last executing test programs: 12m19.628985996s ago: executing program 32 (id=1360): bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_11={0x80000000000021, 0x200000003, 0x5, 0x7, 0x1, 0x6f, 0x9dd8, 0xe98e}, 0x5) 11m9.541892934s ago: executing program 2 (id=2794): sendmsg$auto_TIPC_NL_PUBL_GET(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001400)={&(0x7f0000000080)=ANY=[@ANYBLOB="07130000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fddbdf2507000000480009000583bfe1cb935773c502cd1a2b2a9903106148fe0cea1e0f5e9ddea45e502110e421b7947d655180465650c326c6744842eeb6e9815994538fcc1530ad1e9ebdeb656bd85a0007008eeb2d306671f0cfac5ae64e0407abd0e16c1e5870b06f3207d324394abd5378786d5999677f2a857fdd5e6d8d893cc6470e8543c86657ff871e15f752e0423746d360840db681b0289db3ad860302d94e9285ca86a10000520002006479dd8150969cfbf6d666173842c2cb28729f186b22a68ad0d01a94eb28c6026b36357efd21f99313994fddfda5b416e53b2c29f047057484aedd7751d0158304a6984ec8ce4e8e4d6db4cc8ff70000e80000004db8d021c34c9090b6f1dbb53e639bd4166d82122bae71b3ae93ea8c056f957f9d30df43efd93395e863dda2bbc11b00d470efaa1fed6165f6493d918931f6c00af6f15fcf0847274858fbea4afb9e2cad07aa0c4bb4aba6ee01112a8861e344399e172c6c2c9ad3481df941c64265ae04799e02a2e2d941a9ab4ce8ef388d31694426afff9da5315bcb3b82349c645010bc76dbf888145c9cbbd129ba234def4f1326f6407ccc807d7188520c2c5d25696c115facf6a924f948a6ef8be112a1be7364503f3a094a2ae59074730ad9bd5a6f797aaedeb59d8b3625ebcf9535d8c4167529ad000200d345619c941912afddb7ea09a9757d5ca111050dcc9a85f58fc931a8975aa27935d05b898af0af1ecd412eceaf7acde661e051400c8ba8b9c66d1acd9dc14b26aa3d7011e7ace4da41c7acbc627add91c757a8cbac64b3d47616da74967bffbc70ae9f164bf958f77476712f20cfe16008cee8bf5b183dd96c9d5151376a88ba95699d4d63b15e65c8b0307c8de2d25407185025df435362cabf13870391d626119d69358eddf48f0a0000001f000400dd24cfd5c3687a80bdda1498e3ed7f35146917eb267adcdb7d438d0067000700bf8d5ab8fc3e9187c5820f1c28b0f71e82f1adde598b0f170dcccf6ac0892788531efeafd121ccdfb242e106dd3cbba12d77cb11cc7cac259a83e042c2c4b9bf5659486475e2ab98796359a161c510f9aa058ae38f1c3121f086a097bfcf9c65455e4200041008009d1149639ba394e8cd1687be0aaca14cd90769ab9a66ff3c90789d3ad7f4e94ec6768934b44bf315cbfd411974320262c3838f4126735c0df07091fa99b1281938c302c0d7c1bd16473283947185c0ec974bc305e5fd73469bd833cd01e13da8b88963127646aff7c3da6b25b3b3430de9ac75ecfada13b79acf5ff699d4e6eedaa33f68d4b316c76eca74f015812bc926c9448adb81473ff178ce6ab37bf2aab0b902049596d4a486cfbf6701b7308a6764e95ed15c440671293b10c2cf35c60c6a759c1b54620a88ba63ffe1dd42bbabcaf66379f88ccae89b19011c8fd21cda00acc23f3541126385a589de4fbdf8265a02c65b0db7e935e69d844d90967230c0a9e1e9b52dd9b9691cb9fc658cd0587cc7e6eed1c87fb7624c5f822022cb0eeba385b74439449e2c0cb64d86d1a139d01fffb110ec041ad9cadc9f6ac2cb936b1ae9e49fa92c697afa82aab77f694806737c8ebd239d67873e0f3c2b4c2d0665e984510ba8b0b7acbfe0b1db23055575ecdeef070d069f8e86d0d9872a59e85e43f0ebb64bc257b01b594e90485d6009c40e4a35bce5b02e258c2defeec81b7800af129616b0dd3fdc7fc91844a2da2c47e5d6e99eecf5abae03bb6481ef9eee687b34f86de26fa7b8190552dad0be4df7d0b7f97931e04c22dd809eb857538eb876998e61a3b60f15f5dc99d35f840b4c269da3f5ce6c1c82e41b661440084382b3be7990a89714402894659d63429a80320872094bd8693a3d85db18ceb25e5904a18fff404ac92fc80ca8bba6ab50ae673e779a938d03a2ef62e60035fbdb31e410abbbf18ffd69e60dc15b496c2b2bea8649e5076f641df194ff601d7b916a0e1f22a5f1b3ef4649bbde772535701084ea5148382954e797d49b2ae97cdea9a029e21cd904e1a8fb03dbeaeddc77a06a6447c43c32e9abb40a76aa802062ca9bcf074b031733c29712eddb8514de7de6ad85ddb189100cde6107c1fc2b3e3fbd2b86e161c660d162b7fe716b9c13db625647b007b2cf9d51edeb40b474fdb6cc84cec0e8fc553c385eab67df20981894f7e0cd531c8479c971ce438319860fe1bc71477b9d2c83839c4bf17ca5f1a15410038001d1d22402f8c92caacdb7369c876a7d92053b681b1bc896c399a8c2d2fc2e5ae7db64ca4b57dec495a65813ed9c8089fe18338c813f20de278ffea18df2c794f1d82d82b677a4338b0a150c149fb4229e708c1d195620d0b899427758e0e8a25d54ff4fc96adea98511d8f5c8c82496e764360b351da63c63b99cde5bb116e737b3cebd4765c6a77e59f761840a0d742db62d6b556c89e0f28794de5859f3a4b38b5643ffc25e1be2ebfd62cff25536945e49f0bdb9850c1672171c2fc5388c81ef4c31aaeae15859c9e004c719a10a07b8cd28ebe23648a1be380c000140b3701622e169274d74835721472b2a0e91aa92f90443e1b5701eb0606be5cb5b5d3d264c303fe71d3b8f6b0d6dd54d7de5f0a88aec2954d39aebf8c587ee96009c5dde2818e9bad320ea52521e5b615dd210f6f159a7e52b3e48a1f37fb090924ef61a9b17a8e85460e66a12b2600782702b051856161c150775258a481587a900fb08abcaa2f56fef8217f24619e7df28ed2783c85b71258455d6bf3f343f63b723ea06256e1b1edc383eeb80ee066c0777341cb5cb08c00f13a984e1e8cdef14e391d41eff54cca65b83f2a3fe7bffe458a2d29fffdd3a845052fc814d203a8e5fe946e0c559e36e89f51cb84612e212916297483485d4ce34d16a4a680ededd3cf0638133628cb7690388d4dc074d43caa4d9baf45703d28861d507f4b107bf1abb9fd7654aa3b29c5cef1e976cadbc249df8aee73d5989d8a24670c31dfd8597bf46dbda1595870ee9ae910cbc56e899b21b60779421b241836be7163b2fb1ee9470bacb7529ae57cfb0d53c21d80dec239e1eb3f4d9d006d80b67c263878441fe2a1b4ee048bfd52d5c27d080043b053670c7e56b8c33892bd9c5424842c70451f1cf203935bb2aaee9addcb4c961d0567788658efa456c36e07873b59b5de0a5b7d32c703b4b1929b699819cf08e856fafed75202585409efb4a83e61d5c3858f29b09dd87c0962848c44a72b622f396f57cfe6b95472825d377695cfa19c55f20dfadfa2c52272c33ee5475830b94695bb9edbd427f3ffde1e12dcfac00cf20e8d97d5372e5be85c4a4f94ae79c1e64ac5d91ea57b924b4791ee3cff92eac70cfa298c995b353b8a70d8a6427053e65e831bd105d364647f5af924c70c7ffbb948588c408a50a62ca961124ccda43e899b39c80e6475eb83b96a1977f15343853dd06d12f693c1445e0b43f49772dcbea5470227a34b79ab54bbdd01d62192e4e5a81b98b7785dc493526a01a52bef6ab98b54b787e5c1e2d9a3d6e03bf7b6c6e2070b9efe1af7ee8407ff626c763f8fbcdef4177b171a472cb202b9deb96313952e3e410a79d32e51532630f0a84bc204d0d2e62dd9655687c03ad2ad90df9bc63981d48ce8514a6c17ed664714ee214ece76e0a40fbac0e1cbb448a669d69885b0dba649e0231a1e05c2db404a3a1c0e7b6b7d8c338ba0712c434d84786644571b67559e0ae416dc030c6e28a9144b903286d97ca85bd030f1c684263f6a1e61b944ac8c63acf1bd2b7df903a6cd87589dc8b979106df6abf4719e3e795e2bffefe3f3382a34ed6d2024e54a3b32ce73b1b605a080c838408fdb1c5e13773a7c46906a9891d662bc10714b9b614358fc6eea36ccdfaf0c36070555108e72eb0760edefad04d0cf369bc167befe2198b21144989f5b9bae5aaa4077a67c58d144aad38014ddfcecc424b2466a22107f81fbd6f1799d277f7285d742b135c768b408743e98d8b80024431cc0efb30858121f19262b404658c19771a34451705b5415c23ba2469b24590b9acd210d64c56fd7b3340a43dfe7c24c6798aec5c953dc9c43e786eeb807e51857a57cbde7be044dd4cbc820582b8d61c2adfa8e9b12366fe55bfbff7b8ab5885a074d7cd525ad4d9d6c907c41cb049a163e0605b54b1f2dd4f715516cb8364092fb6024c424051e955f858371d6dbaa2fb7d001482cf8004b014aec1b3910f6d24b703461fa565d5c63df0d01315be0e78dcb871a9ba178af748762fc487d4843d2f95f180e24df7f425588888a394013b2cb02836f791f344b3c609ff9b9aeaed7ea733b0e1846c286cb9e794198a13698680d1706179d849e69d751cac1ec877c7e90a070e408cffc146abb91b40b3358c8a679ea5f2dae0731133eda60c0f9de1973d13d3a583d3d52cc8dc7d65bb56976941109e3ae28cdaded62213ae88d5840ea87ce24bf8271b0fc453fd82feaf5464c59ade7961251a4196ac4337ad819c2e8afe9d0bd40895bb6b05d4679c1007114055ad688f3d75cc3865fc0c76556783011b3c68aab512aa0f1edd4898e2773c6791b4f6c64336a799a4dd9e8084850e45cd86f7ed9c7b996bc4c2ae77b088ada52d3b39af9d8d77bfece5cd9d9eb24991e73397a321884e559a84ceee6825c578b07fe08c2b77c9a75f5aa6e355dfe0dd0f7112f24e4cbf498e08994cb0ceb61adb754b8a16b1891f1356219fcc1f9bb56036501c4416e08e397c1d731a80ae18ba7e1d1e86cf0e539e23d7572f246fa3f2c0b93b64d62dcc19984a138a05a725525d81dd8421b4fa951ec98a21f9b870392f5ca9fa26ad55ce4a7023b3e9e08433bd698ee2b4a78fc7982f4f0daa85e947bcd00bc3d91fa623c5bb52e1c6b4344040fa2f8f2cff6db0958e136f20dd5e9753299bd0e1b2cab58ac2860042c4193fe500a72224fe2a8e7062c3efad55b747d5914282c63b29527bfac9602c6fc06834844cad5c7252161d484eeb8856000002141079a45293703586307efe0e9e43da10e615779f19d8fe8dfea46a7107b80268368583aee61419fca16055f363ac9075c306fc0e73da9d75bd03b315d6bf404a11c806819d35d164997b8591457078c14864bb46a5150d015ba3b0712efa07761144df5796f633241384df4da59b84b3feef2adf2c68b383389232395707d6caa94a3d0849141f323211a2ca28d2b208a690979bc901ec13e7eb9cf3e8937449694f285f61ab084b64db9712248e3996b07fd50d0c4d30d559337804c708e5c3cd04bbf5dbeb1651e4aad862eefdd135b576aeb8d4de6412"], 0x1354}}, 0x40001) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 11m9.135320438s ago: executing program 2 (id=2803): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/binder/parameters/stop_on_user_error\x00', 0x2, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)='\x00', 0x1) 11m8.912513091s ago: executing program 2 (id=2809): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/io_timeout\x00', 0x80880, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000180)=""/187, 0xbb) 11m8.746122286s ago: executing program 2 (id=2813): r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) write$auto(r0, &(0x7f0000000040)=',,\x00', 0x8) 11m8.547591316s ago: executing program 2 (id=2818): tkill$auto(0x1, 0x7) keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79) 11m8.125982484s ago: executing program 2 (id=2834): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/block/loop11/removable\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000005c0)=""/4096, 0x1000) 11m7.830250428s ago: executing program 33 (id=2834): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/block/loop11/removable\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000005c0)=""/4096, 0x1000) 8m1.611236002s ago: executing program 5 (id=6839): r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x200000000000000) 8m1.43094818s ago: executing program 5 (id=6842): setreuid$auto(0xffffffffffffffff, 0x8) bpf$auto(0x800000000000001f, 0xfffffffffffffffe, 0x0) 8m1.253819588s ago: executing program 5 (id=6845): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/bConfigurationValue\x00', 0x101142, 0x0) write$auto(r0, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) 8m0.985963957s ago: executing program 5 (id=6848): r0 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r0, &(0x7f0000000040)=""/4096, 0xfffffe82) 7m59.834695275s ago: executing program 5 (id=6860): setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) tkill$auto(0x80000000000001, 0x7) 7m59.405128197s ago: executing program 5 (id=6866): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={{0xfffffffffffff801}, {0x4, 0xfffffffffffffffa}, 0x10001, 0x8, 0x3ff, 0x3d22197b, 0x0, 0x5, 0x4, 0x7fff, 0x1, 0x7, 0x7, 0x400, 0x1, 0x5}) 7m59.010914646s ago: executing program 34 (id=6866): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={{0xfffffffffffff801}, {0x4, 0xfffffffffffffffa}, 0x10001, 0x8, 0x3ff, 0x3d22197b, 0x0, 0x5, 0x4, 0x7fff, 0x1, 0x7, 0x7, 0x400, 0x1, 0x5}) 6m44.023943115s ago: executing program 0 (id=8037): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource0\x00', 0x103000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) read$auto(r0, 0x0, 0x2) 6m43.686610475s ago: executing program 0 (id=8042): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001640), r0) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r0, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000180)={0x28, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x9}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x9}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 6m43.459892464s ago: executing program 0 (id=8046): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000001c0), r0) sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010027bd7000fddbdf250500000008000100", @ANYRES32], 0x1c}}, 0x24040050) 6m43.083345549s ago: executing program 0 (id=8051): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x1d, 0x2, 0x6) getsockopt$auto(r0, 0x6a, 0x5, 0x0, 0x0) 6m42.493509981s ago: executing program 0 (id=8060): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 6m41.893661404s ago: executing program 0 (id=8070): open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x2cbd5d) ftruncate$auto(0x3, 0x700) 6m41.5007904s ago: executing program 35 (id=8070): open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x2cbd5d) ftruncate$auto(0x3, 0x700) 4m56.102204198s ago: executing program 1 (id=9786): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x2, 0x73) sendto$auto(r0, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 4m55.9703268s ago: executing program 1 (id=9790): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setrlimit$auto(0xb, 0x0) timer_create$auto(0x3, 0x0, 0x0) 4m55.577867285s ago: executing program 1 (id=9795): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) msync$auto(0x1ffff000, 0x0, 0x400000004) 4m55.411481763s ago: executing program 1 (id=9799): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xa, 0x5, 0x0) setsockopt$auto(r0, 0x10000000084, 0x4, 0x0, 0x4) 4m55.029826828s ago: executing program 1 (id=9805): close_range$auto(0x2, 0x8, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) tkill$auto(0x1, 0x7) 4m54.53994413s ago: executing program 1 (id=9810): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x40, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x14, 0x0, 0x1, [@nested={0x8, 0x3, 0x0, 0x1, [@typed={0x4, 0x20}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) 4m54.190141143s ago: executing program 36 (id=9810): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x40, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x14, 0x0, 0x1, [@nested={0x8, 0x3, 0x0, 0x1, [@typed={0x4, 0x20}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) 2m42.794472346s ago: executing program 8 (id=11517): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0xf, 0x7, 0x8, 0x0) r0 = socket(0x10, 0x3, 0xb) setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16) 2m42.586336291s ago: executing program 8 (id=11521): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) select$auto(0x8, &(0x7f0000000240)={[0x8, 0x8, 0x3, 0x4, 0xffffffffffff7fff, 0x8000, 0x4, 0x5, 0xd3b, 0x34, 0x5, 0x0, 0x5, 0x5, 0x3, 0x5]}, 0x0, 0x0, 0x0) dup2$auto(0x0, 0x4) 2m42.380441458s ago: executing program 8 (id=11525): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) 2m42.207999044s ago: executing program 8 (id=11527): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x0, 0x15, 0x0, 0x28) 2m42.13810951s ago: executing program 8 (id=11528): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) tkill$auto(0x80000000000001, 0x7) 2m41.631170383s ago: executing program 8 (id=11538): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000080)={0x34, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}, @NET_SHAPER_A_METRIC={0x8, 0x2, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x14) 2m41.317228266s ago: executing program 37 (id=11538): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000080)={0x34, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}, @NET_SHAPER_A_METRIC={0x8, 0x2, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x14) 2m3.04400724s ago: executing program 6 (id=12007): socket(0xa, 0x2, 0x0) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) connect$auto(0x3, &(0x7f0000000140), 0x55) 2m2.794812088s ago: executing program 6 (id=12011): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x0, 0x0) r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000140)={'bridge0\x00'}) 2m2.617873945s ago: executing program 6 (id=12013): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r1, 0x80dc5521, r0) 2m2.461807496s ago: executing program 6 (id=12016): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff) setfsuid$auto(0xee01) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000040)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) 2m2.001954132s ago: executing program 6 (id=12020): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 2m1.028064551s ago: executing program 6 (id=12034): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003e00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003e40)={'wg2\x00', 0x0}) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r0, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000003e80)={0x1c, r1, 0x309, 0x70bd2b, 0x25dfdbfe, {}, [@NETDEV_A_NAPI_IFINDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 2m0.637003445s ago: executing program 38 (id=12034): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003e00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003e40)={'wg2\x00', 0x0}) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r0, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000003e80)={0x1c, r1, 0x309, 0x70bd2b, 0x25dfdbfe, {}, [@NETDEV_A_NAPI_IFINDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 5.671372223s ago: executing program 7 (id=13096): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x22240, 0x155) socket(0x2, 0x4, 0x0) r0 = socket(0x2a, 0x2, 0x0) ioctl$auto(r0, 0x8912, 0x38) 4.704987521s ago: executing program 3 (id=13105): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xaece, 0xffffffffffffffff) read$auto(0x4, 0x0, 0xfdef) 4.661598111s ago: executing program 7 (id=13106): ioperm$auto(0x7, 0x6, 0x2) ioperm$auto(0x162, 0x6, 0xfffffff2) munmap$auto(0x1000000, 0x2000000c) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mlockall$auto(0x3) 2.120972224s ago: executing program 3 (id=13112): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.4/usb5/bMaxPower\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) read$auto(r0, 0x0, 0x20) 2.03156281s ago: executing program 9 (id=13113): mmap$auto(0x0, 0x400008, 0x7cb8, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 1.859524169s ago: executing program 9 (id=13115): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) getpid() prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0) ioctl$auto(0x3, 0xc040563e, 0x38) 1.751444925s ago: executing program 3 (id=13116): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003540), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000035c0)={'macvlan0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(r1, &(0x7f00000036c0)={0x0, 0x0, &(0x7f0000003680)={&(0x7f0000003600)={0x20, r2, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_PLCA_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x40880) 1.67482681s ago: executing program 9 (id=13117): r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fchdir$auto(r0) mmap$auto(0x0, 0x9, 0x1000df, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) renameat$auto(0x6, 0x0, 0x5, 0x0) 1.486051555s ago: executing program 9 (id=13119): mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x10000, 0x7, 0xc) futex$auto(0x0, 0x7, 0x9, 0x0, 0x0, 0x80000001) 1.393633937s ago: executing program 3 (id=13120): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) r2 = socket(0x1d, 0x2, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'macsec0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, r1, 0x201, 0x70bd2a, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0xa}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004054}, 0x480b0) 1.365876693s ago: executing program 7 (id=13121): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, 0x0, 0x1, 0x0, 0x4, 0x3}, 0x5}, 0x2, 0x100) 1.314430042s ago: executing program 4 (id=13122): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x50bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x200000000006}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xaa22}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 1.170647616s ago: executing program 7 (id=13123): mmap$auto(0x0, 0x2000d, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000004000), 0x40, 0x0) ioctl$auto_RNDADDENTROPY2(r0, 0x40085203, 0x0) 1.055253598s ago: executing program 9 (id=13124): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xff, 0x0, @raw=0xfffff034}}) 1.046236192s ago: executing program 4 (id=13125): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYBLOB="040006"], 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x800) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r0) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000005c0), r0) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000400)={0x1c, r1, 0x8ff972b65c311bf5, 0x70bd26, 0x25dfdbfe, {}, [@MACSEC_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8090}, 0x4000) 922.273194ms ago: executing program 3 (id=13126): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r0 = socket(0xa, 0x801, 0x84) syz_clone3(&(0x7f0000000400)={0x28000000, 0x0, 0x0, 0x0, {0x3f}, 0x0, 0x0, 0x0, 0x0}, 0x58) getsockopt$auto(r0, 0x84, 0x83, 0x0, 0x0) 909.373025ms ago: executing program 7 (id=13127): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/read_ahead_kb\x00', 0x181482, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gre0/statistics/tx_errors\x00', 0x181400, 0x0) read$auto(r0, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) 784.685049ms ago: executing program 4 (id=13128): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r1, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4019}, 0x0) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r0) sendmsg$auto_MACSEC_CMD_UPD_TXSA(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MACSEC_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x400c8d4) 635.973265ms ago: executing program 7 (id=13129): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) copy_file_range$auto(r0, 0x0, r0, 0x0, 0x9, 0x80) 634.885116ms ago: executing program 9 (id=13130): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x100000, 0x8, 0xb) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0xc00, 0x2c, 0x2c, 0x0, 0x2}) 499.195958ms ago: executing program 4 (id=13131): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/radio2\x00', 0x0, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, 0x0, 0x300) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r1, 0xc074510c, 0x3) 289.638734ms ago: executing program 4 (id=13132): r0 = socket(0x1e, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'macsec0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r2) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r2, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)={0x2c, r3, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x3, 0x0, 0x0, @uid}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x24040000}, 0x4000800) 91.428909ms ago: executing program 4 (id=13133): mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x10000, 0x7, 0xc) futex$auto(0x0, 0x7, 0x9, 0x0, 0x0, 0x80000001) 0s ago: executing program 3 (id=13134): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) recvmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x7, &(0x7f0000000040)={0x0, 0x1}, 0x6, 0x0, 0x4, 0x6}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) kernel console output (not intermixed with test programs): policy comm="syz.1.4377" res=0 errno=0 [ 280.516471][ T29] audit: type=1802 audit(3238.956:28): pid=15208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4377" res=0 errno=0 [ 283.512094][T15362] < [ 284.062766][T15390] Line length is too long: Should be less than 4094 [ 284.250793][T15394] Invalid ELF header magic: != ELF [ 285.277075][T15445] QAT: Device 2 not found [ 285.314732][T15449] Line length is too long: Should be less than 4094 [ 285.511368][T15457] ptrace attach of "./syz-executor exec"[6300] was attempted by ""[15457] [ 287.356488][T15547] ptrace attach of "./syz-executor exec"[8536] was attempted by "./syz-executor exec"[15547] [ 289.537976][T15660] Setting dangerous option i915.mitigations - tainting kernel [ 289.574293][T15660] Bad "i915.mitigations=!}", '}' is unknown [ 290.059261][T15685] : Can't lookup blockdev [ 291.740572][T15770] program syz.4.4654 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 291.784153][T15772] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 291.874070][T15772] CIFS mount error: No usable UNC path provided in device string! [ 291.874070][T15772] [ 291.898356][T15772] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 292.572130][ T29] audit: type=1806 audit(3251.180:29): xattr="." res=0 [ 293.953210][T15880] __vm_enough_memory: pid: 15880, comm: syz.5.4709, bytes: 4503599627366400 not enough memory for the allocation [ 298.538970][T16104] ubi13: attaching mtd0 [ 298.542542][T16106] Process accounting resumed [ 298.543392][T16104] ubi13 error: ubi_attach_mtd_dev: bad VID header (13) or data offsets (77) [ 298.551520][T16106] kernel write not supported for file /netdevsim/netdevsim2/trap_flow_action_cookie (pid: 16106 comm: syz.0.4822) [ 300.677128][T16190] ICMPv6: process `syz.1.4861' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 304.890478][ T29] audit: type=1400 audit(4294967303.277:30): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=16348 comm="syz.0.4936" [ 305.878655][T16385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe08 [ 305.887825][T16385] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 305.937957][T16385] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 305.946020][T16385] page_type: f5(slab) [ 305.967804][T16385] raw: 00fff00000000040 ffff88801b042140 0000000000000000 dead000000000001 [ 305.977863][T16385] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 305.986508][T16385] head: 00fff00000000040 ffff88801b042140 0000000000000000 dead000000000001 [ 306.047416][T16385] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 306.073079][T16385] head: 00fff00000000003 ffffea0001ff8201 ffffffffffffffff 0000000000000000 [ 306.098553][T16385] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 306.121648][T16385] page dumped because: unmovable page [ 306.136105][T16385] page_owner tracks the page as allocated [ 306.163461][T16385] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5209, tgid 5209 (udevadm), ts 25773303090, free_ts 21603307575 [ 306.189351][T16385] post_alloc_hook+0x181/0x1b0 [ 306.194188][T16385] get_page_from_freelist+0xfce/0x2f80 [ 306.202206][T16385] __alloc_frozen_pages_noprof+0x221/0x2470 [ 306.210745][T16385] alloc_pages_mpol+0x1fc/0x540 [ 306.223854][T16385] new_slab+0x23d/0x330 [ 306.228201][T16385] ___slab_alloc+0xbfa/0x1600 [ 306.232921][T16385] __slab_alloc.constprop.0+0x56/0xb0 [ 306.259469][T16385] __kmalloc_noprof+0x2de/0x4f0 [ 306.264400][T16385] tomoyo_realpath_from_path+0xbf/0x710 [ 306.292922][T16385] tomoyo_check_open_permission+0x2ad/0x3c0 [ 306.304464][T16385] tomoyo_file_open+0x6b/0x90 [ 306.320808][T16385] security_file_open+0x84/0x1e0 [ 306.344014][T16385] do_dentry_open+0x57c/0x1c40 [ 306.349384][T16385] vfs_open+0x82/0x3f0 [ 306.361032][T16385] path_openat+0x1e88/0x2d80 [ 306.369283][T16385] do_filp_open+0x20c/0x470 [ 306.373852][T16385] page last free pid 1 tgid 1 stack trace: [ 306.384519][T16385] free_frozen_pages+0x6db/0xfb0 [ 306.391995][T16385] free_contig_range+0x133/0x3f0 [ 306.402806][T16385] destroy_args+0x66f/0x830 [ 306.408376][T16385] debug_vm_pgtable+0x149c/0x2f20 [ 306.413457][T16385] do_one_initcall+0x128/0x630 [ 306.435416][T16385] kernel_init_freeable+0x58f/0x8b0 [ 306.445489][T16385] kernel_init+0x1c/0x2b0 [ 306.449887][T16385] ret_from_fork+0x45/0x80 [ 306.454361][T16385] ret_from_fork_asm+0x1a/0x30 [ 309.870939][T16555] Debayer A: ================= START STATUS ================= [ 309.887400][T16555] Debayer A: Debayer Mean Window Size: 3 [ 309.893500][T16555] Debayer A: ================== END STATUS ================== [ 310.074869][T16565] [ 310.101454][T16568] block2mtd: Using custom MTD label '' for dev [ 310.120016][T16568] block2mtd: error: cannot open device [ 310.402263][ T29] audit: type=1800 audit(4294967308.816:31): pid=16582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5050" name="discovery_nqn" dev="configfs" ino=41805 res=0 errno=0 [ 311.749501][T16646] Process accounting resumed [ 312.056719][T16660] usb usb15: usbfs: process 16660 (syz.4.5089) did not claim interface 0 before use [ 312.603824][T16686] [ 313.792527][T16743] usb usb15: usbfs: process 16743 (syz.4.5130) did not claim interface 0 before use [ 314.861241][T16794] ima: policy update failed [ 314.866064][ T29] audit: type=1807 audit(4294967313.299:32): UNKNOWN= res=0 [ 314.881395][ T29] audit: type=1802 audit(4294967313.299:33): pid=16795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.5156" res=0 errno=0 [ 314.949120][ T29] audit: type=1802 audit(4294967313.369:34): pid=16794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.5156" res=0 errno=0 [ 316.031007][T16851] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 316.218823][ T6308] Bluetooth: hci1: unexpected event 0x3d length: 726 > 14 [ 316.525550][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.549542][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.289273][T16910] aoe: invalid device specification [ 317.530082][T16919] bond0: option primary_reselect: invalid value (alw) [ 320.189354][T17048] kfence: disabled [ 321.451441][T17112] Malformed UNC in devname [ 321.451441][T17112] [ 321.459810][T17112] CIFS: VFS: Malformed UNC in devname [ 322.365502][ T6308] Bluetooth: hci1: SCO packet too small [ 326.906508][T17395] ceph: Failed to parse sending metrics switch value 'P^' [ 327.138044][T17401] futex_wake_op: syz.1.5455 tries to shift op by 64; fix this program [ 328.779802][ T6311] Bluetooth: hci0: command 0x0406 tx timeout [ 328.853607][ T6308] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 328.853646][ T6308] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 328.870878][ T6308] Bluetooth: hci2: Dropping invalid advertising data [ 328.877846][ T6308] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 329.220590][T17488] program syz.0.5498 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 329.254188][T17488] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 330.111416][ T6308] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 330.259432][T17534] delete_channel: no stack [ 331.630425][T17596] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 331.650954][T17596] ep_00: uevent: failed to send synthetic uevent: -22 [ 332.185248][T17619] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 334.576283][ T29] audit: type=1800 audit(4294967333.111:35): pid=17737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5621" name="discovery_nqn" dev="configfs" ino=46102 res=0 errno=0 [ 336.397685][T17824] Process accounting resumed [ 337.419505][T17880] ubi0: attaching mtd0 [ 337.945410][T17908] : Can't lookup blockdev [ 340.078123][T18019] QAT: Stopping all acceleration devices. [ 340.280073][T18031] Process accounting resumed [ 340.592605][T18046] vivid-010: ================= START STATUS ================= [ 340.627192][T18046] vivid-010: Generate PTS: true [ 340.644342][T18046] vivid-010: Generate SCR: true [ 340.656940][T18046] tpg source WxH: 640x360 (Y'CbCr) [ 340.672392][T18046] tpg field: 1 [ 340.675808][T18046] tpg crop: 640x360@0x0 [ 340.692586][T18046] tpg compose: 640x360@0x0 [ 340.702643][T18046] tpg colorspace: 8 [ 340.706496][T18046] tpg transfer function: 0/0 [ 340.734514][T18046] tpg Y'CbCr encoding: 0/0 [ 340.755431][T18046] tpg quantization: 0/0 [ 340.761154][T18046] tpg RGB range: 0/2 [ 340.765090][T18046] vivid-010: ================== END STATUS ================== [ 342.760273][T18158] Process accounting resumed [ 343.144614][T18178] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5814'. [ 343.709837][T18207] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 344.314848][ T6308] Bluetooth: hci1: unexpected event 0x32 length: 10 > 9 [ 346.029625][T18293] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(3) [ 347.647263][T18376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe08 [ 347.656977][T18376] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 347.671741][T18376] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 347.679868][T18376] page_type: f5(slab) [ 347.690037][T18376] raw: 00fff00000000040 ffff88801b042140 0000000000000000 dead000000000001 [ 347.715341][T18376] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 347.735079][T18376] head: 00fff00000000040 ffff88801b042140 0000000000000000 dead000000000001 [ 347.767915][T18376] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 347.788429][T18376] head: 00fff00000000003 ffffea0001ff8201 ffffffffffffffff 0000000000000000 [ 347.806592][T18376] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 347.816036][T18376] page dumped because: unmovable page [ 347.827413][T18376] page_owner tracks the page as allocated [ 347.834943][T18376] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5209, tgid 5209 (udevadm), ts 25773303090, free_ts 21603307575 [ 347.861167][T18376] post_alloc_hook+0x181/0x1b0 [ 347.866096][T18376] get_page_from_freelist+0xfce/0x2f80 [ 347.875728][T18376] __alloc_frozen_pages_noprof+0x221/0x2470 [ 347.884436][T18376] alloc_pages_mpol+0x1fc/0x540 [ 347.889441][T18376] new_slab+0x23d/0x330 [ 347.919629][T18376] ___slab_alloc+0xbfa/0x1600 [ 347.924394][T18376] __slab_alloc.constprop.0+0x56/0xb0 [ 347.939828][T18376] __kmalloc_noprof+0x2de/0x4f0 [ 347.944754][T18376] tomoyo_realpath_from_path+0xbf/0x710 [ 347.959660][T18376] tomoyo_check_open_permission+0x2ad/0x3c0 [ 347.999199][T18376] tomoyo_file_open+0x6b/0x90 [ 348.004800][T18376] security_file_open+0x84/0x1e0 [ 348.019695][T18376] do_dentry_open+0x57c/0x1c40 [ 348.040128][T18376] vfs_open+0x82/0x3f0 [ 348.044279][T18376] path_openat+0x1e88/0x2d80 [ 348.059105][T18376] do_filp_open+0x20c/0x470 [ 348.078773][T18376] page last free pid 1 tgid 1 stack trace: [ 348.088681][T18376] free_frozen_pages+0x6db/0xfb0 [ 348.093697][T18376] free_contig_range+0x133/0x3f0 [ 348.102091][T18376] destroy_args+0x66f/0x830 [ 348.107672][T18376] debug_vm_pgtable+0x149c/0x2f20 [ 348.113219][T18376] do_one_initcall+0x128/0x630 [ 348.128470][T18376] kernel_init_freeable+0x58f/0x8b0 [ 348.152572][T18376] kernel_init+0x1c/0x2b0 [ 348.162006][T18376] ret_from_fork+0x45/0x80 [ 348.166690][T18376] ret_from_fork_asm+0x1a/0x30 [ 349.826010][ T29] audit: type=1800 audit(4294967348.451:36): pid=18484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5965" name="dbroot" dev="configfs" ino=47065 res=0 errno=0 [ 349.836558][T18484] db_root: cannot open: [ 351.209246][ T29] audit: type=1800 audit(4294967349.828:37): pid=18549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5997" name="features" dev="configfs" ino=49214 res=0 errno=0 [ 351.741221][ T6308] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 351.741258][ T6308] Bluetooth: hci3: unexpected subevent 0x05 length: 725 > 12 [ 352.103239][T18581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807fe1a000 pfn:0x7fe18 [ 352.127112][T18581] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 352.139527][T18581] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 352.148538][T18581] page_type: f5(slab) [ 352.152705][T18581] raw: 00fff00000000240 ffff88801b042000 ffffea0001ec7810 ffffea0001e57a10 [ 352.159591][T18587] synth uevent: /devices/virtual/tty/ttys3: unknown uevent action string [ 352.161968][T18581] raw: ffff88807fe1a000 0000000000080002 00000000f5000000 