last executing test programs:
2.176955272s ago: executing program 1 (id=6830):
r0 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000bc0)='/proc/thread-self/gid_map\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f0000000cc0)={0x0, 0x2}, 0x8)
1.775196797s ago: executing program 1 (id=6837):
mkdir$auto(&(0x7f00000001c0)='./file0\x00', 0x0)
unlink$auto(&(0x7f0000000080)='./file0\x00')
1.388825297s ago: executing program 1 (id=6843):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/dirtytime_expire_seconds\x00', 0x2, 0x0)
writev$auto(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0x8}, 0x9)
1.339167125s ago: executing program 0 (id=6844):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="10000000", @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x44080)
1.206161369s ago: executing program 2 (id=6846):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
pread64$auto(r0, 0x0, 0x8000, 0x800000000002)
1.138719204s ago: executing program 0 (id=6847):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/smbd_max_frmr_depth\x00', 0xf00, 0x0)
pread64$auto(r0, 0x0, 0x594c, 0x7)
1.090800646s ago: executing program 3 (id=6848):
r0 = socket(0x1, 0x5, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
996.887244ms ago: executing program 2 (id=6849):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zram0\x00', 0x80000, 0x0)
ioctl$auto_BLKBSZSET(r0, 0x40081271, &(0x7f0000000180)=0xea8)
948.977466ms ago: executing program 1 (id=6850):
socket(0x22, 0x3, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
917.779922ms ago: executing program 0 (id=6851):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)='-7', 0x2)
883.121106ms ago: executing program 3 (id=6852):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/watchdog_cpumask\x00', 0x8000, 0x0)
read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0)
785.354049ms ago: executing program 2 (id=6853):
r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd0/sched/write1_fifo_list\x00', 0x2000, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r0, &(0x7f00000000c0)=""/120, 0x78)
682.502117ms ago: executing program 0 (id=6854):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
677.082722ms ago: executing program 3 (id=6855):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
write$auto(r0, &(0x7f0000000040)='@!r\x00', 0x8)
573.140361ms ago: executing program 2 (id=6856):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/tty/ptybd/power/control\x00', 0x2062, 0x0)
sendfile$auto(r0, r0, 0x0, 0x4)
546.570901ms ago: executing program 1 (id=6857):
r0 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r0, 0x29, 0x11, 0x0, 0x56b)
459.851702ms ago: executing program 3 (id=6858):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/modalias\x00', 0x80500, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
354.632126ms ago: executing program 2 (id=6859):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/bonding/bond0\x00', 0x18b000, 0x0)
pread64$auto(r0, 0x0, 0x8100000041, 0x413e)
265.560927ms ago: executing program 0 (id=6860):
r0 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40802, 0x0)
write$auto(r0, 0x0, 0x881)
246.284413ms ago: executing program 3 (id=6861):
r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000004680)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x502, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000040)="65a90950732f", 0x6)
173.642709ms ago: executing program 2 (id=6862):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop1/queue/scheduler\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='7\x00\xb1\x9a\xc0\xf9\xc0e\xd2T\xbe\xb6I\x9d\xd9\x18\xf5\x91\xbfq\xfe\xf2\x9a\x02\x9fC0xb\xccW(\xc1n+\n|5\xa5\x9c=^\xf1\x11H\x1c\xf73\x16\xd2\a\xfaw\xcc\xf1\xff7\xab\xa1\xeaF\x04\x17\x99\xd3\xd1\x83\xccG^\xbbdC\x8a\n\x88\xbcW@+\xafD\xd1\x8a\xc13W\xf66\x86\xe5\xee\xa7\x1d\x0f\x90\x00\xcf\xdb\xf5\xbf\xd4\xc8\x84\xb3\xeeb\xb0\xc7kN\x80\x93\xfd\x89\xe1\xc9tp\xd4jm\x7f\xf0a\xc3\x02\x14\xcf\xcf\\e!\a\x82\t,\xa7\x00\xbd&\xcax\xf8P\xc1\x8f\x87\x83\x0f\x93z', 0x81)
156.671615ms ago: executing program 1 (id=6863):
r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x6f2a, 0x0)
25.71409ms ago: executing program 3 (id=6864):
r0 = socket(0x2, 0x1, 0x0)
getsockopt$auto_SO_RXQ_OVFL(r0, 0x6, 0x28, 0x0, &(0x7f0000000040)=0x8)
0s ago: executing program 0 (id=6865):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nullb0/queue/fua\x00', 0x0, 0x0)
preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000001}, 0x3, 0x10000, 0x10)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.0.218' (ED25519) to the list of known hosts.
[ 94.769114][ T5829] cgroup: Unknown subsys name 'net'
[ 94.914643][ T5829] cgroup: Unknown subsys name 'cpuset'
[ 94.925077][ T5829] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 96.880475][ T5829] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 99.139163][ T5875] mmap: syz.1.28 (5875) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 102.353139][ T980] cfg80211: failed to load regulatory.db
[ 103.093786][ T6199] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 104.535226][ T3565] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.549913][ T3565] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.711775][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.719751][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.194125][ T6266] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 109.202861][ T6266] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 109.211954][ T6266] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 109.237175][ T6266] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 109.245362][ T6266] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 109.421912][ T6270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 109.432720][ T6270] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 109.442687][ T6270] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 109.451035][ T6270] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 109.459058][ T6270] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 109.468533][ T6270] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 109.477482][ T6270] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 109.510282][ T5162] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 109.519229][ T5162] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 109.527559][ T5162] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 109.584728][ T6270] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 109.596522][ T6270] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 109.605309][ T6270] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 109.614612][ T6270] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 109.623110][ T6270] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 110.191138][ T6264] chnl_net:caif_netlink_parms(): no params data found
[ 110.412429][ T6267] chnl_net:caif_netlink_parms(): no params data found
[ 110.436192][ T6268] chnl_net:caif_netlink_parms(): no params data found
[ 110.489122][ T6264] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.496484][ T6264] bridge0: port 1(bridge_slave_0) entered disabled state
[ 110.504512][ T6264] bridge_slave_0: entered allmulticast mode
[ 110.512575][ T6264] bridge_slave_0: entered promiscuous mode
[ 110.536835][ T6273] chnl_net:caif_netlink_parms(): no params data found
[ 110.573596][ T6264] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.580837][ T6264] bridge0: port 2(bridge_slave_1) entered disabled state
[ 110.588209][ T6264] bridge_slave_1: entered allmulticast mode
[ 110.595893][ T6264] bridge_slave_1: entered promiscuous mode
[ 110.716750][ T6264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 110.759127][ T6264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 110.839705][ T6268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.847664][ T6268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 110.854980][ T6268] bridge_slave_0: entered allmulticast mode
[ 110.862725][ T6268] bridge_slave_0: entered promiscuous mode
[ 110.885873][ T6267] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.893245][ T6267] bridge0: port 1(bridge_slave_0) entered disabled state
[ 110.900974][ T6267] bridge_slave_0: entered allmulticast mode
[ 110.908753][ T6267] bridge_slave_0: entered promiscuous mode
[ 110.931784][ T6268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.938956][ T6268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 110.946546][ T6268] bridge_slave_1: entered allmulticast mode
[ 110.954058][ T6268] bridge_slave_1: entered promiscuous mode
[ 110.979010][ T6264] team0: Port device team_slave_0 added
[ 110.988609][ T6264] team0: Port device team_slave_1 added
[ 110.995450][ T6267] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.002912][ T6267] bridge0: port 2(bridge_slave_1) entered disabled state
[ 111.010771][ T6267] bridge_slave_1: entered allmulticast mode
[ 111.018163][ T6267] bridge_slave_1: entered promiscuous mode
[ 111.041500][ T6273] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.048913][ T6273] bridge0: port 1(bridge_slave_0) entered disabled state
[ 111.056734][ T6273] bridge_slave_0: entered allmulticast mode
[ 111.064769][ T6273] bridge_slave_0: entered promiscuous mode
[ 111.128255][ T6273] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.135946][ T6273] bridge0: port 2(bridge_slave_1) entered disabled state
[ 111.143481][ T6273] bridge_slave_1: entered allmulticast mode
[ 111.152528][ T6273] bridge_slave_1: entered promiscuous mode
[ 111.162608][ T6268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.175433][ T6268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 111.201595][ T6267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.246474][ T6264] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 111.253778][ T6264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 111.280664][ T6264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 111.295433][ T6267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 111.305739][ T5162] Bluetooth: hci0: command tx timeout
[ 111.364451][ T6268] team0: Port device team_slave_0 added
[ 111.372802][ T6264] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 111.383834][ T6264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 111.410413][ T6264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 111.446029][ T6273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.457574][ T6268] team0: Port device team_slave_1 added
[ 111.493810][ T6268] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 111.501042][ T6268] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 111.528652][ T6268] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 111.540667][ T5162] Bluetooth: hci1: command tx timeout
[ 111.548732][ T6267] team0: Port device team_slave_0 added
[ 111.550126][ T5162] Bluetooth: hci2: command tx timeout
[ 111.564904][ T6267] team0: Port device team_slave_1 added
[ 111.573828][ T6273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 111.616989][ T6268] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 111.624422][ T6268] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 111.652496][ T6268] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 111.700000][ T5162] Bluetooth: hci3: command tx timeout
[ 111.702369][ T6273] team0: Port device team_slave_0 added
[ 111.715350][ T6273] team0: Port device team_slave_1 added
[ 111.759013][ T6264] hsr_slave_0: entered promiscuous mode
[ 111.766321][ T6264] hsr_slave_1: entered promiscuous mode
