last executing test programs: 3.323387626s ago: executing program 2 (id=2477): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TCSBRKP2(r0, 0x5425, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.102594526s ago: executing program 2 (id=2479): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f0000000140), 0x55) setuid$auto(0xe) setsockopt$auto(r0, 0x6, 0xd, 0x0, 0x6) 2.942026931s ago: executing program 2 (id=2482): mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = socket(0x2, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0xd, 0x0, 0x0) 2.751961547s ago: executing program 2 (id=2486): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) getpriority$auto_PRIO_USER(0x2, 0x0) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) write$auto(r0, &(0x7f0000000340)='3\x00', 0x6) 2.236322537s ago: executing program 1 (id=2493): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) lseek$auto(0x3, 0x3e80000000, 0x1) munmap$auto(0x8000, 0xffffffff) 2.1334171s ago: executing program 3 (id=2494): r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000) getsockopt$auto(r0, 0x84, 0xd, 0x0, &(0x7f0000000000)=0x7ffe) 1.894187928s ago: executing program 3 (id=2495): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x24600, 0x0) 1.832252276s ago: executing program 1 (id=2496): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r1, 0x1, 0x70bd27, 0x25dfdc02, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_RINGS_CQE_SIZE={0x8, 0xc, 0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80014) 1.67639866s ago: executing program 1 (id=2498): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) 1.398443096s ago: executing program 1 (id=2500): mmap$auto(0x0, 0x40009, 0xe0, 0x9b72, 0x7, 0x28000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x200000000000009, 0x7fffffffefff, 0x0, 0x0) r0 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/cmdline\x00', 0x2000, 0x0) read$auto_proc_pid_cmdline_ops_base(r0, &(0x7f0000000280)=""/165, 0xa5) 1.282586564s ago: executing program 1 (id=2502): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) getcwd$auto(0x0, 0xffffffffffffffff) mount_setattr$auto(0x5, 0x0, 0x0, &(0x7f0000000640)={0x1, 0x9, 0x100000}, 0x283) 1.282491113s ago: executing program 2 (id=2503): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) mprotect$auto(0x0, 0x7, 0x9) 1.165794035s ago: executing program 1 (id=2505): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) bpf$auto(0xb, &(0x7f0000000000)=@bpf_attr_11={0xfffffffffffffffb, 0x9a, 0x80, 0x8, 0x7, 0x80000001, 0x6, 0x6}, 0x7) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) 1.12994893s ago: executing program 0 (id=2506): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af57"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 949.658021ms ago: executing program 3 (id=2507): unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) syz_clone(0x98280000, 0x0, 0x0, 0x0, 0x0, 0x0) kill$auto(0x0, 0x11) 917.005563ms ago: executing program 0 (id=2508): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010029bd50009ddbdf251100000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x20018048}, 0x0) 751.057684ms ago: executing program 0 (id=2509): r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socket$nl_generic(0x10, 0x3, 0x10) listen$auto(0x3, 0x81) 574.858717ms ago: executing program 3 (id=2510): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, 0x0, 0x6a) sysinfo$auto(0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x8) 572.749384ms ago: executing program 0 (id=2511): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x30}}, 0x8880) 369.805279ms ago: executing program 3 (id=2512): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = getpid() process_vm_readv$auto(r0, 0x0, 0x800000001, 0x0, 0x6, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) pread64$auto(r1, 0x0, 0x3, 0x5) 256.831046ms ago: executing program 0 (id=2513): socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4004895}, 0x20000800) futex_waitv$auto(&(0x7f0000000000)={0xfffffffffffffffd, 0x7e4, 0x2}, 0x1, 0x0, 0x0, 0x623d) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 96.4695ms ago: executing program 0 (id=2514): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x20000}, 0x4}, 0x1f8, 0xb07e) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 89.694107ms ago: executing program 3 (id=2515): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nvmet_tcp/parameters/idle_poll_period_usecs\x00', 0x9801, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpu1/topology/package_cpus\x00', 0x800, 0x0) read$auto(r0, 0x0, 0x7) write$auto(0x3, 0x0, 0xffd8) 0s ago: executing program 2 (id=2516): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x200007, 0x8) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.39' (ED25519) to the list of known hosts. syzkaller login: [ 80.083724][ T5817] cgroup: Unknown subsys name 'net' [ 80.255889][ T5817] cgroup: Unknown subsys name 'cpuset' [ 80.265156][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 81.800077][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 83.848560][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.858402][ T5834] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.867814][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.877776][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.885967][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.901410][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.920523][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.951795][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.955105][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.960458][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.976240][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.983472][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.984036][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.991000][ T5841] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.999159][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.007391][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.012242][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.020049][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.042612][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.050955][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.539051][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 84.589330][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 84.689484][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 84.768295][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 84.829983][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.837316][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.846130][ T5833] bridge_slave_0: entered allmulticast mode [ 84.854644][ T5833] bridge_slave_0: entered promiscuous mode [ 84.893255][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.900497][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.907686][ T5833] bridge_slave_1: entered allmulticast mode [ 84.914939][ T5833] bridge_slave_1: entered promiscuous mode [ 84.934874][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.942731][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.949925][ T5835] bridge_slave_0: entered allmulticast mode [ 84.958330][ T5835] bridge_slave_0: entered promiscuous mode [ 84.966387][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.973719][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.981457][ T5835] bridge_slave_1: entered allmulticast mode [ 84.989080][ T5835] bridge_slave_1: entered promiscuous mode [ 85.066151][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.074320][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.081990][ T5826] bridge_slave_0: entered allmulticast mode [ 85.089102][ T5826] bridge_slave_0: entered promiscuous mode [ 85.116275][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.126577][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.134090][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.141766][ T5826] bridge_slave_1: entered allmulticast mode [ 85.148782][ T5826] bridge_slave_1: entered promiscuous mode [ 85.157999][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.171193][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.199653][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.286875][ T5833] team0: Port device team_slave_0 added [ 85.293138][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.301390][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.308560][ T5827] bridge_slave_0: entered allmulticast mode [ 85.316426][ T5827] bridge_slave_0: entered promiscuous mode [ 85.338260][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.351454][ T5833] team0: Port device team_slave_1 added [ 85.357623][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.365161][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.372498][ T5827] bridge_slave_1: entered allmulticast mode [ 85.379467][ T5827] bridge_slave_1: entered promiscuous mode [ 85.389082][ T5835] team0: Port device team_slave_0 added [ 85.397985][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.448051][ T5835] team0: Port device team_slave_1 added [ 85.509332][ T5826] team0: Port device team_slave_0 added [ 85.516989][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.524378][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.551018][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.566413][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.591430][ T5826] team0: Port device team_slave_1 added [ 85.597966][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.605087][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.631574][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.644699][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.668475][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.675530][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.701548][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.714295][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.721372][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.747423][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.808248][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.815441][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.841760][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.856283][ T5827] team0: Port device team_slave_0 added [ 85.865379][ T5827] team0: Port device team_slave_1 added [ 85.883262][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.890599][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.916873][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.996535][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.005519][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.031751][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.047930][ T5833] hsr_slave_0: entered promiscuous mode [ 86.054941][ T5833] hsr_slave_1: entered promiscuous mode [ 86.061306][ T5841] Bluetooth: hci0: command tx timeout [ 86.067142][ T5834] Bluetooth: hci1: command tx timeout [ 86.073412][ T5841] Bluetooth: hci2: command tx timeout [ 86.086333][ T5835] hsr_slave_0: entered promiscuous mode [ 86.092684][ T5835] hsr_slave_1: entered promiscuous mode [ 86.098707][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.106954][ T5835] Cannot create hsr debugfs directory [ 86.113343][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.120607][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.143811][ T5834] Bluetooth: hci3: command tx timeout [ 86.147058][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.181184][ T5826] hsr_slave_0: entered promiscuous mode [ 86.187460][ T5826] hsr_slave_1: entered promiscuous mode [ 86.193888][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.201510][ T5826] Cannot create hsr debugfs directory [ 86.329646][ T5827] hsr_slave_0: entered promiscuous mode [ 86.336770][ T5827] hsr_slave_1: entered promiscuous mode [ 86.343390][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.351541][ T5827] Cannot create hsr debugfs directory [ 86.741386][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.757394][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.768662][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.792950][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.892369][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 86.929448][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 86.960788][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 86.976141][ T5826] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.988840][ T5826] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.006192][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.029874][ T5826] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.078169][ T5826] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.213152][ T5827] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.225759][ T5827] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.241807][ T5827] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.271938][ T5827] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.366835][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.435217][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.456252][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.463875][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.491111][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.499718][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.506880][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.546784][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.579257][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.615020][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.622433][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.652186][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.659384][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.679218][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.703349][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.729566][ T5028] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.737001][ T5028] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.775779][ T5028] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.782927][ T5028] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.796552][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.836100][ T5028] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.843339][ T5028] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.866822][ T5028] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.874062][ T5028] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.141806][ T5834] Bluetooth: hci1: command tx timeout [ 88.147277][ T5834] Bluetooth: hci2: command tx timeout [ 88.150599][ T5841] Bluetooth: hci0: command tx timeout [ 88.220632][ T5841] Bluetooth: hci3: command tx timeout [ 88.276475][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.404137][ T5833] veth0_vlan: entered promiscuous mode [ 88.428223][ T5833] veth1_vlan: entered promiscuous mode [ 88.539895][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.575961][ T5833] veth0_macvtap: entered promiscuous mode [ 88.588155][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.602253][ T5833] veth1_macvtap: entered promiscuous mode [ 88.636270][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.681191][ T5835] veth0_vlan: entered promiscuous mode [ 88.696760][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.727400][ T5835] veth1_vlan: entered promiscuous mode [ 88.746255][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.759948][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.773835][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.783905][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.792904][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.812066][ T5826] veth0_vlan: entered promiscuous mode [ 88.842826][ T5826] veth1_vlan: entered promiscuous mode [ 88.932476][ T5827] veth0_vlan: entered promiscuous mode [ 88.951258][ T5835] veth0_macvtap: entered promiscuous mode [ 88.968393][ T5826] veth0_macvtap: entered promiscuous mode [ 88.983828][ T5835] veth1_macvtap: entered promiscuous mode [ 88.995751][ T5827] veth1_vlan: entered promiscuous mode [ 89.024439][ T5826] veth1_macvtap: entered promiscuous mode [ 89.044376][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.060630][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.085108][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.125811][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.138057][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.148701][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.158154][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.177466][ T5826] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.187970][ T5826] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.197455][ T5826] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.208120][ T5826] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.239224][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.282936][ T5835] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.295894][ T5835] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.305439][ T5835] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.315725][ T5835] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.327384][ T5827] veth0_macvtap: entered promiscuous mode [ 89.345124][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.384202][ T5827] veth1_macvtap: entered promiscuous mode [ 89.464115][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.484670][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.546716][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.583309][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.613373][ T4184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.622644][ T4184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.627308][ T5827] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.639351][ T5827] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.653905][ T5827] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.668666][ T5827] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.744476][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.769620][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.887753][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.951555][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.110925][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.118825][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.223016][ T5841] Bluetooth: hci0: command tx timeout [ 90.223052][ T5842] Bluetooth: hci1: command tx timeout [ 90.236419][ T5834] Bluetooth: hci2: command tx timeout [ 90.283144][ T5934] syz.1.7 (5934): /proc/5933/oom_adj is deprecated, please use /proc/5933/oom_score_adj instead. [ 90.301324][ T5834] Bluetooth: hci3: command tx timeout [ 90.309418][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.351106][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.982832][ T43] cfg80211: failed to load regulatory.db [ 91.995522][ T5964] zswap: compressor not available [ 92.003143][ T5966] Setting dangerous option i915.mitigations - tainting kernel [ 92.310762][ T5834] Bluetooth: hci2: command tx timeout [ 92.316267][ T5834] Bluetooth: hci1: command tx timeout [ 92.322190][ T5834] Bluetooth: hci0: command tx timeout [ 92.353411][ T5977] Zero length message leads to an empty skb [ 92.391232][ T5834] Bluetooth: hci3: command tx timeout [ 92.955256][ T5990] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 93.007841][ T5990] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 93.526757][ T6003] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 93.924695][ T6011] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 95.999651][ T6066] netlink: 12 bytes leftover after parsing attributes in process `syz.1.59'. [ 96.808151][ T6088] process 'syz.1.68' launched './file0' with NULL argv: empty string added [ 97.771995][ T6116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78004 [ 97.787562][ T6116] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 97.800656][ T6116] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 97.812995][ T6116] page_type: f5(slab) [ 97.817053][ T6116] raw: 00fff00000000040 ffff88801dec6640 dead000000000122 0000000000000000 [ 97.826298][ T6116] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 97.835614][ T6119] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 97.851128][ T6116] head: 00fff00000000040 ffff88801dec6640 dead000000000122 0000000000000000 [ 97.860075][ T6116] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 97.869635][ T6116] head: 00fff00000000002 ffffea0001e00101 00000000ffffffff 00000000ffffffff [ 97.880670][ T6116] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 97.889814][ T6116] page dumped because: unmovable page [ 97.897530][ T6116] page_owner tracks the page as allocated [ 97.937916][ T6116] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5495, tgid 5495 (dhcpcd), ts 54589440840, free_ts 29416363023 [ 97.962780][ T6116] post_alloc_hook+0x1c0/0x230 [ 97.967640][ T6116] get_page_from_freelist+0x1321/0x3890 [ 97.973808][ T6116] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 97.979782][ T6116] alloc_pages_mpol+0x1fb/0x550 [ 98.039025][ T6116] new_slab+0x23b/0x330 [ 98.090271][ T6116] ___slab_alloc+0xd9c/0x1940 [ 98.095048][ T6116] __slab_alloc.constprop.0+0x56/0xb0 [ 98.140276][ T6116] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 98.157034][ T6116] proc_alloc_inode+0x25/0x200 [ 98.176561][ T6116] alloc_inode+0x61/0x240 [ 98.189770][ T6116] new_inode+0x22/0x1c0 [ 98.217932][ T6116] proc_sys_make_inode+0x47/0x5c0 [ 98.271535][ T6116] proc_sys_lookup+0x282/0x410 [ 98.276573][ T6116] __lookup_slow+0x24e/0x460 [ 98.306090][ T6116] walk_component+0x353/0x5b0 [ 98.320751][ T6116] link_path_walk+0x627/0xe20 [ 98.345868][ T6116] page last free pid 1 tgid 1 stack trace: [ 98.390728][ T6116] __free_frozen_pages+0x7fe/0x1180 [ 98.413850][ T6116] free_contig_range+0x183/0x4b0 [ 98.418881][ T6116] destroy_args+0x7f6/0xa60 [ 98.450187][ T6116] debug_vm_pgtable+0x13b8/0x2d00 [ 98.470068][ T6116] do_one_initcall+0x120/0x6e0 [ 98.474966][ T6116] kernel_init_freeable+0x5c2/0x900 [ 98.538442][ T6116] kernel_init+0x1c/0x2b0 [ 98.554111][ T6116] ret_from_fork+0x5d4/0x6f0 [ 98.564318][ T6116] ret_from_fork_asm+0x1a/0x30 [ 101.627642][ T6148] kexec: Could not allocate control_code_buffer [ 101.772961][ T6191] nvme_fabrics: unknown parameter or missing value 'ђџџџђ' in ctrl creation request [ 102.158710][ T6210] netlink: 'syz.1.117': attribute type 1 has an invalid length. [ 102.999369][ T6230] FAULT_INJECTION: forcing a failure. [ 102.999369][ T6230] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 103.021124][ T6230] CPU: 1 UID: 0 PID: 6230 Comm: syz.0.126 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 103.021167][ T6230] Tainted: [U]=USER [ 103.021176][ T6230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 103.021195][ T6230] Call Trace: [ 103.021204][ T6230] [ 103.021217][ T6230] dump_stack_lvl+0x16c/0x1f0 [ 103.021264][ T6230] should_fail_ex+0x512/0x640 [ 103.021303][ T6230] strncpy_from_user+0x3b/0x2e0 [ 103.021339][ T6230] getname_flags.part.0+0x2d1/0x550 [ 103.021373][ T6230] getname_flags+0x93/0xf0 [ 103.021405][ T6230] do_sys_openat2+0xb8/0x1d0 [ 103.021432][ T6230] ? __pfx_do_sys_openat2+0x10/0x10 [ 103.021472][ T6230] __x64_sys_open+0x153/0x1e0 [ 103.021499][ T6230] ? __pfx___x64_sys_open+0x10/0x10 [ 103.021533][ T6230] ? rcu_is_watching+0x12/0xc0 [ 103.021561][ T6230] do_syscall_64+0xcd/0x490 [ 103.021599][ T6230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.021622][ T6230] RIP: 0033:0x7f965a58e929 [ 103.021647][ T6230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.021677][ T6230] RSP: 002b:00007f96583f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 103.021703][ T6230] RAX: ffffffffffffffda RBX: 00007f965a7b5fa0 RCX: 00007f965a58e929 [ 103.021720][ T6230] RDX: 00000000000000d1 RSI: 0000000000103040 RDI: 0000200000000380 [ 103.021735][ T6230] RBP: 00007f965a610b39 R08: 0000000000000000 R09: 0000000000000000 [ 103.021749][ T6230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.021769][ T6230] R13: 0000000000000000 R14: 00007f965a7b5fa0 R15: 00007ffcb3eac768 [ 103.021804][ T6230] [ 103.499906][ T6240] netlink: 4 bytes leftover after parsing attributes in process `syz.1.130'. [ 103.841039][ T6253] dlm: non-version read from control device 8 [ 104.609149][ T6277] random: crng reseeded on system resumption [ 104.953529][ T6285] ptrace attach of "./syz-executor exec"[5826] was attempted by "ЛITbfpB ь$iДќЪM^З},\x0b_-\x5cёК<9•з(Бэо1—ї:p\x1b….ьvbWHдФŒЂцŸУжNЙ}Е=\x221ѕ:Б_”б!иMa3ўyfє‰ўƒЧО№ЬЇ››ˆVс$Цш}ъ‚ѓЦыr!›‘™ъ€ЅВ~1XђyѕаXЙŽє]MћЙf„и цh‹з‘їдkН1ЖЯEeцЕПяш?иЈљЖљХУh(8в-!щŒВ6АHлmX\x5cC|Ѓзе@A ў-йDХ™ ­Љaт’ІА0Ѕч)G˜UyЧ'іЪи\x0bŸЬ‘ТШ€ОХМeЮgUъVяПЯАЪП]”іT&ПI9„ЏЙ-.јp}Ge#сSЙї1}KyUTMЫšjI+Ј\x0b”\x09-™SѓГйA\x0d=‰2S#ОXЦrжЬ_CƒИ›~Г;Гœ<вЕ\x0b](МќЕЎGіRj1]/zрBZ‰ъј{…qўiC{ЖэI­DО'‹eUШя„ЕTSИ`СDщћМ›ЦˆsaИВ%š)еe,ХбДї_фб№uCЗuмтюЯЄБEЦ%}@\x0dFW\x0dfCПC\x5cђ\x0cj\x0a%ЦAЊž$фѓхqqЖљ\x5cN.Чїuаю=Х#­˜jЮŒ>і>кz[’(ћ-Ђhъ5KЋЎ+K =g‰Ы­ђ=ШХр›6ƒ‡Ьƒ3…мн‘-ЏDёRЬr‘ўHЦ/(ЃШпЂ‰‘[{&Б_:оЊ>nѓ‹ѕ“ЬКˆŠ~?ћ–ЬИžъ„cL%ф’йН‹лDOr$m/ьЎ?‡IхUГXƒъky/Uџœ\x1bLmжeв. ЗКЗ7}q”ЙђD\x1bт”ўGœ .]•TWRC—к9Žzg\x22зд‡5НЎp=шЎy@%”УTшИ\x22liф‡№!