0000000000000000 [ 352.204887][T18587] tty ttys3: uevent: failed to send synthetic uevent: -22 [ 352.211450][T18581] head: 00fff00000000240 ffff88801b042000 ffffea0001ec7810 ffffea0001e57a10 [ 352.235194][T18581] head: ffff88807fe1a000 0000000000080002 00000000f5000000 0000000000000000 [ 352.255390][T18581] head: 00fff00000000003 ffffea0001ff8601 ffffffffffffffff 0000000000000000 [ 352.287042][T18581] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 352.316139][T18581] page dumped because: unmovable page [ 352.332264][T18581] page_owner tracks the page as allocated [ 352.338323][T18581] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5502, tgid 5502 (dhcpcd), ts 80339196464, free_ts 80291348723 [ 352.365679][T18581] post_alloc_hook+0x181/0x1b0 [ 352.373901][T18581] get_page_from_freelist+0xfce/0x2f80 [ 352.385784][T18581] __alloc_frozen_pages_noprof+0x221/0x2470 [ 352.392675][T18581] alloc_pages_mpol+0x1fc/0x540 [ 352.412679][T18581] new_slab+0x23d/0x330 [ 352.422735][T18581] ___slab_alloc+0xbfa/0x1600 [ 352.431246][T18581] __slab_alloc.constprop.0+0x56/0xb0 [ 352.438435][T18581] __kmalloc_noprof+0x2de/0x4f0 [ 352.443470][T18581] sk_prot_alloc+0x1a8/0x2a0 [ 352.452361][T18581] sk_alloc+0x36/0xb90 [ 352.463027][T18581] __netlink_create+0x5e/0x2c0 [ 352.473877][T18581] netlink_create+0x3a4/0x630 [ 352.483401][T18581] __sock_create+0x335/0x8d0 [ 352.495158][T18581] __sys_socket+0x14f/0x260 [ 352.504740][T18581] __x64_sys_socket+0x72/0xb0 [ 352.520928][T18581] do_syscall_64+0xcd/0x250 [ 352.535749][T18581] page last free pid 6312 tgid 6312 stack trace: [ 352.565510][T18581] free_frozen_pages+0x6db/0xfb0 [ 352.570619][T18581] qlist_free_all+0x4e/0x120 [ 352.595400][T18581] kasan_quarantine_reduce+0x195/0x1e0 [ 352.601026][T18581] __kasan_slab_alloc+0x69/0x90 [ 352.625214][T18581] kmem_cache_alloc_lru_noprof+0x1c8/0x3b0 [ 352.645045][T18581] __d_alloc+0x35/0x8c0 [ 352.655133][T18581] d_alloc+0x4a/0x1e0 [ 352.664186][T18581] d_alloc_parallel+0xe7/0x12b0 [ 352.694925][T18581] __lookup_slow+0x194/0x470 [ 352.699677][T18581] lookup_one_len+0x181/0x1b0 [ 352.704477][T18581] start_creating.part.0+0x12f/0x3a0 [ 352.734639][T18581] __debugfs_create_file+0xa5/0x6b0 [ 352.744564][T18581] debugfs_create_file_full+0x41/0x60 [ 352.754512][T18581] nsim_create+0x36e/0xcd0 [ 352.766151][T18581] __nsim_dev_port_add+0x3bf/0x700 [ 352.794311][T18581] nsim_drv_probe+0xdc8/0x1490 [ 352.805144][T18609] Process accounting resumed [ 353.769238][ T6308] Bluetooth: hci3: command 0x0c1a tx timeout [ 355.443673][T18742] ima: policy update failed [ 355.448417][ T29] audit: type=1802 audit(4294967354.100:38): pid=18742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.6093" res=0 errno=0 [ 357.713139][T18857] ubi0: attaching mtd0 [ 357.722774][T18857] ubi0: scanning is finished [ 357.727631][T18857] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 357.880605][T18857] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 358.418185][T18889] mmap: syz.5.6166 (18889): VmData 41590784 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 358.642526][T18901] synth uevent: /bus/memstick: unknown uevent action string [ 363.085300][T19094] sysfs_service_op_store: Client not running :-5: [ 363.520211][T19110] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma? [ 363.653828][ T29] audit: type=1804 audit(4294967362.343:39): pid=19116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.6276" name="/newroot/sys/kernel/tracing/trace_marker_raw" dev="tracefs" ino=134 res=1 errno=0 [ 364.176434][T19133] dlm: non-version read from control device 0 [ 366.172551][ T29] audit: type=1800 audit(4294967364.876:40): pid=19201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6319" name="lu_gp_id" dev="configfs" ino=50157 res=0 errno=0 [ 366.199402][T19201] kstrtoul() returned -22 for lu_gp_id [ 367.610083][T19270] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 368.183630][T19295] cougar: G6 mapped to F18 [ 369.560523][T19365] kAFS: Invalid Command on /proc/fs/afs/cells file [ 373.052420][T19519] bond0: option lp_interval: invalid value () [ 373.062638][T19519] bond0: option lp_interval: allowed values 1 - 2147483647 [ 373.242949][T19527] queue_state_write: unsupported operation '' [ 373.249704][T19527] queue_state_write: use 'run', 'start' or 'kick' [ 374.403661][T19585] nvme_fcloop: unknown parameter or missing value '-' [ 374.430578][T19587] cifs: Unknown parameter '#ʑC ˀH/R{<' [ 374.437020][T19590] kAFS: No cell specified [ 375.915645][ T29] audit: type=1800 audit(4294967374.666:41): pid=19668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6548" name="features" dev="configfs" ino=51185 res=0 errno=0 [ 376.938481][T19720] Process accounting resumed [ 377.524870][T19742] Process accounting resumed [ 377.647587][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.657129][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.291753][T19772] Process accounting resumed [ 379.795578][T19831] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 382.200848][T19942] queue_state_write: operation too long [ 382.207384][T19942] queue_state_write: use 'run', 'start' or 'kick' [ 383.287330][ T29] audit: type=1400 audit(4294967382.075:42): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=19999 comm="syz.5.6713" [ 384.651760][T20067] delete_channel: no stack [ 384.776090][T20076] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 385.585727][T20115] syz.4.6769 (20115): drop_caches: 0 [ 391.019740][ T258] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.183038][ T258] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.335572][ T258] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.495760][ T258] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.831985][ T258] bridge_slave_1: left allmulticast mode [ 391.837692][ T258] bridge_slave_1: left promiscuous mode [ 391.871601][ T258] bridge0: port 2(bridge_slave_1) entered disabled state [ 391.889990][ T258] bridge_slave_0: left allmulticast mode [ 391.905842][ T258] bridge_slave_0: left promiscuous mode [ 391.921468][ T258] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.086143][ T6311] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 392.111346][ T6311] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 392.121706][ T6311] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 392.137650][ T6311] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 392.145412][ T6311] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 392.152824][ T6311] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 393.224299][ T258] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 393.284609][ T258] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 393.295766][ T258] bond0 (unregistering): Released all slaves [ 394.044230][ T258] hsr_slave_0: left promiscuous mode [ 394.071191][ T258] hsr_slave_1: left promiscuous mode [ 394.109579][ T258] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 394.119616][ T258] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 394.152806][ T258] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.164247][ T258] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 394.199027][ T6308] Bluetooth: hci0: command tx timeout [ 394.317219][ T258] veth1_macvtap: left promiscuous mode [ 394.350018][ T258] veth0_macvtap: left promiscuous mode [ 394.376231][ T258] veth1_vlan: left promiscuous mode [ 394.396383][ T258] veth0_vlan: left promiscuous mode [ 396.269370][ T6308] Bluetooth: hci0: command tx timeout [ 396.288902][ T258] team0 (unregistering): Port device team_slave_1 removed [ 396.364837][ T258] team0 (unregistering): Port device team_slave_0 removed [ 396.913005][T20510] rtc_cmos 00:00: Alarms can be up to one day in the future [ 397.772710][T20336] chnl_net:caif_netlink_parms(): no params data found [ 397.859478][T20536] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 398.130072][T20549] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 398.189527][T20336] bridge0: port 1(bridge_slave_0) entered blocking state [ 398.203426][T20336] bridge0: port 1(bridge_slave_0) entered disabled state [ 398.226392][T20336] bridge_slave_0: entered allmulticast mode [ 398.256592][T20336] bridge_slave_0: entered promiscuous mode [ 398.287840][T20336] bridge0: port 2(bridge_slave_1) entered blocking state [ 398.311801][T20336] bridge0: port 2(bridge_slave_1) entered disabled state [ 398.311971][T20336] bridge_slave_1: entered allmulticast mode [ 398.313068][T20336] bridge_slave_1: entered promiscuous mode [ 398.343644][ T6308] Bluetooth: hci0: command tx timeout [ 398.569527][T20336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 398.626412][T20336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 398.923943][T20336] team0: Port device team_slave_0 added [ 398.943012][T20336] team0: Port device team_slave_1 added [ 399.112454][T20336] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 399.132025][T20336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 399.157988][ C0] vkms_vblank_simulate: vblank timer overrun [ 399.179454][T20336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 399.192242][T20336] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 399.199303][T20336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 399.225179][ C0] vkms_vblank_simulate: vblank timer overrun [ 399.262684][T20336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 399.389554][T20336] hsr_slave_0: entered promiscuous mode [ 399.413646][T20336] hsr_slave_1: entered promiscuous mode [ 399.442538][T20336] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 399.450439][T20336] Cannot create hsr debugfs directory [ 399.733988][T20610] afs: Unknown parameter 'P4' [ 400.016722][T20336] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 400.024897][T20336] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 400.034607][T20336] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 400.047336][T20336] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 400.265165][T20336] 8021q: adding VLAN 0 to HW filter on device bond0 [ 400.335804][T20336] 8021q: adding VLAN 0 to HW filter on device team0 [ 400.400394][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.407565][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 400.408915][ T6308] Bluetooth: hci0: command tx timeout [ 400.465722][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.472912][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 400.553092][T20336] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 400.606254][T20336] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 401.039751][T20336] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 401.611202][T20336] veth0_vlan: entered promiscuous mode [ 401.660954][T20336] veth1_vlan: entered promiscuous mode [ 401.718737][T20336] veth0_macvtap: entered promiscuous mode [ 401.758804][T20336] veth1_macvtap: entered promiscuous mode [ 401.812746][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 401.828491][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.840371][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 401.853594][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.888946][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 401.918075][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.939989][T20336] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 401.994631][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.021499][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.041775][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.075186][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.127797][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.147675][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.160657][T20336] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 402.189661][T20336] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.207373][T20336] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.248318][T20336] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.267051][T20336] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.509050][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.549950][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 402.668515][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.710441][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 404.303367][T20819] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 407.900358][T20994] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 408.450885][T21025] netlink: 'syz.1.7147': attribute type 1 has an invalid length. [ 409.049484][T21053] openvswitch: netlink: Key type 29 is not supported [ 411.237726][T21147] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 411.817120][T21173] netlink: 'syz.1.7216': attribute type 1 has an invalid length. [ 412.195463][T21187] netlink: 'syz.4.7222': attribute type 1 has an invalid length. [ 412.732275][T21209] netlink: Conntrack attr type has unexpected length (type=0, length=3, expected=0) [ 413.270956][T21222] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 414.453641][T21257] kafs: addr_prefs: Invalid Command [ 415.109538][T21277] HSR: entered promiscuous mode [ 415.884036][T21303] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7270'. [ 417.252064][T21336] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 417.957423][T21361] nbd: must specify a device to reconfigure [ 420.020451][T21445] nbd: must specify a device to reconfigure [ 420.266676][T21453] Process accounting resumed [ 420.863535][T21481] batman_adv: Routing algorithm '' is not supported [ 422.125726][T21531] netlink: 346 bytes leftover after parsing attributes in process `syz.6.7340'. [ 422.147193][T21532] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 422.558127][T21550] netlink: 'syz.1.7345': attribute type 1 has an invalid length. [ 423.341511][T21579] openvswitch: netlink: Flow key attribute not present in set flow. [ 423.754282][T21596] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 424.199303][T21614] CIFS: VFS: Invalid SecurityFlags: [ 425.446864][T21654] netlink: 'syz.4.7376': attribute type 1 has an invalid length. [ 426.008625][T21673] netlink: 'syz.4.7385': attribute type 1 has an invalid length. [ 426.860313][T21692] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 428.427334][T21743] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 428.769713][T21752] openvswitch: netlink: Message has 4 unknown bytes. [ 428.969201][T21758] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 429.641188][T21782] netlink: set zone limit has 4 unknown bytes                                                                                                                                                                                                                                                                                                                                                                                                                                                    [ 454.898845][T22726] sctp: [Deprecated]: syz.4.7866 (pid 22726) Use of int in max_burst socket option deprecated. [ 454.898845][T22726] Use struct sctp_assoc_value instead [ 455.302983][T22739] openvswitch: netlink: Missing valid actions attribute. [ 455.757508][T22755] openvswitch: netlink: nsh attr 160 is out of range max 3 [ 458.638414][T22863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7925'. [ 458.842918][T22871] program syz.1.7929 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 463.171305][T23007] nbd: couldn't find device at index 33904 [ 465.260815][T23072] MTRR 1 not used [ 466.081708][T23104] ptrace attach of "./syz-executor exec"[6312] was attempted by "./syz-executor exec"[23104] [ 466.282340][T23110] nl80211: entered promiscuous mode [ 468.557099][ T3495] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.749611][ T3495] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.885274][T23197] netlink: 168 bytes leftover after parsing attributes in process `syz.4.8075'. [ 468.902296][ T3495] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.222831][ T3495] bridge_slave_1: left allmulticast mode [ 469.228516][ T3495] bridge_slave_1: left promiscuous mode [ 469.285894][ T3495] bridge0: port 2(bridge_slave_1) entered disabled state [ 469.336986][ T3495] bridge_slave_0: left allmulticast mode [ 469.359694][ T3495] bridge_slave_0: left promiscuous mode [ 469.367740][ T3495] bridge0: port 1(bridge_slave_0) entered disabled state [ 469.397453][ T6308] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 469.408689][ T6308] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 469.419769][ T6308] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 469.428560][ T6308] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 469.442986][ T6308] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 469.452185][ T6308] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 469.775181][T23226] openvswitch: netlink: Key 23 has unexpected len 16 expected 2 [ 469.987556][T23232] netlink: 'syz.6.8088': attribute type 1 has an invalid length. [ 470.209009][ T3495] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 470.220936][ T3495] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 470.235068][ T3495] bond0 (unregistering): Released all slaves [ 470.938987][T23214] chnl_net:caif_netlink_parms(): no