last executing test programs: 1.723305299s ago: executing program 1 (id=11620): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='.\x00', @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x94) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.701024333s ago: executing program 2 (id=11622): r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x44000, 0x0) 1.426069628s ago: executing program 2 (id=11626): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x0, 0x0) ioctl$auto_tracing_buffers_fops_trace(r0, 0x5220, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.355473509s ago: executing program 3 (id=11627): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/ip6gre0/forwarding\x00', 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r0, r1, 0x0, 0x1000200) 1.353362111s ago: executing program 1 (id=11628): r0 = gettid() msgctl$auto_IPC_INFO(0xfb51, 0x3, &(0x7f0000002b00)={{0x1, 0xee01, 0xee01, 0x9, 0x17400000, 0x8000, 0x6}, 0x0, 0x0, 0x1, 0x101, 0xf9, 0x4, 0xfffffffffffffffd, 0x7, 0x3, 0x2, @inferred, @inferred=r0}) kcmp$auto_KCMP_IO(r0, r1, 0x5, 0x3, 0x759) 1.155844282s ago: executing program 3 (id=11630): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000000)={0x20, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000010}, 0xc050) 1.087995784s ago: executing program 1 (id=11632): setresuid$auto(0x8, 0x8, 0x0) setfsuid$auto(0x0) pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00') 1.087296519s ago: executing program 2 (id=11633): epoll_create1$auto(0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) write$auto(0xca, &(0x7f0000000000)='\x0462\x0f\x00\x00\x96\x18am\xea\xf4\x1b\xf8', 0x7e) 999.951556ms ago: executing program 3 (id=11634): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPP(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_HE_CAPABILITY={0x15, 0x10d, "8223d208b7dd3463a3a936688073d724bb"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x10) 846.281978ms ago: executing program 3 (id=11636): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/security/tomoyo/profile\x00', 0x40d02, 0x0) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000007dc0)={0x48c, 0x0, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x475, 0x1, 0x0, 0x1, [@generic="087014f1ef9c2677defafbdfb42bcc29c0c8580d55425614b91645b2b262581521d941681a5b33a44af98ba947d83c2d2089dc02566dd12a27848e7d5d7f708eb2bbdf6c78d50dc5a41b11c451e40c4033f9ac89e6fc57bd134c90b291f5d1ea74826cd828b5fc942450df4aa5b3cc2c48f754f5e0a11166bbf32b35005515b74dbfacc810bac09b35367a8071f64d30f94bf791837d9cf12fba69351fcabcb45d86b110cfa222e355317c3b7399f5548a7fd709afcf257e78de7c5dcbf93932ce615994724d2982e99d030e937285dec36926f9614464c993e78d992ff4fcb058659cb55c4e14606f644c861c6023fde20193cbb26bb569d442244f780a17cf3df93e84e10906c5b3934f6636b20dd2ac8279af2c400e35b4af12d95f7a2d2bb8554b369014fe6e131c00561903a9a27de2e10a126f3f94f82928b6314195b41817adc9c94ddf17dc00b1a50459bbb89c075ed22d8562dab2eb9088af233e2e2f82b958c9a04801729b4444615028bb5d461a00feceac62ae827db2d79bd53f821e27774031618069afcd96107491ced6a32ed7311e80fe139768c1e9c8f4c77efedb37a9acec44b0dc540819f6857bda1ce54f0b007933bd8b572e864b45f1bb4f25f99c03f1cb62acdad16b7ffa768adf468ac1223b06b907bd1ee0b98a74f558fabcfa41aa291c7751030dc125be193301b55257848579d97236f0773c21f838e4f4517aea7c964a0a82696a628f86f108ea5d4834f9f1d171f0e4215ce096fc4425b51dce90ec47f50a34844cad59171b3762533d139e728ae02eb3e27dc310e5bdf67b85401950e1737a09dab3e823674aa0eb5ce52001394caa3f7cc329b1f94d6e54fd40d5aeca45b47b4cfff7888f0e9b20b40117b84ef6a6b9664a959faf345c3272f75b392bc48b14c9f6c85e217ee4115b8804f72c2a158003438ab510a6ad3ee3251a245bb9a6f60827c12b87c1330069ff90418ee6feebe0fafd47f40d0407949e849cd5fde252788de90f45069aae6aacbe8ee1da268037473636a7574481be703d33872f142dea83bfedea7e3a9732d9e485ad70cec9768245cb44d158743bdab6f514e6cfe5cbc7a1cf4293c377f9625b13a7d57ba39d31f0e0867a3787ca1d97f5e0046269ff1f4abdf6a56919e662777ae125fe3134a513f6cd778577b4ac77eaf9a74052b1c57e57dc9728abe55a833d9f5a7e91d818ad27a74854a7b010796f676ffeb7112946a261268e7c8ab2efe8872abfe1a6045542be2023998ec81e170e68fa4f5ce42c77a9c1a49bc76b2184f05c0620c8e10e7628eaccc4283889b59d3183d0399f4be9883e2c0f199610abad0adce42538a97a8451627b02dc9ad585f03626a63e411847f3dcb1694220014fac98b892faac11878537fc2ed35b8c24f14fb84f0dea650ed975c580d108a5f571f709f568829b24932a26dce3b6388dc7675345519e2a1a4fd1d2a7f8650e249b3215d78616c7c9df97b4425c0e35e41355761a2710366b479d728d84255413c0beecdef578457af0e6144303dac97deee723ef4ed915ac1fcf0afd2d85ea21e91e7d73a9fe634b2e1213287ca48dbf09c4e1205f0a"]}]}, 0x48c}, 0x1, 0x0, 0x0, 0x80}, 0x2800) write$auto(r0, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) 817.795321ms ago: executing program 0 (id=11637): setresuid$auto(0x0, 0x8, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) open_by_handle_at$auto(r0, &(0x7f00000004c0)={0x1, 0x0, "ed"}, 0xffffffff) 796.099263ms ago: executing program 1 (id=11638): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) 770.862136ms ago: executing program 2 (id=11639): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001d40), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x14, r1, 0xdb589d63fce79fc7, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc031}, 0x44) 664.304918ms ago: executing program 0 (id=11640): socket(0x2d, 0x2, 0x0) setuid$auto(0x800000000008) bind$auto(0x3, &(0x7f0000000040)=@in={0x2d, 0x3, @empty}, 0x6a) 610.492027ms ago: executing program 3 (id=11641): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) write$auto(r0, &(0x7f0000000040)='\x00', 0x1) 524.235259ms ago: executing program 1 (id=11642): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000580)='/sys/power/disk\x00', 0xc0082, 0x0) memfd_secret$auto(0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 506.667938ms ago: executing program 0 (id=11643): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/003/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f00000001c0)={0x0, 0x80805513, 0x0}) 459.472338ms ago: executing program 2 (id=11644): mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) io_uring_setup$auto(0x6, 0x0) io_uring_enter$auto(0xffffffffffffffff, 0x7, 0x2, 0x10, 0x0, 0xf2a7214) 340.839716ms ago: executing program 0 (id=11645): mmap$auto(0x0, 0x1, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x11, 0x3, 0x2) getsockopt$auto(r0, 0x107, 0x7fff, 0x0, 0x0) 285.437959ms ago: executing program 3 (id=11646): open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) write$auto_ftrace_enable_fops_trace_events(0xffffffffffffffff, &(0x7f0000000000)="a3a5ef09b5b35e13fae05cbc144f87d25db57560747a31736099f3281707ee3727cf3a430c340438cf2bfc7622074b9cbd47d33a8fcc675f800755e14e21f777602953a87d9d7c2e49c932f1c5241418c259f5e2a1b2503cceab9a366163116b184ac8d1b86457b107f50c1c04046b61946a73c534101cb745306fc6af1c74a0f948cb1d73e2ac13580c7e32d54d85beec07ff2eb69c8d41a15984f1972e642b9b23b6c352632fb7b4c1b5feef4cd41f6952484f2055b21b907aa67292afa156dbcc05f7e43ab888bb5aefab91adddec67f53b894be7cde405bd7a81f8f6cee1360bcea5d4953e7b0bb9c8806ecef879dcc644e379fbc46c61b31442cc91b967248f93ff7d880fe329752c8bb0be92332475e4f68c16a6a16223ad74ddbcc179c23864bc078e5f6da6ab5069a129c08405ad1a796579347990390966d71548262002f495a6824c9aeeae072347691188122d5bdd4b176aa40fe16f6f69f5dffbf63cee5af8facd6f083d35c609173ad85431a24a04d800275057a42ae08f9946f02cc0fcff16db4f719477937bcd107cc88d951326d537efad9840ab2898691d21d6f5ba539cebd073a20e7101b11866edc69c364300d1af3f366af7cbea46921c542e9fdcdbe614a8c5bc635b1b9fd0ea8019192416e2818de6b5c829fcb1551ef3c3916e45f32dca9915be6caef6da2dba8c099d2dbe5f8099afd4e5e1aa355a1a0be46fe5e9a26d9ed0667759cd68ba2a2fff7844016cdda98ad718ed1267d56bc79041edb3f9cf377f16cdd8d812399281f458f6612f66ea5fff4152a388998f91c8784d098276ac9770ffb1245e1e3b0df4d8718733b1aba36eec1fa1b52d01361090a92b65846b9d84bef1c73cb06b9c63d4296e2e08fc654dcdf74e61a88f74ae7f0810d0534dcec6312c2c", 0x28f) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, &(0x7f00000001c0)) 248.121795ms ago: executing program 1 (id=11647): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x800}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x93b}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x90) 179.184055ms ago: executing program 0 (id=11648): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r0) rmdir$auto(&(0x7f0000000140)='./cgroup\x00') 153.743119ms ago: executing program 2 (id=11649): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) pread64$auto(r0, 0x0, 0x68, 0x10005) 0s ago: executing program 0 (id=11650): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/v4l-subdev3\x00', 0x80000, 0x0) ioctl$auto(r0, 0xc040563e, r0) kernel console output (not intermixed with test programs): 58499][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.365856][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.387930][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.423933][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.431245][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.447809][ T161] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.455067][ T161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.521120][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.588068][ T5824] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 91.618883][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.639700][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.646936][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.679417][ T1309] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.686607][ T1309] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.818981][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.835476][ T5838] Bluetooth: hci0: command tx timeout [ 91.912237][ T5838] Bluetooth: hci1: command tx timeout [ 91.919054][ T5838] Bluetooth: hci3: command tx timeout [ 91.924986][ T51] Bluetooth: hci2: command tx timeout [ 92.019356][ T5823] veth0_vlan: entered promiscuous mode [ 92.051919][ T5823] veth1_vlan: entered promiscuous mode [ 92.164774][ T5823] veth0_macvtap: entered promiscuous mode [ 92.189784][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.207421][ T5823] veth1_macvtap: entered promiscuous mode [ 92.245402][ T797] cfg80211: failed to load regulatory.db [ 92.289411][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.328190][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.383082][ T5824] veth0_vlan: entered promiscuous mode [ 92.389417][ T161] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.405297][ T161] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.429049][ T161] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.438503][ T161] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.454254][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.477720][ T5824] veth1_vlan: entered promiscuous mode [ 92.490177][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.587315][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.601063][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.659693][ T5824] veth0_macvtap: entered promiscuous mode [ 92.680967][ T5824] veth1_macvtap: entered promiscuous mode [ 92.706973][ T5822] veth0_vlan: entered promiscuous mode [ 92.715308][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.724447][ T5822] veth1_vlan: entered promiscuous mode [ 92.734286][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.752084][ T5821] veth0_vlan: entered promiscuous mode [ 92.816411][ T5821] veth1_vlan: entered promiscuous mode [ 92.826694][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.866629][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 92.869689][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.900299][ T5822] veth0_macvtap: entered promiscuous mode [ 92.924021][ T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.936199][ T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.960758][ T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.971222][ T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.991088][ T5822] veth1_macvtap: entered promiscuous mode [ 93.056092][ T5821] veth0_macvtap: entered promiscuous mode [ 93.090083][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.111939][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.133101][ T5821] veth1_macvtap: entered promiscuous mode [ 93.175007][ T1309] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.234901][ T1309] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.244758][ T1309] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.280933][ T161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.293763][ T161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.331671][ T1309] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.346640][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.408766][ T1309] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.418542][ T1309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.454236][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.536304][ T161] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.547912][ T161] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.559960][ T161] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.683403][ T161] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.725291][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.738953][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.912786][ T5838] Bluetooth: hci0: command tx timeout [ 93.933050][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.940936][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.993562][ T5838] Bluetooth: hci3: command tx timeout [ 93.999032][ T5838] Bluetooth: hci2: command tx timeout [ 94.005601][ T51] Bluetooth: hci1: command tx timeout [ 94.042193][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.067074][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.275843][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.306132][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.994379][ T5838] Bluetooth: hci0: command tx timeout [ 96.072663][ T5838] Bluetooth: hci3: command tx timeout [ 96.078179][ T5838] Bluetooth: hci2: command tx timeout [ 96.082516][ T51] Bluetooth: hci1: command tx timeout [ 96.187689][ T51] Bluetooth: hci3: unexpected event 0x03 length: 123 > 11 [ 96.242651][ T6011] syz.3.47 (6011): attempted to duplicate a private mapping with mremap. This is not supported. [ 96.308468][ T6014] syz.1.48(6014): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 99.158987][ T6125] syz.0.103 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 100.328586][ T29] audit: type=1800 audit(1775993817.637:2): pid=6168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.124" name="features" dev="configfs" ino=8466 res=0 errno=0 [ 100.486446][ T6173] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 102.154029][ T6249] ======================================================= [ 102.154029][ T6249] WARNING: The mand mount option has been deprecated and [ 102.154029][ T6249] and is ignored by this kernel. Remove the mand [ 102.154029][ T6249] option from the mount to silence this warning. [ 102.154029][ T6249] ======================================================= [ 102.879592][ T29] audit: type=1800 audit(1843104519.784:3): pid=6279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.180" name="dbroot" dev="configfs" ino=9378 res=0 errno=0 [ 104.132248][ T29] audit: type=1800 audit(1843104521.030:4): pid=6332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.206" name="members" dev="configfs" ino=9443 res=0 errno=0 [ 104.263399][ T6340] futex_wake_op: syz.3.211 tries to shift op by -1; fix this program [ 105.118789][ T6376] ptrace attach of "./syz-executor exec"[5821] was attempted by "./syz-executor exec"[6376] [ 105.751189][ T6407] Unable to find swap-space signature [ 106.935425][ T51] Bluetooth: hci1: unexpected event 0x0f length: 123 > 4 [ 107.712898][ T51] Bluetooth: hci0: unknown advertising packet type: 0xea [ 110.468735][ T6614] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.802438][ T6673] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 