last executing test programs: 10m34.330791224s ago: executing program 32 (id=1271): openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) 9m41.170859331s ago: executing program 33 (id=3578): r0 = syz_clone(0x5000400, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(r0, 0x0, 0xc0000000, 0x0) 9m23.28573913s ago: executing program 34 (id=4069): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) pidfd_send_signal$auto(r0, 0x0, 0x0, 0x2) 9m14.39800554s ago: executing program 5 (id=4234): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mtd/mtd0/oobavail\x00', 0x42000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/185, 0xb9) 9m14.298585187s ago: executing program 5 (id=4236): openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x80882, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 9m14.157788124s ago: executing program 5 (id=4240): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/user\x00') ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) 9m14.123747924s ago: executing program 5 (id=4243): socket(0x2a, 0x2, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) 9m14.017641196s ago: executing program 5 (id=4246): rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) keyctl$auto(0x12, 0xf, 0x40000000c6e9, 0x81, 0xa472) 9m13.73770563s ago: executing program 5 (id=4254): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(0x3, 0x80000541b, 0xb551) 9m13.571755602s ago: executing program 35 (id=4254): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(0x3, 0x80000541b, 0xb551) 8m54.013390351s ago: executing program 4 (id=4630): r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x12, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x8) 8m53.873824525s ago: executing program 4 (id=4634): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd14/queue/max_sectors_kb\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/17, 0x11) 8m53.847763961s ago: executing program 4 (id=4638): socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xcc, 0xfffffffffffffffc, 0x3c) 8m52.874213337s ago: executing program 4 (id=4642): r0 = openat$auto_bridges_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/encoder-0/bridges\x00', 0x8200, 0x0) read$auto_bridges_fops_(r0, &(0x7f0000000040)=""/5, 0x5) 8m52.681016829s ago: executing program 4 (id=4647): socket(0xa, 0x3, 0x32) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x0) 8m52.577386701s ago: executing program 4 (id=4653): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video23\x00', 0x4a340, 0x0) ioctl$auto(r0, 0x5646, r0) 8m37.075461347s ago: executing program 36 (id=4653): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video23\x00', 0x4a340, 0x0) ioctl$auto(r0, 0x5646, r0) 5m54.377606775s ago: executing program 7 (id=8300): r0 = socket$nl_generic(0x10, 0x3, 0x10) fsconfig$auto(r0, 0x3, &(0x7f0000000000)='+\x00\xc04\x95\x96XD\x11T\x11\xac@\xb9\'\xa8\x99\xf6\x99\xad\xa2w\xd55\xea|-&\v\xa9\xc5\xb1\xc6\n\xb0{\xe8', &(0x7f0000000280), 0xffffff9c) 5m54.370518929s ago: executing program 7 (id=8301): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0) read$auto_snd_rawmidi_f_ops_rawmidi(r0, 0x0, 0x0) 5m54.265744765s ago: executing program 7 (id=8304): setresgid$auto(0x800, 0xee01, 0xffffffffffffffff) setregid$auto(0xee01, 0x0) 5m54.19553761s ago: executing program 7 (id=8307): openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x1, 0x0) write$auto(0x3, 0x0, 0x81) 5m54.103428227s ago: executing program 7 (id=8309): rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) migrate_pages$auto(0x1, 0x9, 0x0, &(0x7f0000000840)=0x2) 5m53.847873106s ago: executing program 7 (id=8316): r0 = open(&(0x7f0000000000)='./file0\x00', 0x1eb343, 0x100) copy_file_range$auto(r0, 0x0, r0, 0x0, 0x21c1, 0x0) 5m53.666176736s ago: executing program 37 (id=8316): r0 = open(&(0x7f0000000000)='./file0\x00', 0x1eb343, 0x100) copy_file_range$auto(r0, 0x0, r0, 0x0, 0x21c1, 0x0) 5m20.230298995s ago: executing program 9 (id=9235): r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x4e, 0x0, 0x7) 5m20.144035924s ago: executing program 9 (id=9239): r0 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ubifs/chk_orphans\x00', 0x1, 0x0) write$auto(r0, 0x0, 0x215b) 5m20.098255671s ago: executing program 9 (id=9240): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00') setns(r0, 0x0) 5m20.015644439s ago: executing program 9 (id=9243): openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x121040, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) 5m19.937198451s ago: executing program 9 (id=9247): rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) migrate_pages$auto(0x1, 0x9, 0x0, &(0x7f0000000840)=0x2) 5m19.618835477s ago: executing program 9 (id=9262): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) preadv2$auto(0x3, 0x0, 0x0, 0x9f45, 0x1, 0x9) 5m19.507813272s ago: executing program 38 (id=9262): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) preadv2$auto(0x3, 0x0, 0x0, 0x9f45, 0x1, 0x9) 3m35.681712678s ago: executing program 6 (id=12505): r0 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket(0x10, 0x2, 0xf) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, r0, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) 3m35.589271888s ago: executing program 6 (id=12508): mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x271c, 0xfffffffffffffffc, 0x0) 3m35.301401533s ago: executing program 6 (id=12513): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 3m35.221547476s ago: executing program 6 (id=12517): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x8000, 0x0) mmap$auto(0x0, 0x9, 0xa861, 0x8000000008012, 0x1000000004, 0x82000000) 3m35.097849119s ago: executing program 6 (id=12522): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 3m34.717858277s ago: executing program 6 (id=12533): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), r0) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000000)={0x30, r1, 0x21, 0x70bd26, 0x25dfdbfa, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x7fffffff}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x841}, 0x80) 3m34.635776523s ago: executing program 39 (id=12533): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), r0) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000000)={0x30, r1, 0x21, 0x70bd26, 0x25dfdbfa, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x7fffffff}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x841}, 0x80) 3m15.029703708s ago: executing program 0 (id=13023): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_NAPI_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x800) 3m14.91937406s ago: executing program 0 (id=13025): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r1, 0x301, 0x70bd26, 0x25dfdc02}, 0x14}, 0x1, 0x0, 0x0, 0x8810}, 0x0) 3m14.761917286s ago: executing program 0 (id=13027): madvise$auto(0x0, 0x23, 0x18) ioperm$auto(0x3, 0x6, 0x5) fsconfig$auto(0x6, 0x2, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x7fffffffffffffff) 3m14.725725722s ago: executing program 0 (id=13029): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) msgrcv$auto(0x0, 0x0, 0xff9, 0x0, 0xb1) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) 3m14.454254944s ago: executing program 0 (id=13034): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 3m14.163417384s ago: executing program 0 (id=13042): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r0, 0x0, 0x0, &(0x7f0000000100)=&(0x7f00000000c0)='\\\x00', 0x1000) 3m14.033461108s ago: executing program 40 (id=13042): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r0, 0x0, 0x0, &(0x7f0000000100)=&(0x7f00000000c0)='\\\x00', 0x1000) 5.091579241s ago: executing program 8 (id=18242): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) 4.782453666s ago: executing program 8 (id=18252): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa1\x00', 0x1, 0x0) write$auto_vcs_fops_vc_screen(r0, &(0x7f00000001c0)="080a0000fe", 0x5) write$auto(0x3, 0x0, 0x100082) 4.747664574s ago: executing program 8 (id=18254): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) semctl$auto(0x3, 0x2, 0x13, 0x9) ioctl$auto(0x3, 0x1277, 0x8) 4.701069313s ago: executing program 8 (id=18256): r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/trigger\x00', 0x40, 0x0) r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r1, &(0x7f0000008d40)='($}-)#@\x00', 0x40) close_range$auto(r0, r0, 0x0) 4.643444941s ago: executing program 8 (id=18259): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 4.17376442s ago: executing program 8 (id=18271): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) 4.049200655s ago: executing program 41 (id=18271): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) 1.343017299s ago: executing program 3 (id=18340): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents64$auto(0x0, 0x0, 0x18) 1.310944116s ago: executing program 2 (id=18341): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/sctp/assocs\x00', 0x88000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)=""/103, 0x67) 1.196386563s ago: executing program 2 (id=18342): r0 = socket(0x11, 0x80003, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) setsockopt$auto(r0, 0x107, 0xd, 0x0, 0x8000) 1.185442788s ago: executing program 3 (id=18343): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC2\x00', 0x100c02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000000080)={0x3, 0xdc, 0x1c2, @inferred, &(0x7f0000000040)={@inferred, 0x5, 0x40, 0x6, "f047ca2bbae7143de26ee16cfd8ee9ce762787cb69aad5440d3b6feb7910381d2223127067e76148f2f36966"}, "9d4f8ef3f785aae5a5ff69c61ed549546c1eadce39439cb9f7fe26fe87659c9dd52e80eb5a7b5bdce62f726f940b383b8d24"}) fcntl$auto(0x3, 0x400, 0x1) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000480), 0x250100, 0x0) 1.104905154s ago: executing program 3 (id=18345): unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) umount2$auto(&(0x7f0000000100)='.\x00\x8a\xca\x0f\x8a\x89\xcb\x02/\x1cWm\x8dr\xef\x12\x1bY\x02\x95\x9e\x02=\xc7\f\xe7\xfc\xef\xa2\xe8\xbdE\n[\xf9\xeb/7P&\xd3\xbd\a\x8d\v\x96\xbd\x90\xc8\xeb\xbbd\xa5\v\xae\xf9n\x91\x85b\xebm\xf9\x81e\xea$\xcb\xcdy\xe6\xf0\x1a\xdcka\x16r\xa5\xa6\n0\x16\xe3\xa7\xc6i\x16G\x87CI\x81t\xd0Gq<\xe6\xb9\x94\xe3{\xae\x0e\x01[\xa9\xbd', 0x4) 1.097654959s ago: executing program 2 (id=18346): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000640)='/dev/ptyv4\x00', 0x20500, 0x0) ioctl$auto_TIOCGDEV2(r0, 0x540f, 0x0) 1.026510837s ago: executing program 2 (id=18347): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) uname$auto(0x0) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x4606, 0x0) 1.025957461s ago: executing program 3 (id=18348): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0xb, 0x6, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x80000005) rt_sigsuspend$auto(0x0, 0x8) 1.018257684s ago: executing program 1 (id=18354): r0 = socket$nl_generic(0x10, 0x3, 0x10) setreuid$auto(0x3, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=0x29d, 0x7, @old_map_fd=0x3ff}, 0xa3) 937.949577ms ago: executing program 2 (id=18349): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) read$auto(0x3, 0x0, 0x7) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 925.197952ms ago: executing program 1 (id=18350): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) ioctl$auto(0x3, 0x8912, 0x46) 896.700752ms ago: executing program 3 (id=18351): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001300)={'veth0_to_bond\x00', 0x0}) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000100)={0x28, r2, 0x1, 0x70bd2a, 0x25dfdc00, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4865}, 0x0) 501.433066ms ago: executing program 1 (id=18352): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x28, r1, 0x301, 0x70bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_NAME={0x9, 0x2, 'vdpa\x00'}, @CTRL_ATTR_OP={0x8, 0xa, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r0) 492.890063ms ago: executing program 3 (id=18353): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(r0, 0x40025504, 0xea3) 435.729712ms ago: executing program 1 (id=18355): r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0xc008af12, 0x38) 237.75726ms ago: executing program 1 (id=18356): r0 = socket(0x2, 0x80002, 0x73) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, r0, 0x7ff, 0x6, 0x0, 0x100000b, 0x5f, 0x2}, 0x10) bpf$auto(0x1b, &(0x7f0000000380)=@task_fd_query={r1, 0xffffffffffffffff, 0x2, 0x5, 0x4, 0x8, r2, 0x8}, 0x92) 82.854µs ago: executing program 2 (id=18357): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/task_delayacct\x00', 0x2000, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) acct$auto(&(0x7f0000000040)='\x00') acct$auto(0x0) 0s ago: executing program 1 (id=18358): statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto(r0, 0xaf02, r0) kernel console output (not intermixed with test programs): ntally: false [ 182.762486][T15199] vivid-004: Sensor Flipped Vertically: false [ 182.777343][T15199] vivid-004: Insert SAV Code in Image: false [ 182.793118][T15199] vivid-004: Insert EAV Code in Image: false [ 182.808454][T15199] vivid-004: Insert Video Guard Band: false [ 182.823063][T15199] vivid-004: Reduced Framerate: false [ 182.839549][T15199] vivid-004: HDMI 004-0 Is Connected To: Test Pattern Generator [ 182.858698][T15199] vivid-004: S-Video 004-0 Is Connected To: Test Pattern Generator [ 182.875883][T15199] vivid-004: Enable Capture Cropping: true [ 182.892607][T15199] vivid-004: Enable Capture Composing: true [ 182.905155][T15199] vivid-004: Enable Capture Scaler: true [ 182.918842][T15199] vivid-004: Timestamp Source: End of Frame [ 182.933712][T15199] vivid-004: Colorspace: sRGB [ 182.943756][T15199] vivid-004: Transfer Function: Default [ 182.961410][T15199] vivid-004: Y'CbCr Encoding: Default [ 182.966865][T15199] vivid-004: HSV Encoding: Hue 0-179 [ 182.992405][T15199] vivid-004: Quantization: Default [ 183.003359][T15199] vivid-004: Apply Alpha To Red Only: false [ 183.018238][T15199] vivid-004: Standard Aspect Ratio: 4x3 [ 183.032018][T15199] vivid-004: DV Timings Signal Mode: Current DV Timings inactive [ 183.057924][T15199] vivid-004: DV Timings: 640x480p59 inactive [ 183.074204][T15199] vivid-004: DV Timings Aspect Ratio: Source Width x Height [ 183.092757][T15199] vivid-004: Maximum EDID Blocks: 2 [ 183.105661][T15199] vivid-004: Limited RGB Range (16-235): false [ 183.121256][T15199] vivid-004: Rx RGB Quantization Range: Automatic [ 183.144695][T15199] vivid-004: Power