last executing test programs: 11m41.732263125s ago: executing program 0 (id=114): socket(0x2, 0x5, 0x0) 11m41.529415796s ago: executing program 0 (id=118): openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/debug/tracing/error_log\x00', 0x603, 0x0) 11m41.296965372s ago: executing program 0 (id=122): timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, &(0x7f0000002b80)={@sival_int=0x1ff}, 0x0) 11m41.094076658s ago: executing program 0 (id=126): mq_notify$auto(0xffffffffffffffff, &(0x7f00000002c0)={@sival_ptr=0x0, @raw=0x1, 0x0, @_sigev_thread={0x0, 0x0}}) 11m40.900712908s ago: executing program 0 (id=130): rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 11m40.420274027s ago: executing program 0 (id=137): keyctl$auto(0xc, 0x2, 0x7, 0xc23a, 0xa) 11m40.061279817s ago: executing program 32 (id=137): keyctl$auto(0xc, 0x2, 0x7, 0xc23a, 0xa) 6m25.094217983s ago: executing program 3 (id=4981): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sda\x00', 0x8001, 0x0) fallocate$auto(r0, 0x8, 0x0, 0x80000000) 6m24.831419891s ago: executing program 3 (id=4986): iopl$auto(0x3) delete_module$auto(0x0, 0x3) 6m24.525339504s ago: executing program 3 (id=4989): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/timer_migration\x00', 0x20640, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) 6m24.202605148s ago: executing program 3 (id=4994): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/irq/default_smp_affinity\x00', 0x2, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 6m23.913635681s ago: executing program 3 (id=4997): tkill$auto(0x1, 0x7) keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79) 6m23.233354746s ago: executing program 3 (id=5004): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='/sys/devices/virtual/net/rose10/statistics/tx_aborted_errors\x00', 0x300, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000580)=""/222, 0xde) 6m22.63873789s ago: executing program 33 (id=5004): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='/sys/devices/virtual/net/rose10/statistics/tx_aborted_errors\x00', 0x300, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000580)=""/222, 0xde) 1.062599944s ago: executing program 1 (id=10301): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r0, 0x65, 0x2, 0x0, 0x4) 986.63017ms ago: executing program 4 (id=10302): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0) read$auto(r0, &(0x7f0000000000)='/proc/threaZ-sml\x01/net/ip6_mr_vif<', 0x205) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000000c0)=""/4087, 0xff7) 945.104154ms ago: executing program 1 (id=10304): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r0, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 904.194023ms ago: executing program 2 (id=10305): socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x8000000000000006, 0x25, 0x0, 0x7ffffc) 838.797327ms ago: executing program 5 (id=10306): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x22, &(0x7f0000000000), 0x20000001) 758.439725ms ago: executing program 4 (id=10307): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r0 = socket(0xa, 0x1, 0x0) recvmmsg$auto(r0, 0x0, 0x80000000, 0x7956, 0x0) 704.776602ms ago: executing program 2 (id=10308): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x5c, r1, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x10}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x101}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x2}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private0}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0xfdf31875370e1716) 660.638013ms ago: executing program 1 (id=10309): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x100) ioctl$auto(0x3, 0x80000541b, 0x38) 652.966687ms ago: executing program 5 (id=10310): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000000780)={0x14, r1, 0x1, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24040000}, 0x4000800) 638.502181ms ago: executing program 4 (id=10311): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x14, r1, 0x1, 0x70bd26, 0x259fdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 553.389719ms ago: executing program 1 (id=10312): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x4c562, 0x0) pipe$auto(&(0x7f0000000780)=0xffffffffffffffff) splice$auto(r1, 0x0, r0, 0x0, 0x768, 0x9) 519.875531ms ago: executing program 5 (id=10313): setuid$auto(0xe) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) 512.757338ms ago: executing program 2 (id=10314): ioperm$auto(0xaf, 0xe, 0x991b) memfd_create$auto(&(0x7f00000002c0)='IPVS\x00', 0x7) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 475.663206ms ago: executing program 1 (id=10315): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/firmware/acpi/interrupts/ff_pwr_btn\x00', 0x10b142, 0x0) write$auto(r0, 0x0, 0x8) 425.586084ms ago: executing program 4 (id=10316): r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000440)={0x1c, r0, 0x301, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x8, 0x4, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000055}, 0x4) 371.469612ms ago: executing program 2 (id=10317): socket(0x18, 0x5, 0x2) bind$auto(0x3, &(0x7f0000000000), 0x6b) close_range$auto(0x2, 0x8, 0x0) 301.686714ms ago: executing program 5 (id=10318): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x7181, 0x1ffde, 0x50000000, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0x821a, 0x9, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0)) 268.298511ms ago: executing program 1 (id=10319): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x6, 0x5, 0xc, 0x20008a0d, 0x3, 0x6, 0x7fffffff, 0x89, 0x26, 0x4, 0x200200000000001, 0x384, 0xfffffffffffffffc, 0x8, 0x1, 0x30, 0x0, 0x6, 0x5, 0x22000, 0x1, 0x0, 0x84, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc780, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x9, 0xd) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0)) 243.480317ms ago: executing program 4 (id=10320): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto(r0, 0x2203, r0) 202.82922ms ago: executing program 5 (id=10321): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10f, 0x82, 0x0, 0x14) 180.219634ms ago: executing program 2 (id=10322): open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x7fffffff) 2.19042ms ago: executing program 4 (id=10323): r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) write$auto(r0, &(0x7f0000000040)='/sys/kernel/config/target/dbroot\x00', 0x6e) write$auto(r0, &(0x7f0000000000)='/dev/audio1\x00', 0x4) 886.917µs ago: executing program 2 (id=10324): r0 = getpgid(0x0) r1 = pidfd_open$auto(r0, 0x0) setns(r1, 0x4800007d) 0s ago: executing program 5 (id=10325): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r0, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)={&(0x7f0000000240)={0x2c, r1, 0x6c5679fc7dece1a9, 0x70bd27, 0x25dfdbff, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x7}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x10001}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008000) kernel console output (not intermixed with test programs): ridge_slave_0) entered forwarding state [ 109.058407][ T1336] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.065612][ T1336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.132241][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.197500][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.248093][ T4513] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.255370][ T4513] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.266835][ T4513] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.274024][ T4513] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.355325][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.431815][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.439077][ T5854] Bluetooth: hci2: command tx timeout [ 109.479556][ T4513] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.486788][ T4513] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.504736][ T5854] Bluetooth: hci3: command tx timeout [ 109.510387][ T5854] Bluetooth: hci0: command tx timeout [ 109.529568][ T1336] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.536839][ T1336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.598874][ T5854] Bluetooth: hci1: command tx timeout [ 109.897534][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.994849][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.111255][ T5840] veth0_vlan: entered promiscuous mode [ 110.154296][ T5840] veth1_vlan: entered promiscuous mode [ 110.174786][ T5838] veth0_vlan: entered promiscuous mode [ 110.209084][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.239640][ T5838] veth1_vlan: entered promiscuous mode [ 110.280688][ T5840] veth0_macvtap: entered promiscuous mode [ 110.333788][ T5840] veth1_macvtap: entered promiscuous mode [ 110.350514][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.403846][ T5841] veth0_vlan: entered promiscuous mode [ 110.415743][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.426116][ T5838] veth0_macvtap: entered promiscuous mode [ 110.448344][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.472251][ T5841] veth1_vlan: entered promiscuous mode [ 110.480764][ T5838] veth1_macvtap: entered promiscuous mode [ 110.515159][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.524547][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.534266][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.543141][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.560969][ T5839] veth0_vlan: entered promiscuous mode [ 110.593885][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.615611][ T5839] veth1_vlan: entered promiscuous mode [ 110.650010][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.672088][ T5841] veth0_macvtap: entered promiscuous mode [ 110.706711][ T5841] veth1_macvtap: entered promiscuous mode [ 110.723441][ T5838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.732259][ T5838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.743269][ T5838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.752063][ T5838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.827225][ T4513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.838811][ T4513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.849929][ T5839] veth0_macvtap: entered promiscuous mode [ 110.884747][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.897568][ T5839] veth1_macvtap: entered promiscuous mode [ 110.953781][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.961690][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.020768][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.041020][ T5841] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.050496][ T5841] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.059612][ T5841] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.068636][ T5841] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.096367][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.119911][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.149026][ T5840] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 111.174070][ T1336] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.181993][ T1336] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.210901][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.235912][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.256225][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.283088][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.393435][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.401343][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.477339][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.496503][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.508012][ T5854] Bluetooth: hci2: command tx timeout [ 111.583189][ T5854] Bluetooth: hci0: command tx timeout [ 111.589547][ T5843] Bluetooth: hci3: command tx timeout [ 111.615221][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.640017][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.663716][ T5854] Bluetooth: hci1: command tx timeout [ 