last executing test programs: 25.111287893s ago: executing program 1 (id=200): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x4, 0x7, 0x0, 0x400, 0x9a, "077c1315ff06c9cc9ff4956913870ef95ebcd43e985b110210346f7f05f8bd5d8b4458e71254da2aab17208e518d2a9b3c20bd53a710ce119b1b61b0"}) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) read$auto(0x3, 0x0, 0x1f40) 24.94111042s ago: executing program 1 (id=202): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000d00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010029bd7000fbdbdf250c00000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x37c60ad6183ba5b}, 0x810) 24.761207879s ago: executing program 1 (id=205): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x401, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto(r0, 0x84, 0x75, 0x0, 0x0) 24.265836271s ago: executing program 1 (id=209): ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, 0x0) unshare$auto(0x40000080) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) umount2$auto(&(0x7f0000000080)='.\x00\x17\xe7\xcbK\x17\xa2\xa0\x9a\xf6\x81\xee\xbfB\x9d\x8cL\xc9 \f\xd5\x1f\xf5\xd0\xe2\xfb\x1bG[\x0e\v\xbcq\xa1(Gz\xd7\x02Viw@\x8c9 \xee\x8a\x04\xe7\xd6\xc5\xc6_\xb2\ndUsI\xd8o\x00\x00\x00\xff\xe4\xed^0\xed\xc5\tg\x91\x87\xb5\xa9\xcd\xde\xf2L\x10VL$\xb3\xd4\x89\x01Y@%v\xa2\a\x98G\xf1\x0eMg\xe1p5u\xb3E\xfc\x1c\xd2-\xe4\\;nQJ', 0x8) 23.294588554s ago: executing program 1 (id=219): r0 = setfsuid$auto(0xee00) r1 = setfsuid$auto(0xee01) setresuid$auto(r0, r1, r0) r2 = pidfd_open$auto(0x1, 0x0) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r2, 0x8, 0x0, 0x2) 22.795984016s ago: executing program 1 (id=223): mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) timerfd_create$auto(0x9, 0x0) ioctl$auto(0x3, 0x40085400, 0x5) 18.16178339s ago: executing program 3 (id=259): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0xd, 0x2, 0x100000001, 0x2, 0x0, 0x0, 0x0, 0xfa9a, 0x8, 0x7fffffffffffffff, 0x8000000004, 0x100000007fffffff, 0x8000000005, 0x0, 0x7, 0x4, 0x3}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 17.485552032s ago: executing program 3 (id=264): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r1 = ioctl$auto_NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) close_range$auto(r0, r1, 0x80) memfd_create$auto(0x0, 0xe) 16.990445417s ago: executing program 3 (id=265): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto(r0, 0x4004af07, r0) 16.686190958s ago: executing program 3 (id=268): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x2, 0x8, 0xc, 0xe3, 0x4000000002, 0x3}, 0x6f4) bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0xffffffff, 0x800}, 0x92) 16.438115584s ago: executing program 3 (id=270): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x2, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r1, 0x0, 0x1f40) write$auto(r0, 0x0, 0x9) 16.110945075s ago: executing program 3 (id=274): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0) writev$auto(0x0, &(0x7f0000000000)={0x0, 0x8}, 0xb) 9.030369398s ago: executing program 2 (id=341): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000780)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000009c0)={0x1c, r0, 0x285, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x880) 8.940344486s ago: executing program 2 (id=342): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/index\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) write$auto(0x3, 0x0, 0xfdef) 8.858013039s ago: executing program 2 (id=344): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x1, 0xffffffffffffffff, 0x211) 8.638968375s ago: executing program 2 (id=348): ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, 0x0) unshare$auto(0x40000080) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) umount2$auto(&(0x7f0000000080)='.\x00\x17\xe7\xcbK\x17\xa2\xa0\x9a\xf6\x81\xee\xbfB\x9d\x8cL\xc9 \f\xd5\x1f\xf5\xd0\xe2\xfb\x1bG[\x0e\v\xbcq\xa1(Gz\xd7\x02Viw@\x8c9 \xee\x8a\x04\xe7\xd6\xc5\xc6_\xb2\ndUsI\xd8o\x00\x00\x00\xff\xe4\xed^0\xed\xc5\tg\x91\x87\xb5\xa9\xcd\xde\xf2L\x10VL$\xb3\xd4\x89\x01Y@%v\xa2\a\x98G\xf1\x0eMg\xe1p5u\xb3E\xfc\x1c\xd2-\xe4\\;nQJ', 0x8) 8.286182465s ago: executing program 2 (id=352): socket(0x25, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x3) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) getsockopt$auto(0x3, 0x200000000001, 0x19, 0x0, 0x0) 8.082270959s ago: executing program 2 (id=355): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg$auto(r1, &(0x7f00000007c0)={&(0x7f00000006c0), 0x200, &(0x7f0000000740)={&(0x7f0000000700), 0xf}, 0x400, 0x0, 0xe, 0x466d}, 0x6) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x14, r0, 0x1, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4008890}, 0x4000000) 7.650766128s ago: executing program 0 (id=357): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x801, 0x84) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x5f) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) 7.479780692s ago: executing program 0 (id=358): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0x46) 768.562841ms ago: executing