[ 111.788498][ T6267] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 111.796285][ T6267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 111.823380][ T6267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 111.881805][ T6273] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 111.888909][ T6273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 111.915876][ T6273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 111.928262][ T6267] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 111.938263][ T6267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 111.966866][ T6267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 111.995881][ T6268] hsr_slave_0: entered promiscuous mode
[ 112.002876][ T6268] hsr_slave_1: entered promiscuous mode
[ 112.009555][ T6268] debugfs: 'hsr0' already exists in 'hsr'
[ 112.015616][ T6268] Cannot create hsr debugfs directory
[ 112.022424][ T6273] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 112.029495][ T6273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 112.056846][ T6273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 112.157059][ T6267] hsr_slave_0: entered promiscuous mode
[ 112.165207][ T6267] hsr_slave_1: entered promiscuous mode
[ 112.172472][ T6267] debugfs: 'hsr0' already exists in 'hsr'
[ 112.178691][ T6267] Cannot create hsr debugfs directory
[ 112.315840][ T6273] hsr_slave_0: entered promiscuous mode
[ 112.323573][ T6273] hsr_slave_1: entered promiscuous mode
[ 112.330393][ T6273] debugfs: 'hsr0' already exists in 'hsr'
[ 112.336257][ T6273] Cannot create hsr debugfs directory
[ 112.800325][ T6264] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 112.817301][ T6264] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 112.839344][ T6264] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 112.862354][ T6264] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 112.917034][ T6268] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 112.930136][ T6268] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 112.956293][ T6268] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 112.968729][ T6268] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 113.059000][ T6267] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 113.075336][ T6267] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 113.087696][ T6267] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 113.123759][ T6267] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 113.267665][ T6273] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 113.291138][ T6273] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 113.307373][ T6273] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 113.330718][ T6273] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 113.363710][ T6264] 8021q: adding VLAN 0 to HW filter on device bond0
[ 113.380698][ T5162] Bluetooth: hci0: command tx timeout
[ 113.387428][ T6268] 8021q: adding VLAN 0 to HW filter on device bond0
[ 113.437128][ T6268] 8021q: adding VLAN 0 to HW filter on device team0
[ 113.468226][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[ 113.475633][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 113.487127][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[ 113.494329][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 113.527283][ T6264] 8021q: adding VLAN 0 to HW filter on device team0
[ 113.576217][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[ 113.583425][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 113.620587][ T5162] Bluetooth: hci2: command tx timeout
[ 113.626078][ T5162] Bluetooth: hci1: command tx timeout
[ 113.632973][ T6267] 8021q: adding VLAN 0 to HW filter on device bond0
[ 113.651434][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 113.658885][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 113.756791][ T6267] 8021q: adding VLAN 0 to HW filter on device team0
[ 113.780079][ T5162] Bluetooth: hci3: command tx timeout
[ 113.807038][ T3565] bridge0: port 1(bridge_slave_0) entered blocking state
[ 113.814579][ T3565] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 113.841070][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 113.848917][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 113.935394][ T6273] 8021q: adding VLAN 0 to HW filter on device bond0
[ 113.967877][ T6273] 8021q: adding VLAN 0 to HW filter on device team0
[ 113.998844][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 114.006103][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 114.092931][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[ 114.100791][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 114.286883][ T6268] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 114.440541][ T6268] veth0_vlan: entered promiscuous mode
[ 114.465322][ T6268] veth1_vlan: entered promiscuous mode
[ 114.547077][ T6268] veth0_macvtap: entered promiscuous mode
[ 114.584017][ T6268] veth1_macvtap: entered promiscuous mode
[ 114.606652][ T6264] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 114.646423][ T6268] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 114.674025][ T6268] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 114.705091][ T1150] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.757668][ T1150] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.811919][ T1150] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.822345][ T1150] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.863117][ T6264] veth0_vlan: entered promiscuous mode
[ 114.873545][ T6267] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 114.919666][ T6264] veth1_vlan: entered promiscuous mode
[ 114.968277][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.977614][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.027469][ T6273] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 115.045979][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.063593][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.094630][ T6264] veth0_macvtap: entered promiscuous mode
[ 115.125377][ T6264] veth1_macvtap: entered promiscuous mode
[ 115.204028][ T6267] veth0_vlan: entered promiscuous mode
[ 115.219665][ T6264] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 115.237880][ T6264] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 115.278926][ T1150] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.292200][ T1150] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.316712][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.334018][ T6273] veth0_vlan: entered promiscuous mode
[ 115.348023][ T6267] veth1_vlan: entered promiscuous mode
[ 115.365133][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.427663][ T6273] veth1_vlan: entered promiscuous mode
[ 115.461678][ T5162] Bluetooth: hci0: command tx timeout
[ 115.555197][ T6267] veth0_macvtap: entered promiscuous mode
[ 115.596513][ T6273] veth0_macvtap: entered promiscuous mode
[ 115.608959][ T6267] veth1_macvtap: entered promiscuous mode
[ 115.653110][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.663520][ T6273] veth1_macvtap: entered promiscuous mode
[ 115.691300][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.704892][ T5162] Bluetooth: hci1: command tx timeout
[ 115.710589][ T5162] Bluetooth: hci2: command tx timeout
[ 115.781560][ T4539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.789587][ T4539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.803127][ T6267] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 115.858344][ T6267] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 115.865836][ T6270] Bluetooth: hci3: command tx timeout
[ 115.893937][ T6273] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 115.948130][ T6273] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 115.981259][ T4539] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.035261][ T4539] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.108791][ T4539] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.125687][ T4539] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.167639][ T4539] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.203438][ T4539] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.272137][ T4539] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.312563][ T4539] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 116.377519][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.396703][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.537435][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.565374][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.633227][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.663148][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.804649][ T4539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.823484][ T4539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.035550][ T30] audit: type=1326 audit(1754062173.482:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6385 comm="syz.2.376" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e64d8eb69 code=0x0
[ 117.542391][ T6270] Bluetooth: hci0: command tx timeout
[ 117.781200][ T6270] Bluetooth: hci2: command tx timeout
[ 117.786723][ T5162] Bluetooth: hci1: command tx timeout
[ 117.943673][ T5162] Bluetooth: hci3: command tx timeout
[ 118.975653][ T30] audit: type=1800 audit(1754062175.432:3): pid=6462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.413" name="discovery_nqn" dev="configfs" ino=8965 res=0 errno=0
[ 120.570779][ T30] audit: type=1800 audit(1754062177.022:4): pid=6526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.444" name="lu_gp_id" dev="configfs" ino=9814 res=0 errno=0
[ 124.699743][ T5162] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5
[ 125.689988][ T30] audit: type=1800 audit(1754062182.142:5): pid=6729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.546" name="trace_pipe" dev="tracefs" ino=92 res=0 errno=0
[ 133.754788][ T7063] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 137.908578][ T7244] syz.1.796 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 138.417751][ T7265] Unable to find swap-space signature
[ 139.677577][ T5162] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5
[ 143.324485][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 143.338117][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 143.566215][ T5162] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[ 143.566260][ T5162] Bluetooth: hci2: unexpected subevent 0x05 length: 725 > 12
[ 145.620099][ T5162] Bluetooth: hci2: command tx timeout
[ 146.704312][ T5162] Bluetooth: hci3: unexpected event 0x32 length: 10 > 9
[ 147.327974][ T7591] nfs: Bad value for 'source'
[ 148.544590][ T7630] Unable to find swap-space signature
[ 150.170454][ T7682] syz.3.1016(7682): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[ 154.384094][ T30] audit: type=1800 audit(4294967309.340:6): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1087" name="dbroot" dev="configfs" ino=13777 res=0 errno=0
[ 154.773318][ T7837] syz_tun: tun_chr_ioctl cmd 1074025680
[ 156.777316][ T7917] Invalid ELF header magic: != ELF
[ 162.161785][ T8125] random: crng reseeded on system resumption
[ 162.851840][ T8154] capability: warning: `syz.0.1250' uses deprecated v2 capabilities in a way that may be insecure
[ 164.563401][ T8225] =======================================================
[ 164.563401][ T8225] WARNING: The mand mount option has been deprecated and
[ 164.563401][ T8225] and is ignored by this kernel. Remove the mand
[ 164.563401][ T8225] option from the mount to silence this warning.
