last executing test programs: 17m40.490291376s ago: executing program 32 (id=251): openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x1e1400, 0x0) 13m59.981170526s ago: executing program 33 (id=3996): openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x106) 13m34.455912868s ago: executing program 34 (id=4343): r0 = openat$auto_dai_list_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$auto_dai_list_fops_(r0, &(0x7f0000000140)=""/204, 0xcc) 11m7.194111077s ago: executing program 2 (id=6917): r0 = socket(0x1, 0x1, 0x0) r1 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000180), 0x121100, 0x0) sendfile$auto(r0, r1, 0x0, 0x400000000d) 11m6.951031839s ago: executing program 2 (id=6921): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pwritev2$auto(0x4, &(0x7f0000001fc0)={&(0x7f0000001f00), 0x7}, 0x1, 0xffffffffffffffff, 0x81, 0x8) 11m6.738667795s ago: executing program 2 (id=6922): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r0) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid=0xee00}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) 11m6.393346623s ago: executing program 2 (id=6925): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r0 = epoll_create$auto(0x2) epoll_pwait$auto(r0, 0x0, 0xff, 0x3, 0x0, 0x8) 11m6.231384372s ago: executing program 2 (id=6928): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 11m5.676106136s ago: executing program 2 (id=6934): keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) keyctl$auto(0xb, 0xffffffffffffffff, 0x0, 0x5, 0xfffffffffffffffd) 11m5.267941257s ago: executing program 35 (id=6934): keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) keyctl$auto(0xb, 0xffffffffffffffff, 0x0, 0x5, 0xfffffffffffffffd) 5m0.750632037s ago: executing program 1 (id=11564): socket(0xf, 0x3, 0x2) setreuid$auto(0x0, 0x2) socket(0xa, 0x5, 0x0) setsockopt$auto(0x4, 0x0, 0x8000000041, 0xfffffffffffffffc, 0x70) 4m57.418116315s ago: executing program 1 (id=11583): socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000000000000000) 4m53.891677833s ago: executing program 1 (id=11605): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyaf\x00', 0x101e81, 0x0) r0 = openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) ioctl$auto(0x3, 0x5424, r0) 4m50.095531498s ago: executing program 1 (id=11626): mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) ustat$auto(0x801, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 4m47.622429616s ago: executing program 1 (id=11638): statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x7, 0x1ff, 0x7, 0x8, 0x4909b6f8, 0x1ffdf, 0x9, 0x9, 0x7, 0xa121, 0x3, 0x0, 0x8004, 0xb4, 0xa, 0x6, 0x10001, 0x2, 0x100000000, 0xe, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x4000000000, 0x0, 0x0, 0x50100000000000, 0x6, 0x4000002000, 0x0, 0x6, 0x70624ce7, 0xff, 0x6, 0xfffffffffffffffd, 0x0, 0x80000, 0x5, 0x801, 0xffffffffffffbfff, 0xfffffffffffffffd, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0x800000000000007, 0x4, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x88e, 0x8000000000008, 0xfffffffffffffffb, 0x9, 0xa38, 0x5, 0x3, 0xfffffffffffffffd, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xe) setdomainname$auto(0x0, 0x551) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) write$auto(r0, &(0x7f0000000000)='/dev/input/event0\x00', 0x7fe) 4m44.185618981s ago: executing program 1 (id=11655): unshare$auto(0x40000080) ioperm$auto(0x3, 0xe, 0x2000000000000149) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 4m28.839587604s ago: executing program 36 (id=11655): unshare$auto(0x40000080) ioperm$auto(0x3, 0xe, 0x2000000000000149) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 4m9.451229289s ago: executing program 6 (id=11784): r0 = socket(0x29, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 4m8.707806206s ago: executing program 6 (id=11788): socket(0x23, 0x80805, 0x0) inotify_init1$auto(0x3000000000000) fcntl$auto(0x4, 0x4, 0xa553) close_range$auto(0x2, 0x8000, 0x0) 4m7.990683272s ago: executing program 3 (id=11791): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r0, 0x3a, 0x1, 0x0, 0x0) 4m7.823793496s ago: executing program 6 (id=11792): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x300) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\x88\xa8\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) read$auto(0x3, 0x0, 0x80) 4m6.603034696s ago: executing program 3 (id=11794): unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) syz_clone(0x98280000, 0x0, 0x0, 0x0, 0x0, 0x0) 4m6.525793705s ago: executing program 7 (id=11795): socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008011, 0x4, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) 4m5.863995189s ago: executing program 7 (id=11796): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/watchdog_cpumask\x00', 0x141241, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) write$auto(0x3, 0x0, 0xfdef) 4m5.781630809s ago: executing program 3 (id=11797): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) ioctl$auto(0x1, 0x8983, 0x4) 4m5.190429553s ago: executing program 7 (id=11799): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 4m5.170806874s ago: executing program 3 (id=11800): r0 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) r1 = semctl$auto_GETNCNT(0x3, 0x6, 0xe, 0x101) move_pages$auto(r1, 0xffffffff, &(0x7f0000001140)=&(0x7f0000001040)="548a59e1953539137134f65d1d905fd4a21f3f9ecf264391e6989470bb159723b6894bd6301702a02b01106786631fa9151187c34f5d9181f00eb2c931ab0d3fc4441710c1a271f1df50c13caea3501faf271904e861ae69d961fd1e30a4260c4cc02fa2b31d212d5cac689b71db1568525bce9fb6cb836df362bd5fadd6660c83fd6ce2d8", 0x0, &(0x7f00000011c0)=0x3, 0xec4) read$auto_rng_chrdev_ops_core(r0, &(0x7f0000000040)=""/4096, 0xfffffe82) 4m4.827140438s ago: executing program 6 (id=11801): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) inotify_add_watch$auto(r0, 0x0, 0x300) 4m4.530597993s ago: executing program 8 (id=11720): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0x1, 0x1, 0x81, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x401, 0x5, 0x4, @inferred, @integer={0xdbe, 0x255, 0x8}, "7a9fc199a16a2311eacf2fc7ae1d8778dc618090334fdd73340238d21000debe0eda71bdd709254592b67f9cb5adb17884a16f7ce8cbce0bb32791702b8d7c2d"}) bpf$auto(0x8000000, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3a8453d3, 0x80, 0x8, 0x2, 0x1, 0x200, 0x8, 0x401, 0x2, 0x2, 0x2, 0xc28}, 0x0) r0 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x5bc}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) 4m4.382105755s ago: executing program 7 (id=11802): socket(0x2, 0x2, 0x88) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) connect$auto(0x3, 0x0, 0x55) 4m3.887454517s ago: executing program 8 (id=11803): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r0, 0x3a, 0x1, 0x0, 0x0) 4m3.535683956s ago: executing program 3 (id=11804): mmap$auto(0x0, 0x400007, 0xdf, 0x100000000009b72, 0x2, 0x8000) timer_create$auto(0x0, 0x0, 0x0) timer_settime$auto(0x0, 0x803, &(0x7f0000000000)={{0x800000008, 0x6}, {0x9, 0x2}}, 0x0) timer_gettime$auto(0x0, 0x0) 4m3.51538013s ago: executing program 7 (id=11805): open(&(0x7f0000000800)='./file0\x00', 0x103c40, 0x50) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x4, 0x1, 0xf, 0xffffffffffffffff, 0x0) 4m2.686016686s ago: executing program 7 (id=11806): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8080}, 0x24004805) lstat$auto(0x0, &(0x7f0000000180)={0x7, 0xb, 0xfffffffe, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x6, 0x7, 0x400, 0x7ffffffb, 0x5, 0xffffffff80000000, 0x1, 0x8, 0x107}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 4m2.36370279s ago: executing program 8 (id=11807): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) setsockopt$auto(0x3, 0x114, 0x7, 0x0, 0xa0) 4m1.999706063s ago: executing program 8 (id=11808): bind$auto(0x2, 0x0, 0x5) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000080)={{0x7, 0x939}, {0x0, 0x3}}, 0x0) unshare$auto(0x40000080) 4m1.977412712s ago: executing program 3 (id=11809): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_AGGR_MAX_BYTES={0x8, 0x1a, 0x7}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) 4m1.792307769s ago: executing program 6 (id=11810): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x902, 0x0) mmap$auto(0x0, 0x927c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto_console_fops_tty_io(r0, 0x0, 0x0) 4m1.074349277s ago: executing program 6 (id=11811): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(0x3, 0x0, 0xf34) 3m47.216657867s ago: executing program 37 (id=11806): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8080}, 0x24004805) lstat$auto(0x0, &(0x7f0000000180)={0x7, 0xb, 0xfffffffe, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x6, 0x7, 0x400, 0x7ffffffb, 0x5, 0xffffffff80000000, 0x1, 0x8, 0x107}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 3m46.675985161s ago: executing program 38 (id=11808): bind$auto(0x2, 0x0, 0x5) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000080)={{0x7, 0x939}, {0x0, 0x3}}, 0x0) unshare$auto(0x40000080) 3m46.558431989s ago: executing program 39 (id=11809): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_AGGR_MAX_BYTES={0x8, 0x1a, 0x7}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) 3m45.641357187s ago: executing program 40 (id=11811): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(0x3, 0x0, 0xf34) 3.822114118s ago: executing program 5 (id=12943): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='N\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.502660073s ago: executing program 5 (id=12946): r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000040)={0x1000, "59d5bc625f27b06d3bf8ce0eb9feb8b51906666f5aec4cf632788b14566b6459", @inferred=r0}) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000000c0)={0x8, "e6c26c22ab89af11056b0001ac097e0a0728d9300000c500"}) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x8, "2ba2080000cea5752957e841a600"}) 3.250575787s ago: executing program 5 (id=12949): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x89}]}, 0x28}, 0x1, 0x0, 0x0, 0x4089c}, 0x2400c810) 2.788180631s ago: executing program 5 (id=12960): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex_waitv$auto(&(0x7f0000000180)={0x3fb, 0x6, 0x2, 0xfff}, 0x3, 0xbffffffc, 0x0, 0x81) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101) 2.355481236s ago: executing program 5 (id=12954): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram5\x00', 0xa0141, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setreuid$auto(0x4, 0x8) ioctl$auto_BLKPG(r0, 0x1269, 0x0) 2.217609023s ago: executing program 9 (id=12955): ioperm$auto(0x7, 0x6, 0x2) syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket(0xa, 0x1, 0x84) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x4e25, @rand_addr=0x64010100}, 0x54) 2.136040978s ago: executing program 4 (id=12956): r0 = eventfd$auto(0x34b) readv$auto(r0, &(0x7f0000000380)={0x0, 0x8}, 0x4) read$auto(r0, 0x0, 0xcc9c) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) write$auto(r0, &(0x7f0000000400)='\'\x00', 0x8) 2.128687014s ago: executing program 5 (id=12957): close_range$auto(0x2, 0x8, 0x0) memfd_secret$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x8, 0xfffffffffffffffa, 0x13, 0x3, 0x0) 2.068005843s ago: executing program 0 (id=12958): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x4, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f00000000c0)="fb9d", 0x2) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) write$auto_proc_mem_operations_base(r0, 0x0, 0x0) 1.800564862s ago: executing program 4 (id=12959): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, r0, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x101000, 0x0) pread64$auto(r1, 0x0, 0x10000000000b, 0x0) write$auto(0x3, 0x0, 0xfdef) 1.626609462s ago: executing program 0 (id=12961): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xd, @raw=0x2}}) 1.615531752s ago: executing program 4 (id=12962): mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) link$auto(&(0x7f0000000940)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2DW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xea\xa5\xff \xec\xe8\xca\xbf\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\v\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4N\xbb\xc2\xf8\x9c\xd0+t\x87r\x02\x05\xdb\xe4\xde\xed\x02\x00\x00\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00M\x83\xdb\xaf\xc4\xf23l\xae\xc5\x1d\xc4\xb0\x06\xd06\x1dX\x03\xe3\x9e\xd3\xd96\xcf\xd9\xa3\xcb\xd6B\xc3\x0f#\xd2\x1a\xf9L\xf5\x87My\xce\x19*\xde\x8d+#\x13\x15\xd3Y\x98\xe1\xc3@\x0e\x9c\xc2\xf8\b\xaf\x89\xe5\x00\x89-pWD\xb5&\xc9\x8e\x8d,\xb7}1\x84U\x18y\xa90\xf5\x80\x981U\x17\x14]\xc56j\xe7\x0e\xecBr\xa9]\"\xd36^m\x12\xb6\xbc\x80\xa4h{\xde\xcf\xf7d\x87rl\x11\xf7\x15\xcb~\xb9\x01\x0e\xd7O_\x91\xe1\xead\xee\xed]/p\xd6\xff\x17\xe4\aV\"I\xca\x90\xc7i\'\xa3R\x81\xf1}4\xbeU\x00\xa4\x1d\xea!Z\xd4|\xbe\x987\n!\x9b?