last executing test programs:
2.311401776s ago: executing program 1 (id=5343):
openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0xb02, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
2.069063721s ago: executing program 1 (id=5347):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr4\x00', 0x800, 0x0)
ioctl$auto_TIOCSWINSZ2(r0, 0x5414, &(0x7f0000000080)="a2")
1.844298895s ago: executing program 1 (id=5351):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001280)='./cgroup/cpu.stat\x00', 0x1c1800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/46, 0x2e)
1.599503578s ago: executing program 1 (id=5354):
r0 = openat$auto_fops_u32_ro_(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/bpf_offloaded_id\x00', 0x20082, 0x0)
writev$auto(r0, &(0x7f0000001680)={0x0, 0x9}, 0x7)
1.390353349s ago: executing program 1 (id=5357):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0)
write$auto(r0, &(0x7f0000000000)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x272)
1.225270029s ago: executing program 3 (id=5360):
r0 = socket(0x2, 0x1, 0x106)
getsockopt$auto_SO_SNDLOWAT(r0, 0x0, 0x13, &(0x7f00000000c0)='+}#$\\*&.!u!\x00', &(0x7f0000000100)=0x9)
1.168102244s ago: executing program 0 (id=5361):
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000002640)='/dev/mtd0\x00', 0x8000, 0x0)
ioctl$auto_OTPSELECT(r0, 0x80044d0d, &(0x7f00000000c0))
1.166642712s ago: executing program 2 (id=5362):
r0 = openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
pread64$auto(r0, 0x0, 0x80000000, 0xef)
1.124042996s ago: executing program 1 (id=5363):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop1/queue/scheduler\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='7\x00\xb1\x9a\xc0\xf9\xc0e\xd2T\xbe\xb6I\x9d\xd9\x18\xf5\x91\xbfq\xfe\xf2\x9a\x02\x9fC0xb\xccW(\xc1n+\n|5\xa5\x9c=^\xf1\x11H\x1c\xf73\x16\xd2\a\xfaw\xcc\xf1\xff7\xab\xa1\xeaF\x04\x17\x99\xd3\xd1\x83\xccG^\xbbdC\x8a\n\x88\xbcW@+\xafD\xd1\x8a\xc13W\xf66\x86\xe5\xee\xa7\x1d\x0f\x90\x00\xcf\xdb\xf5\xbf\xd4\xc8\x84\xb3\xeeb\xb0\xc7kN\x80\x93\xfd\x89\xe1\xc9tp\xd4jm\x7f\xf0a\xc3\x02\x14\xcf\xcf\\e!\a\x82\t,\xa7\x00\xbd&\xcax\xf8P\xc1\x8f\x87\x83\x0f\x93z', 0x81)
985.094947ms ago: executing program 3 (id=5364):
mknod$auto(&(0x7f00000000c0)='./file0\x00', 0x1001, 0x804)
open(&(0x7f00000002c0)='./file0\x00', 0x40841, 0x118)
943.992101ms ago: executing program 0 (id=5365):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040))
934.414319ms ago: executing program 2 (id=5366):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/notify_on_release\x00', 0x121281, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)='5', 0x1)
616.928637ms ago: executing program 3 (id=5367):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/bdi/7:8/read_ahead_kb\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x200)
596.26288ms ago: executing program 0 (id=5368):
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x20301, 0x0)
ioctl$auto_UI_END_FF_UPLOAD(r0, 0x406855c9, 0x0)
575.60287ms ago: executing program 2 (id=5369):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_3={0x1c, 0xa8b, 0x18c, 0x6a, 0x0, 0x3405, 0x3, 0x9, 0xfffffff5, "63ace816ef77cf00", 0x0, 0x549, 0x4, 0x7, 0x0, 0x1009, 0x4, 0xffffffffffffffff, 0xe, 0x2000005, @attach_btf_obj_fd=0x3, 0x166, 0x1, 0x4000000000006, 0x8, 0x48200003, 0xa7be}, 0x7)
426.06238ms ago: executing program 3 (id=5370):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio1/id/proto\x00', 0x48e00, 0x0)
read$auto(r0, &(0x7f0000000240)='/\x00', 0x100000001)
405.134177ms ago: executing program 0 (id=5371):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001200)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x202, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1)
370.160178ms ago: executing program 2 (id=5372):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec16\x00', 0xb82, 0x0)
ioctl$auto_CEC_RECEIVE(r0, 0xc0386106, &(0x7f0000000040)={0x8, 0xfffffffffffffff4, 0x0, 0xb7ac, 0x5, 0x72873cba, "5853d02119c1ef7154a6c0138c050ece", 0x1, 0x1, 0x92, 0x8, 0x6, 0x3, 0xf})
226.181678ms ago: executing program 3 (id=5373):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0)
sendfile$auto(r0, r0, 0x0, 0x5)
214.668074ms ago: executing program 0 (id=5374):
r0 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0)
write$auto(r0, 0x0, 0x2)
174.569089ms ago: executing program 2 (id=5375):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:00.0/devspec\x00', 0x101000, 0x0)
read$auto(0x3, 0x0, 0x80)
59.918442ms ago: executing program 3 (id=5376):
set_mempolicy$auto(0x4005, &(0x7f0000000000)=0x1, 0x4)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4)
40.848544ms ago: executing program 0 (id=5377):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x20342, 0x0)
ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8)
0s ago: executing program 2 (id=5378):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x1c, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)})
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts.
syzkaller login: [ 98.807194][ T5850] cgroup: Unknown subsys name 'net'
[ 98.968037][ T5850] cgroup: Unknown subsys name 'cpuset'
[ 98.978184][ T5850] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 100.937509][ T5850] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 102.592619][ T981] cfg80211: failed to load regulatory.db
[ 104.780039][ T5870] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 104.784367][ T5874] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 104.788536][ T5870] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 104.796514][ T5874] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 104.803858][ T5870] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 104.813648][ T5874] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 104.817913][ T5870] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 104.824924][ T5874] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 104.831925][ T5870] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 104.837876][ T5874] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 104.845376][ T5870] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 104.853333][ T5874] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 104.867090][ T5874] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 104.876000][ T5874] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 104.877297][ T5870] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 104.892196][ T5875] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 104.896933][ T5870] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 104.900364][ T5875] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 104.916412][ T5875] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 104.934655][ T5875] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 105.510146][ T5862] chnl_net:caif_netlink_parms(): no params data found
[ 105.752436][ T5863] chnl_net:caif_netlink_parms(): no params data found
[ 105.765800][ T5865] chnl_net:caif_netlink_parms(): no params data found
[ 105.871114][ T5861] chnl_net:caif_netlink_parms(): no params data found
[ 105.958782][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.966989][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.976310][ T5862] bridge_slave_0: entered allmulticast mode
[ 105.984643][ T5862] bridge_slave_0: entered promiscuous mode
[ 106.053967][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.061264][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.069652][ T5862] bridge_slave_1: entered allmulticast mode
[ 106.078312][ T5862] bridge_slave_1: entered promiscuous mode
[ 106.123627][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.130871][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state
[ 106.139467][ T5863] bridge_slave_0: entered allmulticast mode
[ 106.147261][ T5863] bridge_slave_0: entered promiscuous mode
[ 106.208451][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.216968][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.227299][ T5863] bridge_slave_1: entered allmulticast mode
[ 106.237649][ T5863] bridge_slave_1: entered promiscuous mode
[ 106.269489][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.284436][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.350512][ T5865] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.357896][ T5865] bridge0: port 1(bridge_slave_0) entered disabled state
[ 106.365584][ T5865] bridge_slave_0: entered allmulticast mode
[ 106.373952][ T5865] bridge_slave_0: entered promiscuous mode
[ 106.397580][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.411096][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.437556][ T5865] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.445368][ T5865] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.452958][ T5865] bridge_slave_1: entered allmulticast mode
[ 106.460936][ T5865] bridge_slave_1: entered promiscuous mode
[ 106.548064][ T5862] team0: Port device team_slave_0 added
[ 106.569803][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.578088][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state
[ 106.586142][ T5861] bridge_slave_0: entered allmulticast mode
[ 106.594465][ T5861] bridge_slave_0: entered promiscuous mode
[ 106.605034][ T5863] team0: Port device team_slave_0 added
[ 106.611361][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.620123][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.627898][ T5861] bridge_slave_1: entered allmulticast mode
[ 106.636057][ T5861] bridge_slave_1: entered promiscuous mode
[ 106.645188][ T5862] team0: Port device team_slave_1 added
[ 106.656533][ T5865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.668138][ T5863] team0: Port device team_slave_1 added
[ 106.723988][ T5865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.777424][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 106.785155][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 106.812180][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 106.872161][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 106.879660][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 106.904437][ T5875] Bluetooth: hci1: command tx timeout
