last executing test programs: 2.29778336s ago: executing program 2 (id=10287): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x3, 0x0, 0x7) 2.150943762s ago: executing program 2 (id=10290): r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, 0x0) 1.689703201s ago: executing program 2 (id=10295): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x1c, r1, 0x99bc9625bdb7e757, 0x70bd2c, 0x25dfdc03, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x10) 1.523001192s ago: executing program 2 (id=10298): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x700fdef) 1.31586263s ago: executing program 1 (id=10303): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x52) write$auto(0x3, 0x0, 0xfdf3) 1.119037946s ago: executing program 2 (id=10306): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/034/001\x00', 0x40001, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000001040)={0x80, 0x6, 0xf00, 0x1, 0x105, 0x0, 0x0}) 1.100308891s ago: executing program 1 (id=10307): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="010025bdf000fedbdf257500000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0xc1}, 0x90) 1.068023133s ago: executing program 3 (id=10309): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd6a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_AGGR_MAX_FRAMES={0x8, 0x1b, 0x7}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4089c}, 0x0) 920.904786ms ago: executing program 3 (id=10311): fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 812.256593ms ago: executing program 0 (id=10312): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r1, 0x5382, r0) 796.681717ms ago: executing program 1 (id=10313): socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket(0x2, 0x2, 0x0) setsockopt$auto(0x4, 0x0, 0x480, 0xfffffffffffffffe, 0x0) 753.276948ms ago: executing program 3 (id=10314): mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000) io_uring_setup$auto(0x401, 0x0) r0 = socket(0xa, 0x3, 0x3a) ioctl$auto(r0, 0x8936, 0x1) 654.080493ms ago: executing program 0 (id=10315): sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000004080)={0x0, 0x0, &(0x7f0000004040)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="010200f787a64e595ed433"], 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x80) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0x7b2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) 641.786627ms ago: executing program 2 (id=10316): syz_clone3(&(0x7f0000000100)={0x2100000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r0, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 603.690744ms ago: executing program 3 (id=10317): socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) setsockopt$auto(0x400000000000003, 0x29, 0x39, 0xffffffffffffffff, 0x0) 549.152454ms ago: executing program 1 (id=10318): mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c08, 0x0) 511.011652ms ago: executing program 0 (id=10319): close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @loopback}, 0x3) 399.495439ms ago: executing program 0 (id=10320): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002800)={0x20, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r1}, @WGDEVICE_A_PEERS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000011}, 0x810) 299.563813ms ago: executing program 1 (id=10321): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0x2, 0x1, 0x0) capset$auto(0x0, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) 256.055699ms ago: executing program 0 (id=10322): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x12, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000006, 0x7, 0x8, 0x5, 0x1000, 0x42, 0x8001, 0x1, 0x60, 0x40000102}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 167.49682ms ago: executing program 3 (id=10323): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x4a, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r0, 0x4, &(0x7f0000000040)='-%\xe0\x00', &(0x7f0000000080), 0x80) 51.101781ms ago: executing program 0 (id=10324): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}, @ETHTOOL_A_COALESCE_TX_USECS={0x8, 0x6, 0x9}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x800) 11.468488ms ago: executing program 3 (id=10325): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0xffc, 0x8, 0x80000000000000a, 0x0, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 0s ago: executing program 1 (id=10326): mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan1\x00'}) r0 = socket(0x2, 0xa, 0x0) sendmmsg$auto(r0, &(0x7f00000000c0)={{&(0x7f0000000000), 0xd1, &(0x7f0000000080)={0x0, 0x5ea}, 0x1, 0x0, 0x24, 0xaf23}, 0x6}, 0x5, 0x1997b23d) kernel console output (not intermixed with test programs): m eth0 [ 89.881960][ T6184] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 89.892767][ T6184] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 89.906516][ T6184] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.004840][ T6181] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.052474][ T6181] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.089413][ T3580] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.096748][ T3580] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.116092][ T6179] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.138861][ T3580] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.145983][ T3580] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.186789][ T6179] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.211999][ T6188] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.233303][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.240442][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.257467][ T6184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.276987][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.284185][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.311730][ T6188] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.324491][ T6184] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.350284][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.357536][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.368054][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.375272][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.402950][ T3580] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.410094][ T3580] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.421688][ T3580] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.428930][ T3580] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.673482][ T6183] Bluetooth: hci0: command tx timeout [ 90.679387][ T5154] Bluetooth: hci1: command tx timeout [ 90.751293][ T6183] Bluetooth: hci2: command tx timeout [ 90.812975][ T6181] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.829067][ T6183] Bluetooth: hci3: command tx timeout [ 90.961022][ T6181] veth0_vlan: entered promiscuous mode [ 91.009624][ T6181] veth1_vlan: entered promiscuous mode [ 91.070793][ T6188] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.095044][ T6184] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.112218][ T6181] veth0_macvtap: entered promiscuous mode [ 91.124753][ T6179] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.136154][ T6181] veth1_macvtap: entered promiscuous mode [ 91.187807][ T6181] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.212816][ T6181] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.246659][ T50] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.257077][ T50] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.272361][ T6188] veth0_vlan: entered promiscuous mode [ 91.279259][ T50] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.296221][ T50] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.322545][ T6179] veth0_vlan: entered promiscuous mode [ 91.341117][ T6188] veth1_vlan: entered promiscuous mode [ 91.348442][ T6184] veth0_vlan: entered promiscuous mode [ 91.376823][ T6184] veth1_vlan: entered promiscuous mode [ 91.384395][ T6179] veth1_vlan: entered promiscuous mode [ 91.457276][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.467420][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.513200][ T6188] veth0_macvtap: entered promiscuous mode [ 91.526668][ T3580] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.527927][ T6188] veth1_macvtap: entered promiscuous mode [ 91.542004][ T3580] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.564626][ T6184] veth0_macvtap: entered promiscuous mode [ 91.589723][ T6179] veth0_macvtap: entered promiscuous mode [ 91.605015][ T6184] veth1_macvtap: entered promiscuous mode [ 91.632953][ T6179] veth1_macvtap: entered promiscuous mode [ 91.644645][ T6188] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.689484][ T6188] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.700811][ T6184] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.744381][ T50] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.762413][ T6179] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.778816][ T50] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.787615][ T50] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.812886][ T6184] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.828301][ T50] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.861933][ T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.875631][ T50] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.920864][ T6179] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.939508][ T50] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.955657][ T50] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.020203][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.031552][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.053093][ T10] cfg80211: failed to load regulatory.db [ 92.060413][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.092785][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.221639][ T3652] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.240000][ T3652] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.321867][ T4896] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.357250][ T4896] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.417311][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.435126][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.471579][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.508235][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.542554][ T3580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.567875][ T3580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.705747][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.748539][ T5154] Bluetooth: hci1: command tx timeout [ 92.752607][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.754502][ T6183] Bluetooth: hci0: command tx timeout [ 92.829390][ T6183] Bluetooth: hci2: command tx timeout [ 92.909131][ T6183] Bluetooth: hci3: command tx timeout [ 94.053895][ T6332] Unable to find swap-space signature [ 94.674087][ T6355] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.831462][ T5154] Bluetooth: hci1: command tx timeout [ 94.836959][ T6183] Bluetooth: hci0: command tx timeout [ 94.908945][ T6183] Bluetooth: hci2: command tx timeout [ 94.988697][ T6183] Bluetooth: hci3: command tx timeout [ 95.833257][ T6406] syz.2.357 (6406): attempted to duplicate a private mapping with mremap. This is not supported. [ 96.654145][ T6444] Unable to find swap-space signature [ 97.386531][ T6472] Unable to find swap-space signature [ 98.344639][ T6512] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 99.377226][ T30] audit: type=1800 audit(1767048356.219:2): pid=6556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.429" name="dbroot" dev="configfs" ino=10724 res=0 errno=0 [ 100.782050][ T6616] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 102.139647][ T30] audit: type=1800 audit(1767048358.989:3): pid=6676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.488" name="dbroot" dev="configfs" ino=10957 res=0 errno=0 [ 103.200626][ T6721] nfs: Bad value for 'source' [ 103.671544][ T6743] syz.0.519 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 103.797770][ T30] audit: type=1800 audit(1767048360.639:4): pid=6749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.523" name="dummy_udc" dev="gadgetfs" ino=8534 res=0 errno=0 [ 107.704799][ T6933] ptrace attach of "./syz-executor exec"[6181] was attempted by "./syz-executor exec"[6933] [ 108.012278][ T6946] futex_wake_op: syz.3.613 tries to shift op by -1; fix this program [ 111.716987][ T6183] Bluetooth: hci2: unexpected event 0x33 length: 124 > 10 [ 119.127626][ T7350] ======================================================= [ 119.127626][ T7350] WARNING: The mand mount option has been deprecated and [ 119.127626][ T7350] and is ignored by this kernel. Remove the mand [ 119.127626][ T7350] option from the mount to silence this warning. [ 119.127626][ T7350] ======================================================= [ 120.193447][ T7377] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 120.233762][ T30] audit: type=1800 audit(1767048377.079:5): pid=7380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.813" name="dbroot" dev="configfs" ino=12897 res=0 errno=0 [ 121.063879][ T7411] syz_tun: tun_chr_ioctl cmd 1074025672 [ 121.089524][ T7411] syz_tun: ignored: set checksum disabled [ 121.214137][ T30] audit: type=1326 audit(1767048378.059:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.3.832" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa21cf8f7c9 code=0x0 [ 121.265917][ T6183] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 128.440773][ T7729] syz.1.987(7729): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 129.734775][ T6183] Bluetooth: hci2: unexpected event 0x3c length: 254 > 7 [ 132.147811][ T7895] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 134.965921][ T8027] random: crng reseeded on system resumption [ 135.918861][ T30] audit: type=1800 audit(1767050440.814:7): pid=8066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1152" name="trace_pipe" dev="tracefs" ino=1063 res=0 errno=0 [ 138.066201][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.072542][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.943412][ T6183] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9 [ 141.738151][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 144.216333][ T30] audit: type=1800 audit(1767050449.158:8): pid=8414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1324" name="version" dev="configfs" ino=15678 res=0 errno=0 [ 150.447318][ T8666] Unable to find swap-space signature [ 152.526158][ T8754] Process accounting resumed [ 153.872084][ T8738] kexec: Could not allocate control_code_buffer [ 156.028694][ T8833] kexec: Could not allocate control_code_buffer [ 157.213864][ T8946] syz_tun: tun_chr_ioctl cmd 2147767520 [ 158.335431][ T8925] kexec: Could not allocate control_code_buffer [ 158.383663][ T8990] Scaler: ================= START STATUS ================= [ 158.421863][ T8990] Scaler: ================== END STATUS ================== [ 159.753715][ T9054] sd 0:0:1:0: PR command failed: 1026 [ 159.764366][ T9054] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 159.772412][ T9054] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 161.118388][ T9117] block2mtd: device name too long [ 162.543888][ T9186] busy [ 162.702105][ T9192] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 163.135828][ T9213] ecryptfs_parse_packet_length: Error parsing packet length [ 163.148518][ T9213] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 164.109759][ T9257] block2mtd: illegal erase size [ 164.527352][ T9275] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 164.538320][ T6183] Bluetooth: hci3: unexpected event 0x23 length: 127 > 13 [ 164.696638][ T9283] bcache: register_bcache() error : failed to open device [ 166.006239][ T9337] program syz.2.1782 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 166.527914][ T9350] zswap: compressor _ not available [ 168.264199][ T9430] WARNING! power/level is deprecated; use power/control instead [ 169.540666][ T9489] program syz.2.1856 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 170.603232][ T6183] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.609484][ T6244] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 170.908413][ T9558] usb usb2: usbfs: process 9558 (syz.2.1889) did not claim interface 4 before use [ 171.299657][ T9577] nvme_fcloop: unknown parameter or missing value 'ٛ' [ 