[ 164.563401][ T8225] =======================================================
[ 165.189135][ T30] audit: type=1800 audit(4294967320.140:7): pid=8249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1297" name="dbroot" dev="configfs" ino=15450 res=0 errno=0
[ 165.587722][ T8267] futex_wake_op: syz.1.1306 tries to shift op by -2048; fix this program
[ 166.717113][ T5162] Bluetooth: hci2: unexpected event 0x3c length: 728 > 7
[ 167.418739][ T30] audit: type=1800 audit(4294967322.380:8): pid=8343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1344" name="version" dev="configfs" ino=14935 res=0 errno=0
[ 175.101272][ T30] audit: type=1800 audit(4294968357.067:9): pid=8615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1475" name="features" dev="configfs" ino=16020 res=0 errno=0
[ 182.750189][ T8915] ima: policy update failed
[ 182.775719][ T30] audit: type=1802 audit(4294968368.744:10): pid=8915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1628" res=0 errno=0
[ 186.220209][ T9068] ptrace attach of "./syz-executor exec"[6273] was attempted by "./syz-executor exec"[9068]
[ 187.177590][ T30] audit: type=1800 audit(4294968373.144:11): pid=9106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1721" name="trace_pipe" dev="tracefs" ino=135 res=0 errno=0
[ 189.584439][ T9222] capability: warning: `syz.0.1779' uses 32-bit capabilities (legacy support in use)
[ 189.616106][ T5162] Bluetooth: hci1: unexpected event 0x36 length: 123 > 7
[ 192.372606][ T9263] kexec: Could not allocate control_code_buffer
[ 192.787185][ T9341] Unable to find swap-space signature
[ 193.943204][ T9386] Process accounting resumed
[ 194.910329][ T9434] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.1.1883: 7
[ 195.224929][ T9450] tipc: Can't bind to reserved service type 1
[ 196.827226][ T9524] queue_state_write: operation too long
[ 196.864112][ T9524] queue_state_write: use 'run', 'start' or 'kick'
[ 196.892727][ T9526] i2c i2c-0: delete_device: Can't parse I2C address
[ 197.719616][ T9561] delete_channel: no stack
[ 198.104382][ T30] audit: type=1800 audit(4294970432.121:12): pid=9582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1955" name="features" dev="configfs" ino=19052 res=0 errno=0
[ 199.228263][ T9625] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 199.635474][ T9646] vhci_hcd: invalid port number 16
[ 199.645361][ T9646] vhci_hcd: invalid port number 16
[ 200.408503][ T9682] Malformed UNC in devname
[ 200.408503][ T9682]
[ 200.416323][ T9682] CIFS: VFS: Malformed UNC in devname
[ 201.127898][ T9716] QAT: Invalid ioctl 21531
[ 202.424483][ T9781] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 202.451009][ C1] vkms_vblank_simulate: vblank timer overrun
[ 202.473302][ T9781] CIFS mount error: No usable UNC path provided in device string!
[ 202.473302][ T9781]
[ 202.486259][ T9781] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 204.664197][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 204.670894][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 206.168218][ T9949] program syz.1.2133 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 206.189306][ T9949] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 208.682791][T10070] syz.2.2192: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 208.699975][T10070] CPU: 1 UID: 0 PID: 10070 Comm: syz.2.2192 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full)
[ 208.700022][T10070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 208.700047][T10070] Call Trace:
[ 208.700058][T10070]
[ 208.700070][T10070] dump_stack_lvl+0x16c/0x1f0
[ 208.700131][T10070] warn_alloc+0x248/0x3a0
[ 208.700171][T10070] ? __pfx_warn_alloc+0x10/0x10
[ 208.700216][T10070] ? __lock_acquire+0xb8a/0x1c90
[ 208.700275][T10070] ? dvb_dvr_do_ioctl+0x15d/0x290
[ 208.700327][T10070] __vmalloc_node_range_noprof+0xff5/0x14b0
[ 208.700378][T10070] ? __pfx___mutex_trylock_common+0x10/0x10
[ 208.700426][T10070] ? __pfx___might_resched+0x10/0x10
[ 208.700461][T10070] ? rcu_is_watching+0x12/0xc0
[ 208.700504][T10070] ? dvb_dvr_do_ioctl+0x15d/0x290
[ 208.700555][T10070] ? __mutex_lock+0x1c2/0x1070
[ 208.700602][T10070] ? tomoyo_path_number_perm+0x295/0x580
[ 208.700641][T10070] ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 208.700695][T10070] ? __pfx___mutex_lock+0x10/0x10
[ 208.700746][T10070] ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 208.700787][T10070] ? dvb_dvr_do_ioctl+0x15d/0x290
[ 208.700836][T10070] __vmalloc_node_noprof+0xad/0xf0
[ 208.700887][T10070] ? dvb_dvr_do_ioctl+0x15d/0x290
[ 208.700941][T10070] dvb_dvr_do_ioctl+0x15d/0x290
[ 208.700996][T10070] dvb_usercopy+0x167/0x340
[ 208.701042][T10070] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10
[ 208.701095][T10070] ? __pfx_dvb_usercopy+0x10/0x10
[ 208.701159][T10070] ? __fget_files+0x20e/0x3c0
[ 208.701201][T10070] dvb_dvr_ioctl+0x29/0x40
[ 208.701248][T10070] ? __pfx_dvb_dvr_ioctl+0x10/0x10
[ 208.701296][T10070] __x64_sys_ioctl+0x18b/0x210
[ 208.701350][T10070] do_syscall_64+0xcd/0x490
[ 208.701400][T10070] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 208.701453][T10070] RIP: 0033:0x7f0e64d8eb69
[ 208.701491][T10070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 208.701523][T10070] RSP: 002b:00007f0e65bd4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 208.701554][T10070] RAX: ffffffffffffffda RBX: 00007f0e64fb5fa0 RCX: 00007f0e64d8eb69
[ 208.701574][T10070] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003
[ 208.701592][T10070] RBP: 00007f0e64e11df1 R08: 0000000000000000 R09: 0000000000000000
[ 208.701611][T10070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 208.701629][T10070] R13: 0000000000000000 R14: 00007f0e64fb5fa0 R15: 00007ffe4311ab78
[ 208.701670][T10070]
[ 208.701681][T10070] Mem-Info:
[ 208.961677][T10070] active_anon:6150 inactive_anon:0 isolated_anon:0
[ 208.961677][T10070] active_file:16119 inactive_file:39945 isolated_file:0
[ 208.961677][T10070] unevictable:768 dirty:320 writeback:0
[ 208.961677][T10070] slab_reclaimable:10548 slab_unreclaimable:92452
[ 208.961677][T10070] mapped:24168 shmem:1356 pagetables:1107
[ 208.961677][T10070] sec_pagetables:0 bounce:0
[ 208.961677][T10070] kernel_misc_reclaimable:0
[ 208.961677][T10070] free:1334882 free_pcp:13682 free_cma:0
[ 209.007560][ C1] vkms_vblank_simulate: vblank timer overrun
[ 209.024609][T10070] Node 0 active_anon:24700kB inactive_anon:0kB active_file:64476kB inactive_file:159576kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96672kB dirty:1276kB writeback:0kB shmem:3888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11076kB pagetables:4384kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 209.064915][T10070] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 209.124054][T10070] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 209.153327][ C1] vkms_vblank_simulate: vblank timer overrun
[ 209.204810][T10070] lowmem_reserve[]: 0 2480 2481 2481 2481
[ 209.213341][T10070] Node 0 DMA32 free:1437000kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24544kB inactive_anon:0kB active_file:64476kB inactive_file:158252kB unevictable:1536kB writepending:1304kB present:3129332kB managed:2540112kB mlocked:0kB bounce:0kB free_pcp:33228kB local_pcp:20996kB free_cma:0kB
[ 209.246066][ C1] vkms_vblank_simulate: vblank timer overrun
[ 209.254060][T10070] lowmem_reserve[]: 0 0 1 1 1
[ 209.259221][T10070] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:4kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 209.288168][ C1] vkms_vblank_simulate: vblank timer overrun
[ 209.310232][T10070] lowmem_reserve[]: 0 0 0 0 0
[ 209.315658][T10070] Node 1 Normal free:3887392kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:21156kB local_pcp:10144kB free_cma:0kB
[ 209.349737][T10070] lowmem_reserve[]: 0 0 0 0 0
[ 209.356948][T10070] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 209.370051][T10070] Node 0 DMA32: 2022*4kB (UME) 1531*8kB (UME) 981*16kB (UME) 959*32kB (UME) 592*64kB (UME) 177*128kB (UM) 108*256kB (UME) 44*512kB (UM) 32*1024kB (UME) 13*2048kB (UM) 293*4096kB (UM) = 1436960kB
[ 209.393697][T10070] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 209.411675][T10070] Node 1 Normal: 194*4kB (UME) 43*8kB (UE) 50*16kB (UME) 99*32kB (UE) 31*64kB (UME) 7*128kB (UE) 2*256kB (E) 4*512kB (UME) 2*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3887392kB
[ 209.434213][T10070] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 209.443950][T10070] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 209.476993][T10070] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 209.499814][T10070] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 209.543816][T10070] 57416 total pagecache pages
[ 209.549027][T10070] 0 pages in swap cache
[ 209.559183][T10070] Free swap = 124996kB
[ 209.563476][T10070] Total swap = 124996kB
[ 209.583250][T10070] 2097051 pages RAM
[ 209.593657][T10070] 0 pages HighMem/MovableOnly
[ 209.618691][T10070] 430045 pages reserved
[ 209.622936][T10070] 0 pages cma reserved
[ 209.954706][T10110] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 210.889638][T10154] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to -1. Contact your vendor for updates.
