last executing test programs: 4.077213885s ago: executing program 3 (id=621): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1000, 0x400000, 0x4) io_uring_setup$auto(0x40000002c55, 0x0) write$auto(0x3, 0x0, 0x3f00) 3.376349174s ago: executing program 3 (id=629): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, &(0x7f0000000140), 0x8, 0x80000000}, 0x5}, 0x3b8b, 0x800) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmsg$auto(0x4, 0x0, 0x33c) 3.170277566s ago: executing program 3 (id=634): openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) settimeofday$auto(&(0x7f0000000180)={0x100000001, 0x1}, 0x0) 2.572766728s ago: executing program 2 (id=641): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x20, 0x0, 0x0) 2.439950707s ago: executing program 2 (id=644): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 1.938448685s ago: executing program 1 (id=647): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x48a01, 0x0) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0) ioperm$auto(0x7, 0x6, 0x2) sendfile$auto(r0, r0, 0x0, 0x7fff) 1.938346731s ago: executing program 2 (id=648): mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty49\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b49, 0x9) 1.816189974s ago: executing program 0 (id=649): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x84) listen$auto(0x3, 0x81) ioctl$auto(0x3, 0x9, 0xfffffffffffff4e0) 1.589803439s ago: executing program 3 (id=650): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x24, r0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140000e4) 1.417547748s ago: executing program 3 (id=651): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbb9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0xfe}]}, 0x24}, 0x1, 0x0, 0x0, 0x44010}, 0x20) 1.327497281s ago: executing program 0 (id=652): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000200), 0x202, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) pwrite64$auto(r0, 0x0, 0x80, 0x800) 1.20837497s ago: executing program 1 (id=653): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) r1 = dup$auto(r0) write$auto_lowpan_enable_fops_(r1, &(0x7f0000000080)="d0263b6845bdcff05e826b663fde481e1f00b90104f596d2", 0x18) 1.170671224s ago: executing program 2 (id=654): bpf$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) sendto$auto(r0, 0x0, 0xb, 0xc, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xe0000000}, 0x1c) 1.063820447s ago: executing program 3 (id=656): openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) munmap$auto(0x80000000, 0x7) 1.05939255s ago: executing program 0 (id=657): mmap$auto(0x0, 0x2020009, 0x80000000000003, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r0, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r0, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0) 842.261204ms ago: executing program 1 (id=658): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xb0, @raw=0xfffff020}}) 809.534593ms ago: executing program 2 (id=659): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) timerfd_create$auto(0x9, 0x0) semctl$auto(0x201, 0x2, 0x13, 0x4) ioctl$auto(0x3, 0x40085400, 0x5) read$auto(0x3, 0x0, 0x80) 709.191201ms ago: executing program 0 (id=660): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x100) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) getsockopt$auto(r0, 0x0, 0x42, 0x0, 0x0) 559.283504ms ago: executing program 0 (id=661): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x40040c0) clone3$auto(&(0x7f0000000140)={0x800001, 0x4, 0x7d, 0x6, 0x7942, 0x6, 0x80, 0x3, 0xa, 0x7ffd, 0xc88}, 0xfffffffffffffffb) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) 531.53501ms ago: executing program 1 (id=662): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) 359.977883ms ago: executing program 1 (id=663): close_range$auto(0x2, 0x8, 0x0) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) read$auto(0x3, 0x0, 0x80) 84.974152ms ago: executing program 1 (id=664): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) clone$auto(0xfffffffe22000, 0x2, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x800fffffffc) 47.809513ms ago: executing program 0 (id=665): r0 = socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x8941, 0x4) 0s ago: executing program 2 (id=666): r0 = socket(0x1e, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x0, 0x2}}, 0x66) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)={0x20, r2, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid=0xee00}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.65' (ED25519) to the list of known hosts. [ 89.325516][ T5827] cgroup: Unknown subsys name 'net' [ 89.442499][ T5827] cgroup: Unknown subsys name 'cpuset' [ 89.452225][ T5827] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 91.209498][ T5827] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 93.274070][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.282663][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.291527][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.299916][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.308402][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.407290][ T5152] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.415930][ T5152] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.429067][ T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.436705][ T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.446285][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.456687][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.466747][ T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.476036][ T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.484248][ T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.515082][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.524659][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.539505][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.555783][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.567865][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.575709][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.088453][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 94.252498][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 94.263871][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 94.313199][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 94.410463][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.419091][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.426519][ T5837] bridge_slave_0: entered allmulticast mode [ 94.434382][ T5837] bridge_slave_0: entered promiscuous mode [ 94.486053][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.493333][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.501321][ T5837] bridge_slave_1: entered allmulticast