last executing test programs: 10.81956799s ago: executing program 0 (id=10707): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c0300006bba861b000004000000a324578958970716", 0x49}, 0x2, &(0x7f0000000700), 0x5, 0x1}, 0x5}, 0x2, 0x100) 10.744356504s ago: executing program 1 (id=10708): setsockopt$auto(0xffffffffffffffff, 0x107, 0x8, 0x0, 0x6) fcntl$auto_F_UNLCK(0xffffffffffffffff, 0x5, 0x2) syslog$auto(0x2, &(0x7f0000000000)='-#:\x00[\xda\xe2\xc3L\xd30{Q\xecvP\x93\x87\x1e\xdd\x95\x1b\x19qI\vv\xacO*X0V\x93\x85\xff\xb2\xdd\xd8\xd5Kh\xfa\xa3\xc7\x9b}\xec\x1e\xdc\x80\x1fR\xc30\x9a\xae\\\'\x14\x98\x98\xc3iDv\x97\xdfTMt\xe5?\xd0\xcc\xb8\xfa\a\x7f\x7f\x00\x00\x00\x00\x00\x00\x00n_\xb1\x1c\x7f\xb0y\xec\xe2\xcc\x1a/\xfa{d\xe4BN\x9c\xb9\x87.\xfe\xe7&1j\xe6]\xc3\x9anE6\x81\xe4\xec\xfa\xefE\xf7\x17h\xf4pumR\xd55Dd(\x0f(b\x1aD\xf4\x03\xc3\\\xdf\x8f\xa8\x82\xab\x102\xd1\xaf\xcaT\x86\x171\x11Q4\x94\x9d\xf5\x9c\xe3\xaa\xf3\xd26i\xf9\xb2\xd9T\xc9\xfd\xba\x91^\x19\x95\xde\xbc \xa8\x98\xc3\xed\xe9,{\xd4\xa1\xe4p\xcf\b\f\xb4\xbe_\xf2\xbe\xef\v\xf1d\xdd\x0e\xfc\xc3\xeaqt\x94\xe7\xce\xf1\xc5\x94~\xf6Cx\x0e\x98\xc7gE>*\x9c%\xa0\\\x14\t\tv.\x1c\x1a\xf1\xba\xc0>\xf4Hc\xc3\xfa\x033\x8f\xb9(\n/\xcdo\xc2', 0xcf) mprotect$auto(0x74, 0x9, 0x5) 10.706082328s ago: executing program 0 (id=10710): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xb, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='*'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000080), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 10.592956973s ago: executing program 0 (id=10712): mmap$auto(0x0, 0x4020009, 0x7, 0xeb1, 0x400, 0x8000) socket(0x2, 0x5, 0x0) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) 10.316474863s ago: executing program 3 (id=10716): open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x100, 0x3, 0x7, 0x10}, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_7={@link_id=0x1, 0x3, 0x3}, 0x6f3) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0)) 10.146039472s ago: executing program 3 (id=10718): socket(0x28, 0x5, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf9779d790fb28"], 0x2c}, 0x1, 0x0, 0x0, 0x4000014}, 0x400c000) r0 = socket(0x10, 0x2, 0x4) write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb) 10.034947989s ago: executing program 3 (id=10720): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, 0x8, 0x0) socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0x8011, 0x0, 0x4) 10.020349233s ago: executing program 0 (id=10721): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 9.913629248s ago: executing program 3 (id=10723): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="08009e"], 0x24}}, 0x4000000) 9.886801797s ago: executing program 0 (id=10724): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_l2cap_debugfs_fops_(r0, &(0x7f0000000240)=""/177, 0xb1) kill$auto(0x0, 0x21) 9.817340315s ago: executing program 1 (id=10725): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setreuid$auto(0x0, 0xee00) r0 = socket(0x29, 0x2, 0x0) ioctl$auto(r0, 0x8b0f, 0x24) 9.791106681s ago: executing program 2 (id=10726): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x2fa7}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x800) 9.785013608s ago: executing program 3 (id=10727): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000600)={0x38, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x3}]}, @NET_SHAPER_A_LEAVES={0x10, 0xa, 0x0, 0x1, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14) 9.70140815s ago: executing program 1 (id=10728): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0x8004, 0x0, 0x8000006) socketpair$auto(0x2, 0x9, 0x43, 0x0) mmap$auto(0x0, 0x3, 0x4, 0xeb1, 0x401, 0x8000) 9.671827386s ago: executing program 3 (id=10729): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) settimeofday$auto(&(0x7f0000000080)={0x7fffffff, 0x5}, 0x0) 9.670621514s ago: executing program 2 (id=10730): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/scsi_mod/parameters/max_luns\x00', 0x121102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x1f40) write$auto(0x3, 0x0, 0xfdef) 9.560560455s ago: executing program 2 (id=10731): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x10000000000002d, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) 9.41760426s ago: executing program 2 (id=10732): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x9, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x6, 0x0, 0x0, 0x0) 9.41231105s ago: executing program 1 (id=10733): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket(0x28, 0x1, 0x0) setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) 9.314568941s ago: executing program 2 (id=10734): open(&(0x7f0000000100)='.\x00', 0x591083, 0x408) mmap$auto(0x0, 0xfb, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) unlinkat$auto(0xffffffffffffffff, 0x0, 0x200) 9.307302565s ago: executing program 1 (id=10735): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1b, &(0x7f00000000c0), 0x1) 9.158807717s ago: executing program 2 (id=10736): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) mremap$auto(0x4000, 0x4, 0x13fd7, 0x3, 0xfffff000) syz_clone(0x81020400, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) 88.66587ms ago: executing program 0 (id=10737): socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bond\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r1, r0, 0x8000, 0x2, 0xffffffffffffffff, @relative_id=0x13, 0x6}, 0xf) 0s ago: executing program 1 (id=10738): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mlock$auto(0xfbe8, 0x4) kernel console output (not intermixed with test programs): 9.882570][T13281] Process accounting paused [ 240.457974][T12887] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 240.465568][T12887] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 240.620949][T13310] kfence: disabled [ 242.261920][T13306] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 242.269428][T13306] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff [ 242.304572][T13348] random: crng reseeded on system resumption [ 244.372524][ T30] audit: type=1400 audit(4294967355.361:19): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=13436 comm="syz.2.3754" [ 245.536294][T13492] kAFS: No cell specified [ 246.063374][T13520] bond0: invalid ARP target specified [ 246.551200][T13544] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there [ 246.551200][T13544] [ 247.730645][T13601] random: crng reseeded on system resumption [ 249.146693][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 249.153051][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 251.253909][T13762] vivid-007: ================= START STATUS ================= [ 251.261637][T13762] vivid-007: Generate PTS: true [ 251.324423][T13762] vivid-007: Generate SCR: true [ 251.347774][T13762] tpg source WxH: 320x240 (Y'CbCr) [ 251.373841][T13762] tpg field: 1 [ 251.382580][T13762] tpg crop: (0,0)/320x240 [ 251.420508][T13762] tpg compose: (0,0)/320x240 [ 251.458317][T13762] tpg colorspace: 8 [ 251.482340][T13762] tpg transfer function: 0/0 [ 251.502208][T13762] tpg Y'CbCr encoding: 0/0 [ 251.524253][T13762] tpg quantization: 0/0 [ 251.541095][T13762] tpg RGB range: 0/2 [ 251.582266][T13762] vivid-007: ================== END STATUS ================== [ 251.716910][T13780] vhci_hcd vhci_hcd.2: Wrong hub descriptor type for USB 3.0 roothub. [ 252.352117][T13808] bond0: Unable to set down delay as MII monitoring is disabled [ 252.381492][T13811] program syz.0.3936 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 253.785679][ T30] audit: type=1800 audit(4294967364.840:20): pid=13869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3964" name="lu_gp_id" dev="configfs" ino=34086 res=0 errno=0 [ 253.817210][T13869] kstrtoul() returned -22 for lu_gp_id [ 254.216945][T13879] ima: policy update failed [ 254.238604][ T30] audit: type=1802 audit(4294967365.282:21): pid=13879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.3971" res=0 errno=0 [ 255.915547][ T30] audit: type=1800 audit(4294967366.971:22): pid=13953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4005" name="dbroot" dev="configfs" ino=34341 res=0 errno=0 [ 259.176086][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 259.182389][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 264.754079][T14351] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 264.815672][T14351] ep_00: uevent: failed to send synthetic uevent: -22 [ 265.156346][T14364] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 265.380364][ T30] audit: type=1800 audit(4294967376.490:23): pid=14374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4212" name="members" dev="configfs" ino=35717 res=0 errno=0 [ 265.426446][T13306] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 266.455208][T14422] rnbd_client L213: map_device: Parameters missing [ 267.150600][T14444] zswap: compressor _ not available [ 267.201197][T12703] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 267.449998][T13306] Bluetooth: hci3: command 0x0406 tx timeout [ 268.115871][T14491] synth uevent: /bus/mei: unknown uevent action string [ 268.124361][T14492] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 268.516885][T14510] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.1.4277: 7 [ 269.282987][T14457] Bluetooth: hci2: command 0x0406 tx timeout [ 269.520013][T14457] Bluetooth: hci3: command 0x0406 tx timeout [ 269.765201][T14566] block2mtd: too many arguments [ 269.814488][T14564] Process accounting resumed [ 270.356024][T14595] misc userio: Invalid payload size [ 270.577615][T14604] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 271.352149][T13306] Bluetooth: hci2: command 0x0406 tx timeout [ 272.159985][T14651] zswap: compressor - not available [ 273.577243][T14724] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 273.866779][T14737] random: crng reseeded on system resumption [ 274.466995][T12703] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 274.684783][T14770] kafs: addr_prefs: Invalid Command [ 274.738649][T14773] syz_tun: tun_chr_ioctl cmd 1074025680 [ 276.407156][T14846] program syz.0.4417 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 276.526305][T13306] Bluetooth: hci0: command 0x0406 tx timeout [ 277.966473][T12703] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 278.593019][T12703] Bluetooth: hci0: command 0x0406 tx timeout [ 280.026808][T14457] Bluetooth: hci1: command 0x0406 tx timeout [ 281.768107][T15093] warning: `syz.2.4518' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 282.097469][T13306] Bluetooth: hci1: command 0x0406 tx timeout [ 283.493199][T15183] program syz.1.4554 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 284.426708][T15227] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 284.430027][T15225] ima: policy update failed [ 284.447350][T15228] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 284.510979][ T30] audit: type=1802 audit(4294967395.720:24): pid=15225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.4568" res=0 errno=0 [ 286.810130][T15360] usb usb24: usbfs: process 15360 (syz.0.4618) did not claim interface 0 before use [ 287.608752][T15400] ACPI: Can not change Invalid GPE/Fixed Event status [ 288.339400][T15437] tipc: Can't bind to reserved service type 0 [ 288.839386][T15455] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 288.967894][T15455] CIFS mount error: No usable UNC path provided in device string! [ 288.967894][T15455] [ 289.012365][T15455] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 290.962360][T15545] syz.2.4692: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 291.050650][T15545] CPU: 0 UID: 0 PID: 15545 Comm: syz.2.4692 Tainted: G U syzkaller #0 PREEMPT(full) [ 291.050677][T15545] Tainted: [U]=USER [ 291.050683][T15545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 291.050699][T15545] Call Trace: [ 291.050705][T15545] [ 291.050712][T15545] dump_stack_lvl+0x100/0x190 [ 291.050735][T15545] warn_alloc.cold+0x95/0x1c1 [ 291.050760][T15545] ? __pfx_warn_alloc+0x10/0x10 [ 291.050790][T15545] __vmalloc_node_range_noprof+0x1252/0x1530 [ 291.050806][T15545] ? __pfx___might_resched+0x10/0x10 [ 291.050830][T15545] ? rcu_is_watching+0x12/0xc0 [ 291.050845][T15545] ? trace_contention_end+0xd6/0x110 [ 291.050866][T15545] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 291.050886][T15545] ? dvb_dvr_do_ioctl+0x7e/0x270 [ 291.050904][T15545] ? find_held_lock+0x2b/0x80 [ 291.050917][T15545] ? tomoyo_path_number_perm+0x28f/0x580 [ 291.050939][T15545] ? tomoyo_path_number_perm+0x28f/0x580 [ 291.050960][T15545] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 291.050976][T15545] ? tomoyo_path_number_perm+0x188/0x580 [ 291.050998][T15545] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 291.051023][T15545] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 291.051041][T15545] __vmalloc_node_noprof+0xad/0xf0 [ 291.051055][T15545] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 291.051076][T15545] dvb_dvr_do_ioctl+0x15d/0x270 [ 291.051098][T15545] dvb_usercopy+0x167/0x340 [ 291.051116][T15545] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 291.051136][T15545] ? __pfx_dvb_usercopy+0x10/0x10 [ 291.051161][T15545] ? __fget_files+0x21f/0x3d0 [ 291.051181][T15545] dvb_dvr_ioctl+0x29/0x40 [ 291.051199][T15545] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 291.051218][T15545] __x64_sys_ioctl+0x18e/0x210 [ 291.051250][T15545] do_syscall_64+0xc9/0xf80 [ 291.051278][T15545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.051294][T15545] RIP: 0033:0x7f5fff79acb9 [ 291.051311][T15545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.051325][T15545] RSP: 002b:00007f6000573028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 291.051343][T15545] RAX: ffffffffffffffda RBX: 00007f5fffa15fa0 RCX: 00007f5fff79acb9 [ 291.051353][T15545] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 291.051363][T15545] RBP: 00007f5fff808bf7 R08: 0000000000000000 R09: 0000000000000000 [ 291.051372][T15545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.051381][T15545] R13: 00007f5fffa16038 R14: 00007f5fffa15fa0 R15: 00007ffe6bdc9718 [ 291.051401][T15545] [ 291.051407][T15545] Mem-Info: [ 292.305753][T15545] active_anon:21995 inactive_anon:0 isolated_anon:0 [ 292.305753][T15545] active_file:20550 inactive_file:37540 isolated_file:0 [ 292.305753][T15545] unevictable:768 dirty:540 writeback:0 [ 292.305753][T15545] slab_reclaimable:11113 slab_unreclaimable:93822 [ 292.305753][T15545] mapped:34149 shmem:16810 pagetables:1146 [ 292.305753][T15545] sec_pagetables:0 bounce:0 [ 292.305753][T15545] kernel_misc_reclaimable:0 [ 292.305753][T15545] free:1297134 free_pcp:22985 free_cma:0 [ 292.451901][T15566] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 292.545762][T15545] Node 0 active_anon:90084kB inactive_anon:0kB active_file:82196kB inactive_file:150040kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137324kB dirty:2176kB writeback:0kB shmem:67712kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB