last executing test programs: 14.645353331s ago: executing program 2 (id=2183): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/net/dummy0/netdev_group\x00', 0x102, 0x0) r1 = setfsuid$auto(0xee00) r2 = setfsuid$auto(0xee01) setresuid$auto(r1, r2, r1) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)='8', 0x1) 14.469730417s ago: executing program 2 (id=2185): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x11, 0xa, 0x300) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808) syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), 0xffffffffffffffff) 14.305474911s ago: executing program 2 (id=2188): pwrite64$auto(0xffffffffffffffff, &(0x7f0000000140)='-$!\x00\xfa\xef\t\xa4\xe9\xb2r\x8cQ \xa6\xb7v\x93\xb6\b\xba\xfe\x1e\xab\xe7KC6z\x1a\xf0\x83~\xcd\x9a\x83\b\xb6\xb2\xd6PR\xbe\xec\xea\t\xde.\xc6%\x16\xc8\\\xb2\xe86\xe1\x84k\xa8\x02\xcb\xc9 \x1flY\xcb\xfa\xd9\xe0\xb8\x93\x12\xbc\xcf\xc2\'\x90\x9d\x1c\xb0\x1d\xb8\x80\xb4V\x9c\xf6J\xe8\"\xef@\xcd t\xe8\xe9Ip\xa74\x82\xb0\x9a\xecj\x9f\x8f\x9a\xe22\x8e\xce1\x9d\x0fW\xe7\xfb\"[\x17\x83\xfc}\xc7\xab\x93\xe4\x1ekP1\x01\bB\xbf*a\x93\xbd\xa7\xc8', 0x5, 0x4) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="f4ffffff", @ANYBLOB="01002bbd"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0x7b2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) 14.149820788s ago: executing program 2 (id=2189): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x6000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x0, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c06, 0x0) 14.02971143s ago: executing program 2 (id=2192): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 13.35224486s ago: executing program 2 (id=2198): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r0, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(r0, 0x89f3, r0) 12.905000582s ago: executing program 32 (id=2198): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r0, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(r0, 0x89f3, r0) 2.4618622s ago: executing program 4 (id=2288): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) prctl$auto(0x41555856, 0xc, 0x2008, 0x0, 0x0) r0 = socket(0xa, 0x3, 0x3a) ioctl$auto(r0, 0x890c, 0x1) 2.16158003s ago: executing program 4 (id=2292): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) connect$auto(0x4, 0x0, 0x10) 1.996980514s ago: executing program 3 (id=2295): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40, 0x0) cachestat$auto(r0, 0x0, 0x0, 0x0) 1.82969972s ago: executing program 3 (id=2296): socket(0x2, 0x1, 0x100) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) shutdown$auto(0x200000003, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 1.765769075s ago: executing program 4 (id=2297): r0 = gettid() r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f00000001c0)=0x6) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) kill$auto(r0, 0x11) 1.678309723s ago: executing program 3 (id=2299): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000880), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000940)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000280)={0x1c, r1, 0x3abba0b2ae0bab93, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x40000, 0x0, 0xc811}, 0x10) 1.506661646s ago: executing program 3 (id=2300): r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff49, 0x5, 0x1823, 0x800000000004, 0x1, 0x5, 0x19, 0x10, 0x5, 0x2dde, 0x8, 0xfffffffffffffffa, 0xab, 0x0, 0x1]}, 0x0) r1 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r1, &(0x7f0000000180)=""/61, 0xfffffeeb) 1.478124635s ago: executing program 4 (id=2302): exit$auto(0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r0) r2 = getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, r1, 0xa01, 0x70bd2b, 0x25dfdbfb, {}, [@TASKSTATS_CMD_ATTR_TGID={0x8, 0x2, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) 1.291507955s ago: executing program 0 (id=2304): mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/hid_magicmouse/parameters/scroll_speed\x00', 0x101142, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ieee802154/6lowpan/6lowpanfrag_low_thresh\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) 1.22154816s ago: executing program 0 (id=2306): openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) mmap$auto(0x0, 0x8, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0x129102, 0x0) read$auto(r0, 0x0, 0x18) write$auto(0x3, 0x0, 0xfdef) 1.148799071s ago: executing program 1 (id=2307): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/kernel/usermodehelper/bset\x00', 0x8a802, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r0, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) 1.049450886s ago: executing program 0 (id=2308): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mprotect$auto(0x200000000000, 0x806121, 0x8) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x1, 0x0) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) 978.953748ms ago: executing program 1 (id=2309): sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 892.709203ms ago: executing program 0 (id=2310): r0 = socket(0xa, 0x2, 0x0) setsockopt$auto(r0, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0xee8c, 0x4) 787.348315ms ago: executing program 1 (id=2311): r0 = socket(0x1d, 0x3, 0x1) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) write$auto(r0, &(0x7f00000002c0)='@*\x00', 0x10) 639.333601ms ago: executing program 1 (id=2312): rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) r0 = getpid() r1 = gettid() rt_tgsigqueueinfo$auto(r0, r1, 0x16, &(0x7f0000000400)={@siginfo_0_0={0xfffeffff, 0x0, 0x2, @_sigpoll={0x8}}}) tgkill$auto_SIGCONT(r0, r0, 0x12) 543.99923ms ago: executing program 3 (id=2313): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090027ad7600fbdbdf250180000008000800", @ANYRES32=r3, @ANYBLOB="04000180"], 0x20}, 0x1, 0x0, 0x0, 0x40488d4}, 0xc050) 482.58206ms ago: executing program 4 (id=2314): mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ab, &(0x7f0000000100)={&(0x7f0000000040)='L', 0x49}, 0x1, &(0x7f0000000040), 0x4c, 0x1}, 0x5}, 0x2, 0x100) 457.762003ms ago: executing program 1 (id=2315): r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000) getsockopt$auto(r0, 0x84, 0xd, 0x0, &(0x7f0000000000)=0x7ffe) 395.148618ms ago: executing program 0 (id=2316): mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, 0x0, 0x400c080) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) 391.785965ms ago: executing program 3 (id=2317): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') ioctl$auto(0x3, 0x40086200, 0x38) 141.455443ms ago: executing program 4 (id=2318): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2b, 0x1, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x8, 0x6}, 0x7, 0x0, 0x0, 0x8) sendmmsg$auto(r0, 0x0, 0x1, 0x20000000) connect$auto(0x3, 0x0, 0x55) 97.894011ms ago: executing program 1 (id=2319): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r1, 0x0, 0x1) 0s ago: executing program 0 (id=2320): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) kernel console output (not intermixed with test programs): (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.956980][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.970462][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.978450][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.004851][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.066275][ T51] Bluetooth: hci1: command tx timeout [ 86.075705][ T51] Bluetooth: hci0: command tx timeout [ 86.142405][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.149822][ T51] Bluetooth: hci2: command tx timeout [ 86.156286][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.183003][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.210681][ T5857] hsr_slave_0: entered promiscuous mode [ 86.216962][ T5857] hsr_slave_1: entered promiscuous mode [ 86.222923][ T5857] debugfs: 'hsr0' already exists in 'hsr' [ 86.229004][ T51] Bluetooth: hci3: command tx timeout [ 86.229343][ T5857] Cannot create hsr debugfs directory [ 86.245795][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.252826][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.278807][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.429326][ T5870] hsr_slave_0: entered promiscuous mode [ 86.437218][ T5870] hsr_slave_1: entered promiscuous mode [ 86.443372][ T5870] debugfs: 'hsr0' already exists in 'hsr' [ 86.449395][ T5870] Cannot create hsr debugfs directory [ 86.676944][ T5861] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 86.690337][ T5861] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 86.730174][ T5861] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.760235][ T5861] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 86.856973][ T5865] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.915369][ T5865] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.947896][ T5865] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.980337][ T5865] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.066963][ T5857] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.082166][ T5857] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.117938][ T5857] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.157750][ T5857] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.232608][ T5870] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.249545][ T5870] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.264053][ T5870] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.276299][ T5870] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.314279][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.371916][ T5861] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.402696][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.409936][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.428106][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.448040][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.455175][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.528693][ T5865] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.580299][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.587476][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.598797][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.606091][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.695797][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.716027][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.813775][ T5870] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.851640][ T5857] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.882213][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.889407][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.910782][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.917967][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.945081][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.952302][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.978250][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.985483][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.103817][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.147163][ T51] Bluetooth: hci0: command tx timeout [ 88.152602][ T51] Bluetooth: hci1: command tx timeout [ 88.229496][ T51] Bluetooth: hci2: command tx timeout [ 88.253018][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.313135][ T51] Bluetooth: hci3: command tx timeout [ 88.314351][ T5861] veth0_vlan: entered promiscuous mode [ 88.381440][ T5861] veth1_vlan: entered promiscuous mode [ 88.439346][ T5865] veth0_vlan: entered promiscuous mode [ 88.489414][ T5865] veth1_vlan: entered promiscuous mode [ 88.500235][ T5861] veth0_macvtap: entered promiscuous mode [ 88.529992][ T5861] veth1_macvtap: entered promiscuous mode [ 88.572489][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.601593][ T5865] veth0_macvtap: entered promiscuous