last executing test programs: 11m26.705657024s ago: executing program 2 (id=1266): process_vm_readv$auto(0xbd4, &(0x7f0000000040)={0x0}, 0x3ff, 0x0, 0x46, 0x0) 11m26.606005807s ago: executing program 2 (id=1270): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x9, 0x8, 0xc, 0x66b, 0x4, 0x7ff}, 0xee) 11m26.410875501s ago: executing program 2 (id=1274): mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)={0x100009, 0x10000d}, 0x283) 11m26.303651664s ago: executing program 2 (id=1276): pidfd_send_signal$auto(0xfffffffffffffff3, 0xe31, 0xfffffffffffffffd, 0x0) 11m26.089782028s ago: executing program 2 (id=1280): rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 11m25.652801649s ago: executing program 2 (id=1291): openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000000), 0x103000, 0x0) 11m25.346021103s ago: executing program 32 (id=1291): openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000000), 0x103000, 0x0) 10m46.790758338s ago: executing program 4 (id=2007): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x60641, 0x0) write$auto(0x3, 0x0, 0xfdef) 10m46.651716602s ago: executing program 4 (id=2010): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000000)='\"\x81=\xe2\xad\xff\xf1y\xb3\x1d]\n\xcf\xfa\xee@\"', 0x81) 10m46.488576013s ago: executing program 4 (id=2015): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x7fffffff, 0x5) 10m46.341021011s ago: executing program 4 (id=2019): mmap$auto(0x400000000000, 0x2000b, 0x0, 0xeb2, 0x401, 0x8000) setitimer$auto_ITIMER_PROF(0x2, &(0x7f0000001040)={{0xcf2d, 0x200000000000000}, {0x0, 0x2}}, 0x0) 10m46.19999423s ago: executing program 4 (id=2022): setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) tkill$auto(0x80000000000001, 0x7) 10m45.772620141s ago: executing program 4 (id=2028): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_frmr_depth\x00', 0x40302, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 10m45.495975911s ago: executing program 33 (id=2028): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_frmr_depth\x00', 0x40302, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 6m21.610993266s ago: executing program 5 (id=7269): r0 = socket(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20048810}, 0x4804) 6m21.439446955s ago: executing program 5 (id=7273): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x807ff0000000000, 0x0, 0x0) 6m21.297483549s ago: executing program 5 (id=7275): r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010029bd43a6ac90df250300000004000800140001800800028004001d80080003"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) 6m21.133477005s ago: executing program 5 (id=7278): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram3/queue/stable_writes\x00', 0x182, 0x0) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) ioctl$auto(r0, 0x1, r0) 6m20.938341006s ago: executing program 5 (id=7281): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 6m20.477797527s ago: executing program 5 (id=7289): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000001900), 0xffffffffffffffff) sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a40)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4041}, 0x4000000) 6m20.146045007s ago: executing program 34 (id=7289): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000001900), 0xffffffffffffffff) sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a40)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4041}, 0x4000000) 4.664762373s ago: executing program 1 (id=12778): mmap$auto(0x0, 0x20008, 0xdf, 0x9b72, 0x2, 0x8000) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x6}}, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x35}}, 0x401) r0 = gettid() rt_sigqueueinfo$auto(r0, 0x1, 0x0) 4.542099208s ago: executing program 1 (id=12780): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) getsockopt$auto(0x3, 0x200000000001, 0x19, 0x0, 0x0) 4.135331111s ago: executing program 1 (id=12786): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r0, 0x402, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0x80000) 3.943420921s ago: executing program 1 (id=12789): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0x2003f0, 0x15) prctl$auto_PR_SET_NAME(0xf, 0x5, 0x0, 0x8, 0xff) 2.166994604s ago: executing program 0 (id=12808): socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, 0x0, 0x6a) getrandom$auto(0x0, 0x6000000, 0x3) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) 2.013394753s ago: executing program 0 (id=12811): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r0 = socket(0xa, 0x801, 0x84) syz_clone3(&(0x7f0000000400)={0x28000000, 0x0, 0x0, 0x0, {0x3f}, 0x0, 0x0, 0x0, 0x0}, 0x58) getsockopt$auto(r0, 0x84, 0x80, 0x0, 0x0) 1.860589212s ago: executing program 6 (id=12813): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x2, 0x0) pwritev$auto(r0, 0x0, 0x3, 0x11, 0x3) 1.733639578s ago: executing program 0 (id=12814): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) sysfs$auto(0x2, 0x100000000000031, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 1.71432889s ago: executing program 6 (id=12815): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x6, 0x0) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf01010000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) 1.549676193s ago: executing program 0 (id=12816): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x1dcb, 0x18) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) 1.431251068s ago: executing program 6 (id=12818): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) setsockopt$auto(0x400000000000003, 0x29, 0xcc, 0x0, 0x567) close_range$auto(0x2, 0x8000, 0x0) 1.389518762s ago: executing program 3 (id=12819): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) 1.045376959s ago: executing program 1 (id=12820): mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffefffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) 1.04529584s ago: executing program 6 (id=12821): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x50bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x200000000006}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xaa22}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 994.555907ms ago: executing program 3 (id=12822): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0x0) prctl$auto_PR_SET_NAME(0xf, 0x3, 0x0, 0x50, 0x5d1) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) close_range$auto(0x2, 0x8, 0x0) 825.616729ms ago: executing program 3 (id=12823): mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='L', 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100) 723.813289ms ago: executing program 6 (id=12824): mmap$auto(0x0, 0x2020009, 0xfffffffffffffff3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) ioperm$auto(0xc5, 0x4, 0x2) access$auto(0x0, 0x7) 700.231806ms ago: executing program 0 (id=12825): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mlock$auto(0xc, 0x87) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) r0 = gettid() process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x8}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0) 613.996808ms ago: executing program 1 (id=12826): close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xd551) 505.018615ms ago: executing program 3 (id=12827): sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf250200001808003c0002000009050019"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 413.102047ms ago: executing program 6 (id=12828): socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) 222.596547ms ago: executing program 3 (id=12829): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x21, 0x2, 0x2) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) 66.267191ms ago: executing program 0 (id=12830): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x3, 0x2) sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19) 0s ago: executing program 3 (id=12831): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x55) listen$auto(0x3, 0x81) kernel console output (not intermixed with test programs): s. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.222447][ T6179] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.235226][ T6178] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.242485][ T6178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.268721][ T6178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.286032][ T6178] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.293247][ T6178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.319623][ T6178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.392729][ T6187] hsr_slave_0: entered promiscuous mode [ 80.399705][ T6187] hsr_slave_1: entered promiscuous mode [ 80.405659][ T6187] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.413551][ T6187] Cannot create hsr debugfs directory [ 80.495252][ T6179] hsr_slave_0: entered promiscuous mode [ 80.503857][ T6179] hsr_slave_1: entered promiscuous mode [ 80.510779][ T6179] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.518910][ T6179] Cannot create hsr debugfs directory [ 80.552071][ T6178] hsr_slave_0: entered promiscuous mode [ 80.558727][ T6178] hsr_slave_1: entered promiscuous mode [ 80.564992][ T6178] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.578053][ T6178] Cannot create hsr debugfs directory [ 80.850171][ T6177] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.871007][ T6177] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.922110][ T6177] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.962780][ T6177] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.005795][ T6187] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.046468][ T6187] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.070858][ T6187] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.085305][ T6187] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 81.280472][ T6177] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.307503][ T6180] Bluetooth: hci3: command tx timeout [ 81.317917][ T6177] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.353726][ T1080] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.360989][ T1080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.388003][ T6180] Bluetooth: hci0: command tx timeout [ 81.397039][ T6180] Bluetooth: hci1: command tx timeout [ 81.397076][ T6190] Bluetooth: hci2: command tx timeout [ 81.403926][ T6187] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.445831][ T1157] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.453032][ T1157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.470139][ T6187] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.478430][ T6178] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.488875][ T6178] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.498441][ T6178] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.508448][ T6178] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.545859][ T1157] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.553062][ T1157] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.574310][ T1080] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.581479][ T1080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.659436][ T6179] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.683459][ T6179] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.701651][ T6179] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.711481][ T6179] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.872168][ T6178] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.960796][ T6178] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.981824][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.989014][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.039313][ T1107] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.046503][ T1107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.062795][ T6179] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.131954][ T6187] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.163037][ T6177] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.199635][ T6179] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.276904][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.284043][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.332759][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.339958][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.372307][ T6187] veth0_vlan: entered promiscuous mode [ 82.430696][ T6187] veth1_vlan: entered promiscuous mode [ 82.465782][ T6179] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 82.481973][ T6179] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.528728][ T6177] veth0_vlan: entered promiscuous mode [ 82.604644][ T6187] veth0_macvtap: entered promiscuous mode [ 82.630551][ T6177] veth1_vlan: entered promiscuous mode [ 82.663103][ T6187] veth1_macvtap: entered promiscuous mode [ 82.720084][ T6178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.765739][ T6177] veth0_macvtap: entered promiscuous mode [ 82.783012][ T6177] veth1_macvtap: entered promiscuous mode [ 82.822903][ T6187] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.832287][ T6177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.844842][ T6177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.866787][ T6177] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.883310][ T6187] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.921608][ T6177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.946610][ T6177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.968621][ T6177] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.982707][ T6187] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.006569][ T6187] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.015320][ T6187] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.033776][ T6187] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.073728][ T6177] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.084993][ T6177] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.103857][ T6177] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.113236][ T6177] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.150012][ T6179] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.157268][ T6178] veth0_vlan: entered promiscuous mode [ 83.211920][ T6178] veth1_vlan: entered promiscuous mode [ 83.355769][ T6179] veth0_vlan: entered promiscuous mode [ 83.386786][ T6190] Bluetooth: hci3: command tx timeout [ 83.424256][ T6179] veth1_vlan: entered promiscuous mode [ 83.452655][ T6178] veth0_macvtap: entered promiscuous mode [ 83.468031][ T6190] Bluetooth: hci1: command tx timeout [ 83.468057][ T6180] Bluetooth: hci0: command tx timeout [ 83.473445][ T55] Bluetooth: hci2: command tx timeout [ 83.486097][ T6178] veth1_macvtap: entered promiscuous mode [ 83.488924][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.500731][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.580587][ T6178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.602679][ T6178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.619702][ T6178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.632965][ T6178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.649511][ T6178] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.670471][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.687044][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.702574][ T6178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.715681][ T6178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.728670][ T6178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.739311][ T6178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.750418][ T6178] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.760489][ T6179] veth0_macvtap: entered promiscuous mode [ 83.793581][ T6179] veth1_macvtap: entered promiscuous mode [ 83.816140][ T6178] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.832719][ T6178] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.843919][ T6178] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.859656][ T6178] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.883483][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.911306][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.933593][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.944857][ T6179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.960075][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.968748][ T6179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.979068][ T6179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.989911][ T6179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.005071][ T6179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.015933][ T6179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.027468][ T6179] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.085708][ T6179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.102141][ T6179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.113455][ T6179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.124813][ T6179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.135016][ T6179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.146047][ T6179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.167764][ T6179] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.213069][ T6179] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.229456][ T6179] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.239685][ T6179] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.248747][ T6179] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.274944][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.295510][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.420173][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.449975][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.490112][ T1126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.525431][ T1126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.631031][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.649744][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.466753][ T55] Bluetooth: hci3: command tx timeout [ 85.547508][ T55] Bluetooth: hci0: command tx timeout [ 85.552988][ T55] Bluetooth: hci2: command tx timeout [ 85.558530][ T6190] Bluetooth: hci1: command tx timeout [ 85.970554][ T30] audit: type=1800 audit(1741475181.777:2): pid=6364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.293" name="version" dev="configfs" ino=8629 res=0 errno=0 [ 87.232565][ T1209] cfg80211: failed to load regulatory.db [ 87.566874][ T6434] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 88.925193][ T30] audit: type=1800 audit(1741475184.747:3): pid=6486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.354" name="lu_gp_id" dev="configfs" ino=9898 res=0 errno=0 [ 99.796722][ T6927] syz.1.568 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 105.188714][ T30] audit: type=1800 audit(1741477249.035:4): pid=7172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.691" name="dummy_udc" dev="gadgetfs" ino=9232 res=0 errno=0 [ 105.347574][ T7179] random: crng reseeded on system resumption [ 106.297766][ T55] Bluetooth: hci2: unexpected event 0x35 length: 13 > 6 [ 106.489261][ T7217] Process accounting resumed [ 106.846021][ T7233] ima: policy update failed [ 106.856084][ T30] audit: type=1802 audit(1741477250.713:5): pid=7233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.720" res=0 errno=0 [ 107.567998][ T7272] random: crng reseeded on system resumption [ 107.660981][ T7273] Process accounting resumed [ 110.813502][ T7424] random: crng reseeded on system resumption [ 113.969912][ T7569] random: crng reseeded on system resumption [ 114.822098][ T7599] ======================================================= [ 114.822098][ T7599] WARNING: The mand mount option has been deprecated and [ 114.822098][ T7599] and is ignored by this kernel. Remove the mand [ 114.822098][ T7599] option from the mount to silence this warning. [ 114.822098][ T7599] ======================================================= [ 114.912198][ T30] audit: type=1326 audit(1741477266.816:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.1.901" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fed25d8d169 code=0x0 [ 118.363517][ T7765] capability: warning: `syz.1.980' uses 32-bit capabilities (legacy support in use) [ 119.043562][ T7797] ptrace attach of "./syz-executor exec"[6177] was attempted by "./syz-executor exec"[7797] [ 121.533292][ T7916] random: crng reseeded on system resumption [ 122.134093][ T7937] nfs: Bad value for 'source' [ 123.930652][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 128.773149][ T55] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 129.797567][ T8306] Process accounting resumed [ 131.268354][ T8381] futex_wake_op: syz.3.1287 tries to shift op by 64; fix this program [ 131.577413][ T1126] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.612150][ T8393] capability: warning: `syz.3.1293' uses deprecated v2 capabilities in a way that may be insecure [ 131.715594][ T1126] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.901534][ T1126] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.978010][ T1126] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.107483][ T1126] bridge_slave_1: left allmulticast mode [ 132.116739][ T6190] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 132.126341][ T1126] bridge_slave_1: left promiscuous mode [ 132.128349][ T6190] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 132.135162][ T1126] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.143393][ T6190] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 132.157067][ T6190] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 132.166616][ T6190] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 132.167214][ T1126] bridge_slave_0: left allmulticast mode [ 132.179113][ T6190] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 132.179847][ T1126] bridge_slave_0: left promiscuous mode [ 132.193174][ T1126] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.508324][ T1126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 132.518894][ T1126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 132.529747][ T1126] bond0 (unregistering): Released all slaves [ 132.862869][ T8403] chnl_net:caif_netlink_parms(): no params data found [ 132.947022][ T1126] hsr_slave_0: left promiscuous mode [ 132.953137][ T1126] hsr_slave_1: left promiscuous mode [ 132.966612][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.976653][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.986156][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.994009][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.018221][ T1126] veth1_macvtap: left promiscuous mode [ 133.023904][ T1126] veth0_macvtap: left promiscuous mode [ 133.029562][ T1126] veth1_vlan: left promiscuous mode [ 133.035045][ T1126] veth0_vlan: left promiscuous mode [ 133.152980][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.159355][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.413222][ T1126] team0 (unregistering): Port device team_slave_1 removed [ 133.450456][ T1126] team0 (unregistering): Port device team_slave_0 removed [ 133.849185][ T8403] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.856867][ T8403] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.864779][ T8403] bridge_slave_0: entered allmulticast mode [ 133.872688][ T8403] bridge_slave_0: entered promiscuous mode [ 133.884468][ T8403] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.892550][ T8403] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.899912][ T8403] bridge_slave_1: entered allmulticast mode [ 133.906998][ T8403] bridge_slave_1: entered promiscuous mode [ 133.942982][ T8403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.965712][ T8403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 134.030667][ T8403] team0: Port device team_slave_0 added [ 134.040458][ T8403] team0: Port device team_slave_1 added [ 134.076885][ T8403] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 134.086697][ T8403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.113492][ T8403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 134.137950][ T8403] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 134.144955][ T8403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.175568][ T8403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 134.247084][ T6190] Bluetooth: hci0: command tx timeout [ 134.262844][ T8403] hsr_slave_0: entered promiscuous mode [ 134.270538][ T8403] hsr_slave_1: entered promiscuous mode [ 134.452954][ T8403] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 134.468208][ T8403] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 134.481842][ T8403] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 134.499925][ T8403] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 134.542600][ T8403] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.549988][ T8403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.558784][ T8403] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.565984][ T8403] bridge0: port 1(bridge_slave_0) entered forwarding state [ 134.669754][ T8403] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.692039][ T1126] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.709100][ T1126] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.739719][ T8403] 8021q: adding VLAN 0 to HW filter on device team0 [ 134.756401][ T1126] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.763549][ T1126] bridge0: port 1(bridge_slave_0) entered forwarding state [ 134.786961][ T1126] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.794143][ T1126] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.843295][ T8403] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 135.024739][ T8403] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.276009][ T8403] veth0_vlan: entered promiscuous mode [ 135.298204][ T8403] veth1_vlan: entered promiscuous mode [ 135.336479][ T8403] veth0_macvtap: entered promiscuous mode [ 135.364540][ T8403] veth1_macvtap: entered promiscuous mode [ 135.384450][ T8403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.395936][ T8403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.406037][ T8403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.417414][ T8403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.427333][ T8403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.437825][ T8403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.449716][ T8403] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.468910][ T8403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.480001][ T8403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.491640][ T8403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.502736][ T8403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.512676][ T8403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.524773][ T8403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.535636][ T8403] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.548281][ T8403] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.557407][ T8403] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.566222][ T8403] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.575634][ T8403] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.646396][ T1126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.659263][ T1126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.692165][ T1080] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.704532][ T1080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.873036][ T30] audit: type=1800 audit(4294967301.598:7): pid=8486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1308" name="discovery_nqn" dev="configfs" ino=16575 res=0 errno=0 [ 135.973099][ T8488] can: request_module (can-proto-5) failed. [ 136.326203][ T6190] Bluetooth: hci0: command tx timeout [ 137.558896][ T8562] Process accounting paused [ 138.029269][ T30] audit: type=1800 audit(4294967303.770:8): pid=8589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1339" name="trace_pipe" dev="tracefs" ino=1252 res=0 errno=0 [ 138.386212][ T6190] Bluetooth: hci0: command tx timeout [ 138.721165][ T8624] Unable to find swap-space signature [ 140.457347][ T6190] Bluetooth: hci0: command tx timeout [ 142.428663][ T8811] Unable to find swap-space signature [ 142.474145][ T30] audit: type=1800 audit(4294967308.223:9): pid=8813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1432" name="trace_pipe" dev="tracefs" ino=1294 res=0 errno=0 [ 146.838590][ T8921] kexec: Could not allocate control_code_buffer [ 158.854714][ T9610] ptrace attach of "./syz-executor exec"[8403] was attempted by "./syz-executor exec"[9610] [ 159.706598][ T9641] Process accounting paused [ 162.960809][ T6190] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11 [ 164.549526][ T9837] syz.4.1877 uses obsolete (PF_INET,SOCK_PACKET) [ 164.669347][ T9841] usb usb15: usbfs: process 9841 (syz.0.1879) did not claim interface 1 before use [ 166.055820][ T9899] tipc: Can't bind to reserved service type 2 [ 166.543811][ T9919] usbcore.quirks: string doesn't fit in 127 chars. [ 166.660143][ T9923] kAFS: Invalid Command on /proc/fs/afs/cells file [ 167.510174][ T9960] Process accounting resumed [ 168.218442][ T6190] Bluetooth: hci2: unexpected event 0x32 length: 10 > 9 [ 169.247904][T10049] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 170.471533][T10107] block2mtd: illegal erase size [ 171.407626][ T1126] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.495153][ T1126] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.623656][ T1126] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.799519][ T1126] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.087494][ T1126] bridge_slave_1: left allmulticast mode [ 172.115427][ T1126] bridge_slave_1: left promiscuous mode [ 172.145071][ T1126] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.220095][ T1126] bridge_slave_0: left allmulticast mode [ 172.225899][ T1126] bridge_slave_0: left promiscuous mode [ 172.262842][ T1126] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.291798][ T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 172.304505][ T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 172.313155][ T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 172.322412][ T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 172.331327][ T55] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 172.339663][ T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 173.178035][ T1126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 173.202084][ T1126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 173.224002][ T1126] bond0 (unregistering): Released all slaves [ 173.365992][T10172] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 173.372224][T10172] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.442124][T10172] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.481231][T10172] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 173.504423][T10172] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 173.542363][T10172] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 173.592639][T10172] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 173.598689][T10172] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 173.686586][T10172] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 173.721381][T10172] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.751603][T10172] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.785732][T10172] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.909261][ T1126] hsr_slave_0: left promiscuous mode [ 173.930593][ T1126] hsr_slave_1: left promiscuous mode [ 173.936576][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.951576][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.963198][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.978042][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 174.023591][ T1126] veth1_macvtap: left promiscuous mode [ 174.033684][ T1126] veth0_macvtap: left promiscuous mode [ 174.039381][ T1126] veth1_vlan: left promiscuous mode [ 174.051550][ T1126] veth0_vlan: left promiscuous mode [ 174.982628][ T1126] team0 (unregistering): Port device team_slave_1 removed [ 175.084764][ T1126] team0 (unregistering): Port device team_slave_0 removed [ 175.395034][ T6190] Bluetooth: hci2: command 0x0c1a tx timeout [ 175.472429][ T6190] Bluetooth: hci1: command 0x0c1a tx timeout [ 175.632652][ T6190] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.713476][ T6190] Bluetooth: hci0: command 0x041b tx timeout [ 175.967085][T10170] chnl_net:caif_netlink_parms(): no params data found [ 176.291915][T10170] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.334159][T10170] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.361889][T10170] bridge_slave_0: entered allmulticast mode [ 176.417625][T10170] bridge_slave_0: entered promiscuous mode [ 176.440217][T10170] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.457398][T10170] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.479016][T10170] bridge_slave_1: entered allmulticast mode [ 176.508003][T10170] bridge_slave_1: entered promiscuous mode [ 176.616800][T10170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.658460][T10170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.801154][T10170] team0: Port device team_slave_0 added [ 176.845091][T10170] team0: Port device team_slave_1 added [ 177.074371][T10170] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.082189][T10170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.129951][T10170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.156898][T10170] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.173579][T10170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.240578][T10170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 177.454913][T10170] hsr_slave_0: entered promiscuous mode [ 177.461310][T10170] hsr_slave_1: entered promiscuous mode [ 177.470238][ T6190] Bluetooth: hci2: command 0x0c1a tx timeout [ 177.543036][ T6190] Bluetooth: hci1: command 0x0c1a tx timeout [ 177.701130][ T6190] Bluetooth: hci3: command 0x0c1a tx timeout [ 177.780501][ T6190] Bluetooth: hci0: command 0x041b tx timeout [ 177.981466][T10170] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 178.025584][T10170] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 178.056840][T10170] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 178.085991][T10170] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 178.120653][T10397] QAT: failed to copy from user. [ 178.281739][T10170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.331958][T10170] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.365991][ T1126] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.373216][ T1126] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.414857][ T1126] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.422135][ T1126] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.822018][T10170] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.401570][T10170] veth0_vlan: entered promiscuous mode [ 179.457990][T10170] veth1_vlan: entered promiscuous mode [ 179.540486][ T6190] Bluetooth: hci2: command 0x0c1a tx timeout [ 179.553974][T10170] veth0_macvtap: entered promiscuous mode [ 179.564177][T10170] veth1_macvtap: entered promiscuous mode [ 179.580051][T10170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.590745][T10170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.600718][T10170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.611620][ T6190] Bluetooth: hci1: command 0x0c1a tx timeout [ 179.617738][T10170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.629072][T10170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.639830][T10170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.672724][T10170] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 179.716928][T10463] [ 179.721665][T10170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.748269][T10170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.770975][ T6190] Bluetooth: hci3: command 0x0c1a tx timeout [ 179.799972][T10170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.818420][T10170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.838198][T10170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.849719][ T6190] Bluetooth: hci0: command 0x041b tx timeout [ 179.859487][T10170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.925928][T10170] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 179.974993][T10170] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.011134][T10479] ptrace attach of "./syz-executor exec"[6178] was attempted by "./syz-executor exec"[10479] [ 180.016986][T10170] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.049013][T10170] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.057779][T10170] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.262172][ T1080] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.298465][ T1080] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.394215][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.414735][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.705600][T10507] QAT: Stopping all acceleration devices. [ 181.653939][T10553] ima: policy update failed [ 181.660522][ T30] audit: type=1802 audit(4294967347.617:10): pid=10553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.2169" res=0 errno=0 [ 181.919409][ T6190] Bluetooth: hci0: command 0x041b tx timeout [ 182.202492][ T30] audit: type=1807 audit(4294967348.169:11): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 182.208086][T10580] ima: policy update failed [ 182.266184][ T30] audit: type=1802 audit(4294967348.169:12): pid=10582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.5.2180" res=0 errno=0 [ 182.321714][ T30] audit: type=1802 audit(4294967348.230:13): pid=10580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.2180" res=0 errno=0 [ 183.990343][ T6190] Bluetooth: hci0: command 0x041b tx timeout [ 186.057478][ T6190] Bluetooth: hci0: command 0x041b tx timeout [ 187.495996][ T6190] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 189.636422][T10930] Process accounting resumed [ 190.299348][T10966] program syz.0.2353 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 190.867764][T10987] mmap: syz.3.2364 (10987): VmData 37527552 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 191.303074][T11005] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 191.849925][T11026] ICMPv6: process `syz.5.2384' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 192.765825][ T30] audit: type=1326 audit(4294967358.784:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11069 comm="syz.1.2399" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fed25d8d169 code=0x0 [ 193.663532][T11109] ptrace attach of "./syz-executor exec"[6179] was attempted by "./syz-executor exec"[11109] [ 193.708945][T11079] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 193.725496][T11079] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 193.761371][T11079] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 193.772509][T11079] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 194.261164][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.267928][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.692970][T11152] syz.3.2424: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 194.753542][T11152] CPU: 1 UID: 0 PID: 11152 Comm: syz.3.2424 Not tainted 6.14.0-rc5-syzkaller-00234-gb7c90e3e717a #0 [ 194.753579][T11152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 194.753593][T11152] Call Trace: [ 194.753601][T11152] [ 194.753610][T11152] dump_stack_lvl+0x16c/0x1f0 [ 194.753651][T11152] warn_alloc+0x24d/0x3a0 [ 194.753688][T11152] ? __pfx_warn_alloc+0x10/0x10 [ 194.753731][T11152] ? lock_acquire.part.0+0x11b/0x380 [ 194.753779][T11152] __vmalloc_node_range_noprof+0x10dc/0x1530 [ 194.753815][T11152] ? rcu_is_watching+0x12/0xc0 [ 194.753840][T11152] ? trace_contention_end+0xee/0x140 [ 194.753875][T11152] ? __mutex_lock+0x1cc/0xb10 [ 194.753904][T11152] ? tomoyo_path_number_perm+0x46d/0x590 [ 194.753934][T11152] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 194.753965][T11152] ? dvb_dvr_do_ioctl+0x7e/0x290 [ 194.753997][T11152] ? __pfx___mutex_lock+0x10/0x10 [ 194.754029][T11152] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 194.754060][T11152] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 194.754093][T11152] ? do_vfs_ioctl+0x513/0x1990 [ 194.754122][T11152] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 194.754154][T11152] vmalloc_noprof+0x6b/0x90 [ 194.754185][T11152] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 194.754215][T11152] dvb_dvr_do_ioctl+0x15d/0x290 [ 194.754256][T11152] dvb_usercopy+0x165/0x320 [ 194.754283][T11152] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 194.754324][T11152] ? __pfx_dvb_usercopy+0x10/0x10 [ 194.754355][T11152] ? __pfx_lock_release+0x10/0x10 [ 194.754403][T11152] ? __fget_files+0x206/0x3a0 [ 194.754444][T11152] dvb_dvr_ioctl+0x29/0x40 [ 194.754472][T11152] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 194.754502][T11152] __x64_sys_ioctl+0x190/0x200 [ 194.754532][T11152] do_syscall_64+0xcd/0x250 [ 194.754565][T11152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.754602][T11152] RIP: 0033:0x7f3ed838d169 [ 194.754622][T11152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.754646][T11152] RSP: 002b:00007f3ed927c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 194.754670][T11152] RAX: ffffffffffffffda RBX: 00007f3ed85a5fa0 RCX: 00007f3ed838d169 [ 194.754686][T11152] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 194.754702][T11152] RBP: 00007f3ed840e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 194.754717][T11152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.754731][T11152] R13: 0000000000000000 R14: 00007f3ed85a5fa0 R15: 00007ffdc197ed28 [ 194.754763][T11152] [ 194.754868][T11152] Mem-Info: [ 195.020869][T11152] active_anon:24174 inactive_anon:0 isolated_anon:0 [ 195.020869][T11152] active_file:13693 inactive_file:38462 isolated_file:0 [ 195.020869][T11152] unevictable:768 dirty:278 writeback:0 [ 195.020869][T11152] slab_reclaimable:10169 slab_unreclaimable:95920 [ 195.020869][T11152] mapped:27993 shmem:18342 pagetables:1111 [ 195.020869][T11152] sec_pagetables:0 bounce:0 [ 195.020869][T11152] kernel_misc_reclaimable:0 [ 195.020869][T11152] free:1317471 free_pcp:5867 free_cma:0 [ 195.067215][ T6190] Bluetooth: hci2: command 0x0c1a tx timeout [ 195.086729][T11152] Node 0 active_anon:96900kB inactive_anon:0kB active_file:54740kB inactive_file:153780kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111872kB dirty:1160kB writeback:0kB shmem:71844kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11088kB pagetables:4544kB sec_pagetables:0kB all_unreclaimable? no [ 195.119858][T11152] Node 1 active_anon:0kB inactive_anon:0kB active_file:60kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:60kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 195.199838][T11152] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 195.244323][T11152] lowmem_reserve[]: 0 2487 2487 0 0 [ 195.269599][T11152] Node 0 DMA32 free:1369564kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:97292kB inactive_anon:0kB active_file:54740kB inactive_file:153684kB unevictable:1536kB writepending:1156kB present:3129332kB managed:2547516kB mlocked:0kB bounce:0kB free_pcp:2460kB local_pcp:856kB free_cma:0kB [ 195.379565][T11152] lowmem_reserve[]: 0 0 0 0 0 [ 195.384521][T11152] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:96kB unevictable:0kB writepending:4kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 195.457390][T11152] lowmem_reserve[]: 0 0 0 0 0 [ 195.467793][T11152] Node 1 Normal free:3884344kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:60kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:21064kB local_pcp:19136kB free_cma:0kB [ 195.581233][T11152] lowmem_reserve[]: 0 0 0 0 0 [ 195.627715][T11152] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 195.691021][T11152] Node 0 DMA32: 90*4kB (UME) 232*8kB (UM) 360*16kB (UME) 265*32kB (UME) 24*64kB (UME) 80*128kB (UM) 55*256kB (UE) 48*512kB (UM) 29*1024kB (U) 20*2048kB (UM) 303*4096kB (UME) = 1378632kB [ 195.737051][T11152] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 195.767012][ T6190] Bluetooth: hci0: command 0x041b tx timeout [ 195.769058][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 195.773993][ T6180] Bluetooth: hci1: command 0x0c1a tx timeout [ 195.787171][T11152] Node 1 Normal: 4*4kB (UE) 5*8kB (UME) 10*16kB (UME) 105*32kB (UME) 69*64kB (UME) 4*128kB (UE) 2*256kB (ME) 3*512kB (UME) 1*1024kB (M) 5*2048kB (UME) 943*4096kB (M) = 3884344kB [ 195.805558][T11152] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 195.815334][T11152] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 195.825219][T11152] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 195.838203][T11152] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 195.850194][T11152] 67333 total pagecache pages [ 195.854909][T11152] 0 pages in swap cache [ 195.859396][T11152] Free swap = 124996kB [ 195.863659][T11152] Total swap = 124996kB [ 195.868161][T11152] 2097051 pages RAM [ 195.871996][T11152] 0 pages HighMem/MovableOnly [ 195.877198][T11152] 428514 pages reserved [ 195.881549][T11152] 0 pages cma reserved [ 196.440301][ T30] audit: type=1806 audit(4294967362.483:15): xattr="." res=0 [ 197.076509][T11208] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 197.097783][T11208] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 197.111717][T11208] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 197.138102][T11208] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 197.505188][T11246] Process accounting paused [ 197.513420][T11253] kAFS: Invalid Command on /proc/fs/afs/cells file [ 197.766529][T11268] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 198.083168][T11282] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 198.731509][T11278] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 198.737664][T11278] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 198.763273][T11317] program syz.1.2476 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 198.783383][T11278] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 198.826444][T11278] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 199.213622][T11335] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 199.478237][T11349] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 200.395817][T11359] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 200.418303][T11359] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 200.453043][T11359] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 200.462751][T11359] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 201.701303][T11448] udc dummy_udc.0: soft-connect without a gadget driver [ 201.736112][ T6180] Bluetooth: hci2: command 0x0c1a tx timeout [ 202.100881][T11469] WARNING! power/level is deprecated; use power/control instead [ 202.452221][ T6180] Bluetooth: hci3: command 0x0c1a tx timeout [ 202.458347][ T6180] Bluetooth: hci1: command 0x0c1a tx timeout [ 202.511336][T11487] aoe: invalid device specification [ 202.531862][ T6180] Bluetooth: hci0: command 0x041b tx timeout [ 203.856013][T11551] Scaler: ================= START STATUS ================= [ 203.883302][T11551] Scaler: ================== END STATUS ================== [ 205.705542][ T30] audit: type=1400 audit(4294967371.792:16): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=11627 comm="syz.1.2620" [ 206.264368][T11625] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 206.405254][T11648] i2c i2c-0: new_device: Can't parse I2C address [ 209.087686][T11779] dyndbg: expected <4096 bytes into control [ 210.063708][T11824] kAFS: Invalid Command on /proc/fs/afs/cells file [ 211.066524][T11868] usb usb36: usbfs: process 11868 (syz.0.2736) did not claim interface 0 before use [ 213.840760][T12001] ima: policy update failed [ 213.853399][ T30] audit: type=1802 audit(4294967379.974:17): pid=12001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2803" res=0 errno=0 [ 214.207476][T12018] Setting dangerous option i915.mitigations - tainting kernel [ 214.255340][T12018] Bad "i915.mitigations=$", '$' is unknown [ 214.903826][T12049] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2824'. [ 215.443824][T12071] ceph: Failed to parse sending metrics switch value 'P^' [ 218.657356][ T30] audit: type=1800 audit(4294967384.809:18): pid=12210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2904" name="features" dev="configfs" ino=27618 res=0 errno=0 [ 219.043441][T12225] synth uevent: /module/qat_c62x: unknown uevent action string [ 219.576143][T12245] Process accounting paused [ 221.087483][ T30] audit: type=1800 audit(4294967387.252:19): pid=12311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2953" name="features" dev="configfs" ino=28039 res=0 errno=0 [ 221.607120][T12330] synth uevent: /module/qat_c62x: unknown uevent action string [ 223.492813][T12411] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 225.190366][T12493] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3043'. [ 226.984143][T12581] kmem.limit_in_bytes is deprecated and will be removed. Writing any value to this file has no effect. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 227.513953][T12599] Process accounting resumed [ 229.131487][ T6180] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 229.547509][ T6180] Bluetooth: hci3: Zero size dump init pkt [ 230.721460][T12752] usb usb24: check_ctrlrecip: process 12752 (syz.0.3169) requesting ep 01 but needs 81 [ 230.755955][T12752] usb usb24: usbfs: process 12752 (syz.0.3169) did not claim interface 0 before use [ 231.831989][T12807] afs: Unknown parameter 'P4' [ 231.916273][T12811] synth uevent: /bus/usb/drivers/cdc_eem: unknown uevent action string [ 238.801408][T13122] syz_tun: tun_chr_ioctl cmd 1074812117 [ 243.056778][T13312] random: crng reseeded on system resumption [ 243.891468][T13343] block2mtd: parameter too long [ 247.837045][T13530] usbip-vudc usbip-vudc.0: gadget not bound [ 248.561514][T13565] random: crng reseeded on system resumption [ 249.454835][T13599] Process accounting resumed [ 249.635121][ T30] audit: type=1800 audit(4294967415.950:20): pid=13610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3564" name="discovery_nqn" dev="configfs" ino=32220 res=0 errno=0 [ 249.942463][T13626] ima: policy update failed [ 249.961026][ T30] audit: type=1802 audit(4294967416.282:21): pid=13626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.3572" res=0 errno=0 [ 251.589890][T13703] i2c i2c-0: new_device: Missing parameters [ 251.930220][T13723] vivid-010: ================= START STATUS ================= [ 251.952160][T13723] vivid-010: Generate PTS: true [ 251.962439][T13719] nvme_fabrics: missing parameter 'transport=%s' [ 251.974616][T13723] vivid-010: Generate SCR: true [ 251.979573][T13723] tpg source WxH: 640x360 (Y'CbCr) [ 251.991715][T13719] nvme_fabrics: missing parameter 'nqn=%s' [ 252.001899][T13723] tpg field: 1 [ 252.014409][T13723] tpg crop: 640x360@0x0 [ 252.021639][T13723] tpg compose: 640x360@0x0 [ 252.026807][T13723] tpg colorspace: 8 [ 252.030990][T13723] tpg transfer function: 0/0 [ 252.051115][T13723] tpg Y'CbCr encoding: 0/0 [ 252.056103][T13723] tpg quantization: 0/0 [ 252.063291][T13723] tpg RGB range: 0/2 [ 252.092500][T13723] vivid-010: ================== END STATUS ================== [ 252.244030][T13734] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 252.244647][T13732] ima: policy update failed [ 252.311036][ T30] audit: type=1802 audit(4294967418.624:22): pid=13732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3624" res=0 errno=0 [ 255.380301][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.386672][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.042173][T13910] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 257.437934][T13904] Process accounting paused [ 259.805741][T14086] Invalid input. Must be >= 4608 [ 259.896715][T14090] CIFS: VFS: Invalid SecurityFlags: # [ 261.919330][ T30] audit: type=1800 audit(4294967428.294:23): pid=14193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3810" name="dbroot" dev="configfs" ino=33395 res=0 errno=0 [ 261.969073][ T30] audit: type=1804 audit(4294967428.314:24): pid=14193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.3810" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=33395 res=1 errno=0 [ 262.721781][ T30] audit: type=1800 audit(4294967429.108:25): pid=14231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3822" name="dbroot" dev="configfs" ino=34184 res=0 errno=0 [ 262.761373][T14231] db_root: cannot open: [ 264.490266][T14324] syz_tun: tun_chr_ioctl cmd 1074025688 [ 264.755541][ T30] audit: type=1800 audit(4294967431.149:26): pid=14341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3859" name="features" dev="configfs" ino=33543 res=0 errno=0 [ 269.612304][T14572] misc userio: Invalid payload size [ 273.199278][T14755] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 273.199947][T14750] ima: policy update failed [ 273.238323][ T30] audit: type=1802 audit(4294967439.683:27): pid=14750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.4004" res=0 errno=0 [ 276.638356][T14928] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 276.638356][T14928] M' is too long [ 276.666148][T14928] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 276.666148][T14928] W ' is too long [ 279.510913][T15072] Process accounting paused [ 281.137023][T15146] nvme_fcloop: unknown parameter or missing value '' [ 281.809807][T15176] process 'syz.5.4161' launched './file0' with NULL argv: empty string added [ 281.964376][T15182] sysfs_service_op_store: Client not running :-5: [ 282.235875][T15195] delete_channel: no stack [ 283.751370][T15262] bond0: option mode: invalid value () [ 287.401737][T15427] Process accounting resumed [ 287.946730][T15454] : Can't lookup blockdev [ 289.028522][ T30] audit: type=1400 audit(4294967455.545:28): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=15502 comm="syz.3.4323" [ 291.299153][T15598] block2mtd: device name too long [ 292.530472][T15646] usb usb15: usbfs: process 15646 (syz.3.4395) did not claim interface 0 before use [ 293.071521][T15668] bond0: option lp_interval: invalid value (/sys/devices/platform/vkms/graphics/fb0/rotate) [ 293.108632][T15668] bond0: option lp_interval: allowed values 1 - 2147483647 [ 293.471717][ T6182] Process accounting resumed [ 296.593595][ T6180] Bluetooth: hci0: unexpected event 0x01 length: 4 > 1 [ 298.078498][ T6180] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260 [ 301.879051][T16047] ecryptfs_miscdev_write: Invalid packet size [192] [ 306.563311][T16218] syz.3.4676 (16218): drop_caches: 0 [ 308.268704][ T6180] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 308.433386][ T30] audit: type=1804 audit(4294967475.046:29): pid=16300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4713" name="/newroot/sys/kernel/tracing/saved_cmdlines" dev="tracefs" ino=1307 res=1 errno=0 [ 308.463664][ C1] vkms_vblank_simulate: vblank timer overrun [ 308.688880][T16306] kernel read not supported for file /Pr ^!8;n~ZJp-v<)R_WtakG6h mD|vQ (pid: 16306 comm: syz.5.4719) [ 308.723735][ T30] audit: type=1800 audit(4294967475.347:30): pid=16306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4719" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=40417 res=0 errno=0 [ 309.479447][T16334] Process accounting resumed [ 314.773456][T16541] dlm: non-version read from control device 9 [ 315.584736][T16580] program syz.3.4850 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 315.620507][T16580] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 316.505650][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.512387][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.242316][T16656] kAFS: Invalid Command on /proc/fs/afs/cells file [ 317.386757][T16657] Process accounting paused [ 318.069343][T16699] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 320.653025][T16807] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.679905][T16815] kAFS: Invalid Command on /proc/fs/afs/cells file [ 323.809619][T16955] kafs: addr_prefs: Invalid Command [ 324.407875][T16977] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 324.621847][T16985] synth uevent: /bus/memstick: unknown uevent action string [ 325.439716][T17019] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706]. [ 326.329777][T17055] i2c i2c-0: delete_device: Can't parse I2C address [ 330.540374][T17216] ICMPv6: process `syz.5.5161' is using deprecated sysctl (syscall) net.ipv6.neigh.macsec0.base_reachable_time - use net.ipv6.neigh.macsec0.base_reachable_time_ms instead [ 330.845116][T17226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 330.889285][T17226] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 330.925309][T17226] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 330.963279][T17226] page_type: f5(slab) [ 330.973838][T17226] raw: 00fff00000000040 ffff88814040a8c0 dead000000000122 0000000000000000 [ 330.994188][T17226] raw: 0000000000000000 0000000000150015 00000000f5000000 0000000000000000 [ 331.007915][T17226] head: 00fff00000000040 ffff88814040a8c0 dead000000000122 0000000000000000 [ 331.026958][T17226] head: 0000000000000000 0000000000150015 00000000f5000000 0000000000000000 [ 331.037361][T17226] head: 00fff00000000001 ffffea0001ff8001 ffffffffffffffff 0000000000000000 [ 331.073334][T17226] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 331.104175][T17226] page dumped because: unmovable page [ 331.110104][T17226] page_owner tracks the page as allocated [ 331.132923][T17226] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 5223, tgid 5223 (udevadm), ts 28796985284, free_ts 23752893379 [ 331.207429][T17226] post_alloc_hook+0x181/0x1b0 [ 331.217587][T17226] get_page_from_freelist+0xfce/0x2f80 [ 331.229759][T17226] __alloc_frozen_pages_noprof+0x221/0x2470 [ 331.241862][T17226] alloc_pages_mpol+0x1fc/0x540 [ 331.247083][T17226] new_slab+0x23d/0x330 [ 331.251405][T17226] ___slab_alloc+0xc5d/0x1720 [ 331.269085][T17226] __slab_alloc.constprop.0+0x56/0xb0 [ 331.282128][T17226] kmem_cache_alloc_lru_noprof+0xff/0x3d0 [ 331.288381][T17226] __d_alloc+0x31/0xaa0 [ 331.302126][T17226] d_alloc+0x4a/0x1e0 [ 331.306198][T17226] d_alloc_parallel+0xe7/0x12b0 [ 331.344386][T17226] __lookup_slow+0x194/0x470 [ 331.357029][T17226] walk_component+0x350/0x5b0 [ 331.376431][T17226] path_lookupat+0x17f/0x770 [ 331.381125][T17226] filename_lookup+0x221/0x5f0 [ 331.400364][T17226] vfs_statx+0xf9/0x210 [ 331.412591][T17226] page last free pid 1 tgid 1 stack trace: [ 331.426781][T17226] free_frozen_pages+0x6db/0xfb0 [ 331.441285][T17226] free_contig_range+0x133/0x3f0 [ 331.449841][T17226] destroy_args+0x66f/0x830 [ 331.461451][T17226] debug_vm_pgtable+0x130f/0x2d60 [ 331.466572][T17226] do_one_initcall+0x128/0x700 [ 331.488121][T17226] kernel_init_freeable+0x5c7/0x900 [ 331.503105][T17226] kernel_init+0x1c/0x2b0 [ 331.517739][T17226] ret_from_fork+0x45/0x80 [ 331.527841][T17226] ret_from_fork_asm+0x1a/0x30 [ 331.681513][ T30] audit: type=1800 audit(4294967498.407:31): pid=17261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5182" name="members" dev="configfs" ino=42750 res=0 errno=0 [ 332.345648][T17290] kAFS: No cell specified [ 334.077714][T17366] QAT: Device 2 not found [ 334.595726][T17390] < [ 335.538273][T17432] delete_channel: no stack [ 335.594895][T17436] queue_state_write: operation too long [ 335.609587][T17436] queue_state_write: use 'run', 'start' or 'kick' [ 462.864414][T22520] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 462.870979][T22520] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 462.886875][T22518] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 463.090919][T22528] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 463.769040][T22564] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 464.533498][T22593] netlink: 'syz.0.7633': attribute type 1 has an invalid length. [ 464.861420][T22611] netlink: 5 bytes leftover after parsing attributes in process `syz.1.7640'. [ 467.357494][T22721] Process accounting resumed [ 467.564004][T22738] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 467.901824][T22748] netlink: set zone limit has 8 unknown bytes [ 468.037176][T22758] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 468.960771][T22802] netlink: 'syz.1.7696': attribute type 1 has an invalid length. [ 471.426661][T22897] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 471.508640][T22897] CIFS mount error: No usable UNC path provided in device string! [ 471.508640][T22897] [ 471.524891][T22897] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 471.721959][T22906] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7743'. [ 474.672365][T22995] nbd: illegal input index 2147483647 [ 475.462427][T23028] openvswitch: netlink: IP tunnel dst address not specified [ 476.116774][T23055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7811'. [ 477.659267][T23113] sctp: [Deprecated]: syz.1.7834 (pid 23113) Use of int in max_burst socket option deprecated. [ 477.659267][T23113] Use struct sctp_assoc_value instead [ 479.802165][T23193] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 480.925037][T23234] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 3000000000 [ 481.676110][T23266] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7901'. [ 482.463608][T23289] svc: failed to register nfsdv3 RPC service (errno 111). [ 482.489868][T23289] svc: failed to register nfsaclv3 RPC service (errno 111). [ 483.399191][T23324] netlink: 'syz.6.7929': attribute type 1 has an invalid length. [ 483.791377][T23340] nl80211: entered promiscuous mode [ 484.534451][T23360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7944'. [ 486.061509][T23413] svc: failed to register nfsdv3 RPC service (errno 111). [ 486.084975][T23413] svc: failed to register nfsaclv3 RPC service (errno 111). [ 487.151685][T23450] kafs: addr_prefs: Invalid Command [ 487.480439][T23461] sg_write: process 4073 (syz.3.7990) changed security contexts after opening file descriptor, this is not allowed. [ 487.809452][T23479] delete_channel: no stack [ 488.175292][T23489] svc: failed to register nfsdv3 RPC service (errno 111). [ 488.226234][T23489] svc: failed to register nfsaclv3 RPC service (errno 111). [ 488.753275][T23498] syz_tun: tun_chr_ioctl cmd 1074025681 [ 489.279013][T23511] Process accounting resumed [ 490.674956][T23586] openvswitch: netlink: Duplicate or invalid key (type 0). [ 491.091922][T23599] netlink: get zone limit has 8 unknown bytes [ 492.216619][T23651] netlink: 'syz.3.8074': attribute type 2 has an invalid length. [ 493.328876][T23705] openvswitch: netlink: Duplicate key (type 15). [ 493.340365][T23706] HfR: entered promiscuous mode [ 495.647343][T23773] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 497.313260][T23834] Process accounting paused [ 497.710771][T23848] openvswitch: netlink: Multiple metadata blocks provided [ 498.892114][T23881] svc: failed to register nfsdv3 RPC service (errno 111). [ 498.922389][T23881] svc: failed to register nfsaclv3 RPC service (errno 111). [ 499.764446][T23919] netlink: 'syz.1.8194': attribute type 1 has an invalid length. [ 499.868820][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.875333][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.006599][T23928] netlink: 'syz.1.8198': attribute type 10 has an invalid length. [ 500.470767][T23947] sctp: [Deprecated]: syz.3.8207 (pid 23947) Use of int in max_burst socket option deprecated. [ 500.470767][T23947] Use struct sctp_assoc_value instead [ 500.733154][T23957] openvswitch: netlink: nsh attr 68 is out of range max 3 [ 500.933945][T23965] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8216'. [ 502.026252][T23994] openvswitch: netlink: Message has 215 unknown bytes. [ 502.482251][T24010] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 504.872208][T24082] program syz.1.8270 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 505.135907][T24084] could not allocate digest TFM handle [ 505.237803][T24090] could