last executing test programs: 14m3.152573658s ago: executing program 32 (id=1596): futex$auto(0x0, 0x10b, 0x0, 0x0, 0x0, 0x1) 12m25.250171286s ago: executing program 33 (id=3707): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) 11m34.429993202s ago: executing program 34 (id=4779): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.1/usb2/idProduct\x00', 0x20100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)=""/4096, 0x1000) 8m57.165160072s ago: executing program 5 (id=8315): socket(0x1d, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) 8m57.015034211s ago: executing program 5 (id=8319): r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000005480)='/dev/snd/pcmC1D1p\x00', 0x62080, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_SW_PARAMS(r0, 0xc0884113, 0x0) 8m56.883964377s ago: executing program 5 (id=8322): openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x82042, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 8m56.191382789s ago: executing program 5 (id=8332): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/ipvlan1/retrans_time\x00', 0x242, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) 8m56.019786595s ago: executing program 5 (id=8335): tkill$auto(0x1, 0x7) keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79) 8m55.546461686s ago: executing program 5 (id=8344): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='>', 0x1) 8m55.288575717s ago: executing program 35 (id=8344): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='>', 0x1) 5m44.675054589s ago: executing program 3 (id=11707): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000) 5m44.410544668s ago: executing program 3 (id=11712): mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sched_setaffinity$auto(0x0, 0x1, 0x0) 5m44.270277983s ago: executing program 3 (id=11715): mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) getcwd$auto(0x0, 0xffffffffffffffff) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000240)={0x8040, 0x28, 0x10}, 0x18) 5m44.091075223s ago: executing program 3 (id=11718): socket(0x10, 0x2, 0x0) socket(0x2, 0x2, 0x88) setsockopt$auto(0x4, 0x88, 0x6e2, &(0x7f0000000200)='!/+:Y\x83\xde\xf6\xc5\x95\xf7yS\xb0q\xd0\xe76\x13f\'\x00\xf6c\x06\xfbnH%A\xc2\xefL\xfd\x01J\xc4\xc9\b\x00\x96G\xbf\x11o\xf9\xect?\x9bFp\x1dR\xaa_\b\x00#[\x1d\xb2N\xc2b\xbb\xc9\x9cH:\xcb\xc8}E\xc5p\xf3\x0f\xdao-\x18u\x1a\xdf\xe5D\x9c\xa3\x17\x06\xae8[\xb9P\xa0\x18I\xf7\xbf\xa7\xe5\xff\xbf\x94r\x99\x11\x8d\xb8\xd5\xcf\xc5(\x16b\xde\xaf\xd0\a\xb5\xf38\xa8\x03\xb1$s\x89\x8dp\x87\x97\xc7\x1a\xef\x86\xa8\x86\x894\x8b\xf2~W\xe9J6\x7fM\xf5\xc1 \xd7\xa1\xf8\xae\x10\xc6D\xb1\xd0i\x06%\x01J,h\x1a\xf7\xd7\n\"\x82\x8a\x00\x8e\xfa\xe7\xd6#o\xfc\nj\xa7b\xfd\x96\xb4?O\xeb\x00\x00\x00\x00', 0x6) 5m43.913379486s ago: executing program 3 (id=11722): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 5m43.330406605s ago: executing program 3 (id=11731): ioperm$auto(0x7, 0x6, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) truncate$auto(&(0x7f00000000c0)='./file0\x00', 0x0) 5m43.009726609s ago: executing program 36 (id=11731): ioperm$auto(0x7, 0x6, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) truncate$auto(&(0x7f00000000c0)='./file0\x00', 0x0) 5m10.268012309s ago: executing program 8 (id=12219): bpf$auto(0x400, &(0x7f0000000000)=@bpf_attr_3={0xfffffc01, 0x2, 0x6, 0x5, 0x1fe, 0x2, 0x1, 0x4, 0x4007, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x4, 0x89, 0xb03, 0xfffffffffffffffd, 0x3ff, 0x7, @attach_prog_fd, 0x40, 0xe, 0x57d, 0x1ff, 0x9}, 0xa3) r0 = socket(0x11, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000040), 0x5e8}, 0x2, &(0x7f0000000140), 0x7, 0x1000}, 0x5}, 0x2, 0x101) 5m9.973036614s ago: executing program 8 (id=12226): r0 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000000000)={r0, 0x9, 0x6f85}, 0xfffe0000, 0x2) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r0) sendmsg$auto_NFSD_CMD_VERSION_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c40)={0x24, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x10, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x2}, @NFSD_A_VERSION_ENABLED={0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) 5m9.824826242s ago: executing program 8 (id=12228): mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r0, 0x0, 0x18) 5m9.514499912s ago: executing program 8 (id=12232): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) write$auto(0x3, 0x0, 0xfdf3) write$auto(r0, 0x0, 0x8587) 5m9.232546945s ago: executing program 8 (id=12234): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 5m8.47325942s ago: executing program 8 (id=12239): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000200)={0x38, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}, @NET_SHAPER_A_PARENT={0xc, 0x9, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x10) 5m8.125096572s ago: executing program 37 (id=12239): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000200)={0x38, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}, @NET_SHAPER_A_PARENT={0xc, 0x9, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x10) 4m58.997272317s ago: executing program 7 (id=12297): mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x80000, 0x0) open(0x0, 0x4140, 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x6) 4m58.704843801s ago: executing program 7 (id=12300): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001280)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_INDEX={0x8, 0x1, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 4m58.501651898s ago: executing program 7 (id=12303): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(r0, 0x0, 0x2, 0x0) 4m57.940517848s ago: executing program 7 (id=12310): openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) write$auto(0x3, 0x0, 0xfdef) 4m57.750109279s ago: executing program 7 (id=12314): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 4m56.69218113s ago: executing program 7 (id=12331): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) read$auto(0x3, 0x0, 0x80) 4m56.320567135s ago: executing program 38 (id=12331): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) read$auto(0x3, 0x0, 0x80) 4m24.625281751s ago: executing program 6 (id=12585): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0xfbe8, 0x5f626901) setuid$auto(0x800000000008) mlock$auto(0x5f9a, 0x8) 4m24.378403586s ago: executing program 6 (id=12587): sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x0, 0xb3eaee9e9ed11725, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x41000}, 0x64810) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth0\x00', 0x0}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20004994}, 0x4000884) 4m24.110763735s ago: executing program 6 (id=12590): mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x1d, 0x2, 0x6) getsockopt$auto(r0, 0x6a, 0x1, 0x0, 0x0) 4m23.798909734s ago: executing program 6 (id=12592): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0xf, 0x0, &(0x7f0000000080)=0x9b) 4m23.583547899s ago: executing program 6 (id=12593): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) tkill$auto(0x80000000000001, 0x7) 4m23.082317064s ago: executing program 6 (id=12596): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) write$auto(r0, 0x0, 0x45c) 4m22.623607607s ago: executing program 39 (id=12596): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) write$auto(r0, 0x0, 0x45c) 1m8.166899157s ago: executing program 0 (id=14766): ioperm$auto(0x8, 0x6, 0x2) mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x6, 0x8000) setrlimit$auto(0x1000000007, 0x0) mmap$auto(0x0, 0x4, 0x100000003, 0x40eb1, 0x401, 0x300000000000) memfd_secret$auto(0x0) 1m7.928828768s ago: executing program 0 (id=14769): openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) 1m7.707111419s ago: executing program 0 (id=14773): r0 = socket(0x2, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20008001}, 0x4000030) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x2, 0x2}, 0x7}, 0x3, 0x0) 1m7.544169781s ago: executing program 0 (id=14775): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) memfd_create$auto(0x0, 0x9) timer_create$auto(0x3, 0x0, 0x0) timer_settime$auto(0x0, 0xd80, &(0x7f0000000040)={{0x40000000000026b, 0x4}, {0x0, 0x83}}, 0x0) timer_gettime$auto(0x0, 0x0) 1m7.17674988s ago: executing program 0 (id=14779): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) tkill$auto(0x1, 0x7) 1m6.496138651s ago: executing program 0 (id=14785): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x5, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 1m6.109189256s ago: executing program 40 (id=14785): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x5, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 4.207859453s ago: executing program 4 (id=15302): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/ipvlan1/retrans_time\x00', 0x242, 0x0) setgroups$auto(0xc00000000, 0xfffffffffffffffc) setresgid$auto(0x81, 0x800000a0, 0x8) setresuid$auto(0x2, 0x7, 0x0) sendfile$auto(r0, r0, 0x0, 0x49) 3.67683413s ago: executing program 4 (id=15305): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x40000002c55, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) setsockopt$auto(r0, 0x10000000084, 0x7f, 0x0, 0xad4) 3.518152967s ago: executing program 1 (id=15308): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) setsockopt$auto(0x3, 0x10f, 0x7f, 0x0, 0x14) 3.323852592s ago: executing program 4 (id=15311): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x2, 0x8, 0xc, 0xe3, 0x4000000002, 0x3}, 0x6f4) bpf$auto(0x100000001, 0x0, 0x0) 3.129746646s ago: executing program 1 (id=15313): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/orangefs/getattr_timeout_msecs\x00', 0x8a82b6a56f18970a, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) write$auto(0x3, 0x0, 0xfffffdef) 3.040634459s ago: executing program 4 (id=15314): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x1c1080, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000010c0)=""/4096, 0x1000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 2.237615044s ago: executing program 1 (id=15316): ioperm$auto(0x800, 0x5, 0xd) r0 = socket(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="fc000000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2505000000e6000400110008002e00", @ANYRES16, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4100f7b4a8132d759892f424887b55fbcf38553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43341a1e670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100045800c00c50003000000000000001800368014006c800800150002020000050018005d0000000000d0cb580b273180"], 0xfc}, 0x1, 0x0, 0x0, 0x400d0}, 0x50) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r0) 2.233603471s ago: executing program 4 (id=15317): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x8, 0x8243, 0x0, 0x0, 0x4) getsockopt$auto(0x3, 0x200000000001, 0x3b, 0x0, 0x0) 1.608421867s ago: executing program 2 (id=15322): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x50bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x200000000006}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 1.597925878s ago: executing program 9 (id=15323): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) getpgid(0x0) 1.586056981s ago: executing program 4 (id=15324): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/numa_maps\x00', 0x121240, 0x0) read$auto_proc_pid_numa_maps_operations_internal(r0, &(0x7f0000000040)=""/4096, 0x1000) 1.305115424s ago: executing program 2 (id=15325): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) sysfs$auto(0x2, 0x14, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 1.091051902s ago: executing program 9 (id=15326): pselect6$auto(0x4, 0x0, &(0x7f0000000180)={[0x2, 0x9, 0x2da0000, 0xff, 0x1000101, 0x1c00000, 0xa1, 0x4, 0xfffffffffffffffe, 0x8, 0x4, 0x9, 0x1, 0x0, 0xe, 0x80000001]}, 0x0, 0x0, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 1.084530404s ago: executing program 1 (id=15327): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) mlock2$auto(0x1, 0x8001, 0x0) 1.038647887s ago: executing program 2 (id=15328): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000004c0)={'batadv_slave_1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r2, &(0x7f0000007500)={0x0, 0x0, &(0x7f00000074c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01"], 0x2c}, 0x1, 0x0, 0x0, 0xc0c1}, 0x80) write$auto(r2, &(0x7f0000000040)='+\x00', 0x3ff) 837.296164ms ago: executing program 9 (id=15329): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0xb, 0xa000001c, 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) 730.187662ms ago: executing program 2 (id=15330): select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x1, 0xd, 0x250, 0x100000001, 0x3, 0x2017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000001]}, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000180), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 582.740835ms ago: executing program 9 (id=15331): madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x10000, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) pipe2$auto(0x0, 0x80) ioctl$auto(0x1, 0x5761, 0x0) 535.139497ms ago: executing program 2 (id=15332): close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x0}, 0x55) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 417.724523ms ago: executing program 1 (id=15333): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0) r1 = socket(0x10, 0x2, 0xf) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r0, 0x9, r1}, 0x210) bpf$auto(0x1, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x5c, 0x4, 0x9, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x2, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_prog_fd, 0x7e, 0x4, 0x1, 0x5, 0x3}, 0x5) 369.527525ms ago: executing program 9 (id=15334): r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0xffe0}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) ioctl$auto(0x3, 0x80000541b, 0x38) 305.132056ms ago: executing program 2 (id=15335): socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getpeername$auto(0x3, 0x0, 0x0) 148.638852ms ago: executing program 9 (id=15336): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) mmap$auto(0x0, 0x402000b, 0x6, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r0, 0x0, 0x1) write$auto(0x3, 0x0, 0xfdef) 0s ago: executing program 1 (id=15337): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendto$auto(0x3, 0x0, 0xfdef, 0xf950, 0x0, 0x1d) kernel console output (not intermixed with test programs): preconfigured BSSID 50:50:50:50:50:50 [ 83.993976][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.017562][ T6339] Bluetooth: hci0: command tx timeout [ 84.023093][ T6253] Bluetooth: hci2: command tx timeout [ 84.040151][ T6332] veth1_vlan: entered promiscuous mode [ 84.055264][ T6328] veth0_macvtap: entered promiscuous mode [ 84.065417][ T5036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.074780][ T6328] veth1_macvtap: entered promiscuous mode [ 84.087815][ T5036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.132119][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.159320][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.186713][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.203860][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.214918][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.230830][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.242811][ T6328] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.276898][ T6332] veth0_macvtap: entered promiscuous mode [ 84.294013][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.295346][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.312649][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.329617][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.351071][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.363913][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.378424][ T6328] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.396933][ T6332] veth1_macvtap: entered promiscuous mode [ 84.430396][ T6328] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.465732][ T6328] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.474573][ T6328] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.525606][ T6328] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.587497][ T6332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.604438][ T6332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.615317][ T6332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.626553][ T6332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.638140][ T6332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.660476][ T6332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.676875][ T6332] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.707693][ T6332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.745873][ T6332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.776341][ T6332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.791877][ T6332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.802626][ T6332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.824578][ T6332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.857802][ T6332] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.968473][ T6332] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.005780][ T6332] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.014530][ T6332] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.028959][ T6332] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.132869][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.182869][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.187140][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.209242][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.316828][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.324704][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.347379][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.355343][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.842646][ T29] audit: type=1326 audit(1739485120.057:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.382" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efc9c78cde9 code=0x0 [ 86.006102][ T6339] Bluetooth: hci1: command tx timeout [ 86.012231][ T6253] Bluetooth: hci3: command tx timeout [ 86.087417][ T6253] Bluetooth: hci2: command tx timeout [ 86.092991][ T6339] Bluetooth: hci0: command tx timeout [ 90.267063][ T6696] syz.1.470(6696): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 94.313288][ T6865] delete_channel: no stack [ 98.577975][ T29] audit: type=1800 audit(1739485132.797:3): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.658" name="features" dev="configfs" ino=11588 res=0 errno=0 [ 99.157922][ T6253] Bluetooth: hci2: unexpected event 0x03 length: 725 > 11 [ 102.244889][ T29] audit: type=1800 audit(1739487184.471:4): pid=7264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.753" name="members" dev="configfs" ino=11879 res=0 errno=0 [ 103.060041][ T6253] Bluetooth: hci1: unexpected event 0x03 length: 725 > 11 [ 103.396449][ T29] audit: type=1800 audit(1739487185.627:5): pid=7325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.783" name="version" dev="configfs" ino=12936 res=0 errno=0 [ 103.599210][ T6253] Bluetooth: hci0: unexpected event 0x03 length: 725 > 11 [ 105.797269][ T29] audit: type=1326 audit(1739487188.039:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7428 comm="syz.3.831" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0dfb78cde9 code=0x0 [ 117.000511][ T7876] syz_tun: tun_chr_ioctl cmd 1074025675 [ 117.006132][ T7876] syz_tun: persist disabled [ 126.136946][ T8287] syz_tun: tun_chr_ioctl cmd 1074025678 [ 126.166023][ T8287] syz_tun: group set to 23693 [ 127.848376][ T8382] can: request_module (can-proto-5) failed. [ 128.648145][ T8427] nfs: Bad value for 'source' [ 129.606807][ T6253] Bluetooth: hci1: unexpected event 0x23 length: 127 > 13 [ 132.746286][ T29] audit: type=1800 audit(1739488238.126:7): pid=8636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1428" name="trace_pipe" dev="tracefs" ino=187 res=0 errno=0 [ 132.963575][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.975202][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.033068][ T29] audit: type=1800 audit(1739488238.417:8): pid=8649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1435" name="discovery_nqn" dev="configfs" ino=16062 res=0 errno=0 [ 133.311734][ T8661] ima: policy update failed [ 133.334901][ T29] audit: type=1802 audit(1739488238.719:9): pid=8661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1441" res=0 errno=0 [ 133.490484][ T6253] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 133.490521][ T6253] Bluetooth: hci1: unexpected subevent 0x06 length: 725 > 10 [ 135.516977][ T6253] Bluetooth: hci1: command tx timeout [ 138.760736][ T8919] Process accounting resumed [ 138.793404][ T8919] kernel write not supported for file vkms/crtc-0/crc/data (pid: 8919 comm: syz.0.1570) [ 138.981532][ T8926] kernel write not supported for file vkms/crtc-0/crc/data (pid: 8926 comm: syz.0.1574) [ 139.207899][ T8935] kernel write not supported for file vkms/crtc-0/crc/data (pid: 8935 comm: syz.0.1578) [ 139.386067][ T8943] kernel write not supported for file vkms/crtc-0/crc/data (pid: 8943 comm: syz.0.1582) [ 139.420573][ T8947] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 139.636864][ T6329] kernel write not supported for file vkms/crtc-0/crc/data (pid: 6329 comm: syz-executor) [ 139.690079][ T8950] kernel write not supported for file vkms/crtc-0/crc/data (pid: 8950 comm: syz.0.1586) [ 139.727175][ T8950] kernel write not supported for file vkms/crtc-0/crc/data (pid: 8950 comm: syz.0.1586) [ 140.173534][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.245767][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.384422][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.482959][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.592222][ T6339] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 140.600697][ T6339] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 140.611247][ T6339] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 140.619117][ T12] bridge_slave_1: left allmulticast mode [ 140.625278][ T6339] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 140.634148][ T6339] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 140.635327][ T12] bridge_slave_1: left promiscuous mode [ 140.647187][ T6339] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 140.651062][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.680101][ T12] bridge_slave_0: left allmulticast mode [ 140.689624][ T12] bridge_slave_0: left promiscuous mode [ 140.695725][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.930999][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 140.941738][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 140.952061][ T12] bond0 (unregistering): Released all slaves [ 141.239151][ T8979] chnl_net:caif_netlink_parms(): no params data found [ 141.327598][ T12] hsr_slave_0: left promiscuous mode [ 141.339084][ T12] hsr_slave_1: left promiscuous mode [ 141.348173][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.356029][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.364315][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.372215][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.400130][ T12] veth1_macvtap: left promiscuous mode [ 141.405903][ T12] veth0_macvtap: left promiscuous mode [ 141.411594][ T12] veth1_vlan: left promiscuous mode [ 141.416868][ T12] veth0_vlan: left promiscuous mode [ 141.728746][ T12] team0 (unregistering): Port device team_slave_1 removed [ 141.763410][ T12] team0 (unregistering): Port device team_slave_0 removed [ 142.091185][ T8979] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.105336][ T8979] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.113230][ T8979] bridge_slave_0: entered allmulticast mode [ 142.122032][ T8979] bridge_slave_0: entered promiscuous mode [ 142.131999][ T8979] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.139660][ T8979] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.146875][ T8979] bridge_slave_1: entered allmulticast mode [ 142.153787][ T8979] bridge_slave_1: entered promiscuous mode [ 142.194795][ T8979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 142.206737][ T8979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 142.263491][ T8979] team0: Port device team_slave_0 added [ 142.285894][ T8979] team0: Port device team_slave_1 added [ 142.348224][ T8979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 142.355229][ T8979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.383195][ T8979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 142.397859][ T8979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 142.405074][ T8979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.440031][ T8979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 142.528346][ T8979] hsr_slave_0: entered promiscuous mode [ 142.534728][ T8979] hsr_slave_1: entered promiscuous mode [ 142.541279][ T8979] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 142.550503][ T8979] Cannot create hsr debugfs directory [ 142.674945][ T6253] Bluetooth: hci1: command tx timeout [ 142.732085][ T8979] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 142.742847][ T8979] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 142.752625][ T8979] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 142.762458][ T8979] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 142.786532][ T8979] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.793972][ T8979] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.858743][ T8979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.878269][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.902549][ T8979] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.928373][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.935571][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.957296][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.964512][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.186028][ T8979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.559952][ T8979] veth0_vlan: entered promiscuous mode [ 143.583120][ T8979] veth1_vlan: entered promiscuous mode [ 143.623035][ T8979] veth0_macvtap: entered promiscuous mode [ 143.642495][ T8979] veth1_macvtap: entered promiscuous mode [ 143.685836][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.708485][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.730231][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.749827][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.769712][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.786278][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.812286][ T8979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 143.832087][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.863479][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.874315][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.885106][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.895560][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.906693][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.917996][ T8979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 143.956232][ T8979] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.968539][ T8979] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.977810][ T8979] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.992541][ T8979] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.093562][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.112906][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.146800][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.161645][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.745449][ T6253] Bluetooth: hci1: command tx timeout [ 146.815518][ T6253] Bluetooth: hci1: command tx timeout [ 147.143538][ T9207] futex_wake_op: syz.1.1654 tries to shift op by 64; fix this program [ 148.633418][ T9274] syz_tun: tun_chr_ioctl cmd 1074812118 [ 148.887427][ T6253] Bluetooth: hci1: command tx timeout [ 149.031898][ T9234] kexec: Could not allocate control_code_buffer [ 149.838477][ T9321] Process accounting resumed [ 149.979260][ T9338] syz_tun: tun_chr_ioctl cmd 1074025692 [ 150.459743][ T9363] ptrace attach of "./syz-executor exec"[6336] was attempted by "./syz-executor exec"[9363] [ 150.717495][ T9377] random: crng reseeded on system resumption [ 156.538991][ T29] audit: type=1800 audit(1739488274.016:10): pid=9661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1859" name="dummy_udc" dev="gadgetfs" ino=9184 res=0 errno=0 [ 158.837466][ T9782] syz.2.1917 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 159.026445][ T6253] Bluetooth: hci0: unexpected event 0x35 length: 13 > 6 [ 162.982300][ T6253] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14 [ 163.929065][ T29] audit: type=1800 audit(1739488281.455:11): pid=10062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2019" name="trace_pipe" dev="tracefs" ino=145 res=0 errno=0 [ 164.160215][T10072] ======================================================= [ 164.160215][T10072] WARNING: The mand mount option has been deprecated and [ 164.160215][T10072] and is ignored by this kernel. Remove the mand [ 164.160215][T10072] option from the mount to silence this warning. [ 164.160215][T10072] ======================================================= [ 165.828985][T10168] Unable to find swap-space signature [ 166.252858][T10191] capability: warning: `syz.2.2064' uses 32-bit capabilities (legacy support in use) [ 167.064844][T10235] ptrace attach of "./syz-executor exec"[8979] was attempted by "./syz-executor exec"[10235] [ 167.191601][T10238] Process accounting resumed [ 167.362459][T10252] syz_tun: tun_chr_ioctl cmd 1074025688 [ 167.851768][T10274] Process accounting resumed [ 168.403245][T10303] Process accounting resumed [ 170.182093][T10360] random: crng reseeded on system resumption [ 170.755688][T10376] capability: warning: `syz.4.2156' uses deprecated v2 capabilities in a way that may be insecure [ 170.757415][T10311] kexec: Could not allocate control_code_buffer [ 171.106316][T10389] random: crng reseeded on system resumption [ 172.053344][T10432] random: crng reseeded on system resumption [ 173.028371][ T29] audit: type=1800 audit(1739488302.611:12): pid=10473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2206" name="lu_gp_id" dev="configfs" ino=22978 res=0 errno=0 [ 173.547739][ T6253] Bluetooth: hci2: Malformed LE Event: 0x02 [ 173.547872][T10501] ptrace attach of "./syz-executor exec"[6328] was attempted by "./syz-executor exec"[10501] [ 175.257139][T10582] Process accounting resumed [ 175.292736][T10582] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10582 comm: syz.3.2258) [ 175.486810][T10591] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10591 comm: syz.3.2262) [ 175.635939][T10599] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10599 comm: syz.3.2267) [ 175.679607][T10605] Unable to find swap-space signature [ 175.759539][T10607] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10607 comm: syz.3.2270) [ 175.944669][T10615] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10615 comm: syz.3.2274) [ 176.196228][T10622] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10622 comm: syz.3.2278) [ 176.331726][T10628] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10628 comm: syz.3.2278) [ 176.471057][T10643] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10643 comm: syz.3.2284) [ 176.676651][T10653] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10653 comm: syz.3.2291) [ 176.916678][T10663] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10663 comm: syz.3.2297) [ 178.352756][T10662] kexec: Could not allocate control_code_buffer [ 179.841247][T10795] Process accounting paused [ 180.328911][T10815] warn_unsupported: 20 callbacks suppressed [ 180.328932][T10815] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10815 comm: syz.3.2371) [ 180.349745][T10813] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10813 comm: syz.3.2371) [ 180.661889][T10829] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10829 comm: syz.3.2375) [ 180.932729][T10844] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10844 comm: syz.3.2384) [ 181.241547][T10857] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10857 comm: syz.3.2391) [ 181.443532][T10872] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10872 comm: syz.3.2398) [ 181.631286][T10880] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10880 comm: syz.3.2404) [ 181.748180][T10888] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10888 comm: syz.3.2408) [ 181.854321][T10893] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10893 comm: syz.3.2410) [ 182.021198][T10901] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10901 comm: syz.3.2414) [ 184.471713][T11029] syz_tun: tun_chr_ioctl cmd 1074025694 [ 185.306196][T11073] warn_unsupported: 19 callbacks suppressed [ 185.306215][T11073] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11073 comm: syz.3.2497) [ 185.400653][T11077] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11077 comm: syz.3.2501) [ 185.549970][T11085] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11085 comm: syz.3.2503) [ 185.689627][T11095] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11095 comm: syz.3.2508) [ 185.820810][T11101] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11101 comm: syz.3.2512) [ 185.949475][T11106] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11106 comm: syz.3.2516) [ 186.148424][T11117] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11117 comm: syz.3.2518) [ 186.326173][T11128] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11128 comm: syz.3.2524) [ 186.492791][T11135] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11135 comm: syz.3.2528) [ 186.695469][T11147] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11147 comm: syz.3.2534) [ 188.567514][ T6253] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 190.131165][T11324] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.278857][T11324] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.399281][T11324] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.452711][T11332] warn_unsupported: 22 callbacks suppressed [ 190.452731][T11332] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11332 comm: syz.3.2626) [ 190.561568][T11324] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.653631][T11343] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11343 comm: syz.3.2632) [ 190.888579][T11352] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11352 comm: syz.3.2636) [ 191.232498][T11367] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11367 comm: syz.3.2643) [ 191.266974][T11365] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11365 comm: syz.3.2643) [ 191.432921][T11382] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11382 comm: syz.3.2651) [ 191.641367][T11392] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11392 comm: syz.3.2655) [ 191.799276][T11403] nvme_fabrics: missing parameter 'transport=%s' [ 191.808892][T11403] nvme_fabrics: missing parameter 'nqn=%s' [ 191.904057][T11406] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11406 comm: syz.3.2660) [ 192.083425][T11416] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11416 comm: syz.3.2666) [ 192.262519][T11424] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11424 comm: syz.3.2670) [ 192.637966][T11448] [ 192.753041][T11452] QAT: Stopping all acceleration devices. [ 194.090011][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.096357][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.147201][T11523] WARNING! power/level is deprecated; use power/control instead [ 195.523930][T11588] warn_unsupported: 