mode [ 94.509274][ T5837] bridge_slave_1: entered promiscuous mode [ 94.669589][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.682776][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.692437][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.700684][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.708890][ T5844] bridge_slave_0: entered allmulticast mode [ 94.716402][ T5844] bridge_slave_0: entered promiscuous mode [ 94.724465][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.732739][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.740302][ T5842] bridge_slave_0: entered allmulticast mode [ 94.748436][ T5842] bridge_slave_0: entered promiscuous mode [ 94.755937][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.763154][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.770800][ T5848] bridge_slave_0: entered allmulticast mode [ 94.778508][ T5848] bridge_slave_0: entered promiscuous mode [ 94.802810][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.810429][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.817800][ T5844] bridge_slave_1: entered allmulticast mode [ 94.825169][ T5844] bridge_slave_1: entered promiscuous mode [ 94.832384][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.839953][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.847592][ T5842] bridge_slave_1: entered allmulticast mode [ 94.855032][ T5842] bridge_slave_1: entered promiscuous mode [ 94.878674][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.885868][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.894008][ T5848] bridge_slave_1: entered allmulticast mode [ 94.901482][ T5848] bridge_slave_1: entered promiscuous mode [ 94.986472][ T5837] team0: Port device team_slave_0 added [ 95.011486][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.026658][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.043293][ T5837] team0: Port device team_slave_1 added [ 95.066729][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.078851][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.104896][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.129223][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.166534][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.173956][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.200889][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.230866][ T5842] team0: Port device team_slave_0 added [ 95.250961][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.260278][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.286721][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.326250][ T5842] team0: Port device team_slave_1 added [ 95.338274][ T5848] team0: Port device team_slave_0 added [ 95.347377][ T5848] team0: Port device team_slave_1 added [ 95.372461][ T5844] team0: Port device team_slave_0 added [ 95.378918][ T5846] Bluetooth: hci0: command tx timeout [ 95.432186][ T5844] team0: Port device team_slave_1 added [ 95.454039][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.461073][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.487539][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.499886][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.508409][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.534778][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.546327][ T5846] Bluetooth: hci1: command tx timeout [ 95.579510][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.586549][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.612548][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.623226][ T5152] Bluetooth: hci2: command tx timeout [ 95.632383][ T5846] Bluetooth: hci3: command tx timeout [ 95.634206][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.644969][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.671513][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.700121][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.707364][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.733652][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.751465][ T5837] hsr_slave_0: entered promiscuous mode [ 95.758589][ T5837] hsr_slave_1: entered promiscuous mode [ 95.774294][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.781329][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.807349][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.955529][ T5848] hsr_slave_0: entered promiscuous mode [ 95.962764][ T5848] hsr_slave_1: entered promiscuous mode [ 95.969674][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.977781][ T5848] Cannot create hsr debugfs directory [ 95.988558][ T5844] hsr_slave_0: entered promiscuous mode [ 95.995014][ T5844] hsr_slave_1: entered promiscuous mode [ 96.001963][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.009623][ T5844] Cannot create hsr debugfs directory [ 96.024070][ T5842] hsr_slave_0: entered promiscuous mode [ 96.030530][ T5842] hsr_slave_1: entered promiscuous mode [ 96.036653][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.044455][ T5842] Cannot create hsr debugfs directory [ 96.549146][ T5837] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 96.570166][ T5837] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 96.594205][ T5837] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 96.615920][ T5837] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 96.677032][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 96.716052][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 96.726570][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 96.746259][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 96.803888][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 96.831497][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 96.850548][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 96.884955][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 96.963815][ T5844] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 96.975910][ T5844] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 96.998276][ T5844] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.016662][ T5844] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.125656][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.188345][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.209846][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.234201][ T47] cfg80211: failed to load regulatory.db [ 97.265433][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.272742][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.284228][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.292350][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.318488][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.335152][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.342375][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.399989][ T1162] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.407192][ T1162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.434573][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.468358][ T5846] Bluetooth: hci0: command tx timeout [ 97.519515][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.547448][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.595328][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.602565][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.618926][ T5846] Bluetooth: hci1: command tx timeout [ 97.652135][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.659355][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.703092][ T5846] Bluetooth: hci3: command tx timeout [ 97.703290][ T5152] Bluetooth: hci2: command tx timeout [ 97.713336][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.771047][ T3472] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.778294][ T3472] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.812663][ T3472] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.819950][ T3472] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.043057][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.179236][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.228653][ T5837] veth0_vlan: entered promiscuous mode [ 98.302572][ T5837] veth1_vlan: entered promiscuous mode [ 98.394916][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.431714][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.450053][ T5842] veth0_vlan: entered promiscuous mode [ 98.472459][ T5837] veth0_macvtap: entered promiscuous mode [ 98.493061][ T5837] veth1_macvtap: entered promiscuous mode [ 98.504225][ T5842] veth1_vlan: entered promiscuous mode [ 98.555281][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.600734][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.633479][ T5837] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.644047][ T5837] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.653651][ T5837] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.663589][ T5837] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.674750][ T5844] veth0_vlan: entered promiscuous mode [ 98.694807][ T5848] veth0_vlan: entered promiscuous mode [ 98.719183][ T5842] veth0_macvtap: entered promiscuous mode [ 98.726700][ T5844] veth1_vlan: entered promiscuous mode [ 98.745925][ T5848] veth1_vlan: entered promiscuous mode [ 98.770110][ T5842] veth1_macvtap: entered promiscuous mode [ 98.834452][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.850966][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.864903][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.906481][ T5844] veth0_macvtap: entered promiscuous mode [ 98.930757][ T5844] veth1_macvtap: entered promiscuous mode [ 98.972188][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.983368][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.997648][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.023772][ T5848] veth0_macvtap: entered promiscuous mode [ 99.042929][ T5842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.054008][ T5842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.065903][ T5842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.076602][ T5842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.090624][ T3475] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.100234][ T3475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.111712][ T5848] veth1_macvtap: entered promiscuous mode [ 99.168232][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.179269][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.191121][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.201739][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.213404][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.230141][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.240866][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.253709][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.264547][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.276083][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.312281][ T1162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.335393][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.340107][ T1162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.346559][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.367681][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.382585][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.394448][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.405571][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.418447][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.437777][ T5844] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.446554][ T5844] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.456312][ T5844] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.468151][ T5844] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.482310][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.496168][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.506750][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.517440][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.527433][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.539335][ T5152] Bluetooth: hci0: command tx timeout [ 99.540390][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.561464][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.579559][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.595931][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.605628][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.615136][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.653017][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.699850][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.709441][ T5152] Bluetooth: hci1: command tx timeout [ 99.732843][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.777209][ T5846] Bluetooth: hci2: command tx timeout [ 99.782748][ T5152] Bluetooth: hci3: command tx timeout [ 99.858618][ T3475] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.871350][ T3475] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.032050][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.047449][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.150797][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.182597][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.206215][ T1906] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.219038][ T1906] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.328891][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.367857][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.339232][ T5935] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.617287][ T5152] Bluetooth: hci0: command tx timeout [ 101.788326][ T5152] Bluetooth: hci1: command tx timeout [ 101.867590][ T5152] Bluetooth: hci3: command tx timeout [ 101.873102][ T5152] Bluetooth: hci2: command tx timeout [ 103.542801][ T5997] netlink: 'syz.0.41': attribute type 3 has an invalid length. [ 104.919303][ T6036] Zero length message leads to an empty skb [ 105.682925][ T30] audit: type=1800 audit(1745486581.511:2): pid=6059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.69" name="lu_gp_id" dev="configfs" ino=7000 res=0 errno=0 [ 105.711357][ T6059] ALUA LU Group already has a valid ID, ignoring request [ 106.305027][ T6073] kafs: addr_prefs: Invalid Command [ 107.281802][ T5152] Bluetooth: hci3: Malformed HCI Event: 0x22 [ 108.807364][ T6147] netlink: 19 bytes leftover after parsing attributes in process `syz.0.107'. [ 109.355604][ T6166] Device name cannot be null; rc = [-22] [ 110.373197][ T6197] netlink: 350 bytes leftover after parsing attributes in process `syz.0.128'. [ 110.770384][ T6213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.133'. [ 111.872556][ T6249] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 112.637050][ T6270] netlink: 'syz.1.150': attribute type 5 has an invalid length. [ 113.265852][ T6282] zswap: compressor not available [ 113.272434][ T6285] Setting dangerous option i915.mitigations - tainting kernel [ 117.534745][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.193'. [ 117.583589][ T6379] netlink: 'syz.1.192': attribute type 11 has an invalid length. [ 118.609486][ T6402] sock: sock_set_timeout: `syz.1.203' (pid 6402) tries to set negative timeout [ 119.468009][ T6418] netlink: 'syz.3.211': attribute type 1 has an invalid length. [ 120.824155][ T6443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.221'. [ 121.035393][ T6443] team0: Port device team_slave_0 removed [ 125.675237][ T6493] kexec: Could not allocate control_code_buffer [ 126.448428][ T6530] random: crng reseeded on system resumption [ 126.743756][ T6538] netlink: 28 bytes leftover after parsing attributes in process `syz.0.257'. [ 128.417880][ T6565] netlink: 186 bytes leftover after parsing attributes in process `syz.2.268'. [ 128.942522][ T6569] netlink: 342 bytes leftover after parsing attributes in process `syz.1.271'. [ 129.911390][ T6589] netlink: 4 bytes leftover after parsing attributes in process `syz.2.279'. [ 129.963295][ T6591] netlink: 4 bytes leftover after parsing attributes in process `syz.2.279'. [ 130.021732][ T6592] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 130.065291][ T6594] syz.1.281 uses obsolete (PF_INET,SOCK_PACKET) [ 136.226908][ T6720] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 137.671229][ T6757] netlink: 294 bytes leftover after parsing attributes in process `syz.2.349'. [ 138.189173][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.195754][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.829769][ T6785] Device name cannot be null; rc = [-22] [ 139.065719][ T6795] netlink: 4 bytes leftover after parsing attributes in process `syz.2.365'. [ 141.198431][ T6862] netlink: 'syz.1.393': attribute type 2 has an invalid length. [ 143.744064][ T6945] netlink: 28 bytes leftover after parsing attributes in process `syz.2.424'. [ 143.863559][ T6945] caif0: entered promiscuous mode [ 144.363058][ T6948] process 'syz.0.425' launched '/dev/fd/3' with NULL argv: empty string added [ 145.194597][ T6987] netlink: 342 bytes leftover after parsing attributes in process `syz.3.434'. [ 145.588807][ T6981] Invalid ELF header magic: != ELF [ 147.218627][ T5152] Bluetooth: hci0: unexpected event 0x04 length: 459 > 10 [ 147.218820][ T5152] Bluetooth: hci0: connection err: -111 [ 148.637230][ T7085] netlink: 19 bytes leftover after parsing attributes in process `syz.2.469'. [ 148.858048][ T7090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.471'. [ 152.256387][ T5152] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 152.626966][ T7165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.503'. [ 152.938319][ T7173] nbd: socks must be embedded in a SOCK_ITEM attr [ 152.965476][ T7173] block nbd0: shutting down sockets [ 154.513892][ T7193] TCP: TCP_TX_DELAY enabled [ 155.737617][ T7226] netlink: 342 bytes leftover after parsing attributes in process `syz.2.528'. [ 155.758364][ T7226] netlink: 342 bytes leftover after parsing attributes in process `syz.2.528'. [ 158.864516][ T7302] lo: entered allmulticast mode [ 158.927354][ T7301] lo: left allmulticast mode [ 160.149044][ T7338] netlink: 342 bytes leftover after parsing attributes in process `syz.3.571'. [ 160.534346][ T7352] netlink: 'syz.0.576': attribute type 9 has an invalid length. [ 161.048380][ T7367] netlink: 4 bytes leftover after parsing attributes in process `syz.0.584'. [ 162.780311][ T7376] kexec: Could not allocate control_code_buffer [ 163.488324][ T7413] mmap: syz.1.604 (7413) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 163.585684][ T7417] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 163.619200][ T7417] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 164.393096][ T7418] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 164.411238][ T7417] syz.3.605 (7417) used greatest stack depth: 21384 bytes left [ 164.457123][ T7418] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 164.509914][ T7418] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 164.524581][ T7418] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 164.547579][ T7418] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 164.578753][ T7418] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 164.628950][ T7418] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 164.652461][ T7418] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 164.707257][ T7418] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 164.745667][ T7418] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 164.762111][ T7418] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 164.784588][ T7418] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 165.341968][ T7457] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in; [ 165.341968][ T7457] program syz.3.621 not setting count and/or reply_len properly [ 165.390487][ T7463] nbd: socks must be embedded in a SOCK_ITEM attr [ 165.419848][ T7463] block nbd0: shutting down sockets [ 165.631019][ T7472] netlink: 346 bytes leftover after parsing attributes in process `syz.2.628'. [ 165.783306][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 166.407918][ T7498] qrtr: Invalid version 0 [ 166.577696][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 166.656969][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 166.827030][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 