kernel_stack:10880kB pagetables:4552kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 292.719837][T15545] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 292.888796][T15545] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 293.022581][T15545] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 293.056867][T15545] Node 0 DMA32 free:1297952kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:91892kB inactive_anon:0kB active_file:82196kB inactive_file:154136kB unevictable:1536kB writepending:4224kB zspages:0kB present:3129332kB managed:2539580kB mlocked:0kB bounce:0kB free_pcp:58228kB local_pcp:58228kB free_cma:0kB [ 293.241416][T15545] lowmem_reserve[]: 0 0 1 1 1 [ 293.275409][T15545] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 293.416897][T15545] lowmem_reserve[]: 0 0 0 0 0 [ 293.435214][T15545] Node 1 Normal free:3867356kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:33284kB local_pcp:33284kB free_cma:0kB [ 293.620650][T15545] lowmem_reserve[]: 0 0 0 0 0 [ 293.633659][T15545] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 293.689141][T15545] Node 0 DMA32: 2*4kB (UM) 0*8kB 1194*16kB (UME) 312*32kB (U) 338*64kB (UME) 238*128kB (UE) 173*256kB (UME) 111*512kB (UM) 83*1024kB (UM) 9*2048kB (UE) 244*4096kB (UM) = 1285160kB [ 293.780495][T15545] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 293.868628][T15545] Node 1 Normal: 197*4kB (UME) 43*8kB (UME) 27*16kB (UME) 186*32kB (UME) 70*64kB (UME) 22*128kB (UME) 9*256kB (UM) 4*512kB (UM) 4*1024kB (UME) 5*2048kB (UME) 936*4096kB (UM) = 3867356kB [ 293.981768][T15545] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 294.041492][T15545] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 294.086369][T15545] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 294.132619][T15545] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 294.170683][T15545] 72580 total pagecache pages [ 294.205496][T15545] 0 pages in swap cache [ 294.230906][T15545] Free swap = 124996kB [ 294.240644][T15545] Total swap = 124996kB [ 294.261734][T15545] 2097051 pages RAM [ 294.280157][T15545] 0 pages HighMem/MovableOnly [ 294.300023][T15545] 430194 pages reserved [ 294.320682][T15545] 0 pages cma reserved [ 294.523324][T15657] random: crng reseeded on system resumption [ 296.765271][T15765] : Can't lookup blockdev [ 299.381276][T15855] kAFS: unparsable volume name [ 299.751956][T15871] : Can't lookup blockdev [ 299.945939][T15772] Process accounting paused [ 301.074101][T15930] bond0: option mode: unable to set because the bond device is up [ 303.646579][T16039] program syz.3.4884 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 303.706947][T16039] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 303.961785][T16058] ecryptfs_miscdev_write: Error while inspecting packet size [ 303.974487][T16059] i2c i2c-0: delete_device: Can't parse I2C address [ 304.111120][T16065] aoe: can't write to that file. [ 307.000071][T16227] i2c i2c-0: new_device: Missing parameters [ 307.278505][T16242] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff81afafea (__mcheck_cpu_init_prepare_banks+0x18a/0x380) [ 307.294331][T16242] Call Trace: [ 307.297602][T16242] [ 307.300520][T16242] ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10 [ 307.307188][T16242] ? __pfx_debug_object_deactivate+0x10/0x10 [ 307.313160][T16242] mce_cpu_restart+0xd5/0x1f0 [ 307.317823][T16242] ? __pfx_mce_cpu_restart+0x10/0x10 [ 307.323090][T16242] smp_call_function_many_cond+0x119e/0x14a0 [ 307.329062][T16242] ? __pfx_mce_cpu_restart+0x10/0x10 [ 307.334334][T16242] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 307.340132][T16242] ? lockdep_hardirqs_on+0x78/0x100 [ 307.345324][T16242] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 307.351122][T16242] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 307.357529][T16242] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 307.363516][T16242] ? __timer_delete_sync+0x151/0x1c0 [ 307.368790][T16242] ? __pfx_mce_cpu_restart+0x10/0x10 [ 307.374149][T16242] on_each_cpu_cond_mask+0x40/0x90 [ 307.379440][T16242] set_bank+0x240/0x3a0 [ 307.383580][T16242] ? __pfx_set_bank+0x10/0x10 [ 307.388244][T16242] ? find_held_lock+0x2b/0x80 [ 307.392932][T16242] ? sysfs_file_kobj+0xe4/0x290 [ 307.397782][T16242] ? sysfs_file_kobj+0xe4/0x290 [ 307.402638][T16242] ? __pfx_set_bank+0x10/0x10 [ 307.407421][T16242] dev_attr_store+0x58/0x80 [ 307.411935][T16242] ? __pfx_dev_attr_store+0x10/0x10 [ 307.417123][T16242] sysfs_kf_write+0xf2/0x150 [ 307.421706][T16242] kernfs_fop_write_iter+0x3e0/0x5f0 [ 307.427062][T16242] ? __pfx_sysfs_kf_write+0x10/0x10 [ 307.432343][T16242] vfs_write+0x6ac/0x1070 [ 307.436672][T16242] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 307.442467][T16242] ? __pfx_vfs_write+0x10/0x10 [ 307.447227][T16242] ? find_held_lock+0x2b/0x80 [ 307.451933][T16242] ksys_write+0x12a/0x250 [ 307.456259][T16242] ? __pfx_ksys_write+0x10/0x10 [ 307.461104][T16242] do_syscall_64+0xc9/0xf80 [ 307.465599][T16242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.471483][T16242] RIP: 0033:0x7fca5eb9acb9 [ 307.475971][T16242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 307.495565][T16242] RSP: 002b:00007fca5f9f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.503967][T16242] RAX: ffffffffffffffda RBX: 00007fca5ee15fa0 RCX: 00007fca5eb9acb9 [ 307.511922][T16242] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 307.519875][T16242] RBP: 00007fca5ec08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 307.527834][T16242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.535789][T16242] R13: 00007fca5ee16038 R14: 00007fca5ee15fa0 R15: 00007fffd9929048 [ 307.543842][T16242] [ 308.176503][T16271] [ 308.545935][T16286] bond0: option slaves: interface -]=,Don?I|a CB does not exist! [ 308.626828][T16288] block2mtd: Using custom MTD label '' for dev [ 308.645424][T16288] block2mtd: error: cannot open device [ 309.692508][T16341] ima: policy update failed [ 309.730174][ T30] audit: type=1802 audit(4294967421.061:25): pid=16341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.5010" res=0 errno=0 [ 309.886747][T16352] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 310.291811][T16376] nfsd: Unknown parameter '^B-' [ 311.958305][T16471] nfsd: Unknown parameter '^B-' [ 311.967269][T16472] CIFS mount error: No usable UNC path provided in device string! [ 311.967269][T16472] [ 312.018572][T16472] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 312.368557][T16493] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 313.397378][ T30] audit: type=1800 audit(4294967424.760:26): pid=16548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5097" name="dbroot" dev="configfs" ino=41567 res=0 errno=0 [ 314.470503][ T30] audit: type=1326 audit(4294967425.836:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16608 comm="syz.0.5122" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd36099acb9 code=0x0 [ 316.476108][T16711] program syz.3.5171 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 316.507003][T16711] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 317.064381][ T30] audit: type=1800 audit(4294967428.439:28): pid=16740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5182" name="dbroot" dev="configfs" ino=42105 res=0 errno=0 [ 317.451138][T16759] block2mtd: device name too long [ 318.406832][ T30] audit: type=1804 audit(4294967429.786:29): pid=16811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.5214" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 318.905221][T16838] ecryptfs_miscdev_write: Invalid packet size [192] [ 321.577296][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.583712][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.685294][T17041] ima: policy update failed [ 322.698663][ T30] audit: type=1802 audit(4294967434.098:30): pid=17041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.5315" res=0 errno=0 [ 323.190833][T17070] cougar: G6 mapped to space [ 328.322174][T17368] bond0: option slaves: interface - does not exist! [ 329.045355][T17409] random: crng reseeded on system resumption [ 329.882400][T17455] Process accounting resumed [ 330.309183][T17483] bcache: register_bcache() error : failed to open device [ 331.111772][T17528] syz_tun: tun_chr_ioctl cmd 1074025698 [ 331.309876][T17538] program syz.1.5529 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 332.555465][T17599] zram0: detected capacity change from 0 to 16 [ 332.804392][T17614] syz_tun: tun_chr_ioctl cmd 2147767507 [ 333.279635][T17637] zram: Cannot change disksize for initialized device [ 334.398224][T17699] synth uevent: /devices/virtual/net/nr1: unknown uevent action string [ 334.431548][T17699] net nr1: uevent: failed to send synthetic uevent: -22 [ 334.552422][T14457] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 334.552446][T14457] Bluetooth: hci0: unexpected subevent 0x06 length: 725 > 10 [ 335.669303][T17773] nfs: Unknown parameter 'BlY 7wEɮHs[ؐu`]e6zcޕ[$(uҞ%EtO2*p[OugrtsQZ׀z' [ 336.483039][T17822] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 336.610571][T14457] Bluetooth: hci0: command 0x0406 tx timeout [ 337.311365][T17867] TCP: TCP_TX_DELAY enabled [ 337.704373][T17894] hub 27-0:1.0: USB hub found [ 337.723766][T17894] hub 27-0:1.0: 1 port detected [ 339.061688][T17973] ICMPv6: process `syz.3.5717' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 339.378433][T17988] usb usb36: usbfs: process 17988 (syz.1.5723) did not claim interface 0 before use [ 340.520103][T18045] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.660054][T14457] Bluetooth: hci0: unexpected event 0x3e length: 0 < 1 [ 344.411294][T18274] usbcore.quirks: string doesn't fit in 127 chars. [ 344.853401][T18300] usb usb13: check_ctrlrecip: process 18300 (syz.1.5858) requesting ep 01 but needs 81 [ 344.906365][T18300] usb usb13: usbfs: process 18300 (syz.1.5858) did not claim interface 0 before use [ 347.078049][T18417] writes to the poll attribute are ignored. [ 347.084360][T18417] please use driver specific parameters instead. [ 347.496261][T18440] block2mtd: illegal erase size [ 349.198432][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 349.206714][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 350.775627][ T9] Process accounting resumed [ 352.200024][ T30] audit: type=1800 audit(4294967463.762:31): pid=18691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6025" name="members" dev="configfs" ino=47504 res=0 errno=0 [ 352.758094][T18723] i2c i2c-0: new_device: Invalid device name [ 353.814609][T18772] usb usb15: usbfs: process 18772 (syz.0.6060) did not claim interface 0 before use [ 354.897547][T18822] zram: Added device: zram1 [ 356.108919][T18888] [U] 0="/ [ 356.108959][T18888] [U] [ 356.108966][T18888] [U] EeQ@ [ 356.111426][T18886] [U]  [ 357.511429][T18942] random: crng reseeded on system resumption [ 358.563641][T18990] kAFS: Invalid Command on /proc/fs/afs/cells file [ 359.878069][T19049] Process accounting paused [ 360.125984][T19062] ubi31: attaching mtd0 [ 360.139502][T19062] ubi31: scanning is finished [ 360.166121][T19064] kAFS: Invalid Command on /proc/fs/afs/cells file [ 360.174540][T19062] ubi31 error: ubi_read_volume_table: the layout volume was not found [ 360.338840][T19062] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 360.495302][T19077] usb usb2: usbfs: process 19077 (syz.3.6198) did not claim interface 4 before use [ 361.746623][T19147] cifs: Unknown parameter ';B5irDְp' [ 361.785694][T19147] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 361.899426][T19147] CIFS mount error: No usable UNC path provided in device string! [ 361.899426][T19147] [ 361.955646][T19147] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 361.978488][T19155] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 364.251737][T19275] mmap: syz.3.6284 (19275) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 364.984177][T19308] zswap: compressor *E;3߃L MapCMcsyF*srHDU}]$rm+8ጅY7TU9d L@saXfmY6  =KԿ_+ gX not available [ 366.425041][T19385] batman_adv: Routing algorithm '7' is not supported [ 366.725885][T19399] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 367.515312][T19437] QAT: failed to copy from user cfg_data. [ 367.728364][T19449] vhci_hcd vhci_hcd.2: invalid port number 16 [ 367.750514][T19449] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 368.560064][T19483] random: crng reseeded on system resumption [ 370.703726][T19597] : Can't lookup blockdev [ 371.317876][T19624] kAFS: Invalid Command on /proc/fs/afs/cells file [ 371.587422][T19634] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 371.968267][T19647] QAT: Stopping all acceleration devices. [ 374.881204][ T30] audit: type=1800 audit(4294967486.560:32): pid=19789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6507" name="dbroot" dev="configfs" ino=50604 res=0 errno=0 [ 376.608258][T19881] random: crng reseeded on system resumption [ 376.828883][T19894] bonding: no command found in bonding_masters - use +ifname or -ifname [ 377.829737][T19952] ICMPv6: process `syz.1.6575' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 378.174389][T19971] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 378.209811][T19973] phram: not enough arguments [ 378.705617][T19999] delete_channel: no stack [ 379.618486][T20052] usb usb3: usbfs: process 20052 (syz.1.6619) did not claim interface 2 before use [ 379.703340][ T30] audit: type=1800 audit(4294967491.395:33): pid=20054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6620" name="discovery_nqn" dev="configfs" ino=51345 res=0 errno=0 [ 379.934814][ T30] audit: type=1800 audit(4294967491.636:34): pid=20066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.6625" name="sr0" dev="devtmpfs" ino=2871 res=0 errno=0 [ 381.579035][T14457] Bluetooth: hci0: unexpected subevent 0x0c length: 118 > 5 [ 382.283448][T20201] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 382.349500][T20201] CIFS mount error: No usable UNC path provided in device string! [ 382.349500][T20201] [ 382.405654][T20201] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 382.629320][T20218] Setting dangerous option i915.mitigations - tainting kernel [ 382.663569][T20218] Bad "i915.mitigations=CmâUQF\ ", 'CmâUQF\' is unknown [ 382.700641][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 382.707114][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.801883][T20286] Invalid ELF header magic: != ELF [ 384.045917][T20297] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 384.112149][T20302] sd 0:0:1:0: PR command failed: 1026 [ 384.146323][T20302] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 384.181389][T20302] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 384.573669][T20333] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 384.791545][T20346] ptrace attach of "./syz-executor exec"[6118] was attempted by "./syz-executor exec"[20346] [ 385.105615][T20361] bonding: no command found in bonding_masters - use +ifname or -ifname [ 385.203538][T20365] Setting