[ 211.508977][T10182] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 212.251821][ T6312] Process accounting resumed
[ 212.561254][T10237] kernel read not supported for file /�gMQ�_g _N{7vGlq w��ĉu}OUVW.�u�w.`O��:�KdY�Ѯaj�7nwKQHg�[壣%'ϖX:�Dktހ�X [$O8 bŹ9F@eMU;$Q8҇ŝ赵DtS^0�YJp�u (pid: 10237 comm: syz.3.2274)
[ 212.598654][ T30] audit: type=1800 audit(4294970446.696:13): pid=10237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2274" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=21526 res=0 errno=0
[ 212.655251][ C1] vkms_vblank_simulate: vblank timer overrun
[ 212.749274][ T5162] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 212.804222][T10246] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[ 213.789241][ T30] audit: type=1804 audit(4294970447.882:14): pid=10300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2305" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[ 215.138957][ C1] vkms_vblank_simulate: vblank timer overrun
[ 215.262702][ C1] vkms_vblank_simulate: vblank timer overrun
[ 215.280695][T10375] aoe: can't write to that file.
[ 216.145085][T10407] program syz.2.2357 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 217.879945][T10488] vhci_hcd: invalid port number 16
[ 217.899998][T10488] vhci_hcd: invalid port number 16
[ 218.206638][T10507] overlayfs: "check_copy_up" module option is obsolete
[ 218.651959][ T5162] Bluetooth: hci2: unexpected event 0x3e length: 728 > 260
[ 218.652003][ T5162] Bluetooth: hci2: unexpected subevent 0x03 length: 727 > 9
[ 218.987505][T10543] random: crng reseeded on system resumption
[ 219.163187][T10551] bond0: no command found in slaves file - use +ifname or -ifname
[ 219.515224][T10566] sysfs_service_op_show: Client not running :-5:
[ 222.202186][ T5162] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 223.508328][T10723] Format for deleting device is "id" (uint).
[ 224.030315][T10735] Process accounting paused
[ 224.158758][T10744] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes
[ 226.709821][T10842] Invalid ELF header magic: != ELF
[ 228.041451][T10888] scsi_strcpy_devinfo: vendor string '/&c~n] �|�
[ 228.041451][T10888] M�' is too long
[ 228.117267][T10888] scsi_strcpy_devinfo: model string 'Dd5�K��2b
[ 228.117267][T10888] W�� ' is too long
[ 230.370624][T10981] vhci_hcd: invalid port number 16
[ 230.381545][T10981] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[ 232.198732][T10973] Bluetooth: hci0: command 0x0406 tx timeout
[ 232.204837][T10973] Bluetooth: hci1: command 0x0406 tx timeout
[ 232.212029][T10973] Bluetooth: hci3: command 0x0406 tx timeout
[ 232.218741][ T6272] Bluetooth: hci2: command 0x0406 tx timeout
[ 232.604106][T11090] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[ 233.876197][T11155] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead.
[ 236.210537][T11259] nfs: Unknown parameter 'w`_I�+;� HY Lu>>uh*C<+�'
[ 236.792471][T11284] synth uevent: /bus/mei: unknown uevent action string
[ 237.023916][ T6270] Bluetooth: hci2: unexpected event for opcode 0x7c89
[ 237.719541][T11324] vmstat_refresh: nr_hugetlb -2048
[ 240.522573][T11450] zram: Added device: zram1
[ 241.332946][T11489] ecryptfs_parse_packet_length: Error parsing packet length
[ 241.402138][T11489] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22]
[ 242.317759][ T30] audit: type=1800 audit(4294970476.561:15): pid=11536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2906" name="lu_gp_id" dev="configfs" ino=24559 res=0 errno=0
[ 242.339341][T11536] kstrtoul() returned -22 for lu_gp_id
syzkaller
syzkaller login: [ 242.557288][T11546] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[ 242.557288][T11546] program syz.1.2912 not setting count and/or reply_len properly
[ 242.881669][T11563] syz.1.2916 (11563): attempted to duplicate a private mapping with mremap. This is not supported.
[ 243.510617][ T30] audit: type=1800 audit(4294970477.757:16): pid=11584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2928" name="lu_gp_id" dev="configfs" ino=25319 res=0 errno=0
[ 243.536962][T11584] kstrtoul() returned -22 for lu_gp_id
[ 244.204327][T11618] i2c i2c-0: delete_device: Can't find device in list
[ 244.333951][T11624] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma?
[ 244.700839][T11641] afs: Bad value for 'source'
[ 245.005061][T11655] syz.3.2962 uses obsolete (PF_INET,SOCK_PACKET)
[ 245.167438][ T30] audit: type=1800 audit(4294970479.425:17): pid=11662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2966" name="discovery_nqn" dev="configfs" ino=25795 res=0 errno=0
[ 245.801007][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 245.811028][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 246.164618][T11708] WARNING! power/level is deprecated; use power/control instead
[ 248.626916][ T6270] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[ 248.626959][ T6270] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[ 248.647852][ T6270] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[ 248.647958][ T6270] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 249.190536][T11852] nvme_fcloop: unknown parameter or missing value '7'
[ 249.617102][ T30] audit: type=1800 audit(4294970483.888:18): pid=11871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3067" name="dbroot" dev="configfs" ino=26093 res=0 errno=0
[ 249.662024][T11871] db_root: not a directory: /dev/audio1
[ 249.867440][T11880] i2c i2c-0: delete_device: Extra parameters
[ 249.908394][ T6270] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5
[ 250.958412][T11879] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 252.225528][T11970] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582)
[ 252.370628][T11977] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[ 252.724452][T11985] could not allocate digest TFM handle
[ 253.480566][ T30] audit: type=1800 audit(4294970487.779:19): pid=12022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3142" name="members" dev="configfs" ino=26288 res=0 errno=0
[ 253.701132][ T30] audit: type=1800 audit(4294970487.990:20): pid=12030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3145" name="dbroot" dev="configfs" ino=26301 res=0 errno=0
[ 253.703092][T12030] db_root: not a directory: /dev/audio1
[ 253.721400][ C1] vkms_vblank_simulate: vblank timer overrun
[ 253.966798][T12030] Process accounting resumed
[ 254.161317][T12053] i2c i2c-0: new_device: Invalid device name
[ 256.995203][T12123] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 258.771308][T12165] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 258.965067][T12190] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string
[ 258.976987][T12190] ep_00: uevent: failed to send synthetic uevent: -22
[ 260.601771][ T30] audit: type=1400 audit(4294970494.936:21): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=12245 comm="syz.0.3249"
[ 263.171527][T12366] delete_channel: no stack
[ 264.948723][T12456] block2mtd: illegal erase size
[ 265.792510][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 265.798898][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 266.855506][T12548] vhci_hcd: invalid port number 255
[ 267.509837][T12579] zram0: detected capacity change from 0 to 8
[ 268.043536][T12606] futex_wake_op: syz.2.3421 tries to shift op by 64; fix this program
[ 269.365089][T12666] block2mtd: parameter too long
[ 271.080837][T12751] kafs: addr_prefs: Too many elements in string
[ 271.177589][T12758] ubi0: attaching mtd0
[ 271.216546][T12758] ubi0: scanning is finished
[ 271.221266][T12758] ubi0: empty MTD device detected
[ 271.262407][T12760] i2c i2c-0: new_device: Missing parameters
[ 271.488104][T12758] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 271.518114][T12758] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes
[ 271.557598][T12758] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 271.591845][T12758] ubi0: VID header offset: 514 (aligned 514), data offset: 578
[ 271.637308][T12758] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 271.673316][T12758] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 20
[ 271.690981][T12758] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3536332003
[ 271.730366][T12758] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 271.771943][T12770] ubi0: background thread "ubi_bgt0d" started, PID 12770
[ 272.123860][T12788] ima: policy update failed
[ 272.137987][ T30] audit: type=1802 audit(4294970506.536:22): pid=12788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3510" res=0 errno=0
[ 276.172428][ T30] audit: type=1800 audit(4294970510.587:23): pid=12967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3597" name="dbroot" dev="configfs" ino=29749 res=0 errno=0
[ 276.476090][T12977] hub 3-0:1.0: USB hub found
[ 276.507570][T12977] hub 3-0:1.0: 1 port detected
[ 276.564866][T12977] usb usb3: authorized to connect
[ 276.696360][T12983] vhci_hcd: invalid port number 16
[ 276.832430][T12991] ubi: mtd0 is already attached to ubi0
[ 277.948443][T13038] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5)
[ 279.583070][ T6270] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1
[ 280.122561][ T6270] Bluetooth: hci0: unexpected subevent 0x0c length: 118 > 5
[ 282.398842][ T6270] Bluetooth: hci2: unexpected event 0x01 length: 5 > 1
[ 283.458509][T13279] syz_tun: tun_chr_ioctl cmd 1074025698
[ 283.897388][T13294] Process accounting paused
[ 285.389627][T13372] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[ 285.909524][T13394] ima: policy update failed
[ 285.915399][ T30] audit: type=1802 audit(4294970520.377:24): pid=13394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3804" res=0 errno=0
[ 287.291028][ T6270] Bluetooth: hci1: unexpected event 0x01 length: 5 > 1
[ 287.387871][T13463] syz_tun: tun_chr_ioctl cmd 21731
[ 288.687449][ T6270] Bluetooth: hci3: unexpected event 0x01 length: 5 > 1
[ 288.749547][T13527] binder: binder_mmap: 13526 0-1000 bad vm_flags failed -1
[ 290.066065][T13590] warning: `syz.0.3899' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 291.431990][T13654] bond0: Unable to set down delay as MII monitoring is disabled
[ 291.779106][T13673] deleting an unspecified loop device is not supported.