Present: 0x00000001 [ 183.157067][T15199] tpg source WxH: 640x360 (Y'CbCr) [ 183.172091][T15199] tpg field: 1 [ 183.182014][T15199] tpg crop: 640x360@0x0 [ 183.191272][T15199] tpg compose: 640x360@0x0 [ 183.195765][T15199] tpg colorspace: 8 [ 183.213019][T15199] tpg transfer function: 0/0 [ 183.217665][T15199] tpg Y'CbCr encoding: 0/0 [ 183.236347][T15199] tpg quantization: 0/0 [ 183.246610][T15199] tpg RGB range: 0/2 [ 183.256040][T15199] vivid-004: ================== END STATUS ================== [ 183.357756][ T5957] Bluetooth: hci1: command 0x0419 tx timeout [ 184.005159][ T1333] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.068149][ T1333] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.148155][ T1333] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.216451][T15201] kexec: Could not allocate control_code_buffer [ 184.249606][T15201] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15201 comm: syz.4.4219) [ 184.299469][ T1333] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.349523][T15284] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15284 comm: syz.4.4260) [ 184.463393][ T1333] bridge_slave_1: left allmulticast mode [ 184.469087][ T1333] bridge_slave_1: left promiscuous mode [ 184.482674][ T1333] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.491671][T15290] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15290 comm: syz.4.4263) [ 184.510322][ T1333] bridge_slave_0: left allmulticast mode [ 184.531257][ T1333] bridge_slave_0: left promiscuous mode [ 184.538848][ T5920] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 184.547702][ T5920] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 184.555253][ T5920] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 184.563504][ T5920] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 184.572716][ T1333] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.584988][ T5920] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 184.592299][ T5920] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 184.612887][T15300] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15300 comm: syz.4.4267) [ 184.695431][T15307] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15307 comm: syz.4.4270) [ 184.753992][T15313] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15313 comm: syz.4.4273) [ 184.865940][T15318] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15318 comm: syz.4.4276) [ 184.896170][ T1333] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 184.931524][ T1333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 184.947656][ T1333] bond0 (unregistering): Released all slaves [ 185.010094][T15327] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 15327 comm: syz.4.4280) [ 185.279857][T15296] chnl_net:caif_netlink_parms(): no params data found [ 185.417610][ T5920] Bluetooth: hci1: command 0x0419 tx timeout [ 185.620671][T15296] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.635389][T15296] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.645925][T15296] bridge_slave_0: entered allmulticast mode [ 185.652639][T15296] bridge_slave_0: entered promiscuous mode [ 185.683345][ T1333] hsr_slave_0: left promiscuous mode [ 185.689452][ T1333] hsr_slave_1: left promiscuous mode [ 185.698000][ T1333] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 185.712709][T15383] Process accounting paused [ 185.715081][ T1333] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 185.739175][ T1333] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 185.746733][ T1333] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 185.768516][ T1333] veth1_macvtap: left promiscuous mode [ 185.775208][ T1333] veth0_macvtap: left promiscuous mode [ 185.780808][ T1333] veth1_vlan: left promiscuous mode [ 185.797694][ T1333] veth0_vlan: left promiscuous mode [ 186.108085][ T1333] team0 (unregistering): Port device team_slave_1 removed [ 186.153841][ T1333] team0 (unregistering): Port device team_slave_0 removed [ 186.366598][T15296] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.455929][T15296] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.469932][T15296] bridge_slave_1: entered allmulticast mode [ 186.478370][T15296] bridge_slave_1: entered promiscuous mode [ 186.540633][T15296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.552807][T15296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.595944][T15296] team0: Port device team_slave_0 added [ 186.612901][T15296] team0: Port device team_slave_1 added [ 186.634135][T15296] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.634153][T15296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.634181][T15296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.635158][T15296] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.635172][T15296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.635198][T15296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.675672][ C1] vkms_vblank_simulate: vblank timer overrun [ 186.702247][ T5920] Bluetooth: hci2: command tx timeout [ 186.710706][T15296] hsr_slave_0: entered promiscuous mode [ 186.711299][T15296] hsr_slave_1: entered promiscuous mode [ 186.711667][T15296] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 186.711683][T15296] Cannot create hsr debugfs directory [ 186.884181][T15296] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 186.903691][T15296] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 186.916063][T15296] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 186.925120][T15296] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 187.040707][T15296] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.077241][T15296] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.100424][ T1333] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.107576][ T1333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.139374][ T1333] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.146498][ T1333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.372946][T15296] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.486435][ T5920] Bluetooth: hci1: command 0x0419 tx timeout [ 187.643921][T15480] binder: binder_mmap: 15476 0-1000 bad vm_flags failed -1 [ 187.703790][T15296] veth0_vlan: entered promiscuous mode [ 187.721504][T15296] veth1_vlan: entered promiscuous mode [ 187.767546][T15296] veth0_macvtap: entered promiscuous mode [ 187.779276][T15296] veth1_macvtap: entered promiscuous mode [ 187.792142][T15296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.808527][T15296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.855728][T15296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.876787][T15296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.897753][T15296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.923722][T15296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.938723][T15296] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.952600][T15296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.987704][T15296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.998864][T15296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.010881][T15296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.045570][T15296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.081646][T15296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.096320][T15296] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.115740][T15296] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.138474][T15296] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.157942][T15296] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.171954][T15296] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.255935][ T1333] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.283911][ T1333] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.318934][ T1333] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.338152][ T1333] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.759668][ T5920] Bluetooth: hci2: command tx timeout [ 189.677678][T15600] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma? [ 190.126202][T15636] block mtdblock0: the capability attribute has been deprecated. [ 190.828855][ T5920] Bluetooth: hci2: command tx timeout [ 190.908123][T15694] ptrace attach of "./syz-executor exec"[15296] was attempted by "./syz-executor exec"[15694] rameter 'nfsd' [ 318.470525][T18982] : Can't lookup blockdev [ 318.869851][T18999] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5696'. [ 321.331968][T19209] < [ 321.606054][T19230] delete_channel: no stack [ 322.812567][T19349] WARNING! power/level is deprecated; use power/control instead [ 323.890101][T19440] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5912'. [ 325.295704][T19571] process 'syz.3.5978' launched '/dev/fd/3' with NULL argv: empty string added [ 325.529646][T19591] : Can't lookup blockdev [ 327.074021][T19703] bond0: option packets_per_slave: invalid value ( Xnp) [ 327.094763][T19703] bond0: option packets_per_slave: allowed values 0 - 65535 [ 329.336841][T19914] ubi13: attaching mtd0 [ 329.348690][T19914] ubi13 error: ubi_attach_mtd_dev: bad VID header (131085) or data offsets (131149) [ 330.274378][T20003] binder: 20002:20003 ioctl 541b 9 returned -22 [ 330.947127][T20070] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 330.973232][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.016356][T20070] CIFS mount error: No usable UNC path provided in device string! [ 331.016356][T20070] [ 331.033776][T20070] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 333.548547][T20318] ecryptfs_miscdev_write: Error while inspecting packet size [ 333.631447][T20327] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 334.152540][T20374] ecryptfs_parse_packet_length: Error parsing packet length [ 334.160788][T20374] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 334.270380][T20384] CIFS mount error: No usable UNC path provided in device string! [ 334.270380][T20384] [ 334.280898][T20384] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 334.742945][T20429] bond0: option packets_per_slave: invalid value ( Xnp) [ 334.752044][T20429] bond0: option packets_per_slave: allowed values 0 - 65535 [ 336.065554][T20559] Process accounting resumed [ 336.742470][T20627] block nbd12: NBD_DISCONNECT [ 336.810763][T20635] __vm_enough_memory: pid: 20635, comm: syz.7.6502, bytes: 4503599627366400 not enough memory for the allocation [ 338.069156][T20736] delete_channel: no stack [ 338.147657][T20745] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6555'. [ 338.385898][T20769] < [ 338.442538][T20767] syz_tun: tun_chr_ioctl cmd 35111 [ 340.980821][T20994] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 342.240287][T21115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6739'. [ 343.425554][T21230] CIFS mount error: No usable UNC path provided in device string! [ 343.425554][T21230] [ 343.446871][T21230] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 344.313000][T21320] QAT: failed to copy from user cfg_data. [ 344.551866][T21341] program syz.8.6853 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 344.569799][T21341] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 346.307702][T21509] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 346.694957][ T29] audit: type=1800 audit(4294967458.641:42): pid=21549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.6953" name="dbroot" dev="configfs" ino=57621 res=0 errno=0 [ 346.717728][ T29] audit: type=1804 audit(4294967458.641:43): pid=21549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.6953" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=57621 res=1 errno=0 [ 347.315556][T21608] kAFS: No cell specified [ 347.708680][T21647] scsi_strcpy_devinfo: vendor string ';/&c' is too long [ 348.085322][T21687] mmap: syz.3.7023 (21687): VmData 37396480 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 348.972215][ T5920] Bluetooth: hci4: command 0x0406 tx timeout [ 349.194252][T21795] gspca_gl860.sensor: string doesn't fit in 6 chars. [ 349.756886][T21850] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 350.147728][T21889] syz.7.7118 (21889): attempted to duplicate a private mapping with mremap. This is not supported. [ 352.428397][T22105] zram: Added device: zram1 [ 353.285732][T22177] __vm_enough_memory: pid: 22177, comm: syz.3.7263, bytes: 4503599627366400 not enough memory for the allocation [ 353.818648][T22224] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 354.573608][T22281] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7323'. [ 354.671751][T22290] QAT: failed to copy from user cfg_data. [ 355.187519][T22338] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7343'. [ 355.590102][T22351] sg_write: data in/out 2059/169 bytes for SCSI command 0x57-- guessing data in; [ 355.590102][T22351] program syz.8.7348 not setting count and/or reply_len properly [ 355.719272][T22360] program syz.3.7354 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 355.729618][T22360] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 356.638701][T22453] Process accounting resumed [ 357.147417][T22502] CIFS mount error: No usable UNC path provided in device string! [ 357.147417][T22502] [ 357.151249][T22503] ecryptfs_parse_packet_length: Error parsing packet length [ 357.163483][T22502] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 357.168427][T22503] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 357.940795][T22567] CIFS mount error: No usable UNC path provided in device string! [ 357.940795][T22567] [ 357.951068][T22567] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 358.372792][T22611] binder: 22608:22611 ioctl 541b 9 returned -22 [ 358.504976][T22625] ubi13: attaching mtd0 [ 358.510930][T22625] ubi13 error: ubi_attach_mtd_dev: bad VID header (131085) or data offsets (131149) [ 359.676400][T22736] scsi_strcpy_devinfo: vendor string ';/&c' is too long [ 359.769808][ T29] audit: type=1800 audit(4294967471.779:44): pid=22747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.7540" name="dbroot" dev="configfs" ino=61351 res=0 errno=0 [ 359.798858][ T29] audit: type=1804 audit(4294967471.809:45): pid=22747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.7540" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=61351 res=1 errno=0 [ 363.465117][T23003] zram: Added device: zram2 [ 363.756959][T23026] zram: Added device: zram3 [ 365.666635][T23147] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 