not allocate digest TFM handle [ 505.967464][T24133] openvswitch: netlink: Message has 1 unknown bytes. [ 507.244688][T24178] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8311'. [ 507.531734][T24192] ubi0: attaching mtd0 [ 507.558275][T24192] ubi0: scanning is finished [ 507.562977][T24192] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 507.810327][T24192] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 509.412414][T24186] kexec: Could not allocate control_code_buffer [ 509.500216][T24226] sd 0:0:1:0: PR command failed: 1026 [ 509.527584][T24226] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 509.544375][T24226] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 510.630164][T24263] svc: failed to register nfsdv3 RPC service (errno 111). [ 510.649758][T24263] svc: failed to register nfsaclv3 RPC service (errno 111). [ 513.198832][T24369] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8399'. [ 516.059265][T24478] openvswitch: netlink: IP tunnel TTL not specified. [ 516.456673][T24452] kexec: Could not allocate control_code_buffer [ 516.462586][ T30] audit: type=1804 audit(4294967326.112:40): pid=24489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.8454" name="/newroot/2080/file0" dev="tmpfs" ino=10458 res=1 errno=0 [ 516.491033][ T30] audit: type=1800 audit(4294967326.142:41): pid=24489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.8454" name="file0" dev="tmpfs" ino=10458 res=0 errno=0 [ 517.682128][T24545] openvswitch: netlink: IP tunnel dst address not specified [ 518.720482][T24584] zero sized request [ 519.171019][T24605] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 519.183522][T24602] Process accounting paused [ 519.869368][T24638] netlink: 'syz.0.8522': attribute type 1 has an invalid length. [ 520.159881][T24649] tipc: Enabling of bearer rejected, media not registered [ 520.219026][T24650] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 520.499115][T24662] block2mtd: error: cannot open device [ 521.603617][T24704] openvswitch: netlink: Flow key attribute not present in set flow. [ 522.566567][T24733] openvswitch: netlink: Key type 261 is out of range max 32 [ 524.564103][T24800] openvswitch: netlink: IP tunnel dst address not specified [ 526.572639][T24880] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 526.794280][T24890] MTRR 1 not used [ 527.004478][T24896] syz_tun: tun_chr_ioctl cmd 2148553947 [ 527.273710][T24897] Process accounting resumed [ 528.081453][T24927] netlink: Unknown conntrack attr (0) [ 529.630018][T24973] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 529.707994][T24975] zero sized request [ 532.072066][T25068] openvswitch: netlink: Message has 4 unknown bytes. [ 533.335435][T25115] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 535.838207][T25216] netlink: ct family unspecified [ 540.606049][T25368] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 541.323678][T25391] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 541.367878][T25391] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 542.616570][T25415] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 543.140646][T25442] : entered promiscuous mode [ 543.189894][ T6190] Bluetooth: hci2: SCO packet too small [ 544.985054][T25496] input input33: cannot allocate more than FF_MAX_EFFECTS effects [ 545.212701][T25500] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 547.540297][T25568] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8950'. [ 548.041444][T25588] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 548.165381][T25593] netlink: 'syz.3.8962': attribute type 1 has an invalid length. [ 548.301500][T25595] Invalid ELF header magic: != ELF [ 548.659215][T25608] nfsd: Unknown parameter 'DJ' [ 548.988317][T25618] netlink: 'syz.3.8973': attribute type 2 has an invalid length. [ 549.149365][T25622] Process accounting resumed [ 549.582020][T25641] openvswitch: netlink: IP tunnel dst address not specified [ 549.687614][T25644] nbd: couldn't find a device at index 99 [ 550.016813][T25658] netlink: 'syz.1.8990': attribute type 1 has an invalid length. [ 550.438765][T25673] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 551.327975][T25713] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 551.797263][T25730] Invalid ELF header magic: != ELF [ 553.029793][T25771] netlink: 'syz.1.9042': attribute type 1 has an invalid length. [ 554.668062][T25830] program syz.1.9072 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 556.569610][T25929] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 556.793798][ T6190] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 556.793837][ T6190] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 556.809611][ T6190] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 556.809734][ T6190] Bluetooth: hci0: Malformed LE Event: 0x0d [ 557.135985][T25957] Process accounting paused [ 557.400064][T25974] netlink: 80 bytes leftover after parsing attributes in process `syz.6.9142'. [ 558.062982][T26003] nbd: must specify a device to reconfigure [ 559.237068][T26052] unsupported nla_type 32969 [ 559.840793][T26078] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 560.760596][T26111] netlink: 'syz.6.9206': attribute type 11 has an invalid length. [ 560.955285][T26122] block nbd0: not configured, cannot reconfigure [ 561.028566][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 561.053391][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 561.819712][T26148] netlink: 'syz.1.9220': attribute type 1 has an invalid length. [ 563.048985][T26197] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 563.077503][T26124] Bluetooth: hci0: command 0x0406 tx timeout [ 563.096184][T26197] CPU: 0 UID: 0 PID: 26197 Comm: syz.3.9244 Tainted: G U 6.14.0-rc5-syzkaller-00234-gb7c90e3e717a #0 [ 563.096224][T26197] Tainted: [U]=USER [ 563.096232][T26197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 563.096245][T26197] Call Trace: [ 563.096252][T26197] [ 563.096261][T26197] dump_stack_lvl+0x16c/0x1f0 [ 563.096302][T26197] sysfs_warn_dup+0x7f/0xa0 [ 563.096333][T26197] sysfs_do_create_link_sd+0x124/0x140 [ 563.096368][T26197] sysfs_create_link+0x61/0xc0 [ 563.096396][T26197] device_add+0x62e/0x1a70 [ 563.096433][T26197] ? __pfx_device_add+0x10/0x10 [ 563.096463][T26197] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 563.096501][T26197] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 563.096539][T26197] wiphy_register+0x1cab/0x2860 [ 563.096572][T26197] ? __pfx__dev_printk+0x10/0x10 [ 563.096607][T26197] ? __pfx_wiphy_register+0x10/0x10 [ 563.096650][T26197] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 563.096686][T26197] ieee80211_register_hw+0x2455/0x4060 [ 563.096732][T26197] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 563.096763][T26197] ? net_generic+0xea/0x2a0 [ 563.096795][T26197] ? lockdep_init_map_type+0x16d/0x7d0 [ 563.096841][T26197] ? __asan_memset+0x23/0x50 [ 563.096873][T26197] ? __hrtimer_init+0x106/0x2c0 [ 563.096915][T26197] mac80211_hwsim_new_radio+0x304e/0x54e0 [ 563.096975][T26197] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 563.097021][T26197] hwsim_new_radio_nl+0xb42/0x12b0 [ 563.097058][T26197] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 563.097104][T26197] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 563.097143][T26197] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 563.097189][T26197] genl_family_rcv_msg_doit+0x202/0x2f0 [ 563.097228][T26197] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 563.097263][T26197] ? trace_cap_capable+0x1a2/0x210 [ 563.097301][T26197] ? bpf_lsm_capable+0x9/0x10 [ 563.097325][T26197] ? security_capable+0x7e/0x260 [ 563.097352][T26197] ? ns_capable+0xd7/0x110 [ 563.097388][T26197] genl_rcv_msg+0x565/0x800 [ 563.097427][T26197] ? __pfx_genl_rcv_msg+0x10/0x10 [ 563.097465][T26197] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 563.097512][T26197] netlink_rcv_skb+0x16b/0x440 [ 563.097545][T26197] ? __pfx_genl_rcv_msg+0x10/0x10 [ 563.097605][T26197] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 563.097660][T26197] ? down_read+0xc9/0x330 [ 563.097693][T26197] ? __pfx_down_read+0x10/0x10 [ 563.097727][T26197] ? netlink_deliver_tap+0x1ae/0xd30 [ 563.097765][T26197] genl_rcv+0x28/0x40 [ 563.097798][T26197] netlink_unicast+0x53c/0x7f0 [ 563.097842][T26197] ? __pfx_netlink_unicast+0x10/0x10 [ 563.097873][T26197] ? __phys_addr_symbol+0x30/0x80 [ 563.097895][T26197] ? __check_object_size+0x488/0x710 [ 563.097922][T26197] netlink_sendmsg+0x8b8/0xd70 [ 563.097960][T26197] ? __pfx_netlink_sendmsg+0x10/0x10 [ 563.098008][T26197] ____sys_sendmsg+0xaaf/0xc90 [ 563.098036][T26197] ? copy_msghdr_from_user+0x10b/0x160 [ 563.098069][T26197] ? __pfx_____sys_sendmsg+0x10/0x10 [ 563.098116][T26197] ___sys_sendmsg+0x135/0x1e0 [ 563.098150][T26197] ? __pfx____sys_sendmsg+0x10/0x10 [ 563.098201][T26197] ? __pfx_lock_release+0x10/0x10 [ 563.098232][T26197] ? trace_lock_acquire+0x14e/0x1f0 [ 563.098273][T26197] ? __fget_files+0x206/0x3a0 [ 563.098317][T26197] __sys_sendmsg+0x16e/0x220 [ 563.098353][T26197] ? __pfx___sys_sendmsg+0x10/0x10 [ 563.098387][T26197] ? __x64_sys_futex+0x1e1/0x4c0 [ 563.098441][T26197] do_syscall_64+0xcd/0x250 [ 563.098475][T26197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.098508][T26197] RIP: 0033:0x7f3ed838d169 [ 563.098527][T26197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 563.098550][T26197] RSP: 002b:00007f3ed927c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 563.098572][T26197] RAX: ffffffffffffffda RBX: 00007f3ed85a5fa0 RCX: 00007f3ed838d169 [ 563.098589][T26197] RDX: 0000000004000800 RSI: 00004000000000c0 RDI: 0000000000000003 [ 563.098604][T26197] RBP: 00007f3ed840e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 563.098618][T26197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.098632][T26197] R13: 0000000000000000 R14: 00007f3ed85a5fa0 R15: 00007ffdc197ed28 [ 563.098668][T26197] [ 563.646061][T26203] openvswitch: netlink: IPv4 tunnel dst address is zero [ 563.923842][T26218] openvswitch: netlink: Multiple metadata blocks provided [ 564.015553][T26222] nbd: must specify an index to disconnect [ 564.774253][T26258] openvswitch: netlink: Key type 29 is not supported [ 566.676964][T26336] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 566.984742][T26351] netlink: 'syz.0.9313': attribute type 11 has an invalid length. [ 566.993248][T26351] netlink: 'syz.0.9313': attribute type 11 has an invalid length. [ 567.001740][T26351] netlink: 'syz.0.9313': attribute type 11 has an invalid length. [ 567.010286][T26351] netlink: 'syz.0.9313': attribute type 11 has an invalid length. [ 568.155497][T26389] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 568.466598][T26400] openvswitch: netlink: ct_state flags 02001eac unsupported [ 569.099133][T26425] program syz.0.9348 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 570.121292][T26458] netlink: Unknown conntrack attr (type=146, max=9) [ 570.598972][T26472] netlink: 'syz.3.9368': attribute type 4 has an invalid length. [ 570.812925][T26479] sctp: [Deprecated]: syz.0.9370 (pid 26479) Use of int in maxseg socket option. [ 570.812925][T26479] Use struct sctp_assoc_value instead [ 572.610505][T26522] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 573.964334][T26586] syz_tun: tun_chr_ioctl cmd 1074025681 [ 574.298802][T26598] syz_tun: tun_chr_ioctl cmd 1074812117 [ 574.492015][T26603] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 574.521470][T26603] CPU: 0 UID: 0 PID: 26603 Comm: syz.3.9430 Tainted: G U 6.14.0-rc5-syzkaller-00234-gb7c90e3e717a #0 [ 574.521509][T26603] Tainted: [U]=USER [ 574.521518][T26603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 574.521531][T26603] Call Trace: [ 574.521538][T26603] [ 574.521547][T26603] dump_stack_lvl+0x16c/0x1f0 [ 574.521588][T26603] sysfs_warn_dup+0x7f/0xa0 [ 574.521620][T26603] sysfs_do_create_link_sd+0x124/0x140 [ 574.521653][T26603] sysfs_create_link+0x61/0xc0 [ 574.521683][T26603] device_add+0x62e/0x1a70 [ 574.521719][T26603] ? __pfx_device_add+0x10/0x10 [ 574.521749][T26603] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 574.521788][T26603] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 574.521827][T26603] wiphy_register+0x1cab/0x2860 [ 574.521859][T26603] ? __pfx__dev_printk+0x10/0x10 [ 574.521892][T26603] ? __pfx_wiphy_register+0x10/0x10 [ 574.521938][T26603] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 574.521975][T26603] ieee80211_register_hw+0x2455/0x4060 [ 574.522023][T26603] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 574.522054][T26603] ? net_generic+0xea/0x2a0 [ 574.522086][T26603] ? lockdep_init_map_type+0x16d/0x7d0 [ 574.522123][T26603] ? __asan_memset+0x23/0x50 [ 574.522154][T26603] ? __hrtimer_init+0x106/0x2c0 [ 574.522193][T26603] mac80211_hwsim_new_radio+0x304e/0x54e0 [ 574.522327][T26603] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 574.522374][T26603] hwsim_new_radio_nl+0xb42/0x12b0 [ 574.522411][T26603] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 574.522452][T26603] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 574.522490][T26603] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 574.522532][T26603] genl_family_rcv_msg_doit+0x202/0x2f0 [ 574.522567][T26603] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 574.522600][T26603] ? trace_cap_capable+0x1a2/0x210 [ 574.522633][T26603] ? bpf_lsm_capable+0x9/0x10 [ 574.522657][T26603] ? security_capable+0x7e/0x260 [ 574.522683][T26603] ? ns_capable+0xd7/0x110 [ 574.522714][T26603] genl_rcv_msg+0x565/0x800 [ 574.522752][T26603] ? __pfx_genl_rcv_msg+0x10/0x10 [ 574.522787][T26603] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 574.522829][T26603] netlink_rcv_skb+0x16b/0x440 [ 574.522865][T26603] ? __pfx_genl_rcv_msg+0x10/0x10 [ 574.522902][T26603] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 574.522953][T26603] ? down_read+0xc9/0x330 [ 574.522985][T26603] ? __pfx_down_read+0x10/0x10 [ 574.523017][T26603] ? netlink_deliver_tap+0x1ae/0xd30 [ 574.523053][T26603] genl_rcv+0x28/0x40 [ 574.523089][T26603] netlink_unicast+0x53c/0x7f0 [ 574.523124][T26603] ? __pfx_netlink_unicast+0x10/0x10 [ 574.523155][T26603] ? __phys_addr_symbol+0x30/0x80 [ 574.523190][T26603] ? __check_object_size+0x488/0x710 [ 574.523220][T26603] netlink_sendmsg+0x8b8/0xd70 [ 574.523258][T26603] ? __pfx_netlink_sendmsg+0x10/0x10 [ 574.523305][T26603] ____sys_sendmsg+0xaaf/0xc90 [ 574.523333][T26603] ? copy_msghdr_from_user+0x10b/0x160 [ 574.523367][T26603] ? __pfx_____sys_sendmsg+0x10/0x10 [ 574.523413][T26603] ___sys_sendmsg+0x135/0x1e0 [ 574.523449][T26603] ? __pfx____sys_sendmsg+0x10/0x10 [ 574.523499][T26603] ? __pfx_lock_release+0x10/0x10 [ 574.523532][T26603] ? trace_lock_acquire+0x14e/0x1f0 [ 574.523570][T26603] ? __fget_files+0x206/0x3a0 [ 574.523611][T26603] __sys_sendmsg+0x16e/0x220 [ 574.523648][T26603] ? __pfx___sys_sendmsg+0x10/0x10 [ 574.523681][T26603] ? __x64_sys_futex+0x1e1/0x4c0 [ 574.523733][T26603] do_syscall_64+0xcd/0x250 [ 574.523769][T26603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.523805][T26603] RIP: 0033:0x7f3ed838d169 [ 574.523828][T26603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.523851][T26603] RSP: 002b:00007f3ed927c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 574.523876][T26603] RAX: ffffffffffffffda RBX: 00007f3ed85a5fa0 RCX: 00007f3ed838d169 [ 574.523892][T26603] RDX: 0000000004000800 RSI: 00004000000000c0 RDI: 0000000000000003 [ 574.523906][T26603] RBP: 00007f3ed840e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 574.523921][T26603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 574.523936][T26603] R13: 0000000000000000 R14: 00007f3ed85a5fa0 R15: 00007ffdc197ed28 [ 574.523972][T26603] [ 575.636316][T26630] tipc: Started in network mode [ 575.658579][T26630] tipc: Node identity ee00, cluster identity 4711 [ 575.665066][T26630] tipc: Node number set to 60928 [ 575.873030][T26640] netlink: 'syz.1.9444': attribute type 2 has an invalid length. [ 575.928713][T26641] delete_channel: no stack [ 576.480087][T26667] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 