[ 293.436732][ T6270] Bluetooth: hci2: unexpected event 0x01 length: 5 > 1
[ 294.393186][T13775] delete_channel: no stack
[ 294.657337][T13787] usb usb24: usbfs: process 13787 (syz.1.3995) did not claim interface 0 before use
[ 295.955577][T13836] block2mtd: illegal erase size
[ 296.890487][T13869] random: crng reseeded on system resumption
[ 297.702671][T13905] : Can't lookup blockdev
[ 298.009845][T13920] Line length is too long: Should be less than 4094
[ 301.213945][T14059] syz_tun: tun_chr_ioctl cmd 1074025694
[ 301.514991][T14075] udc dummy_udc.0: soft-connect without a gadget driver
[ 302.610470][T14133] kfence: disabled
[ 304.215822][T14191] misc userio: Invalid payload size
[ 304.290567][T14195] i2c i2c-0: new_device: Can't parse I2C address
[ 307.707252][T14318] hub 1-0:1.0: USB hub found
[ 307.738548][T14318] hub 1-0:1.0: 1 port detected
[ 308.591649][T14348] writes to the poll attribute are ignored.
[ 308.600846][T14348] please use driver specific parameters instead.
[ 309.973551][T14388] delete_channel: no stack
[ 310.657921][ T30] audit: type=1800 audit(4294970545.256:25): pid=14415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4302" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 310.678141][ C1] vkms_vblank_simulate: vblank timer overrun
[ 311.052796][T14433] block nbd0: NBD_DISCONNECT
[ 311.918677][T14475] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 312.102559][T14483] hub 1-0:1.0: USB hub found
[ 312.113783][T14483] hub 1-0:1.0: 1 port detected
[ 312.594852][T14508] bcache: register_bcache() error : failed to open device
[ 313.877254][T14572] Process accounting resumed
[ 314.826207][T14628] Format for unlinking a device is "netnsfd:ifidx" (int uint).
[ 315.122543][ T30] audit: type=1807 audit(4294970549.739:26): UNKNOWN=0"]$|1j0B|d�ӉO+/xWӦ^gq%ḦrO� res=0
[ 315.125719][T14643] ima: policy update failed
[ 315.154462][ T30] audit: type=1802 audit(4294970549.739:27): pid=14644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.4415" res=0 errno=0
[ 315.217072][ T30] audit: type=1802 audit(4294970549.799:28): pid=14643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4415" res=0 errno=0
[ 316.142963][T14680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078002340 pfn:0x78000
[ 316.156379][T14680] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 316.165808][T14680] memcg:ffff88805a4a7401
[ 316.170598][T14680] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 316.178404][T14680] page_type: f5(slab)
[ 316.183214][T14680] raw: 00fff00000000040 ffff888142ed7780 dead000000000122 0000000000000000
[ 316.192367][T14680] raw: ffff888078002340 00000000800a0006 00000000f5000000 ffff88805a4a7401
[ 316.202535][T14680] head: 00fff00000000040 ffff888142ed7780 dead000000000122 0000000000000000
[ 316.211494][T14680] head: ffff888078002340 00000000800a0006 00000000f5000000 ffff88805a4a7401
[ 316.220468][T14680] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 316.230374][T14680] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 316.240202][T14680] page dumped because: unmovable page
[ 316.245643][T14680] page_owner tracks the page as allocated
[ 316.253956][T14680] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8992, tgid 8991 (syz.0.1664), ts 184408275889, free_ts 184283683975
[ 316.276651][T14680] post_alloc_hook+0x1c0/0x230
[ 316.281708][T14680] get_page_from_freelist+0x132b/0x38e0
[ 316.287486][T14680] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 316.294691][T14680] alloc_pages_mpol+0x1fb/0x550
[ 316.304188][T14680] new_slab+0x247/0x330
[ 316.309790][T14680] ___slab_alloc+0xd1e/0x1780
[ 316.314752][T14680] __slab_alloc.constprop.0+0x56/0xb0
[ 316.320741][T14680] kmem_cache_alloc_noprof+0xef/0x3b0
[ 316.326386][T14680] sk_prot_alloc+0x60/0x2a0
[ 316.331377][T14680] sk_alloc+0x36/0xc20
[ 316.335522][T14680] inet_create+0x3a1/0x1040
[ 316.340553][T14680] __sock_create+0x335/0x8d0
[ 316.345400][T14680] __sys_socket+0x14d/0x260
[ 316.351271][T14680] __x64_sys_socket+0x72/0xb0
[ 316.356185][T14680] do_syscall_64+0xcd/0x490
[ 316.361593][T14680] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 316.367773][T14680] page last free pid 6212 tgid 6212 stack trace:
[ 316.374303][T14680] __free_frozen_pages+0x7d5/0x10f0
[ 316.380093][T14680] __put_partials+0x165/0x1c0
[ 316.384926][T14680] qlist_free_all+0x4d/0x120
[ 316.389809][T14680] kasan_quarantine_reduce+0x195/0x1e0
[ 316.395574][T14680] __kasan_slab_alloc+0x69/0x90
[ 316.400794][T14680] __kmalloc_noprof+0x1d4/0x510
[ 316.405804][T14680] tomoyo_realpath_from_path+0xc2/0x6e0
[ 316.411653][T14680] tomoyo_path_perm+0x274/0x460
[ 316.416647][T14680] security_inode_getattr+0x116/0x290
[ 316.422232][T14680] vfs_fstat+0x4b/0xe0
[ 316.426387][T14680] __do_sys_newfstat+0x87/0x100
[ 316.431470][T14680] do_syscall_64+0xcd/0x490
[ 316.436220][T14680] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 316.934863][T14698] nvme_fcloop: unknown parameter or missing value '^/]'
[ 318.126555][T14741] process 'syz.2.4462' launched '/dev/fd/3' with NULL argv: empty string added
[ 318.214159][T14744] rnbd_client L213: map_device: Parameters missing
[ 319.644212][T14799] ptrace attach of "./syz-executor exec"[6264] was attempted by "./syz-executor exec"[14799]
[ 320.656869][T14833] ecryptfs_miscdev_write: Invalid packet size [192]
[ 322.048001][T14893] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4538'.
[ 323.299525][T14954] aoe: invalid device specification
[ 326.604126][T15108] block2mtd: illegal erase size
[ 326.916360][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 326.922743][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 327.196091][T15130] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[ 327.782254][T15153] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[ 327.795883][T15152] Scaler: ================= START STATUS =================
[ 327.828681][T15152] Scaler: ================== END STATUS ==================
[ 329.752322][T15222] usb usb24: check_ctrlrecip: process 15222 (syz.3.4696) requesting ep 01 but needs 81
[ 329.818258][T15222] usb usb24: usbfs: process 15222 (syz.3.4696) did not claim interface 0 before use
[ 333.286919][T15374]
[ 333.425619][T15381] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2)
[ 333.432576][T15379] ima: policy update failed
[ 333.470030][ T30] audit: type=1802 audit(4294970568.185:29): pid=15379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.4774" res=0 errno=0
[ 333.982797][ T6270] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[ 333.982842][ T6270] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15
[ 333.999248][ T6270] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[ 335.728524][T15498] cifs: Unknown parameter 'no�+ 1�`r�sFn)��aHāh`9k�A}�1\D@�.ZC�g^��'
[ 338.149440][T15621] zram0: detected capacity change from 8 to 0
[ 338.543511][T15642] synth uevent: /devices/virtual/block/nbd6: unknown uevent action string
[ 338.583023][T15642] block nbd6: uevent: failed to send synthetic uevent: -22
[ 340.162030][T15724] vivid-007: ================= START STATUS =================
[ 340.222430][T15724] vivid-007: Enable Output Cropping: true
[ 340.244378][T15724] vivid-007: Enable Output Composing: true
[ 340.253647][T15724] vivid-007: Enable Output Scaler: true
[ 340.263959][T15724] vivid-007: Tx RGB Quantization Range: Automatic
[ 340.281016][T15724] vivid-007: Transmit Mode: HDMI
[ 340.291144][T15724] vivid-007: Hotplug Present: 0x00000000
[ 340.303789][T15724] vivid-007: RxSense Present: 0x00000000
[ 340.311356][T15724] vivid-007: EDID Present: 0x00000000
[ 340.321534][T15724] vivid-007: ================== END STATUS ==================
[ 343.330402][T15866] usb usb6: usbfs: process 15866 (syz.1.5012) did not claim interface 0 before use
[ 343.674658][T15884] syz_tun: tun_chr_ioctl cmd 1074812117
[ 343.827431][T15887] Process accounting paused
[ 343.835750][T15892] syz_tun: tun_chr_ioctl cmd 35108
[ 344.741217][T15935] syz_tun: tun_chr_ioctl cmd 2147767507
[ 346.031582][T15994] nfsd: Unknown parameter '^�B-'
[ 347.871204][T16079] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 348.037297][ T6270] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[ 348.053527][ T6270] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff
[ 348.252481][T16090] QAT: failed to copy from user.