172.676952][ T6183] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.685664][ T6244] Bluetooth: hci2: Opcode 0x0406 failed: -110 [ 173.643784][ T9695] batman_adv: Routing algorithm '7' is not supported [ 173.924127][ T9707] vhci_hcd: not connected 4 [ 174.040021][ T9713] i2c i2c-0: new_device: Invalid device name [ 174.824559][ T6244] Bluetooth: hci2: Opcode 0x0406 failed: -110 [ 174.824978][ T6183] Bluetooth: hci2: command 0x0c1a tx timeout [ 176.777308][ T9839] program syz.3.2011 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 177.865185][ T6830] smpboot: CPU 1 is now offline [ 178.421679][ T9909] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 178.720039][ T6183] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 180.086019][ T9976] vhci_hcd vhci_hcd.2: invalid port number 16 [ 180.094584][ T30] audit: type=1800 audit(1843105570.820:9): pid=9977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2071" name="dbroot" dev="configfs" ino=21025 res=0 errno=0 [ 180.146353][ T9976] vhci_hcd vhci_hcd.2: invalid port number 16 [ 180.408284][ T30] audit: type=1806 audit(1843105571.131:10): xattr="." res=0 [ 180.797587][ T6183] Bluetooth: hci3: command 0x2016 tx timeout [ 182.423465][T10081] Process accounting paused [ 182.564065][T10092] : Can't lookup blockdev [ 182.872648][ T6183] Bluetooth: hci3: command 0x2016 tx timeout [ 183.208959][ T5154] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 183.373090][T10126] bond0: no command found in slaves file - use +ifname or -ifname [ 184.573224][T10175] usbcore.quirks: string doesn't fit in 127 chars. [ 185.254438][ T6183] Bluetooth: hci2: command 0x0c1a tx timeout [ 185.271873][T10209] kAFS: No cell specified [ 186.812360][T10285] kafs: addr_prefs: Invalid Command [ 187.013597][T10291] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 187.047614][T10291] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 187.166507][T10291] CIFS mount error: No usable UNC path provided in device string! [ 187.166507][T10291] [ 187.216997][T10291] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 187.326870][ T5154] Bluetooth: hci2: command 0x0c1a tx timeout [ 187.478953][ T30] audit: type=1326 audit(1843105578.235:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10309 comm="syz.3.2233" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa21cf8f7c9 code=0x0 [ 187.785073][T10324] __vm_enough_memory: pid: 10324, comm: syz.0.2239, bytes: 4398046511104 not enough memory for the allocation [ 187.950651][T10333] QAT: failed to copy from user cfg_data. [ 188.161594][T10343] : Can't lookup blockdev [ 188.348914][T10350] vhci_hcd vhci_hcd.2: invalid port number 255 [ 188.389637][T10350] vhci_hcd vhci_hcd.2: Wrong hub descriptor type for USB 3.0 roothub. [ 188.527950][ T6183] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 188.926447][T10372] zram: Added device: zram1 [ 189.685615][T10407] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 190.132021][T10430] block2mtd: parameter too long [ 190.589567][ T5154] Bluetooth: hci1: command 0x2016 tx timeout [ 191.202698][ T5154] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 191.516764][T10496] program syz.1.2320 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.981324][T10510] delete_channel: no stack [ 192.661572][ T5154] Bluetooth: hci1: command 0x2016 tx timeout [ 193.081765][ T6183] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 193.217526][ T6130] Bluetooth: hci0: command 0x2016 tx timeout [ 195.089252][ T3652] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.128189][ T5154] Bluetooth: hci3: command 0x2016 tx timeout [ 195.288080][ T6183] Bluetooth: hci0: command 0x2016 tx timeout [ 195.316349][ T6130] Bluetooth: hci0: unexpected event 0x14 length: 16 > 6 [ 196.256564][T10683] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 196.335612][T10683] CIFS mount error: No usable UNC path provided in device string! [ 196.335612][T10683] [ 196.380834][T10683] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 196.968208][T10708] kAFS: Invalid Command on /proc/fs/afs/cells file [ 197.199501][ T6130] Bluetooth: hci3: command 0x2016 tx timeout [ 199.195836][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.212960][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.437088][T10798] usbip-vudc usbip-vudc.0: gadget not bound [ 200.244508][ T5154] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 201.022781][T10856] ptrace attach of "./syz-executor exec"[6188] was attempted by ""[10856] [ 202.105195][T10910] aoe: can't write to that file. [ 204.206545][T10975] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 205.258815][T11047] ceph: Failed to parse sending metrics switch value 'P^' [ 207.962814][T11148] bond0: option packets_per_slave: invalid value ( Xnp) [ 208.001454][T11148] bond0: option packets_per_slave: allowed values 0 - 65535 [ 208.425877][T11163] zswap: compressor *E;3߃L MapCMcsyF*srHDU}]$rm+8ጅY7TU9d L@saXfmY6  =KԿ_+ gX not available [ 208.906287][ T5154] Bluetooth: hci3: command 0x2016 tx timeout [ 209.358319][T11199] usb usb19: usbfs: process 11199 (syz.3.2662) did not claim interface 0 before use [ 209.562356][T11207] nfs: Unknown parameter 'w`_' [ 210.358854][ T5154] Bluetooth: hci0: unexpected subevent 0x0c length: 118 > 5 [ 211.452943][ T6130] Bluetooth: hci1: command 0x2016 tx timeout [ 211.458999][ T5154] Bluetooth: hci0: command 0x2016 tx timeout [ 211.614073][T11309] : Can't lookup blockdev [ 212.458500][T11356] Process accounting resumed [ 212.584391][T11322] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 212.584417][T11322] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 212.605692][T11322] Bluetooth: hci0: Dropping invalid advertising data Ijn9_UVQ8j@:Un M%Ux0 [ 212.612697][T11322] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 213.867192][T11426] vhci_hcd vhci_hcd.2: invalid port number 16 [ 213.950642][T11426] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 215.886113][T11523] ecryptfs_miscdev_write: Error while inspecting packet size [ 219.196802][T11675] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 219.633219][T11690] nfsd: Unknown parameter '^B-' [ 219.980617][T11707] Invalid input. Must be >= 4608 [ 219.997604][T11709] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 220.508608][T11725] program syz.2.2915 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 220.554595][T11725] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 221.100561][T11739] hub 1-0:1.0: USB hub found [ 221.133217][T11739] hub 1-0:1.0: 1 port detected [ 221.423933][T11755] ACPI: Can not change Invalid GPE/Fixed Event status [ 222.054640][T11785] warning: `syz.0.2945' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 222.294518][ T30] audit: type=1800 audit(1843105613.188:12): pid=11795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2950" name="members" dev="configfs" ino=26883 res=0 errno=0 [ 222.390123][T11799] hub 1-0:1.0: USB hub found [ 222.409075][T11799] hub 1-0:1.0: 1 port detected [ 222.439046][T11803] nvme_fcloop: unknown parameter or missing value '7' [ 223.731235][T11863] hub 1-0:1.0: USB hub found [ 223.761987][T11863] hub 1-0:1.0: 1 port detected [ 224.449860][T11896] hub 1-0:1.0: USB hub found [ 224.491172][T11896] hub 1-0:1.0: 1 port detected [ 224.666516][T11906] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 226.619883][T11322] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 226.729587][T11995] program syz.2.3031 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 226.771567][T11999] sd 0:0:1:0: PR command failed: 1026 [ 226.776989][T11999] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 226.830218][T11999] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 229.839269][T12142] syz.0.3090 uses obsolete (PF_INET,SOCK_PACKET) [ 231.630060][T12226] rtc_cmos 00:00: Alarms can be up to one day in the future [ 231.747673][T12229] Debayer A: ================= START STATUS ================= [ 231.815419][T12229] Debayer A: Debayer Mean Window Size: 3 [ 231.821264][T12229] Debayer A: ================== END STATUS ================== [ 232.763383][T12302] usb usb4: usbfs: process 12302 (syz.1.3147) did not claim interface 0 before use [ 235.677458][T12463] Setting dangerous option i915.mitigations - tainting kernel [ 236.881765][T12529] misc userio: Invalid payload size [ 237.046640][T12538] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to -1. Contact your vendor for updates. [ 238.746394][T12620] QAT: Device 250 not found [ 242.210873][T12746] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 242.210873][T12746] program syz.0.3356 not setting count and/or reply_len properly [ 242.532309][T12756] Process accounting paused [ 244.327427][T12840] vhci_hcd vhci_hcd.2: invalid port number 135 [ 244.363831][T12840] vhci_hcd vhci_hcd.2: invalid port number 135 [ 244.566226][T12846] i2c i2c-0: delete_device: Extra parameters [ 246.463660][T12927] ICMPv6: process `syz.1.3443' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 248.707817][T13031] usb usb3: usbfs: interface 0 claimed by hub while 'syz.3.3494' sets config #-1 [ 249.033328][ T6830] Process accounting resumed [ 249.732789][T13087] binder: 13085:13087 ioctl 40046205 0 returned -22 [ 250.192388][T13115] bond0: option mode: unable to set because the bond device is up [ 251.063016][T13164] capability: warning: `syz.3.3559' uses 32-bit capabilities (legacy support in use) [ 251.404178][T13185] phram: not enough arguments [ 252.748327][T13254] block2mtd: too many arguments [ 253.842241][T13310] random: crng reseeded on system resumption [ 254.884393][T13368] queue_state_write: operation too long [ 254.906915][T13368] queue_state_write: use 'run', 'start' or 'kick' [ 255.022523][T11322] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 255.022547][T11322] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 255.040860][T11322] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 255.492399][T13398] Format for deleting device is "id" (uint). [ 257.349505][T13492] vhci_hcd vhci_hcd.0: invalid port number 16 [ 257.843162][T13522] usb usb13: check_ctrlrecip: process 13522 (syz.2.3732) requesting ep 01 but needs 81 [ 257.852836][T13522] usb usb13: usbfs: process 13522 (syz.2.3732) did not claim interface 0 before use [ 257.930186][T13526] blkio.reset_stats is deprecated [ 258.561540][T13578] delete_channel: no stack [ 259.143783][T13611] synth uevent: /bus/mei: unknown uevent action string [ 260.361570][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.367901][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.909185][T13719] ubi31: attaching mtd0 [ 263.305072][T13856] Setting dangerous option i915.mitigations - tainting kernel [ 263.700698][T13877] sd 0:0:1:0: PR command failed: 1026 [ 263.729941][T13877] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 263.755475][T13877] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 264.498807][ T30] audit: type=1800 audit(1843105655.607:13): pid=13921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3912" name="sr0" dev="devtmpfs" ino=2848 res=0 errno=0 [ 266.138508][T14016] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 266.164032][T14019] tipc: Can't bind to reserved service type 0 [ 266.394358][T14029] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 267.472011][T14091] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 268.204966][T14141] vhci_hcd vhci_hcd.2: invalid port number 0 [ 268.965743][T14188] wlan1: mtu less than device minimum [ 269.171486][T14196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 269.221092][T14196] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 269.291785][T14196] memcg:ffff888031d17501 [ 269.329121][T14196] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 269.369534][T14196] page_type: f5(slab) [ 269.384537][T14196] raw: 00fff00000000040 ffff88813ff30b40 ffffea0000c90000 dead000000000004 [ 269.446581][T14196] raw: 0000000000000000 00000000000a000a 00000000f5000000 ffff888031d17501 [ 269.510194][T14196] head: 00fff00000000040 ffff88813ff30b40 ffffea0000c90000 dead000000000004 [ 269.556309][T14196] head: 0000000000000000 00000000000a000a 00000000f5000000 ffff888031d17501 [ 269.597846][T14196] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 269.636489][T14196] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 269.674739][T14196] page dumped because: unmovable page [ 269.699935][T14196] page_owner tracks the page as allocated [ 269.727211][T14196] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5498, tgid 5498 (dhcpcd), ts 58763964717, free_ts 58206395595 [ 269.833111][T14196] post_alloc_hook+0x1af/0x220 [ 269.852358][T14196] get_page_from_freelist+0xd0b/0x31a0 [ 269.876040][T14196] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 269.902906][T14196] alloc_pages_mpol+0x1fb/0x550 [ 269.922950][T14196] new_slab+0x2c3/0x430 [ 269.938219][T14196] ___slab_alloc+0xe18/0x1c90 [ 269.966774][T14196] __slab_alloc.constprop.0+0x63/0x110 [ 270.009638][T14196] kmem_cache_alloc_noprof+0x44d/0x770 [ 270.036615][T14196] copy_process+0x3b2d/0x7430 [ 270.052732][T14196] kernel_clone+0xfc/0x910 [ 270.068521][T14196] __do_sys_clone+0xce/0x120 [ 270.084188][T14196] do_syscall_64+0xcd/0xf80 [ 270.099652][T14196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.121615][T14196] page last free pid 5638 tgid 5638 stack trace: [ 270.143339][T14196] __free_frozen_pages+0x7df/0x1170 [ 270.158436][T14196] qlist_free_all+0x4c/0xf0 [ 270.174703][T14196] kasan_quarantine_reduce+0x195/0x1e0 [ 270.193227][T14196] __kasan_slab_alloc+0x69/0x90 [ 270.211065][T14196] kmem_cache_alloc_noprof+0x25e/0x770 [ 270.228983][T14196] vm_area_alloc+0x1f/0x160 [ 270.237871][T14196] __mmap_region+0x107a/0x2a00 [ 270.248127][T14196] mmap_region+0x1ab/0x3f0 [ 270.257559][T14196] do_mmap+0xa3e/0x1210 [ 270.267596][T14196] vm_mmap_pgoff+0x29e/0x470 [ 270.278325][T14196] ksys_mmap_pgoff+0x32c/0x5c0 [ 270.288657][T14196] __x64_sys_mmap+0x125/0x190 [ 270.299055][T14196] do_syscall_64+0xcd/0xf80 [ 270.309068][T14196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.272819][T14285] : Can't lookup blockdev [ 271.446491][ T30] audit: type=1400 audit(1843105662.589:14): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=14291 comm="syz.0.4080" [ 271.492494][T14294] Setting dangerous option i915.mitigations - tainting kernel [ 271.533920][T14294] Bad "i915.mitigations=!h@S", 'h@S' is unknown [ 271.664512][T14301] nvme_fcloop: unknown parameter or missing value '7' [ 271.761185][T14307] futex_wake_op: syz.0.4088 tries to shift op by -2048; fix this program [ 271.812628][T14307] futex_wake_op: syz.0.4088 tries to shift op by -2048; fix this program [ 271.970836][T14317] usb usb22: usbfs: process 14317 (syz.2.4092) did not claim interface 5 before use [ 272.456268][T14338] Process accounting resumed [ 272.555405][T14351] binder: binder_mmap: 14350 0-1000 bad vm_flags failed -1 [ 274.213321][T14457] program syz.2.4149 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 274.241401][T14459] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 274.241401][T14459] M' is too long [ 274.292551][T14459] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 274.292551][T14459] W ' is too long [ 274.985026][T14498] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 275.470889][T14521] kAFS: Invalid Command on /proc/fs/afs/cells file [ 275.479204][T14523] random: crng reseeded on system resumption [ 275.709188][T14535] program syz.2.4187 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 276.169845][T14562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 276.213708][T14562] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 276.251905][T14562] memcg:ffff888031d17501 [ 276.269147][T14562] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 276.306872][T14562] page_type: f5(slab) [ 276.321058][T14562] raw: 00fff00000000040 ffff88813ff30b40 ffffea000049a000 dead000000000002 [ 276.372349][T14562] raw: 0000000000000000 00000000000a000a 00000000f5000000 ffff888031d17501 [ 276.405958][T14562] head: 00fff00000000040 ffff88813ff30b40 ffffea000049a000 dead000000000002 [ 276.446565][T14562] head: 0000000000000000 00000000000a000a 00000000f5000000 ffff888031d17501 [ 276.487108][T14562] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 276.535927][T14562] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 276.568504][T14562] page dumped because: unmovable page [ 276.599598][T14562] page_owner tracks the page as allocated [ 276.624362][T14562] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5498, tgid 