\xb9l_\xd8$av\xfe%\xa2\xda\x82\x14\xc311;\xa4ob\x87\xdbY\xe2\x00', &(0x7f0000000b40)='./file0\x00') rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', &(0x7f0000000300)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)') 1.340029869s ago: executing program 4 (id=12963): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getpgrp(0x0) 1.311379351s ago: executing program 9 (id=12964): setreuid$auto(0x0, 0xee00) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x9) bind$auto(0x3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x24, 0x400000}, 0x68) 1.026522084s ago: executing program 9 (id=12965): mmap$auto(0x0, 0x2020009, 0x6, 0x100eb1, 0xfd, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x4040ae79, 0x38) 1.014944968s ago: executing program 0 (id=12966): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/lockd/parameters/nlm_udpport\x00', 0xa001, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fstat$auto(r0, 0x0) write$auto(0x3, 0x0, 0x6) 867.969727ms ago: executing program 4 (id=12967): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x50bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x200000000006}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 841.36478ms ago: executing program 0 (id=12968): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) close_range$auto(r0, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r1) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, r2, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_FD={0x8, 0x17, r0}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 756.25936ms ago: executing program 9 (id=12969): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0xa, 0x3, 0x87) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) mq_notify$auto(0x5cf5, &(0x7f0000000100)={@sival_ptr=0x0, @inferred=r0, 0x2, @_sigev_thread={0x0, 0x0}}) 493.48489ms ago: executing program 0 (id=12970): socket(0x2, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x0) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) 425.068767ms ago: executing program 4 (id=12971): mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) fstatfs$auto(0x0, 0x0) 293.871079ms ago: executing program 9 (id=12972): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) close_range$auto(0x2, 0x8000, 0x0) 120.301461ms ago: executing program 0 (id=12973): socket(0xa, 0x801, 0x84) socket(0xa, 0x3, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) getsockopt$auto(0x6, 0x0, 0xd0, 0xfffffffffffffffe, 0x0) 0s ago: executing program 9 (id=12974): bpf$auto(0x68, &(0x7f0000000000)=@bpf_attr_3={0xa332, 0x2, 0x6, 0x5, 0xfffffbff, 0x2, 0x1, 0x4, 0x7, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x8, 0x81, 0xb03, 0xfffffffffffffffd, 0x3ff, 0x7, @attach_prog_fd, 0xb5f3, 0x632, 0x57d, 0x1ff, 0x8}, 0xa3) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.176' (ED25519) to the list of known hosts. [ 82.146885][ T5826] cgroup: Unknown subsys name 'net' [ 82.294887][ T5826] cgroup: Unknown subsys name 'cpuset' [ 82.303990][ T5826] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.041597][ T5826] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.605821][ T5930] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 88.768087][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.777824][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.787155][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.807284][ T5966] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.821161][ T5966] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.829192][ T5966] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.941655][ T5150] Bluetooth: hci0: command tx timeout [ 93.022128][ T5150] Bluetooth: hci0: command tx timeout [ 94.651687][ T5966] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.662781][ T5966] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.671002][ T5966] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.680428][ T5966] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.689570][ T5966] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.698801][ T5966] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.706806][ T5966] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 94.714316][ T5966] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.734813][ T5993] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.743785][ T5993] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.767565][ T5993] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 94.775729][ T5993] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.841948][ T5150] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.851710][ T5150] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.859729][ T5150] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.867970][ T5150] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.876000][ T5150] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 94.883680][ T5150] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.980786][ T5150] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.997882][ T5150] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.008495][ T5150] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.019643][ T5966] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.028766][ T5966] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 95.036740][ T5966] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.382489][ T5991] chnl_net:caif_netlink_parms(): no params data found [ 95.429839][ T5989] chnl_net:caif_netlink_parms(): no params data found [ 95.607943][ T5991] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.616036][ T5991] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.624948][ T5991] bridge_slave_0: entered allmulticast mode [ 95.633032][ T5991] bridge_slave_0: entered promiscuous mode [ 95.674981][ T5991] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.686023][ T5991] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.693869][ T5991] bridge_slave_1: entered allmulticast mode [ 95.701663][ T5991] bridge_slave_1: entered promiscuous mode [ 95.773800][ T5991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.792318][ T5989] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.799645][ T5989] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.807245][ T5989] bridge_slave_0: entered allmulticast mode [ 95.814381][ T5989] bridge_slave_0: entered promiscuous mode [ 95.826200][ T5996] chnl_net:caif_netlink_parms(): no params data found [ 95.838451][ T5991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.851457][ T5989] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.859062][ T5989] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.866608][ T5989] bridge_slave_1: entered allmulticast mode [ 95.874909][ T5989] bridge_slave_1: entered promiscuous mode [ 95.890839][ T5994] chnl_net:caif_netlink_parms(): no params data found [ 95.945520][ T5989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.979221][ T5991] team0: Port device team_slave_0 added [ 95.991792][ T5989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.038563][ T5991] team0: Port device team_slave_1 added [ 96.093190][ T5989] team0: Port device team_slave_0 added [ 96.128762][ T5991] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.136333][ T5991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.167224][ T5991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.184883][ T5989] team0: Port device team_slave_1 added [ 96.217630][ T5996] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.226484][ T5996] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.235337][ T5996] bridge_slave_0: entered allmulticast mode [ 96.243189][ T5996] bridge_slave_0: entered promiscuous mode [ 96.253259][ T5991] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.260973][ T5991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.290643][ T5991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.332145][ T5996] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.340408][ T5996] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.349908][ T5996] bridge_slave_1: entered allmulticast mode [ 96.358091][ T5996] bridge_slave_1: entered promiscuous mode [ 96.378507][ T5989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.386691][ T5989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.420693][ T5989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.469107][ T5989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.476399][ T5989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.504100][ T5989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.516606][ T5994] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.524711][ T5994] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.532807][ T5994] bridge_slave_0: entered allmulticast mode [ 96.542169][ T5994] bridge_slave_0: entered promiscuous mode [ 96.552914][ T5994] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.561265][ T5994] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.569740][ T5994] bridge_slave_1: entered allmulticast mode [ 96.577838][ T5994] bridge_slave_1: entered promiscuous mode [ 96.589065][ T5996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.606823][ T5996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.686373][ T5994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.700335][ T5996] team0: Port device team_slave_0 added [ 96.720049][ T5991] hsr_slave_0: entered promiscuous mode [ 96.727266][ T5991] hsr_slave_1: entered promiscuous mode [ 96.738399][ T5994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.762762][ T5996] team0: Port device team_slave_1 added [ 96.796096][ T5993] Bluetooth: hci1: command tx timeout [ 96.804616][ T5989] hsr_slave_0: entered promiscuous mode [ 96.811388][ T5989] hsr_slave_1: entered promiscuous mode [ 96.818225][ T5989] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.827334][ T5989] Cannot create hsr debugfs directory [ 96.849439][ T5994] team0: Port device team_slave_0 added [ 96.861648][ T5993] Bluetooth: hci0: command tx timeout [ 96.895382][ T5994] team0: Port device team_slave_1 added [ 96.914745][ T5996] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.922119][ T5996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.951133][ T5993] Bluetooth: hci2: command tx timeout [ 96.957084][ T5996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.003039][ T5996] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.010051][ T5996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.036651][ T5996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.087653][ T5994] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.094743][ T5994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.103018][ T5993] Bluetooth: hci3: command tx timeout [ 97.121938][ T5994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.165426][ T5994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.172837][ T5994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.202259][ T5994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.269338][ T5996] hsr_slave_0: entered promiscuous mode [ 97.276610][ T5996] hsr_slave_1: entered promiscuous mode [ 97.283234][ T5996] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.294751][ T5996] Cannot create hsr debugfs directory [ 97.350464][ T8] cfg80211: failed to load regulatory.db [ 97.420836][ T5994] hsr_slave_0: entered promiscuous mode [ 97.430440][ T5994] hsr_slave_1: entered promiscuous mode [ 97.437629][ T5994] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.446805][ T5994] Cannot create hsr debugfs directory [ 97.605598][ T5991] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.626095][ T5991] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.638128][ T5991] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.680018][ T5991] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.747578][ T5989] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.766700][ T5989] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.778871][ T5989] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.796359][ T5989] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.880142][ T5996] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.897747][ T5996] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.909511][ T5996] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.921002][ T5996] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.037037][ T5994] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.060258][ T5994] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.074142][ T5994] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.094992][ T5994] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.149553][ T5989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.168431][ T5991] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.229716][ T5989] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.241912][ T5991] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.260206][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.267993][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.299319][ T5996] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.330159][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.338316][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.360546][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.369838][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.384237][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.391710][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.454089][ T5996] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.504178][ T73] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.511352][ T73] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.557376][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.565001][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.613909][ T5994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.637079][ T5989] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.717945][ T5994] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.749425][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.757021][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.778434][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.785797][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.869534][ T5994] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.881527][ T5993] Bluetooth: hci1: command tx timeout [ 98.941408][ T5993] Bluetooth: hci0: command tx timeout [ 98.980472][ T5991] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.021954][ T5993] Bluetooth: hci2: command tx timeout [ 99.084868][ T5991] veth0_vlan: entered promiscuous mode [ 99.106617][ T5991] veth1_vlan: entered promiscuous mode [ 99.139634][ T5991] veth0_macvtap: entered promiscuous mode [ 99.177325][ T5991] veth1_macvtap: entered promiscuous mode [ 99.185372][ T5993] Bluetooth: hci3: command tx timeout [ 99.249318][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.264040][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.275900][ T5991] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.286682][ T5991] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.295784][ T5991] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.306426][ T5991] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.335502][ T5996] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.365548][ T5989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.384865][ T5994] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.480137][ T5996] veth0_vlan: entered promiscuous mode [ 99.544475][ T5996] veth1_vlan: entered promiscuous mode [ 99.596974][ T5994] veth0_vlan: entered promiscuous mode [ 99.609280][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.631283][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.647020][ T5989] veth0_vlan: entered promiscuous mode [ 99.688340][ T5989] veth1_vlan: entered promiscuous mode [ 99.698609][ T3440] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.709816][ T5994] veth1_vlan: entered promiscuous mode [ 99.714423][ T3440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.779263][ T5996] veth0_macvtap: entered promiscuous mode [ 99.807959][ T5989] veth0_macvtap: entered promiscuous mode [ 99.842343][ T5996] veth1_macvtap: entered promiscuous mode [ 99.871464][ T5989] veth1_macvtap: entered promiscuous mode [ 99.908443][ T5994] veth0_macvtap: entered promiscuous mode [ 99.929629][ T5996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.943752][ T5996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.963176][ T5996] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.984811][ T5994] veth1_macvtap: entered promiscuous mode [ 100.007995][ T5989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.025572][ T5989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.038067][ T5989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.051251][ T5989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.065995][ T5989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.084059][ T5996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.102952][ T5996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.116809][ T5996] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.151324][ T5989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.166251][ T5989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.177597][ T5989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.189564][ T5989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.207813][ T5989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.220139][ T5989] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.231224][ T5989] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.249925][ T5989] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.256341][ T5993] Bluetooth: hci1: unexpected event 0x23 length: 127 > 13 [ 100.269609][ T5989] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.323571][ T5996] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.372257][ T5996] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.397094][ T5996] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.407005][ T5996] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.430181][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.448521][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.459890][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.473186][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.488482][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.499928][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.512543][ T5994] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.538517][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.558487][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.572673][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.600943][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.620688][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.638485][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.656918][ T5994] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.713650][ T5994] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.734541][ T5994] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.744710][ T5994] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.755705][ T5994] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.866302][ T3592] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.898289][ T3592] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.952075][ T5993] Bluetooth: hci1: command tx timeout [ 101.005008][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.022074][ T5993] Bluetooth: hci0: command tx timeout [ 101.047692][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.101364][ T5993] Bluetooth: hci2: command tx timeout [ 101.152573][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.172935][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.180824][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.191040][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.261313][ T5993] Bluetooth: hci3: command tx timeout [ 101.334308][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.374522][ T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.394316][ T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.401018][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.798229][ T5993] Bluetooth: hci3: unexpected event 0x03 length: 725 > 11 [ 102.453384][ T29] audit: type=1800 audit(1739905494.949:2): pid=6097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.114" name="discovery_nqn" dev="configfs" ino=8582 res=0 errno=0 [ 103.022696][ T5993] Bluetooth: hci1: command tx timeout [ 103.101732][ T5993] Bluetooth: hci0: command tx timeout [ 103.181652][ T5993] Bluetooth: hci2: command tx timeout [ 103.341193][ T5993] Bluetooth: hci3: command tx timeout [ 110.692017][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.798585][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.977715][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.234920][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.623033][ T5966] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 111.647064][ T5966] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 111.655374][ T5966] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 111.674574][ T5966] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 111.699248][ T5966] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 111.707830][ T5966] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 111.716004][ T12] bridge_slave_1: left allmulticast mode [ 111.723164][ T12] bridge_slave_1: left promiscuous mode [ 111.768043][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.875325][ T12] bridge_slave_0: left allmulticast mode [ 111.881187][ T12] bridge_slave_0: left promiscuous mode [ 111.901288][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.865065][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.883255][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.899939][ T12] bond0 (unregistering): Released all slaves [ 113.774625][ T5966] Bluetooth: hci1: command tx timeout [ 114.028344][ T12] hsr_slave_0: left promiscuous mode [ 114.070899][ T12] hsr_slave_1: left promiscuous mode [ 114.115053][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 114.142752][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 114.174723][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 114.194757][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.251530][ T12] veth1_macvtap: left promiscuous mode [ 114.282346][ T12] veth0_macvtap: left promiscuous mode [ 114.288062][ T12] veth1_vlan: left promiscuous mode [ 114.327756][ T12] veth0_vlan: left promiscuous mode [ 115.845444][ T5966] Bluetooth: hci1: command tx timeout [ 115.919903][ T12] team0 (unregistering): Port device team_slave_1 removed [ 116.126041][ T12] team0 (unregistering): Port device team_slave_0 removed [ 117.913560][ T5966] Bluetooth: hci1: command tx timeout [ 118.169081][ T6407] chnl_net:caif_netlink_parms(): no params data found [ 118.759671][ T6407] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.766896][ T6407] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.828369][ T6407] bridge_slave_0: entered allmulticast mode [ 118.835592][ T6407] bridge_slave_0: entered promiscuous mode [ 118.860451][ T6407] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.868495][ T6407] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.875751][ T6407] bridge_slave_1: entered allmulticast mode [ 118.898982][ T6407] bridge_slave_1: entered promiscuous mode [ 119.061792][ T6407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 119.091659][ T6407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 119.268443][ T6407] team0: Port device team_slave_0 added [ 119.319602][ T6407] team0: Port device team_slave_1 added [ 119.427073][ T6407] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 119.434100][ T6407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 119.545218][ T6407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 119.582100][ T6407] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 119.594093][ T6407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 119.620644][ T6664] capability: warning: `syz.3.372' uses deprecated v2 capabilities in a way that may be insecure [ 119.673420][ T6407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 119.837396][ T6407] hsr_slave_0: entered promiscuous mode [ 119.863281][ T6407] hsr_slave_1: entered promiscuous mode [ 119.982446][ T5966] Bluetooth: hci1: command tx timeout [ 120.454578][ T6407] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 120.495635][ T6407] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 120.531689][ T6407] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 120.582692][ T6407] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 120.911483][ T6407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.976742][ T6407] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.055568][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.063464][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.117976][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.125189][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.686249][ T6407] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.537011][ T6407] veth0_vlan: entered promiscuous mode [ 122.564687][ T6407] veth1_vlan: entered promiscuous mode [ 122.692532][ T6407] veth0_macvtap: entered promiscuous mode [ 122.734519][ T6407] veth1_macvtap: entered promiscuous mode [ 122.792409][ T6407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 122.816880][ T6407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 122.857419][ T6407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 122.873873][ T6407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 122.906945][ T6407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 122.926938][ T6407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 122.940708][ T6407] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.000412][ T6407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 123.063182][ T6407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 123.122568][ T6407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 123.139276][ T6407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 123.162194][ T6407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 123.178637][ T6407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 123.200235][ T6407] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 123.228019][ T6407] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.265053][ T6407] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.273892][ T6407] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.305026][ T6407] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.553658][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.561549][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.675427][ T3592] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.703354][ T3592] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.958323][ T6821] mmap: syz.3.425 (6821) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 124.061753][ T6823] syz.2.427(6823): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 127.938735][ T6983] ======================================================= [ 127.938735][ T6983] WARNING: The mand mount option has been deprecated and [ 127.938735][ T6983] and is ignored by this kernel. Remove the mand [ 127.938735][ T6983] option from the mount to silence this warning. [ 127.938735][ T6983] ======================================================= [ 129.704036][ T7053] nfs: Bad value for 'source' [ 131.134886][ T7110] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 131.981897][ T7146] nfs: Bad value for 'source' [ 135.994017][ T29] audit: type=1326 audit(1055.528:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.2.630" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f74ba78cde9 code=0x0 [ 138.141705][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.152637][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.713816][ T7414] capability: warning: `syz.2.682' uses 32-bit capabilities (legacy support in use) [ 140.249473][ T29] audit: type=1800 audit(1059.790:4): pid=7468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.707" name="version" dev="configfs" ino=13379 res=0 errno=0 [ 146.671352][ T29] audit: type=1800 audit(2093.260:5): pid=7740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.803" name="trace_pipe" dev="tracefs" ino=1069 res=0 errno=0 [ 148.124436][ T29] audit: type=1800 audit(2094.707:6): pid=7798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.824" name="lu_gp_id" dev="configfs" ino=13780 res=0 errno=0 [ 149.292696][ T7848] ima: policy update failed [ 149.297492][ T29] audit: type=1802 audit(2095.893:7): pid=7848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.843" res=0 errno=0 [ 149.371487][ T7852] ptrace attach of "./syz-executor exec"[5996] was attempted by "./syz-executor exec"[7852] [ 153.507095][ T29] audit: type=1800 audit(2100.125:8): pid=8002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.916" name="features" dev="configfs" ino=14489 res=0 errno=0 [ 156.812216][ T29] audit: type=1800 audit(2103.462:9): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.976" name="dbroot" dev="configfs" ino=14335 res=0 errno=0 [ 162.061846][ T5966] Bluetooth: hci0: Malformed LE Event: 0x02 [ 171.467709][ T5966] Bluetooth: hci0: unexpected event 0x35 length: 13 > 6 [ 174.962788][ T8700] random: crng