16 callbacks suppressed [ 195.523951][T11588] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11588 comm: syz.3.2750) [ 195.677460][T11600] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11600 comm: syz.3.2757) [ 195.836633][T11606] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11606 comm: syz.3.2760) [ 196.027448][T11617] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11617 comm: syz.3.2765) [ 196.232547][T11624] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11624 comm: syz.3.2769) [ 196.349901][T11630] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11630 comm: syz.3.2774) [ 196.528327][T11640] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11640 comm: syz.3.2776) [ 196.661210][T11649] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11649 comm: syz.3.2781) [ 196.867666][T11657] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11657 comm: syz.3.2785) [ 197.029299][T11666] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 11666 comm: syz.3.2790) [ 197.152487][T11672] Process accounting paused [ 198.341322][T11735] Process accounting resumed [ 198.353629][T11731] Process accounting paused [ 199.449803][T11790] syz.1.2849 uses obsolete (PF_INET,SOCK_PACKET) [ 200.354737][ T29] audit: type=1800 audit(4294967296.100:13): pid=11839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2873" name="discovery_nqn" dev="configfs" ino=27220 res=0 errno=0 [ 201.250660][ T6340] Bluetooth: hci3: command 0x0406 tx timeout [ 201.256200][ T6335] Bluetooth: hci2: command 0x0406 tx timeout [ 201.256812][ T5146] Bluetooth: hci0: command 0x0406 tx timeout [ 201.527553][T11901] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 201.585014][T11903] : Can't lookup blockdev [ 202.571626][T11958] usb usb15: usbfs: interface 0 claimed by hub while 'syz.2.2930' sets config #5 [ 202.764892][ T6253] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9 [ 204.343701][T12045] process 'syz.2.2975' launched '/dev/fd/3' with NULL argv: empty string added [ 205.238327][T12086] kAFS: No cell specified [ 206.593531][T12153] nvme_fcloop: unknown parameter or missing value '-' [ 207.669884][T12212] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 208.037464][T12230] syz_tun: tun_chr_ioctl cmd 2148553947 [ 208.214833][T12242] block2mtd: device name too long [ 208.341822][ T29] audit: type=1800 audit(4294967304.132:14): pid=12246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3075" name="dbroot" dev="configfs" ino=27876 res=0 errno=0 [ 208.396786][ T29] audit: type=1804 audit(4294967304.142:15): pid=12246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3075" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=27876 res=1 errno=0 [ 208.419836][ C0] vkms_vblank_simulate: vblank timer overrun [ 209.312407][T12288] Line length is too long: Should be less than 4094 [ 209.773592][T12303] Process accounting resumed [ 211.407495][T12381] Setting dangerous option i915.mitigations - tainting kernel [ 211.465952][T12385] warning: `syz.1.3140' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 212.800675][T12441] i2c i2c-0: delete_device: Can't parse I2C address [ 213.189613][T12460] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 216.204987][T12596] syz_tun: tun_chr_ioctl cmd 2147767517 [ 217.859007][ T29] audit: type=1800 audit(4294967313.701:16): pid=12673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3278" name="lu_gp_id" dev="configfs" ino=28659 res=0 errno=0 [ 222.494011][T12850] bond0: option packets_per_slave: invalid value ( Xnp) [ 222.516050][T12850] bond0: option packets_per_slave: allowed values 0 - 65535 [ 224.191657][T12911] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 224.679983][T12930] : Can't lookup blockdev [ 225.152598][T12943] program syz.2.3407 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 225.424474][T12951] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 227.160027][T13015] Process accounting resumed [ 227.896216][T13050] sysfs_service_op_store: Client not running :-5: [ 228.009300][T13054] syz_tun: tun_chr_ioctl cmd 35108 [ 228.418100][T13065] Process accounting resumed [ 228.570484][T13080] sg_write: data in/out 16027157/1 bytes for SCSI command 0x7b-- guessing data in; [ 228.570484][T13080] program syz.4.3475 not setting count and/or reply_len properly [ 231.287041][T13206] ubi0: attaching mtd0 [ 231.293138][T13206] ubi0: scanning is finished [ 231.333829][T13206] ubi0: empty MTD device detected [ 231.339020][T13206] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 231.448630][T13206] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 232.293324][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 232.300545][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 233.689454][T13330] sysfs_service_op_show: Client not running :-5: [ 233.827974][T13336] delete_channel: no stack [ 235.602383][T13432] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 235.971745][T13452] block nbd8: NBD_DISCONNECT [ 237.295380][ T29] audit: type=1807 audit(4294967333.232:17): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 237.309992][T13521] ima: policy update failed [ 237.322566][ T29] audit: type=1802 audit(4294967333.252:18): pid=13523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.3692" res=0 errno=0 [ 237.353688][ T29] audit: type=1802 audit(4294967333.262:19): pid=13521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3692" res=0 errno=0 [ 237.486519][T13531] sg_write: data in/out 2059/169 bytes for SCSI command 0x57-- guessing data in; [ 237.486519][T13531] program syz.1.3697 not setting count and/or reply_len properly [ 238.021719][ T62] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.123684][ T62] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.213373][ T62] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.389320][ T62] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.700640][ T62] bridge_slave_1: left allmulticast mode [ 238.715605][ T62] bridge_slave_1: left promiscuous mode [ 238.722376][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.828902][ T62] bridge_slave_0: left allmulticast mode [ 238.861527][ T62] bridge_slave_0: left promiscuous mode [ 238.888217][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.922944][ T6249] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 238.932641][ T6249] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 238.942569][ T6249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 238.951200][ T6249] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 238.959716][ T6249] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 238.967847][ T6249] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 239.925119][T13630] QAT: Device 2 not found [ 240.383331][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 240.429960][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 240.457948][ T62] bond0 (unregistering): Released all slaves [ 241.052419][ T6249] Bluetooth: hci0: command tx timeout [ 241.321838][ T62] hsr_slave_0: left promiscuous mode [ 241.371272][ T62] hsr_slave_1: left promiscuous mode [ 241.380143][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 241.382736][T13692] Invalid ELF header magic: != ELF [ 241.399185][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 241.423782][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 241.460528][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 241.495788][ T62] veth1_macvtap: left promiscuous mode [ 241.502140][ T62] veth0_macvtap: left promiscuous mode [ 241.507767][ T62] veth1_vlan: left promiscuous mode [ 241.513346][ T62] veth0_vlan: left promiscuous mode [ 242.038058][T13713] Invalid ELF header magic: != ELF [ 243.016632][ T62] team0 (unregistering): Port device team_slave_1 removed [ 243.121567][ T6249] Bluetooth: hci0: command tx timeout [ 243.185114][ T62] team0 (unregistering): Port device team_slave_0 removed [ 244.303138][T13580] chnl_net:caif_netlink_parms(): no params data found [ 244.611356][T13580] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.623406][T13811] Invalid ELF header magic: != ELF [ 244.627789][T13580] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.638249][T13580] bridge_slave_0: entered allmulticast mode [ 244.650258][T13580] bridge_slave_0: entered promiscuous mode [ 244.664023][T13580] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.671602][T13580] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.679487][T13580] bridge_slave_1: entered allmulticast mode [ 244.686621][T13580] bridge_slave_1: entered promiscuous mode [ 244.748947][T13580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 244.770326][T13580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 244.841305][T13580] team0: Port device team_slave_0 added [ 244.876115][T13580] team0: Port device team_slave_1 added [ 245.048899][T13580] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 245.070364][T13580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.150006][T13580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 245.180952][T13580] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 245.191574][ T6249] Bluetooth: hci0: command tx timeout [ 245.202842][T13580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.238780][T13580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 245.485827][T13580] hsr_slave_0: entered promiscuous mode [ 245.511286][T13580] hsr_slave_1: entered promiscuous mode [ 245.535186][T13580] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 245.557104][T13580] Cannot create hsr debugfs directory [ 245.740515][T13580] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 245.756477][T13580] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 245.766974][T13580] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 245.781766][T13580] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 245.880424][T13580] 8021q: adding VLAN 0 to HW filter on device bond0 [ 245.914154][T13580] 8021q: adding VLAN 0 to HW filter on device team0 [ 245.933466][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.940629][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.956565][ T51] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.963827][ T51] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.010644][T13580] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 246.171501][T13580] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.422403][T13580] veth0_vlan: entered promiscuous mode [ 246.440251][T13580] veth1_vlan: entered promiscuous mode [ 246.482683][T13580] veth0_macvtap: entered promiscuous mode [ 246.499719][T13580] veth1_macvtap: entered promiscuous mode [ 246.530701][T13580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.545154][T13580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.563222][T13580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.574886][T13580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.590315][T13580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.601863][T13580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.622366][T13580] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 246.640623][T13580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.651378][T13580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.661640][T13580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.674961][T13580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.685203][T13580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.696705][T13580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.709297][T13580] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 246.724155][T13580] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.732896][T13580] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.741872][T13580] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.751049][T13580] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.829227][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.838094][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.871364][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.882988][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 247.260447][ T6249] Bluetooth: hci0: command tx timeout [ 255.220022][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.226409][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.743313][T14333] Setting dangerous option i915.mitigations - tainting kernel [ 257.077185][T14393] Process accounting paused [ 257.255089][T14403] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 257.281236][ C1] vkms_vblank_simulate: vblank timer overrun [ 257.289152][T14403] CIFS mount error: No usable UNC path provided in device string! [ 257.289152][T14403] [ 257.330856][T14403] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 257.565342][T14421] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 257.981489][T14441] block mtdblock0: the capability attribute has been deprecated. [ 258.300033][T14452] Process accounting paused [ 258.544024][T14469] usb usb15: usbfs: process 14469 (syz.4.4081) did not claim interface 0 before use [ 262.142191][T14652] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 262.372442][ T6253] Bluetooth: hci1: command 0x0406 tx timeout [ 262.633240][T14674] delete_channel: no stack [ 267.043502][T14892] Debayer A: ================= START STATUS ================= [ 267.062251][T14892] Debayer A: Debayer Mean Window Size: 3 [ 267.103742][T14892] Debayer A: ================== END STATUS ================== [ 268.365471][T14961] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 269.295015][T15015] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 269.952958][ T6249] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 270.261308][ T29] audit: type=1800 audit(4294967366.374:20): pid=15068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4317" name="discovery_nqn" dev="configfs" ino=36606 res=0 errno=0 [ 271.116838][ T29] audit: type=1806 audit(4294967367.228:21): xattr="." res=0 [ 271.374876][T15123] Process accounting resumed [ 271.966163][T15158] synth uevent: /bus/usb/drivers/cdc_eem: unknown uevent action string [ 272.424772][T15178] QAT: failed to copy from user. [ 272.940802][ T29] audit: type=1804 audit(4294967369.057:22): pid=15210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4389" name="/newroot/sys/kernel/tracing/trace_marker_raw" dev="tracefs" ino=150 res=1 errno=0 [ 272.964460][ C0] vkms_vblank_simulate: vblank timer overrun [ 274.179766][ T29] audit: type=1800 audit(4294967370.304:23): pid=15276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4422" name="lu_gp_id" dev="configfs" ino=38027 res=0 errno=0 [ 274.186367][T15276] kstrtoul() returned -22 for lu_gp_id [ 275.402201][T15344] ecryptfs_parse_packet_length: Error parsing packet length [ 275.429976][T15344] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 277.376642][T15449] Process accounting resumed [ 277.531369][T15459] zram: Added device: zram1 [ 277.772011][T15473] aoe: copy from user failed [ 277.781918][T15473] aoe: could not set interface list: too many interfaces [ 278.329499][T15506] usb usb32: usbfs: process 15506 (syz.4.4532) did not claim interface 0 before use [ 280.173753][T15603] ima: policy update failed [ 280.185964][ T29] audit: type=1802 audit(4294967376.335:24): pid=15603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.4582" res=0 errno=0 [ 280.962986][ T29] audit: type=1400 audit(4294967377.119:25): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=15646 comm="syz.2.4601" [ 283.092963][ T29] audit: type=1400 audit(4294967379.270:26): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=15761 comm="syz.2.4656" [ 284.474336][ T29] audit: type=1800 audit(4294967380.657:27): pid=15816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4681" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 284.918284][T15837] ptrace attach of "./syz-executor exec"[8979] was attempted by ""[15837] [ 285.270309][T15853] delete_channel: no stack [ 286.982323][T15929] Process accounting resumed [ 287.213163][T15942] vivid-003: ================= START STATUS ================= [ 287.221290][T15942] vivid-003: Radio HW Seek Mode: Bounded [ 287.262911][T15942] vivid-003: Radio Programmable HW Seek: false [ 287.269150][T15942] vivid-003: RDS Rx I/O Mode: Block I/O [ 287.292721][T15942] vivid-003: Generate RBDS Instead of RDS: false [ 287.311030][T15942] vivid-003: RDS Reception: true [ 287.316739][T15942] vivid-003: RDS Program Type: 0 inactive [ 287.343261][T15942] vivid-003: RDS PS Name: inactive [ 287.348549][T15942] vivid-003: RDS Radio Text: inactive [ 287.362646][T15942] vivid-003: RDS Traffic Announcement: false inactive [ 287.369491][T15942] vivid-003: RDS Traffic Program: false inactive [ 287.395178][T15942] vivid-003: RDS Music: false inactive [ 287.400728][T15942] vivid-003: ================== END STATUS ================== [ 287.520943][T15958] ima: policy update failed [ 287.542575][ T29] audit: type=1802 audit(4294967383.753:28): pid=15958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.4752" res=0 errno=0 [ 288.049624][ T6249] Bluetooth: hci3: Zero size dump init pkt [ 288.838794][ T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.948873][ T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.048871][ T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.245823][ T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.562230][ T51] bridge_slave_1: left allmulticast mode [ 289.568092][ T51] bridge_slave_1: left promiscuous mode [ 289.588031][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.614275][ T6253] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 289.628958][ T6253] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 289.629397][ T51] bridge_slave_0: left allmulticast mode [ 289.642822][ T51] bridge_slave_0: left promiscuous mode [ 289.644127][ T6253] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 289.648535][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.664528][ T6253] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 