[ 106.906419][ T51] Bluetooth: hci0: command tx timeout
[ 106.917189][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 106.931400][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.946111][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.956034][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 106.963398][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 106.990427][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 106.990440][ T51] Bluetooth: hci3: command tx timeout
[ 107.005497][ T5865] team0: Port device team_slave_0 added
[ 107.007729][ T5875] Bluetooth: hci2: command tx timeout
[ 107.018044][ T5865] team0: Port device team_slave_1 added
[ 107.047280][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 107.054757][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 107.082070][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 107.155901][ T5861] team0: Port device team_slave_0 added
[ 107.163486][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 107.170484][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 107.197502][ T5865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 107.242952][ T5861] team0: Port device team_slave_1 added
[ 107.249985][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 107.257469][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 107.284109][ T5865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 107.342236][ T5863] hsr_slave_0: entered promiscuous mode
[ 107.349844][ T5863] hsr_slave_1: entered promiscuous mode
[ 107.396363][ T5862] hsr_slave_0: entered promiscuous mode
[ 107.404966][ T5862] hsr_slave_1: entered promiscuous mode
[ 107.411405][ T5862] debugfs: 'hsr0' already exists in 'hsr'
[ 107.417442][ T5862] Cannot create hsr debugfs directory
[ 107.444799][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 107.452344][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 107.478996][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 107.537985][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 107.545391][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 107.572244][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 107.655918][ T5865] hsr_slave_0: entered promiscuous mode
[ 107.663508][ T5865] hsr_slave_1: entered promiscuous mode
[ 107.669892][ T5865] debugfs: 'hsr0' already exists in 'hsr'
[ 107.676681][ T5865] Cannot create hsr debugfs directory
[ 107.794341][ T5861] hsr_slave_0: entered promiscuous mode
[ 107.801046][ T5861] hsr_slave_1: entered promiscuous mode
[ 107.808833][ T5861] debugfs: 'hsr0' already exists in 'hsr'
[ 107.814766][ T5861] Cannot create hsr debugfs directory
[ 108.207549][ T5862] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 108.222462][ T5862] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 108.254553][ T5862] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 108.279727][ T5862] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 108.362127][ T5863] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 108.384444][ T5863] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 108.422307][ T5863] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 108.442569][ T5863] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 108.528397][ T5865] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 108.552636][ T5865] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 108.590081][ T5865] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 108.605332][ T5865] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 108.710923][ T5861] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 108.732499][ T5861] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 108.761525][ T5861] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 108.780313][ T5861] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 108.810736][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[ 108.872015][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[ 108.919510][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 108.927066][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 108.964969][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.972291][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 108.986583][ T51] Bluetooth: hci0: command tx timeout
[ 108.992262][ T51] Bluetooth: hci1: command tx timeout
[ 109.040141][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0
[ 109.064279][ T51] Bluetooth: hci3: command tx timeout
[ 109.069780][ T51] Bluetooth: hci2: command tx timeout
[ 109.101284][ T5863] 8021q: adding VLAN 0 to HW filter on device team0
[ 109.133829][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.141122][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 109.189022][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[ 109.196234][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 109.266480][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0
[ 109.326284][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0
[ 109.385299][ T5861] 8021q: adding VLAN 0 to HW filter on device team0
[ 109.441664][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.449029][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 109.514852][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 109.522706][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 109.577295][ T5865] 8021q: adding VLAN 0 to HW filter on device team0
[ 109.648880][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.656171][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 109.672620][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[ 109.679989][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 109.793778][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 109.861705][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 109.955242][ T5863] veth0_vlan: entered promiscuous mode
[ 110.021235][ T5863] veth1_vlan: entered promiscuous mode
[ 110.064198][ T5862] veth0_vlan: entered promiscuous mode
[ 110.119686][ T5862] veth1_vlan: entered promiscuous mode
[ 110.179828][ T5863] veth0_macvtap: entered promiscuous mode
[ 110.212706][ T5863] veth1_macvtap: entered promiscuous mode
[ 110.289212][ T5862] veth0_macvtap: entered promiscuous mode
[ 110.328519][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 110.377793][ T5862] veth1_macvtap: entered promiscuous mode
[ 110.412087][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 110.443665][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.458947][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 110.480154][ T2951] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.490049][ T2951] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.508186][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 110.528544][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.545455][ T1113] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.560551][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 110.571443][ T1113] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.581565][ T1113] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.595844][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 110.617827][ T1113] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.763551][ T1113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.771949][ T1113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.850069][ T5861] veth0_vlan: entered promiscuous mode
[ 110.869131][ T2951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.875372][ T5861] veth1_vlan: entered promiscuous mode
[ 110.882616][ T2951] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.925216][ T5865] veth0_vlan: entered promiscuous mode
[ 110.971349][ T1113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.992538][ T1113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.005928][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.010455][ T5865] veth1_vlan: entered promiscuous mode
[ 111.019362][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.073845][ T51] Bluetooth: hci1: command tx timeout
[ 111.073854][ T5875] Bluetooth: hci0: command tx timeout
[ 111.101179][ T5861] veth0_macvtap: entered promiscuous mode
[ 111.135326][ T5861] veth1_macvtap: entered promiscuous mode
[ 111.143260][ T51] Bluetooth: hci2: command tx timeout
[ 111.143629][ T5875] Bluetooth: hci3: command tx timeout
[ 111.194951][ T5862] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 111.204133][ T5865] veth0_macvtap: entered promiscuous mode
[ 111.238937][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 111.264602][ T5865] veth1_macvtap: entered promiscuous mode
[ 111.327102][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 111.401611][ T64] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.416668][ T64] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.451190][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 111.472324][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 111.490458][ T64] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.509710][ T64] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.636811][ T64] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.670674][ T64] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.717752][ T64] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.755824][ T64] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.869128][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.894850][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.123212][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.141432][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.179661][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.213629][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.351458][ T1113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.371096][ T1113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.729685][ T5989] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 113.143861][ T5875] Bluetooth: hci0: command tx timeout
[ 113.149435][ T51] Bluetooth: hci1: command tx timeout