™wЇOR“PНИЗК#)J8FЦІтЈ8ѓшТ5g`цІў ŒдB†ЃAоЖЂЈ\x5c–М—X\x1b˜ЁBˆч9ŽО,\x099†KЏyб”є‘ШїзЖPl8дsн\x5c`ЗSљ/т—pзdЮ™g2ѕ&ЕіU;6 6jёdZJ49l\x09Ъэлыrx-уђ/ђї%ˆХ‚‰[Fp@9ˆRЮ§чгŸjWјр§MЬ† [ 105.643371][ T6298] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 106.435897][ T6313] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.675448][ T6349] mmap: syz.0.178 (6349) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 108.288887][ T6364] zswap: compressor not available [ 110.683330][ T6442] input: fЌ as /devices/virtual/input/input5 [ 112.272258][ T6476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.231'. [ 112.410716][ T6478] capability: warning: `syz.0.232' uses 32-bit capabilities (legacy support in use) [ 113.554102][ T6513] FAULT_INJECTION: forcing a failure. [ 113.554102][ T6513] name failslab, interval 1, probability 0, space 0, times 1 [ 113.598345][ T6513] CPU: 0 UID: 0 PID: 6513 Comm: syz.0.247 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 113.598386][ T6513] Tainted: [U]=USER [ 113.598394][ T6513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.598407][ T6513] Call Trace: [ 113.598416][ T6513] [ 113.598425][ T6513] dump_stack_lvl+0x16c/0x1f0 [ 113.598467][ T6513] should_fail_ex+0x512/0x640 [ 113.598501][ T6513] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 113.598538][ T6513] should_failslab+0xc2/0x120 [ 113.598561][ T6513] __kmalloc_cache_noprof+0x6a/0x3e0 [ 113.598590][ T6513] ? __asan_memset+0x23/0x50 [ 113.598631][ T6513] ? snd_pcm_oss_change_params_locked+0x6f4/0x3a30 [ 113.598667][ T6513] snd_pcm_oss_change_params_locked+0x6f4/0x3a30 [ 113.598700][ T6513] ? rcu_is_watching+0x12/0xc0 [ 113.598735][ T6513] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 113.598764][ T6513] ? __pfx___mutex_lock+0x10/0x10 [ 113.598799][ T6513] ? kick_process+0xf6/0x1b0 [ 113.598854][ T6513] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 113.598883][ T6513] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 113.598906][ T6513] snd_pcm_oss_sync+0x1de/0x840 [ 113.598937][ T6513] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 113.598963][ T6513] snd_pcm_oss_release+0x28b/0x310 [ 113.598991][ T6513] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 113.599016][ T6513] __fput+0x3ff/0xb70 [ 113.599048][ T6513] task_work_run+0x14d/0x240 [ 113.599083][ T6513] ? __pfx_task_work_run+0x10/0x10 [ 113.599117][ T6513] ? __pfx___do_sys_close_range+0x10/0x10 [ 113.599158][ T6513] exit_to_user_mode_loop+0xeb/0x110 [ 113.599193][ T6513] do_syscall_64+0x3f6/0x490 [ 113.599230][ T6513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.599254][ T6513] RIP: 0033:0x7f965a58e929 [ 113.599274][ T6513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.599296][ T6513] RSP: 002b:00007f96583f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 113.599319][ T6513] RAX: 0000000000000000 RBX: 00007f965a7b5fa0 RCX: 00007f965a58e929 [ 113.599335][ T6513] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 113.599349][ T6513] RBP: 00007f965a610b39 R08: 0000000000000000 R09: 0000000000000000 [ 113.599364][ T6513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.599379][ T6513] R13: 0000000000000000 R14: 00007f965a7b5fa0 R15: 00007ffcb3eac768 [ 113.599413][ T6513] [ 114.701407][ T6539] FAULT_INJECTION: forcing a failure. [ 114.701407][ T6539] name failslab, interval 1, probability 0, space 0, times 0 [ 114.753058][ T6539] CPU: 1 UID: 0 PID: 6539 Comm: syz.2.257 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 114.753101][ T6539] Tainted: [U]=USER [ 114.753110][ T6539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.753124][ T6539] Call Trace: [ 114.753132][ T6539] [ 114.753142][ T6539] dump_stack_lvl+0x16c/0x1f0 [ 114.753186][ T6539] should_fail_ex+0x512/0x640 [ 114.753220][ T6539] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 114.753257][ T6539] should_failslab+0xc2/0x120 [ 114.753282][ T6539] __kmalloc_cache_noprof+0x6a/0x3e0 [ 114.753315][ T6539] ? alloc_super+0x52/0xbd0 [ 114.753350][ T6539] alloc_super+0x52/0xbd0 [ 114.753378][ T6539] ? sget_fc+0xd3/0xc20 [ 114.753416][ T6539] sget_fc+0x116/0xc20 [ 114.753448][ T6539] ? __pfx_set_anon_super_fc+0x10/0x10 [ 114.753479][ T6539] ? __pfx_mqueue_fill_super+0x10/0x10 [ 114.753514][ T6539] get_tree_nodev+0x28/0x190 [ 114.753549][ T6539] mqueue_get_tree+0xf1/0x130 [ 114.753584][ T6539] vfs_get_tree+0x8b/0x340 [ 114.753612][ T6539] fc_mount+0x18/0x110 [ 114.753639][ T6539] mq_init_ns+0x426/0x620 [ 114.753668][ T6539] copy_ipcs+0x383/0x610 [ 114.753692][ T6539] ? copy_utsname+0xab/0x470 [ 114.753734][ T6539] create_new_namespaces+0x20a/0xa90 [ 114.753763][ T6539] ? security_capable+0x7e/0x260 [ 114.753807][ T6539] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 114.753839][ T6539] ksys_unshare+0x45b/0xa40 [ 114.753871][ T6539] ? __pfx_ksys_unshare+0x10/0x10 [ 114.753903][ T6539] ? xfd_validate_state+0x61/0x180 [ 114.753945][ T6539] __x64_sys_unshare+0x31/0x40 [ 114.753975][ T6539] do_syscall_64+0xcd/0x490 [ 114.754014][ T6539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.754039][ T6539] RIP: 0033:0x7f8aa378e929 [ 114.754061][ T6539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.754086][ T6539] RSP: 002b:00007f8aa468a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 114.754110][ T6539] RAX: ffffffffffffffda RBX: 00007f8aa39b5fa0 RCX: 00007f8aa378e929 [ 114.754127][ T6539] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 114.754143][ T6539] RBP: 00007f8aa3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 114.754158][ T6539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.754173][ T6539] R13: 0000000000000000 R14: 00007f8aa39b5fa0 R15: 00007ffe86ae34d8 [ 114.754208][ T6539] [ 115.184552][ T6543] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 115.191613][ T6543] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 115.217221][ T6543] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 115.263736][ T6543] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 115.271032][ T6543] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.347171][ T6543] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.365051][ T6543] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 115.394051][ T6543] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.438509][ T6543] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.447551][ T6543] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 115.463701][ T6543] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 115.562456][ T6543] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 116.809874][ T6580] __vm_enough_memory: pid: 6580, comm: syz.0.278, bytes: 4398046511104 not enough memory for the allocation [ 116.954370][ T6580] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 117.260612][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 117.340342][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.420587][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 117.501079][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 117.848341][ T6601] FAULT_INJECTION: forcing a failure. [ 117.848341][ T6601] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 117.923184][ T6601] CPU: 1 UID: 0 PID: 6601 Comm: syz.2.285 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 117.923230][ T6601] Tainted: [U]=USER [ 117.923238][ T6601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.923253][ T6601] Call Trace: [ 117.923261][ T6601] [ 117.923271][ T6601] dump_stack_lvl+0x16c/0x1f0 [ 117.923314][ T6601] should_fail_ex+0x512/0x640 [ 117.923353][ T6601] should_fail_alloc_page+0xe7/0x130 [ 117.923379][ T6601] prepare_alloc_pages+0x3c2/0x610 [ 117.923415][ T6601] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 117.923459][ T6601] ? kasan_save_stack+0x42/0x60 [ 117.923487][ T6601] ? kasan_save_stack+0x33/0x60 [ 117.923513][ T6601] ? kasan_save_track+0x14/0x30 [ 117.923541][ T6601] ? __kasan_slab_alloc+0x89/0x90 [ 117.923569][ T6601] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 117.923599][ T6601] ? security_inode_alloc+0x3b/0x2b0 [ 117.923624][ T6601] ? inode_init_always_gfp+0xce4/0x1030 [ 117.923655][ T6601] ? alloc_inode+0x86/0x240 [ 117.923677][ T6601] ? sock_alloc+0x40/0x280 [ 117.923700][ T6601] ? __sock_create+0xc1/0x8d0 [ 117.923727][ T6601] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 117.923758][ T6601] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.923811][ T6601] ? sk_prot_alloc+0x1a8/0x2a0 [ 117.923837][ T6601] __alloc_pages_noprof+0xb/0x1b0 [ 117.923872][ T6601] ___kmalloc_large_node+0x84/0x1e0 [ 117.923897][ T6601] ? __lock_acquire+0x622/0x1c90 [ 117.923930][ T6601] ? sk_prot_alloc+0x1a8/0x2a0 [ 117.923953][ T6601] __kmalloc_large_node_noprof+0x1c/0x70 [ 117.923986][ T6601] __kmalloc_noprof.cold+0xc/0x61 [ 117.924026][ T6601] sk_prot_alloc+0x1a8/0x2a0 [ 117.924051][ T6601] sk_alloc+0x36/0xc20 [ 117.924084][ T6601] can_create+0x1e5/0x600 [ 117.924110][ T6601] __sock_create+0x338/0x8d0 [ 117.924147][ T6601] __sys_socket+0x14d/0x260 [ 117.924189][ T6601] ? __pfx___sys_socket+0x10/0x10 [ 117.924214][ T6601] ? xfd_validate_state+0x61/0x180 [ 117.924244][ T6601] ? __pfx_ksys_write+0x10/0x10 [ 117.924284][ T6601] __x64_sys_socket+0x72/0xb0 [ 117.924309][ T6601] ? lockdep_hardirqs_on+0x7c/0x110 [ 117.924342][ T6601] do_syscall_64+0xcd/0x490 [ 117.924378][ T6601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.924402][ T6601] RIP: 0033:0x7f8aa378e929 [ 117.924423][ T6601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.924444][ T6601] RSP: 002b:00007f8aa468a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 117.924477][ T6601] RAX: ffffffffffffffda RBX: 00007f8aa39b5fa0 RCX: 00007f8aa378e929 [ 117.924491][ T6601] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 117.924505][ T6601] RBP: 00007f8aa3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 117.924518][ T6601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.924531][ T6601] R13: 0000000000000000 R14: 00007f8aa39b5fa0 R15: 00007ffe86ae34d8 [ 117.924561][ T6601] [ 118.791873][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.289'. [ 119.340768][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.423882][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.505039][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 119.580437][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.425248][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 121.500348][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.580322][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.660433][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.800898][ T6655] kexec: Could not allocate control_code_buffer [ 122.714572][ T6731] UHID_CREATE from different security context by process 216 (syz.1.340), this is not allowed. [ 123.031501][ T6741] kAFS: Invalid Command on /proc/fs/afs/cells file [ 123.464499][ T6760] syz.2.354 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 123.646399][ T6768] __vm_enough_memory: pid: 6768, comm: syz.3.355, bytes: 4398046511104 not enough memory for the allocation [ 123.685704][ T6768] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 126.595291][ T6859] FAULT_INJECTION: forcing a failure. [ 126.595291][ T6859] name failslab, interval 1, probability 0, space 0, times 0 [ 126.620585][ T6859] CPU: 1 UID: 0 PID: 6859 Comm: syz.2.393 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 126.620626][ T6859] Tainted: [U]=USER [ 126.620634][ T6859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 126.620648][ T6859] Call Trace: [ 126.620656][ T6859] [ 126.620665][ T6859] dump_stack_lvl+0x16c/0x1f0 [ 126.620709][ T6859] should_fail_ex+0x512/0x640 [ 126.620743][ T6859] ? __kmalloc_noprof+0xbf/0x510 [ 126.620781][ T6859] ? create_ruleset+0x21/0x140 [ 126.620817][ T6859] should_failslab+0xc2/0x120 [ 126.620842][ T6859] __kmalloc_noprof+0xd2/0x510 [ 126.620874][ T6859] ? __might_fault+0xe3/0x190 [ 126.620906][ T6859] ? __might_fault+0xe3/0x190 [ 126.620943][ T6859] create_ruleset+0x21/0x140 [ 126.620977][ T6859] landlock_create_ruleset+0x77/0x230 [ 126.621019][ T6859] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 126.621056][ T6859] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 126.621107][ T6859] do_syscall_64+0xcd/0x490 [ 126.621146][ T6859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.621171][ T6859] RIP: 0033:0x7f8aa378e929 [ 126.621192][ T6859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.621214][ T6859] RSP: 002b:00007f8aa468a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 126.621238][ T6859] RAX: ffffffffffffffda RBX: 00007f8aa39b5fa0 RCX: 00007f8aa378e929 [ 126.621255][ T6859] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 126.621271][ T6859] RBP: 00007f8aa3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 126.621285][ T6859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.621300][ T6859] R13: 0000000000000000 R14: 00007f8aa39b5fa0 R15: 00007ffe86ae34d8 [ 126.621334][ T6859] [ 126.819728][ C1] vkms_vblank_simulate: vblank timer overrun [ 127.311116][ T6868] input: jJЧИ-Жš9у%vј“ћЈlаQ  J86ж‘ as /devices/virtual/input/input6 [ 128.164609][ T6897] Invalid ELF header magic: != ELF [ 128.205290][ T6899] FAULT_INJECTION: forcing a failure. [ 128.205290][ T6899] name failslab, interval 1, probability 0, space 0, times 0 [ 128.250188][ T6899] CPU: 1 UID: 0 PID: 6899 Comm: syz.3.413 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 128.250230][ T6899] Tainted: [U]=USER [ 128.250239][ T6899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 128.250253][ T6899] Call Trace: [ 128.250260][ T6899] [ 128.250275][ T6899] dump_stack_lvl+0x16c/0x1f0 [ 128.250318][ T6899] should_fail_ex+0x512/0x640 [ 128.250351][ T6899] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 128.250386][ T6899] should_failslab+0xc2/0x120 [ 128.250411][ T6899] __kmalloc_cache_noprof+0x6a/0x3e0 [ 128.250445][ T6899] ? acct_on+0x57/0x870 [ 128.250482][ T6899] acct_on+0x57/0x870 [ 128.250516][ T6899] __x64_sys_acct+0xaf/0x230 [ 128.250547][ T6899] ? lockdep_hardirqs_on+0x7c/0x110 [ 128.250581][ T6899] do_syscall_64+0xcd/0x490 [ 128.250620][ T6899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.250646][ T6899] RIP: 0033:0x7f3f8f18e929 [ 128.250667][ T6899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.250690][ T6899] RSP: 002b:00007f3f8ff83038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 128.250713][ T6899] RAX: ffffffffffffffda RBX: 00007f3f8f3b5fa0 RCX: 00007f3f8f18e929 [ 128.250730][ T6899] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 128.250745][ T6899] RBP: 00007f3f8f210b39 R08: 0000000000000000 R09: 0000000000000000 [ 128.250760][ T6899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.250775][ T6899] R13: 0000000000000000 R14: 00007f3f8f3b5fa0 R15: 00007fff66e28e28 [ 128.250810][ T6899] [ 128.420510][ C1] vkms_vblank_simulate: vblank timer overrun [ 129.493871][ T6940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.431'. [ 132.941921][ T7051] __vm_enough_memory: pid: 7051, comm: syz.3.477, bytes: 4398046511104 not enough memory for the allocation [ 132.945462][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.945573][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.965797][ T7048] Console: switching to colour VGA+ 80x25 [ 133.156075][ T30] audit: type=1804 audit(1750674364.318:2): pid=7056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.480" name="/newroot/115/file0" dev="tmpfs" ino=596 res=1 errno=0 [ 133.233249][ T30] audit: type=1800 audit(1750674364.318:3): pid=7056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.480" name="file0" dev="tmpfs" ino=596 res=0 errno=0 [ 133.309129][ T7061] device-mapper: ioctl: device name cannot contain '/' [ 138.657051][ T7229] aoe: could not set interface list: too many interfaces [ 139.990051][ T7267] FAULT_INJECTION: forcing a failure. [ 139.990051][ T7267] name failslab, interval 1, probability 0, space 0, times 0 [ 140.068284][ T7267] CPU: 0 UID: 0 PID: 7267 Comm: syz.0.572 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 140.068328][ T7267] Tainted: [U]=USER [ 140.068337][ T7267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 140.068351][ T7267] Call Trace: [ 140.068360][ T7267] [ 140.068370][ T7267] dump_stack_lvl+0x16c/0x1f0 [ 140.068415][ T7267] should_fail_ex+0x512/0x640 [ 140.068448][ T7267] ? __kmalloc_noprof+0xbf/0x510 [ 140.068485][ T7267] ? __do_sys_futex_waitv+0x221/0x2c0 [ 140.068515][ T7267] should_failslab+0xc2/0x120 [ 140.068539][ T7267] __kmalloc_noprof+0xd2/0x510 [ 140.068581][ T7267] __do_sys_futex_waitv+0x221/0x2c0 [ 140.068610][ T7267] ? __pfx___do_sys_futex_waitv+0x10/0x10 [ 140.068660][ T7267] do_syscall_64+0xcd/0x490 [ 140.068697][ T7267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.068722][ T7267] RIP: 0033:0x7f965a58e929 [ 140.068743][ T7267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.068764][ T7267] RSP: 002b:00007f96583f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c1 [ 140.068788][ T7267] RAX: ffffffffffffffda RBX: 00007f965a7b5fa0 RCX: 00007f965a58e929 [ 140.068806][ T7267] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000000 [ 140.068822][ T7267] RBP: 00007f965a610b39 R08: 000000000000623d R09: 0000000000000000 [ 140.068839][ T7267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 140.068853][ T7267] R13: 0000000000000000 R14: 00007f965a7b5fa0 R15: 00007ffcb3eac768 [ 140.068885][ T7267] [ 146.277545][ T7465] syz.2.662 uses obsolete (PF_INET,SOCK_PACKET) [ 149.187211][ T30] audit: type=1800 audit(1750674380.358:4): pid=7539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.694" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 150.322860][ T7573] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.709'. [ 150.517570][ T7579] phram: not enough arguments [ 150.518908][ T7576] input: jJЧИ-Жš9у%vј“ћЈlаQ  J86ж‘ as /devices/virtual/input/input8 [ 151.742568][ T7616] FAULT_INJECTION: forcing a failure. [ 151.742568][ T7616] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 151.775877][ T7616] CPU: 1 UID: 0 PID: 7616 Comm: syz.1.727 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 151.775923][ T7616] Tainted: [U]=USER [ 151.775931][ T7616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 151.775946][ T7616] Call Trace: [ 151.775954][ T7616] [ 151.775963][ T7616] dump_stack_lvl+0x16c/0x1f0 [ 151.776008][ T7616] should_fail_ex+0x512/0x640 [ 151.776047][ T7616] should_fail_alloc_page+0xe7/0x130 [ 151.776075][ T7616] prepare_alloc_pages+0x3c2/0x610 [ 151.776112][ T7616] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 151.776159][ T7616] ? __lock_acquire+0x622/0x1c90 [ 151.776199][ T7616] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 151.776233][ T7616] ? __lock_acquire+0x622/0x1c90 [ 151.776283][ T7616] ? find_held_lock+0x2b/0x80 [ 151.776307][ T7616] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 151.776345][ T7616] ? policy_nodemask+0xea/0x4e0 [ 151.776372][ T7616] alloc_pages_mpol+0x1fb/0x550 [ 151.776399][ T7616] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 151.776434][ T7616] folio_alloc_mpol_noprof+0x36/0x2f0 [ 151.776464][ T7616] shmem_alloc_folio+0x135/0x160 [ 151.776506][ T7616] shmem_alloc_and_add_folio+0x499/0xc20 [ 151.776550][ T7616] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 151.776590][ T7616] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 151.776634][ T7616] shmem_get_folio_gfp+0x67f/0x1600 [ 151.776675][ T7616] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 151.776713][ T7616] ? filemap_map_pages+0xf6f/0x1680 [ 151.776751][ T7616] shmem_fault+0x1fe/0xa30 [ 151.776779][ T7616] ? __lock_acquire+0x622/0x1c90 [ 151.776805][ T7616] ? __pfx_shmem_fault+0x10/0x10 [ 151.776838][ T7616] ? rcu_is_watching+0x12/0xc0 [ 151.776863][ T7616] ? __pfx_filemap_map_pages+0x10/0x10 [ 151.776905][ T7616] __do_fault+0x10a/0x490 [ 151.776940][ T7616] __handle_mm_fault+0x3c2a/0x5490 [ 151.776974][ T7616] ? __pfx___handle_mm_fault+0x10/0x10 [ 151.777029][ T7616] handle_mm_fault+0x589/0xd10 [ 151.777064][ T7616] __get_user_pages+0x589/0x3b80 [ 151.777101][ T7616] ? __pfx_mt_find+0x10/0x10 [ 151.777126][ T7616] ? __pfx___get_user_pages+0x10/0x10 [ 151.777164][ T7616] populate_vma_page_range+0x278/0x3a0 [ 151.777194][ T7616] ? __pfx_populate_vma_page_range+0x10/0x10 [ 151.777220][ T7616] ? __pfx_find_vma_intersection+0x10/0x10 [ 151.777250][ T7616] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 151.777290][ T7616] __mm_populate+0x1d8/0x380 [ 151.777320][ T7616] ? __pfx___mm_populate+0x10/0x10 [ 151.777351][ T7616] ? up_write+0x1b2/0x520 [ 151.777387][ T7616] do_mlock+0x448/0x810 [ 151.777424][ T7616] ? __pfx_do_mlock+0x10/0x10 [ 151.777455][ T7616] ? __x64_sys_futex+0x1e0/0x4c0 [ 151.777495][ T7616] ? __x64_sys_futex+0x1e9/0x4c0 [ 151.777526][ T7616] ? fput+0x70/0xf0 [ 151.777551][ T7616] ? xfd_validate_state+0x61/0x180 [ 151.777578][ T7616] ? __pfx_ksys_write+0x10/0x10 [ 151.777620][ T7616] __x64_sys_mlock+0x59/0x80 [ 151.777653][ T7616] do_syscall_64+0xcd/0x490 [ 151.777690][ T7616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.777716][ T7616] RIP: 0033:0x7faeb778e929 [ 151.777738][ T7616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.777763][ T7616] RSP: 002b:00007faeb8529038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 151.777787][ T7616] RAX: ffffffffffffffda RBX: 00007faeb79b5fa0 RCX: 00007faeb778e929 [ 151.777804][ T7616] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000001 [ 151.777820][ T7616] RBP: 00007faeb7810b39 R08: 0000000000000000 R09: 0000000000000000 [ 151.777835][ T7616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.777850][ T7616] R13: 0000000000000000 R14: 00007faeb79b5fa0 R15: 00007ffca2967978 [ 151.777883][ T7616] [ 153.360727][ T7652] netlink: 198 bytes leftover after parsing attributes in process `syz.2.742'. [ 153.764408][ T7670] bridge0: port 3(gretap0) entered blocking state [ 153.784034][ T7670] bridge0: port 3(gretap0) entered disabled state [ 153.810585][ T7670] gretap0: entered allmulticast mode [ 153.847808][ T7670] gretap0: entered promiscuous mode [ 153.869562][ T7670] bridge0: port 3(gretap0) entered blocking state [ 153.876538][ T7670] bridge0: port 3(gretap0) entered forwarding state [ 155.123965][ T7712] sctp: [Deprecated]: syz.1.767 (pid 7712) Use of struct sctp_assoc_value in delayed_ack socket option. [ 155.123965][ T7712] Use struct sctp_sack_info instead [ 156.796885][ T7766] FAULT_INJECTION: forcing a failure. [ 156.796885][ T7766] name failslab, interval 1, probability 0, space 0, times 0 [ 156.830190][ T7766] CPU: 1 UID: 0 PID: 7766 Comm: syz.1.792 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 156.830228][ T7766] Tainted: [U]=USER [ 156.830236][ T7766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 156.830250][ T7766] Call Trace: [ 156.830259][ T7766] [ 156.830269][ T7766] dump_stack_lvl+0x16c/0x1f0 [ 156.830313][ T7766] should_fail_ex+0x512/0x640 [ 156.830346][ T7766] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 156.830382][ T7766] should_failslab+0xc2/0x120 [ 156.830407][ T7766] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 156.830449][ T7766] ? trace_kmem_cache_alloc+0x28/0xc0 [ 156.830474][ T7766] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 156.830509][ T7766] ? mas_alloc_nodes+0x18b/0x8b0 [ 156.830545][ T7766] ? mas_alloc_nodes+0x2f1/0x8b0 [ 156.830575][ T7766] mas_alloc_nodes+0x2f1/0x8b0 [ 156.830615][ T7766] mas_node_count_gfp+0x105/0x130 [ 156.830651][ T7766] mas_preallocate+0x77b/0xda0 [ 156.830684][ T7766] ? __pfx_mas_preallocate+0x10/0x10 [ 156.830720][ T7766] ? vma_merge_new_range+0x37f/0xa00 [ 156.830752][ T7766] ? vm_area_alloc+0x1f/0x160 [ 156.830784][ T7766] ? lockdep_init_map_type+0x5c/0x280 [ 156.830821][ T7766] __mmap_region+0x1104/0x25e0 [ 156.830861][ T7766] ? __pfx___mmap_region+0x10/0x10 [ 156.830895][ T7766] ? rcu_is_watching+0x12/0xc0 [ 156.830937][ T7766] ? rcu_is_watching+0x12/0xc0 [ 156.830963][ T7766] ? trace_sched_exit_tp+0xde/0x130 [ 156.830994][ T7766] ? __schedule+0x1181/0x5de0 [ 156.831049][ T7766] ? __pfx___schedule+0x10/0x10 [ 156.831127][ T7766] ? mm_get_unmapped_area+0x95/0xe0 [ 156.831162][ T7766] mmap_region+0x1ab/0x3f0 [ 156.831197][ T7766] ? __get_unmapped_area+0x267/0x440 [ 156.831228][ T7766] do_mmap+0xa3e/0x1210 [ 156.831262][ T7766] ? __pfx_do_mmap+0x10/0x10 [ 156.831290][ T7766] ? __pfx_down_write_killable+0x10/0x10 [ 156.831323][ T7766] vm_mmap_pgoff+0x281/0x450 [ 156.831356][ T7766] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 156.831390][ T7766] ? __x64_sys_futex+0x1e0/0x4c0 [ 156.831417][ T7766] ? __x64_sys_futex+0x1e9/0x4c0 [ 156.831451][ T7766] ksys_mmap_pgoff+0x7d/0x5c0 [ 156.831476][ T7766] ? xfd_validate_state+0x61/0x180 [ 156.831505][ T7766] ? __pfx_ksys_write+0x10/0x10 [ 156.831542][ T7766] __x64_sys_mmap+0x125/0x190 [ 156.831579][ T7766] do_syscall_64+0xcd/0x490 [ 156.831618][ T7766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.831643][ T7766] RIP: 0033:0x7faeb778e929 [ 156.831682][ T7766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.831707][ T7766] RSP: 002b:00007faeb8529038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 156.831731][ T7766] RAX: ffffffffffffffda RBX: 00007faeb79b5fa0 RCX: 00007faeb778e929 [ 156.831749][ T7766] RDX: 00004000000000df RSI: 0000000000020009 RDI: 00007ffffffde000 [ 156.831765][ T7766] RBP: 00007faeb7810b39 R08: 0000000000000401 R09: 0000000000008000 [ 156.831781][ T7766] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 156.831797][ T7766] R13: 0000000000000000 R14: 00007faeb79b5fa0 R15: 00007ffca2967978 [ 156.831832][ T7766] [ 157.532775][ T7773] block nbd0: Unsupported socket: shutdown callout must be supported. [ 158.536345][ T7800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.806'. [ 159.832312][ T7839] nbd: socks must be embedded in a SOCK_ITEM attr [ 160.047649][ T7847] bridge0: port 3(vlan1) entered blocking state [ 160.052353][ T7845] netlink: 'syz.3.825': attribute type 1 has an invalid length. [ 160.054938][ T7847] bridge0: port 3(vlan1) entered disabled state [ 160.092541][ T7847] vlan1: entered allmulticast mode [ 160.097851][ T7847] veth0_vlan: entered allmulticast mode [ 160.112187][ T7847] vlan1: entered promiscuous mode [ 160.133145][ T7847] bridge0: port 3(vlan1) entered blocking state [ 160.139804][ T7847] bridge0: port 3(vlan1) entered listening state [ 161.309415][ T7890] input: jJЧИ-Жš9у%vј“ћЈlаQ  J86ж‘ as /devices/virtual/input/input9 [ 162.452567][ T7932] FAULT_INJECTION: forcing a failure. [ 162.452567][ T7932] name failslab, interval 1, probability 0, space 0, times 0 [ 162.469132][ T7932] CPU: 0 UID: 0 PID: 7932 Comm: syz.3.865 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 162.469177][ T7932] Tainted: [U]=USER [ 162.469186][ T7932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 162.469201][ T7932] Call Trace: [ 162.469210][ T7932] [ 162.469220][ T7932] dump_stack_lvl+0x16c/0x1f0 [ 162.469263][ T7932] should_fail_ex+0x512/0x640 [ 162.469302][ T7932] ? __kmalloc_noprof+0xbf/0x510 [ 162.469341][ T7932] ? constrain_params_by_rules+0x175/0xca0 [ 162.469370][ T7932] should_failslab+0xc2/0x120 [ 162.469395][ T7932] __kmalloc_noprof+0xd2/0x510 [ 162.469427][ T7932] ? unwind_get_return_address+0x59/0xa0 [ 162.469470][ T7932] constrain_params_by_rules+0x175/0xca0 [ 162.469506][ T7932] ? stack_trace_save+0x8e/0xc0 [ 162.469535][ T7932] ? stack_depot_save_flags+0x28/0xa40 [ 162.469569][ T7932] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 162.469603][ T7932] ? __kasan_kmalloc+0xaa/0xb0 [ 162.469633][ T7932] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 162.469661][ T7932] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 162.469686][ T7932] ? snd_pcm_oss_sync+0x1de/0x840 [ 162.469723][ T7932] ? rcu_is_watching+0x12/0xc0 [ 162.469747][ T7932] ? snd_interval_refine+0x2fa/0x580 [ 162.469785][ T7932] snd_pcm_hw_refine+0x7de/0xad0 [ 162.469819][ T7932] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 162.469861][ T7932] ? __asan_memset+0x23/0x50 [ 162.469890][ T7932] ? _snd_pcm_hw_param_min+0x259/0x630 [ 162.469923][ T7932] snd_pcm_oss_change_params_locked+0x65e/0x3a30 [ 162.469956][ T7932] ? rcu_is_watching+0x12/0xc0 [ 162.469990][ T7932] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 162.470022][ T7932] ? __pfx___mutex_lock+0x10/0x10 [ 162.470086][ T7932] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 162.470112][ T7932] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 162.470136][ T7932] snd_pcm_oss_sync+0x1de/0x840 [ 162.470163][ T7932] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 162.470186][ T7932] snd_pcm_oss_release+0x28b/0x310 [ 162.470214][ T7932] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 162.470239][ T7932] __fput+0x3ff/0xb70 [ 162.470268][ T7932] task_work_run+0x14d/0x240 [ 162.470311][ T7932] ? __pfx_task_work_run+0x10/0x10 [ 162.470347][ T7932] ? __pfx___do_sys_close_range+0x10/0x10 [ 162.470388][ T7932] exit_to_user_mode_loop+0xeb/0x110 [ 162.470424][ T7932] do_syscall_64+0x3f6/0x490 [ 162.470462][ T7932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.470487][ T7932] RIP: 0033:0x7f3f8f18e929 [ 162.470508][ T7932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.470528][ T7932] RSP: 002b:00007f3f8ff83038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 162.470549][ T7932] RAX: 0000000000000000 RBX: 00007f3f8f3b5fa0 RCX: 00007f3f8f18e929 [ 162.470563][ T7932] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 162.470578][ T7932] RBP: 00007f3f8f210b39 R08: 0000000000000000 R09: 0000000000000000 [ 162.470591][ T7932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.470604][ T7932] R13: 0000000000000000 R14: 00007f3f8f3b5fa0 R15: 00007fff66e28e28 [ 162.470633][ T7932] [ 163.052017][ T7941] netlink: 186 bytes leftover after parsing attributes in process `syz.3.869'. [ 164.759506][ T7993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.893'. [ 165.107338][ T8004] binder: 8001:8004 ioctl c018620b 0 returned -14 [ 165.819594][ T8027] mtrr: base(0x7961000) is not aligned on a size(0x0000) boundary [ 168.595383][ T8124] netlink: 350 bytes leftover after parsing attributes in process `syz.0.951'. [ 169.607943][ T8154] sctp: [Deprecated]: syz.3.962 (pid 8154) Use of struct sctp_assoc_value in delayed_ack socket option. [ 169.607943][ T8154] Use struct sctp_sack_info instead [ 171.186438][ T8206] netlink: 342 bytes leftover after parsing attributes in process `syz.1.985'. [ 173.278496][ T30] audit: type=1800 audit(1750674404.448:5): pid=8275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1018" name="dmabuf" dev="dmabuf" ino=6 res=0 errno=0 [ 174.109834][ T30] audit: type=1800 audit(1750674405.278:6): pid=8303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1029" name="features" dev="configfs" ino=14669 res=0 errno=0 [ 174.201155][ T8305] IPVS: length: 256 != 24 [ 175.181299][ C1] bridge0: port 3(vlan1) entered learning state [ 175.607546][ T8349] bridge0: port 3(ipvlan1) entered blocking state [ 175.640996][ T8349] bridge0: port 3(ipvlan1) entered disabled state [ 175.660829][ T8349] ipvlan1: entered allmulticast mode [ 175.666195][ T8349] veth0_vlan: entered allmulticast mode [ 175.683404][ T8349] ipvlan1: left allmulticast mode [ 175.702579][ T8349] veth0_vlan: left allmulticast mode [ 175.765784][ T8354] ======================================================= [ 175.765784][ T8354] WARNING: The mand mount option has been deprecated and [ 175.765784][ T8354] and is ignored by this kernel. Remove the mand [ 175.765784][ T8354] option from the mount to silence this warning. [ 175.765784][ T8354] ======================================================= [ 176.421729][ T8373] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1061'. [ 176.766074][ T8388] netlink: 'syz.1.1075': attribute type 11 has an invalid length. [ 177.732915][ T8413] sd 0:0:1:0: PR command failed: 1026 [ 177.748815][ T8413] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 177.758905][ T8413] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 179.669558][ T8470] ptrace attach of "./syz-executor exec"[5835] was attempted by ""[8470] [ 179.776061][ T8475] block nbd9: NBD_DISCONNECT [ 181.122209][ T8516] vivid-007: ================= START STATUS ================= [ 181.140197][ T8516] vivid-007: Generate PTS: true [ 181.146168][ T8516] vivid-007: Generate SCR: true [ 181.160571][ T8516] tpg source WxH: 320x240 (Y'CbCr) [ 181.250513][ T8516] tpg field: 1 [ 181.290517][ T8516] tpg crop: (0,0)/320x240 [ 181.298485][ T8516] tpg compose: (0,0)/320x240 [ 181.318679][ T8516] tpg colorspace: 8 [ 181.338937][ T8516] tpg transfer function: 0/0 [ 181.356108][ T8516] tpg Y'CbCr encoding: 0/0 [ 181.365027][ T8516] tpg quantization: 0/0 [ 181.376299][ T8516] tpg RGB range: 0/2 [ 181.382082][ T8516] vivid-007: ================== END STATUS ================== [ 182.034079][ T8547] FAULT_INJECTION: forcing a failure. [ 182.034079][ T8547] name failslab, interval 1, probability 0, space 0, times 0 [ 182.064661][ T8547] CPU: 0 UID: 0 PID: 8547 Comm: syz.3.1138 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 182.064703][ T8547] Tainted: [U]=USER [ 182.064711][ T8547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.064726][ T8547] Call Trace: [ 182.064734][ T8547] [ 182.064747][ T8547] dump_stack_lvl+0x16c/0x1f0 [ 182.064788][ T8547] should_fail_ex+0x512/0x640 [ 182.064821][ T8547] ? __kmalloc_noprof+0xbf/0x510 [ 182.064857][ T8547] ? sk_prot_alloc+0x1a8/0x2a0 [ 182.064880][ T8547] should_failslab+0xc2/0x120 [ 182.064904][ T8547] __kmalloc_noprof+0xd2/0x510 [ 182.064940][ T8547] sk_prot_alloc+0x1a8/0x2a0 [ 182.064966][ T8547] sk_alloc+0x36/0xc20 [ 182.064998][ T8547] alg_create+0x9e/0x150 [ 182.065033][ T8547] __sock_create+0x338/0x8d0 [ 182.065064][ T8547] __sys_socket+0x14d/0x260 [ 182.065089][ T8547] ? __pfx___sys_socket+0x10/0x10 [ 182.065115][ T8547] ? xfd_validate_state+0x61/0x180 [ 182.065158][ T8547] __x64_sys_socket+0x72/0xb0 [ 182.065184][ T8547] ? lockdep_hardirqs_on+0x7c/0x110 [ 182.065214][ T8547] do_syscall_64+0xcd/0x490 [ 182.065250][ T8547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.065275][ T8547] RIP: 0033:0x7f3f8f18e929 [ 182.065294][ T8547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.065316][ T8547] RSP: 002b:00007f3f8ff83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 182.065339][ T8547] RAX: ffffffffffffffda RBX: 00007f3f8f3b5fa0 RCX: 00007f3f8f18e929 [ 182.065356][ T8547] RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000026 [ 182.065370][ T8547] RBP: 00007f3f8f210b39 R08: 0000000000000000 R09: 0000000000000000 [ 182.065384][ T8547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.065398][ T8547] R13: 0000000000000000 R14: 00007f3f8f3b5fa0 R15: 00007fff66e28e28 [ 182.065430][ T8547] [ 183.960674][ T8608] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1165'. [ 187.915028][ T8717] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 189.023491][ T30] audit: type=1326 audit(1750674420.188:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.2.1228" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8aa378e929 code=0x0 [ 190.541064][ C1] bridge0: port 3(vlan1) entered forwarding state [ 190.547616][ C1] bridge0: topology change detected, propagating [ 190.921776][ T8823] zswap: compressor not available [ 191.817946][ T8870] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 193.060486][ T8904] input: jJЧИ-Жš9у%vј“ћЈlаQ  J86ж‘ as /devices/virtual/input/input10 [ 193.669991][ T5834] Bluetooth: hci3: unexpected event 0x31 length: 311 > 6 [ 193.830567][ T8920] netlink: Unknown conntrack attr (0) [ 194.384865][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.394536][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.864542][ T8952] syz.0.1317 (8952) used greatest stack depth: 21320 bytes left [ 196.745143][ T8995] vhci_hcd: invalid port number 23 [ 196.918761][ T9002] could not allocate digest TFM handle  [ 197.303683][ T9017] zswap: compressor not available [ 198.084813][ T9049] zero sized request [ 199.949807][ T9119] netlink: 198 bytes leftover after parsing attributes in process `syz.1.1385'. [ 200.909015][ T9150] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 201.923518][ T9178] rtc_cmos 00:00: Alarms can be up to one day in the future [ 202.506800][ T9196] relay: one or more items not logged [item size (56) > sub-buffer size (4)] [ 202.750337][ T43] rtc_cmos 00:00: Alarms can be up to one day in the future [ 202.772783][ T43] rtc_cmos 00:00: Alarms can be up to one day in the future [ 202.789304][ T9201] ovs_џў: entered promiscuous mode [ 202.800420][ T43] rtc_cmos 00:00: Alarms can be up to one day in the future [ 202.840420][ T43] rtc_cmos 00:00: Alarms can be up to one day in the future [ 202.863113][ T43] rtc rtc0: __rtc_set_alarm: err=-22 [ 204.081952][ T9246] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1438'. [ 208.581754][ T9402] size and base must be multiples of 4 kiB [ 208.587788][ T9402] CPU: 1 UID: 0 PID: 9402 Comm: syz.0.1506 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 208.587830][ T9402] Tainted: [U]=USER [ 208.587839][ T9402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 208.587854][ T9402] Call Trace: [ 208.587863][ T9402] [ 208.587873][ T9402] dump_stack_lvl+0x16c/0x1f0 [ 208.587916][ T9402] mtrr_del+0xd1/0x110 [ 208.587947][ T9402] mtrr_ioctl+0x922/0xcf0 [ 208.587977][ T9402] ? __pfx_mtrr_ioctl+0x10/0x10 [ 208.588013][ T9402] ? find_held_lock+0x2b/0x80 [ 208.588048][ T9402] ? __fget_files+0x20e/0x3c0 [ 208.588082][ T9402] ? __pfx_mtrr_ioctl+0x10/0x10 [ 208.588111][ T9402] proc_reg_unlocked_ioctl+0x229/0x320 [ 208.588145][ T9402] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 208.588183][ T9402] __x64_sys_ioctl+0x18e/0x210 [ 208.588214][ T9402] do_syscall_64+0xcd/0x490 [ 208.588251][ T9402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.588277][ T9402] RIP: 0033:0x7f965a58e929 [ 208.588298][ T9402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.588321][ T9402] RSP: 002b:00007f96583f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 208.588346][ T9402] RAX: ffffffffffffffda RBX: 00007f965a7b5fa0 RCX: 00007f965a58e929 [ 208.588363][ T9402] RDX: 0000000000000007 RSI: 0000000040104d04 RDI: 0000000000000003 [ 208.588378][ T9402] RBP: 00007f965a610b39 R08: 0000000000000000 R09: 0000000000000000 [ 208.588393][ T9402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.588408][ T9402] R13: 0000000000000000 R14: 00007f965a7b5fa0 R15: 00007ffcb3eac768 [ 208.588442][ T9402] [ 208.852779][ T9407] overlayfs: missing 'lowerdir' [ 209.042981][ T9413] syz.3.1510 (9413) used greatest stack depth: 20808 bytes left [ 209.820803][ T9440] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1522'. [ 210.672633][ T9469] Invalid ELF header magic: != ELF [ 211.925329][ T9510] sd 0:0:1:0: PR command failed: 1026 [ 211.945141][ T9510] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 211.972843][ T9510] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 213.624596][ T9565] ima: policy update failed [ 213.631247][ T30] audit: type=1807 audit(1750674444.788:8): UNKNOWN=ђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџ [ 213.631523][ T30] audit: type=1802 audit(1750674444.798:9): pid=9566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.1576" res=0 errno=0 [ 213.670188][ T9575] netlink: 'syz.3.1580': attribute type 2 has an invalid length. [ 213.770712][ T9575] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1580'. [ 213.867231][ T30] audit: type=1802 audit(1750674444.928:10): pid=9565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1576" res=0 errno=0 [ 215.876223][ T9655] netlink: 'syz.2.1615': attribute type 2 has an invalid length. [ 216.910605][ T9695] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1633'. [ 217.121719][ T9706] bridge0: port 4(hsr0) entered blocking state [ 217.145514][ T9706] bridge0: port 4(hsr0) entered disabled state [ 217.145716][ T9706] hsr0: entered allmulticast mode [ 217.145736][ T9706] hsr_slave_0: entered allmulticast mode [ 217.145755][ T9706] hsr_slave_1: entered allmulticast mode [ 217.151571][ T9706] hsr0: entered promiscuous mode [ 217.185314][ T9708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1640'. [ 217.228596][ T9706] bridge0: port 4(hsr0) entered blocking state [ 217.228727][ T9706] bridge0: port 4(hsr0) entered forwarding state [ 218.623865][ T5834] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 218.623904][ T5834] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 218.641190][ T5834] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 218.641255][ T5834] Bluetooth: hci0: adv larger than maximum supported [ 218.648573][ T5834] Bluetooth: hci0: adv larger than maximum supported [ 218.657035][ T5834] Bluetooth: hci0: Malformed LE Event: 0x0d [ 218.728754][ T9757] ima: policy update failed [ 218.730497][ T30] audit: type=1807 audit(1750674449.898:11): UNKNOWN=ђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџ [ 218.733411][ T30] audit: type=1802 audit(1750674449.898:12): pid=9758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.1662" res=0 errno=0 [ 218.851342][ T30] audit: type=1802 audit(1750674449.928:13): pid=9757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1662" res=0 errno=0 [ 220.967254][ T9824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1689'. [ 221.557871][ T9836] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967282 out of range (51000000..2150000000) [ 221.599182][ T9842] FAULT_INJECTION: forcing a failure. [ 221.599182][ T9842] name failslab, interval 1, probability 0, space 0, times 0 [ 221.624102][ T9842] CPU: 0 UID: 0 PID: 9842 Comm: syz.3.1699 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 221.624163][ T9842] Tainted: [U]=USER [ 221.624172][ T9842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.624187][ T9842] Call Trace: [ 221.624195][ T9842] [ 221.624206][ T9842] dump_stack_lvl+0x16c/0x1f0 [ 221.624250][ T9842] should_fail_ex+0x512/0x640 [ 221.624284][ T9842] ? fs_reclaim_acquire+0xae/0x150 [ 221.624316][ T9842] should_failslab+0xc2/0x120 [ 221.624342][ T9842] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 221.624378][ T9842] ? security_inode_alloc+0x3b/0x2b0 [ 221.624410][ T9842] security_inode_alloc+0x3b/0x2b0 [ 221.624437][ T9842] inode_init_always_gfp+0xce4/0x1030 [ 221.624476][ T9842] alloc_inode+0x86/0x240 [ 221.624502][ T9842] create_pipe_files+0x4c/0x930 [ 221.624542][ T9842] do_pipe2+0xaf/0x1c0 [ 221.624575][ T9842] ? __pfx_do_pipe2+0x10/0x10 [ 221.624610][ T9842] ? xfd_validate_state+0x61/0x180 [ 221.624639][ T9842] ? __pfx_ksys_write+0x10/0x10 [ 221.624679][ T9842] __x64_sys_pipe+0x33/0x50 [ 221.624714][ T9842] do_syscall_64+0xcd/0x490 [ 221.624753][ T9842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.624779][ T9842] RIP: 0033:0x7f3f8f18e929 [ 221.624799][ T9842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.624822][ T9842] RSP: 002b:00007f3f8ff83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 221.624846][ T9842] RAX: ffffffffffffffda RBX: 00007f3f8f3b5fa0 RCX: 00007f3f8f18e929 [ 221.624863][ T9842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 221.624877][ T9842] RBP: 00007f3f8f210b39 R08: 0000000000000000 R09: 0000000000000000 [ 221.624889][ T9842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.624903][ T9842] R13: 0000000000000000 R14: 00007f3f8f3b5fa0 R15: 00007fff66e28e28 [ 221.624937][ T9842] [ 223.120316][ T9887] zswap: compressor not available [ 223.327383][ T5834] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 223.327425][ T5834] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 223.350235][ T5834] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 223.350292][ T5834] Bluetooth: hci2: adv larger than maximum supported [ 223.358445][ T5834] Bluetooth: hci2: adv larger than maximum supported [ 223.365399][ T5834] Bluetooth: hci2: Malformed LE Event: 0x0d [ 223.531906][ T5834] Bluetooth: hci1: Malformed HCI Event [ 224.765933][ T9947] ovs_: entered promiscuous mode [ 226.536568][ T9988] zswap: compressor not available [ 226.551195][ T9995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1764'. [ 226.885836][T10006] bridge0: port 4(hsr_slave_1) entered blocking state [ 226.899482][T10006] bridge0: port 4(hsr_slave_1) entered disabled state [ 226.952210][T10006] hsr_slave_1: entered allmulticast mode [ 226.971316][T10006] hsr_slave_1: left allmulticast mode [ 227.273164][ T5834] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 227.273202][ T5834] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 227.289885][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 227.289938][ T5834] Bluetooth: hci3: adv larger than maximum supported [ 227.300564][ T5834] Bluetooth: hci3: adv larger than maximum supported [ 227.309647][ T5834] Bluetooth: hci3: Malformed LE Event: 0x0d [ 228.018514][T10035] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.32768.1), cmd(10) [ 228.092231][T10029] Invalid ELF header len 1 [ 228.202461][T10039] ovs_џУ: entered promiscuous mode [ 228.726803][T10058] sctp: [Deprecated]: syz.0.1792 (pid 10058) Use of int in maxseg socket option. [ 228.726803][T10058] Use struct sctp_assoc_value instead [ 229.589731][T10085] vivid-007: ================= START STATUS ================= [ 229.610250][T10085] vivid-007: Generate PTS: true [ 229.615210][T10085] vivid-007: Generate SCR: true [ 229.650196][T10085] tpg source WxH: 320x240 (Y'CbCr) [ 229.655566][T10085] tpg field: 1 [ 229.659224][T10085] tpg crop: (0,0)/320x240 [ 229.691741][T10085] tpg compose: (0,0)/320x240 [ 229.697106][T10085] tpg colorspace: 8 [ 229.720227][T10085] tpg transfer function: 0/0 [ 229.724882][T10085] tpg Y'CbCr encoding: 0/0 [ 229.729329][T10085] tpg quantization: 0/0 [ 229.740571][T10085] tpg RGB range: 0/2 [ 229.751926][T10085] vivid-007: ================== END STATUS ================== [ 231.431688][T10093] kexec: Could not allocate control_code_buffer [ 232.241632][T10135] bridge0: port 3(veth0_to_bridge) entered blocking state [ 232.251795][T10135] bridge0: port 3(veth0_to_bridge) entered disabled state [ 232.270321][T10135] veth0_to_bridge: entered allmulticast mode [ 232.282086][T10135] veth0_to_bridge: entered promiscuous mode [ 232.299215][T10135] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 232.329470][T10135] bridge0: port 3(veth0_to_bridge) entered blocking state [ 232.337857][T10135] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 232.630535][T10143] program syz.2.1826 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 232.986675][T10148] sctp: [Deprecated]: syz.2.1830 (pid 10148) Use of struct sctp_assoc_value in delayed_ack socket option. [ 232.986675][T10148] Use struct sctp_sack_info instead [ 233.845407][T10174] bond0: option arp_validate: invalid value () [ 234.349629][T10191] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1848'. [ 240.011598][T10328] FAULT_INJECTION: forcing a failure. [ 240.011598][T10328] name failslab, interval 1, probability 0, space 0, times 0 [ 240.091896][T10328] CPU: 0 UID: 0 PID: 10328 Comm: syz.0.1907 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 240.091941][T10328] Tainted: [U]=USER [ 240.091950][T10328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 240.091980][T10328] Call Trace: [ 240.091989][T10328] [ 240.092000][T10328] dump_stack_lvl+0x16c/0x1f0 [ 240.092045][T10328] should_fail_ex+0x512/0x640 [ 240.092079][T10328] ? __kmalloc_noprof+0xbf/0x510 [ 240.092118][T10328] ? lsm_blob_alloc+0x68/0x90 [ 240.092161][T10328] should_failslab+0xc2/0x120 [ 240.092188][T10328] __kmalloc_noprof+0xd2/0x510 [ 240.092232][T10328] lsm_blob_alloc+0x68/0x90 [ 240.092269][T10328] security_sk_alloc+0x30/0x270 [ 240.092297][T10328] sk_prot_alloc+0x1c7/0x2a0 [ 240.092328][T10328] sk_alloc+0x36/0xc20 [ 240.092363][T10328] mctp_pf_create+0xe8/0x330 [ 240.092400][T10328] __sock_create+0x338/0x8d0 [ 240.092435][T10328] __sys_socket+0x14d/0x260 [ 240.092487][T10328] ? __pfx___sys_socket+0x10/0x10 [ 240.092517][T10328] ? xfd_validate_state+0x61/0x180 [ 240.092544][T10328] ? __pfx___do_sys_prctl+0x10/0x10 [ 240.092587][T10328] __x64_sys_socket+0x72/0xb0 [ 240.092615][T10328] ? lockdep_hardirqs_on+0x7c/0x110 [ 240.092649][T10328] do_syscall_64+0xcd/0x490 [ 240.092688][T10328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.092713][T10328] RIP: 0033:0x7f965a58e929 [ 240.092734][T10328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.092758][T10328] RSP: 002b:00007f96583f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 240.092781][T10328] RAX: ffffffffffffffda RBX: 00007f965a7b5fa0 RCX: 00007f965a58e929 [ 240.092797][T10328] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d [ 240.092810][T10328] RBP: 00007f965a610b39 R08: 0000000000000000 R09: 0000000000000000 [ 240.092824][T10328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.092838][T10328] R13: 0000000000000000 R14: 00007f965a7b5fa0 R15: 00007ffcb3eac768 [ 240.092871][T10328] [ 241.615068][T10357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1920'. [ 241.651081][T10359] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1922'. [ 241.954055][T10364] cifs: Unknown parameter 'T.ŸмлцЈХМc[Ÿаъ€$тцЕШ)ќБUѓУ‘nEѓ-Ъ™ОlЎік-КŒ -О_€™ЏдхсЊ5Z фoхщЂmžаfwYЭhК*/џxDlнЉŠзэgеkЧAэГљЯ7Эии9’єXіa/fъ_џARЃˆ™‘ШxM ‚vЌ—pџБ$^;єиq‡3БЋЃnьЁЕ-6Љ+e„k„ОёЧ<Аkœcд)n.ќeMЭїNaЈtЎаSMЮЦ1,с%Рmі%1Кч^э0м†ъG)?p' [ 242.296022][T10367] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 243.571962][T10392] TCP: TCP_TX_DELAY enabled [ 249.340530][ T5886] Process accounting resumed [ 254.564184][T10660] input: jJЧИ-Жš9у%vј“ћЈlаQ  J86ж‘ as /devices/virtual/input/input11 [ 254.967754][T10671] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2053'. [ 255.825503][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.834375][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.625521][T10755] FAULT_INJECTION: forcing a failure. [ 257.625521][T10755] name failslab, interval 1, probability 0, space 0, times 0 [ 257.683012][T10755] CPU: 0 UID: 0 PID: 10755 Comm: syz.1.2091 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 257.683059][T10755] Tainted: [U]=USER [ 257.683067][T10755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 257.683082][T10755] Call Trace: [ 257.683091][T10755] [ 257.683102][T10755] dump_stack_lvl+0x16c/0x1f0 [ 257.683147][T10755] should_fail_ex+0x512/0x640 [ 257.683181][T10755] ? fs_reclaim_acquire+0xae/0x150 [ 257.683214][T10755] should_failslab+0xc2/0x120 [ 257.683241][T10755] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 257.683279][T10755] ? security_inode_alloc+0x3b/0x2b0 [ 257.683311][T10755] security_inode_alloc+0x3b/0x2b0 [ 257.683338][T10755] inode_init_always_gfp+0xce4/0x1030 [ 257.683376][T10755] alloc_inode+0x86/0x240 [ 257.683402][T10755] create_pipe_files+0x4c/0x930 [ 257.683442][T10755] do_pipe2+0xaf/0x1c0 [ 257.683476][T10755] ? __pfx_do_pipe2+0x10/0x10 [ 257.683511][T10755] ? xfd_validate_state+0x61/0x180 [ 257.683548][T10755] __x64_sys_pipe+0x33/0x50 [ 257.683580][T10755] do_syscall_64+0xcd/0x490 [ 257.683613][T10755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.683634][T10755] RIP: 0033:0x7faeb778e929 [ 257.683655][T10755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.683677][T10755] RSP: 002b:00007faeb8529038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 257.683702][T10755] RAX: ffffffffffffffda RBX: 00007faeb79b5fa0 RCX: 00007faeb778e929 [ 257.683720][T10755] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 257.683736][T10755] RBP: 00007faeb7810b39 R08: 0000000000000000 R09: 0000000000000000 [ 257.683752][T10755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.683767][T10755] R13: 0000000000000000 R14: 00007faeb79b5fa0 R15: 00007ffca2967978 [ 257.683802][T10755] [ 258.310385][T10761] program syz.3.2094 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 258.702902][T10782] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2102'. [ 259.296224][T10796] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2107'. [ 259.505227][T10800] netlink: 'syz.0.2109': attribute type 1 has an invalid length. [ 