params data found [ 471.337862][T23214] bridge0: port 1(bridge_slave_0) entered blocking state [ 471.345003][T23214] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.417809][T23214] bridge_slave_0: entered allmulticast mode [ 471.425884][T23214] bridge_slave_0: entered promiscuous mode [ 471.482151][T23214] bridge0: port 2(bridge_slave_1) entered blocking state [ 471.484329][ T6308] Bluetooth: hci1: command tx timeout [ 471.506999][T23214] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.537077][T23214] bridge_slave_1: entered allmulticast mode [ 471.544150][T23214] bridge_slave_1: entered promiscuous mode [ 471.764316][T23214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.818911][T23214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 472.069135][T23214] team0: Port device team_slave_0 added [ 472.135560][T23214] team0: Port device team_slave_1 added [ 472.251490][T23214] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.265407][T23214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.301380][T23214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.386096][ T3495] hsr_slave_0: left promiscuous mode [ 472.413244][ T3495] hsr_slave_1: left promiscuous mode [ 472.433816][ T3495] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 472.441273][ T3495] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 472.467190][ T3495] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 472.499015][ T3495] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 472.573515][ T3495] veth1_macvtap: left promiscuous mode [ 472.579105][ T3495] veth0_macvtap: left promiscuous mode [ 472.616479][ T3495] veth1_vlan: left promiscuous mode [ 472.638565][ T3495] veth0_vlan: left promiscuous mode [ 473.547119][ T6308] Bluetooth: hci1: command tx timeout [ 473.703666][ T3495] team0 (unregistering): Port device team_slave_1 removed [ 473.802173][ T3495] team0 (unregistering): Port device team_slave_0 removed [ 473.858216][T23363] netlink: 'syz.1.8137': attribute type 1 has an invalid length. [ 473.891146][T23364] openvswitch: netlink: Flow actions attr not present in new flow. [ 474.420808][T23214] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 474.439955][T23214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 474.466707][T23214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 474.540148][T23368] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 474.561958][T23368] CPU: 0 UID: 0 PID: 23368 Comm: syz.4.8139 Tainted: G U 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 474.561998][T23368] Tainted: [U]=USER [ 474.562007][T23368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 474.562021][T23368] Call Trace: [ 474.562028][T23368] [ 474.562038][T23368] dump_stack_lvl+0x16c/0x1f0 [ 474.562078][T23368] sysfs_warn_dup+0x7f/0xa0 [ 474.562113][T23368] sysfs_do_create_link_sd+0x124/0x140 [ 474.562148][T23368] sysfs_create_link+0x61/0xc0 [ 474.562181][T23368] device_add+0x62e/0x1a70 [ 474.562217][T23368] ? __pfx_device_add+0x10/0x10 [ 474.562248][T23368] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 474.562281][T23368] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 474.562315][T23368] wiphy_register+0x1c7a/0x2860 [ 474.562344][T23368] ? netdev_run_todo+0x877/0x1320 [ 474.562380][T23368] ? __pfx_wiphy_register+0x10/0x10 [ 474.562430][T23368] ieee80211_register_hw+0x23ff/0x3ff0 [ 474.562473][T23368] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 474.562499][T23368] ? net_generic+0xea/0x2a0 [ 474.562540][T23368] ? lockdep_init_map_type+0x16d/0x7d0 [ 474.562574][T23368] ? rcu_is_watching+0x12/0xc0 [ 474.562607][T23368] ? trace_hrtimer_init+0x1a6/0x230 [ 474.562635][T23368] ? __hrtimer_init+0x106/0x2c0 [ 474.562667][T23368] mac80211_hwsim_new_radio+0x2c47/0x56d0 [ 474.562726][T23368] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 474.562787][T23368] hwsim_new_radio_nl+0xb42/0x12b0 [ 474.562828][T23368] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 474.562877][T23368] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 474.562916][T23368] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 474.562961][T23368] genl_family_rcv_msg_doit+0x202/0x2f0 [ 474.562999][T23368] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 474.563034][T23368] ? trace_cap_capable+0x1a2/0x210 [ 474.563080][T23368] ? bpf_lsm_capable+0x9/0x10 [ 474.563111][T23368] ? security_capable+0x7e/0x260 [ 474.563146][T23368] ? ns_capable+0xd7/0x110 [ 474.563177][T23368] genl_rcv_msg+0x565/0x800 [ 474.563204][T23368] ? __pfx_genl_rcv_msg+0x10/0x10 [ 474.563228][T23368] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 474.563276][T23368] netlink_rcv_skb+0x165/0x410 [ 474.563309][T23368] ? __pfx_genl_rcv_msg+0x10/0x10 [ 474.563335][T23368] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 474.563384][T23368] ? down_read+0xc9/0x330 [ 474.563408][T23368] ? __pfx_down_read+0x10/0x10 [ 474.563433][T23368] ? netlink_deliver_tap+0x1ae/0xca0 [ 474.563469][T23368] genl_rcv+0x28/0x40 [ 474.563503][T23368] netlink_unicast+0x53c/0x7f0 [ 474.563541][T23368] ? __pfx_netlink_unicast+0x10/0x10 [ 474.563575][T23368] ? __phys_addr_symbol+0x30/0x80 [ 474.563609][T23368] ? __check_object_size+0x488/0x710 [ 474.563644][T23368] netlink_sendmsg+0x8b8/0xd70 [ 474.563682][T23368] ? __pfx_netlink_sendmsg+0x10/0x10 [ 474.563730][T23368] ____sys_sendmsg+0x9ae/0xb40 [ 474.563771][T23368] ? copy_msghdr_from_user+0x10b/0x160 [ 474.563798][T23368] ? __pfx_____sys_sendmsg+0x10/0x10 [ 474.563846][T23368] ___sys_sendmsg+0x135/0x1e0 [ 474.563874][T23368] ? __pfx____sys_sendmsg+0x10/0x10 [ 474.563917][T23368] ? __pfx_lock_release+0x10/0x10 [ 474.563944][T23368] ? trace_lock_acquire+0x14e/0x1f0 [ 474.563981][T23368] ? __fget_files+0x206/0x3a0 [ 474.564015][T23368] __sys_sendmsg+0x16e/0x220 [ 474.564040][T23368] ? __pfx___sys_sendmsg+0x10/0x10 [ 474.564065][T23368] ? __x64_sys_futex+0x1e1/0x4c0 [ 474.564112][T23368] do_syscall_64+0xcd/0x250 [ 474.564138][T23368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.564169][T23368] RIP: 0033:0x7fc58978cde9 [ 474.564187][T23368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 474.564211][T23368] RSP: 002b:00007fc58a6a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 474.564234][T23368] RAX: ffffffffffffffda RBX: 00007fc5899a5fa0 RCX: 00007fc58978cde9 [ 474.564249][T23368] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 474.564263][T23368] RBP: 00007fc58980e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 474.564277][T23368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.564290][T23368] R13: 0000000000000000 R14: 00007fc5899a5fa0 R15: 00007ffc274defa8 [ 474.564323][T23368] [ 475.083928][T23214] hsr_slave_0: entered promiscuous mode [ 475.090650][T23214] hsr_slave_1: entered promiscuous mode [ 475.417081][T23214] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 475.449139][T23214] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 475.487107][T23214] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 475.525645][T23214] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 475.615736][ T6308] Bluetooth: hci1: command tx timeout [ 475.799514][T23214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 475.850730][T23214] 8021q: adding VLAN 0 to HW filter on device team0 [ 475.925048][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.932220][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.988767][T21951] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.995965][T21951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 476.196054][T23421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8156'. [ 476.509742][T23214] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 477.062983][T23463] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8165'. [ 477.163336][T23214] veth0_vlan: entered promiscuous mode [ 477.229082][T23214] veth1_vlan: entered promiscuous mode [ 477.292185][T23214] veth0_macvtap: entered promiscuous mode [ 477.315048][T23214] veth1_macvtap: entered promiscuous mode [ 477.377915][T23214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.414551][T23214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.441129][T23214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.462287][T23214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.510647][T23214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.531330][T23214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.559018][T23214] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 477.601043][T23214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.624143][T23214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.651970][T23214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.684868][ T6308] Bluetooth: hci1: command tx timeout [ 477.688828][T23214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.719448][T23214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.765322][T23214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.787777][ T29] audit: type=1107 audit(4294967309.645:44): pid=23487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 477.795816][T23214] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 477.863209][T23214] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.890147][T23214] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.909195][T23214] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.934538][T23214] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.970080][T23494] netlink: 'syz.6.8178': attribute type 1 has an invalid length. [ 478.155248][ T3495] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.202276][ T3495] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.286553][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.304829][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 479.185787][T23538] svc: failed to register nfsdv3 RPC service (errno 111). [ 479.211046][T23538] svc: failed to register nfsaclv3 RPC service (errno 111). [ 484.256794][T23738] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 484.275626][T23738] CPU: 1 UID: 0 PID: 23738 Comm: syz.1.8251 Tainted: G U 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 484.275665][T23738] Tainted: [U]=USER [ 484.275674][T23738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 484.275688][T23738] Call Trace: [ 484.275696][T23738] [ 484.275705][T23738] dump_stack_lvl+0x16c/0x1f0 [ 484.275748][T23738] sysfs_warn_dup+0x7f/0xa0 [ 484.275783][T23738] sysfs_do_create_link_sd+0x124/0x140 [ 484.275822][T23738] sysfs_create_link+0x61/0xc0 [ 484.275857][T23738] device_add+0x62e/0x1a70 [ 484.275892][T23738] ? __pfx_device_add+0x10/0x10 [ 484.275923][T23738] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 484.275958][T23738] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 484.275993][T23738] wiphy_register+0x1c7a/0x2860 [ 484.276023][T23738] ? netdev_run_todo+0x877/0x1320 [ 484.276059][T23738] ? __pfx_wiphy_register+0x10/0x10 [ 484.276118][T23738] ieee80211_register_hw+0x23ff/0x3ff0 [ 484.276163][T23738] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 484.276192][T23738] ? net_generic+0xea/0x2a0 [ 484.276228][T23738] ? lockdep_init_map_type+0x16d/0x7d0 [ 484.276260][T23738] ? rcu_is_watching+0x12/0xc0 [ 484.276297][T23738] ? trace_hrtimer_init+0x1a6/0x230 [ 484.276325][T23738] ? __hrtimer_init+0x106/0x2c0 [ 484.276358][T23738] mac80211_hwsim_new_radio+0x2c47/0x56d0 [ 484.276421][T23738] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 484.276470][T23738] hwsim_new_radio_nl+0xb42/0x12b0 [ 484.276509][T23738] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 484.276558][T23738] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 484.276595][T23738] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 484.276641][T23738] genl_family_rcv_msg_doit+0x202/0x2f0 [ 484.276680][T23738] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 484.276716][T23738] ? trace_cap_capable+0x1a2/0x210 [ 484.276760][T23738] ? bpf_lsm_capable+0x9/0x10 [ 484.276791][T23738] ? security_capable+0x7e/0x260 [ 484.276825][T23738] ? ns_capable+0xd7/0x110 [ 484.276858][T23738] genl_rcv_msg+0x565/0x800 [ 484.276885][T23738] ? __pfx_genl_rcv_msg+0x10/0x10 [ 484.276909][T23738] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 484.276958][T23738] netlink_rcv_skb+0x165/0x410 [ 484.276992][T23738] ? __pfx_genl_rcv_msg+0x10/0x10 [ 484.277018][T23738] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 484.277067][T23738] ? down_read+0xc9/0x330 [ 484.277091][T23738] ? __pfx_down_read+0x10/0x10 [ 484.277124][T23738] ? netlink_deliver_tap+0x1ae/0xca0 [ 484.277164][T23738] genl_rcv+0x28/0x40 [ 484.277198][T23738] netlink_unicast+0x53c/0x7f0 [ 484.277237][T23738] ? __pfx_netlink_unicast+0x10/0x10 [ 484.277272][T23738] ? __phys_addr_symbol+0x30/0x80 [ 484.277308][T23738] ? __check_object_size+0x488/0x710 [ 484.277343][T23738] netlink_sendmsg+0x8b8/0xd70 [ 484.277382][T23738] ? __pfx_netlink_sendmsg+0x10/0x10 [ 484.277430][T23738] ____sys_sendmsg+0x9ae/0xb40 [ 484.277461][T23738] ? copy_msghdr_from_user+0x10b/0x160 [ 484.277487][T23738] ? __pfx_____sys_sendmsg+0x10/0x10 [ 484.277537][T23738] ___sys_sendmsg+0x135/0x1e0 [ 484.277565][T23738] ? __pfx____sys_sendmsg+0x10/0x10 [ 484.277605][T23738] ? __pfx_lock_release+0x10/0x10 [ 484.277633][T23738] ? trace_lock_acquire+0x14e/0x1f0 [ 484.277670][T23738] ? __fget_files+0x206/0x3a0 [ 484.277706][T23738] __sys_sendmsg+0x16e/0x220 [ 484.277732][T23738] ? __pfx___sys_sendmsg+0x10/0x10 [ 484.277756][T23738] ? __x64_sys_futex+0x1e1/0x4c0 [ 484.277805][T23738] do_syscall_64+0xcd/0x250 [ 484.277830][T23738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.277861][T23738] RIP: 0033:0x7fb92398cde9 [ 484.277881][T23738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.277905][T23738] RSP: 002b:00007fb924703038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 484.277929][T23738] RAX: ffffffffffffffda RBX: 00007fb923ba5fa0 RCX: 00007fb92398cde9 [ 484.277945][T23738] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 484.277961][T23738] RBP: 00007fb923a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 484.277975][T23738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.277988][T23738] R13: 0000000000000000 R14: 00007fb923ba5fa0 R15: 00007ffeee87e0c8 [ 484.278022][T23738] [ 485.153487][T23752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8256'. [ 488.497025][T23843] openvswitch: netlink: IPv4 tunnel dst address is zero [ 489.715312][T23884] ima: policy update failed [ 489.720025][ T29] audit: type=1802 audit(4294967321.637:45): pid=23884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.7.8309" res=0 errno=0 [ 492.575973][T23967] netlink: 'syz.1.8341': attribute type 2 has an invalid length. [ 494.634694][T24036] MTRR 1 not used [ 495.343199][T24064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8380'. [ 495.433896][T24072] sd 0:0:1:0: PR command failed: 1026 [ 495.439368][T24072] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 495.478234][T24072] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 499.842720][T24276] nbd: illegal input index -33554433 [ 499.893050][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.899628][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.088022][T24282] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 500.378522][T24293] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8450'. [ 501.171841][T24332] netlink: 'syz.1.8461': attribute type 1 has an invalid length. [ 502.347805][T24388] netlink: 'syz.7.8482': attribute type 2 has an invalid length. [ 503.261960][T24426] netlink: 5 bytes leftover after parsing attributes in process `syz.7.8508'. [ 504.779325][T24489] openvswitch: netlink: Multiple metadata blocks provided [ 506.171373][T24542] unsupported nla_type 32969 [ 506.538720][T24555] netlink: 'syz.4.8558': attribute type 11 has an invalid length. [ 506.662177][T24558] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 506.999990][T24575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 509.281026][T24681] : entered promiscuous mode [ 509.792338][T24704] openvswitch: netlink: Duplicate or invalid key (type 0). [ 512.461956][T24813] netlink: Unknown conntrack attr (type=146, max=9) [ 575.522213][ T29] audit: type=1804 audit(4294967347.832:46): pid=27284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.9807" name="/newroot/2031/file0" dev="tmpfs" ino=10217 res=1 errno=0 [ 575.579605][ T29] audit: type=1800 audit(4294967347.832:47): pid=27284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.9807" name="file0" dev="tmpfs" ino=10217 res=0 errno=0 [ 576.031862][ T3435] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 576.158899][T27293] netlink: 'syz.7.9813': attribute type 1 has an invalid length. [ 576.267552][ T3435] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 576.467494][ T3435] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 576.596632][ T3435] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 576.704374][ T6311] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 576.742852][ T6311] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 576.753776][ T6311] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 576.766568][ T6311] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 576.774671][ T6311] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 576.781976][ T6311] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 