mode [ 88.613824][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.640547][ T5865] veth1_macvtap: entered promiscuous mode [ 88.649806][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.683310][ T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.692948][ T59] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.708739][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.724322][ T59] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.733372][ T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.759521][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.790913][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.841920][ T5870] veth0_vlan: entered promiscuous mode [ 88.874908][ T3471] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.884634][ T3471] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.909395][ T3471] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.918300][ T3471] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.932290][ T5870] veth1_vlan: entered promiscuous mode [ 88.944661][ T5857] veth0_vlan: entered promiscuous mode [ 88.971225][ T1115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.989427][ T1115] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.007760][ T5857] veth1_vlan: entered promiscuous mode [ 89.059575][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.070850][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.118230][ T5870] veth0_macvtap: entered promiscuous mode [ 89.151104][ T5870] veth1_macvtap: entered promiscuous mode [ 89.171691][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.183549][ T5861] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.187486][ T5857] veth0_macvtap: entered promiscuous mode [ 89.211922][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.252060][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.282630][ T5857] veth1_macvtap: entered promiscuous mode [ 89.302710][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.330024][ T3471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.366084][ T3471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.374664][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.384166][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.393595][ T5951] ecryptfs_parse_packet_length: Five-byte packet length not supported [ 89.402935][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.417827][ T5951] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 89.439982][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.449936][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.477205][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.519906][ T1115] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.575718][ T1115] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.584478][ T1115] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.650972][ T1115] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.775156][ T5957] Zero length message leads to an empty skb [ 89.789985][ T1115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.819824][ T1115] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.910640][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.946684][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.984205][ T987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.015878][ T987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.099413][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.133179][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.230871][ T51] Bluetooth: hci1: command tx timeout [ 90.236904][ T5864] Bluetooth: hci0: command tx timeout [ 90.314347][ T51] Bluetooth: hci2: command tx timeout [ 90.385678][ T51] Bluetooth: hci3: command tx timeout [ 90.400201][ T5971] capability: warning: `syz.3.11' uses 32-bit capabilities (legacy support in use) [ 90.971479][ T5989] sd 0:0:1:0: PR command failed: 1026 [ 90.984598][ T5989] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 91.020451][ T5989] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 91.055908][ T5995] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 92.092806][ T24] cfg80211: failed to load regulatory.db [ 92.306208][ T51] Bluetooth: hci1: command tx timeout [ 92.312104][ T5864] Bluetooth: hci0: command tx timeout [ 92.386281][ T5864] Bluetooth: hci2: command tx timeout [ 92.466103][ T5864] Bluetooth: hci3: command tx timeout [ 92.495137][ T6022] zswap: compressor not available [ 92.744350][ T30] audit: type=1804 audit(1756048858.777:2): pid=6036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.36" name="/newroot/5/file0" dev="tmpfs" ino=43 res=1 errno=0 [ 92.794379][ T30] audit: type=1800 audit(1756048858.777:3): pid=6036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.36" name="file0" dev="tmpfs" ino=43 res=0 errno=0 [ 94.493473][ T6105] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.541050][ T6095] zswap: compressor not available [ 94.647766][ T6109] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 95.176345][ T6126] zswap: compressor not available [ 96.138980][ T6163] netlink: 338 bytes leftover after parsing attributes in process `syz.2.90'. [ 96.705299][ T6180] ptrace attach of "./syz-executor exec"[5865] was attempted by "XK/ugsT]Suzf@\x1bHJR_1`YT\x0dCh&C4ƋzY'\x22'R D\x5c\x0bq\x1b(}Wmѓ1\x1b-\x1bug{klLUl=\x1b@\x0c\x0dhr9>3>\x0dLW͓\x0b\x5c-K!FզDf>W.}̠ˁU6ԭ%Q\x0aΣzGgEٓ!+'6>Xo;\x07ڒH<Iu(lZZLZ[yl^4?%\x07=뜘FFY!*\x0csV\x07=(斲52L)-_~<\x0al%Ri{S#h0NFڑk835&6zÝv\x5cbj>u^'`q\x0cVR,/ɽ3^?\x0bpGhե\x5cHB4ߛ-Ϸ6d0Uρ5l7yw\x1bBrL3Iq\x0cn~O'*%eWNcwJ\x0dnT~D>iOr&R83&&\x0bw֧?}iД$/\x0boWBȎ@\x1beH8U^יsΉer7z\x5cIz-v [ 102.591080][ T6370] dump_stack_lvl+0x16c/0x1f0 [ 102.591120][ T6370] should_fail_ex+0x512/0x640 [ 102.591160][ T6370] should_fail_alloc_page+0xe7/0x130 [ 102.591198][ T6370] prepare_alloc_pages+0x3c2/0x610 [ 102.591235][ T6370] ? arch_stack_walk+0xa6/0x100 [ 102.591266][ T6370] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 102.591304][ T6370] ? stack_trace_save+0x8e/0xc0 [ 102.591332][ T6370] ? __pfx_stack_trace_save+0x10/0x10 [ 102.591362][ T6370] ? stack_depot_save_flags+0x29/0x9c0 [ 102.591401][ T6370] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 102.591434][ T6370] ? kasan_save_stack+0x42/0x60 [ 102.591461][ T6370] ? kasan_save_stack+0x33/0x60 [ 102.591488][ T6370] ? kasan_save_track+0x14/0x30 [ 102.591514][ T6370] ? __kasan_slab_alloc+0x89/0x90 [ 102.591543][ T6370] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 102.591571][ T6370] ? security_inode_alloc+0x3b/0x2b0 [ 102.591605][ T6370] ? inode_init_always_gfp+0xce4/0x1030 [ 102.591637][ T6370] ? do_syscall_64+0xcd/0x490 [ 102.591670][ T6370] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.591705][ T6370] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 102.591745][ T6370] ? policy_nodemask+0xea/0x4e0 [ 102.591781][ T6370] alloc_pages_mpol+0x1fb/0x550 [ 102.591813][ T6370] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 102.591851][ T6370] ? sk_prot_alloc+0x1a8/0x2a0 [ 102.591886][ T6370] ___kmalloc_large_node+0xed/0x160 [ 102.591928][ T6370] ? sk_prot_alloc+0x1a8/0x2a0 [ 102.591964][ T6370] __kmalloc_large_node_noprof+0x1c/0x70 [ 102.592004][ T6370] __kmalloc_noprof.cold+0xc/0x61 [ 102.592047][ T6370] sk_prot_alloc+0x1a8/0x2a0 [ 102.592088][ T6370] sk_alloc+0x36/0xc20 [ 102.592121][ T6370] can_create+0x1e5/0x600 [ 102.592156][ T6370] __sock_create+0x338/0x8d0 [ 102.592188][ T6370] __sys_socket+0x14d/0x260 [ 102.592214][ T6370] ? __pfx___sys_socket+0x10/0x10 [ 102.592240][ T6370] ? xfd_validate_state+0x61/0x180 [ 102.592274][ T6370] ? __pfx_ksys_write+0x10/0x10 [ 102.592311][ T6370] __x64_sys_socket+0x72/0xb0 [ 102.592335][ T6370] ? lockdep_hardirqs_on+0x7c/0x110 [ 102.592366][ T6370] do_syscall_64+0xcd/0x490 [ 102.592401][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.592426][ T6370] RIP: 0033:0x7fb8d738ebe9 [ 102.592455][ T6370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.592484][ T6370] RSP: 002b:00007fb8d8166038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 102.592509][ T6370] RAX: ffffffffffffffda RBX: 00007fb8d75b5fa0 RCX: 00007fb8d738ebe9 [ 102.592527][ T6370] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 102.592542][ T6370] RBP: 00007fb8d7411e19 R08: 0000000000000000 R09: 0000000000000000 [ 102.592559][ T6370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.592574][ T6370] R13: 00007fb8d75b6038 R14: 00007fb8d75b5fa0 R15: 00007ffdd34c7bc8 [ 102.592654][ T6370] [ 102.595781][ T6364] zswap: compressor not available [ 106.920059][ T6463] kexec: Could not allocate control_code_buffer [ 107.343511][ T6499] Invalid ELF header len 1 [ 107.456298][ T6515] netlink: 8 bytes leftover after parsing attributes in process `syz.0.242'. [ 109.362881][ T6574] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.930847][ T6647] ovs_: entered promiscuous mode [ 111.950517][ T6649] FAULT_INJECTION: forcing a failure. [ 111.950517][ T6649] name failslab, interval 1, probability 0, space 0, times 1 [ 111.979662][ T6649] CPU: 1 UID: 0 PID: 6649 Comm: syz.1.300 Not tainted syzkaller #0 PREEMPT(full) [ 111.979735][ T6649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 111.979771][ T6649] Call Trace: [ 111.979790][ T6649] [ 111.979812][ T6649] dump_stack_lvl+0x16c/0x1f0 [ 111.979860][ T6649] should_fail_ex+0x512/0x640 [ 111.979895][ T6649] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 111.979930][ T6649] should_failslab+0xc2/0x120 [ 111.979964][ T6649] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 111.979997][ T6649] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 111.980027][ T6649] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 111.980051][ T6649] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 111.980076][ T6649] alloc_inode+0x64/0x240 [ 111.980113][ T6649] new_inode+0x22/0x1c0 [ 111.980152][ T6649] hugetlbfs_get_inode+0x354/0x730 [ 111.980185][ T6649] hugetlb_file_setup+0x15b/0x620 [ 111.980217][ T6649] ksys_mmap_pgoff+0x189/0x5c0 [ 111.980258][ T6649] __x64_sys_mmap+0x125/0x190 [ 111.980301][ T6649] do_syscall_64+0xcd/0x490 [ 111.980337][ T6649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.980363][ T6649] RIP: 0033:0x7f84f978ebe9 [ 111.980383][ T6649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.980407][ T6649] RSP: 002b:00007f84fa63b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 111.980430][ T6649] RAX: ffffffffffffffda RBX: 00007f84f99b5fa0 RCX: 00007f84f978ebe9 [ 111.980447][ T6649] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 111.980462][ T6649] RBP: 00007f84f9811e19 R08: 0000000000000602 R09: 0000300000000000 [ 111.980478][ T6649] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 111.980493][ T6649] R13: 00007f84f99b6038 R14: 00007f84f99b5fa0 R15: 00007ffc11058ef8 [ 111.980527][ T6649] [ 113.746597][ T6709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.328'. [ 113.931034][ T6715] binder: 6714:6715 ioctl c018620c 0 returned -1 [ 114.782179][ T6745] binder: 6744:6745 ioctl c018620c 0 returned -1 [ 115.365582][ T6755] netlink: 4 bytes leftover after parsing attributes in process `syz.2.346'. [ 115.746480][ T6765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.352'. [ 116.569145][ T6784] rtc_cmos 00:00: Alarms can be up to one day in the future [ 116.705007][ T6743] kexec: Could not allocate control_code_buffer [ 116.906041][ T5905] rtc_cmos 00:00: Alarms can be up to one day in the future [ 116.913730][ T5905] rtc_cmos 00:00: Alarms can be up to one day in the future [ 116.949963][ T5905] rtc_cmos 00:00: Alarms can be up to one day in the future [ 116.995745][ T5905] rtc_cmos 00:00: Alarms can be up to one day in the future [ 117.003057][ T5905] rtc rtc0: __rtc_set_alarm: err=-22 [ 117.193381][ T6804] syz.0.369 uses obsolete (PF_INET,SOCK_PACKET) [ 118.646766][ T6846] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 119.100129][ T6854] svc: failed to register nfsdv3 RPC service (errno 111). [ 119.130363][ T6854] svc: failed to register nfsaclv3 RPC service (errno 111). [ 119.220002][ T6866] ovs_: entered promiscuous mode [ 119.770956][ T6874] zswap: compressor not available [ 119.776837][ T6878] Setting dangerous option i915.mitigations - tainting kernel [ 119.841213][ T6885] netlink: 342 bytes leftover after parsing attributes in process `syz.2.401'. [ 121.173477][ T6924] netlink: 'syz.1.418': attribute type 1 has an invalid length. [ 123.372650][ T30] audit: type=1800 audit(1756048889.407:4): pid=6987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.443" name="dbroot" dev="configfs" ino=11514 res=0 errno=0 [ 123.411141][ T6987] db_root: cannot open: /var/target [ 124.598237][ T7028] IPVS: length: 7562853 != 24 [ 125.072260][ T7043] netlink: 16 bytes leftover after parsing attributes in process `syz.1.469'. [ 125.421263][ T5864] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 125.421299][ T5864] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 125.441587][ T5864] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 125.441673][ T5864] Bluetooth: hci2: Malformed LE Event: 0x0d [ 127.010917][ T7100] svc: failed to register nfsdv3 RPC service (errno 111). [ 127.058757][ T7100] svc: failed to register nfsaclv3 RPC service (errno 111). [ 128.159511][ T7140] svc: failed to register nfsdv3 RPC service (errno 111). [ 128.224795][ T7140] svc: failed to register nfsaclv3 RPC service (errno 111). [ 130.432735][ T7219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.544'. [ 130.654193][ T7226] process 'syz.3.548' launched ':,' with NULL argv: empty string added [ 130.781491][ T7231] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 132.876289][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.882887][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.033701][ T7308] FAULT_INJECTION: forcing a failure. [ 133.033701][ T7308] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 133.085888][ T7308] CPU: 0 UID: 0 PID: 7308 Comm: syz.0.580 Tainted: G U syzkaller #0 PREEMPT(full) [ 133.085933][ T7308] Tainted: [U]=USER [ 133.085942][ T7308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 133.085961][ T7308] Call Trace: [ 133.085970][ T7308] [ 133.085980][ T7308] dump_stack_lvl+0x16c/0x1f0 [ 133.086027][ T7308] should_fail_ex+0x512/0x640 [ 133.086069][ T7308] _copy_from_user+0x2e/0xd0 [ 133.086111][ T7308] get_timespec64+0x8b/0x1b0 [ 133.086143][ T7308] ? __pfx_get_timespec64+0x10/0x10 [ 133.086183][ T7308] __x64_sys_utimensat+0x17a/0x290 [ 133.086216][ T7308] ? __do_sys_openat2+0x1c8/0x2d0 [ 133.086255][ T7308] ? __pfx___x64_sys_utimensat+0x10/0x10 [ 133.086302][ T7308] do_syscall_64+0xcd/0x490 [ 133.086337][ T7308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.086362][ T7308] RIP: 0033:0x7f66ded8ebe9 [ 133.086385][ T7308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.086410][ T7308] RSP: 002b:00007f66dfb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000118 [ 133.086435][ T7308] RAX: ffffffffffffffda RBX: 00007f66defb5fa0 RCX: 00007f66ded8ebe9 [ 133.086452][ T7308] RDX: 0000200000001400 RSI: 0000000000000000 RDI: ffffffffffffffff [ 133.086469][ T7308] RBP: 00007f66dee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 133.086485][ T7308] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 133.086500][ T7308] R13: 00007f66defb6038 R14: 00007f66defb5fa0 R15: 00007ffca053bf58 [ 133.086535][ T7308] [ 133.251123][ C0] vkms_vblank_simulate: vblank timer overrun [ 133.300925][ T7313] netlink: 8 bytes leftover after parsing attributes in process `syz.2.583'. [ 133.551417][ T7323] FAULT_INJECTION: forcing a failure. [ 133.551417][ T7323] name failslab, interval 1, probability 0, space 0, times 0 [ 133.573921][ T7323] CPU: 1 UID: 0 PID: 7323 Comm: syz.0.587 Tainted: G U syzkaller #0 PREEMPT(full) [ 133.573968][ T7323] Tainted: [U]=USER [ 133.573977][ T7323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 133.573991][ T7323] Call Trace: [ 133.573999][ T7323] [ 133.574009][ T7323] dump_stack_lvl+0x16c/0x1f0 [ 133.574048][ T7323] should_fail_ex+0x512/0x640 [ 133.574084][ T7323] ? __kmalloc_noprof+0xbf/0x510 [ 133.574117][ T7323] ? constrain_params_by_rules+0x175/0xca0 [ 133.574142][ T7323] should_failslab+0xc2/0x120 [ 133.574175][ T7323] __kmalloc_noprof+0xd2/0x510 [ 133.574215][ T7323] constrain_params_by_rules+0x175/0xca0 [ 133.574247][ T7323] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 133.574277][ T7323] ? lockdep_hardirqs_on+0x7c/0x110 [ 133.574321][ T7323] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 133.574356][ T7323] ? __kasan_kmalloc+0xaa/0xb0 [ 133.574384][ T7323] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 133.574411][ T7323] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 133.574434][ T7323] ? snd_pcm_oss_sync+0x1de/0x840 [ 133.574469][ T7323] ? rcu_is_watching+0x12/0xc0 [ 133.574494][ T7323] ? snd_interval_refine+0x2fa/0x580 [ 133.574531][ T7323] snd_pcm_hw_refine+0x7de/0xad0 [ 133.574558][ T7323] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 133.574596][ T7323] ? __asan_memset+0x23/0x50 [ 133.574621][ T7323] ? _snd_pcm_hw_param_min+0x259/0x630 [ 133.574667][ T7323] snd_pcm_oss_change_params_locked+0x65e/0x3a30 [ 133.574710][ T7323] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 133.574739][ T7323] ? __pfx___mutex_lock+0x10/0x10 [ 133.574795][ T7323] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 133.574822][ T7323] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 133.574847][ T7323] snd_pcm_oss_sync+0x1de/0x840 [ 133.574877][ T7323] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 133.574902][ T7323] snd_pcm_oss_release+0x28b/0x310 [ 133.574930][ T7323] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 133.574953][ T7323] __fput+0x402/0xb70 [ 133.574996][ T7323] task_work_run+0x14d/0x240 [ 133.575036][ T7323] ? __pfx_task_work_run+0x10/0x10 [ 133.575075][ T7323] ? __pfx___do_sys_close_range+0x10/0x10 [ 133.575113][ T7323] exit_to_user_mode_loop+0xeb/0x110 [ 133.575151][ T7323] do_syscall_64+0x3f6/0x490 [ 133.575186][ T7323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.575212][ T7323] RIP: 0033:0x7f66ded8ebe9 [ 133.575233][ T7323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.575257][ T7323] RSP: 002b:00007f66dfb91038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 133.575282][ T7323] RAX: 0000000000000000 RBX: 00007f66defb5fa0 RCX: 00007f66ded8ebe9 [ 133.575305][ T7323] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 133.575321][ T7323] RBP: 00007f66dee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 133.575337][ T7323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.575351][ T7323] R13: 00007f66defb6038 R14: 00007f66defb5fa0 R15: 00007ffca053bf58 [ 133.575387][ T7323] [ 134.263209][ T7334] FAULT_INJECTION: forcing a failure. [ 134.263209][ T7334] name failslab, interval 1, probability 0, space 0, times 0 [ 134.278741][ T7334] CPU: 0 UID: 0 PID: 7334 Comm: syz.3.593 Tainted: G U syzkaller #0 PREEMPT(full) [ 134.278782][ T7334] Tainted: [U]=USER [ 134.278791][ T7334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 134.278807][ T7334] Call Trace: [ 134.278816][ T7334] [ 134.278826][ T7334] dump_stack_lvl+0x16c/0x1f0 [ 134.278865][ T7334] should_fail_ex+0x512/0x640 [ 134.278899][ T7334] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 134.278934][ T7334] should_failslab+0xc2/0x120 [ 134.278967][ T7334] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 134.278999][ T7334] ? alloc_uid+0x13d/0x4c0 [ 134.279030][ T7334] ? _raw_spin_unlock_irq+0x23/0x50 [ 134.279063][ T7334] alloc_uid+0x13d/0x4c0 [ 134.279096][ T7334] ? __pfx_alloc_uid+0x10/0x10 [ 134.279129][ T7334] ? bpf_lsm_capable+0x9/0x10 [ 134.279152][ T7334] ? security_capable+0x7e/0x260 [ 134.279194][ T7334] __sys_setreuid+0x63d/0xaf0 [ 134.279230][ T7334] do_syscall_64+0xcd/0x490 [ 134.279269][ T7334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.279294][ T7334] RIP: 0033:0x7f5c3518ebe9 [ 134.279315][ T7334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.279340][ T7334] RSP: 002b:00007f5c360e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 134.279364][ T7334] RAX: ffffffffffffffda RBX: 00007f5c353b5fa0 RCX: 00007f5c3518ebe9 [ 134.279381][ T7334] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000009 [ 134.279396][ T7334] RBP: 00007f5c35211e19 R08: 0000000000000000 R09: 0000000000000000 [ 134.279411][ T7334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.279425][ T7334] R13: 00007f5c353b6038 R14: 00007f5c353b5fa0 R15: 00007ffc74820168 [ 134.279458][ T7334] [ 134.459498][ C0] vkms_vblank_simulate: vblank timer overrun [ 135.259446][ T7361] netlink: 206 bytes leftover after parsing attributes in process `syz.0.604'. [ 136.471251][ T7410] device-mapper: ioctl: Invalid ioctl structure: name , dev b00010007 [ 138.047704][ T30] audit: type=1806 audit(1756048904.087:5): xattr=08 res=-22 [ 138.367284][ T7492] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 138.392061][ T7495] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 138.401895][ T7495] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 138.580563][ T7494] zswap: compressor not available [ 138.941853][ T7520] netlink: 8 bytes leftover after parsing attributes in process `syz.1.675'. [ 139.743403][ T7551] mmap: syz.2.687 (7551) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 142.499100][ T7617] sctp: [Deprecated]: syz.2.714 (pid 7617) Use of struct sctp_assoc_value in delayed_ack socket option. [ 142.499100][ T7617] Use struct sctp_sack_info instead [ 143.479281][ T7647] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 144.645179][ T7676] could not allocate digest TFM handle  [ 144.754335][ T7697] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 145.262203][ T7712] zswap: compressor not available [ 145.449164][ T7720] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 145.455639][ T7720] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 145.491188][ T7720] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 145.513317][ T7720] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 145.532030][ T7720] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 145.573625][ T7720] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 145.611606][ T7720] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 145.617954][ T7720] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 145.640526][ T7720] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 145.652924][ T7720] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 145.659645][ T7720] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 145.687451][ T7720] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 146.625052][ T7763] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 146.686428][ T7763] audit: out of memory in audit_log_start [ 147.505716][ T5864] Bluetooth: hci0: command 0x0c1a tx timeout [ 147.565872][ T7802] sd 0:0:1:0: device reset [ 147.586781][ T5864] Bluetooth: hci1: command 0x0c1a tx timeout [ 147.665634][ T5864] Bluetooth: hci3: command 0x0c1a tx timeout [ 147.672007][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 148.401807][ T7839] netlink: 'syz.0.812': attribute type 2 has an invalid length. [ 149.585834][ T5864] Bluetooth: hci0: command 0x0c1a tx timeout [ 149.665712][ T5864] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.745649][ T5864] Bluetooth: hci3: command 0x0c1a tx timeout [ 149.751705][ T5864] Bluetooth: hci2: command 0x0c1a tx timeout [ 149.793281][ T7883] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 149.800000][ T7883] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 151.011777][ T7912] netlink: 21 bytes leftover after parsing attributes in process `syz.3.843'. [ 151.163557][ T7919] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 158.196621][ T8184] dump_stack_lvl+0x16c/0x1f0 [ 158.196666][ T8184] should_fail_ex+0x512/0x640 [ 158.196707][ T8184] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 