167.840421][ T7537] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 167.860131][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 168.657414][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.737045][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.896904][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 169.937750][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.737304][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 170.818434][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.976927][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 199.622535][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.629005][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.063007][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.069506][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 314.179882][ T31] INFO: task syz-executor:5827 blocked for more than 143 seconds. [ 314.187915][ T31] Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 [ 314.197348][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 314.206829][ T31] task:syz-executor state:D stack:21368 pid:5827 tgid:5827 ppid:5825 task_flags:0x440100 flags:0x00000002 [ 314.219041][ T31] Call Trace: [ 314.222382][ T31] [ 314.225446][ T31] __schedule+0x116f/0x5de0 [ 314.230179][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 314.235198][ T31] ? __pfx___schedule+0x10/0x10 [ 314.244582][ T31] ? find_held_lock+0x2b/0x80 [ 314.249415][ T31] ? schedule+0x2d7/0x3a0 [ 314.253825][ T31] schedule+0xe7/0x3a0 [ 314.261885][ T31] io_schedule+0xbf/0x130 [ 314.266378][ T31] bit_wait_io+0x15/0xe0 [ 314.271848][ T31] __wait_on_bit+0x62/0x180 [ 314.276410][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 314.284728][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 314.291318][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 314.300654][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 314.306193][ T31] do_get_write_access+0x93d/0x12a0 [ 314.313498][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 314.322881][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 314.329061][ T31] ext4_reserve_inode_write+0x1be/0x320 [ 314.334665][ T31] __ext4_mark_inode_dirty+0x197/0x870 [ 314.340477][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 314.345911][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 314.353151][ T31] ? rcu_is_watching+0x12/0xc0 [ 314.358280][ T31] ? trace_jbd2_handle_start+0x1a8/0x230 [ 314.364215][ T31] ? jbd2__journal_start+0xf6/0x6a0 [ 314.372379][ T31] ? __ext4_journal_start_sb+0x195/0x690 [ 314.378358][ T31] ? __ext4_journal_start_sb+0x19e/0x690 [ 314.384064][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 314.392108][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 314.398642][ T31] ext4_dirty_inode+0xd9/0x130 [ 314.403469][ T31] ? rcu_is_watching+0x12/0xc0 [ 314.413629][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 314.419130][ T31] generic_update_time+0xcf/0xf0 [ 314.424133][ T31] file_update_time+0x17d/0x1c0 [ 314.429235][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 314.434318][ T31] ? tcp_recvmsg+0x1f9/0x680 [ 314.439185][ T31] ? __pfx_tcp_recvmsg+0x10/0x10 [ 314.444183][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 314.449733][ T31] ? vm_normal_page+0x13b/0x2b0 [ 314.454644][ T31] ? find_held_lock+0x2b/0x80 [ 314.459492][ T31] ? find_held_lock+0x2b/0x80 [ 314.464227][ T31] do_page_mkwrite+0x171/0x380 [ 314.469253][ T31] do_wp_page+0xb9e/0x58e0 [ 314.473767][ T31] ? __pfx_do_wp_page+0x10/0x10 [ 314.480935][ T31] ? do_raw_spin_lock+0x12c/0x2b0 [ 314.486018][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 314.492452][ T31] ? ___pte_offset_map+0x1bc/0x540 [ 314.500061][ T31] __handle_mm_fault+0x1ada/0x2a40 [ 314.505257][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 314.511952][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 314.518193][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 314.523507][ T31] handle_mm_fault+0x3fe/0xad0 [ 314.528503][ T31] do_user_addr_fault+0x60c/0x1370 [ 314.533771][ T31] exc_page_fault+0x5c/0xc0 [ 314.538425][ T31] asm_exc_page_fault+0x26/0x30 [ 314.543325][ T31] RIP: 0033:0x7f3ce3e77dcf [ 314.547890][ T31] RSP: 002b:00007ffc2834c9a0 EFLAGS: 00010202 [ 314.554002][ T31] RAX: 00007f3ce2078000 RBX: 0000555568268ac0 RCX: 0000000000000005 [ 314.562151][ T31] RDX: 1ffffffff14529f5 RSI: 000055556826b0f0 RDI: 0000000000000020 [ 314.570236][ T31] RBP: 00007ffc2834cc90 R08: 000055556826b1d8 R09: 000000000000253e [ 314.578416][ T31] R10: 0000000000000001 R11: 00007ffc2834cea0 R12: 00007ffc2834ccf0 [ 314.586594][ T31] R13: 0000000000000004 R14: 00007ffc2834ca10 R15: 00007ffc2834cae0 [ 314.594735][ T31] [ 314.598040][ T31] INFO: task syz.3.656:7543 blocked for more than 143 seconds. [ 314.605641][ T31] Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 [ 314.614954][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 314.624221][ T31] task:syz.3.656 state:D stack:26488 pid:7543 tgid:7543 ppid:5848 task_flags:0x440040 flags:0x00000004 [ 314.636299][ T31] Call Trace: [ 314.639697][ T31] [ 314.642686][ T31] __schedule+0x116f/0x5de0 [ 314.647371][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 314.652371][ T31] ? __pfx___schedule+0x10/0x10 [ 314.657339][ T31] ? find_held_lock+0x2b/0x80 [ 314.662067][ T31] ? schedule+0x2d7/0x3a0 [ 314.666425][ T31] schedule+0xe7/0x3a0 [ 314.670579][ T31] io_schedule+0xbf/0x130 [ 314.675148][ T31] bit_wait_io+0x15/0xe0 [ 314.679571][ T31] __wait_on_bit+0x62/0x180 [ 314.684151][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 314.689187][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 314.694620][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 314.700722][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 314.706238][ T31] do_get_write_access+0x93d/0x12a0 [ 314.711736][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 314.718513][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 314.724632][ T31] ext4_reserve_inode_write+0x1be/0x320 [ 314.730323][ T31] __ext4_mark_inode_dirty+0x197/0x870 [ 314.735839][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 314.741448][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 314.747530][ T31] ? rcu_is_watching+0x12/0xc0 [ 314.752347][ T31] ? trace_jbd2_handle_start+0x1a8/0x230 [ 314.758102][ T31] ? jbd2__journal_start+0xf6/0x6a0 [ 314.763351][ T31] ? __ext4_journal_start_sb+0x195/0x690 [ 314.769149][ T31] ? __ext4_journal_start_sb+0x19e/0x690 [ 314.774850][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 314.779907][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 314.785323][ T31] ext4_dirty_inode+0xd9/0x130 [ 314.790216][ T31] ? rcu_is_watching+0x12/0xc0 [ 314.795017][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 314.800315][ T31] generic_update_time+0xcf/0xf0 [ 314.805340][ T31] file_update_time+0x17d/0x1c0 [ 314.810309][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 314.815409][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 314.821686][ T31] do_page_mkwrite+0x171/0x380 [ 314.826509][ T31] do_pte_missing+0x29c/0x3fb0 [ 314.831426][ T31] ? __handle_mm_fault+0x1010/0x2a40 [ 314.836839][ T31] __handle_mm_fault+0x103d/0x2a40 [ 314.842000][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 314.847532][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 314.852781][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 314.858221][ T31] handle_mm_fault+0x3fe/0xad0 [ 314.863031][ T31] do_user_addr_fault+0x60c/0x1370 [ 314.868240][ T31] exc_page_fault+0x5c/0xc0 [ 314.872800][ T31] asm_exc_page_fault+0x26/0x30 [ 314.877776][ T31] RIP: 0033:0x7fe612a6f282 [ 314.882218][ T31] RSP: 002b:00007ffffe410370 EFLAGS: 00010202 [ 314.888462][ T31] RAX: 0000000000015008 RBX: 00007fe6138e5720 RCX: 0000000000000000 [ 314.896469][ T31] RDX: 0000001b30e0b000 RSI: 0000000000000008 RDI: 00007fe6138e5720 [ 314.904679][ T31] RBP: 00000000000005dc R08: 00007fe611dfd068 R09: 00007fe612da2000 [ 314.912764][ T31] R10: 00007fe611dfd008 R11: 0000000000000002 R12: ffffffff8b6d98e9 [ 314.920896][ T31] R13: 00007fe612db6118 R14: 000000000000001d R15: fffffffffffeb000 [ 314.929572][ T31] ? xas_create_range+0xc9/0x710 [ 314.934572][ T31] [ 314.937705][ T31] INFO: task syz.1.664:7562 blocked for more than 144 seconds. [ 314.945277][ T31] Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 [ 314.954666][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 314.963412][ T31] task:syz.1.664 state:D stack:27560 pid:7562 tgid:7562 ppid:5837 task_flags:0x440040 flags:0x00000004 [ 314.975451][ T31] Call Trace: [ 314.978862][ T31] [ 314.981808][ T31] __schedule+0x116f/0x5de0 [ 314.986340][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 314.991380][ T31] ? __pfx___schedule+0x10/0x10 [ 314.996296][ T31] ? find_held_lock+0x2b/0x80 [ 315.001079][ T31] ? schedule+0x2d7/0x3a0 [ 315.005472][ T31] schedule+0xe7/0x3a0 [ 315.009797][ T31] io_schedule+0xbf/0x130 [ 315.014195][ T31] bit_wait_io+0x15/0xe0 [ 315.018553][ T31] __wait_on_bit+0x62/0x180 [ 315.023117][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 315.029034][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 315.034509][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 315.040799][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 315.046328][ T31] do_get_write_access+0x93d/0x12a0 [ 315.051619][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 315.057986][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 315.064103][ T31] ext4_reserve_inode_write+0x1be/0x320 [ 315.069825][ T31] __ext4_mark_inode_dirty+0x197/0x870 [ 315.075348][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 315.080854][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 315.086917][ T31] ? rcu_is_watching+0x12/0xc0 [ 315.091799][ T31] ? trace_jbd2_handle_start+0x1a8/0x230 [ 315.097623][ T31] ? jbd2__journal_start+0xf6/0x6a0 [ 315.102867][ T31] ? __ext4_journal_start_sb+0x195/0x690 [ 315.108574][ T31] ? __ext4_journal_start_sb+0x19e/0x690 [ 315.114293][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 315.119346][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 315.124754][ T31] ext4_dirty_inode+0xd9/0x130 [ 315.130255][ T31] ? rcu_is_watching+0x12/0xc0 [ 315.135076][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 315.140241][ T31] generic_update_time+0xcf/0xf0 [ 315.145293][ T31] file_update_time+0x17d/0x1c0 [ 315.150427][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 315.155540][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 315.161240][ T31] do_page_mkwrite+0x171/0x380 [ 315.166060][ T31] do_pte_missing+0x29c/0x3fb0 [ 315.170917][ T31] ? __handle_mm_fault+0x1010/0x2a40 [ 315.176244][ T31] __handle_mm_fault+0x103d/0x2a40 [ 315.181463][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 315.187093][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 315.192356][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 315.197701][ T31] handle_mm_fault+0x3fe/0xad0 [ 315.202520][ T31] do_user_addr_fault+0x60c/0x1370 [ 315.207737][ T31] exc_page_fault+0x5c/0xc0 [ 315.212287][ T31] asm_exc_page_fault+0x26/0x30 [ 315.217724][ T31] RIP: 0033:0x7fd994e6eada [ 315.222182][ T31] RSP: 002b:00007ffd30e87f10 EFLAGS: 00010202 [ 315.228321][ T31] RAX: 0000001b30a1f000 RBX: 00007fd995ce5720 RCX: 0000001b30a1eff8 [ 315.237058][ T31] RDX: 0000001b3062021c RSI: 0000000000000008 RDI: 00007fd995ce5720 [ 315.245093][ T31] RBP: ffffffff817a888d R08: 00007fd9951b6038 R09: 00007fd9951a2000 [ 315.253234][ T31] R10: 00007fd9945ff008 R11: 0000000000000001 R12: 0000000000000001 [ 315.261505][ T31] R13: 0000000000000053 R14: ffffffff817a8361 R15: 0000000000000060 [ 315.269579][ T31] ? ksys_unshare+0x6c1/0xa40 [ 315.274329][ T31] ? unshare_files+0xfd/0x190 [ 315.279226][ T31] [ 315.282300][ T31] INFO: task syz.2.666:7564 blocked for more than 144 seconds. [ 315.290089][ T31] Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 [ 315.299741][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 315.308923][ T31] task:syz.2.666 state:D stack:27464 pid:7564 tgid:7564 ppid:5842 task_flags:0x440040 flags:0x00000004 [ 315.321112][ T31] Call Trace: [ 315.324439][ T31] [ 315.327493][ T31] __schedule+0x116f/0x5de0 [ 315.332064][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 315.338911][ T31] ? __pfx___schedule+0x10/0x10 [ 315.343816][ T31] ? find_held_lock+0x2b/0x80 [ 315.348672][ T31] ? schedule+0x2d7/0x3a0 [ 315.353072][ T31] schedule+0xe7/0x3a0 [ 315.357286][ T31] io_schedule+0xbf/0x130 [ 315.361672][ T31] bit_wait_io+0x15/0xe0 [ 315.365936][ T31] __wait_on_bit+0x62/0x180 [ 315.370575][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 315.375593][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 315.381180][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 315.387340][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 315.393056][ T31] do_get_write_access+0x93d/0x12a0 [ 315.398432][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 315.404518][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 315.410726][ T31] ext4_reserve_inode_write+0x1be/0x320 [ 315.416339][ T31] __ext4_mark_inode_dirty+0x197/0x870 [ 315.421924][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 315.427457][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 315.433480][ T31] ? rcu_is_watching+0x12/0xc0 [ 315.439952][ T31] ? trace_jbd2_handle_start+0x1a8/0x230 [ 315.445649][ T31] ? jbd2__journal_start+0xf6/0x6a0 [ 315.451014][ T31] ? __ext4_journal_start_sb+0x195/0x690 [ 315.458093][ T31] ? __ext4_journal_start_sb+0x19e/0x690 [ 315.464145][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 