[ 113.223475][ T51] Bluetooth: hci2: command tx timeout
[ 113.230610][ T51] Bluetooth: hci3: command tx timeout
[ 115.448417][ T6081] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 116.432903][ T31] audit: type=1800 audit(1754116283.919:2): pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.79" name="dbroot" dev="configfs" ino=8366 res=0 errno=0
[ 119.478446][ T31] audit: type=1800 audit(1754116286.969:3): pid=6226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.133" name="dummy_udc" dev="gadgetfs" ino=7205 res=0 errno=0
[ 120.616853][ T6266] capability: warning: `syz.2.153' uses 32-bit capabilities (legacy support in use)
[ 128.561440][ T6549] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 129.344073][ T6564] Process accounting resumed
[ 130.432300][ T51] Bluetooth: hci2: unexpected event 0x32 length: 10 > 9
[ 131.219888][ T31] audit: type=1800 audit(1843104523.730:4): pid=6635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.334" name="version" dev="configfs" ino=9250 res=0 errno=0
[ 135.583776][ T6782] futex_wake_op: syz.3.409 tries to shift op by -2048; fix this program
[ 136.175603][ T6800] syz.0.417 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 140.983079][ T31] audit: type=1800 audit(1843106581.510:5): pid=6969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.499" name="features" dev="configfs" ino=9823 res=0 errno=0
[ 141.044930][ T6971] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 143.510529][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 143.520094][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 143.565437][ T7062] ptrace attach of "./syz-executor exec"[5861] was attempted by "./syz-executor exec"[7062]
[ 144.075456][ T7080] random: crng reseeded on system resumption
[ 145.103620][ T7112] syz_tun: tun_chr_ioctl cmd 1074025675
[ 145.122590][ T7112] syz_tun: persist disabled
[ 146.594205][ T31] audit: type=1800 audit(1843106587.160:6): pid=7164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.596" name="discovery_nqn" dev="configfs" ino=10097 res=0 errno=0
[ 147.943916][ T31] audit: type=1800 audit(1843106588.517:7): pid=7213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.620" name="dbroot" dev="configfs" ino=11036 res=0 errno=0
[ 154.308414][ T31] audit: type=1800 audit(1843106594.920:8): pid=7428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.726" name="trace_pipe" dev="tracefs" ino=253 res=0 errno=0
[ 155.017025][ T7453] Unable to find swap-space signature
[ 156.033027][ T7483] mmap: syz.0.753 (7483) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 156.093305][ T7486] ima: policy update failed
[ 156.103708][ T31] audit: type=1802 audit(1843106600.719:9): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.756" res=0 errno=0
[ 158.465323][ T51] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 158.475853][ T51] Bluetooth: hci3: Injecting HCI hardware error event
[ 158.484125][ T5875] Bluetooth: hci3: hardware error 0x00
[ 158.809080][ T7566] Unable to find swap-space signature
[ 159.375831][ T7575] Process accounting paused
[ 160.701842][ T5875] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 163.263417][ T7646] kexec: Could not allocate control_code_buffer
[ 164.593689][ T7717] syz_tun: tun_chr_ioctl cmd 1074025680
[ 168.821550][ T7847] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 168.839953][ T7847] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 168.886765][ T7847] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 168.977675][ T7847] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 168.989726][ T7847] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 169.052235][ T7847] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 169.092552][ T7885] Invalid ELF header magic: != ELF
[ 169.153906][ T7847] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 169.164920][ T7847] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 169.233415][ T7847] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 170.468204][ T7931] Unable to find swap-space signature
[ 170.796109][ T7915] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 170.829689][ T7915] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 170.844035][ T7915] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 171.617619][ T5875] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7
[ 172.277147][ T7965] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 172.311890][ T7965] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 172.319318][ T7965] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 173.807596][ T8026] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 173.816205][ T8026] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 173.822428][ T8026] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 175.098731][ T5875] Bluetooth: hci0: command 0x0c1a tx timeout
[ 175.813635][ T5875] Bluetooth: hci2: command 0x0c1a tx timeout
[ 175.814270][ T51] Bluetooth: hci1: command 0x0c1a tx timeout
[ 176.800173][ T31] audit: type=1800 audit(1843107648.528:10): pid=8150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1085" name="lu_gp_id" dev="configfs" ino=13634 res=0 errno=0
[ 177.166294][ T51] Bluetooth: hci0: command 0x0c1a tx timeout
[ 177.886303][ T51] Bluetooth: hci2: command 0x0c1a tx timeout
[ 177.892393][ T5875] Bluetooth: hci1: command 0x0c1a tx timeout
[ 178.522715][ T51] Bluetooth: hci1: unexpected event 0x06 length: 124 > 3
[ 179.235697][ T51] Bluetooth: hci0: command 0x0c1a tx timeout
[ 179.632598][ T8248] syz_tun: tun_chr_ioctl cmd 2416202959
[ 179.953127][ T51] Bluetooth: hci2: command 0x0c1a tx timeout
[ 179.956898][ T5875] Bluetooth: hci1: command 0x0c1a tx timeout
[ 181.974905][ T8324] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 182.720609][ T8349] syz.1.1182(8349): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[ 189.432222][ T8597] Process accounting resumed
[ 190.258072][ T8629] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[8629]
[ 190.832911][ T8652] binder: binder_mmap: 8650 0-1000 bad vm_flags failed -1
[ 192.685188][ T8714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000
[ 192.715893][ T8714] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[ 192.716003][ T8714] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000
[ 192.716038][ T8714] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 192.716059][ T8714] page dumped because: unmovable page
[ 192.786656][ T8714] page_owner info is not present (never set?)
[ 193.366584][ T8740] ima: policy update failed
[ 193.390861][ T31] audit: type=1802 audit(1843107665.195:11): pid=8740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1377" res=0 errno=0
[ 193.721063][ T8756] program syz.3.1384 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 196.705843][ T8861] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations!
[ 199.130902][ T8951] block2mtd: illegal erase size
[ 199.942065][ T31] audit: type=1400 audit(1843107671.789:12): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8982 comm="syz.2.1497"
[ 204.061660][ T9126] kAFS: unparsable volume name
[ 204.627782][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 204.634410][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 205.427410][ T9180] random: crng reseeded on system resumption
[ 206.698665][ T9231] afs: Bad value for 'source'
[ 207.305769][ T9254] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes
[ 208.433189][ T9295] : Can't lookup blockdev
[ 210.409440][ T31] audit: type=1800 audit(1843107682.303:13): pid=9379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1688" name="dbroot" dev="configfs" ino=17631 res=0 errno=0
[ 210.436336][ T9379] db_root: not a directory: /dev/audio1
[ 210.463267][ C0] vkms_vblank_simulate: vblank timer overrun
[ 210.640620][ T31] audit: type=1806 audit(1843107682.524:14): res=-14
[ 211.009542][ T9400] kafs: addr_prefs: Invalid Command
[ 212.029013][ T9444] Line length is too long: Should be less than 4094
[ 212.204569][ T9451] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 212.534383][ T31] audit: type=1804 audit(1843107684.444:15): pid=9463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1730" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[ 212.563975][ C0] vkms_vblank_simulate: vblank timer overrun
[ 212.794387][ T9471] <
[ 213.265336][ T9494] vhci_hcd: invalid port number 16
[ 213.298449][ T9494] vhci_hcd: invalid port number 16
[ 215.193060][ T9574] ubi0: attaching mtd0
[ 215.197438][ T9574] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127)
[ 215.247751][ T9576] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[ 216.183564][ T31] audit: type=1800 audit(6138074984.094:16): pid=9612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1803" name="dbroot" dev="configfs" ino=18964 res=0 errno=0
[ 216.647301][ T9627] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 217.053792][ T9647] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706].
[ 217.166424][ T9649] futex_wake_op: syz.2.1821 tries to shift op by 64; fix this program
[ 218.097133][ T9690] overlayfs: "check_copy_up" module option is obsolete
[ 219.510193][ T9736] Process accounting paused
[ 219.652590][ T31] audit: type=1400 audit(6138074987.602:17): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=9744 comm="syz.3.1866"
[ 219.884885][ T9754] ecryptfs_miscdev_write: Error while inspecting packet size
[ 221.447833][ T9812] binder: 9811:9812 ioctl c0306201 0 returned -14
[ 222.272174][ T9839] random: crng reseeded on system resumption
[ 225.487409][ T9961] usb usb24: check_ctrlrecip: process 9961 (syz.0.1972) requesting ep 01 but needs 81
[ 225.514877][ T9961] usb usb24: usbfs: process 9961 (syz.0.1972) did not claim interface 0 before use
[ 229.848624][T10106] vhci_hcd: invalid port number 23
[ 229.869188][T10106] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[ 231.286259][T10166] binder: 10164:10166 ioctl c0306201 2000000000c0 returned -14
[ 231.850496][T10190] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 231.885440][T10190] CIFS mount error: No usable UNC path provided in device string!