259.672173][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2113'. [ 259.681407][T10806] vlan1: entered allmulticast mode [ 259.686655][T10806] veth0_vlan: entered allmulticast mode [ 261.807192][T10865] netlink: 130 bytes leftover after parsing attributes in process `syz.3.2136'. [ 265.917486][T10991] qrtr: Invalid version 0 [ 266.567986][T11020] nbd: socks must be embedded in a SOCK_ITEM attr [ 266.611977][T11020] block nbd0: shutting down sockets [ 266.744289][ T30] audit: type=1800 audit(1750674497.918:14): pid=11030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2194" name="dbroot" dev="configfs" ino=23357 res=0 errno=0 [ 267.065494][T11024] db_root: cannot open: [ 267.065494][T11024] use_profile 0 [ 267.065494][T11024] [ 267.065494][T11024] file mkdir/chmod /dev/ 0755 [ 267.065494][T11024] file chown/chgrp /dev/ 0 [ 267.065494][T11024] file mkchar /dev/console 0600 5 1 [ 267.065494][T11024] file chown/chgrp /dev/console 0 [ 267.065494][T11024] file chmod /dev/console 0600 [ 267.065494][T11024] file mkdir/chmod /root/ 0700 [ 267.065494][T11024] file chown/chgrp /root/ 0 [ 267.065494][T11024] file read/write /dev/console [ 267.065494][T11024] file mkblock /dev/ram 0600 1 0 [ 267.065494][T11024] file read/write/unlink /dev/ram [ 267.065494][T11024] file mkblock /dev/root 0600 8 1 [ 267.065494][T11024] file mount /dev/root /root/ ext3 0x8001 [ 267.065494][T11024] file mount /dev/root /root/ ext2 0x8001 [ 267.065494][T11024] file mount /dev/root /root/ ext4 0x8001 [ 267.065494][T11024] file mount devtmpfs /root/dev/ devtmpfs 0x8000 [ 267.065494][T11024] file mount /root/ / --move 0x0 [ 267.065494][T11024] file chroot / [ 267.065494][T11024] file write proc:/sys/kernel/hung_task_all_cpu_backtrace [ 267.065494][T11024] file write proc:/sys/vm/nr_hugepages [ 267.065494][T11024] file write proc:/sys/vm/nr_overcommit_hugepages [ 267.065494][T11024] file write proc:/sys/net/core/netdev_unregister_timeout_secs [ 267.065494][T11024] file execute /sbin/init exec.realpath="/sbin/init" exec.argv[0]="/sbin/init" [ 267.065494][T11024] file execute /sbin/modprobe exec.realpath="/sbin/modprobe" exec.argv[0]="/sbin/modprobe" [ 267.065494][T11024] [ 267.065494][T11024] /sbin/init [ 267.065494][T11024] use_profile 0 [ 267.065494][T11024] [ 267.065494][T11024] misc env HOME [ 267.065494][T11024] misc env TERM [ 267.065494][T11024] misc [ 267.985081][T11057] relay: one or more items not logged [item size (56) > sub-buffer size (4)] [ 268.996429][T11097] netlink: 19 bytes leftover after parsing attributes in process `syz.0.2223'. [ 270.324594][T11136] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2237'. [ 271.503068][ T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.764027][ T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.182081][ T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.508406][ T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.738373][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 272.748210][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 272.757274][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 272.768234][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 272.776580][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 273.147735][ T36] veth0_to_bridge: left allmulticast mode [ 273.172067][ T36] veth0_to_bridge: left promiscuous mode [ 273.190121][ T36] bridge0: port 3(veth0_to_bridge) entered disabled state [ 273.292749][ T36] bridge_slave_1: left allmulticast mode [ 273.299900][ T36] bridge_slave_1: left promiscuous mode [ 273.336698][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.473881][ T36] bridge_slave_0: left allmulticast mode [ 273.490227][ T36] bridge_slave_0: left promiscuous mode [ 273.520437][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.864517][ T5834] Bluetooth: hci3: command tx timeout [ 275.168182][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 275.251005][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.273445][ T36] bond0 (unregistering): Released all slaves [ 276.356166][T11185] chnl_net:caif_netlink_parms(): no params data found [ 276.865161][ T36] hsr_slave_0: left promiscuous mode [ 276.924343][ T36] hsr_slave_1: left promiscuous mode [ 276.941340][ T5834] Bluetooth: hci3: command tx timeout [ 276.961135][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 276.961715][T11224] kexec: Could not allocate control_code_buffer [ 276.976353][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 277.051766][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 277.074004][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 277.148973][ T36] veth1_macvtap: left promiscuous mode [ 277.170353][ T36] veth0_macvtap: left promiscuous mode [ 277.176225][ T36] veth1_vlan: left promiscuous mode [ 277.200435][ T36] veth0_vlan: left promiscuous mode [ 278.635006][ T36] team0 (unregistering): Port device team_slave_1 removed [ 278.763508][ T36] team0 (unregistering): Port device team_slave_0 removed [ 279.020515][ T5834] Bluetooth: hci3: command tx timeout [ 279.566418][T11311] XFS: Clearing xfsstats [ 279.843302][T11185] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.850769][T11185] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.858023][T11185] bridge_slave_0: entered allmulticast mode [ 279.886500][T11185] bridge_slave_0: entered promiscuous mode [ 279.906414][T11185] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.940560][T11185] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.963949][T11185] bridge_slave_1: entered allmulticast mode [ 279.984011][T11185] bridge_slave_1: entered promiscuous mode [ 280.261138][T11185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 280.322065][T11185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 280.443774][T11336] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2302'. [ 280.499424][T11185] team0: Port device team_slave_0 added [ 280.536720][T11185] team0: Port device team_slave_1 added [ 280.757493][T11185] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 280.773319][T11185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 280.810869][T11185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 280.850827][T11185] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 280.858371][T11185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 280.983835][T11185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 281.101189][ T5834] Bluetooth: hci3: command tx timeout [ 281.292759][T11185] hsr_slave_0: entered promiscuous mode [ 281.299609][T11185] hsr_slave_1: entered promiscuous mode [ 281.331069][T11185] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 281.354777][T11185] Cannot create hsr debugfs directory [ 283.163524][T11185] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 283.191972][T11185] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 283.224977][T11185] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 283.261496][T11185] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 283.577126][T11185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 283.638707][T11185] 8021q: adding VLAN 0 to HW filter on device team0 [ 283.683245][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.690578][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.849492][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.856728][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 284.116837][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.273552][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.422350][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.668265][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.837455][T11185] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 285.114326][T11185] veth0_vlan: entered promiscuous mode [ 285.139699][ T12] bridge_slave_1: left allmulticast mode [ 285.150557][ T12] bridge_slave_1: left promiscuous mode [ 285.182275][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.222588][ T12] bridge_slave_0: left allmulticast mode [ 285.228589][ T12] bridge_slave_0: left promiscuous mode [ 285.261574][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.326872][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 285.341139][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 285.354174][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 285.363522][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 285.371815][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 287.091891][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 287.184787][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 287.227950][ T12] bond0 (unregistering): Released all slaves [ 287.308040][T11185] veth1_vlan: entered promiscuous mode [ 287.424011][ T12] ovs_џў: left promiscuous mode [ 287.501093][ T5842] Bluetooth: hci1: command tx timeout [ 287.652766][ T12] ovs_: left promiscuous mode [ 287.717453][T11185] veth0_macvtap: entered promiscuous mode [ 287.783517][T11185] veth1_macvtap: entered promiscuous mode [ 287.874182][T11185] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 288.083469][T11185] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 288.152778][T11185] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.180234][T11185] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.189094][T11185] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.216193][T11185] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.758037][ T12] hsr_slave_0: left promiscuous mode [ 288.787385][ T12] hsr_slave_1: left promiscuous mode [ 288.805458][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 288.832329][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 288.863524][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 288.873530][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 288.933218][ T12] veth1_macvtap: left promiscuous mode [ 288.933323][ T12] veth0_macvtap: left promiscuous mode [ 288.933514][ T12] veth1_vlan: left promiscuous mode [ 288.933638][ T12] veth0_vlan: left promiscuous mode [ 289.580478][ T5842] Bluetooth: hci1: command tx timeout [ 290.373845][ T12] team0 (unregistering): Port device team_slave_1 removed [ 290.426375][ T12] team0 (unregistering): Port device team_slave_0 removed [ 291.355630][T11471] chnl_net:caif_netlink_parms(): no params data found [ 291.580738][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.589393][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.663262][ T5842] Bluetooth: hci1: command tx timeout [ 291.911669][T11471] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.919291][T11471] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.927803][ T4184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.953228][ T4184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.975205][T11471] bridge_slave_0: entered allmulticast mode [ 291.998541][T11471] bridge_slave_0: entered promiscuous mode [ 292.031223][T11471] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.038879][T11471] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.097061][T11471] bridge_slave_1: entered allmulticast mode [ 292.136600][T11471] bridge_slave_1: entered promiscuous mode [ 292.324645][T11471] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 292.374004][T11471] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.719879][T11471] team0: Port device team_slave_0 added [ 292.745661][T11471] team0: Port device team_slave_1 added [ 292.805735][T11471] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.822383][T11471] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.878262][T11471] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.895769][T11471] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.903147][T11471] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.929556][T11471] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.997159][T11471] hsr_slave_0: entered promiscuous mode [ 293.005530][T11471] hsr_slave_1: entered promiscuous mode [ 293.017555][T11471] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.028662][T11471] Cannot create hsr debugfs directory [ 293.386351][T11664] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2374'. [ 293.746697][ T5842] Bluetooth: hci1: command tx timeout [ 293.825399][T11471] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 293.854852][T11471] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 293.886962][T11471] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 293.922290][T11471] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 294.308029][T11471] 8021q: adding VLAN 0 to HW filter on device bond0 [ 294.397896][T11471] 8021q: adding VLAN 0 to HW filter on device team0 [ 294.437731][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.445106][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 294.528310][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.536020][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 