315.469234][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 315.474657][ T31] ext4_dirty_inode+0xd9/0x130 [ 315.479509][ T31] ? rcu_is_watching+0x12/0xc0 [ 315.484326][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 315.489524][ T31] generic_update_time+0xcf/0xf0 [ 315.494522][ T31] file_update_time+0x17d/0x1c0 [ 315.499479][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 315.504558][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 315.510163][ T31] ? __pfx_filemap_map_pages+0x10/0x10 [ 315.515692][ T31] ? pte_alloc_one+0x2b1/0x380 [ 315.520563][ T31] do_page_mkwrite+0x171/0x380 [ 315.525405][ T31] do_pte_missing+0x29c/0x3fb0 [ 315.530332][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 315.535603][ T31] ? __pmd_alloc+0x3c2/0x870 [ 315.542133][ T31] __handle_mm_fault+0x103d/0x2a40 [ 315.547432][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 315.553011][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 315.558298][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 315.563585][ T31] handle_mm_fault+0x3fe/0xad0 [ 315.568574][ T31] do_user_addr_fault+0x60c/0x1370 [ 315.573735][ T31] exc_page_fault+0x5c/0xc0 [ 315.578337][ T31] asm_exc_page_fault+0x26/0x30 [ 315.583233][ T31] RIP: 0033:0x7f5214e6547b [ 315.587762][ T31] RSP: 002b:00007ffefba86980 EFLAGS: 00010246 [ 315.593869][ T31] RAX: 00000000005ffde8 RBX: 0000000000000000 RCX: 0000000000000000 [ 315.601986][ T31] RDX: 0000001b30720000 RSI: 0000000000600000 RDI: 00007f5215098d50 [ 315.610096][ T31] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000040000 [ 315.618189][ T31] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 315.626185][ T31] R13: 00000000000927c0 R14: 00000000000292ca R15: 00007ffefba86c30 [ 315.634320][ T31] [ 315.637499][ T31] INFO: task syz.0.665:7565 blocked for more than 144 seconds. [ 315.646495][ T31] Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 [ 315.655825][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 315.664614][ T31] task:syz.0.665 state:D stack:28488 pid:7565 tgid:7565 ppid:5844 task_flags:0x440040 flags:0x00000004 [ 315.676719][ T31] Call Trace: [ 315.680030][ T31] [ 315.683002][ T31] __schedule+0x116f/0x5de0 [ 315.689496][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 315.694538][ T31] ? __pfx___schedule+0x10/0x10 [ 315.699872][ T31] ? find_held_lock+0x2b/0x80 [ 315.704595][ T31] ? schedule+0x2d7/0x3a0 [ 315.709058][ T31] schedule+0xe7/0x3a0 [ 315.713201][ T31] io_schedule+0xbf/0x130 [ 315.717628][ T31] bit_wait_io+0x15/0xe0 [ 315.721919][ T31] __wait_on_bit+0x62/0x180 [ 315.726471][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 315.731483][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 315.736955][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 315.744658][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 315.750339][ T31] do_get_write_access+0x93d/0x12a0 [ 315.755605][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 315.761673][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 315.767838][ T31] ext4_reserve_inode_write+0x1be/0x320 [ 315.773433][ T31] __ext4_mark_inode_dirty+0x197/0x870 [ 315.778962][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 315.784392][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 315.790464][ T31] ? rcu_is_watching+0x12/0xc0 [ 315.795268][ T31] ? trace_jbd2_handle_start+0x1a8/0x230 [ 315.801046][ T31] ? jbd2__journal_start+0xf6/0x6a0 [ 315.806319][ T31] ? __ext4_journal_start_sb+0x195/0x690 [ 315.812096][ T31] ? __ext4_journal_start_sb+0x19e/0x690 [ 315.817820][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 315.822812][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 315.828396][ T31] ext4_dirty_inode+0xd9/0x130 [ 315.833208][ T31] ? rcu_is_watching+0x12/0xc0 [ 315.838046][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 315.843123][ T31] generic_update_time+0xcf/0xf0 [ 315.849924][ T31] file_update_time+0x17d/0x1c0 [ 315.854837][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 315.860069][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 315.865574][ T31] ? __pfx_filemap_map_pages+0x10/0x10 [ 315.871114][ T31] ? pte_alloc_one+0x2b1/0x380 [ 315.876288][ T31] do_page_mkwrite+0x171/0x380 [ 315.881165][ T31] do_pte_missing+0x29c/0x3fb0 [ 315.885965][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 315.891242][ T31] ? __pmd_alloc+0x3c2/0x870 [ 315.895892][ T31] __handle_mm_fault+0x103d/0x2a40 [ 315.901214][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 315.906757][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 315.912198][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 315.917567][ T31] handle_mm_fault+0x3fe/0xad0 [ 315.922379][ T31] do_user_addr_fault+0x60c/0x1370 [ 315.927613][ T31] exc_page_fault+0x5c/0xc0 [ 315.932183][ T31] asm_exc_page_fault+0x26/0x30 [ 315.937221][ T31] RIP: 0033:0x7ff30226547b [ 315.941673][ T31] RSP: 002b:00007ffc31ac29c0 EFLAGS: 00010246 [ 315.949373][ T31] RAX: 00000000003ffde8 RBX: 0000000000000000 RCX: 0000000000000000 [ 315.957453][ T31] RDX: 0000001b30520000 RSI: 0000000000400000 RDI: 00007ff302498d50 [ 315.965471][ T31] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000040000 [ 315.973535][ T31] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 315.981595][ T31] R13: 00000000000927c0 R14: 00000000000292c0 R15: 00007ffc31ac2c70 [ 315.989654][ T31] [ 315.992710][ T31] [ 315.992710][ T31] Showing all locks held in the system: [ 316.000518][ T31] 1 lock held by khungtaskd/31: [ 316.005395][ T31] #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 316.015447][ T31] 6 locks held by kworker/u8:7/3472: [ 316.020805][ T31] #0: ffff88801f6f4948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 316.031770][ T31] #1: ffffc9000c737d18 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 316.043712][ T31] #2: ffff88803547e0e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0 [ 316.056218][ T31] #3: ffff888035150b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x1b2/0x820 [ 316.066743][ T31] #4: ffff888035152950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 316.076405][ T31] #5: ffff88807c2265d8 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x355/0x1390 [ 316.086335][ T31] 2 locks held by getty/5599: [ 316.091084][ T31] #0: ffff88823bf960a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 316.101191][ T31] #1: ffffc9000334b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 316.111434][ T31] 3 locks held by syz-executor/5827: [ 316.116764][ T31] #0: ffff88802c235948 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 316.126165][ T31] #1: ffff88803547e518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 316.135759][ T31] #2: ffff888035152950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 316.145463][ T31] 3 locks held by