[ 231.885440][T10190]
[ 231.897547][T10190] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 233.033353][T10241] QAT: Stopping all acceleration devices.
[ 233.545344][T10264] binder: 10263:10264 ioctl c0306201 0 returned -14
[ 234.145800][T10294] vhci_hcd: invalid port number 16
[ 234.163349][T10294] vhci_hcd: invalid port number 16
[ 234.183631][T10296] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[ 234.357604][T10305] process 'syz.0.2137' launched '/dev/fd/3' with NULL argv: empty string added
[ 234.842274][T10324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 234.861453][T10324] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 234.880652][T10324] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 234.906038][T10324] page_type: f5(slab)
[ 234.910128][T10324] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000
[ 234.926038][T10324] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 234.955444][T10324] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000
[ 234.981753][T10324] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 235.012260][T10324] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 235.045233][T10324] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 235.075209][T10324] page dumped because: unmovable page
[ 235.097444][T10324] page_owner tracks the page as allocated
[ 235.117349][T10324] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 13, tgid 13 (kworker/u8:1), ts 222312389179, free_ts 222154940577
[ 235.163972][T10324] post_alloc_hook+0x1c0/0x230
[ 235.181960][T10324] get_page_from_freelist+0x132b/0x38e0
[ 235.217677][T10324] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 235.238949][T10324] alloc_pages_mpol+0x1fb/0x550
[ 235.244948][T10324] new_slab+0x247/0x330
[ 235.257753][T10324] ___slab_alloc+0xcf2/0x1740
[ 235.278876][T10324] __slab_alloc.constprop.0+0x56/0xb0
[ 235.297347][T10324] __kmalloc_node_track_caller_noprof+0x2ee/0x510
[ 235.313985][T10324] kmalloc_reserve+0xef/0x2c0
[ 235.329171][T10324] __alloc_skb+0x166/0x380
[ 235.335129][T10324] nsim_dev_trap_report_work+0x2b1/0xcf0
[ 235.356243][T10324] process_one_work+0x9cf/0x1b70
[ 235.361480][T10324] worker_thread+0x6c8/0xf10
[ 235.367722][T10324] kthread+0x3c2/0x780
[ 235.372191][T10324] ret_from_fork+0x5d4/0x6f0
[ 235.392983][T10324] ret_from_fork_asm+0x1a/0x30
[ 235.411647][T10324] page last free pid 5233 tgid 5233 stack trace:
[ 235.438312][T10324] __free_frozen_pages+0x7d5/0x10f0
[ 235.443746][T10324] __put_partials+0x165/0x1c0
[ 235.456431][T10324] qlist_free_all+0x4d/0x120
[ 235.461153][T10324] kasan_quarantine_reduce+0x195/0x1e0
[ 235.473075][T10324] __kasan_slab_alloc+0x69/0x90
[ 235.478083][T10324] __kmalloc_noprof+0x1d4/0x510
[ 235.490717][T10324] tomoyo_realpath_from_path+0xc2/0x6e0
[ 235.502881][T10324] tomoyo_path_perm+0x274/0x460
[ 235.507892][T10324] security_inode_getattr+0x116/0x290
[ 235.522704][T10324] vfs_fstat+0x4b/0xe0
[ 235.533253][T10324] __do_sys_newfstat+0x87/0x100
[ 235.544236][T10324] do_syscall_64+0xcd/0x490
[ 235.548964][T10324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 235.798630][T10362] binder: 10361:10362 ioctl 541b 38 returned -22
[ 236.084697][T10374] ACPI: Can not change Invalid GPE/Fixed Event status
[ 237.253052][T10430] sd 0:0:1:0: PR command failed: 1026
[ 237.262503][T10430] sd 0:0:1:0: Sense Key : Illegal Request [current]
[ 237.270250][T10430] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 239.096556][T10511] syz.0.2237 (10511): attempted to duplicate a private mapping with mremap. This is not supported.
[ 239.613243][T10533] sd 0:0:1:0: PR command failed: 1026
[ 239.620307][T10533] sd 0:0:1:0: Sense Key : Illegal Request [current]
[ 239.643082][T10533] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 240.456298][T10565] sd 0:0:1:0: PR command failed: 1026
[ 240.469411][T10566] bond0: option mode: unable to set because the bond device is up
[ 240.485005][T10565] sd 0:0:1:0: Sense Key : Illegal Request [current]
[ 240.495102][T10565] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 240.951599][T10585] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed.
[ 241.412724][ T5875] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[ 241.412768][ T5875] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[ 241.429066][ T5875] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[ 241.429187][ T5875] Bluetooth: hci0: Malformed LE Event: 0x0d
[ 241.896863][T10624] ima: policy update failed
[ 241.914659][ T31] audit: type=1802 audit(6138075009.978:18): pid=10624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2295" res=0 errno=0
[ 243.560384][T10704] WARNING! power/level is deprecated; use power/control instead
[ 243.936029][T10720] syz_tun: tun_chr_ioctl cmd 2147767507
[ 244.843635][T10758] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2361'.
[ 246.430196][T10828] random: crng reseeded on system resumption
[ 247.493113][T10878] block2mtd: illegal erase size
[ 248.531007][T10930] XFS: irix_symlink_mode sysctl option is deprecated.
[ 249.069964][T10928] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 249.454427][T10954] Process accounting resumed
[ 250.414711][ T31] audit: type=1400 audit(6138075018.522:19): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=11011 comm="syz.0.2479"
[ 251.702766][T11069] cougar: G6 mapped to F18
[ 252.155877][T11089] vhci_hcd: invalid port number 16
[ 252.189606][T11092] bond0: Unable to set down delay as MII monitoring is disabled
[ 252.240534][T11094] queue_state_write: unsupported operation ''
[ 252.271912][T11094] queue_state_write: use 'run', 'start' or 'kick'
[ 253.655749][T11151] phram: not enough arguments
[ 254.020450][ T5875] Bluetooth: hci2: unexpected event 0x23 length: 127 > 13
[ 255.899267][T11257] bcache: register_bcache() error : Not a bcache superblock (bad offset)
[ 256.191761][T11267] cifs: Unknown parameter 'no�+ 1�`r�sFn)��aHāh`9k�A}�1\D@�.ZC�g^��'
[ 261.113815][T11482] vhci_hcd: vhci_device speed not set
[ 261.240331][T11489] delete_channel: no stack
[ 261.810990][T11512] syz.3.2722 uses obsolete (PF_INET,SOCK_PACKET)
[ 263.177829][T11561] zram: Added device: zram1
[ 264.154595][T11603] aoe: can't write to that file.