158.196745][ T8184] should_failslab+0xc2/0x120 [ 158.196781][ T8184] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 158.196809][ T8184] ? d_instantiate+0x77/0x90 [ 158.196836][ T8184] ? alloc_empty_file+0x55/0x1e0 [ 158.196872][ T8184] alloc_empty_file+0x55/0x1e0 [ 158.196906][ T8184] alloc_file_pseudo+0x13a/0x230 [ 158.196949][ T8184] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 158.196986][ T8184] ? _raw_spin_unlock+0x28/0x50 [ 158.197011][ T8184] ? alloc_fd+0x471/0x7d0 [ 158.197037][ T8184] __anon_inode_getfile+0xe8/0x280 [ 158.197063][ T8184] ? __init_waitqueue_head+0xca/0x150 [ 158.197101][ T8184] do_epoll_create+0x324/0x480 [ 158.197129][ T8184] __x64_sys_epoll_create+0x45/0x70 [ 158.197156][ T8184] do_syscall_64+0xcd/0x490 [ 158.197190][ T8184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.197215][ T8184] RIP: 0033:0x7f66ded8ebe9 [ 158.197235][ T8184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.197258][ T8184] RSP: 002b:00007f66dfb91038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 158.197282][ T8184] RAX: ffffffffffffffda RBX: 00007f66defb5fa0 RCX: 00007f66ded8ebe9 [ 158.197299][ T8184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 158.197313][ T8184] RBP: 00007f66dee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 158.197328][ T8184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.197341][ T8184] R13: 00007f66defb6038 R14: 00007f66defb5fa0 R15: 00007ffca053bf58 [ 158.197372][ T8184] [ 160.082570][ T8244] ima: policy update failed [ 160.085456][ T30] audit: type=1807 audit(1756048926.117:6): UNKNOWN= [ 160.087212][ T30] audit: type=1802 audit(1756048926.117:7): pid=8245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.991" res=0 errno=0 [ 160.285497][ T30] audit: type=1802 audit(1756048926.127:8): pid=8244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.991" res=0 errno=0 [ 160.431296][ T8253] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 160.472148][ T8253] audit: out of memory in audit_log_start [ 160.576085][ T8255] zswap: compressor not available [ 160.839631][ T8266] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 160.869462][ T8266] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 160.897022][ T8266] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 160.912650][ T8266] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 161.114200][ T8279] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 162.871542][ T5864] Bluetooth: hci0: command 0x0c1a tx timeout [ 162.946461][ T5864] Bluetooth: hci3: command 0x0c1a tx timeout [ 162.952561][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 162.958853][ T5867] Bluetooth: hci1: command 0x0c1a tx timeout [ 164.727197][ T8377] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 164.742694][ T8377] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 164.758431][ T8377] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 164.774453][ T8377] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 164.901497][ T8386] futex_wake_op: syz.3.1049 tries to shift op by -2048; fix this program [ 164.962942][ T8386] futex_wake_op: syz.3.1049 tries to shift op by -2048; fix this program                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  [ 216.334101][ T9942] EXT4-fs error: 3 callbacks suppressed [ 216.334119][ T9942] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 216.343896][ T9939] [U] [ 216.358327][ T9939] [U] [ 216.361570][ T9939] [U] [ 216.364800][ T9939] [U] [ 216.379934][ T9943] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 216.410631][ T9939] [U] [ 216.413921][ T9939] [U] [ 216.414608][ T9839] chnl_net:caif_netlink_parms(): no params data found [ 216.417147][ T9939] [U] [ 216.417189][ T9939] [U] [ 216.427286][ T9946] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 216.445949][ T9945] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1677'. [ 216.504363][ T9938] [U] [ 216.512025][ T9948] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 216.684941][ T9955] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 216.806809][ T9962] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 216.899580][ T9839] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.915677][ T9839] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.927665][ T9839] bridge_slave_0: entered allmulticast mode [ 216.948819][ T9839] bridge_slave_0: entered promiscuous mode [ 216.971158][ T9968] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 216.977975][ T9839] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.010740][ T9839] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.024583][ T9839] bridge_slave_1: entered allmulticast mode [ 217.032174][ T5867] Bluetooth: hci3: command tx timeout [ 217.044532][ T9839] bridge_slave_1: entered promiscuous mode [ 217.176286][ T9972] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 217.206755][ T9839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.254702][ T9839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.659593][ T9839] team0: Port device team_slave_0 added [ 217.700069][ T9839] team0: Port device team_slave_1 added [ 217.867635][ T9991] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 217.982900][ T9839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.006518][ T9839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.065334][ T9839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.110793][ T9839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.131796][ T9839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.202835][ T9839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.367609][ T9839] hsr_slave_0: entered promiscuous mode [ 218.375239][ T9839] hsr_slave_1: entered promiscuous mode [ 218.383150][ T9839] debugfs: 'hsr0' already exists in 'hsr' [ 218.391221][ T9839] Cannot create hsr debugfs directory [ 218.687081][T10015] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 218.689210][T10016] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 218.712650][T10015] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 218.732647][T10015] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 218.734154][T10018] netlink: 'syz.3.1702': attribute type 4 has an invalid length. [ 218.743553][T10015] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 218.761591][T10015] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 218.772390][T10018] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1702'. [ 218.792651][T10015] Bluetooth: hci3: Opcode 0x0406 failed: -4 can't run '/sbi[ 219.290403][ T9839] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 219.307591][ T9839] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 219.320987][ T9839] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 219.334714][ T9839] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 219.381443][T10044] Device name cannot be null; rc = [-22] [ 219.445217][ T9839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.472009][ T9839] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.492034][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.500617][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.519358][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.527869][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.607446][ T9839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.650952][ T9839] veth0_vlan: entered promiscuous mode [ 219.664016][ T9839] veth1_vlan: entered promiscuous mode [ 219.692109][ T9839] veth0_macvtap: entered promiscuous mode [ 219.703879][ T9839] veth1_macvtap: entered promiscuous mode [ 219.724618][ T9839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.742802][ T9839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.760546][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.771663][ T3471] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.786238][ T3471] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.797554][ T3471] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.864681][ T3471] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.879028][ T3471] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.922169][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 can't run '/sbi[ 219.933854][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.962982][ T9839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 220.134341][T10065] [U] [ 220.137718][T10065] [U] [ 220.140955][T10065] [U] [ 220.144188][T10065] [U] [ 220.197385][T10065] [U] [ 220.200649][T10065] [U] [ 220.203885][T10065] [U] [ 220.207133][T10065] [U] [ 220.220322][T10062] [U] [ 220.528621][T10080] FAULT_INJECTION: forcing a failure. [ 220.528621][T10080] name failslab, interval 1, probability 0, space 0, times 0 [ 220.582976][T10080] CPU: 0 UID: 0 PID: 10080 Comm: syz.2.1716 Tainted: G U I syzkaller #0 PREEMPT(full) [ 220.583022][T10080] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 220.583032][T10080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 220.583044][T10080] Call Trace: [ 220.583062][T10080] [ 220.583071][T10080] dump_stack_lvl+0x16c/0x1f0 [ 220.583110][T10080] should_fail_ex+0x512/0x640 [ 220.583145][T10080] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 220.583179][T10080] should_failslab+0xc2/0x120 [ 220.583213][T10080] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 220.583243][T10080] ? alloc_inode+0xc3/0x240 [ 220.583280][T10080] alloc_inode+0xc3/0x240 [ 220.583312][T10080] path_from_stashed+0x25b/0x750 [ 220.583337][T10080] ? alloc_fd+0x471/0x7d0 [ 220.583368][T10080] pidfs_alloc_file+0xf8/0x290 [ 220.583393][T10080] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 220.583421][T10080] ? _raw_spin_unlock_irq+0x23/0x50 [ 220.583453][T10080] pidfd_prepare+0x129/0x200 [ 220.583487][T10080] __x64_sys_pidfd_open+0x105/0x1a0 [ 220.583525][T10080] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 220.583565][T10080] ? rcu_is_watching+0x12/0xc0 [ 220.583591][T10080] do_syscall_64+0xcd/0x490 [ 220.583625][T10080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.583656][T10080] RIP: 0033:0x7f40c5b8ebe9 [ 220.583676][T10080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.583700][T10080] RSP: 002b:00007f40c6a0b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 220.583723][T10080] RAX: ffffffffffffffda RBX: 00007f40c5db5fa0 RCX: 00007f40c5b8ebe9 [ 220.583739][T10080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 220.583753][T10080] RBP: 00007f40c5c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 220.583767][T10080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.583782][T10080] R13: 00007f40c5db6038 R14: 00007f40c5db5fa0 R15: 00007ffde5d1c338 [ 220.583815][T10080] [ 220.904484][ T5867] Bluetooth: hci0: command 0x0c1a tx timeout [ 220.912097][ T5867] Bluetooth: hci3: command 0x0419 tx timeout [ 220.919391][ T5867] Bluetooth: hci2: command 0x0c1a tx timeout [ 220.926659][ T5867] Bluetooth: hci1: command 0x0c1a tx timeout can't run '/sbi[ 220.933942][ T5867] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 221.519428][T10105] sctp: [Deprecated]: syz.2.1727 (pid 10105) Use of int in maxseg socket option. [ 221.519428][T10105] Use struct sctp_assoc_value instead [ 222.020990][T10124] EXT4-fs error: 18 callbacks suppressed [ 222.021009][T10124] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 222.858983][T10157] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 222.948706][ T51] Bluetooth: hci3: command 0x0419 tx timeout [ 223.103125][T10167] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 223.990139][T10194] FAULT_INJECTION: forcing a failure. [ 223.990139][T10194] name fail_futex, interval 1, probability 0, space 0, times 0 [ 224.019661][T10194] CPU: 0 UID: 0 PID: 10194 Comm: syz.1.1761 Tainted: G U I syzkaller #0 PREEMPT(full) [ 224.019708][T10194] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 224.019718][T10194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 