289.680692][ T6253] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 289.689637][ T6253] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 289.987754][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 289.998471][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 290.009123][ T51] bond0 (unregistering): Released all slaves [ 290.306273][ T51] hsr_slave_0: left promiscuous mode [ 290.314459][ T51] hsr_slave_1: left promiscuous mode [ 290.320802][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 290.331217][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 290.344781][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 290.352600][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 290.378669][ T51] veth1_macvtap: left promiscuous mode [ 290.384236][ T51] veth0_macvtap: left promiscuous mode [ 290.392189][ T51] veth1_vlan: left promiscuous mode [ 290.397618][ T51] veth0_vlan: left promiscuous mode [ 290.772028][ T51] team0 (unregistering): Port device team_slave_1 removed [ 290.808903][ T51] team0 (unregistering): Port device team_slave_0 removed [ 291.142754][T16039] chnl_net:caif_netlink_parms(): no params data found [ 291.291022][T16039] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.307984][T16039] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.315678][T16039] bridge_slave_0: entered allmulticast mode [ 291.323407][T16039] bridge_slave_0: entered promiscuous mode [ 291.336769][T16039] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.365500][T16039] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.396407][T16039] bridge_slave_1: entered allmulticast mode [ 291.408463][T16039] bridge_slave_1: entered promiscuous mode [ 291.473669][T16039] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.508619][T16039] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 291.554582][T16039] team0: Port device team_slave_0 added [ 291.563060][T16039] team0: Port device team_slave_1 added [ 291.589887][T16039] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 291.597024][T16039] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.625929][T16039] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 291.658345][T16039] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 291.666392][T16039] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.692935][T16039] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 291.727944][T16039] hsr_slave_0: entered promiscuous mode [ 291.734364][T16039] hsr_slave_1: entered promiscuous mode [ 291.740367][ T6249] Bluetooth: hci2: command tx timeout [ 291.747333][T16039] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 291.755473][T16039] Cannot create hsr debugfs directory [ 291.914373][T16039] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 291.936276][T16039] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 291.954447][T16039] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 291.964262][T16039] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 292.000338][T16039] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.007476][T16039] bridge0: port 2(bridge_slave_1) entered forwarding state [ 292.014932][T16039] bridge0: port 1(bridge_slave_0) entered blocking state [ 292.022094][T16039] bridge0: port 1(bridge_slave_0) entered forwarding state [ 292.116449][T16039] 8021q: adding VLAN 0 to HW filter on device bond0 [ 292.141095][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.150957][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.189855][T16039] 8021q: adding VLAN 0 to HW filter on device team0 [ 292.204336][ T754] bridge0: port 1(bridge_slave_0) entered blocking state [ 292.211479][ T754] bridge0: port 1(bridge_slave_0) entered forwarding state [ 292.222918][ T754] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.230088][ T754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 292.284094][T16039] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 292.462366][T16039] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 292.722072][T16039] veth0_vlan: entered promiscuous mode [ 292.750507][T16039] veth1_vlan: entered promiscuous mode [ 292.791349][T16039] veth0_macvtap: entered promiscuous mode [ 292.801157][T16039] veth1_macvtap: entered promiscuous mode [ 292.819693][T16039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 292.830602][T16039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.841421][T16039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 292.852594][T16039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.862731][T16039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 292.874684][T16039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.887067][T16039] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 292.900773][T16039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 292.911792][T16039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.921823][T16039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 292.932287][T16039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.943128][T16039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 292.954119][T16039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.965265][T16039] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 292.980303][T16039] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.991985][T16039] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.005387][T16039] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.017899][T16039] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.121254][ T754] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 293.140299][ T754] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 293.166551][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 293.178702][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 293.810687][ T6249] Bluetooth: hci2: command tx timeout [ 295.880157][ T6249] Bluetooth: hci2: command tx timeout [ 296.143720][T16272] CIFS: VFS: Invalid SecurityFlags: # [ 297.958504][ T6249] Bluetooth: hci2: command tx timeout [ 297.999095][T16357] ICMPv6: process `syz.5.4878' is using deprecated sysctl (syscall) net.ipv6.neigh.macsec0.base_reachable_time - use net.ipv6.neigh.macsec0.base_reachable_time_ms instead [ 298.593702][T16388] CIFS mount error: No usable UNC path provided in device string! [ 298.593702][T16388] [ 298.613916][T16388] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 300.221183][ T6249] Bluetooth: hci1: Malformed HCI Event: 0x22 [ 300.756502][T16477] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 301.156615][T16494] ubi13: attaching mtd0 [ 301.180514][T16494] ubi13 error: ubi_attach_mtd_dev: bad VID header (13) or data offsets (77) [ 301.562491][T16514] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 301.562491][T16514] M' is too long [ 301.577278][T16516] Malformed UNC in devname [ 301.577278][T16516] [ 301.584392][T16516] CIFS: VFS: Malformed UNC in devname [ 301.594259][T16514] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 301.594259][T16514] W ' is too long [ 306.109357][ T6249] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 306.373864][T16742] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706]. [ 307.714834][T16806] Process accounting resumed [ 307.968264][T16826] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [4] [ 309.240999][T16887] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 310.262207][T16933] Process accounting resumed [ 311.966357][T17028] i2c i2c-0: new_device: Missing parameters [ 313.423588][T17110] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 318.745199][T17370] usbcore.quirks: string doesn't fit in 127 chars. [ 319.396293][T17407] ptrace attach of "./syz-executor exec"[8979] was attempted by "./syz-executor exec"[17407] [ 319.742955][T17427] futex_wake_op: syz.6.5335 tries to shift op by 64; fix this program [ 319.981657][T17442] Setting dangerous option i915.mitigations - tainting kernel [ 319.989820][T17442] Bad "i915.mitigations=!}", '}' is unknown [ 320.483393][ T29] audit: type=1800 audit(4294967416.845:29): pid=17469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5356" name="discovery_nqn" dev="configfs" ino=45034 res=0 errno=0 [ 320.565346][T17473] bond0: option mode: unable to set because the bond device is up [ 323.668491][T17641] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 324.024509][T17655] syz_tun: tun_chr_ioctl cmd 1074025698 [ 324.149371][T17660] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 328.448201][T17847] cifs: Unknown parameter '#ʑC ˀH/R{<' [ 328.579632][T17849] vivid-010: ================= START STATUS ================= [ 328.587371][T17849] vivid-010: Generate PTS: true [ 328.621941][T17849] vivid-010: Generate SCR: true [ 328.626879][T17849] tpg source WxH: 640x360 (Y'CbCr) [ 328.657632][T17849] tpg field: 1 [ 328.661058][T17849] tpg crop: 640x360@0x0 [ 328.670847][T17849] tpg compose: 640x360@0x0 [ 328.675309][T17849] tpg colorspace: 8 [ 328.697340][T17849] tpg transfer function: 0/0 [ 328.710626][T17849] tpg Y'CbCr encoding: 0/0 [ 328.715094][T17849] tpg quantization: 0/0 [ 328.743269][T17849] tpg RGB range: 0/2 [ 328.743309][T17849] vivid-010: ================== END STATUS ================== [ 329.516069][T17886] program syz.4.5566 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 329.532486][T17886] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 330.920907][ T29] audit: type=1800 audit(4294967427.349:30): pid=17945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5587" name="features" dev="configfs" ino=46925 res=0 errno=0 [ 332.359986][T18030] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 332.360331][T18028] ima: policy update failed [ 332.388271][ T29] audit: type=1802 audit(4294967428.817:31): pid=18028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.5628" res=0 errno=0 [ 333.339942][T18071] Process accounting resumed [ 338.564476][T18361] Process accounting resumed [ 338.906465][T18371] Process accounting resumed [ 339.450713][T18398] Process accounting resumed [ 341.879859][T18539] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5876'. [ 343.576015][T18634] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 343.636315][T18636] warn_unsupported: 7 callbacks suppressed [ 343.636336][T18636] kernel read not supported for file /Pr ^!8;n~ZJp-v<)R_WtakG6h mD|vQ (pid: 18636 comm: syz.3.5923) [ 343.689396][ T29] audit: type=1800 audit(4294967440.165:32): pid=18636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5923" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=48030 res=0 errno=0 [ 343.723067][ C1] vkms_vblank_simulate: vblank timer overrun [ 343.916711][T18648] syz.3.5928 (18648): drop_caches: 0 [ 345.761987][T18747] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 345.770195][T18746] ima: policy update failed [ 345.814377][ T6249] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 345.814412][ T6249] Bluetooth: hci1: unexpected subevent 0x05 length: 725 > 12 [ 345.840665][ T29] audit: type=1802 audit(4294967442.347:33): pid=18746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.5978" res=0 errno=0 [ 347.316283][T18817] queue_state_write: operation too long [ 347.330608][T18817] queue_state_write: use 'run', 'start' or 'kick' [ 347.848120][ T6249] Bluetooth: hci1: command 0x0406 tx timeout [ 348.383480][T18865] __vm_enough_memory: pid: 18865, comm: syz.5.6037, bytes: 4503599627366400 not enough memory for the allocation [ 349.589383][T18929] blktrace: Concurrent blktraces are not allowed on loop5 [ 354.084058][T19184] scsi_dev_info_list_add_str: bad dev info string ')&c~j] | [ 354.084058][T19184] M' '' '' [ 354.154663][T19186] aoe: invalid device specification [ 357.647370][T19390] afs: Unknown parameter 'P4' [ 361.156512][T19567] kAFS: Invalid Command on /proc/fs/afs/cells file [ 361.211905][T19570] usbip-vudc usbip-vudc.0: gadget not bound [ 364.242714][ T6253] Bluetooth: hci0: command 0x0406 tx timeout [ 365.517776][T19757] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 365.885841][ T6249] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 365.885877][ T6249] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 365.902047][ T6249] Bluetooth: hci3: Dropping invalid advertising data [ 365.909380][ T6249] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 366.243636][T19792] ima: policy update failed [ 366.282119][ T29] audit: type=1802 audit(4294967462.903:34): pid=19792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.6489" res=0 errno=0 [ 366.603114][T19813] Process accounting resumed [ 366.926830][T19831] QAT: Invalid ioctl 21531 [ 366.997044][T19835] mmap: syz.4.6510 (19835): VmData 41664512 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 367.127262][T19842] Process accounting resumed [ 369.745457][T19986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78004 [ 369.763355][T19986] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 369.787585][T19986] memcg:ffff888025102b81 [ 369.791894][T19986] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 369.811165][T19986] page_type: f5(slab) [ 369.818236][T19986] raw: 00fff00000000040 ffff88801caf1780 0000000000000000 dead000000000001 [ 369.830366][T19986] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff888025102b81 [ 369.842032][T19986] head: 00fff00000000040 ffff88801caf1780 0000000000000000 dead000000000001 [ 369.855780][T19986] head: 0000000000000000 00000000000c000c 00000000f5000000 ffff888025102b81 [ 369.884963][T19986] head: 00fff00000000002 ffffea0001e00101 ffffffffffffffff 0000000000000000 [ 369.903192][T19986] head: ffff888000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 369.920947][T19986] page dumped because: unmovable page [ 369.927373][T19986] page_owner tracks the page as allocated [ 369.935624][T19986] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 10924, tgid 10924 (syz-executor), ts 182362238493, free_ts 180617592677 [ 369.973028][T19986] post_alloc_hook+0x181/0x1b0 [ 369.978943][T19986] get_page_from_freelist+0xfce/0x2f80 [ 369.985565][T19986] __alloc_frozen_pages_noprof+0x221/0x2470 [ 370.012835][T19986] alloc_pages_mpol+0x1fc/0x540 [ 370.019151][T19986] new_slab+0x23d/0x330 [ 370.029246][T19986] ___slab_alloc+0xbfa/0x1600 [ 370.035722][T19986] __slab_alloc.constprop.0+0x56/0xb0 [ 370.041846][T19986] kmem_cache_alloc_lru_noprof+0xf0/0x3b0 [ 370.054068][T19986] proc_alloc_inode+0x25/0x200 [ 370.059980][T19986] alloc_inode+0x5d/0x230 [ 370.074874][T19986] new_inode+0x22/0x210 [ 370.084999][T19986] proc_pid_make_inode+0x22/0x160 [ 370.092420][T19986] proc_pid_make_base_inode.constprop.0+0x25/0x180 [ 370.112472][T19986] proc_pid_instantiate+0x51/0x1e0 [ 370.117766][T19986] proc_pid_lookup+0x1fc/0x500 [ 370.132109][T19986] proc_root_lookup+0x23/0x70 [ 370.137032][T19986] page last free pid 10835 tgid 10835 stack trace: [ 370.143829][T19986] free_frozen_pages+0x6db/0xfb0 [ 370.151979][T19986] __put_partials+0x14c/0x170 [ 370.161805][T19986] qlist_free_all+0x4e/0x120 [ 370.176546][T19986] kasan_quarantine_reduce+0x195/0x1e0 [ 370.188697][T19986] __kasan_slab_alloc+0x69/0x90 [ 370.203946][T19986] kmem_cache_alloc_noprof+0x1c8/0x3b0 [ 370.231477][T19986] getname_flags.part.0+0x4c/0x550 [ 370.240223][T19986] getname_flags+0x93/0xf0 [ 370.245081][T19986] __x64_sys_symlinkat+0x79/0xc0 [ 370.255177][T19986] do_syscall_64+0xcd/0x250 [ 370.260319][T19986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.424222][T20014] kfence: disabled [ 377.317889][T20346] aoe: could not set interface list: too many interfaces [ 377.456577][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.463008][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.246763][T20657] Process accounting resumed [ 386.815396][T20742] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 386.973531][T20752] Process accounting resumed [ 390.477359][T20898] Process accounting resumed [ 392.087167][T20962] usb usb15: usbfs: process 20962 (syz.5.7066) did not claim interface 0 before use [ 393.378501][ T6249] Bluetooth: hci3: SCO packet too small [ 394.527711][T21081] syz.5.7124 (21081): attempted to duplicate a private mapping with mremap. This is not supported. [ 394.725657][T21097] ecryptfs_miscdev_write: Error while inspecting packet size [ 395.632514][ T29] audit: type=1800 audit(4294967492.395:35): pid=21141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.7153" name="members" dev="configfs" ino=57412 res=0 errno=0 [ 396.010983][T21162] kAFS: unparsable volume name [ 396.475620][T21186] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 396.497344][T21186] ep_00: uevent: failed to send synthetic uevent: -22 [ 399.645350][T21307] dyndbg: expected <4096 bytes into control [ 402.019368][T21417] syz_tun: tun_chr_ioctl cmd 1074025694 [ 402.778688][T21442] delete_channel: no stack [ 403.020653][T21427] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 403.069441][T21451] Ignoring unsupported numa_zonelist_order value: [ 403.069441][T21451] [ 404.355410][T21498] ima: policy update failed [ 404.360381][ T29] audit: type=1802 audit(4294967501.171:36): pid=21498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.7329" res=0 errno=0 [ 405.380913][T21550] ecryptfs_miscdev_write: Invalid packet size [192] [ 406.176909][T21594] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 406.535839][T21616] kAFS: Invalid Command on /proc/fs/afs/cells file [ 407.071400][T21646] tipc: Can't bind to reserved service type 2 [ 407.612887][T21676] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 407.944459][T21693] program syz.5.7425 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 409.341367][T21774] aoe: can't write to that file. [ 410.134949][T21780] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 411.272438][T21843] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 411.462465][T21873] block2mtd: illegal erase size [ 412.291260][T21889] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 413.281382][T21943] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 413.876160][ T29] audit: type=1326 audit(4294967510.740:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21988 comm="syz.4.7573" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f759138cde9 code=0x0 [ 414.234095][T21985] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 415.178131][ T6253] Bluetooth: hci2: command 0x0406 tx timeout [ 415.287683][T22025] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 416.305262][T22073] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 416.989742][ T29] audit: type=1800 audit(4294967513.856:38): pid=22125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.7639" name="features" dev="configfs" ino=59906 res=0 errno=0 [ 417.010409][ C1] vkms_vblank_simulate: vblank timer overrun [ 418.424897][T22203] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 419.041768][ T29] audit: type=1800 audit(4294967515.927:39): pid=22240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.7686" name="SYSV00000014" dev="hugetlbfs" ino=0 res=0 errno=0 [ 420.479721][ T6249] Bluetooth: hci1: unexpected event 0x3d length: 726 > 14 [ 422.833827][T22435] usb usb24: check_ctrlrecip: process 22435 (syz.6.7774) requesting ep 01 but needs 81 [ 422.871686][T22435] usb usb24: usbfs: process 22435 (syz.6.7774) did not claim interface 0 before use [ 423.039036][T22444] kAFS: Invalid Command on /proc/fs/afs/cells file [ 427.641758][T22606] block2mtd: Using custom MTD label '' for dev [ 427.667604][T22606] block2mtd: error: cannot open device [ 427.712807][ T6249] Bluetooth: hci3: unexpected event 0x32 length: 10 > 9 [ 428.584663][T22644] Format for deleting device is "id" (uint). [ 428.608332][T22643] synth uevent: /devices/virtual/misc/rdma_cm: unknown uevent action string [ 428.617326][T22643] misc rdma_cm: uevent: failed to send synthetic uevent: -22 [ 429.476108][T22678] ceph: Failed to parse sending metrics switch value 'P^' [ 430.895954][ T29] audit: type=1800 audit(4294967527.839:40): pid=22724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.7919" name="dbroot" dev="configfs" ino=61849 res=0 errno=0 [ 430.944915][T22724] db_root: cannot open: [ 432.013006][ T6249] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14 [ 432.170465][T22796] : Can't lookup blockdev [ 432.591220][T22818] kmem.limit_in_bytes is deprecated and will be removed. Writing any value to this file has no effect. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 433.009422][ T29] audit: type=1807 audit(4294967529.970:41): UNKNOWN= res=0 [ 433.015809][T22837] ima: policy update failed [ 433.044929][ T29] audit: type=1802 audit(4294967529.970:42): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.7976" res=0 errno=0 [ 433.105846][ T29] audit: type=1802 audit(4294967529.990:43): pid=22837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.7976" res=0 errno=0 [ 433.821092][T22880] usb usb15: usbfs: process 22880 (syz.4.7998) did not claim interface 0 before use [ 434.951912][T22944] Process accounting resumed [ 437.903644][T23087] program syz.6.8100 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 437.939048][T23087] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 438.088302][T23097] cougar: G6 mapped to F18 [ 438.578910][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 438.589644][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.140124][T23197] dlm: non-version read from control device 0 [ 441.659761][T23275] nvme_fcloop: unknown parameter or missing value '' [ 442.961944][T23350] : Can't lookup blockdev [ 445.438614][T23487] Scaler: ================= START STATUS ================= [ 445.460237][T23487] Scaler: ================== END STATUS ================== [ 446.560154][T23545] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 446.590676][T23545] ep_00: uevent: failed to send synthetic uevent: -22 [ 447.301188][T23567] ICMPv6: process `syz.5.8332' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 447.974830][ T5063] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.075850][ T5063] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.218156][ T5063] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.367718][ T5063] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.703577][ T5063] bridge_slave_1: left allmulticast mode [ 448.714201][ T5063] bridge_slave_1: left promiscuous mode [ 448.720306][ T5063] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.831922][ T5063] bridge_slave_0: left allmulticast mode [ 448.852716][ T5063] bridge_slave_0: left promiscuous mode [ 448.858598][ T5063] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.894845][ T6253] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 448.922621][ T6253] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 448.931683][ T6253] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 448.944638][ T6253] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 448.953694][ T6253] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 448.962285][ T6253] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 449.753842][T23655] udc dummy_udc.0: soft-connect without a gadget driver [ 450.210426][T23673] QAT: failed to copy from user cfg_data. [ 450.327376][ T5063] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 450.348257][ T5063] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 450.375034][ T5063] bond0 (unregistering): Released all slaves [ 450.865014][ T29] audit: type=1800 audit(4294967547.923:44): pid=23706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.8393" name="members" dev="configfs" ino=65072 res=0 errno=0 [ 451.081019][ T6253] Bluetooth: hci0: command tx timeout [ 451.110372][ T5063] hsr_slave_0: left promiscuous mode [ 451.140485][ T5063] hsr_slave_1: left promiscuous mode [ 451.173089][ T5063] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 451.191070][ T5063] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 451.231148][ T5063] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 451.250100][ T5063] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 451.325285][ T5063] veth1_macvtap: left promiscuous mode [ 451.343490][ T5063] veth0_macvtap: left promiscuous mode [ 451.375669][ T5063] veth1_vlan: left promiscuous mode [ 451.396760][ T5063] veth0_vlan: left promiscuous mode [ 452.767465][T23791] queue_state_write: unsupported operation '' [ 452.778344][T23791] queue_state_write: use 'run', 'start' or 'kick' [ 452.840412][ T5063] team0 (unregistering): Port device team_slave_1 removed [ 452.955053][ T5063] team0 (unregistering): Port device team_slave_0 removed [ 453.148031][ T6253] Bluetooth: hci0: command tx timeout [ 454.187716][T23625] chnl_net:caif_netlink_parms(): no params data found [ 454.475023][T23625] bridge0: port 1(bridge_slave_0) entered blocking state [ 454.475160][T23625] bridge0: port 1(bridge_slave_0) entered disabled state [ 454.475297][T23625] bridge_slave_0: entered allmulticast mode [ 454.476434][T23625] bridge_slave_0: entered promiscuous mode [ 454.481588][T23625] bridge0: port 2(bridge_slave_1) entered blocking state [ 454.481782][T23625] bridge0: port 2(bridge_slave_1) entered disabled state [ 454.481902][T23625] bridge_slave_1: entered allmulticast mode [ 454.482921][T23625] bridge_slave_1: entered promiscuous mode [ 454.613751][T23625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 454.639626][T23625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 454.711385][T23625] team0: Port device team_slave_0 added [ 454.735191][T23625] team0: Port device team_slave_1 added [ 454.843488][T23625] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 454.850514][T23625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 454.958043][T23625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 454.976126][T23867] ptrace attach of "./syz-executor exec"[6336] was attempted by "./syz-executor exec"[23867] [ 454.992863][T23625] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 454.999933][T23625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 455.079635][T23625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 455.209810][ T6253] Bluetooth: hci0: command tx timeout [ 455.266880][T23625] hsr_slave_0: entered promiscuous mode [ 455.273384][T23625] hsr_slave_1: entered promiscuous mode [ 455.280026][T23625] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 455.288342][T23625] Cannot create hsr debugfs directory [ 455.812120][T23625] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 455.854861][T23625] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 455.908932][T23625] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 455.963166][T23625] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 456.198079][T23625] 8021q: adding VLAN 0 to HW filter on device bond0 [ 456.261312][T23625] 8021q: adding VLAN 0 to HW filter on device team0 [ 456.334233][ T754] bridge0: port 1(bridge_slave_0) entered blocking state [ 456.341396][ T754] bridge0: port 1(bridge_slave_0) entered forwarding state [ 456.400349][ T754] bridge0: port 2(bridge_slave_1) entered blocking state [ 456.407581][ T754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 456.966658][T23625] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 457.298734][ T6253] Bluetooth: hci0: command tx timeout [ 457.505528][T23625] veth0_vlan: entered promiscuous mode [ 457.587497][T23625] veth1_vlan: entered promiscuous mode [ 457.651162][T23625] veth0_macvtap: entered promiscuous mode [ 457.686134][T23625] veth1_macvtap: entered promiscuous mode [ 457.730571][T23625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.754916][T23625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.796136][T23625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.815938][T23625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.825784][T23625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.863820][T23625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.890056][T23625] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 457.923979][T23625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 457.951627][T23625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.975365][T23625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.004967][T23625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.025188][T23625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.044696][T23625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.076157][T23625] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 458.106838][T23625] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.124383][T23625] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.145070][T23625] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.163586][T23625] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.391295][ T5063] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.423859][ T5063] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.486790][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.509850][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 462.623922][T24210] cougar: G6 mapped to space [ 464.092352][T24283] [ 467.593823][T24452] misc userio: Invalid payload size [ 468.340839][T24490] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5) [ 471.221114][T24633] synth uevent: /bus/memstick: unknown uevent action string [ 472.566961][T24681] Process accounting resumed [ 472.801335][T24689] netlink: get zone limit has 8 unknown bytes [ 472.838234][ T6253] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11 [ 473.335733][T24710] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8808'. [ 473.534615][T24718] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 474.440089][ T29] audit: type=1107 audit(4294967571.605:45): pid=24758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 474.614752][T24765] Zero length message leads to an empty skb [ 474.661684][T24768] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006 [ 476.499038][T24843] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 477.280461][T24874] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 478.266800][T24909] .SR: entered promiscuous mode [ 478.687875][T24927] openvswitch: netlink: IP tunnel dst address not specified [ 480.027615][T24986] HSR: entered promiscuous mode [ 481.203967][T25043] sctp: [Deprecated]: syz.3.8910 (pid 25043) Use of int in maxseg socket option. [ 481.203967][T25043] Use struct sctp_assoc_value instead [ 481.438203][T25052] HSR: entered promiscuous mode [ 482.130429][T25079] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 482.926831][T25108] openvswitch: netlink: IP tunnel dst address not specified [ 485.473139][T25173] openvswitch: netlink: Flow key attr not present in new flow. [ 485.669053][T25180] netlink: 'syz.6.8972': attribute type 1 has an invalid length. [ 487.552861][T25249] rnbd_client L213: map_device: Parameters missing [ 488.384700][T25278] openvswitch: netlink: IP tunnel dst address not specified [ 488.818131][T25284] svc: failed to register nfsdv3 RPC service (errno 111). [ 488.837177][T25284] svc: failed to register nfsaclv3 RPC service (errno 111). [ 489.598600][T25305] could not allocate digest TFM handle [ 489.670478][T25311] could not allocate digest TFM handle [ 490.408226][T25355] netlink: 'syz.7.9045': attribute type 1 has an invalid length. [ 491.679405][T25394] openvswitch: netlink: IP tunnel dst address not specified [ 494.050045][T25494] netlink: 'syz.6.9105': attribute type 1 has an invalid length. [ 495.427034][T25548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9128'. [ 495.879220][T25566] svc: failed to register nfsdv3 RPC service (errno 111). [ 495.893453][T25566] svc: failed to register nfsaclv3 RPC service (errno 111). [ 496.167062][T25581] netlink: zone id is out of range [ 496.179091][T25581] netlink: set zone limit has 4 unknown bytes [ 497.308653][T25626] netlink: 'syz.6.9165': attribute type 1 has an invalid length. [ 499.570169][T25722] netlink: zone id is out of range [ 499.589044][T25722] netlink: zone id is out of range [ 499.594481][T25722] netlink: zone id is out of range [ 499.620492][T25722] netlink: zone id is out of range [ 499.648478][T25722] netlink: zone id is out of range [ 499.670943][T25722] netlink: zone id is out of range [ 499.698197][T25722] netlink: zone id is out of range [ 499.703854][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.713640][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 499.733327][T25722] netlink: zone id is out of range [ 499.738658][T25722] netlink: zone id is out of range [ 499.744226][T25722] netlink: zone id is out of range [ 500.109474][T25746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880780028d0 pfn:0x78002 [ 500.125761][T25746] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 500.136468][T25746] memcg:ffff88802829b201 [ 500.140820][T25746] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 500.164059][T25746] page_type: f5(slab) [ 500.174333][T25746] raw: 00fff00000000240 ffff88801c2838c0 ffffea0001175510 ffffea0001e74310 [ 500.201710][T25746] raw: ffff8880780028d0 0000000000150014 00000000f5000000 ffff88802829b201 [ 500.241519][T25746] head: 00fff00000000240 ffff88801c2838c0 ffffea0001175510 ffffea0001e74310 [ 500.256447][T25746] head: ffff8880780028d0 0000000000150014 00000000f5000000 ffff88802829b201 [ 500.267191][T25746] head: 00fff00000000001 ffffea0001e00081 ffffffffffffffff 0000000000000000 [ 500.276359][T25746] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 500.285623][T25746] page dumped because: unmovable page [ 500.291385][T25746] page_owner tracks the page as allocated [ 500.311089][T25746] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 5833, tgid 5833 (syz-executor), ts 65397105754, free_ts 21147936657 [ 500.359900][T25746] post_alloc_hook+0x181/0x1b0 [ 500.365315][T25746] get_page_from_freelist+0xfce/0x2f80 [ 500.374683][T25746] __alloc_frozen_pages_noprof+0x221/0x2470 [ 500.388222][T25746] alloc_pages_mpol+0x1fc/0x540 [ 500.396033][T25746] new_slab+0x23d/0x330 [ 500.400425][T25746] ___slab_alloc+0xbfa/0x1600 [ 500.406118][T25746] __slab_alloc.constprop.0+0x56/0xb0 [ 500.411667][T25746] kmem_cache_alloc_lru_noprof+0xf0/0x3b0 [ 500.418428][T25746] __d_alloc+0x35/0x8c0 [ 500.422772][T25746] d_alloc+0x4a/0x1e0 [ 500.427624][T25746] lookup_one_qstr_excl+0xcb/0x190 [ 500.433091][T25746] filename_create+0x1ed/0x530 [ 500.438888][T25746] do_mkdirat+0xab/0x3a0 [ 500.447332][T25746] __x64_sys_mkdirat+0x83/0xb0 [ 500.470274][T25746] do_syscall_64+0xcd/0x250 [ 500.476069][T25746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 500.482275][T25746] page last free pid 1 tgid 1 stack trace: [ 500.488826][T25746] free_frozen_pages+0x6db/0xfb0 [ 500.494514][T25746] free_contig_range+0x133/0x3f0 [ 500.500033][T25746] destroy_args+0x66f/0x830 [ 500.505547][T25746] debug_vm_pgtable+0x149c/0x2f20 [ 500.510778][T25746] do_one_initcall+0x128/0x630 [ 500.520938][T25746] kernel_init_freeable+0x58f/0x8b0 [ 500.526619][T25746] kernel_init+0x1c/0x2b0 [ 500.531368][T25746] ret_from_fork+0x45/0x80 [ 500.537218][T25746] ret_from_fork_asm+0x1a/0x30 [ 500.793433][T25769] tipc: Enabling of bearer rejected, media not registered [ 504.201957][T25892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 504.510244][T25904] delete_channel: no stack [ 506.282248][T25960] program syz.4.9316 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 509.763578][T26106] net_ratelimit: 5 callbacks suppressed [ 509.763597][T26106] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 510.273197][T26117] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd83 [ 511.117900][T26149] Invalid ELF header magic: != ELF [ 512.332502][T26203] snd_aloop snd_aloop.0: control 1:6:6:^ [ 512.332502][T26203] :0 is already present [ 512.980867][T26234] unsupported nla_type 32969 [ 513.038847][ T6253] Bluetooth: hci2: unexpected event 0x14 length: 18 > 6 [ 516.467321][T26360] rtc_cmos 00:00: Alarms can be up to one day in the future [ 516.699528][ T91] rtc_cmos 00:00: Alarms can be up to one day in the future [ 516.728669][ T91] rtc_cmos 00:00: Alarms can be up to one day in the future [ 516.748900][ T91] rtc_cmos 00:00: Alarms can be up to one day in the