117.624312][ T29] audit: type=1800 audit(1843104534.600:5): pid=6944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.510" name="dbroot" dev="configfs" ino=11326 res=0 errno=0 [ 117.907647][ T6956] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 118.119134][ T51] Bluetooth: hci3: unexpected event 0x01 length: 124 > 1 [ 118.334158][ T6976] Invalid ELF header magic: != ELF [ 118.485194][ T51] Bluetooth: hci3: unexpected event 0x34 length: 726 > 6 [ 118.678408][ T6993] Unable to find swap-space signature [ 122.783859][ T7177] mmap: syz.1.621 (7177) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 125.196551][ T7291] futex_wake_op: syz.1.672 tries to shift op by -2048; fix this program [ 126.479939][ T7358] __vm_enough_memory: pid: 7358, comm: syz.1.702, bytes: 4398046511104 not enough memory for the allocation [ 129.975719][ T51] Bluetooth: hci2: unexpected event 0x23 length: 127 > 13 [ 130.513822][ T7530] capability: warning: `syz.0.787' uses 32-bit capabilities (legacy support in use) [ 130.631268][ T7534] ima: policy update failed [ 130.650572][ T29] audit: type=1802 audit(1843104547.698:6): pid=7534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.790" res=0 errno=0 [ 131.341726][ T51] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 131.709826][ T51] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 131.717178][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 507 > 18 [ 133.033633][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.040172][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.876218][ T7688] ptrace attach of "./syz-executor exec"[5821] was attempted by "./syz-executor exec"[7688] [ 135.146794][ T51] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 135.146837][ T51] Bluetooth: hci2: unexpected subevent 0x01 length: 507 > 18 [ 135.675389][ T51] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 135.825337][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 141.717686][ T29] audit: type=1800 audit(1843104558.826:7): pid=8015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1031" name="trace_pipe" dev="tracefs" ino=3480 res=0 errno=0 [ 151.109440][ T8448] ptrace attach of "./syz-executor exec"[5822] was attempted by "./syz-executor exec"[8448] [ 151.623239][ T8465] nfs: Bad value for 'source' [ 153.015326][ T8516] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 153.489279][ T29] audit: type=1800 audit(1843104570.657:8): pid=8532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1283" name="features" dev="configfs" ino=15129 res=0 errno=0 [ 154.836671][ T8585] Process accounting resumed [ 154.904494][ T29] audit: type=1800 audit(1843104572.084:9): pid=8590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1310" name="version" dev="configfs" ino=15977 res=0 errno=0 [ 157.744543][ T8625] kexec: Could not allocate control_code_buffer [ 164.610403][ T8995] syz_tun: tun_chr_ioctl cmd 1074025677 [ 164.616048][ T8995] syz_tun: Linktype set failed because interface is up [ 165.688435][ T9031] can: request_module (can-proto-5) failed. [ 166.173628][ T29] audit: type=1800 audit(4294969352.992:10): pid=9052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1537" name="lu_gp_id" dev="configfs" ino=16908 res=0 errno=0 [ 168.399713][ T9140] random: crng reseeded on system resumption [ 168.955229][ T9160] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 177.232348][ T51] Bluetooth: hci3: Unexpected cc 0x7c89 with no status [ 177.293787][ T9508] binder: 9507:9508 ioctl c0306201 200000000000 returned -14 [ 178.824129][ T9568] binder: 9567:9568 ioctl c0306201 0 returned -14 [ 180.674416][ T51] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 180.674453][ T51] Bluetooth: hci3: unexpected subevent 0x06 length: 725 > 10 [ 181.004868][ T9660] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there [ 181.004868][ T9660] [ 181.411799][ T9677] random: crng reseeded on system resumption [ 182.695394][ T51] Bluetooth: hci3: command tx timeout [ 182.705935][ T9739] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 183.273975][ T9759] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 183.285688][ T9759] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 183.303194][ T9759] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 183.324578][ T9759] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 183.342896][ T9759] page dumped because: unmovable page [ 183.355449][ T9759] page_owner info is not present (never set?) [ 183.830216][ T9787] ceph: Failed to parse sending metrics switch value 'P^' [ 184.073197][ T9799] Invalid ELF header magic: != ELF [ 184.696128][ T51] Bluetooth: hci1: Unexpected cc 0x7c89 with no status [ 185.748856][ T9869] block2mtd: Using custom MTD label '' for dev [ 185.770082][ T9869] block2mtd: error: cannot open device [ 187.206264][ T51] Bluetooth: hci2: Unexpected cc 0x7c89 with no status [ 187.232893][ T9935] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 188.138497][ T9972] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 188.882930][T10004] random: crng reseeded on system resumption [ 189.042400][ T51] Bluetooth: hci0: Unexpected cc 0x7c89 with no status [ 190.498639][T10073] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 190.518400][T10073] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 191.253722][ T29] audit: type=1800 audit(4294969378.190:11): pid=10110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2054" name="dbroot" dev="configfs" ino=20453 res=0 errno=0 [ 191.677618][T10124] random: crng reseeded on system resumption [ 192.822474][ T51] Bluetooth: hci1: Unexpected cc 0x7c89 with no status [ 194.166663][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.173313][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.775427][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 196.474436][ T29] audit: type=1800 audit(4294969383.434:12): pid=10318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2154" name="sr0" dev="devtmpfs" ino=2807 res=0 errno=0 [ 196.646858][T10326] usb usb4: usbfs: process 10326 (syz.0.2158) did not claim interface 0 before use [ 196.677693][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 196.685732][ T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0' [ 196.699096][ T51] CPU: 1 UID: 0 PID: 51 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) [ 196.699137][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 196.699163][ T51] Workqueue: hci1 hci_rx_work [ 196.699211][ T51] Call Trace: [ 196.699220][ T51] [ 196.699231][ T51] dump_stack_lvl+0x100/0x190 [ 196.699280][ T51] sysfs_warn_dup.cold+0x1c/0x28 [ 196.699323][ T51] sysfs_create_dir_ns+0x24b/0x2b0 [ 196.699366][ T51] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 196.699404][ T51] ? find_held_lock+0x2b/0x80 [ 196.699433][ T51] ? kobject_add_internal+0x25f/0x930 [ 196.699471][ T51] ? kobject_add_internal+0x25f/0x930 [ 196.699515][ T51] ? do_raw_spin_unlock+0x145/0x1e0 [ 196.699565][ T51] kobject_add_internal+0x2c8/0x930 [ 196.699612][ T51] kobject_add+0x16a/0x1e0 [ 196.699651][ T51] ? __pfx_kobject_add+0x10/0x10 [ 196.699687][ T51] ? class_to_subsys+0x10f/0x150 [ 196.699738][ T51] ? kobject_put+0xb9/0x640 [ 196.699771][ T51] ? _raw_spin_unlock+0x28/0x50 [ 196.699830][ T51] device_add+0x294/0x1950 [ 196.699872][ T51] ? __pfx_dev_set_name+0x10/0x10 [ 196.699919][ T51] ? __pfx_device_add+0x10/0x10 [ 196.699970][ T51] ? mgmt_send_event_skb+0x2fb/0x460 [ 196.700030][ T51] hci_conn_add_sysfs+0x1a3/0x260 [ 196.700064][ T51] le_conn_complete_evt+0x11eb/0x1f60 [ 196.700124][ T51] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 196.700167][ T51] ? __pfx_bt_warn+0x10/0x10 [ 196.700212][ T51] hci_le_conn_complete_evt+0x23c/0x3a0 [ 196.700261][ T51] ? skb_pull_data+0x15f/0x1e0 [ 196.700307][ T51] hci_le_meta_evt+0x34a/0x5f0 [ 196.700336][ T51] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 196.700389][ T51] hci_event_packet+0x51c/0xcd0 [ 196.700430][ T51] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 196.700455][ T51] ? __pfx_hci_event_packet+0x10/0x10 [ 196.700498][ T51] ? kcov_remote_start+0x374/0x660 [ 196.700525][ T51] ? lockdep_hardirqs_on+0x78/0x100 [ 196.700563][ T51] hci_rx_work+0x451/0xfc0 [ 196.700616][ T51] process_one_work+0xa23/0x19a0 [ 196.700672][ T51] ? __pfx_process_one_work+0x10/0x10 [ 196.700726][ T51] ? __pfx_hci_rx_work+0x10/0x10 [ 196.700776][ T51] worker_thread+0x5ef/0xe50 [ 196.700836][ T51] ? kthread+0x13a/0x450 [ 196.700872][ T51] ? __pfx_worker_thread+0x10/0x10 [ 196.700909][ T51] kthread+0x370/0x450 [ 196.700943][ T51] ? __pfx_kthread+0x10/0x10 [ 196.700991][ T51] ret_from_fork+0x754/0xd80 [ 196.701033][ T51] ? __pfx_ret_from_fork+0x10/0x10 [ 196.701079][ T51] ? __switch_to+0x7b4/0x1120 [ 196.701108][ T51] ? __pfx_kthread+0x10/0x10 [ 196.701144][ T51] ret_from_fork_asm+0x1a/0x30 [ 196.701197][ T51] [ 196.964562][ T51] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 196.979407][ T51] Bluetooth: hci1: failed to register connection device [ 197.243922][T10340] program syz.2.2164 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 197.551729][T10350] vmstat_refresh: nr_hugetlb -2048 [ 197.827036][ T5837] Bluetooth: hci0: command 0x2016 tx timeout [ 197.985957][T10366] ACPI: Can not change Invalid GPE/Fixed Event status [ 199.100592][ T51] Bluetooth: hci1: command 0x2016 tx timeout [ 199.402311][T10431] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 199.894537][ T51] Bluetooth: hci0: command 0x2016 tx timeout [ 200.976638][ T5838] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 201.170940][ T51] Bluetooth: hci1: command 0x2016 tx timeout [ 201.489759][T10507] could not allocate digest TFM handle [ 201.998432][T10542] process 'syz.2.2260' launched './file0' with NULL argv: empty string added [ 202.747766][T10540] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 202.834383][T10570] bond0: no command found in slaves file - use +ifname or -ifname [ 203.000654][ T5838] Bluetooth: hci2: command 0x2016 tx timeout [ 203.203688][ T51] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 203.203735][ T51] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 203.226238][ T51] Bluetooth: hci1: Dropping invalid advertising data [ 203.233531][ T51] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 203.233601][ T51] Bluetooth: hci1: unknown advertising packet type: 0x8b [ 203.241640][ T51] Bluetooth: hci1: unknown advertising packet type: 0xee [ 203.412622][ T51] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 203.419883][ T51] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 203.434836][ T51] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 203.891523][T10620] binder: 10619:10620 ioctl c0046209 ffffffffffffffff returned -22 [ 205.069960][ T51] Bluetooth: hci2: command 0x2016 tx timeout [ 207.669329][T10807] program syz.0.2385 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.222558][T10877] QAT: failed to copy from user cfg_data. [ 209.250783][T10879] usb usb15: usbfs: process 10879 (syz.2.2420) did not claim interface 0 before use [ 209.466167][T10881] nvme_fabrics: missing parameter 'transport=%s' [ 209.492787][T10881] nvme_fabrics: missing parameter 'nqn=%s' [ 209.978961][T10909] binder: binder_mmap: 10906 0-1000 bad vm_flags failed -1 [ 209.986803][ T5839] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 211.152408][T10964] QAT: failed to copy from user cfg_data. [ 211.310631][ T5839] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 211.519638][ T5839] Bluetooth: hci3: command 0x0406 tx timeout [ 211.526017][ T5839] Bluetooth: hci0: command 0x2016 tx timeout [ 211.526919][ T5828] Bluetooth: hci2: command 0x2016 tx timeout [ 211.533735][ T5839] Bluetooth: hci1: command 0x2016 tx timeout [ 211.739268][T10991] nvme_fcloop: unknown parameter or missing value '0' [ 212.017073][T11002] misc userio: Invalid payload size [ 213.491566][T11078] block2mtd: device name too long [ 213.669571][ T5838] Bluetooth: hci3: command 0x0406 tx timeout [ 214.134250][T11108] block loop4: the capability attribute has been deprecated. [ 215.741151][ T5838] Bluetooth: hci3: command 0x0406 tx timeout [ 215.757092][ T29] audit: type=1400 audit(4294969402.805:13): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=11182 comm="syz.3.2568" [ 216.432259][T11220] syz.1.2586 uses obsolete (PF_INET,SOCK_PACKET) [ 217.228224][T11258] syz_tun: tun_chr_ioctl cmd 1074812117 [ 217.906476][T11288] vhci_hcd vhci_hcd.2: invalid port number 16 [ 217.912976][T11288] vhci_hcd vhci_hcd.2: invalid port number 16 [ 219.725160][T11377] bonding: no command found in bonding_masters - use +ifname or -ifname [ 220.264158][T11405] usb usb22: usbfs: process 11405 (syz.2.2677) did not claim interface 1 before use [ 220.335827][T11407] block nbd0: NBD_DISCONNECT [ 222.163014][T11484] bond0: invalid ARP target specified [ 222.612386][T11508] < [ 223.571175][T11556] usb usb13: check_ctrlrecip: process 11556 (syz.0.2750) requesting ep 01 but needs 81 [ 223.598542][T11556] usb usb13: usbfs: process 11556 (syz.0.2750) did not claim interface 0 before use [ 224.197286][T11586] block2mtd: illegal erase size [ 229.858371][T11846] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 231.418603][T11918] [U] ^Z [ 232.670668][T11985] rnbd_client L202: map_device: Unknown parameter or missing value '7' [ 234.117236][ T29] audit: type=1800 audit(4294967314.744:14): pid=12053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2990" name="discovery_nqn" dev="configfs" ino=27790 res=0 errno=0 [ 234.336520][T12063] synth uevent: /module/null_blk: unknown uevent action string [ 234.346978][T12065] kAFS: Invalid Command on /proc/fs/afs/cells file [ 234.890660][T12092] qrtr: Invalid version 0 [ 235.079902][T12101] Setting dangerous option i915.mitigations - tainting kernel [ 235.097736][T12101] Bad "i915.mitigations=CmâUQF\ ", 'CmâUQF\' is unknown [ 235.337523][T12110] nvme_fcloop: unknown parameter or missing value '7' [ 235.690972][T12128] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 236.566176][T12177] vhci_hcd vhci_hcd.2: invalid port number 135 [ 236.573150][T12177] vhci_hcd vhci_hcd.2: invalid port number 135 [ 236.954147][T12195] hub 1-0:1.0: USB hub found [ 236.974746][T12195] hub 1-0:1.0: 1 port detected [ 238.167001][T12257] block2mtd: illegal erase size [ 238.410140][T12269] Invalid input. Must be >= 4608 [ 240.628394][T12362] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 241.913880][T12422] syz_tun: tun_chr_ioctl cmd 1074025688 [ 242.645750][T12445] hub 1-0:1.0: USB hub found [ 242.653497][T12445] hub 1-0:1.0: 1 port detected [ 243.465189][T12485] syz_tun: tun_chr_ioctl cmd 35111 [ 243.844768][T12503] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 244.418262][T12524] smpboot: CPU 1 is now offline [ 244.757305][T12534] syz_tun: tun_chr_ioctl cmd 21731 [ 247.109980][T12634] [U] 0="/ [ 247.130060][T12634] [U] [ 247.146901][T12634] [U] EeQ@ [ 247.172588][T12633] [U]  [ 247.530613][T12655] GUP no longer grows the stack in syz.1.3282 (12655): 10000-411000 (0) [ 247.569619][T12655] CPU: 0 UID: 0 PID: 12655 Comm: syz.1.3282 Tainted: G U syzkaller #0 PREEMPT(full) [ 247.569651][T12655] Tainted: [U]=USER [ 247.569657][T12655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 247.569667][T12655] Call Trace: [ 247.569674][T12655] [ 247.569682][T12655] dump_stack_lvl+0x100/0x190 [ 247.569715][T12655] gup_vma_lookup.cold+0x83/0x96 [ 247.569743][T12655] __get_user_pages+0x241/0x34d0 [ 247.569772][T12655] ? down_read_killable+0x30e/0x4c0 [ 247.569799][T12655] ? __pfx___get_user_pages+0x10/0x10 [ 247.569827][T12655] __gup_longterm_locked+0x87d/0x16f0 [ 247.569849][T12655] ? is_bpf_text_address+0x8a/0x1a0 [ 247.569884][T12655] ? __pfx___gup_longterm_locked+0x10/0x10 [ 247.569916][T12655] ? find_held_lock+0x2b/0x80 [ 247.569934][T12655] ? gup_fast_fallback+0x7e5/0x2460 [ 247.569962][T12655] gup_fast_fallback+0x18c6/0x2460 [ 247.569999][T12655] ? __pfx_gup_fast_fallback+0x10/0x10 [ 247.570037][T12655] get_user_pages_fast+0xa7/0xf0 [ 