366.098979][T23181] : Can't lookup blockdev [ 366.175169][T23186] ima: policy update failed [ 366.183846][ T29] audit: type=1807 audit(4294967478.222:46): UNKNOWN=$%=Hw#_>j res=0 [ 366.213625][ T29] audit: type=1802 audit(4294967478.222:47): pid=23188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.8.7755" res=0 errno=0 [ 366.244351][ T29] audit: type=1802 audit(4294967478.252:48): pid=23186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.8.7755" res=0 errno=0 [ 367.571695][ T29] audit: type=1800 audit(4294967479.629:49): pid=23289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.7804" name="dbroot" dev="configfs" ino=63087 res=0 errno=0 [ 367.600443][T23289] db_root: cannot open: [ 370.382069][T23409] Process accounting resumed [ 370.387027][T23409] kstrtoul() returned -22 for lu_gp_id [ 370.676783][T23432] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7871'. [ 371.158078][T23472] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7890'. [ 372.366083][T23557] sg_write: data in/out 2059/169 bytes for SCSI command 0x57-- guessing data in; [ 372.366083][T23557] program syz.3.7932 not setting count and/or reply_len properly [ 375.651614][T23860] QAT: failed to copy from user cfg_data. [ 376.014295][T23894] Process accounting resumed [ 376.712442][T23965] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8129'. [ 378.114288][T24011] scsi_dev_info_list_add_str: bad dev info string ';/&c $3' '' '' [ 378.783145][T24053] ima: policy update failed [ 378.783213][ T29] audit: type=1807 audit(4294967490.898:50): UNKNOWN=$%=Hw#_>j res=0 [ 378.797150][ T29] audit: type=1802 audit(4294967490.898:51): pid=24054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.6.8173" res=0 errno=0 [ 378.843298][ T29] audit: type=1802 audit(4294967490.898:52): pid=24053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.8173" res=0 errno=0 [ 380.661035][T24132] binder: 24128:24132 ioctl c00c6211 9 returned -14 [ 380.698399][T24137] Process accounting resumed [ 380.710649][T24137] kstrtoul() returned -22 for lu_gp_id [ 380.756058][T24143] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8213'. [ 381.041204][T24159] db_root: cannot open: [ 381.050613][ T29] audit: type=1800 audit(4294967493.159:53): pid=24159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.8222" name="dbroot" dev="configfs" ino=65368 res=0 errno=0 [ 381.283778][T24169] binder: 24168:24169 ioctl c0306201 9 returned -14 [ 382.468912][ T29] audit: type=1807 audit(4294967494.597:54): UNKNOWN=$ res=0 [ 382.491961][T24242] ima: policy update failed [ 382.493449][ T29] audit: type=1802 audit(4294967494.617:55): pid=24243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.6.8264" res=0 errno=0 [ 382.520769][ T29] audit: type=1802 audit(4294967494.627:56): pid=24242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.8264" res=0 errno=0 [ 383.651542][T24336] Process accounting resumed [ 383.893697][ T12] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.967850][ T12] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 384.060421][ T12] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 384.189157][ T12] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 384.249442][ T5920] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 384.257669][ T5920] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 384.267870][ T5920] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 384.275960][ T5920] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 384.283683][ T5920] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 384.290918][ T5920] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 384.412417][ T12] bridge_slave_1: left allmulticast mode [ 384.448721][ T12] bridge_slave_1: left promiscuous mode [ 384.456816][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 384.477059][ T12] bridge_slave_0: left allmulticast mode [ 384.482834][ T12] bridge_slave_0: left promiscuous mode [ 384.488470][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 384.595882][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 384.605881][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 384.616067][ T12] bond0 (unregistering): Released all slaves [ 384.690699][T24363] chnl_net:caif_netlink_parms(): no params data found [ 384.786482][T24363] bridge0: port 1(bridge_slave_0) entered blocking state [ 384.795023][T24363] bridge0: port 1(bridge_slave_0) entered disabled state [ 384.806488][T24363] bridge_slave_0: entered allmulticast mode [ 384.817816][T24363] bridge_slave_0: entered promiscuous mode [ 384.835562][ T12] hsr_slave_0: left promiscuous mode [ 384.842692][ T12] hsr_slave_1: left promiscuous mode [ 384.848690][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 384.859566][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 384.867976][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 384.876124][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 384.886474][ T12] veth1_macvtap: left promiscuous mode [ 384.892145][ T12] veth0_macvtap: left promiscuous mode [ 384.897725][ T12] veth1_vlan: left promiscuous mode [ 384.903755][ T12] veth0_vlan: left promiscuous mode [ 384.986056][ T12] team0 (unregistering): Port device team_slave_1 removed [ 385.001433][ T12] team0 (unregistering): Port device team_slave_0 removed [ 385.041797][T24363] bridge0: port 2(bridge_slave_1) entered blocking state [ 385.048957][T24363] bridge0: port 2(bridge_slave_1) entered disabled state [ 385.056084][T24363] bridge_slave_1: entered allmulticast mode [ 385.063668][T24363] bridge_slave_1: entered promiscuous mode [ 385.100262][T24363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 385.111201][T24363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 385.132779][T24363] team0: Port device team_slave_0 added [ 385.141291][T24363] team0: Port device team_slave_1 added [ 385.157171][T24363] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 385.164374][T24363] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 385.190767][T24363] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 385.202566][T24363] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 385.209627][T24363] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 385.235605][T24363] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 385.270041][T24363] hsr_slave_0: entered promiscuous mode [ 385.276346][T24363] hsr_slave_1: entered promiscuous mode [ 385.396099][T24363] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 385.405141][T24363] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 385.414811][T24363] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 385.428413][T24363] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 385.446632][T24363] bridge0: port 2(bridge_slave_1) entered blocking state [ 385.453781][T24363] bridge0: port 2(bridge_slave_1) entered forwarding state [ 385.461221][T24363] bridge0: port 1(bridge_slave_0) entered blocking state [ 385.468361][T24363] bridge0: port 1(bridge_slave_0) entered forwarding state [ 385.509904][T24363] 8021q: adding VLAN 0 to HW filter on device bond0 [ 385.521251][ T1335] bridge0: port 1(bridge_slave_0) entered disabled state [ 385.531048][ T1335] bridge0: port 2(bridge_slave_1) entered disabled state [ 385.545619][T24363] 8021q: adding VLAN 0 to HW filter on device team0 [ 385.558772][ T1333] bridge0: port 1(bridge_slave_0) entered blocking state [ 385.565884][ T1333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 385.583879][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 385.591023][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 385.721611][T24363] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 385.879082][T24363] veth0_vlan: entered promiscuous mode [ 385.888484][T24363] veth1_vlan: entered promiscuous mode [ 385.915734][T24363] veth0_macvtap: entered promiscuous mode [ 385.924035][T24363] veth1_macvtap: entered promiscuous mode [ 385.938695][T24363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.949632][T24363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.960622][T24363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.971285][T24363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.982055][T24363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.992833][T24363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.003732][T24363] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 386.016253][T24363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.026814][T24363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.037029][T24363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.047683][T24363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.057525][T24363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.068185][T24363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.079263][T24363] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 386.090312][T24363] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.099276][T24363] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.108622][T24363] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.117655][T24363] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.160431][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.172933][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.194779][ T3022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.202695][ T3022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.372273][ T5920] Bluetooth: hci0: command tx timeout [ 388.441482][ T5920] Bluetooth: hci0: command tx timeout [ 389.157829][T24628] ima: Unable to open file: /sys/kerne߳security/integrity/ima/policy (-2) [ 389.158019][T24626] ima: policy update failed [ 389.268354][ T29] audit: type=1802 audit(4294967501.432:57): pid=24626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.9.8393" res=0 errno=0 [ 390.520534][ T5920] Bluetooth: hci0: command tx timeout [ 391.181729][T24748] aoe: invalid device specification [ 391.654194][T24768] warning: `syz.8.8447' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 392.590205][ T5920] Bluetooth: hci0: command tx timeout [ 394.567380][T24851] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8488'. [ 394.751876][ T29] audit: type=1800 audit(4294967506.951:58): pid=24864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.8493" name="dbroot" dev="configfs" ino=68532 res=0 errno=0 [ 394.782067][ T29] audit: type=1804 audit(4294967506.981:59): pid=24864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.8493" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=68532 res=1 errno=0 [ 394.805107][ C0] vkms_vblank_simulate: vblank timer overrun [ 394.872525][T24870] kAFS: No cell specified [ 395.410979][ T29] audit: type=1807 audit(4294967507.614:60): UNKNOWN=$%=Hw#_>j res=0 [ 395.415373][T24924] ima: policy update failed [ 395.436932][ T29] audit: type=1802 audit(4294967507.614:61): pid=24925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.9.8521" res=0 errno=0 [ 395.477979][ T29] audit: type=1802 audit(4294967507.624:62): pid=24924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.9.8521" res=0 errno=0 [ 395.685038][T24950] Format for deleting device is "id" (uint). [ 396.147347][T24997] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 396.507061][T25028] scsi_dev_info_list_add_str: bad dev info string ';/&c $3' '' '' [ 397.352342][ T29] audit: type=1800 audit(4294967509.564:63): pid=25105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.8606" name="dbroot" dev="configfs" ino=69915 res=0 errno=0 [ 397.356659][T25105] db_root: cannot open: [ 397.372526][ C0] vkms_vblank_simulate: vblank timer overrun [ 397.848810][ T29] audit: type=1400 audit(4294967510.057:64): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=25130 comm="syz.3.8614" [ 399.079865][T25221] binder: 25220:25221 ioctl c0306201 9 returned -14 [ 399.486338][T25245] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8669'. [ 399.538456][T25249] snd_aloop snd_aloop.0: control 16781581:65540:6:'x?F/zF˷fC:51903 is already present [ 400.927883][T25346] QAT: Invalid ioctl 21531 [ 401.414162][T25379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8714'. [ 401.968110][T25416] program syz.9.8725 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 402.022183][T25416] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 402.743927][T25481] Process accounting resumed [ 403.142863][T25509] ima: policy update failed [ 403.144048][ T29] audit: type=1807 audit(4294967515.384:65): UNKNOWN=$ res=0 [ 403.173390][ T29] audit: type=1802 audit(4294967515.384:66): pid=25511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.8755" res=0 errno=0 [ 403.239221][ T29] audit: type=1802 audit(4294967515.415:67): pid=25509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.8755" res=0 errno=0 [ 404.152750][T25596] cougar: G6 mapped to space [ 408.470661][T25845] QAT: failed to copy from user cfg_data. [ 408.815754][ T29] audit: type=1806 audit(4294967521.074:68): xattr="." res=0 [ 409.753240][T25919] aoe: invalid device specification [ 410.499156][T25970] vivid-002: ================= START STATUS ================= [ 410.529485][T25973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8968'. [ 410.536383][T25970] vivid-002: RDS Tx I/O Mode: Controls [ 410.543882][T25970] vivid-002: RDS Program ID: 32904 [ 410.561699][T25970] vivid-002: RDS Program Type: 3 [ 410.566984][T25970] vivid-002: RDS PS Name: VIVID-TX [ 410.572351][T25970] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 410.582780][T25970] vivid-002: RDS Stereo: true [ 410.587597][T25970] vivid-002: RDS Artificial Head: false [ 410.593267][T25970] vivid-002: RDS Compressed: false [ 410.598728][T25970] vivid-002: RDS Dynamic PTY: false [ 410.604256][T25970] vivid-002: RDS Traffic Announcement: false [ 410.610693][T25970] vivid-002: RDS Traffic Program: true [ 410.616512][T25970] vivid-002: RDS Music: true [ 410.621195][T25970] vivid-002: ================== END STATUS ================== [ 411.821137][T26085] syz_tun: tun_chr_ioctl cmd 1074025692 [ 413.760606][T26218] snd_aloop snd_aloop.0: control 16781581:65540:6:'x?F/zF˷fC:51903 is already present [ 414.335828][T26258] ecryptfs_parse_packet_length: Five-byte packet length not supported [ 414.344253][T26258] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 415.487283][ T29] audit: type=1400 audit(4294967527.789:69): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=26349 comm="syz.8.9155" [ 416.332990][T26415] [U] LnÈb*'F [ 416.622771][ T29] audit: type=1807 audit(4294967528.934:70): UNKNOWN=$ res=0 [ 416.632719][T26434] ima: policy update failed [ 416.650835][ T29] audit: type=1802 audit(4294967528.934:71): pid=26435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.9.9197" res=0 errno=0 [ 416.704673][ T29] audit: type=1802 audit(4294967528.955:72): pid=26434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.9.9197" res=0 errno=0 [ 418.172385][ T62] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.247032][ T62] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.302902][ T62] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.407920][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 418.415896][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 418.423933][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 418.431619][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 418.439091][ T5952] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 418.446389][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 418.478294][ T62] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.781755][T26575] chnl_net:caif_netlink_parms(): no params data found [ 418.864553][ T62] bridge_slave_1: left allmulticast mode [ 418.870529][ T62] bridge_slave_1: left promiscuous mode [ 418.878734][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 418.901049][ T62] bridge_slave_0: left allmulticast mode [ 418.914135][ T62] bridge_slave_0: left promiscuous mode [ 418.919844][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 419.058944][T26632] Ignoring unsupported numa_zonelist_order value: [ 419.058944][T26632] [ 419.232288][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 419.291243][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 419.342951][ T62] bond0 (unregistering): Released all slaves [ 419.501357][T26676] cougar: G6 mapped to space [ 419.620952][T26575] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.628066][T26575] bridge0: port 1(bridge_slave_0) entered disabled state [ 419.648822][T26575] bridge_slave_0: entered allmulticast mode [ 419.656386][T26575] bridge_slave_0: entered promiscuous mode [ 419.680547][T26575] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.691188][T26575] bridge0: port 2(bridge_slave_1) entered disabled state [ 419.701542][T26575] bridge_slave_1: entered allmulticast mode [ 419.708298][T26575] bridge_slave_1: entered promiscuous mode [ 419.875898][T26575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 419.890988][T26575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 419.949064][ T62] hsr_slave_0: left promiscuous mode [ 419.965205][ T62] hsr_slave_1: left promiscuous mode [ 419.974247][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 420.002514][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 420.025267][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 420.033637][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 420.061510][ T62] veth1_macvtap: left promiscuous mode [ 420.070724][ T62] veth0_macvtap: left promiscuous mode [ 420.076291][ T62] veth1_vlan: left promiscuous mode [ 420.085635][ T62] veth0_vlan: left promiscuous mode [ 420.400439][ T62] team0 (unregistering): Port device team_slave_1 removed [ 420.427507][ T62] team0 (unregistering): Port device team_slave_0 removed [ 420.529359][ T5952] Bluetooth: hci0: command tx timeout [ 420.701954][ T29] audit: type=1800 audit(4294967533.016:73): pid=26747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.9341" name="discovery_nqn" dev="configfs" ino=73526 res=0 errno=0 [ 420.795603][T26575] team0: Port device team_slave_0 added [ 420.808832][T26575] team0: Port device team_slave_1 added [ 420.910779][T26575] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 420.929965][T26575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 421.017237][T26575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 421.030779][T26575] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 421.039487][T26575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 421.104841][T26575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 421.206422][T26575] hsr_slave_0: entered promiscuous mode [ 421.227027][T26786] misc userio: Invalid payload size [ 421.228614][T26575] hsr_slave_1: entered promiscuous mode [ 422.040934][T26575] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 422.085321][T26575] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 422.094385][T26575] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 422.137025][T26575] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 422.283178][T26575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 422.314567][T26575] 8021q: adding VLAN 0 to HW filter on device team0 [ 422.332991][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.340142][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 422.356975][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.364082][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 422.491322][T26575] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 422.527314][T26575] veth0_vlan: entered promiscuous mode [ 422.540320][T26575] veth1_vlan: entered promiscuous mode [ 422.563338][T26575] veth0_macvtap: entered promiscuous mode [ 422.577114][T26575] veth1_macvtap: entered promiscuous mode [ 422.584939][ T5952] Bluetooth: hci0: command tx timeout [ 422.598249][T26575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.609261][T26575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.621989][T26575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.632763][T26575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.642859][T26575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.655163][T26575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.665964][T26575] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 422.687320][T26575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.698076][T26575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.708259][T26575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.718960][T26575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.728926][T26575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.739400][T26575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.750362][T26575] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 422.759885][T26575] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.768839][T26575] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.778130][T26575] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.787376][T26575] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.828582][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 422.840037][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 422.861608][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 422.870657][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.667695][ T5952] Bluetooth: hci0: command tx timeout [ 424.818769][T27056] i2c i2c-0: delete_device: Can't parse I2C address syzkaller syzkaller login: [ 426.722655][ T5952] Bluetooth: hci0: command tx timeout [ 427.656399][T27283] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9518'. [ 428.216937][T27335] delete_channel: no stack [ 429.553935][T27455] ecryptfs_parse_packet_length: Five-byte packet length not supported [ 429.569275][T27455] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 429.731390][ T29] audit: type=1800 audit(4294967542.113:74): pid=27473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.9587" name="discovery_nqn" dev="configfs" ino=75649 res=0 errno=0 [ 429.939637][ T29] audit: type=1800 audit(4294967542.324:75): pid=27491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.9593" name="features" dev="configfs" ino=76682 res=0 errno=0 [ 429.959988][ C1] vkms_vblank_simulate: vblank timer overrun [ 433.519203][T27804] dlm: non-version read from control device 2147479552 [ 436.649073][T28058] misc userio: Invalid payload size [ 438.584193][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 438.590708][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.114292][T28304] dlm: non-version read from control device 0 [ 441.542110][T28438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9935'. [ 442.674122][T28542] delete_channel: no stack [ 443.456959][T28622] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 443.719162][T28645] syz_tun: tun_chr_ioctl cmd 2147767517 [ 444.579732][T28708] vivid-002: ================= START STATUS ================= [ 444.587535][T28708] vivid-002: RDS Tx I/O Mode: Controls [ 444.593102][T28708] vivid-002: RDS Program ID: 32904 [ 444.598319][T28708] vivid-002: RDS Program Type: 3 [ 444.603535][T28708] vivid-002: RDS PS Name: VIVID-TX [ 444.608864][T28708] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 444.619407][T28708] vivid-002: RDS Stereo: true [ 444.624131][T28708] vivid-002: RDS Artificial Head: false [ 444.629955][T28708] vivid-002: RDS Compressed: false [ 444.636603][T28708] vivid-002: RDS Dynamic PTY: false [ 444.641960][T28708] vivid-002: RDS Traffic Announcement: false [ 444.648034][T28708] vivid-002: RDS Traffic Program: true [ 444.653659][T28708] vivid-002: RDS Music: true [ 444.658426][T28708] vivid-002: ================== END STATUS ================== [ 444.712811][ T29] audit: type=1800 audit(4294967557.171:76): pid=28716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.10071" name="discovery_nqn" dev="configfs" ino=80316 res=0 errno=0 [ 444.814056][ T29] audit: type=1800 audit(4294967557.271:77): pid=28724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.10074" name="features" dev="configfs" ino=80330 res=0 errno=0 [ 445.728680][T28797] QAT: failed to copy from user. [ 446.711947][T28874] i2c i2c-0: delete_device: Can't parse I2C address [ 446.896727][T28888] dlm: non-version read from control device 2147479552 [ 447.496727][T28943] udc dummy_udc.0: soft-connect without a gadget driver [ 449.547856][T29110] ima: policy update failed [ 449.571889][ T29] audit: type=1802 audit(4294967562.046:78): pid=29110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.10261" res=0 errno=0 [ 453.664835][T29441] program syz.8.10373 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 453.691721][T29441] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 456.601690][T29624] Process accounting resumed [ 456.665463][T29630] queue_state_write: unsupported operation '' [ 456.684130][T29630] queue_state_write: use 'run', 'start' or 'kick' [ 457.236830][T29679] syz.6.10486 (29679): drop_caches: 0 [ 458.053421][T29756] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10524'. [ 460.136532][T29966] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10629'. [ 460.769239][T30033] udc dummy_udc.0: soft-connect without a gadget driver [ 461.495599][T30109] syz_tun: tun_chr_ioctl cmd 1074025688 [ 461.686155][T30125] CIFS mount error: No usable UNC path provided in device string! [ 461.686155][T30125] [ 461.697910][T30125] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 462.238133][T30176] ima: policy update failed [ 462.242857][ T29] audit: type=1802 audit(4294967574.792:79): pid=30176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.10732" res=0 errno=0 [ 465.091133][T30284] program syz.3.10793 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 465.109235][T30284] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 465.927151][T30347] vivid-002: ================= START STATUS ================= [ 465.944623][T30347] vivid-002: RDS Tx I/O Mode: Controls [ 465.950868][T30347] vivid-002: RDS Program ID: 32904 [ 465.956275][T30347] vivid-002: RDS Program Type: 3 [ 465.973977][T30347] vivid-002: RDS PS Name: VIVID-TX [ 465.987796][T30347] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 466.007997][T30347] vivid-002: RDS Stereo: true [ 466.012800][T30347] vivid-002: RDS Artificial Head: false [ 466.028588][T30347] vivid-002: RDS Compressed: false [ 466.034072][T30347] vivid-002: RDS Dynamic PTY: false [ 466.046716][T30347] vivid-002: RDS Traffic Announcement: false [ 466.057713][T30347] vivid-002: RDS Traffic Program: true [ 466.063285][T30347] vivid-002: RDS Music: true [ 466.069795][T30347] vivid-002: ================== END STATUS ================== [ 466.531475][T30398] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 467.086448][T30444] QAT: Stopping all acceleration devices. [ 467.970655][T30535] synth uevent: /bus/memstick: unknown uevent action string [ 468.138012][T30555] : Can't lookup blockdev [ 468.378733][T30578] ubi13: attaching mtd0 [ 468.382955][T30578] ubi13 error: ubi_attach_mtd_dev: bad VID header (13) or data offsets (77) [ 468.770532][T30613] bond0: option lp_interval: invalid value (/sys) [ 468.783530][T30613] bond0: option lp_interval: allowed values 1 - 2147483647 [ 469.013069][T30635] sysfs_service_op_store: Client not running :-5: [ 469.025214][T30637] Process accounting resumed [ 469.184437][T30650] bond0: option mode: invalid value (/sys/dev) [ 469.452675][T30678] queue_state_write: unsupported operation '' [ 469.458827][T30678] queue_state_write: use 'run', 'start' or 'kick' [ 470.860816][T30790] Invalid ELF header magic: != ELF [ 470.946519][T30801] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11034'. [ 472.086857][T30900] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 472.087143][T30899] ima: policy update failed [ 472.111403][ T29] audit: type=1802 audit(4294967584.713:80): pid=30899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.8.11085" res=0 errno=0 [ 474.733398][T31144] nbd: couldn't find device at index 33904 [ 475.050179][T31174] Zero length message leads to an empty skb [ 475.234405][T31189] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 475.671318][T31224] QAT: Device 0 not found [ 475.841394][T31235] sctp: [Deprecated]: syz.0.11248 (pid 31235) Use of int in max_burst socket option deprecated. [ 475.841394][T31235] Use struct sctp_assoc_value instead [ 476.267090][T31250] could not allocate digest TFM handle [ 476.314060][T31253] could not allocate digest TFM handle [ 477.379117][ T5952] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 478.478746][T31379] program syz.6.11314 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 478.507749][T31379] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 479.662613][T31435] snd_aloop snd_aloop.0: control 5:9:1:IA>/[k 1 [ 523.465334][ T3022] bridge_slave_0: left allmulticast mode [ 523.471122][ T3022] bridge_slave_0: left promiscuous mode [ 523.480860][ T3022] bridge0: port 1(bridge_slave_0) entered disabled state [ 523.488809][ T5920] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 523.532098][ T5920] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 523.598729][ T5920] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 523.609268][ T5920] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 523.616666][ T5920] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 523.752499][ T3022] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 523.768043][ T3022] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 523.780575][ T3022] bond0 (unregistering): Released all slaves [ 524.118223][ T1611] chnl_net:caif_netlink_parms(): no params data found [ 524.309141][ T1611] bridge0: port 1(bridge_slave_0) entered blocking state [ 524.318233][ T1611] bridge0: port 1(bridge_slave_0) entered disabled state [ 524.329830][ T1611] bridge_slave_0: entered allmulticast mode [ 524.337483][ T1611] bridge_slave_0: entered promiscuous mode [ 524.352664][ T3022] hsr_slave_0: left promiscuous mode [ 524.384407][ T3022] hsr_slave_1: left promiscuous mode [ 524.392191][ T3022] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 524.410052][ T3022] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 524.440303][ T3022] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 524.451731][ T3022] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 524.480012][ T3022] veth1_macvtap: left promiscuous mode [ 524.489690][ T3022] veth0_macvtap: left promiscuous mode [ 524.495838][ T3022] veth1_vlan: left promiscuous mode [ 524.520796][ T3022] veth0_vlan: left promiscuous mode [ 524.707035][ T3022] team0 (unregistering): Port device team_slave_1 removed [ 524.735211][ T3022] team0 (unregistering): Port device team_slave_0 removed [ 524.785550][ T1611] bridge0: port 2(bridge_slave_1) entered blocking state [ 524.792898][ T1611] bridge0: port 2(bridge_slave_1) entered disabled state [ 524.800055][ T1611] bridge_slave_1: entered allmulticast mode [ 524.808761][ T1611] bridge_slave_1: entered promiscuous mode [ 524.854325][ T1611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 524.865403][ T1611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 524.989817][ T1611] team0: Port device team_slave_0 added [ 525.014932][ T1611] team0: Port device team_slave_1 added [ 525.088908][ T1611] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 525.102673][ T1611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 525.135928][ T1729] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 525.158753][ T1611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 525.193718][ T1611] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 525.205916][ T1611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 525.235752][ T1611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 525.356353][ T1611] hsr_slave_0: entered promiscuous mode [ 525.365821][ T1611] hsr_slave_1: entered promiscuous mode [ 525.378676][ T1611] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 525.386787][ T1611] Cannot create hsr debugfs directory [ 525.648585][ T5920] Bluetooth: hci1: command tx timeout [ 525.668133][ T1765] netlink: ct family unspecified [ 526.103006][ T1611] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 526.140091][ T1611] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 526.160845][ T1794] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 526.173444][ T1611] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 526.187050][ T1611] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 526.342879][ T1611] 8021q: adding VLAN 0 to HW filter on device bond0 [ 526.390209][ T1611] 8021q: adding VLAN 0 to HW filter on device team0 [ 526.412105][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 526.419298][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 526.475123][ T3022] bridge0: port 2(bridge_slave_1) entered blocking state [ 526.482247][ T3022] bridge0: port 2(bridge_slave_1) entered forwarding state [ 526.538964][ T1611] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 526.766375][ T1611] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 526.823845][ T1611] veth0_vlan: entered promiscuous mode [ 526.847543][ T1611] veth1_vlan: entered promiscuous mode [ 526.887242][ T1611] veth0_macvtap: entered promiscuous mode [ 526.907547][ T1611] veth1_macvtap: entered promiscuous mode [ 526.937063][ T1611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 526.953739][ T1611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.969711][ T1611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 526.980582][ T1843] vmstat_refresh: nr_hugetlb -6144 [ 526.990645][ T1611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 527.009581][ T1611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 527.038784][ T1611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 527.069712][ T1611] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 527.088574][ T1611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 527.111758][ T1611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 527.130130][ T1611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 527.150741][ T1611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 527.169900][ T1611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 527.189849][ T1611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 527.219444][ T1611] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 527.261275][ T1611] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.276191][ T1611] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.287208][ T1611] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.296245][ T1611] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.299594][ T1862] netlink: Unknown conntrack attr (type=64, max=9) [ 527.471359][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 527.509211][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 527.535872][ T3022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 527.552588][ T3022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 527.727168][ T5920] Bluetooth: hci1: command tx timeout [ 528.033637][ T1929] CIFS: VFS: Invalid SecurityFlags: [ 528.434752][ T1964] dyndbg: expected <4096 bytes into control [ 528.913108][ T2008] ima: policy update failed [ 528.917886][ T29] audit: type=1802 audit(4294967340.088:86): pid=2008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.12669" res=0 errno=0 [ 529.440836][ T2042] netlink: 'syz.1.12680': attribute type 1 has an invalid length. [ 529.681783][ T29] audit: type=1800 audit(4294967340.831:87): pid=2072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.12690" name="dbroot" dev="configfs" ino=98948 res=0 errno=0 [ 529.790780][ T5920] Bluetooth: hci1: command tx timeout [ 530.046588][ T2103] netlink: 'syz.1.12702': attribute type 11 has an invalid length. [ 530.607448][ T2162] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 530.837640][ T2188] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 530.844111][ T2188] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 531.509051][ T2257] CIFS: VFS: Invalid SecurityFlags: [ 531.796911][ T2286] netlink: 85 bytes leftover after parsing attributes in process `syz.0.12765'. [ 531.858296][ T5920] Bluetooth: hci1: command tx timeout [ 532.027776][ T2308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12772'. [ 532.337454][ T2339] tipc: Started in network mode [ 532.342380][ T2339] tipc: Node identity ee00, cluster identity 4711 [ 532.392900][ T2339] tipc: Node number set to 60928 [ 532.409388][ T2341] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 532.511708][ T2349] openvswitch: netlink: IP tunnel dst address not specified [ 532.608124][ T2359] netlink: 'syz.0.12787': attribute type 11 has an invalid length. [ 532.617294][ T2359] netlink: 'syz.0.12787': attribute type 11 has an invalid length. [ 532.630494][ T2359] netlink: 'syz.0.12787': attribute type 11 has an invalid length. [ 532.836290][ T2380] .': entered promiscuous mode [ 534.202683][ T2533] netlink: 'syz.1.12834': attribute type 2 has an invalid length. [ 534.245760][ T2533] netlink: 674 bytes leftover after parsing attributes in process `syz.1.12834'. [ 534.302817][ T2549] ima: policy update failed [ 534.317527][ T29] audit: type=1802 audit(4294967299.695:88): pid=2549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.8.12838" res=0 errno=0 [ 534.361018][ T2556] block nbd0: not configured, cannot reconfigure [ 534.726935][ T2583] zero sized request [ 535.020564][ T2609] ima: policy update failed [ 535.033857][ T29] audit: type=1802 audit(4294967300.419:89): pid=2609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.12854" res=0 errno=0 [ 536.237908][ T2744] netlink: 'syz.0.12888': attribute type 2 has an invalid length. [ 537.335249][ T2854] sysfs_service_op_store: Client not running :-5: [ 538.429377][ T2939] openvswitch: netlink: Message has 4 unknown bytes. [ 538.470227][ T2944] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd31 [ 539.761146][ T29] audit: type=1800 audit(4294967305.164:90): pid=3046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.12968" name="dbroot" dev="configfs" ino=100967 res=0 errno=0 [ 539.873887][ T3055] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000010006 [ 542.485814][ T3212] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13019'. [ 542.520957][ T3094] Bluetooth: hci0: command 0x0406 tx timeout [ 542.675271][ T3218] openvswitch: netlink: Message has 4 unknown bytes. [ 543.576159][ T1335] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 543.638207][ T1335] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 543.697870][ T1335] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 543.759850][ T1335] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 543.859092][ T1335] bridge_slave_1: left allmulticast mode [ 543.868798][ T1335] bridge_slave_1: left promiscuous mode [ 543.882583][ T1335] bridge0: port 2(bridge_slave_1) entered disabled state [ 543.890435][ T3094] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 543.898087][ T3094] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 543.906382][ T3094] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 543.913996][ T1335] bridge_slave_0: left allmulticast mode [ 543.919841][ T1335] bridge_slave_0: left promiscuous mode [ 543.925983][ T3094] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 543.933631][ T1335] bridge0: port 1(bridge_slave_0) entered disabled state [ 543.941210][ T3094] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 543.949048][ T3094] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 544.051561][ T1335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 544.064005][ T1335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 544.076305][ T1335] bond0 (unregistering): Released all slaves [ 544.149411][ T1335] tipc: Left network mode [ 544.194378][ T3274] chnl_net:caif_netlink_parms(): no params data found [ 544.268698][ T3274] bridge0: port 1(bridge_slave_0) entered blocking state [ 544.277303][ T3274] bridge0: port 1(bridge_slave_0) entered disabled state [ 544.290746][ T3274] bridge_slave_0: entered allmulticast mode [ 544.307796][ T3274] bridge_slave_0: entered promiscuous mode [ 544.317675][ T3274] bridge0: port 2(bridge_slave_1) entered blocking state [ 544.325593][ T3274] bridge0: port 2(bridge_slave_1) entered disabled state [ 544.334031][ T3274] bridge_slave_1: entered allmulticast mode [ 544.341123][ T3274] bridge_slave_1: entered promiscuous mode [ 544.374858][ T3274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 544.390262][ T3274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 544.429183][ T3274] team0: Port device team_slave_0 added [ 544.437234][ T3274] team0: Port device team_slave_1 added [ 544.467059][ T3274] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 544.474522][ T3274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 544.500792][ T3274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 544.517733][ T3274] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 544.524975][ T3274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 544.551245][ T3274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 544.583280][ T3274] hsr_slave_0: entered promiscuous mode [ 544.589986][ T3274] hsr_slave_1: entered promiscuous mode [ 544.595832][ T3274] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 544.603568][ T3274] Cannot create hsr debugfs directory [ 544.611489][ T1335] hsr_slave_0: left promiscuous mode [ 544.617230][ T1335] hsr_slave_1: left promiscuous mode [ 544.624233][ T1335] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 544.631912][ T1335] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 544.640743][ T1335] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 544.648290][ T1335] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 544.656943][ T1335] veth1_macvtap: left promiscuous mode [ 544.662508][ T1335] veth0_macvtap: left promiscuous mode [ 544.668022][ T1335] veth1_vlan: left promiscuous mode [ 544.673372][ T1335] veth0_vlan: left promiscuous mode [ 544.744498][ T1335] team0 (unregistering): Port device team_slave_1 removed [ 544.757563][ T1335] team0 (unregistering): Port device team_slave_0 removed [ 545.900889][ T3274] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 545.918450][ T3274] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 545.928226][ T3274] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 545.939118][ T3274] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 545.993944][ T3274] 8021q: adding VLAN 0 to HW filter on device bond0 [ 546.009596][ T3274] 8021q: adding VLAN 0 to HW filter on device team0 [ 546.021085][ T3022] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.028285][ T3022] bridge0: port 1(bridge_slave_0) entered forwarding state [ 546.032029][ T5920] Bluetooth: hci0: command tx timeout [ 546.053080][ T3022] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.060212][ T3022] bridge0: port 2(bridge_slave_1) entered forwarding state [ 546.081754][ T3274] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 546.202866][ T3274] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 546.236578][ T3274] veth0_vlan: entered promiscuous mode [ 546.249053][ T3274] veth1_vlan: entered promiscuous mode [ 546.275186][ T3274] veth0_macvtap: entered promiscuous mode [ 546.288705][ T3274] veth1_macvtap: entered promiscuous mode [ 546.307339][ T3274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.319341][ T3274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.330732][ T3274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.343005][ T3274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.354018][ T3274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.366119][ T3274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.377443][ T3274] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 546.387248][ T3274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 546.397980][ T3274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.412280][ T3274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 546.423848][ T3274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.435877][ T3274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 546.446791][ T3274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.459406][ T3274] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 546.477331][ T3274] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.486709][ T3274] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.497115][ T3274] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.508863][ T3274] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.557190][ T3022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.573040][ T3022] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 546.593824][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.602023][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 547.037267][ T3473] openvswitch: netlink: Missing valid actions attribute. [ 547.619740][ T3526] netlink: 'syz.3.13075': attribute type 1 has an invalid length. [ 548.091480][ T5920] Bluetooth: hci0: command tx timeout [ 548.632471][ T3604] netlink: 'syz.8.13097': attribute type 11 has an invalid length. [ 548.684638][ T3608] sctp: [Deprecated]: syz.3.13100 (pid 3608) Use of int in maxseg socket option. [ 548.684638][ T3608] Use struct sctp_assoc_value instead [ 550.154547][ T3722] nbd: illegal input index -33554433 [ 550.161000][ T5920] Bluetooth: hci0: command tx timeout [ 550.536893][ T3758] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 551.431583][ T3823] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 551.462869][ T3823] CPU: 1 UID: 0 PID: 3823 Comm: syz.3.13160 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 551.473863][ T3823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 551.483949][ T3823] Call Trace: [ 551.487245][ T3823] [ 551.490196][ T3823] dump_stack_lvl+0x16c/0x1f0 [ 551.494999][ T3823] sysfs_warn_dup+0x7f/0xa0 [ 551.499543][ T3823] sysfs_do_create_link_sd+0x124/0x140 [ 551.505048][ T3823] sysfs_create_link+0x61/0xc0 [ 551.509849][ T3823] device_add+0x62e/0x1a70 [ 551.514294][ T3823] ? __pfx_device_add+0x10/0x10 [ 551.519167][ T3823] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 551.525085][ T3823] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 551.531097][ T3823] wiphy_register+0x1c7a/0x2860 [ 551.535986][ T3823] ? netdev_run_todo+0x837/0x12d0 [ 551.541049][ T3823] ? __pfx_wiphy_register+0x10/0x10 [ 551.546309][ T3823] ieee80211_register_hw+0x2951/0x3fa0 [ 551.551801][ T3823] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 551.557645][ T3823] ? net_generic+0xea/0x2a0 [ 551.562185][ T3823] ? lockdep_init_map_type+0x16d/0x7d0 [ 551.567671][ T3823] ? net_generic+0x30/0x2a0 [ 551.572240][ T3823] ? rcu_is_watching+0x12/0xc0 [ 551.577038][ T3823] ? trace_hrtimer_init+0x1a6/0x230 [ 551.582268][ T3823] ? __hrtimer_init+0x106/0x2c0 [ 551.587151][ T3823] mac80211_hwsim_new_radio+0x2c47/0x56c0 [ 551.592921][ T3823] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 551.599029][ T3823] ? hwsim_new_radio_nl+0x9ff/0x12b0 [ 551.604361][ T3823] hwsim_new_radio_nl+0xb42/0x12b0 [ 551.609516][ T3823] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 551.615107][ T3823] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 551.622512][ T3823] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 551.629925][ T3823] genl_family_rcv_msg_doit+0x202/0x2f0 [ 551.635510][ T3823] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 551.641612][ T3823] ? genl_get_cmd+0x195/0x580 [ 551.646326][ T3823] ? bpf_lsm_capable+0x9/0x10 [ 551.651033][ T3823] ? security_capable+0x7e/0x260 [ 551.656006][ T3823] ? ns_capable+0xd7/0x110 [ 551.660461][ T3823] genl_rcv_msg+0x565/0x800 [ 551.664992][ T3823] ? __pfx_genl_rcv_msg+0x10/0x10 [ 551.670059][ T3823] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 551.675645][ T3823] netlink_rcv_skb+0x165/0x410 [ 551.680435][ T3823] ? __pfx_genl_rcv_msg+0x10/0x10 [ 551.685488][ T3823] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 551.690803][ T3823] ? down_read+0xc9/0x330 [ 551.695161][ T3823] ? __pfx_down_read+0x10/0x10 [ 551.699970][ T3823] ? netlink_deliver_tap+0x1ae/0xca0 [ 551.705280][ T3823] genl_rcv+0x28/0x40 [ 551.709287][ T3823] netlink_unicast+0x53c/0x7f0 [ 551.714084][ T3823] ? __pfx_netlink_unicast+0x10/0x10 [ 551.719402][ T3823] ? __phys_addr_symbol+0x30/0x80 [ 551.724459][ T3823] ? __check_object_size+0x488/0x710 [ 551.729788][ T3823] netlink_sendmsg+0x8b8/0xd70 [ 551.734584][ T3823] ? __pfx_netlink_sendmsg+0x10/0x10 [ 551.739907][ T3823] ____sys_sendmsg+0x9ae/0xb40 [ 551.744701][ T3823] ? copy_msghdr_from_user+0x10b/0x160 [ 551.748538][ T3843] MTRR 1 not used [ 551.750185][ T3823] ? __pfx_____sys_sendmsg+0x10/0x10 [ 551.750225][ T3823] ___sys_sendmsg+0x135/0x1e0 [ 551.763812][ T3823] ? __pfx____sys_sendmsg+0x10/0x10 [ 551.769046][ T3823] ? __pfx_aa_sk_perm+0x10/0x10 [ 551.773930][ T3823] ? lock_acquire+0x2f/0xb0 [ 551.778463][ T3823] ? __pfx_lock_release+0x10/0x10 [ 551.783518][ T3823] ? trace_lock_acquire+0x14e/0x1f0 [ 551.788765][ T3823] ? __fget_files+0x206/0x3a0 [ 551.793479][ T3823] __sys_sendmsg+0x16e/0x220 [ 551.798118][ T3823] ? __pfx___sys_sendmsg+0x10/0x10 [ 551.803264][ T3823] ? __x64_sys_futex+0x1e1/0x4c0 [ 551.808245][ T3823] ? rcu_is_watching+0x12/0xc0 [ 551.813044][ T3823] ? rcu_is_watching+0x12/0xc0 [ 551.817841][ T3823] do_syscall_64+0xcd/0x250 [ 551.822378][ T3823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.828303][ T3823] RIP: 0033:0x7feab3185d29 [ 551.832753][ T3823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 551.852391][ T3823] RSP: 002b:00007feab3f57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 551.860835][ T3823] RAX: ffffffffffffffda RBX: 00007feab3375fa0 RCX: 00007feab3185d29 [ 551.868831][ T3823] RDX: 0000000004000800 RSI: 0000000020000e00 RDI: 0000000000000003 [ 551.876827][ T3823] RBP: 00007feab3201b08 R08: 0000000000000000 R09: 0000000000000000 [ 551.884822][ T3823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 551.892820][ T3823] R13: 0000000000000000 R14: 00007feab3375fa0 R15: 00007ffe089dad78 [ 551.900828][ T3823] [ 552.229993][ T5920] Bluetooth: hci0: command tx timeout [ 553.137493][ T3953] delete_channel: no stack [ 554.083256][ T4037] openvswitch: netlink: IP tunnel dst address not specified [ 554.643080][ T4096] netlink: 'syz.2.13253': attribute type 1 has an invalid length. [ 555.223686][ T4149] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13272'. [ 555.535355][ T4178] netlink: 'syz.8.13280': attribute type 1 has an invalid length. [ 555.610389][ T4182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13281'. [ 558.201978][ T4415] delete_channel: no stack [ 558.310683][ T4428] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13327'. [ 558.621590][ T4446] nbd: must specify a device to reconfigure [ 558.649339][ T4448] binder_alloc: binder_alloc_mmap_handler: 4447 0-1000 already mapped failed -16 [ 560.830556][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 560.837004][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.364154][ T4521] netlink: Unknown conntrack attr (type=64, max=9) [ 563.332484][ T4558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13368'. [ 564.244818][ T4617] netlink: 28 bytes leftover after parsing attributes in process `syz.8.13394'. [ 564.365412][ T4623] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13395'. [ 565.843666][ T4716] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 566.252439][ T4755] ima: policy update failed [ 566.271143][ T29] audit: type=1802 audit(4294967311.155:91): pid=4755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.13459" res=0 errno=0 [ 566.620052][ T4785] openvswitch: netlink: Missing valid actions attribute. [ 567.662955][ T4852] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 568.618831][ T29] audit: type=1800 audit(4294967313.527:92): pid=4914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.13528" name="discovery_nqn" dev="configfs" ino=107697 res=0 errno=0 [ 569.588736][ T4989] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 569.884586][ T5013] usb usb15: usbfs: interface 0 claimed by hub while 'syz.2.13561' sets config #0 [ 569.948567][ T5015] netlink: 'syz.8.13563': attribute type 2 has an invalid length. [ 570.540229][ T5068] openvswitch: netlink: IP tunnel dst address not specified [ 570.649324][ T5077] openvswitch: netlink: Flow key attribute not present in set flow. [ 570.890542][ T5103] openvswitch: netlink: ct_state flags 09001eac unsupported [ 572.358690][ T5251] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 572.759957][ T5288] ecryptfs_miscdev_write: Error while inspecting packet size [ 572.913140][ T5301] MTRR 1 not used [ 573.388759][ T5334] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 573.563644][ T5352] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 574.010687][ T5382] misc userio: No port type given on /dev/userio [ 574.087440][ T5390] sd 0:0:1:0: PR command failed: 1026 [ 574.093007][ T5390] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 574.099869][ T5390] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 574.550682][ T5434] netlink: zone id is out of range [ 574.556951][ T5434] netlink: zone id is out of range [ 574.562781][ T5434] netlink: zone id is out of range [ 574.568758][ T5434] netlink: del zone limit has 4 unknown bytes syzkaller syzkaller login: [ 575.329669][ T5490] delete_channel: no stack [ 575.764770][ T5525] batman_adv: Routing algorithm '' is not supported [ 578.118027][ T5668] openvswitch: netlink: Message has 4 unknown bytes. [ 578.429935][ T5687] binder_alloc: binder_alloc_mmap_handler: 5686 0-1000 already mapped failed -16 [ 579.093553][ T5730] netlink: Unknown conntrack attr (type=64, max=9) [ 581.368171][ T29] audit: type=1800 audit(4294967326.343:93): pid=5832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.13900" name="features" dev="configfs" ino=109136 res=0 errno=0 [ 581.392847][ T5830] openvswitch: netlink: IPv6 tunnel dst address is zero [ 581.554555][ T5845] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 582.120322][ T5886] nl80211: entered promiscuous mode [ 583.520836][ T5972] could not allocate digest TFM handle binfmt_misc [ 584.009637][ T6033] netlink: 'syz.8.13986': attribute type 5 has an invalid length. [ 584.208453][ T6051] sctp: [Deprecated]: syz.1.13996 (pid 6051) Use of int in maxseg socket option. [ 584.208453][ T6051] Use struct sctp_assoc_value instead [ 584.657034][ T6088] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14012'. [ 586.071460][ T6206] netlink: 'syz.3.14069': attribute type 2 has an invalid length. [ 586.168032][ T6212] openvswitch: netlink: Key 23 has unexpected len 0 expected 2 [ 586.384498][ T6226] ima: policy update failed [ 586.400937][ T29] audit: type=1802 audit(4294967331.399:94): pid=6226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.14080" res=0 errno=0 [ 586.572799][ T6240] netlink: 'syz.2.14087': attribute type 11 has an invalid length. [ 586.593626][ T6243] nbd: must specify a size in bytes for the device [ 588.340849][ T6373] openvswitch: netlink: Duplicate or invalid key (type 0). [ 588.476095][ T6383] netlink: 108 bytes leftover after parsing attributes in process `syz.1.14153'. [ 588.553489][ T6385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14156'. [ 588.946252][ T6414] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 589.469979][ T6437] sd 0:0:1:0: PR command failed: 1026 [ 589.506017][ T6437] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 589.513240][ T6437] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 589.753145][ T6445] svc: failed to register nfsdv3 RPC service (errno 111). [ 589.772392][ T6445] svc: failed to register nfsaclv3 RPC service (errno 111). [ 590.264166][ T6409] kexec: Could not allocate control_code_buffer [ 591.898742][ T29] audit: type=1326 audit(4294967336.928:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6570 comm="syz.2.14237" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f789e585d29 code=0x0 [ 593.114242][ T6647] netlink: 'syz.3.14275': attribute type 1 has an invalid length. [ 594.493400][ T6712] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 597.605231][ T6838] openvswitch: netlink: IPv6 tunnel dst address is zero [ 599.384311][ T6897] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 600.222299][ T6945] queue_state_write: operation too long [ 600.227903][ T6945] queue_state_write: use 'run', 'start' or 'kick' [ 601.554138][ T7044] netlink: 5995 bytes leftover after parsing attributes in process `syz.1.14465'. [ 602.301412][ T7094] netlink: 'syz.8.14480': attribute type 11 has an invalid length. [ 602.506749][ T7105] Scaler: ================= START STATUS ================= [ 602.528427][ T7105] Scaler: ================== END STATUS ================== [ 602.712070][ T7120] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14493'. [ 604.277924][ T7235] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 604.314313][ T7237] netlink: 'syz.3.14547': attribute type 11 has an invalid length. [ 604.399757][ T7245] svc: failed to register nfsdv3 RPC service (errno 111). [ 604.407855][ T7245] svc: failed to register nfsaclv3 RPC service (errno 111). [ 604.681331][ T7263] svc: failed to register nfsdv3 RPC service (errno 111). [ 604.691790][ T7263] svc: failed to register nfsaclv3 RPC service (errno 111). [ 604.957216][ T7288] netlink: zone id is out of range [ 604.965714][ T7288] netlink: set zone limit has 8 unknown bytes [ 605.728562][ T7358] netlink: 'syz.8.14606': attribute type 1 has an invalid length. [ 605.773322][ T7362] openvswitch: netlink: Duplicate or invalid key (type 0). [ 605.948181][ T7379] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 606.256986][ T7412] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 606.352830][ T7422] : entered promiscuous mode [ 606.398016][ T7316] NFSD: Unable to initialize client recovery