reseeded on system resumption [ 176.382831][ T8750] random: crng reseeded on system resumption [ 179.366941][ T8779] kexec: Could not allocate control_code_buffer [ 182.199600][ T8957] Unable to find swap-space signature [ 183.436825][ T29] audit: type=1800 audit(4294967297.076:10): pid=9006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1414" name="members" dev="configfs" ino=17865 res=0 errno=0 [ 184.291051][ T9040] Unable to find swap-space signature [ 184.558764][ T9050] syz_tun: tun_chr_ioctl cmd 1074025672 [ 184.564431][ T9050] syz_tun: ignored: set checksum disabled [ 185.072608][ T9071] syz_tun: tun_chr_ioctl cmd 1074025692 [ 186.009088][ T9110] futex_wake_op: syz.2.1466 tries to shift op by 64; fix this program [ 189.289324][ T9215] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 189.327340][ T9215] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 189.537318][ T9215] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 189.625034][ T9215] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 189.639463][ T9215] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 189.680502][ T9215] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 189.725612][ T9215] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 189.758955][ T9215] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 189.809922][ T9215] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 189.820747][ T9215] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 189.827680][ T9215] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 189.878780][ T9215] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 190.564371][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 191.679441][ T5966] Bluetooth: hci2: command 0x0c1a tx timeout [ 191.757389][ T5966] Bluetooth: hci3: command 0x0c1a tx timeout [ 191.846809][ T5966] Bluetooth: hci1: command 0x0c1a tx timeout [ 192.030690][ T9223] kexec: Could not allocate control_code_buffer [ 192.348097][ T29] audit: type=1800 audit(4294967306.016:11): pid=9324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1572" name="trace_pipe" dev="tracefs" ino=1111 res=0 errno=0 [ 192.633274][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 193.759269][ T5966] Bluetooth: hci2: command 0x0c1a tx timeout [ 193.825485][ T5966] Bluetooth: hci3: command 0x0c1a tx timeout [ 193.914987][ T5966] Bluetooth: hci1: command 0x0c1a tx timeout [ 195.134065][ T9389] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 195.154054][ T9389] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 195.169520][ T9389] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 195.186521][ T9389] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 196.460764][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 197.166493][ T5993] Bluetooth: hci2: command 0x0c1a tx timeout [ 197.172738][ T5966] Bluetooth: hci3: command 0x0c1a tx timeout [ 197.246181][ T5966] Bluetooth: hci1: command 0x0c1a tx timeout [ 198.591142][ T9533] CIFS: VFS: Invalid SecurityFlags: # [ 199.237323][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.244858][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.594783][ T5966] Bluetooth: hci3: Zero size dump init pkt [ 200.801191][ T9625] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 200.801659][ T9623] ima: policy update failed [ 200.840915][ T29] audit: type=1802 audit(4294967326.564:12): pid=9623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1719" res=0 errno=0 [ 206.192470][ T9816] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 206.534674][ T9824] nvme_fabrics: missing parameter 'transport=%s' [ 206.543007][ T9824] nvme_fabrics: missing parameter 'nqn=%s' [ 207.512258][ T9859] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 208.205128][ T9888] syz_tun: tun_chr_ioctl cmd 35111 [ 210.395725][ T9970] Scaler: ================= START STATUS ================= [ 210.421242][ T9970] Scaler: ================== END STATUS ================== [ 211.961256][T10042] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 213.859865][T10127] program syz.4.1943 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 213.890658][T10127] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 214.046222][ T5966] Bluetooth: hci3: SCO packet too small [ 214.200914][T10139] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 217.290592][T10255] cougar: G6 mapped to space [ 217.386179][T10260] i2c i2c-0: delete_device: Can't parse I2C address [ 220.730602][T10386] ima: policy update failed [ 220.741279][ T29] audit: type=1802 audit(4294967346.578:13): pid=10386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2069" res=0 errno=0 [ 222.550899][ T5966] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14 [ 224.044650][T10499] process 'syz.1.2123' launched ':,' with NULL argv: empty string added [ 226.310743][ T29] audit: type=1800 audit(4294967352.180:14): pid=10577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2162" name="SYSV0000000a" dev="hugetlbfs" ino=0 res=0 errno=0 [ 229.823200][T10716] kAFS: unparsable volume name [ 230.829804][T10760] kfence: disabled [ 233.292318][T10862] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 233.926345][T10891] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 233.992707][T10891] CIFS mount error: No usable UNC path provided in device string! [ 233.992707][T10891] [ 234.028620][T10891] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 234.585171][T10913] zram: Added device: zram1 [ 235.950691][T10972] : Can't lookup blockdev [ 236.320571][T10986] futex_wake_op: syz.3.2364 tries to shift op by 64; fix this program [ 237.105670][T11013] delete_channel: no stack [ 239.918628][T11124] vivid-003: ================= START STATUS ================= [ 239.967854][T11124] vivid-003: Radio HW Seek Mode: Bounded [ 239.982413][T11124] vivid-003: Radio Programmable HW Seek: false [ 240.002237][T11124] vivid-003: RDS Rx I/O Mode: Block I/O [ 240.007912][T11124] vivid-003: Generate RBDS Instead of RDS: false [ 240.050099][T11124] vivid-003: RDS Reception: true [ 240.061941][T11124] vivid-003: RDS Program Type: 0 inactive [ 240.091922][T11124] vivid-003: RDS PS Name: inactive [ 240.097267][T11124] vivid-003: RDS Radio Text: inactive [ 240.152824][T11124] vivid-003: RDS Traffic Announcement: false inactive [ 240.159714][T11124] vivid-003: RDS Traffic Program: false inactive [ 240.173486][T11133] QAT: Stopping all acceleration devices. [ 240.191984][T11124] vivid-003: RDS Music: false inactive [ 240.197573][T11124] vivid-003: ================== END STATUS ================== [ 242.292114][ T29] audit: type=1400 audit(4294967368.251:15): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=11212 comm="syz.2.2477" [ 242.481073][T11221] WARNING! power/level is deprecated; use power/control instead [ 243.569035][T11265] vivid-003: ================= START STATUS ================= [ 243.577594][T11265] vivid-003: Radio HW Seek Mode: Bounded [ 243.588438][T11265] vivid-003: Radio Programmable HW Seek: false [ 243.595284][T11265] vivid-003: RDS Rx I/O Mode: Block I/O [ 243.611735][T11265] vivid-003: Generate RBDS Instead of RDS: false [ 243.618193][T11265] vivid-003: RDS Reception: true [ 243.651527][T11265] vivid-003: RDS Program Type: 0 inactive [ 243.657827][T11265] vivid-003: RDS PS Name: inactive [ 243.673208][T11265] vivid-003: RDS Radio Text: inactive [ 243.678883][T11265] vivid-003: RDS Traffic Announcement: false inactive [ 243.698645][T11265] vivid-003: RDS Traffic Program: false inactive [ 243.708735][T11265] vivid-003: RDS Music: false inactive [ 243.717876][T11265] vivid-003: ================== END STATUS ================== [ 243.917291][ T29] audit: type=1800 audit(4294967369.890:16): pid=11278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2507" name="features" dev="configfs" ino=24739 res=0 errno=0 [ 244.361668][T11296] QAT: Device 2 not found [ 247.386953][T11380] syz.2.2558 (11380): attempted to duplicate a private mapping with mremap. This is not supported. [ 248.038898][ T5966] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 248.038948][ T5966] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 248.056364][ T5966] Bluetooth: hci2: Dropping invalid advertising data [ 248.064635][ T5966] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 252.127198][T11524] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 254.181558][T11589] aoe: could not set interface list: too many interfaces [ 256.830019][T11703] delete_channel: no stack [ 258.633941][ T29] audit: type=1800 audit(4294967384.694:17): pid=11775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2750" name="members" dev="configfs" ino=26018 res=0 errno=0 [ 260.329407][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.335969][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.876973][T11866] warning: `syz.1.2794' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 261.638939][T11898] scsi_strcpy_devinfo: vendor string 'эй/&cžР~n] ђ | [ 261.638939][T11898] MХ' is too long [ 261.673987][T11898] scsi_strcpy_devinfo: model string '’Dd5‚ еK€2bл [ 261.673987][T11898] ††НWЯѕ›њ Ћњ' is too long [ 264.217533][T11990] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 264.673965][ T29] audit: type=1800 audit(4294967390.768:18): pid=12018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2870" name="dbroot" dev="configfs" ino=27054 res=0 errno=0 [ 264.750652][ T29] audit: type=1804 audit(4294967390.778:19): pid=12018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2870" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=27054 res=1 errno=0 [ 265.212926][T12040] kAFS: Invalid Command on /proc/fs/afs/cells file [ 265.665693][T12060] nfs: Unknown parameter 'wОУ`_…р‚ћЯI+;§с біHYј К†ЛЗЋЯLuѕ>>Ыеuh*рщC<+ А№Рл' [ 267.813895][T12154] i2c i2c-0: new_device: Invalid device name [ 271.015401][ T29] audit: type=1400 audit(4294967397.134:20): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=12281 comm="syz.2.3001" [ 271.419160][T12296] program syz.3.3008 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 271.442562][T12272] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 271.944501][ T29] audit: type=1800 audit(4294967398.080:21): pid=12316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3018" name="SYSV00000014" dev="hugetlbfs" ino=0 res=0 errno=0 [ 272.737852][ T29] audit: type=1800 audit(4294967398.884:22): pid=12345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3031" name="discovery_nqn" dev="configfs" ino=27915 res=0 errno=0 [ 274.178027][ T5966] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 274.178074][ T5966] Bluetooth: hci2: unexpected subevent 0x0c length: 725 > 5 [ 278.081488][T12553] kAFS: Invalid Command on /proc/fs/afs/cells file [ 281.497527][T12662] syz.3.3184 uses obsolete (PF_INET,SOCK_PACKET) [ 284.705850][T12753] tipc: Can't bind to reserved service type 2 [ 285.437030][T12781] Invalid input. Must be >= 4608 [ 285.687938][T12793] Debayer A: ================= START STATUS ================= [ 285.696393][T12793] Debayer A: Debayer Mean Window Size: 3 [ 285.704514][T12793] Debayer A: ================== END STATUS ================== [ 285.864642][T12795] ceph: Failed to parse sending metrics switch value 'P^' [ 287.906842][ T29] audit: type=1806 audit(4294967414.131:23): res=-14 [ 289.709101][T12946] Setting dangerous option i915.mitigations - tainting kernel [ 291.462911][T13014] kAFS: Invalid Command on /proc/fs/afs/cells file [ 297.445195][T13254] kAFS: No cell specified [ 298.464012][T13300] ecryptfs_miscdev_write: Invalid packet size [192] [ 300.212917][T13325] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 304.737253][T13537] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 305.066539][T13552] ecryptfs_parse_packet_length: Error parsing packet length [ 305.095590][T13552] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 307.010457][ T29] audit: type=1400 audit(4294967433.340:24): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=13638 comm="syz.2.3624" [ 309.091721][T13699] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 309.119028][T13699] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 309.125293][T13699] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 309.155170][T13699] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 309.178824][T13699] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 309.315102][T13683] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 310.441479][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 311.058075][T13792] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 311.156681][ T5966] Bluetooth: hci3: command 0x0c1a tx timeout [ 311.162795][ T5966] Bluetooth: hci2: command 0x0c1a tx timeout [ 311.182591][T13766] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 311.247591][ T5966] Bluetooth: hci1: command 0x0c1a tx timeout [ 312.508932][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 312.541619][T13822] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 313.252873][T13865] block mtdblock0: the capability attribute has been deprecated. [ 313.825496][T13863] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 315.641810][T13907] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 316.915011][T13960] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 316.921528][T13960] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 316.931223][T13960] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 316.953039][T13960] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 316.964420][T13960] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 317.299646][T13986] block2mtd: device name too long [ 317.319759][T13987] cifs: Unknown parameter 'no+ 1Ї• ж`бјrъsFn)ШјaѕH†šФПЁh`рины9kЄA}€žŠ1\D@‹Ч.