247.570060][T12655] ? __pfx_get_user_pages_fast+0x10/0x10 [ 247.570089][T12655] get_futex_key+0x2c8/0x1620 [ 247.570114][T12655] ? __pfx_get_futex_key+0x10/0x10 [ 247.570140][T12655] ? kasan_save_track+0x14/0x30 [ 247.570157][T12655] ? __kasan_kmalloc+0xaa/0xb0 [ 247.570178][T12655] futex_lock_pi+0x1dc/0x7b0 [ 247.570209][T12655] ? __pfx_futex_lock_pi+0x10/0x10 [ 247.570241][T12655] ? tomoyo_path_number_perm+0x46d/0x580 [ 247.570270][T12655] ? find_held_lock+0x2b/0x80 [ 247.570294][T12655] ? tomoyo_path_number_perm+0x188/0x580 [ 247.570322][T12655] ? __pfx_futex_wake_mark+0x10/0x10 [ 247.570356][T12655] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 247.570377][T12655] ? __lock_acquire+0x4a5/0x2630 [ 247.570404][T12655] do_futex+0x18a/0x350 [ 247.570429][T12655] ? __pfx_do_futex+0x10/0x10 [ 247.570456][T12655] ? do_raw_spin_lock+0x128/0x260 [ 247.570487][T12655] __x64_sys_futex+0x34f/0x4d0 [ 247.570514][T12655] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 247.570546][T12655] ? __pfx___x64_sys_futex+0x10/0x10 [ 247.570572][T12655] ? kcov_ioctl+0x16a/0x720 [ 247.570595][T12655] do_syscall_64+0x106/0xf80 [ 247.570614][T12655] ? clear_bhb_loop+0x40/0x90 [ 247.570636][T12655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.570655][T12655] RIP: 0033:0x7ff64359c819 [ 247.570671][T12655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 247.570700][T12655] RSP: 002b:00007ff6444d1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 247.570719][T12655] RAX: ffffffffffffffda RBX: 00007ff643816090 RCX: 00007ff64359c819 [ 247.570731][T12655] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 247.570741][T12655] RBP: 00007ff643632c91 R08: 0000000000000000 R09: 0000000080000001 [ 247.570752][T12655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 247.570763][T12655] R13: 00007ff643816128 R14: 00007ff643816090 R15: 00007fff19478c98 [ 247.570787][T12655] [ 248.812027][T12697] synth uevent: /bus/mei: unknown uevent action string [ 249.063155][T12706] cougar: G6 mapped to space [ 249.677212][T12733] program syz.1.3321 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 249.736285][T12733] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 249.991075][T12743] usbip-vudc usbip-vudc.0: gadget not bound [ 250.012927][T12745] usb usb2: usbfs: process 12745 (syz.1.3327) did not claim interface 4 before use [ 252.450254][T12846] program syz.1.3375 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 254.044596][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.059657][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.376843][T12997] vivid-007: ================= START STATUS ================= [ 256.405355][T12997] vivid-007: Enable Output Cropping: true [ 256.435548][T12997] vivid-007: Enable Output Composing: true [ 256.468642][T12997] vivid-007: Enable Output Scaler: true [ 256.496029][T12997] vivid-007: Tx RGB Quantization Range: Automatic [ 256.527538][T12997] vivid-007: Transmit Mode: HDMI [ 256.552709][T12997] vivid-007: Hotplug Present: 0x00000000 [ 256.573108][T12997] vivid-007: RxSense Present: 0x00000000 [ 256.594045][T12997] vivid-007: EDID Present: 0x00000000 [ 256.637652][T12997] vivid-007: ================== END STATUS ================== [ 256.862104][T13012] kafs: addr_prefs: Invalid Command [ 262.858896][T13230] vivid-007: ================= START STATUS ================= [ 262.938128][T13230] vivid-007: Generate PTS: true [ 263.009049][T13230] vivid-007: Generate SCR: true [ 263.048605][T13230] tpg source WxH: 320x240 (Y'CbCr) [ 263.091211][T13230] tpg field: 1 [ 263.139457][T13230] tpg crop: (0,0)/320x240 [ 263.171707][T13230] tpg compose: (0,0)/320x240 [ 263.213902][T13230] tpg colorspace: 8 [ 263.254392][T13230] tpg transfer function: 0/0 [ 263.321312][T13230] tpg Y'CbCr encoding: 0/0 [ 263.369083][T13230] tpg quantization: 0/0 [ 263.409835][T13230] tpg RGB range: 0/2 [ 263.470853][T13230] vivid-007: ================== END STATUS ================== [ 264.242557][T13279] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 264.661043][ T29] audit: type=1804 audit(4294967345.427:15): pid=13298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3599" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 265.248563][T13323] overlayfs: "check_copy_up" module option is obsolete [ 265.540414][T13336] usb usb26: usbfs: process 13336 (syz.0.3618) did not claim interface 0 before use [ 267.741009][T13435] syz.1.3668 uses obsolete (PF_INET,SOCK_PACKET) [ 268.383998][T13457] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 269.986704][ T29] audit: type=1800 audit(4294967350.782:16): pid=13519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3710" name="members" dev="configfs" ino=31732 res=0 errno=0 [ 270.611917][T13541] QAT: failed to copy from user. [ 271.000216][T13557] blkio.reset_stats is deprecated [ 275.122079][T13733] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 276.100947][T13769] zram: Added device: zram1 [ 277.061309][T13811] syz_tun: tun_chr_ioctl cmd 1074025681 [ 277.255982][ T29] audit: type=1800 audit(4294967358.087:17): pid=13820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3860" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 277.797507][T13844] ubi0: attaching mtd0 [ 277.814564][T13844] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 277.939492][T13849] aoe: copy from user failed [ 277.944168][T13849] aoe: could not set interface list: too many interfaces [ 279.655035][T13915] zram: Added device: zram2 [ 280.348006][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 280.355840][ T5833] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 280.743778][ T5838] Bluetooth: hci2: unexpected event 0x3e length: 0 < 1 [ 281.339257][T13972] Setting dangerous option i915.mitigations - tainting kernel [ 282.412345][T14011] delete_channel: no stack [ 282.426951][T14013] kafs: addr_prefs: Invalid Command [ 282.995102][T14038] vhci_hcd vhci_hcd.2: invalid port number 16 [ 283.023275][T14038] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 284.162642][T14084] bond0: invalid ARP target specified [ 284.293787][T14089] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 285.336297][ T5838] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 285.345837][ T5838] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 286.345657][T14171] futex_wake_op: syz.2.4029 tries to shift op by -2048; fix this program [ 286.402841][T14171] futex_wake_op: syz.2.4029 tries to shift op by -2048; fix this program [ 286.888240][T14194] ecryptfs_miscdev_write: Error while inspecting packet size syzkaller syzkaller login: [ 288.866206][T14280] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 289.266603][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 289.274329][ T5833] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 291.325188][T14383] kAFS: Invalid Command on /proc/fs/afs/cells file [ 291.674023][T14395] Setting dangerous option i915.mitigations - tainting kernel [ 293.981705][T14498] pci 0000:00:01.3: enabling device (0000 -> 0001) [ 294.093017][T14498] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 294.122055][T14498] pci 0000:00:01.3: PCI INT A: no GSI [ 294.529539][T14523] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 295.209358][T14554] nvme_fabrics: unknown parameter or missing value '@' in ctrl creation request [ 295.615990][T14576] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 295.655759][T14576] ep_00: uevent: failed to send synthetic uevent: -22 [ 295.826736][T14583] bonding: no command found in bonding_masters - use +ifname or -ifname [ 296.183082][ T5833] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 296.191164][ T5833] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff [ 296.747686][T14617] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 297.486114][T14644] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 297.608813][T14644] CIFS mount error: No usable UNC path provided in device string! [ 297.608813][T14644] [ 297.645000][T14644] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 297.686456][ T29] audit: type=1400 audit(4294967378.613:18): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=14649 comm="syz.2.4262" [ 298.347037][T14675] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 298.835595][T14696] random: crng reseeded on system resumption [ 298.897313][T14696] Restarting kernel threads ... [ 298.927804][T14696] Done restarting kernel threads. [ 299.159255][T14704] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.600391][T14813] mmap: syz.1.4342 (14813) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 305.568632][T14937] synth uevent: /devices/platform/vivid.0/cec26: unknown uevent action string [ 305.653475][T14937] cec cec26: uevent: failed to send synthetic uevent: -22 [ 305.997809][T14955] Format for deleting device is "id" (uint). [ 306.282948][T14966] [U] ^R [ 309.827587][T15094] Format for adding new port is "id [perm_addr]" (uint MAC). [ 310.507090][ T5829] Process accounting resumed [ 312.762450][T15207] kfence: disabled [ 314.398095][T15259] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 315.974716][T15304] vhci_hcd vhci_hcd.1: invalid port number 16 [ 316.009029][T15304] vhci_hcd vhci_hcd.1: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 316.472779][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.479266][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.533475][T15322] i2c i2c-0: new_device: Can't parse I2C address [ 317.348581][T15352] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff81b1213a (__mcheck_cpu_init_prepare_banks+0x18a/0x380) [ 317.364560][T15352] Call Trace: [ 317.367972][T15352] [ 317.371050][T15352] ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10 [ 317.377881][T15352] ? __pfx_debug_object_deactivate+0x10/0x10 [ 317.384553][T15352] mce_cpu_restart+0xd5/0x1f0 [ 317.389563][T15352] ? __pfx_mce_cpu_restart+0x10/0x10 [ 317.394995][T15352] smp_call_function_many_cond+0x11fc/0x1500 [ 317.401251][T15352] ? __pfx_mce_cpu_restart+0x10/0x10 [ 317.406633][T15352] ? mark_held_locks+0x40/0x70 [ 317.411438][T15352] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 317.417272][T15352] ? lockdep_hardirqs_on+0x78/0x100 [ 317.422479][T15352] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 317.428494][T15352] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 317.435801][T15352] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 317.442038][T15352] ? __timer_delete_sync+0x151/0x1c0 [ 317.447536][T15352] ? __pfx_mce_cpu_restart+0x10/0x10 [ 317.452860][T15352] on_each_cpu_cond_mask+0x40/0x90 [ 317.458012][T15352] set_bank+0x240/0x3a0 [ 317.462293][T15352] ? __pfx_set_bank+0x10/0x10 [ 317.467094][T15352] ? find_held_lock+0x2b/0x80 [ 317.471846][T15352] ? sysfs_file_kobj+0xe4/0x290 [ 317.476800][T15352] ? sysfs_file_kobj+0xe4/0x290 [ 317.481855][T15352] ? __pfx_set_bank+0x10/0x10 [ 317.486838][T15352] dev_attr_store+0x58/0x80 [ 317.491546][T15352] ? __pfx_dev_attr_store+0x10/0x10 [ 317.496874][T15352] sysfs_kf_write+0xf2/0x150 [ 317.501783][T15352] kernfs_fop_write_iter+0x3e0/0x5f0 [ 317.507266][T15352] ? __pfx_sysfs_kf_write+0x10/0x10 [ 317.512827][T15352] vfs_write+0x6ac/0x1070 [ 317.517362][T15352] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 317.523266][T15352] ? __pfx_vfs_write+0x10/0x10 [ 317.528155][T15352] ksys_write+0x12a/0x250 [ 317.532764][T15352] ? __pfx_ksys_write+0x10/0x10 [ 317.537647][T15352] do_syscall_64+0x106/0xf80 [ 317.542366][T15352] ? clear_bhb_loop+0x40/0x90 [ 317.547276][T15352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.553230][T15352] RIP: 0033:0x7ff64359c819 [ 317.557665][T15352] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.577477][T15352] RSP: 002b:00007ff6444f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 317.585928][T15352] RAX: ffffffffffffffda RBX: 00007ff643815fa0 RCX: 00007ff64359c819 [ 317.594124][T15352] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 317.602134][T15352] RBP: 00007ff643632c91 R08: 0000000000000000 R09: 0000000000000000 [ 317.610144][T15352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.618235][T15352] R13: 00007ff643816038 R14: 00007ff643815fa0 R15: 00007fff19478c98 [ 317.626338][T15352] [ 318.980184][T15394] syz_tun: tun_chr_ioctl cmd 1074025684 [ 319.714425][T15415] Format for unlinking a device is "netnsfd:ifidx" (int uint). Ijn9_VQ8j@:U%Ux0 R@x@qrIB@[*t ;S;x=Gcqx)Z*16GSu bmIK7 [ 325.950164][ T29] audit: type=1800 audit(4294967407.005:19): pid=15676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4767" name="lu_gp_id" dev="configfs" ino=38672 res=0 errno=0 [ 326.713476][T15705] vhci_hcd vhci_hcd.1: invalid port number 14 [ 326.741277][T15705] vhci_hcd vhci_hcd.1: Wrong hub descriptor type for USB 3.0 roothub. [ 326.764203][T15710] i2c i2c-0: delete_device: Can't find device in list [ 328.134253][T15766] zswap: compressor Zu~^8acu0|,aRrqP')ޱ`*]T]X؃(ۂTN>_r$z&[+x[DPxe?m3Qz not available [ 328.380436][T15775] bond0: invalid ARP target specified [ 328.599666][T15782] [U] ^\ [ 329.120860][T15813] binder: 15812:15813 ioctl 541b 0 returned -22 [ 330.221300][ T29] audit: type=1800 audit(4294967411.295:20): pid=15858 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4855" name="dbroot" dev="configfs" ino=39242 res=0 errno=0 [ 331.577506][T15917] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 334.233020][T16028] bond0: invalid ARP target specified [ 336.533816][T16128] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 337.935407][T16187] kernel profiling enabled (shift: 0) [ 339.367354][T16230] sd 0:0:1:0: PR command failed: 1026 [ 339.403554][T16230] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 339.431527][T16230] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 340.945396][T16283] i2c i2c-0: new_device: Missing parameters [ 341.773512][T16312] ima: policy update failed [ 341.795336][ T29] audit: type=1802 audit(4294967422.920:21): pid=16312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.5071" res=0 errno=0 [ 342.121706][ T29] audit: type=1800 audit(4294967423.251:22): pid=16331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5079" name="discovery_nqn" dev="configfs" ino=40699 res=0 errno=0 [ 343.389925][T16393] vhci_hcd vhci_hcd.2: invalid port number 253 [ 343.419673][T16393] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 344.068309][ T29] audit: type=1806 audit(4294967425.211:23): xattr="." res=0 [ 344.532840][T16443] usb usb11: usbfs: interface 0 claimed by hub while 'syz.0.5136' sets config #7 [ 344.658340][T16449] kAFS: No cell specified [ 345.364683][ T29] audit: type=1800 audit(4294967426.517:24): pid=16487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5155" name="members" dev="configfs" ino=41169 res=0 errno=0 [ 346.279269][T16529] kAFS: No cell specified [ 347.162413][T16571] ima: policy update failed [ 347.172337][ T29] audit: type=1802 audit(4294967428.325:25): pid=16571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.5194" res=0 errno=0 [ 347.243252][T16576] kafs: addr_prefs: Invalid Command [ 348.655630][T16634] program syz.2.5223 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 348.943920][T16649] bond0: invalid ARP target specified [ 350.505919][ T29] audit: type=1800 audit(4294967431.671:26): pid=16721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5264" name="lu_gp_id" dev="configfs" ino=41893 res=0 errno=0 [ 350.539665][T16721] kstrtoul() returned -22 for lu_gp_id [ 353.067720][T16845] bcache: register_bcache() error : failed to open device [ 353.739450][T16884] sysfs_service_op_show: Client not running :-5: [ 353.835212][T16888] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 360.276163][T17158] nvme_fcloop: unknown parameter or missing value '' [ 360.531654][T17168] ubi31: attaching mtd0 [ 360.567693][T17168] ubi31: scanning is finished [ 360.621449][T17168] ubi31 error: ubi_read_volume_table: the layout volume was not found [ 360.870292][T17168] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 360.879282][T17179] nfs4: Unknown parameter 'ECH];^YىZL`~^g ' [ 