[ 264.828633][T11632] nvme_fcloop: unknown parameter or missing value '7'
[ 265.266617][T11654] ecryptfs_parse_packet_length: Error parsing packet length
[ 265.288547][T11654] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22]
[ 265.758183][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 265.764816][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 266.594523][ T31] audit: type=1800 audit(6138075042.785:20): pid=11713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2817" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 267.087170][T11738] syz.3.2828 (11738): drop_caches: 0
[ 269.192894][T11826] cougar: G6 mapped to space
[ 269.657636][ T31] audit: type=1800 audit(6138075045.871:21): pid=11849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2881" name="discovery_nqn" dev="configfs" ino=25438 res=0 errno=0
[ 269.843715][T11857] ubi0: attaching mtd0
[ 269.869028][T11857] ubi0: scanning is finished
[ 269.873930][T11857] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 270.039278][T11857] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 270.580948][T11889] Ignoring unsupported numa_zonelist_order value:
[ 270.580948][T11889]
[ 272.357688][T11966] vivid-007: ================= START STATUS =================
[ 272.381368][T11966] vivid-007: Enable Output Cropping: true
[ 272.398600][T11966] vivid-007: Enable Output Composing: true
[ 272.409912][T11966] vivid-007: Enable Output Scaler: true
[ 272.419199][T11966] vivid-007: Tx RGB Quantization Range: Automatic
[ 272.427229][T11966] vivid-007: Transmit Mode: HDMI
[ 272.435516][T11966] vivid-007: Hotplug Present: 0x00000000
[ 272.442821][T11966] vivid-007: RxSense Present: 0x00000000
[ 272.448827][T11966] vivid-007: EDID Present: 0x00000000
[ 272.463001][T11966] vivid-007: ================== END STATUS ==================
[ 274.718734][T12057] usbcore.quirks: string doesn't fit in 127 chars.
[ 275.338169][T12083] kAFS: No cell specified
[ 275.558721][T12091] usb usb2: usbfs: process 12091 (syz.1.2999) did not claim interface 1 before use
[ 276.695582][T12139] vivid-003: ================= START STATUS =================
[ 276.709905][T12139] vivid-003: Radio HW Seek Mode: Bounded
[ 276.717002][T12139] vivid-003: Radio Programmable HW Seek: false
[ 276.730999][T12136] hub 8-0:1.0: Interface 0 is not authorized for usage
[ 276.745866][T12139] vivid-003: RDS Rx I/O Mode: Block I/O
[ 276.756487][T12139] vivid-003: Generate RBDS Instead of RDS: false
[ 276.765528][T12139] vivid-003: RDS Reception: true
[ 276.765570][T12136] usbtest 8-0:1.0: Interface 0 is not authorized for usage
[ 276.775189][T12139] vivid-003: RDS Program Type: 0 inactive
[ 276.786617][T12139] vivid-003: RDS PS Name: inactive
[ 276.793075][T12143] kernel read not supported for file /�gMQ�_g _N{7vGlq w��ĉu}OUVW.�u�w.`O��:�KdY�Ѯaj�7nwKQHg�[壣%'ϖX:�Dktހ�X [$O8 bŹ9F@eMU;$Q8҇ŝ赵DtS^0�YJp�u (pid: 12143 comm: syz.1.3022)
[ 276.838027][T12139] vivid-003: RDS Radio Text: inactive
[ 276.852649][T12139] vivid-003: RDS Traffic Announcement: false inactive
[ 276.861581][T12139] vivid-003: RDS Traffic Program: false inactive
[ 276.871072][T12139] vivid-003: RDS Music: false inactive
[ 276.876732][ T31] audit: type=1800 audit(6138075053.108:22): pid=12143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3022" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=26961 res=0 errno=0
[ 276.933097][T12139] vivid-003: ================== END STATUS ==================
[ 276.987929][T12144] ima: policy update failed
[ 277.010959][ T31] audit: type=1802 audit(6138075053.239:23): pid=12144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3023" res=0 errno=0
[ 278.348871][T12200] Setting dangerous option i915.mitigations - tainting kernel
[ 278.359952][T12200] Bad "i915.mitigations=!h@S�", 'h@S�' is unknown
[ 279.273460][T12244] scsi_strcpy_devinfo: vendor string '/&c~n] �|�
[ 279.273460][T12244] M�' is too long
[ 279.285702][T12244] scsi_strcpy_devinfo: model string 'Dd5�K��2b
[ 279.285702][T12244] W�� ' is too long
[ 279.419386][T12247] Process accounting paused
[ 280.768423][T12316] i2c i2c-0: new_device: Can't parse I2C address
[ 282.387214][T12383] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[ 282.387214][T12383] program syz.3.3142 not setting count and/or reply_len properly
[ 282.908147][T12408] random: crng reseeded on system resumption
[ 284.744398][T12489] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 287.731752][T12614] : Can't lookup blockdev
[ 288.581459][T12646] scsi_dev_info_list_add_str: bad dev info string ')zD��5�fk+*X�#R84*�Vsn�dvq�QW}~�YrȀ�-8VGDƘ��LB�%v�v}�Ypq|�?O[,!�7xWDr%[}E$�3�?G�9Ff=lrGH;2L<�=|�8�-c���Fո�"[v9�q�4Mmvq�k[�(iNDСM�X�PSqqX4X`V!;r֍)y]W�zfI�H0,��v{q8שUܹ䑉m؛H��TwCz-nR�%2]x05oՕ|3>l�S*L/Cdgӑ�[C�=Cwem)l#' ''S.sHgi�-TY%ܹF*8�nF�TH?�i{' ''
[ 288.629150][ C1] vkms_vblank_simulate: vblank timer overrun
[ 289.683631][T12691] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[ 290.110872][T12708] mmap: syz.3.3299 (12708): VmData 45883392 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data.
[ 290.890850][ T31] audit: type=1800 audit(6138075067.211:24): pid=12745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3317" name="dbroot" dev="configfs" ino=28130 res=0 errno=0
[ 292.127932][T12805] block2mtd: Using custom MTD label '' for dev
[ 292.138329][T12805] block2mtd: error: cannot open device
[ 292.896813][T12843] ptp ptp0: only physical clock in use now
[ 293.376016][T12868] i2c i2c-0: delete_device: Extra parameters
[ 298.605075][T13130] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26)
[ 298.606079][T13129] ima: policy update failed
[ 298.637958][ T31] audit: type=1802 audit(6138075075.002:25): pid=13129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3504" res=0 errno=0
[ 299.251656][T13164] busy
[ 299.990585][T13196] bond0: no command found in slaves file - use +ifname or -ifname
[ 305.363728][T13448] usbip-vudc usbip-vudc.0: gadget not bound
[ 305.553934][T13460] QAT: failed to copy from user cfg_data.