СфZдCg^‚' [ 317.576226][T13973] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 318.326232][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 318.953477][ T5966] Bluetooth: hci3: command 0x0c1a tx timeout [ 318.959628][ T5993] Bluetooth: hci2: command 0x0c1a tx timeout [ 319.031934][ T5966] Bluetooth: hci1: command 0x0c1a tx timeout [ 319.056762][T14016] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 320.372673][T14071] mmap: syz.2.3816 (14071): VmData 41664512 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 320.385946][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 320.392735][ T29] audit: type=1800 audit(4294967446.796:25): pid=14068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3817" name="lu_gp_id" dev="configfs" ino=33406 res=0 errno=0 [ 320.879534][T14083] dlm: non-version read from control device 9 [ 321.420957][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.437830][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.047542][ T29] audit: type=1800 audit(4294967449.471:26): pid=14156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3858" name="lu_gp_id" dev="configfs" ino=33544 res=0 errno=0 [ 325.326806][T14237] Format for deleting device is "id" (uint). [ 326.998039][T14297] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 331.055817][ T3529] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.205859][ T3529] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.357665][ T3529] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.605794][ T3529] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.963122][ T3529] bridge_slave_1: left allmulticast mode [ 331.969549][ T3529] bridge_slave_1: left promiscuous mode [ 331.977595][ T3529] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.074090][ T3529] bridge_slave_0: left allmulticast mode [ 332.087609][ T3529] bridge_slave_0: left promiscuous mode [ 332.097458][ T3529] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.173639][ T5993] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 332.191218][ T5993] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 332.201459][ T5993] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 332.215770][ T5993] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 332.238502][ T5993] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 332.249313][ T5993] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 333.415265][ T5966] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 333.602439][ T3529] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 333.623977][ T3529] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 333.637838][ T3529] bond0 (unregistering): Released all slaves [ 334.304721][ T5966] Bluetooth: hci1: command tx timeout [ 334.326674][ T3529] hsr_slave_0: left promiscuous mode [ 334.337904][ T3529] hsr_slave_1: left promiscuous mode [ 334.355218][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 334.362712][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 334.398973][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 334.413984][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 334.480827][ T3529] veth1_macvtap: left promiscuous mode [ 334.513606][ T3529] veth0_macvtap: left promiscuous mode [ 334.519289][ T3529] veth1_vlan: left promiscuous mode [ 334.538370][ T3529] veth0_vlan: left promiscuous mode [ 335.155467][T14562] ima: policy update failed [ 335.165765][ T29] audit: type=1802 audit(4294967461.660:27): pid=14562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4050" res=0 errno=0 [ 335.944080][ T3529] team0 (unregistering): Port device team_slave_1 removed [ 336.082520][ T3529] team0 (unregistering): Port device team_slave_0 removed [ 336.372883][ T5966] Bluetooth: hci1: command tx timeout [ 337.928379][T14457] chnl_net:caif_netlink_parms(): no params data found [ 338.013604][T14611] syz.3.4073 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 338.133327][T14614] udc dummy_udc.0: soft-connect without a gadget driver [ 338.413056][T14457] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.441669][ T5966] Bluetooth: hci1: command tx timeout [ 338.449872][T14457] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.479830][T14457] bridge_slave_0: entered allmulticast mode [ 338.527704][T14457] bridge_slave_0: entered promiscuous mode [ 338.562647][T14457] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.569806][T14457] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.612489][T14457] bridge_slave_1: entered allmulticast mode [ 338.630710][T14457] bridge_slave_1: entered promiscuous mode [ 338.853872][T14457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 338.916909][T14457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 339.141834][T14457] team0: Port device team_slave_0 added [ 339.185532][T14457] team0: Port device team_slave_1 added [ 339.347672][T14457] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 339.354691][T14457] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 339.415554][T14457] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 339.518619][T14457] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 339.532361][T14457] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 339.589557][T14457] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 339.762844][T14457] hsr_slave_0: entered promiscuous mode [ 339.778456][T14457] hsr_slave_1: entered promiscuous mode [ 340.036291][T14679] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 340.507316][T14457] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 340.509504][ T5966] Bluetooth: hci1: command tx timeout [ 340.563001][T14457] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 340.694279][T14457] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 340.718720][T14457] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 340.949610][T14457] 8021q: adding VLAN 0 to HW filter on device bond0 [ 341.020923][T14457] 8021q: adding VLAN 0 to HW filter on device team0 [ 341.127098][ T3529] bridge0: port 1(bridge_slave_0) entered blocking state [ 341.134226][ T3529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 341.159480][ T3529] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.166694][ T3529] bridge0: port 2(bridge_slave_1) entered forwarding state [ 341.264660][T14457] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 341.748048][T14457] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 342.482433][T14457] veth0_vlan: entered promiscuous mode [ 342.506676][T14457] veth1_vlan: entered promiscuous mode [ 342.589395][T14457] veth0_macvtap: entered promiscuous mode [ 342.614104][T14457] veth1_macvtap: entered promiscuous mode [ 342.668366][T14457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.721138][T14457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.739965][T14457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.766644][T14457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.782645][T14457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.806344][T14457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.827616][T14457] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 342.867958][T14457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.905552][T14457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.928098][T14457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.951477][T14457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.975530][T14457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.995536][T14457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.016286][T14457] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 343.078245][T14457] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.094576][T14457] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.124386][T14457] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.133165][T14457] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.339435][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.393316][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.456805][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.492021][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.261417][ T29] audit: type=1800 audit(4294967471.808:28): pid=14849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4152" name="lu_gp_id" dev="configfs" ino=35676 res=0 errno=0 [ 345.303472][T14849] kstrtoul() returned -22 for lu_gp_id [ 346.843724][T14908] usb usb32: usbfs: process 14908 (syz.2.4171) did not claim interface 0 before use [ 347.589485][T14936] : Can't lookup blockdev [ 351.682910][ T29] audit: type=1806 audit(4294967478.274:29): xattr=C2A2FD29C1 res=-22 [ 356.554956][ T3440] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.736006][ T3440] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.862107][ T3440] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.103258][ T3440] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.469889][ T3440] bridge_slave_1: left allmulticast mode [ 357.482940][ T3440] bridge_slave_1: left promiscuous mode [ 357.488766][ T3440] bridge0: port 2(bridge_slave_1) entered disabled state [ 357.545398][ T5993] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 357.556100][ T3440] bridge_slave_0: left allmulticast mode [ 357.561831][ T3440] bridge_slave_0: left promiscuous mode [ 357.570336][ T5993] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 357.578603][ T3440] bridge0: port 1(bridge_slave_0) entered disabled state [ 357.586902][ T5993] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 357.596348][ T5993] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 357.604914][ T5993] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 357.612912][ T5993] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 358.451091][T15352] ptrace attach of "./syz-executor exec"[5994] was attempted by "./syz-executor exec"[15352] [ 358.511092][ T3440] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 358.549935][ T3440] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 358.586475][ T3440] bond0 (unregistering): Released all slaves [ 359.253539][T15322] chnl_net:caif_netlink_parms(): no params data found [ 359.319659][ T3440] hsr_slave_0: left promiscuous mode [ 359.351838][ T3440] hsr_slave_1: left promiscuous mode [ 359.357893][ T3440] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 359.391726][ T3440] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 359.437030][ T3440] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 359.459062][ T3440] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 359.532610][ T3440] veth1_macvtap: left promiscuous mode [ 359.538207][ T3440] veth0_macvtap: left promiscuous mode [ 359.575008][ T3440] veth1_vlan: left promiscuous mode [ 359.580412][ T3440] veth0_vlan: left promiscuous mode [ 359.680913][ T5966] Bluetooth: hci1: command tx timeout [ 361.023840][ T3440] team0 (unregistering): Port device team_slave_1 removed [ 361.129388][ T3440] team0 (unregistering): Port device team_slave_0 removed [ 361.748305][ T5966] Bluetooth: hci1: command tx timeout [ 362.530737][T15322] bridge0: port 1(bridge_slave_0) entered blocking state [ 362.548481][T15322] bridge0: port 1(bridge_slave_0) entered disabled state [ 362.569691][T15322] bridge_slave_0: entered allmulticast mode [ 362.590999][T15322] bridge_slave_0: entered promiscuous mode [ 362.635785][T15322] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.650760][T15322] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.673470][T15322] bridge_slave_1: entered allmulticast mode [ 362.693315][T15322] bridge_slave_1: entered promiscuous mode [ 362.864534][T15322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 362.901243][T15322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 363.140035][T15322] team0: Port device team_slave_0 added [ 363.175346][T15322] team0: Port device team_slave_1 added [ 363.333180][T15322] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 363.341693][T15322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 363.367636][ C1] vkms_vblank_simulate: vblank timer overrun [ 363.428670][T15322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 363.553120][T15322] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 363.586391][T15322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 363.612399][ C1] vkms_vblank_simulate: vblank timer overrun [ 363.663324][T15322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 363.816521][ T5966] Bluetooth: hci1: command tx timeout [ 363.853878][T15322] hsr_slave_0: entered promiscuous mode [ 363.883575][T15322] hsr_slave_1: entered promiscuous mode [ 364.668315][T15322] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 364.843086][T15322] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 364.889551][T15322] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 364.939769][T15322] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 365.241783][T15322] 8021q: adding VLAN 0 to HW filter on device bond0 [ 365.297552][T15322] 8021q: adding VLAN 0 to HW filter on device team0 [ 365.340817][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.348037][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 365.408319][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.415518][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 365.886776][ T5966] Bluetooth: hci1: command tx timeout [ 366.009705][T15322] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 366.723426][T15322] veth0_vlan: entered promiscuous mode [ 366.771866][T15322] veth1_vlan: entered promiscuous mode [ 366.857720][T15322] veth0_macvtap: entered promiscuous mode [ 366.887629][T15322] veth1_macvtap: entered promiscuous mode [ 366.959716][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 366.989080][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 367.022408][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 367.055957][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 367.088593][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 367.103826][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 367.126151][T15322] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 367.169450][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 367.191224][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 367.224546][T15627] program syz.3.4471 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 367.225099][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 367.266866][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 367.286779][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 367.316675][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 367.338701][T15322] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 