576.510710][T26667] CPU: 1 UID: 0 PID: 26667 Comm: syz.6.9457 Tainted: G U 6.14.0-rc5-syzkaller-00234-gb7c90e3e717a #0 [ 576.510751][T26667] Tainted: [U]=USER [ 576.510759][T26667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 576.510773][T26667] Call Trace: [ 576.510780][T26667] [ 576.510790][T26667] dump_stack_lvl+0x16c/0x1f0 [ 576.510830][T26667] sysfs_warn_dup+0x7f/0xa0 [ 576.510861][T26667] sysfs_do_create_link_sd+0x124/0x140 [ 576.510896][T26667] sysfs_create_link+0x61/0xc0 [ 576.510926][T26667] device_add+0x62e/0x1a70 [ 576.510963][T26667] ? __pfx_device_add+0x10/0x10 [ 576.510993][T26667] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 576.511043][T26667] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 576.511082][T26667] wiphy_register+0x1cab/0x2860 [ 576.511114][T26667] ? __pfx__dev_printk+0x10/0x10 [ 576.511145][T26667] ? __pfx_wiphy_register+0x10/0x10 [ 576.511187][T26667] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 576.511222][T26667] ieee80211_register_hw+0x2455/0x4060 [ 576.511266][T26667] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 576.511295][T26667] ? net_generic+0xea/0x2a0 [ 576.511324][T26667] ? lockdep_init_map_type+0x16d/0x7d0 [ 576.511358][T26667] ? __asan_memset+0x23/0x50 [ 576.511390][T26667] ? __hrtimer_init+0x106/0x2c0 [ 576.511429][T26667] mac80211_hwsim_new_radio+0x304e/0x54e0 [ 576.511486][T26667] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 576.511532][T26667] hwsim_new_radio_nl+0xb42/0x12b0 [ 576.511570][T26667] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 576.511616][T26667] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 576.511654][T26667] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 576.511701][T26667] genl_family_rcv_msg_doit+0x202/0x2f0 [ 576.511740][T26667] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 576.511776][T26667] ? trace_cap_capable+0x1a2/0x210 [ 576.511813][T26667] ? bpf_lsm_capable+0x9/0x10 [ 576.511836][T26667] ? security_capable+0x7e/0x260 [ 576.511862][T26667] ? ns_capable+0xd7/0x110 [ 576.511898][T26667] genl_rcv_msg+0x565/0x800 [ 576.511943][T26667] ? __pfx_genl_rcv_msg+0x10/0x10 [ 576.511975][T26667] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 576.512026][T26667] netlink_rcv_skb+0x16b/0x440 [ 576.512060][T26667] ? __pfx_genl_rcv_msg+0x10/0x10 [ 576.512097][T26667] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 576.512142][T26667] ? down_read+0xc9/0x330 [ 576.512174][T26667] ? __pfx_down_read+0x10/0x10 [ 576.512209][T26667] ? netlink_deliver_tap+0x1ae/0xd30 [ 576.512247][T26667] genl_rcv+0x28/0x40 [ 576.512278][T26667] netlink_unicast+0x53c/0x7f0 [ 576.512316][T26667] ? __pfx_netlink_unicast+0x10/0x10 [ 576.512350][T26667] ? __phys_addr_symbol+0x30/0x80 [ 576.512375][T26667] ? __check_object_size+0x488/0x710 [ 576.512405][T26667] netlink_sendmsg+0x8b8/0xd70 [ 576.512445][T26667] ? __pfx_netlink_sendmsg+0x10/0x10 [ 576.512492][T26667] ____sys_sendmsg+0xaaf/0xc90 [ 576.512521][T26667] ? copy_msghdr_from_user+0x10b/0x160 [ 576.512555][T26667] ? __pfx_____sys_sendmsg+0x10/0x10 [ 576.512603][T26667] ___sys_sendmsg+0x135/0x1e0 [ 576.512640][T26667] ? __pfx____sys_sendmsg+0x10/0x10 [ 576.512691][T26667] ? __pfx_lock_release+0x10/0x10 [ 576.512723][T26667] ? trace_lock_acquire+0x14e/0x1f0 [ 576.512764][T26667] ? __fget_files+0x206/0x3a0 [ 576.512807][T26667] __sys_sendmsg+0x16e/0x220 [ 576.512840][T26667] ? __pfx___sys_sendmsg+0x10/0x10 [ 576.512871][T26667] ? __x64_sys_futex+0x1e1/0x4c0 [ 576.512919][T26667] do_syscall_64+0xcd/0x250 [ 576.512952][T26667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.512982][T26667] RIP: 0033:0x7fcf0c98d169 [ 576.513009][T26667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 576.513033][T26667] RSP: 002b:00007fcf0d79b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 576.513055][T26667] RAX: ffffffffffffffda RBX: 00007fcf0cba5fa0 RCX: 00007fcf0c98d169 [ 576.513070][T26667] RDX: 0000000004000800 RSI: 00004000000000c0 RDI: 0000000000000003 [ 576.513083][T26667] RBP: 00007fcf0ca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 576.513096][T26667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 576.513108][T26667] R13: 0000000000000000 R14: 00007fcf0cba5fa0 R15: 00007ffe6180f218 [ 576.513137][T26667] [ 578.315554][T26724] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 578.807184][T26743] netlink: zone id is out of range [ 578.829491][T26743] netlink: zone id is out of range [ 578.835092][T26743] netlink: zone id is out of range [ 578.862181][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.032458][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.211930][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.463342][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.505335][T26124] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 579.522676][T26124] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 579.547631][T26124] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 579.570511][T26124] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 579.590393][T26124] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 579.600284][T26124] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 580.037091][ T12] bridge_slave_1: left allmulticast mode [ 580.042813][ T12] bridge_slave_1: left promiscuous mode [ 580.087770][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 580.150725][ T12] bridge_slave_0: left allmulticast mode [ 580.160436][ T12] bridge_slave_0: left promiscuous mode [ 580.179867][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 580.964270][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 580.985259][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 580.999654][ T12] bond0 (unregistering): Released all slaves [ 581.159861][ T12] .^: left promiscuous mode [ 581.268694][T26761] chnl_net:caif_netlink_parms(): no params data found [ 581.315952][ T12] nl80211: left promiscuous mode [ 581.428241][ T12] HfR: left promiscuous mode [ 581.628249][ T6190] Bluetooth: hci1: command tx timeout [ 581.787641][T26761] bridge0: port 1(bridge_slave_0) entered blocking state [ 581.794801][T26761] bridge0: port 1(bridge_slave_0) entered disabled state [ 581.830446][T26761] bridge_slave_0: entered allmulticast mode [ 581.848462][T26761] bridge_slave_0: entered promiscuous mode [ 581.861738][T26761] bridge0: port 2(bridge_slave_1) entered blocking state [ 581.878184][T26761] bridge0: port 2(bridge_slave_1) entered disabled state [ 581.905260][T26761] bridge_slave_1: entered allmulticast mode [ 581.921805][T26761] bridge_slave_1: entered promiscuous mode [ 582.168843][T26761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 582.199775][T26761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 582.517638][T26761] team0: Port device team_slave_0 added [ 582.546921][T26761] team0: Port device team_slave_1 added [ 582.783127][T26761] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 582.798325][T26761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 582.836796][T26761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 582.887113][ T12] hsr_slave_0: left promiscuous mode [ 582.893416][ T12] hsr_slave_1: left promiscuous mode [ 582.901241][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 582.910454][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 582.922574][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 582.941928][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 583.001914][ T12] veth1_macvtap: left promiscuous mode [ 583.007529][ T12] veth0_macvtap: left promiscuous mode [ 583.021905][ T12] veth1_vlan: left promiscuous mode [ 583.027294][ T12] veth0_vlan: left promiscuous mode [ 583.374844][T26901] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 583.698543][ T6190] Bluetooth: hci1: command tx timeout [ 584.044556][ T12] team0 (unregistering): Port device team_slave_1 removed [ 584.109289][ T12] team0 (unregistering): Port device team_slave_0 removed [ 584.726612][T26761] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 584.734990][T26761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 584.766725][T26761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 584.975967][T26761] hsr_slave_0: entered promiscuous mode [ 584.988069][T26761] hsr_slave_1: entered promiscuous mode [ 585.021010][T26761] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 585.030900][T26761] Cannot create hsr debugfs directory [ 585.771008][ T6190] Bluetooth: hci1: command tx timeout [ 586.342875][T26761] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 586.378932][T26761] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 586.411789][T26761] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 586.439252][T26761] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 586.654660][T26972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9573'. [ 586.668549][T26761] 8021q: adding VLAN 0 to HW filter on device bond0 [ 586.739514][T26761] 8021q: adding VLAN 0 to HW filter on device team0 [ 586.805018][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 586.812172][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 586.875057][ T1157] bridge0: port 2(bridge_slave_1) entered blocking state [ 586.882211][ T1157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 586.989727][T26761] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 587.059846][T26985] Process accounting resumed [ 587.409651][T26761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 587.549195][T26761] veth0_vlan: entered promiscuous mode [ 587.591992][T26761] veth1_vlan: entered promiscuous mode [ 587.713903][T26761] veth0_macvtap: entered promiscuous mode [ 587.751718][T26761] veth1_macvtap: entered promiscuous mode [ 587.801872][T26761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 587.839851][ T6190] Bluetooth: hci1: command tx timeout [ 587.840143][T26761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 587.877055][T26761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 587.926312][T26761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 587.976213][T26761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 587.997418][T26761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.033522][T26761] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 588.086373][T26761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.125369][T26761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.143501][T26761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.178505][T26761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.220678][T26761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.249757][T26761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.275309][T26761] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 588.333774][T26761] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.370815][T26761] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.411833][T26761] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.424330][T26761] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.732290][ T1107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 588.792833][ T1107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 588.846609][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 588.886769][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 589.479980][T27085] nbd: must specify a size in bytes for the device [ 589.694732][ T6190] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 589.694771][ T6190] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 595.744987][T27376] netlink: 'syz.0.9723': attribute type 1 has an invalid length. [ 596.844212][T27421] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9744'. [ 597.245085][T27441] openvswitch: netlink: IP tunnel dst address not specified [ 598.764871][T27515] CIFS: VFS: Invalid SecurityFlags: [ 599.942041][T27577] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 3000000000 [ 604.157552][T27727] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 604.202261][T27729] cifs: Unknown parameter '' [ 605.025242][T27759] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 606.353487][T27816] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 606.807723][T27845] netlink: zone id is out of range [ 606.839536][T27845] netlink: zone id is out of range [ 606.844718][T27845] netlink: zone id is out of range [ 606.874279][T27845] netlink: zone id is out of range [ 606.888511][T27845] netlink: zone id is out of range [ 606.897584][T27845] netlink: zone id is out of range [ 606.903184][T27845] netlink: zone id is out of range [ 606.928892][T27845] netlink: zone id is out of range [ 607.022513][T27857] netlink: 'syz.6.9948': attribute type 11 has an invalid length. [ 607.798650][T27896] netlink: 'syz.0.9967': attribute type 1 has an invalid length. [ 608.921616][T27955] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ekb/LjDvWiKKX{\x1b'Eo`$8w-~$Ͱ;Aq`%aSlF_p\x0c/6Ƥ!W{zO_OM}${LMʋ߃$ g.%-^Xh&S\x0cB@PWB\x0d\x07uU`ū,/ܬT4}la#m\x099 260 [ 667.785210][ T6190] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 667.800455][ T6190] Bluetooth: hci3: adv larger than maximum supported [ 667.800481][ T6190] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 667.807328][ T6190] Bluetooth: hci3: Unknown advertising packet type: 0x39 [ 667.814458][ T6190] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 667.821531][ T6190] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 667.828951][ T6190] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 667.836228][ T6190] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 668.719204][T30012] block nbd1: Unsupported socket: shutdown callout must be supported. [ 668.841429][T30014] bridge0: port 3(netdevsim2) entered blocking state [ 668.848532][T30014] bridge0: port 3(netdevsim2) entered disabled state [ 668.861262][T30014] netdevsim netdevsim6 netdevsim2: entered allmulticast mode [ 668.882625][T30014] netdevsim netdevsim6 netdevsim2: entered promiscuous mode [ 668.899935][T30014] bridge0: port 3(netdevsim2) entered blocking state [ 668.906905][T30014] bridge0: port 3(netdevsim2) entered forwarding state [ 671.414376][ T6190] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 671.414417][ T6190] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 671.431061][ T6190] Bluetooth: hci0: adv larger than maximum supported [ 672.466437][T30126] tipc: Started in network mode [ 672.501490][T30126] tipc: Node identity ee00, cluster identity 4711 [ 672.507987][T30126] tipc: Node number set to 60928 [ 674.058746][T30179] netlink: 21 bytes leftover after parsing attributes in process `syz.6.10962'. [ 674.156888][T30185] netlink: 338 bytes leftover after parsing attributes in process `syz.3.10964'. [ 674.515460][T30204] bridge0: port 4(bond0) entered blocking state [ 674.531651][T30204] bridge0: port 4(bond0) entered disabled state [ 674.538202][T30204] bond0: entered allmulticast mode [ 674.552112][T30204] bond_slave_0: entered allmulticast mode [ 674.557920][T30204] bond_slave_1: entered allmulticast mode [ 674.584577][T30204] bond0: entered promiscuous mode [ 674.600805][T30204] bond_slave_0: entered promiscuous mode [ 674.627625][T30204] bond_slave_1: entered promiscuous mode [ 674.646551][T30204] bridge0: port 4(bond0) entered blocking state [ 674.653019][T30204] bridge0: port 4(bond0) entered forwarding state [ 676.375306][T30261] netlink: 350 bytes leftover after parsing attributes in process `syz.6.10998'. [ 677.840569][T30272] Process accounting paused [ 680.259193][T30373] syz.0.11045 (30373): /proc/30372/oom_adj is deprecated, please use /proc/30372/oom_score_adj instead. [ 680.652142][T30391] IPVS: length: 150994944 != 2818572296 [ 682.843613][T30468] bridge0: port 5(syz_tun) entered blocking state [ 682.882407][T30468] bridge0: port 5(syz_tun) entered disabled state [ 682.889049][T30468] syz_tun: entered allmulticast mode [ 682.923570][T30468] syz_tun: entered promiscuous mode [ 683.312979][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 683.319358][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 683.920721][T30502] netlink: 206 bytes leftover after parsing attributes in process `syz.6.11096'. [ 