111.777200][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.813163][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.957264][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.975009][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.584354][ T5854] Bluetooth: hci2: command tx timeout [ 113.664955][ T5854] Bluetooth: hci0: command tx timeout [ 113.670460][ T5854] Bluetooth: hci3: command tx timeout [ 113.743730][ T5854] Bluetooth: hci1: command tx timeout [ 116.844793][ T6076] mmap: syz.1.86 (6076) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 119.725063][ T78] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.866434][ T78] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.027021][ T78] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.237236][ T78] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.784426][ T78] bridge_slave_1: left allmulticast mode [ 120.790338][ T78] bridge_slave_1: left promiscuous mode [ 120.830092][ T78] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.984591][ T78] bridge_slave_0: left allmulticast mode [ 120.990346][ T78] bridge_slave_0: left promiscuous mode [ 121.021882][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 121.038990][ T78] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.062583][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 121.071767][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 121.085285][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 121.093709][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 121.475537][ T6225] syz.1.158(6225): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 123.028087][ T78] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 123.070600][ T78] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 123.108283][ T78] bond0 (unregistering): Released all slaves [ 123.194317][ T5854] Bluetooth: hci0: command tx timeout [ 123.432069][ T5854] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 124.432943][ T78] hsr_slave_0: left promiscuous mode [ 124.504244][ T78] hsr_slave_1: left promiscuous mode [ 124.546297][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.583358][ T78] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.611398][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.662733][ T78] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 124.770611][ T78] veth1_macvtap: left promiscuous mode [ 124.791348][ T78] veth0_macvtap: left promiscuous mode [ 124.813039][ T78] veth1_vlan: left promiscuous mode [ 124.849636][ T78] veth0_vlan: left promiscuous mode [ 125.264336][ T5854] Bluetooth: hci0: command tx timeout [ 125.873515][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.546768][ T78] team0 (unregistering): Port device team_slave_1 removed [ 126.670221][ T78] team0 (unregistering): Port device team_slave_0 removed [ 127.342701][ T5854] Bluetooth: hci0: command tx timeout [ 127.947167][ T6211] chnl_net:caif_netlink_parms(): no params data found [ 128.574749][ T6211] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.592752][ T6211] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.600139][ T6211] bridge_slave_0: entered allmulticast mode [ 128.654723][ T6211] bridge_slave_0: entered promiscuous mode [ 128.669089][ T6211] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.693025][ T6211] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.718195][ T6211] bridge_slave_1: entered allmulticast mode [ 128.753116][ T6211] bridge_slave_1: entered promiscuous mode [ 128.999111][ T6211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.050629][ T6211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.287661][ T6211] team0: Port device team_slave_0 added [ 129.336726][ T6211] team0: Port device team_slave_1 added [ 129.433052][ T5854] Bluetooth: hci0: command tx timeout [ 129.620161][ T6211] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.647003][ T6211] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.749072][ T6211] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.810925][ T6211] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.829151][ T6211] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.907045][ T6211] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.207895][ T6211] hsr_slave_0: entered promiscuous mode [ 130.223774][ T6211] hsr_slave_1: entered promiscuous mode [ 131.313210][ T6211] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 131.386041][ T6211] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 131.476999][ T6211] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 131.549745][ T6211] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 131.849310][ T6211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.899971][ T6211] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.941463][ T3031] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.948701][ T3031] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.996764][ T3031] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.003979][ T3031] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.107790][ T6211] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 132.775358][ T6211] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.495608][ T6499] kexec: Could not allocate control_code_buffer [ 133.717354][ T6211] veth0_vlan: entered promiscuous mode [ 133.750293][ T6211] veth1_vlan: entered promiscuous mode [ 133.882895][ T6211] veth0_macvtap: entered promiscuous mode [ 133.913133][ T6211] veth1_macvtap: entered promiscuous mode [ 134.011920][ T6211] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.070209][ T6211] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.121018][ T6211] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.178496][ T6211] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.193013][ T6211] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.212156][ T6211] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.465746][ T4513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.515666][ T4513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.629948][ T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.670804][ T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.300200][ T6755] ptrace attach of "./syz-executor exec"[6211] was attempted by "./syz-executor exec"[6755] [ 140.276131][ T31] audit: type=1800 audit(1748999469.748:2): pid=6821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.386" name="discovery_nqn" dev="configfs" ino=10185 res=0 errno=0 [ 141.331107][ T31] audit: type=1326 audit(1748999470.824:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6855 comm="syz.4.402" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f579bd8e969 code=0x0 [ 143.377810][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.384433][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.021987][ T5854] Bluetooth: hci1: unexpected event 0x20 length: 123 > 7 [ 145.285578][ T31] audit: type=1800 audit(1748999474.784:4): pid=6978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.455" name="discovery_nqn" dev="configfs" ino=11450 res=0 errno=0 [ 146.001333][ T31] audit: type=1800 audit(1748999475.518:5): pid=7001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.467" name="discovery_nqn" dev="configfs" ino=10437 res=0 errno=0 [ 146.501795][ T31] audit: type=1800 audit(1748999476.031:6): pid=7016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.475" name="version" dev="configfs" ino=11532 res=0 errno=0 [ 146.931662][ T31] audit: type=1800 audit(1748999476.453:7): pid=7031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.480" name="discovery_nqn" dev="configfs" ino=10480 res=0 errno=0 [ 148.823419][ T7099] syz_tun: tun_chr_ioctl cmd 1074025676 [ 148.841655][ T7099] syz_tun: owner set to 3 [ 149.211496][ T7113] syz_tun: tun_chr_ioctl cmd 21731 [ 153.392194][ T7279] Process accounting resumed [ 154.107596][ T31] audit: type=1800 audit(1748999483.670:8): pid=7313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.606" name="dbroot" dev="configfs" ino=11990 res=0 errno=0 [ 154.270531][ T7318] random: crng reseeded on system resumption [ 158.026008][ T7449] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[7449] [ 159.609546][ T7526] random: crng reseeded on system resumption [ 159.894924][ T7540] ima: policy update failed [ 159.906584][ T31] audit: type=1802 audit(1748999489.501:9): pid=7540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.695" res=0 errno=0 [ 162.761036][ T5854] Bluetooth: hci2: unexpected event 0x17 length: 123 > 6 [ 163.145348][ T7692] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[7692] [ 165.937161][ T7821] __vm_enough_memory: pid: 7821, comm: syz.1.812, bytes: 4398046511104 not enough memory for the allocation [ 166.325671][ T7841] capability: warning: `syz.1.823' uses 32-bit capabilities (legacy support in use) [ 167.167385][ T31] audit: type=1800 audit(1748999496.798:10): pid=7879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.841" name="trace_pipe" dev="tracefs" ino=1154 res=0 errno=0 [ 167.400345][ T31] audit: type=1800 audit(1748999497.030:11): pid=7889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.846" name="lu_gp_id" dev="configfs" ino=12920 res=0 errno=0 [ 167.567257][ T31] audit: type=1800 audit(1748999497.200:12): pid=7897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.850" name="members" dev="configfs" ino=12931 res=0 errno=0 [ 169.039377][ T5854] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 169.138999][ T7969] futex_wake_op: syz.3.886 tries to shift op by 64; fix this program [ 176.391548][ T8308] nfs: Bad value for 'source' [ 176.736417][ T31] audit: type=1800 audit(1749000530.415:13): pid=8322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1060" name="trace_pipe" dev="tracefs" ino=1111 res=0 errno=0 [ 181.854994][ T8548] syz.3.1173 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 181.918176][ T8554] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 183.876799][ T8612] Process accounting paused [ 185.671769][ T5854] Bluetooth: hci0: unexpected event 0x23 length: 127 > 13 [ 185.980835][ T8730] syz_tun: tun_chr_ioctl cmd 4294967291 [ 186.936794][ T8769] Unable to find swap-space signature [ 189.647240][ T8884] Unable to find swap-space signature [ 191.710488][ T31] audit: type=1800 audit(1749000545.463:14): pid=8977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1383" name="features" dev="configfs" ino=16055 res=0 errno=0 [ 192.799938][ T9030] capability: warning: `syz.2.1409' uses deprecated v2 capabilities in a way that may be insecure [ 193.166195][ T9049] syz_tun: tun_chr_ioctl cmd 1074025680 [ 195.827532][ T9184] ptp ptp0: only physical clock in use now [ 196.150141][ T9201] futex_wake_op: syz.1.1492 tries to shift op by 64; fix this program [ 197.428342][ T9264] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706]. [ 197.654329][ T9275] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 199.623625][ T9379] syz.4.1569 uses obsolete (PF_INET,SOCK_PACKET) [ 201.137428][ T31] audit: type=1800 audit(4294967304.192:15): pid=9452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1598" name="features" dev="configfs" ino=18524 res=0 errno=0 [ 201.906880][ T9490] usb usb24: check_ctrlrecip: process 9490 (syz.2.1615) requesting ep 01 but needs 81 [ 201.992106][ T9490] usb usb24: usbfs: process 9490 (syz.2.1615) did not claim interface 0 before use [ 202.026625][ T9497] ceph: Failed to parse sending metrics switch value 'P^' [ 203.801780][ T5854] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 204.110144][ T31] audit: type=1400 audit(4294967307.177:16): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=9596 comm="syz.2.1668" [ 204.492995][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.499536][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.107186][ T9653] queue_state_write: operation too long [ 205.113091][ T9653] queue_state_write: use 'run', 'start' or 'kick' [ 205.884247][ T9693] block2mtd: illegal erase size [ 206.288205][ T9710] vivid-007: ================= START STATUS ================= [ 206.296144][ T9710] vivid-007: Generate PTS: true [ 206.335755][ T9710] vivid-007: Generate SCR: true [ 206.341369][ T9710] tpg source WxH: 320x240 (Y'CbCr) [ 206.352636][ T9710] tpg field: 1 [ 206.358073][ T9710] tpg crop: (0,0)/320x240 [ 206.362534][ T9710] tpg compose: (0,0)/320x240 [ 206.367300][ T9710] tpg colorspace: 8 [ 206.371377][ T9710] tpg transfer function: 0/0 [ 206.376086][ T9710] tpg Y'CbCr encoding: 0/0 [ 206.408285][ T9710] tpg quantization: 0/0 [ 206.419969][ T9710] tpg RGB range: 0/2 [ 206.425077][ T9710] vivid-007: ================== END STATUS ================== [ 206.944052][ T9744] syz_tun: tun_chr_ioctl cmd 1074025688 [ 207.795452][ T9781] process 'syz.2.1752' launched '/dev/fd/3' with NULL argv: empty string added [ 211.741761][ T9949] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 211.748652][ T9946] ima: policy update failed [ 211.818299][ T31] audit: type=1802 audit(4294967314.897:17): pid=9946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1818" res=0 errno=0 [ 212.997512][ T9998] [ 213.884454][T10029] Process accounting resumed [ 215.828637][T10105] vivid-003: ================= START STATUS ================= [ 215.836415][T10105] vivid-003: Radio HW Seek Mode: Bounded [ 215.871044][T10105] vivid-003: Radio Programmable HW Seek: false [ 215.877339][T10105] vivid-003: RDS Rx I/O Mode: Block I/O [ 215.920941][T10105] vivid-003: Generate RBDS Instead of RDS: false [ 215.962405][T10105] vivid-003: RDS Reception: true [ 215.987706][T10105] vivid-003: RDS Program Type: 0 inactive [ 215.996829][T10105] vivid-003: RDS PS Name: inactive [ 216.010475][T10105] vivid-003: RDS Radio Text: inactive [ 216.024925][T10105] vivid-003: RDS Traffic Announcement: false inactive [ 216.032448][T10105] vivid-003: RDS Traffic Program: false inactive [ 216.039431][T10105] vivid-003: RDS Music: false inactive [ 216.051564][T10105] vivid-003: ================== END STATUS ================== [ 216.489697][T10129] binder: 10128:10129 ioctl c0306201 2000000000c0 returned -14 [ 217.632692][T10178] vivid-003: ================= START STATUS ================= [ 217.661112][T10178] vivid-003: Radio HW Seek Mode: Bounded [ 217.666899][T10178] vivid-003: Radio Programmable HW Seek: false [ 217.721281][T10178] vivid-003: RDS Rx I/O Mode: Block I/O [ 217.735293][T10178] vivid-003: Generate RBDS Instead of RDS: false [ 217.774803][T10183] rnbd_client L202: map_device: Unknown parameter or missing value '(' [ 217.778313][T10178] vivid-003: RDS Reception: true [ 217.804424][T10178] vivid-003: RDS Program Type: 0 inactive [ 217.823544][T10178] vivid-003: RDS PS Name: inactive [ 217.846488][T10178] vivid-003: RDS Radio Text: inactive [ 217.862603][T10178] vivid-003: RDS Traffic Announcement: false inactive [ 217.908116][T10178] vivid-003: RDS Traffic Program: false inactive [ 217.914648][T10178] vivid-003: RDS Music: false inactive [ 217.956216][T10178] vivid-003: ================== END STATUS ================== [ 218.424936][T10210] program syz.2.1920 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 218.784155][T10226] vivid-003: ================= START STATUS ================= [ 218.814523][T10226] vivid-003: Radio HW Seek Mode: Bounded [ 218.820297][T10226] vivid-003: Radio Programmable HW Seek: false [ 218.841928][T10226] vivid-003: RDS Rx I/O Mode: Block I/O [ 218.857035][T10226] vivid-003: Generate RBDS Instead of RDS: false [ 218.885201][T10226] vivid-003: RDS Reception: true [ 218.890451][T10226] vivid-003: RDS Program Type: 0 inactive [ 218.924974][T10226] vivid-003: RDS PS Name: inactive [ 218.935076][T10226] vivid-003: RDS Radio Text: inactive [ 218.965781][T10226] vivid-003: RDS Traffic Announcement: false inactive [ 218.980458][T10226] vivid-003: RDS Traffic Program: false inactive [ 219.003612][T10226] vivid-003: RDS Music: false inactive [ 219.014843][T10226] vivid-003: ================== END STATUS ================== [ 220.889027][ C1] process 5839 (syz-executor) no longer affine to cpu1 [ 220.933086][ T5881] smpboot: CPU 1 is now offline [ 223.427993][T10384] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 226.934573][ T5846] Bluetooth: hci2: command 0x0406 tx timeout [ 227.020174][ T5854] Bluetooth: hci3: command 0x0406 tx timeout [ 227.091668][ T5843] Bluetooth: hci1: command 0x0406 tx timeout [ 228.532842][T10528] ptrace attach of "./syz-executor exec"[5840] was attempted by ""[10528] [ 230.278252][T10582] kAFS: Invalid Command on /proc/fs/afs/cells file [ 231.786637][T10628] block2mtd: illegal erase size [ 233.519522][ T5155] Bluetooth: hci2: unexpected event 0x3e length: 0 < 1 [ 234.419596][T10705] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.450196][T10711] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[10711] [ 234.624353][T10705] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.824419][T10705] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.987634][T10705] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.701612][T10747] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 236.381271][T10770] [U]  [ 237.909500][T10819] ima: policy update failed [ 237.953466][ T31] audit: type=1802 audit(4294967341.183:18): pid=10819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2207" res=0 errno=0 [ 238.665177][ T5155] Bluetooth: hci1: unexpected event 0x3e length: 0 < 1 [ 241.319214][T10916] program syz.3.2252 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 241.373791][T10916] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 242.157320][T10940] : Can't lookup blockdev [ 242.373991][ T5155] Bluetooth: hci0: unexpected event 0x3e length: 0 < 1 [ 242.849371][ T5155] Bluetooth: hci0: command 0x0406 tx timeout [ 243.163987][T10968] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 243.816910][T10985] Line length is too long: Should be less than 4094 [ 244.339276][T10983] Process accounting paused [ 245.603955][T11040] delete_channel: no stack [ 246.324531][ T5843] Bluetooth: hci3: unexpected event 0x3e length: 0 < 1 [ 252.059255][ T5843] Bluetooth: hci2: unexpected event 0x3e length: 0 < 1 [ 256.529681][T11283] i2c i2c-0: delete_device: Extra parameters [ 257.826950][T11305] Invalid ELF header magic: != ELF [ 259.428126][T11355] synth uevent: /devices/virtual/block/ram11: unknown uevent action string [ 259.495048][T11355] block ram11: uevent: failed to send synthetic uevent: -22 [ 260.506339][T11388] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.2479' sets config #32769 [ 261.457072][T11411] bond0: option mode: unable to set because the bond device is up [ 261.818126][T11377] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 262.815359][T11475] QAT: Invalid ioctl 21531 [ 263.427520][T11494] bond0: no command found in slaves file - use +ifname or -ifname [ 265.346550][T11557] block nbd8: NBD_DISCONNECT [ 265.615991][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.629819][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.832024][T11676] WARNING! power/level is deprecated; use power/control instead [ 268.596066][T11695] kAFS: Invalid Command on /proc/fs/afs/cells file [ 268.656254][T11697] aoe: can't write to that file. [ 271.300901][T11759] program syz.1.2615 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 275.737957][T11838] Process accounting resumed [ 277.199659][T11908] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 280.217428][T11983] bond0: no command found in slaves file - use +ifname or -ifname [ 280.623864][ T31] audit: type=1800 audit(4294967329.588:19): pid=11992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2707" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 282.744043][ T31] audit: type=1800 audit(4294967331.719:20): pid=12050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2731" name="members" dev="configfs" ino=26033 res=0 errno=0 [ 282.764327][ C0] vkms_vblank_simulate: vblank timer overrun [ 283.601719][T12071] ICMPv6: process `syz.1.2740' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 284.394750][T12095] tipc: Can't bind to reserved service type 1 [ 286.046046][T12151] warning: `syz.3.2774' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 286.491197][T12167] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 289.430609][T12279] : Can't lookup blockdev [ 290.295833][T12310] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 291.729275][T12357] binder: 12356:12357 ioctl 541b 38 returned -22 [ 293.332604][ T31] audit: type=1800 audit(4294967342.364:21): pid=12416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2881" name="lu_gp_id" dev="configfs" ino=27017 res=0 errno=0 [ 293.353652][T12416] kstrtoul() returned -22 for lu_gp_id [ 295.606123][T12498] delete_channel: no stack [ 295.610895][T12500] kAFS: No cell specified [ 299.486287][T12648] : Can't lookup blockdev [ 300.637918][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 300.645055][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 305.772694][T12874] Process accounting paused [ 307.896663][T12944] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 309.497784][T13001] nvme_fcloop: unknown parameter or missing value '7' [ 312.022525][T13081] ======================================================= [ 312.022525][T13081] WARNING: The mand mount option has been deprecated and [ 312.022525][T13081] and is ignored by this kernel. Remove the mand [ 312.022525][T13081] option from the mount to silence this warning. [ 312.022525][T13081] ======================================================= [ 312.959728][T13114] i2c i2c-0: delete_device: Can't find device in list [ 314.699068][ T31] audit: type=1800 audit(4294967363.825:22): pid=13175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3212" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 315.652349][T13207] ptrace attach of "./syz-executor exec"[6211] was attempted by "./syz-executor exec"[13207] [ 319.293027][T13334] binder: 13331:13334 ioctl c0306201 2000000000c0 returned -14 [ 319.313109][T13335] block2mtd: illegal erase size [ 324.655156][ T5843] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11 [ 324.983894][T13532] zswap: compressor Ȯ9Qz%;0*lH`Bkjwjӳ<85'.Y[`2Y$`Yvgִq"b%zN[O EiFi(Sh3Kx>ԝRS=kHɟ{?Bbޝ4)> not available [ 325.691634][T13554] random: crng reseeded on system resumption [ 326.285714][T13575] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 326.752256][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.758622][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 329.312205][T13696] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 329.359123][ C0] vkms_vblank_simulate: vblank timer overrun [ 331.070802][T13761] mmap: syz.1.3453 (13761): VmData 37601280 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 331.727142][T13788] afs: Bad value for 'source' [ 334.060479][ T31] audit: type=1800 audit(4294967383.296:23): pid=13885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3508" name="discovery_nqn" dev="configfs" ino=31052 res=0 errno=0 [ 335.779529][T13947] Process accounting resumed [ 337.796554][T14026] syz.1.3571: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 337.912912][T14026] CPU: 0 UID: 0 PID: 14026 Comm: syz.1.3571 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 337.912947][T14026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 337.912965][T14026] Call Trace: [ 337.912977][T14026] [ 337.912989][T14026] dump_stack_lvl+0x16c/0x1f0 [ 337.913036][T14026] warn_alloc+0x248/0x3a0 [ 337.913076][T14026] ? __pfx_warn_alloc+0x10/0x10 [ 337.913120][T14026] ? __lock_acquire+0xb8a/0x1c90 [ 337.913164][T14026] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 337.913192][T14026] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 337.913224][T14026] ? __pfx___mutex_trylock_common+0x10/0x10 [ 337.913261][T14026] ? __pfx___might_resched+0x10/0x10 [ 337.913289][T14026] ? rcu_is_watching+0x12/0xc0 [ 337.913316][T14026] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 337.913341][T14026] ? __mutex_lock+0x1ca/0xb90 [ 337.913364][T14026] ? tomoyo_path_number_perm+0x295/0x580 [ 337.913403][T14026] ? dvb_dvr_do_ioctl+0x7e/0x290 [ 337.913429][T14026] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 337.913465][T14026] ? __pfx___mutex_lock+0x10/0x10 [ 