future [ 516.766378][ T91] rtc_cmos 00:00: Alarms can be up to one day in the future [ 516.784503][ T91] rtc rtc0: __rtc_set_alarm: err=-22 [ 517.636515][ T29] audit: type=1107 audit(4294967615.040:46): pid=26404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 517.672954][ T29] audit: type=1107 audit(4294967615.050:47): pid=26404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 517.921476][T26417] netlink: 'syz.3.9521': attribute type 2 has an invalid length. [ 519.279226][T26482] openvswitch: netlink: Duplicate key (type 15). [ 519.597925][T26498] netlink: 'syz.3.9561': attribute type 1 has an invalid length. [ 519.902663][T26516] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(4.512.1), cmd(1) [ 520.074480][T26518] Invalid ELF header magic: != ELF [ 520.148011][T26527] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 520.234957][T26529] svc: failed to register nfsdv3 RPC service (errno 111). [ 520.248587][T26529] svc: failed to register nfsaclv3 RPC service (errno 111). [ 520.383179][T26535] openvswitch: netlink: Multiple metadata blocks provided [ 520.779754][T26551] netlink: 'syz.7.9587': attribute type 1 has an invalid length. [ 521.387555][T26577] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9598'. [ 521.883739][T26598] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9607'. [ 522.496627][T26630] CIFS: VFS: Invalid SecurityFlags: [ 523.049901][T26654] openvswitch: netlink: Message has 4 unknown bytes. [ 523.294088][ T29] audit: type=1804 audit(4294967620.719:48): pid=26668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.9641" name="/newroot/1167/file0" dev="tmpfs" ino=5878 res=1 errno=0 [ 523.381589][ T29] audit: type=1800 audit(4294967620.719:49): pid=26668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.9641" name="file0" dev="tmpfs" ino=5878 res=0 errno=0 [ 524.369535][T26705] svc: failed to register nfsdv3 RPC service (errno 111). [ 524.385404][T26705] svc: failed to register nfsaclv3 RPC service (errno 111). [ 525.325993][T26737] nbd: couldn't find device at index 33904 [ 526.536992][T26783] openvswitch: netlink: Message has 1 unknown bytes. [ 526.699740][T26789] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 527.190859][T26807] netlink: 'syz.7.9704': attribute type 1 has an invalid length. [ 528.134675][T26845] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9721'. [ 530.548882][ T6253] Bluetooth: hci1: unexpected event 0x03 length: 725 > 11 [ 530.556413][T26924] random: crng reseeded on system resumption [ 535.055092][T27084] netlink: Conntrack attr has 16 unknown bytes [ 536.146417][T27129] openvswitch: netlink: Duplicate or invalid key (type 0). [ 537.249351][T27172] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 537.677243][T27188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9877'. [ 538.057829][T27203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9883'. [ 538.509823][T27226] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 538.520969][T27224] netlink: zone id is out of range [ 538.526128][T27224] netlink: zone id is out of range [ 538.566136][T27224] netlink: zone id is out of range [ 538.576364][T27224] netlink: zone id is out of range [ 538.581509][T27224] netlink: zone id is out of range [ 538.646866][T27224] netlink: zone id is out of range [ 538.652117][T27224] netlink: zone id is out of range [ 540.220034][T27298] net_ratelimit: 22 callbacks suppressed [ 540.220053][T27298] netlink: zone id is out of range [ 540.244084][T27298] netlink: zone id is out of range [ 540.271960][T27298] netlink: zone id is out of range [ 540.294047][T27298] netlink: zone id is out of range [ 540.327187][T27298] netlink: zone id is out of range [ 540.352180][T27298] netlink: zone id is out of range [ 540.387358][T27298] netlink: zone id is out of range [ 540.408398][T27298] netlink: zone id is out of range [ 540.426489][T27298] netlink: zone id is out of range [ 540.447626][T27298] netlink: zone id is out of range [ 544.207310][T27426] netlink: 'syz.6.9981': attribute type 1 has an invalid length. [ 545.848309][T27491] net_ratelimit: 28 callbacks suppressed [ 545.848328][T27491] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 546.006198][T27497] sctp: [Deprecated]: syz.4.10015 (pid 27497) Use of int in maxseg socket option. [ 546.006198][T27497] Use struct sctp_assoc_value instead [ 546.839493][T27535] netlink: 'syz.4.10034': attribute type 1 has an invalid length. [ 547.347655][T27555] netlink: 'syz.6.10043': attribute type 1 has an invalid length. [ 549.001839][T27622] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 550.528301][T27689] netlink: 'syz.4.10106': attribute type 1 has an invalid length. [ 550.698316][T27697] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 553.677868][T27841] openvswitch: netlink: Multiple metadata blocks provided [ 553.919866][T27849] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 554.784547][ T6253] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 554.784584][ T6253] Bluetooth: hci1: unexpected subevent 0x05 length: 725 > 12 [ 555.420551][T27913] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 555.496279][T27917] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 556.851038][ T6253] Bluetooth: hci1: command 0x0406 tx timeout [ 556.883591][T27966] HfR: entered promiscuous mode [ 556.900843][T27967] netlink: 'syz.3.10237': attribute type 1 has an invalid length. [ 556.954092][T27967] nbd: error processing sock list [ 557.067504][T27971] netlink: Unknown conntrack attr (0) [ 560.492830][T28071] bond0: option lp_interval: invalid value () [ 560.499270][T28071] bond0: option lp_interval: allowed values 1 - 2147483647 [ 560.823989][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 560.830450][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.013814][T28127] netlink: 'syz.4.10315': attribute type 1 has an invalid length. [ 562.350459][ T29] audit: type=1800 audit(4294967319.214:50): pid=28140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.10321" name="discovery_nqn" dev="configfs" ino=79799 res=0 errno=0 [ 562.756438][T28156] netlink: zone id is out of range [ 562.790134][T28156] netlink: zone id is out of range [ 562.819946][T28156] netlink: zone id is out of range [ 562.825229][T28156] netlink: zone id is out of range [ 562.839841][T28156] netlink: zone id is out of range [ 562.852785][T28156] netlink: zone id is out of range [ 562.867237][T28156] netlink: zone id is out of range [ 562.881888][T28156] netlink: zone id is out of range [ 562.891972][T28156] netlink: zone id is out of range [ 562.906591][T28156] netlink: zone id is out of range [ 563.428131][T28178] MTRR 1 not used [ 565.179446][T28239] Process accounting resumed [ 568.446250][T28359] netlink: 'syz.7.10427': attribute type 1 has an invalid length. [ 569.355592][T28392] netlink: 'syz.4.10442': attribute type 2 has an invalid length. [ 570.207990][T28436] net_ratelimit: 212 callbacks suppressed [ 570.208011][T28436] netlink: del zone limit has 8 unknown bytes [ 572.916825][T28537] openvswitch: netlink: IP tunnel dst address not specified [ 572.997289][T28539] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 573.086761][T28475] Bluetooth: hci0: command 0x0406 tx timeout [ 573.149046][T28546] netlink: 'syz.4.10513': attribute type 2 has an invalid length. [ 574.361928][T28603] nl80211: entered promiscuous mode [ 575.593744][T28653] nfs4: Unknown parameter 'nfsd' [ 577.974324][T28757] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 578.271658][T28771] netlink: ct family unspecified [ 578.501512][T28781] openvswitch: netlink: Key type 261 is out of range max 32 [ 578.675342][T28790] openvswitch: netlink: Message has 4 unknown bytes. [ 578.868873][T28798] nfsd: Unknown parameter 'DJ' [ 579.204924][T28813] netlink: 'syz.7.10636': attribute type 3 has an invalid length. [ 579.227241][T28813] netlink: 235 bytes leftover after parsing attributes in process `syz.7.10636'. [ 579.658088][T28830] : entered promiscuous mode [ 579.878555][T28839] netlink: 'syz.3.10647': attribute type 11 has an invalid length. [ 579.909009][T28839] netlink: 'syz.3.10647': attribute type 11 has an invalid length. [ 579.942263][T28839] netlink: 'syz.3.10647': attribute type 11 has an invalid length. [ 579.950408][T28839] netlink: 'syz.3.10647': attribute type 11 has an invalid length. [ 581.022589][T28882] openvswitch: netlink: Duplicate or invalid key (type 1). [ 581.910041][T28914] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 581.917090][T28914] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 581.948334][T28916] netlink: 'syz.6.10684': attribute type 2 has an invalid length. [ 582.312100][T28932] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 582.728618][T28954] nbd: must specify a size in bytes for the device [ 583.327202][T28985] .^: entered promiscuous mode [ 585.117144][ T6253] Bluetooth: hci2: unexpected subevent 0x01 length: 125 > 18 [ 585.125331][ T6253] Bluetooth: hci2: Invalid handle: 0x1e1a > 0x0eff [ 585.369043][T29069] nbd: must specify a device to reconfigure [ 585.521364][T29075] openvswitch: netlink: Missing valid actions attribute. [ 586.517986][T29104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078007a70 pfn:0x78004 [ 586.564060][T29104] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 586.596363][T29104] memcg:ffff888025102b81 [ 586.600684][T29104] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 586.641386][T29104] page_type: f5(slab) [ 586.645446][T29104] raw: 00fff00000000240 ffff88801caf1780 ffffea0001e05310 ffffea0001739010 [ 586.674887][T29104] raw: ffff888078007a70 00000000000c0006 00000000f5000000 ffff888025102b81 [ 586.693941][T29104] head: 00fff00000000240 ffff88801caf1780 ffffea0001e05310 ffffea0001739010 [ 586.715705][T29104] head: ffff888078007a70 00000000000c0006 00000000f5000000 ffff888025102b81 [ 586.735758][T29104] head: 00fff00000000002 ffffea0001e00101 ffffffffffffffff 0000000000000000 [ 586.765434][T29104] head: ffff888000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 586.774170][T29104] page dumped because: unmovable page [ 586.783178][T29110] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 586.795444][T29104] page_owner tracks the page as allocated [ 586.800014][T29110] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 586.801179][T29104] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 10924, tgid 10924 (syz-executor), ts 182362238493, free_ts 180617592677 [ 586.888882][T29104] post_alloc_hook+0x181/0x1b0 [ 586.908503][T29104] get_page_from_freelist+0xfce/0x2f80 [ 586.914047][T29104] __alloc_frozen_pages_noprof+0x221/0x2470 [ 586.962306][T29104] alloc_pages_mpol+0x1fc/0x540 [ 586.974305][T29104] new_slab+0x23d/0x330 [ 586.978561][T29104] ___slab_alloc+0xbfa/0x1600 [ 586.983278][T29104] __slab_alloc.constprop.0+0x56/0xb0 [ 587.004646][T29104] kmem_cache_alloc_lru_noprof+0xf0/0x3b0 [ 587.020603][T29104] proc_alloc_inode+0x25/0x200 [ 587.025527][T29104] alloc_inode+0x5d/0x230 [ 587.029895][T29104] new_inode+0x22/0x210 [ 587.048698][T29104] proc_pid_make_inode+0x22/0x160 [ 587.053798][T29104] proc_pid_make_base_inode.constprop.0+0x25/0x180 [ 587.074824][T29104] proc_pid_instantiate+0x51/0x1e0 [ 587.080016][T29104] proc_pid_lookup+0x1fc/0x500 [ 587.103697][T29104] proc_root_lookup+0x23/0x70 [ 587.110927][T29104] page last free pid 10835 tgid 10835 stack trace: [ 587.133482][T29104] free_frozen_pages+0x6db/0xfb0 [ 587.143453][T29104] __put_partials+0x14c/0x170 [ 587.148916][T29104] qlist_free_all+0x4e/0x120 [ 587.171529][T29104] kasan_quarantine_reduce+0x195/0x1e0 [ 587.177166][T29104] __kasan_slab_alloc+0x69/0x90 [ 587.182076][T29104] kmem_cache_alloc_noprof+0x1c8/0x3b0 [ 587.203189][T29104] getname_flags.part.0+0x4c/0x550 [ 587.213048][T29104] getname_flags+0x93/0xf0 [ 587.217535][T29104] __x64_sys_symlinkat+0x79/0xc0 [ 587.232705][T29104] do_syscall_64+0xcd/0x250 [ 587.243345][T29104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.342923][T29127] netlink: 'syz.7.10783': attribute type 1 has an invalid length. [ 588.744754][T29180] program syz.6.10807 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 589.244989][T29190] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10811'. [ 591.729875][T29286] cifs: Unknown parameter '' [ 593.106847][T29334] openvswitch: netlink: Message has 4 unknown bytes. [ 597.935062][T29536] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 599.661849][T29622] zram: Removed device: zram0 [ 600.750111][T29669] svc: failed to register nfsdv3 RPC service (errno 111). [ 600.777142][T29669] svc: failed to register nfsaclv3 RPC service (errno 111). [ 601.885438][T29709] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11038'. [ 602.626530][T29743] nbd: couldn't find a device at index 3723 [ 603.896451][T29793] openvswitch: netlink: Key type 29 is not supported [ 604.818106][T29823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11091'. [ 606.925500][T29900] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11126'. [ 607.277492][T29916] ima: policy update failed [ 607.293461][ T29] audit: type=1802 audit(4294967364.398:51): pid=29916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.11135" res=0 errno=0 [ 607.886303][T29942] netlink: zone id is out of range [ 608.032533][T29947] netlink: 'syz.6.11151': attribute type 1 has an invalid length. [ 608.416236][T29961] netlink: 'syz.3.11156': attribute type 4 has an invalid length. [ 608.473054][T29967] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 608.630860][T29971] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 608.637515][T29971] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 608.658405][T29973] openvswitch: netlink: Key type 29 is not supported [ 609.012079][T29982] netlink: zone id is out of range [ 609.027620][T29982] netlink: zone id is out of range [ 609.033695][T29982] netlink: zone id is out of range [ 609.049983][T29982] netlink: zone id is out of range [ 609.067226][T29982] netlink: zone id is out of range [ 609.077315][T29982] netlink: zone id is out of range [ 609.090780][T29982] netlink: zone id is out of range [ 609.119277][T29982] netlink: zone id is out of range [ 609.124428][T29982] netlink: zone id is out of range [ 609.130123][T29982] netlink: zone id is out of range [ 610.838781][ T6253] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 611.391054][T30086] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 612.366485][T30130] delete_channel: no stack [ 612.573215][T30139] Process accounting resumed [ 614.760287][T30235] net_ratelimit: 15 callbacks suppressed [ 614.760310][T30235] openvswitch: netlink: Key 23 has unexpected len 16 expected 2 [ 615.092602][T30244] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11286'. [ 615.560571][T30258] sctp: [Deprecated]: syz.6.11295 (pid 30258) Use of int in max_burst socket option deprecated. [ 615.560571][T30258] Use struct sctp_assoc_value instead [ 616.062601][T30278] vivid-003: ================= START STATUS ================= [ 616.081817][T30278] vivid-003: Radio HW Seek Mode: Bounded [ 616.087791][T30278] vivid-003: Radio Programmable HW Seek: false [ 616.105704][T30278] vivid-003: RDS Rx I/O Mode: Block I/O [ 616.143814][T30278] vivid-003: Generate RBDS Instead of RDS: false [ 616.162817][T30278] vivid-003: RDS Reception: true [ 616.168572][T30278] vivid-003: RDS Program Type: 0 inactive [ 616.178124][T30278] vivid-003: RDS PS Name: inactive [ 616.185708][T30278] vivid-003: RDS Radio Text: inactive [ 616.197270][T30278] vivid-003: RDS Traffic Announcement: false inactive [ 616.212289][T30278] vivid-003: RDS Traffic Program: false inactive [ 616.223257][T30278] vivid-003: RDS Music: false inactive [ 616.242315][T30278] vivid-003: ================== END STATUS ================== [ 617.328376][T30323] netlink: zone id is out of range [ 617.695396][T30334] svc: failed to register nfsdv3 RPC service (errno 111). [ 617.736180][T30334] svc: failed to register nfsaclv3 RPC service (errno 111). [ 869.837682][ T6716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14282'. [ 869.900025][ T6716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14282'. [ 870.564113][ T6737] netlink: 28 bytes leftover after parsing attributes in process `syz.9.14291'. [ 870.833467][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14293'. [ 871.118132][T28475] Bluetooth: hci3: unexpected event 0x32 length: 10 > 9 [ 874.650370][ T6864] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14343'. [ 875.146003][ T6873] nbd: socks must be embedded in a SOCK_ITEM attr [ 875.222940][ T6873] block nbd0: shutting down sockets [ 875.272992][ T6877] netlink: 342 bytes leftover after parsing attributes in process `syz.1.14349'. [ 875.920307][ T6854] kexec: Could not allocate control_code_buffer [ 876.315095][ T6893] netlink: 28 bytes leftover after parsing attributes in process `syz.0.14355'. [ 877.317506][ T6916] svc: failed to register nfsdv3 RPC service (errno 111). [ 877.363952][ T6916] svc: failed to register nfsaclv3 RPC service (errno 111). [ 877.691741][ T6929] netlink: 350 bytes leftover after parsing attributes in process `syz.4.14372'. [ 880.749362][ T6992] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14396'. [ 883.734124][ T7065] netlink: 342 bytes leftover after parsing attributes in process `syz.4.14427'. [ 883.968264][T28475] Bluetooth: hci1: unexpected event 0x01 length: 11 > 1 [ 885.740772][ T7117] XFS: Clearing xfsstats [ 886.199347][ T7134] nbd: socks must be embedded in a SOCK_ITEM attr [ 886.211083][ T7134] block nbd1: shutting down sockets [ 886.361595][ T7140] svc: failed to register nfsdv3 RPC service (errno 111). [ 886.432515][ T7140] svc: failed to register nfsaclv3 RPC service (errno 111). [ 887.619163][ T7180] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14467'. [ 887.992266][ T7186] svc: failed to register nfsdv3 RPC service (errno 111). [ 888.099144][ T7186] svc: failed to register nfsaclv3 RPC service (errno 111). [ 889.638331][ T7245] batman_adv: Routing algorithm '0x00060000' is not supported [ 