5498 (dhcpcd), ts 58763964717, free_ts 58206395595 [ 276.714538][T14562] post_alloc_hook+0x1af/0x220 [ 276.746163][T14562] get_page_from_freelist+0xd0b/0x31a0 [ 276.765741][T14562] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 276.792243][T14562] alloc_pages_mpol+0x1fb/0x550 [ 276.808021][T14562] new_slab+0x2c3/0x430 [ 276.840281][T14562] ___slab_alloc+0xe18/0x1c90 [ 276.855924][T14562] __slab_alloc.constprop.0+0x63/0x110 [ 276.884209][T14562] kmem_cache_alloc_noprof+0x44d/0x770 [ 276.906830][T14562] copy_process+0x3b2d/0x7430 [ 276.929004][T14562] kernel_clone+0xfc/0x910 [ 276.945034][T14597] overlayfs: "check_copy_up" module option is obsolete [ 276.954282][T14562] __do_sys_clone+0xce/0x120 [ 277.003055][T14562] do_syscall_64+0xcd/0xf80 [ 277.022960][T14562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.052258][T14562] page last free pid 5638 tgid 5638 stack trace: [ 277.070245][T14562] __free_frozen_pages+0x7df/0x1170 [ 277.078416][T14562] qlist_free_all+0x4c/0xf0 [ 277.113400][T14562] kasan_quarantine_reduce+0x195/0x1e0 [ 277.118906][T14562] __kasan_slab_alloc+0x69/0x90 [ 277.141808][T14562] kmem_cache_alloc_noprof+0x25e/0x770 [ 277.164752][T14562] vm_area_alloc+0x1f/0x160 [ 277.181227][T14562] __mmap_region+0x107a/0x2a00 [ 277.199868][T14562] mmap_region+0x1ab/0x3f0 [ 277.210662][T14562] do_mmap+0xa3e/0x1210 [ 277.226292][T14562] vm_mmap_pgoff+0x29e/0x470 [ 277.238358][T14562] ksys_mmap_pgoff+0x32c/0x5c0 [ 277.256280][T14562] __x64_sys_mmap+0x125/0x190 [ 277.273392][T14562] do_syscall_64+0xcd/0xf80 [ 277.288356][T14562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.538602][T14680] ecryptfs_miscdev_write: Invalid packet size [192] [ 278.657376][T14676] could not allocate digest TFM handle [ 278.730814][T14688] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 279.822794][ T30] audit: type=1800 audit(1843105671.009:15): pid=14736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4285" name="members" dev="configfs" ino=35889 res=0 errno=0 [ 281.238815][T11322] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 281.247851][T11322] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 282.228509][T14884] kafs: addr_prefs: Invalid Command [ 282.408885][ T30] audit: type=1800 audit(1843105673.601:16): pid=14895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4351" name="features" dev="configfs" ino=36354 res=0 errno=0 [ 283.634908][T14964] Setting dangerous option i915.mitigations - tainting kernel [ 283.871282][T11329] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 283.882220][T11329] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 284.160426][T15013] kernel read not supported for file /\*)A (pid: 15013 comm: syz.2.4398) [ 284.202239][ T30] audit: type=1800 audit(1843105675.409:17): pid=15013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4398" name="\*)A" dev="mqueue" ino=36689 res=0 errno=0 [ 284.831512][T15045] Line length is too long: Should be less than 4094 [ 285.553054][T14818] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 285.553078][T14818] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 285.567872][T14818] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 285.739317][T15093] Setting dangerous option i915.mitigations - tainting kernel [ 285.749730][T15094] program syz.0.4437 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 286.198872][T15117] syz.2.4447 (15117): drop_caches: 0 [ 286.397546][T15124] Setting dangerous option i915.mitigations - tainting kernel [ 290.565990][T15355] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 290.594029][T15355] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 290.690235][T15361] cougar: G6 mapped to F18 [ 290.739781][T15364] nvme_fabrics: unknown parameter or missing value '@' in ctrl creation request [ 290.978774][T14818] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 290.986288][T14818] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 291.912221][T14818] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 291.920002][T14818] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff [ 292.570874][T15498] random: crng reseeded on system resumption [ 292.816522][T14818] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 292.825377][T14818] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 294.702248][T15629] ubi31: attaching mtd0 [ 294.731909][T15629] ubi31: scanning is finished [ 294.736642][T15629] ubi31: empty MTD device detected [ 294.952702][T15629] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 295.018465][T15629] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes [ 295.065608][T15629] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 295.098549][T15629] ubi31: VID header offset: 514 (aligned 514), data offset: 578 [ 295.147851][T15629] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 295.178398][T15629] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 20 [ 295.220286][T15629] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 69833733 [ 295.262006][T15629] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 295.325999][T15641] ubi31: background thread "ubi_bgt31d" started, PID 15641 [ 295.696596][T14818] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 295.707189][T14818] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff [ 296.053839][T15706] ubi: mtd0 is already attached to ubi31 [ 296.553187][T15733] ubi: mtd0 is already attached to ubi31 [ 297.623674][T15801] synth uevent: /module/button: unknown uevent action string [ 297.856441][T15814] bond0: invalid ARP target specified [ 298.023037][T15821] usb usb16: usbfs: process 15821 (syz.1.4741) did not claim interface 0 before use [ 300.749625][T15952] cougar: G6 mapped to space [ 300.760345][T15954] sysfs_service_op_store: Client not running :-5: [ 300.952982][T15964] usb usb36: usbfs: process 15964 (syz.0.4812) did not claim interface 0 before use [ 301.813965][ T30] audit: type=1400 audit(1843124037.099:18): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=16004 comm="syz.0.4831" [ 301.961923][T16014] random: crng reseeded on system resumption [ 302.323553][T16031] Process accounting paused [ 304.220205][T16133] process 'syz.3.4893' launched '/dev/fd/3' with NULL argv: empty string added [ 305.344884][T16198] binder: 16197:16198 ioctl 541b fffffffffffff4e0 returned -22 [ 305.910743][T16218] ima: policy update failed [ 305.947038][ T30] audit: type=1802 audit(1843124041.248:19): pid=16218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4932" res=0 errno=0 [ 306.217470][T16239] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there [ 306.217470][T16239] [ 306.503092][T16257] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 308.580079][ T30] audit: type=1800 audit(1843124043.901:20): pid=16366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5003" name="features" dev="configfs" ino=40774 res=0 errno=0 [ 308.818208][T16378] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 309.052767][T16391] nvme_fcloop: unknown parameter or missing value '' [ 309.917749][T16437] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 309.918140][T16436] ima: policy update failed [ 309.979658][ T30] audit: type=1802 audit(1843124045.297:21): pid=16436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.5039" res=0 errno=0 [ 311.917263][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 311.923838][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 312.099437][T16559] kAFS: Invalid Command on /proc/fs/afs/cells file [ 312.861587][T16602] hub 8-0:1.0: Interface 0 is not authorized for usage [ 312.899992][T16602] usbtest 8-0:1.0: Interface 0 is not authorized for usage [ 313.564842][T16648] qrtr: Invalid version 0 [ 313.964448][T16664] kfence: disabled [ 313.983010][T16668] syz_tun: tun_chr_ioctl cmd 35111 [ 314.287748][T16686] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 316.237260][T16794] CIFS mount error: No usable UNC path provided in device string! [ 316.237260][T16794] [ 316.283835][T16794] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 319.305269][T16949] ICMPv6: process `syz.2.5288' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 319.552544][T16962] ubi: mtd0 is already attached to ubi31 [ 319.692429][T16968] vhci_hcd vhci_hcd.2: invalid port number 16 [ 319.715614][T16968] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 319.739724][T16970] vhci_hcd vhci_hcd.0: ClearPortFeature: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 320.158880][T16992] program syz.0.5309 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 320.211002][T16992] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 320.463480][T16996] zswap: compressor - not available [ 320.498079][T16999] block2mtd: illegal erase size [ 321.501563][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.511617][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.561548][T17182] random: crng reseeded on system resumption [ 329.798662][T17459] block ram6: the capability attribute has been deprecated. [ 332.118750][T17550] < [ 332.234312][T17551] Process accounting resumed [ 334.043446][T17627] bonding: no command found in bonding_masters - use +ifname or -ifname [ 336.683051][T17750] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.712155][T17758] i8042 aux 00:02: in use; can't configure [ 336.937805][T17770] CIFS mount error: No usable UNC path provided in device string! [ 336.937805][T17770] [ 336.986409][T17770] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 337.974693][T17829] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 339.258674][T17892] vmstat_refresh: nr_hugetlb -3072 [ 339.768872][T17918] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 342.345321][T18048] bonding: no command found in bonding_masters - use +ifname or -ifname [ 342.525210][ T30] audit: type=1107 audit(1843124078.000:22): pid=18058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 344.350318][T18158] delete_channel: no stack [ 344.815609][T18188] block2mtd: Using custom MTD label '' for dev [ 344.844335][T18188] block2mtd: error: cannot open device [ 345.677170][T18235] kAFS: Invalid Command on /proc/fs/afs/cells file [ 346.703769][T18294] i2c i2c-0: new_device: Missing parameters [ 346.983441][ T30] audit: type=1800 audit(1843124082.481:23): pid=18306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5931" name="lu_gp_id" dev="configfs" ino=46814 res=0 errno=0 [ 347.004564][T18306] kstrtoul() returned -22 for lu_gp_id [ 347.084234][ T794] usb usb38-port5: attempt power cycle [ 347.250866][T18320] block2mtd: illegal erase size [ 347.663632][ T794] usb usb38-port5: unable to enumerate USB device [ 348.056827][T18363] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.0.5959: 7 [ 349.279821][T18431] synth uevent: /devices/virtual/net/nr1: unknown uevent action string [ 349.333211][T18431] net nr1: uevent: failed to send synthetic uevent: -22 [ 350.237020][T18477] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 351.559879][T18546] bond0: option slaves: interface - does not exist! [ 354.557534][T18663] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 354.745047][T18672] : Can't lookup blockdev [ 355.324481][T18696] ICMPv6: process `syz.2.6121' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 362.097673][T19044] Process accounting paused [ 362.840225][T19077] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 362.886203][T19077] ep_00: uevent: failed to send synthetic uevent: -22 [ 364.209354][T19132] ptp ptp0: only physical clock in use now [ 364.692638][T19153] i2c i2c-0: delete_device: Can't parse I2C address [ 368.701333][T19312] random: crng reseeded on system resumption [ 369.421107][T19341] QAT: Stopping all acceleration devices. [ 370.603331][T19397] random: crng reseeded on system resumption [ 371.688638][T19452] nvme_fcloop: unknown parameter or missing value '' [ 372.570102][T19499] usb usb37: usbfs: process 19499 (syz.0.6485) did not claim interface 0 before use [ 374.322326][T19581] rnbd_client L202: map_device: Unknown parameter or missing value '7' [ 375.461005][T19642] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 376.603087][T19697] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 376.642454][T19697] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 376.679166][T19697] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 376.721585][T19697] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 376.763778][T19697] page dumped because: unmovable page [ 376.790909][T19697] page_owner info is not present (never set?) [ 377.649094][T19755] vhci_hcd vhci_hcd.2: invalid port number 16 [ 377.696626][T19755] vhci_hcd vhci_hcd.2: invalid port number 16 [ 378.958446][T14818] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 378.958472][T14818] Bluetooth: hci2: unexpected subevent 0x06 length: 725 > 10 [ 380.434215][T19888] vivid-007: ================= START STATUS ================= [ 380.470222][T19888] vivid-007: Enable Output Cropping: true [ 380.499541][T19888] vivid-007: Enable Output Composing: true [ 380.528469][T19888] vivid-007: Enable Output Scaler: true [ 380.557587][T19888] vivid-007: Tx RGB Quantization Range: Automatic [ 380.589861][T19888] vivid-007: Transmit Mode: HDMI [ 380.607357][T19888] vivid-007: Hotplug Present: 0x00000000 [ 380.636024][T19888] vivid-007: RxSense Present: 0x00000000 [ 380.665919][T19888] vivid-007: EDID Present: 0x00000000 [ 380.692526][T19888] vivid-007: ================== END STATUS ================== [ 380.980550][T14818] Bluetooth: hci2: command 0x0c1a tx timeout [ 381.652328][T19968] QAT: Invalid ioctl 21531 [ 382.654803][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 382.662677][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.967348][T20037] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 384.611411][T20142] syz.0.6775: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 384.680826][T20142] CPU: 0 UID: 0 PID: 20142 Comm: syz.0.6775 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 384.680856][T20142] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 384.680864][T20142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 384.680877][T20142] Call Trace: [ 384.680883][T20142] [ 384.680889][T20142] dump_stack_lvl+0x16c/0x1f0 [ 384.680918][T20142] warn_alloc+0x248/0x3a0 [ 384.680937][T20142] ? __pfx_warn_alloc+0x10/0x10 [ 384.680955][T20142] ? __lock_acquire+0x436/0x2890 [ 384.680979][T20142] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 384.680994][T20142] __vmalloc_node_range_noprof+0x12c2/0x16b0 [ 384.681009][T20142] ? __pfx___might_resched+0x10/0x10 [ 384.681030][T20142] ? rcu_is_watching+0x12/0xc0 [ 384.681052][T20142] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 384.681065][T20142] ? find_held_lock+0x2b/0x80 [ 384.681082][T20142] ? dvb_dvr_do_ioctl+0x7e/0x290 [ 384.681095][T20142] ? tomoyo_path_number_perm+0x295/0x580 [ 384.681114][T20142] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 384.681128][T20142] ? __pfx___mutex_lock+0x10/0x10 [ 384.681150][T20142] ? tomoyo_path_number_perm+0x18d/0x580 [ 384.681168][T20142] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 384.681188][T20142] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 384.681201][T20142] __vmalloc_node_noprof+0xad/0xf0 [ 384.681214][T20142] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 384.681230][T20142] dvb_dvr_do_ioctl+0x15d/0x290 [ 384.681250][T20142] dvb_usercopy+0x167/0x340 [ 384.681271][T20142] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 384.681285][T20142] ? __pfx_dvb_usercopy+0x10/0x10 [ 384.681314][T20142] ? __fget_files+0x20e/0x3c0 [ 384.681345][T20142] dvb_dvr_ioctl+0x29/0x40 [ 384.681358][T20142] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 384.681371][T20142] __x64_sys_ioctl+0x18e/0x210 [ 384.681392][T20142] do_syscall_64+0xcd/0xf80 [ 384.681416][T20142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.681431][T20142] RIP: 0033:0x7fd0fd98f7c9 [ 384.681450][T20142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 384.681463][T20142] RSP: 002b:00007fd0fe8e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 384.681478][T20142] RAX: ffffffffffffffda RBX: 00007fd0fdbe5fa0 RCX: 00007fd0fd98f7c9 [ 384.681488][T20142] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 384.681497][T20142] RBP: 00007fd0fda13f91 R08: 0000000000000000 R09: 0000000000000000 [ 384.681521][T20142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.681531][T20142] R13: 00007fd0fdbe6038 R14: 00007fd0fdbe5fa0 R15: 00007fffcb068bd8 [ 384.681552][T20142] [ 