363.772373][T17282] ima: policy update failed [ 363.804051][ T29] audit: type=1802 audit(4294985789.033:27): pid=17282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.5504" res=0 errno=0 [ 365.761665][T17387] bond0: option slaves: interface -]=,Don?I|a CB does not exist! [ 366.146845][T17406] bond0: option slaves: interface - does not exist! [ 366.696251][T17435] QAT: Stopping all acceleration devices. [ 367.602260][T17478] ICMPv6: process `syz.1.5587' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 369.146479][T17552] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 369.462536][T17567] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 372.294835][T17706] warning: `syz.0.5697' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 372.506224][T17715] process 'syz.2.5702' launched '/dev/fd/3' with NULL argv: empty string added [ 373.569869][T17766] udc dummy_udc.0: soft-connect without a gadget driver [ 374.439440][T17802] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 374.470157][T17802] vhci_hcd vhci_hcd.1: Wrong hub descriptor type for USB 3.0 roothub. [ 375.040806][T17835] bond0: no command found in slaves file - use +ifname or -ifname [ 376.206142][T17889] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.2.5787: 7 [ 376.894592][T17924] program syz.0.5804 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 376.955135][T17924] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 377.644493][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.651862][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.374261][T17997] aoe: can't write to that file. [ 380.228400][T18083] capability: warning: `syz.2.5877' uses deprecated v2 capabilities in a way that may be insecure [ 383.396216][T18225] delete_channel: no stack [ 384.180574][T18269] : Can't lookup blockdev [ 384.209007][T18270] syz.1.5953: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 384.298118][T18270] CPU: 0 UID: 0 PID: 18270 Comm: syz.1.5953 Tainted: G U L syzkaller #0 PREEMPT(full) [ 384.298151][T18270] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 384.298158][T18270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 384.298168][T18270] Call Trace: [ 384.298175][T18270] [ 384.298182][T18270] dump_stack_lvl+0x100/0x190 [ 384.298216][T18270] warn_alloc.cold+0x95/0x1c1 [ 384.298248][T18270] ? __pfx_warn_alloc+0x10/0x10 [ 384.298280][T18270] ? __lock_acquire+0x4a5/0x2630 [ 384.298320][T18270] __vmalloc_node_range_noprof+0x1252/0x1530 [ 384.298348][T18270] ? rcu_is_watching+0x12/0xc0 [ 384.298377][T18270] ? trace_contention_end+0x140/0x180 [ 384.298403][T18270] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 384.298426][T18270] ? dvb_dvr_do_ioctl+0x7e/0x270 [ 384.298447][T18270] ? tomoyo_path_number_perm+0x28f/0x580 [ 384.298470][T18270] ? tomoyo_path_number_perm+0x28f/0x580 [ 384.298494][T18270] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 384.298518][T18270] ? __pfx___mutex_lock+0x10/0x10 [ 384.298544][T18270] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 384.298568][T18270] ? futex_wait+0x125/0x380 [ 384.298599][T18270] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 384.298620][T18270] __vmalloc_node_noprof+0xad/0xf0 [ 384.298644][T18270] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 384.298675][T18270] dvb_dvr_do_ioctl+0x15d/0x270 [ 384.298701][T18270] dvb_usercopy+0x167/0x340 [ 384.298721][T18270] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 384.298744][T18270] ? __pfx_dvb_usercopy+0x10/0x10 [ 384.298772][T18270] ? __fget_files+0x21f/0x3d0 [ 384.298795][T18270] dvb_dvr_ioctl+0x29/0x40 [ 384.298815][T18270] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 384.298836][T18270] __x64_sys_ioctl+0x18e/0x210 [ 384.298866][T18270] do_syscall_64+0x106/0xf80 [ 384.298886][T18270] ? clear_bhb_loop+0x40/0x90 [ 384.298908][T18270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.298927][T18270] RIP: 0033:0x7ff64359c819 [ 384.298942][T18270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 384.298959][T18270] RSP: 002b:00007ff6444f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 384.298976][T18270] RAX: ffffffffffffffda RBX: 00007ff643815fa0 RCX: 00007ff64359c819 [ 384.298988][T18270] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 384.298998][T18270] RBP: 00007ff643632c91 R08: 0000000000000000 R09: 0000000000000000 [ 384.299009][T18270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.299019][T18270] R13: 00007ff643816038 R14: 00007ff643815fa0 R15: 00007fff19478c98 [ 384.299041][T18270] [ 384.299048][T18270] Mem-Info: [ 384.629019][T18277] Malformed UNC in devname [ 384.629019][T18277] [ 384.637853][T18277] CIFS: VFS: Malformed UNC in devname [ 385.413603][T18270] active_anon:4943 inactive_anon:10 isolated_anon:0 [ 385.413603][T18270] active_file:3141 inactive_file:44144 isolated_file:0 [ 385.413603][T18270] unevictable:768 dirty:334 writeback:0 [ 385.413603][T18270] slab_reclaimable:11547 slab_unreclaimable:91004 [ 385.413603][T18270] mapped:24126 shmem:1356 pagetables:1399 [ 385.413603][T18270] sec_pagetables:0 bounce:0 [ 385.413603][T18270] kernel_misc_reclaimable:0 [ 385.413603][T18270] free:1133937 free_pcp:17992 free_cma:0 [ 385.683726][T18270] Node 0 active_anon:19824kB inactive_anon:40kB active_file:12564kB inactive_file:176356kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96420kB dirty:1332kB writeback:0kB shmem:3888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10912kB pagetables:5572kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 385.747186][T18325] kafs: addr_prefs: Too many elements in string [ 385.880053][T18270] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:220kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:32kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 386.063529][T18270] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 386.203668][T18270] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 386.234359][T18270] Node 0 DMA32 free:617004kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19868kB inactive_anon:40kB active_file:12564kB inactive_file:176356kB unevictable:1536kB writepending:1356kB zspages:0kB present:3129332kB managed:2537256kB mlocked:0kB bounce:0kB free_pcp:40956kB local_pcp:40956kB free_cma:0kB [ 386.393932][T18270] lowmem_reserve[]: 0 0 1 1 1 [ 386.425963][T18270] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1052kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:24kB free_cma:0kB [ 386.578413][T18270] lowmem_reserve[]: 0 0 0 0 0 [ 386.604825][T18270] Node 1 Normal free:3903052kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:220kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:31364kB local_pcp:31364kB free_cma:0kB [ 386.762104][T18270] lowmem_reserve[]: 0 0 0 0 0 [ 386.790019][T18270] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 386.852237][T18270] Node 0 DMA32: 1723*4kB (UM) 749*8kB (UM) 448*16kB (UM) 260*32kB (ME) 205*64kB (M) 288*128kB (UME) 230*256kB (UM) 141*512kB (UME) 102*1024kB (UME) 26*2048kB (UM) 61*4096kB (UM) = 616980kB [ 386.974930][T18270] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 387.046985][T18270] Node 1 Normal: 8*4kB (U) 13*8kB (U) 8*16kB (UM) 4*32kB (UM) 11*64kB (U) 10*128kB (UM) 8*256kB (UM) 5*512kB (U) 3*1024kB (U) 1*2048kB (U) 950*4096kB (UM) = 3903304kB [ 387.138442][T18270] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 387.209891][T18270] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 387.262086][T18270] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 387.319615][T18270] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 387.374678][T18270] 48639 total pagecache pages [ 387.415916][T18270] 2 pages in swap cache [ 387.443824][T18270] Free swap = 124988kB [ 387.459837][T18270] Total swap = 124996kB [ 387.502001][T18270] 2097051 pages RAM [ 387.516272][T18270] 0 pages HighMem/MovableOnly [ 387.552272][T18270] 430859 pages reserved [ 387.566516][T18270] 0 pages cma reserved [ 387.724261][T18399] virtio-pci 0000:00:03.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 391.832587][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 391.839006][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 392.184747][T18604] usb usb13: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 394.861045][T18726] wlan1: mtu less than device minimum [ 396.169775][T16650] Bluetooth: hci0: unexpected event 0x14 length: 16 > 6 [ 398.191462][T18896] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 398.906979][T18914] syz_tun: tun_chr_ioctl cmd 1074025675 [ 398.930494][T18914] syz_tun: persist enabled [ 399.335309][T18922] zswap: compressor Z(u not available [ 400.447895][T18985] sd 0:0:1:0: PR command failed: 1026 [ 400.473032][T18985] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 400.510112][T18985] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 403.298590][T19143] vhci_hcd: not connected 4 [ 406.415803][T19278] vhci_hcd vhci_hcd.2: invalid port number 16 [ 406.453110][T19278] vhci_hcd vhci_hcd.2: invalid port number 16 [ 406.505893][ T29] audit: type=1800 audit(4294985831.944:28): pid=19284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6391" name="dbroot" dev="configfs" ino=49506 res=0 errno=0 [ 406.540465][T19284] db_root: cannot open: /dev/audio1 [ 406.565029][T19284] db_root: not a directory: /dev/audio1 [ 411.054546][T19510] rnbd_client L213: map_device: Parameters missing [ 411.464380][T19525] __vm_enough_memory: pid: 19525, comm: syz.3.6497, bytes: 9223372036854775808 not enough memory for the allocation [ 411.763887][T19540] program syz.2.6504 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 412.048311][T19549] delete_channel: no stack [ 412.298137][T19560] bond0: option packets_per_slave: invalid value ( Xnp) [ 412.336844][T19560] bond0: option packets_per_slave: allowed values 0 - 65535 [ 413.101461][T19592] QAT: Device 250 not found [ 414.994718][T19688] rtc_cmos 00:00: Alarms can be up to one day in the future [ 415.237669][T19696] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 415.546916][T19709] block2mtd: illegal erase size [ 416.068175][T19734] kAFS: Invalid Command on /proc/fs/afs/cells file [ 416.124544][T19737] bond0: invalid ARP target specified [ 418.643360][T19877] syz.1.6654 (19877): attempted to duplicate a private mapping with mremap. This is not supported. [ 420.307448][T19971] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 420.307448][T19971] M' is too long [ 420.363094][T19971] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 420.363094][T19971] W ' is too long [ 420.583940][T19982] cougar: G6 mapped to F18 [ 420.944714][T20018] zram0: detected capacity change from 0 to 16 [ 421.499983][T20041] ecryptfs_parse_packet_length: Five-byte packet length not supported [ 421.541704][T20041] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 421.894975][T20059] : Can't lookup blockdev [ 422.543563][T20085] QAT: failed to copy from user cfg_data. [ 424.304979][T20192] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 424.311986][T20190] ima: policy update failed [ 424.374423][ T29] audit: type=1802 audit(4294985849.897:29): pid=20190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.6775" res=0 errno=0 [ 424.547668][T20201] kernel read not supported for file /\*)A (pid: 20201 comm: syz.3.6779) [ 424.575141][T20202] vhci_hcd vhci_hcd.2: invalid port number 194 [ 424.584664][T20206] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 424.608033][ T29] audit: type=1800 audit(4294985850.119:30): pid=20201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6779" name="\*)A" dev="mqueue" ino=52166 res=0 errno=0 [ 424.638335][T20202] vhci_hcd vhci_hcd.2: invalid port number 194 [ 425.220870][T20231] deleting an unspecified loop device is not supported. [ 427.111671][ T29] audit: type=1326 audit(4294985852.640:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20316 comm="syz.2.6836" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2ca0d9c819 code=0x0 [ 427.347927][T20327] QAT: Invalid ioctl 21531 [ 434.001441][T20585] aoe: invalid device specification [ 438.621570][T20814] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 438.773978][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 438.780350][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.132439][T20834] queue_state_write: operation too long [ 439.162795][T20834] queue_state_write: use 'run', 'start' or 'kick' [ 439.177038][T20837] bond0: option mode: unable to set because the bond device is up [ 439.190579][T20838] TCP: TCP_TX_DELAY enabled [ 440.484222][T20894] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 442.623581][T20984] syz.1.7153 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 443.906626][T21037] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 444.721418][T21074] bond0: no command found in slaves file - use +ifname or -ifname [ 444.821528][T21076] delete_channel: no stack [ 445.464820][T21107] sysfs_service_op_store: Client not running :-5: [ 445.802412][T21120] kAFS: unparsable volume name [ 445.815245][T21118] writes to the poll attribute are ignored. [ 445.840580][T21118] please use driver specific parameters instead. [ 446.827158][T16650] Bluetooth: hci3: unexpected event 0x31 length: 19 > 6 [ 446.957932][T21170] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 450.418491][T21306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 450.470519][T21306] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 450.506367][T21306] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 450.546710][T21306] page_type: f5(slab) [ 450.579767][T21306] raw: 00fff00000000040 ffff88813fe3b140 dead000000000100 dead000000000122 [ 450.615870][T21306] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 450.647340][T21306] head: 00fff00000000040 ffff88813fe3b140 dead000000000100 dead000000000122 [ 450.693106][T21306] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 450.732405][T21306] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 450.775803][T21306] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 450.825033][T21306] page dumped because: unmovable page [ 450.849374][T21306] page_owner tracks the page as allocated [ 450.868672][T21306] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5198, tgid 5198 (udevd), ts 52710146769, free_ts 29874418817 [ 450.960800][T21306] post_alloc_hook+0x153/0x170 [ 450.979307][T21306] get_page_from_freelist+0x111d/0x3140 [ 451.012079][T21306] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 451.043428][T21306] new_slab+0xa6/0x6b0 [ 451.057213][T21306] refill_objects+0x26b/0x400 [ 451.077359][T21306] __pcs_replace_empty_main+0x1ab/0x660 [ 451.103857][T21306] __kmalloc_noprof+0x688/0x850 [ 451.127376][T21306] tomoyo_realpath_from_path+0xb6/0x690 [ 451.153470][T21306] tomoyo_path_perm+0x276/0x460 [ 451.212944][T21306] security_inode_getattr+0x116/0x280 [ 451.257537][T21306] vfs_fstat+0x4b/0xe0 [ 451.261702][T21306] __do_sys_newfstat+0x8b/0x110 [ 451.302587][T21306] do_syscall_64+0x106/0xf80 [ 451.307231][T21306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.345161][T21306] page last free pid 1 tgid 1 stack trace: [ 451.351105][T21306] __free_frozen_pages+0x7e1/0x10d0 [ 451.394320][T21306] free_contig_range+0xde/0x1d0 [ 451.422003][T21306] destroy_args+0xa8/0x7a0 [ 451.435292][T21306] debug_vm_pgtable+0x1b66/0x34c0 [ 451.471180][T21306] do_one_initcall+0x11d/0x760 [ 451.493486][T21306] kernel_init_freeable+0x6e5/0x7a0 [ 451.514173][T21306] kernel_init+0x1f/0x1e0 [ 451.518731][T21306] ret_from_fork+0x754/0xd80 [ 451.551862][T21306] ret_from_fork_asm+0x1a/0x30 [ 451.863620][T21329] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.089427][T16650] Bluetooth: hci3: unexpected subevent 0x0c length: 118 > 5 [ 452.320193][T21329] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.671091][T21329] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.948859][T21329] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 454.915599][T21460] vivid-003: ================= START STATUS ================= [ 