[ 308.180222][ T5934] smpboot: CPU 1 is now offline
[ 308.754243][T13584] vhci_hcd: invalid port number 16
[ 308.779073][T13584] vhci_hcd: invalid port number 16
[ 308.880371][T13586] kmem.limit_in_bytes is deprecated and will be removed. Writing any value to this file has no effect. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 309.291032][T13592] Process accounting resumed
[ 313.296024][T13719] Debayer A: ================= START STATUS =================
[ 313.343872][T13719] Debayer A: Debayer Mean Window Size: 3
[ 313.379319][T13719] Debayer A: ================== END STATUS ==================
[ 314.236678][T13735] could not allocate digest TFM handle
[ 316.075916][T13810] zswap: compressor �Ȯ9Qz%;0*lH`Bkjwjӳ<85�'.Y[`2Y$`Yvgִq"b%zN[O EiFi����(Sh3K�x>ԝRS=kHɟ�{?Bbޝ4)> not available
[ 316.920917][T13839] program syz.3.3846 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 316.979184][T13839] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 319.113285][T13908] syz_tun: tun_chr_ioctl cmd 1074025698
[ 321.584502][T13983] ptrace attach of "./syz-executor exec"[5861] was attempted by ""[13983]
[ 322.906897][T14026] binder: 14024:14026 ioctl 40046210 0 returned -14
[ 323.549823][T14044] synth uevent: /bus/mei: unknown uevent action string
[ 325.604743][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 325.611161][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 325.749992][T14116] __vm_enough_memory: pid: 14116, comm: syz.0.3980, bytes: 4398046511104 not enough memory for the allocation
[ 326.372411][T14134] delete_channel: no stack
[ 327.290296][ T5875] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 328.514970][T14211] : Can't lookup blockdev
[ 332.020212][T14329] random: crng reseeded on system resumption
[ 332.052390][T14331] __vm_enough_memory: pid: 14331, comm: syz.2.4084, bytes: 9223372036854775808 not enough memory for the allocation
[ 332.916835][T14352] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.2.4094: 7
[ 335.487955][T14451] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[ 338.668393][T14541] program syz.3.4173 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 339.242666][T14555] Process accounting paused
[ 339.343637][T14562] Setting dangerous option i915.mitigations - tainting kernel
[ 339.659541][T14574] kernel profiling enabled (shift: 0)
[ 340.135329][T14588] sysfs_service_op_store: Client not running :-5:
[ 340.155516][T14585] usb usb36: usbfs: process 14585 (syz.3.4195) did not claim interface 0 before use
[ 341.545985][T14574] syz.0.4191: vmalloc error: size 709480448, failed to allocated page array size 1385704, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 341.676760][T14574] CPU: 0 UID: 0 PID: 14574 Comm: syz.0.4191 Tainted: G U 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full)
[ 341.676802][T14574] Tainted: [U]=USER
[ 341.676809][T14574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 341.676828][T14574] Call Trace:
[ 341.676836][T14574]
[ 341.676845][T14574] dump_stack_lvl+0x16c/0x1f0
[ 341.676890][T14574] warn_alloc+0x248/0x3a0
[ 341.676919][T14574] ? __pfx_warn_alloc+0x10/0x10
[ 341.676959][T14574] ? profile_init+0xd5/0x130
[ 341.676985][T14574] ? __vmalloc_node_noprof+0xad/0xf0
[ 341.677028][T14574] __vmalloc_node_range_noprof+0x101b/0x14b0
[ 341.677077][T14574] ? profile_init+0xd5/0x130
[ 341.677111][T14574] ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 341.677156][T14574] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 341.677189][T14574] ? rcu_is_watching+0x12/0xc0
[ 341.677219][T14574] ? profile_init+0xd5/0x130
[ 341.677245][T14574] __vmalloc_node_noprof+0xad/0xf0
[ 341.677285][T14574] ? profile_init+0xd5/0x130
[ 341.677315][T14574] ? __pfx_profiling_store+0x10/0x10
[ 341.677350][T14574] profile_init+0xd5/0x130
[ 341.677379][T14574] profiling_store+0x7b/0x120
[ 341.677421][T14574] kobj_attr_store+0x55/0x80
[ 341.677460][T14574] ? __pfx_kobj_attr_store+0x10/0x10
[ 341.677499][T14574] sysfs_kf_write+0xef/0x150
[ 341.677528][T14574] kernfs_fop_write_iter+0x351/0x510
[ 341.677550][T14574] ? __pfx_sysfs_kf_write+0x10/0x10
[ 341.677579][T14574] vfs_write+0x6c7/0x1150
[ 341.677608][T14574] ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 341.677651][T14574] ? __pfx___mutex_lock+0x10/0x10
[ 341.677690][T14574] ? __pfx_vfs_write+0x10/0x10
[ 341.677738][T14574] ksys_write+0x12a/0x250
[ 341.677765][T14574] ? __pfx_ksys_write+0x10/0x10
[ 341.677803][T14574] do_syscall_64+0xcd/0x490
[ 341.677844][T14574] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 341.677869][T14574] RIP: 0033:0x7f1b23d8eb69
[ 341.677892][T14574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 341.677915][T14574] RSP: 002b:00007f1b24bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 341.677937][T14574] RAX: ffffffffffffffda RBX: 00007f1b23fb5fa0 RCX: 00007f1b23d8eb69
[ 341.677953][T14574] RDX: 0000000000001000 RSI: 0000200000000040 RDI: 0000000000000003
[ 341.677968][T14574] RBP: 00007f1b23e11df1 R08: 0000000000000000 R09: 0000000000000000
[ 341.677982][T14574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 341.677996][T14574] R13: 0000000000000000 R14: 00007f1b23fb5fa0 R15: 00007ffe9dd046f8
[ 341.678026][T14574]
[ 341.678035][T14574] Mem-Info:
[ 342.242933][T14631] sysfs_service_op_store: Client not running :-5:
[ 343.002265][T14649] =======================================================
[ 343.002265][T14649] WARNING: The mand mount option has been deprecated and
[ 343.002265][T14649] and is ignored by this kernel. Remove the mand
[ 343.002265][T14649] option from the mount to silence this warning.
[ 343.002265][T14649] =======================================================
[ 343.042616][T14574] active_anon:10537 inactive_anon:0 isolated_anon:0
[ 343.042616][T14574] active_file:19703 inactive_file:39743 isolated_file:0
[ 343.042616][T14574] unevictable:768 dirty:139 writeback:0
[ 343.042616][T14574] slab_reclaimable:11013 slab_unreclaimable:93294
[ 343.042616][T14574] mapped:29589 shmem:7190 pagetables:1125
[ 343.042616][T14574] sec_pagetables:0 bounce:0
[ 343.042616][T14574] kernel_misc_reclaimable:0
[ 343.042616][T14574] free:1307767 free_pcp:9328 free_cma:0
[ 343.306737][T14574] Node 0 active_anon:42088kB inactive_anon:0kB active_file:78756kB inactive_file:158844kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118288kB dirty:648kB writeback:0kB shmem:27264kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11152kB pagetables:4384kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 343.536573][T14574] Node 1 active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:56kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 343.705120][T14574] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 343.855542][T14574] lowmem_reserve[]: 0 2480 2481 2481 2481
[ 343.891992][T14574] Node 0 DMA32 free:1317064kB boost:0kB min:34324kB low:42904kB high:51484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:41916kB inactive_anon:0kB active_file:78756kB inactive_file:157536kB unevictable:1536kB writepending:648kB present:3129332kB managed:2539732kB mlocked:0kB bounce:0kB free_pcp:27060kB local_pcp:27060kB free_cma:0kB
[ 344.057494][T14574] lowmem_reserve[]: 0 0 1 1 1
[ 344.095767][T14574] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:68kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[ 344.258905][T14574] lowmem_reserve[]: 0 0 0 0 0
[ 344.267490][T14574] Node 1 Normal free:3897904kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:136kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:10532kB local_pcp:10532kB free_cma:0kB
[ 344.472159][T14574] lowmem_reserve[]: 0 0 0 0 0
[ 344.507964][T14574] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 344.581429][T14574] Node 0 DMA32: 152*4kB (UME) 1077*8kB (UME) 640*16kB (UME) 286*32kB (ME) 102*64kB (UME) 17*128kB (UME) 3*256kB (ME) 0*512kB 1*1024kB (U) 2*2048kB (UE) 311*4096kB (M) = 1317064kB
[ 344.708350][T14574] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 344.804496][T14574] Node 1 Normal: 154*4kB (UME) 23*8kB (UME) 35*16kB (UME) 221*32kB (UME) 87*64kB (UME) 15*128kB (UME) 10*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 946*4096kB (M) = 3897904kB
[ 344.900844][T14574] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 344.946234][T14574] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 345.003953][T14574] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 345.060452][T14574] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 345.110652][T14574] 66644 total pagecache pages
[ 345.130617][T14574] 0 pages in swap cache
[ 345.148714][T14574] Free swap = 124996kB
[ 345.179522][T14574] Total swap = 124996kB
[ 345.192455][T14574] 2097051 pages RAM
[ 345.222275][T14574] 0 pages HighMem/MovableOnly
[ 345.244445][T14574] 430140 pages reserved
[ 345.285478][T14574] 0 pages cma reserved
[ 346.444563][T14745] syz_tun: tun_chr_ioctl cmd 1074812117
[ 347.069415][T14760] [U] �
[ 351.299761][T14906] kafs: addr_prefs: Invalid Command
[ 354.036404][T15022] kafs: addr_prefs: Invalid Command
[ 355.528345][T15069] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to -1. Contact your vendor for updates.