576.806363][T27310] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 577.026934][ T3435] bridge_slave_1: left allmulticast mode [ 577.042639][ T3435] bridge_slave_1: left promiscuous mode [ 577.060195][ T3435] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.085166][ T3435] bridge_slave_0: left allmulticast mode [ 577.091325][ T3435] bridge_slave_0: left promiscuous mode [ 577.107409][ T3435] bridge0: port 1(bridge_slave_0) entered disabled state [ 577.532213][T27332] openvswitch: netlink: Flow key attr not present in new flow. [ 577.639487][ T3435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 577.651129][ T3435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 577.662502][ T3435] bond0 (unregistering): Released all slaves [ 577.766379][ T3435] HSR: left promiscuous mode [ 577.875132][ T3435] : left promiscuous mode [ 578.072663][T27307] chnl_net:caif_netlink_parms(): no params data found [ 578.513090][T27307] bridge0: port 1(bridge_slave_0) entered blocking state [ 578.553084][T27307] bridge0: port 1(bridge_slave_0) entered disabled state [ 578.564147][T27307] bridge_slave_0: entered allmulticast mode [ 578.585412][T27307] bridge_slave_0: entered promiscuous mode [ 578.657238][T27307] bridge0: port 2(bridge_slave_1) entered blocking state [ 578.673492][T27307] bridge0: port 2(bridge_slave_1) entered disabled state [ 578.690512][T27307] bridge_slave_1: entered allmulticast mode [ 578.704653][T27307] bridge_slave_1: entered promiscuous mode [ 578.853617][ T6308] Bluetooth: hci3: command tx timeout [ 579.068261][T27307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 579.094668][T27392] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9849'. [ 579.099482][T27307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 579.317965][ T3435] hsr_slave_0: left promiscuous mode [ 579.325722][ T3435] hsr_slave_1: left promiscuous mode [ 579.336426][ T3435] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 579.344525][ T3435] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 579.363985][ T3435] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 579.376227][ T3435] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 579.410637][ T3435] veth1_macvtap: left promiscuous mode [ 579.416283][ T3435] veth0_macvtap: left promiscuous mode [ 579.423351][ T3435] veth1_vlan: left promiscuous mode [ 579.429216][ T3435] veth0_vlan: left promiscuous mode [ 580.037509][ T3435] team0 (unregistering): Port device team_slave_1 removed [ 580.083626][ T3435] team0 (unregistering): Port device team_slave_0 removed [ 580.529106][T27307] team0: Port device team_slave_0 added [ 580.635398][T27307] team0: Port device team_slave_1 added [ 580.748851][T27307] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 580.779138][T27307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 580.821659][T27422] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 580.823218][T27307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 580.828140][T27422] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 580.865901][T27307] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 580.892636][T27307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 580.922034][ T6308] Bluetooth: hci3: command tx timeout [ 580.989389][T27307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 581.161323][T27307] hsr_slave_0: entered promiscuous mode [ 581.199328][T27307] hsr_slave_1: entered promiscuous mode [ 581.220191][T27307] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 581.240150][T27307] Cannot create hsr debugfs directory [ 581.886432][T27307] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 581.912197][T27307] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 581.986473][T27307] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 581.987906][T27459] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9873'. [ 582.024539][T27307] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 582.299530][T27307] 8021q: adding VLAN 0 to HW filter on device bond0 [ 582.355261][T27307] 8021q: adding VLAN 0 to HW filter on device team0 [ 582.421066][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 582.428280][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 582.482504][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 582.489724][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 582.582533][T27307] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 582.991691][ T6308] Bluetooth: hci3: command tx timeout [ 583.020907][T27307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 583.629729][T27307] veth0_vlan: entered promiscuous mode [ 583.654355][T27307] veth1_vlan: entered promiscuous mode [ 583.734504][T27307] veth0_macvtap: entered promiscuous mode [ 583.781791][T27307] veth1_macvtap: entered promiscuous mode [ 583.836622][T27307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 583.872242][T27307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 583.887367][T27307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 583.899134][T27307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 583.926096][T27307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 583.966480][T27307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.011960][T27307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 584.038245][T27307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 584.085248][T27307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.095140][T27307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 584.148670][T27307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.194918][T27307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 584.231284][T27307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.271055][T27307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 584.324054][T27307] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.332816][T27307] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.371210][T27307] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.380592][T27307] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.610278][T21951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 584.630043][T21951] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 584.736802][ T3495] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 584.762880][ T3495] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 585.075592][ T6308] Bluetooth: hci3: command tx timeout [ 585.565653][T27607] netlink: 'syz.7.9917': attribute type 11 has an invalid length. [ 585.573796][T27607] netlink: 'syz.7.9917': attribute type 11 has an invalid length. [ 585.588229][T27607] netlink: 'syz.7.9917': attribute type 11 has an invalid length. [ 585.596098][T27607] netlink: 'syz.7.9917': attribute type 11 has an invalid length. [ 588.221206][T27729] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 590.140763][T27811] netlink: 'syz.6.9986': attribute type 1 has an invalid length. [ 591.447548][T27872] netlink: Unknown conntrack attr (0) [ 591.826539][T27887] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10018'. [ 592.674945][T27927] openvswitch: netlink: IPv6 tunnel dst address is zero [ 593.655584][ T6311] Bluetooth: hci1: command 0x0406 tx timeout [ 593.817887][T27977] netlink: 5 bytes leftover after parsing attributes in process `syz.7.10062'. [ 597.102862][ T29] audit: type=1800 audit(4294967304.098:48): pid=28125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.10126" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 598.741514][T28197] sctp: [Deprecated]: syz.8.10159 (pid 28197) Use of int in maxseg socket option. [ 598.741514][T28197] Use struct sctp_assoc_value instead [ 599.805359][T28248] netlink: 'syz.8.10177': attribute type 1 has an invalid length. [ 600.584487][T28283] CIFS mount error: No usable UNC path provided in device string! [ 600.584487][T28283] [ 600.611869][T28283] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 600.884328][T28298] openvswitch: netlink: IP tunnel TTL not specified. [ 602.931902][T28400] netlink: 'syz.4.10225': attribute type 2 has an invalid length. [ 603.511121][T28428] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 603.852762][T28446] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 604.350758][T28469] vivid-015: ================= START STATUS ================= [ 604.358550][T28469] vivid-015: Interlaced VBI Format: false [ 604.427600][T28469] vivid-015: ================== END STATUS ================== [ 605.100529][T28505] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 605.906672][ T6308] Bluetooth: hci1: unexpected event 0x14 length: 18 > 6 [ 606.241509][T28558] sd 0:0:1:0: PR command failed: 1026 [ 606.270166][T28558] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 606.323769][T28558] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 608.097045][T28638] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10307'. [ 608.246862][T28640] svc: failed to register nfsdv3 RPC service (errno 111). [ 608.264117][T28640] svc: failed to register nfsaclv3 RPC service (errno 111). [ 608.581262][T28651] nbd: must specify a size in bytes for the device [ 609.365600][T28688] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10330'. [ 609.891468][T28707] bridge0: port 3(vlan1) entered blocking state [ 609.898332][T28707] bridge0: port 3(vlan1) entered disabled state [ 609.956417][T28707] vlan1: entered allmulticast mode [ 609.981073][T28707] veth0_vlan: entered allmulticast mode [ 609.988495][T28707] vlan1: entered promiscuous mode [ 610.021361][T28707] bridge0: port 3(vlan1) entered blocking state [ 610.028237][T28707] bridge0: port 3(vlan1) entered forwarding state [ 611.635332][T28777] bridge0: port 3(gretap0) entered blocking state [ 611.656174][T28777] bridge0: port 3(gretap0) entered disabled state [ 611.671885][T28777] gretap0: entered allmulticast mode [ 611.710729][T28777] gretap0: entered promiscuous mode [ 611.742774][T28777] bridge0: port 3(gretap0) entered blocking state [ 611.749372][T28777] bridge0: port 3(gretap0) entered forwarding state [ 612.507163][T28811] netlink: 186 bytes leftover after parsing attributes in process `syz.4.10388'. [ 613.479346][T28846] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input44 [ 613.833180][T28854] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10407'. [ 614.825192][T28892] device-mapper: ioctl: device name cannot contain '/' [ 617.241057][ T6308] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 617.241098][ T6308] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 617.255922][ T6308] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 617.256038][ T6308] Bluetooth: hci3: Malformed LE Event: 0x0d [ 617.881503][T28998] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input45 [ 620.531915][T29055] program syz.7.10498 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 622.151179][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 622.160548][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.143670][T29147] netlink: 334 bytes leftover after parsing attributes in process `syz.7.10529'. [ 625.656169][T29182] netlink: 28 bytes leftover after parsing attributes in process `syz.6.10545'. [ 629.571644][T29273] netlink: 334 bytes leftover after parsing attributes in process `syz.6.10583'. [ 631.022001][T29313] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10596'. [ 633.045924][T29361] sctp: [Deprecated]: syz.6.10619 (pid 29361) Use of struct sctp_assoc_value in delayed_ack socket option. [ 633.045924][T29361] Use struct sctp_sack_info instead [ 634.094820][T29391] Setting dangerous option i915.mitigations - tainting kernel [ 637.865751][T29481] netlink: 350 bytes leftover after parsing attributes in process `syz.6.10669'. [ 638.185118][T29488] bridge0: port 4(netdevsim2) entered blocking state [ 638.206700][T29488] bridge0: port 4(netdevsim2) entered disabled state [ 638.225168][T29488] netdevsim netdevsim8 netdevsim2: entered allmulticast mode [ 638.244535][T29488] netdevsim netdevsim8 netdevsim2: entered promiscuous mode [ 638.260989][T29488] bridge0: port 4(netdevsim2) entered blocking state [ 638.267857][T29488] bridge0: port 4(netdevsim2) entered forwarding state [ 638.496780][ T6308] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 641.513131][T29584] netlink: 8 bytes leftover after parsing attributes in process `syz.7.10712'. [ 643.215081][T29624] sctp: [Deprecated]: syz.6.10730 (pid 29624) Use of struct sctp_assoc_value in delayed_ack socket option. [ 643.215081][T29624] Use struct sctp_sack_info instead [ 645.285942][ T29] audit: type=1800 audit(4294967352.550:49): pid=29682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.10756" name="discovery_nqn" dev="configfs" ino=86445 res=0 errno=0 [ 646.798330][T29713] openvswitch: HfR: Dropping previously announced user features [ 647.536028][T29733] nvme_fabrics: missing parameter 'transport=%s' [ 647.553280][T29733] nvme_fabrics: missing parameter 'nqn=%s' [ 649.326954][T29775] netlink: 24 bytes leftover after parsing attributes in process `syz.8.10793'. [ 650.707873][ T29] audit: type=1807 audit(4294967358.001:50): UNKNOWN= [ 650.708202][ T29] audit: type=1802 audit(4294967358.001:51): pid=29814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.7.10810" res=0 errno=0 [ 650.832279][T29813] ima: policy update failed [ 650.965010][ T29] audit: type=1802 audit(4294967358.142:52): pid=29813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.7.10810" res=0 errno=0 [ 651.470154][T29838] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10818'. [ 652.467008][T29871] bridge0: port 3(team0) entered blocking state [ 652.499210][T29871] bridge0: port 3(team0) entered disabled state [ 652.505673][T29871] team0: entered allmulticast mode [ 652.542508][T29871] team_slave_0: entered allmulticast mode [ 652.562714][T29871] team_slave_1: entered allmulticast mode [ 652.594951][T29871] team0: entered promiscuous mode [ 652.638224][T29871] team_slave_0: entered promiscuous mode [ 652.661052][T29871] team_slave_1: entered promiscuous mode [ 652.684583][T29871] bridge0: port 3(team0) entered blocking state [ 652.691176][T29871] bridge0: port 3(team0) entered forwarding state [ 653.337148][T29894] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 655.761632][T29993] bridge0: port 5(ipvlan1) entered blocking state [ 655.768149][T29993] bridge0: port 5(ipvlan1) entered disabled state [ 655.787554][T29993] ipvlan1: entered allmulticast mode [ 655.824075][T29993] ipvlan1: left allmulticast mode [ 659.787073][T30092] IPVS: length: 150994944 != 2818572296 [ 659.946961][T30098] [U] [ 659.950032][T30098] [U] [ 659.952750][T30098] [U] [ 659.955466][T30098] [U] [ 660.020463][T30098] [U] [ 660.023240][T30098] [U] [ 660.026055][T30098] [U] [ 660.028772][T30098] [U] [ 660.038203][T30098] [U] [ 660.054354][T30098] [U] c`蟽!ꪛJ{y%GGc_,ٿ".0k`B99Qbh7\hI*K4G+ =.pXTg|nN/|!iu(;7oRNm ˝ [ 660.110252][T30098] [U] Nʳ,lKR8EWSor8ގ$ [ 660.129490][T30098] [U] >K [ 660.132758][T30098] [U] zǡ=>'YTI-<޴TOH!HS g+OaA4z [ 660.160071][T30098] [U] `*GqC+f [ 660.169241][T30098] [U] 5Xu)n%H{̧u,ԍ [ 660.209349][T30098] [U] {^DPsp{(9uYp [ 660.220051][T30098] [U] L$xOu|P5Cy=ES|K#sjj3+hMikM̬9>Y`kZ0K˹?MմV0we2pT]4؆q}rN~ Ppb~!&B|9os`}WXD6֧ѤȥvhDG0eBe2w^F [ 660.294425][T30098] [U] oI(S=\_tUq3*}ω8&Z ;B@qT4f>{Qt_beII^Y" [ 660.315692][T30098] [U] ?~&!z}~bד?iE|q]fۅ&]$rldhp]~QX`+_P!93 :/2" ?rSWW [ 660.334545][T30098] [U] LRJ [ 660.345417][T30098] [U] mDrO?no*O`M)ƴw/tz%^sZl=ڸgzEz [ 660.365459][T30098] [U] 2Wk}7iZ3J6zzά0?ܦ |K0@. Fې™ƞa]fhIܐn}@9'୥>>-gGgJL ?;쵊T0찚@>I٤ɉgD%RӁRCZ? o6=0wY1Lxs&}Exu`CImeYm-2 [J_ [ 660.980722][T30098] [U] `'dƺpkUh)#ˡ{&4,~o@9ƚ~zy` [ 660.988756][T30098] [U] Y?;.ns$5p [ 661.011848][T30098] [U] HŦD‚m4όRA [ 661.016748][T30098] [U] Uxn헶||Jϵ݇PUP9ɯʼn=[9l̨w&)Ғ1"ܜ?ꉧCL׶E2-U(#SNh 9YBJm NY>L@6Bu67(sƌ9b_B~*.\x@H2pbbc3J|i6>G"]9!eFP/b9 [ 661.075095][T30098] [U] 'pw7U\0#!L28V\Hѹo/bc2m}1Y%!ӄ.]#tH[)KRGܽE[`,IcL6-tzWWqɳrqFhLnUECY [ 661.094433][T30098] [U] )IO"TQ?*&M['Y7p?'o]Rn [ 661.104089][T30098] [U] 1FT=CJZT;ETwӢd [ 661.109406][T30098] [U] 2fOFo|}G`E7륵UO#dqEЏG::^b!*N|+q،mm i8V$w5т̏n(8E̥U`c,ugJiaK1? |yfAx^=5UrΩi]N [ 661.133737][T30098] [U] zfUOPH&o]S0xKru(4j FPK˓P62{#|]fM݀gC .SLAUNhͩ3uevq}*^DŽVu:8mM\x0b âC>%B\x0c\x224k5d\x0c\x0c\x22]2\x0d)aYM9644xã7n1yc}^O\x07v{`h4ọ\x0b`Y\x07bځw̦a{M[fddd7;=\x07=o(:.MS\x5c_%\x5c\x0a@B^.;(\x0aP(\x0dS.,\x22.=:W,}t*&_B`^ylƀ\x0bfh?\x0bf̪L\x5c\x09vB h0IsYo81va AC6An_';Jb\x22=ЧQR\x09\x09n^e.Cctɳ},gKqSB3`v3[bzxI)6p+'h1 As ^݇\x0c9ƒ(g=Sٻ7$\x09pQ}&LZeOa!::J\x5c{!o&<0a҉^\x09QGl.