455.022039][T21460] vivid-003: Radio HW Seek Mode: Bounded [ 455.068055][T21460] vivid-003: Radio Programmable HW Seek: false [ 455.127579][T21460] vivid-003: RDS Rx I/O Mode: Block I/O [ 455.173015][T21460] vivid-003: Generate RBDS Instead of RDS: false [ 455.226890][T21460] vivid-003: RDS Reception: true [ 455.285199][T21460] vivid-003: RDS Program Type: 0 inactive [ 455.352692][T21460] vivid-003: RDS PS Name: inactive [ 455.413275][T21460] vivid-003: RDS Radio Text: inactive [ 455.487158][T21460] vivid-003: RDS Traffic Announcement: false inactive [ 455.588052][T21460] vivid-003: RDS Traffic Program: false inactive [ 455.654589][T21460] vivid-003: RDS Music: false inactive [ 455.755624][T21460] vivid-003: ================== END STATUS ================== [ 456.836683][T21508] Line length is too long: Should be less than 4094 [ 457.728098][T21542] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 458.272110][T21566] mmap: syz.1.7432 (21566): VmData 45879296 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 458.863684][T21592] ICMPv6: process `syz.2.7445' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 460.579158][T21679] : Can't lookup blockdev [ 461.590547][T21721] nvme_fcloop: unknown parameter or missing value '1' [ 461.695497][T21725] ptrace attach of "./syz-executor exec"[5822] was attempted by "./syz-executor exec"[21725] [ 462.202004][T21743] bond0: invalid ARP target specified [ 463.217348][T21784] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 463.848061][T21806] phram: not enough arguments [ 466.736379][T21915] i2c i2c-0: delete_device: Can't parse I2C address [ 468.611324][T21969] [ 472.039332][T22137] ecryptfs_miscdev_response: (sizeof(*msg) + msg->data_len) = [1067213646]; data_size = [146]. Invalid packet. [ 472.121080][T22137] ecryptfs_miscdev_write: Failed to deliver miscdev response to requesting operation; rc = [-22] [ 472.185464][T22143] synth uevent: /devices/virtual/net/gretap0: unknown uevent action string [ 472.221874][T22143] net gretap0: uevent: failed to send synthetic uevent: -22 [ 474.406934][T22236] ======================================================= [ 474.406934][T22236] WARNING: The mand mount option has been deprecated and [ 474.406934][T22236] and is ignored by this kernel. Remove the mand [ 474.406934][T22236] option from the mount to silence this warning. [ 474.406934][T22236] ======================================================= [ 474.915647][T22254] : Can't lookup blockdev [ 476.583925][T22314] : Can't lookup blockdev [ 477.934826][T22369] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 478.909746][T22417] block2mtd: parameter too long [ 479.099014][T16650] Bluetooth: hci3: SCO packet too small [ 480.290742][T22471] nbd: illegal input index -1073741824 [ 481.047522][T22502] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 481.222024][T22510] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 482.475565][T22563] openvswitch: netlink: Multiple metadata blocks provided [ 482.715417][T22572] capability: warning: `syz.3.7917' uses 32-bit capabilities (legacy support in use) [ 484.846778][T22626] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 485.112486][T22635] openvswitch: netlink: Multiple metadata blocks provided [ 488.318664][T22718] [ 491.114341][T22801] netlink: get zone limit has 4 unknown bytes [ 492.720696][T22859] netlink: 'syz.0.8060': attribute type 2 has an invalid length. [ 494.503855][T22921] netlink: 'syz.2.8090': attribute type 2 has an invalid length. [ 495.054063][T22943] netlink: 3 bytes leftover after parsing attributes in process `syz.2.8100'. [ 497.798010][T23042] : Can't lookup blockdev [ 498.443190][T23069] : Can't lookup blockdev [ 499.674080][T23114] netlink: 'syz.3.8182': attribute type 1 has an invalid length. [ 499.932055][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.932128][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.820207][T23154] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 504.098568][T23246] dyndbg: expected <4096 bytes into control [ 505.963396][T23318] dyndbg: expected <4096 bytes into control [ 506.673252][T23346] dyndbg: expected <4096 bytes into control [ 508.815065][T23433] netlink: NAT attribute has 18 unknown bytes [ 510.524661][T23506] netlink: NAT attribute has 18 unknown bytes [ 510.797617][T23518] vhci_hcd vhci_hcd.1: invalid port number 14 [ 510.832740][T23518] vhci_hcd vhci_hcd.1: Wrong hub descriptor type for USB 3.0 roothub. [ 511.347320][T23541] netlink: 148 bytes leftover after parsing attributes in process `syz.1.8373'. [ 512.336151][T23598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8396'. [ 513.292667][T23661] FAULT_INJECTION: forcing a failure. [ 513.292667][T23661] name failslab, interval 0, probability 0, space 0, times 1 [ 513.361093][T23661] CPU: 0 UID: 0 PID: 23661 Comm: syz.0.8407 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 513.361136][T23661] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 513.361149][T23661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 513.361159][T23661] Call Trace: [ 513.361166][T23661] [ 513.361174][T23661] dump_stack_lvl+0x100/0x190 [ 513.361215][T23661] should_fail_ex.cold+0x5/0xa [ 513.361237][T23661] should_failslab+0xc2/0x120 [ 513.361259][T23661] __kmalloc_node_noprof+0xe6/0x850 [ 513.361288][T23661] ? get_callchain_buffers+0x1e5/0x380 [ 513.361317][T23661] get_callchain_buffers+0x1e5/0x380 [ 513.361341][T23661] ? security_capable+0x80/0x260 [ 513.361361][T23661] stack_map_alloc+0x316/0x610 [ 513.361384][T23661] ? __pfx_stack_map_mem_usage+0x10/0x10 [ 513.361407][T23661] map_create+0x84e/0x2ba0 [ 513.361424][T23661] ? futex_unqueue+0x13d/0x2c0 [ 513.361448][T23661] ? __futex_wait+0x256/0x300 [ 513.361482][T23661] ? __pfx_map_create+0x10/0x10 [ 513.361500][T23661] ? __might_fault+0xc5/0x140 [ 513.361526][T23661] ? __might_fault+0xc5/0x140 [ 513.361567][T23661] __sys_bpf+0x2091/0x4b90 [ 513.361593][T23661] ? __pfx___sys_bpf+0x10/0x10 [ 513.361615][T23661] ? __pfx_futex_wait+0x10/0x10 [ 513.361649][T23661] ? ksys_write+0x190/0x250 [ 513.361673][T23661] ? do_futex+0x192/0x350 [ 513.361718][T23661] ? xfd_validate_state+0x129/0x190 [ 513.361751][T23661] __x64_sys_bpf+0x7b/0xc0 [ 513.361773][T23661] ? lockdep_hardirqs_on+0x78/0x100 [ 513.361793][T23661] do_syscall_64+0x106/0xf80 [ 513.361812][T23661] ? clear_bhb_loop+0x40/0x90 [ 513.361835][T23661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.361854][T23661] RIP: 0033:0x7ff871d9c819 [ 513.361870][T23661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 513.361887][T23661] RSP: 002b:00007ff872b87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 513.361904][T23661] RAX: ffffffffffffffda RBX: 00007ff872015fa0 RCX: 00007ff871d9c819 [ 513.361916][T23661] RDX: 00000000000006f4 RSI: 0000200000000580 RDI: 0000000000000000 [ 513.361927][T23661] RBP: 00007ff871e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 513.361938][T23661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 513.361949][T23661] R13: 00007ff872016038 R14: 00007ff872015fa0 R15: 00007fff454aad48 [ 513.361972][T23661] [ 514.876881][T23717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8441'. [ 515.509042][T23740] ima: policy update failed [ 515.537216][ T29] audit: type=1802 audit(4294985941.476:32): pid=23740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.8444" res=0 errno=0 [ 517.349278][T23815] tc_dump_action: action bad kind [ 518.448853][T23865] netlink: 'syz.3.8504': attribute type 1 has an invalid length. [ 518.772974][T23875] HSR: entered promiscuous mode [ 519.092422][T23893] tc_dump_action: action bad kind [ 520.650271][T23962] program syz.1.8550 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 521.361595][T23989] HSR: entered promiscuous mode [ 521.920338][T24017] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 523.092507][T24078] IPVS: length: 131 != 8 [ 523.358446][T24089] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 525.187788][T24169] ptrace attach of "./syz-executor exec"[5824] was attempted by ""[24169] [ 525.667601][T24187] IPVS: length: 131 != 8 [ 525.708602][T24189] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 525.736930][T24191] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev fffffffe [ 525.879577][T24195] &#$@\]\-: entered promiscuous mode [ 526.089377][T24206] netlink: Invalid conntrack helper [ 526.829089][T24241] ptrace attach of "./syz-executor exec"[5821] was attempted by ""[24241] [ 527.458337][T24269] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 527.613563][T24274] netlink: 'syz.2.8695': attribute type 1 has an invalid length. [ 528.133706][ T29] audit: type=1107 audit(4294967308.027:33): pid=24288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 528.175089][ T29] audit: type=1107 audit(4294967308.057:34): pid=24288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 528.681700][T24264] kexec: Could not allocate control_code_buffer [ 528.690188][T24303] netlink: 'syz.1.8709': attribute type 1 has an invalid length. [ 529.342991][T24350] netlink: 'syz.0.8720': attribute type 1 has an invalid length. [ 529.546180][T24357] netlink: 'syz.1.8732': attribute type 11 has an invalid length. [ 529.600064][T24357] netlink: 'syz.1.8732': attribute type 11 has an invalid length. [ 529.642616][T24357] netlink: 'syz.1.8732': attribute type 11 has an invalid length. [ 530.239267][T24388] nbd: couldn't find a device at index 35644 [ 530.610603][T24395] NFSD: Failed to start, no listeners configured. [ 531.083080][T24429] netlink: 'syz.3.8754': attribute type 2 has an invalid length. [ 531.264460][T24436] netlink: 'syz.3.8757': attribute type 11 has an invalid length. [ 531.296347][T24436] netlink: 'syz.3.8757': attribute type 11 has an invalid length. [ 531.328779][T24436] netlink: 'syz.3.8757': attribute type 11 has an invalid length. [ 531.800132][T24459] nbd: couldn't find a device at index 35644 [ 532.023527][T24472] netlink: 'syz.0.8772': attribute type 11 has an invalid length. [ 532.054917][T24472] netlink: 'syz.0.8772': attribute type 11 has an invalid length. [ 532.062787][T24472] netlink: 'syz.0.8772': attribute type 11 has an invalid length. [ 532.735177][T24507] netlink: 'syz.2.8789': attribute type 11 has an invalid length. [ 533.607290][T24570] netlink: 'syz.0.8810': attribute type 2 has an invalid length. [ 533.949660][T24583] netlink: Invalid conntrack timeout [ 534.470659][T24621] NFSD: Failed to start, no listeners configured. [ 534.563624][T24632] nla_validate_range_unsigned: 2 callbacks suppressed [ 534.563642][T24632] netlink: 'syz.2.8821': attribute type 11 has an invalid length. [ 534.624748][T24632] netlink: 'syz.2.8821': attribute type 11 has an invalid length. [ 534.640477][T24632] netlink: 'syz.2.8821': attribute type 11 has an invalid length. [ 535.397276][T24669] NFSD: Failed to start, no listeners configured. [ 536.254142][T24728] nfsd: Unknown parameter '' [ 536.558748][T24753] netlink: Invalid conntrack timeout [ 537.289523][T24790] netlink: Invalid conntrack timeout [ 537.385725][T24793] NFSD: Failed to start, no listeners configured. [ 539.383150][T24902] NFSD: Failed to start, no listeners configured. [ 541.460228][T25002] NFSD: Failed to start, no listeners configured. [ 542.323733][T25046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8968'. [ 542.438620][T25055] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 543.112729][T25089] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8982'. [ 544.160372][T25049] kexec: Could not allocate control_code_buffer [ 544.498640][T25146] netlink: 'syz.1.9002': attribute type 1 has an invalid length. [ 544.898818][T25170] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 545.185168][T25182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9013'. [ 546.032787][T25208] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 546.297332][T25216] openvswitch: netlink: IP tunnel dst address not specified [ 546.495122][T25165] kexec: Could not allocate control_code_buffer [ 547.128555][T25254] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 547.267955][T25258] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 548.047329][T25290] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 548.857121][T25257] kexec: Could not allocate control_code_buffer [ 549.977211][T25353] FAULT_INJECTION: forcing a failure. [ 549.977211][T25353] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 550.043730][T25353] CPU: 0 UID: 0 PID: 25353 Comm: syz.0.9094 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 550.043767][T25353] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 550.043775][T25353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 550.043785][T25353] Call Trace: [ 550.043791][T25353] [ 550.043799][T25353] dump_stack_lvl+0x100/0x190 [ 550.043832][T25353] should_fail_ex.cold+0x5/0xa [ 550.043854][T25353] core_sys_select+0x938/0xbb0 [ 550.043879][T25353] ? __pfx_core_sys_select+0x10/0x10 [ 550.043919][T25353] ? ktime_get_ts64+0x2d2/0x3f0 [ 550.043940][T25353] ? read_tsc+0x9/0x20 [ 550.043961][T25353] ? ktime_get_ts64+0x256/0x3f0 [ 550.043984][T25353] kern_select+0x20c/0x270 [ 550.044004][T25353] ? __pfx_kern_select+0x10/0x10 [ 550.044029][T25353] __x64_sys_select+0xbd/0x160 [ 550.044046][T25353] ? do_syscall_64+0x95/0xf80 [ 550.044066][T25353] ? lockdep_hardirqs_on+0x78/0x100 [ 550.044086][T25353] do_syscall_64+0x106/0xf80 [ 550.044104][T25353] ? clear_bhb_loop+0x40/0x90 [ 550.044126][T25353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.044145][T25353] RIP: 0033:0x7ff871d9c819 [ 550.044160][T25353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 550.044177][T25353] RSP: 002b:00007ff872b87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 550.044195][T25353] RAX: ffffffffffffffda RBX: 00007ff872015fa0 RCX: 00007ff871d9c819 [ 550.044206][T25353] RDX: 0000200000000100 RSI: 0000200000000080 RDI: 0000000000000001 [ 550.044217][T25353] RBP: 00007ff871e32c91 R08: 0000200000000200 R09: 0000000000000000 [ 550.044228][T25353] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 550.044239][T25353] R13: 00007ff872016038 R14: 00007ff872015fa0 R15: 00007fff454aad48 [ 550.044261][T25353] [ 551.976557][T25421] sctp: [Deprecated]: syz.3.9123 (pid 25421) Use of struct sctp_assoc_value in delayed_ack socket option. [ 551.976557][T25421] Use struct sctp_sack_info instead [ 552.816994][T25475] netlink: 'syz.2.9138': attribute type 11 has an invalid length. [ 552.859246][T25475] netlink: 'syz.2.9138': attribute type 11 has an invalid length. [ 552.889922][T25475] netlink: 'syz.2.9138': attribute type 11 has an invalid length. [ 555.760390][T25595] Zero length message leads to an empty skb [ 557.350072][T25654] sd 0:0:1:0: PR command failed: 1026 [ 557.383555][T25654] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 557.390339][T25654] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 559.564538][T25745] nbd: must specify an index to disconnect [ 559.641896][T25748] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 561.064325][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 561.074306][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 561.225801][T25812] tc_dump_action: action bad kind syzkaller syzkaller login: [ 565.776355][T26007] netlink: NAT attribute type 0 has unexpected length (4 != 0) [ 566.114349][T26021] netlink: 'syz.1.9373': attribute type 2 has an invalid length. [ 566.164182][T26021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9373'. [ 568.815668][T26155] openvswitch: netlink: Flow key attribute not present in set flow. [ 568.991952][T26161] netlink: 'syz.2.9438': attribute type 2 has an invalid length. [ 569.032631][T26161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9438'. [ 569.675890][T26193] netlink: 'syz.0.9452': attribute type 2 has an invalid length. [ 569.708501][T26193] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9452'. [ 570.387798][T26227] netlink: 'syz.3.9467': attribute type 2 has an invalid length. [ 570.427175][T26227] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9467'. [ 