dangerous option i915.mitigations - tainting kernel [ 387.680556][T20502] vhci_hcd vhci_hcd.2: invalid port number 16 [ 387.702787][T20502] vhci_hcd vhci_hcd.2: invalid port number 16 [ 389.625233][T20595] mmap: syz.1.6853 (20595): VmData 54239232 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 389.756550][T20596] Process accounting resumed [ 396.050629][T20877] QAT: Device 250 not found [ 396.299804][T14457] Bluetooth: hci2: command 0x0406 tx timeout [ 396.306073][ T6193] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 397.690361][T20939] udc dummy_udc.0: soft-connect without a gadget driver [ 398.369480][T14457] Bluetooth: hci2: command 0x0406 tx timeout [ 398.375878][ T6193] Bluetooth: hci2: Opcode 0x0406 failed: -110 [ 403.445661][T21187] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 403.843694][T21201] ecryptfs_parse_packet_length: Error parsing packet length [ 403.864467][T21201] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 405.645593][T21286] i2c i2c-0: new_device: Can't parse I2C address [ 408.458140][T21420] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 408.799234][T21434] aoe: invalid device specification [ 408.967987][T21441] block loop4: the capability attribute has been deprecated. [ 409.899415][T21483] process 'syz.2.7258' launched '/dev/fd/3' with NULL argv: empty string added [ 410.153496][T21495] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7261'. [ 410.240817][T21499] syz.1.7263 uses obsolete (PF_INET,SOCK_PACKET) [ 410.489084][T21511] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 410.534707][T21511] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 410.719868][T21522] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 411.001052][T20729] syz.3.6909 (20729) used greatest stack depth: 17720 bytes left [ 412.406716][T21620] blktrace: Concurrent blktraces are not allowed on loop2 [ 412.668230][T21631] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 7 [ 436.917244][T22692] netlink: 'syz.3.7785': attribute type 11 has an invalid length. [ 436.958329][T22695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7787'. [ 437.620008][T14457] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 437.620033][T14457] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 437.636121][T14457] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 437.636148][T14457] Bluetooth: hci2: adv larger than maximum supported [ 437.645826][T14457] Bluetooth: hci2: adv larger than maximum supported [ 437.652544][T14457] Bluetooth: hci2: Malformed LE Event: 0x0d [ 437.857851][T22721] netlink: NAT attribute has 4 unknown bytes [ 439.434778][T14457] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 439.434801][T14457] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 439.450642][T14457] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 439.450662][T14457] Bluetooth: hci0: Unknown advertising packet type: 0x33 [ 439.457761][T14457] Bluetooth: hci0: adv larger than maximum supported [ 439.464800][T14457] Bluetooth: hci0: adv larger than maximum supported [ 439.474128][T14457] Bluetooth: hci0: Malformed LE Event: 0x0d [ 440.630438][T22781] netlink: 'syz.3.7826': attribute type 2 has an invalid length. [ 441.306972][T22807] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd1f [ 441.667550][T22819] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 443.589894][T22873] netlink: 'syz.1.7872': attribute type 1 has an invalid length. [ 443.825705][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 443.836085][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.264053][T22895] netlink: 'syz.2.7882': attribute type 1 has an invalid length. [ 444.574672][T22903] syz_tun: tun_chr_ioctl cmd 1074812117 [ 444.890748][T22915] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 445.295578][T22930] FAULT_INJECTION: forcing a failure. [ 445.295578][T22930] name failslab, interval 1, probability 0, space 0, times 1 [ 445.368623][T22930] CPU: 0 UID: 0 PID: 22930 Comm: syz.0.7899 Tainted: G U syzkaller #0 PREEMPT(full) [ 445.368651][T22930] Tainted: [U]=USER [ 445.368656][T22930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 445.368668][T22930] Call Trace: [ 445.368673][T22930] [ 445.368680][T22930] dump_stack_lvl+0x100/0x190 [ 445.368703][T22930] should_fail_ex.cold+0x5/0xa [ 445.368728][T22930] should_failslab+0xc2/0x120 [ 445.368749][T22930] __kvmalloc_node_noprof+0x101/0xac0 [ 445.368768][T22930] ? io_alloc_cache_init+0x38/0x170 [ 445.368792][T22930] ? io_alloc_cache_init+0x38/0x170 [ 445.368809][T22930] io_alloc_cache_init+0x38/0x170 [ 445.368830][T22930] io_uring_setup.cold+0x3cd/0x1a89 [ 445.368851][T22930] ? __pfx_io_uring_setup+0x10/0x10 [ 445.368870][T22930] ? do_futex+0x192/0x350 [ 445.368890][T22930] ? __pfx_do_futex+0x10/0x10 [ 445.368917][T22930] ? fput+0x79/0x100 [ 445.368936][T22930] ? xfd_validate_state+0x129/0x190 [ 445.368963][T22930] __x64_sys_io_uring_setup+0xc2/0x170 [ 445.368981][T22930] do_syscall_64+0xc9/0xf80 [ 445.369001][T22930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.369016][T22930] RIP: 0033:0x7fd36099acb9 [ 445.369028][T22930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 445.369042][T22930] RSP: 002b:00007fd36187a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 445.369060][T22930] RAX: ffffffffffffffda RBX: 00007fd360c15fa0 RCX: 00007fd36099acb9 [ 445.369070][T22930] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000001d48 [ 445.369079][T22930] RBP: 00007fd360a08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 445.369088][T22930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 445.369096][T22930] R13: 00007fd360c16038 R14: 00007fd360c15fa0 R15: 00007ffdd871ba78 [ 445.369115][T22930] [ 445.570197][T22932] netlink: 'syz.1.7900': attribute type 2 has an invalid length. [ 445.624453][T22934] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 445.958120][T22942] perf: Dynamic interrupt throttling disabled, can hang your system! [ 446.661693][T22965] delete_channel: no stack [ 449.884210][T23046] Process accounting resumed [ 451.562464][T23138] dyndbg: expected <4096 bytes into control [ 452.325948][T23173] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 453.588844][T23198] MTRR 1 not used [ 453.880274][T23222] netlink: 'syz.1.8039': attribute type 8 has an invalid length. [ 453.925086][T23224] openvswitch: netlink: IP tunnel dst address not specified [ 453.948593][T23166] kexec: Could not allocate control_code_buffer [ 454.458333][T23242] netlink: 'syz.1.8049': attribute type 1 has an invalid length. [ 454.915105][T23259] FAULT_INJECTION: forcing a failure. [ 454.915105][T23259] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 454.982890][T23259] CPU: 0 UID: 0 PID: 23259 Comm: syz.3.8057 Tainted: G U syzkaller #0 PREEMPT(full) [ 454.982919][T23259] Tainted: [U]=USER [ 454.982924][T23259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 454.982933][T23259] Call Trace: [ 454.982939][T23259] [ 454.982945][T23259] dump_stack_lvl+0x100/0x190 [ 454.982969][T23259] should_fail_ex.cold+0x5/0xa [ 454.982991][T23259] ? prepare_alloc_pages+0x16d/0x5f0 [ 454.983016][T23259] should_fail_alloc_page+0xeb/0x140 [ 454.983037][T23259] prepare_alloc_pages+0x1f0/0x5f0 [ 454.983059][T23259] ? rcu_is_watching+0x12/0xc0 [ 454.983076][T23259] __alloc_frozen_pages_noprof+0x193/0x2410 [ 454.983093][T23259] ? __alloc_frozen_pages_noprof+0x2a0/0x2410 [ 454.983111][T23259] ? __pfx_css_rstat_updated+0x10/0x10 [ 454.983139][T23259] ? find_held_lock+0x2b/0x80 [ 454.983153][T23259] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 454.983170][T23259] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 454.983194][T23259] ? __alloc_frozen_pages_noprof+0x2a0/0x2410 [ 454.983214][T23259] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 454.983231][T23259] ? policy_nodemask+0xed/0x4f0 [ 454.983262][T23259] alloc_pages_mpol+0x1fb/0x550 [ 454.983283][T23259] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 454.983304][T23259] ? do_raw_spin_lock+0x128/0x260 [ 454.983326][T23259] ? find_held_lock+0x2b/0x80 [ 454.983340][T23259] ? __pud_alloc+0x575/0x760 [ 454.983364][T23259] alloc_pages_noprof+0x131/0x390 [ 454.983385][T23259] __pmd_alloc+0x3b/0x9c0 [ 454.983405][T23259] ? __pud_alloc+0x57a/0x760 [ 454.983428][T23259] walk_to_pmd+0x3a3/0x4c0 [ 454.983451][T23259] __get_locked_pte+0x25/0xc0 [ 454.983474][T23259] map_ldt_struct+0x3b1/0xa50 [ 454.983495][T23259] ? __pfx_map_ldt_struct+0x10/0x10 [ 454.983511][T23259] ? alloc_pages_noprof+0x233/0x390 [ 454.983535][T23259] write_ldt+0x6d3/0xd40 [ 454.983554][T23259] ? __pfx_write_ldt+0x10/0x10 [ 454.983569][T23259] ? fput+0x79/0x100 [ 454.983588][T23259] ? xfd_validate_state+0x129/0x190 [ 454.983615][T23259] __x64_sys_modify_ldt+0xb1/0x170 [ 454.983632][T23259] do_syscall_64+0xc9/0xf80 [ 454.983652][T23259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.983667][T23259] RIP: 0033:0x7fca5eb9acb9 [ 454.983680][T23259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 454.983694][T23259] RSP: 002b:00007fca5f9f1028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 454.983708][T23259] RAX: ffffffffffffffda RBX: 00007fca5ee15fa0 RCX: 00007fca5eb9acb9 [ 454.983718][T23259] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 454.983728][T23259] RBP: 00007fca5ec08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 454.983737][T23259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 454.983745][T23259] R13: 00007fca5ee16038 R14: 00007fca5ee15fa0 R15: 00007fffd9929048 [ 454.983765][T23259] [ 456.019699][T23278] NFSD: Failed to start, no listeners configured. [ 456.163565][T23295] netlink: 'syz.0.8070': attribute type 2 has an invalid length. [ 457.087451][T23339] netlink: 'syz.2.8089': attribute type 11 has an invalid length. [ 457.140911][T23339] netlink: 'syz.2.8089': attribute type 11 has an invalid length. [ 457.186554][T23339] netlink: 'syz.2.8089': attribute type 11 has an invalid length. [ 457.625591][T23362] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 457.771665][T23367] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 459.033914][T23356] kexec: Could not allocate control_code_buffer [ 459.259636][T23430] FAULT_INJECTION: forcing a failure. [ 459.259636][T23430] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 459.325466][T23430] CPU: 0 UID: 0 PID: 23430 Comm: syz.1.8132 Tainted: G U syzkaller #0 PREEMPT(full) [ 459.325494][T23430] Tainted: [U]=USER [ 459.325499][T23430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 459.325508][T23430] Call Trace: [ 459.325514][T23430] [ 459.325519][T23430] dump_stack_lvl+0x100/0x190 [ 459.325542][T23430] should_fail_ex.cold+0x5/0xa [ 459.325567][T23430] core_sys_select+0x5d1/0xbb0 [ 459.325588][T23430] ? __pfx_core_sys_select+0x10/0x10 [ 459.325622][T23430] ? ktime_get_ts64+0x2d2/0x3f0 [ 459.325641][T23430] ? read_tsc+0x9/0x20 [ 459.325658][T23430] ? ktime_get_ts64+0x256/0x3f0 [ 459.325678][T23430] kern_select+0x20c/0x270 [ 459.325694][T23430] ? __pfx_kern_select+0x10/0x10 [ 459.325716][T23430] __x64_sys_select+0xbd/0x160 [ 459.325730][T23430] ? do_syscall_64+0x94/0xf80 [ 459.325747][T23430] ? lockdep_hardirqs_on+0x78/0x100 [ 459.325774][T23430] do_syscall_64+0xc9/0xf80 [ 459.325793][T23430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.325808][T23430] RIP: 0033:0x7f327f59acb9 [ 459.325821][T23430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 459.325835][T23430] RSP: 002b:00007f32804de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 459.325849][T23430] RAX: ffffffffffffffda RBX: 00007f327f815fa0 RCX: 00007f327f59acb9 [ 459.325859][T23430] RDX: 0000200000000180 RSI: 0000000000000000 RDI: 0000000000000003 [ 459.325868][T23430] RBP: 00007f327f608bf7 R08: 00002000000000c0 R09: 0000000000000000 [ 459.325877][T23430] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 459.325885][T23430] R13: 00007f327f816038 R14: 00007f327f815fa0 R15: 00007ffed0bf6898 [ 459.325904][T23430] [ 459.856111][T23450] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 460.838642][T23483] nbd: must specify a size in bytes for the device [ 461.231517][T23496] netlink: 'syz.2.8161': attribute type 1 has an invalid length. [ 461.253284][T23446] kexec: Could not allocate control_code_buffer [ 461.870987][T23523] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 462.126791][T23535] netlink: 'syz.3.8180': attribute type 11 has an invalid length. [ 462.464771][T23554] openvswitch: netlink: IPv6 tunnel dst address is zero [ 462.643622][T23561] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 462.659652][T23562] netlink: Setting conntrack mark requires 'commit' flag. [ 463.279503][T23585] netlink: 'syz.0.8204': attribute type 1 has an invalid length. [ 463.988284][T23618] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 464.130927][T23625] netlink: Failed to add  helper -22 [ 464.216175][T23630] tc_dump_action: action bad kind [ 465.013389][T23667] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 465.220995][T23672] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 469.050386][T23825] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 469.700901][T23844] NFSD: Failed to start, no listeners configured. [ 470.229656][T23871] delete_channel: no stack [ 471.311737][T23918] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 471.429692][T23920] openvswitch: netlink: IP tunnel TTL not specified. [ 471.556568][T23926] ptrace attach of "./syz-executor exec"[6110] was attempted by ""[23926] [ 472.081579][T23943] CIFS mount error: No usable UNC path provided in device string! [ 472.081579][T23943] [ 472.145451][T23943] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 472.364125][ T30] audit: type=1326 audit(4294967337.991:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23948 comm="syz.2.8371" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5fff79acb9 code=0x0 [ 472.944705][T23984] nfs: Unknown parameter 'nl802154' [ 476.119194][T24116] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 476.391941][T24128] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 479.007499][T24268] netlink: 'syz.2.8485': attribute type 10 has an invalid length. [ 479.045344][T24270] nbd: illegal input index -1073741824 [ 479.829353][T24307] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 479.841754][T24305] Process accounting paused [ 481.129023][T24373] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 482.595491][T14457] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 482.595515][T14457] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 482.612874][T14457] Bluetooth: hci0: Dropping invalid advertising data [ 482.619643][T14457] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 482.619663][T14457] Bluetooth: hci0: Dropping invalid advertising data [ 482.633492][T14457] Bluetooth: hci0: Malformed LE Event: 0x02 [ 483.105174][T24510] netlink: zone id is out of range [ 483.142040][T24510] netlink: zone id is out of range [ 483.167288][T24510] netlink: zone id is out of range [ 483.201713][T24510] netlink: zone id is out of range [ 483.234457][T24510] netlink: zone id is out of range [ 483.266200][T24510] netlink: zone id is out of range [ 483.298795][T24510] netlink: zone id is out of range [ 483.318399][T24510] netlink: zone id is out of range [ 483.347932][T24510] netlink: zone id is out of range [ 483.397916][T24510] netlink: zone id is out of range [ 485.090712][T24609] netlink: 'syz.0.8619': attribute type 1 has an invalid length. [ 486.200927][T24664] netlink: 'syz.2.8643': attribute type 2 has an invalid length. [ 486.334145][ T30] audit: type=1800 audit(4294967352.024:38): pid=24669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.8645" name="lu_gp_id" dev="configfs" ino=66030 res=0 errno=0 [ 489.457698][T24835] bond0: invalid ARP target specified [ 491.446263][T24929] net_ratelimit: 19 callbacks suppressed [ 491.446281][T24929] netlink: NAT attribute has 4 unknown bytes [ 491.506353][T24934] netlink: del zone limit has 8 unknown bytes [ 491.935959][T24954] openvswitch: netlink: Key 15 has unexpected len 16 expected 4 [ 492.134835][T24964] nbd: couldn't find device at index 33904 [ 492.192924][T24968] openvswitch: netlink: Flow key attribute not present in set flow. [ 492.456872][T24982] nbd: illegal input index 37139 [ 492.882983][T25002] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 493.178838][T25015] bond0: option arp_validate: invalid value (842) [ 494.649168][T25083] netlink: 'syz.3.8835': attribute type 1 has an invalid length. [ 495.674962][T25141] openvswitch: netlink: IP tunnel dst address not specified [ 496.404690][T25178] perf: Dynamic interrupt throttling disabled, can hang your system! [ 497.053721][T25215] netlink: 'syz.1.8894': attribute type 1 has an invalid length. [ 497.710498][T25248] .