=-mr_<5<ϐqZ[b\x07e>qT:>:%; \x0dG]\x0cF\x07NiةΪ=dV¤WKKiGo$g\x1b3L\x07[IRg?LgCSP [ 678.725420][T30632] netlink: 'syz.4.11146': attribute type 1 has an invalid length. [ 679.673268][T30635] GUP no longer grows the stack in syz.6.11148 (30635): 14000-401000 (4000) [ 679.717069][T30635] CPU: 0 UID: 0 PID: 30635 Comm: syz.6.11148 Tainted: G U 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 679.717113][T30635] Tainted: [U]=USER [ 679.717121][T30635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 679.717137][T30635] Call Trace: [ 679.717144][T30635] [ 679.717154][T30635] dump_stack_lvl+0x16c/0x1f0 [ 679.717197][T30635] gup_vma_lookup+0x1d2/0x220 [ 679.717238][T30635] __get_user_pages+0x236/0x36f0 [ 679.717272][T30635] ? hlock_class+0x4e/0x130 [ 679.717305][T30635] ? __lock_acquire+0x15a9/0x3c40 [ 679.717333][T30635] ? __pfx___get_user_pages+0x10/0x10 [ 679.717371][T30635] __gup_longterm_locked+0x212/0x1870 [ 679.717398][T30635] ? __pfx___lock_acquire+0x10/0x10 [ 679.717431][T30635] ? __pfx___gup_longterm_locked+0x10/0x10 [ 679.717459][T30635] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 679.717488][T30635] ? rwsem_read_trylock+0x12d/0x250 [ 679.717520][T30635] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 679.717552][T30635] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 679.717588][T30635] pin_user_pages_remote+0xee/0x150 [ 679.717617][T30635] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 679.717642][T30635] ? down_read+0xc9/0x330 [ 679.717677][T30635] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 679.717715][T30635] ? futex_wait_queue+0x101/0x1f0 [ 679.717751][T30635] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 679.717810][T30635] process_vm_rw+0x301/0x360 [ 679.717840][T30635] ? __pfx_process_vm_rw+0x10/0x10 [ 679.717875][T30635] ? lock_acquire.part.0+0x11b/0x380 [ 679.717901][T30635] ? find_held_lock+0x2d/0x110 [ 679.717956][T30635] ? xfd_validate_state+0x5d/0x180 [ 679.717986][T30635] ? rcu_is_watching+0x12/0xc0 [ 679.718019][T30635] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 679.718051][T30635] ? do_syscall_64+0x91/0x250 [ 679.718086][T30635] ? lockdep_hardirqs_on+0x7c/0x110 [ 679.718121][T30635] do_syscall_64+0xcd/0x250 [ 679.718147][T30635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.718180][T30635] RIP: 0033:0x7f2b3d38cde9 [ 679.718200][T30635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 679.718223][T30635] RSP: 002b:00007f2b3e164038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 679.718248][T30635] RAX: ffffffffffffffda RBX: 00007f2b3d5a5fa0 RCX: 00007f2b3d38cde9 [ 679.718264][T30635] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 00000000000008bc [ 679.718280][T30635] RBP: 00007f2b3d40e2a0 R08: 0000000000000003 R09: 0000000000000000 [ 679.718296][T30635] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 679.718310][T30635] R13: 0000000000000000 R14: 00007f2b3d5a5fa0 R15: 00007ffe5dd8e018 [ 679.718342][T30635] [ 679.989403][T30662] netlink: 'syz.7.11159': attribute type 1 has an invalid length. [ 683.237371][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 683.243874][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.924843][T30842] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 687.133225][T30879] device-mapper: ioctl: Unable to rename non-existent device, to [ 691.105871][T30999] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 691.194295][T31001] futex_wake_op: syz.6.11303 tries to shift op by 64; fix this program [ 691.681889][T31022] netlink: 342 bytes leftover after parsing attributes in process `syz.6.11312'. [ 692.160544][T31041] hugetlbfs: syz.7.11318 (31041): Using mlock ulimits for SHM_HUGETLB is obsolete [ 692.521935][ T6308] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 692.588360][T31057] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input48 [ 699.065174][T31217] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input49 [ 700.578429][ T6308] Bluetooth: hci3: command 0x0406 tx timeout [ 700.790061][T31276] netlink: 338 bytes leftover after parsing attributes in process `syz.8.11416'. [ 703.428321][T31353] netlink: 334 bytes leftover after parsing attributes in process `syz.4.11450'. [ 708.748736][ T3495] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.848591][ T3495] bridge0: port 4(netdevsim2) entered disabled state [ 708.902618][ T3495] netdevsim netdevsim8 netdevsim2 (unregistering): left allmulticast mode [ 708.927719][ T3495] netdevsim netdevsim8 netdevsim2 (unregistering): left promiscuous mode [ 708.939662][ T3495] bridge0: port 4(netdevsim2) entered disabled state [ 708.967441][ T3495] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.115399][ T3495] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.242172][ T3495] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.586036][ T6308] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 709.601713][ T6308] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 709.611323][ T6308] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 709.626638][ T6308] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 709.626785][ T3495] vlan1: left allmulticast mode [ 709.642354][ T6308] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 709.660526][ T6308] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 709.687874][ T3495] veth0_vlan: left allmulticast mode [ 709.694411][ T3495] vlan1: left promiscuous mode [ 709.699557][ T3495] bridge0: port 3(vlan1) entered disabled state [ 709.728108][ T3495] bridge_slave_1: left allmulticast mode [ 709.737507][ T3495] bridge_slave_1: left promiscuous mode [ 709.772253][ T3495] bridge0: port 2(bridge_slave_1) entered disabled state [ 709.823997][ T3495] bridge_slave_0: left allmulticast mode [ 709.829687][ T3495] bridge_slave_0: left promiscuous mode [ 709.859073][ T3495] bridge0: port 1(bridge_slave_0) entered disabled state [ 710.639677][ T3495] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 710.655647][ T3495] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 710.672668][ T3495] bond0 (unregistering): Released all slaves [ 711.403589][ T3495] hsr_slave_0: left promiscuous mode [ 711.410420][ T3495] hsr_slave_1: left promiscuous mode [ 711.425633][ T3495] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 711.463865][ T3495] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 711.492167][ T3495] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 711.534808][ T3495] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 711.562455][T31644] block nbd0: Unsupported socket: shutdown callout must be supported. [ 711.580737][ T3495] veth1_macvtap: left promiscuous mode [ 711.604726][ T3495] veth0_macvtap: left promiscuous mode [ 711.618378][ T3495] veth1_vlan: left promiscuous mode [ 711.623967][ T3495] veth0_vlan: left promiscuous mode [ 711.711609][ T6308] Bluetooth: hci3: command tx timeout [ 712.967174][ T3495] team0 (unregistering): Port device team_slave_1 removed [ 713.134342][T31688] netlink: 'syz.4.11584': attribute type 2 has an invalid length. [ 713.146093][ T3495] team0 (unregistering): Port device team_slave_0 removed [ 713.781681][ T6308] Bluetooth: hci3: command tx timeout [ 714.146806][T31567] chnl_net:caif_netlink_parms(): no params data found [ 714.313366][T31720] netlink: 346 bytes leftover after parsing attributes in process `syz.4.11597'. [ 714.553132][T31567] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.582999][T31567] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.632979][T31567] bridge_slave_0: entered allmulticast mode [ 714.671460][T31567] bridge_slave_0: entered promiscuous mode [ 714.697716][T31567] bridge0: port 2(bridge_slave_1) entered blocking state [ 714.722871][T31567] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.756290][T31567] bridge_slave_1: entered allmulticast mode [ 714.777539][T31567] bridge_slave_1: entered promiscuous mode [ 714.944011][T31567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 714.965736][T31567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 715.106100][T31567] team0: Port device team_slave_0 added [ 715.124309][T31567] team0: Port device team_slave_1 added [ 715.283192][T31567] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 715.290189][T31567] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 715.361789][T31567] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 715.407427][T31567] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 715.415995][T31567] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 715.485654][T31567] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 715.653888][T31567] hsr_slave_0: entered promiscuous mode [ 715.678667][T31567] hsr_slave_1: entered promiscuous mode [ 715.695752][T31567] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 715.727629][T31567] Cannot create hsr debugfs directory [ 715.848149][ T6308] Bluetooth: hci3: command tx timeout [ 716.239448][T31567] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 716.276875][T31567] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 716.302012][T31567] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 716.331185][T31567] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 716.543518][T31567] 8021q: adding VLAN 0 to HW filter on device bond0 [ 716.593206][T31567] 8021q: adding VLAN 0 to HW filter on device team0 [ 716.619885][ T3495] bridge0: port 1(bridge_slave_0) entered blocking state [ 716.627069][ T3495] bridge0: port 1(bridge_slave_0) entered forwarding state [ 716.652766][T31810] zero sized request [ 716.675134][ T3495] bridge0: port 2(bridge_slave_1) entered blocking state [ 716.682253][ T3495] bridge0: port 2(bridge_slave_1) entered forwarding state [ 716.698792][T31810] zero sized request [ 716.737925][T31567] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 716.782349][T31567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 717.176194][T31567] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 717.772780][T31567] veth0_vlan: entered promiscuous mode [ 717.821217][T31567] veth1_vlan: entered promiscuous mode [ 717.903094][T31567] veth0_macvtap: entered promiscuous mode [ 717.918565][ T6308] Bluetooth: hci3: command tx timeout [ 717.934313][T31567] veth1_macvtap: entered promiscuous mode [ 717.968140][T31567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.978798][T31567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.989548][T31567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 718.015603][T31567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.028204][T31567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 718.050816][T31567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.086321][T31567] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 718.127927][T31567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 718.162321][T31567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.182180][T31567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 718.193318][T31567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.208934][T31567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 718.219907][T31567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.243547][T31567] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 718.273504][T31567] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.294808][T31567] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.303561][T31567] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.339240][T31567] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.538651][ T3495] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 718.574727][ T3495] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 718.631031][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 718.669320][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 722.604122][T32069] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11696'. [ 722.908007][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 726.183295][T32183] rtc_cmos 00:00: Alarms can be up to one day in the future [ 726.764430][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 726.782227][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 726.796718][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 726.804259][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 726.831163][ T47] rtc rtc0: __rtc_set_alarm: err=-22 [ 728.730500][T32284] sctp: [Deprecated]: syz.7.11781 (pid 32284) Use of int in maxseg socket option. [ 728.730500][T32284] Use struct sctp_assoc_value instead [ 729.471335][T32314] ptrace attach of "./syz-executor exec"[20336] was attempted by "./syz-executor exec"[32314] [ 729.611887][ T6308] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 729.611926][ T6308] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 729.627215][ T6308] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 729.627334][ T6308] Bluetooth: hci0: Malformed LE Event: 0x0d [ 729.676482][T32323] Process accounting resumed [ 729.819595][T32327] bridge0: port 4(syz_tun) entered blocking state [ 729.828402][T32327] bridge0: port 4(syz_tun) entered disabled state [ 729.835008][T32327] syz_tun: entered allmulticast mode [ 729.863459][T32327] syz_tun: entered promiscuous mode [ 729.875175][T32327] bridge0: port 4(syz_tun) entered blocking state [ 729.881767][T32327] bridge0: port 4(syz_tun) entered forwarding state [ 730.822719][ T6308] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 730.822757][ T6308] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 730.837664][ T6308] Bluetooth: hci3: adv larger than maximum supported [ 730.837723][ T6308] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 730.846649][ T6308] Bluetooth: hci3: Unknown advertising packet type: 0x36 [ 730.860152][ T6308] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 730.867313][ T6308] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 730.874666][ T6308] Bluetooth: hci3: Unknown advertising packet type: 0x32 [ 730.881733][ T6308] Bluetooth: hci3: Unknown advertising packet type: 0x32 [ 733.764754][ T29] audit: type=1326 audit(4294967441.524:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32476 comm="syz.6.11846" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2b3d38cde9 code=0x0 [ 735.665133][ T6308] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 735.665178][ T6308] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 735.697845][ T6308] Bluetooth: hci1: adv larger than maximum supported [ 735.697918][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 735.705365][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x37 [ 735.712498][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 735.719653][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 735.726809][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 735.733871][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 736.165819][T32574] vivid-003: ================= START STATUS ================= [ 736.219634][T32574] vivid-003: Radio HW Seek Mode: Bounded [ 736.241755][T32574] vivid-003: Radio Programmable HW Seek: false [ 736.247999][T32574] vivid-003: RDS Rx I/O Mode: Block I/O [ 736.291250][T32574] vivid-003: Generate RBDS Instead of RDS: false [ 736.297743][T32574] vivid-003: RDS Reception: true [ 736.333841][T32574] vivid-003: RDS Program Type: 0 inactive [ 736.339647][T32574] vivid-003: RDS PS Name: inactive [ 736.388625][T32574] vivid-003: RDS Radio Text: inactive [ 736.398670][T32574] vivid-003: RDS Traffic Announcement: false inactive [ 736.425557][T32574] vivid-003: RDS Traffic Program: false inactive [ 736.446077][T32574] vivid-003: RDS Music: false inactive [ 736.466293][T32574] vivid-003: ================== END STATUS ================== [ 736.988741][T32607] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11881'. [ 738.533597][T32665] Invalid ELF header magic: != ELF [ 738.849400][ T6308] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 738.849438][ T6308] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 738.864387][ T6308] Bluetooth: hci2: adv larger than maximum supported [ 738.864416][ T6308] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 738.871544][ T6308] Bluetooth: hci2: Unknown advertising packet type: 0x37 [ 739.301685][T32696] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 739.374954][T32696] svc: failed to register nfsdv3 RPC service (errno 111). [ 739.405249][T32696] svc: failed to register nfsaclv3 RPC service (errno 111). [ 740.394299][ T6308] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 740.394338][ T6308] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 741.402447][T32755] nbd: nbd7 already in use [ 742.361516][ T6308] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 742.361568][ T6308] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 742.376515][ T6308] bt_err_ratelimited: 11 callbacks suppressed [ 742.376533][ T6308] Bluetooth: hci1: adv larger than maximum supported [ 742.382901][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 742.390096][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x37 [ 742.397546][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 742.404619][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 742.411806][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 742.419099][ T6308] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 743.889308][ T356] bridge0: port 3(bond0) entered blocking state [ 743.917756][ T356] bridge0: port 3(bond0) entered disabled state [ 743.934051][ T356] bond0: entered allmulticast mode [ 743.948326][ T356] bond_slave_0: entered allmulticast mode [ 743.964262][ T356] bond_slave_1: entered allmulticast mode [ 743.989891][ T356] bond0: entered promiscuous mode [ 744.005133][ T356] bond_slave_0: entered promiscuous mode [ 744.017530][ T356] bond_slave_1: entered promiscuous mode [ 744.034845][ T356] bridge0: port 3(bond0) entered blocking state [ 744.042764][ T356] bridge0: port 3(bond0) entered forwarding state [ 744.263604][ T363] netlink: 'syz.7.11963': attribute type 11 has an invalid length. [ 744.331190][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 744.337649][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 745.189017][ T380] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 