295.172326][T11471] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 295.347723][T11735] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2394'. [ 295.365639][T11471] veth0_vlan: entered promiscuous mode [ 295.418232][T11471] veth1_vlan: entered promiscuous mode [ 295.519523][T11471] veth0_macvtap: entered promiscuous mode [ 295.564568][T11471] veth1_macvtap: entered promiscuous mode [ 295.654960][T11471] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 295.722761][T11471] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 295.764092][T11471] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.785445][T11471] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.811358][T11471] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.821765][T11471] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.037267][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.055404][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.127184][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.148351][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.415690][T11813] FAULT_INJECTION: forcing a failure. [ 298.415690][T11813] name failslab, interval 1, probability 0, space 0, times 0 [ 298.458207][T11813] CPU: 1 UID: 0 PID: 11813 Comm: syz.3.2419 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 298.458246][T11813] Tainted: [U]=USER [ 298.458254][T11813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 298.458267][T11813] Call Trace: [ 298.458274][T11813] [ 298.458283][T11813] dump_stack_lvl+0x16c/0x1f0 [ 298.458326][T11813] should_fail_ex+0x512/0x640 [ 298.458357][T11813] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 298.458393][T11813] should_failslab+0xc2/0x120 [ 298.458413][T11813] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 298.458446][T11813] ? __pfx_map_id_range_down+0x10/0x10 [ 298.458480][T11813] ? prepare_creds+0x2c/0x7d0 [ 298.458518][T11813] prepare_creds+0x2c/0x7d0 [ 298.458554][T11813] __sys_setfsuid+0xda/0x350 [ 298.458577][T11813] ? rcu_is_watching+0x12/0xc0 [ 298.458605][T11813] do_syscall_64+0xcd/0x490 [ 298.458645][T11813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.458670][T11813] RIP: 0033:0x7f503678e929 [ 298.458691][T11813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.458715][T11813] RSP: 002b:00007f503767d038 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 298.458739][T11813] RAX: ffffffffffffffda RBX: 00007f50369b5fa0 RCX: 00007f503678e929 [ 298.458756][T11813] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00 [ 298.458771][T11813] RBP: 00007f5036810b39 R08: 0000000000000000 R09: 0000000000000000 [ 298.458786][T11813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.458801][T11813] R13: 0000000000000000 R14: 00007f50369b5fa0 R15: 00007ffddbe48cb8 [ 298.458858][T11813] [ 299.057246][T11834] relay: one or more items not logged [item size (56) > sub-buffer size (4)] [ 299.094858][T11837] phram: too many arguments [ 300.686163][ T30] audit: type=1800 audit(4294967322.550:15): pid=11895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2453" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 301.764001][ T30] audit: type=1800 audit(4294967323.630:16): pid=11920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2463" name="dynamic_events" dev="tracefs" ino=1073 res=0 errno=0 [ 302.653526][T11947] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2474'. [ 303.242418][T11970] sctp: [Deprecated]: syz.2.2482 (pid 11970) Use of int in maxseg socket option. [ 303.242418][T11970] Use struct sctp_assoc_value instead [ 305.049985][T12026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2506'. [ 305.090576][T12026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2506'. [ 306.120215][T11358] ------------[ cut here ]------------ [ 306.125772][T11358] ODEBUG: free active (active state 0) object: ffff888034b212d8 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 306.161935][T11358] WARNING: CPU: 0 PID: 11358 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 306.172400][T11358] Modules linked in: [ 306.176350][T11358] CPU: 0 UID: 0 PID: 11358 Comm: syz.1.2306 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 306.188782][T11358] Tainted: [U]=USER [ 306.193181][T11358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 306.203758][T11358] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 306.209617][T11358] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 00 75 15 8c 4c 89 e6 48 c7 c7 80 69 15 8c e8 ff 8a 9c fc 90 <0f> 0b 90 90 58 83 05 16 49 ca 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 306.230365][T11358] RSP: 0018:ffffc9000424f768 EFLAGS: 00010286 [ 306.236567][T11358] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1a8 [ 306.245150][T11358] RDX: ffff888026dfbc00 RSI: ffffffff817aa1b5 RDI: 0000000000000001 [ 306.253498][T11358] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 306.261647][T11358] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157020 [ 306.270002][T11358] R13: ffffffff8bafe800 R14: ffffffff8a87a800 R15: ffffc9000424f868 [ 306.278507][T11358] FS: 0000000000000000(0000) GS:ffff88812475f000(0000) knlGS:0000000000000000 [ 306.288020][T11358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 306.295856][T11358] CR2: 0000001b2fa1aff8 CR3: 000000003afb6000 CR4: 00000000003526f0 [ 306.304394][T11358] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 306.312549][T11358] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 306.320605][T11358] Call Trace: [ 306.324043][T11358] [ 306.327006][T11358] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 306.333192][T11358] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 306.339400][T11358] debug_check_no_obj_freed+0x4b7/0x600 [ 306.345288][T11358] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 306.351451][T11358] ? rcu_is_watching+0x12/0xc0 [ 306.356384][T11358] ? kmem_cache_free+0x2d1/0x4d0 [ 306.361452][T11358] kfree+0x28f/0x4d0 [ 306.365656][T11358] ? hci_release_dev+0x4d8/0x600 [ 306.370804][T11358] hci_release_dev+0x4d8/0x600 [ 306.375888][T11358] ? __pfx_hci_release_dev+0x10/0x10 [ 306.381904][T11358] ? rcu_is_watching+0x12/0xc0 [ 306.386718][T11358] ? kfree+0x24f/0x4d0 [ 306.391473][T11358] bt_host_release+0x6a/0xb0 [ 306.396530][T11358] ? __pfx_bt_host_release+0x10/0x10 [ 306.402285][T11358] device_release+0xa1/0x240 [ 306.407027][T11358] kobject_put+0x1e7/0x5a0 [ 306.411656][T11358] ? __pfx_vhci_release+0x10/0x10 [ 306.416743][T11358] put_device+0x1f/0x30 [ 306.421109][T11358] vhci_release+0x81/0xf0 [ 306.425487][T11358] __fput+0x3ff/0xb70 [ 306.429512][T11358] task_work_run+0x14d/0x240 [ 306.434323][T11358] ? __pfx_task_work_run+0x10/0x10 [ 306.439505][T11358] do_exit+0x86c/0x2bd0 [ 306.443777][T11358] ? __pfx_do_exit+0x10/0x10 [ 306.448406][T11358] ? do_raw_spin_lock+0x12c/0x2b0 [ 306.453764][T11358] ? find_held_lock+0x2b/0x80 [ 306.458491][T11358] do_group_exit+0xd3/0x2a0 [ 306.463349][T11358] get_signal+0x2673/0x26d0 [ 306.468024][T11358] ? perf_trace_btrfs__inode+0xe4/0x800 [ 306.473818][T11358] ? __pfx_get_signal+0x10/0x10 [ 306.480425][T11358] ? do_futex+0x122/0x350 [ 306.484818][T11358] ? __pfx_do_futex+0x10/0x10 [ 306.489533][T11358] arch_do_signal_or_restart+0x8f/0x790 [ 306.495719][T11358] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 306.502491][T11358] exit_to_user_mode_loop+0x84/0x110 [ 306.507830][T11358] do_syscall_64+0x3f6/0x490 [ 306.512948][T11358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.518976][T11358] RIP: 0033:0x7faeb778e929 [ 306.523761][T11358] Code: Unable to access opcode bytes at 0x7faeb778e8ff. [ 306.530890][T11358] RSP: 002b:00007faeb85290e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 306.539709][T11358] RAX: fffffffffffffe00 RBX: 00007faeb79b5fa8 RCX: 00007faeb778e929 [ 306.547819][T11358] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faeb79b5fa8 [ 306.556244][T11358] RBP: 00007faeb79b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 306.564803][T11358] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faeb79b5fac [ 306.573396][T11358] R13: 0000000000000000 R14: 00007ffca2967890 R15: 00007ffca2967978 [ 306.582554][T11358] [ 306.587031][T11358] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 306.594867][T11358] CPU: 0 UID: 0 PID: 11358 Comm: syz.1.2306 Tainted: G U 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 306.607052][T11358] Tainted: [U]=USER [ 306.610974][T11358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 306.621848][T11358] Call Trace: [ 306.625837][T11358] [ 306.628820][T11358] dump_stack_lvl+0x3d/0x1f0 [ 306.634138][T11358] panic+0x71c/0x800 [ 306.639236][T11358] ? __pfx_panic+0x10/0x10 [ 306.643902][T11358] ? show_trace_log_lvl+0x29b/0x3e0 [ 306.649414][T11358] ? check_panic_on_warn+0x1f/0xb0 [ 306.654732][T11358] ? debug_print_object+0x1a2/0x2b0 [ 306.659943][T11358] check_panic_on_warn+0xab/0xb0 [ 306.665002][T11358] __warn+0xf6/0x3c0 [ 306.668933][T11358] ? debug_print_object+0x1a2/0x2b0 [ 306.674415][T11358] report_bug+0x3c3/0x580 [ 306.678953][T11358] ? debug_print_object+0x1a2/0x2b0 [ 306.684159][T11358] handle_bug+0x184/0x210 [ 306.689192][T11358] exc_invalid_op+0x17/0x50 [ 306.693722][T11358] asm_exc_invalid_op+0x1a/0x20 [ 306.698671][T11358] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 306.704596][T11358] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 00 75 15 8c 4c 89 e6 48 c7 c7 80 69 15 8c e8 ff 8a 9c fc 90 <0f> 0b 90 90 58 83 05 16 49 ca 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 306.725193][T11358] RSP: 0018:ffffc9000424f768 EFLAGS: 00010286 [ 306.731740][T11358] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1a8 [ 306.741351][T11358] RDX: ffff888026dfbc00 RSI: ffffffff817aa1b5 RDI: 0000000000000001 [ 306.750228][T11358] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 306.758380][T11358] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157020 [ 306.766768][T11358] R13: ffffffff8bafe800 R14: ffffffff8a87a800 R15: ffffc9000424f868 [ 306.774753][T11358] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 306.780256][T11358] ? __warn_printk+0x198/0x350 [ 306.785043][T11358] ? __warn_printk+0x1a5/0x350 [ 306.789860][T11358] ? debug_print_object+0x1a1/0x2b0 [ 306.795241][T11358] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 306.800720][T11358] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 306.806545][T11358] debug_check_no_obj_freed+0x4b7/0x600 [ 306.812140][T11358] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 306.818217][T11358] ? rcu_is_watching+0x12/0xc0 [ 306.823191][T11358] ? kmem_cache_free+0x2d1/0x4d0 [ 306.828190][T11358] kfree+0x28f/0x4d0 [ 306.832306][T11358] ? hci_release_dev+0x4d8/0x600 [ 306.837359][T11358] hci_release_dev+0x4d8/0x600 [ 306.842167][T11358] ? __pfx_hci_release_dev+0x10/0x10 [ 306.847554][T11358] ? rcu_is_watching+0x12/0xc0 [ 306.852324][T11358] ? kfree+0x24f/0x4d0 [ 306.856661][T11358] bt_host_release+0x6a/0xb0 [ 306.861279][T11358] ? __pfx_bt_host_release+0x10/0x10 [ 306.866897][T11358] device_release+0xa1/0x240 [ 306.871532][T11358] kobject_put+0x1e7/0x5a0 [ 306.876569][T11358] ? __pfx_vhci_release+0x10/0x10 [ 306.882236][T11358] put_device+0x1f/0x30 [ 306.886770][T11358] vhci_release+0x81/0xf0 [ 306.891588][T11358] __fput+0x3ff/0xb70 [ 306.895878][T11358] task_work_run+0x14d/0x240 [ 306.901059][T11358] ? __pfx_task_work_run+0x10/0x10 [ 306.907825][T11358] do_exit+0x86c/0x2bd0 [ 306.913078][T11358] ? __pfx_do_exit+0x10/0x10 [ 306.917968][T11358] ? do_raw_spin_lock+0x12c/0x2b0 [ 306.924117][T11358] ? find_held_lock+0x2b/0x80 [ 306.929477][T11358] do_group_exit+0xd3/0x2a0 [ 306.934137][T11358] get_signal+0x2673/0x26d0 [ 306.938933][T11358] ? perf_trace_btrfs__inode+0xe4/0x800 [ 306.944591][T11358] ? __pfx_get_signal+0x10/0x10 [ 306.949455][T11358] ? do_futex+0x122/0x350 [ 306.953817][T11358] ? __pfx_do_futex+0x10/0x10 [ 306.958540][T11358] arch_do_signal_or_restart+0x8f/0x790 [ 306.964290][T11358] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 306.970652][T11358] exit_to_user_mode_loop+0x84/0x110 [ 306.976048][T11358] do_syscall_64+0x3f6/0x490 [ 306.980834][T11358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.986743][T11358] RIP: 0033:0x7faeb778e929 [ 306.991170][T11358] Code: Unable to access opcode bytes at 0x7faeb778e8ff. [ 306.998209][T11358] RSP: 002b:00007faeb85290e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 307.007145][T11358] RAX: fffffffffffffe00 RBX: 00007faeb79b5fa8 RCX: 00007faeb778e929 [ 307.015235][T11358] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faeb79b5fa8 [ 307.023658][T11358] RBP: 00007faeb79b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 307.031660][T11358] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faeb79b5fac [ 307.039742][T11358] R13: 0000000000000000 R14: 00007ffca2967890 R15: 00007ffca2967978 [ 307.048704][T11358] [ 307.052521][T11358] Kernel Offset: disabled [ 307.057156][T11358] Rebooting in 86400 seconds..