367.372269][T15322] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.406371][T15322] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.415147][T15322] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.465859][T15322] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.738579][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.769668][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.900669][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.959982][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.156339][T15724] synth uevent: /devices/virtual/misc/rdma_cm: unknown uevent action string [ 370.190265][T15724] misc rdma_cm: uevent: failed to send synthetic uevent: -22 [ 374.144688][T15863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 374.174254][T15863] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 374.204892][T15863] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 374.232614][T15863] page_type: f5(slab) [ 374.236825][T15863] raw: 00fff00000000040 ffff88814040b780 0000000000000000 dead000000000001 [ 374.269696][T15863] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 374.294120][T15863] head: 00fff00000000040 ffff88814040b780 0000000000000000 dead000000000001 [ 374.326277][T15863] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 374.346468][T15863] head: 00fff00000000003 ffffea0001e00001 ffffffffffffffff 0000000000000000 [ 374.355246][T15863] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 374.465848][T15863] page dumped because: unmovable page [ 374.471334][T15863] page_owner tracks the page as allocated [ 374.525315][T15863] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5193, tgid 5193 (syslogd), ts 35046460361, free_ts 32463041514 [ 374.594257][T15863] post_alloc_hook+0x181/0x1b0 [ 374.614860][T15863] get_page_from_freelist+0xfce/0x2f80 [ 374.634733][T15863] __alloc_frozen_pages_noprof+0x221/0x2470 [ 374.652289][T15863] alloc_pages_mpol+0x1fc/0x540 [ 374.664678][T15863] new_slab+0x23d/0x330 [ 374.669268][T15863] ___slab_alloc+0xc5d/0x1720 [ 374.694922][T15863] __slab_alloc.constprop.0+0x56/0xb0 [ 374.700410][T15863] kmem_cache_alloc_noprof+0xfa/0x3d0 [ 374.741603][T15863] getname_flags.part.0+0x4c/0x550 [ 374.764091][T15863] getname+0x8d/0xe0 [ 374.768104][T15863] do_sys_openat2+0x104/0x1e0 [ 374.772857][T15863] __x64_sys_openat+0x175/0x210 [ 374.819173][T15863] do_syscall_64+0xcd/0x250 [ 374.833740][T15863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.844683][T15863] page last free pid 1 tgid 1 stack trace: [ 374.850564][T15863] free_frozen_pages+0x6db/0xfb0 [ 374.888854][T15863] free_contig_range+0x133/0x3f0 [ 374.925465][T15863] destroy_args+0x66f/0x830 [ 374.942955][T15863] debug_vm_pgtable+0x130f/0x2d60 [ 374.970836][T15863] do_one_initcall+0x128/0x700 [ 374.992698][T15863] kernel_init_freeable+0x5c7/0x900 [ 374.998018][T15863] kernel_init+0x1c/0x2b0 [ 375.036049][T15863] ret_from_fork+0x45/0x80 [ 375.040584][T15863] ret_from_fork_asm+0x1a/0x30 [ 375.337490][T15896] ima: policy update failed [ 375.365772][ T29] audit: type=1802 audit(4294967502.089:30): pid=15896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.4556" res=0 errno=0 [ 381.034124][T16118] QAT: Invalid ioctl 21531 [ 381.499044][T16138] QAT: failed to copy from user cfg_data. [ 382.522880][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 382.535728][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.712958][ T5966] Bluetooth: hci3: Malformed HCI Event: 0x22 [ 384.520679][ T29] audit: type=1800 audit(4294967511.301:31): pid=16258 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4685" name="discovery_nqn" dev="configfs" ino=41435 res=0 errno=0 [ 385.469479][T16289] block2mtd: illegal erase size [ 393.653414][T16585] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4795'. [ 396.054142][T16692] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 396.083023][T16692] ep_00: uevent: failed to send synthetic uevent: -22 [ 396.557812][T16713] block2mtd: Using custom MTD label '' for dev [ 396.588236][T16713] block2mtd: error: cannot open device [ 397.206897][T16743] ubi13: attaching mtd0 [ 397.211377][T16743] ubi13 error: ubi_attach_mtd_dev: bad VID header (13) or data offsets (77) [ 398.332641][T16792] syz_tun: tun_chr_ioctl cmd 2147767517 syzkaller syzkaller login: [ 402.269819][ T29] audit: type=1800 audit(4294967529.153:32): pid=16960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4926" name="discovery_nqn" dev="configfs" ino=40908 res=0 errno=0 [ 406.045818][T17121] i2c i2c-0: new_device: Can't parse I2C address [ 408.078489][T17216] i2c i2c-0: new_device: Missing parameters [ 411.302491][T17363] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706]. [ 412.869073][T17431] kernel read not supported for file /PЙеrМа ^Р!Рн8А€њ;—nє~ZёябёйJ›pпчЭ„-ЛЅИќїv<)нRи_чŽWtaњНЏkGїЊ6h mDќ|vдQ (pid: 17431 comm: syz.2.5102) [ 412.892780][ T29] audit: type=1800 audit(4294967539.833:33): pid=17431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5102" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=43497 res=0 errno=0 [ 415.264693][T17535] zswap: compressor ШЎ9Q›Оz%;0*l H`Bkуjы™wjЇгГ<85Хш'.Y[Ћ`џл2бY$М`дYvкgжДѓqЪ"b%…zЫN[O EiFИiќЛ(ShР„3Kxс>дRS=ѓўkHбЩŸƒЦџ{ш?B§ЬђНбbŠыо4)>јЊк not available [ 415.500686][T17547] vivid-010: ================= START STATUS ================= [ 415.517564][T17547] vivid-010: Generate PTS: true [ 415.525416][T17547] vivid-010: Generate SCR: true [ 415.531962][T17547] tpg source WxH: 640x360 (Y'CbCr) [ 415.537127][T17547] tpg field: 1 [ 415.541153][T17547] tpg crop: 640x360@0x0 [ 415.546310][T17547] tpg compose: 640x360@0x0 [ 415.561900][T17547] tpg colorspace: 8 [ 415.565769][T17547] tpg transfer function: 0/0 [ 415.592368][T17547] tpg Y'CbCr encoding: 0/0 [ 415.602175][T17547] tpg quantization: 0/0 [ 415.606521][T17547] tpg RGB range: 0/2 [ 415.617070][T17547] vivid-010: ================== END STATUS ================== [ 417.833087][T17651] delete_channel: no stack [ 420.104486][T17754] vivid-010: ================= START STATUS ================= [ 420.116930][T17754] vivid-010: Generate PTS: true [ 420.132927][T17754] vivid-010: Generate SCR: true [ 420.140321][T17754] tpg source WxH: 640x360 (Y'CbCr) [ 420.152825][T17754] tpg field: 1 [ 420.161924][T17754] tpg crop: 640x360@0x0 [ 420.172070][T17754] tpg compose: 640x360@0x0 [ 420.177898][T17754] tpg colorspace: 8 [ 420.181841][T17754] tpg transfer function: 0/0 [ 420.192242][T17754] tpg Y'CbCr encoding: 0/0 [ 420.198310][T17754] tpg quantization: 0/0 [ 420.204467][T17754] tpg RGB range: 0/2 [ 420.214311][T17754] vivid-010: ================== END STATUS ================== [ 423.536184][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 423.542759][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 424.312314][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 424.318686][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 426.101871][T18024] Line length is too long: Should be less than 4094 [ 426.190427][T18027] kmem.limit_in_bytes is deprecated and will be removed. Writing any value to this file has no effect. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 427.379825][T18082] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 428.801414][T18144] aoe: copy from user failed [ 428.825994][T18144] aoe: could not set interface list: too many interfaces [ 429.419083][T18170] ecryptfs_miscdev_write: Error while inspecting packet size [ 430.742311][T18229] ima: policy update failed [ 430.755461][ T29] audit: type=1802 audit(4294967557.795:34): pid=18229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.5439" res=0 errno=0 [ 433.080431][ T29] audit: type=1806 audit(4294967560.128:35): res=-14 [ 434.346529][T18396] bond0: option packets_per_slave: invalid value ( XЕn‘pц) [ 434.361416][T18396] bond0: option packets_per_slave: allowed values 0 - 65535 [ 434.591692][ T5966] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 434.591736][ T5966] Bluetooth: hci0: unexpected subevent 0x05 length: 725 > 12 [ 436.608251][ T5966] Bluetooth: hci0: command 0x0c1a tx timeout [ 437.220056][T18529] synth uevent: /bus/usb/drivers/cdc_eem: unknown uevent action string [ 437.338544][T18533] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 437.433763][T18539] block nbd8: NBD_DISCONNECT [ 438.344665][T18579] usb usb15: usbfs: interface 0 claimed by hub while 'syz.2.5609' sets config #5 [ 440.299042][T18674] nvme_fcloop: unknown parameter or missing value '' [ 440.437513][T18678] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 441.982245][T18750] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5) [ 442.732957][T18781] usb usb15: usbfs: process 18781 (syz.3.5709) did not claim interface 0 before use [ 443.615403][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 443.623748][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.399644][T18859] QAT: failed to copy from user. [ 444.915354][T18882] bond0: option mode: invalid value () [ 444.974805][T18886] blktrace: Concurrent blktraces are not allowed on mtdblock0 [ 446.125025][T18936] kAFS: Invalid Command on /proc/fs/afs/cells file [ 447.746486][ T29] audit: type=1800 audit(4294967574.882:36): pid=19016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5822" name="features" dev="configfs" ino=47822 res=0 errno=0 [ 449.365667][ T5966] Bluetooth: hci3: Unable to find connection for big 0xd2 [ 451.851248][T19197] [ 452.553690][T19227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5925'. [ 454.196162][T19085] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 455.233443][T19330] syz.2.5973 (19330): drop_caches: 0 [ 455.472922][T19339] delete_channel: no stack [ 455.510682][T19344] sg_write: data in/out 16027157/1 bytes for SCSI command 0x7b-- guessing data in; [ 455.510682][T19344] program syz.6.5979 not setting count and/or reply_len properly [ 455.527866][ C0] vkms_vblank_simulate: vblank timer overrun [ 457.038298][T19085] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 457.806351][T19085] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 460.057992][T19519] usb usb15: usbfs: process 19519 (syz.2.6066) did not claim interface 0 before use [ 460.265647][T19522] dyndbg: expected <4096 bytes into control [ 1091.861100][ T2765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12391'. [ 1092.090227][ T2772] netlink: 'syz.0.12393': attribute type 2 has an invalid length. [ 1092.129618][ T2772] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12393'. [ 1092.927575][ T29] audit: type=1807 audit(59505.524:49): UNKNOWN=ђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџ [ 1092.931949][ T29] audit: type=1802 audit(59505.534:50): pid=2811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.12404" res=0 errno=0 [ 1093.062703][ T2808] ima: policy update failed [ 1093.214936][ T29] audit: type=1802 audit(59505.675:51): pid=2808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.12404" res=0 errno=0 [ 1093.904665][T19085] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 1094.666970][ T2879] GUP no longer grows the stack in syz.4.12418 (2879): 14000-401000 (4000) [ 1094.698630][ T2879] CPU: 1 UID: 0 PID: 2879 Comm: syz.4.12418 Tainted: G U 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 1094.698685][ T2879] Tainted: [U]=USER [ 1094.698697][ T2879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1094.698716][ T2879] Call Trace: [ 1094.698725][ T2879] [ 1094.698738][ T2879] dump_stack_lvl+0x16c/0x1f0 [ 1094.698786][ T2879] gup_vma_lookup+0x1d2/0x220 [ 1094.698832][ T2879] __get_user_pages+0x236/0x36f0 [ 1094.698889][ T2879] ? hlock_class+0x4e/0x130 [ 1094.698924][ T2879] ? __lock_acquire+0x15a9/0x3c40 [ 1094.698970][ T2879] ? __pfx___get_user_pages+0x10/0x10 [ 1094.699033][ T2879] __gup_longterm_locked+0x212/0x1870 [ 1094.699106][ T2879] ? __pfx___lock_acquire+0x10/0x10 [ 1094.699162][ T2879] ? __pfx___gup_longterm_locked+0x10/0x10 [ 1094.699222][ T2879] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1094.699269][ T2879] ? rwsem_read_trylock+0x12d/0x250 [ 1094.699324][ T2879] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 1094.699376][ T2879] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 1094.699416][ T2879] pin_user_pages_remote+0xee/0x150 [ 1094.699469][ T2879] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 1094.699518][ T2879] ? down_read+0xc9/0x330 [ 1094.699575][ T2879] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 1094.699618][ T2879] ? futex_wait_queue+0x103/0x1f0 [ 1094.699674][ T2879] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 1094.699752][ T2879] process_vm_rw+0x301/0x360 [ 1094.699788][ T2879] ? __pfx_process_vm_rw+0x10/0x10 [ 1094.699871][ T2879] ? xfd_validate_state+0x5d/0x180 [ 1094.699918][ T2879] ? rcu_is_watching+0x12/0xc0 [ 1094.699957][ T2879] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 1094.699994][ T2879] ? do_syscall_64+0x91/0x250 [ 1094.700037][ T2879] ? lockdep_hardirqs_on+0x7c/0x110 [ 1094.700074][ T2879] do_syscall_64+0xcd/0x250 [ 1094.700117][ T2879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1094.700164][ T2879] RIP: 0033:0x7f0dcb38cde9 [ 1094.700190][ T2879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1094.700230][ T2879] RSP: 002b:00007f0dcc221038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 1094.700262][ T2879] RAX: ffffffffffffffda RBX: 00007f0dcb5a5fa0 RCX: 00007f0dcb38cde9 [ 1094.700284][ T2879] RDX: 0000000000000004 RSI: 0000400000000040 RDI: 00000000000001d9 [ 1094.700304][ T2879] RBP: 00007f0dcb40e2a0 R08: 0000000000000003 R09: 0000000000000000 [ 1094.700324][ T2879] R10: 00004000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 1094.700344][ T2879] R13: 0000000000000000 R14: 00007f0dcb5a5fa0 R15: 00007ffc68f121c8 [ 1094.700385][ T2879] [ 1096.134929][ T2938] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12434'. [ 1097.903422][ T2991] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12445'. [ 1098.800597][ T3023] netlink: 338 bytes leftover after parsing attributes in process `syz.5.12457'. [ 1105.220080][ T3202] bridge0: port 3(bond0) entered blocking state [ 1105.253975][ T3202] bridge0: port 3(bond0) entered disabled state [ 1105.270401][ T3202] bond0: entered allmulticast mode [ 1105.291274][ T3202] bond_slave_0: entered allmulticast mode [ 1105.297074][ T3202] bond_slave_1: entered allmulticast mode [ 1105.367891][ T3202] bond0: entered promiscuous mode [ 1105.392253][ T3202] bond_slave_0: entered promiscuous mode [ 1105.398111][ T3202] bond_slave_1: entered promiscuous mode [ 1105.415036][ T3202] bridge0: port 3(bond0) entered blocking state [ 1105.421484][ T3202] bridge0: port 3(bond0) entered forwarding state [ 1128.147908][ T3838] Bluetooth: hci2: command 0x0406 tx timeout [ 1128.153751][ T3837] Bluetooth: hci0: command 0x0406 tx timeout [ 1128.157522][ T3838] Bluetooth: hci1: command 0x0406 tx timeout [ 1128.819255][ T3909] zswap: compressor not available [ 1131.769500][ T3957] kexec: Could not allocate control_code_buffer [ 1134.765545][ T4038] kexec: Could not allocate control_code_buffer [ 1135.745861][ T4095] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1137.791332][ T4124] kexec: Could not allocate control_code_buffer [ 1139.808402][ T4159] kexec: Could not allocate control_code_buffer [ 1143.377465][ T4305] zswap: compressor not available [ 1143.567077][ T4317] netlink: 'syz.5.12765': attribute type 1 has an invalid length. [ 1144.239101][ T4333] netlink: 350 bytes leftover after parsing attributes in process `syz.0.12760'. [ 1146.142023][ T4389] zswap: compressor not available [ 1146.593914][ T4412] netlink: 350 bytes leftover after parsing attributes in process `syz.4.12777'. [ 1149.096851][ T4458] futex_wake_op: syz.5.12805 tries to shift op by 64; fix this program [ 1149.162991][T32404] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 1149.163035][T32404] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 1149.178037][T32404] Bluetooth: hci1: adv larger than maximum supported [ 1149.178103][T32404] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 1149.185551][T32404] Bluetooth: hci1: Unknown advertising packet type: 0x36 [ 1149.192794][T32404] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 1149.199869][T32404] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 1149.207078][T32404] Bluetooth: hci1: Unknown advertising packet type: 0x32 [ 1149.214299][T32404] Bluetooth: hci1: Unknown advertising packet type: 0x32 [ 1150.322102][ T4484] zswap: compressor not available [ 1151.162282][ T4503] futex_wake_op: syz.0.12809 tries to shift op by 64; fix this program [ 1151.218307][T32404] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1151.218350][T32404] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 1151.234248][T32404] Bluetooth: hci2: adv larger than maximum supported [ 1151.234320][T32404] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 1151.243460][T32404] Bluetooth: hci2: Unknown advertising packet type: 0x36 [ 1152.278120][T32404] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 1152.285249][T32404] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 1152.305219][T32404] Bluetooth: hci1: Malformed LE Event: 0x0d [ 1153.077999][T32404] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 1153.078055][T32404] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 1154.759791][ T4601] netlink: 342 bytes leftover after parsing attributes in process `syz.9.12828'. [ 1155.888703][T32404] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 1155.888749][T32404] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 1155.905294][T32404] bt_err_ratelimited: 12 callbacks suppressed [ 1155.905318][T32404] Bluetooth: hci0: adv larger than maximum supported [ 1155.911580][T32404] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 1155.918666][T32404] Bluetooth: hci0: Unknown advertising packet type: 0x37 [ 1155.925745][T32404] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 1155.932903][T32404] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 1155.940073][T32404] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 1155.947185][T32404] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 1157.486931][T32404] Bluetooth: hci6: unexpected event 0x3e length: 726 > 260 [ 1157.495530][T32404] Bluetooth: hci6: unexpected subevent 0x0d length: 725 > 260 [ 1157.511348][T32404] Bluetooth: hci6: Unknown advertising packet type: 0x7f [ 1157.511429][T32404] Bluetooth: hci6: Malformed LE Event: 0x0d [ 1158.094527][ T4689] lo: entered promiscuous mode [ 1158.286452][ T4683] lo: left promiscuous mode [ 1159.778515][T32404] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 1159.778560][T32404] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 1159.793616][T32404] Bluetooth: hci1: adv larger than maximum supported [ 1159.793649][T32404] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 1161.941571][ T4805] device-mapper: ioctl: device name cannot contain '/' [ 1164.036919][ T4869] netlink: 346 bytes leftover after parsing attributes in process `syz.5.12906'. [ 1166.159542][ T4949] netlink: 346 bytes leftover after parsing attributes in process `syz.0.12931'. [ 1166.192286][ T4951] netlink: 206 bytes leftover after parsing attributes in process `syz.5.12930'. [ 1167.510462][ T4998] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12943'. [ 1168.171864][ T5013] input: jJЧИ-Жš9у%vј“ћЈlаQ  J86ж‘ as /devices/virtual/input/input50 [ 1170.542870][ T5090] nbd2: detected capacity change from 0 to 68719476736 [ 1170.566635][ T714] block nbd2: Send control failed (result -22) [ 1170.587750][ T714] block nbd2: Request send failed, requeueing [ 1170.623548][T32404] block nbd2: Receive control failed (result -32) [ 1170.648738][ T58] block nbd2: Dead connection, failed to find a fallback [ 1170.657728][ T58] block nbd2: shutting down sockets [ 1170.663947][ T58] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.673734][ T58] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1170.690272][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.710216][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1170.771599][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.804432][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1170.820060][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.838712][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1170.854170][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.879143][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1170.887163][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.900530][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1170.908610][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.929153][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1170.962885][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1170.997130][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1171.020775][ T714] ldm_validate_partition_table(): Disk read failed. [ 1171.045402][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1171.068000][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1171.104974][ T714] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1171.128928][ T714] Buffer I/O error on dev nbd2, logical block 0, async page read [ 1171.147286][ T714] Dev nbd2: unable to read RDB block 0 [ 1171.169080][ T714] nbd2: unable to read partition table [ 1171.204560][ T714] ldm_validate_partition_table(): Disk read failed. [ 1171.232651][ T714] Dev nbd2: unable to read RDB block 0 [ 1171.252914][ T714] nbd2: unable to read partition table [ 1171.281733][ T714] [ 1171.284113][ T714] ====================================================== [ 1171.291151][ T714] WARNING: possible circular locking dependency detected [ 1171.298210][ T714] 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 Tainted: G U [ 1171.306819][ T714] ------------------------------------------------------ [ 1171.313859][ T714] udevd/714 is trying to acquire lock: [ 1171.319355][ T714] ffff888143785c88 (&q->q_usage_counter(io)#51){++++}-{0:0}, at: __submit_bio+0x3d1/0x690 [ 1171.329372][ T714] [ 1171.329372][ T714] but task is already holding lock: [ 1171.336758][ T714] ffff8880238dce40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 1171.347644][ T714] [ 1171.347644][ T714] which lock already depends on the new lock. [ 1171.347644][ T714] [ 1171.358114][ T714] [ 1171.358114][ T714] the existing dependency chain (in reverse order) is: [ 1171.367150][ T714] [ 1171.367150][ T714] -> #7 (mapping.invalidate_lock#2){++++}-{4:4}: [ 1171.375704][ T714] down_read+0x9a/0x330 [ 1171.380410][ T714] filemap_fault+0x1845/0x2ca0 [ 1171.385717][ T714] __do_fault+0x10a/0x490 [ 1171.390598][ T714] do_pte_missing+0xecf/0x3e10 [ 1171.395910][ T714] __handle_mm_fault+0x1166/0x2c60 [ 1171.401568][ T714] handle_mm_fault+0x3fa/0xaa0 [ 1171.406888][ T714] do_user_addr_fault+0x60d/0x13f0 [ 1171.412590][ T714] exc_page_fault+0x5c/0xc0 [ 1171.417634][ T714] asm_exc_page_fault+0x26/0x30 [ 1171.423030][ T714] [ 1171.423030][ T714] -> #6 (&vma->vm_lock->lock){++++}-{4:4}: [ 1171.431062][ T714] down_write+0x93/0x200 [ 1171.435882][ T714] vma_link+0x26d/0x4a0 [ 1171.440569][ T714] insert_vm_struct+0x197/0x3f0 [ 1171.445968][ T714] alloc_bprm+0x76d/0xdd0 [ 1171.450851][ T714] kernel_execve+0xb0/0x3b0 [ 1171.455921][ T714] kernel_init+0x14a/0x2b0 [ 1171.460903][ T714] ret_from_fork+0x45/0x80 [ 1171.465896][ T714] ret_from_fork_asm+0x1a/0x30 [ 1171.471226][ T714] [ 1171.471226][ T714] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 1171.478814][ T714] __might_fault+0x11b/0x190 [ 1171.483945][ T714] _copy_from_user+0x29/0xd0 [ 1171.489075][ T714] csum_and_copy_from_iter_full+0x218/0x1e20 [ 1171.495596][ T714] ip_generic_getfrag+0x175/0x260 [ 1171.501167][ T714] raw6_getfrag+0x22d/0x2a0 [ 1171.506207][ T714] __ip6_append_data.isra.0+0x3dca/0x4650 [ 1171.512467][ T714] ip6_append_data+0x1e6/0x500 [ 1171.517798][ T714] rawv6_sendmsg+0x15c9/0x4610 [ 1171.523101][ T714] inet_sendmsg+0x119/0x140 [ 1171.528155][ T714] ____sys_sendmsg+0x98c/0xc90 [ 1171.533456][ T714] ___sys_sendmsg+0x135/0x1e0 [ 1171.538679][ T714] __sys_sendmsg+0x16e/0x220 [ 1171.543816][ T714] do_syscall_64+0xcd/0x250 [ 1171.548872][ T714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1171.555322][ T714] [ 1171.555322][ T714] -> #4 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 1171.563140][ T714] lock_sock_nested+0x3a/0xf0 [ 1171.568377][ T714] inet_autobind+0x1a/0x1a0 [ 1171.573429][ T714] inet_send_prepare+0x317/0x530 [ 1171.578926][ T714] inet_sendmsg+0x43/0x140 [ 1171.583918][ T714] sock_sendmsg+0x389/0x490 [ 1171.588969][ T714] __sock_xmit+0x1e8/0x4f0 [ 1171.593950][ T714] nbd_send_cmd+0x8ec/0x1c90 [ 1171.599085][ T714] nbd_queue_rq+0x941/0x1220 [ 1171.604223][ T714] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 1171.610317][ T714] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 1171.617209][ T714] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 1171.623754][ T714] blk_mq_run_hw_queue+0x239/0x670 [ 1171.629409][ T714] blk_mq_flush_plug_list+0x673/0x1c60 [ 1171.635427][ T714] __blk_flush_plug+0x2c5/0x4b0 [ 1171.640818][ T714] __submit_bio+0x547/0x690 [ 1171.645879][ T714] submit_bio_noacct_nocheck+0x698/0xd70 [ 1171.652072][ T714] submit_bio_noacct+0x50d/0x1ec0 [ 1171.657641][ T714] block_read_full_folio+0x812/0xa50 [ 1171.663479][ T714] filemap_read_folio+0xc6/0x2a0 [ 1171.668959][ T714] do_read_cache_folio+0x263/0x5c0 [ 1171.674630][ T714] read_part_sector+0xd4/0x310 [ 1171.679949][ T714] adfspart_check_ICS+0x94/0x940 [ 1171.685447][ T714] bdev_disk_changed+0x71f/0x1520 [ 1171.691020][ T714] blkdev_get_whole+0x187/0x290 [ 1171.696416][ T714] bdev_open+0x2c7/0xe20 [ 1171.701202][ T714] blkdev_open+0x272/0x3f0 [ 1171.706173][ T714] do_dentry_open+0x735/0x1c40 [ 1171.711491][ T714] vfs_open+0x82/0x3f0 [ 1171.716185][ T714] path_openat+0x1e88/0x2d80 [ 1171.721330][ T714] do_filp_open+0x20c/0x470 [ 1171.726406][ T714] do_sys_openat2+0x17a/0x1e0 [ 1171.731645][ T714] __x64_sys_openat+0x175/0x210 [ 1171.737055][ T714] do_syscall_64+0xcd/0x250 [ 1171.742104][ T714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1171.748561][ T714] [ 1171.748561][ T714] -> #3 (&nsock->tx_lock){+.+.}-{4:4}: [ 1171.756248][ T714] __mutex_lock+0x19b/0xb10 [ 1171.761304][ T714] nbd_queue_rq+0x424/0x1220 [ 1171.766436][ T714] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 1171.772545][ T714] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 1171.779443][ T714] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 1171.785989][ T714] blk_mq_run_hw_queue+0x239/0x670 [ 1171.791639][ T714] blk_mq_flush_plug_list+0x673/0x1c60 [ 1171.797646][ T714] __blk_flush_plug+0x2c5/0x4b0 [ 1171.803044][ T714] __submit_bio+0x547/0x690 [ 1171.808091][ T714] submit_bio_noacct_nocheck+0x698/0xd70 [ 1171.814277][ T714] submit_bio_noacct+0x50d/0x1ec0 [ 1171.819841][ T714] block_read_full_folio+0x812/0xa50 [ 1171.825681][ T714] filemap_read_folio+0xc6/0x2a0 [ 1171.831168][ T714] do_read_cache_folio+0x263/0x5c0 [ 1171.836827][ T714] read_part_sector+0xd4/0x310 [ 1171.842142][ T714] adfspart_check_ICS+0x94/0x940 [ 1171.847648][ T714] bdev_disk_changed+0x71f/0x1520 [ 1171.853223][ T714] blkdev_get_whole+0x187/0x290 [ 1171.858614][ T714] bdev_open+0x2c7/0xe20 [ 1171.863398][ T714] blkdev_open+0x272/0x3f0 [ 1171.868363][ T714] do_dentry_open+0x735/0x1c40 [ 1171.873677][ T714] vfs_open+0x82/0x3f0 [ 1171.878301][ T714] path_openat+0x1e88/0x2d80 [ 1171.883437][ T714] do_filp_open+0x20c/0x470 [ 1171.888488][ T714] do_sys_openat2+0x17a/0x1e0 [ 1171.893708][ T714] __x64_sys_openat+0x175/0x210 [ 1171.899095][ T714] do_syscall_64+0xcd/0x250 [ 1171.904140][ T714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1171.910582][ T714] [ 1171.910582][ T714] -> #2 (&cmd->lock){+.+.