384.681583][T20142] Mem-Info: [ 385.268707][T20185] deleting an unspecified loop device is not supported. [ 385.701218][T20142] active_anon:3632 inactive_anon:1848 isolated_anon:0 [ 385.701218][T20142] active_file:7537 inactive_file:46875 isolated_file:0 [ 385.701218][T20142] unevictable:768 dirty:439 writeback:0 [ 385.701218][T20142] slab_reclaimable:11497 slab_unreclaimable:92510 [ 385.701218][T20142] mapped:24229 shmem:1374 pagetables:1095 [ 385.701218][T20142] sec_pagetables:0 bounce:0 [ 385.701218][T20142] kernel_misc_reclaimable:0 [ 385.701218][T20142] free:1334704 free_pcp:4139 free_cma:0 [ 386.005544][T20142] Node 0 active_anon:14528kB inactive_anon:7208kB active_file:29940kB inactive_file:187356kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96820kB dirty:1768kB writeback:0kB shmem:3960kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:11232kB pagetables:4236kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 386.157237][T20142] Node 1 active_anon:0kB inactive_anon:0kB active_file:220kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:144kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 386.296859][T20142] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 386.429558][T20142] lowmem_reserve[]: 0 2481 2483 2483 2483 [ 386.457782][T20142] Node 0 DMA32 free:1417464kB boost:0kB min:34332kB low:42912kB high:51492kB reserved_highatomic:0KB free_highatomic:0KB active_anon:14528kB inactive_anon:11484kB active_file:29940kB inactive_file:187356kB unevictable:1536kB writepending:1768kB zspages:0kB present:3129332kB managed:2541028kB mlocked:0kB bounce:0kB free_pcp:18192kB local_pcp:18192kB free_cma:0kB [ 386.649670][T20142] lowmem_reserve[]: 0 0 1 1 1 [ 386.659733][T20142] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 386.799232][T20142] lowmem_reserve[]: 0 0 0 0 0 [ 386.818722][T20142] Node 1 Normal free:3901848kB boost:0kB min:55548kB low:69432kB high:83316kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:220kB inactive_file:132kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 386.851811][T20251] vhci_hcd vhci_hcd.2: invalid port number 16 [ 386.886697][T20251] vhci_hcd vhci_hcd.2: invalid port number 16 [ 386.971894][T20142] lowmem_reserve[]: 0 0 0 0 0 [ 386.989663][T20142] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 387.047981][ T30] audit: type=1800 audit(1843124122.740:24): pid=20261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6822" name="discovery_nqn" dev="configfs" ino=52695 res=0 errno=0 [ 387.075628][T20142] Node 0 DMA32: 3416*4kB (UME) 2807*8kB (UM) 1528*16kB (UM) 671*32kB (UME) 586*64kB (UM) 462*128kB (UME) 287*256kB (UME) 248*512kB (UM) 108*1024kB (UM) 33*2048kB (UME) 210*4096kB (UM) = 1417464kB [ 387.163216][T20142] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 387.217336][T20142] Node 1 Normal: 214*4kB (UM) 66*8kB (UME) 49*16kB (UME) 223*32kB (UME) 115*64kB (UE) 39*128kB (UME) 17*256kB (UME) 4*512kB (UM) 3*1024kB (UME) 4*2048kB (UME) 943*4096kB (UM) = 3901848kB [ 387.300510][T20142] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 387.348090][T20142] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 387.396069][T20142] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 387.426903][T20142] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 387.466246][T20142] 55782 total pagecache pages [ 387.493703][T20142] 0 pages in swap cache [ 387.523519][T20142] Free swap = 124996kB [ 387.527693][T20142] Total swap = 124996kB [ 387.531824][T20142] 2097051 pages RAM [ 387.569786][T20142] 0 pages HighMem/MovableOnly [ 387.581948][T14818] Bluetooth: hci1: unexpected event 0x3e length: 0 < 1 [ 387.601894][T20142] 429768 pages reserved [ 387.622313][T20142] 0 pages cma reserved [ 388.444263][T20328] bond0: invalid ARP target specified [ 388.718224][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.724657][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.332003][T20389] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 390.221260][T20439] block nbd0: NBD_DISCONNECT [ 391.367369][T20507] bond0: invalid ARP target specified [ 391.984789][T20534] Process accounting resumed [ 394.613685][T20675] kafs: addr_prefs: Too many elements in string [ 395.137849][T20701] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 399.437118][T20904] kAFS: unparsable volume name [ 400.203290][T20942] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 401.368944][T21007] syz.3.7151 uses obsolete (PF_INET,SOCK_PACKET) [ 401.748060][T21026] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 401.852348][T21031] netlink: 206 bytes leftover after parsing attributes in process `syz.1.7163'. [ 401.902555][T21031] Zero length message leads to an empty skb [ 402.604392][T21057] NFSD: Failed to start, no listeners configured. [ 402.945103][T21082] openvswitch: netlink: Message has 20 unknown bytes. [ 403.439317][T21108] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 404.255231][T21142] netlink: 'syz.2.7213': attribute type 1 has an invalid length. [ 404.594836][T21158] netlink: Unknown conntrack attr (type=257, max=9) [ 405.080002][T21180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 405.126498][T21180] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 407.944358][T21293] NFSD: Failed to start, no listeners configured. [ 408.102453][T21306] process 'syz.2.7287' launched '/dev/fd/3' with NULL argv: empty string added [ 408.536028][T21319] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 408.824270][T21330] phram: not enough arguments [ 408.987442][T21337] nbd: illegal input index 37139 [ 409.306063][T21345] netlink: zone id is out of range [ 409.328316][T21345] netlink: zone id is out of range [ 409.697895][T21360] netlink: 'syz.3.7312': attribute type 1 has an invalid length. [ 409.756714][T21361] NFSD: Failed to start, no listeners configured. [ 410.092211][T21379] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 411.214827][T21438] openvswitch: netlink: IP tunnel dst address not specified [ 412.257620][T21482] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 412.299035][T21482] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 413.452260][T21536] NFSD: Failed to start, no listeners configured. [ 414.184210][T21572] NFSD: Failed to start, no listeners configured. [ 414.888361][T21607] NFSD: Failed to start, no listeners configured. [ 415.424053][T21649] netlink: 'syz.1.7417': attribute type 4 has an invalid length. [ 415.462472][T21649] netlink: 'syz.1.7417': attribute type 1 has an invalid length. [ 415.501094][T21655] netlink: 'syz.2.7418': attribute type 11 has an invalid length. [ 416.839146][T21709] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7443'. [ 416.966476][T21712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7445'. [ 417.612995][T21758] openvswitch: netlink: Key type 29 is not supported [ 419.423608][T21838] netlink: 'syz.2.7494': attribute type 2 has an invalid length. [ 419.604254][T21846] netlink: zone id is out of range [ 419.625073][T21846] netlink: get zone limit has 4 unknown bytes [ 420.357710][T21877] TCP: TCP_TX_DELAY enabled [ 420.774419][T21895] netlink: 8620 bytes leftover after parsing attributes in process `syz.2.7522'. [ 421.945807][T21945] Process accounting paused [ 422.217511][T21959] vivid-007: ================= START STATUS ================= [ 422.261910][T21959] vivid-007: Enable Output Cropping: true grabbed [ 422.268409][T21959] vivid-007: Enable Output Composing: true grabbed [ 422.351448][T21959] vivid-007: Enable Output Scaler: true grabbed [ 422.362739][T21959] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 422.414147][T21959] vivid-007: Transmit Mode: HDMI grabbed [ 422.441230][T21959] vivid-007: Hotplug Present: 0x00000000 [ 422.477861][T21959] vivid-007: RxSense Present: 0x00000000 [ 422.510520][T21959] vivid-007: EDID Present: 0x00000000 [ 422.542936][T21959] vivid-007: ================== END STATUS ================== [ 422.573801][T21972] netlink: 'syz.0.7560': attribute type 1 has an invalid length. [ 422.627463][T21972] nbd: error processing sock list [ 423.268602][T22002] openvswitch: netlink: IP tunnel dst address not specified [ 423.588092][T22016] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 425.130950][T22085] netlink: ct family unspecified [ 427.609524][T22203] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 428.304492][T22233] dyndbg: bad flag-op , at start of R [ 428.341777][T22233] dyndbg: flags parse failed [ 428.492744][T22243] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 429.309650][T22276] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 429.530794][T22292] openvswitch: netlink: Flow key attribute not present in set flow. [ 430.795273][T22342] NFSD: Failed to start, no listeners configured. [ 431.054726][T22358] netlink: zone id is out of range [ 431.067380][T22358] netlink: zone id is out of range [ 431.079112][T22358] netlink: zone id is out of range [ 431.094421][T22358] netlink: zone id is out of range [ 431.104563][T22358] netlink: zone id is out of range [ 431.114710][T22358] netlink: zone id is out of range [ 431.125064][T22358] netlink: zone id is out of range [ 431.138548][T22358] netlink: zone id is out of range [ 431.289841][T22364] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 431.577953][T22379] random: crng reseeded on system resumption [ 434.042342][T22498] capability: warning: `syz.2.7797' uses 32-bit capabilities (legacy support in use) [ 436.397019][T22610] net_ratelimit: 9 callbacks suppressed [ 436.397035][T22610] openvswitch: netlink: Message has 4 unknown bytes. [ 437.304389][T22660] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7871'. [ 437.426290][T22667] nbd: illegal input index -1073741824 [ 438.294202][T22713] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7894'. [ 438.376148][T22718] openvswitch: netlink: Key 15 has unexpected len 16 expected 4 [ 438.604136][T22728] nbd: must specify an index to disconnect [ 439.375635][T22773] ucma_write: process 3739 (syz.2.7922) changed security contexts after opening file descriptor, this is not allowed. [ 439.819404][T22794] netlink: Conntrack attr has 16 unknown bytes [ 440.776247][T22843] ======================================================= [ 440.776247][T22843] WARNING: The mand mount option has been deprecated and [ 440.776247][T22843] and is ignored by this kernel. Remove the mand [ 440.776247][T22843] option from the mount to silence this warning. [ 440.776247][T22843] ======================================================= [ 441.063357][T22854] phram: illegal start address [ 441.108214][T22856] nbd: couldn't find device at index 33904 [ 441.144731][T22860] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 441.327224][T22869] MTRR 1 not used [ 441.831296][T22895] netlink: 'syz.0.7979': attribute type 1 has an invalid length. [ 442.180711][T22911] openvswitch: netlink: Duplicate or invalid key (type 0). [ 442.370791][T22922] nbd: must specify a size in bytes for the device [ 442.527254][T22933] FAULT_INJECTION: forcing a failure. [ 442.527254][T22933] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 442.577102][T22933] CPU: 0 UID: 0 PID: 22933 Comm: syz.1.7997 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 442.577144][T22933] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 442.577151][T22933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 442.577160][T22933] Call Trace: [ 442.577165][T22933] [ 442.577171][T22933] dump_stack_lvl+0x16c/0x1f0 [ 442.577198][T22933] should_fail_ex+0x512/0x640 [ 442.577219][T22933] core_sys_select+0x9cf/0xc20 [ 442.577244][T22933] ? __pfx_core_sys_select+0x10/0x10 [ 442.577268][T22933] ? __lock_acquire+0x436/0x2890 [ 442.577296][T22933] ? read_tsc+0x9/0x20 [ 442.577314][T22933] ? ktime_get_ts64+0x256/0x400 [ 442.577334][T22933] kern_select+0x15d/0x1e0 [ 442.577353][T22933] ? __pfx_kern_select+0x10/0x10 [ 442.577375][T22933] ? xfd_validate_state+0x61/0x180 [ 442.577387][T22933] ? __pfx_ksys_write+0x10/0x10 [ 442.577418][T22933] __x64_sys_select+0xbd/0x160 [ 442.577436][T22933] ? do_syscall_64+0x91/0xf80 [ 442.577458][T22933] ? lockdep_hardirqs_on+0x7c/0x110 [ 442.577480][T22933] do_syscall_64+0xcd/0xf80 [ 442.577502][T22933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.577516][T22933] RIP: 0033:0x7fc4cd38f7c9 [ 442.577528][T22933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.577542][T22933] RSP: 002b:00007fc4ce288038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 442.577556][T22933] RAX: ffffffffffffffda RBX: 00007fc4cd5e5fa0 RCX: 00007fc4cd38f7c9 [ 442.577565][T22933] RDX: 00002000000007c0 RSI: 0000200000000740 RDI: 0000000000000000 [ 442.577574][T22933] RBP: 00007fc4cd413f91 R08: 00002000000008c0 R09: 0000000000000000 [ 442.577582][T22933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 442.577590][T22933] R13: 00007fc4cd5e6038 R14: 00007fc4cd5e5fa0 R15: 00007ffd472f1088 [ 442.577609][T22933] [ 443.233588][T22960] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 443.643323][T22978] FAULT_INJECTION: forcing a failure. [ 443.643323][T22978] name failslab, interval 1, probability 0, space 0, times 0 [ 443.700172][T22978] CPU: 0 UID: 0 PID: 22978 Comm: syz.2.8020 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 443.700203][T22978] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 443.700210][T22978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 443.700219][T22978] Call Trace: [ 443.700224][T22978] [ 443.700230][T22978] dump_stack_lvl+0x16c/0x1f0 [ 443.700256][T22978] should_fail_ex+0x512/0x640 [ 443.700272][T22978] ? fs_reclaim_acquire+0xae/0x150 [ 443.700297][T22978] should_failslab+0xc2/0x120 [ 443.700329][T22978] __kmalloc_noprof+0xeb/0x910 [ 443.700349][T22978] ? tomoyo_encode2+0x100/0x3e0 [ 443.700373][T22978] ? tomoyo_encode2+0x100/0x3e0 [ 443.700391][T22978] tomoyo_encode2+0x100/0x3e0 [ 443.700412][T22978] tomoyo_encode+0x29/0x50 [ 443.700431][T22978] tomoyo_mount_acl+0x144/0x850 [ 443.700449][T22978] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 443.700474][T22978] ? kernel_text_address+0x8d/0x100 [ 443.700491][T22978] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 443.700509][T22978] ? arch_stack_walk+0xa6/0x100 [ 443.700545][T22978] ? tomoyo_domain+0xba/0x150 [ 443.700565][T22978] ? tomoyo_profile+0x47/0x60 [ 443.700587][T22978] tomoyo_mount_permission+0x16d/0x420 [ 443.700604][T22978] ? tomoyo_mount_permission+0x14f/0x420 [ 443.700623][T22978] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 443.700663][T22978] security_sb_mount+0x9b/0x260 [ 443.700681][T22978] path_mount+0x158/0x23a0 [ 443.700696][T22978] ? rcu_is_watching+0x12/0xc0 [ 443.700718][T22978] ? __pfx_path_mount+0x10/0x10 [ 443.700732][T22978] ? kmem_cache_free+0x2d8/0x770 [ 443.700749][T22978] ? putname+0xf5/0x1a0 [ 443.700765][T22978] ? putname+0xf5/0x1a0 [ 443.700776][T22978] ? putname+0xf5/0x1a0 [ 443.700790][T22978] ? __x64_sys_mount+0x293/0x310 [ 443.700803][T22978] __x64_sys_mount+0x293/0x310 [ 443.700817][T22978] ? __pfx___x64_sys_mount+0x10/0x10 [ 443.700836][T22978] do_syscall_64+0xcd/0xf80 [ 443.700859][T22978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 443.700874][T22978] RIP: 0033:0x7f5756d8f7c9 [ 443.700887][T22978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 443.700900][T22978] RSP: 002b:00007f5757c05038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 443.700915][T22978] RAX: ffffffffffffffda RBX: 00007f5756fe5fa0 RCX: 00007f5756d8f7c9 [ 443.700924][T22978] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000 [ 443.700933][T22978] RBP: 00007f5756e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 443.700942][T22978] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 443.700951][T22978] R13: 00007f5756fe6038 R14: 00007f5756fe5fa0 R15: 00007fffe8b26d18 [ 443.700971][T22978] [ 444.138811][T22990] netlink: Setting conntrack mark requires 'commit' flag. [ 444.304117][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.310653][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.442564][T23006] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8032'. [ 446.271998][T14818] Bluetooth: hci0: ACL packet too small [ 446.299415][T23097] No such timeout policy "" [ 446.333829][T23097] netlink: Failed to associated timeout policy '' [ 446.858460][T23126] sctp: [Deprecated]: syz.3.8091 (pid 23126) Use of int in max_burst socket option deprecated. [ 446.858460][T23126] Use struct sctp_assoc_value instead [ 447.661506][T23169] mmap: syz.3.8113 (23169) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 