570.672123][T26238] FAULT_INJECTION: forcing a failure. [ 570.672123][T26238] name failslab, interval 0, probability 0, space 0, times 0 [ 570.734396][T26238] CPU: 0 UID: 0 PID: 26238 Comm: syz.2.9476 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 570.734432][T26238] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 570.734441][T26238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 570.734452][T26238] Call Trace: [ 570.734458][T26238] [ 570.734465][T26238] dump_stack_lvl+0x100/0x190 [ 570.734499][T26238] should_fail_ex.cold+0x5/0xa [ 570.734521][T26238] should_failslab+0xc2/0x120 [ 570.734543][T26238] __kvmalloc_node_noprof+0xfa/0xa00 [ 570.734561][T26238] ? io_alloc_cache_init+0x38/0x170 [ 570.734582][T26238] ? lockdep_init_map_type+0x5c/0x250 [ 570.734611][T26238] io_alloc_cache_init+0x38/0x170 [ 570.734633][T26238] io_uring_setup.cold+0x3cd/0x1d79 [ 570.734662][T26238] ? ksys_write+0x190/0x250 [ 570.734683][T26238] ? __pfx_io_uring_setup+0x10/0x10 [ 570.734712][T26238] ? do_futex+0x192/0x350 [ 570.734737][T26238] ? __pfx_do_futex+0x10/0x10 [ 570.734771][T26238] ? xfd_validate_state+0x129/0x190 [ 570.734803][T26238] __x64_sys_io_uring_setup+0xc2/0x170 [ 570.734832][T26238] do_syscall_64+0x106/0xf80 [ 570.734851][T26238] ? clear_bhb_loop+0x40/0x90 [ 570.734873][T26238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.734892][T26238] RIP: 0033:0x7f2ca0d9c819 [ 570.734907][T26238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.734923][T26238] RSP: 002b:00007f2ca1c3e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 570.734941][T26238] RAX: ffffffffffffffda RBX: 00007f2ca1015fa0 RCX: 00007f2ca0d9c819 [ 570.734952][T26238] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 570.734963][T26238] RBP: 00007f2ca0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 570.734973][T26238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.734983][T26238] R13: 00007f2ca1016038 R14: 00007f2ca1015fa0 R15: 00007ffcb9f31db8 [ 570.735004][T26238] [ 572.677183][T26319] nfs: Unknown parameter 'nl802154' [ 573.152018][T26338] FAULT_INJECTION: forcing a failure. [ 573.152018][T26338] name failslab, interval 0, probability 0, space 0, times 0 [ 573.194633][T26338] CPU: 0 UID: 0 PID: 26338 Comm: syz.0.9525 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 573.194669][T26338] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 573.194677][T26338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 573.194687][T26338] Call Trace: [ 573.194694][T26338] [ 573.194701][T26338] dump_stack_lvl+0x100/0x190 [ 573.194734][T26338] should_fail_ex.cold+0x5/0xa [ 573.194757][T26338] should_failslab+0xc2/0x120 [ 573.194779][T26338] __kvmalloc_node_noprof+0xfa/0xa00 [ 573.194797][T26338] ? io_alloc_cache_init+0x38/0x170 [ 573.194818][T26338] ? lockdep_init_map_type+0x5c/0x250 [ 573.194848][T26338] io_alloc_cache_init+0x38/0x170 [ 573.194870][T26338] io_uring_setup.cold+0x3cd/0x1d79 [ 573.194898][T26338] ? ksys_write+0x190/0x250 [ 573.194918][T26338] ? __pfx_io_uring_setup+0x10/0x10 [ 573.194948][T26338] ? do_futex+0x192/0x350 [ 573.194973][T26338] ? __pfx_do_futex+0x10/0x10 [ 573.195008][T26338] ? xfd_validate_state+0x129/0x190 [ 573.195041][T26338] __x64_sys_io_uring_setup+0xc2/0x170 [ 573.195070][T26338] do_syscall_64+0x106/0xf80 [ 573.195090][T26338] ? clear_bhb_loop+0x40/0x90 [ 573.195111][T26338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.195130][T26338] RIP: 0033:0x7ff871d9c819 [ 573.195145][T26338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 573.195162][T26338] RSP: 002b:00007ff872b87028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 573.195180][T26338] RAX: ffffffffffffffda RBX: 00007ff872015fa0 RCX: 00007ff871d9c819 [ 573.195191][T26338] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 573.195201][T26338] RBP: 00007ff871e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 573.195212][T26338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.195222][T26338] R13: 00007ff872016038 R14: 00007ff872015fa0 R15: 00007fff454aad48 [ 573.195253][T26338] [ 575.087162][T26401] nfs: Unknown parameter 'nl802154' [ 576.794901][T26455] netlink: 'syz.0.9578': attribute type 1 has an invalid length. [ 576.843958][T26455] nbd: error processing sock list [ 577.657844][T26481] netlink: 'syz.1.9588': attribute type 1 has an invalid length. [ 578.655970][T26512] netlink: 'syz.0.9603': attribute type 1 has an invalid length. [ 578.865156][T26516] FAULT_INJECTION: forcing a failure. [ 578.865156][T26516] name failslab, interval 0, probability 0, space 0, times 0 [ 578.936816][T26516] CPU: 0 UID: 0 PID: 26516 Comm: syz.2.9605 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 578.936852][T26516] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 578.936861][T26516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 578.936871][T26516] Call Trace: [ 578.936877][T26516] [ 578.936885][T26516] dump_stack_lvl+0x100/0x190 [ 578.936918][T26516] should_fail_ex.cold+0x5/0xa [ 578.936941][T26516] should_failslab+0xc2/0x120 [ 578.936963][T26516] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 578.936993][T26516] ? __d_alloc+0x34/0xa80 [ 578.937020][T26516] __d_alloc+0x34/0xa80 [ 578.937040][T26516] ? new_inode+0x15a/0x1c0 [ 578.937067][T26516] d_alloc_pseudo+0x1c/0xc0 [ 578.937094][T26516] alloc_file_pseudo+0xcf/0x230 [ 578.937121][T26516] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 578.937148][T26516] ? hugetlbfs_get_inode+0x36e/0x750 [ 578.937172][T26516] hugetlb_file_setup+0x2a8/0x5b0 [ 578.937196][T26516] ksys_mmap_pgoff+0x232/0x650 [ 578.937216][T26516] ? __UNIQUE_ID_modinfo_711+0x63e0845f/0xffffffffffec9d5f [ 578.937239][T26516] ? __x64_sys_futex+0x358/0x4d0 [ 578.937266][T26516] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 578.937297][T26516] ? xfd_validate_state+0x129/0x190 [ 578.937329][T26516] __x64_sys_mmap+0x125/0x190 [ 578.937357][T26516] ? __UNIQUE_ID_modinfo_711+0x63e0845f/0xffffffffffec9d5f [ 578.937380][T26516] do_syscall_64+0x106/0xf80 [ 578.937401][T26516] ? clear_bhb_loop+0x40/0x90 [ 578.937423][T26516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.937443][T26516] RIP: 0033:0x7f2ca0d9c819 [ 578.937459][T26516] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 578.937475][T26516] RSP: 002b:00007f2ca1c3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 578.937493][T26516] RAX: ffffffffffffffda RBX: 00007f2ca1015fa0 RCX: 00007f2ca0d9c819 [ 578.937505][T26516] RDX: 0000000000000002 RSI: 0000000000000005 RDI: ffffffffff600700 [ 578.937515][T26516] RBP: 00007f2ca0e32c91 R08: 0000000000000401 R09: 0000300000000000 [ 578.937526][T26516] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 578.937537][T26516] R13: 00007f2ca1016038 R14: 00007f2ca1015fa0 R15: 00007ffcb9f31db8 [ 578.937555][T26516] ? __UNIQUE_ID_modinfo_711+0x63e0845f/0xffffffffffec9d5f [ 578.937580][T26516] [ 579.955186][T26532] netlink: 'syz.1.9612': attribute type 1 has an invalid length. [ 580.015557][T26532] nbd: error processing sock list [ 580.043209][T26534] netlink: 'syz.3.9613': attribute type 1 has an invalid length. [ 580.316886][T26548] netlink: 'syz.2.9617': attribute type 2 has an invalid length. [ 580.772993][T26564] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 584.383239][T26678] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 584.900297][T26696] FAULT_INJECTION: forcing a failure. [ 584.900297][T26696] name failslab, interval 0, probability 0, space 0, times 0 [ 584.959829][T26696] CPU: 0 UID: 0 PID: 26696 Comm: syz.0.9692 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 584.959864][T26696] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 584.959872][T26696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 584.959882][T26696] Call Trace: [ 584.959889][T26696] [ 584.959896][T26696] dump_stack_lvl+0x100/0x190 [ 584.959929][T26696] should_fail_ex.cold+0x5/0xa [ 584.959951][T26696] ? udpv6_init_sock+0x24e/0x450 [ 584.959976][T26696] should_failslab+0xc2/0x120 [ 584.959997][T26696] __kmalloc_noprof+0xe0/0x850 [ 584.960025][T26696] ? lockdep_init_map_type+0x5c/0x250 [ 584.960055][T26696] udpv6_init_sock+0x24e/0x450 [ 584.960081][T26696] ? __pfx_udpv6_init_sock+0x10/0x10 [ 584.960109][T26696] inet6_create+0xb21/0x12b0 [ 584.960129][T26696] ? inet6_create+0x7f/0x12b0 [ 584.960149][T26696] __sock_create+0x339/0x860 [ 584.960178][T26696] __sys_socket+0x14d/0x260 [ 584.960203][T26696] ? __pfx___sys_socket+0x10/0x10 [ 584.960234][T26696] __x64_sys_socket+0x72/0xb0 [ 584.960258][T26696] ? lockdep_hardirqs_on+0x78/0x100 [ 584.960285][T26696] do_syscall_64+0x106/0xf80 [ 584.960303][T26696] ? clear_bhb_loop+0x40/0x90 [ 584.960325][T26696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.960344][T26696] RIP: 0033:0x7ff871d9c819 [ 584.960360][T26696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 584.960376][T26696] RSP: 002b:00007ff872b87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 584.960394][T26696] RAX: ffffffffffffffda RBX: 00007ff872015fa0 RCX: 00007ff871d9c819 [ 584.960406][T26696] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 584.960416][T26696] RBP: 00007ff871e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 584.960428][T26696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.960438][T26696] R13: 00007ff872016038 R14: 00007ff872015fa0 R15: 00007fff454aad48 [ 584.960460][T26696] [ 586.487036][T26745] netlink: Setting conntrack mark requires 'commit' flag. [ 588.231082][T26809] FAULT_INJECTION: forcing a failure. [ 588.231082][T26809] name failslab, interval 0, probability 0, space 0, times 0 [ 588.291413][T26809] CPU: 0 UID: 0 PID: 26809 Comm: syz.2.9749 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 588.291448][T26809] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 588.291457][T26809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 588.291482][T26809] Call Trace: [ 588.291489][T26809] [ 588.291496][T26809] dump_stack_lvl+0x100/0x190 [ 588.291534][T26809] should_fail_ex.cold+0x5/0xa [ 588.291558][T26809] should_failslab+0xc2/0x120 [ 588.291581][T26809] __kmalloc_cache_noprof+0x7a/0x6f0 [ 588.291607][T26809] ? proc_thread_self_get_link+0x1a6/0x210 [ 588.291642][T26809] proc_thread_self_get_link+0x1a6/0x210 [ 588.291674][T26809] pick_link+0xac2/0x13c0 [ 588.291701][T26809] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 588.291733][T26809] step_into_slowpath+0x9ba/0xf90 [ 588.291767][T26809] ? __pfx_step_into_slowpath+0x10/0x10 [ 588.291800][T26809] ? lookup_fast+0x2da/0x600 [ 588.291827][T26809] ? inode_permission+0x374/0x620 [ 588.291855][T26809] link_path_walk+0xf28/0x1cc0 [ 588.291892][T26809] path_openat+0x1be/0x31a0 [ 588.291910][T26809] ? kasan_save_stack+0x3f/0x50 [ 588.291926][T26809] ? kasan_save_stack+0x30/0x50 [ 588.291941][T26809] ? kasan_save_track+0x14/0x30 [ 588.291958][T26809] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 588.291992][T26809] ? __pfx_path_openat+0x10/0x10 [ 588.292021][T26809] do_file_open+0x20e/0x430 [ 588.292043][T26809] ? __pfx_do_file_open+0x10/0x10 [ 588.292080][T26809] ? alloc_fd+0x476/0x790 [ 588.292101][T26809] ? do_getname+0x191/0x390 [ 588.292128][T26809] do_sys_openat2+0x10d/0x1e0 [ 588.292153][T26809] ? __pfx_do_sys_openat2+0x10/0x10 [ 588.292187][T26809] __x64_sys_openat+0x12d/0x210 [ 588.292216][T26809] ? __pfx___x64_sys_openat+0x10/0x10 [ 588.292263][T26809] do_syscall_64+0x106/0xf80 [ 588.292289][T26809] ? clear_bhb_loop+0x40/0x90 [ 588.292312][T26809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.292331][T26809] RIP: 0033:0x7f2ca0d9c819 [ 588.292347][T26809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 588.292365][T26809] RSP: 002b:00007f2ca1c3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 588.292383][T26809] RAX: ffffffffffffffda RBX: 00007f2ca1015fa0 RCX: 00007f2ca0d9c819 [ 588.292394][T26809] RDX: 0000000000008000 RSI: 000020000000c340 RDI: ffffffffffffff9c [ 588.292405][T26809] RBP: 00007f2ca0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 588.292415][T26809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 588.292425][T26809] R13: 00007f2ca1016038 R14: 00007f2ca1015fa0 R15: 00007ffcb9f31db8 [ 588.292448][T26809] [ 590.109165][T26889] FAULT_INJECTION: forcing a failure. [ 590.109165][T26889] name failslab, interval 0, probability 0, space 0, times 0 [ 590.170188][T26889] CPU: 0 UID: 0 PID: 26889 Comm: syz.0.9776 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 590.170225][T26889] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 590.170233][T26889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 590.170244][T26889] Call Trace: [ 590.170252][T26889] [ 590.170259][T26889] dump_stack_lvl+0x100/0x190 [ 590.170301][T26889] should_fail_ex.cold+0x5/0xa [ 590.170324][T26889] should_failslab+0xc2/0x120 [ 590.170345][T26889] __kmalloc_cache_noprof+0x7a/0x6f0 [ 590.170371][T26889] ? proc_thread_self_get_link+0x1a6/0x210 [ 590.170404][T26889] proc_thread_self_get_link+0x1a6/0x210 [ 590.170435][T26889] pick_link+0xac2/0x13c0 [ 590.170463][T26889] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 590.170495][T26889] step_into_slowpath+0x9ba/0xf90 [ 590.170528][T26889] ? __pfx_step_into_slowpath+0x10/0x10 [ 590.170560][T26889] ? lookup_fast+0x2da/0x600 [ 590.170585][T26889] ? inode_permission+0x374/0x620 [ 590.170613][T26889] link_path_walk+0xf28/0x1cc0 [ 590.170649][T26889] path_openat+0x1be/0x31a0 [ 590.170668][T26889] ? kasan_save_stack+0x3f/0x50 [ 590.170684][T26889] ? kasan_save_stack+0x30/0x50 [ 590.170699][T26889] ? kasan_save_track+0x14/0x30 [ 590.170716][T26889] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 590.170750][T26889] ? __pfx_path_openat+0x10/0x10 [ 590.170778][T26889] do_file_open+0x20e/0x430 [ 590.170800][T26889] ? __pfx_do_file_open+0x10/0x10 [ 590.170836][T26889] ? alloc_fd+0x476/0x790 [ 590.170857][T26889] ? do_getname+0x191/0x390 [ 590.170883][T26889] do_sys_openat2+0x10d/0x1e0 [ 590.170909][T26889] ? __pfx_do_sys_openat2+0x10/0x10 [ 590.170943][T26889] __x64_sys_openat+0x12d/0x210 [ 590.170969][T26889] ? __pfx___x64_sys_openat+0x10/0x10 [ 590.171003][T26889] do_syscall_64+0x106/0xf80 [ 590.171023][T26889] ? clear_bhb_loop+0x40/0x90 [ 590.171045][T26889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.171063][T26889] RIP: 0033:0x7ff871d9c819 [ 590.171079][T26889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 590.171096][T26889] RSP: 002b:00007ff872b87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 590.171114][T26889] RAX: ffffffffffffffda RBX: 00007ff872015fa0 RCX: 00007ff871d9c819 [ 590.171125][T26889] RDX: 0000000000008000 RSI: 000020000000c340 RDI: ffffffffffffff9c [ 590.171136][T26889] RBP: 00007ff871e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 590.171147][T26889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 590.171157][T26889] R13: 00007ff872016038 R14: 00007ff872015fa0 R15: 00007fff454aad48 [ 590.171180][T26889] [ 592.057410][T26966] MTRR 1 not used [ 593.242333][T27038] nbd: illegal input index 37139 [ 593.451863][T27048] MTRR 1 not used [ 593.768052][T27062] nbd: illegal input index 37139 [ 595.002543][T27114] netlink: zone id is out of range [ 595.022224][T27114] netlink: zone id is out of range [ 595.051485][T27114] netlink: zone id is out of range [ 595.071587][T27114] netlink: zone id is out of range [ 595.091667][T27114] netlink: zone id is out of range [ 595.118561][T27114] netlink: zone id is out of range [ 595.139247][T27114] netlink: zone id is out of range [ 595.167960][T27114] netlink: zone id is out of range [ 595.189511][T27114] netlink: zone id is out of range [ 595.212310][T27114] netlink: zone id is out of range [ 596.230164][T27158] program syz.3.9892 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 596.613293][T27181] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9901'. [ 596.893050][T27181] syz.2.9901 (27181) used greatest stack depth: 19672 bytes left [ 597.300310][T27220] : entered promiscuous mode [ 597.556733][T27236] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9917'. [ 598.663029][T27291] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 600.278003][T27364] net_ratelimit: 48 callbacks suppressed [ 600.278022][T27364] openvswitch: netlink: IP tunnel TTL not specified. [ 600.453241][T27376] block nbd2: not configured, cannot reconfigure [ 600.567388][T27379] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 600.585029][T27381] syz_tun: tun_chr_ioctl cmd 1074025684 [ 600.605787][T27383] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 600.612603][T27383] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 601.295384][T27410] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9998'. [ 601.304397][T27410] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9998'. [ 601.373915][T27412] netlink: zone id is out of range [ 601.389429][T27412] netlink: zone id is out of range [ 601.409593][T27412] netlink: zone id is out of range [ 601.446829][T27412] netlink: zone id is out of range [ 601.464073][T27412] netlink: zone id is out of range [ 601.486198][T27412] netlink: zone id is out of range [ 601.509132][T27412] netlink: zone id is out of range [ 602.248066][T27452] nbd: couldn't find device at index 33904 [ 603.111412][T27492] netlink: 'syz.2.10038': attribute type 11 has an invalid length. [ 603.327382][T27501] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10043'. [ 603.945047][T27551] No such timeout policy "" [ 604.313802][T27567] netlink: 'syz.2.10061': attribute type 1 has an invalid length. [ 605.664538][T16650] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 605.664566][T16650] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 605.680905][T16650] Bluetooth: hci2: Dropping invalid advertising data [ 605.687719][T16650] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 605.687743][T16650] Bluetooth: hci2: Dropping invalid advertising data [ 605.703075][T16650] Bluetooth: hci2: Malformed LE Event: 0x02 [ 605.810248][T27640] NFSD: Failed to start, no listeners configured. [ 605.832449][T27654] random: crng reseeded on system resumption [ 606.086644][T27673] HfR: entered promiscuous mode [ 606.356384][T27683] netlink: 'syz.0.10091': attribute type 2 has an invalid length. [ 606.562462][T27692] nfs: Unknown parameter 'm?LH>「^eko}* ' [ 607.937600][T27754] .