337.913490][T14026] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 337.913565][T14026] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 337.913591][T14026] __vmalloc_node_noprof+0xad/0xf0 [ 337.913630][T14026] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 337.913660][T14026] dvb_dvr_do_ioctl+0x15d/0x290 [ 337.913692][T14026] dvb_usercopy+0x167/0x340 [ 337.913716][T14026] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 337.913745][T14026] ? __pfx_dvb_usercopy+0x10/0x10 [ 337.913782][T14026] ? __fget_files+0x20e/0x3c0 [ 337.913824][T14026] dvb_dvr_ioctl+0x29/0x40 [ 337.913847][T14026] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 337.913872][T14026] __x64_sys_ioctl+0x18b/0x210 [ 337.913905][T14026] do_syscall_64+0xcd/0x490 [ 337.913931][T14026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.913956][T14026] RIP: 0033:0x7ff88a18e969 [ 337.913975][T14026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.913998][T14026] RSP: 002b:00007ff88b0af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 337.914021][T14026] RAX: ffffffffffffffda RBX: 00007ff88a3b5fa0 RCX: 00007ff88a18e969 [ 337.914037][T14026] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 337.914052][T14026] RBP: 00007ff88a210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 337.914067][T14026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 337.914081][T14026] R13: 0000000000000000 R14: 00007ff88a3b5fa0 R15: 00007ffe34ac28e8 [ 337.914112][T14026] [ 338.190410][ C0] vkms_vblank_simulate: vblank timer overrun [ 339.221090][T14063] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163db69 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 339.236757][T14063] Call Trace: [ 339.240085][T14063] [ 339.243065][T14063] ? __pfx_mce_cpu_restart+0x10/0x10 [ 339.248412][T14063] mce_cpu_restart+0x98/0xb0 [ 339.253064][T14063] smp_call_function_many_cond+0xefc/0x1510 [ 339.259020][T14063] ? __pfx_mce_cpu_restart+0x10/0x10 [ 339.264375][T14063] ? _raw_spin_unlock+0x41/0x50 [ 339.269279][T14063] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 339.275139][T14063] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 339.281564][T14063] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 339.287620][T14063] ? __pfx_mce_cpu_restart+0x10/0x10 [ 339.292962][T14063] on_each_cpu_cond_mask+0x40/0x90 [ 339.298115][T14063] set_bank+0x240/0x3a0 [ 339.302316][T14063] ? __pfx_set_bank+0x10/0x10 [ 339.307031][T14063] ? find_held_lock+0x2b/0x80 [ 339.311751][T14063] ? __pfx_set_bank+0x10/0x10 [ 339.316485][T14063] dev_attr_store+0x58/0x80 [ 339.321053][T14063] ? __pfx_dev_attr_store+0x10/0x10 [ 339.326305][T14063] sysfs_kf_write+0xef/0x150 [ 339.330941][T14063] kernfs_fop_write_iter+0x351/0x510 [ 339.336260][T14063] ? __pfx_sysfs_kf_write+0x10/0x10 [ 339.341503][T14063] vfs_write+0x6c7/0x1150 [ 339.345874][T14063] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 339.351710][T14063] ? __pfx___mutex_lock+0x10/0x10 [ 339.356763][T14063] ? __pfx_vfs_write+0x10/0x10 [ 339.361591][T14063] ksys_write+0x12a/0x250 [ 339.365961][T14063] ? __pfx_ksys_write+0x10/0x10 [ 339.370891][T14063] do_syscall_64+0xcd/0x490 [ 339.375446][T14063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.381372][T14063] RIP: 0033:0x7f7412f8e969 [ 339.385806][T14063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.405439][T14063] RSP: 002b:00007f7413e09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 339.413883][T14063] RAX: ffffffffffffffda RBX: 00007f74131b5fa0 RCX: 00007f7412f8e969 [ 339.421869][T14063] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 339.429855][T14063] RBP: 00007f7413010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 339.437838][T14063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.445905][T14063] R13: 0000000000000000 R14: 00007f74131b5fa0 R15: 00007ffc6890a858 [ 339.453903][T14063] [ 339.457162][ C0] vkms_vblank_simulate: vblank timer overrun [ 339.525458][T14026] Mem-Info: [ 339.528683][T14026] active_anon:4815 inactive_anon:611 isolated_anon:0 [ 339.528683][T14026] active_file:15552 inactive_file:37958 isolated_file:0 [ 339.528683][T14026] unevictable:768 dirty:395 writeback:0 [ 339.528683][T14026] slab_reclaimable:10402 slab_unreclaimable:94087 [ 339.528683][T14026] mapped:24366 shmem:1373 pagetables:1176 [ 339.528683][T14026] sec_pagetables:0 bounce:0 [ 339.528683][T14026] kernel_misc_reclaimable:0 [ 339.528683][T14026] free:1334173 free_pcp:12497 free_cma:0 [ 339.574391][ C0] vkms_vblank_simulate: vblank timer overrun [ 339.660378][T14026] Node 0 active_anon:19260kB inactive_anon:2496kB active_file:62204kB inactive_file:151700kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97516kB dirty:1580kB writeback:0kB shmem:3956kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10640kB pagetables:4540kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 339.694229][ C0] vkms_vblank_simulate: vblank timer overrun [ 339.774285][T14026] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 339.805874][ C0] vkms_vblank_simulate: vblank timer overrun [ 339.887664][T14026] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 339.995694][T14026] lowmem_reserve[]: 0 2481 2483 2483 2483 [ 340.014979][T14026] Node 0 DMA32 free:1409224kB boost:0kB min:34332kB low:42912kB high:51492kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19212kB inactive_anon:2652kB active_file:61468kB inactive_file:150868kB unevictable:1536kB writepending:1580kB present:3129332kB managed:2541060kB mlocked:0kB bounce:0kB free_pcp:40992kB local_pcp:40992kB free_cma:0kB [ 340.047839][ C0] vkms_vblank_simulate: vblank timer overrun [ 340.166698][T14026] lowmem_reserve[]: 0 0 1 1 1 [ 340.171654][T14026] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:736kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 340.201751][ C0] vkms_vblank_simulate: vblank timer overrun [ 340.384853][T14026] lowmem_reserve[]: 0 0 0 0 0 [ 340.389654][T14026] Node 1 Normal free:3912096kB boost:0kB min:55548kB low:69432kB high:83316kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:8608kB local_pcp:8608kB free_cma:0kB [ 340.420794][ C0] vkms_vblank_simulate: vblank timer overrun [ 340.563235][T14026] lowmem_reserve[]: 0 0 0 0 0 [ 340.568026][T14026] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 340.685279][T14026] Node 0 DMA32: 2262*4kB (UME) 1116*8kB (UM) 647*16kB (UM) 981*32kB (UM) 352*64kB (UM) 147*128kB (UME) 102*256kB (UME) 98*512kB (UME) 75*1024kB (UME) 16*2048kB (UM) 274*4096kB (UM) = 1409224kB [ 340.786164][T14026] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 340.858317][T14026] Node 1 Normal: 228*4kB (UME) 44*8kB (UME) 29*16kB (UME) 229*32kB (UME) 59*64kB (UME) 15*128kB (UME) 6*256kB (UME) 3*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 949*4096kB (M) = 3912096kB [ 340.968451][T14026] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 341.030025][T14026] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 341.095634][T14026] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 341.161215][T14026] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 341.221540][T14026] 54879 total pagecache pages [ 341.251056][T14026] 0 pages in swap cache [ 341.287908][T14026] Free swap = 124996kB [ 341.307982][T14026] Total swap = 124996kB [ 341.332120][T14026] 2097051 pages RAM [ 341.349787][T14026] 0 pages HighMem/MovableOnly [ 341.406988][T14026] 429744 pages reserved [ 341.424184][T14026] 0 pages cma reserved [ 342.692674][T14153] zram: Added device: zram1 [ 344.607667][T14240] random: crng reseeded on system resumption [ 348.986635][T14411] random: crng reseeded on system resumption [ 350.015244][T14456] random: crng reseeded on system resumption [ 351.676143][T14511] program syz.1.3748 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 358.651726][T14764] i2c i2c-0: new_device: Can't parse I2C address [ 358.709303][T14767] block2mtd: Using custom MTD label '' for dev [ 358.745498][T14767] block2mtd: error: cannot open device [ 358.883332][T14772] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 359.940142][T14823] misc userio: Invalid payload size [ 361.532391][T14877] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 362.580403][T14913] nvme_fcloop: unknown parameter or missing value '' [ 362.607579][T14915] QAT: failed to copy from user. [ 362.993685][T14929] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 363.129871][ T31] audit: type=1800 audit(4294967412.507:24): pid=14932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3913" name="discovery_nqn" dev="configfs" ino=33730 res=0 errno=0 [ 365.819106][T15018] Process accounting paused [ 366.130894][T15034] Setting dangerous option i915.mitigations - tainting kernel [ 366.187378][T15034] Bad "i915.mitigations=!h@S", 'h@S' is unknown [ 367.685929][ T5843] Bluetooth: hci1: unexpected event 0x3e length: 728 > 260 [ 367.685958][ T5843] Bluetooth: hci1: unexpected subevent 0x03 length: 727 > 9 [ 369.810342][T15193] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 370.050254][T15199] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to -1. Contact your vendor for updates. [ 370.162434][T15205] QAT: failed to copy from user cfg_data. [ 373.487705][ T31] audit: type=1800 audit(4294967422.931:25): pid=15345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4074" name="dbroot" dev="configfs" ino=34751 res=0 errno=0 [ 373.538078][T15343] hub 8-0:1.0: USB hub found [ 373.584757][T15343] hub 8-0:1.0: 1 port detected [ 374.553035][ T31] audit: type=1400 audit(4294967423.996:26): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=15385 comm="syz.3.4090" [ 375.245630][T15418] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 375.376616][T15418] CIFS mount error: No usable UNC path provided in device string! [ 375.376616][T15418] [ 375.426641][T15418] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 376.499044][T15459] Format for deleting device is "id" (uint). [ 376.764984][T15467] syz_tun: tun_chr_ioctl cmd 2147767507 [ 379.443683][T15544] hub 8-0:1.0: USB hub found [ 379.472911][T15544] hub 8-0:1.0: 1 port detected [ 380.423489][T15587] rnbd_client L213: map_device: Parameters missing [ 380.615083][T15593] futex_wake_op: syz.2.4179 tries to shift op by -9; fix this program [ 382.793860][T15671] bond0: option lp_interval: invalid value (/sys/devices/platform/vkms/graphics/fb0/rotate) [ 382.860140][T15671] bond0: option lp_interval: allowed values 1 - 2147483647 [ 383.437623][ T31] audit: type=1400 audit(4294967432.933:27): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=15688 comm="syz.1.4222" [ 384.902371][T15739] hub 8-0:1.0: USB hub found [ 384.936125][T15739] hub 8-0:1.0: 1 port detected [ 385.762535][ T31] audit: type=1800 audit(4294967435.275:28): pid=15772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4256" name="members" dev="configfs" ino=35935 res=0 errno=0 [ 386.017782][T15782] hub 8-0:1.0: USB hub found [ 386.055781][T15782] hub 8-0:1.0: 1 port detected [ 387.871035][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 387.883888][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.306613][T15864] CIFS mount error: No usable UNC path provided in device string! [ 388.306613][T15864] [ 388.373577][T15864] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 388.569013][T15869] ubi0: attaching mtd0 [ 388.595139][T15869] ubi0 error: ubi_attach_mtd_dev: bad VID header (3969) or data offsets (4033) [ 390.775307][T15943] vmstat_refresh: pgdemote_proactive -2048 [ 391.742183][T15974] kafs: addr_prefs: Invalid Command [ 394.036266][ T31] audit: type=1806 audit(4294967443.588:29): xattr=2EC7871B res=-22 [ 395.824938][T16107] Process accounting resumed [ 397.695836][T16168] syz_tun: tun_chr_ioctl cmd 1074025698 [ 398.571752][T16189] XFS: irix_symlink_mode sysctl option is deprecated. [ 400.661546][T16254] i2c i2c-0: new_device: Invalid device name [ 404.459461][T16394] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 408.843421][T16558] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 408.882615][T16558] ep_00: uevent: failed to send synthetic uevent: -22 [ 409.775440][T16596] syz.3.4603 (16596): attempted to duplicate a private mapping