448.382025][T23207] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 448.849905][T23228] netlink: 'syz.0.8141': attribute type 1 has an invalid length. [ 449.653844][ T30] audit: type=1326 audit(1843124185.644:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23271 comm="syz.0.8161" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd0fd98f7c9 code=0x0 [ 451.047290][T14818] Bluetooth: hci1: unexpected event 0x2c length: 42 > 17 [ 451.092716][T23358] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 451.415115][T23375] FAULT_INJECTION: forcing a failure. [ 451.415115][T23375] name failslab, interval 1, probability 0, space 0, times 0 [ 451.473170][T23375] CPU: 0 UID: 0 PID: 23375 Comm: syz.1.8201 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 451.473200][T23375] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 451.473211][T23375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 451.473219][T23375] Call Trace: [ 451.473224][T23375] [ 451.473231][T23375] dump_stack_lvl+0x16c/0x1f0 [ 451.473258][T23375] should_fail_ex+0x512/0x640 [ 451.473275][T23375] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 451.473296][T23375] should_failslab+0xc2/0x120 [ 451.473319][T23375] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 451.473338][T23375] ? __d_alloc+0x35/0xa80 [ 451.473354][T23375] ? __d_alloc+0x35/0xa80 [ 451.473365][T23375] __d_alloc+0x35/0xa80 [ 451.473377][T23375] ? bpf_lsm_inode_permission+0x9/0x10 [ 451.473395][T23375] d_alloc+0x4a/0x1e0 [ 451.473408][T23375] vfs_tmpfile+0x148/0x9b0 [ 451.473434][T23375] path_openat+0x1936/0x3140 [ 451.473454][T23375] ? do_syscall_64+0xcd/0xf80 [ 451.473473][T23375] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.473494][T23375] ? __pfx_path_openat+0x10/0x10 [ 451.473517][T23375] ? __lock_acquire+0x436/0x2890 [ 451.473534][T23375] do_filp_open+0x20b/0x470 [ 451.473555][T23375] ? __pfx_do_filp_open+0x10/0x10 [ 451.473589][T23375] ? _raw_spin_unlock+0x28/0x50 [ 451.473607][T23375] ? alloc_fd+0x471/0x7d0 [ 451.473632][T23375] do_sys_openat2+0x121/0x290 [ 451.473648][T23375] ? __pfx_do_sys_openat2+0x10/0x10 [ 451.473671][T23375] __x64_sys_open+0x153/0x1e0 [ 451.473687][T23375] ? __pfx___x64_sys_open+0x10/0x10 [ 451.473707][T23375] ? rcu_is_watching+0x12/0xc0 [ 451.473729][T23375] do_syscall_64+0xcd/0xf80 [ 451.473750][T23375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.473764][T23375] RIP: 0033:0x7fc4cd38f7c9 [ 451.473777][T23375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.473791][T23375] RSP: 002b:00007fc4ce288038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 451.473805][T23375] RAX: ffffffffffffffda RBX: 00007fc4cd5e5fa0 RCX: 00007fc4cd38f7c9 [ 451.473814][T23375] RDX: 0000000000000408 RSI: 0000000000591002 RDI: 0000200000000100 [ 451.473823][T23375] RBP: 00007fc4cd413f91 R08: 0000000000000000 R09: 0000000000000000 [ 451.473831][T23375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 451.473839][T23375] R13: 00007fc4cd5e6038 R14: 00007fc4cd5e5fa0 R15: 00007ffd472f1088 [ 451.473858][T23375] [ 451.898612][T23386] .^: entered promiscuous mode [ 452.050351][T23402] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700010007 [ 452.388959][T14818] Bluetooth: hci2: unexpected event 0x2c length: 42 > 17 [ 452.388991][T14818] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 452.560611][T23373] Process accounting resumed [ 452.637829][T23429] netlink: ct_mark mask cannot be 0 [ 452.963612][T23449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8233'. [ 453.264879][T23482] nfsd: Unknown parameter '*' [ 454.878028][T23545] netlink: 'syz.3.8268': attribute type 11 has an invalid length. [ 454.886008][T23545] netlink: 'syz.3.8268': attribute type 11 has an invalid length. [ 454.947046][T23545] netlink: 'syz.3.8268': attribute type 11 has an invalid length. [ 454.954881][T23545] netlink: 'syz.3.8268': attribute type 11 has an invalid length. [ 455.246131][T14818] Bluetooth: hci2: unexpected subevent 0x18 length: 123 > 19 [ 455.253547][T14818] Bluetooth: hci2: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 456.257316][T23627] openvswitch: netlink: Message has 4 unknown bytes. [ 456.627208][T23643] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8300'. [ 456.657139][T23644] perf: Dynamic interrupt throttling disabled, can hang your system! [ 456.686478][T23643] netlink: 29 bytes leftover after parsing attributes in process `syz.2.8300'. [ 456.798049][T23650] synth uevent: /module/orangefs: unknown uevent action string [ 456.927428][T23655] netlink: 'syz.3.8305': attribute type 1 has an invalid length. [ 457.226105][T23665] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8311'. [ 458.255531][T23711] zero sized request [ 458.395864][T23716] openvswitch: netlink: Flow actions attr not present in new flow. [ 458.440495][T23719] netlink: 'syz.0.8334': attribute type 1 has an invalid length. [ 459.015032][T23744] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 459.717211][T23772] netlink: NAT attribute has 4 unknown bytes [ 459.814352][T23776] netlink: 'syz.2.8364': attribute type 1 has an invalid length. [ 460.292011][T14818] Bluetooth: hci1: unexpected event 0x30 length: 47 > 3 [ 460.733402][ T30] audit: type=1326 audit(1843124196.776:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23818 comm="syz.2.8386" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5756d8f7c9 code=0x0 [ 460.889905][T23827] netlink: 'syz.1.8390': attribute type 2 has an invalid length. [ 461.156556][T23837] aoe: copy from user failed [ 461.177403][T23837] aoe: could not set interface list: too many interfaces [ 461.676119][T23861] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 462.210747][T23887] netlink: 'syz.2.8417': attribute type 1 has an invalid length. [ 462.366844][T23897] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8421'. [ 462.414526][T23897] netlink: 29 bytes leftover after parsing attributes in process `syz.3.8421'. [ 462.503423][T14818] Bluetooth: hci1: SCO packet too small [ 463.234605][T23934] netlink: Unknown NAT attribute (type=262, max=9) [ 463.277843][T23937] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 463.729983][T23956] ima: policy update failed [ 463.740803][ T30] audit: type=1802 audit(1843124199.790:27): pid=23956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.8451" res=0 errno=0 [ 464.146918][T23974] netlink: 'syz.0.8458': attribute type 11 has an invalid length. [ 464.176245][T23974] netlink: 'syz.0.8458': attribute type 11 has an invalid length. [ 464.205038][T23974] netlink: 'syz.0.8458': attribute type 11 has an invalid length. [ 464.233065][T23974] netlink: 'syz.0.8458': attribute type 11 has an invalid length. [ 464.313055][T23978] netlink: 'syz.2.8461': attribute type 2 has an invalid length. [ 464.505635][T23987] tc_dump_action: action bad kind [ 466.840137][T24054] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 468.076137][T24109] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010002 [ 469.564007][T24192] netlink: 'syz.0.8548': attribute type 1 has an invalid length. [ 469.601374][T24192] netlink: 33 bytes leftover after parsing attributes in process `syz.0.8548'. [ 471.431165][T24295] HSR: entered promiscuous mode [ 472.163365][T24327] syz.1.8599 (24327) used greatest stack depth: 19688 bytes left [ 473.774918][T24414] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8638'. [ 473.805505][T14818] Bluetooth: hci1: unexpected subevent 0x04 length: 1 < 11 [ 474.320976][T24442] openvswitch: netlink: IP tunnel dst address not specified [ 474.359333][T24444] FAULT_INJECTION: forcing a failure. [ 474.359333][T24444] name failslab, interval 1, probability 0, space 0, times 0 [ 474.415583][T24444] CPU: 0 UID: 0 PID: 24444 Comm: syz.0.8653 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 474.415613][T24444] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 474.415620][T24444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 474.415628][T24444] Call Trace: [ 474.415633][T24444] [ 474.415639][T24444] dump_stack_lvl+0x16c/0x1f0 [ 474.415665][T24444] should_fail_ex+0x512/0x640 [ 474.415681][T24444] ? kmem_cache_alloc_noprof+0x62/0x770 [ 474.415701][T24444] should_failslab+0xc2/0x120 [ 474.415724][T24444] kmem_cache_alloc_noprof+0x83/0x770 [ 474.415740][T24444] ? kcm_create+0x11e/0x690 [ 474.415761][T24444] ? kcm_create+0x11e/0x690 [ 474.415776][T24444] kcm_create+0x11e/0x690 [ 474.415795][T24444] __sock_create+0x339/0x8a0 [ 474.415821][T24444] __sys_socket+0x14d/0x260 [ 474.415833][T24444] ? fput+0x70/0xf0 [ 474.415846][T24444] ? __pfx___sys_socket+0x10/0x10 [ 474.415860][T24444] ? xfd_validate_state+0x61/0x180 [ 474.415873][T24444] ? __pfx_ksys_write+0x10/0x10 [ 474.415896][T24444] __x64_sys_socket+0x72/0xb0 [ 474.415908][T24444] ? lockdep_hardirqs_on+0x7c/0x110 [ 474.415929][T24444] do_syscall_64+0xcd/0xf80 [ 474.415950][T24444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.415965][T24444] RIP: 0033:0x7fd0fd98f7c9 [ 474.415977][T24444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 474.415990][T24444] RSP: 002b:00007fd0fe8e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 474.416004][T24444] RAX: ffffffffffffffda RBX: 00007fd0fdbe5fa0 RCX: 00007fd0fd98f7c9 [ 474.416014][T24444] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 474.416022][T24444] RBP: 00007fd0fda13f91 R08: 0000000000000000 R09: 0000000000000000 [ 474.416030][T24444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.416038][T24444] R13: 00007fd0fdbe6038 R14: 00007fd0fdbe5fa0 R15: 00007fffcb068bd8 [ 474.416057][T24444] [ 476.151520][T24530] : entered promiscuous mode [ 476.279693][T24538] netlink: 'syz.2.8681': attribute type 2 has an invalid length. [ 476.476419][T24548] netlink: 'syz.1.8686': attribute type 11 has an invalid length. [ 476.512720][T24548] netlink: 'syz.1.8686': attribute type 11 has an invalid length. [ 476.780731][T24564] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 477.130224][T24581] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 477.477003][T24599] openvswitch: netlink: Key type 261 is out of range max 32 [ 478.435884][T24662] input input36: cannot allocate more than FF_MAX_EFFECTS effects [ 480.364127][T24771] netlink: 148 bytes leftover after parsing attributes in process `syz.1.8768'. [ 480.519026][T24779] netlink: 'syz.1.8771': attribute type 1 has an invalid length. [ 480.709229][T24786] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8774'. [ 480.918689][T24817] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 481.225938][T24829] syz.3.8784 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 482.303435][T24878] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 482.565521][T24892] binder: 24891:24892 ioctl c00c620f 9 returned -22 [ 482.687569][T24892] Process accounting paused [ 482.857197][T14818] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 484.345262][T24989] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 484.751918][T25009] HfR: entered promiscuous mode [ 484.929183][T25021] FAULT_INJECTION: forcing a failure. [ 484.929183][T25021] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 484.999062][T25021] CPU: 0 UID: 0 PID: 25021 Comm: syz.0.8854 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 484.999092][T25021] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 484.999099][T25021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 484.999107][T25021] Call Trace: [ 484.999112][T25021] [ 484.999118][T25021] dump_stack_lvl+0x16c/0x1f0 [ 484.999144][T25021] should_fail_ex+0x512/0x640 [ 484.999164][T25021] should_fail_alloc_page+0xe7/0x130 [ 484.999188][T25021] prepare_alloc_pages+0x401/0x670 [ 484.999213][T25021] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 484.999236][T25021] ? rcu_is_watching+0x12/0xc0 [ 484.999257][T25021] ? mod_memcg_lruvec_state+0x381/0x5f0 [ 484.999275][T25021] ? find_held_lock+0x2b/0x80 [ 484.999295][T25021] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 484.999316][T25021] ? __folio_mod_stat+0x18f/0x1f0 [ 484.999342][T25021] ? split_huge_pmd_locked+0x39c/0x4010 [ 484.999359][T25021] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 484.999382][T25021] ? policy_nodemask+0xea/0x4e0 [ 484.999405][T25021] alloc_pages_mpol+0x1fb/0x550 [ 484.999427][T25021] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 484.999454][T25021] ? __split_huge_pmd+0x203/0x350 [ 484.999475][T25021] alloc_pages_noprof+0x131/0x390 [ 484.999497][T25021] pte_alloc_one+0x1e/0x3d0 [ 484.999519][T25021] __pte_alloc+0x6d/0x3f0 [ 484.999538][T25021] ? __pfx___pte_alloc+0x10/0x10 [ 484.999557][T25021] ? _raw_spin_unlock+0x28/0x50 [ 484.999583][T25021] ? __pmd_alloc+0x6aa/0x9c0 [ 484.999607][T25021] move_page_tables+0x2c0a/0x4380 [ 484.999629][T25021] ? __pfx_copy_vma+0x10/0x10 [ 484.999650][T25021] ? __pfx_move_page_tables+0x10/0x10 [ 484.999681][T25021] copy_vma_and_data+0x24e/0x790 [ 484.999700][T25021] ? __pfx_copy_vma_and_data+0x10/0x10 [ 484.999725][T25021] ? find_held_lock+0x2b/0x80 [ 484.999743][T25021] ? move_vma+0x533/0x1790 [ 484.999758][T25021] ? __vm_enough_memory+0x184/0x3f0 [ 484.999782][T25021] move_vma+0x545/0x1790 [ 484.999801][T25021] ? __pfx_move_vma+0x10/0x10 [ 484.999820][T25021] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 484.999842][T25021] ? cap_mmap_addr+0x4b/0x120 [ 484.999854][T25021] ? bpf_lsm_mmap_addr+0x9/0x10 [ 484.999870][T25021] ? security_mmap_addr+0x6c/0x1e0 [ 484.999888][T25021] ? __get_unmapped_area+0x267/0x3f0 [ 484.999911][T25021] ? vrm_set_new_addr+0x208/0x290 [ 484.999928][T25021] mremap_to+0x1b7/0x450 [ 484.999945][T25021] do_mremap+0x13a8/0x2020 [ 484.999963][T25021] ? futex_private_hash_put+0xd0/0x1b0 [ 484.999984][T25021] ? __pfx_do_mremap+0x10/0x10 [ 485.000005][T25021] ? ksys_write+0x190/0x250 [ 485.000029][T25021] __do_sys_mremap+0x119/0x170 [ 485.000045][T25021] ? __pfx___do_sys_mremap+0x10/0x10 [ 485.000067][T25021] ? __x64_sys_futex+0x1e0/0x4c0 [ 485.000095][T25021] do_syscall_64+0xcd/0xf80 [ 485.000117][T25021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.000132][T25021] RIP: 0033:0x7fd0fd98f7c9 [ 485.000145][T25021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.000159][T25021] RSP: 002b:00007fd0fe8e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 485.000173][T25021] RAX: ffffffffffffffda RBX: 00007fd0fdbe5fa0 RCX: 00007fd0fd98f7c9 [ 485.000183][T25021] RDX: 0000000000000004 RSI: 0000000000000002 RDI: 0000200000000000 [ 485.000191][T25021] RBP: 00007fd0fda13f91 R08: 0000000100000000 R09: 0000000000000000 [ 485.000200][T25021] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 485.000209][T25021] R13: 00007fd0fdbe6038 R14: 00007fd0fdbe5fa0 R15: 00007fffcb068bd8 [ 485.000229][T25021] [ 485.755649][T25048] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3) [ 486.215753][T25068] FAULT_INJECTION: forcing a failure. [ 486.215753][T25068] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 486.265254][T25068] CPU: 0 UID: 0 PID: 25068 Comm: syz.1.8879 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 486.265292][T25068] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 486.265298][T25068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 486.265307][T25068] Call Trace: [ 486.265313][T25068] [ 486.265319][T25068] dump_stack_lvl+0x16c/0x1f0 [ 486.265345][T25068] should_fail_ex+0x512/0x640 [ 486.265365][T25068] should_fail_alloc_page+0xe7/0x130 [ 486.265390][T25068] prepare_alloc_pages+0x401/0x670 [ 486.265415][T25068] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 486.265435][T25068] ? folio_remove_rmap_ptes+0x391/0xfb0 [ 486.265459][T25068] ? try_to_migrate_one+0x1405/0x3810 [ 486.265476][T25068] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 486.265497][T25068] ? __pfx_try_to_migrate_one+0x10/0x10 [ 486.265516][T25068] ? __up_read+0x2d1/0x700 [ 486.265533][T25068] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 486.265556][T25068] ? policy_nodemask+0xea/0x4e0 [ 486.265578][T25068] alloc_pages_mpol+0x1fb/0x550 [ 486.265600][T25068] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 486.265626][T25068] folio_alloc_mpol_noprof+0x36/0x2f0 [ 486.265642][T25068] alloc_migration_target_by_mpol+0x246/0x500 [ 486.265659][T25068] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 486.265674][T25068] ? __pfx_folio_lock_anon_vma_read+0x10/0x10 [ 486.265690][T25068] ? __pfx___might_resched+0x10/0x10 [ 486.265710][T25068] ? __pfx_queue_folios_pte_range+0x10/0x10 [ 486.265726][T25068] migrate_pages_batch+0x3bc/0x3bb0 [ 486.265743][T25068] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 