^: entered promiscuous mode [ 608.614023][T27789] net_ratelimit: 7 callbacks suppressed [ 608.614041][T27789] netlink: del zone limit has 4 unknown bytes [ 608.926788][T27801] netlink: 'syz.3.10137': attribute type 11 has an invalid length. [ 609.077652][T16650] Bluetooth: hci3: unexpected subevent 0x0c length: 118 > 5 [ 610.029119][T27847] netlink: 'syz.0.10156': attribute type 2 has an invalid length. [ 610.754487][T27883] netlink: 'syz.3.10173': attribute type 1 has an invalid length. [ 610.916806][T27892] netlink: 'syz.1.10177': attribute type 1 has an invalid length. [ 611.463040][T27929] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input40 [ 611.780682][T27946] openvswitch: HfR: Dropping previously announced user features [ 612.648797][T28001] FAULT_INJECTION: forcing a failure. [ 612.648797][T28001] name failslab, interval 0, probability 0, space 0, times 0 [ 612.726185][T28001] CPU: 0 UID: 0 PID: 28001 Comm: syz.0.10207 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 612.726226][T28001] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 612.726235][T28001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 612.726246][T28001] Call Trace: [ 612.726253][T28001] [ 612.726260][T28001] dump_stack_lvl+0x100/0x190 [ 612.726293][T28001] should_fail_ex.cold+0x5/0xa [ 612.726315][T28001] should_failslab+0xc2/0x120 [ 612.726336][T28001] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 612.726367][T28001] ? __d_alloc+0x34/0xa80 [ 612.726393][T28001] __d_alloc+0x34/0xa80 [ 612.726418][T28001] d_alloc+0x4a/0x1e0 [ 612.726441][T28001] lookup_one_qstr_excl+0x175/0x250 [ 612.726468][T28001] start_dirop+0x59/0xb0 [ 612.726487][T28001] simple_start_creating+0xf9/0x110 [ 612.726505][T28001] ? __pfx_simple_start_creating+0x10/0x10 [ 612.726524][T28001] ? mntput+0x70/0xa0 [ 612.726540][T28001] ? simple_pin_fs+0xa3/0x190 [ 612.726569][T28001] debugfs_start_creating.part.0+0x82/0x170 [ 612.726593][T28001] __debugfs_create_file+0xb3/0x4f0 [ 612.726618][T28001] debugfs_create_file_full+0x41/0x60 [ 612.726642][T28001] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 612.726670][T28001] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 612.726696][T28001] ? rcu_is_watching+0x12/0xc0 [ 612.726742][T28001] ? lockdep_init_map_type+0x5c/0x250 [ 612.726771][T28001] preinit_net.part.0+0x24e/0x8f0 [ 612.726792][T28001] copy_net_ns+0x339/0x7c0 [ 612.726815][T28001] create_new_namespaces+0x3ea/0xac0 [ 612.726841][T28001] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 612.726863][T28001] ksys_unshare+0x473/0xad0 [ 612.726889][T28001] ? __pfx_ksys_unshare+0x10/0x10 [ 612.726921][T28001] __x64_sys_unshare+0x31/0x40 [ 612.726945][T28001] do_syscall_64+0x106/0xf80 [ 612.726965][T28001] ? clear_bhb_loop+0x40/0x90 [ 612.726988][T28001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.727006][T28001] RIP: 0033:0x7ff871d9c819 [ 612.727022][T28001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.727038][T28001] RSP: 002b:00007ff872b87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 612.727055][T28001] RAX: ffffffffffffffda RBX: 00007ff872015fa0 RCX: 00007ff871d9c819 [ 612.727067][T28001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 612.727077][T28001] RBP: 00007ff871e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 612.727087][T28001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 612.727097][T28001] R13: 00007ff872016038 R14: 00007ff872015fa0 R15: 00007fff454aad48 [ 612.727119][T28001] [ 616.886400][T28261] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 617.581603][T28293] netlink: 'syz.1.10289': attribute type 1 has an invalid length. [ 617.792806][T28303] netlink: 'syz.1.10294': attribute type 1 has an invalid length. [ 617.821488][T28303] netlink: 'syz.1.10294': attribute type 1 has an invalid length. [ 617.858825][T28303] netlink: 124 bytes leftover after parsing attributes in process `syz.1.10294'. [ 617.889849][T28303] netlink: 100 bytes leftover after parsing attributes in process `syz.1.10294'. [ 618.066434][T16650] Bluetooth: hci0: unexpected subevent 0x18 length: 123 > 19 [ 618.074045][T16650] Bluetooth: hci0: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 619.440850][T28378] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 620.032367][T28398] nbd: must specify a device to reconfigure [ 622.184215][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 622.196152][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 622.617260][T28493] nbd: must specify a device to reconfigure [ 624.210745][T28555] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 624.641488][T28568] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 626.145658][T28622] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10448'. [ 626.614224][T28639] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 628.662180][T28718] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 628.668825][T28718] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 629.157104][T28735] block nbd2: not configured, cannot reconfigure [ 629.679165][T28758] openvswitch: netlink: IP tunnel TTL not specified. [ 630.071392][T28778] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 630.224998][T28784] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 630.304174][T28787] netlink: zone id is out of range [ 630.319663][T28787] netlink: zone id is out of range [ 630.342352][T28787] netlink: zone id is out of range [ 630.369626][T28787] netlink: zone id is out of range [ 630.401719][T28787] netlink: zone id is out of range [ 630.417329][T28787] netlink: zone id is out of range [ 630.454703][T28787] netlink: zone id is out of range [ 630.731262][T28807] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10531'. [ 631.320418][T28834] netlink: 'syz.3.10552': attribute type 11 has an invalid length. [ 631.686399][T28849] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10550'. [ 632.802603][T16650] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 632.802631][T16650] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 632.817811][T16650] Bluetooth: hci3: Dropping invalid advertising data [ 632.824674][T16650] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 632.824698][T16650] Bluetooth: hci3: Dropping invalid advertising data [ 632.841520][T16650] Bluetooth: hci3: Malformed LE Event: 0x02 [ 633.250498][T28934] NFSD: Failed to start, no listeners configured. [ 634.549588][T16650] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 634.549615][T16650] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 634.566842][T16650] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 634.566863][T16650] Bluetooth: hci3: Unknown advertising packet type: 0x79 [ 634.574361][T16650] Bluetooth: hci3: adv larger than maximum supported [ 634.581517][T16650] Bluetooth: hci3: Malformed LE Event: 0x0d [ 635.342270][T29025] netlink: 'syz.1.10618': attribute type 2 has an invalid length. [ 635.416685][T29028] netlink: 'syz.2.10620': attribute type 1 has an invalid length. [ 635.518740][T29031] netlink: 'syz.0.10621': attribute type 1 has an invalid length. [ 638.900157][T29182] FAULT_INJECTION: forcing a failure. [ 638.900157][T29182] name failslab, interval 0, probability 0, space 0, times 0 [ 638.963347][T29182] CPU: 0 UID: 0 PID: 29182 Comm: syz.2.10690 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 638.963382][T29182] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 638.963391][T29182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 638.963401][T29182] Call Trace: [ 638.963408][T29182] [ 638.963415][T29182] dump_stack_lvl+0x100/0x190 [ 638.963449][T29182] should_fail_ex.cold+0x5/0xa [ 638.963471][T29182] should_failslab+0xc2/0x120 [ 638.963493][T29182] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 638.963523][T29182] ? __d_alloc+0x34/0xa80 [ 638.963549][T29182] __d_alloc+0x34/0xa80 [ 638.963574][T29182] d_alloc+0x4a/0x1e0 [ 638.963597][T29182] lookup_one_qstr_excl+0x175/0x250 [ 638.963624][T29182] start_dirop+0x59/0xb0 [ 638.963643][T29182] simple_start_creating+0xf9/0x110 [ 638.963661][T29182] ? __pfx_simple_start_creating+0x10/0x10 [ 638.963680][T29182] ? mntput+0x70/0xa0 [ 638.963696][T29182] ? simple_pin_fs+0xa3/0x190 [ 638.963724][T29182] debugfs_start_creating.part.0+0x82/0x170 [ 638.963748][T29182] __debugfs_create_file+0xb3/0x4f0 [ 638.963773][T29182] debugfs_create_file_full+0x41/0x60 [ 638.963797][T29182] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 638.963825][T29182] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 638.963851][T29182] ? rcu_is_watching+0x12/0xc0 [ 638.963898][T29182] ? lockdep_init_map_type+0x5c/0x250 [ 638.963928][T29182] preinit_net.part.0+0x24e/0x8f0 [ 638.963948][T29182] copy_net_ns+0x339/0x7c0 [ 638.963972][T29182] create_new_namespaces+0x3ea/0xac0 [ 638.963997][T29182] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 638.964019][T29182] ksys_unshare+0x473/0xad0 [ 638.964044][T29182] ? __pfx_ksys_unshare+0x10/0x10 [ 638.964076][T29182] __x64_sys_unshare+0x31/0x40 [ 638.964099][T29182] do_syscall_64+0x106/0xf80 [ 638.964118][T29182] ? clear_bhb_loop+0x40/0x90 [ 638.964141][T29182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.964169][T29182] RIP: 0033:0x7f2ca0d9c819 [ 638.964184][T29182] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 638.964201][T29182] RSP: 002b:00007f2ca1c3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 638.964218][T29182] RAX: ffffffffffffffda RBX: 00007f2ca1015fa0 RCX: 00007f2ca0d9c819 [ 638.964230][T29182] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 638.964241][T29182] RBP: 00007f2ca0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 638.964252][T29182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 638.964262][T29182] R13: 00007f2ca1016038 R14: 00007f2ca1015fa0 R15: 00007ffcb9f31db8 [ 638.964286][T29182] [ 640.694181][T29266] net_ratelimit: 8 callbacks suppressed [ 640.694199][T29266] netlink: zone id is out of range [ 640.749743][T29266] netlink: zone id is out of range [ 641.220688][T29293] ALSA: mixer_oss: invalid OSS volume ',e&ER$o i<\#Z\' [ 642.326151][T29359] program syz.2.10754 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 642.438360][T16650] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 642.438389][T16650] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 642.453831][T16650] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 642.453876][T16650] Bluetooth: hci2: Malformed LE Event: 0x0d [ 642.600468][T29369] netlink: zone id is out of range [ 642.605637][T29369] netlink: zone id is out of range [ 642.653769][T29369] netlink: zone id is out of range [ 642.673422][T29369] netlink: zone id is out of range [ 642.673436][T29369] netlink: zone id is out of range [ 642.673443][T29369] netlink: zone id is out of range [ 642.673450][T29369] netlink: zone id is out of range [ 642.673457][T29369] netlink: zone id is out of range [ 644.527494][T29471] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 646.207252][T29545] netlink: 'syz.0.10827': attribute type 1 has an invalid length. [ 646.218487][T29547] FAULT_INJECTION: forcing a failure. [ 646.218487][T29547] name failslab, interval 0, probability 0, space 0, times 0 [ 646.241528][T29547] CPU: 0 UID: 0 PID: 29547 Comm: syz.3.10828 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 646.241562][T29547] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 646.241570][T29547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 646.241582][T29547] Call Trace: [ 646.241588][T29547] [ 646.241595][T29547] dump_stack_lvl+0x100/0x190 [ 646.241628][T29547] should_fail_ex.cold+0x5/0xa [ 646.241652][T29547] should_failslab+0xc2/0x120 [ 646.241673][T29547] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 646.241703][T29547] ? __d_alloc+0x34/0xa80 [ 646.241729][T29547] __d_alloc+0x34/0xa80 [ 646.241753][T29547] d_alloc+0x4a/0x1e0 [ 646.241776][T29547] lookup_one_qstr_excl+0x175/0x250 [ 646.241804][T29547] start_dirop+0x59/0xb0 [ 646.241822][T29547] simple_start_creating+0xf9/0x110 [ 646.241841][T29547] ? __pfx_simple_start_creating+0x10/0x10 [ 646.241860][T29547] ? mntput+0x70/0xa0 [ 646.241876][T29547] ? simple_pin_fs+0xa3/0x190 [ 646.241904][T29547] debugfs_start_creating.part.0+0x82/0x170 [ 646.241928][T29547] __debugfs_create_file+0xb3/0x4f0 [ 646.241954][T29547] debugfs_create_file_full+0x41/0x60 [ 646.241978][T29547] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 646.242006][T29547] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 646.242032][T29547] ? rcu_is_watching+0x12/0xc0 [ 646.242079][T29547] ? lockdep_init_map_type+0x5c/0x250 [ 646.242109][T29547] preinit_net.part.0+0x24e/0x8f0 [ 646.242139][T29547] copy_net_ns+0x339/0x7c0 [ 646.242164][T29547] create_new_namespaces+0x3ea/0xac0 [ 646.242190][T29547] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 646.242214][T29547] ksys_unshare+0x473/0xad0 [ 646.242240][T29547] ? __pfx_ksys_unshare+0x10/0x10 [ 646.242273][T29547] __x64_sys_unshare+0x31/0x40 [ 646.242296][T29547] do_syscall_64+0x106/0xf80 [ 646.242316][T29547] ? clear_bhb_loop+0x40/0x90 [ 646.242338][T29547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 646.242357][T29547] RIP: 0033:0x7f22ec39c819 [ 646.242373][T29547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 646.242390][T29547] RSP: 002b:00007f22ed1c4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 646.242409][T29547] RAX: ffffffffffffffda RBX: 00007f22ec615fa0 RCX: 00007f22ec39c819 [ 646.242420][T29547] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 646.242431][T29547] RBP: 00007f22ec432c91 R08: 0000000000000000 R09: 0000000000000000 [ 646.242442][T29547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 646.242452][T29547] R13: 00007f22ec616038 R14: 00007f22ec615fa0 R15: 00007fff70d6bbb8 [ 646.242475][T29547] [ 646.926143][T29587] net_ratelimit: 50 callbacks suppressed [ 646.926169][T29587] openvswitch: netlink: Duplicate or invalid key (type 0). [ 647.425225][T29606] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10844'. [ 647.626734][T29615] HfR: entered promiscuous mode [ 647.732405][T29619] .