[ 356.854087][T15111] queue_state_write: operation too long
[ 356.899537][T15111] queue_state_write: use 'run', 'start' or 'kick'
[ 359.747948][ T5875] Bluetooth: hci1: unexpected event 0x3d length: 3 < 14
[ 360.831948][T15259] Format for unlinking a device is "netnsfd:ifidx" (int uint).
[ 360.849888][T15261] ICMPv6: process `syz.0.4475' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[ 364.071742][ T5851] Process accounting resumed
[ 365.043517][T15386] vhci_hcd: invalid port number 16
[ 365.072264][T15386] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[ 365.320052][T15393] ima: policy update failed
[ 365.324662][ T31] audit: type=1807 audit(6138075142.018:26): UNKNOWN=0"]$|1j0B|d�ӉO+/xWӦ^gq%ḦrO� res=0
[ 365.391928][ T31] audit: type=1802 audit(6138075142.018:27): pid=15394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.4534" res=0 errno=0
[ 365.519283][ T31] audit: type=1802 audit(6138075142.069:28): pid=15393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4534" res=0 errno=0
[ 365.691255][T15407] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string
[ 365.754748][T15407] ep_00: uevent: failed to send synthetic uevent: -22
[ 366.256858][T15421] hub 1-0:1.0: USB hub found
[ 366.295254][T15421] hub 1-0:1.0: 1 port detected
[ 366.914564][ T5875] Bluetooth: hci1: unexpected event 0x01 length: 5 > 1
[ 368.218442][ T5875] Bluetooth: hci2: unexpected event 0x01 length: 5 > 1
[ 369.285251][T15551] Process accounting resumed
[ 370.679243][ T5875] Bluetooth: hci2: unexpected event 0x3d length: 3 < 14
[ 370.720319][ T5875] Bluetooth: hci2: command 0x0c1a tx timeout
[ 370.727149][ T5851] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[ 371.884115][T15646] hub 1-0:1.0: USB hub found
[ 371.919670][T15646] hub 1-0:1.0: 1 port detected
[ 372.523863][T15672] bond0: option packets_per_slave: invalid value (�Xnp�)
[ 372.572247][T15672] bond0: option packets_per_slave: allowed values 0 - 65535
[ 373.822218][T15709] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there
[ 373.822218][T15709]
[ 376.380901][T15740] writes to the poll attribute are ignored.
[ 376.496626][T15740] please use driver specific parameters instead.
[ 376.871135][ T5875] Bluetooth: hci0: unexpected event 0x3d length: 3 < 14
[ 377.330027][T15854] i2c i2c-0: new_device: Invalid device name
[ 377.766155][T15864] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead.
[ 380.334305][T15942] nfsd: Unknown parameter '^�B-'
[ 380.427974][T15939] nvme_fabrics: missing parameter 'transport=%s'
[ 380.465021][T15946] i2c i2c-0: delete_device: Can't find device in list
[ 380.474287][T15939] nvme_fabrics: missing parameter 'nqn=%s'
[ 380.734884][T15953] sysfs_service_op_show: Client not running :-5:
[ 381.441744][T15978] ecryptfs_miscdev_write: Invalid packet size [192]
[ 382.556627][T16008] random: crng reseeded on system resumption
[ 383.625340][ T5875] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1
[ 387.999996][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 388.030208][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 388.142145][T16191] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request
[ 388.179899][T16193] udc dummy_udc.0: soft-connect without a gadget driver
[ 389.707385][T16242] bond0: no command found in slaves file - use +ifname or -ifname
[ 392.851603][T16347] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 394.777236][T16403] QAT: Invalid ioctl 21531
[ 394.945045][T16407] rnbd_client L202: map_device: Unknown parameter or missing value '('
[ 399.217446][T16533] Process accounting paused
[ 399.914944][T16555] rnbd_client L213: map_device: Parameters missing
[ 400.460754][T16575] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in;
[ 400.460754][T16575] program syz.3.5036 not setting count and/or reply_len properly
[ 402.057706][T16614] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 404.368354][T16662] synth uevent: /devices/virtual/block/nbd6: unknown uevent action string
[ 404.433404][T16662] block nbd6: uevent: failed to send synthetic uevent: -22
[ 413.694652][ T5875] Bluetooth: hci1: unexpected event for opcode 0x7c89
[ 415.307862][T17031] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 415.858613][T17051] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[ 416.449387][T17066] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2)
[ 416.451384][T17065] ima: policy update failed
[ 416.532310][ T31] audit: type=1802 audit(6138075193.495:29): pid=17065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.5265" res=0 errno=0
[ 418.818010][T17131] Scaler: ================= START STATUS =================
[ 418.859359][T17131] Scaler: ================== END STATUS ==================
[ 421.135042][ T31] audit: type=1806 audit(6138075198.129:30): xattr="" res=-22
[ 421.560819][T17211] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 422.510466][T17243] usb usb16: usbfs: process 17243 (syz.0.5352) did not claim interface 0 before use
[ 422.775846][T17255] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd
[ 424.208935][T17265]
[ 424.211317][T17265] ======================================================
[ 424.218340][T17265] WARNING: possible circular locking dependency detected
[ 424.225364][T17265] 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 Tainted: G U I
[ 424.233699][T17265] ------------------------------------------------------
[ 424.240742][T17265] syz.1.5363/17265 is trying to acquire lock:
[ 424.246809][T17265] ffff888025da8fb8 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x103/0x400
[ 424.256237][T17265]
[ 424.256237][T17265] but task is already holding lock:
[ 424.263628][T17265] ffff888025da8a78 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 424.274999][T17265]
[ 424.274999][T17265] which lock already depends on the new lock.