686.121479][T30560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11120'. [ 686.176115][T30560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11120'. [ 686.201697][T30563] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11121'. [ 686.728289][T30590] netlink: 93 bytes leftover after parsing attributes in process `syz.6.11134'. [ 688.853440][T30617] kexec: Could not allocate control_code_buffer [ 690.354786][T30720] bridge0: port 6(team0) entered blocking state [ 690.373313][T30720] bridge0: port 6(team0) entered disabled state [ 690.382944][T30720] team0: entered allmulticast mode [ 690.392315][T30720] team_slave_0: entered allmulticast mode [ 690.408126][T30720] team_slave_1: entered allmulticast mode [ 690.415799][T30720] team0: entered promiscuous mode [ 690.426956][T30720] team_slave_0: entered promiscuous mode [ 690.433122][T30720] team_slave_1: entered promiscuous mode [ 690.443795][T30720] bridge0: port 6(team0) entered blocking state [ 690.450286][T30720] bridge0: port 6(team0) entered forwarding state [ 690.592054][T30729] netlink: 'syz.3.11198': attribute type 2 has an invalid length. [ 690.606039][T30729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11198'. [ 693.024664][ T6190] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 693.024704][ T6190] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 693.040435][ T6190] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 693.040503][ T6190] Bluetooth: hci0: Malformed LE Event: 0x0d [ 693.840532][T30868] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 693.847091][T30868] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 694.562603][T30888] netlink: 342 bytes leftover after parsing attributes in process `syz.6.11267'. [ 698.783162][T31026] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 700.178274][T31078] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11347'. [ 700.220906][T31078] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 700.229052][T31078] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 701.480838][T31122] netlink: 346 bytes leftover after parsing attributes in process `syz.1.11368'. [ 704.339779][T31201] sctp: [Deprecated]: syz.6.11402 (pid 31201) Use of struct sctp_assoc_value in delayed_ack socket option. [ 704.339779][T31201] Use struct sctp_sack_info instead [ 704.351455][T31178] kexec: Could not allocate control_code_buffer [ 705.769586][T26124] Bluetooth: hci1: command 0x0406 tx timeout [ 706.702243][T31292] Device name cannot be null; rc = [-22] [ 707.731512][T31299] Process accounting resumed [ 708.487742][T31348] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input36 [ 710.004091][T31420] netlink: 346 bytes leftover after parsing attributes in process `syz.0.11500'. [ 710.936874][T31454] bridge0: port 3(vlan1) entered blocking state [ 710.960326][T31454] bridge0: port 3(vlan1) entered disabled state [ 710.966931][T31454] vlan1: entered allmulticast mode [ 710.992931][T31454] veth0_vlan: entered allmulticast mode [ 710.999745][T31454] vlan1: entered promiscuous mode [ 711.038005][T31454] bridge0: port 3(vlan1) entered blocking state [ 711.044502][T31454] bridge0: port 3(vlan1) entered forwarding state [ 711.195089][T31463] netlink: 'syz.6.11518': attribute type 1 has an invalid length. [ 711.324690][T31472] syz.1.11522 (31472) used obsolete PPPIOCDETACH ioctl [ 713.112254][T31539] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 713.140281][T31539] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 713.244490][T31545] Console: switching to colour VGA+ 80x25 [ 714.258304][T31579] netlink: 32 bytes leftover after parsing attributes in process `syz.6.11569'. [ 716.403444][T31650] bridge0: port 4(hsr_slave_1) entered blocking state [ 716.424001][T31650] bridge0: port 4(hsr_slave_1) entered disabled state [ 716.444642][T31650] hsr_slave_1: entered allmulticast mode [ 716.451795][T31650] hsr_slave_1: left allmulticast mode [ 719.469739][T31751] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 719.530483][T31751] svc: failed to register nfsdv3 RPC service (errno 111). [ 719.549774][T31751] svc: failed to register nfsaclv3 RPC service (errno 111). [ 721.224864][T31808] bridge0: port 3(ipvlan0) entered blocking state [ 721.231615][T31808] bridge0: port 3(ipvlan0) entered disabled state [ 721.259560][T31808] ipvlan0: entered allmulticast mode [ 721.270022][T31808] veth0_vlan: entered allmulticast mode [ 721.300136][T31808] ipvlan0: left allmulticast mode [ 721.319412][T31808] veth0_vlan: left allmulticast mode [ 723.184836][T31801] kexec: Could not allocate control_code_buffer [ 724.192677][T31859] vhci_hcd: invalid port number 117 [ 724.225562][T31859] vhci_hcd: default hub control req: 6367 v6f72 i0075 l0 [ 726.280723][T31931] sctp: [Deprecated]: syz.0.11715 (pid 31931) Use of struct sctp_assoc_value in delayed_ack socket option. [ 726.280723][T31931] Use struct sctp_sack_info instead [ 727.679389][T31973] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 727.708405][T31973] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 728.021642][T31981] netlink: 186 bytes leftover after parsing attributes in process `syz.0.11739'. [ 728.099905][ T6167] Process accounting resumed [ 728.529759][T32000] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11748'. [ 728.721745][T32002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11749'. [ 729.672926][T32021] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11757'. [ 735.344782][T32222] bridge0: port 4(veth0_to_bridge) entered blocking state [ 735.373387][T32222] bridge0: port 4(veth0_to_bridge) entered disabled state [ 735.406882][T32222] veth0_to_bridge: entered allmulticast mode [ 735.426407][T32222] veth0_to_bridge: entered promiscuous mode [ 735.432515][T32222] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 735.515330][T32222] bridge0: port 4(veth0_to_bridge) entered blocking state [ 735.522578][T32222] bridge0: port 4(veth0_to_bridge) entered listening state [ 736.184619][T32246] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11856'. [ 737.458638][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 737.476209][ C1] bridge0: port 4(veth0_to_bridge) entered blocking state [ 738.658527][T32335] netlink: 'syz.0.11896': attribute type 1 has an invalid length. [ 738.962763][T32345] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11900'. [ 740.864004][T32421] netlink: 28 bytes leftover after parsing attributes in process `syz.3.11932'. [ 740.890811][T32421] veth1_macvtap: left promiscuous mode [ 740.906689][T32421] macsec0: entered allmulticast mode [ 741.979397][T32462] Device name cannot be null; rc = [-22] [ 744.467790][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 744.473976][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 744.974256][T32537] netlink: 'syz.3.11976': attribute type 1 has an invalid length. [ 745.015834][T32537] netlink: 'syz.3.11976': attribute type 3 has an invalid length. [ 751.293720][T32711] TCP: TCP_TX_DELAY enabled [ 751.480735][T32718] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12053'. [ 752.044028][T32735] sock: sock_set_timeout: `syz.6.12060' (pid 32735) tries to set negative timeout [ 757.012290][ T427] sctp: [Deprecated]: syz.3.12126 (pid 427) Use of struct sctp_assoc_value in delayed_ack socket option. [ 757.012290][ T427] Use struct sctp_sack_info instead [ 757.259777][ T434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12130'. [ 759.841422][ T508] device-mapper: ioctl: Unable to rename non-existent device, to uuid  [ 762.052678][ T548] netlink: 342 bytes leftover after parsing attributes in process `syz.0.12177'. [ 762.092273][ T548] IPv6: NLM_F_CREATE should be specified when creating new route [ 762.099385][ T548] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 762.106680][ T548] IPv6: NLM_F_CREATE should be set when creating new route [ 762.113283][ T548] IPv6: NLM_F_CREATE should be set when creating new route [ 765.822377][ T596] netlink: 28 bytes leftover after parsing attributes in process `syz.6.12197'. [ 765.872386][ T565] kexec: Could not allocate control_code_buffer [ 766.450783][ T616] lo: entered promiscuous mode [ 766.461416][ T614] lo: left promiscuous mode [ 767.698669][ T30] audit: type=1800 audit(4294967436.562:45): pid=668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.12228" name=22050820 dev="tmpfs" ino=6395 res=0 errno=0 [ 768.259388][ T686] tipc: Trying to set illegal importance in message [ 770.408411][ T748] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12259'. [ 770.795707][ T763] netlink: 338 bytes leftover after parsing attributes in process `syz.3.12266'. [ 772.182407][ T30] audit: type=1804 audit(4294967441.063:46): pid=818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.12291" name="file0" dev="tmpfs" ino=6482 res=1 errno=0 [ 772.223650][ T30] audit: type=1800 audit(4294967441.063:47): pid=818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.12291" name="file0" dev="tmpfs" ino=6482 res=0 errno=0 [ 772.270888][ T30] audit: type=1804 audit(4294967441.063:48): pid=818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.12291" name="file0" dev="tmpfs" ino=6482 res=1 errno=0 [ 772.351633][ T30] audit: type=1800 audit(4294967441.063:49): pid=818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.12291" name="file0" dev="tmpfs" ino=6482 res=0 errno=0 [ 776.777919][ T986] netlink: 346 bytes leftover after parsing attributes in process `syz.0.12350'. [ 780.269341][ T1120] netlink: 294 bytes leftover after parsing attributes in process `syz.6.12401'. [ 781.118018][ T1156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12417'. [ 781.145463][ T1156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12417'. [ 781.823517][ T1182] lo: entered allmulticast mode [ 781.835041][ T1181] lo: left allmulticast mode [ 785.131366][ T1281] Invalid ELF header magic: != ELF [ 785.148193][T26124] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 785.148233][T26124] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 785.162318][T26124] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 785.162394][T26124] Bluetooth: hci1: adv larger than maximum supported [ 785.169317][T26124] Bluetooth: hci1: adv larger than maximum supported [ 785.178108][T26124] Bluetooth: hci1: adv larger than maximum supported [ 785.184574][T26124] Bluetooth: hci1: Malformed LE Event: 0x0d [ 787.210761][ T1333] kexec: Could not allocate control_code_buffer [ 789.445934][ T1423] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12515'. [ 789.808725][ T1439] input: jJG8-69c%vx{(lPQ J86V as /devices/virtual/input/input37 [ 791.839111][T26124] Bluetooth: hci2: unexpected event 0x06 length: 11 > 3 [ 792.822481][ T1531] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12558'. [ 794.309952][ T1572] Invalid ELF header magic: != ELF [ 795.018253][T26124] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 795.018295][T26124] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 795.031837][T26124] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 795.031883][T26124] Bluetooth: hci3: adv larger than maximum supported [ 795.038466][T26124] Bluetooth: hci3: adv larger than maximum supported [ 795.044527][T26124] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 795.051449][T26124] Bluetooth: hci3: Malformed LE Event: 0x0d [ 796.000134][ T1633] delete_channel: no stack [ 796.134595][ T1640] sock: sock_timestamping_bind_phc: sock not bind to device [ 796.150994][ T1636] nbd: socks must be embedded in a SOCK_ITEM attr [ 796.163789][ T1636] block nbd2: shutting down sockets [ 797.442102][ T1685] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12623'. [ 797.903410][ T1704] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12631'. [ 799.920624][ T1731] kexec: Could not allocate control_code_buffer [ 800.597813][ T1770] PM: Enabling pm_trace changes system date and time during resume. [ 800.597813][ T1770] PM: Correct system time has to be restored manually after resume. [ 802.948690][ T1825] netlink: 350 bytes leftover after parsing attributes in process `syz.6.12679'. [ 803.813630][ T1857] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12694'. [ 803.831580][ T1857] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12694'. [ 805.638160][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 805.643973][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 806.986001][ T1925] netlink: 28 bytes leftover after parsing attributes in process `syz.6.12720'. [ 807.865082][ T1954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12731'. [ 809.600533][ T1990] GUP no longer grows the stack in syz.3.12744 (1990): 14000-401000 (4000) [ 809.686110][ T1990] CPU: 1 UID: 0 PID: 1990 Comm: syz.3.12744 Tainted: G U 6.14.0-rc5-syzkaller-00234-gb7c90e3e717a #0 [ 809.686155][ T1990] Tainted: [U]=USER [ 809.686163][ T1990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 809.686178][ T1990] Call Trace: [ 809.686186][ T1990] [ 809.686197][ T1990] dump_stack_lvl+0x16c/0x1f0 [ 809.686238][ T1990] gup_vma_lookup+0x1d2/0x220 [ 809.686273][ T1990] __get_user_pages+0x236/0x36f0 [ 809.686314][ T1990] ? hlock_class+0x4e/0x130 [ 809.686340][ T1990] ? __lock_acquire+0x15a9/0x3c40 [ 809.686374][ T1990] ? __pfx___get_user_pages+0x10/0x10 [ 809.686422][ T1990] __gup_longterm_locked+0x212/0x1870 [ 809.686459][ T1990] ? __pfx___lock_acquire+0x10/0x10 [ 809.686499][ T1990] ? __pfx___gup_longterm_locked+0x10/0x10 [ 809.686536][ T1990] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 809.686570][ T1990] ? rwsem_read_trylock+0x12d/0x250 [ 809.686607][ T1990] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 809.686642][ T1990] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 809.686673][ T1990] pin_user_pages_remote+0xee/0x150 [ 809.686707][ T1990] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 809.686738][ T1990] ? down_read+0xc9/0x330 [ 809.686782][ T1990] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 809.686815][ T1990] ? futex_wait_queue+0x103/0x1f0 [ 809.686855][ T1990] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 809.686919][ T1990] process_vm_rw+0x301/0x360 [ 809.686949][ T1990] ? __pfx_process_vm_rw+0x10/0x10 [ 809.687001][ T1990] ? __pfx_task_mm_cid_work+0x10/0x10 [ 809.687033][ T1990] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 809.687070][ T1990] ? xfd_validate_state+0x5d/0x180 [ 809.687104][ T1990] ? rcu_is_watching+0x12/0xc0 [ 809.687134][ T1990] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 809.687161][ T1990] ? do_syscall_64+0x91/0x250 [ 809.687190][ T1990] ? lockdep_hardirqs_on+0x7c/0x110 [ 809.687221][ T1990] do_syscall_64+0xcd/0x250 [ 809.687254][ T1990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.687286][ T1990] RIP: 0033:0x7f3ed838d169 [ 809.687307][ T1990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 809.687331][ T1990] RSP: 002b:00007f3ed927c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 809.687356][ T1990] RAX: ffffffffffffffda RBX: 00007f3ed85a5fa0 RCX: 00007f3ed838d169 [ 809.687373][ T1990] RDX: 0000000000000004 RSI: 0000400000000040 RDI: 0000000000001a23 [ 809.687387][ T1990] RBP: 00007f3ed840e2a0 R08: 0000000000000003 R09: 0000000000000000 [ 809.687402][ T1990] R10: 00004000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 809.687417][ T1990] R13: 0000000000000000 R14: 00007f3ed85a5fa0 R15: 00007ffdc197ed28 [ 809.687449][ T1990] [ 810.237237][ T2003] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12749'. [ 810.250946][ T2003] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 810.477688][ T2009] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12753'. [ 810.699053][ T2018] netlink: 342 bytes leftover after parsing attributes in process `syz.0.12755'. [ 810.809066][ T2020] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12756'. [ 811.925983][T26124] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11 [ 815.393451][ T2165] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12815'. [ 815.425533][ T2165] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12815'. [ 816.071383][ T2181] ima: policy update failed [ 816.075704][ T30] audit: type=1802 