1 [ 750.369514][ T6311] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 750.381556][ T6311] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 750.392570][ T6311] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 750.411291][ T6311] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 750.419715][ T258] bridge_slave_0: left allmulticast mode [ 750.426657][ T6311] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 750.438717][ T258] bridge_slave_0: left promiscuous mode [ 750.455474][ T258] bridge0: port 1(bridge_slave_0) entered disabled state [ 750.712977][ T554] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 751.301029][ T561] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12045'. [ 751.353151][ T258] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 751.364855][ T258] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 751.389260][ T258] bond0 (unregistering): Released all slaves [ 751.420596][ T548] netlink: 346 bytes leftover after parsing attributes in process `syz.9.12039'. [ 751.566089][ T258] nl80211: left promiscuous mode [ 751.796277][ T545] chnl_net:caif_netlink_parms(): no params data found [ 752.155889][ T545] bridge0: port 1(bridge_slave_0) entered blocking state [ 752.184297][ T545] bridge0: port 1(bridge_slave_0) entered disabled state [ 752.213126][ T545] bridge_slave_0: entered allmulticast mode [ 752.229250][ T545] bridge_slave_0: entered promiscuous mode [ 752.277522][ T545] bridge0: port 2(bridge_slave_1) entered blocking state [ 752.295192][ T545] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.312305][ T545] bridge_slave_1: entered allmulticast mode [ 752.329071][ T545] bridge_slave_1: entered promiscuous mode [ 752.529894][ T6311] Bluetooth: hci0: command tx timeout [ 752.577893][ T545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 752.629835][ T545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 752.848191][ T545] team0: Port device team_slave_0 added [ 752.880374][ T545] team0: Port device team_slave_1 added [ 752.958271][ T607] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 752.969638][ T607] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 752.981669][ T545] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 752.988944][ T545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 753.045853][ T545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 753.121438][ T545] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 753.143557][ T545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 753.191312][ T616] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12058'. [ 753.211493][ T545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 753.376766][ T545] hsr_slave_0: entered promiscuous mode [ 753.402102][ T545] hsr_slave_1: entered promiscuous mode [ 753.414409][ T545] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 753.442537][ T545] Cannot create hsr debugfs directory [ 754.587145][ T6311] Bluetooth: hci0: command tx timeout [ 754.614015][ T258] hsr_slave_0: left promiscuous mode [ 754.656797][ T258] hsr_slave_1: left promiscuous mode [ 754.676836][ T258] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 754.703286][ T258] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 754.786713][ T258] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 754.794184][ T258] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 755.011626][ T258] veth1_macvtap: left promiscuous mode [ 755.035516][ T258] veth0_macvtap: left promiscuous mode [ 755.041159][ T258] veth1_vlan: left promiscuous mode [ 755.077999][ T258] veth0_vlan: left promiscuous mode [ 755.591457][ T29] audit: type=1800 audit(4294967463.479:55): pid=688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.12079" name="dbroot" dev="configfs" ino=99458 res=0 errno=0 [ 756.270784][ T258] team0 (unregistering): Port device team_slave_1 removed [ 756.324791][ T258] team0 (unregistering): Port device team_slave_0 removed [ 756.665449][ T6311] Bluetooth: hci0: command tx timeout [ 758.627234][ T545] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 758.686833][ T545] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 758.726124][ T545] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 758.735339][ T6311] Bluetooth: hci0: command tx timeout [ 758.787490][ T545] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 759.013268][ T545] 8021q: adding VLAN 0 to HW filter on device bond0 [ 759.061045][ T545] 8021q: adding VLAN 0 to HW filter on device team0 [ 759.109379][ T3435] bridge0: port 1(bridge_slave_0) entered blocking state [ 759.116557][ T3435] bridge0: port 1(bridge_slave_0) entered forwarding state [ 759.142276][ T766] netlink: 206 bytes leftover after parsing attributes in process `syz.9.12100'. [ 759.177526][ T3495] bridge0: port 2(bridge_slave_1) entered blocking state [ 759.184761][ T3495] bridge0: port 2(bridge_slave_1) entered forwarding state [ 759.610524][ T545] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 759.690868][ T545] veth0_vlan: entered promiscuous mode [ 759.725236][ T545] veth1_vlan: entered promiscuous mode [ 759.786719][ T545] veth0_macvtap: entered promiscuous mode [ 759.824605][ T545] veth1_macvtap: entered promiscuous mode [ 759.865803][ T545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.898109][ T545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.926777][ T545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.961399][ T545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.976415][ T545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.997272][ T545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 760.027295][ T545] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 760.068297][ T545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 760.095804][ T545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 760.110831][ T545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 760.145510][ T545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 760.167183][ T545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 760.195153][ T545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 760.230889][ T545] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 760.276983][ T545] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 760.295505][ T545] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 760.304319][ T545] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 760.334347][ T545] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 760.516468][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 760.534796][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 760.591319][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 760.623843][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 765.363904][ T988] sd 0:0:1:0: PR command failed: 1026 [ 765.397805][ T988] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 765.429047][ T988] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 767.203589][ T1077] bridge0: port 3(hsr0) entered blocking state [ 767.227529][ T1077] bridge0: port 3(hsr0) entered disabled state [ 767.261635][ T1077] hsr0: entered allmulticast mode [ 767.297130][ T1077] hsr_slave_0: entered allmulticast mode [ 767.313972][ T1077] hsr_slave_1: entered allmulticast mode [ 767.363031][ T1077] hsr0: entered promiscuous mode [ 767.374812][ T1077] bridge0: port 3(hsr0) entered blocking state [ 767.381144][ T1077] bridge0: port 3(hsr0) entered forwarding state [ 769.506729][ T1154] [U] [ 769.509494][ T1154] [U] [ 769.512224][ T1154] [U] [ 769.514945][ T1154] [U] [ 769.604637][ T1154] [U] [ 769.607403][ T1154] [U] [ 769.610129][ T1154] [U] [ 769.612878][ T1154] [U] [ 769.648585][ T1154] [U] [ 769.651353][ T1154] [U] [ 769.654085][ T1154] [U] [ 769.656811][ T1154] [U] [ 769.726173][ T1141] [U] [ 774.218239][ T1324] netlink: 'syz.4.12234': attribute type 1 has an invalid length. [ 774.298383][ T1324] netlink: 206 bytes leftover after parsing attributes in process `syz.4.12234'. [ 778.049042][ T1488] sg_read: process 5693 (syz.4.12280) changed security contexts after opening file descriptor, this is not allowed. [ 778.556426][ T1515] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12287'. [ 781.206413][ T1626] syz.3.12319 (1626): /proc/1625/oom_adj is deprecated, please use /proc/1625/oom_score_adj instead. [ 784.993496][ T29] audit: type=1800 audit(4294967493.046:56): pid=1786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.12358" name="file0" dev="tmpfs" ino=771 res=0 errno=0 [ 785.074589][ T29] audit: type=1800 audit(4294967493.046:57): pid=1786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.12358" name="file0" dev="tmpfs" ino=771 res=0 errno=0 [ 785.583240][T23745] smpboot: CPU 1 is now offline [ 787.185109][ T1860] block2mtd: error: cannot open device 0 [ 788.211767][ T1891] sd 0:0:1:0: PR command failed: 1026 [ 788.244902][ T1891] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 788.292082][ T1891] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 788.307460][ T6311] Bluetooth: hci0: unexpected subevent 0x0a length: 124 > 30 [ 788.852105][ T1911] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12392'. [ 788.861607][ T1911] bridge0: port 4(syz_tun) entered disabled state [ 788.868179][ T1911] bridge0: port 3(gretap0) entered disabled state [ 788.874725][ T1911] bridge0: port 2(bridge_slave_1) entered disabled state [ 788.881842][ T1911] bridge0: port 1(bridge_slave_0) entered disabled state [ 789.047599][ T1911] bridge0: entered promiscuous mode [ 789.118547][ T1911] bridge0: entered allmulticast mode [ 789.513449][ T1924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12396'. [ 789.565358][ T1924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12396'. [ 791.063392][ T1979] netlink: 85 bytes leftover after parsing attributes in process `syz.3.12413'. [ 794.892137][ T2080] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12452'. [ 794.946258][ T2080] bridge0: port 3(hsr0) entered disabled state [ 794.952567][ T2080] bridge0: port 2(bridge_slave_1) entered disabled state [ 794.961368][ T2080] bridge0: port 1(bridge_slave_0) entered disabled state [ 795.076932][ T2080] bridge0: entered promiscuous mode [ 795.113533][ T2080] bridge0: entered allmulticast mode [ 798.939568][ T2163] ubi0: attaching mtd0 [ 798.979165][ T2163] ubi0: scanning is finished [ 798.983823][ T2163] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 799.302903][ T2163] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 801.374873][ T2232] program syz.3.12498 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 802.096654][ T2244] netlink: 342 bytes leftover after parsing attributes in process `syz.9.12501'. [ 805.421372][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 805.421428][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 811.514955][ T2416] nbd0: detected capacity change from 0 to 68719476736 [ 811.641134][ T642] block nbd0: Send control failed (result -22) [ 811.685483][ T642] block nbd0: Request send failed, requeueing [ 811.742859][ T1898] block nbd0: Receive control failed (result -32) [ 811.770795][ T42] block nbd0: Dead connection, failed to find a fallback [ 811.778288][ T42] block nbd0: shutting down sockets [ 811.784498][ T42] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 811.794530][ T42] Buffer I/O error on dev nbd0, logical block 0, async page read [ 811.820968][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 811.868267][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 811.916543][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 811.989920][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 811.997779][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 812.084428][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 812.143092][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 812.220453][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 812.228319][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 812.311737][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 812.370584][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 812.421288][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 812.462468][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 812.526899][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 812.589226][ T642] ldm_validate_partition_table(): Disk read failed. [ 812.596243][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 812.668856][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 812.717950][ T642] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 812.775486][ T642] Buffer I/O error on dev nbd0, logical block 0, async page read [ 812.816329][ T642] Dev nbd0: unable to read RDB block 0 [ 812.858009][ T642] nbd0: unable to read partition table [ 812.922844][ T642] ldm_validate_partition_table(): Disk read failed. [ 812.994488][ T642] Dev nbd0: unable to read RDB block 0 [ 813.000276][ T642] nbd0: unable to read partition table [ 816.765833][ T2491] netlink: 186 bytes leftover after parsing attributes in process `syz.4.12576'. [ 824.382796][ T2662] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12629'. [ 825.528003][ T2694] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input52 [ 827.312140][ T2740] netlink: 100 bytes leftover after parsing attributes in process `syz.7.12654'. [ 829.950342][ T2821] lo: entered allmulticast mode [ 830.007956][ T2820] lo: left allmulticast mode [ 830.037897][ T2823] netlink: 350 bytes leftover after parsing attributes in process `syz.3.12683'. [ 832.339281][ T2903] netlink: 342 bytes leftover after parsing attributes in process `syz.7.12710'. [ 832.453075][ T2903] netlink: 342 bytes leftover after parsing attributes in process `syz.7.12710'. [ 832.852402][ T2922] ALUA LU Group already has a valid ID, ignoring request [ 832.945336][ T6308] Bluetooth: hci3: command 0x0406 tx timeout [ 834.002435][ T1898] Bluetooth: hci0: Malformed Event: 0x02 [ 835.602019][ T3001] nvme_fabrics: missing parameter 'transport=%s' [ 835.630892][ T3001] nvme_fabrics: missing parameter 'nqn=%s' [ 835.754267][ T3008] nvme_fabrics: missing parameter 'transport=%s' [ 835.781385][ T3008] nvme_fabrics: missing parameter 'nqn=%s' [ 837.759997][ T3067] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12782'. [ 838.383665][ T3078] could not allocate digest TFM handle [ 838.628500][ T3080] could not allocate digest TFM handle [ 840.302555][ T3144] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12812'. [ 841.202164][ T3173] zram0: detected capacity change from 0 to 8 [ 841.467330][ T3181] nvme_fabrics: missing parameter 'transport=%s' [ 841.497136][ T3181] nvme_fabrics: missing parameter 'nqn=%s' [ 841.564239][ T3187] kAFS: bad VL server IP address [ 841.610887][ T3190] nvme_fabrics: missing parameter 'transport=%s' [ 841.636006][ T3190] nvme_fabrics: missing parameter 'nqn=%s' [ 846.027678][ T3327] nbd: socks must be embedded in a SOCK_ITEM attr [ 846.064135][ T3327] block nbd1: shutting down sockets [ 846.173134][ T3331] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12890'. [ 846.219832][ T3331] macsec0: entered allmulticast mode [ 846.259479][ T3331] veth1_macvtap: entered allmulticast mode [ 846.268507][ T3333] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12891'. [ 846.313147][ T3333] netlink: 23 bytes leftover after parsing attributes in process `syz.3.12891'. [ 846.563299][ T3344] netlink: 342 bytes leftover after parsing attributes in process `syz.4.12896'. [ 848.279458][ T3403] Process accounting resumed [ 849.320899][ T3440] nbd: socks must be embedded in a SOCK_ITEM attr [ 849.383881][ T3440] block nbd1: shutting down sockets [ 850.948317][ T3480] svc: failed to register nfsdv3 RPC service (errno 111). [ 850.988204][ T3480] svc: failed to register nfsaclv3 RPC service (errno 111). [ 851.093590][ T3486] kafs: addr_prefs: Invalid Command [ 852.370907][ T3515] netlink: 350 bytes leftover after parsing attributes in process `syz.7.12962'. [ 852.476384][ T3526] netlink: 346 bytes leftover after parsing attributes in process `syz.4.12967'. [ 853.227003][ T3545] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12975'. [ 853.303709][ T3548] netlink: 342 bytes leftover after parsing attributes in process `syz.3.12976'. [ 853.543916][ T3554] netlink: 334 bytes leftover after parsing attributes in process `syz.3.12979'. [ 853.959737][ T3564] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12984'. [ 854.010293][ T3564] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 854.025052][ T3567] TCP: TCP_TX_DELAY enabled [ 854.403911][ T3578] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12990'. [ 856.770269][ T3646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13017'. [ 858.025136][ T3686] netlink: 28 bytes leftover after parsing attributes in process `syz.4.13034'. [ 858.068301][ T3686] macvlan1: entered allmulticast mode [ 858.094361][ T3686] veth1_vlan: entered allmulticast mode [ 860.068670][ T3725] input: f0?