tracking! (-110) [ 606.405658][ T7316] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 606.415271][ T7316] NFSD: starting 77-second grace period (net f00003e2) [ 606.679972][ T7452] openvswitch: netlink: IP tunnel TTL not specified. [ 606.997549][ T7470] netlink: 'syz.2.14660': attribute type 11 has an invalid length. [ 607.022906][ T7475] svc: failed to register nfsdv3 RPC service (errno 111). [ 607.030962][ T7475] svc: failed to register nfsaclv3 RPC service (errno 111). [ 607.350943][ T7501] netlink: 'syz.1.14674': attribute type 11 has an invalid length. [ 607.361968][ T7497] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14673'. [ 607.616927][ T7516] svc: failed to register nfsdv3 RPC service (errno 111). [ 607.649330][ T7516] svc: failed to register nfsaclv3 RPC service (errno 111). [ 607.993822][ T7553] svc: failed to register nfsdv3 RPC service (errno 111). [ 608.031398][ T7553] svc: failed to register nfsaclv3 RPC service (errno 111). [ 608.380273][ T7593] netlink: 5995 bytes leftover after parsing attributes in process `syz.8.14718'. [ 608.555914][ T7611] ptrace attach of "./syz-executor exec"[16586] was attempted by "./syz-executor exec"[7611] [ 608.679970][ T7623] openvswitch: netlink: nsh attr 160 is out of range max 3 [ 608.757373][ T7629] netlink: 'syz.3.14736': attribute type 1 has an invalid length. [ 609.404909][ T7575] NFSD: Unable to initialize client recovery tracking! (-110) [ 609.413268][ T7575] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 609.422532][ T7575] NFSD: starting 77-second grace period (net f00003e2) [ 610.024014][ T7693] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 611.292100][ T7688] kexec: Could not allocate control_code_buffer [ 611.623259][ T7748] svc: failed to register nfsdv3 RPC service (errno 111). [ 611.641939][ T7748] svc: failed to register nfsaclv3 RPC service (errno 111). [ 611.725110][ T7763] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 612.126712][ T7801] openvswitch: netlink: Key type 261 is out of range max 32 [ 612.651619][ T7853] syz_tun: tun_chr_ioctl cmd 1074025698 [ 613.242406][ T7797] NFSD: Unable to initialize client recovery tracking! (-110) [ 613.250305][ T7797] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 613.259347][ T7797] NFSD: starting 77-second grace period (net f00003e2) [ 613.434217][ T7855] svc: failed to register nfsdv3 RPC service (errno 111). [ 613.445764][ T7855] svc: failed to register nfsaclv3 RPC service (errno 111). [ 613.718234][ T7891] queue_state_write: operation too long [ 613.723969][ T7891] queue_state_write: use 'run', 'start' or 'kick' [ 614.232355][ T7932] CIFS mount error: No usable UNC path provided in device string! [ 614.232355][ T7932] [ 614.243159][ T7932] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 614.421350][ T7949] delete_channel: no stack [ 614.724850][ T7969] openvswitch: netlink: IP tunnel dst address not specified [ 614.738338][ T29] audit: type=1800 audit(4294967359.887:96): pid=7971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="dbroot" dev="configfs" ino=118022 res=0 errno=0 [ 615.291714][ T7924] NFSD: Unable to initialize client recovery tracking! (-110) [ 615.299274][ T7924] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 615.308864][ T7924] NFSD: starting 77-second grace period (net f00003e2) [ 615.437830][ T8037] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14925'. [ 615.918039][ T8077] svc: failed to register nfsdv3 RPC service (errno 111). [ 615.929778][ T8077] svc: failed to register nfsaclv3 RPC service (errno 111). [ 616.562694][ T8117] svc: failed to register nfsdv3 RPC service (errno 111). [ 616.572645][ T8117] svc: failed to register nfsaclv3 RPC service (errno 111). [ 616.729576][ T8138] openvswitch: netlink: Key type 29 is not supported [ 616.810215][ T8147] netlink: 'syz.2.14975': attribute type 1 has an invalid length. [ 617.176396][ T8173] svc: failed to register nfsdv3 RPC service (errno 111). [ 617.196616][ T8173] svc: failed to register nfsaclv3 RPC service (errno 111). [ 617.495195][ T8203] zero sized request [ 617.661032][ T8220] svc: failed to register nfsdv3 RPC service (errno 111). [ 617.669147][ T8220] svc: failed to register nfsaclv3 RPC service (errno 111). [ 617.982008][ T8255] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 618.035590][ T8262] netlink: set zone limit has 8 unknown bytes [ 618.151707][ T8272] svc: failed to register nfsdv3 RPC service (errno 111). [ 618.181198][ T8272] svc: failed to register nfsaclv3 RPC service (errno 111). [ 618.315051][ T8289] netlink: 'syz.2.15044': attribute type 2 has an invalid length. [ 618.425442][ T8300] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 618.431899][ T8300] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 618.694996][ T8326] openvswitch: netlink: IPv4 tunnel dst address is zero [ 618.760529][ T8332] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 618.777745][ T8330] svc: failed to register nfsdv3 RPC service (errno 111). [ 618.804274][ T8330] svc: failed to register nfsaclv3 RPC service (errno 111). [ 618.914116][ T8346] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 619.031139][ T8359] netlink: 'syz.1.15081': attribute type 1 has an invalid length. [ 620.454848][ T8382] NFSD: Unable to initialize client recovery tracking! (-110) [ 620.462508][ T8382] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 620.471571][ T8382] NFSD: starting 77-second grace period (net f00003e2) [ 620.611274][ T8446] openvswitch: netlink: IP tunnel TTL not specified.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    syzkaller syzkaller login: [ 654.773259][T10875] nbd: must specify an index to disconnect [ 656.173080][T10954] netlink: 5 bytes leftover after parsing attributes in process `syz.3.16308'. [ 656.542939][T10971] net_ratelimit: 1 callbacks suppressed [ 656.542962][T10971] openvswitch: netlink: IP tunnel dst address not specified [ 657.433117][ T29] audit: type=1800 audit(4294967402.799:100): pid=11034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.16338" name="dbroot" dev="configfs" ino=128508 res=0 errno=0 [ 657.493103][T11039] vivid-003: ================= START STATUS ================= [ 657.494299][T11039] vivid-003: Radio HW Seek Mode: Bounded [ 657.495132][T11039] vivid-003: Radio Programmable HW Seek: false [ 657.500523][T11039] vivid-003: RDS Rx I/O Mode: Block I/O [ 657.501497][T11039] vivid-003: Generate RBDS Instead of RDS: false [ 657.503426][T11039] vivid-003: RDS Reception: true [ 657.504175][T11039] vivid-003: RDS Program Type: 0 inactive [ 657.505005][T11039] vivid-003: RDS PS Name: inactive [ 657.505786][T11039] vivid-003: RDS Radio Text: inactive [ 657.506626][T11039] vivid-003: RDS Traffic Announcement: false inactive [ 657.507617][T11039] vivid-003: RDS Traffic Program: false inactive [ 657.508581][T11039] vivid-003: RDS Music: false inactive [ 657.509499][T11039] vivid-003: ================== END STATUS ================== [ 657.855812][T11063] aoe: copy from user failed [ 657.856650][T11063] aoe: could not set interface list: too many interfaces [ 658.979635][T11156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16394'. [ 661.509962][T11300] netlink: 'syz.2.16461': attribute type 1 has an invalid length. syzkaller syzkaller login: [ 663.292331][T11396] netlink: 'syz.3.16504': attribute type 2 has an invalid length. [ 663.300209][T11396] netlink: 674 bytes leftover after parsing attributes in process `syz.3.16504'. [ 663.406186][ T29] audit: type=1800 audit(4294967408.810:101): pid=11405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.16507" name="members" dev="configfs" ino=130109 res=0 errno=0 [ 663.924654][T11436] svc: failed to register nfsdv3 RPC service (errno 111). [ 663.940040][T11436] svc: failed to register nfsaclv3 RPC service (errno 111). [ 664.758592][T11474] nvme_fabrics: missing parameter 'transport=%s' [ 664.767365][T11474] nvme_fabrics: missing parameter 'nqn=%s' [ 665.181349][T11496] HSR: entered promiscuous mode [ 665.256551][T11502] netlink: get zone limit has 8 unknown bytes [ 666.992143][T11572] raw_sendmsg: syz.8.16582 forgot to set AF_INET. Fix it! [ 667.127591][T11593] netlink: 168 bytes leftover after parsing attributes in process `syz.2.16592'. [ 668.150185][T11591] Process accounting paused [ 668.732714][T11668] kAFS: bad VL server IP address [ 668.795386][T11674] netlink: Conntrack attr type has unexpected length (type=0, length=107, expected=0) [ 668.892550][T11686] writing to auto_msgmni has no effect [ 669.190702][T11709] nvme_fabrics: missing parameter 'transport=%s' [ 669.208538][T11709] nvme_fabrics: missing parameter 'nqn=%s' [ 669.304327][T11723] netlink: 'syz.8.16652': attribute type 1 has an invalid length. [ 669.379675][T11726] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006 [ 669.860439][ T3094] Bluetooth: hci0: command 0x0406 tx timeout [ 669.978633][T11752] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 670.004315][T11752] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 673.919170][T11828] sd 0:0:1:0: PR command failed: 1026 [ 673.924619][T11828] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 673.941853][T11828] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 674.175906][ T29] audit: type=1800 audit(4294967419.626:102): pid=11841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.16702" name="dbroot" dev="configfs" ino=130853 res=0 errno=0 [ 675.442912][T11901] 0}^: entered promiscuous mode [ 675.484607][T11903] netlink: 'syz.1.16730': attribute type 10 has an invalid length. [ 676.170059][T11946] netlink: 'syz.2.16750': attribute type 2 has an invalid length. [ 676.229993][T11950] bond0: option packets_per_slave: invalid value () [ 676.244418][T11950] bond0: option packets_per_slave: allowed values 0 - 65535 [ 677.398544][T11994] Process accounting paused [ 677.858059][T12049] netlink: 'syz.1.16795': attribute type 1 has an invalid length. [ 678.118296][T12055] Process accounting paused [ 678.171412][T12077] program syz.3.16809 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 678.599986][T12118] openvswitch: netlink: IP tunnel dst address not specified [ 678.659201][T12122] bond0: option packets_per_slave: invalid value () [ 678.667338][T12122] bond0: option packets_per_slave: allowed values 0 - 65535 [ 678.894201][T12143] netlink: 'syz.1.16838': attribute type 2 has an invalid length. [ 678.946785][T12145] bond0: option packets_per_slave: invalid value () [ 678.954098][T12145] bond0: option packets_per_slave: allowed values 0 - 65535 [ 679.228051][T12166] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 679.247038][T12168] netlink: 'syz.8.16849': attribute type 2 has an invalid length. [ 679.786780][T12207] netlink: 'syz.3.16867': attribute type 2 has an invalid length. [ 680.301149][T12242] netlink: 'syz.2.16883': attribute type 2 has an invalid length. [ 680.448688][ T29] audit: type=1800 audit(4294967425.939:103): pid=12249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.16886" name="members" dev="configfs" ino=132619 res=0 errno=0 [ 680.718988][T12266] netlink: get zone limit has 8 unknown bytes [ 680.888642][T12279] netlink: zone id is out of range [ 680.906140][T12279] netlink: zone id is out of range [ 680.933556][T12279] netlink: zone id is out of range [ 680.939760][T12279] netlink: get zone limit has 4 unknown bytes [ 681.001737][T12291] netlink: 'syz.1.16906': attribute type 1 has an invalid length. [ 681.366684][T12323] program syz.3.16923 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 682.032334][T12371] openvswitch: netlink: Flow actions attr not present in new flow. [ 683.081180][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 683.087651][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 684.691637][T12414] HSR: entered promiscuous mode [ 684.964345][T12443] netlink: 4 bytes leftover after parsing attributes in process `syz.8.16978'. [ 685.106924][T12453] netlink: 'syz.2.16984': attribute type 1 has an invalid length. [ 685.187475][T12458] netlink: 'syz.2.16986': attribute type 2 has an invalid length. [ 685.550613][T12493] netlink: 'syz.3.17001': attribute type 1 has an invalid length. [ 685.986561][T12535] openvswitch: netlink: IP tunnel dst address not specified [ 686.479841][T12571] openvswitch: netlink: IP tunnel dst address not specified [ 686.766914][T12597] openvswitch: HSR: Dropping previously announced user features [ 686.787831][T12595] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 689.105767][T12729] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 689.135764][T12729] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 689.227704][ T3094] Bluetooth: hci0: Malformed HCI Event [ 689.370414][T12753] netlink: 648 bytes leftover after parsing attributes in process `syz.2.17124'. [ 689.380570][T12753] netlink: 16 bytes leftover after parsing attributes in process `syz.2.17124'. [ 690.146267][T12818] 0}^: entered promiscuous mode [ 690.519204][T12843] Invalid ELF header len 3 [ 690.789297][T12861] openvswitch: netlink: Multiple metadata blocks provided [ 691.309109][T12908] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 691.756931][T12949] openvswitch: netlink: IP tunnel dst address not specified [ 696.480414][T13278] openvswitch: HSR: Dropping previously announced user features [ 696.812487][T13308] HSR: entered promiscuous mode [ 697.528900][T13369] netlink: 'syz.1.17417': attribute type 1 has an invalid length. [ 697.795623][T13388] openvswitch: netlink: Flow actions attr not present in new flow. [ 699.152980][T13491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17481'. [ 699.222667][T13494] openvswitch: HSR: Dropping previously announced user features [ 700.691061][T13584] netlink: 'syz.2.17517': attribute type 1 has an invalid length. [ 700.738141][T13589] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 702.560190][T13697] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 702.570306][T13697] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 703.274442][T13737] ptrace attach of "./syz-executor exec"[5959] was attempted by "(6_(Oظ@^/5SeضB4\x22L]|\x224PT\x22~tC5M?S*A\x0c?Wx5ǜ.WFBBS}dkc3]]-:k2uj3>Wx|t\x5cJ|CU\x227;Xw[C\x0c@/ϖ#ډRM\x1b,v+Zp#\x0b.k/oeZҢ0 3P\x0a%LZHk+5|b1[Rph\x0a[$Q?TY\x0bhf&*kd(}\x07i6Q{?h43\x09O&|C1n{r*ȭ->Hc7k>triq$6թx' [ 706.701659][T13880] netlink: 350 bytes leftover after parsing attributes in process `syz.2.17649'. [ 707.139469][T13905] netlink: 206 bytes leftover after parsing attributes in process `syz.3.17661'. [ 712.501284][T14152] netlink: 4 bytes leftover after parsing attributes in process `syz.8.17766'. [ 717.413789][T14384] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 719.457240][T14480] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 721.294371][T14550] netlink: 28 bytes leftover after parsing attributes in process `syz.1.17936'. [ 721.874689][T14582] netlink: 85 bytes leftover after parsing attributes in process `syz.2.17951'. [ 722.714117][T14636] netlink: 206 bytes leftover after parsing attributes in process `syz.2.17972'. [ 722.856523][T14645] netlink: 4 bytes leftover after parsing attributes in process `syz.8.17976'. [ 723.233766][T14664] netlink: 24 bytes leftover after parsing attributes in process `syz.8.17985'. [ 724.252184][T14758] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 724.258649][T14758] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 724.592280][T14784] netlink: 334 bytes leftover after parsing attributes in process `syz.1.18043'. [ 725.208216][T14822] ptrace attach of "./syz-executor exec"[16586] was attempted by "\x0a8f&Sc\x07>׭>]sK&vWWszNM乵;l׃1:3GSDs\x0bYʩ[H?w*oy=7\x09c2!