224.019733][T10194] Call Trace: [ 224.019742][T10194] [ 224.019753][T10194] dump_stack_lvl+0x16c/0x1f0 [ 224.019792][T10194] should_fail_ex+0x512/0x640 [ 224.019832][T10194] should_fail_futex+0x4c/0x60 [ 224.019861][T10194] __x64_sys_futex+0x25e/0x4c0 [ 224.019894][T10194] ? fdget_pos+0x2b8/0x370 [ 224.019923][T10194] ? __pfx___x64_sys_futex+0x10/0x10 [ 224.019954][T10194] ? xfd_validate_state+0x61/0x180 [ 224.019988][T10194] ? __pfx_ksys_write+0x10/0x10 [ 224.020028][T10194] do_syscall_64+0xcd/0x490 [ 224.020063][T10194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.020088][T10194] RIP: 0033:0x7f84f978ebe9 [ 224.020108][T10194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.020132][T10194] RSP: 002b:00007f84fa63b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 224.020158][T10194] RAX: ffffffffffffffda RBX: 00007f84f99b5fa0 RCX: 00007f84f978ebe9 [ 224.020175][T10194] RDX: 0000000000000004 RSI: 000000000000000d RDI: 0000000000000000 [ 224.020190][T10194] RBP: 00007f84f9811e19 R08: 0000000000000000 R09: 0000000000000008 [ 224.020205][T10194] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.020221][T10194] R13: 00007f84f99b6038 R14: 00007f84f99b5fa0 R15: 00007ffc11058ef8 [ 224.020254][T10194] [ 224.277996][T10196] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 224.419113][T10200] netlink: 'syz.1.1763': attribute type 4 has an invalid length. [ 224.474513][T10200] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1763'. [ 224.506321][T10198] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1762'. [ 225.030113][ T51] Bluetooth: hci3: command 0x0419 tx timeout [ 225.339781][T10221] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 226.374602][T10250] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 226.407072][T10252] ======================================================= [ 226.407072][T10252] WARNING: The mand mount option has been deprecated and [ 226.407072][T10252] and is ignored by this kernel. Remove the mand [ 226.407072][T10252] option from the mount to silence this warning. [ 226.407072][T10252] ======================================================= [ 227.105847][ T51] Bluetooth: hci3: command 0x0419 tx timeout [ 227.405288][T10294] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbin/getty': Structure needs cleani[ 227.783216][ T30] audit: type=1800 audit(1756048993.817:9): pid=10311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1807" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 228.150335][T10329] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 228.415510][ T9917] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:8: bg 3: bad block bitmap checksum [ 228.597969][T10342] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries [ 228.624919][ T9917] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 3583 with max blocks 1 with error 74 can't run '/sbi[ 228.662057][ T9917] EXT4-fs (sda1): This should not happen!! Data will be lost [ 228.662057][ T9917] [ 228.738118][ T9917] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1471 with max blocks 7 with error 117 [ 228.777098][ T9917] EXT4-fs (sda1): This should not happen!! Data will be lost [ 228.777098][ T9917] [ 229.005127][ T9917] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1471 with max blocks 7 with error 117 [ 229.067889][ T9917] EXT4-fs (sda1): This should not happen!! Data will be lost [ 229.067889][ T9917] [ 229.235220][T10367] FAULT_INJECTION: forcing a failure. [ 229.235220][T10367] name failslab, interval 1, probability 0, space 0, times 0 [ 229.252347][T10367] CPU: 0 UID: 0 PID: 10367 Comm: syz.1.1830 Tainted: G U I syzkaller #0 PREEMPT(full) [ 229.252392][T10367] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 229.252403][T10367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 229.252417][T10367] Call Trace: [ 229.252426][T10367] [ 229.252437][T10367] dump_stack_lvl+0x16c/0x1f0 [ 229.252475][T10367] should_fail_ex+0x512/0x640 [ 229.252509][T10367] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 229.252540][T10367] should_failslab+0xc2/0x120 [ 229.252574][T10367] __kmalloc_cache_noprof+0x6a/0x3e0 [ 229.252603][T10367] ? copy_ipcs+0x19f/0x610 [ 229.252638][T10367] copy_ipcs+0x19f/0x610 [ 229.252664][T10367] ? copy_utsname+0xab/0x470 [ 229.252701][T10367] create_new_namespaces+0x20a/0xa90 [ 229.252732][T10367] ? security_capable+0x7e/0x260 [ 229.252765][T10367] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 229.252798][T10367] ksys_unshare+0x45b/0xa40 [ 229.252833][T10367] ? __pfx_ksys_unshare+0x10/0x10 [ 229.252868][T10367] ? xfd_validate_state+0x61/0x180 [ 229.252914][T10367] __x64_sys_unshare+0x31/0x40 [ 229.252948][T10367] do_syscall_64+0xcd/0x490 [ 229.252985][T10367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.253011][T10367] RIP: 0033:0x7f84f978ebe9 [ 229.253032][T10367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.253056][T10367] RSP: 002b:00007f84fa63b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 229.253080][T10367] RAX: ffffffffffffffda RBX: 00007f84f99b5fa0 RCX: 00007f84f978ebe9 [ 229.253095][T10367] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 229.253110][T10367] RBP: 00007f84f9811e19 R08: 0000000000000000 R09: 0000000000000000 [ 229.253124][T10367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.253137][T10367] R13: 00007f84f99b6038 R14: 00007f84f99b5fa0 R15: 00007ffc11058ef8 [ 229.253170][T10367] [ 229.676425][T10378] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 230.714756][T10425] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 230.977260][T10440] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 231.017137][T10442] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 231.199567][T10447] program syz.3.1864 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 231.739070][T10474] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbin/getty': Structure needs cleaning [ 232.271812][T10491] bridge0: port 3(macvlan0) entered blocking state [ 232.314956][T10491] bridge0: port 3(macvlan0) entered disabled state [ 232.325826][T10491] macvlan0: entered allmulticast mode [ 232.340702][T10491] veth1_vlan: entered allmulticast mode [ 232.354360][T10493] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1881'. [ 232.378675][T10491] macvlan0: entered promiscuous mode [ 232.406407][T10491] bridge0: port 3(macvlan0) entered blocking state [ 232.414797][T10491] bridge0: port 3(macvlan0) entered listening state [ 232.826836][T10514] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 232.989438][T10521] capability: warning: `syz.2.1892' uses 32-bit capabilities (legacy support in use) [ 233.862223][ T3471] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1476 with max blocks 2 with error 117 [ 233.890208][T10568] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries [ 233.914248][ T3471] EXT4-fs (sda1): This should not happen!! Data will be lost [ 233.914248][ T3471] can't run '/sbi[ 234.953447][T10603] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 235.405066][T10622] random: crng reseeded on system resumption [ 235.464770][ T3471] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:7: iget: bad extra_isize 53777 (inode size 256) [ 235.532597][ T3471] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -117 [ 235.548422][ T59] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:4: iget: bad extra_isize 53777 (inode size 256) [ 235.591031][ T59] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -117 [ 235.604681][ T3471] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:7: iget: bad extra_isize 53777 (inode size 256) [ 235.658604][ T3471] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -117 [ 235.672516][ T59] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:4: iget: bad extra_isize 53777 (inode size 256) [ 235.696065][ T3471] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:7: iget: bad extra_isize 53777 (inode size 256) [ 235.712569][ T59] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -117 [ 235.747184][ T3471] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -117 [ 235.759152][ T59] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:4: iget: bad extra_isize 53777 (inode size 256) [ 235.789189][ T3471] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:7: iget: bad extra_isize 53777 (inode size 256) [ 235.815583][ T59] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -117 [ 235.835285][ T59] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -117 [ 235.848110][ T3471] (NULL device *): loading /lib/firmware/regulatory.db failed with error -117 [ 235.859314][ T59] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -117 [ 235.885861][ T3471] (NULL device *): Direct firmware load for regulatory.db failed with error -117 [ 235.897913][ T3471] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 235.908360][ T59] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s can't run '/sbican't run '/sbi[ 238.056832][T10715] EXT4-fs error: 3 callbacks suppressed [ 238.056852][T10715] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 238.433882][T10724] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1978'. [ 238.445309][T10724] caif0: entered promiscuous mode [ 239.094346][T10728] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 240.114935][T10729] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 241.133771][T10730] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 242.153297][T10731] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 243.174663][T10732] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 244.195111][T10733] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 245.214162][T10736] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 246.240825][T10740] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 246.789137][T10769] mmap: syz.2.1992 (10769) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 247.327937][T10792] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries [ 247.335787][T10780] program syz.3.1996 is using a deprecated SCSI ioctl, please convert it to SG_IO can't run '/sbi[ 247.427344][ C1] bridge0: port 3(macvlan0) entered learning state [ 247.748869][ T30] audit: type=1804 audit(1756049013.777:10): pid=10804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2004" name="/newroot/75/file0" dev="tmpfs" ino=397 res=1 errno=0 [ 247.972857][ T30] audit: type=1804 audit(1756049014.007:11): pid=10802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2004" name="/newroot/75/file0" dev="tmpfs" ino=397 res=1 errno=0 [ 248.397480][T10825] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 249.079661][T10846] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 249.114113][T10848] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 249.131965][T10849] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 249.212221][T10840] ptrace attach of "./syz-executor exec"[5861] was attempted by ""[10840] [ 249.422985][T10861] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbin/getty': Structure needs cleaning [ 250.004397][T10887] FAULT_INJECTION: forcing a failure. [ 250.004397][T10887] name failslab, interval 1, probability 0, space 0, times 0 [ 250.024957][T10887] CPU: 1 UID: 0 PID: 10887 Comm: syz.2.2033 Tainted: G U I syzkaller #0 PREEMPT(full) [ 250.025003][T10887] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 250.025013][T10887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 250.025033][T10887] Call Trace: [ 250.025045][T10887] [ 250.025055][T10887] dump_stack_lvl+0x16c/0x1f0 [ 250.025096][T10887] should_fail_ex+0x512/0x640 [ 250.025131][T10887] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 250.025162][T10887] should_failslab+0xc2/0x120 [ 250.025196][T10887] __kmalloc_cache_noprof+0x6a/0x3e0 [ 250.025224][T10887] ? percpu_ref_init+0xec/0x410 [ 250.025259][T10887] ? __pfx_swap_users_ref_free+0x10/0x10 [ 250.025288][T10887] percpu_ref_init+0xec/0x410 [ 