\hՐJL'$d)KLo1oN0ø.m)$cj@qwR=X as /devices/virtual/input/input53 [ 861.103674][ T3752] bridge0: port 4(veth0_to_bridge) entered blocking state [ 861.162527][ T3752] bridge0: port 4(veth0_to_bridge) entered disabled state [ 861.220951][ T3752] veth0_to_bridge: entered allmulticast mode [ 861.267979][ T3752] veth0_to_bridge: entered promiscuous mode [ 861.315667][ T3752] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 861.440873][ T3752] bridge0: port 4(veth0_to_bridge) entered blocking state [ 861.448117][ T3752] bridge0: port 4(veth0_to_bridge) entered forwarding state [ 861.559082][ T3756] nbd: socks must be embedded in a SOCK_ITEM attr [ 861.580015][ T3756] block nbd2: shutting down sockets [ 862.643979][ T3781] nbd: socks must be embedded in a SOCK_ITEM attr [ 862.759413][ T3781] block nbd2: shutting down sockets [ 866.514003][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 866.524513][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 869.065144][ T3894] nbd2: detected capacity change from 0 to 68719476736 [ 869.131891][ T642] block nbd2: Send control failed (result -22) [ 869.169824][ T642] block nbd2: Request send failed, requeueing [ 869.233979][ T42] block nbd2: Dead connection, failed to find a fallback [ 869.241152][ T42] block nbd2: shutting down sockets [ 869.246920][ T42] blk_print_req_error: 24 callbacks suppressed [ 869.246932][ T42] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.263031][ T42] buffer_io_error: 23 callbacks suppressed [ 869.263042][ T42] Buffer I/O error on dev nbd2, logical block 0, async page read [ 869.279666][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.343157][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 869.385703][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.438543][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 869.471350][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.508259][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 869.577828][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.641354][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 869.686120][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.750667][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 869.800671][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.851707][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 869.859556][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 869.951350][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 870.004188][ T642] ldm_validate_partition_table(): Disk read failed. [ 870.047548][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 870.099843][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 870.151156][ T642] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 870.205366][ T642] Buffer I/O error on dev nbd2, logical block 0, async page read [ 870.264452][ T642] Dev nbd2: unable to read RDB block 0 [ 870.307840][ T642] nbd2: unable to read partition table [ 870.355919][ T642] ldm_validate_partition_table(): Disk read failed. [ 870.390197][ T642] Dev nbd2: unable to read RDB block 0 [ 870.418926][ T642] nbd2: unable to read partition table [ 870.425608][ T642] [ 870.427926][ T642] ====================================================== [ 870.434922][ T642] WARNING: possible circular locking dependency detected [ 870.441918][ T642] 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 Tainted: G U [ 870.450479][ T642] ------------------------------------------------------ [ 870.457473][ T642] udevd/642 is trying to acquire lock: [ 870.462905][ T642] ffff888025ca65b8 (&q->q_usage_counter(io)#51){++++}-{0:0}, at: __submit_bio+0x3d1/0x690 [ 870.472815][ T642] [ 870.472815][ T642] but task is already holding lock: [ 870.480171][ T642] ffff888023b6d9c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 870.490952][ T642] [ 870.490952][ T642] which lock already depends on the new lock. [ 870.490952][ T642] [ 870.501364][ T642] [ 870.501364][ T642] the existing dependency chain (in reverse order) is: [ 870.510367][ T642] [ 870.510367][ T642] -> #6 (mapping.invalidate_lock#2){++++}-{4:4}: [ 870.518876][ T642] down_read+0x9a/0x330 [ 870.523539][ T642] filemap_fault+0x2e7/0x2ca0 [ 870.528721][ T642] __do_fault+0x10a/0x490 [ 870.533569][ T642] do_pte_missing+0xecf/0x3e10 [ 870.538845][ T642] __handle_mm_fault+0x1166/0x2c60 [ 870.544469][ T642] handle_mm_fault+0x3fa/0xaa0 [ 870.549755][ T642] __get_user_pages+0x773/0x36f0 [ 870.555200][ T642] populate_vma_page_range+0x27f/0x3a0 [ 870.561165][ T642] __mm_populate+0x1d6/0x380 [ 870.566263][ T642] vm_mmap_pgoff+0x2d3/0x3a0 [ 870.571355][ T642] ksys_mmap_pgoff+0x32c/0x5c0 [ 870.576620][ T642] __x64_sys_mmap+0x125/0x190 [ 870.581802][ T642] do_syscall_64+0xcd/0x250 [ 870.586816][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 870.593217][ T642] [ 870.593217][ T642] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 870.600754][ T642] __might_fault+0x11b/0x190 [ 870.605853][ T642] _copy_from_user+0x29/0xd0 [ 870.610953][ T642] csum_and_copy_from_iter_full+0x218/0x1eb0 [ 870.617443][ T642] ip_generic_getfrag+0x175/0x260 [ 870.622984][ T642] raw6_getfrag+0x1ed/0x270 [ 870.627999][ T642] __ip6_append_data.isra.0+0x3dca/0x4650 [ 870.634221][ T642] ip6_append_data+0x1e6/0x500 [ 870.639487][ T642] rawv6_sendmsg+0x15ce/0x4460 [ 870.644772][ T642] inet_sendmsg+0x119/0x140 [ 870.649782][ T642] ____sys_sendmsg+0x907/0xb40 [ 870.655052][ T642] ___sys_sendmsg+0x135/0x1e0 [ 870.660322][ T642] __sys_sendmsg+0x16e/0x220 [ 870.665427][ T642] do_syscall_64+0xcd/0x250 [ 870.670434][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 870.676833][ T642] [ 870.676833][ T642] -> #4 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 870.684540][ T642] lock_sock_nested+0x3a/0xf0 [ 870.689719][ T642] inet_autobind+0x1a/0x1a0 [ 870.694728][ T642] inet_send_prepare+0x317/0x530 [ 870.700177][ T642] inet_sendmsg+0x43/0x140 [ 870.705114][ T642] sock_sendmsg+0x324/0x410 [ 870.710124][ T642] __sock_xmit+0x1e8/0x4f0 [ 870.715062][ T642] nbd_send_cmd+0x8ec/0x1c90 [ 870.720151][ T642] nbd_queue_rq+0x941/0x1220 [ 870.725244][ T642] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 870.731300][ T642] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 870.738134][ T642] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 870.744622][ T642] blk_mq_run_hw_queue+0x239/0x670 [ 870.750237][ T642] blk_mq_flush_plug_list+0x673/0x1c60 [ 870.756210][ T642] __blk_flush_plug+0x2c5/0x4b0 [ 870.761568][ T642] __submit_bio+0x547/0x690 [ 870.766575][ T642] submit_bio_noacct_nocheck+0x698/0xd70 [ 870.772712][ T642] submit_bio_noacct+0x50d/0x1ec0 [ 870.778243][ T642] block_read_full_folio+0x812/0xa50 [ 870.784029][ T642] filemap_read_folio+0xc6/0x2a0 [ 870.789474][ T642] do_read_cache_folio+0x263/0x5c0 [ 870.795083][ T642] read_part_sector+0xd4/0x310 [ 870.800351][ T642] adfspart_check_ICS+0xa7/0x8c0 [ 870.805806][ T642] bdev_disk_changed+0x6c6/0x14e0 [ 870.811331][ T642] blkdev_get_whole+0x187/0x290 [ 870.816698][ T642] bdev_open+0x2c7/0xe20 [ 870.821447][ T642] blkdev_open+0x272/0x3f0 [ 870.826365][ T642] do_dentry_open+0x735/0x1c40 [ 870.831636][ T642] vfs_open+0x82/0x3f0 [ 870.836207][ T642] path_openat+0x1e88/0x2d80 [ 870.841300][ T642] do_filp_open+0x20c/0x470 [ 870.846317][ T642] do_sys_openat2+0x17a/0x1e0 [ 870.851510][ T642] __x64_sys_openat+0x175/0x210 [ 870.856869][ T642] do_syscall_64+0xcd/0x250 [ 870.861872][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 870.868272][ T642] [ 870.868272][ T642] -> #3 (&nsock->tx_lock){+.+.}-{4:4}: [ 870.875896][ T642] __mutex_lock+0x19b/0xb10 [ 870.880909][ T642] nbd_queue_rq+0x424/0x1220 [ 870.886001][ T642] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 870.892055][ T642] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 870.898887][ T642] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 870.905387][ T642] blk_mq_run_hw_queue+0x239/0x670 [ 870.911006][ T642] blk_mq_flush_plug_list+0x673/0x1c60 [ 870.916985][ T642] __blk_flush_plug+0x2c5/0x4b0 [ 870.922343][ T642] __submit_bio+0x547/0x690 [ 870.927353][ T642] submit_bio_noacct_nocheck+0x698/0xd70 [ 870.933494][ T642] submit_bio_noacct+0x50d/0x1ec0 [ 870.939037][ T642] block_read_full_folio+0x812/0xa50 [ 870.944824][ T642] filemap_read_folio+0xc6/0x2a0 [ 870.950274][ T642] do_read_cache_folio+0x263/0x5c0 [ 870.955888][ T642] read_part_sector+0xd4/0x310 [ 870.961162][ T642] adfspart_check_ICS+0xa7/0x8c0 [ 870.966601][ T642] bdev_disk_changed+0x6c6/0x14e0 [ 870.972130][ T642] blkdev_get_whole+0x187/0x290 [ 870.977491][ T642] bdev_open+0x2c7/0xe20 [ 870.982239][ T642] blkdev_open+0x272/0x3f0 [ 870.987159][ T642] do_dentry_open+0x735/0x1c40 [ 870.992424][ T642] vfs_open+0x82/0x3f0 [ 870.996996][ T642] path_openat+0x1e88/0x2d80 [ 871.002088][ T642] do_filp_open+0x20c/0x470 [ 871.007090][ T642] do_sys_openat2+0x17a/0x1e0 [ 871.012285][ T642] __x64_sys_openat+0x175/0x210 [ 871.017643][ T642] do_syscall_64+0xcd/0x250 [ 871.022645][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.029045][ T642] [ 871.029045][ T642] -> #2 (&cmd->lock){+.+.}-{4:4}: [ 871.036409][ T642] __mutex_lock+0x19b/0xb10 [ 871.041422][ T642] nbd_queue_rq+0xbe/0x1220 [ 871.046429][ T642] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 871.052505][ T642] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 871.059339][ T642] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 871.065821][ T642] blk_mq_run_hw_queue+0x239/0x670 [ 871.071440][ T642] blk_mq_flush_plug_list+0x673/0x1c60 [ 871.077416][ T642] __blk_flush_plug+0x2c5/0x4b0 [ 871.082774][ T642] __submit_bio+0x547/0x690 [ 871.087785][ T642] submit_bio_noacct_nocheck+0x698/0xd70 [ 871.093922][ T642] submit_bio_noacct+0x50d/0x1ec0 [ 871.099460][ T642] block_read_full_folio+0x812/0xa50 [ 871.105251][ T642] filemap_read_folio+0xc6/0x2a0 [ 871.110706][ T642] do_read_cache_folio+0x263/0x5c0 [ 871.116320][ T642] read_part_sector+0xd4/0x310 [ 871.121588][ T642] adfspart_check_ICS+0xa7/0x8c0 [ 871.127028][ T642] bdev_disk_changed+0x6c6/0x14e0 [ 871.132556][ T642] blkdev_get_whole+0x187/0x290 [ 871.137913][ T642] bdev_open+0x2c7/0xe20 [ 871.142662][ T642] blkdev_open+0x272/0x3f0 [ 871.147602][ T642] do_dentry_open+0x735/0x1c40 [ 871.152872][ T642] vfs_open+0x82/0x3f0 [ 871.157446][ T642] path_openat+0x1e88/0x2d80 [ 871.162541][ T642] do_filp_open+0x20c/0x470 [ 871.167560][ T642] do_sys_openat2+0x17a/0x1e0 [ 871.172741][ T642] __x64_sys_openat+0x175/0x210 [ 871.178100][ T642] do_syscall_64+0xcd/0x250 [ 871.183116][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.189537][ T642] [ 871.189537][ T642] -> #1 (set->srcu){.+.+}-{0:0}: [ 871.196637][ T642] __synchronize_srcu+0xa9/0x2a0 [ 871.202095][ T642] blk_mq_update_nr_requests+0x288/0x670 [ 871.208234][ T642] queue_requests_store+0x161/0x210 [ 871.213934][ T642] queue_attr_store+0x370/0x510 [ 871.219285][ T642] sysfs_kf_write+0x117/0x170 [ 871.224468][ T642] kernfs_fop_write_iter+0x33d/0x500 [ 871.230254][ T642] vfs_write+0x5ae/0x1150 [ 871.235086][ T642] ksys_write+0x12b/0x250 [ 871.239915][ T642] do_syscall_64+0xcd/0x250 [ 871.244916][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.251315][ T642] [ 871.251315][ T642] -> #0 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 871.259897][ T642] __lock_acquire+0x249e/0x3c40 [ 871.265270][ T642] lock_acquire.part.0+0x11b/0x380 [ 871.270886][ T642] blk_mq_submit_bio+0x20db/0x25f0 [ 871.276506][ T642] __submit_bio+0x3d1/0x690 [ 871.281529][ T642] submit_bio_noacct_nocheck+0x698/0xd70 [ 871.287684][ T642] submit_bio_noacct+0x50d/0x1ec0 [ 871.293229][ T642] mpage_readahead+0x41d/0x590 [ 871.298526][ T642] read_pages+0x1a7/0xc60 [ 871.303367][ T642] page_cache_ra_unbounded+0x426/0x7d0 [ 871.309337][ T642] force_page_cache_ra+0x24b/0x340 [ 871.314961][ T642] page_cache_sync_ra+0x158/0xa30 [ 871.320508][ T642] filemap_get_pages+0xb62/0x1c30 [ 871.326050][ T642] filemap_read+0x3c5/0xe70 [ 871.331063][ T642] blkdev_read_iter+0x187/0x4b0 [ 871.336427][ T642] vfs_read+0x886/0xbf0 [ 871.341092][ T642] ksys_read+0x12b/0x250 [ 871.345842][ T642] do_syscall_64+0xcd/0x250 [ 871.350851][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.357254][ T642] [ 871.357254][ T642] other info that might help us debug this: [ 871.357254][ T642] [ 871.367461][ T642] Chain exists of: [ 871.367461][ T642] &q->q_usage_counter(io)#51 --> &mm->mmap_lock --> mapping.invalidate_lock#2 [ 871.367461][ T642] [ 871.382221][ T642] Possible unsafe locking scenario: [ 871.382221][ T642] [ 871.389652][ T642] CPU0 CPU1 [ 871.395008][ T642] ---- ---- [ 871.400355][ T642] rlock(mapping.invalidate_lock#2); [ 871.405715][ T642] lock(&mm->mmap_lock); [ 871.412555][ T642] lock(mapping.invalidate_lock#2); [ 871.420351][ T642] rlock(&q->q_usage_counter(io)#51); [ 871.425804][ T642] [ 871.425804][ T642] *** DEADLOCK *** [ 871.425804][ T642] [ 871.433926][ T642] 1 lock held by udevd/642: [ 871.438410][ T642] #0: ffff888023b6d9c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 871.449624][ T642] [ 871.449624][ T642] stack backtrace: [ 871.455492][ T642] CPU: 0 UID: 0 PID: 642 Comm: udevd Tainted: G U 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 871.455511][ T642] Tainted: [U]=USER [ 871.455515][ T642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 871.455523][ T642] Call Trace: [ 871.455529][ T642] [ 871.455536][ T642] dump_stack_lvl+0x116/0x1f0 [ 871.455559][ T642] print_circular_bug+0x490/0x760 [ 871.455576][ T642] check_noncircular+0x31a/0x400 [ 871.455591][ T642] ? __pfx_check_noncircular+0x10/0x10 [ 871.455605][ T642] ? __kernel_text_address+0xd/0x40 [ 871.455620][ T642] ? unwind_get_return_address+0x59/0xa0 [ 871.455641][ T642] ? lockdep_lock+0xc6/0x200 [ 871.455660][ T642] ? __pfx_lockdep_lock+0x10/0x10 [ 871.455682][ T642] __lock_acquire+0x249e/0x3c40 [ 871.455699][ T642] ? __pfx___lock_acquire+0x10/0x10 [ 871.455714][ T642] ? hlock_class+0x4e/0x130 [ 871.455732][ T642] ? mark_lock+0xb5/0xc60 [ 871.455746][ T642] ? mark_lock+0xb5/0xc60 [ 871.455759][ T642] ? page_cache_ra_unbounded+0x426/0x7d0 [ 871.455777][ T642] ? page_cache_sync_ra+0x158/0xa30 [ 871.455796][ T642] lock_acquire.part.0+0x11b/0x380 [ 871.455812][ T642] ? __submit_bio+0x3d1/0x690 [ 871.455831][ T642] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 871.455847][ T642] ? rcu_is_watching+0x12/0xc0 [ 871.455867][ T642] ? trace_lock_acquire+0x14e/0x1f0 [ 871.455879][ T642] ? __submit_bio+0x3d1/0x690 [ 871.455897][ T642] ? lock_acquire+0x2f/0xb0 [ 871.455911][ T642] ? __submit_bio+0x3d1/0x690 [ 871.455929][ T642] blk_mq_submit_bio+0x20db/0x25f0 [ 871.455950][ T642] ? __submit_bio+0x3d1/0x690 [ 871.455969][ T642] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 871.455988][ T642] ? mark_lock+0xb5/0xc60 [ 871.456002][ T642] ? __pfx___lock_acquire+0x10/0x10 [ 871.456016][ T642] ? __pfx___lock_acquire+0x10/0x10 [ 871.456031][ T642] ? trace_lock_acquire+0x14e/0x1f0 [ 871.456042][ T642] ? __pfx_mark_lock+0x10/0x10 [ 871.456059][ T642] __submit_bio+0x3d1/0x690 [ 871.456078][ T642] ? __pfx___submit_bio+0x10/0x10 [ 871.456101][ T642] ? trace_lock_acquire+0x14e/0x1f0 [ 871.456116][ T642] ? submit_bio_noacct_nocheck+0x698/0xd70 [ 871.456135][ T642] submit_bio_noacct_nocheck+0x698/0xd70 [ 871.456155][ T642] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 871.456176][ T642] ? __pfx___might_resched+0x10/0x10 [ 871.456194][ T642] submit_bio_noacct+0x50d/0x1ec0 [ 871.456214][ T642] mpage_readahead+0x41d/0x590 [ 871.456232][ T642] ? __pfx_mpage_readahead+0x10/0x10 [ 871.456252][ T642] ? __pfx_blkdev_get_block+0x10/0x10 [ 871.456266][ T642] ? __folio_batch_add_and_move+0x5f3/0xc60 [ 871.456279][ T642] ? __pfx_lock_release+0x10/0x10 [ 871.456294][ T642] ? trace_lock_acquire+0x14e/0x1f0 [ 871.456305][ T642] ? __pfx_blkdev_readahead+0x10/0x10 [ 871.456318][ T642] read_pages+0x1a7/0xc60 [ 871.456335][ T642] ? __folio_batch_add_and_move+0x689/0xc60 [ 871.456349][ T642] ? __pfx_read_pages+0x10/0x10 [ 871.456371][ T642] page_cache_ra_unbounded+0x426/0x7d0 [ 871.456392][ T642] force_page_cache_ra+0x24b/0x340 [ 871.456412][ T642] page_cache_sync_ra+0x158/0xa30 [ 871.456431][ T642] ? __lock_acquire+0xcc5/0x3c40 [ 871.456446][ T642] filemap_get_pages+0xb62/0x1c30 [ 871.456461][ T642] ? __pfx_filemap_get_pages+0x10/0x10 [ 871.456475][ T642] ? __pfx___might_resched+0x10/0x10 [ 871.456493][ T642] filemap_read+0x3c5/0xe70 [ 871.456504][ T642] ? trace_lock_acquire+0x14e/0x1f0 [ 871.456519][ T642] ? __pfx_filemap_read+0x10/0x10 [ 871.456537][ T642] ? apparmor_file_permission+0x251/0x400 [ 871.456559][ T642] blkdev_read_iter+0x187/0x4b0 [ 871.456573][ T642] vfs_read+0x886/0xbf0 [ 871.456586][ T642] ? __pfx_vfs_read+0x10/0x10 [ 871.456599][ T642] ? blkdev_llseek+0x9b/0xd0 [ 871.456610][ T642] ? __pfx_lock_release+0x10/0x10 [ 871.456626][ T642] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 871.456645][ T642] ksys_read+0x12b/0x250 [ 871.456657][ T642] ? __pfx_ksys_read+0x10/0x10 [ 871.456671][ T642] do_syscall_64+0xcd/0x250 [ 871.456684][ T642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.456702][ T642] RIP: 0033:0x7fbcef38cb6a [ 871.456713][ T642] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 871.456726][ T642] RSP: 002b:00007ffd6d3af678 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 871.456738][ T642] RAX: ffffffffffffffda RBX: 00001fffffff0000 RCX: 00007fbcef38cb6a [ 871.456747][ T642] RDX: 0000000000000040 RSI: 000055c4fbc93828 RDI: 0000000000000009 [ 871.456755][ T642] RBP: 0000000000000040 R08: 000055c4fbc93800 R09: 0000000000000080 [ 871.456763][ T642] R10: 0000000000000015 R11: 0000000000000246 R12: 000055c4fbc93800 [ 871.456771][ T642] R13: 000055c4fbc93818 R14: 000055c4fbc97ad8 R15: 000055c4fbc97a80 [ 871.456782][ T642] [ 874.463928][ T1898] Bluetooth: hci0: command 0x0406 tx timeout