syz.3.656/7543: [ 316.150570][ T31] #0: ffff888029b82088 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 316.161854][ T31] #1: ffff88803547e518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 316.171640][ T31] #2: ffff888035152950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 316.181454][ T31] 3 locks held by syz.1.664/7562: [ 316.186502][ T31] #0: ffff888031b4dd08 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 316.195914][ T31] #1: ffff88803547e518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 316.205534][ T31] #2: ffff888035152950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 316.215248][ T31] 3 locks held by syz.2.666/7564: [ 316.220352][ T31] #0: ffff88807f30b1c8 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 316.229801][ T31] #1: ffff88803547e518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 316.239423][ T31] #2: ffff888035152950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 316.249194][ T31] 3 locks held by syz.0.665/7565: [ 316.255914][ T31] #0: ffff88802d5c9a88 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 316.265776][ T31] #1: ffff88803547e518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 316.277511][ T31] #2: ffff888035152950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 316.287325][ T31] [ 316.289673][ T31] ============================================= [ 316.289673][ T31] [ 316.298268][ T31] NMI backtrace for cpu 1 [ 316.298300][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 316.298347][ T31] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 316.298359][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 316.298377][ T31] Call Trace: [ 316.298386][ T31] [ 316.298397][ T31] dump_stack_lvl+0x116/0x1f0 [ 316.298447][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 316.298485][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 316.298519][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 316.298560][ T31] watchdog+0xf70/0x12c0 [ 316.298613][ T31] ? __pfx_watchdog+0x10/0x10 [ 316.298656][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 316.298702][ T31] ? __kthread_parkme+0x19e/0x250 [ 316.298746][ T31] ? __pfx_watchdog+0x10/0x10 [ 316.298791][ T31] kthread+0x3c2/0x780 [ 316.298840][ T31] ? __pfx_kthread+0x10/0x10 [ 316.298885][ T31] ? __pfx_kthread+0x10/0x10 [ 316.298928][ T31] ? __pfx_kthread+0x10/0x10 [ 316.298974][ T31] ? __pfx_kthread+0x10/0x10 [ 316.299037][ T31] ? rcu_is_watching+0x12/0xc0 [ 316.299070][ T31] ? __pfx_kthread+0x10/0x10 [ 316.299121][ T31] ret_from_fork+0x45/0x80 [ 316.299150][ T31] ? __pfx_kthread+0x10/0x10 [ 316.299197][ T31] ret_from_fork_asm+0x1a/0x30 [ 316.299267][ T31] [ 316.299278][ T31] Sending NMI from CPU 1 to CPUs 0: [ 316.440064][ C0] NMI backtrace for cpu 0 [ 316.440087][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 316.440126][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 316.440136][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 316.440150][ C0] RIP: 0010:native_apic_msr_write+0x28/0x40 [ 316.440190][ C0] Code: 90 90 f3 0f 1e fa 8d 87 30 ff ff ff 83 e0 ef 74 20 89 f8 83 e0 ef 83 f8 20 74 16 c1 ef 04 31 d2 89 f0 8d 8f 00 08 00 00 0f 30 <66> 90 c3 cc cc cc cc c3 cc cc cc cc 89 f6 31 d2 89 cf e9 21 ee 96 [ 316.440213][ C0] RSP: 0018:ffffffff8e007be8 EFLAGS: 00000046 [ 316.440232][ C0] RAX: 0000000000064ff6 RBX: ffff8880b84235c0 RCX: 0000000000000838 [ 316.440248][ C0] RDX: 0000000000000000 RSI: 0000000000064ff6 RDI: 0000000000000038 [ 316.440263][ C0] RBP: 0000000000064ff6 R08: 0000000000000005 R09: 000000000000003f [ 316.440277][ C0] R10: 0000000000000020 R11: 0000000000000000 R12: 0000000000000001 [ 316.440292][ C0] R13: 0000000000000001 R14: 0000000000000020 R15: ffff8880b8427840 [ 316.440307][ C0] FS: 0000000000000000(0000) GS:ffff8881249bf000(0000) knlGS:0000000000000000 [ 316.440330][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 316.440345][ C0] CR2: 00005648f6a60680 CR3: 000000000e180000 CR4: 00000000003526f0 [ 316.440360][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 316.440374][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 316.440388][ C0] Call Trace: [ 316.440395][ C0] [ 316.440403][ C0] lapic_next_event+0x10/0x20 [ 316.440427][ C0] clockevents_program_event+0x26f/0x380 [ 316.440463][ C0] tick_program_event+0xa9/0x140 [ 316.440487][ C0] hrtimer_reprogram+0x27b/0x450 [ 316.440528][ C0] hrtimer_start_range_ns+0x9d4/0xfc0 [ 316.440558][ C0] tick_nohz_idle_stop_tick+0x69b/0xef0 [ 316.440588][ C0] ? __pfx_tick_nohz_idle_stop_tick+0x10/0x10 [ 316.440616][ C0] ? __pfx_tsc_verify_tsc_adjust+0x10/0x10 [ 316.440640][ C0] ? ct_kernel_enter_state+0x12/0x60 [ 316.440680][ C0] do_idle+0x38c/0x510 [ 316.440706][ C0] ? __pfx_do_idle+0x10/0x10 [ 316.440729][ C0] ? find_held_lock+0x2b/0x80 [ 316.440758][ C0] cpu_startup_entry+0x4f/0x60 [ 316.440783][ C0] rest_init+0x16b/0x2b0 [ 316.440805][ C0] ? acpi_subsystem_init+0x133/0x180 [ 316.440831][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 316.440867][ C0] start_kernel+0x3e9/0x4d0 [ 316.440899][ C0] x86_64_start_reservations+0x18/0x30 [ 316.440932][ C0] x86_64_start_kernel+0xb0/0xc0 [ 316.440964][ C0] common_startup_64+0x13e/0x148 [ 316.441002][ C0] [ 316.441636][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 316.441665][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U I 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 316.441718][ T31] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 316.441731][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 316.441751][ T31] Call Trace: [ 316.441763][ T31] [ 316.441776][ T31] dump_stack_lvl+0x3d/0x1f0 [ 316.441826][ T31] panic+0x71c/0x800 [ 316.441878][ T31] ? __pfx_panic+0x10/0x10 [ 316.441926][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 316.441968][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 316.442001][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 316.442037][ T31] ? watchdog+0xdda/0x12c0 [ 316.442083][ T31] ? watchdog+0xdcd/0x12c0 [ 316.442134][ T31] watchdog+0xdeb/0x12c0 [ 316.442187][ T31] ? __pfx_watchdog+0x10/0x10 [ 316.442232][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 316.442291][ T31] ? __kthread_parkme+0x19e/0x250 [ 316.442336][ T31] ? __pfx_watchdog+0x10/0x10 [ 316.442383][ T31] kthread+0x3c2/0x780 [ 316.442433][ T31] ? __pfx_kthread+0x10/0x10 [ 316.442480][ T31] ? __pfx_kthread+0x10/0x10 [ 316.442528][ T31] ? __pfx_kthread+0x10/0x10 [ 316.442578][ T31] ? __pfx_kthread+0x10/0x10 [ 316.442627][ T31] ? rcu_is_watching+0x12/0xc0 [ 316.442663][ T31] ? __pfx_kthread+0x10/0x10 [ 316.442713][ T31] ret_from_fork+0x45/0x80 [ 316.442744][ T31] ? __pfx_kthread+0x10/0x10 [ 316.442813][ T31] ret_from_fork_asm+0x1a/0x30 [ 316.442885][ T31] [ 316.848441][ T31] Kernel Offset: disabled [ 316.852769][ T31] Rebooting in 86400 seconds..