890.107253][ T7253] nbd: socks must be embedded in a SOCK_ITEM attr [ 890.249775][ T7253] block nbd1: shutting down sockets [ 891.841013][ T7310] netlink: 342 bytes leftover after parsing attributes in process `syz.4.14523'. [ 893.647559][ T7370] delete_channel: no stack [ 895.954676][ T7452] netlink: 85 bytes leftover after parsing attributes in process `syz.4.14583'. [ 899.383871][ T7532] netlink: 342 bytes leftover after parsing attributes in process `syz.1.14608'. [ 900.384398][ T7561] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14620'. [ 901.935341][ T7594] netlink: 28 bytes leftover after parsing attributes in process `syz.9.14633'. [ 902.858263][ T7613] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14642'. [ 908.682403][ T7770] kafs: addr_prefs: Invalid Command [ 908.824987][ T7777] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14710'. [ 908.887136][ T7777] bridge0: port 4(team0) entered disabled state [ 908.893679][ T7777] bridge0: port 3(macvlan1) entered disabled state [ 908.900608][ T7777] bridge0: port 2(bridge_slave_1) entered disabled state [ 908.910318][ T7777] bridge0: port 1(bridge_slave_0) entered disabled state [ 909.033804][ T7777] bridge0: entered promiscuous mode [ 909.062176][ T7777] bridge0: entered allmulticast mode [ 909.127429][ T7779] netlink: 342 bytes leftover after parsing attributes in process `syz.0.14709'. [ 909.845815][ T7800] netlink: 346 bytes leftover after parsing attributes in process `syz.0.14718'. [ 912.767546][ T7866] kafs: addr_prefs: Invalid Command [ 913.538806][ T7880] nbd1: detected capacity change from 0 to 68719476736 [ 913.593340][ T7712] block nbd1: Send control failed (result -22) [ 913.650459][ T7712] block nbd1: Request send failed, requeueing [ 913.708311][ T7114] block nbd1: Receive control failed (result -32) [ 913.745111][ T42] block nbd1: Dead connection, failed to find a fallback [ 913.752732][ T42] block nbd1: shutting down sockets [ 913.759247][ T42] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.769637][ T42] Buffer I/O error on dev nbd1, logical block 0, async page read [ 913.793681][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.878462][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 913.916248][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.987056][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.043765][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 914.084067][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.142458][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 914.188898][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.246085][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 914.306427][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.355879][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 914.410925][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.459828][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 914.483419][ T7900] block2mtd: error: cannot open device 0 [ 914.524270][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.571062][ T7712] ldm_validate_partition_table(): Disk read failed. [ 914.620403][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 914.674667][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.719884][ T7712] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 914.802422][ T7712] Buffer I/O error on dev nbd1, logical block 0, async page read [ 914.844461][ T7712] Dev nbd1: unable to read RDB block 0 [ 914.884158][ T7712] nbd1: unable to read partition table [ 914.934918][ T7712] ldm_validate_partition_table(): Disk read failed. [ 914.988064][ T7712] Dev nbd1: unable to read RDB block 0 [ 915.020861][ T7712] nbd1: unable to read partition table [ 915.886794][ T7934] erspan0: entered allmulticast mode [ 917.236124][ T62] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.330978][ T7967] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 917.502454][ T62] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.689279][ T62] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.911145][ T62] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 918.018964][ T7980] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 918.035992][ T7980] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 918.044426][ T7980] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 918.053853][ T7980] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 918.064648][ T7980] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 918.072010][ T7980] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 918.612605][ T62] bridge_slave_1: left allmulticast mode [ 918.618373][ T62] bridge_slave_1: left promiscuous mode [ 918.677448][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 918.727855][ T62] bridge_slave_0: left allmulticast mode [ 918.754165][ T62] bridge_slave_0: left promiscuous mode [ 918.786413][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 919.980910][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 920.010663][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 920.035270][ T62] bond0 (unregistering): Released all slaves [ 920.154637][ T7980] Bluetooth: hci0: command tx timeout [ 920.213635][ T7979] chnl_net:caif_netlink_parms(): no params data found [ 920.558852][ T62] hsr_slave_0: left promiscuous mode [ 920.594622][ T62] hsr_slave_1: left promiscuous mode [ 920.619853][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 920.661790][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 920.694282][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 920.723230][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 920.805361][ T62] veth1_macvtap: left promiscuous mode [ 920.829917][ T62] veth0_macvtap: left promiscuous mode [ 920.855099][ T62] veth1_vlan: left promiscuous mode [ 920.883183][ T62] veth0_vlan: left promiscuous mode [ 921.453075][ T8068] sd 0:0:1:0: PR command failed: 1026 [ 921.480769][ T29] audit: type=1800 audit(59639.430:56): pid=8070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.14816" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 921.501850][ T8068] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 921.524799][ T8068] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 922.224660][ T7980] Bluetooth: hci0: command tx timeout [ 922.646995][ T62] team0 (unregistering): Port device team_slave_1 removed [ 922.707137][ T62] team0 (unregistering): Port device team_slave_0 removed [ 923.704231][ T7979] bridge0: port 1(bridge_slave_0) entered blocking state [ 923.711326][ T7979] bridge0: port 1(bridge_slave_0) entered disabled state [ 923.775589][ T7979] bridge_slave_0: entered allmulticast mode [ 923.810127][ T7979] bridge_slave_0: entered promiscuous mode [ 923.851508][ T7979] bridge0: port 2(bridge_slave_1) entered blocking state [ 923.897533][ T7979] bridge0: port 2(bridge_slave_1) entered disabled state [ 923.932264][ T7979] bridge_slave_1: entered allmulticast mode [ 923.975254][ T8105] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14828'. [ 923.987978][ T7979] bridge_slave_1: entered promiscuous mode [ 924.135821][ T7979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 924.204258][ T7979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 924.306778][ T7980] Bluetooth: hci0: command tx timeout [ 924.469762][ T7979] team0: Port device team_slave_0 added [ 924.526030][ T7979] team0: Port device team_slave_1 added [ 924.679381][ T7979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 924.686632][ T7979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 924.867307][ T7979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 924.962313][ T7979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 925.019357][ T7979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 925.185674][ T7979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 925.401269][ T7979] hsr_slave_0: entered promiscuous mode [ 925.445879][ T7979] hsr_slave_1: entered promiscuous mode [ 925.451994][ T7979] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 925.516880][ T7979] Cannot create hsr debugfs directory [ 926.359554][ T7980] Bluetooth: hci0: command tx timeout [ 927.296377][ T7979] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 927.348016][ T7979] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 927.420829][ T7979] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 927.467736][ T7979] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 927.557636][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 927.564522][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 927.748090][ T7979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 927.833125][ T7979] 8021q: adding VLAN 0 to HW filter on device team0 [ 927.910058][ T754] bridge0: port 1(bridge_slave_0) entered blocking state [ 927.917421][ T754] bridge0: port 1(bridge_slave_0) entered forwarding state [ 927.972281][ T754] bridge0: port 2(bridge_slave_1) entered blocking state [ 927.979595][ T754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 928.030597][ T29] audit: type=1800 audit(59646.004:57): pid=8216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.14858" name="file0" dev="tmpfs" ino=19117 res=0 errno=0 [ 928.175145][ T29] audit: type=1800 audit(59646.044:58): pid=8216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.14858" name="file0" dev="tmpfs" ino=19117 res=0 errno=0 [ 928.605194][ T7979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 928.769030][ T7979] veth0_vlan: entered promiscuous mode [ 928.813487][ T7979] veth1_vlan: entered promiscuous mode [ 928.925422][ T7979] veth0_macvtap: entered promiscuous mode [ 928.996221][ T7979] veth1_macvtap: entered promiscuous mode [ 929.034067][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.119350][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.178335][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.249719][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.307296][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.380203][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.434376][ T7979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 929.532039][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.595056][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.653574][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.727176][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.752136][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.772145][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.822679][ T7979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 929.885136][ T7979] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 929.933316][ T7979] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 929.956834][ T7979] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 929.978105][ T7979] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.290364][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 930.298225][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 930.474011][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 930.486569][ T7980] Bluetooth: hci3: Malformed Event: 0x2f [ 930.561154][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 932.239144][ T8357] netlink: 338 bytes leftover after parsing attributes in process `syz.9.14895'. [ 932.669092][ T8374] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14901'. [ 932.976453][ T8383] nbd: socks must be embedded in a SOCK_ITEM attr [ 933.008294][ T8383] block nbd2: shutting down sockets [ 933.418606][ T8398] netlink: 342 bytes leftover after parsing attributes in process `syz.1.14907'. [ 936.246651][ T8483] zswap: compressor not available [ 943.107244][ T8712] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14990'. [ 959.593677][ T9237] vivid-009: ================= START STATUS ================= [ 959.658156][ T9237] vivid-009: Enable Output Cropping: true grabbed [ 959.717387][ T9237] vivid-009: Enable Output Composing: true grabbed [ 959.775798][ T9237] vivid-009: Enable Output Scaler: true grabbed [ 959.838001][ T9237] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 959.897250][ T9237] vivid-009: Transmit Mode: HDMI grabbed [ 959.935512][ T9237] vivid-009: Hotplug Present: 0x00000000 [ 959.991785][ T9237] vivid-009: RxSense Present: 0x00000000 [ 960.046713][ T9237] vivid-009: EDID Present: 0x00000000 [ 960.069815][ T9237] vivid-009: ================== END STATUS ================== [ 962.388843][ T9320] netlink: 'syz.1.15138': attribute type 9 has an invalid length. [ 962.407016][ T9320] netlink: 330 bytes leftover after parsing attributes in process `syz.1.15138'. [ 964.381052][ T9385] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input53 [ 965.866972][ T9420] CIFS: VFS: Invalid SecurityFlags: 0 [ 965.866972][ T9420] [ 968.189945][ T9480] netlink: 294 bytes leftover after parsing attributes in process `syz.9.15193'. [ 970.207116][ T9535] netlink: 12 bytes leftover after parsing attributes in process `syz.4.15217'. [ 970.244538][ T9535] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 971.437239][ T9571] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15230'. [ 971.594371][ T9575] qrtr: Invalid version 47 [ 971.829018][ T9581] netlink: 28 bytes leftover after parsing attributes in process `syz.1.15235'. [ 971.852471][ T7980] Bluetooth: hci3: SCO packet for unknown connection handle 3 [ 972.316135][ T9599] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15243'. [ 972.393513][ T9599] vxcan1: entered promiscuous mode [ 972.690877][ T9606] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15245'. [ 973.236101][ T9623] netlink: 74 bytes leftover after parsing attributes in process `syz.4.15250'. [ 979.324726][ T9825] ICMPv6: process `syz.4.15302' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 980.019204][ T9841] tipc: Trying to set illegal importance in message [ 981.116219][ T9858] TCP: TCP_TX_DELAY enabled [ 981.294464][ T9862] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15316'. [ 981.900738][ T9875] nbd2: detected capacity change from 0 to 68719476736 [ 981.947557][ T9674] block nbd2: Send control failed (result -22) [ 981.989199][ T9674] block nbd2: Request send failed, requeueing [ 982.027873][ T7980] block nbd2: Receive control failed (result -32) [ 982.040287][ T42] block nbd2: Dead connection, failed to find a fallback [ 982.047331][ T42] block nbd2: shutting down sockets [ 982.053122][ T42] blk_print_req_error: 24 callbacks suppressed [ 982.053133][ T42] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.068383][ T42] buffer_io_error: 23 callbacks suppressed [ 982.068394][ T42] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.082715][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.143625][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.196365][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.250757][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.318706][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.359014][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.366914][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.381634][ T9886] netlink: 24 bytes leftover after parsing attributes in process `syz.2.15328'. [ 982.435869][ T9886] netlink: 23 bytes leftover after parsing attributes in process `syz.2.15328'. [ 982.467884][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.530187][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.584293][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.632058][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.677775][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.730881][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.796260][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.848180][ T9674] ldm_validate_partition_table(): Disk read failed. [ 982.892575][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 982.945754][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 982.999141][ T9674] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 983.058314][ T9674] Buffer I/O error on dev nbd2, logical block 0, async page read [ 983.108776][ T9674] Dev nbd2: unable to read RDB block 0 [ 983.154211][ T9674] nbd2: unable to read partition table [ 983.214437][ T9674] ldm_validate_partition_table(): Disk read failed. [ 983.223116][ T9674] Dev nbd2: unable to read RDB block 0 [ 983.302128][ T9674] nbd2: unable to read partition table [ 983.344217][ T9674] [ 983.346554][ T9674] ====================================================== [ 983.353562][ T9674] WARNING: possible circular locking dependency detected [ 983.360571][ T9674] 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0 Tainted: G U [ 983.369143][ T9674] ------------------------------------------------------ [ 983.376156][ T9674] udevd/9674 is trying to acquire lock: [ 983.381684][ T9674] ffff888025cb5c88 (&q->q_usage_counter(io)#51){++++}-{0:0}, at: __submit_bio+0x3d1/0x690 [ 983.391601][ T9674] [ 983.391601][ T9674] but task is already holding lock: [ 983.398943][ T9674] ffff888023824e40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 983.409739][ T9674] [ 983.409739][ T9674] which lock already depends on the new lock. [ 983.409739][ T9674] [ 983.420134][ T9674] [ 983.420134][ T9674] the existing dependency chain (in reverse order) is: [ 983.429149][ T9674] [ 983.429149][ T9674] -> #6 (mapping.invalidate_lock#2){++++}-{4:4}: [ 983.437657][ T9674] down_read+0x9a/0x330 [ 983.442350][ T9674] filemap_fault+0x1845/0x2ca0 [ 983.447628][ T9674] __do_fault+0x10a/0x490 [ 983.452470][ T9674] do_pte_missing+0xecf/0x3e10 [ 983.457747][ T9674] __handle_mm_fault+0x1166/0x2c60 [ 983.463378][ T9674] handle_mm_fault+0x3fa/0xaa0 [ 983.468659][ T9674] __get_user_pages+0x773/0x36f0 [ 983.474122][ T9674] __gup_longterm_locked+0x212/0x1870 [ 983.480065][ T9674] gup_fast_fallback+0x1802/0x2690 [ 983.485786][ T9674] pin_user_pages_fast+0xa8/0x100 [ 983.491327][ T9674] iov_iter_extract_pages+0x3a5/0x2010 [ 983.497298][ T9674] bio_iov_iter_get_pages+0x37c/0x1100 [ 983.503448][ T9674] __blkdev_direct_IO_simple+0x361/0x820 [ 983.509587][ T9674] blkdev_direct_IO+0xabb/0x1c50 [ 983.515121][ T9674] blkdev_write_iter+0x6f9/0xdd0 [ 983.520591][ T9674] vfs_write+0x5ae/0x1150 [ 983.525446][ T9674] ksys_write+0x12b/0x250 [ 983.530287][ T9674] do_syscall_64+0xcd/0x250 [ 983.535335][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.541741][ T9674] [ 983.541741][ T9674] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 983.549365][ T9674] __might_fault+0x11b/0x190 [ 983.554490][ T9674] _copy_from_iter+0x1bf/0x1400 [ 983.559856][ T9674] tcp_sendmsg_locked+0x1979/0x37c0 [ 983.565573][ T9674] tcp_sendmsg+0x2e/0x50 [ 983.570422][ T9674] inet_sendmsg+0xb9/0x140 [ 983.575363][ T9674] sock_write_iter+0x4ac/0x5b0 [ 983.580645][ T9674] vfs_write+0x5ae/0x1150 [ 983.585511][ T9674] ksys_write+0x207/0x250 [ 983.590351][ T9674] do_syscall_64+0xcd/0x250 [ 983.595359][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.601771][ T9674] [ 983.601771][ T9674] -> #4 (sk_lock-AF_INET){+.