[ 424.274999][T17265]
[ 424.285422][T17265]
[ 424.285422][T17265] the existing dependency chain (in reverse order) is:
[ 424.294464][T17265]
[ 424.294464][T17265] -> #3 (&q->q_usage_counter(io)#18){++++}-{0:0}:
[ 424.303152][T17265] blk_alloc_queue+0x619/0x760
[ 424.308554][T17265] blk_mq_alloc_queue+0x172/0x280
[ 424.314149][T17265] __blk_mq_alloc_disk+0x29/0x120
[ 424.319845][T17265] loop_add+0x490/0xb70
[ 424.324588][T17265] loop_init+0x164/0x270
[ 424.329454][T17265] do_one_initcall+0x120/0x6e0
[ 424.334756][T17265] kernel_init_freeable+0x5c2/0x900
[ 424.340516][T17265] kernel_init+0x1c/0x2b0
[ 424.345398][T17265] ret_from_fork+0x5d4/0x6f0
[ 424.350547][T17265] ret_from_fork_asm+0x1a/0x30
[ 424.355857][T17265]
[ 424.355857][T17265] -> #2 (fs_reclaim){+.+.}-{0:0}:
[ 424.363089][T17265] fs_reclaim_acquire+0x102/0x150
[ 424.368745][T17265] prepare_alloc_pages+0x162/0x610
[ 424.374419][T17265] __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 424.380938][T17265] __alloc_pages_noprof+0xb/0x1b0
[ 424.386508][T17265] pcpu_populate_chunk+0x110/0xb00
[ 424.392272][T17265] pcpu_alloc_noprof+0x86a/0x1470
[ 424.398055][T17265] bpf_map_alloc_percpu+0x9a/0x4b0
[ 424.403827][T17265] htab_map_alloc+0x10ca/0x1570
[ 424.409366][T17265] map_create+0x58f/0x1f80
[ 424.414345][T17265] __sys_bpf+0x44d2/0x4de0
[ 424.419331][T17265] __x64_sys_bpf+0x78/0xc0
[ 424.424310][T17265] do_syscall_64+0xcd/0x490
[ 424.429371][T17265] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 424.435819][T17265]
[ 424.435819][T17265] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}:
[ 424.443577][T17265] __mutex_lock+0x193/0x10b0
[ 424.448715][T17265] pcpu_alloc_noprof+0xb4c/0x1470
[ 424.454391][T17265] sbitmap_init_node+0x2fd/0x770
[ 424.459956][T17265] sbitmap_queue_init_node+0x41/0x560
[ 424.465904][T17265] blk_mq_init_tags+0x12d/0x2b0
[ 424.471382][T17265] blk_mq_alloc_map_and_rqs+0x237/0xf60
[ 424.477519][T17265] blk_mq_init_sched+0x30c/0x610
[ 424.483017][T17265] elevator_switch+0x1e1/0x7f0
[ 424.488423][T17265] elevator_change+0x2ac/0x400
[ 424.493738][T17265] elevator_set_default+0x2c4/0x360
[ 424.499522][T17265] blk_register_queue+0x393/0x4f0
[ 424.505196][T17265] __add_disk+0x74a/0xf00
[ 424.510157][T17265] add_disk_fwnode+0x13f/0x5d0
[ 424.515564][T17265] nbd_dev_add+0x783/0xbb0
[ 424.520513][T17265] nbd_init+0x181/0x320
[ 424.525201][T17265] do_one_initcall+0x120/0x6e0
[ 424.530502][T17265] kernel_init_freeable+0x5c2/0x900
[ 424.536246][T17265] kernel_init+0x1c/0x2b0
[ 424.541121][T17265] ret_from_fork+0x5d4/0x6f0
[ 424.546347][T17265] ret_from_fork_asm+0x1a/0x30
[ 424.551650][T17265]
[ 424.551650][T17265] -> #0 (&q->elevator_lock){+.+.}-{4:4}:
[ 424.559505][T17265] __lock_acquire+0x12a6/0x1ce0
[ 424.564900][T17265] lock_acquire+0x179/0x350
[ 424.569944][T17265] __mutex_lock+0x193/0x10b0
[ 424.575096][T17265] elevator_change+0x103/0x400
[ 424.580411][T17265] elv_iosched_store+0x2eb/0x3a0
[ 424.585904][T17265] queue_attr_store+0x26b/0x310
[ 424.591301][T17265] sysfs_kf_write+0xef/0x150
[ 424.596451][T17265] kernfs_fop_write_iter+0x351/0x510
[ 424.602295][T17265] vfs_write+0x6c7/0x1150
[ 424.607192][T17265] ksys_write+0x12a/0x250
[ 424.612799][T17265] do_syscall_64+0xcd/0x490
[ 424.617886][T17265] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 424.624522][T17265]
[ 424.624522][T17265] other info that might help us debug this:
[ 424.624522][T17265]
[ 424.634852][T17265] Chain exists of:
[ 424.634852][T17265] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#18
[ 424.634852][T17265]
[ 424.648650][T17265] Possible unsafe locking scenario:
[ 424.648650][T17265]
[ 424.656290][T17265] CPU0 CPU1
[ 424.661660][T17265] ---- ----
[ 424.667124][T17265] lock(&q->q_usage_counter(io)#18);
[ 424.672633][T17265] lock(fs_reclaim);
[ 424.679233][T17265] lock(&q->q_usage_counter(io)#18);
[ 424.687156][T17265] lock(&q->elevator_lock);
[ 424.691966][T17265]
[ 424.691966][T17265] *** DEADLOCK ***
[ 424.691966][T17265]
[ 424.700120][T17265] 7 locks held by syz.1.5363/17265:
[ 424.705357][T17265] #0: ffff88802f80f0b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[ 424.714474][T17265] #1: ffff888034b00428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 424.723505][T17265] #2: ffff888060bcfc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 424.733552][T17265] #3: ffff888025e13c38 (kn->active#143){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 424.743697][T17265] #4: ffff888025e59368 (&set->update_nr_hwq_lock){++++}-{4:4}, at: elv_iosched_store+0x337/0x3a0
[ 424.754834][T17265] #5: ffff888025da8a78 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 424.767361][T17265] #6: ffff888025da8ab0 (&q->q_usage_counter(queue)#27){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 424.779385][T17265]
[ 424.779385][T17265] stack backtrace:
[ 424.785394][T17265] CPU: 0 UID: 0 PID: 17265 Comm: syz.1.5363 Tainted: G U I 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full)
[ 424.785445][T17265] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 424.785457][T17265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 424.785475][T17265] Call Trace:
[ 424.785485][T17265]
[ 424.785494][T17265] dump_stack_lvl+0x116/0x1f0
[ 424.785535][T17265] print_circular_bug+0x275/0x350
[ 424.785566][T17265] check_noncircular+0x14c/0x170
[ 424.785599][T17265] __lock_acquire+0x12a6/0x1ce0
[ 424.785634][T17265] lock_acquire+0x179/0x350
[ 424.785664][T17265] ? elevator_change+0x103/0x400
[ 424.785693][T17265] ? __pfx___might_resched+0x10/0x10
[ 424.785718][T17265] ? elevator_change+0x103/0x400
[ 424.785743][T17265] __mutex_lock+0x193/0x10b0
[ 424.785777][T17265] ? elevator_change+0x103/0x400
[ 424.785802][T17265] ? enable_work+0x245/0x340
[ 424.785822][T17265] ? __pfx_xa_find_after+0x10/0x10
[ 424.785845][T17265] ? __pfx___mutex_lock+0x10/0x10
[ 424.785884][T17265] ? blk_mq_cancel_work_sync+0xd8/0x110
[ 424.785906][T17265] ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[ 424.785948][T17265] ? elevator_change+0x103/0x400
[ 424.785975][T17265] elevator_change+0x103/0x400
[ 424.786005][T17265] elv_iosched_store+0x2eb/0x3a0
[ 424.786036][T17265] ? __pfx_elv_iosched_store+0x10/0x10
[ 424.786070][T17265] ? __mutex_trylock_common+0xe9/0x250
[ 424.786103][T17265] ? __pfx_elv_iosched_store+0x10/0x10
[ 424.786140][T17265] queue_attr_store+0x26b/0x310
[ 424.786164][T17265] ? __pfx_queue_attr_store+0x10/0x10
[ 424.786194][T17265] ? find_held_lock+0x2b/0x80
[ 424.786215][T17265] ? sysfs_file_kobj+0xe4/0x290
[ 424.786242][T17265] ? __pfx_queue_attr_store+0x10/0x10
[ 424.786265][T17265] sysfs_kf_write+0xef/0x150
[ 424.786289][T17265] kernfs_fop_write_iter+0x351/0x510
[ 424.786310][T17265] ? __pfx_sysfs_kf_write+0x10/0x10
[ 424.786335][T17265] vfs_write+0x6c7/0x1150
[ 424.786361][T17265] ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 424.786401][T17265] ? __pfx___mutex_lock+0x10/0x10
[ 424.786437][T17265] ? __pfx_vfs_write+0x10/0x10
[ 424.786471][T17265] ksys_write+0x12a/0x250
[ 424.786496][T17265] ? __pfx_ksys_write+0x10/0x10
[ 424.786526][T17265] do_syscall_64+0xcd/0x490
[ 424.786563][T17265] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 424.786587][T17265] RIP: 0033:0x7f44fa58eb69
[ 424.786605][T17265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 424.786627][T17265] RSP: 002b:00007f44fb371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 424.786648][T17265] RAX: ffffffffffffffda RBX: 00007f44fa7b5fa0 RCX: 00007f44fa58eb69
[ 424.786664][T17265] RDX: 0000000000000081 RSI: 0000200000000140 RDI: 0000000000000003
[ 424.786677][T17265] RBP: 00007f44fa611df1 R08: 0000000000000000 R09: 0000000000000000
[ 424.786691][T17265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 424.786705][T17265] R13: 0000000000000000 R14: 00007f44fa7b5fa0 R15: 00007fffbc918748
[ 424.786726][T17265]