250.025323][T10887] __do_sys_swapon+0x15a/0x3bd0 [ 250.025358][T10887] ? __pfx_do_futex+0x10/0x10 [ 250.025391][T10887] ? __pfx___might_resched+0x10/0x10 [ 250.025418][T10887] ? __x64_sys_futex+0x1e0/0x4c0 [ 250.025444][T10887] ? __x64_sys_futex+0x1e9/0x4c0 [ 250.025472][T10887] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 250.025504][T10887] ? __pfx___do_sys_swapon+0x10/0x10 [ 250.025539][T10887] do_syscall_64+0xcd/0x490 [ 250.025570][T10887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.025592][T10887] RIP: 0033:0x7f40c5b8ebe9 [ 250.025612][T10887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.025635][T10887] RSP: 002b:00007f40c6a0b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a7 [ 250.025660][T10887] RAX: ffffffffffffffda RBX: 00007f40c5db5fa0 RCX: 00007f40c5b8ebe9 [ 250.025677][T10887] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 250.025692][T10887] RBP: 00007f40c5c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 250.025708][T10887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.025722][T10887] R13: 00007f40c5db6038 R14: 00007f40c5db5fa0 R15: 00007ffde5d1c338 [ 250.025756][T10887] [ 250.405736][T10892] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2038'. [ 250.487013][T10895] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 250.967857][T10915] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 251.508753][T10943] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 251.894879][T10957] FAULT_INJECTION: forcing a failure. [ 251.894879][T10957] name failslab, interval 1, probability 0, space 0, times 0 [ 251.912912][T10957] CPU: 0 UID: 0 PID: 10957 Comm: syz.2.2065 Tainted: G U I syzkaller #0 PREEMPT(full) [ 251.912957][T10957] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 251.912967][T10957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 251.912982][T10957] Call Trace: [ 251.912991][T10957] [ 251.913001][T10957] dump_stack_lvl+0x16c/0x1f0 [ 251.913039][T10957] should_fail_ex+0x512/0x640 [ 251.913074][T10957] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 251.913109][T10957] should_failslab+0xc2/0x120 [ 251.913142][T10957] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 251.913174][T10957] ? key_alloc+0x3e0/0x1330 [ 251.913212][T10957] key_alloc+0x3e0/0x1330 [ 251.913254][T10957] ? rcu_is_watching+0x12/0xc0 [ 251.913280][T10957] ? __pfx_key_alloc+0x10/0x10 [ 251.913310][T10957] ? __kmalloc_noprof+0x242/0x510 [ 251.913348][T10957] keyring_alloc+0x44/0xc0 [ 251.913387][T10957] install_thread_keyring_to_cred+0xc1/0x140 [ 251.913422][T10957] keyctl_set_reqkey_keyring+0xcf/0x1c0 [ 251.913453][T10957] __do_sys_keyctl+0x6d/0x590 [ 251.913484][T10957] do_syscall_64+0xcd/0x490 [ 251.913519][T10957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.913544][T10957] RIP: 0033:0x7f40c5b8ebe9 [ 251.913565][T10957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.913588][T10957] RSP: 002b:00007f40c6a0b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 251.913612][T10957] RAX: ffffffffffffffda RBX: 00007f40c5db5fa0 RCX: 00007f40c5b8ebe9 [ 251.913629][T10957] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000e [ 251.913644][T10957] RBP: 00007f40c5c11e19 R08: 0000000000000008 R09: 0000000000000000 [ 251.913669][T10957] R10: 0000000000005eaf R11: 0000000000000246 R12: 0000000000000000 [ 251.913684][T10957] R13: 00007f40c5db6038 R14: 00007f40c5db5fa0 R15: 00007ffde5d1c338 [ 251.913719][T10957] [ 252.551304][T10973] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 252.738787][T10979] ACPI: Enabling force_remove is not supported anymore. Please report to linux-acpi@vger.kernel.org if you depend on this functionality [ 252.950768][ T30] audit: type=1804 audit(1756049018.987:12): pid=10985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2076" name="/newroot/495/file0" dev="tmpfs" ino=2523 res=1 errno=0 [ 253.018312][ T30] audit: type=1804 audit(1756049018.987:13): pid=10988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2076" name="/newroot/495/file0" dev="tmpfs" ino=2523 res=1 errno=0 [ 253.069944][ T30] audit: type=1800 audit(1756049018.987:14): pid=10985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2076" name="file0" dev="tmpfs" ino=2523 res=0 errno=0 [ 253.616959][T11017] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 254.091236][T11039] FAULT_INJECTION: forcing a failure. [ 254.091236][T11039] name failslab, interval 1, probability 0, space 0, times 0 [ 254.112005][T11039] CPU: 0 UID: 0 PID: 11039 Comm: syz.0.2098 Tainted: G U I syzkaller #0 PREEMPT(full) [ 254.112051][T11039] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 254.112061][T11039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 254.112076][T11039] Call Trace: [ 254.112085][T11039] [ 254.112094][T11039] dump_stack_lvl+0x16c/0x1f0 [ 254.112133][T11039] should_fail_ex+0x512/0x640 [ 254.112168][T11039] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 254.112198][T11039] should_failslab+0xc2/0x120 [ 254.112230][T11039] __kmalloc_cache_noprof+0x6a/0x3e0 [ 254.112258][T11039] ? __do_sys_memfd_create+0x17b/0x8a0 [ 254.112301][T11039] __do_sys_memfd_create+0x17b/0x8a0 [ 254.112341][T11039] do_syscall_64+0xcd/0x490 [ 254.112382][T11039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.112409][T11039] RIP: 0033:0x7f66ded8ebe9 [ 254.112437][T11039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.112461][T11039] RSP: 002b:00007f66dfb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 254.112485][T11039] RAX: ffffffffffffffda RBX: 00007f66defb5fa0 RCX: 00007f66ded8ebe9 [ 254.112503][T11039] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 254.112518][T11039] RBP: 00007f66dee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 254.112533][T11039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.112547][T11039] R13: 00007f66defb6038 R14: 00007f66defb5fa0 R15: 00007ffca053bf58 [ 254.112581][T11039] [ 254.665070][T11061] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbin/getty': Structure needs cleaning [ 254.956702][T11071] nbd: socks must be embedded in a SOCK_ITEM attr [ 254.970908][T11071] block nbd2: shutting down sockets [ 255.720667][T11100] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries [ 255.751402][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.759206][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 can't run '/sbi[ 255.824570][T11103] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 255.847703][T11104] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 256.304758][ T5860] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 256.784298][T11131] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 257.290538][T11146] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2141'. [ 257.839190][T11162] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 258.348789][T11181] binder: BINDER_SET_CONTEXT_MGR already set [ 258.360138][T11181] binder: 11179:11181 ioctl 4018620d 9 returned -16 [ 258.898000][T11203] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 259.747794][T11222] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2171'. [ 259.971791][T11226] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries [ 260.005300][T11228] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries can't run '/sbin/getty': Structure needs cleaning [ 260.107711][T11234] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 260.164136][T11235] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 260.456216][T11243] binder: BINDER_SET_CONTEXT_MGR already set [ 260.473556][T11243] binder: 11242:11243 ioctl 4018620d 9 returned -16 [ 261.038360][T11267] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 262.109413][T11292] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 262.216998][ T59] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.529152][ T59] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.728543][ T59] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.785497][ C1] bridge0: port 3(macvlan0) entered forwarding state [ 262.793593][ C1] bridge0: topology change detected, propagating [ 262.975749][ T59] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.992596][ T5864] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 263.006021][ T5864] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 263.015691][ T5864] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 263.025116][ T5864] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 263.038510][ T5864] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 263.156569][T11315] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 263.460948][T11318] program syz.0.2208 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 263.597941][T11320] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 263.659328][ T59] bridge_slave_1: left allmulticast mode [ 263.677680][ T59] bridge_slave_1: left promiscuous mode [ 263.706629][T11322] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 263.710264][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.786971][ T59] bridge_slave_0: left allmulticast mode [ 263.798123][ T59] bridge_slave_0: left promiscuous mode [ 263.805033][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.898117][T11328] FAULT_INJECTION: forcing a failure. [ 263.898117][T11328] name failslab, interval 1, probability 0, space 0, times 0 [ 263.915451][T11328] CPU: 0 UID: 0 PID: 11328 Comm: syz.0.2211 Tainted: G U I syzkaller #0 PREEMPT(full) [ 263.915500][T11328] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 263.915511][T11328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 263.915526][T11328] Call Trace: [ 263.915534][T11328] [ 263.915544][T11328] dump_stack_lvl+0x16c/0x1f0 [ 263.915584][T11328] should_fail_ex+0x512/0x640 [ 263.915620][T11328] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 263.915658][T11328] should_failslab+0xc2/0x120 [ 263.915694][T11328] __kmalloc_cache_noprof+0x6a/0x3e0 [ 263.915722][T11328] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 263.915751][T11328] ? kasan_save_track+0x14/0x30 [ 263.915786][T11328] snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 263.915823][T11328] ? __mutex_lock+0x1c5/0x1060 [ 263.915863][T11328] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 263.915892][T11328] ? __pfx___mutex_lock+0x10/0x10 [ 263.915934][T11328] ? __fsnotify_parent+0x24b/0xc40 [ 263.915974][T11328] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 263.916002][T11328] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 263.916026][T11328] snd_pcm_oss_sync+0x1de/0x840 [ 263.916056][T11328] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 263.916082][T11328] snd_pcm_oss_release+0x28b/0x310 [ 263.916110][T11328] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 263.916135][T11328] __fput+0x402/0xb70 [ 263.916179][T11328] task_work_run+0x14d/0x240 [ 263.916219][T11328] ? __pfx_task_work_run+0x10/0x10 [ 263.916258][T11328] ? __pfx___do_sys_close_range+0x10/0x10 [ 263.916296][T11328] exit_to_user_mode_loop+0xeb/0x110 [ 263.916336][T11328] do_syscall_64+0x3f6/0x490 [ 263.916374][T11328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.916399][T11328] RIP: 0033:0x7f66ded8ebe9 [ 263.916421][T11328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.916445][T11328] RSP: 002b:00007f66dfb91038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 263.916470][T11328] RAX: 0000000000000000 RBX: 00007f66defb5fa0 RCX: 00007f66ded8ebe9 [ 263.916486][T11328] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 [ 263.916502][T11328] RBP: 00007f66dee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 263.916518][T11328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 263.916533][T11328] R13: 00007f66defb6038 R14: 00007f66defb5fa0 R15: 00007ffca053bf58 [ 263.916568][T11328] [ 264.257774][T11331] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 264.389121][ T3471] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 3583 with max blocks 1 