486.265766][T25068] ? __pfx_migrate_pages_batch+0x10/0x10 [ 486.265784][T25068] ? __pfx_walk_pgd_range+0x10/0x10 [ 486.265804][T25068] migrate_pages_sync+0x12d/0x8a0 [ 486.265820][T25068] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 486.265839][T25068] ? queue_pages_test_walk+0x279/0x410 [ 486.265852][T25068] ? __pfx_migrate_pages_sync+0x10/0x10 [ 486.265867][T25068] ? walk_page_test+0x9b/0x180 [ 486.265898][T25068] migrate_pages+0x1b0b/0x2350 [ 486.265915][T25068] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 486.265938][T25068] ? __pfx_migrate_pages+0x10/0x10 [ 486.265953][T25068] ? mas_next_slot+0x12d3/0x1cb0 [ 486.265968][T25068] ? find_held_lock+0x2b/0x80 [ 486.265991][T25068] ? up_write+0x282/0x4e0 [ 486.266007][T25068] do_mbind+0x6e2/0xf20 [ 486.266028][T25068] ? __pfx_do_mbind+0x10/0x10 [ 486.266053][T25068] ? __pfx_get_nodes+0x10/0x10 [ 486.266076][T25068] kernel_mbind+0x1e3/0x1f0 [ 486.266092][T25068] ? __pfx_kernel_mbind+0x10/0x10 [ 486.266112][T25068] do_syscall_64+0xcd/0xf80 [ 486.266134][T25068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.266149][T25068] RIP: 0033:0x7fc4cd38f7c9 [ 486.266162][T25068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.266176][T25068] RSP: 002b:00007fc4ce288038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 486.266190][T25068] RAX: ffffffffffffffda RBX: 00007fc4cd5e5fa0 RCX: 00007fc4cd38f7c9 [ 486.266200][T25068] RDX: 0000000100000000 RSI: 8000000000000001 RDI: 000000000000f000 [ 486.266209][T25068] RBP: 00007fc4cd413f91 R08: 0000000000000006 R09: 0000000000000002 [ 486.266218][T25068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.266227][T25068] R13: 00007fc4cd5e6038 R14: 00007fc4cd5e5fa0 R15: 00007ffd472f1088 [ 486.266247][T25068] [ 487.409141][T25109] sd 0:0:1:0: device reset [ 488.661192][T25164] openvswitch: netlink: Multiple metadata blocks provided [ 488.759911][T25166] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 489.242699][T25194] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 489.438745][T25204] netlink: 'syz.1.8938': attribute type 1 has an invalid length. [ 489.717162][T14818] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 489.735243][T25217] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 489.981431][T25229] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 490.938322][T25305] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 491.435516][T25321] netlink: 'syz.2.8964': attribute type 22 has an invalid length. [ 491.705851][T14818] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 494.103360][T25436] FAULT_INJECTION: forcing a failure. [ 494.103360][T25436] name failslab, interval 1, probability 0, space 0, times 0 [ 494.149685][T25440] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 494.224626][T25436] CPU: 0 UID: 0 PID: 25436 Comm: syz.2.9004 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 494.224658][T25436] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 494.224664][T25436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 494.224673][T25436] Call Trace: [ 494.224678][T25436] [ 494.224684][T25436] dump_stack_lvl+0x16c/0x1f0 [ 494.224710][T25436] should_fail_ex+0x512/0x640 [ 494.224728][T25436] ? __kvmalloc_node_noprof+0x129/0xa40 [ 494.224751][T25436] should_failslab+0xc2/0x120 [ 494.224772][T25436] __kvmalloc_node_noprof+0x14a/0xa40 [ 494.224793][T25436] ? io_alloc_cache_init+0x38/0x170 [ 494.224819][T25436] ? io_alloc_cache_init+0x38/0x170 [ 494.224839][T25436] ? __init_waitqueue_head+0xca/0x150 [ 494.224856][T25436] io_alloc_cache_init+0x38/0x170 [ 494.224879][T25436] io_uring_setup+0x578/0x1f60 [ 494.224899][T25436] ? __pfx_io_uring_setup+0x10/0x10 [ 494.224919][T25436] ? do_futex+0x122/0x350 [ 494.224935][T25436] ? __pfx_do_futex+0x10/0x10 [ 494.224959][T25436] ? fput+0x70/0xf0 [ 494.224973][T25436] ? xfd_validate_state+0x61/0x180 [ 494.224986][T25436] ? __pfx_ksys_write+0x10/0x10 [ 494.225009][T25436] __x64_sys_io_uring_setup+0xc2/0x170 [ 494.225029][T25436] do_syscall_64+0xcd/0xf80 [ 494.225051][T25436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.225066][T25436] RIP: 0033:0x7f5756d8f7c9 [ 494.225079][T25436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 494.225092][T25436] RSP: 002b:00007f5757c05038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 494.225106][T25436] RAX: ffffffffffffffda RBX: 00007f5756fe5fa0 RCX: 00007f5756d8f7c9 [ 494.225116][T25436] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000001d48 [ 494.225124][T25436] RBP: 00007f5756e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 494.225132][T25436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 494.225140][T25436] R13: 00007f5756fe6038 R14: 00007f5756fe5fa0 R15: 00007fffe8b26d18 [ 494.225159][T25436] [ 495.420374][T25469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9020'. [ 495.635640][T25475] netlink: 'syz.1.9023': attribute type 11 has an invalid length. [ 496.285892][T25504] delete_channel: no stack [ 496.414884][T25510] IPVS: length: 131 != 8 [ 497.133235][T14818] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 498.829647][T25648] netlink: 'syz.3.9085': attribute type 11 has an invalid length. [ 499.156234][T25665] netlink: 'syz.0.9092': attribute type 1 has an invalid length. [ 500.015908][T25707] netlink: del zone limit has 8 unknown bytes [ 500.370360][T25723] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 501.395729][T25779] FAULT_INJECTION: forcing a failure. [ 501.395729][T25779] name failslab, interval 1, probability 0, space 0, times 0 [ 501.440098][T25779] CPU: 0 UID: 0 PID: 25779 Comm: syz.2.9146 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 501.440128][T25779] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 501.440135][T25779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 501.440144][T25779] Call Trace: [ 501.440149][T25779] [ 501.440155][T25779] dump_stack_lvl+0x16c/0x1f0 [ 501.440182][T25779] should_fail_ex+0x512/0x640 [ 501.440199][T25779] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 501.440223][T25779] should_failslab+0xc2/0x120 [ 501.440246][T25779] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 501.440267][T25779] ? kstrdup_const+0x63/0x80 [ 501.440287][T25779] ? kstrdup+0x53/0x100 [ 501.440302][T25779] kstrdup+0x53/0x100 [ 501.440322][T25779] kstrdup_const+0x63/0x80 [ 501.440339][T25779] alloc_vfsmnt+0xea/0x6b0 [ 501.440354][T25779] ? __pfx___might_resched+0x10/0x10 [ 501.440376][T25779] clone_mnt+0x4b/0x930 [ 501.440395][T25779] copy_tree+0xee/0xbd0 [ 501.440415][T25779] ? __pfx_down_write+0x10/0x10 [ 501.440435][T25779] copy_mnt_ns+0x2c3/0xc40 [ 501.440448][T25779] ? create_new_namespaces+0x30/0xab0 [ 501.440471][T25779] create_new_namespaces+0xd3/0xab0 [ 501.440490][T25779] ? bpf_lsm_capable+0x9/0x10 [ 501.440508][T25779] ? security_capable+0x7e/0x260 [ 501.440532][T25779] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 501.440553][T25779] ksys_unshare+0x45b/0xa40 [ 501.440586][T25779] ? __pfx_ksys_unshare+0x10/0x10 [ 501.440610][T25779] ? xfd_validate_state+0x61/0x180 [ 501.440630][T25779] __x64_sys_unshare+0x31/0x40 [ 501.440643][T25779] do_syscall_64+0xcd/0xf80 [ 501.440666][T25779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.440681][T25779] RIP: 0033:0x7f5756d8f7c9 [ 501.440693][T25779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 501.440706][T25779] RSP: 002b:00007f5757c05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 501.440720][T25779] RAX: ffffffffffffffda RBX: 00007f5756fe5fa0 RCX: 00007f5756d8f7c9 [ 501.440730][T25779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 501.440738][T25779] RBP: 00007f5756e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 501.440746][T25779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.440755][T25779] R13: 00007f5756fe6038 R14: 00007f5756fe5fa0 R15: 00007fffe8b26d18 [ 501.440775][T25779] [ 503.298354][T25862] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9184'. [ 503.752227][T25887] ptrace attach of "./syz-executor exec"[6184] was attempted by ""[25887] [ 504.281515][T25918] misc userio: No port type given on /dev/userio [ 504.954919][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 504.961219][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 510.923129][T26232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9362'. [ 511.542028][T26261] nfs: Unknown parameter 'nl802154' [ 513.426474][T26388] __vm_enough_memory: pid: 26388, comm: syz.1.9412, bytes: 4398046511104 not enough memory for the allocation [ 513.708357][T26396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9417'. [ 514.039000][T26413] netlink: 'syz.0.9421': attribute type 1 has an invalid length. [ 514.105505][T26416] openvswitch: netlink: IP tunnel dst address not specified [ 514.802004][T26437] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 515.054173][T26445] nbd: couldn't find a device at index 35644 [ 515.158577][T26448] openvswitch: netlink: Missing valid actions attribute. [ 515.600038][T26459] netlink: 'syz.2.9444': attribute type 1 has an invalid length. [ 516.274095][T26488] netlink: 'syz.3.9456': attribute type 1 has an invalid length. [ 516.314882][T26489] netlink: zone id is out of range [ 516.373282][T26489] netlink: zone id is out of range [ 516.403239][T26489] netlink: zone id is out of range [ 516.450313][T26489] netlink: zone id is out of range [ 516.495784][T26489] netlink: zone id is out of range [ 516.547111][T26489] netlink: zone id is out of range [ 516.596401][T26489] netlink: zone id is out of range [ 517.054398][ T30] audit: type=1107 audit(1843189790.354:28): pid=26536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 517.124408][ T30] audit: type=1107 audit(1843189790.374:29): pid=26536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 517.434263][T26547] sd 0:0:1:0: PR command failed: 1026 [ 517.439678][T26547] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 517.500484][T26547] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 517.527605][T26551] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 518.060072][T26571] netlink: 'syz.2.9484': attribute type 8 has an invalid length. [ 518.108433][T26575] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffefd85 [ 519.565250][T26644] net_ratelimit: 166 callbacks suppressed [ 519.565267][T26644] netlink: set zone limit has 8 unknown bytes [ 519.606349][T26650] netlink: 'syz.2.9510': attribute type 1 has an invalid length. [ 519.861863][T26654] mmap: syz.1.9511 (26654): VmData 45883392 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 520.393813][T26680] ptrace attach of "./syz-executor exec"[6184] was attempted by ""[26680] [ 521.932853][T26750] openvswitch: netlink: Multiple metadata blocks provided [ 522.957096][T26802] vhci_hcd vhci_hcd.1: invalid port number 21 [ 523.605515][T26838] dlm: non-version read from control device 1 [ 524.003363][T26860] netlink: 'syz.3.9610': attribute type 2 has an invalid length. [ 524.036582][T26860] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9610'. [ 526.292199][T26986] openvswitch: netlink: Duplicate key (type 15). [ 526.437614][T14818] Bluetooth: hci3: unexpected event 0xff length: 427 > 260 [ 526.633999][T27008] sctp: [Deprecated]: syz.2.9660 (pid 27008) Use of int in max_burst socket option deprecated. [ 526.633999][T27008] Use struct sctp_assoc_value instead [ 527.416749][T27045] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 528.303637][T27100] [U] ^\ [ 528.427510][T27125] FAULT_INJECTION: forcing a failure. [ 528.427510][T27125] name failslab, interval 1, probability 0, space 0, times 0 [ 528.470342][T27125] CPU: 0 UID: 0 PID: 27125 Comm: syz.1.9700 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 528.470372][T27125] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 528.470378][T27125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 528.470387][T27125] Call Trace: [ 528.470393][T27125] [ 528.470399][T27125] dump_stack_lvl+0x16c/0x1f0 [ 528.470426][T27125] should_fail_ex+0x512/0x640 [ 528.470442][T27125] ? __kmalloc_cache_noprof+0x5f/0x800 [ 528.470461][T27125] should_failslab+0xc2/0x120 [ 528.470483][T27125] __kmalloc_cache_noprof+0x80/0x800 [ 528.470499][T27125] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 528.470519][T27125] ? sctp_endpoint_new+0xfc/0xb20 [ 528.470543][T27125] ? sctp_endpoint_new+0xfc/0xb20 [ 528.470563][T27125] sctp_endpoint_new+0xfc/0xb20 [ 528.470586][T27125] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 528.470608][T27125] ? lockdep_init_map_type+0x5c/0x270 [ 528.470624][T27125] ? lockdep_init_map_type+0x5c/0x270 [ 528.470641][T27125] sctp_init_sock+0xe2b/0x1310 [ 528.470662][T27125] ? __pfx_sctp_init_sock+0x10/0x10 [ 528.470682][T27125] inet_create+0x939/0x1040 [ 528.470700][T27125] ? inet_create+0x93/0x1040 [ 528.470719][T27125] __sock_create+0x339/0x8a0 [ 528.470745][T27125] __sys_socket+0x14d/0x260 [ 528.470761][T27125] ? fput+0x70/0xf0 [ 528.470775][T27125] ? __pfx___sys_socket+0x10/0x10 [ 528.470788][T27125] ? xfd_validate_state+0x61/0x180 [ 528.470801][T27125] ? __pfx_ksys_write+0x10/0x10 [ 528.470825][T27125] __x64_sys_socket+0x72/0xb0 [ 528.470838][T27125] ? lockdep_hardirqs_on+0x7c/0x110 [ 528.470859][T27125] do_syscall_64+0xcd/0xf80 [ 528.470881][T27125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.470943][T27125] RIP: 0033:0x7fc4cd38f7c9 [ 528.470956][T27125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.470970][T27125] RSP: 002b:00007fc4ce288038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 528.470984][T27125] RAX: ffffffffffffffda RBX: 00007fc4cd5e5fa0 RCX: 00007fc4cd38f7c9 [ 528.470994][T27125] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 528.471002][T27125] RBP: 00007fc4cd413f91 R08: 0000000000000000 R09: 0000000000000000 [ 528.471010][T27125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.471018][T27125] R13: 00007fc4cd5e6038 R14: 00007fc4cd5e5fa0 R15: 00007ffd472f1088 [ 528.471038][T27125] [ 532.321699][T27304] FAULT_INJECTION: forcing a failure. [ 532.321699][T27304] name failslab, interval 1, probability 0, space 0, times 0 [ 532.367903][T27304] CPU: 0 UID: 0 PID: 27304 Comm: syz.2.9781 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 532.367934][T27304] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 532.367940][T27304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 532.367949][T27304] Call Trace: [ 532.367954][T27304] [ 532.367961][T27304] dump_stack_lvl+0x16c/0x1f0 [ 532.367986][T27304] should_fail_ex+0x512/0x640 [ 532.368003][T27304] ? __kmalloc_cache_noprof+0x5f/0x800 [ 532.368023][T27304] should_failslab+0xc2/0x120 [ 532.368045][T27304] __kmalloc_cache_noprof+0x80/0x800 [ 532.368061][T27304] ? rcu_is_watching+0x12/0xc0 [ 532.368080][T27304] ? call_usermodehelper_setup+0xaf/0x360 [ 532.368098][T27304] ? __pfx_free_modprobe_argv+0x10/0x10 [ 532.368117][T27304] ? call_usermodehelper_setup+0xaf/0x360 [ 532.368138][T27304] call_usermodehelper_setup+0xaf/0x360 [ 532.368158][T27304] __request_module+0x3bd/0x660 [ 532.368177][T27304] ? __pfx___request_module+0x10/0x10 [ 532.368204][T27304] ? rcu_is_watching+0x12/0xc0 [ 532.368223][T27304] ? lockdep_hardirqs_on+0x7c/0x110 [ 532.368249][T27304] netlink_create+0x226/0x620 [ 532.368272][T27304] __sock_create+0x339/0x8a0 [ 532.368298][T27304] __sys_socket+0x14d/0x260 [ 532.368311][T27304] ? fput+0x70/0xf0 [ 532.368331][T27304] ? __pfx___sys_socket+0x10/0x10 [ 532.368345][T27304] ? xfd_validate_state+0x61/0x180 [ 532.368359][T27304] ? __pfx_ksys_write+0x10/0x10 [ 532.368383][T27304] __x64_sys_socket+0x72/0xb0 [ 532.368396][T27304] ? lockdep_hardirqs_on+0x7c/0x110 [ 532.368418][T27304] do_syscall_64+0xcd/0xf80 [ 532.368440][T27304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.368455][T27304] RIP: 0033:0x7f5756d8f7c9 [ 532.368468][T27304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 532.368481][T27304] RSP: 002b:00007f5757c05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 532.368495][T27304] RAX: ffffffffffffffda RBX: 00007f5756fe5fa0 RCX: 00007f5756d8f7c9 [ 532.368512][T27304] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 532.368521][T27304] RBP: 00007f5756e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 532.368530][T27304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 532.368539][T27304] R13: 00007f5756fe6038 R14: 00007f5756fe5fa0 R15: 00007fffe8b26d18 [ 532.368559][T27304] [ 532.738266][T27311] netlink: NAT attribute type 6 has unexpected length (4 != 2) [ 532.776096][T27313] netlink: 'syz.2.9786': attribute type 1 has an invalid