+.}-{0:0}: [ 983.609409][ T9674] lock_sock_nested+0x3a/0xf0 [ 983.614601][ T9674] inet_shutdown+0x67/0x440 [ 983.619624][ T9674] nbd_mark_nsock_dead+0xae/0x5d0 [ 983.625161][ T9674] sock_shutdown+0x17c/0x280 [ 983.630264][ T9674] nbd_config_put+0x1e6/0x750 [ 983.635450][ T9674] nbd_genl_connect+0x12d5/0x1c00 [ 983.640990][ T9674] genl_family_rcv_msg_doit+0x202/0x2f0 [ 983.647048][ T9674] genl_rcv_msg+0x565/0x800 [ 983.652060][ T9674] netlink_rcv_skb+0x165/0x410 [ 983.657337][ T9674] genl_rcv+0x28/0x40 [ 983.661824][ T9674] netlink_unicast+0x53c/0x7f0 [ 983.667097][ T9674] netlink_sendmsg+0x8b8/0xd70 [ 983.672365][ T9674] ____sys_sendmsg+0x9ae/0xb40 [ 983.677647][ T9674] ___sys_sendmsg+0x135/0x1e0 [ 983.682831][ T9674] __sys_sendmsg+0x16e/0x220 [ 983.687941][ T9674] do_syscall_64+0xcd/0x250 [ 983.692948][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.699353][ T9674] [ 983.699353][ T9674] -> #3 (&nsock->tx_lock){+.+.}-{4:4}: [ 983.707028][ T9674] __mutex_lock+0x19b/0xb10 [ 983.712041][ T9674] nbd_queue_rq+0x424/0x1220 [ 983.717168][ T9674] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 983.723229][ T9674] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 983.730075][ T9674] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 983.736571][ T9674] blk_mq_run_hw_queue+0x239/0x670 [ 983.742195][ T9674] blk_mq_flush_plug_list+0x673/0x1c60 [ 983.748168][ T9674] __blk_flush_plug+0x2c5/0x4b0 [ 983.753556][ T9674] __submit_bio+0x547/0x690 [ 983.758574][ T9674] submit_bio_noacct_nocheck+0x698/0xd70 [ 983.764764][ T9674] submit_bio_noacct+0x50d/0x1ec0 [ 983.770305][ T9674] block_read_full_folio+0x812/0xa50 [ 983.776096][ T9674] filemap_read_folio+0xc6/0x2a0 [ 983.781541][ T9674] do_read_cache_folio+0x263/0x5c0 [ 983.787190][ T9674] read_part_sector+0xd4/0x310 [ 983.792474][ T9674] adfspart_check_ICS+0xa7/0x8c0 [ 983.797915][ T9674] bdev_disk_changed+0x6c6/0x14e0 [ 983.803453][ T9674] blkdev_get_whole+0x187/0x290 [ 983.808913][ T9674] bdev_open+0x2c7/0xe20 [ 983.813677][ T9674] blkdev_open+0x272/0x3f0 [ 983.818606][ T9674] do_dentry_open+0x735/0x1c40 [ 983.823878][ T9674] vfs_open+0x82/0x3f0 [ 983.828457][ T9674] path_openat+0x1e88/0x2d80 [ 983.833560][ T9674] do_filp_open+0x20c/0x470 [ 983.838575][ T9674] do_sys_openat2+0x17a/0x1e0 [ 983.843762][ T9674] __x64_sys_openat+0x175/0x210 [ 983.849124][ T9674] do_syscall_64+0xcd/0x250 [ 983.854141][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.860558][ T9674] [ 983.860558][ T9674] -> #2 (&cmd->lock){+.+.}-{4:4}: [ 983.867792][ T9674] __mutex_lock+0x19b/0xb10 [ 983.872943][ T9674] nbd_queue_rq+0xbe/0x1220 [ 983.877957][ T9674] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 983.884022][ T9674] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 983.890929][ T9674] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 983.897469][ T9674] blk_mq_run_hw_queue+0x239/0x670 [ 983.903116][ T9674] blk_mq_flush_plug_list+0x673/0x1c60 [ 983.909196][ T9674] __blk_flush_plug+0x2c5/0x4b0 [ 983.914576][ T9674] __submit_bio+0x547/0x690 [ 983.919585][ T9674] submit_bio_noacct_nocheck+0x698/0xd70 [ 983.925735][ T9674] submit_bio_noacct+0x50d/0x1ec0 [ 983.931374][ T9674] block_read_full_folio+0x812/0xa50 [ 983.937168][ T9674] filemap_read_folio+0xc6/0x2a0 [ 983.942615][ T9674] do_read_cache_folio+0x263/0x5c0 [ 983.948232][ T9674] read_part_sector+0xd4/0x310 [ 983.953502][ T9674] adfspart_check_ICS+0xa7/0x8c0 [ 983.958954][ T9674] bdev_disk_changed+0x6c6/0x14e0 [ 983.964493][ T9674] blkdev_get_whole+0x187/0x290 [ 983.969854][ T9674] bdev_open+0x2c7/0xe20 [ 983.974611][ T9674] blkdev_open+0x272/0x3f0 [ 983.979546][ T9674] do_dentry_open+0x735/0x1c40 [ 983.984822][ T9674] vfs_open+0x82/0x3f0 [ 983.989411][ T9674] path_openat+0x1e88/0x2d80 [ 983.994512][ T9674] do_filp_open+0x20c/0x470 [ 983.999530][ T9674] do_sys_openat2+0x17a/0x1e0 [ 984.004724][ T9674] __x64_sys_openat+0x175/0x210 [ 984.010090][ T9674] do_syscall_64+0xcd/0x250 [ 984.015099][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.021506][ T9674] [ 984.021506][ T9674] -> #1 (set->srcu){.+.+}-{0:0}: [ 984.028617][ T9674] __synchronize_srcu+0xa9/0x2a0 [ 984.034080][ T9674] blk_mq_update_nr_requests+0x288/0x670 [ 984.040239][ T9674] queue_requests_store+0x161/0x210 [ 984.045960][ T9674] queue_attr_store+0x370/0x510 [ 984.051344][ T9674] sysfs_kf_write+0x117/0x170 [ 984.056545][ T9674] kernfs_fop_write_iter+0x33d/0x500 [ 984.062344][ T9674] vfs_write+0x5ae/0x1150 [ 984.067196][ T9674] ksys_write+0x12b/0x250 [ 984.072038][ T9674] do_syscall_64+0xcd/0x250 [ 984.077140][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.083715][ T9674] [ 984.083715][ T9674] -> #0 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 984.092301][ T9674] __lock_acquire+0x249e/0x3c40 [ 984.097763][ T9674] lock_acquire.part.0+0x11b/0x380 [ 984.103396][ T9674] blk_mq_submit_bio+0x20db/0x25f0 [ 984.109234][ T9674] __submit_bio+0x3d1/0x690 [ 984.114257][ T9674] submit_bio_noacct_nocheck+0x698/0xd70 [ 984.120413][ T9674] submit_bio_noacct+0x50d/0x1ec0 [ 984.126011][ T9674] mpage_readahead+0x41d/0x590 [ 984.131384][ T9674] read_pages+0x1a7/0xc60 [ 984.136223][ T9674] page_cache_ra_unbounded+0x426/0x7d0 [ 984.142216][ T9674] force_page_cache_ra+0x24b/0x340 [ 984.147943][ T9674] page_cache_sync_ra+0x158/0xa30 [ 984.153492][ T9674] filemap_get_pages+0xb62/0x1c30 [ 984.159103][ T9674] filemap_read+0x3c5/0xe70 [ 984.164216][ T9674] blkdev_read_iter+0x187/0x4b0 [ 984.169657][ T9674] vfs_read+0x886/0xbf0 [ 984.174321][ T9674] ksys_read+0x12b/0x250 [ 984.179067][ T9674] do_syscall_64+0xcd/0x250 [ 984.184159][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.190572][ T9674] [ 984.190572][ T9674] other info that might help us debug this: [ 984.190572][ T9674] [ 984.200789][ T9674] Chain exists of: [ 984.200789][ T9674] &q->q_usage_counter(io)#51 --> &mm->mmap_lock --> mapping.invalidate_lock#2 [ 984.200789][ T9674] [ 984.215561][ T9674] Possible unsafe locking scenario: [ 984.215561][ T9674] [ 984.223004][ T9674] CPU0 CPU1 [ 984.228360][ T9674] ---- ---- [ 984.233721][ T9674] rlock(mapping.invalidate_lock#2); [ 984.239176][ T9674] lock(&mm->mmap_lock); [ 984.246017][ T9674] lock(mapping.invalidate_lock#2); [ 984.253903][ T9674] rlock(&q->q_usage_counter(io)#51); [ 984.259357][ T9674] [ 984.259357][ T9674] *** DEADLOCK *** [ 984.259357][ T9674] [ 984.267486][ T9674] 1 lock held by udevd/9674: [ 984.272060][ T9674] #0: ffff888023824e40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 984.283277][ T9674] [ 984.283277][ T9674] stack backtrace: [ 984.289147][ T9674] CPU: 0 UID: 0 PID: 9674 Comm: udevd Tainted: G U 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0 [ 984.289167][ T9674] Tainted: [U]=USER [ 984.289172][ T9674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 984.289180][ T9674] Call Trace: [ 984.289186][ T9674] [ 984.289192][ T9674] dump_stack_lvl+0x116/0x1f0 [ 984.289216][ T9674] print_circular_bug+0x490/0x760 [ 984.289232][ T9674] check_noncircular+0x31a/0x400 [ 984.289246][ T9674] ? __pfx_check_noncircular+0x10/0x10 [ 984.289259][ T9674] ? __kernel_text_address+0xd/0x40 [ 984.289274][ T9674] ? unwind_get_return_address+0x59/0xa0 [ 984.289294][ T9674] ? lockdep_lock+0xc6/0x200 [ 984.289312][ T9674] ? __pfx_lockdep_lock+0x10/0x10 [ 984.289332][ T9674] __lock_acquire+0x249e/0x3c40 [ 984.289349][ T9674] ? __pfx___lock_acquire+0x10/0x10 [ 984.289362][ T9674] ? hlock_class+0x4e/0x130 [ 984.289380][ T9674] ? mark_lock+0xb5/0xc60 [ 984.289392][ T9674] ? mark_lock+0xb5/0xc60 [ 984.289405][ T9674] ? page_cache_ra_unbounded+0x426/0x7d0 [ 984.289422][ T9674] ? page_cache_sync_ra+0x158/0xa30 [ 984.289440][ T9674] lock_acquire.part.0+0x11b/0x380 [ 984.289454][ T9674] ? __submit_bio+0x3d1/0x690 [ 984.289474][ T9674] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 984.289489][ T9674] ? rcu_is_watching+0x12/0xc0 [ 984.289507][ T9674] ? trace_lock_acquire+0x14e/0x1f0 [ 984.289519][ T9674] ? __submit_bio+0x3d1/0x690 [ 984.289536][ T9674] ? lock_acquire+0x2f/0xb0 [ 984.289549][ T9674] ? __submit_bio+0x3d1/0x690 [ 984.289567][ T9674] blk_mq_submit_bio+0x20db/0x25f0 [ 984.289586][ T9674] ? __submit_bio+0x3d1/0x690 [ 984.289604][ T9674] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 984.289623][ T9674] ? mark_lock+0xb5/0xc60 [ 984.289636][ T9674] ? __pfx___lock_acquire+0x10/0x10 [ 984.289649][ T9674] ? __pfx___lock_acquire+0x10/0x10 [ 984.289662][ T9674] ? trace_lock_acquire+0x14e/0x1f0 [ 984.289673][ T9674] ? __pfx_mark_lock+0x10/0x10 [ 984.289689][ T9674] __submit_bio+0x3d1/0x690 [ 984.289707][ T9674] ? __pfx___submit_bio+0x10/0x10 [ 984.289724][ T9674] ? trace_lock_acquire+0x14e/0x1f0 [ 984.289738][ T9674] ? submit_bio_noacct_nocheck+0x698/0xd70 [ 984.289756][ T9674] submit_bio_noacct_nocheck+0x698/0xd70 [ 984.289785][ T9674] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 984.289805][ T9674] ? __pfx___might_resched+0x10/0x10 [ 984.289822][ T9674] submit_bio_noacct+0x50d/0x1ec0 [ 984.289842][ T9674] mpage_readahead+0x41d/0x590 [ 984.289858][ T9674] ? __pfx_mpage_readahead+0x10/0x10 [ 984.289877][ T9674] ? __pfx_blkdev_get_block+0x10/0x10 [ 984.289890][ T9674] ? __folio_batch_add_and_move+0x5f3/0xc60 [ 984.289903][ T9674] ? __pfx_lock_release+0x10/0x10 [ 984.289916][ T9674] ? trace_lock_acquire+0x14e/0x1f0 [ 984.289927][ T9674] ? __pfx_blkdev_readahead+0x10/0x10 [ 984.289939][ T9674] read_pages+0x1a7/0xc60 [ 984.289955][ T9674] ? __folio_batch_add_and_move+0x689/0xc60 [ 984.289969][ T9674] ? __pfx_read_pages+0x10/0x10 [ 984.289989][ T9674] page_cache_ra_unbounded+0x426/0x7d0 [ 984.290009][ T9674] force_page_cache_ra+0x24b/0x340 [ 984.290030][ T9674] page_cache_sync_ra+0x158/0xa30 [ 984.290047][ T9674] ? __lock_acquire+0xcc5/0x3c40 [ 984.290061][ T9674] filemap_get_pages+0xb62/0x1c30 [ 984.290076][ T9674] ? __pfx_filemap_get_pages+0x10/0x10 [ 984.290088][ T9674] ? __pfx___might_resched+0x10/0x10 [ 984.290105][ T9674] filemap_read+0x3c5/0xe70 [ 984.290116][ T9674] ? trace_lock_acquire+0x14e/0x1f0 [ 984.290129][ T9674] ? __pfx_filemap_read+0x10/0x10 [ 984.290146][ T9674] ? apparmor_file_permission+0x251/0x400 [ 984.290167][ T9674] blkdev_read_iter+0x187/0x4b0 [ 984.290181][ T9674] vfs_read+0x886/0xbf0 [ 984.290193][ T9674] ? __pfx_vfs_read+0x10/0x10 [ 984.290205][ T9674] ? blkdev_llseek+0x9b/0xd0 [ 984.290216][ T9674] ? __pfx_lock_release+0x10/0x10 [ 984.290231][ T9674] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 984.290248][ T9674] ksys_read+0x12b/0x250 [ 984.290259][ T9674] ? __pfx_ksys_read+0x10/0x10 [ 984.290273][ T9674] do_syscall_64+0xcd/0x250 [ 984.290285][ T9674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.290304][ T9674] RIP: 0033:0x7fa40e916b6a [ 984.290314][ T9674] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 984.290326][ T9674] RSP: 002b:00007ffc842af9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 984.290338][ T9674] RAX: ffffffffffffffda RBX: 00001fffffff0000 RCX: 00007fa40e916b6a [ 984.290347][ T9674] RDX: 0000000000000040 RSI: 0000561db6c68048 RDI: 0000000000000009 [ 984.290354][ T9674] RBP: 0000000000000040 R08: 0000561db6c68020 R09: 00007fa40e9f1b60 [ 984.290362][ T9674] R10: 0000000000000007 R11: 0000000000000246 R12: 0000561db6c68020 [ 984.290369][ T9674] R13: 0000561db6c68038 R14: 0000561db6ca0a18 R15: 0000561db6ca09c0 [ 984.290380][ T9674] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 985.232037][ T5820] syz-executor (5820) used greatest stack depth: 20928 bytes left [ 985.874811][ T5206] bridge0: port 5(syz_tun) entered disabled state [ 985.884709][ T5206] syz_tun (unregistering): left allmulticast mode [ 985.892584][ T5206] syz_tun (unregistering): left promiscuous mode [ 985.899081][ T5206] bridge0: port 5(syz_tun) entered disabled state [ 985.951572][T29301] team0: left allmulticast mode [ 985.956460][T29301] team_slave_0: left allmulticast mode [ 985.963469][T29301] team_slave_1: left allmulticast mode [ 985.969067][T29301] team0: left promiscuous mode [ 985.976813][T29301] team_slave_0: left promiscuous mode [ 985.984996][T29301] team_slave_1: left promiscuous mode [ 985.990996][T29301] bridge0: port 4(team0) entered disabled state [ 985.998249][T29301] bond0: left allmulticast mode [ 986.004820][T29301] bond_slave_0: left allmulticast mode [ 986.010705][T29301] bond_slave_1: left allmulticast mode [ 986.016279][T29301] bond0: left promiscuous mode [ 986.022911][T29301] bond_slave_0: left promiscuous mode [ 986.028755][T29301] bond_slave_1: left promiscuous mode [ 986.050699][T29301] bridge0: port 3(bond0) entered disabled state [ 986.057851][T29301] bridge_slave_1: left allmulticast mode [ 986.081489][T29301] bridge_slave_1: left promiscuous mode [ 986.087148][T29301] bridge0: port 2(bridge_slave_1) entered disabled state [ 986.110111][T29301] bridge_slave_0: left allmulticast mode [ 986.115834][T29301] bridge_slave_0: left promiscuous mode [ 986.121856][T29301] bridge0: port 1(bridge_slave_0) entered disabled state [ 986.231809][T29301] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 986.241502][T29301] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 986.252243][T29301] bond0 (unregistering): Released all slaves [ 986.304100][T29301] .SR: left promiscuous mode [ 986.557753][T29301] hsr_slave_0: left promiscuous mode [ 986.563310][T29301] hsr_slave_1: left promiscuous mode [ 986.570578][T29301] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 986.578890][T29301] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 986.586585][T29301] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 986.593981][T29301] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 986.603405][T29301] veth1_macvtap: left promiscuous mode [ 986.609260][T29301] veth0_macvtap: left promiscuous mode [ 986.614779][T29301] veth1_vlan: left promiscuous mode [ 986.621225][T29301] veth0_vlan: left promiscuous mode [ 986.758845][T29301] team0 (unregistering): Port device team_slave_1 removed [ 986.785564][T29301] team0 (unregistering): Port device team_slave_0 removed [ 987.166821][T29301] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 987.195429][T29301] bridge0: port 3(netdevsim2) entered disabled state [ 987.203782][T29301] netdevsim netdevsim9 netdevsim2 (unregistering): left allmulticast mode [ 987.212381][T29301] netdevsim netdevsim9 netdevsim2 (unregistering): left promiscuous mode [ 987.221884][T29301] bridge0: port 3(netdevsim2) entered disabled state [ 987.230586][T29301] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 987.265367][T29301] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 987.305613][T29301] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 987.370296][T29301] team0: left allmulticast mode [ 987.382384][T29301] team_slave_0: left allmulticast mode [ 987.387867][T29301] team_slave_1: left allmulticast mode [ 987.405424][T29301] team0: left promiscuous mode [ 987.410207][T29301] team_slave_0: left promiscuous mode [ 987.422941][T29301] team_slave_1: left promiscuous mode [ 987.437781][T29301] bridge0: port 7(team0) entered disabled state [ 987.452980][T29301] gretap0: left allmulticast mode [ 987.458019][T29301] gretap0: left promiscuous mode [ 987.480860][T29301] bridge0: port 6(gretap0) entered disabled state [ 987.492729][T29301] vlan1: left allmulticast mode [ 987.497580][T29301] veth0_vlan: left allmulticast mode [ 987.522403][T29301] vlan1: left promiscuous mode [ 987.527395][T29301] bridge0: port 4(vlan1) entered disabled state [ 987.545284][T29301] bridge_slave_1: left allmulticast mode [ 987.550926][T29301] bridge_slave_1: left promiscuous mode [ 987.571695][T29301] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.580709][T29301] bridge_slave_0: left allmulticast mode [ 987.602209][T29301] bridge_slave_0: left promiscuous mode [ 987.607846][T29301] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.684166][T29301] erspan0 (unregistering): left allmulticast mode [ 987.733547][T29301] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 987.746243][T29301] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 987.756058][T29301] bond0 (unregistering): Released all slaves [ 987.794289][T29301] ovs9: left promiscuous mode [ 987.902276][T29301] hsr_slave_0: left promiscuous mode [ 987.916552][T29301] hsr_slave_1: left promiscuous mode [ 987.930854][T29301] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 987.938319][T29301] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 987.970716][T29301] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 987.978145][T29301] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 988.004711][T29301] veth1_macvtap: left promiscuous mode [ 988.019442][T29301] veth0_macvtap: left promiscuous mode [ 988.030196][T29301] veth1_vlan: left promiscuous mode [ 988.035488][T29301] veth0_vlan: left promiscuous mode [ 988.194684][T29301] team0 (unregistering): Port device team_slave_1 removed [ 988.219430][T29301] team0 (unregistering): Port device team_slave_0 removed [ 988.678868][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 988.685148][ T1297] ieee802154 phy1 wpan1: encryption failed: -22