audit(4294967485.170:50): pid=2181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm=20 res=0 errno=0 [ 816.140211][ T2177] nbd2: detected capacity change from 0 to 68719476736 [ 816.165477][ T2123] block nbd2: Send control failed (result -22) [ 816.217127][ T2123] block nbd2: Request send failed, requeueing [ 816.238521][T26124] block nbd2: Receive control failed (result -32) [ 816.301572][ T42] block nbd2: Dead connection, failed to find a fallback [ 816.308522][ T42] block nbd2: shutting down sockets [ 816.313849][ T42] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.323093][ T42] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.334166][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.379589][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.419081][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.484192][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.491393][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.539897][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.569909][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.604800][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.633958][ T2192] netlink: 334 bytes leftover after parsing attributes in process `syz.3.12827'. [ 816.635624][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.671603][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.709221][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.729279][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.747588][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.786677][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.799646][ T2123] ldm_validate_partition_table(): Disk read failed. [ 816.822762][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.842129][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.860256][ T2123] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 816.884256][ T2123] Buffer I/O error on dev nbd2, logical block 0, async page read [ 816.907517][ T2123] Dev nbd2: unable to read RDB block 0 [ 816.920542][ T2123] nbd2: unable to read partition table [ 816.956145][ T2123] ldm_validate_partition_table(): Disk read failed. [ 816.996878][ T2123] Dev nbd2: unable to read RDB block 0 [ 817.012207][ T2123] nbd2: unable to read partition table [ 817.023911][ T2123] [ 817.026050][ T2123] ====================================================== [ 817.032379][ T2123] WARNING: possible circular locking dependency detected [ 817.038707][ T2123] 6.14.0-rc5-syzkaller-00234-gb7c90e3e717a #0 Tainted: G U [ 817.046439][ T2123] ------------------------------------------------------ [ 817.052760][ T2123] udevd/2123 is trying to acquire lock: [ 817.057750][ T2123] ffff8881443fdc88 (&q->q_usage_counter(io)#51){++++}-{0:0}, at: __submit_bio+0x3d1/0x690 [ 817.066706][ T2123] [ 817.066706][ T2123] but task is already holding lock: [ 817.073336][ T2123] ffff888023ba4e40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 817.083077][ T2123] [ 817.083077][ T2123] which lock already depends on the new lock. [ 817.083077][ T2123] [ 817.092441][ T2123] [ 817.092441][ T2123] the existing dependency chain (in reverse order) is: [ 817.100552][ T2123] [ 817.100552][ T2123] -> #7 (mapping.invalidate_lock#2){++++}-{4:4}: [ 817.108232][ T2123] down_read+0x9a/0x330 [ 817.112458][ T2123] filemap_fault+0x1845/0x2ca0 [ 817.117228][ T2123] __do_fault+0x10a/0x490 [ 817.121603][ T2123] do_pte_missing+0xecf/0x3e10 [ 817.126379][ T2123] __handle_mm_fault+0x1166/0x2c60 [ 817.131465][ T2123] handle_mm_fault+0x3fa/0xaa0 [ 817.136236][ T2123] do_user_addr_fault+0x60d/0x13f0 [ 817.141319][ T2123] exc_page_fault+0x5c/0xc0 [ 817.145850][ T2123] asm_exc_page_fault+0x26/0x30 [ 817.150696][ T2123] [ 817.150696][ T2123] -> #6 (&vma->vm_lock->lock){++++}-{4:4}: [ 817.157902][ T2123] down_write+0x93/0x200 [ 817.162208][ T2123] vma_link+0x26d/0x4a0 [ 817.166422][ T2123] insert_vm_struct+0x197/0x3f0 [ 817.171271][ T2123] alloc_bprm+0x76d/0xdd0 [ 817.175651][ T2123] kernel_execve+0xb0/0x3b0 [ 817.180190][ T2123] kernel_init+0x14a/0x2b0 [ 817.184639][ T2123] ret_from_fork+0x45/0x80 [ 817.189095][ T2123] ret_from_fork_asm+0x1a/0x30 [ 817.193864][ T2123] [ 817.193864][ T2123] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 817.200680][ T2123] __might_fault+0x11b/0x190 [ 817.205290][ T2123] _copy_from_iter+0x1c4/0x1560 [ 817.210141][ T2123] tipc_msg_build+0x308/0x1120 [ 817.214910][ T2123] __tipc_sendmsg+0xa2a/0x1990 [ 817.219683][ T2123] __tipc_sendstream+0xe30/0x1190 [ 817.224685][ T2123] tipc_send_packet+0x6c/0xa0 [ 817.229378][ T2123] __sys_sendto+0x488/0x4f0 [ 817.233914][ T2123] __x64_sys_sendto+0xe0/0x1c0 [ 817.238685][ T2123] do_syscall_64+0xcd/0x250 [ 817.243227][ T2123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.249015][ T2123] [ 817.249015][ T2123] -> #4 (sk_lock-AF_TIPC){+.+.}-{0:0}: [ 817.255906][ T2123] lock_sock_nested+0x3a/0xf0 [ 817.260599][ T2123] tipc_shutdown+0x65/0x580 [ 817.265147][ T2123] nbd_mark_nsock_dead+0xae/0x5d0 [ 817.270176][ T2123] sock_shutdown+0x17c/0x280 [ 817.274780][ T2123] nbd_config_put+0x1e6/0x750 [ 817.279465][ T2123] nbd_genl_connect+0x12d5/0x1c00 [ 817.284475][ T2123] genl_family_rcv_msg_doit+0x202/0x2f0 [ 817.289953][ T2123] genl_rcv_msg+0x565/0x800 [ 817.294491][ T2123] netlink_rcv_skb+0x16b/0x440 [ 817.299262][ T2123] genl_rcv+0x28/0x40 [ 817.303348][ T2123] netlink_unicast+0x53c/0x7f0 [ 817.308204][ T2123] netlink_sendmsg+0x8b8/0xd70 [ 817.312978][ T2123] ____sys_sendmsg+0xaaf/0xc90 [ 817.317769][ T2123] ___sys_sendmsg+0x135/0x1e0 [ 817.322463][ T2123] __sys_sendmsg+0x16e/0x220 [ 817.327078][ T2123] do_syscall_64+0xcd/0x250 [ 817.331615][ T2123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.337405][ T2123] [ 817.337405][ T2123] -> #3 (&nsock->tx_lock){+.+.}-{4:4}: [ 817.344296][ T2123] __mutex_lock+0x19b/0xb10 [ 817.348834][ T2123] nbd_queue_rq+0x424/0x1220 [ 817.353443][ T2123] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 817.358942][ T2123] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 817.365116][ T2123] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 817.370978][ T2123] blk_mq_run_hw_queue+0x239/0x670 [ 817.376058][ T2123] blk_mq_flush_plug_list+0x673/0x1c60 [ 817.381529][ T2123] __blk_flush_plug+0x2c5/0x4b0 [ 817.386383][ T2123] __submit_bio+0x547/0x690 [ 817.390914][ T2123] submit_bio_noacct_nocheck+0x698/0xd70 [ 817.396463][ T2123] submit_bio_noacct+0x50d/0x1ec0 [ 817.401471][ T2123] block_read_full_folio+0x812/0xa50 [ 817.406716][ T2123] filemap_read_folio+0xc6/0x2a0 [ 817.411666][ T2123] do_read_cache_folio+0x263/0x5c0 [ 817.416748][ T2123] read_part_sector+0xd4/0x310 [ 817.421529][ T2123] adfspart_check_ICS+0x94/0x940 [ 817.426456][ T2123] bdev_disk_changed+0x71f/0x1520 [ 817.431463][ T2123] blkdev_get_whole+0x187/0x290 [ 817.436309][ T2123] bdev_open+0x2c7/0xe20 [ 817.440605][ T2123] blkdev_open+0x27b/0x3f0 [ 817.445059][ T2123] do_dentry_open+0x735/0x1c40 [ 817.449827][ T2123] vfs_open+0x82/0x3f0 [ 817.453972][ T2123] path_openat+0x1e88/0x2d80 [ 817.458584][ T2123] do_filp_open+0x20c/0x470 [ 817.463128][ T2123] do_sys_openat2+0x17a/0x1e0 [ 817.467828][ T2123] __x64_sys_openat+0x175/0x210 [ 817.472671][ T2123] do_syscall_64+0xcd/0x250 [ 817.477206][ T2123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.483008][ T2123] [ 817.483008][ T2123] -> #2 (&cmd->lock){+.+.}-{4:4}: [ 817.489522][ T2123] __mutex_lock+0x19b/0xb10 [ 817.494057][ T2123] nbd_queue_rq+0xbe/0x1220 [ 817.498588][ T2123] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 817.504074][ T2123] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 817.510261][ T2123] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 817.516121][ T2123] blk_mq_run_hw_queue+0x239/0x670 [ 817.521199][ T2123] blk_mq_flush_plug_list+0x673/0x1c60 [ 817.526591][ T2123] __blk_flush_plug+0x2c5/0x4b0 [ 817.531438][ T2123] __submit_bio+0x547/0x690 [ 817.535967][ T2123] submit_bio_noacct_nocheck+0x698/0xd70 [ 817.541513][ T2123] submit_bio_noacct+0x50d/0x1ec0 [ 817.546511][ T2123] block_read_full_folio+0x812/0xa50 [ 817.551752][ T2123] filemap_read_folio+0xc6/0x2a0 [ 817.556674][ T2123] do_read_cache_folio+0x263/0x5c0 [ 817.561753][ T2123] read_part_sector+0xd4/0x310 [ 817.566523][ T2123] adfspart_check_ICS+0x94/0x940 [ 817.571916][ T2123] bdev_disk_changed+0x71f/0x1520 [ 817.576921][ T2123] blkdev_get_whole+0x187/0x290 [ 817.581759][ T2123] bdev_open+0x2c7/0xe20 [ 817.586057][ T2123] blkdev_open+0x27b/0x3f0 [ 817.590510][ T2123] do_dentry_open+0x735/0x1c40 [ 817.595278][ T2123] vfs_open+0x82/0x3f0 [ 817.599412][ T2123] path_openat+0x1e88/0x2d80 [ 817.604023][ T2123] do_filp_open+0x20c/0x470 [ 817.608555][ T2123] do_sys_openat2+0x17a/0x1e0 [ 817.613240][ T2123] __x64_sys_openat+0x175/0x210 [ 817.618081][ T2123] do_syscall_64+0xcd/0x250 [ 817.622616][ T2123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.628404][ T2123] [ 817.628404][ T2123] -> #1 (set->srcu){.+.+}-{0:0}: [ 817.634836][ T2123] __synchronize_srcu+0xa9/0x2a0 [ 817.639769][ T2123] blk_mq_update_nr_requests+0x288/0x670 [ 817.645318][ T2123] queue_requests_store+0x161/0x210 [ 817.650475][ T2123] queue_attr_store+0x370/0x510 [ 817.655320][ T2123] sysfs_kf_write+0x117/0x170 [ 817.660007][ T2123] kernfs_fop_write_iter+0x33d/0x500 [ 817.665240][ T2123] vfs_write+0x5ae/0x1150 [ 817.669617][ T2123] ksys_write+0x12b/0x250 [ 817.673991][ T2123] do_syscall_64+0xcd/0x250 [ 817.678524][ T2123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.684309][ T2123] [ 817.684309][ T2123] -> #0 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 817.692232][ T2123] __lock_acquire+0x249e/0x3c40 [ 817.697112][ T2123] lock_acquire.part.0+0x11b/0x380 [ 817.702201][ T2123] blk_mq_submit_bio+0x20f5/0x2610 [ 817.707277][ T2123] __submit_bio+0x3d1/0x690 [ 817.711811][ T2123] submit_bio_noacct_nocheck+0x698/0xd70 [ 817.717365][ T2123] submit_bio_noacct+0x50d/0x1ec0 [ 817.722366][ T2123] mpage_readahead+0x41d/0x590 [ 817.727130][ T2123] read_pages+0x1a7/0xc60 [ 817.731504][ T2123] page_cache_ra_unbounded+0x426/0x7d0 [ 817.736895][ T2123] force_page_cache_ra+0x24b/0x340 [ 817.741973][ T2123] page_cache_sync_ra+0x158/0xa30 [ 817.746970][ T2123] filemap_get_pages+0xb62/0x1c30 [ 817.751973][ T2123] filemap_read+0x3c5/0xe70 [ 817.756505][ T2123] blkdev_read_iter+0x187/0x4b0 [ 817.761351][ T2123] vfs_read+0x886/0xbf0 [ 817.765569][ T2123] ksys_read+0x12b/0x250 [ 817.769872][ T2123] do_syscall_64+0xcd/0x250 [ 817.774409][ T2123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.780201][ T2123] [ 817.780201][ T2123] other info that might help us debug this: [ 817.780201][ T2123] [ 817.789413][ T2123] Chain exists of: [ 817.789413][ T2123] &q->q_usage_counter(io)#51 --> &vma->vm_lock->lock --> mapping.invalidate_lock#2 [ 817.789413][ T2123] [ 817.803137][ T2123] Possible unsafe locking scenario: [ 817.803137][ T2123] [ 817.809845][ T2123] CPU0 CPU1 [ 817.814677][ T2123] ---- ---- [ 817.819512][ T2123] rlock(mapping.invalidate_lock#2); [ 817.824439][ T2123] lock(&vma->vm_lock->lock); [ 817.831001][ T2123] lock(mapping.invalidate_lock#2); [ 817.838039][ T2123] rlock(&q->q_usage_counter(io)#51); [ 817.842964][ T2123] [ 817.842964][ T2123] *** DEADLOCK *** [ 817.842964][ T2123] [ 817.850325][ T2123] 1 lock held by udevd/2123: [ 817.854455][ T2123] #0: ffff888023ba4e40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 817.864596][ T2123] [ 817.864596][ T2123] stack backtrace: [ 817.870212][ T2123] CPU: 1 UID: 0 PID: 2123 Comm: udevd Tainted: G U 6.14.0-rc5-syzkaller-00234-gb7c90e3e717a #0 [ 817.870238][ T2123] Tainted: [U]=USER [ 817.870245][ T2123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 817.870255][ T2123] Call Trace: [ 817.870264][ T2123] [ 817.870272][ T2123] dump_stack_lvl+0x116/0x1f0 [ 817.870300][ T2123] print_circular_bug+0x490/0x760 [ 817.870327][ T2123] check_noncircular+0x31a/0x400 [ 817.870351][ T2123] ? __pfx_check_noncircular+0x10/0x10 [ 817.870374][ T2123] ? __kernel_text_address+0xd/0x40 [ 817.870398][ T2123] ? unwind_get_return_address+0x59/0xa0 [ 817.870427][ T2123] ? lockdep_lock+0xc6/0x200 [ 817.870447][ T2123] ? __pfx_lockdep_lock+0x10/0x10 [ 817.870467][ T2123] __lock_acquire+0x249e/0x3c40 [ 817.870496][ T2123] ? __pfx___lock_acquire+0x10/0x10 [ 817.870519][ T2123] ? hlock_class+0x4e/0x130 [ 817.870537][ T2123] ? mark_lock+0xb5/0xc60 [ 817.870558][ T2123] ? mark_lock+0xb5/0xc60 [ 817.870580][ T2123] ? page_cache_ra_unbounded+0x426/0x7d0 [ 817.870601][ T2123] ? page_cache_sync_ra+0x158/0xa30 [ 817.870622][ T2123] lock_acquire.part.0+0x11b/0x380 [ 817.870647][ T2123] ? __submit_bio+0x3d1/0x690 [ 817.870667][ T2123] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 817.870693][ T2123] ? rcu_is_watching+0x12/0xc0 [ 817.870712][ T2123] ? trace_lock_acquire+0x14e/0x1f0 [ 817.870732][ T2123] ? __submit_bio+0x3d1/0x690 [ 817.870751][ T2123] ? lock_acquire+0x2f/0xb0 [ 817.870773][ T2123] ? __submit_bio+0x3d1/0x690 [ 817.870793][ T2123] blk_mq_submit_bio+0x20f5/0x2610 [ 817.870814][ T2123] ? __submit_bio+0x3d1/0x690 [ 817.870834][ T2123] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 817.870861][ T2123] ? mark_lock+0xb5/0xc60 [ 817.870884][ T2123] ? __pfx___lock_acquire+0x10/0x10 [ 817.870908][ T2123] ? __pfx___lock_acquire+0x10/0x10 [ 817.870930][ T2123] ? trace_lock_acquire+0x14e/0x1f0 [ 817.870950][ T2123] ? __pfx_mark_lock+0x10/0x10 [ 817.870976][ T2123] __submit_bio+0x3d1/0x690 [ 817.870996][ T2123] ? __pfx___submit_bio+0x10/0x10 [ 817.871015][ T2123] ? trace_lock_acquire+0x14e/0x1f0 [ 817.871040][ T2123] ? submit_bio_noacct_nocheck+0x698/0xd70 [ 817.871061][ T2123] submit_bio_noacct_nocheck+0x698/0xd70 [ 817.871082][ T2123] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 817.871105][ T2123] ? __pfx___might_resched+0x10/0x10 [ 817.871135][ T2123] submit_bio_noacct+0x50d/0x1ec0 [ 817.871158][ T2123] mpage_readahead+0x41d/0x590 [ 817.871183][ T2123] ? __pfx_mpage_readahead+0x10/0x10 [ 817.871207][ T2123] ? __pfx_blkdev_get_block+0x10/0x10 [ 817.871231][ T2123] ? __folio_batch_add_and_move+0x5f3/0xc60 [ 817.871255][ T2123] ? __pfx_lock_release+0x10/0x10 [ 817.871282][ T2123] ? trace_lock_acquire+0x14e/0x1f0 [ 817.871302][ T2123] ? __pfx_blkdev_readahead+0x10/0x10 [ 817.871325][ T2123] read_pages+0x1a7/0xc60 [ 817.871342][ T2123] ? __folio_batch_add_and_move+0x689/0xc60 [ 817.871369][ T2123] ? __pfx_read_pages+0x10/0x10 [ 817.871393][ T2123] page_cache_ra_unbounded+0x426/0x7d0 [ 817.871417][ T2123] force_page_cache_ra+0x24b/0x340 [ 817.871439][ T2123] page_cache_sync_ra+0x158/0xa30 [ 817.871459][ T2123] ? __lock_acquire+0xcc5/0x3c40 [ 817.871484][ T2123] filemap_get_pages+0xb62/0x1c30 [ 817.871511][ T2123] ? __pfx_filemap_get_pages+0x10/0x10 [ 817.871536][ T2123] ? __pfx___might_resched+0x10/0x10 [ 817.871564][ T2123] filemap_read+0x3c5/0xe70 [ 817.871587][ T2123] ? trace_lock_acquire+0x14e/0x1f0 [ 817.871611][ T2123] ? __pfx_filemap_read+0x10/0x10 [ 817.871643][ T2123] ? apparmor_file_permission+0x251/0x400 [ 817.871665][ T2123] blkdev_read_iter+0x187/0x4b0 [ 817.871689][ T2123] vfs_read+0x886/0xbf0 [ 817.871714][ T2123] ? __pfx_vfs_read+0x10/0x10 [ 817.871737][ T2123] ? blkdev_llseek+0x9b/0xd0 [ 817.871759][ T2123] ? __pfx_lock_release+0x10/0x10 [ 817.871784][ T2123] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 817.871813][ T2123] ksys_read+0x12b/0x250 [ 817.871836][ T2123] ? __pfx_ksys_read+0x10/0x10 [ 817.871866][ T2123] do_syscall_64+0xcd/0x250 [ 817.871892][ T2123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.871917][ T2123] RIP: 0033:0x7f36b2b16b6a [ 817.871932][ T2123] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 817.871950][ T2123] RSP: 002b:00007ffc59ac3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 817.871967][ T2123] RAX: ffffffffffffffda RBX: 00001fffffff0000 RCX: 00007f36b2b16b6a [ 817.871980][ T2123] RDX: 0000000000000040 RSI: 000055b63d8003a8 RDI: 0000000000000009 [ 817.871991][ T2123] RBP: 0000000000000040 R08: 000055b63d800380 R09: 00007f36b2bf1b60 [ 817.872003][ T2123] R10: 0000000000000007 R11: 0000000000000246 R12: 000055b63d800380 [ 817.872014][ T2123] R13: 000055b63d800398 R14: 000055b63d7f8318 R15: 000055b63d7f82c0 [ 817.872031][ T2123]