with error 117 [ 264.450790][ T3471] EXT4-fs (sda1): This should not happen!! Data will be lost [ 264.450790][ T3471] [ 264.493736][ T3471] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1477 with max blocks 1 with error 117 [ 264.508974][ T3471] EXT4-fs (sda1): This should not happen!! Data will be lost [ 264.508974][ T3471] [ 264.614891][ T3471] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1 with max blocks 1 with error 117 [ 264.632883][ T3471] EXT4-fs (sda1): This should not happen!! Data will be lost [ 264.632883][ T3471] [ 265.108142][ T5864] Bluetooth: hci3: command tx timeout [ 265.167871][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 265.180198][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 265.194371][ T59] bond0 (unregistering): Released all slaves [ 265.286749][T11343] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 265.441297][T11345] bridge0: port 3(bond0) entered blocking state [ 265.463836][T11345] bridge0: port 3(bond0) entered disabled state [ 265.482814][T11345] bond0: entered allmulticast mode [ 265.494594][T11345] bond_slave_0: entered allmulticast mode [ 265.501907][T11345] bond_slave_1: entered allmulticast mode [ 265.512029][T11345] bond0: entered promiscuous mode [ 265.518148][T11345] bond_slave_0: entered promiscuous mode [ 265.526295][T11345] bond_slave_1: entered promiscuous mode [ 265.534490][T11345] bridge0: port 3(bond0) entered blocking state [ 265.542170][T11345] bridge0: port 3(bond0) entered listening state [ 265.562628][T11353] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries [ 265.601760][T11354] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 265.622511][T11355] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 265.746995][T11307] chnl_net:caif_netlink_parms(): no params data found [ 265.906050][ T59] hsr_slave_0: left promiscuous mode [ 265.922807][ T59] hsr_slave_1: left promiscuous mode [ 265.932295][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 265.955456][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 265.978657][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 266.013965][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 266.067357][ T59] veth1_macvtap: left promiscuous mode [ 266.074024][ T59] veth0_macvtap: left promiscuous mode [ 266.093652][ T59] veth1_vlan: left promiscuous mode [ 266.111065][ T59] veth0_vlan: left promiscuous mode [ 266.351734][T11379] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 266.684412][ T59] team0 (unregistering): Port device team_slave_1 removed [ 266.723613][ T59] team0 (unregistering): Port device team_slave_0 removed [ 267.074821][T11380] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 267.096947][T11383] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 267.159099][T11307] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.168798][T11307] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.178662][T11307] bridge_slave_0: entered allmulticast mode [ 267.186438][ T5864] Bluetooth: hci3: command tx timeout [ 267.195943][T11307] bridge_slave_0: entered promiscuous mode [ 267.205949][T11307] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.214533][T11307] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.223482][T11307] bridge_slave_1: entered allmulticast mode [ 267.232993][T11307] bridge_slave_1: entered promiscuous mode [ 267.367183][T11307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.392422][T11394] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries [ 267.393831][T11307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link can't run '/sbi[ 267.459557][T11397] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 267.565335][T11307] team0: Port device team_slave_0 added [ 267.588820][T11307] team0: Port device team_slave_1 added [ 267.703114][T11307] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.721927][T11307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.770870][T11307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.799701][T11307] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.809906][T11307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.841910][T11307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.990835][T11307] hsr_slave_0: entered promiscuous mode [ 268.009825][T11307] hsr_slave_1: entered promiscuous mode [ 268.020959][T11307] debugfs: 'hsr0' already exists in 'hsr' [ 268.028261][T11307] Cannot create hsr debugfs directory can't run '/sbi[ 268.560745][T11307] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 268.594123][T11307] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 268.644485][T11307] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 268.680618][T11307] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 268.914730][T11307] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.940174][T11307] 8021q: adding VLAN 0 to HW filter on device team0 [ 268.959544][ T3471] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.968122][ T3471] bridge0: port 1(bridge_slave_0) entered forwarding state [ 268.986138][ T9917] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.994771][ T9917] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.076660][T11307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 269.133559][T11307] veth0_vlan: entered promiscuous mode [ 269.148141][T11307] veth1_vlan: entered promiscuous mode [ 269.178274][T11307] veth0_macvtap: entered promiscuous mode [ 269.189521][T11307] veth1_macvtap: entered promiscuous mode [ 269.209463][T11307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 269.226814][T11307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 269.243674][ T9917] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.258962][ T9917] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.265822][ T5864] Bluetooth: hci3: command tx timeout [ 269.271649][ T9917] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.287459][ T9917] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.358515][ T9917] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.372794][ T9917] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.402343][ T9917] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.412134][ T9917] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.477020][T11455] EXT4-fs error: 16 callbacks suppressed [ 269.477039][T11455] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 269.563725][T11462] FAULT_INJECTION: forcing a failure. [ 269.563725][T11462] name fail_futex, interval 1, probability 0, space 0, times 0 [ 269.606133][T11462] CPU: 1 UID: 0 PID: 11462 Comm: syz.4.2200 Tainted: G U I syzkaller #0 PREEMPT(full) [ 269.606176][T11462] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 269.606186][T11462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 269.606200][T11462] Call Trace: [ 269.606207][T11462] [ 269.606216][T11462] dump_stack_lvl+0x16c/0x1f0 [ 269.606261][T11462] should_fail_ex+0x512/0x640 [ 269.606300][T11462] get_futex_key+0x1d0/0x1560 [ 269.606334][T11462] ? __pfx_get_futex_key+0x10/0x10 [ 269.606359][T11462] ? __mutex_trylock_common+0xe9/0x250 [ 269.606399][T11462] futex_wake+0xea/0x530 [ 269.606441][T11462] ? __pfx_futex_wake+0x10/0x10 [ 269.606488][T11462] do_futex+0x1e3/0x350 [ 269.606516][T11462] ? __pfx_do_futex+0x10/0x10 [ 269.606542][T11462] ? __might_fault+0xe3/0x190 [ 269.606577][T11462] mm_release+0x24e/0x300 [ 269.606605][T11462] do_exit+0x68e/0x2bf0 [ 269.606642][T11462] ? __pfx_do_exit+0x10/0x10 [ 269.606673][T11462] ? do_raw_spin_lock+0x12c/0x2b0 [ 269.606705][T11462] ? find_held_lock+0x2b/0x80 [ 269.606733][T11462] do_group_exit+0xd3/0x2a0 [ 269.606793][T11462] get_signal+0x2673/0x26d0 [ 269.606833][T11462] ? __pfx_get_signal+0x10/0x10 [ 269.606858][T11462] ? do_futex+0x122/0x350 [ 269.606887][T11462] ? __pfx_do_futex+0x10/0x10 [ 269.606919][T11462] arch_do_signal_or_restart+0x8f/0x790 [ 269.606950][T11462] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 269.606991][T11462] ? syscall_user_dispatch+0x78/0x140 [ 269.607031][T11462] exit_to_user_mode_loop+0x84/0x110 [ 269.607066][T11462] do_syscall_64+0x3f6/0x490 [ 269.607099][T11462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.607123][T11462] RIP: 0033:0x7f38d678ebe9 [ 269.607142][T11462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.607164][T11462] RSP: 002b:00007f38d756f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 269.607186][T11462] RAX: fffffffffffffe00 RBX: 00007f38d69b5fa8 RCX: 00007f38d678ebe9 [ 269.607202][T11462] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f38d69b5fa8 [ 269.607216][T11462] RBP: 00007f38d69b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 269.607231][T11462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.607245][T11462] R13: 00007f38d69b6038 R14: 00007ffe139aa110 R15: 00007ffe139aa1f8 [ 269.607279][T11462] [ 270.108617][T11474] FAULT_INJECTION: forcing a failure. [ 270.108617][T11474] name failslab, interval 1, probability 0, space 0, times 0 [ 270.133095][T11474] CPU: 1 UID: 0 PID: 11474 Comm: syz.0.2251 Tainted: G U I syzkaller #0 PREEMPT(full) [ 270.133140][T11474] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 270.133152][T11474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 270.133168][T11474] Call Trace: [ 270.133177][T11474] [ 270.133187][T11474] dump_stack_lvl+0x16c/0x1f0 [ 270.133228][T11474] should_fail_ex+0x512/0x640 [ 270.133262][T11474] ? fs_reclaim_acquire+0xae/0x150 [ 270.133301][T11474] should_failslab+0xc2/0x120 [ 270.133332][T11474] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 270.133362][T11474] ? __lock_acquire+0xb97/0x1ce0 [ 270.133393][T11474] ? ext4_init_io_end+0x24/0x170 [ 270.133423][T11474] ext4_init_io_end+0x24/0x170 [ 270.133448][T11474] ext4_do_writepages+0x9e7/0x3cf0 [ 270.133488][T11474] ? lock_acquire+0x179/0x350 [ 270.133539][T11474] ? __pfx_ext4_do_writepages+0x10/0x10 [ 270.133592][T11474] ? ext4_writepages+0x37a/0x7d0 [ 270.133625][T11474] ext4_writepages+0x37a/0x7d0 [ 270.133659][T11474] ? __pfx_ext4_writepages+0x10/0x10 [ 270.133713][T11474] ? __pfx_ext4_writepages+0x10/0x10 [ 270.133761][T11474] do_writepages+0x27a/0x600 [ 270.133791][T11474] ? __pfx_do_writepages+0x10/0x10 [ 270.133814][T11474] ? do_raw_spin_unlock+0x172/0x230 [ 270.133852][T11474] ? _raw_spin_unlock+0x28/0x50 [ 270.133883][T11474] filemap_fdatawrite_wbc+0x104/0x160 [ 270.133912][T11474] __filemap_fdatawrite_range+0xb9/0x100 [ 270.133944][T11474] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 270.134033][T11474] file_write_and_wait_range+0xca/0x140 [ 270.134069][T11474] ext4_sync_file+0x310/0xf10 [ 270.134101][T11474] ? __pfx___up_read+0x10/0x10 [ 270.134135][T11474] ? __pfx_ext4_sync_file+0x10/0x10 [ 270.134161][T11474] vfs_fsync_range+0x139/0x220 [ 270.134193][T11474] __do_sys_msync+0x3cb/0x5c0 [ 270.134229][T11474] do_syscall_64+0xcd/0x490 [ 270.134264][T11474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.134288][T11474] RIP: 0033:0x7f66ded8ebe9 [ 270.134308][T11474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.134332][T11474] RSP: 002b:00007f66dfb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 270.134356][T11474] RAX: ffffffffffffffda RBX: 00007f66defb5fa0 RCX: 00007f66ded8ebe9 [ 270.134372][T11474] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000 [ 270.134388][T11474] RBP: 00007f66dee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 270.134402][T11474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.134416][T11474] R13: 00007f66defb6038 R14: 00007f66defb5fa0 R15: 00007ffca053bf58 [ 270.134451][T11474] [ 270.598904][T11478] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbin/getty': Structure needs cleaning [ 271.355609][ T5864] Bluetooth: hci3: command tx timeout [ 271.690764][T11510] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbin/getty': Structure needs cleaning [ 272.757810][T11549] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 