[ 349.792178][T16152] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 351.146156][ T6266] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[ 351.154232][ T6266] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff
[ 352.859268][ T6266] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[ 352.867472][ T6266] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff
[ 352.972733][T16266] ima: policy update failed
[ 352.980253][ T30] audit: type=1802 audit(4294970587.796:30): pid=16266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.5205" res=0 errno=0
[ 353.737559][ T6266] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[ 353.746348][ T6266] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff
[ 355.158055][ T6266] Bluetooth: hci2: command 0x0406 tx timeout
[ 355.158165][ T10] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[ 355.454665][T16385] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706].
[ 356.109952][T16422] CIFS mount error: No usable UNC path provided in device string!
[ 356.109952][T16422]
[ 356.131531][T16422] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 357.226054][ T10] Bluetooth: hci2: Opcode 0x0406 failed: -110
[ 357.226701][ T6266] Bluetooth: hci2: command 0x0406 tx timeout
[ 359.324141][ T6270] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[ 359.331916][ T6270] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff
[ 361.255486][T16681] vhci_hcd: vhci_device speed not set
[ 363.396903][T16791] delete_channel: no stack
[ 364.902167][ T30] audit: type=1800 audit(4294970607.784:31): pid=16873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5501" name="lu_gp_id" dev="configfs" ino=42744 res=0 errno=0
[ 365.435598][T16898] usbip-vudc usbip-vudc.0: gadget not bound
[ 367.318551][T17000] program syz.2.5565 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 367.478106][T17005] Invalid input. Must be >= 4608
[ 369.110020][T17083] sd 0:0:1:0: PR command failed: 1026
[ 369.138040][T17083] sd 0:0:1:0: Sense Key : Illegal Request [current]
[ 369.163012][T17083] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 369.618841][T17104] usb usb16: usbfs: process 17104 (syz.3.5615) did not claim interface 0 before use
[ 371.063127][T17173] program syz.3.5650 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 371.497772][T17196] sd 0:0:1:0: PR command failed: 1026
[ 371.507489][T17196] sd 0:0:1:0: Sense Key : Illegal Request [current]
[ 371.531747][T17196] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 372.440848][T17239] usb usb16: usbfs: process 17239 (syz.0.5682) did not claim interface 0 before use
[ 373.018857][T17267] block2mtd: device name too long
[ 373.778441][T17296] Process accounting resumed
[ 373.780732][T17303] ceph: Failed to parse sending metrics switch value 'P^'
[ 375.390329][T17374] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there
[ 375.390329][T17374]
[ 375.599948][T17381] usb usb2: usbfs: process 17381 (syz.1.5750) did not claim interface 1 before use
[ 379.582005][T17524] blkio.reset_stats is deprecated
[ 380.148338][T17547] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 380.622038][T17569] program syz.2.5841 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 380.651989][T17569] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 384.089906][T17719] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 387.561175][T17885] ecryptfs_miscdev_write: memdup_user returned error [-14]
[ 388.034862][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 388.041540][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 390.171874][ T980] smpboot: CPU 1 is now offline
[ 391.219300][T18025] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 393.146022][T18097] Setting dangerous option i915.mitigations - tainting kernel
[ 393.203404][T18097] Bad "i915.mitigations=!h@S�", 'h@S�' is unknown
[ 393.290473][T18098] Process accounting resumed
[ 393.660843][T18110] random: crng reseeded on system resumption
[ 396.257667][T18183] QAT: failed to copy from user cfg_data.
[ 400.727287][T18293] usbcore.quirks: string doesn't fit in 127 chars.
[ 403.643117][T18352] nvme_fabrics: missing parameter 'transport=%s'
[ 403.651626][T18352] nvme_fabrics: missing parameter 'nqn=%s'
[ 404.026730][T18358] Process accounting paused
[ 405.910824][ T30] audit: type=1806 audit(4294970648.998:32): xattr="" res=-22
[ 406.577214][T18439] kernel profiling enabled (shift: 0)
[ 407.727758][T18463] kafs: addr_prefs: Invalid Command
[ 408.424056][T18439] syz.1.6250: vmalloc error: size 708546560, failed to allocated page array size 1383880, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 408.555910][T18439] CPU: 0 UID: 0 PID: 18439 Comm: syz.1.6250 Tainted: G U I 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full)
[ 408.555954][T18439] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 408.555963][T18439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 408.555989][T18439] Call Trace:
[ 408.555997][T18439]
[ 408.556005][T18439] dump_stack_lvl+0x16c/0x1f0
[ 408.556046][T18439] warn_alloc+0x248/0x3a0
[ 408.556075][T18439] ? __pfx_warn_alloc+0x10/0x10
[ 408.556112][T18439] ? profile_init+0xd5/0x130
[ 408.556136][T18439] ? __vmalloc_node_noprof+0xad/0xf0
[ 408.556177][T18439] __vmalloc_node_range_noprof+0x101b/0x14b0
[ 408.556230][T18439] ? profile_init+0xd5/0x130
[ 408.556263][T18439] ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 408.556305][T18439] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 408.556335][T18439] ? rcu_is_watching+0x12/0xc0
[ 408.556364][T18439] ? profile_init+0xd5/0x130
[ 408.556388][T18439] __vmalloc_node_noprof+0xad/0xf0
[ 408.556426][T18439] ? profile_init+0xd5/0x130
[ 408.556454][T18439] ? __pfx_profiling_store+0x10/0x10
[ 408.556487][T18439] profile_init+0xd5/0x130
[ 408.556514][T18439] profiling_store+0x73/0xf0
[ 408.556547][T18439] kobj_attr_store+0x55/0x80
[ 408.556584][T18439] ? __pfx_kobj_attr_store+0x10/0x10
[ 408.556620][T18439] sysfs_kf_write+0xef/0x150
[ 408.556647][T18439] kernfs_fop_write_iter+0x354/0x510
[ 408.556685][T18439] ? __pfx_sysfs_kf_write+0x10/0x10
[ 408.556713][T18439] vfs_write+0x6c7/0x1150
[ 408.556740][T18439] ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 408.556780][T18439] ? __pfx___mutex_lock+0x10/0x10
[ 408.556822][T18439] ? __pfx_vfs_write+0x10/0x10
[ 408.556868][T18439] ksys_write+0x12a/0x250
[ 408.556893][T18439] ? __pfx_ksys_write+0x10/0x10
[ 408.556929][T18439] do_syscall_64+0xcd/0x490
[ 408.556966][T18439] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 408.556991][T18439] RIP: 0033:0x7f9ab2f8eb69
[ 408.557010][T18439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 408.557033][T18439] RSP: 002b:00007f9ab3e89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 408.557055][T18439] RAX: ffffffffffffffda RBX: 00007f9ab31b5fa0 RCX: 00007f9ab2f8eb69
[ 408.557070][T18439] RDX: 0000000000001000 RSI: 0000200000000040 RDI: 0000000000000003
[ 408.557085][T18439] RBP: 00007f9ab3011df1 R08: 0000000000000000 R09: 0000000000000000
[ 408.557099][T18439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 408.557113][T18439] R13: 0000000000000000 R14: 00007f9ab31b5fa0 R15: 00007fffad1d52b8
[ 408.557143][T18439]
[ 408.557173][T18439] Mem-Info:
[ 409.744960][T18439] active_anon:17527 inactive_anon:14 isolated_anon:0
[ 409.744960][T18439] active_file:8433 inactive_file:44445 isolated_file:0
[ 409.744960][T18439] unevictable:768 dirty:84 writeback:0
[ 409.744960][T18439] slab_reclaimable:11322 slab_unreclaimable:93445
[ 409.744960][T18439] mapped:23996 shmem:13304 pagetables:1096
[ 409.744960][T18439] sec_pagetables:0 bounce:0
[ 409.744960][T18439] kernel_misc_reclaimable:0
[ 409.744960][T18439] free:1284719 free_pcp:27741 free_cma:0
[ 409.981400][T18439] Node 0 active_anon:61684kB inactive_anon:56kB active_file:33732kB inactive_file:177576kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96140kB dirty:332kB writeback:0kB shmem:43100kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11056kB pagetables:4136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 410.132658][T18439] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 410.294050][T18439] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 410.432300][T18439] lowmem_reserve[]: 0 2480 2481 2481 2481
[ 410.464506][T18439] Node 0 DMA32 free:1245052kB boost:0kB min:34324kB low:42904kB high:51484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44500kB inactive_anon:56kB active_file:33732kB inactive_file:176252kB unevictable:1536kB writepending:420kB present:3129332kB managed:2540112kB mlocked:0kB bounce:0kB free_pcp:111408kB local_pcp:111408kB free_cma:0kB
[ 410.626741][T18439] lowmem_reserve[]: 0 0 1 1 1
[ 410.656524][T18439] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 410.801948][T18439] lowmem_reserve[]: 0 0 0 0 0
[ 410.827006][T18439] Node 1 Normal free:3886056kB boost:0kB min:55556kB low:69444kB high:83332kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:18464kB local_pcp:18464kB free_cma:0kB
[ 410.981580][T18439] lowmem_reserve[]: 0 0 0 0 0
[ 410.994414][T18439] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 411.075915][T18439] Node 0 DMA32: 1405*4kB (ME) 702*8kB (ME) 529*16kB (ME) 338*32kB (UME) 92*64kB (UME) 2*128kB (UM) 2*256kB (ME) 6*512kB (M) 22*1024kB (UM) 11*2048kB (UME) 290*4096kB (UM) = 1273140kB
[ 411.162010][T18439] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[ 411.223372][T18439] Node 1 Normal: 196*4kB (UME) 49*8kB (UME) 49*16kB (UME) 231*32kB (UME) 106*64kB (UME) 34*128kB (UME) 12*256kB (UME) 6*512kB (UME) 5*1024kB (UM) 3*2048kB (UE) 940*4096kB (M) = 3888136kB
[ 411.317138][T18439] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 411.370480][T18439] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 411.417013][T18439] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 411.466328][T18439] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 411.476971][T18540] bond0: option mode: unable to set because the bond device is up
[ 411.530284][T18439] 54268 total pagecache pages
[ 411.553317][T18439] 28 pages in swap cache
[ 411.577195][T18439] Free swap = 124756kB
[ 411.621180][T18439] Total swap = 124996kB
[ 411.625798][T18439] 2097051 pages RAM
[ 411.642730][T18439] 0 pages HighMem/MovableOnly
[ 411.682673][T18439] 430045 pages reserved
[ 411.704318][T18439] 0 pages cma reserved
[ 411.772208][T18547] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[ 416.324294][T18688] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[ 416.916536][T18704] scsi_dev_info_list_add_str: bad dev info string ')zD��5�fk+*X�#R84*�Vsn�dvq�QW}~�YrȀ�-8VGDƘ��LB�%v�v}�Ypq|�?O[,!�7xWDr%[}E$�3�?G�9Ff=lrGH;2L<�=|�8�-c���Fո�"[v9�q�4Mmvq�k[�(iNDСM�X�PSqqX4X`V!;r֍)y]W�zfI�H0,��v{q8שUܹ䑉m؛H��TwCz-nR�%2]x05oՕ|3>l�S*L/Cdgӑ�[C�=Cwem)l#' ''S.sHgi�-TY%ܹF*8�nF�TH?�i{' ''
[ 416.963690][ C0] vkms_vblank_simulate: vblank timer overrun
[ 417.208309][T18712] dyndbg: expected <4096 bytes into control
[ 418.725655][T18767] bcache: register_bcache() error : Not a bcache superblock (bad offset)
[ 421.021511][ T6270] Bluetooth: hci2: unexpected event 0x3d length: 3 < 14
[ 422.080406][T18854] vhci_hcd: invalid port number 23
[ 422.085575][T18854] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[ 422.904200][T18880] QAT: Stopping all acceleration devices.