}-{4:4}: [ 1171.917858][ T714] __mutex_lock+0x19b/0xb10 [ 1171.922907][ T714] nbd_queue_rq+0xbe/0x1220 [ 1171.927956][ T714] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 1171.934052][ T714] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 1171.940933][ T714] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 1171.947464][ T714] blk_mq_run_hw_queue+0x239/0x670 [ 1171.953109][ T714] blk_mq_flush_plug_list+0x673/0x1c60 [ 1171.959110][ T714] __blk_flush_plug+0x2c5/0x4b0 [ 1171.964502][ T714] __submit_bio+0x547/0x690 [ 1171.969552][ T714] submit_bio_noacct_nocheck+0x698/0xd70 [ 1171.975729][ T714] submit_bio_noacct+0x50d/0x1ec0 [ 1171.981291][ T714] block_read_full_folio+0x812/0xa50 [ 1171.987127][ T714] filemap_read_folio+0xc6/0x2a0 [ 1171.992615][ T714] do_read_cache_folio+0x263/0x5c0 [ 1171.998291][ T714] read_part_sector+0xd4/0x310 [ 1172.003621][ T714] adfspart_check_ICS+0x94/0x940 [ 1172.009109][ T714] bdev_disk_changed+0x71f/0x1520 [ 1172.014695][ T714] blkdev_get_whole+0x187/0x290 [ 1172.020088][ T714] bdev_open+0x2c7/0xe20 [ 1172.024870][ T714] blkdev_open+0x272/0x3f0 [ 1172.029830][ T714] do_dentry_open+0x735/0x1c40 [ 1172.035142][ T714] vfs_open+0x82/0x3f0 [ 1172.039744][ T714] path_openat+0x1e88/0x2d80 [ 1172.044877][ T714] do_filp_open+0x20c/0x470 [ 1172.049927][ T714] do_sys_openat2+0x17a/0x1e0 [ 1172.055138][ T714] __x64_sys_openat+0x175/0x210 [ 1172.060525][ T714] do_syscall_64+0xcd/0x250 [ 1172.065584][ T714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1172.072024][ T714] [ 1172.072024][ T714] -> #1 (set->srcu){.+.+}-{0:0}: [ 1172.079195][ T714] __synchronize_srcu+0xa9/0x2a0 [ 1172.084689][ T714] blk_mq_update_nr_requests+0x288/0x670 [ 1172.090865][ T714] queue_requests_store+0x161/0x210 [ 1172.096615][ T714] queue_attr_store+0x370/0x510 [ 1172.102011][ T714] sysfs_kf_write+0x117/0x170 [ 1172.107231][ T714] kernfs_fop_write_iter+0x33d/0x500 [ 1172.113051][ T714] vfs_write+0x5ae/0x1150 [ 1172.117923][ T714] ksys_write+0x12b/0x250 [ 1172.122796][ T714] do_syscall_64+0xcd/0x250 [ 1172.127845][ T714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1172.134288][ T714] [ 1172.134288][ T714] -> #0 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 1172.142928][ T714] __lock_acquire+0x249e/0x3c40 [ 1172.148328][ T714] lock_acquire.part.0+0x11b/0x380 [ 1172.154007][ T714] blk_mq_submit_bio+0x20db/0x25f0 [ 1172.159670][ T714] __submit_bio+0x3d1/0x690 [ 1172.164739][ T714] submit_bio_noacct_nocheck+0x698/0xd70 [ 1172.170924][ T714] submit_bio_noacct+0x50d/0x1ec0 [ 1172.176497][ T714] mpage_readahead+0x41d/0x590 [ 1172.181797][ T714] read_pages+0x1a7/0xc60 [ 1172.186691][ T714] page_cache_ra_unbounded+0x426/0x7d0 [ 1172.192697][ T714] force_page_cache_ra+0x24b/0x340 [ 1172.198349][ T714] page_cache_sync_ra+0x158/0xa30 [ 1172.203915][ T714] filemap_get_pages+0xb62/0x1c30 [ 1172.209486][ T714] filemap_read+0x3c5/0xe70 [ 1172.214532][ T714] blkdev_read_iter+0x187/0x4b0 [ 1172.219938][ T714] vfs_read+0x886/0xbf0 [ 1172.224639][ T714] ksys_read+0x12b/0x250 [ 1172.229427][ T714] do_syscall_64+0xcd/0x250 [ 1172.234474][ T714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1172.240917][ T714] [ 1172.240917][ T714] other info that might help us debug this: [ 1172.240917][ T714] [ 1172.251155][ T714] Chain exists of: [ 1172.251155][ T714] &q->q_usage_counter(io)#51 --> &vma->vm_lock->lock --> mapping.invalidate_lock#2 [ 1172.251155][ T714] [ 1172.266418][ T714] Possible unsafe locking scenario: [ 1172.266418][ T714] [ 1172.273873][ T714] CPU0 CPU1 [ 1172.279257][ T714] ---- ---- [ 1172.284635][ T714] rlock(mapping.invalidate_lock#2); [ 1172.290072][ T714] lock(&vma->vm_lock->lock); [ 1172.297372][ T714] lock(mapping.invalidate_lock#2); [ 1172.305218][ T714] rlock(&q->q_usage_counter(io)#51); [ 1172.310700][ T714] [ 1172.310700][ T714] *** DEADLOCK *** [ 1172.310700][ T714] [ 1172.318852][ T714] 1 lock held by udevd/714: [ 1172.323364][ T714] #0: ffff8880238dce40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 1172.334646][ T714] [ 1172.334646][ T714] stack backtrace: [ 1172.340548][ T714] CPU: 1 UID: 0 PID: 714 Comm: udevd Tainted: G U 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 1172.340587][ T714] Tainted: [U]=USER [ 1172.340595][ T714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1172.340611][ T714] Call Trace: [ 1172.340619][ T714] [ 1172.340628][ T714] dump_stack_lvl+0x116/0x1f0 [ 1172.340660][ T714] print_circular_bug+0x490/0x760 [ 1172.340697][ T714] check_noncircular+0x31a/0x400 [ 1172.340731][ T714] ? __pfx_check_noncircular+0x10/0x10 [ 1172.340765][ T714] ? __kernel_text_address+0xd/0x40 [ 1172.340799][ T714] ? unwind_get_return_address+0x59/0xa0 [ 1172.340842][ T714] ? lockdep_lock+0xc6/0x200 [ 1172.340868][ T714] ? __pfx_lockdep_lock+0x10/0x10 [ 1172.340897][ T714] __lock_acquire+0x249e/0x3c40 [ 1172.340936][ T714] ? __pfx___lock_acquire+0x10/0x10 [ 1172.340970][ T714] ? hlock_class+0x4e/0x130 [ 1172.340995][ T714] ? mark_lock+0xb5/0xc60 [ 1172.341046][ T714] ? mark_lock+0xb5/0xc60 [ 1172.341080][ T714] ? page_cache_ra_unbounded+0x426/0x7d0 [ 1172.341109][ T714] ? page_cache_sync_ra+0x158/0xa30 [ 1172.341140][ T714] lock_acquire.part.0+0x11b/0x380 [ 1172.341177][ T714] ? __submit_bio+0x3d1/0x690 [ 1172.341206][ T714] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1172.341244][ T714] ? rcu_is_watching+0x12/0xc0 [ 1172.341270][ T714] ? trace_lock_acquire+0x14e/0x1f0 [ 1172.341300][ T714] ? __submit_bio+0x3d1/0x690 [ 1172.341328][ T714] ? lock_acquire+0x2f/0xb0 [ 1172.341369][ T714] ? __submit_bio+0x3d1/0x690 [ 1172.341397][ T714] blk_mq_submit_bio+0x20db/0x25f0 [ 1172.341427][ T714] ? __submit_bio+0x3d1/0x690 [ 1172.341456][ T714] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 1172.341486][ T714] ? mark_lock+0xb5/0xc60 [ 1172.341519][ T714] ? __pfx___lock_acquire+0x10/0x10 [ 1172.341561][ T714] ? __pfx___lock_acquire+0x10/0x10 [ 1172.341596][ T714] ? trace_lock_acquire+0x14e/0x1f0 [ 1172.341626][ T714] ? __pfx_mark_lock+0x10/0x10 [ 1172.341664][ T714] __submit_bio+0x3d1/0x690 [ 1172.341691][ T714] ? __pfx___submit_bio+0x10/0x10 [ 1172.341718][ T714] ? trace_lock_acquire+0x14e/0x1f0 [ 1172.341754][ T714] ? submit_bio_noacct_nocheck+0x698/0xd70 [ 1172.341783][ T714] submit_bio_noacct_nocheck+0x698/0xd70 [ 1172.341814][ T714] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 1172.341845][ T714] ? __pfx___might_resched+0x10/0x10 [ 1172.341889][ T714] submit_bio_noacct+0x50d/0x1ec0 [ 1172.341920][ T714] mpage_readahead+0x41d/0x590 [ 1172.341948][ T714] ? __pfx_mpage_readahead+0x10/0x10 [ 1172.341982][ T714] ? __pfx_blkdev_get_block+0x10/0x10 [ 1172.342015][ T714] ? __folio_batch_add_and_move+0x5f3/0xc60 [ 1172.342050][ T714] ? __pfx_lock_release+0x10/0x10 [ 1172.342085][ T714] ? trace_lock_acquire+0x14e/0x1f0 [ 1172.342114][ T714] ? __pfx_blkdev_readahead+0x10/0x10 [ 1172.342146][ T714] read_pages+0x1a7/0xc60 [ 1172.342172][ T714] ? __folio_batch_add_and_move+0x689/0xc60 [ 1172.342211][ T714] ? __pfx_read_pages+0x10/0x10 [ 1172.342245][ T714] page_cache_ra_unbounded+0x426/0x7d0 [ 1172.342281][ T714] force_page_cache_ra+0x24b/0x340 [ 1172.342313][ T714] page_cache_sync_ra+0x158/0xa30 [ 1172.342342][ T714] ? __lock_acquire+0xcc5/0x3c40 [ 1172.342380][ T714] filemap_get_pages+0xb62/0x1c30 [ 1172.342420][ T714] ? __pfx_filemap_get_pages+0x10/0x10 [ 1172.342457][ T714] ? __pfx___might_resched+0x10/0x10 [ 1172.342500][ T714] filemap_read+0x3c5/0xe70 [ 1172.342533][ T714] ? trace_lock_acquire+0x14e/0x1f0 [ 1172.342578][ T714] ? __pfx_filemap_read+0x10/0x10 [ 1172.342625][ T714] ? apparmor_file_permission+0x251/0x400 [ 1172.342656][ T714] blkdev_read_iter+0x187/0x4b0 [ 1172.342691][ T714] vfs_read+0x886/0xbf0 [ 1172.342728][ T714] ? __pfx_vfs_read+0x10/0x10 [ 1172.342763][ T714] ? blkdev_llseek+0x9b/0xd0 [ 1172.342793][ T714] ? __pfx_lock_release+0x10/0x10 [ 1172.342832][ T714] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1172.342876][ T714] ksys_read+0x12b/0x250 [ 1172.342910][ T714] ? __pfx_ksys_read+0x10/0x10 [ 1172.342949][ T714] do_syscall_64+0xcd/0x250 [ 1172.342982][ T714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1172.343019][ T714] RIP: 0033:0x7f0eb4716b6a [ 1172.343039][ T714] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 1172.343064][ T714] RSP: 002b:00007ffe96073bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1172.343087][ T714] RAX: ffffffffffffffda RBX: 00001fffffff0000 RCX: 00007f0eb4716b6a [ 1172.343106][ T714] RDX: 0000000000000040 RSI: 0000556249476048 RDI: 0000000000000009 [ 1172.343122][ T714] RBP: 0000000000000040 R08: 0000556249476020 R09: 00007f0eb47f1b60 [ 1172.343138][ T714] R10: 0000000000000007 R11: 0000000000000246 R12: 0000556249476020 [ 1172.343154][ T714] R13: 0000556249476038 R14: 000055624947d478 R15: 000055624947d420 [ 1172.343178][ T714] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1173.681135][ T3529] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1173.776144][ T3529] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1173.944835][ T3529] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1174.030069][ T3529] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1174.109021][ T3529] bond0: left allmulticast mode [ 1174.117580][ T3529] bond_slave_0: left allmulticast mode [ 1174.124353][ T3529] bond_slave_1: left allmulticast mode [ 1174.129889][ T3529] bond0: left promiscuous mode [ 1174.136829][ T3529] bond_slave_0: left promiscuous mode [ 1174.144862][ T3529] bond_slave_1: left promiscuous mode [ 1174.150552][ T3529] bridge0: port 3(bond0) entered disabled state [ 1174.162688][ T3529] bridge_slave_1: left allmulticast mode [ 1174.168376][ T3529] bridge_slave_1: left promiscuous mode [ 1174.174664][ T3529] bridge0: port 2(bridge_slave_1) entered disabled state [ 1174.184505][ T3529] bridge_slave_0: left allmulticast mode [ 1174.190192][ T3529] bridge_slave_0: left promiscuous mode [ 1174.196060][ T3529] bridge0: port 1(bridge_slave_0) entered disabled state [ 1174.309542][ T3529] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1174.320420][ T3529] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1174.333421][ T3529] bond0 (unregistering): Released all slaves [ 1174.392871][ T3529] ovsѓуƒѕ9лѕ: left promiscuous mode [ 1174.574563][ T3529] hsr_slave_0: left promiscuous mode [ 1174.580429][ T3529] hsr_slave_1: left promiscuous mode [ 1174.586220][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1174.594152][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1174.609241][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1174.617184][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1174.641733][ T3529] veth1_macvtap: left promiscuous mode [ 1174.647300][ T3529] veth0_macvtap: left promiscuous mode [ 1174.653056][ T3529] veth1_vlan: left promiscuous mode [ 1174.658360][ T3529] veth0_vlan: left promiscuous mode [ 1174.801461][ T3529] team0 (unregistering): Port device team_slave_1 removed [ 1174.813678][ T3529] team0 (unregistering): Port device team_slave_0 removed [ 1175.194470][ T3529] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.251241][ T3529] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.299073][ T3529] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.333478][ T3529] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.453665][ T3529] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.520970][ T3529] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.578950][ T3529] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.639336][ T3529] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1175.735778][ T3529] bond0: left allmulticast mode [ 1175.741423][ T3529] bond_slave_0: left allmulticast mode [ 1175.747145][ T3529] bond_slave_1: left allmulticast mode [ 1175.752655][ T3529] bond0: left promiscuous mode [ 1175.757741][ T3529] bond_slave_0: left promiscuous mode [ 1175.763262][ T3529] bond_slave_1: left promiscuous mode [ 1175.769174][ T3529] bridge0: port 3(bond0) entered disabled state [ 1175.777537][ T3529] bridge_slave_1: left allmulticast mode [ 1175.783208][ T3529] bridge_slave_1: left promiscuous mode [ 1175.789152][ T3529] bridge0: port 2(bridge_slave_1) entered disabled state [ 1175.797490][ T3529] bridge_slave_0: left allmulticast mode [ 1175.803143][ T3529] bridge_slave_0: left promiscuous mode [ 1175.809067][ T3529] bridge0: port 1(bridge_slave_0) entered disabled state [ 1175.818049][ T3529] bridge_slave_1: left allmulticast mode [ 1175.823857][ T3529] bridge_slave_1: left promiscuous mode [ 1175.829883][ T3529] bridge0: port 2(bridge_slave_1) entered disabled state [ 1175.838877][ T3529] bridge_slave_0: left allmulticast mode [ 1175.844728][ T3529] bridge_slave_0: left promiscuous mode [ 1175.850417][ T3529] bridge0: port 1(bridge_slave_0) entered disabled state [ 1176.058271][ T3529] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1176.069133][ T3529] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1176.078764][ T3529] bond0 (unregistering): Released all slaves [ 1176.091254][ T3529] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1176.101310][ T3529] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1176.114184][ T3529] bond0 (unregistering): Released all slaves [ 1176.184356][ T3529] ovs_: left promiscuous mode [ 1176.461161][ T3529] hsr_slave_0: left promiscuous mode [ 1176.467223][ T3529] hsr_slave_1: left promiscuous mode [ 1176.473051][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1176.482770][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1176.490560][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1176.497974][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1176.509548][ T3529] hsr_slave_0: left promiscuous mode [ 1176.515733][ T3529] hsr_slave_1: left promiscuous mode [ 1176.522696][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1176.533252][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1176.542806][ T3529] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1176.550271][ T3529] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1176.561909][ T3529] veth1_macvtap: left promiscuous mode [ 1176.567468][ T3529] veth0_macvtap: left promiscuous mode [ 1176.574446][ T3529] veth1_vlan: left promiscuous mode [ 1176.579937][ T3529] veth0_vlan: left promiscuous mode [ 1176.585971][ T3529] veth1_macvtap: left promiscuous mode [ 1176.593396][ T3529] veth0_macvtap: left promiscuous mode [ 1176.598990][ T3529] veth1_vlan: left promiscuous mode [ 1176.604967][ T3529] veth0_vlan: left promiscuous mode [ 1176.824826][ T3529] team0 (unregistering): Port device team_slave_1 removed [ 1176.854775][ T3529] team0 (unregistering): Port device team_slave_0 removed [ 1177.065622][ T3529] team0 (unregistering): Port device team_slave_1 removed [ 1177.095654][ T3529] team0 (unregistering): Port device team_slave_0 removed