length. [ 533.000781][T14818] Bluetooth: hci2: Malformed LE Event: 0x0b [ 533.399299][T27344] openvswitch: netlink: IP tunnel TTL not specified. [ 533.753498][T27362] binder_alloc: binder_alloc_mmap_handler: 27361 0-1000 already mapped failed -16 [ 534.840757][T27412] netlink: 'syz.2.9821': attribute type 2 has an invalid length. [ 534.869667][T27411] netlink: 2 bytes leftover after parsing attributes in process `syz.3.9818'. [ 535.479931][T27441] sctp: [Deprecated]: syz.3.9833 (pid 27441) Use of struct sctp_assoc_value in delayed_ack socket option. [ 535.479931][T27441] Use struct sctp_sack_info instead [ 535.639420][T27450] netlink: 'syz.2.9837': attribute type 10 has an invalid length. [ 535.908369][T27463] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 536.330906][T27482] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 536.337641][T27482] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 536.884719][T27502] netlink: 206 bytes leftover after parsing attributes in process `syz.2.9863'. [ 537.371694][T14818] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 537.371717][T14818] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 537.386635][T14818] Bluetooth: hci0: Dropping invalid advertising data [ 537.395047][T14818] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 537.395072][T14818] Bluetooth: hci0: Dropping invalid advertising data [ 537.408868][T14818] Bluetooth: hci0: Malformed LE Event: 0x02 [ 538.615284][T27594] FAULT_INJECTION: forcing a failure. [ 538.615284][T27594] name failslab, interval 1, probability 0, space 0, times 0 [ 538.671247][T27594] CPU: 0 UID: 0 PID: 27594 Comm: syz.2.9897 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 538.671278][T27594] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 538.671285][T27594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 538.671295][T27594] Call Trace: [ 538.671302][T27594] [ 538.671309][T27594] dump_stack_lvl+0x16c/0x1f0 [ 538.671336][T27594] should_fail_ex+0x512/0x640 [ 538.671352][T27594] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 538.671373][T27594] should_failslab+0xc2/0x120 [ 538.671396][T27594] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 538.671413][T27594] ? __debug_object_init+0x2de/0x3d0 [ 538.671434][T27594] ? sock_alloc_inode+0x25/0x1c0 [ 538.671457][T27594] ? __pfx_sock_alloc_inode+0x10/0x10 [ 538.671477][T27594] ? sock_alloc_inode+0x25/0x1c0 [ 538.671496][T27594] sock_alloc_inode+0x25/0x1c0 [ 538.671515][T27594] alloc_inode+0x64/0x240 [ 538.671532][T27594] sock_alloc+0x40/0x280 [ 538.671551][T27594] __sock_create+0xc2/0x8a0 [ 538.671573][T27594] ? lockdep_init_map_type+0x5c/0x270 [ 538.671590][T27594] smc_create+0x15d/0x2a0 [ 538.671609][T27594] __sock_create+0x339/0x8a0 [ 538.671634][T27594] __sys_socket+0x14d/0x260 [ 538.671647][T27594] ? fput+0x70/0xf0 [ 538.671660][T27594] ? __pfx___sys_socket+0x10/0x10 [ 538.671674][T27594] ? xfd_validate_state+0x61/0x180 [ 538.671687][T27594] ? __pfx_ksys_write+0x10/0x10 [ 538.671710][T27594] __x64_sys_socket+0x72/0xb0 [ 538.671722][T27594] ? lockdep_hardirqs_on+0x7c/0x110 [ 538.671743][T27594] do_syscall_64+0xcd/0xf80 [ 538.671765][T27594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.671780][T27594] RIP: 0033:0x7f5756d8f7c9 [ 538.671792][T27594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 538.671806][T27594] RSP: 002b:00007f5757c05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 538.671820][T27594] RAX: ffffffffffffffda RBX: 00007f5756fe5fa0 RCX: 00007f5756d8f7c9 [ 538.671830][T27594] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b [ 538.671839][T27594] RBP: 00007f5756e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 538.671848][T27594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 538.671857][T27594] R13: 00007f5756fe6038 R14: 00007f5756fe5fa0 R15: 00007fffe8b26d18 [ 538.671878][T27594] [ 538.671886][T27594] socket: no more sockets [ 539.081269][T27604] netlink: 'syz.0.9901': attribute type 1 has an invalid length. [ 540.052145][T14818] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 540.052178][T14818] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 540.067366][T14818] Bluetooth: hci1: Dropping invalid advertising data [ 540.074036][T14818] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 540.074055][T14818] Bluetooth: hci1: Dropping invalid advertising data [ 540.088893][T14818] Bluetooth: hci1: Malformed LE Event: 0x02 [ 540.847733][T27694] netlink: Failed to add  helper -22 [ 542.003991][T27742] netlink: 'syz.3.9958': attribute type 12 has an invalid length. [ 542.377141][T27760] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 542.751420][T27776] tipc: Started in network mode [ 542.774019][T27776] tipc: Node identity ffffffff, cluster identity 4711 [ 542.801491][T27776] tipc: Node number set to 4294967295 [ 543.290193][T14818] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 543.290224][T14818] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 543.290240][T14818] Bluetooth: hci2: Dropping invalid advertising data [ 543.290258][T14818] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 543.290272][T14818] Bluetooth: hci2: Dropping invalid advertising data [ 543.290287][T14818] Bluetooth: hci2: Malformed LE Event: 0x02 [ 543.654130][T27830] netlink: 'syz.0.9990': attribute type 11 has an invalid length. [ 543.702324][T27830] netlink: 'syz.0.9990': attribute type 11 has an invalid length. [ 543.748527][T27830] netlink: 'syz.0.9990': attribute type 11 has an invalid length. [ 544.297539][T27852] delete_channel: no stack [ 544.575544][T27866] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 545.180321][T27893] openvswitch: netlink: IPv4 tunnel dst address is zero [ 545.404625][T27904] delete_channel: no stack [ 545.575799][T27913] netlink: zone id is out of range [ 545.598349][T27913] netlink: zone id is out of range [ 545.630825][T27913] netlink: zone id is out of range [ 545.635964][T27913] netlink: zone id is out of range [ 545.677026][T27913] netlink: zone id is out of range [ 545.706273][T27913] netlink: zone id is out of range [ 545.725804][T27913] netlink: zone id is out of range [ 545.759928][T27913] netlink: zone id is out of range [ 545.775203][T27913] netlink: zone id is out of range [ 546.528718][T27956] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 546.652973][T27956] CIFS mount error: No usable UNC path provided in device string! [ 546.652973][T27956] [ 546.698987][T27956] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 546.899256][T27969] : entered promiscuous mode [ 548.629410][T28064] vmstat_refresh: nr_hugetlb -3584 [ 549.166928][T28092] NFSD: Failed to start, no listeners configured. [ 549.305205][T28108] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10119'. [ 549.731870][T28128] netlink: 'syz.3.10129': attribute type 2 has an invalid length. [ 550.436533][T28161] sg_write: process 4906 (syz.2.10144) changed security contexts after opening file descriptor, this is not allowed. [ 551.275689][T28203] usb usb26: usbfs: interface 0 claimed by hub while 'syz.2.10160' resets device [ 552.488912][T28267] net_ratelimit: 49 callbacks suppressed [ 552.488948][T28267] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 553.869262][T28351] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10218'. [ 555.017321][T28388] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10233'. [ 555.872941][T28420] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10249'. [ 556.787407][T28456] FAULT_INJECTION: forcing a failure. [ 556.787407][T28456] name failslab, interval 1, probability 0, space 0, times 0 [ 556.937803][T28456] CPU: 0 UID: 0 PID: 28456 Comm: syz.1.10267 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 556.937834][T28456] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 556.937842][T28456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 556.937851][T28456] Call Trace: [ 556.937856][T28456] [ 556.937862][T28456] dump_stack_lvl+0x16c/0x1f0 [ 556.937891][T28456] should_fail_ex+0x512/0x640 [ 556.937908][T28456] ? __kmalloc_noprof+0xca/0x910 [ 556.937927][T28456] should_failslab+0xc2/0x120 [ 556.937950][T28456] __kmalloc_noprof+0xeb/0x910 [ 556.937967][T28456] ? lsm_blob_alloc+0x68/0x90 [ 556.937991][T28456] ? lsm_blob_alloc+0x68/0x90 [ 556.938011][T28456] lsm_blob_alloc+0x68/0x90 [ 556.938031][T28456] security_sk_alloc+0x2f/0x270 [ 556.938047][T28456] sk_prot_alloc+0xfb/0x2a0 [ 556.938070][T28456] sk_alloc+0x36/0xe30 [ 556.938087][T28456] inet6_create+0x381/0x12b0 [ 556.938110][T28456] ? inet6_create+0x7f/0x12b0 [ 556.938133][T28456] __sock_create+0x339/0x8a0 [ 556.938159][T28456] udp_sock_create6+0xc7/0x6a0 [ 556.938181][T28456] ? __pfx_udp_sock_create6+0x10/0x10 [ 556.938206][T28456] ? crng_make_state+0x46e/0x6c0 [ 556.938219][T28456] ? lockdep_hardirqs_on+0x7c/0x110 [ 556.938241][T28456] ? crng_make_state+0x48e/0x6c0 [ 556.938257][T28456] rxrpc_open_socket+0x20c/0x6b0 [ 556.938279][T28456] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 556.938307][T28456] ? rcu_is_watching+0x12/0xc0 [ 556.938331][T28456] rxrpc_lookup_local+0xa01/0x1220 [ 556.938351][T28456] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 556.938370][T28456] ? __local_bh_enable_ip+0xa4/0x120 [ 556.938394][T28456] rxrpc_sendmsg+0x37e/0x680 [ 556.938414][T28456] sock_write_iter+0x566/0x610 [ 556.938437][T28456] ? __pfx_sock_write_iter+0x10/0x10 [ 556.938465][T28456] ? bpf_lsm_file_permission+0x9/0x10 [ 556.938483][T28456] ? security_file_permission+0x71/0x210 [ 556.938501][T28456] ? rw_verify_area+0xcf/0x6c0 [ 556.938521][T28456] vfs_write+0x7d3/0x11d0 [ 556.938541][T28456] ? __pfx_sock_write_iter+0x10/0x10 [ 556.938565][T28456] ? __pfx_vfs_write+0x10/0x10 [ 556.938584][T28456] ? find_held_lock+0x2b/0x80 [ 556.938620][T28456] ksys_write+0x1f8/0x250 [ 556.938641][T28456] ? __pfx_ksys_write+0x10/0x10 [ 556.938668][T28456] do_syscall_64+0xcd/0xf80 [ 556.938692][T28456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 556.938707][T28456] RIP: 0033:0x7fc4cd38f7c9 [ 556.938721][T28456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 556.938735][T28456] RSP: 002b:00007fc4ce288038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 556.938750][T28456] RAX: ffffffffffffffda RBX: 00007fc4cd5e5fa0 RCX: 00007fc4cd38f7c9 [ 556.938760][T28456] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 556.938768][T28456] RBP: 00007fc4cd413f91 R08: 0000000000000000 R09: 0000000000000000 [ 556.938777][T28456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 556.938786][T28456] R13: 00007fc4cd5e6038 R14: 00007fc4cd5e5fa0 R15: 00007ffd472f1088 [ 556.938807][T28456] [ 558.670937][T28505] bridge0: port 3(veth0_to_bridge) entered blocking state [ 558.680763][T28505] bridge0: port 3(veth0_to_bridge) entered disabled state [ 558.688014][T28505] veth0_to_bridge: entered allmulticast mode [ 558.757512][T28505] veth0_to_bridge: entered promiscuous mode [ 558.767644][T28507] random: crng reseeded on system resumption [ 558.793367][T28505] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 558.868591][T28505] bridge0: port 3(veth0_to_bridge) entered blocking state [ 558.876003][T28505] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 559.393819][T28529] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 560.872537][T28608] bridge0: port 3(veth0_to_bridge) entered blocking state [ 560.906559][T28608] bridge0: port 3(veth0_to_bridge) entered disabled state [ 560.937332][T28608] veth0_to_bridge: entered allmulticast mode [ 560.963901][T28608] veth0_to_bridge: entered promiscuous mode [ 560.984613][T28608] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 571.839771][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 600.259139][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.262383][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.275436][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.288259][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.301072][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.314285][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.327177][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.339983][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.352770][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.365566][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 627.379037][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.243235][ C0] net_ratelimit: 6374 callbacks suppressed [ 632.243251][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.261971][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.274760][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.287510][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.300297][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.313090][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.326707][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.339570][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.352724][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 632.365667][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 637.229714][ C0] net_ratelimit: 9783 callbacks suppressed [ 637.229731][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 637.247843][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 637.260661][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 637.272904][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 637.285750][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 637.297998][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 637.310765][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 637.323007][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 637.335782][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 637.348013][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 642.215933][ C0] net_ratelimit: 9714 callbacks suppressed [ 642.215951][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 642.234111][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 642.246958][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 642.259342][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 642.272241][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 642.284476][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 642.297269][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 642.309581][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 642.322394][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 642.334808][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 647.203044][ C0] net_ratelimit: 9782 callbacks suppressed [ 647.203062][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 647.221301][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 647.234045][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 647.246271][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 647.258999][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 647.271221][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 647.283961][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 647.296167][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 647.308936][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 647.321134][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.188961][ C0] net_ratelimit: 9855 callbacks suppressed [ 652.188979][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.207550][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 652.219807][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.232681][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 652.244955][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.257758][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 652.270086][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.282864][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 652.295105][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.308005][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 657.175634][ C0] net_ratelimit: 9855 callbacks suppressed [ 657.175651][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 657.193756][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 657.206529][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 657.218762][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 657.231555][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 657.243789][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 657.256562][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 657.268782][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 