with mremap. This is not supported. [ 411.851163][T16680] kAFS: unparsable volume name [ 412.626152][T16711] vhci_hcd: invalid port number 255 [ 415.358139][T16805] block2mtd: device name too long [ 416.612239][T16847] syz.4.4710 (16847): drop_caches: 0 [ 421.465092][T17008] blkio.reset_stats is deprecated [ 422.263673][T17036] block nbd14: the capability attribute has been deprecated. [ 425.771720][T17146] Process accounting paused [ 427.451037][T17212] ICMPv6: process `syz.1.4871' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 430.165776][T17307] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 430.165776][T17307] M' is too long [ 430.215607][T17307] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 430.215607][T17307] W ' is too long [ 433.679015][T17372] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 434.990063][T17457] sysfs_service_op_show: Client not running :-5: [ 436.530559][T17504] Debayer A: ================= START STATUS ================= [ 436.579069][T17504] Debayer A: Debayer Mean Window Size: 3 [ 436.616672][T17504] Debayer A: ================== END STATUS ================== [ 437.007377][ T78] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.142563][ T78] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.240397][ T78] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.418096][ T78] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.025483][ T78] bridge_slave_1: left allmulticast mode [ 438.031184][ T78] bridge_slave_1: left promiscuous mode [ 438.110487][ T78] bridge0: port 2(bridge_slave_1) entered disabled state [ 438.187199][ T78] bridge_slave_0: left allmulticast mode [ 438.225118][ T78] bridge_slave_0: left promiscuous mode [ 438.269843][ T78] bridge0: port 1(bridge_slave_0) entered disabled state [ 439.011235][ T5155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 439.024217][ T5155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 439.035059][ T5155] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 439.046813][ T5155] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 439.067765][ T5155] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 439.957460][ T78] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 440.057101][ T78] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 440.173643][ T78] bond0 (unregistering): Released all slaves [ 441.099553][ T5155] Bluetooth: hci1: command tx timeout [ 441.332960][ T78] hsr_slave_0: left promiscuous mode [ 441.417974][ T78] hsr_slave_1: left promiscuous mode [ 441.465342][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 441.524785][ T78] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 441.623514][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 441.674115][ T78] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 441.842229][ T78] veth1_macvtap: left promiscuous mode [ 441.887594][ T78] veth0_macvtap: left promiscuous mode [ 441.907166][ T78] veth1_vlan: left promiscuous mode [ 441.952237][ T78] veth0_vlan: left promiscuous mode [ 442.029748][T17676] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there [ 442.029748][T17676] [ 442.308820][T17672] could not allocate digest TFM handle [ 442.739433][T17697] program syz.4.5049 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 443.166650][ T5155] Bluetooth: hci1: command tx timeout [ 443.640185][T17720] vivid-007: ================= START STATUS ================= [ 443.692547][T17720] vivid-007: Enable Output Cropping: true [ 443.714065][T17720] vivid-007: Enable Output Composing: true [ 443.719952][T17720] vivid-007: Enable Output Scaler: true [ 443.771356][T17720] vivid-007: Tx RGB Quantization Range: Automatic [ 443.798332][T17720] vivid-007: Transmit Mode: HDMI [ 443.832559][T17720] vivid-007: Hotplug Present: 0x00000000 [ 443.846944][T17720] vivid-007: RxSense Present: 0x00000000 [ 443.880635][T17720] vivid-007: EDID Present: 0x00000000 [ 443.912576][T17720] vivid-007: ================== END STATUS ================== [ 444.751643][ T78] team0 (unregistering): Port device team_slave_1 removed [ 445.016374][ T78] team0 (unregistering): Port device team_slave_0 removed [ 445.236912][ T5155] Bluetooth: hci1: command tx timeout [ 447.305344][ T5155] Bluetooth: hci1: command tx timeout [ 447.777297][T17571] chnl_net:caif_netlink_parms(): no params data found [ 448.480320][T17571] bridge0: port 1(bridge_slave_0) entered blocking state [ 448.530496][T17571] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.596643][T17571] bridge_slave_0: entered allmulticast mode [ 448.629329][T17571] bridge_slave_0: entered promiscuous mode [ 448.694325][T17571] bridge0: port 2(bridge_slave_1) entered blocking state [ 448.747224][T17571] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.754414][T17571] bridge_slave_1: entered allmulticast mode [ 448.807100][T17999] delete_channel: no stack [ 448.843587][T17571] bridge_slave_1: entered promiscuous mode [ 448.983877][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 448.990231][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.190779][T17571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 449.289204][T17571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 449.376817][T18039] hub 3-0:1.0: USB hub found [ 449.411685][T18039] hub 3-0:1.0: 1 port detected [ 449.508862][T18039] usb usb3: authorized to connect [ 449.556746][T17571] team0: Port device team_slave_0 added [ 449.637441][T17571] team0: Port device team_slave_1 added [ 449.900430][T17571] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 449.942602][T17571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.086612][T17571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 450.167147][T17571] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 450.212653][T17571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.346536][T18124] [U] L pnnEu&JiDCh+Z&i#e2cKL00nd}j]Z@Pg&JiDCh+È'F_ـAÈ'F_ـ]È'F_ـ> [ 450.402484][T17571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 450.733891][T17571] hsr_slave_0: entered promiscuous mode [ 450.790019][T17571] hsr_slave_1: entered promiscuous mode [ 450.796028][T17571] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 450.928077][T17571] Cannot create hsr debugfs directory [ 451.957790][T18259] Setting dangerous option i915.mitigations - tainting kernel [ 452.116538][T17571] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 452.225042][T17571] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 452.329657][T17571] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 452.383003][T17571] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 452.912667][T17571] 8021q: adding VLAN 0 to HW filter on device bond0 [ 453.011522][T17571] 8021q: adding VLAN 0 to HW filter on device team0 [ 453.063492][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 453.070661][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 453.183235][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 453.190412][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 453.825164][T18320] writes to the poll attribute are ignored. [ 453.861475][T18320] please use driver specific parameters instead. [ 454.452329][T17571] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 455.710815][T18376] Process accounting resumed [ 456.058361][T17571] veth0_vlan: entered promiscuous mode [ 456.151700][T17571] veth1_vlan: entered promiscuous mode [ 456.487885][T17571] veth0_macvtap: entered promiscuous mode [ 456.553003][T17571] veth1_macvtap: entered promiscuous mode [ 456.709327][T17571] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 456.788977][T17571] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 456.890862][T17571] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 456.965583][T17571] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.007249][T17571] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.073997][T17571] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.747031][ T4513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 457.850372][ T4513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 457.927433][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 457.989702][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.907188][T18468] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 465.825529][T18680] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 469.501717][T18803] vhci_hcd: invalid port number 16 [ 471.091448][T18859] syz_tun: tun_chr_ioctl cmd 35111 [ 471.449274][T18868] block2mtd: parameter too long [ 478.333689][T19103] kafs: addr_prefs: Invalid Command [ 479.527867][T19140] usb usb2: usbfs: process 19140 (syz.2.5433) did not claim interface 1 before use [ 480.948887][T19186] kafs: addr_prefs: Too many elements in string [ 483.658267][T19281] program syz.2.5480 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 483.728540][T19281] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 485.873198][T19344] Process accounting paused [ 486.413772][ T31] audit: type=1806 audit(4294967536.428:30): res=-14 [ 490.177842][T19497] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 490.552172][T19512] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 490.552172][T19512] program syz.5.5556 not setting count and/or reply_len properly [ 490.591688][T19511] usb usb16: usbfs: process 19511 (syz.4.5558) did not claim interface 0 before use [ 503.713098][ T31] audit: type=1800 audit(4294967553.828:31): pid=19967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5721" name="dbroot" dev="configfs" ino=46373 res=0 errno=0 [ 503.739622][T19967] db_root: not a directory: /dev/audio1 [ 507.841357][T20092] i2c i2c-0: delete_device: Can't parse I2C address [ 510.118740][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 510.128024][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.155830][T20196] syz_tun: tun_chr_ioctl cmd 2147767517 [ 516.073940][T20348] Process accounting resumed [ 516.435270][T20362] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 517.476287][T20395] vhci_hcd: invalid port number 21 [ 517.513868][T20395] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 519.272701][ T31] audit: type=1807 audit(4294967569.479:32): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 519.290907][T20453] ima: policy update failed [ 519.343910][ T31] audit: type=1802 audit(4294967569.479:33): pid=20454 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.5913" res=0 errno=0 [ 519.469591][ T31] audit: type=1802 audit(4294967569.499:34): pid=20453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.5913" res=0 errno=0 [ 522.865690][T20587] ubi0: attaching mtd0 [ 522.925313][T20587] ubi0: scanning is finished [ 522.930009][T20587] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 523.168473][T20587] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 523.793340][T20615] zram0: detected capacity change from 0 to 8 [ 524.762941][T20651] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 528.903400][T20793] usb usb24: usbfs: process 20793 (syz.2.6037) did not claim interface 0 before use [ 529.495317][T20816] aoe: invalid device specification [ 530.018436][T20835] synth uevent: /bus/mei: unknown uevent action string [ 530.875569][T20864] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 533.301888][T20943] ecryptfs_miscdev_write: Error while inspecting packet size [ 533.910260][T20965] rtc_cmos 00:00: Alarms can be up to one day in the future [ 535.828607][T21027] overlayfs: "check_copy_up" module option is obsolete [ 539.011882][T21137] vhci_hcd: invalid port number 16 [ 539.017062][T21137] vhci_hcd: invalid port number 16 [ 539.226812][ T10] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 539.233660][ T5155] Bluetooth: hci2: command 0x0406 tx timeout [ 541.296966][ T10] Bluetooth: hci2: Opcode 0x0406 failed: -110 [ 541.306295][ T5155] Bluetooth: hci2: command 0x0406 tx timeout [ 542.896248][T21272] ubi0: attaching mtd0 [ 542.921010][T21272] ubi0: scanning is finished [ 542.953805][T21272] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 543.225586][T21272] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 545.413796][T21336] ubi0: attaching mtd0 [ 545.437277][T21336] ubi0: scanning is finished [ 545.478282][T21336] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 545.774187][T21336] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 546.262641][T21362] vhci_hcd: invalid port number 21 [ 546.267824][T21362] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 546.487333][T21346] Process accounting paused [ 549.646286][ T31] audit: type=1807 audit(4294967600.007:35): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 549.665878][T21463] ima: policy update failed [ 549.732141][ T31] audit: type=1802 audit(4294967600.027:36): pid=21465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.5.6277" res=0 errno=0 [ 549.880348][ T31] audit: type=1802 audit(4294967600.057:37): pid=21463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.6277" res=0 errno=0 [ 550.102458][T21478] rtc_cmos 00:00: Alarms can be up to one day in the future [ 554.083622][T21592] binder: binder_mmap: 21591 0-1000 bad vm_flags failed -1 [ 563.106407][T21788] Bluetooth: hci1: command 0x0406 tx timeout [ 563.477603][T21864] random: crng reseeded on system resumption [ 571.248835][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 571.261054][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 576.456725][T22195] Process accounting resumed [ 579.400010][T22279] ICMPv6: process `syz.5.6594' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 582.432632][T22350] ima: policy update failed [ 582.440768][ T31] audit: type=1802 audit(4294967632.968:38): pid=22350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.6623" res=0 errno=0 [ 586.451233][T22442] kAFS: Invalid Command on /proc/fs/afs/cells file [ 587.133994][T22458] ecryptfs_miscdev_write: Invalid packet size [192] [ 588.880896][T22507] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 588.880896][T22507] program syz.4.6688 not setting count and/or reply_len properly [ 589.203215][T22516] random: crng reseeded on system resumption [ 591.607060][T22578] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 591.607060][T22578] program syz.2.6716 not setting count and/or reply_len properly [ 593.590448][T22639] deleting an unspecified loop device is not supported. [ 595.022835][T22679] QAT: Device 7 not found [ 597.053644][T22751] i2c i2c-0: new_device: Missing parameters [ 597.378451][T22764] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 597.513423][ T31] audit: type=1804 audit(4294967648.116:39): pid=22766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.6791" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 597.540859][ C0] vkms_vblank_simulate: vblank timer overrun [ 598.072602][T22785] i2c i2c-0: new_device: Missing parameters [ 602.228518][T22929] : Can't lookup blockdev [ 604.036266][T22991] ima: policy update failed [ 604.056805][ T31] audit: type=1802 audit(4294967654.700:40): pid=22991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.6878" res=0 errno=0 [ 605.454452][T23043] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 606.423004][T23068] Process accounting paused [ 607.161565][T23103] random: crng reseeded on system resumption [ 607.244056][T23103] Restarting kernel threads ... [ 607.280173][T23103] Done restarting kernel threads. [ 607.511869][T23112] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 608.510854][T23146] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 611.154977][T23239] random: crng reseeded on system resumption [ 611.214245][T23239] Restarting kernel threads ... [ 611.246463][T23239] Done restarting kernel threads. [ 617.235323][T23465] Ignoring unsupported numa_zonelist_order value: [ 617.235323][T23465] [ 619.280511][T23537] Ignoring unsupported numa_zonelist_order value: [ 619.280511][T23537] [ 620.357578][T23574] ubi0: attaching mtd0 [ 620.361714][T23574] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 624.440499][T23720] < [ 625.145028][T23754] < [ 625.589396][T23770] bond0: option packets_per_slave: invalid value ( Xnp) [ 625.613709][T23771] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 625.641580][T23770] bond0: option packets_per_slave: allowed values 0 - 65535 [ 628.008132][T23913] bond0: option packets_per_slave: invalid value ( Xnp) [ 628.039811][T23913] bond0: option packets_per_slave: allowed values 0 - 65535 [ 631.834204][T24141] usbip-vudc usbip-vudc.0: gadget not bound [ 632.351410][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 632.357984][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 633.293490][T24218] bcache: register_bcache() error : failed to open device [ 633.551679][T24229] nvme_fcloop: unknown parameter or missing value '^/]' [ 633.720838][T24238] usbip-vudc usbip-vudc.0: gadget not bound [ 633.748530][T24240] [ 634.390835][T24267] usbip-vudc usbip-vudc.0: gadget not bound [ 636.241271][T24357] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 636.241776][T24355] ima: policy update failed [ 636.272920][ T31] audit: type=1802 audit(4294967695.077:41): pid=24355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.7413" res=0 errno=0 [ 636.342884][T24356] Process accounting resumed [ 636.619067][T24372] ecryptfs_parse_packet_length: Error parsing packet length [ 636.644890][T24372] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 637.939995][T24428] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 637.940591][T24426] ima: policy update failed [ 637.953817][ T31] audit: type=1802 audit(4294967696.776:42): pid=24426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.7440" res=0 errno=0 [ 639.782054][T24503] program syz.5.7475 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 640.543604][ T31] audit: type=1807 audit(4294967699.379:43): UNKNOWN= res=0 [ 640.563582][T24529] ima: policy update failed [ 640.572729][ T31] audit: type=1802 audit(4294967699.379:44): pid=24530 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.5.7483" res=0 errno=0 [ 640.621538][ T31] audit: type=1802 audit(4294967699.439:45): pid=24529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.7483" res=0 errno=0 [ 640.808810][T24539] delete_channel: no stack [ 641.318802][ T31] audit: type=1807 audit(4294967700.163:46): UNKNOWN= res=0 [ 641.326265][T24565] program syz.1.7498 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 641.337682][T24564] ima: policy update failed [ 641.385553][ T31] audit: type=1802 audit(4294967700.183:47): pid=24566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.7497" res=0 errno=0 [ 641.459437][ T31] audit: type=1802 audit(4294967700.183:48): pid=24564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.7497" res=0 errno=0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           [ 755.404139][T29384] netlink: 'syz.2.9392': attribute type 2 has an invalid length. [ 755.793531][T29396] nfsd: Unknown parameter 'Z' [ 755.910215][T29399] program syz.2.9396 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 756.128751][T29401] Process accounting resumed [ 756.367644][T29417] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 756.591038][T29419] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 756.972662][T29469] nbd: couldn't find device at index 33904 [ 757.510960][T29492] nfsd: Unknown parameter 'Z' [ 757.745397][T29499] : entered promiscuous mode [ 757.785848][T29504] block nbd6: not configured, cannot reconfigure [ 758.255717][T29529] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 758.776509][T29551] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 759.040029][T29557] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 759.255223][T29596] device-mapper: ioctl: Invalid ioctl structure: name , dev 7f00010002 [ 759.886678][T29626] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 760.256423][T29634] netlink: Unknown conntrack attr (type=146, max=9) [ 760.595852][T29651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9471'. [ 760.616667][T29651] openvswitch: netlink: IPv4 tunnel dst address is zero [ 762.336979][T29719] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 762.576431][T29727] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48 [ 763.608531][T29796] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49 [ 763.924443][T29806] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50 [ 764.319637][T29825] batman_adv: Routing algorithm '' is not supported [ 764.772670][ T31] audit: type=1326 audit(4294967333.750:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29861 comm="syz.2.9530" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7412f8e969 code=0x0 [ 766.899458][ T5155] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 766.899507][ T5155] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 766.914700][ T5155] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 766.914774][ T5155] Bluetooth: hci3: adv larger than maximum supported [ 766.923964][ T5155] Bluetooth: hci3: adv larger than maximum supported [ 766.930747][ T5155] Bluetooth: hci3: Unknown advertising packet type: 0x72 [ 766.937543][ T5155] Bluetooth: hci3: adv larger than maximum supported [ 766.944666][ T5155] Bluetooth: hci3: Malformed LE Event: 0x0d [ 768.263053][T29975] batman_adv: Routing algorithm '' is not supported [ 768.435711][T29986] netlink: zone id is out of range [ 768.447450][T29986] netlink: zone id is out of range [ 768.449353][T29988] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 768.464255][T29986] netlink: zone id is out of range [ 768.480170][T29986] netlink: zone id is out of range [ 768.495319][T29986] netlink: zone id is out of range [ 768.507567][T29986] netlink: zone id is out of range [ 768.512926][T29986] netlink: zone id is out of range [ 768.525771][T29986] netlink: zone id is out of range [ 768.531104][T29986] netlink: zone id is out of range [ 768.536982][T29986] netlink: zone id is out of range [ 769.103131][ T5155] Bluetooth: hci1: ACL packet too small [ 769.329311][T30025] nbd: must specify a size in bytes for the device [ 769.920320][T30042] svc: failed to register nfsdv3 RPC service (errno 111). [ 769.933797][T30042] svc: failed to register nfsaclv3 RPC service (errno 111). [ 772.379837][T30126] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 773.590568][T30157] svc: failed to register nfsdv3 RPC service (errno 111). [ 773.602706][T30157] svc: failed to register nfsaclv3 RPC service (errno 111). [ 773.741787][T30168] device-mapper: ioctl: name not supplied when creating device [ 774.266908][ T31] audit: type=1800 audit(4294967343.299:53): pid=30183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.9666" name="discovery_nqn" dev="configfs" ino=73591 res=0 errno=0 [ 775.356361][T30216] netlink: 'syz.4.9681': attribute type 2 has an invalid length. [ 775.933375][T30237] .RRo\&p: entered promiscuous mode [ 776.532766][T30253] syz_tun: tun_chr_ioctl cmd 1074025681 [ 779.485948][T30367] program syz.4.9750 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 779.734676][T30376] zero sized request [ 780.517469][T30407] net_ratelimit: 21 callbacks suppressed [ 780.517507][T30407] openvswitch: netlink: IP tunnel dst address not specified [ 780.626973][T30411] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 780.876095][ T31] audit: type=1800 audit(4294967349.943:54): pid=30423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.9776" name="dbroot" dev="configfs" ino=75058 res=0 errno=0 [ 782.795562][ T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 782.916702][ T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.099311][ T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.243920][ T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.679722][ T12] bridge_slave_1: left allmulticast mode [ 783.784893][ T12] bridge_slave_1: left promiscuous mode [ 783.805016][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 783.823866][ T12] bridge_slave_0: left allmulticast mode [ 783.847863][T21788] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 783.864046][T21788] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 783.873094][T21788] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 783.882765][T21788] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 783.894462][ T12] bridge_slave_0: left promiscuous mode [ 783.900307][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 783.907690][T30544] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 785.134520][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 785.146355][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 785.164621][ T12] bond0 (unregistering): Released all slaves [ 785.355604][ T12] : left promiscuous mode [ 785.953595][ T5155] Bluetooth: hci1: command tx timeout [ 786.059069][T30535] chnl_net:caif_netlink_parms(): no params data found [ 786.081918][T30692] Process accounting paused [ 786.416665][T30783] busy [ 786.818841][T30535] bridge0: port 1(bridge_slave_0) entered blocking state [ 786.845174][T30535] bridge0: port 1(bridge_slave_0) entered disabled state [ 786.873188][T30535] bridge_slave_0: entered allmulticast mode [ 786.894999][T30535] bridge_slave_0: entered promiscuous mode [ 786.916040][T30535] bridge0: port 2(bridge_slave_1) entered blocking state [ 786.940005][T30535] bridge0: port 2(bridge_slave_1) entered disabled state [ 786.947513][T30535] bridge_slave_1: entered allmulticast mode [ 786.973121][T30535] bridge_slave_1: entered promiscuous mode [ 787.173715][ T12] hsr_slave_0: left promiscuous mode [ 787.201063][ T12] hsr_slave_1: left promiscuous mode [ 787.219967][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 787.238473][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 787.254435][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 787.270546][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 787.274640][T30858] netlink: zone id is out of range [ 787.322311][T30858] netlink: set zone limit has 8 unknown bytes [ 787.343851][ T12] veth1_macvtap: left promiscuous mode [ 787.357948][ T12] veth0_macvtap: left promiscuous mode [ 787.363644][ T12] veth1_vlan: left promiscuous mode [ 787.377229][ T12] veth0_vlan: left promiscuous mode [ 788.017507][ T5155] Bluetooth: hci1: command tx timeout [ 788.644686][ T12] team0 (unregistering): Port device team_slave_1 removed [ 788.761698][ T12] team0 (unregistering): Port device team_slave_0 removed [ 790.103939][ T5155] Bluetooth: hci1: command tx timeout [ 790.653940][T30535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 790.707307][T30535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 790.922440][T30535] team0: Port device team_slave_0 added [ 790.973782][T30535] team0: Port device team_slave_1 added [ 791.192032][T30535] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 791.206270][T30535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 791.275976][T30535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 791.318725][T30535] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 791.336456][T30535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 791.438917][T30535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 791.819312][T30535] hsr_slave_0: entered promiscuous mode [ 791.840500][T30535] hsr_slave_1: entered promiscuous mode [ 791.865465][T30535] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 791.908519][T30535] Cannot create hsr debugfs directory [ 791.928858][T31010] syz_tun: tun_chr_ioctl cmd 1074025684 [ 792.112363][T31037] unsupported nla_type 32969 [ 792.169593][ T5155] Bluetooth: hci1: command tx timeout [ 792.296714][T31039] HSR: entered promiscuous mode [ 792.919582][T31110] nbd: must specify a device to reconfigure [ 794.329068][T30535] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 794.411763][T30535] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 794.443989][T30535] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 794.497257][T30535] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 794.836407][T30535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 794.897513][T30535] 8021q: adding VLAN 0 to HW filter on device team0 [ 794.945164][T17680] bridge0: port 1(bridge_slave_0) entered blocking state [ 794.952462][T17680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 794.997544][T17680] bridge0: port 2(bridge_slave_1) entered blocking state [ 795.004782][T17680] bridge0: port 2(bridge_slave_1) entered forwarding state [ 795.861721][T31236] netlink: 'syz.1.9926': attribute type 1 has an invalid length. [ 795.958324][T30535] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 796.993884][T30535] veth0_vlan: entered promiscuous mode [ 797.052885][T30535] veth1_vlan: entered promiscuous mode [ 797.152809][T30535] veth0_macvtap: entered promiscuous mode [ 797.171596][T30535] veth1_macvtap: entered promiscuous mode [ 797.257228][T30535] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 797.303824][T30535] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 797.340305][T30535] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 797.368645][T30535] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 797.378357][T30535] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 797.390194][T30535] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 797.754040][T17680] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 797.761962][T17680] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 797.864853][ T3031] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 797.914808][ T3031] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 799.074692][T31352] openvswitch: netlink: IP tunnel dst address not specified [ 799.226924][T31356] netlink: 'syz.5.9958': attribute type 1 has an invalid length. [ 801.847947][T31453] openvswitch: netlink: Message has 8 unknown bytes. [ 802.294861][T31473] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 802.972327][T31504] openvswitch: netlink: IP tunnel dst address not specified [ 803.671714][T31554] ksmbd: Unknown IPC event: 14, ignore. [ 804.014145][T31566] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 804.683243][T31591] synth uevent: /module/orangefs: unknown uevent action string [ 804.696303][T31592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10041'. [ 805.744509][T31640] program syz.4.10062 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 806.782911][T31684] netlink: 'syz.5.10080': attribute type 1 has an invalid length. [ 806.805287][T31684] nbd: error processing sock list [ 807.799001][ T31] audit: type=1107 audit(4294967301.020:55): pid=31739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 807.862248][ T31] audit: type=1107 audit(4294967301.020:56): pid=31739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 809.363550][T31799] netlink: 'syz.2.10124': attribute type 2 has an invalid length. [ 810.487694][T31842] netlink: Conntrack attr has 16 unknown bytes [ 811.411527][T31886] nbd: must specify at least one socket [ 811.541360][T31890] netlink: 206 bytes leftover after parsing attributes in process `syz.2.10166'. [ 811.828637][T31905] binder_alloc: binder_alloc_mmap_handler: 31904 0-1000 already mapped failed -16 [ 811.987557][T31911] ALSA: mixer_oss: invalid OSS volume '' [ 812.726075][T31941] sd 0:0:1:0: PR command failed: 1026 [ 812.739627][T31941] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 812.754351][T31941] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 813.122688][T31959] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10199'. [ 813.154260][T31959] tc_dump_action: action bad kind [ 813.773302][T31993] openvswitch: netlink: Flow key attribute not present in set flow. [ 814.933156][T32041] FAULT_INJECTION: forcing a failure. [ 814.933156][T32041] name failslab, interval 1, probability 0, space 0, times 0 [ 815.006830][T32041] CPU: 0 UID: 0 PID: 32041 Comm: syz.4.10232 Tainted: G U I 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 815.006886][T32041] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 815.006898][T32041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 815.006917][T32041] Call Trace: [ 815.006927][T32041] [ 815.006938][T32041] dump_stack_lvl+0x16c/0x1f0 [ 815.006996][T32041] should_fail_ex+0x512/0x640 [ 815.007033][T32041] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 815.007088][T32041] should_failslab+0xc2/0x120 [ 815.007121][T32041] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 815.007194][T32041] ? kcm_create+0x11e/0x690 [ 815.007246][T32041] kcm_create+0x11e/0x690 [ 815.007297][T32041] __sock_create+0x335/0x8d0 [ 815.007346][T32041] __sys_socket+0x14d/0x260 [ 815.007393][T32041] ? fput+0x70/0xf0 [ 815.007426][T32041] ? __pfx___sys_socket+0x10/0x10 [ 815.007466][T32041] ? ksys_write+0x1ac/0x250 [ 815.007532][T32041] ? __pfx_ksys_write+0x10/0x10 [ 815.007591][T32041] __x64_sys_socket+0x72/0xb0 [ 815.007633][T32041] ? lockdep_hardirqs_on+0x7c/0x110 [ 815.007685][T32041] do_syscall_64+0xcd/0x490 [ 815.007720][T32041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.007752][T32041] RIP: 0033:0x7f579bd8e969 [ 815.007778][T32041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 815.007809][T32041] RSP: 002b:00007f579cbfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 815.007841][T32041] RAX: ffffffffffffffda RBX: 00007f579bfb5fa0 RCX: 00007f579bd8e969 [ 815.007862][T32041] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000029 [ 815.007881][T32041] RBP: 00007f579be10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 815.007901][T32041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 815.007922][T32041] R13: 0000000000000000 R14: 00007f579bfb5fa0 R15: 00007ffcebe173a8 [ 815.007964][T32041] [ 815.715082][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 815.724819][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 815.950840][T32042] Process accounting resumed [ 816.669889][T32099] FAULT_INJECTION: forcing a failure. [ 816.669889][T32099] name failslab, interval 1, probability 0, space 0, times 0 [ 816.709737][T32099] CPU: 1 UID: 0 PID: 32099 Comm: syz.1.10257 Tainted: G U I 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 816.709792][T32099] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 816.709807][T32099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 816.709825][T32099] Call Trace: [ 816.709835][T32099] [ 816.709847][T32099] dump_stack_lvl+0x16c/0x1f0 [ 816.709902][T32099] should_fail_ex+0x512/0x640 [ 816.709935][T32099] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 816.709987][T32099] should_failslab+0xc2/0x120 [ 816.710016][T32099] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 816.710061][T32099] ? d_instantiate+0x77/0x90 [ 816.710100][T32099] ? alloc_empty_file+0x55/0x1e0 [ 816.710139][T32099] alloc_empty_file+0x55/0x1e0 [ 816.710172][T32099] alloc_file_pseudo+0x13a/0x230 [ 816.710208][T32099] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 816.710243][T32099] ? alloc_fd+0x471/0x7d0 [ 816.710289][T32099] sock_alloc_file+0x50/0x210 [ 816.710325][T32099] __sys_socket+0x1c0/0x260 [ 816.710362][T32099] ? fput+0x70/0xf0 [ 816.710390][T32099] ? __pfx___sys_socket+0x10/0x10 [ 816.710429][T32099] ? xfd_validate_state+0x61/0x180 [ 816.710466][T32099] ? __pfx_ksys_write+0x10/0x10 [ 816.710518][T32099] __x64_sys_socket+0x72/0xb0 [ 816.710556][T32099] ? lockdep_hardirqs_on+0x7c/0x110 [ 816.710622][T32099] do_syscall_64+0xcd/0x490 [ 816.710656][T32099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.710688][T32099] RIP: 0033:0x7ff88a18e969 [ 816.710713][T32099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 816.710744][T32099] RSP: 002b:00007ff88b0af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 816.710775][T32099] RAX: ffffffffffffffda RBX: 00007ff88a3b5fa0 RCX: 00007ff88a18e969 [ 816.710795][T32099] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000011 [ 816.710815][T32099] RBP: 00007ff88a210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 816.710834][T32099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 816.710852][T32099] R13: 0000000000000000 R14: 00007ff88a3b5fa0 R15: 00007ffe34ac28e8 [ 816.710892][T32099] [ 817.630463][T32130] perf: Dynamic interrupt throttling disabled, can hang your system! [ 817.848252][T32138] netlink: 'syz.4.10276': attribute type 1 has an invalid length. [ 818.399507][T32164] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10287'. [ 818.740096][T32179] syz_tun: tun_chr_ioctl cmd 1074025681 [ 819.666473][T32228] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 820.026118][ T31] audit: type=1800 audit(4294967313.314:57): pid=32245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.10323" name="dbroot" dev="configfs" ino=79781 res=0 errno=0 [ 820.057420][T32245] [ 820.059803][T32245] ============================================ [ 820.065999][T32245] WARNING: possible recursive locking detected [ 820.072182][T32245] 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 Tainted: G U I [ 820.080551][T32245] -------------------------------------------- [ 820.086724][T32245] syz.4.10323/32245 is trying to acquire lock: [ 820.092897][T32245] ffff88802756bf78 (&p->frag_sem){.