[ 423.372760][T18896] __vm_enough_memory: pid: 18896, comm: syz.3.6475, bytes: 9223372036854775808 not enough memory for the allocation
[ 428.209195][T19075] program syz.3.6563 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 428.226444][T19076] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in;
[ 428.226444][T19076] program syz.0.6564 not setting count and/or reply_len properly
[ 428.783218][T19094] Setting dangerous option i915.mitigations - tainting kernel
[ 429.552395][T19122] sysfs_service_op_store: Client not running :-5:
[ 430.471923][T19155] : Can't lookup blockdev
[ 431.033376][T19174] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd
[ 433.986355][T19277] Process accounting resumed
[ 434.549700][T19301] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 434.605087][T19303] rnbd_client L202: map_device: Unknown parameter or missing value '('
[ 434.832669][T19307] syz_tun: tun_chr_ioctl cmd 2147767506
[ 435.817131][T19336] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub
[ 435.840582][T19337] vhci_hcd: invalid port number 16
[ 435.860621][T19337] vhci_hcd: invalid port number 16
[ 437.647290][T19403] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request
[ 440.066665][T19487] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string
[ 441.062343][T19522] : Can't lookup blockdev
[ 444.381237][T19632] db_root: cannot open: Y
[ 446.005483][T19678]
[ 446.007860][T19678] ======================================================
[ 446.015069][T19678] WARNING: possible circular locking dependency detected
[ 446.022268][T19678] 6.16.0-syzkaller-10499-g89748acdf226 #0 Tainted: G U I
[ 446.030770][T19678] ------------------------------------------------------
[ 446.037804][T19678] syz.2.6862/19678 is trying to acquire lock:
[ 446.043995][T19678] ffff888143b10fb8 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x103/0x400
[ 446.053422][T19678]
[ 446.053422][T19678] but task is already holding lock:
[ 446.060787][T19678] ffff888143b10a78 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 446.072049][T19678]
[ 446.072049][T19678] which lock already depends on the new lock.
[ 446.072049][T19678]
[ 446.082451][T19678]
[ 446.082451][T19678] the existing dependency chain (in reverse order) is:
[ 446.091480][T19678]
[ 446.091480][T19678] -> #3 (&q->q_usage_counter(io)#18){++++}-{0:0}:
[ 446.100106][T19678] blk_alloc_queue+0x619/0x760
[ 446.105423][T19678] blk_mq_alloc_queue+0x172/0x280
[ 446.111026][T19678] __blk_mq_alloc_disk+0x29/0x120
[ 446.116603][T19678] loop_add+0x490/0xb70
[ 446.121303][T19678] loop_init+0x164/0x270
[ 446.126092][T19678] do_one_initcall+0x120/0x6e0
[ 446.131396][T19678] kernel_init_freeable+0x5c2/0x900
[ 446.137231][T19678] kernel_init+0x1c/0x2b0
[ 446.142099][T19678] ret_from_fork+0x5d7/0x6f0
[ 446.147234][T19678] ret_from_fork_asm+0x1a/0x30
[ 446.152549][T19678]
[ 446.152549][T19678] -> #2 (fs_reclaim){+.+.}-{0:0}:
[ 446.159794][T19678] fs_reclaim_acquire+0x102/0x150
[ 446.165391][T19678] prepare_alloc_pages+0x162/0x610
[ 446.171084][T19678] __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 446.177549][T19678] __alloc_pages_noprof+0xb/0x1b0
[ 446.183135][T19678] pcpu_populate_chunk+0x110/0xb00
[ 446.188795][T19678] pcpu_alloc_noprof+0x86a/0x1470
[ 446.194364][T19678] bpf_map_alloc_percpu+0x9a/0x4b0
[ 446.200107][T19678] htab_map_alloc+0x10ca/0x1570
[ 446.205536][T19678] map_create+0x58f/0x1db0
[ 446.210524][T19678] __sys_bpf+0x44d2/0x4de0
[ 446.215510][T19678] __x64_sys_bpf+0x78/0xc0
[ 446.220512][T19678] do_syscall_64+0xcd/0x490
[ 446.225640][T19678] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 446.232081][T19678]
[ 446.232081][T19678] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}:
[ 446.239854][T19678] __mutex_lock+0x191/0x1070
[ 446.244999][T19678] pcpu_alloc_noprof+0xb4c/0x1470
[ 446.250571][T19678] sbitmap_init_node+0x2fd/0x770
[ 446.256049][T19678] sbitmap_queue_init_node+0x41/0x560
[ 446.261959][T19678] blk_mq_init_tags+0x12d/0x2b0
[ 446.267359][T19678] blk_mq_alloc_map_and_rqs+0x237/0xf60
[ 446.273474][T19678] blk_mq_init_sched+0x30c/0x610
[ 446.278966][T19678] elevator_switch+0x1e1/0x7f0
[ 446.284289][T19678] elevator_change+0x2ac/0x400
[ 446.289605][T19678] elevator_set_default+0x2c4/0x360
[ 446.295393][T19678] blk_register_queue+0x393/0x4f0
[ 446.300976][T19678] __add_disk+0x74a/0xf00
[ 446.305910][T19678] add_disk_fwnode+0x13f/0x5d0
[ 446.311227][T19678] nbd_dev_add+0x783/0xbb0
[ 446.316200][T19678] nbd_init+0x181/0x320
[ 446.320935][T19678] do_one_initcall+0x120/0x6e0
[ 446.326245][T19678] kernel_init_freeable+0x5c2/0x900
[ 446.332037][T19678] kernel_init+0x1c/0x2b0
[ 446.337016][T19678] ret_from_fork+0x5d7/0x6f0
[ 446.342342][T19678] ret_from_fork_asm+0x1a/0x30
[ 446.347768][T19678]
[ 446.347768][T19678] -> #0 (&q->elevator_lock){+.+.}-{4:4}:
[ 446.355690][T19678] __lock_acquire+0x126f/0x1c90
[ 446.361080][T19678] lock_acquire+0x179/0x350
[ 446.366301][T19678] __mutex_lock+0x191/0x1070
[ 446.371436][T19678] elevator_change+0x103/0x400
[ 446.376734][T19678] elv_iosched_store+0x2eb/0x3a0
[ 446.382213][T19678] queue_attr_store+0x268/0x310
[ 446.387589][T19678] sysfs_kf_write+0xef/0x150
[ 446.392811][T19678] kernfs_fop_write_iter+0x354/0x510
[ 446.398638][T19678] vfs_write+0x6c7/0x1150
[ 446.403496][T19678] ksys_write+0x12a/0x250
[ 446.408376][T19678] do_syscall_64+0xcd/0x490
[ 446.413507][T19678] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 446.419998][T19678]
[ 446.419998][T19678] other info that might help us debug this:
[ 446.419998][T19678]
[ 446.430237][T19678] Chain exists of:
[ 446.430237][T19678] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#18
[ 446.430237][T19678]
[ 446.444031][T19678] Possible unsafe locking scenario:
[ 446.444031][T19678]
[ 446.451489][T19678] CPU0 CPU1
[ 446.456888][T19678] ---- ----
[ 446.462367][T19678] lock(&q->q_usage_counter(io)#18);
[ 446.467754][T19678] lock(fs_reclaim);
[ 446.474275][T19678] lock(&q->q_usage_counter(io)#18);
[ 446.482185][T19678] lock(&q->elevator_lock);
[ 446.486782][T19678]
[ 446.486782][T19678] *** DEADLOCK ***
[ 446.486782][T19678]
[ 446.494936][T19678] 7 locks held by syz.2.6862/19678:
[ 446.500219][T19678] #0: ffff88802fd5feb8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[ 446.509303][T19678] #1: ffff88807f91c428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 446.518306][T19678] #2: ffff888033bef088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 446.528280][T19678] #3: ffff888023bcf4b8 (kn->active#225){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 446.538450][T19678] #4: ffff888025dd1368 (&set->update_nr_hwq_lock){++++}-{4:4}, at: elv_iosched_store+0x337/0x3a0
[ 446.549293][T19678] #5: ffff888143b10a78 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 446.560997][T19678] #6: ffff888143b10ab0 (&q->q_usage_counter(queue)#29){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 446.572955][T19678]
[ 446.572955][T19678] stack backtrace:
[ 446.578902][T19678] CPU: 0 UID: 0 PID: 19678 Comm: syz.2.6862 Tainted: G U I 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full)
[ 446.578951][T19678] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 446.578963][T19678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 446.578981][T19678] Call Trace:
[ 446.578993][T19678]
[ 446.579004][T19678] dump_stack_lvl+0x116/0x1f0
[ 446.579049][T19678] print_circular_bug+0x275/0x350
[ 446.579088][T19678] check_noncircular+0x14c/0x170
[ 446.579131][T19678] __lock_acquire+0x126f/0x1c90
[ 446.579176][T19678] lock_acquire+0x179/0x350
[ 446.579213][T19678] ? elevator_change+0x103/0x400
[ 446.579249][T19678] ? __pfx___might_resched+0x10/0x10
[ 446.579282][T19678] ? elevator_change+0x103/0x400
[ 446.579315][T19678] __mutex_lock+0x191/0x1070
[ 446.579359][T19678] ? elevator_change+0x103/0x400
[ 446.579398][T19678] ? __pfx___mutex_lock+0x10/0x10
[ 446.579447][T19678] ? blk_mq_cancel_work_sync+0xd8/0x110
[ 446.579495][T19678] ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[ 446.579547][T19678] ? elevator_change+0x103/0x400
[ 446.579581][T19678] elevator_change+0x103/0x400
[ 446.579618][T19678] elv_iosched_store+0x2eb/0x3a0