^: entered promiscuous mode [ 498.350554][T25276] netlink: 'syz.0.8921': attribute type 1 has an invalid length. [ 498.614149][T25287] : entered promiscuous mode [ 498.905224][T25299] nbd: must specify an index to disconnect [ 498.959796][T25302] netlink: 'syz.3.8933': attribute type 1 has an invalid length. [ 498.991333][T25302] nbd: error processing sock list [ 499.220916][T25311] tc_dump_action: action bad kind [ 499.285469][T25314] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 499.306413][T25315] No such timeout policy "" [ 499.316606][T25315] netlink: Failed to associated timeout policy '' [ 501.721701][T25409] No such timeout policy "" [ 501.749505][T25409] netlink: Failed to associated timeout policy '' [ 502.101200][T25417] &#$@\]\-: entered promiscuous mode [ 502.422337][T25434] netlink: 'syz.3.8996': attribute type 1 has an invalid length. [ 502.750644][T25450] netlink: 'syz.3.9004': attribute type 2 has an invalid length. [ 502.796900][T25450] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9004'. [ 503.086260][T25463] nfsd: Unknown parameter '*' [ 503.279341][T25474] sctp: [Deprecated]: syz.1.9015 (pid 25474) Use of int in max_burst socket option deprecated. [ 503.279341][T25474] Use struct sctp_assoc_value instead [ 503.660556][T25490] netlink: 'syz.1.9024': attribute type 1 has an invalid length. [ 504.810293][T25535] netlink: 'syz.0.9042': attribute type 1 has an invalid length. [ 504.938304][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 504.954387][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 505.634485][T25577] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 506.044067][T25596] openvswitch: netlink: Message has 4 unknown bytes. [ 507.034693][T25650] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 507.197574][T25657] vhci_hcd vhci_hcd.1: default hub control req: 8003 v0000 i0000 l0 [ 507.385931][ T30] audit: type=1326 audit(4294967373.193:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25666 comm="syz.3.9109" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fca5eb9acb9 code=0x0 [ 507.712129][T25683] netlink: zone id is out of range [ 507.731405][T25683] netlink: zone id is out of range [ 507.748796][T25683] netlink: zone id is out of range [ 507.767573][T25683] netlink: zone id is out of range [ 507.792236][T25683] netlink: zone id is out of range [ 507.810181][T25683] netlink: zone id is out of range [ 507.827758][T25683] netlink: zone id is out of range [ 507.846709][T25683] netlink: zone id is out of range [ 508.113186][T25702] ptrace attach of "./syz-executor exec"[6115] was attempted by ""[25702] [ 508.360858][T25712] netlink: 'syz.3.9131': attribute type 1 has an invalid length. [ 509.347838][T25768] ucma_write: process 4381 (syz.3.9158) changed security contexts after opening file descriptor, this is not allowed. [ 509.727453][T25784] Process accounting resumed [ 510.269603][T25814] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9179'. [ 511.218938][T25858] net_ratelimit: 50 callbacks suppressed [ 511.218954][T25858] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 511.432952][T25869] netlink: ct_mark mask cannot be 0 [ 511.896329][T25891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9215'. [ 512.317336][T25909] NFSD: Failed to start, no listeners configured. [ 513.121974][T25956] netlink: zone id is out of range [ 513.749738][T25985] sd 0:0:1:0: PR command failed: 1026 [ 513.755161][T25985] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 513.835108][T25985] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 514.749199][T26024] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9273'. [ 515.043412][T26038] openvswitch: netlink: IP tunnel dst address not specified [ 517.081666][T26123] netlink: 'syz.1.9318': attribute type 4 has an invalid length. [ 517.123400][T26123] netlink: 'syz.1.9318': attribute type 1 has an invalid length. [ 517.290005][T26131] netlink: 'syz.2.9322': attribute type 11 has an invalid length. [ 517.341695][T26131] netlink: 'syz.2.9322': attribute type 11 has an invalid length. [ 517.349535][T26131] netlink: 'syz.2.9322': attribute type 11 has an invalid length. [ 517.398375][T26131] netlink: 'syz.2.9322': attribute type 11 has an invalid length. [ 517.455796][T26130] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 519.778033][T26241] openvswitch: netlink: Multiple metadata blocks provided [ 520.357450][T26259] openvswitch: netlink: Key type 29 is not supported [ 522.085932][T26333] netlink: 'syz.2.9421': attribute type 11 has an invalid length. [ 522.271547][T26345] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3) [ 522.480021][T26353] ksmbd: Unknown IPC event: 14, ignore. [ 522.560159][T26354] ima: policy update failed [ 522.608732][ T30] audit: type=1802 audit(4294967388.482:40): pid=26354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.9429" res=0 errno=0 [ 523.328225][T26382] netlink: 2 bytes leftover after parsing attributes in process `syz.1.9444'. [ 523.426388][T26386] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 523.799906][T26400] openvswitch: netlink: IP tunnel dst address not specified [ 526.142292][T26484] MTRR 1 not used [ 527.429439][T26538] FAULT_INJECTION: forcing a failure. [ 527.429439][T26538] name failslab, interval 1, probability 0, space 0, times 0 [ 527.442670][T26538] CPU: 0 UID: 0 PID: 26538 Comm: syz.3.9518 Tainted: G U syzkaller #0 PREEMPT(full) [ 527.442696][T26538] Tainted: [U]=USER [ 527.442701][T26538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 527.442711][T26538] Call Trace: [ 527.442718][T26538] [ 527.442723][T26538] dump_stack_lvl+0x100/0x190 [ 527.442747][T26538] should_fail_ex.cold+0x5/0xa [ 527.442772][T26538] should_failslab+0xc2/0x120 [ 527.442794][T26538] kmem_cache_alloc_noprof+0x83/0x780 [ 527.442813][T26538] ? radix_tree_node_alloc.constprop.0+0x66/0x340 [ 527.442841][T26538] ? radix_tree_node_alloc.constprop.0+0x66/0x340 [ 527.442863][T26538] radix_tree_node_alloc.constprop.0+0x66/0x340 [ 527.442890][T26538] idr_get_free+0x52e/0xa00 [ 527.442911][T26538] idr_alloc_u32+0x1ac/0x320 [ 527.442928][T26538] ? __pfx_idr_alloc_u32+0x10/0x10 [ 527.442960][T26538] ? lock_acquire+0x17c/0x330 [ 527.442985][T26538] idr_alloc_cyclic+0x10b/0x230 [ 527.443003][T26538] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 527.443018][T26538] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 527.443045][T26538] map_create+0x14d8/0x2ba0 [ 527.443059][T26538] ? futex_unqueue+0x13d/0x2c0 [ 527.443079][T26538] ? __futex_wait+0x256/0x300 [ 527.443096][T26538] ? __pfx_map_create+0x10/0x10 [ 527.443109][T26538] ? __might_fault+0xc5/0x140 [ 527.443125][T26538] ? __might_fault+0xc5/0x140 [ 527.443148][T26538] __sys_bpf+0xcec/0x5050 [ 527.443167][T26538] ? __pfx___sys_bpf+0x10/0x10 [ 527.443183][T26538] ? __pfx_futex_wait+0x10/0x10 [ 527.443201][T26538] ? ksys_write+0x190/0x250 [ 527.443221][T26538] ? do_futex+0x192/0x350 [ 527.443256][T26538] ? fput+0x79/0x100 [ 527.443275][T26538] ? xfd_validate_state+0x129/0x190 [ 527.443304][T26538] __x64_sys_bpf+0x7b/0xc0 [ 527.443321][T26538] ? lockdep_hardirqs_on+0x78/0x100 [ 527.443338][T26538] do_syscall_64+0xc9/0xf80 [ 527.443357][T26538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.443372][T26538] RIP: 0033:0x7fca5eb9acb9 [ 527.443386][T26538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 527.443400][T26538] RSP: 002b:00007fca5f9f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 527.443415][T26538] RAX: ffffffffffffffda RBX: 00007fca5ee15fa0 RCX: 00007fca5eb9acb9 [ 527.443425][T26538] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 527.443433][T26538] RBP: 00007fca5ec08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 527.443442][T26538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.443452][T26538] R13: 00007fca5ee16038 R14: 00007fca5ee15fa0 R15: 00007fffd9929048 [ 527.443471][T26538] [ 530.810975][T26681] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 531.619626][T26716] netlink: 3 bytes leftover after parsing attributes in process `syz.2.9603'. [ 531.940362][T26734] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 532.076629][T26740] nfs: Unknown parameter 'm?LH>「^eko}* ' [ 532.430095][T26757] openvswitch: netlink: Flow actions attr not present in new flow. [ 532.530592][T26762] FAULT_INJECTION: forcing a failure. [ 532.530592][T26762] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 532.590803][T26762] CPU: 0 UID: 0 PID: 26762 Comm: syz.0.9625 Tainted: G U syzkaller #0 PREEMPT(full) [ 532.590830][T26762] Tainted: [U]=USER [ 532.590835][T26762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 532.590845][T26762] Call Trace: [ 532.590850][T26762] [ 532.590856][T26762] dump_stack_lvl+0x100/0x190 [ 532.590878][T26762] should_fail_ex.cold+0x5/0xa [ 532.590903][T26762] core_sys_select+0x938/0xbb0 [ 532.590923][T26762] ? __pfx_core_sys_select+0x10/0x10 [ 532.590957][T26762] ? ktime_get_ts64+0x2d2/0x3f0 [ 532.590976][T26762] ? read_tsc+0x9/0x20 [ 532.590995][T26762] ? ktime_get_ts64+0x256/0x3f0 [ 532.591014][T26762] kern_select+0x20c/0x270 [ 532.591031][T26762] ? __pfx_kern_select+0x10/0x10 [ 532.591053][T26762] __x64_sys_select+0xbd/0x160 [ 532.591067][T26762] ? do_syscall_64+0x94/0xf80 [ 532.591085][T26762] ? lockdep_hardirqs_on+0x78/0x100 [ 532.591101][T26762] do_syscall_64+0xc9/0xf80 [ 532.591119][T26762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.591134][T26762] RIP: 0033:0x7fd36099acb9 [ 532.591146][T26762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 532.591160][T26762] RSP: 002b:00007fd36187a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 532.591175][T26762] RAX: ffffffffffffffda RBX: 00007fd360c15fa0 RCX: 00007fd36099acb9 [ 532.591184][T26762] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 0000000000000003 [ 532.591193][T26762] RBP: 00007fd360a08bf7 R08: 00002000000000c0 R09: 0000000000000000 [ 532.591202][T26762] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 532.591211][T26762] R13: 00007fd360c16038 R14: 00007fd360c15fa0 R15: 00007ffdd871ba78 [ 532.591229][T26762] [ 533.703362][T26818] netlink: 'syz.1.9649': attribute type 1 has an invalid length. [ 533.739146][T26818] netlink: 'syz.1.9649': attribute type 1 has an invalid length. [ 533.775779][T26818] netlink: 124 bytes leftover after parsing attributes in process `syz.1.9649'. [ 533.806573][T26818] netlink: 100 bytes leftover after parsing attributes in process `syz.1.9649'. [ 533.983949][T26833] openvswitch: netlink: Flow key attr not present in new flow. [ 534.753420][T26887] netlink: ct family unspecified [ 535.275219][T26935] FAULT_INJECTION: forcing a failure. [ 535.275219][T26935] name failslab, interval 1, probability 0, space 0, times 0 [ 535.337274][T26935] CPU: 0 UID: 0 PID: 26935 Comm: syz.1.9681 Tainted: G U syzkaller #0 PREEMPT(full) [ 535.337303][T26935] Tainted: [U]=USER [ 535.337308][T26935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 535.337317][T26935] Call Trace: [ 535.337322][T26935] [ 535.337328][T26935] dump_stack_lvl+0x100/0x190 [ 535.337351][T26935] should_fail_ex.cold+0x5/0xa [ 535.337376][T26935] should_failslab+0xc2/0x120 [ 535.337397][T26935] __kmalloc_cache_noprof+0x80/0x810 [ 535.337411][T26935] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 535.337427][T26935] ? sctp_endpoint_new+0xfc/0xb20 [ 535.337447][T26935] ? __debug_object_init+0x2de/0x3d0 [ 535.337468][T26935] ? sctp_endpoint_new+0xfc/0xb20 [ 535.337488][T26935] sctp_endpoint_new+0xfc/0xb20 [ 535.337518][T26935] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 535.337538][T26935] ? lockdep_init_map_type+0x5c/0x250 [ 535.337560][T26935] ? lockdep_init_map_type+0x5c/0x250 [ 535.337580][T26935] ? lockdep_init_map_type+0x5c/0x250 [ 535.337602][T26935] sctp_init_sock+0xe2b/0x1300 [ 535.337622][T26935] ? __pfx_sctp_init_sock+0x10/0x10 [ 535.337642][T26935] inet_create+0x94c/0x1060 [ 535.337660][T26935] ? inet_create+0x94/0x1060 [ 535.337679][T26935] __sock_create+0x339/0x860 [ 535.337699][T26935] __sys_socket+0x14d/0x260 [ 535.337715][T26935] ? fput+0x79/0x100 [ 535.337735][T26935] ? __pfx___sys_socket+0x10/0x10 [ 535.337751][T26935] ? xfd_validate_state+0x129/0x190 [ 535.337778][T26935] __x64_sys_socket+0x72/0xb0 [ 535.337794][T26935] ? lockdep_hardirqs_on+0x78/0x100 [ 535.337811][T26935] do_syscall_64+0xc9/0xf80 [ 535.337830][T26935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 535.337845][T26935] RIP: 0033:0x7f327f59acb9 [ 535.337857][T26935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 535.337871][T26935] RSP: 002b:00007f32804de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 535.337886][T26935] RAX: ffffffffffffffda RBX: 00007f327f815fa0 RCX: 00007f327f59acb9 [ 535.337896][T26935] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 535.337904][T26935] RBP: 00007f327f608bf7 R08: 0000000000000000 R09: 0000000000000000 [ 535.337914][T26935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 535.337922][T26935] R13: 00007f327f816038 R14: 00007f327f815fa0 R15: 00007ffed0bf6898 [ 535.337942][T26935] [ 535.691192][T26941] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 536.182244][T26966] netlink: zone id is out of range [ 536.220868][T26966] netlink: zone id is out of range [ 536.967286][T14457] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 