+.+}-{4:4}, at: __configfs_open_file+0xe8/0x9c0 [ 820.102286][T32245] [ 820.102286][T32245] but task is already holding lock: [ 820.109672][T32245] ffff88802756bf78 (&p->frag_sem){.+.+}-{4:4}, at: configfs_write_iter+0x219/0x4e0 [ 820.119034][T32245] [ 820.119034][T32245] other info that might help us debug this: [ 820.127116][T32245] Possible unsafe locking scenario: [ 820.127116][T32245] [ 820.134575][T32245] CPU0 [ 820.137863][T32245] ---- [ 820.141153][T32245] lock(&p->frag_sem); [ 820.145339][T32245] lock(&p->frag_sem); [ 820.149511][T32245] [ 820.149511][T32245] *** DEADLOCK *** [ 820.149511][T32245] [ 820.157748][T32245] May be due to missing lock nesting notation [ 820.157748][T32245] [ 820.166078][T32245] 5 locks held by syz.4.10323/32245: [ 820.171376][T32245] #0: ffff888056b6cd38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 820.180501][T32245] #1: ffff888146eb8428 (sb_writers#14){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 820.189619][T32245] #2: ffff88805973e288 (&buffer->mutex){+.+.}-{4:4}, at: configfs_write_iter+0x75/0x4e0 [ 820.199526][T32245] #3: ffff88802756bf78 (&p->frag_sem){.+.+}-{4:4}, at: configfs_write_iter+0x219/0x4e0 [ 820.209343][T32245] #4: ffffffff8f4743e8 (target_devices_lock){+.+.}-{4:4}, at: target_core_item_dbroot_store+0x21/0x350 [ 820.220542][T32245] [ 820.220542][T32245] stack backtrace: [ 820.226444][T32245] CPU: 0 UID: 0 PID: 32245 Comm: syz.4.10323 Tainted: G U I 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 820.226485][T32245] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 820.226495][T32245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 820.226511][T32245] Call Trace: [ 820.226519][T32245] [ 820.226528][T32245] dump_stack_lvl+0x116/0x1f0 [ 820.226572][T32245] print_deadlock_bug+0x1e9/0x240 [ 820.226604][T32245] __lock_acquire+0x1106/0x1c90 [ 820.226642][T32245] lock_acquire+0x179/0x350 [ 820.226673][T32245] ? __configfs_open_file+0xe8/0x9c0 [ 820.226713][T32245] ? __pfx___might_resched+0x10/0x10 [ 820.226741][T32245] down_read+0x9b/0x480 [ 820.226765][T32245] ? __configfs_open_file+0xe8/0x9c0 [ 820.226814][T32245] ? __pfx_down_read+0x10/0x10 [ 820.226842][T32245] __configfs_open_file+0xe8/0x9c0 [ 820.226879][T32245] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 820.226914][T32245] do_dentry_open+0x741/0x1c10 [ 820.226949][T32245] ? __pfx_configfs_open_file+0x10/0x10 [ 820.226994][T32245] vfs_open+0x82/0x3f0 [ 820.227020][T32245] path_openat+0x1de4/0x2cb0 [ 820.227059][T32245] ? __pfx_path_openat+0x10/0x10 [ 820.227094][T32245] ? kasan_save_stack+0x42/0x60 [ 820.227129][T32245] ? kasan_save_stack+0x33/0x60 [ 820.227162][T32245] ? kasan_save_track+0x14/0x30 [ 820.227196][T32245] ? __kasan_slab_alloc+0x89/0x90 [ 820.227217][T32245] do_filp_open+0x20b/0x470 [ 820.227251][T32245] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.227275][T32245] ? __pfx_do_filp_open+0x10/0x10 [ 820.227325][T32245] file_open_name+0x2a3/0x450 [ 820.227351][T32245] ? __pfx_file_open_name+0x10/0x10 [ 820.227377][T32245] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 820.227414][T32245] ? getname_kernel+0x52/0x370 [ 820.227436][T32245] ? __asan_memcpy+0x3c/0x60 [ 820.227469][T32245] filp_open+0x4b/0x80 [ 820.227494][T32245] target_core_item_dbroot_store+0x108/0x350 [ 820.227530][T32245] configfs_write_iter+0x303/0x4e0 [ 820.227569][T32245] vfs_write+0x6c7/0x1150 [ 820.227603][T32245] ? __pfx_configfs_write_iter+0x10/0x10 [ 820.227641][T32245] ? __pfx___mutex_lock+0x10/0x10 [ 820.227663][T32245] ? __pfx_vfs_write+0x10/0x10 [ 820.227705][T32245] ksys_write+0x12a/0x250 [ 820.227738][T32245] ? __pfx_ksys_write+0x10/0x10 [ 820.227776][T32245] do_syscall_64+0xcd/0x490 [ 820.227799][T32245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.227822][T32245] RIP: 0033:0x7f579bd8e969 [ 820.227841][T32245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.227863][T32245] RSP: 002b:00007f579cbfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 820.227884][T32245] RAX: ffffffffffffffda RBX: 00007f579bfb5fa0 RCX: 00007f579bd8e969 [ 820.227899][T32245] RDX: 000000000000006e RSI: 0000200000000040 RDI: 0000000000000003 [ 820.227914][T32245] RBP: 00007f579be10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 820.227928][T32245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 820.227943][T32245] R13: 0000000000000000 R14: 00007f579bfb5fa0 R15: 00007ffcebe173a8 [ 820.227964][T32245] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 820.574363][T32245] db_root: not a directory: /sys/kernel/config/target/dbroot [ 820.581831][ T31] audit: type=1804 audit(4294967313.867:58): pid=32245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.10323" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=79781 res=1 errno=0 [ 821.197472][T30686] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 821.296364][T30686] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 821.312897][T28369] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 821.365284][T30686] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 821.490712][T30686] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 821.638191][T30686] bridge_slave_1: left allmulticast mode [ 821.657061][T30686] bridge_slave_1: left promiscuous mode [ 821.662958][T30686] bridge0: port 2(bridge_slave_1) entered disabled state [ 821.672777][T30686] bridge_slave_0: left allmulticast mode [ 821.678727][T30686] bridge_slave_0: left promiscuous mode [ 821.685781][T30686] bridge0: port 1(bridge_slave_0) entered disabled state [ 821.814166][T30686] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 821.824454][T30686] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 821.835181][T30686] bond0 (unregistering): Released all slaves [ 822.079256][T30686] hsr_slave_0: left promiscuous mode [ 822.085106][T30686] hsr_slave_1: left promiscuous mode [ 822.092895][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 822.103180][T30686] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 822.118956][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 822.126626][T30686] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 822.139708][T30686] veth1_macvtap: left promiscuous mode [ 822.145264][T30686] veth0_macvtap: left promiscuous mode [ 822.151092][T30686] veth1_vlan: left promiscuous mode [ 822.158125][T30686] veth0_vlan: left promiscuous mode [ 822.364036][T30686] team0 (unregistering): Port device team_slave_1 removed [ 822.393639][T30686] team0 (unregistering): Port device team_slave_0 removed [ 822.726313][T30686] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 822.769509][T30686] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 822.828353][T30686] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 822.884493][T30686] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 822.984548][T30686] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 823.027286][T30686] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 823.097953][T30686] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 823.156557][T30686] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 823.240501][T30686] bridge_slave_1: left allmulticast mode [ 823.246206][T30686] bridge_slave_1: left promiscuous mode [ 823.255176][T30686] bridge0: port 2(bridge_slave_1) entered disabled state [ 823.265191][T30686] bridge_slave_0: left allmulticast mode [ 823.272182][T30686] bridge_slave_0: left promiscuous mode [ 823.277970][T30686] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.288632][T30686] bridge_slave_1: left allmulticast mode [ 823.295680][T30686] bridge_slave_1: left promiscuous mode [ 823.301785][T30686] bridge0: port 2(bridge_slave_1) entered disabled state [ 823.314843][T30686] bridge_slave_0: left allmulticast mode [ 823.323695][T30686] bridge_slave_0: left promiscuous mode [ 823.330051][T30686] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.340442][T30686] bridge_slave_1: left allmulticast mode [ 823.346149][T30686] bridge_slave_1: left promiscuous mode [ 823.352241][T30686] bridge0: port 2(bridge_slave_1) entered disabled state [ 823.360541][T30686] bridge_slave_0: left allmulticast mode [ 823.366318][T30686] bridge_slave_0: left promiscuous mode [ 823.372477][T30686] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.517686][T30686] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 823.527993][T30686] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 823.538890][T30686] bond0 (unregistering): Released all slaves [ 823.634512][T30686] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 823.645609][T30686] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 823.655516][T30686] bond0 (unregistering): Released all slaves [ 823.735059][T30686] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 823.745928][T30686] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 823.756699][T30686] bond0 (unregistering): Released all slaves [ 823.857186][T30686] .SR: left promiscuous mode [ 823.887588][T30686] .RRo\&p: left promiscuous mode [ 823.927813][T30686] HSR: left promiscuous mode [ 823.967838][T30686] : left promiscuous mode [ 825.124791][T30686] hsr_slave_0: left promiscuous mode [ 825.139951][T30686] hsr_slave_1: left promiscuous mode [ 825.148338][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 825.156213][T30686] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 825.164353][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 825.174165][T30686] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 825.185744][T30686] hsr_slave_0: left promiscuous mode [ 825.193328][T30686] hsr_slave_1: left promiscuous mode [ 825.199258][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 825.208442][T30686] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 825.217014][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 825.224954][T30686] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 825.235165][T30686] hsr_slave_0: left promiscuous mode [ 825.241021][T30686] hsr_slave_1: left promiscuous mode [ 825.246790][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 825.254766][T30686] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 825.263480][T30686] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 825.270978][T30686] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 825.286371][T30686] veth1_macvtap: left promiscuous mode [ 825.292285][T30686] veth0_macvtap: left promiscuous mode [ 825.297887][T30686] veth1_vlan: left promiscuous mode [ 825.303323][T30686] veth0_vlan: left promiscuous mode [ 825.310236][T30686] veth1_macvtap: left promiscuous mode [ 825.315762][T30686] veth0_macvtap: left promiscuous mode [ 825.321501][T30686] veth1_vlan: left promiscuous mode [ 825.326851][T30686] veth0_vlan: left promiscuous mode [ 825.333794][T30686] veth1_macvtap: left promiscuous mode [ 825.339492][T30686] veth0_macvtap: left promiscuous mode [ 825.345096][T30686] veth1_vlan: left promiscuous mode [ 825.350822][T30686] veth0_vlan: left promiscuous mode [ 825.652574][T30686] team0 (unregistering): Port device team_slave_1 removed [ 825.696590][T30686] team0 (unregistering): Port device team_slave_0 removed [ 826.038046][T30686] team0 (unregistering): Port device team_slave_1 removed [ 826.071729][T30686] team0 (unregistering): Port device team_slave_0 removed [ 826.272325][T30686] team0 (unregistering): Port device team_slave_1 removed [ 826.301611][T30686] team0 (unregistering): Port device team_slave_0 removed