657.281831][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 657.294190][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.162166][ C0] net_ratelimit: 9673 callbacks suppressed [ 662.162183][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.180808][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 662.193088][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.205964][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 662.218221][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.231030][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 662.243283][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.256144][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 662.268368][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.281146][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 665.506312][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 665.513315][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P28359/1:b..l [ 665.521864][ C0] rcu: (detected by 0, t=10502 jiffies, g=110537, q=461 ncpus=1) [ 665.529652][ C0] task:syz.1.10221 state:R running task stack:23240 pid:28359 tgid:28359 ppid:6184 task_flags:0x40064c flags:0x00080001 [ 665.544137][ C0] Call Trace: [ 665.547417][ C0] [ 665.550339][ C0] ? __schedule+0x10b9/0x6150 [ 665.555568][ C0] __schedule+0x1139/0x6150 [ 665.560118][ C0] ? __pfx___schedule+0x10/0x10 [ 665.564984][ C0] preempt_schedule_irq+0x51/0x90 [ 665.570031][ C0] irqentry_exit+0x1d8/0x8c0 [ 665.575096][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 665.581247][ C0] RIP: 0010:unwind_next_frame+0xc81/0x20b0 [ 665.587161][ C0] Code: 0f 95 c6 40 84 f7 0f 85 9a 10 00 00 83 e0 07 38 c2 40 0f 9e c6 84 d2 0f 95 c0 40 84 c6 0f 85 83 10 00 00 0f b6 41 04 c0 e8 04 <3c> 01 0f 84 06 08 00 00 3c 04 0f 84 b4 08 00 00 84 c0 0f 84 ac 01 [ 665.606769][ C0] RSP: 0018:ffffc9000bda6ee8 EFLAGS: 00000202 [ 665.612915][ C0] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff91211430 [ 665.620982][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 665.629057][ C0] RBP: ffffc9000bda6ff0 R08: ffffffff91211434 R09: 00000000ffffffff [ 665.637017][ C0] R10: 0000000000000002 R11: 0000000000006cab R12: ffffc9000bda6ff8 [ 665.644973][ C0] R13: ffffc9000bda6fa8 R14: ffffc9000bda6fa8 R15: ffffc9000bda6fdc [ 665.652943][ C0] ? unwind_next_frame+0xb8f/0x20b0 [ 665.658136][ C0] ? __unwind_start+0x574/0x7f0 [ 665.663044][ C0] __unwind_start+0x45f/0x7f0 [ 665.667729][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 665.673884][ C0] arch_stack_walk+0x73/0x100 [ 665.678555][ C0] ? arch_stack_walk+0x73/0x100 [ 665.683396][ C0] stack_trace_save+0x8e/0xc0 [ 665.688070][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 665.693435][ C0] ? __lock_acquire+0x436/0x2890 [ 665.698355][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 665.703547][ C0] save_stack+0x160/0x1f0 [ 665.707872][ C0] ? __pfx_save_stack+0x10/0x10 [ 665.712723][ C0] ? page_ext_put+0x3e/0xd0 [ 665.717223][ C0] __reset_page_owner+0x84/0x1a0 [ 665.722157][ C0] free_unref_folios+0xa22/0x1610 [ 665.727176][ C0] ? rcu_is_watching+0x12/0xc0 [ 665.731932][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 665.737752][ C0] folios_put_refs+0x4be/0x750 [ 665.742537][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 665.747838][ C0] ? folio_batch_remove_exceptionals+0x115/0x1a0 [ 665.754167][ C0] shmem_undo_range+0x58f/0x1140 [ 665.759102][ C0] ? __pfx_shmem_undo_range+0x10/0x10 [ 665.764483][ C0] ? find_held_lock+0x2b/0x80 [ 665.769191][ C0] shmem_evict_inode+0x39e/0xbe0 [ 665.774162][ C0] ? inode_wait_for_writeback+0x170/0x390 [ 665.779930][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 665.785495][ C0] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 665.791560][ C0] ? find_held_lock+0x2b/0x80 [ 665.796234][ C0] ? evict+0x37e/0xad0 [ 665.800292][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 665.805756][ C0] evict+0x3c2/0xad0 [ 665.809640][ C0] ? find_held_lock+0x2b/0x80 [ 665.814316][ C0] ? __pfx_evict+0x10/0x10 [ 665.818720][ C0] ? iput.part.0+0x619/0x1190 [ 665.823404][ C0] iput.part.0+0x621/0x1190 [ 665.827927][ C0] iput+0x35/0x40 [ 665.831551][ C0] dentry_unlink_inode+0x29c/0x480 [ 665.836656][ C0] __dentry_kill+0x1d0/0x600 [ 665.841239][ C0] finish_dput+0x76/0x480 [ 665.845648][ C0] dput.part.0+0x451/0x570 [ 665.850073][ C0] dput+0x1f/0x30 [ 665.853715][ C0] __fput+0x51c/0xb70 [ 665.857698][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 665.862903][ C0] task_work_run+0x150/0x240 [ 665.867499][ C0] ? __pfx_task_work_run+0x10/0x10 [ 665.872615][ C0] do_exit+0x87f/0x2bd0 [ 665.876771][ C0] ? proc_coredump_connector+0x2d1/0x4f0 [ 665.883357][ C0] ? __pfx_do_exit+0x10/0x10 [ 665.887938][ C0] do_group_exit+0xd3/0x2a0 [ 665.892430][ C0] get_signal+0x2671/0x26d0 [ 665.896955][ C0] ? __pfx_get_signal+0x10/0x10 [ 665.901809][ C0] arch_do_signal_or_restart+0x8f/0x7a0 [ 665.907350][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 665.913529][ C0] ? do_user_addr_fault+0x926/0x1370 [ 665.918805][ C0] irqentry_exit+0x38a/0x8c0 [ 665.923420][ C0] asm_exc_page_fault+0x26/0x30 [ 665.928778][ C0] RIP: 0033:0x401000 [ 665.932657][ C0] RSP: 002b:000000000000000a EFLAGS: 00010202 [ 665.938731][ C0] RAX: 0000000000000000 RBX: 00007fc4cd5e5fa0 RCX: 00007fc4cd38f7c9 [ 665.946733][ C0] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 665.954694][ C0] RBP: 00007fc4cd413f91 R08: 0000000000000002 R09: 0000000000000000 [ 665.962655][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 665.970610][ C0] R13: 00007fc4cd5e6038 R14: 00007fc4cd5e5fa0 R15: 00007ffd472f1088 [ 665.978592][ C0] [ 665.981594][ C0] rcu: rcu_preempt kthread starved for 10373 jiffies! g110537 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 665.992908][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 666.002863][ C0] rcu: RCU grace-period kthread stack dump: [ 666.008744][ C0] task:rcu_preempt state:R running task stack:28120 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 666.022756][ C0] Call Trace: [ 666.026048][ C0] [ 666.028980][ C0] ? __schedule+0x10b9/0x6150 [ 666.033654][ C0] __schedule+0x1139/0x6150 [ 666.038160][ C0] ? __lock_acquire+0x436/0x2890 [ 666.043102][ C0] ? __mod_timer+0x8f2/0xd30 [ 666.047685][ C0] ? __pfx___schedule+0x10/0x10 [ 666.052527][ C0] ? find_held_lock+0x2b/0x80 [ 666.057193][ C0] ? schedule+0x2d7/0x3a0 [ 666.061514][ C0] schedule+0xe7/0x3a0 [ 666.065574][ C0] schedule_timeout+0x123/0x290 [ 666.070432][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 666.075797][ C0] ? __pfx_process_timeout+0x10/0x10 [ 666.082189][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 666.088786][ C0] ? prepare_to_swait_event+0xf5/0x480 [ 666.094287][ C0] rcu_gp_fqs_loop+0x1ea/0xaf0 [ 666.099063][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 666.104645][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 666.109886][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 666.114827][ C0] ? rcu_gp_cleanup+0x7c1/0xe90 [ 666.119690][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 666.125608][ C0] rcu_gp_kthread+0x26d/0x380 [ 666.130321][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 666.135627][ C0] ? rcu_is_watching+0x12/0xc0 [ 666.140394][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 666.145584][ C0] ? __kthread_parkme+0x19e/0x250 [ 666.150602][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 666.155788][ C0] kthread+0x3c5/0x780 [ 666.159879][ C0] ? __pfx_kthread+0x10/0x10 [ 666.164456][ C0] ? rcu_is_watching+0x12/0xc0 [ 666.169212][ C0] ? __pfx_kthread+0x10/0x10 [ 666.173797][ C0] ret_from_fork+0x983/0xb10 [ 666.178391][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 666.183529][ C0] ? __switch_to+0x7af/0x10d0 [ 666.188292][ C0] ? __pfx_kthread+0x10/0x10 [ 666.192872][ C0] ret_from_fork_asm+0x1a/0x30 [ 666.197652][ C0] [ 666.200654][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 666.206960][ C0] CPU: 0 UID: 0 PID: 3409 Comm: kworker/R-bat_e Tainted: G U I L syzkaller #0 PREEMPT(full) [ 666.218231][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 666.225577][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 666.235640][ C0] Workqueue: bat_events batadv_dat_purge [ 666.241269][ C0] RIP: 0010:unwind_next_frame+0x5da/0x20b0 [ 666.247066][ C0] Code: 01 38 d0 7f 08 84 c0 0f 85 a0 14 00 00 45 88 7d 35 44 0f b6 71 04 41 83 e6 0f 41 80 fe 06 0f 84 90 0c 00 00 0f 87 20 02 00 00 <41> 80 fe 04 0f 84 e3 0b 00 00 41 80 fe 05 0f 85 cf 00 00 00 48 b8 [ 666.266691][ C0] RSP: 0018:ffffc90000006c78 EFLAGS: 00000297 [ 666.272743][ C0] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffff91b13866 [ 666.280783][ C0] RDX: 0000000000000005 RSI: 0000000000000001 RDI: ffffffff90fe0038 [ 666.288739][ C0] RBP: ffffc90000006d30 R08: ffffffff91b1386a R09: 00000000f501fefe [ 666.296695][ C0] R10: 0000000000000002 R11: 0000000000083fc0 R12: ffffc90000006d38 [ 666.304648][ C0] R13: ffffc90000006ce8 R14: 0000000000000005 R15: 0000000000000000 [ 666.312601][ C0] FS: 0000000000000000(0000) GS:ffff8881248fc000(0000) knlGS:0000000000000000 [ 666.321516][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 666.328089][ C0] CR2: 00005600498be088 CR3: 0000000035b82000 CR4: 00000000003526f0 [ 666.336044][ C0] Call Trace: [ 666.339326][ C0] [ 666.342171][ C0] ? skb_ext_add+0xf8/0x7b0 [ 666.346682][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 666.352845][ C0] arch_stack_walk+0x94/0x100 [ 666.357517][ C0] ? skb_ext_add+0xf8/0x7b0 [ 666.362284][ C0] stack_trace_save+0x8e/0xc0 [ 666.366971][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 666.372340][ C0] ? lock_acquire+0x179/0x330 [ 666.377008][ C0] kasan_save_stack+0x33/0x60 [ 666.381682][ C0] ? kasan_save_stack+0x33/0x60 [ 666.386520][ C0] ? kasan_save_track+0x14/0x30 [ 666.391365][ C0] ? __kasan_slab_alloc+0x89/0x90 [ 666.396381][ C0] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 666.402025][ C0] ? skb_ext_add+0xf8/0x7b0 [ 666.406555][ C0] kasan_save_track+0x14/0x30 [ 666.411222][ C0] __kasan_slab_alloc+0x89/0x90 [ 666.416066][ C0] kmem_cache_alloc_noprof+0x25e/0x770 [ 666.421514][ C0] ? skb_ext_add+0xf8/0x7b0 [ 666.426005][ C0] ? skb_ext_add+0xf8/0x7b0 [ 666.430492][ C0] skb_ext_add+0xf8/0x7b0 [ 666.434810][ C0] ? find_held_lock+0x2b/0x80 [ 666.439486][ C0] br_nf_forward_ip.part.0+0x28/0x810 [ 666.445013][ C0] br_nf_forward+0xf0f/0x1be0 [ 666.449685][ C0] ? __pfx_br_nf_forward+0x10/0x10 [ 666.454873][ C0] nf_hook_slow+0xbe/0x200 [ 666.459278][ C0] nf_hook+0x45e/0x780 [ 666.463342][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 666.468790][ C0] ? __pfx_nf_hook+0x10/0x10 [ 666.473373][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 666.478859][ C0] __br_forward+0x1be/0x5b0 [ 666.483435][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 666.488896][ C0] maybe_deliver+0xf1/0x180 [ 666.493410][ C0] br_flood+0x17c/0x650 [ 666.497576][ C0] br_handle_frame_finish+0x1117/0x1f00 [ 666.503144][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 666.509052][ C0] ? ip6t_do_table+0xc25/0x1c30 [ 666.513894][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 666.518992][ C0] ? nf_hook_slow+0x132/0x200 [ 666.523659][ C0] br_nf_hook_thresh+0x307/0x410 [ 666.528606][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 666.534516][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 666.540093][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 666.546005][ C0] ? __pfx_nf_nat_ipv6_in+0x10/0x10 [ 666.551255][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 666.557166][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 666.563065][ C0] br_nf_pre_routing_finish_ipv6+0x76a/0xfc0 [ 666.569053][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 666.574955][ C0] br_nf_pre_routing_ipv6+0x3cd/0x8c0 [ 666.580328][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 666.586214][ C0] ? lock_acquire+0x179/0x330 [ 666.590883][ C0] ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10 [ 666.597393][ C0] ? net_generic+0xea/0x2a0 [ 666.601906][ C0] br_nf_pre_routing+0x860/0x15b0 [ 666.606932][ C0] br_handle_frame+0xb28/0x14e0 [ 666.611780][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 666.617070][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 666.623022][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 666.628414][ C0] __netif_receive_skb_core.constprop.0+0x6b3/0x35b0 [ 666.635123][ C0] ? kmem_cache_free+0x2d8/0x770 [ 666.640071][ C0] ? find_held_lock+0x2b/0x80 [ 666.644746][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 666.649434][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 666.656542][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 666.661220][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 666.665915][ C0] ? sk_skb_reason_drop+0x136/0x1a0 [ 666.671123][ C0] ? ip6_mc_input+0x515/0xf60 [ 666.676092][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 666.681112][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 666.686317][ C0] ? __lock_acquire+0x436/0x2890 [ 666.691294][ C0] ? process_backlog+0x450/0x1650 [ 666.696315][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 666.702111][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 666.708551][ C0] ? lock_acquire+0x179/0x330 [ 666.713230][ C0] ? process_backlog+0x450/0x1650 [ 666.718265][ C0] __netif_receive_skb+0x1d/0x160 [ 666.723316][ C0] process_backlog+0x4a2/0x1650 [ 666.728195][ C0] __napi_poll.constprop.0+0xb3/0x540 [ 666.733579][ C0] net_rx_action+0x9f9/0xfa0 [ 666.738183][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 666.743295][ C0] ? mark_held_locks+0x49/0x80 [ 666.748075][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 666.753352][ C0] ? tmigr_handle_remote+0x132/0x380 [ 666.758681][ C0] ? mark_held_locks+0x49/0x80 [ 666.763526][ C0] handle_softirqs+0x219/0x950 [ 666.768306][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 666.773594][ C0] ? __batadv_dat_purge.part.0+0x279/0x3a0 [ 666.779390][ C0] ? __pfx_batadv_dat_to_purge+0x10/0x10 [ 666.785051][ C0] do_softirq+0xb2/0xf0 [ 666.789214][ C0] [ 666.792137][ C0] [ 666.795062][ C0] __local_bh_enable_ip+0x100/0x120 [ 666.800273][ C0] __batadv_dat_purge.part.0+0x279/0x3a0 [ 666.805920][ C0] batadv_dat_purge+0x4b/0xa0 [ 666.810595][ C0] process_one_work+0x9ba/0x1b20 [ 666.815533][ C0] ? __pfx_process_one_work+0x10/0x10 [ 666.820900][ C0] ? assign_work+0x1a0/0x250 [ 666.825478][ C0] rescuer_thread+0x8c5/0xf10 [ 666.830153][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 666.835343][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 666.840622][ C0] ? __kthread_parkme+0x19e/0x250 [ 666.845688][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 666.850902][ C0] kthread+0x3c5/0x780 [ 666.854971][ C0] ? __pfx_kthread+0x10/0x10 [ 666.859636][ C0] ? rcu_is_watching+0x12/0xc0 [ 666.864426][ C0] ? __pfx_kthread+0x10/0x10 [ 666.869005][ C0] ret_from_fork+0x983/0xb10 [ 666.873585][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 666.878682][ C0] ? __switch_to+0x7af/0x10d0 [ 666.883362][ C0] ? __pfx_kthread+0x10/0x10 [ 666.887966][ C0] ret_from_fork_asm+0x1a/0x30 [ 666.892756][ C0] [ 667.148675][ C0] net_ratelimit: 6863 callbacks suppressed [ 667.148693][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 667.166942][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 667.180045][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 667.192593][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 667.205642][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 667.218009][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 667.231067][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 667.243319][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 667.256399][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 667.268894][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.135314][ C0] net_ratelimit: 8986 callbacks suppressed [ 672.135337][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 672.153607][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.166499][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 672.178742][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.191684][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 672.203993][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.216882][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 672.229121][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.241928][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:b2:75:8c:db:b3:7d, vlan:0) [ 672.254699][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)