538.970999][T27116] delete_channel: no stack [ 539.216011][T27125] netlink: 'syz.1.9753': attribute type 1 has an invalid length. [ 539.584804][T27145] netlink: 'syz.2.9762': attribute type 2 has an invalid length. [ 539.802363][T27150] NFSD: Failed to start, no listeners configured. [ 539.960245][T27150] Process accounting paused [ 540.232470][T13306] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 540.911844][T27229] syz.0.9790 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 541.143208][T27239] netlink: 148 bytes leftover after parsing attributes in process `syz.3.9794'. [ 543.356369][T27330] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 543.794780][T27353] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9848'. [ 544.754191][T27395] netlink: Unknown NAT attribute (type=262, max=9) [ 544.863745][T27399] usb usb3: usbfs: interface 0 claimed by hub while 'syz.0.9870' sets config #0 [ 545.625915][T27436] netlink: 'syz.2.9887': attribute type 1 has an invalid length. [ 545.660864][T27436] netlink: 33 bytes leftover after parsing attributes in process `syz.2.9887'. [ 546.377021][T27469] netlink: 'syz.2.9903': attribute type 11 has an invalid length. [ 546.412174][T27469] netlink: 'syz.2.9903': attribute type 11 has an invalid length. [ 546.445700][T27469] netlink: 'syz.2.9903': attribute type 11 has an invalid length. [ 546.481014][T27469] netlink: 'syz.2.9903': attribute type 11 has an invalid length. [ 546.644036][T27478] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 546.832091][T27488] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9913'. [ 548.260116][T27550] FAULT_INJECTION: forcing a failure. [ 548.260116][T27550] name failslab, interval 1, probability 0, space 0, times 0 [ 548.383152][T27550] CPU: 0 UID: 0 PID: 27550 Comm: syz.1.9942 Tainted: G U syzkaller #0 PREEMPT(full) [ 548.383200][T27550] Tainted: [U]=USER [ 548.383205][T27550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 548.383214][T27550] Call Trace: [ 548.383219][T27550] [ 548.383225][T27550] dump_stack_lvl+0x100/0x190 [ 548.383254][T27550] should_fail_ex.cold+0x5/0xa [ 548.383279][T27550] should_failslab+0xc2/0x120 [ 548.383300][T27550] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 548.383320][T27550] ? __lock_acquire+0x4a5/0x2630 [ 548.383339][T27550] ? __d_alloc+0x34/0xa80 [ 548.383359][T27550] ? __d_alloc+0x34/0xa80 [ 548.383376][T27550] __d_alloc+0x34/0xa80 [ 548.383392][T27550] ? bpf_lsm_inode_permission+0x9/0x10 [ 548.383413][T27550] d_alloc+0x4a/0x1e0 [ 548.383431][T27550] vfs_tmpfile+0x148/0x9a0 [ 548.383453][T27550] path_openat+0x179c/0x3120 [ 548.383468][T27550] ? getname_flags+0x93/0xf0 [ 548.383481][T27550] ? do_sys_openat2+0xc5/0x220 [ 548.383501][T27550] ? __x64_sys_open+0xfe/0x1d0 [ 548.383521][T27550] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.383541][T27550] ? __pfx_path_openat+0x10/0x10 [ 548.383564][T27550] do_filp_open+0x1f7/0x420 [ 548.383582][T27550] ? __pfx_do_filp_open+0x10/0x10 [ 548.383613][T27550] ? alloc_fd+0x476/0x790 [ 548.383634][T27550] do_sys_openat2+0x12e/0x220 [ 548.383655][T27550] ? __pfx_do_sys_openat2+0x10/0x10 [ 548.383684][T27550] __x64_sys_open+0xfe/0x1d0 [ 548.383704][T27550] ? __pfx___x64_sys_open+0x10/0x10 [ 548.383724][T27550] ? xfd_validate_state+0x129/0x190 [ 548.383753][T27550] do_syscall_64+0xc9/0xf80 [ 548.383773][T27550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.383787][T27550] RIP: 0033:0x7f327f59acb9 [ 548.383799][T27550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 548.383813][T27550] RSP: 002b:00007f32804de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 548.383828][T27550] RAX: ffffffffffffffda RBX: 00007f327f815fa0 RCX: 00007f327f59acb9 [ 548.383838][T27550] RDX: 0000000000000408 RSI: 0000000000591002 RDI: 0000200000000100 [ 548.383846][T27550] RBP: 00007f327f608bf7 R08: 0000000000000000 R09: 0000000000000000 [ 548.383855][T27550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 548.383864][T27550] R13: 00007f327f816038 R14: 00007f327f815fa0 R15: 00007ffed0bf6898 [ 548.383884][T27550] [ 550.018686][T27624] netlink: 'syz.2.9978': attribute type 1 has an invalid length. [ 550.613878][T27646] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 550.878535][T27658] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 552.047572][T27710] nbd: couldn't find a device at index 35644 [ 552.705836][T27741] netlink: 'syz.2.10035': attribute type 1 has an invalid length. [ 553.570192][T27787] : entered promiscuous mode [ 554.149430][T27818] netlink: NAT attribute type 6 has unexpected length (4 != 2) [ 554.251990][T27823] HSR: entered promiscuous mode [ 554.358801][T14457] Bluetooth: hci3: unexpected event 0x30 length: 47 > 3 [ 554.790861][T27854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10088'. [ 555.048739][T27864] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 555.239065][T27874] netlink: get zone limit has 8 unknown bytes [ 555.307693][T27879] sg_read: process 4829 (syz.3.10100) changed security contexts after opening file descriptor, this is not allowed. [ 555.719676][T27900] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 556.591916][T27943] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 556.598396][T27943] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 556.815260][T27953] netlink: 206 bytes leftover after parsing attributes in process `syz.2.10136'. [ 557.132552][T27963] netlink: Unknown conntrack attr (type=257, max=9) [ 559.031663][T28038] openvswitch: netlink: Missing valid actions attribute. [ 559.493614][T28053] HfR: entered promiscuous mode [ 559.706268][T28062] openvswitch: netlink: Multiple metadata blocks provided [ 560.206858][T28086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10195'. [ 560.970000][T28114] dlm: non-version read from control device 1 [ 561.024993][T28117] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 562.252769][T28163] netlink: 'syz.2.10232': attribute type 11 has an invalid length. [ 564.370554][T28261] bridge0: port 3(team0) entered blocking state [ 564.405827][T28261] bridge0: port 3(team0) entered disabled state [ 564.412329][T28261] team0: entered allmulticast mode [ 564.432141][T28263] sctp: [Deprecated]: syz.1.10278 (pid 28263) Use of int in maxseg socket option. [ 564.432141][T28263] Use struct sctp_assoc_value instead [ 564.463231][T28261] team_slave_0: entered allmulticast mode [ 564.485740][T28261] team_slave_1: entered allmulticast mode [ 564.518466][T28261] team0: entered promiscuous mode [ 564.547132][T28261] team_slave_0: entered promiscuous mode [ 564.566359][T28261] team_slave_1: entered promiscuous mode [ 564.602440][T28261] bridge0: port 3(team0) entered blocking state [ 564.608852][T28261] bridge0: port 3(team0) entered forwarding state [ 565.297213][T28297] FAULT_INJECTION: forcing a failure. [ 565.297213][T28297] name failslab, interval 1, probability 0, space 0, times 0 [ 565.323546][T28297] CPU: 0 UID: 7 PID: 28297 Comm: syz.3.10293 Tainted: G U L syzkaller #0 PREEMPT(full) [ 565.323577][T28297] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 565.323582][T28297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 565.323591][T28297] Call Trace: [ 565.323597][T28297] [ 565.323603][T28297] dump_stack_lvl+0x100/0x190 [ 565.323632][T28297] should_fail_ex.cold+0x5/0xa [ 565.323657][T28297] should_failslab+0xc2/0x120 [ 565.323678][T28297] kmem_cache_alloc_noprof+0x83/0x780 [ 565.323697][T28297] ? dup_fd+0x4d/0xd10 [ 565.323717][T28297] ? dup_fd+0x4d/0xd10 [ 565.323732][T28297] dup_fd+0x4d/0xd10 [ 565.323747][T28297] ? __pfx_do_futex+0x10/0x10 [ 565.323767][T28297] ? find_held_lock+0x2b/0x80 [ 565.323786][T28297] ksys_unshare+0x78f/0xab0 [ 565.323808][T28297] ? __pfx_ksys_unshare+0x10/0x10 [ 565.323828][T28297] ? xfd_validate_state+0x129/0x190 [ 565.323856][T28297] __x64_sys_unshare+0x31/0x40 [ 565.323876][T28297] do_syscall_64+0xc9/0xf80 [ 565.323895][T28297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.323909][T28297] RIP: 0033:0x7fca5eb9acb9 [ 565.323923][T28297] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 565.323937][T28297] RSP: 002b:00007fca5f9f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 565.323952][T28297] RAX: ffffffffffffffda RBX: 00007fca5ee15fa0 RCX: 00007fca5eb9acb9 [ 565.323962][T28297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 565.323971][T28297] RBP: 00007fca5ec08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 565.323981][T28297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.323990][T28297] R13: 00007fca5ee16038 R14: 00007fca5ee15fa0 R15: 00007fffd9929048 [ 565.324009][T28297] [ 566.065310][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 566.071680][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 566.418712][T28334] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10310'. [ 566.688000][T28348] bridge0: port 3(team0) entered blocking state [ 566.728105][T28348] bridge0: port 3(team0) entered disabled state [ 566.764750][T28348] team0: entered allmulticast mode [ 566.787681][T28348] team_slave_0: entered allmulticast mode [ 566.810181][T28348] team_slave_1: entered allmulticast mode [ 566.840307][T28348] team0: entered promiscuous mode [ 566.865774][T28348] team_slave_0: entered promiscuous mode [ 566.885811][T28348] team_slave_1: entered promiscuous mode [ 566.901458][T28348] bridge0: port 3(team0) entered blocking state [ 566.907864][T28348] bridge0: port 3(team0) entered forwarding state [ 566.947864][T28351] netlink: 346 bytes leftover after parsing attributes in process `syz.1.10317'. [ 567.103684][T14457] Bluetooth: hci2: unexpected event 0x2c length: 42 > 17 [ 567.103721][T14457] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 567.433771][T28375] bridge0: port 4(veth0_to_bridge) entered blocking state [ 567.465364][T28375] bridge0: port 4(veth0_to_bridge) entered disabled state [ 567.491401][T28375] veth0_to_bridge: entered allmulticast mode [ 567.516399][T28375] veth0_to_bridge: entered promiscuous mode [ 567.541400][T28375] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 567.565337][T28375] bridge0: port 4(veth0_to_bridge) entered blocking state [ 567.572602][T28375] bridge0: port 4(veth0_to_bridge) entered forwarding state [ 567.598070][T28381] bridge0: port 3(team0) entered blocking state [ 567.615653][T28381] bridge0: port 3(team0) entered disabled state [ 567.639075][T28381] team0: entered allmulticast mode [ 567.660540][T28381] team_slave_0: entered allmulticast mode [ 567.687865][T28381] team_slave_1: entered allmulticast mode [ 567.712781][T28381] team0: entered promiscuous mode [ 567.754621][T28381] team_slave_0: entered promiscuous mode [ 567.769839][T28381] team_slave_1: entered promiscuous mode [ 567.817092][T28381] bridge0: port 3(team0) entered blocking state [ 567.823492][T28381] bridge0: port 3(team0) entered forwarding state [ 568.461436][T14457] Bluetooth: hci0: unexpected event 0x03 length: 43 > 11 [ 568.495250][T28419] bridge0: port 3(team0) entered blocking state [ 568.563632][T28419] bridge0: port 3(team0) entered disabled state [ 568.592488][T28419] team0: entered allmulticast mode [ 568.624117][T28419] team_slave_0: entered allmulticast mode [ 568.644007][T28419] team_slave_1: entered allmulticast mode [ 568.680935][T28419] team0: entered promiscuous mode [ 568.702369][T28419] team_slave_0: entered promiscuous mode [ 568.733183][T28419] team_slave_1: entered promiscuous mode [ 568.758480][T28419] bridge0: port 3(team0) entered blocking state [ 568.764910][T28419] bridge0: port 3(team0) entered listening state [ 570.278649][T28467] Process accounting resumed [ 570.790030][T28508] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10387'. [ 573.394239][T28644] IPVS: length: 7562853 != 24 [ 574.002263][T28695] FAULT_INJECTION: forcing a failure. [ 574.002263][T28695] name failslab, interval 1, probability 0, space 0, times 0 [ 574.070051][T28695] CPU: 0 UID: 0 PID: 28695 Comm: syz.3.10454 Tainted: G U L syzkaller #0 PREEMPT(full) [ 574.070082][T28695] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 574.070088][T28695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 574.070097][T28695] Call Trace: [ 574.070105][T28695] [ 574.070111][T28695] dump_stack_lvl+0x100/0x190 [ 574.070135][T28695] should_fail_ex.cold+0x5/0xa [ 574.070159][T28695] should_failslab+0xc2/0x120 [ 574.070179][T28695] ? udpv6_init_sock+0x24e/0x450 [ 574.070198][T28695] __kmalloc_noprof+0xf6/0x9c0 [ 574.070213][T28695] ? lockdep_init_map_type+0x5c/0x250 [ 574.070239][T28695] ? udpv6_init_sock+0x24e/0x450 [ 574.070256][T28695] udpv6_init_sock+0x24e/0x450 [ 574.070275][T28695] udplitev6_sk_init+0x15/0x40 [ 574.070295][T28695] ? __pfx_udplitev6_sk_init+0x10/0x10 [ 574.070314][T28695] inet6_create+0xb2f/0x12c0 [ 574.070337][T28695] ? inet6_create+0x7f/0x12c0 [ 574.070359][T28695] __sock_create+0x339/0x860 [ 574.070387][T28695] __sys_socket+0x14d/0x260 [ 574.070404][T28695] ? fput+0x79/0x100 [ 574.070423][T28695] ? __pfx___sys_socket+0x10/0x10 [ 574.070440][T28695] ? xfd_validate_state+0x129/0x190 [ 574.070467][T28695] __x64_sys_socket+0x72/0xb0 [ 574.070483][T28695] ? lockdep_hardirqs_on+0x78/0x100 [ 574.070500][T28695] do_syscall_64+0xc9/0xf80 [ 574.070519][T28695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.070534][T28695] RIP: 0033:0x7fca5eb9acb9 [ 574.070547][T28695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 574.070562][T28695] RSP: 002b:00007fca5f9f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 574.070579][T28695] RAX: ffffffffffffffda RBX: 00007fca5ee15fa0 RCX: 00007fca5eb9acb9 [ 574.070589][T28695] RDX: 0000000000000088 RSI: 0000000000000002 RDI: 000000000000000a [ 574.070597][T28695] RBP: 00007fca5ec08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 574.070607][T28695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 574.070615][T28695] R13: 00007fca5ee16038 R14: 00007fca5ee15fa0 R15: 00007fffd9929048 [ 574.070634][T28695] [ 575.230113][T28735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10470'. [ 575.585529][T28752] FAULT_INJECTION: forcing a failure. [ 575.585529][T28752] name failslab, interval 1, probability 0, space 0, times 0 [ 575.702150][T28752] CPU: 0 UID: 0 PID: 28752 Comm: syz.1.10476 Tainted: G U L syzkaller #0 PREEMPT(full) [ 575.702181][T28752] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 575.702187][T28752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 575.702197][T28752] Call Trace: [ 575.702202][T28752] [ 575.702209][T28752] dump_stack_lvl+0x100/0x190 [ 575.702232][T28752] should_fail_ex.cold+0x5/0xa [ 575.702257][T28752] should_failslab+0xc2/0x120 [ 575.702279][T28752] kmem_cache_alloc_noprof+0x83/0x780 [ 575.702299][T28752] ? sk_prot_alloc+0x60/0x2a0 [ 575.702318][T28752] ? sk_prot_alloc+0x60/0x2a0 [ 575.702331][T28752] sk_prot_alloc+0x60/0x2a0 [ 575.702347][T28752] sk_alloc+0x36/0xe80 [ 575.702367][T28752] pn_socket_create+0x22d/0x560 [ 575.702386][T28752] __sock_create+0x339/0x860 [ 575.702405][T28752] __sys_socket+0x14d/0x260 [ 575.702422][T28752] ? __pfx___sys_socket+0x10/0x10 [ 575.702438][T28752] ? xfd_validate_state+0x129/0x190 [ 575.702465][T28752] __x64_sys_socket+0x72/0xb0 [ 575.702481][T28752] ? lockdep_hardirqs_on+0x78/0x100 [ 575.702499][T28752] do_syscall_64+0xc9/0xf80 [ 575.702518][T28752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.702532][T28752] RIP: 0033:0x7f327f59acb9 [ 575.702554][T28752] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 575.702569][T28752] RSP: 002b:00007f32804de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 575.702585][T28752] RAX: ffffffffffffffda RBX: 00007f327f815fa0 RCX: 00007f327f59acb9 [ 575.702595][T28752] RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000023 [ 575.702605][T28752] RBP: 00007f327f608bf7 R08: 0000000000000000 R09: 0000000000000000 [ 575.702614][T28752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.702626][T28752] R13: 00007f327f816038 R14: 00007f327f815fa0 R15: 00007ffed0bf6898 [ 575.702645][T28752] [ 576.533396][T28776] netlink: 350 bytes leftover after parsing attributes in process `syz.0.10490'. [ 579.238959][T28919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10532'. [ 579.692411][T28931] FAULT_INJECTION: forcing a failure. [ 579.692411][T28931] name failslab, interval 1, probability 0, space 0, times 0 [ 579.780248][T28935] sctp: [Deprecated]: syz.3.10541 (pid 28935) Use of struct sctp_assoc_value in delayed_ack socket option. [ 579.780248][T28935] Use struct sctp_sack_info instead [ 579.815042][T28931] CPU: 0 UID: 0 PID: 28931 Comm: syz.1.10538 Tainted: G U L syzkaller #0 PREEMPT(full) [ 579.815072][T28931] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 579.815078][T28931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 579.815087][T28931] Call Trace: [ 579.815093][T28931] [ 579.815099][T28931] dump_stack_lvl+0x100/0x190 [ 579.815123][T28931] should_fail_ex.cold+0x5/0xa [ 579.815155][T28931] should_failslab+0xc2/0x120 [ 579.815177][T28931] kmem_cache_alloc_noprof+0x83/0x780 [ 579.815196][T28931] ? __pmd_alloc+0xbf/0x9c0 [ 579.815225][T28931] ? __pmd_alloc+0xbf/0x9c0 [ 579.815246][T28931] __pmd_alloc+0xbf/0x9c0 [ 579.815269][T28931] __handle_mm_fault+0xa99/0x2b50 [ 579.815288][T28931] ? mt_find+0x45e/0x8e0 [ 579.815307][T28931] ? __pfx___handle_mm_fault+0x10/0x10 [ 579.815322][T28931] ? __pfx_mt_find+0x10/0x10 [ 579.815354][T28931] handle_mm_fault+0x36d/0xa20 [ 579.815374][T28931] __get_user_pages+0xf9c/0x34d0 [ 579.815403][T28931] ? __pfx___get_user_pages+0x10/0x10 [ 579.815430][T28931] populate_vma_page_range+0x267/0x3f0 [ 579.815454][T28931] ? __pfx_populate_vma_page_range+0x10/0x10 [ 579.815477][T28931] ? __pfx_find_vma_intersection+0x10/0x10 [ 579.815498][T28931] ? do_mmap+0x93f/0x12f0 [ 579.815521][T28931] __mm_populate+0x107/0x3a0 [ 579.815544][T28931] ? __pfx___mm_populate+0x10/0x10 [ 579.815573][T28931] ? up_write+0x290/0x4f0 [ 579.815596][T28931] vm_mmap_pgoff+0x37f/0x470 [ 579.815620][T28931] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 579.815645][T28931] ? __x64_sys_futex+0x34f/0x4d0 [ 579.815664][T28931] ? __x64_sys_futex+0x358/0x4d0 [ 579.815687][T28931] ksys_mmap_pgoff+0x7d/0x5b0 [ 579.815710][T28931] __x64_sys_mmap+0x125/0x190 [ 579.815727][T28931] do_syscall_64+0xc9/0xf80 [ 579.815747][T28931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.815763][T28931] RIP: 0033:0x7f327f59acb9 [ 579.815775][T28931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 579.815790][T28931] RSP: 002b:00007f32804de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 579.815806][T28931] RAX: ffffffffffffffda RBX: 00007f327f815fa0 RCX: 00007f327f59acb9 [ 579.815816][T28931] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 579.815825][T28931] RBP: 00007f327f608bf7 R08: ffffffffffffffff R09: 0000000000008000 [ 579.815835][T28931] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 579.815844][T28931] R13: 00007f327f816038 R14: 00007f327f815fa0 R15: 00007ffed0bf6898 [ 579.815868][T28931] [ 580.953064][T28962] Invalid ELF header magic: != ELF [ 583.447650][T29032] zswap: compressor not available [ 583.886754][ C0] bridge0: port 3(team0) entered learning state [ 584.036843][T29056] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 585.584036][T29155] FAULT_INJECTION: forcing a failure. [ 585.584036][T29155] name failslab, interval 1, probability 0, space 0, times 0 [ 585.657270][T29155] CPU: 0 UID: 0 PID: 29155 Comm: syz.3.10625 Tainted: G U L syzkaller #0 PREEMPT(full) [ 585.657300][T29155] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 585.657306][T29155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 585.657316][T29155] Call Trace: [ 585.657322][T29155] [ 585.657328][T29155] dump_stack_lvl+0x100/0x190 [ 585.657351][T29155] should_fail_ex.cold+0x5/0xa [ 585.657376][T29155] should_failslab+0xc2/0x120 [ 585.657396][T29155] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 585.657416][T29155] ? dquot_alloc_inode+0x51b/0xb10 [ 585.657437][T29155] ? __d_alloc+0x34/0xa80 [ 585.657458][T29155] ? __d_alloc+0x34/0xa80 [ 585.657475][T29155] __d_alloc+0x34/0xa80 [ 585.657495][T29155] d_alloc_pseudo+0x1c/0xc0 [ 585.657517][T29155] alloc_file_pseudo+0xcf/0x230 [ 585.657539][T29155] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 585.657566][T29155] __shmem_file_setup+0x1a3/0x330 [ 585.657583][T29155] shmem_zero_setup+0x93/0x1b0 [ 585.657603][T29155] __mmap_region+0x2101/0x2820 [ 585.657623][T29155] ? __pfx___mmap_region+0x10/0x10 [ 585.657661][T29155] ? finish_task_switch.isra.0+0x204/0xb70 [ 585.657679][T29155] ? lockdep_hardirqs_on+0x78/0x100 [ 585.657698][T29155] ? finish_task_switch.isra.0+0x204/0xb70 [ 585.657747][T29155] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 585.657771][T29155] ? rcu_is_watching+0x12/0xc0 [ 585.657790][T29155] mmap_region+0x180/0x3e0 [ 585.657811][T29155] do_mmap+0xc63/0x12f0 [ 585.657835][T29155] ? __pfx_do_mmap+0x10/0x10 [ 585.657856][T29155] ? __pfx_down_write_killable+0x10/0x10 [ 585.657880][T29155] vm_mmap_pgoff+0x29e/0x470 [ 585.657904][T29155] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 585.657930][T29155] ? __x64_sys_futex+0x34f/0x4d0 [ 585.657949][T29155] ? __x64_sys_futex+0x358/0x4d0 [ 585.657970][T29155] ksys_mmap_pgoff+0x7d/0x5b0 [ 585.657994][T29155] __x64_sys_mmap+0x125/0x190 [ 585.658010][T29155] do_syscall_64+0xc9/0xf80 [ 585.658029][T29155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.658045][T29155] RIP: 0033:0x7fca5eb9acb9 [ 585.658058][T29155] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 585.658074][T29155] RSP: 002b:00007fca5f9f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 585.658089][T29155] RAX: ffffffffffffffda RBX: 00007fca5ee15fa0 RCX: 00007fca5eb9acb9 [ 585.658099][T29155] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 585.658109][T29155] RBP: 00007fca5ec08bf7 R08: fffffffffffffffa R09: 0000000000008000 [ 585.658118][T29155] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 585.658127][T29155] R13: 00007fca5ee16038 R14: 00007fca5ee15fa0 R15: 00007fffd9929048 [ 585.658147][T29155] [ 586.620691][ T30] audit: type=1800 audit(2147483650.809:41): pid=29193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.10640" name="dbroot" dev="configfs" ino=80219 res=0 errno=0 [ 586.906873][T29206] vivid-009: ================= START STATUS ================= [ 586.928734][T29206] vivid-009: Radio HW Seek Mode: Bounded [ 586.967067][T29206] vivid-009: Radio Programmable HW Seek: false [ 586.998906][T29206] vivid-009: RDS Rx I/O Mode: Block I/O [ 587.004532][T29206] vivid-009: Generate RBDS Instead of RDS: false [ 587.058405][T29206] vivid-009: RDS Reception: true [ 587.082609][T29206] vivid-009: RDS Program Type: 0 inactive [ 587.115734][T29206] vivid-009: RDS PS Name: inactive [ 587.136089][T29206] vivid-009: RDS Radio Text: inactive [ 587.156422][T29206] vivid-009: RDS Traffic Announcement: false inactive [ 587.191321][T29206] vivid-009: RDS Traffic Program: false inactive [ 587.223337][T29206] vivid-009: RDS Music: false inactive [ 587.238966][T29222] netlink: 'syz.2.10653': attribute type 1 has an invalid length. [ 587.261244][T29206] vivid-009: ================== END STATUS ================== [ 587.978094][T29253] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 588.578715][T29283] FAULT_INJECTION: forcing a failure. [ 588.578715][T29283] name failslab, interval 1, probability 0, space 0, times 0 [ 588.639521][T29283] CPU: 0 UID: 0 PID: 29283 Comm: syz.3.10683 Tainted: G U L syzkaller #0 PREEMPT(full) [ 588.639552][T29283] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 588.639558][T29283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 588.639568][T29283] Call Trace: [ 588.639574][T29283] [ 588.639580][T29283] dump_stack_lvl+0x100/0x190 [ 588.639603][T29283] should_fail_ex.cold+0x5/0xa [ 588.639629][T29283] should_failslab+0xc2/0x120 [ 588.639649][T29283] __kvmalloc_node_noprof+0x101/0xac0 [ 588.639668][T29283] ? io_uring_setup.cold+0x171/0x1a89 [ 588.639691][T29283] ? io_uring_setup.cold+0x171/0x1a89 [ 588.639708][T29283] io_uring_setup.cold+0x171/0x1a89 [ 588.639730][T29283] ? __pfx_io_uring_setup+0x10/0x10 [ 588.639749][T29283] ? do_futex+0x192/0x350 [ 588.639769][T29283] ? __pfx_do_futex+0x10/0x10 [ 588.639798][T29283] ? xfd_validate_state+0x129/0x190 [ 588.639821][T29283] ? __task_pid_nr_ns+0x1f5/0x500 [ 588.639845][T29283] __x64_sys_io_uring_setup+0xc2/0x170 [ 588.639864][T29283] do_syscall_64+0xc9/0xf80 [ 588.639883][T29283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.639898][T29283] RIP: 0033:0x7fca5eb9acb9 [ 588.639911][T29283] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 588.639926][T29283] RSP: 002b:00007fca5f9f1028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 588.639941][T29283] RAX: ffffffffffffffda RBX: 00007fca5ee15fa0 RCX: 00007fca5eb9acb9 [ 588.639951][T29283] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 588.639960][T29283] RBP: 00007fca5ec08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 588.639969][T29283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 588.639977][T29283] R13: 00007fca5ee16038 R14: 00007fca5ee15fa0 R15: 00007fffd9929048 [ 588.639996][T29283] [ 589.589088][T29347] bridge0: port 5(bond0) entered blocking state [ 589.606908][T29347] bridge0: port 5(bond0) entered disabled state [ 589.620170][T29347] bond0: entered allmulticast mode [ 589.626408][T29347] bond_slave_0: entered allmulticast mode [ 589.653379][T29347] bond_slave_1: entered allmulticast mode [ 589.665506][T29347] bond0: entered promiscuous mode [ 589.681408][T29347] bond_slave_0: entered promiscuous mode [ 589.696033][T29347] bond_slave_1: entered promiscuous mode [ 589.725968][T29347] bridge0: port 5(bond0) entered blocking state [ 589.732373][T29347] bridge0: port 5(bond0) entered forwarding state [ 589.764573][T29349] netlink: 206 bytes leftover after parsing attributes in process `syz.1.10702'. [ 591.528264][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.541806][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.555150][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.568489][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.581650][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.594872][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.608267][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.622267][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.635582][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 591.648874][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.509025][ C0] net_ratelimit: 3723 callbacks suppressed [ 596.509043][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.528289][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.541686][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.555089][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.568641][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.582075][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.595603][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.608980][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.622319][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 596.635632][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 599.166376][ C0] bridge0: port 3(team0) entered forwarding state [ 599.172830][ C0] bridge0: topology change detected, propagating [ 601.493403][ C0] net_ratelimit: 3669 callbacks suppressed [ 601.493421][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.512686][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.525995][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.539313][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.552658][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.565939][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.579535][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.592933][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.606244][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 601.619765][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.476952][ C0] net_ratelimit: 3711 callbacks suppressed [ 606.476969][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.496324][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.509739][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.523106][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.536619][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.550114][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.563440][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.576868][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.592724][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 606.606100][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 611.461047][ C0] net_ratelimit: 5959 callbacks suppressed [ 611.461065][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 611.480213][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 611.492666][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 611.505925][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 611.518407][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 611.531602][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 611.543947][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 611.557212][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 611.569569][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 611.582952][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 616.445021][ C0] net_ratelimit: 8200 callbacks suppressed [ 616.445038][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.464375][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 616.476789][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 616.489374][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.501809][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.515201][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 616.527599][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 616.540008][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.552434][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.566078][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 