^: entered promiscuous mode [ 647.882843][T29635] No such timeout policy "" [ 647.887647][T29635] netlink: Failed to associated timeout policy '' [ 648.614533][T29684] .^: entered promiscuous mode [ 649.044471][T29715] FAULT_INJECTION: forcing a failure. [ 649.044471][T29715] name failslab, interval 0, probability 0, space 0, times 0 [ 649.116302][T29715] CPU: 0 UID: 0 PID: 29715 Comm: syz.2.10870 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 649.116338][T29715] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 649.116347][T29715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 649.116357][T29715] Call Trace: [ 649.116364][T29715] [ 649.116372][T29715] dump_stack_lvl+0x100/0x190 [ 649.116405][T29715] should_fail_ex.cold+0x5/0xa [ 649.116427][T29715] should_failslab+0xc2/0x120 [ 649.116449][T29715] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 649.116478][T29715] ? security_file_alloc+0x34/0x2c0 [ 649.116504][T29715] ? trace_kmem_cache_alloc+0xf3/0x120 [ 649.116529][T29715] security_file_alloc+0x34/0x2c0 [ 649.116554][T29715] init_file+0x95/0x480 [ 649.116578][T29715] alloc_empty_file+0x73/0x1c0 [ 649.116603][T29715] alloc_file_pseudo+0x13a/0x230 [ 649.116629][T29715] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 649.116652][T29715] ? alloc_fd+0x476/0x790 [ 649.116673][T29715] ? do_raw_spin_unlock+0x145/0x1e0 [ 649.116704][T29715] __anon_inode_getfile+0xe8/0x280 [ 649.116735][T29715] anon_inode_getfile_fmode+0x37/0xa0 [ 649.116760][T29715] __do_sys_fanotify_init+0xa79/0xe50 [ 649.116793][T29715] do_syscall_64+0x106/0xf80 [ 649.116813][T29715] ? clear_bhb_loop+0x40/0x90 [ 649.116836][T29715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.116854][T29715] RIP: 0033:0x7f2ca0d9c819 [ 649.116870][T29715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 649.116888][T29715] RSP: 002b:00007f2ca1c3e028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 649.116906][T29715] RAX: ffffffffffffffda RBX: 00007f2ca1015fa0 RCX: 00007f2ca0d9c819 [ 649.116917][T29715] RDX: 0000000000000000 RSI: 0002010000000000 RDI: 0000000000000200 [ 649.116929][T29715] RBP: 00007f2ca0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 649.116939][T29715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 649.116950][T29715] R13: 00007f2ca1016038 R14: 00007f2ca1015fa0 R15: 00007ffcb9f31db8 [ 649.116973][T29715] [ 649.353964][T29719] : entered promiscuous mode [ 650.069312][T29750] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10886'. [ 652.150774][T29871] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 652.801735][T29901] netlink: 'syz.3.10938': attribute type 2 has an invalid length. [ 653.208873][T29918] netlink: 'syz.2.10943': attribute type 1 has an invalid length. [ 653.288185][T29920] NFSD: Failed to start, no listeners configured. [ 653.545853][T29934] netlink: del zone limit has 4 unknown bytes [ 654.132876][T29962] : entered promiscuous mode [ 654.242450][T29979] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 654.585388][T16650] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 654.585417][T16650] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 654.602358][T16650] Bluetooth: hci0: Dropping invalid advertising data [ 654.609265][T16650] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 654.609289][T16650] Bluetooth: hci0: Dropping invalid advertising data [ 654.624404][T16650] Bluetooth: hci0: Malformed LE Event: 0x02 [ 656.443741][T30098] tc_dump_action: action bad kind [ 656.834410][T16650] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 656.834438][T16650] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 656.850378][T16650] Bluetooth: hci1: Dropping invalid advertising data [ 656.857125][T16650] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 656.857148][T16650] Bluetooth: hci1: Dropping invalid advertising data [ 656.874622][T16650] Bluetooth: hci1: Malformed LE Event: 0x02 [ 657.865250][T30185] openvswitch: netlink: Message has 4 unknown bytes. [ 659.021666][T16650] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 659.021694][T16650] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 659.039686][T16650] Bluetooth: hci0: Dropping invalid advertising data [ 659.046457][T16650] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 659.046484][T16650] Bluetooth: hci0: Dropping invalid advertising data [ 659.060422][T16650] Bluetooth: hci0: Malformed LE Event: 0x02 [ 659.737371][T30277] random: crng reseeded on system resumption [ 659.818793][T30280] netlink: ct_mark mask cannot be 0 [ 660.412259][T16650] Bluetooth: hci2: ACL packet too small [ 661.125228][T16650] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 661.125255][T16650] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 661.140167][T16650] Bluetooth: hci1: Dropping invalid advertising data [ 661.146933][T16650] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 661.146955][T16650] Bluetooth: hci1: Dropping invalid advertising data [ 661.162574][T16650] Bluetooth: hci1: Malformed LE Event: 0x02 [ 661.691525][T30381] netlink: 'syz.0.11096': attribute type 4 has an invalid length. [ 661.699387][T30381] netlink: 'syz.0.11096': attribute type 1 has an invalid length. [ 661.852430][T30386] netlink: 'syz.2.11098': attribute type 1 has an invalid length. [ 661.943152][T30388] netlink: 338 bytes leftover after parsing attributes in process `syz.3.11099'. [ 662.019270][T30391] netlink: 338 bytes leftover after parsing attributes in process `syz.3.11099'. [ 662.359984][T30402] openvswitch: netlink: IPv4 tunnel dst address is zero [ 662.573428][ T29] audit: type=1326 audit(4294967443.166:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30410 comm="syz.2.11111" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2ca0d9c819 code=0x0 [ 662.965649][T30428] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11118'. [ 663.303314][T16650] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 663.303342][T16650] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 663.318519][T16650] Bluetooth: hci2: Dropping invalid advertising data [ 663.325953][T16650] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 663.325978][T16650] Bluetooth: hci2: Dropping invalid advertising data [ 663.340115][T16650] Bluetooth: hci2: Malformed LE Event: 0x02 [ 664.189519][T30498] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11139'. [ 664.245180][T30498] netlink: 29 bytes leftover after parsing attributes in process `syz.2.11139'. [ 664.459646][T30507] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 664.677117][T30518] rtc_cmos 00:00: Alarms can be up to one day in the future [ 666.052955][T30592] openvswitch: netlink: IPv4 tunnel dst address is zero [ 666.233159][T30598] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11175'. [ 667.549533][T30659] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 667.932231][T30674] netlink: 342 bytes leftover after parsing attributes in process `syz.0.11211'. [ 669.138794][T30729] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11238'. [ 669.438411][T30739] NFSD: Failed to start, no listeners configured. [ 669.755056][T30757] netlink: 'syz.1.11246': attribute type 1 has an invalid length. [ 670.118569][T30777] openvswitch: netlink: Flow key attr not present in new flow. [ 672.691845][T30900] netlink: 'syz.1.11312': attribute type 8 has an invalid length. [ 672.938629][T30911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11319'. [ 676.104833][T31056] netlink: 'syz.2.11385': attribute type 1 has an invalid length. [ 676.293995][T31061] netlink: 'syz.0.11387': attribute type 11 has an invalid length. [ 676.326428][T31061] netlink: 'syz.0.11387': attribute type 11 has an invalid length. [ 676.350385][T31061] netlink: 'syz.0.11387': attribute type 11 has an invalid length. [ 676.381579][T31061] netlink: 'syz.0.11387': attribute type 11 has an invalid length. [ 676.575703][T31073] batman_adv: Routing algorithm '' is not supported [ 677.420816][T31115] __vm_enough_memory: pid: 31115, comm: syz.2.11413, bytes: 4398046511104 not enough memory for the allocation [ 678.459927][T31163] netlink: 'syz.2.11437': attribute type 9 has an invalid length. [ 678.586561][T31166] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 680.156129][T31239] random: crng reseeded on system resumption [ 681.569425][T31305] openvswitch: netlink: IP tunnel dst address not specified [ 681.769835][T31314] netlink: 'syz.3.11511': attribute type 1 has an invalid length. [ 683.302070][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 683.309028][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 683.640932][T31393] netlink: 'syz.2.11548': attribute type 11 has an invalid length. [ 683.696639][T31393] netlink: 'syz.2.11548': attribute type 11 has an invalid length. [ 683.716298][T31398] random: crng reseeded on system resumption [ 683.762480][T31393] netlink: 'syz.2.11548': attribute type 11 has an invalid length. [ 685.282761][T31461] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 685.594826][T31473] FAULT_INJECTION: forcing a failure. [ 685.594826][T31473] name failslab, interval 0, probability 0, space 0, times 0 [ 685.663904][T31473] CPU: 0 UID: 0 PID: 31473 Comm: syz.3.11588 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 685.663941][T31473] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 685.663949][T31473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 685.663959][T31473] Call Trace: [ 685.663966][T31473] [ 685.663974][T31473] dump_stack_lvl+0x100/0x190 [ 685.664008][T31473] should_fail_ex.cold+0x5/0xa [ 685.664031][T31473] ? tomoyo_realpath_from_path+0xb6/0x690 [ 685.664059][T31473] should_failslab+0xc2/0x120 [ 685.664080][T31473] __kmalloc_noprof+0xe0/0x850 [ 685.664123][T31473] tomoyo_realpath_from_path+0xb6/0x690 [ 685.664155][T31473] tomoyo_check_open_permission+0x2af/0x3c0 [ 685.664180][T31473] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 685.664226][T31473] ? do_raw_spin_lock+0x128/0x260 [ 685.664256][T31473] ? path_get+0x61/0x80 [ 685.664281][T31473] tomoyo_file_open+0x6b/0x90 [ 685.664300][T31473] security_file_open+0xb5/0x1e0 [ 685.664326][T31473] do_dentry_open+0x5aa/0x1660 [ 685.664348][T31473] ? security_inode_permission+0xbf/0x250 [ 685.664375][T31473] vfs_open+0x82/0x3f0 [ 685.664402][T31473] path_openat+0x208c/0x31a0 [ 685.664426][T31473] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.664448][T31473] ? __pfx_path_openat+0x10/0x10 [ 685.664477][T31473] do_file_open+0x20e/0x430 [ 685.664499][T31473] ? __pfx_do_file_open+0x10/0x10 [ 685.664535][T31473] ? _raw_spin_unlock+0x28/0x50 [ 685.664563][T31473] ? alloc_fd+0x476/0x790 [ 685.664589][T31473] do_sys_openat2+0x10d/0x1e0 [ 685.664615][T31473] ? __pfx_do_sys_openat2+0x10/0x10 [ 685.664649][T31473] __x64_sys_open+0xfe/0x1d0 [ 685.664674][T31473] ? __pfx___x64_sys_open+0x10/0x10 [ 685.664708][T31473] do_syscall_64+0x106/0xf80 [ 685.664727][T31473] ? clear_bhb_loop+0x40/0x90 [ 685.664749][T31473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.664768][T31473] RIP: 0033:0x7f22ec39c819 [ 685.664783][T31473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 685.664800][T31473] RSP: 002b:00007f22ed1c4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 685.664818][T31473] RAX: ffffffffffffffda RBX: 00007f22ec615fa0 RCX: 00007f22ec39c819 [ 685.664830][T31473] RDX: b5d1af1605322ddc RSI: 0000000000080400 RDI: 0000200000000140 [ 685.664841][T31473] RBP: 00007f22ec432c91 R08: 0000000000000000 R09: 0000000000000000 [ 685.664852][T31473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 685.664863][T31473] R13: 00007f22ec616038 R14: 00007f22ec615fa0 R15: 00007fff70d6bbb8 [ 685.664885][T31473] [ 685.664893][T31473] ERROR: Out of memory at tomoyo_realpath_from_path. [ 686.003881][T31477] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 687.514855][T31528] openvswitch: netlink: IP tunnel dst address not specified [ 687.872197][T31542] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 687.954762][T31544] netlink: 206 bytes leftover after parsing attributes in process `syz.1.11620'. [ 688.592732][T16650] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 689.377834][T31595] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 80 3c 32 00 0f 85 08 06 00 00 49 8b 2f 48 c7 c7 ff ff ff ff 48 [ 689.634890][T31603] RSP: 0018:ffffc90005dafb38 EFLAGS: 00010246 [ 689.640961][T31603] RAX: 000000000001c17c RBX: ffff888020ff1f00 RCX: ffffc9000e471000 [ 689.648936][T31603] RDX: 0000000000000000 RSI: ffffffff8260b467 RDI: ffff88801e3b5b80 [ 689.656937][T31603] RBP: ffffc900049f9be0 R08: 0000000000000004 R09: 000000000001c17c [ 689.664916][T31603] R10: 000000000002a4ac R11: 0000000000000000 R12: 0000000000000001 [ 689.672891][T31603] R13: 000000000001c17c R14: dffffc0000000000 R15: 0000000000000000 [ 689.680888][T31603] FS: 00007f2ca1c3e6c0(0000) GS:ffff888124340000(0000) knlGS:0000000000000000 [ 689.689874][T31603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 689.696466][T31603] CR2: 0000001b30d18ff8 CR3: 000000005bd8c000 CR4: 00000000003526f0 [ 689.704441][T31603] Call Trace: [ 689.707719][T31603] [ 689.710666][T31603] traverse.part.0.constprop.0+0x107/0x650 [ 689.716567][T31603] seq_read_iter+0x93f/0x1270 [ 689.721287][T31603] proc_reg_read_iter+0x220/0x310 [ 689.726429][T31603] ? __pfx_proc_reg_read_iter+0x10/0x10 [ 689.731993][T31603] vfs_read+0x825/0xb30 [ 689.736214][T31603] ? __pfx_vfs_read+0x10/0x10 [ 689.740895][T31603] ? find_held_lock+0x2b/0x80 [ 689.745588][T31603] __x64_sys_pread64+0x1eb/0x250 [ 689.750552][T31603] ? __pfx___x64_sys_pread64+0x10/0x10 [ 689.756119][T31603] do_syscall_64+0x106/0xf80 [ 689.760729][T31603] ? clear_bhb_loop+0x40/0x90 [ 689.765483][T31603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.771395][T31603] RIP: 0033:0x7f2ca0d9c819 [ 689.775835][T31603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 689.795664][T31603] RSP: 002b:00007f2ca1c3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 689.804263][T31603] RAX: ffffffffffffffda RBX: 00007f2ca1015fa0 RCX: 00007f2ca0d9c819 [ 689.812239][T31603] RDX: 0000000000000068 RSI: 0000000000000000 RDI: 0000000000000003 [ 689.820226][T31603] RBP: 00007f2ca0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 689.828195][T31603] R10: 0000000000010005 R11: 0000000000000246 R12: 0000000000000000 [ 689.836252][T31603] R13: 00007f2ca1016038 R14: 00007f2ca1015fa0 R15: 00007ffcb9f31db8 [ 689.844227][T31603] [ 689.847504][T31603] Modules linked in: [ 689.852174][T31603] ---[ end trace 0000000000000000 ]--- [ 689.858494][T31603] RIP: 0010:vmalloc_info_show+0x53d/0xcd0 [ 689.864318][T31603] Code: 00 00 48 8b 53 20 44 89 e8 48 8d 2c c2 48 89 ea 48 c1 ea 03 42 80 3c 32 00 0f 85 e8 05 00 00 4c 8b 7d 00 4c 89 fa 48 c1 ea 03 <42> 80 3c 32 00 0f 85 08 06 00 00 49 8b 2f 48 c7 c7 ff ff ff ff 48 [ 689.884461][T31603] RSP: 0018:ffffc90005dafb38 EFLAGS: 00010246 [ 689.890562][T31603] RAX: 000000000001c17c RBX: ffff888020ff1f00 RCX: ffffc9000e471000 [ 689.898920][T31603] RDX: 0000000000000000 RSI: ffffffff8260b467 RDI: ffff88801e3b5b80 [ 689.907032][T31603] RBP: ffffc900049f9be0 R08: 0000000000000004 R09: 000000000001c17c [ 689.915077][T31603] R10: 000000000002a4ac R11: 0000000000000000 R12: 0000000000000001 [ 689.923053][T31603] R13: 000000000001c17c R14: dffffc0000000000 R15: 0000000000000000 [ 689.931048][T31603] FS: 00007f2ca1c3e6c0(0000) GS:ffff888124340000(0000) knlGS:0000000000000000 [ 689.940008][T31603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 689.946803][T31603] CR2: 0000001b30d18ff8 CR3: 000000005bd8c000 CR4: 00000000003526f0 [ 689.954805][T31603] Kernel panic - not syncing: Fatal exception [ 689.960933][T31603] Kernel Offset: disabled [ 689.965265][T31603] Rebooting in 86400 seconds..