[ 446.579656][T19678] ? __pfx_elv_iosched_store+0x10/0x10
[ 446.579700][T19678] ? __mutex_trylock_common+0xe9/0x250
[ 446.579741][T19678] ? __pfx_elv_iosched_store+0x10/0x10
[ 446.579779][T19678] queue_attr_store+0x268/0x310
[ 446.579809][T19678] ? __pfx_queue_attr_store+0x10/0x10
[ 446.579836][T19678] ? __lock_acquire+0x622/0x1c90
[ 446.579885][T19678] ? find_held_lock+0x2b/0x80
[ 446.579906][T19678] ? sysfs_file_kobj+0xe4/0x290
[ 446.579931][T19678] ? __pfx_queue_attr_store+0x10/0x10
[ 446.579953][T19678] sysfs_kf_write+0xef/0x150
[ 446.579978][T19678] kernfs_fop_write_iter+0x354/0x510
[ 446.580015][T19678] ? __pfx_sysfs_kf_write+0x10/0x10
[ 446.580040][T19678] vfs_write+0x6c7/0x1150
[ 446.580066][T19678] ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 446.580105][T19678] ? __pfx___mutex_lock+0x10/0x10
[ 446.580139][T19678] ? __pfx_vfs_write+0x10/0x10
[ 446.580173][T19678] ksys_write+0x12a/0x250
[ 446.580198][T19678] ? __pfx_ksys_write+0x10/0x10
[ 446.580228][T19678] do_syscall_64+0xcd/0x490
[ 446.580264][T19678] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 446.580289][T19678] RIP: 0033:0x7f0e64d8eb69
[ 446.580307][T19678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 446.580330][T19678] RSP: 002b:00007f0e65bd4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 446.580351][T19678] RAX: ffffffffffffffda RBX: 00007f0e64fb5fa0 RCX: 00007f0e64d8eb69
[ 446.580367][T19678] RDX: 0000000000000081 RSI: 0000200000000140 RDI: 0000000000000003
[ 446.580381][T19678] RBP: 00007f0e64e11df1 R08: 0000000000000000 R09: 0000000000000000
[ 446.580395][T19678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 446.580409][T19678] R13: 0000000000000000 R14: 00007f0e64fb5fa0 R15: 00007ffe4311ab78
[ 446.580431][T19678]
[ 446.873628][ C0] vkms_vblank_simulate: vblank timer overrun
SYZFAIL: failed to send rpc
fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe)
[ 448.249761][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 448.296766][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 448.346712][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 448.399657][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 448.564253][ T12] bridge_slave_1: left allmulticast mode
[ 448.569930][ T12] bridge_slave_1: left promiscuous mode
[ 448.611268][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 448.619509][ T12] bridge_slave_0: left allmulticast mode
[ 448.660455][ T12] bridge_slave_0: left promiscuous mode
[ 448.666174][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 448.864157][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 448.886848][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 448.911734][ T12] bond0 (unregistering): Released all slaves
[ 449.091065][ T12] hsr_slave_0: left promiscuous mode
[ 449.138663][ T12] hsr_slave_1: left promiscuous mode
[ 449.144497][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 449.160039][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 449.166353][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 449.196939][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 449.248634][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 449.256151][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 449.292985][ T12] veth1_macvtap: left promiscuous mode
[ 449.316980][ T12] veth0_macvtap: left promiscuous mode
[ 449.322742][ T12] veth1_vlan: left promiscuous mode
[ 449.358791][ T12] veth0_vlan: left promiscuous mode
[ 449.548451][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 449.571140][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 449.859051][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 449.911015][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 449.958761][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.019613][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.157553][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.218380][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.266650][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.395300][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.456187][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.496605][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.557660][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 450.696895][ T12] bridge_slave_1: left allmulticast mode
[ 450.710773][ T12] bridge_slave_1: left promiscuous mode
[ 450.716540][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 450.746749][ T12] bridge_slave_0: left allmulticast mode
[ 450.759665][ T12] bridge_slave_0: left promiscuous mode
[ 450.765509][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 450.802005][ T12] bridge_slave_1: left allmulticast mode
[ 450.808251][ T12] bridge_slave_1: left promiscuous mode
[ 450.830101][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 450.850694][ T12] bridge_slave_0: left allmulticast mode
[ 450.856484][ T12] bridge_slave_0: left promiscuous mode
[ 450.879320][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 450.900822][ T12] bridge_slave_1: left allmulticast mode
[ 450.906526][ T12] bridge_slave_1: left promiscuous mode
[ 450.931097][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 450.950622][ T12] bridge_slave_0: left allmulticast mode
[ 450.956318][ T12] bridge_slave_0: left promiscuous mode
[ 450.971968][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 451.105445][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 451.116868][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 451.129999][ T12] bond0 (unregistering): Released all slaves
[ 451.192684][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 451.203683][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 451.213866][ T12] bond0 (unregistering): Released all slaves
[ 451.280977][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 451.291873][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 451.302647][ T12] bond0 (unregistering): Released all slaves
[ 451.687196][ T12] hsr_slave_0: left promiscuous mode
[ 451.705619][ T12] hsr_slave_1: left promiscuous mode
[ 451.715443][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 451.722944][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 451.745560][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 451.753055][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 451.785799][ T12] hsr_slave_0: left promiscuous mode
[ 451.795857][ T12] hsr_slave_1: left promiscuous mode
[ 451.814886][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 451.822296][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 451.845117][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 451.852878][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 451.897200][ T12] hsr_slave_0: left promiscuous mode
[ 451.905216][ T12] hsr_slave_1: left promiscuous mode
[ 451.914487][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 451.921905][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 451.954699][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 451.962121][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 451.980835][ T12] veth1_macvtap: left promiscuous mode
[ 451.986844][ T12] veth0_macvtap: left promiscuous mode
[ 451.992448][ T12] veth1_vlan: left promiscuous mode
[ 452.002621][ T12] veth0_vlan: left promiscuous mode
[ 452.008701][ T12] veth1_macvtap: left promiscuous mode
[ 452.015554][ T12] veth0_macvtap: left promiscuous mode
[ 452.021131][ T12] veth1_vlan: left promiscuous mode
[ 452.026921][ T12] veth0_vlan: left promiscuous mode
[ 452.033834][ T12] veth1_macvtap: left promiscuous mode
[ 452.039350][ T12] veth0_macvtap: left promiscuous mode
[ 452.045305][ T12] veth1_vlan: left promiscuous mode
[ 452.050588][ T12] veth0_vlan: left promiscuous mode
[ 452.300109][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 452.325164][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 452.508034][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 452.531377][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 452.724872][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 452.749743][ T12] team0 (unregistering): Port device team_slave_0 removed