621.428937][ C0] net_ratelimit: 8384 callbacks suppressed [ 621.428954][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 621.447204][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.459758][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.473042][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 621.485494][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 621.497900][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.510267][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.523478][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 621.535916][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 621.548351][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.413709][ C0] net_ratelimit: 8449 callbacks suppressed [ 626.413726][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 626.432086][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 626.444703][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.457171][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.470684][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 626.483184][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 626.495734][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.508288][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.522384][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 626.535033][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 631.397257][ C0] net_ratelimit: 6448 callbacks suppressed [ 631.397278][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.415598][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.428849][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 631.441270][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 631.454669][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.467346][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.480789][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 631.493479][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 631.506898][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.519289][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.381198][ C0] net_ratelimit: 6136 callbacks suppressed [ 636.381218][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 636.399530][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 636.412889][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.425437][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.438707][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 636.451124][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 636.464402][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.476970][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.490267][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 636.502640][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 641.365692][ C0] net_ratelimit: 5056 callbacks suppressed [ 641.365709][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.385120][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.398475][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 641.411014][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 641.424375][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.437627][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.450881][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 641.463243][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 641.476475][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.489671][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.349717][ C0] net_ratelimit: 4918 callbacks suppressed [ 646.349739][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.368905][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.382298][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 646.394706][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 646.408041][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.421395][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.434684][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 646.447167][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 646.460465][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.473686][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.333687][ C0] net_ratelimit: 4884 callbacks suppressed [ 651.333706][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 651.351923][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 651.365201][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.378456][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.391761][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 651.404180][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 651.417441][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.430698][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.444151][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 651.456546][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 656.318467][ C0] net_ratelimit: 4797 callbacks suppressed [ 656.318484][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.337851][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 656.350403][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 656.363611][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.376881][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.390281][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 656.402885][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 656.416361][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.429786][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.443313][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.302543][ C0] net_ratelimit: 4814 callbacks suppressed [ 661.302560][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.321760][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.334204][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 661.347750][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.361220][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.374530][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.387124][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 661.400324][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.413514][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.427464][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.497844][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 666.286547][ C0] net_ratelimit: 4911 callbacks suppressed [ 666.286564][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 666.304872][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 666.318386][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.331677][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.345005][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 666.357540][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 666.370832][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.384115][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.397543][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 666.410015][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 671.270058][ C0] net_ratelimit: 4912 callbacks suppressed [ 671.270076][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.289125][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.302695][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 671.315157][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 671.328412][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.341642][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.355009][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 671.367381][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 671.380618][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.393981][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.254893][ C0] net_ratelimit: 4835 callbacks suppressed [ 676.254911][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.274037][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 676.286383][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 676.299729][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.313113][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.326416][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 676.338788][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 676.352054][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.365436][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.378810][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 681.238814][ C0] net_ratelimit: 4694 callbacks suppressed [ 681.238831][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.257996][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 681.270554][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 681.283959][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.297263][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.310623][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 681.323007][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 681.336411][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.349689][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.363223][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 686.222126][ C0] net_ratelimit: 4865 callbacks suppressed [ 686.222143][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.241836][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.255091][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 686.267481][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 686.280725][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.293963][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.307205][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 686.319589][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 686.332820][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.346286][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.206158][ C0] net_ratelimit: 4888 callbacks suppressed [ 691.206175][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 691.224375][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 691.237706][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.251184][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.264434][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 691.276850][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 691.290182][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.303996][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.317447][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 691.329922][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 696.190381][ C0] net_ratelimit: 4835 callbacks suppressed [ 696.190399][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 696.209495][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.222798][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.236132][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 696.248503][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 696.262513][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.275779][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.289093][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 696.301491][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 696.315077][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.175345][ C0] net_ratelimit: 4825 callbacks suppressed [ 701.175362][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 701.193694][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 701.206943][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.220159][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.233539][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 701.246010][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 701.259231][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.272489][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.285717][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 701.298075][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 706.158560][ C0] net_ratelimit: 4829 callbacks suppressed [ 706.158578][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.177825][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 706.190294][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 706.203599][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.216873][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.230185][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 706.242914][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 706.256184][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.269406][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.283436][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 710.177404][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 710.184399][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6115/1:b..l [ 710.192864][ C0] rcu: (detected by 0, t=10502 jiffies, g=112389, q=516 ncpus=1) [ 710.200693][ C0] task:syz-executor state:R running task stack:23928 pid:6115 tgid:6115 ppid:6105 task_flags:0x400140 flags:0x00080000 [ 710.215382][ C0] Call Trace: [ 710.218666][ C0] [ 710.221587][ C0] ? __schedule+0xf65/0x5e10 [ 710.226172][ C0] __schedule+0xfe4/0x5e10 [ 710.230786][ C0] ? is_bpf_text_address+0x8a/0x1a0 [ 710.235972][ C0] ? bpf_ksym_find+0x124/0x1c0 [ 710.240718][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 710.246854][ C0] ? __pfx___schedule+0x10/0x10 [ 710.251691][ C0] ? mark_held_locks+0x40/0x70 [ 710.256442][ C0] preempt_schedule_irq+0x50/0x90 [ 710.261451][ C0] irqentry_exit+0x17b/0x670 [ 710.266030][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 710.272041][ C0] RIP: 0010:lock_acquire+0x5e/0x330 [ 710.277248][ C0] Code: 05 bb 49 01 12 83 f8 07 0f 87 a4 02 00 00 48 0f a3 05 46 eb d4 0e 0f 82 6f 02 00 00 8b 35 be 1b d5 0e 85 f6 0f 85 8a 00 00 00 <48> 8b 44 24 30 65 48 2b 05 5d 49 01 12 0f 85 b8 02 00 00 48 83 c4 [ 710.296857][ C0] RSP: 0018:ffffc9000491ef58 EFLAGS: 00000206 [ 710.302946][ C0] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000004 [ 710.310903][ C0] RDX: 0000000000000000 RSI: ffffffff8dc1b45f RDI: ffffffff8bfa32a0 [ 710.318883][ C0] RBP: ffffffff8e5e3120 R08: 000000006c35bbd5 R09: 0000000000000007 [ 710.326839][ C0] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002 [ 710.334806][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 710.342778][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 710.347992][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 710.353181][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 710.359342][ C0] unwind_next_frame+0xd1/0x1ea0 [ 710.364270][ C0] ? unwind_next_frame+0xbd/0x1ea0 [ 710.369367][ C0] ? __do_sys_clone+0xd9/0x120 [ 710.374139][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 710.380277][ C0] arch_stack_walk+0x94/0xf0 [ 710.384878][ C0] ? __do_sys_clone+0xd9/0x120 [ 710.389764][ C0] stack_trace_save+0x8e/0xc0 [ 710.394445][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 710.399832][ C0] ? __lock_acquire+0x4a5/0x2630 [ 710.404760][ C0] kasan_save_stack+0x30/0x50 [ 710.409424][ C0] ? kasan_save_stack+0x30/0x50 [ 710.414265][ C0] ? kasan_save_track+0x14/0x30 [ 710.419100][ C0] ? kasan_save_free_info+0x3b/0x70 [ 710.424300][ C0] ? __kasan_slab_free+0x5f/0x80 [ 710.429311][ C0] ? kfree+0x1c7/0x690 [ 710.433369][ C0] ? __free_slab+0x101/0x150 [ 710.437958][ C0] ? qlist_free_all+0x47/0xe0 [ 710.442630][ C0] ? kasan_quarantine_reduce+0x1a0/0x1f0 [ 710.448335][ C0] ? __kasan_slab_alloc+0x69/0x90 [ 710.453369][ C0] ? kmem_cache_alloc_noprof+0x2ad/0x780 [ 710.458988][ C0] ? ptlock_alloc+0x1f/0x70 [ 710.463490][ C0] ? pte_alloc_one+0x84/0x3e0 [ 710.468148][ C0] ? __pte_alloc+0x6d/0x3f0 [ 710.472637][ C0] ? copy_page_range+0x3f17/0x6ba0 [ 710.477728][ C0] ? dup_mmap+0xbea/0x1e20 [ 710.482120][ C0] ? copy_process+0x7451/0x7890 [ 710.486953][ C0] ? kernel_clone+0xfc/0x930 [ 710.491527][ C0] ? __do_sys_clone+0xd9/0x120 [ 710.496292][ C0] kasan_save_track+0x14/0x30 [ 710.500961][ C0] kasan_save_free_info+0x3b/0x70 [ 710.505986][ C0] __kasan_slab_free+0x5f/0x80 [ 710.510756][ C0] kfree+0x1c7/0x690 [ 710.514656][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 710.520456][ C0] ? __free_slab+0x101/0x150 [ 710.525034][ C0] ? __free_slab+0x101/0x150 [ 710.529607][ C0] ? qlist_free_all+0x42/0xe0 [ 710.534271][ C0] __free_slab+0x101/0x150 [ 710.538674][ C0] qlist_free_all+0x47/0xe0 [ 710.543165][ C0] kasan_quarantine_reduce+0x1a0/0x1f0 [ 710.548612][ C0] __kasan_slab_alloc+0x69/0x90 [ 710.553450][ C0] kmem_cache_alloc_noprof+0x2ad/0x780 [ 710.558898][ C0] ? ptlock_alloc+0x1f/0x70 [ 710.563388][ C0] ? ptlock_alloc+0x1f/0x70 [ 710.567879][ C0] ptlock_alloc+0x1f/0x70 [ 710.572191][ C0] pte_alloc_one+0x84/0x3e0 [ 710.576681][ C0] __pte_alloc+0x6d/0x3f0 [ 710.580996][ C0] ? __pfx___pte_alloc+0x10/0x10 [ 710.586005][ C0] ? __pfx___might_resched+0x10/0x10 [ 710.591279][ C0] ? copy_page_range+0x1e07/0x6ba0 [ 710.596465][ C0] copy_page_range+0x3f17/0x6ba0 [ 710.601408][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 710.606754][ C0] ? __pfx___might_resched+0x10/0x10 [ 710.612036][ C0] ? up_write+0x290/0x4f0 [ 710.616370][ C0] dup_mmap+0xbea/0x1e20 [ 710.620619][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 710.625474][ C0] copy_process+0x7451/0x7890 [ 710.630159][ C0] ? __pfx_copy_process+0x10/0x10 [ 710.635175][ C0] ? do_raw_spin_lock+0x128/0x260 [ 710.640199][ C0] kernel_clone+0xfc/0x930 [ 710.644606][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 710.649648][ C0] ? __lock_acquire+0x4a5/0x2630 [ 710.654649][ C0] ? find_held_lock+0x2b/0x80 [ 710.659308][ C0] ? __might_fault+0xc5/0x140 [ 710.663972][ C0] __do_sys_clone+0xd9/0x120 [ 710.668552][ C0] ? __pfx___do_sys_clone+0x10/0x10 [ 710.673940][ C0] ? do_user_addr_fault+0x8d6/0x12f0 [ 710.679216][ C0] do_syscall_64+0xc9/0xf80 [ 710.683726][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.689622][ C0] RIP: 0033:0x7f5fff7c3752 [ 710.694023][ C0] RSP: 002b:00007ffe6bdc9930 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 710.702420][ C0] RAX: ffffffffffffffda RBX: 00007ffe6bdc9930 RCX: 00007f5fff7c3752 [ 710.710784][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 710.718845][ C0] RBP: 00007ffe6bdc9abc R08: 0000000000000000 R09: 0000000000000001 [ 710.726885][ C0] R10: 00005555839f77d0 R11: 0000000000000246 R12: 0000000000000001 [ 710.734838][ C0] R13: 00000000000927c0 R14: 0000000000090f5d R15: 00007ffe6bdc9b10 [ 710.742908][ C0] [ 710.746026][ C0] rcu: rcu_preempt kthread starved for 227 jiffies! g112389 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 710.757213][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 710.767168][ C0] rcu: RCU grace-period kthread stack dump: [ 710.773036][ C0] task:rcu_preempt state:R running task stack:28408 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 710.786534][ C0] Call Trace: [ 710.789831][ C0] [ 710.792784][ C0] ? __schedule+0xf65/0x5e10 [ 710.797372][ C0] __schedule+0xfe4/0x5e10 [ 710.801780][ C0] ? __lock_acquire+0x4a5/0x2630 [ 710.806801][ C0] ? __pfx___schedule+0x10/0x10 [ 710.811634][ C0] ? find_held_lock+0x2b/0x80 [ 710.816351][ C0] ? schedule+0x2bf/0x390 [ 710.820701][ C0] schedule+0xdd/0x390 [ 710.824769][ C0] schedule_timeout+0x127/0x280 [ 710.829621][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 710.834986][ C0] ? __pfx_process_timeout+0x10/0x10 [ 710.840259][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 710.846142][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 710.851597][ C0] rcu_gp_fqs_loop+0x1a9/0xb00 [ 710.856438][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 710.861754][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 710.867218][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 710.872166][ C0] ? __pfx_rcu_gp_cleanup+0x10/0x10 [ 710.877363][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 710.883180][ C0] rcu_gp_kthread+0x21e/0x320 [ 710.887885][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 710.893086][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 710.898896][ C0] ? __kthread_parkme+0x18c/0x230 [ 710.903927][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 710.909121][ C0] kthread+0x3b3/0x730 [ 710.913190][ C0] ? __pfx_kthread+0x10/0x10 [ 710.917791][ C0] ? ret_from_fork+0x79/0xaf0 [ 710.922607][ C0] ? ret_from_fork+0x79/0xaf0 [ 710.927374][ C0] ? rcu_is_watching+0x12/0xc0 [ 710.932130][ C0] ? __pfx_kthread+0x10/0x10 [ 710.936711][ C0] ret_from_fork+0x754/0xaf0 [ 710.941316][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 710.946573][ C0] ? __switch_to+0x7b9/0x10c0 [ 710.951420][ C0] ? __pfx_kthread+0x10/0x10 [ 710.956437][ C0] ret_from_fork_asm+0x1a/0x30 [ 710.961202][ C0] [ 710.964214][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 710.970521][ C0] CPU: 0 UID: 0 PID: 3408 Comm: kworker/R-bat_e Tainted: G U L syzkaller #0 PREEMPT(full) [ 710.981811][ C0] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 710.986984][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 710.997121][ C0] Workqueue: bat_events batadv_dat_purge [ 711.002746][ C0] RIP: 0010:stack_trace_consume_entry+0xaf/0x170 [ 711.009080][ C0] Code: c0 03 38 d0 7c 08 84 d2 0f 85 98 00 00 00 8b 43 0c 85 c0 75 57 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 80 3c 02 00 <0f> 85 9a 00 00 00 8d 45 01 89 43 10 48 8b 03 48 8d 2c e8 48 b8 00 [ 711.028721][ C0] RSP: 0018:ffffc90000006d58 EFLAGS: 00000246 [ 711.034774][ C0] RAX: dffffc0000000000 RBX: ffffc90000006e38 RCX: ffffc90000006ccc [ 711.042751][ C0] RDX: 1ffff92000000dc7 RSI: ffffffff8a45ee08 RDI: ffffc90000006e44 [ 711.050790][ C0] RBP: 000000000000000f R08: 0000000000000001 R09: 0000000000000007 [ 711.058753][ C0] R10: 0000000000000200 R11: 00000000000950d1 R12: ffffffff81f10c60 [ 711.066758][ C0] R13: ffffc90000006e38 R14: 0000000000000000 R15: ffff888031985b80 [ 711.074819][ C0] FS: 0000000000000000(0000) GS:ffff8881245e3000(0000) knlGS:0000000000000000 [ 711.083735][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 711.090390][ C0] CR2: 00007f901331c451 CR3: 000000002f806000 CR4: 00000000003526f0 [ 711.098363][ C0] Call Trace: [ 711.101672][ C0] [ 711.104505][ C0] ? unwind_get_return_address+0x59/0xa0 [ 711.110132][ C0] arch_stack_walk+0x88/0xf0 [ 711.114718][ C0] ? br_handle_frame+0xa68/0x1510 [ 711.120015][ C0] stack_trace_save+0x8e/0xc0 [ 711.124776][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 711.130138][ C0] ? lock_acquire+0x17c/0x330 [ 711.134824][ C0] kasan_save_stack+0x30/0x50 [ 711.139577][ C0] ? kasan_save_stack+0x30/0x50 [ 711.144409][ C0] ? kasan_save_track+0x14/0x30 [ 711.149242][ C0] ? __kasan_slab_alloc+0x89/0x90 [ 711.154249][ C0] ? kmem_cache_alloc_noprof+0x2ad/0x780 [ 711.159867][ C0] ? skb_ext_add+0xfa/0x7e0 [ 711.164354][ C0] ? br_nf_forward_ip.part.0+0x28/0x820 [ 711.169890][ C0] ? br_nf_forward+0xfe5/0x19f0 [ 711.174730][ C0] ? nf_hook_slow+0xbf/0x220 [ 711.179305][ C0] ? __br_forward+0x2f6/0x970 [ 711.183972][ C0] ? br_flood+0x37f/0x650 [ 711.188311][ C0] ? br_handle_frame_finish+0xf57/0x1f00 [ 711.193932][ C0] ? br_nf_hook_thresh+0x30d/0x420 [ 711.199032][ C0] ? br_nf_pre_routing_finish_ipv6+0x769/0xfb0 [ 711.205176][ C0] ? br_nf_pre_routing_ipv6+0x39c/0x8b0 [ 711.210709][ C0] ? br_nf_pre_routing+0x93b/0x1510 [ 711.215916][ C0] kasan_save_track+0x14/0x30 [ 711.220678][ C0] __kasan_slab_alloc+0x89/0x90 [ 711.225520][ C0] kmem_cache_alloc_noprof+0x2ad/0x780 [ 711.230985][ C0] ? ebt_do_table+0x1ce6/0x2250 [ 711.235903][ C0] ? skb_ext_add+0xfa/0x7e0 [ 711.240393][ C0] ? skb_ext_add+0xfa/0x7e0 [ 711.244877][ C0] skb_ext_add+0xfa/0x7e0 [ 711.249204][ C0] ? find_held_lock+0x2b/0x80 [ 711.253870][ C0] ? net_generic+0xea/0x2a0 [ 711.258363][ C0] br_nf_forward_ip.part.0+0x28/0x820 [ 711.263725][ C0] br_nf_forward+0xfe5/0x19f0 [ 711.268389][ C0] nf_hook_slow+0xbf/0x220 [ 711.272795][ C0] __br_forward+0x2f6/0x970 [ 711.277281][ C0] ? __pfx___br_forward+0x10/0x10 [ 711.282307][ C0] ? __asan_memcpy+0x3c/0x60 [ 711.286883][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 711.292323][ C0] ? __skb_clone+0x570/0x760 [ 711.296989][ C0] br_flood+0x37f/0x650 [ 711.301136][ C0] br_handle_frame_finish+0xf57/0x1f00 [ 711.306581][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 711.312461][ C0] ? __local_bh_enable_ip+0x9e/0x120 [ 711.317732][ C0] ? ip6t_do_table+0xc1d/0x1c90 [ 711.322562][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 711.327705][ C0] ? nf_hook_slow+0x167/0x220 [ 711.332373][ C0] br_nf_hook_thresh+0x30d/0x420 [ 711.337299][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 711.343183][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 711.348632][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 711.354510][ C0] ? __pfx_nf_nat_ipv6_in+0x10/0x10 [ 711.359695][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 711.365577][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 711.371454][ C0] br_nf_pre_routing_finish_ipv6+0x769/0xfb0 [ 711.377422][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 711.383309][ C0] br_nf_pre_routing_ipv6+0x39c/0x8b0 [ 711.388761][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 711.394659][ C0] ? lock_acquire+0x17c/0x330 [ 711.399324][ C0] ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10 [ 711.405815][ C0] ? net_generic+0xea/0x2a0 [ 711.410315][ C0] br_nf_pre_routing+0x93b/0x1510 [ 711.415331][ C0] br_handle_frame+0xa68/0x1510 [ 711.420259][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 711.425567][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 711.431471][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 711.436745][ C0] __netif_receive_skb_core.constprop.0+0x6d7/0x3460 [ 711.443413][ C0] ? kmem_cache_free+0x143/0x720 [ 711.448333][ C0] ? find_held_lock+0x2b/0x80 [ 711.452992][ C0] ? ipv6_chk_mcast_addr+0x2b0/0x9a0 [ 711.458264][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 711.465358][ C0] ? kfree_skbmem+0x19a/0x210 [ 711.470018][ C0] ? kfree_skbmem+0x19f/0x210 [ 711.474769][ C0] ? sk_skb_reason_drop+0x114/0x1b0 [ 711.480043][ C0] ? ip6_mc_input+0x51a/0xf50 [ 711.484762][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 711.489789][ C0] ? __lock_acquire+0x4a5/0x2630 [ 711.494920][ C0] ? process_backlog+0x32a/0x1580 [ 711.500019][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 711.505815][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 711.512218][ C0] ? lock_acquire+0x17c/0x330 [ 711.516884][ C0] ? process_backlog+0x32a/0x1580 [ 711.521899][ C0] ? process_backlog+0x32a/0x1580 [ 711.526915][ C0] __netif_receive_skb+0x1f/0x120 [ 711.531932][ C0] process_backlog+0x37a/0x1580 [ 711.536776][ C0] __napi_poll.constprop.0+0xaf/0x450 [ 711.542139][ C0] net_rx_action+0xa40/0xf20 [ 711.546734][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 711.551835][ C0] ? mark_held_locks+0x40/0x70 [ 711.556673][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 711.561856][ C0] ? tmigr_handle_remote+0x132/0x380 [ 711.567128][ C0] ? run_timer_base+0x121/0x190 [ 711.571961][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 711.577147][ C0] handle_softirqs+0x1ea/0x910 [ 711.581901][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 711.587180][ C0] ? irqtime_account_irq+0x193/0x2e0 [ 711.592474][ C0] ? __batadv_dat_purge.part.0+0x294/0x3c0 [ 711.598262][ C0] ? __pfx_batadv_dat_to_purge+0x10/0x10 [ 711.603903][ C0] do_softirq+0xac/0xe0 [ 711.608054][ C0] [ 711.610969][ C0] [ 711.613914][ C0] __local_bh_enable_ip+0xf8/0x120 [ 711.619023][ C0] __batadv_dat_purge.part.0+0x294/0x3c0 [ 711.624745][ C0] ? process_one_work+0x80b/0x1840 [ 711.629845][ C0] batadv_dat_purge+0x4b/0xa0 [ 711.634538][ C0] process_one_work+0x9c2/0x1840 [ 711.639504][ C0] ? __pfx_process_one_work+0x10/0x10 [ 711.644878][ C0] ? assign_work+0x19c/0x250 [ 711.649454][ C0] rescuer_thread+0x8f1/0xf40 [ 711.654124][ C0] ? rescuer_thread+0x118/0xf40 [ 711.658960][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 711.664144][ C0] ? __kthread_parkme+0x18c/0x230 [ 711.669168][ C0] ? kthread+0x17d/0x730 [ 711.673394][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 711.678578][ C0] kthread+0x3b3/0x730 [ 711.682634][ C0] ? __pfx_kthread+0x10/0x10 [ 711.687218][ C0] ? ret_from_fork+0x79/0xaf0 [ 711.691888][ C0] ? ret_from_fork+0x79/0xaf0 [ 711.696549][ C0] ? rcu_is_watching+0x12/0xc0 [ 711.701310][ C0] ? __pfx_kthread+0x10/0x10 [ 711.705887][ C0] ret_from_fork+0x754/0xaf0 [ 711.710460][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 711.715562][ C0] ? __switch_to+0x7b9/0x10c0 [ 711.720229][ C0] ? __pfx_kthread+0x10/0x10 [ 711.724814][ C0] ret_from_fork_asm+0x1a/0x30 [ 711.729592][ C0] [ 711.734138][ C0] net_ratelimit: 3858 callbacks suppressed [ 711.734154][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.753307][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 711.765743][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 711.779406][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.793337][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.806777][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 711.819297][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 711.832752][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.846193][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.859606][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 716.714425][ C0] net_ratelimit: 3841 callbacks suppressed [ 716.714443][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.733631][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.746987][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 716.759394][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 716.772764][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.786182][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.799678][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 716.812077][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:92:07:5d:6f:1f:02, vlan:0) [ 716.825394][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.838888][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)