762.244201][T32685] R13: 00007f81b0416038 R14: 00007f81b0415fa0 R15: 00007ffe80c81308 [ 762.244223][T32685] [ 762.953391][T32704] bridge0: port 5(syz_tun) entered blocking state [ 762.978065][T32704] bridge0: port 5(syz_tun) entered disabled state [ 763.001593][T32704] syz_tun: entered allmulticast mode [ 763.047917][T32704] syz_tun: entered promiscuous mode [ 763.071549][T32704] bridge0: port 5(syz_tun) entered blocking state [ 763.078229][T32704] bridge0: port 5(syz_tun) entered forwarding state [ 763.870090][T32738] FAULT_INJECTION: forcing a failure. [ 763.870090][T32738] name failslab, interval 1, probability 0, space 0, times 0 [ 763.924941][T32738] CPU: 0 UID: 0 PID: 32738 Comm: syz.1.12133 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 763.924977][T32738] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 763.924986][T32738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 763.924996][T32738] Call Trace: [ 763.925002][T32738] [ 763.925010][T32738] dump_stack_lvl+0x100/0x190 [ 763.925034][T32738] should_fail_ex.cold+0x5/0xa [ 763.925057][T32738] should_failslab+0xc2/0x120 [ 763.925079][T32738] __kmalloc_cache_noprof+0x7a/0x6f0 [ 763.925104][T32738] ? trace_pid_list_alloc+0x232/0x480 [ 763.925135][T32738] trace_pid_list_alloc+0x232/0x480 [ 763.925163][T32738] trace_pid_write+0x110/0x460 [ 763.925188][T32738] ? __pfx_trace_pid_write+0x10/0x10 [ 763.925225][T32738] event_pid_write.isra.0+0x1e4/0x7d0 [ 763.925253][T32738] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 763.925287][T32738] vfs_write+0x2aa/0x1070 [ 763.925307][T32738] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 763.925336][T32738] ? __pfx_vfs_write+0x10/0x10 [ 763.925355][T32738] ? __fget_files+0x215/0x3d0 [ 763.925380][T32738] ? __fget_files+0x21f/0x3d0 [ 763.925406][T32738] ksys_write+0x12a/0x250 [ 763.925426][T32738] ? __pfx_ksys_write+0x10/0x10 [ 763.925447][T32738] ? rcu_is_watching+0x12/0xc0 [ 763.925471][T32738] do_syscall_64+0x10b/0xf80 [ 763.925498][T32738] ? clear_bhb_loop+0x40/0x90 [ 763.925519][T32738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 763.925537][T32738] RIP: 0033:0x7f0f4159c819 [ 763.925553][T32738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 763.925571][T32738] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 763.925589][T32738] RAX: ffffffffffffffda RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 763.925601][T32738] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 763.925611][T32738] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 763.925622][T32738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 763.925632][T32738] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 763.925656][T32738] [ 764.708166][T32766] netlink: 342 bytes leftover after parsing attributes in process `syz.0.12145'. [ 765.732344][ T337] bridge0: port 6(bond0) entered blocking state [ 765.766437][ T337] bridge0: port 6(bond0) entered disabled state [ 765.788341][ T337] bond0: entered allmulticast mode [ 765.804876][ T337] bond_slave_0: entered allmulticast mode [ 765.828257][ T337] bond_slave_1: entered allmulticast mode [ 765.847610][ T337] bond0: entered promiscuous mode [ 765.857118][ T337] bond_slave_0: entered promiscuous mode [ 765.863374][ T337] bond_slave_1: entered promiscuous mode [ 765.870910][ T337] bridge0: port 6(bond0) entered blocking state [ 765.877295][ T337] bridge0: port 6(bond0) entered forwarding state [ 765.909811][T21135] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 768.253014][ T465] netlink: 16 bytes leftover after parsing attributes in process `syz.2.12192'. [ 768.746538][ T470] NFSD: Failed to start, no listeners configured. [ 769.201355][ T487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12200'. [ 771.469713][ T570] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 772.633601][ T607] FAULT_INJECTION: forcing a failure. [ 772.633601][ T607] name failslab, interval 1, probability 0, space 0, times 0 [ 772.698382][ T607] CPU: 0 UID: 0 PID: 607 Comm: syz.1.12235 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 772.698417][ T607] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 772.698425][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 772.698435][ T607] Call Trace: [ 772.698442][ T607] [ 772.698449][ T607] dump_stack_lvl+0x100/0x190 [ 772.698475][ T607] should_fail_ex.cold+0x5/0xa [ 772.698498][ T607] should_failslab+0xc2/0x120 [ 772.698520][ T607] __kmalloc_cache_noprof+0x7a/0x6f0 [ 772.698546][ T607] ? vkms_plane_duplicate_state+0x87/0x130 [ 772.698580][ T607] vkms_plane_duplicate_state+0x87/0x130 [ 772.698609][ T607] drm_atomic_get_plane_state+0x279/0x760 [ 772.698634][ T607] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 772.698661][ T607] ? rcu_is_watching+0x12/0xc0 [ 772.698690][ T607] ? __mutex_lock+0x26d/0x1b10 [ 772.698720][ T607] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 772.698747][ T607] ? drm_master_internal_acquire+0x21/0x80 [ 772.698795][ T607] drm_client_modeset_commit_locked+0x14d/0x580 [ 772.698826][ T607] drm_client_modeset_commit+0x4f/0x80 [ 772.698854][ T607] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 772.698883][ T607] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 772.698911][ T607] drm_fbdev_client_restore+0x1b/0x30 [ 772.698933][ T607] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 772.698952][ T607] drm_client_dev_restore+0x205/0x2a0 [ 772.698983][ T607] drm_release+0x2c6/0x360 [ 772.699007][ T607] ? __pfx_drm_release+0x10/0x10 [ 772.699031][ T607] __fput+0x3ff/0xb50 [ 772.699061][ T607] task_work_run+0x150/0x240 [ 772.699080][ T607] ? __pfx_task_work_run+0x10/0x10 [ 772.699100][ T607] ? rcu_is_watching+0x12/0xc0 [ 772.699131][ T607] exit_to_user_mode_loop+0x100/0x4a0 [ 772.699149][ T607] ? do_syscall_64+0x519/0xf80 [ 772.699178][ T607] do_syscall_64+0x6f2/0xf80 [ 772.699204][ T607] ? clear_bhb_loop+0x40/0x90 [ 772.699227][ T607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.699246][ T607] RIP: 0033:0x7f0f4159c819 [ 772.699262][ T607] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 772.699280][ T607] RSP: 002b:00007f0f4244a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 772.699298][ T607] RAX: 0000000000000000 RBX: 00007f0f41815fa0 RCX: 00007f0f4159c819 [ 772.699309][ T607] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 772.699319][ T607] RBP: 00007f0f41632c91 R08: 0000000000000000 R09: 0000000000000000 [ 772.699330][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 772.699340][ T607] R13: 00007f0f41816038 R14: 00007f0f41815fa0 R15: 00007fff41da7338 [ 772.699364][ T607] [ 773.546063][ T627] netlink: 206 bytes leftover after parsing attributes in process `syz.0.12237'. [ 773.736264][ T633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12239'. [ 773.757062][ T633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12239'. [ 775.458978][T21135] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 775.594743][ T685] openvswitch: netlink: IPv4 tunnel dst address is zero [ 777.582951][T21135] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 778.580567][ T808] NFSD: Failed to start, no listeners configured. [ 780.377616][ T845] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 781.504623][ T900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12300'. [ 814.682527][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 887.934137][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 887.941215][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P457/1:b..l [ 887.949698][ C0] rcu: (detected by 0, t=10502 jiffies, g=255177, q=1023 ncpus=1) [ 887.957736][ C0] task:syz.2.12190 state:R running task stack:22520 pid:457 tgid:457 ppid:5843 task_flags:0x40064c flags:0x00080001 [ 887.972859][ C0] Call Trace: [ 887.976162][ C0] [ 887.979124][ C0] __schedule+0x10e9/0x6820 [ 887.983653][ C0] ? __pfx___schedule+0x10/0x10 [ 887.988519][ C0] ? rcu_is_watching+0x12/0xc0 [ 887.993392][ C0] preempt_schedule_irq+0x50/0x90 [ 887.998530][ C0] irqentry_exit+0x1fe/0x790 [ 888.003164][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 888.009193][ C0] RIP: 0010:lock_acquire+0x5e/0x370 [ 888.014434][ C0] Code: 05 3b 19 2f 12 83 f8 07 0f 87 d9 02 00 00 48 0f a3 05 46 87 f7 0e 0f 82 a4 02 00 00 8b 35 ae ba f7 0e 85 f6 0f 85 bf 00 00 00 <48> 8b 44 24 30 65 48 2b 05 dd 18 2f 12 0f 85 ed 02 00 00 48 83 c4 [ 888.034097][ C0] RSP: 0000:ffffc90005026eb8 EFLAGS: 00000206 [ 888.040262][ C0] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000000 [ 888.048233][ C0] RDX: 0000000000000000 RSI: ffffffff8df2fec2 RDI: ffffffff8c1c1080 [ 888.056227][ C0] RBP: ffffffff8e7e5260 R08: 0000000086db7919 R09: 0000000000000007 [ 888.064201][ C0] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002 [ 888.072186][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 888.080190][ C0] ? unwind_next_frame+0x3be/0x2090 [ 888.085417][ C0] ? unwind_next_frame+0x3be/0x2090 [ 888.090625][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 888.096789][ C0] unwind_next_frame+0xd1/0x2090 [ 888.101729][ C0] ? unwind_next_frame+0xbd/0x2090 [ 888.106841][ C0] ? finish_dput+0x76/0x480 [ 888.111439][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 888.117596][ C0] arch_stack_walk+0x94/0xf0 [ 888.122213][ C0] ? finish_dput+0x76/0x480 [ 888.126996][ C0] stack_trace_save+0x8e/0xc0 [ 888.131764][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 888.137401][ C0] ? __lock_acquire+0x4a5/0x2630 [ 888.142337][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 888.148154][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 888.153363][ C0] save_stack+0x162/0x1e0 [ 888.157694][ C0] ? __pfx_save_stack+0x10/0x10 [ 888.162835][ C0] ? free_unref_folios+0xa0d/0x16f0 [ 888.168062][ C0] ? folios_put_refs+0x571/0xa90 [ 888.173290][ C0] ? shmem_undo_range+0x5e5/0x1570 [ 888.178431][ C0] ? shmem_evict_inode+0x3f3/0xc40 [ 888.183561][ C0] ? evict+0x3c2/0xad0 [ 888.187645][ C0] ? iput.part.0+0x605/0xf50 [ 888.192262][ C0] ? iput+0x35/0x40 [ 888.196074][ C0] ? dentry_unlink_inode+0x2c0/0x4c0 [ 888.201374][ C0] ? __dentry_kill+0x1d0/0x690 [ 888.206191][ C0] ? finish_dput+0x76/0x480 [ 888.210724][ C0] ? page_ext_put+0x3e/0xd0 [ 888.215473][ C0] __reset_page_owner+0x84/0x190 [ 888.220491][ C0] free_unref_folios+0xa0d/0x16f0 [ 888.225542][ C0] ? __print_lock_name+0x60/0x80 [ 888.230499][ C0] ? folios_put_refs+0x50a/0xa90 [ 888.235455][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 888.241354][ C0] folios_put_refs+0x571/0xa90 [ 888.246229][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 888.251698][ C0] ? folio_batch_remove_exceptionals+0x115/0x1a0 [ 888.258032][ C0] shmem_undo_range+0x5e5/0x1570 [ 888.262980][ C0] ? __pfx_shmem_undo_range+0x10/0x10 [ 888.268350][ C0] ? __lock_acquire+0x4a5/0x2630 [ 888.273298][ C0] ? rcu_is_watching+0x12/0xc0 [ 888.278082][ C0] ? do_raw_spin_unlock+0x145/0x1e0 [ 888.283368][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 888.289183][ C0] ? debug_object_assert_init+0x1c4/0x300 [ 888.294918][ C0] ? find_held_lock+0x2b/0x80 [ 888.299593][ C0] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 888.305486][ C0] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 888.311487][ C0] shmem_evict_inode+0x3f3/0xc40 [ 888.316426][ C0] ? inode_wait_for_writeback+0x171/0x390 [ 888.322155][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 888.327610][ C0] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 888.333690][ C0] ? find_held_lock+0x2b/0x80 [ 888.338369][ C0] ? evict+0x37e/0xad0 [ 888.342549][ C0] ? evict+0x37e/0xad0 [ 888.346639][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 888.352097][ C0] evict+0x3c2/0xad0 [ 888.356180][ C0] ? find_held_lock+0x2b/0x80 [ 888.360859][ C0] ? __pfx_evict+0x10/0x10 [ 888.365298][ C0] ? iput.part.0+0x5fd/0xf50 [ 888.369896][ C0] iput.part.0+0x605/0xf50 [ 888.374399][ C0] ? __pfx_inode_just_drop+0x10/0x10 [ 888.379726][ C0] iput+0x35/0x40 [ 888.383400][ C0] dentry_unlink_inode+0x2c0/0x4c0 [ 888.388526][ C0] __dentry_kill+0x1d0/0x690 [ 888.393138][ C0] finish_dput+0x76/0x480 [ 888.397601][ C0] dput.part.0+0x456/0x570 [ 888.402145][ C0] dput+0x1f/0x30 [ 888.405800][ C0] __fput+0x519/0xb50 [ 888.409823][ C0] task_work_run+0x150/0x240 [ 888.414439][ C0] ? __pfx_task_work_run+0x10/0x10 [ 888.419656][ C0] do_exit+0x8d2/0x2a60 [ 888.423858][ C0] ? __pfx_do_exit+0x10/0x10 [ 888.428457][ C0] ? __pfx_proc_coredump_connector+0x10/0x10 [ 888.434469][ C0] do_group_exit+0xd5/0x2a0 [ 888.439019][ C0] get_signal+0x1ec7/0x21e0 [ 888.443716][ C0] ? __pfx_get_signal+0x10/0x10 [ 888.448602][ C0] ? bad_area_access_error+0xab/0x1d0 [ 888.453977][ C0] ? fixup_vdso_exception+0x2d1/0x370 [ 888.459415][ C0] arch_do_signal_or_restart+0x91/0x770 [ 888.465001][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 888.471272][ C0] ? rcu_is_watching+0x12/0xc0 [ 888.476045][ C0] irqentry_exit+0x403/0x790 [ 888.480645][ C0] asm_exc_page_fault+0x26/0x30 [ 888.485518][ C0] RIP: 0033:0x0 [ 888.488976][ C0] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 888.495119][ C0] RAX: 0000000000000000 RBX: 00007f70e8a15fa0 RCX: 00007f70e879c819 [ 888.503101][ C0] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 888.511261][ C0] RBP: 00007f70e8832c91 R08: 0000000000000002 R09: 0000000000000000 [ 888.519392][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 888.527714][ C0] R13: 00007f70e8a16038 R14: 00007f70e8a15fa0 R15: 00007ffcca7bc518 [ 888.535737][ C0]