(V6T޵\x228T$>+ɖ?0k6:w\x1b\x0ct-K_bťi+}.ys:\x0c|+)'<`&au+5Lг-'/LaITN\x0c?ׁ{}ѩ: [i\x5cHWklM˃8Ǫz7\x0a9A% vPB<ХTh-WAsqBa^/kNv׋u*Aq\x0c^!W \x07y2մ[t^XY6w|pQڛ\x0de>\x0a^+|'[(1g\x09?_/*C@Q;bE:3댾k3sZא;-a=\x0a,$_\x22Y[2T_;`P5]:o$da$IGg\x0a(\x22䇽2FJ.'Ό{3rm \x22]fCMf;9\x1b/AeII@l{%1}3b3O2%7-T\x22$$GX$\x078(R%]#\x0cMPR~\x07&hKRzi)&;aLmJZdZͬ{d\x1beqg\x1bA^G*%/ܖ^jOvAvG;@\x0cP\x07~( [ 725.266419][T14826] netlink: 'syz.8.18060': attribute type 11 has an invalid length. [ 729.017979][T15035] syz_tun: tun_chr_ioctl cmd 1074025678 [ 729.029441][T15035] syz_tun: group set to 23693 [ 730.488832][T15109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 731.022744][T15137] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18197'. [ 731.068330][T15137] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18197'. [ 733.573142][ T3022] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 733.640512][ T3022] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 733.712418][ T3022] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 733.787811][ T3022] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 733.897528][ T3022] bridge_slave_1: left allmulticast mode [ 733.912290][ T3022] bridge_slave_1: left promiscuous mode [ 733.930696][ T3022] bridge0: port 2(bridge_slave_1) entered disabled state [ 733.947454][ T3022] bridge_slave_0: left allmulticast mode [ 733.954274][ T3022] bridge_slave_0: left promiscuous mode [ 733.970341][ T3022] bridge0: port 1(bridge_slave_0) entered disabled state [ 734.007797][ T5920] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 734.015533][ T5920] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 734.022926][ T5920] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 734.030856][ T5920] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 734.038833][ T5920] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 734.046191][ T5920] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 734.223996][ T3022] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 734.261035][ T3022] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 734.292523][ T3022] bond0 (unregistering): Released all slaves [ 734.368197][ T3022] : left promiscuous mode [ 734.455273][ T3022] HSR: left promiscuous mode [ 734.511808][T15315] chnl_net:caif_netlink_parms(): no params data found [ 734.709717][T15315] bridge0: port 1(bridge_slave_0) entered blocking state [ 734.718661][T15315] bridge0: port 1(bridge_slave_0) entered disabled state [ 734.725992][T15315] bridge_slave_0: entered allmulticast mode [ 734.735248][T15315] bridge_slave_0: entered promiscuous mode [ 734.751824][T15315] bridge0: port 2(bridge_slave_1) entered blocking state [ 734.758937][T15315] bridge0: port 2(bridge_slave_1) entered disabled state [ 734.773843][T15315] bridge_slave_1: entered allmulticast mode [ 734.791106][T15315] bridge_slave_1: entered promiscuous mode [ 734.863797][T15315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 734.908668][T15315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 735.075967][T15315] team0: Port device team_slave_0 added [ 735.103875][T15315] team0: Port device team_slave_1 added [ 735.128796][T15397] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 735.220246][T15315] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 735.227233][T15315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 735.274966][T15315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 735.339226][T15315] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 735.346419][T15315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 735.403451][T15315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 735.618743][T15315] hsr_slave_0: entered promiscuous mode [ 735.644939][T15315] hsr_slave_1: entered promiscuous mode [ 736.074056][ T3094] Bluetooth: hci2: command tx timeout [ 736.779997][ T3022] hsr_slave_0: left promiscuous mode [ 736.786290][ T3022] hsr_slave_1: left promiscuous mode [ 736.801138][ T3022] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 736.812233][ T3022] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 736.821007][ T3022] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 736.828438][ T3022] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 736.840339][ T3022] veth1_macvtap: left promiscuous mode [ 736.845899][ T3022] veth0_macvtap: left promiscuous mode [ 736.853442][ T3022] veth1_vlan: left promiscuous mode [ 736.858766][ T3022] veth0_vlan: left promiscuous mode [ 737.000234][ T3022] team0 (unregistering): Port device team_slave_1 removed [ 737.014800][ T3022] team0 (unregistering): Port device team_slave_0 removed [ 737.109834][T15315] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 737.141468][T15315] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 737.160600][T15315] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 737.173981][T15315] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 737.316146][T15315] 8021q: adding VLAN 0 to HW filter on device bond0 [ 737.335088][T15315] 8021q: adding VLAN 0 to HW filter on device team0 [ 737.349315][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 737.356463][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 737.395525][ T1333] bridge0: port 2(bridge_slave_1) entered blocking state [ 737.403035][ T1333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 737.448907][ T3022] ref_tracker: net notrefcnt@ffff888035752020 has 1/2 users at [ 737.448907][ T3022] sk_alloc+0xa93/0xb90 [ 737.448907][ T3022] inet6_create+0x380/0x1320 [ 737.448907][ T3022] __sock_create+0x335/0x8d0 [ 737.448907][ T3022] udp_sock_create6+0xc8/0x660 [ 737.448907][ T3022] sctp_udp_sock_start+0x280/0x4b0 [ 737.448907][ T3022] proc_sctp_do_udp_port+0x3ba/0x4a0 [ 737.448907][ T3022] proc_sys_call_handler+0x403/0x5d0 [ 737.448907][ T3022] iter_file_splice_write+0x90f/0x10b0 [ 737.448907][ T3022] direct_splice_actor+0x18f/0x6c0 [ 737.448907][ T3022] splice_direct_to_actor+0x346/0xa40 [ 737.448907][ T3022] do_splice_direct+0x178/0x250 [ 737.448907][ T3022] do_sendfile+0xaed/0xe30 [ 737.448907][ T3022] __x64_sys_sendfile64+0x1da/0x220 [ 737.448907][ T3022] do_syscall_64+0xcd/0x250 [ 737.448907][ T3022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.448907][ T3022] [ 737.536212][ T3022] ref_tracker: net notrefcnt@ffff888035752020 has 1/2 users at [ 737.536212][ T3022] sk_alloc+0xa93/0xb90 [ 737.536212][ T3022] inet_create+0x3a1/0x10a0 [ 737.536212][ T3022] __sock_create+0x335/0x8d0 [ 737.536212][ T3022] udp_sock_create4+0xa7/0x450 [ 737.536212][ T3022] sctp_udp_sock_start+0x10b/0x4b0 [ 737.536212][ T3022] proc_sctp_do_udp_port+0x3ba/0x4a0 [ 737.536212][ T3022] proc_sys_call_handler+0x403/0x5d0 [ 737.536212][ T3022] iter_file_splice_write+0x90f/0x10b0 [ 737.536212][ T3022] direct_splice_actor+0x18f/0x6c0 [ 737.536212][ T3022] splice_direct_to_actor+0x346/0xa40 [ 737.536212][ T3022] do_splice_direct+0x178/0x250 [ 737.536212][ T3022] do_sendfile+0xaed/0xe30 [ 737.536212][ T3022] __x64_sys_sendfile64+0x1da/0x220 [ 737.536212][ T3022] do_syscall_64+0xcd/0x250 [ 737.536212][ T3022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.536212][ T3022] [ 737.577682][T15315] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 737.718998][ T3022] ------------[ cut here ]------------ [ 737.724504][ T3022] WARNING: CPU: 1 PID: 3022 at lib/ref_tracker.c:179 ref_tracker_dir_exit+0x3e3/0x680 [ 737.734273][ T3022] Modules linked in: [ 737.738591][ T3022] CPU: 1 UID: 0 PID: 3022 Comm: kworker/u8:9 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 737.749733][ T3022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 737.760060][ T3022] Workqueue: netns cleanup_net SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 737.765078][ T3022] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 737.771095][ T3022] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 bb 2d d1 fc 48 8b 74 24 18 48 89 ef e8 ee a4 54 06 90 <0f> 0b 90 e8 a5 2d d1 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 34 [ 737.791077][ T3022] RSP: 0018:ffffc9000c007b38 EFLAGS: 00010246 [ 737.797775][ T3022] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 737.806029][ T3022] RDX: 0000000000000001 RSI: ffffffff8bb17080 RDI: 0000000000000001 [ 737.814371][ T3022] RBP: ffff888035752020 R08: 0000000000000000 R09: 0000000000000000 [ 737.822684][ T3022] R10: ffffffff901ce557 R11: 0000000000000b8f R12: ffff888035752070 [ 737.830948][ T3022] R13: ffff888035752070 R14: ffff888035752070 R15: ffff888035752070 [ 737.839035][ T3022] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 737.848067][ T3022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 737.854768][ T3022] CR2: 00007f04ca9705e8 CR3: 000000002fbca000 CR4: 00000000003526f0 [ 737.862769][ T3022] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 737.870847][ T3022] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 737.878914][ T3022] Call Trace: [ 737.882209][ T3022] [ 737.885203][ T3022] ? __warn+0xea/0x3c0 [ 737.889304][ T3022] ? ref_tracker_dir_exit+0x3e3/0x680 [ 737.894842][ T3022] ? report_bug+0x3c0/0x580 [ 737.899372][ T3022] ? handle_bug+0x54/0xa0 [ 737.903729][ T3022] ? exc_invalid_op+0x17/0x50 [ 737.908668][ T3022] ? asm_exc_invalid_op+0x1a/0x20 [ 737.913746][ T3022] ? ref_tracker_dir_exit+0x3e3/0x680 [ 737.919237][ T3022] ? ref_tracker_dir_exit+0x3e2/0x680 [ 737.924730][ T3022] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 737.930489][ T3022] ? cleanup_net+0x984/0xbd0 [ 737.935191][ T3022] cleanup_net+0x990/0xbd0 [ 737.939654][ T3022] ? __pfx_cleanup_net+0x10/0x10 [ 737.944707][ T3022] ? __schedule+0xe60/0x5ad0 [ 737.949321][ T3022] ? lock_acquire+0x2f/0xb0 [ 737.953880][ T3022] ? process_one_work+0x8bb/0x1b30 [ 737.959016][ T3022] process_one_work+0x958/0x1b30 [ 737.964078][ T3022] ? __pfx_process_one_work+0x10/0x10 [ 737.969472][ T3022] ? rcu_is_watching+0x12/0xc0 [ 737.974339][ T3022] ? assign_work+0x1a0/0x250 [ 737.978966][ T3022] worker_thread+0x6c8/0xf00 [ 737.983587][ T3022] ? __kthread_parkme+0x148/0x220 [ 737.988728][ T3022] ? __pfx_worker_thread+0x10/0x10 [ 737.993993][ T3022] kthread+0x2c1/0x3a0 [ 737.998087][ T3022] ? _raw_spin_unlock_irq+0x23/0x50 [ 738.003313][ T3022] ? __pfx_kthread+0x10/0x10 [ 738.008095][ T3022] ret_from_fork+0x45/0x80 [ 738.012534][ T3022] ? __pfx_kthread+0x10/0x10 [ 738.017192][ T3022] ret_from_fork_asm+0x1a/0x30 [ 738.021992][ T3022] [ 738.025077][ T3022] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 738.032367][ T3022] CPU: 1 UID: 0 PID: 3022 Comm: kworker/u8:9 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 738.043233][ T3022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 738.053306][ T3022] Workqueue: netns cleanup_net [ 738.058116][ T3022] Call Trace: [ 738.061406][ T3022] [ 738.064351][ T3022] dump_stack_lvl+0x3d/0x1f0 [ 738.068967][ T3022] panic+0x71d/0x800 [ 738.072898][ T3022] ? __pfx_panic+0x10/0x10 [ 738.077343][ T3022] ? show_trace_log_lvl+0x29d/0x3d0 [ 738.082570][ T3022] ? check_panic_on_warn+0x1f/0xb0 [ 738.087788][ T3022] ? ref_tracker_dir_exit+0x3e3/0x680 [ 738.093193][ T3022] check_panic_on_warn+0xab/0xb0 [ 738.098172][ T3022] __warn+0xf6/0x3c0 [ 738.102099][ T3022] ? ref_tracker_dir_exit+0x3e3/0x680 [ 738.107500][ T3022] report_bug+0x3c0/0x580 [ 738.111854][ T3022] handle_bug+0x54/0xa0 [ 738.116035][ T3022] exc_invalid_op+0x17/0x50 [ 738.120564][ T3022] asm_exc_invalid_op+0x1a/0x20 [ 738.125439][ T3022] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 738.131451][ T3022] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 bb 2d d1 fc 48 8b 74 24 18 48 89 ef e8 ee a4 54 06 90 <0f> 0b 90 e8 a5 2d d1 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 34 [ 738.151089][ T3022] RSP: 0018:ffffc9000c007b38 EFLAGS: 00010246 [ 738.157184][ T3022] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 738.165177][ T3022] RDX: 0000000000000001 RSI: ffffffff8bb17080 RDI: 0000000000000001 [ 738.173162][ T3022] RBP: ffff888035752020 R08: 0000000000000000 R09: 0000000000000000 [ 738.181154][ T3022] R10: ffffffff901ce557 R11: 0000000000000b8f R12: ffff888035752070 [ 738.189147][ T3022] R13: ffff888035752070 R14: ffff888035752070 R15: ffff888035752070 [ 738.197155][ T3022] ? ref_tracker_dir_exit+0x3e2/0x680 [ 738.202568][ T3022] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 738.208334][ T3022] ? cleanup_net+0x984/0xbd0 [ 738.213046][ T3022] cleanup_net+0x990/0xbd0 [ 738.217491][ T3022] ? __pfx_cleanup_net+0x10/0x10 [ 738.222455][ T3022] ? __schedule+0xe60/0x5ad0 [ 738.227069][ T3022] ? lock_acquire+0x2f/0xb0 [ 738.231584][ T3022] ? process_one_work+0x8bb/0x1b30 [ 738.236719][ T3022] process_one_work+0x958/0x1b30 [ 738.241688][ T3022] ? __pfx_process_one_work+0x10/0x10 [ 738.247090][ T3022] ? rcu_is_watching+0x12/0xc0 [ 738.251882][ T3022] ? assign_work+0x1a0/0x250 [ 738.256501][ T3022] worker_thread+0x6c8/0xf00 [ 738.261114][ T3022] ? __kthread_parkme+0x148/0x220 [ 738.266158][ T3022] ? __pfx_worker_thread+0x10/0x10 [ 738.271284][ T3022] kthread+0x2c1/0x3a0 [ 738.275374][ T3022] ? _raw_spin_unlock_irq+0x23/0x50 [ 738.280595][ T3022] ? __pfx_kthread+0x10/0x10 [ 738.285213][ T3022] ret_from_fork+0x45/0x80 [ 738.289650][ T3022] ? __pfx_kthread+0x10/0x10 [ 738.294260][ T3022] ret_from_fork_asm+0x1a/0x30 [ 738.299060][ T3022] [ 738.302349][ T3022] Kernel Offset: disabled [ 738.306668][ T3022] Rebooting in 86400 seconds..