272.981792][T11560] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64 [ 273.032543][T11560] audit: out of memory in audit_log_start [ 273.070663][T11561] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 273.095815][T11562] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 273.143780][T11565] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries [ 273.829509][T11590] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 274.358178][T11610] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2309'. [ 274.880256][T11621] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1277: comm init: corrupted xattr entries can't run '/sbi[ 275.220952][T11634] Console: switching to colour VGA+ 80x25 [ 275.289508][T11634] ================================================================== [ 275.289529][T11634] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 275.289572][T11634] Read of size 126 at addr ffff888028ed7bae by task syz.1.2319/11634 [ 275.289595][T11634] [ 275.289611][T11634] CPU: 0 UID: 0 PID: 11634 Comm: syz.1.2319 Tainted: G U I syzkaller #0 PREEMPT(full) [ 275.289652][T11634] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 275.289663][T11634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 275.289678][T11634] Call Trace: [ 275.289686][T11634] [ 275.289696][T11634] dump_stack_lvl+0x116/0x1f0 [ 275.289732][T11634] print_report+0xcd/0x630 [ 275.289765][T11634] ? __virt_addr_valid+0x81/0x610 [ 275.289795][T11634] ? __phys_addr+0xe8/0x180 [ 275.289826][T11634] ? fbcon_prepare_logo+0xa03/0xc70 [ 275.289857][T11634] kasan_report+0xe0/0x110 [ 275.289891][T11634] ? fbcon_prepare_logo+0xa03/0xc70 [ 275.289928][T11634] kasan_check_range+0x100/0x1b0 [ 275.289966][T11634] __asan_memcpy+0x23/0x60 [ 275.289992][T11634] fbcon_prepare_logo+0xa03/0xc70 [ 275.290029][T11634] fbcon_init+0xd77/0x1900 [ 275.290061][T11634] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 275.290089][T11634] visual_init+0x320/0x620 [ 275.290118][T11634] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 275.290155][T11634] store_bind+0x61d/0x760 [ 275.290187][T11634] ? sysfs_file_kobj+0xe4/0x290 [ 275.290214][T11634] ? __pfx_store_bind+0x10/0x10 [ 275.290244][T11634] dev_attr_store+0x55/0x80 [ 275.290280][T11634] ? __pfx_dev_attr_store+0x10/0x10 [ 275.290315][T11634] sysfs_kf_write+0xf2/0x150 [ 275.290343][T11634] kernfs_fop_write_iter+0x354/0x510 [ 275.290366][T11634] ? __pfx_sysfs_kf_write+0x10/0x10 [ 275.290395][T11634] iter_file_splice_write+0xa24/0x12e0 [ 275.290439][T11634] ? __pfx_iter_file_splice_write+0x10/0x10 [ 275.290470][T11634] ? __pfx_copy_splice_read+0x10/0x10 [ 275.290506][T11634] ? __pfx_iter_file_splice_write+0x10/0x10 [ 275.290535][T11634] direct_splice_actor+0x18f/0x6c0 [ 275.290563][T11634] splice_direct_to_actor+0x345/0xa30 [ 275.290590][T11634] ? __pfx_direct_splice_actor+0x10/0x10 [ 275.290619][T11634] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 275.290650][T11634] do_splice_direct+0x174/0x240 [ 275.290676][T11634] ? __pfx_do_splice_direct+0x10/0x10 [ 275.290702][T11634] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 275.290731][T11634] ? rw_verify_area+0xcf/0x6c0 [ 275.290757][T11634] do_sendfile+0xb06/0xe50 [ 275.290786][T11634] ? __pfx_do_sendfile+0x10/0x10 [ 275.290816][T11634] ? __x64_sys_futex+0x1e0/0x4c0 [ 275.290847][T11634] ? __x64_sys_futex+0x1e9/0x4c0 [ 275.290880][T11634] __x64_sys_sendfile64+0x1d8/0x220 [ 275.290914][T11634] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 275.290954][T11634] do_syscall_64+0xcd/0x490 [ 275.290989][T11634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.291015][T11634] RIP: 0033:0x7f84f978ebe9 [ 275.291036][T11634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.291063][T11634] RSP: 002b:00007f84fa63b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 275.291088][T11634] RAX: ffffffffffffffda RBX: 00007f84f99b5fa0 RCX: 00007f84f978ebe9 [ 275.291108][T11634] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 275.291124][T11634] RBP: 00007f84f9811e19 R08: 0000000000000000 R09: 0000000000000000 [ 275.291140][T11634] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 275.291156][T11634] R13: 00007f84f99b6038 R14: 00007f84f99b5fa0 R15: 00007ffc11058ef8 [ 275.291181][T11634] [ 275.291191][T11634] [ 275.291197][T11634] Allocated by task 5861: [ 275.291210][T11634] kasan_save_stack+0x33/0x60 [ 275.291238][T11634] kasan_save_track+0x14/0x30 [ 275.291265][T11634] __kasan_kmalloc+0xaa/0xb0 [ 275.291292][T11634] batadv_hard_if_event+0xb13/0x1550 [ 275.291322][T11634] notifier_call_chain+0xbc/0x410 [ 275.291353][T11634] call_netdevice_notifiers_info+0xbe/0x140 [ 275.291395][T11634] register_netdevice+0x182e/0x2270 [ 275.291437][T11634] veth_newlink+0x30f/0xa00 [ 275.291467][T11634] rtnl_newlink+0xc45/0x2000 [ 275.291499][T11634] rtnetlink_rcv_msg+0x95e/0xe90 [ 275.291533][T11634] netlink_rcv_skb+0x155/0x420 [ 275.291566][T11634] netlink_unicast+0x5aa/0x870 [ 275.291597][T11634] netlink_sendmsg+0x8d1/0xdd0 [ 275.291628][T11634] __sys_sendto+0x4a3/0x520 [ 275.291655][T11634] __x64_sys_sendto+0xe0/0x1c0 [ 275.291679][T11634] do_syscall_64+0xcd/0x490 [ 275.291709][T11634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.291733][T11634] [ 275.291739][T11634] The buggy address belongs to the object at ffff888028ed7800 [ 275.291739][T11634] which belongs to the cache kmalloc-1k of size 1024 [ 275.291759][T11634] The buggy address is located 86 bytes to the right of [ 275.291759][T11634] allocated 856-byte region [ffff888028ed7800, ffff888028ed7b58) [ 275.291785][T11634] [ 275.291792][T11634] The buggy address belongs to the physical page: [ 275.291810][T11634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28ed0 [ 275.291847][T11634] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 275.291867][T11634] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 275.291890][T11634] page_type: f5(slab) [ 275.291916][T11634] raw: 00fff00000000040 ffff88801b841dc0 ffffea0000ccf200 dead000000000002 [ 275.291948][T11634] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 275.291973][T11634] head: 00fff00000000040 ffff88801b841dc0 ffffea0000ccf200 dead000000000002 [ 275.291998][T11634] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 275.292030][T11634] head: 00fff00000000003 ffffea0000a3b401 00000000ffffffff 00000000ffffffff [ 275.292053][T11634] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 275.292069][T11634] page dumped because: kasan: bad access detected [ 275.292085][T11634] page_owner tracks the page as allocated [ 275.292093][T11634] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 987, tgid 987 (kworker/u8:5), ts 12634330557, free_ts 0 [ 275.292137][T11634] post_alloc_hook+0x1c0/0x230 [ 275.292162][T11634] get_page_from_freelist+0x132b/0x38e0 [ 275.292203][T11634] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 275.292233][T11634] new_slab+0x94/0x330 [ 275.292255][T11634] ___slab_alloc+0xcf2/0x1740 [ 275.292283][T11634] __slab_alloc.constprop.0+0x56/0xb0 [ 275.292307][T11634] __kmalloc_cache_node_noprof+0x100/0x420 [ 275.292335][T11634] blk_mq_alloc_and_init_hctx+0x639/0x11c0 [ 275.292372][T11634] __blk_mq_realloc_hw_ctxs+0x495/0x610 [ 275.292408][T11634] blk_mq_init_allocated_queue+0x3af/0x1240 [ 275.292445][T11634] blk_mq_alloc_queue+0x1bb/0x280 [ 275.292491][T11634] scsi_alloc_sdev+0x888/0xd70 [ 275.292520][T11634] scsi_probe_and_add_lun+0x76b/0xd80 [ 275.292550][T11634] __scsi_scan_target+0x1e8/0x580 [ 275.292580][T11634] scsi_scan_channel+0x149/0x1e0 [ 275.292608][T11634] scsi_scan_host_selected+0x302/0x400 [ 275.292638][T11634] page_owner free stack trace missing [ 275.292646][T11634] [ 275.292652][T11634] Memory state around the buggy address: [ 275.292664][T11634] ffff888028ed7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 275.292682][T11634] ffff888028ed7b00: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc [ 275.292699][T11634] >ffff888028ed7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 275.292714][T11634] ^ [ 275.292727][T11634] ffff888028ed7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 275.292745][T11634] ffff888028ed7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 275.292759][T11634] ================================================================== [ 275.303665][T11634] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 275.303691][T11634] CPU: 0 UID: 0 PID: 11634 Comm: syz.1.2319 Tainted: G U I syzkaller #0 PREEMPT(full) [ 275.303733][T11634] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 275.303744][T11634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 275.303760][T11634] Call Trace: [ 275.303769][T11634] [ 275.303780][T11634] dump_stack_lvl+0x3d/0x1f0 [ 275.303817][T11634] vpanic+0x6e8/0x7a0 [ 275.303855][T11634] ? __pfx_vpanic+0x10/0x10 [ 275.303895][T11634] ? fbcon_prepare_logo+0xa03/0xc70 [ 275.303928][T11634] panic+0xca/0xd0 [ 275.303962][T11634] ? __pfx_panic+0x10/0x10 [ 275.303998][T11634] ? fbcon_prepare_logo+0xa03/0xc70 [ 275.304029][T11634] ? preempt_schedule_common+0x44/0xc0 [ 275.304062][T11634] ? preempt_schedule_thunk+0x16/0x30 [ 275.304100][T11634] check_panic_on_warn+0xab/0xb0 [ 275.304137][T11634] end_report+0x107/0x170 [ 275.304170][T11634] kasan_report+0xee/0x110 [ 275.304200][T11634] ? fbcon_prepare_logo+0xa03/0xc70 [ 275.304237][T11634] kasan_check_range+0x100/0x1b0 [ 275.304275][T11634] __asan_memcpy+0x23/0x60 [ 275.304306][T11634] fbcon_prepare_logo+0xa03/0xc70 [ 275.304347][T11634] fbcon_init+0xd77/0x1900 [ 275.304382][T11634] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 275.304411][T11634] visual_init+0x320/0x620 [ 275.304448][T11634] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 275.304488][T11634] store_bind+0x61d/0x760 [ 275.304522][T11634] ? sysfs_file_kobj+0xe4/0x290 [ 275.304552][T11634] ? __pfx_store_bind+0x10/0x10 [ 275.304582][T11634] dev_attr_store+0x55/0x80 [ 275.304618][T11634] ? __pfx_dev_attr_store+0x10/0x10 [ 275.304655][T11634] sysfs_kf_write+0xf2/0x150 [ 275.304685][T11634] kernfs_fop_write_iter+0x354/0x510 [ 275.304710][T11634] ? __pfx_sysfs_kf_write+0x10/0x10 [ 275.304740][T11634] iter_file_splice_write+0xa24/0x12e0 [ 275.304779][T11634] ? __pfx_iter_file_splice_write+0x10/0x10 [ 275.304811][T11634] ? __pfx_copy_splice_read+0x10/0x10 [ 275.304845][T11634] ? __pfx_iter_file_splice_write+0x10/0x10 [ 275.304875][T11634] direct_splice_actor+0x18f/0x6c0 [ 275.304904][T11634] splice_direct_to_actor+0x345/0xa30 [ 275.304933][T11634] ? __pfx_direct_splice_actor+0x10/0x10 [ 275.304963][T11634] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 275.304995][T11634] do_splice_direct+0x174/0x240 [ 275.305022][T11634] ? __pfx_do_splice_direct+0x10/0x10 [ 275.305049][T11634] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 275.305079][T11634] ? rw_verify_area+0xcf/0x6c0 [ 275.305107][T11634] do_sendfile+0xb06/0xe50 [ 275.305137][T11634] ? __pfx_do_sendfile+0x10/0x10 [ 275.305168][T11634] ? __x64_sys_futex+0x1e0/0x4c0 [ 275.305199][T11634] ? __x64_sys_futex+0x1e9/0x4c0 [ 275.305234][T11634] __x64_sys_sendfile64+0x1d8/0x220 [ 275.305270][T11634] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 275.305309][T11634] do_syscall_64+0xcd/0x490 [ 275.305345][T11634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.305371][T11634] RIP: 0033:0x7f84f978ebe9 [ 275.305390][T11634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.305413][T11634] RSP: 002b:00007f84fa63b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 275.305444][T11634] RAX: ffffffffffffffda RBX: 00007f84f99b5fa0 RCX: 00007f84f978ebe9 [ 275.305461][T11634] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 275.305476][T11634] RBP: 00007f84f9811e19 R08: 0000000000000000 R09: 0000000000000000 [ 275.305490][T11634] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 275.305504][T11634] R13: 00007f84f99b6038 R14: 00007f84f99b5fa0 R15: 00007ffc11058ef8 [ 275.305528][T11634] [ 275.305668][T11634] Kernel Offset: disabled