program 32 (id=274): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0) writev$auto(0x0, &(0x7f0000000000)={0x0, 0x8}, 0xb) 290.1496ms ago: executing program 0 (id=360): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) write$auto(r0, &(0x7f0000000040)='*/*)-][\\\\\\[@{}\x00', 0xffffffff) sendfile$auto(0xffffffffffffffff, r0, 0x0, 0x3) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) 180.22477ms ago: executing program 0 (id=361): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x11, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 84.527872ms ago: executing program 0 (id=362): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x5, 0x0) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff8, 0xffffffffffffffff, [0x7783, 0x9, 0x7c], {0x913, 0x7, 0x3036, 0xe, 0xd, 0x5, 0x6, 0xfffffff9, 0x2000000f08a2b6}, {0x4000, 0xfc, 0xd, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x800) bpf$auto(0x12, &(0x7f0000000040)=@enable_stats={0x1}, 0x26) 0s ago: executing program 0 (id=363): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x9) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c7300436b6, 0x0) write$auto(r1, 0x0, 0xa) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.164' (ED25519) to the list of known hosts. [ 99.187509][ T5817] cgroup: Unknown subsys name 'net' [ 99.332924][ T5817] cgroup: Unknown subsys name 'cpuset' [ 99.342390][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 101.243655][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.331150][ T90] cfg80211: failed to load regulatory.db [ 103.230496][ T5150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.239737][ T5150] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.252160][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.262934][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.267623][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.273574][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.286603][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.287586][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.295097][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.309066][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.316245][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.319356][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.329353][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.335841][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.346061][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.346244][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.363234][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.370749][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.379004][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.391699][ T5848] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.942736][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 104.073053][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 104.165866][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 104.247682][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 104.294903][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.303005][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.310665][ T5837] bridge_slave_0: entered allmulticast mode [ 104.318150][ T5837] bridge_slave_0: entered promiscuous mode [ 104.363446][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.370777][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.377959][ T5837] bridge_slave_1: entered allmulticast mode [ 104.385626][ T5837] bridge_slave_1: entered promiscuous mode [ 104.456411][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.463652][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.471057][ T5845] bridge_slave_0: entered allmulticast mode [ 104.478450][ T5845] bridge_slave_0: entered promiscuous mode [ 104.527565][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.534899][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.542205][ T5845] bridge_slave_1: entered allmulticast mode [ 104.549749][ T5845] bridge_slave_1: entered promiscuous mode [ 104.557418][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.565011][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.572771][ T5835] bridge_slave_0: entered allmulticast mode [ 104.580509][ T5835] bridge_slave_0: entered promiscuous mode [ 104.591911][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.620401][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.627784][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.635791][ T5835] bridge_slave_1: entered allmulticast mode [ 104.643501][ T5835] bridge_slave_1: entered promiscuous mode [ 104.653182][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.729767][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.777390][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.789880][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.801802][ T5837] team0: Port device team_slave_0 added [ 104.807979][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.816220][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.823558][ T5836] bridge_slave_0: entered allmulticast mode [ 104.830995][ T5836] bridge_slave_0: entered promiscuous mode [ 104.849725][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.856927][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.864661][ T5836] bridge_slave_1: entered allmulticast mode [ 104.872380][ T5836] bridge_slave_1: entered promiscuous mode [ 104.882212][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.894531][ T5837] team0: Port device team_slave_1 added [ 104.952209][ T5845] team0: Port device team_slave_0 added [ 104.997322][ T5845] team0: Port device team_slave_1 added [ 105.007863][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.020312][ T5835] team0: Port device team_slave_0 added [ 105.028172][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.035487][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.061707][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.087804][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.099398][ T5835] team0: Port device team_slave_1 added [ 105.105896][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.112984][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.144180][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.199219][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.206203][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.232440][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.269248][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.276293][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.303743][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.319592][ T5836] team0: Port device team_slave_0 added [ 105.326521][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.334349][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.360881][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.374247][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.381468][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.408414][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.429787][ T5836] team0: Port device team_slave_1 added [ 105.449483][ T5838] Bluetooth: hci2: command tx timeout [ 105.449487][ T52] Bluetooth: hci3: command tx timeout [ 105.450082][ T5848] Bluetooth: hci1: command tx timeout [ 105.455497][ T5847] Bluetooth: hci0: command tx timeout [ 105.535795][ T5837] hsr_slave_0: entered promiscuous mode [ 105.543140][ T5837] hsr_slave_1: entered promiscuous mode [ 105.571165][ T5845] hsr_slave_0: entered promiscuous mode [ 105.578138][ T5845] hsr_slave_1: entered promiscuous mode [ 105.584667][ T5845] debugfs: 'hsr0' already exists in 'hsr' [ 105.590628][ T5845] Cannot create hsr debugfs directory [ 105.597385][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.604440][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.630545][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.659400][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.666430][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.692886][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.749328][ T5835] hsr_slave_0: entered promiscuous mode [ 105.756385][ T5835] hsr_slave_1: entered promiscuous mode [ 105.762897][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 105.768954][ T5835] Cannot create hsr debugfs directory [ 105.922079][ T5836] hsr_slave_0: entered promiscuous mode [ 105.929186][ T5836] hsr_slave_1: entered promiscuous mode [ 105.936046][ T5836] debugfs: 'hsr0' already exists in 'hsr' [ 105.942279][ T5836] Cannot create hsr debugfs directory [ 106.348456][ T5837] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 106.363372][ T5837] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 106.376701][ T5837] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 106.398846][ T5837] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 106.472000][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.488234][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.513122][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.526546][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.617295][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 106.632742][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 106.644036][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 106.669817][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 106.783049][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.800388][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.824719][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.846444][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.869810][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.955763][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.994282][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.001948][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.033764][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.056996][ T2978] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.064377][ T2978] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.112516][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.140591][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.147796][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.159746][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.167229][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.231631][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.245327][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.311309][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.324902][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.342473][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.349837][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.374365][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.381592][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.415268][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.422602][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.438570][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.445757][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.529197][ T5847] Bluetooth: hci0: command tx timeout [ 107.534347][ T5848] Bluetooth: hci2: command tx timeout [ 107.534901][ T5847] Bluetooth: hci1: command tx timeout [ 107.540349][ T5848] Bluetooth: hci3: command tx timeout [ 107.958958][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.026810][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.123412][ T5837] veth0_vlan: entered promiscuous mode [ 108.181346][ T5837] veth1_vlan: entered promiscuous mode [ 108.197680][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.245130][ T5845] veth0_vlan: entered promiscuous mode [ 108.294022][ T5845] veth1_vlan: entered promiscuous mode [ 108.312913][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.364423][ T5837] veth0_macvtap: entered promiscuous mode [ 108.384604][ T5836] veth0_vlan: entered promiscuous mode [ 108.396282][ T5837] veth1_macvtap: entered promiscuous mode [ 108.433046][ T5836] veth1_vlan: entered promiscuous mode [ 108.454188][ T5845] veth0_macvtap: entered promiscuous mode [ 108.475880][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.487836][ T5845] veth1_macvtap: entered promiscuous mode [ 108.515226][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.537621][ T5835] veth0_vlan: entered promiscuous mode [ 108.553647][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.572154][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.587567][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.600820][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.619894][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.648435][ T5835] veth1_vlan: entered promiscuous mode [ 108.661259][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.677028][ T5836] veth0_macvtap: entered promiscuous mode [ 108.703047][ T5836] veth1_macvtap: entered promiscuous mode [ 108.729317][ T1101] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.739431][ T1101] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.762423][ T1101] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.773139][ T1101] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.861821][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.890763][ T5835] veth0_macvtap: entered promiscuous mode [ 108.920135][ T197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.948679][ T197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.966395][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.991561][ T5835] veth1_macvtap: entered promiscuous mode [ 109.002229][ T197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.017827][ T197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.054409][ T2953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.064761][ T2953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.081135][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.090281][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.104126][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.130925][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.147734][ T197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.157767][ T197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.181651][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.215402][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.247801][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.265568][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.284547][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.310054][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.322681][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.458068][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.492640][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.541860][ T5921] Zero length message leads to an empty skb [ 109.607768][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.616289][ T5848] Bluetooth: hci2: command tx timeout [ 109.621936][ T5838] Bluetooth: hci3: command tx timeout [ 109.622090][ T5847] Bluetooth: hci0: command tx timeout [ 109.638283][ T52] Bluetooth: hci1: command tx timeout [ 109.649830][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.775257][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.822278][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.966105][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.980463][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.048790][ T5927] capability: warning: `syz.3.5' uses 32-bit capabilities (legacy support in use) [ 110.499041][ T5941] FAULT_INJECTION: forcing a failure. [ 110.499041][ T5941] name failslab, interval 1, probability 0, space 0, times 1 [ 110.499106][ T5941] CPU: 1 UID: 0 PID: 5941 Comm: syz.0.8 Not tainted syzkaller #0 PREEMPT(full) [ 110.499143][ T5941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 110.499165][ T5941] Call Trace: [ 110.499174][ T5941] [ 110.499189][ T5941] dump_stack_lvl+0x16c/0x1f0 [ 110.499249][ T5941] should_fail_ex+0x512/0x640 [ 110.499285][ T5941] ? __kmalloc_noprof+0xca/0x910 [ 110.499324][ T5941] should_failslab+0xc2/0x120 [ 110.499376][ T5941] __kmalloc_noprof+0xeb/0x910 [ 110.499412][ T5941] ? lsm_blob_alloc+0x68/0x90 [ 110.499467][ T5941] ? lsm_blob_alloc+0x68/0x90 [ 110.499518][ T5941] lsm_blob_alloc+0x68/0x90 [ 110.499565][ T5941] security_prepare_creds+0x2f/0x270 [ 110.499611][ T5941] prepare_creds+0x5d6/0x940 [ 110.499649][ T5941] lookup_user_key+0x399/0x1300 [ 110.499700][ T5941] ? __pfx_lookup_user_key+0x10/0x10 [ 110.499728][ T5941] ? do_futex+0x122/0x350 [ 110.499754][ T5941] ? __pfx_do_futex+0x10/0x10 [ 110.499782][ T5941] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 110.499813][ T5941] ? __x64_sys_futex+0x1e0/0x4c0 [ 110.499837][ T5941] ? __x64_sys_futex+0x1e9/0x4c0 [ 110.499865][ T5941] ? fput+0x70/0xf0 [ 110.499889][ T5941] keyctl_watch_key+0x52/0x500 [ 110.499916][ T5941] __do_sys_keyctl+0x123/0x590 [ 110.499944][ T5941] do_syscall_64+0xcd/0xf80 [ 110.499967][ T5941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.499990][ T5941] RIP: 0033:0x7f1f0e78f7c9 [ 110.500014][ T5941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.500036][ T5941] RSP: 002b:00007f1f0c9f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 110.500057][ T5941] RAX: ffffffffffffffda RBX: 00007f1f0e9e5fa0 RCX: 00007f1f0e78f7c9 [ 110.500072][ T5941] RDX: 0000000000000005 RSI: ffffffffffffffff RDI: 0200000000000020 [ 110.500086][ T5941] RBP: 00007f1f0e813f91 R08: 0000000000000008 R09: 0000000000000000 [ 110.500100][ T5941] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 110.500113][ T5941] R13: 00007f1f0e9e6038 R14: 00007f1f0e9e5fa0 R15: 00007ffe714540f8 [ 110.500142][ T5941] [ 111.691229][ T52] Bluetooth: hci3: command tx timeout [ 111.691269][ T5848] Bluetooth: hci0: command tx timeout [ 111.691480][ T5838] Bluetooth: hci1: command tx timeout [ 111.702225][ T5847] Bluetooth: hci2: command tx timeout [ 113.080273][ T6001] FAULT_INJECTION: forcing a failure. [ 113.080273][ T6001] name failslab, interval 1, probability 0, space 0, times 0 [ 113.118633][ T6001] CPU: 1 UID: 0 PID: 6001 Comm: syz.1.32 Not tainted syzkaller #0 PREEMPT(full) [ 113.118674][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 113.118698][ T6001] Call Trace: [ 113.118708][ T6001] [ 113.118720][ T6001] dump_stack_lvl+0x16c/0x1f0 [ 113.118775][ T6001] should_fail_ex+0x512/0x640 [ 113.118812][ T6001] ? __kmalloc_cache_noprof+0x5f/0x800 [ 113.118851][ T6001] should_failslab+0xc2/0x120 [ 113.118899][ T6001] __kmalloc_cache_noprof+0x80/0x800 [ 113.118932][ T6001] ? lockdep_init_map_type+0x5c/0x270 [ 113.118963][ T6001] ? do_inotify_init+0xa2/0x5f0 [ 113.119006][ T6001] ? do_inotify_init+0xa2/0x5f0 [ 113.119043][ T6001] do_inotify_init+0xa2/0x5f0 [ 113.119078][ T6001] ? rcu_is_watching+0x12/0xc0 [ 113.119122][ T6001] __x64_sys_inotify_init1+0x30/0x40 [ 113.119160][ T6001] do_syscall_64+0xcd/0xf80 [ 113.119190][ T6001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.119223][ T6001] RIP: 0033:0x7f823e58f7c9 [ 113.119247][ T6001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.119276][ T6001] RSP: 002b:00007f823f48e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000126 [ 113.119306][ T6001] RAX: ffffffffffffffda RBX: 00007f823e7e5fa0 RCX: 00007f823e58f7c9 [ 113.119327][ T6001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 113.119344][ T6001] RBP: 00007f823e613f91 R08: 0000000000000000 R09: 0000000000000000 [ 113.119362][ T6001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.119380][ T6001] R13: 00007f823e7e6038 R14: 00007f823e7e5fa0 R15: 00007ffdd75177a8 [ 113.119422][ T6001] [ 113.536774][ T6009] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 113.968455][ T6017] syz.0.38 uses obsolete (PF_INET,SOCK_PACKET) [ 117.050582][ T6095] netlink: 'syz.0.71': attribute type 5 has an invalid length. [ 117.785695][ T6117] FAULT_INJECTION: forcing a failure. [ 117.785695][ T6117] name failslab, interval 1, probability 0, space 0, times 0 [ 117.825649][ T6117] CPU: 1 UID: 0 PID: 6117 Comm: syz.2.79 Not tainted syzkaller #0 PREEMPT(full) [ 117.825691][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 117.825709][ T6117] Call Trace: [ 117.825719][ T6117] [ 117.825731][ T6117] dump_stack_lvl+0x16c/0x1f0 [ 117.825789][ T6117] should_fail_ex+0x512/0x640 [ 117.825825][ T6117] ? __kmalloc_cache_noprof+0x5f/0x800 [ 117.825864][ T6117] should_failslab+0xc2/0x120 [ 117.825915][ T6117] __kmalloc_cache_noprof+0x80/0x800 [ 117.825954][ T6117] ? loop_add+0xb6/0xb70 [ 117.825990][ T6117] ? loop_add+0xb6/0xb70 [ 117.826016][ T6117] loop_add+0xb6/0xb70 [ 117.826048][ T6117] ? __pfx_loop_add+0x10/0x10 [ 117.826104][ T6117] ? find_held_lock+0x2b/0x80 [ 117.826160][ T6117] loop_control_ioctl+0x13e/0x640 [ 117.826193][ T6117] ? __pfx_loop_control_ioctl+0x10/0x10 [ 117.826231][ T6117] ? __pfx_loop_control_ioctl+0x10/0x10 [ 117.826265][ T6117] __x64_sys_ioctl+0x18e/0x210 [ 117.826308][ T6117] do_syscall_64+0xcd/0xf80 [ 117.826339][ T6117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.826371][ T6117] RIP: 0033:0x7f88f078f7c9 [ 117.826396][ T6117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.826427][ T6117] RSP: 002b:00007f88f1592038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 117.826456][ T6117] RAX: ffffffffffffffda RBX: 00007f88f09e5fa0 RCX: 00007f88f078f7c9 [ 117.826477][ T6117] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000003 [ 117.826496][ T6117] RBP: 00007f88f0813f91 R08: 0000000000000000 R09: 0000000000000000 [ 117.826515][ T6117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.826533][ T6117] R13: 00007f88f09e6038 R14: 00007f88f09e5fa0 R15: 00007ffc28b85ec8 [ 117.826576][ T6117] [ 120.496752][ T6182] GUP no longer grows the stack in syz.2.105 (6182): 5000-401000 (4000) [ 120.522044][ T6182] CPU: 0 UID: 0 PID: 6182 Comm: syz.2.105 Not tainted syzkaller #0 PREEMPT(full) [ 120.522086][ T6182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 120.522105][ T6182] Call Trace: [ 120.522115][ T6182] [ 120.522127][ T6182] dump_stack_lvl+0x16c/0x1f0 [ 120.522192][ T6182] gup_vma_lookup+0x1d2/0x220 [ 120.522239][ T6182] __get_user_pages+0x241/0x3590 [ 120.522299][ T6182] ? find_held_lock+0x2b/0x80 [ 120.522341][ T6182] ? __pfx___get_user_pages+0x10/0x10 [ 120.522403][ T6182] get_user_pages_remote+0x243/0xab0 [ 120.522460][ T6182] ? __pfx_get_user_pages_remote+0x10/0x10 [ 120.522511][ T6182] ? __pfx___might_resched+0x10/0x10 [ 120.522555][ T6182] ? noop_dirty_folio+0x5e/0xb0 [ 120.522603][ T6182] __access_remote_vm+0x24d/0x850 [ 120.522657][ T6182] ? __pfx___access_remote_vm+0x10/0x10 [ 120.522713][ T6182] mem_rw+0x20e/0x640 [ 120.522767][ T6182] ? __pfx_mem_write+0x10/0x10 [ 120.522812][ T6182] vfs_writev+0x5df/0xde0 [ 120.522869][ T6182] ? __pfx_vfs_writev+0x10/0x10 [ 120.522910][ T6182] ? fdget_pos+0x2a2/0x370 [ 120.522989][ T6182] ? __fget_files+0x20e/0x3c0 [ 120.523047][ T6182] ? do_writev+0x132/0x340 [ 120.523087][ T6182] do_writev+0x132/0x340 [ 120.523130][ T6182] ? __pfx_do_writev+0x10/0x10 [ 120.523197][ T6182] do_syscall_64+0xcd/0xf80 [ 120.523228][ T6182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.523261][ T6182] RIP: 0033:0x7f88f078f7c9 [ 120.523286][ T6182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.523317][ T6182] RSP: 002b:00007f88f1592038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 120.523347][ T6182] RAX: ffffffffffffffda RBX: 00007f88f09e5fa0 RCX: 00007f88f078f7c9 [ 120.523368][ T6182] RDX: 0000000000000008 RSI: 0000200000000180 RDI: 0000000000000003 [ 120.523387][ T6182] RBP: 00007f88f0813f91 R08: 0000000000000000 R09: 0000000000000000 [ 120.523407][ T6182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.523426][ T6182] R13: 00007f88f09e6038 R14: 00007f88f09e5fa0 R15: 00007ffc28b85ec8 [ 120.523470][ T6182] [ 122.051830][ T6221] netlink: 346 bytes leftover after parsing attributes in process `syz.1.123'. [ 122.063267][ T6223] Device name cannot be null; rc = [-22] [ 123.471522][ T6260] FAULT_INJECTION: forcing a failure. [ 123.471522][ T6260] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 123.516643][ T6260] CPU: 1 UID: 0 PID: 6260 Comm: syz.3.139 Not tainted syzkaller #0 PREEMPT(full) [ 123.516722][ T6260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 123.516740][ T6260] Call Trace: [ 123.516751][ T6260] [ 123.516761][ T6260] dump_stack_lvl+0x16c/0x1f0 [ 123.516817][ T6260] should_fail_ex+0x512/0x640 [ 123.516860][ T6260] should_fail_alloc_page+0xe7/0x130 [ 123.517013][ T6260] prepare_alloc_pages+0x401/0x670 [ 123.517070][ T6260] ? kernel_text_address+0x8d/0x100 [ 123.517110][ T6260] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 123.517168][ T6260] ? stack_trace_save+0x8e/0xc0 [ 123.517218][ T6260] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 123.517260][ T6260] ? trace_mm_page_alloc+0x11b/0x180 [ 123.517315][ T6260] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 123.517352][ T6260] ? __pmd_alloc+0xbf/0x9c0 [ 123.517396][ T6260] ? __handle_mm_fault+0xbeb/0x2bb0 [ 123.517427][ T6260] ? handle_mm_fault+0x3fe/0xad0 [ 123.517459][ T6260] ? __get_user_pages+0x54e/0x3590 [ 123.517504][ T6260] ? populate_vma_page_range+0x267/0x3f0 [ 123.517556][ T6260] ? __mm_populate+0x1d8/0x380 [ 123.517602][ T6260] ? vm_mmap_pgoff+0x37f/0x470 [ 123.517645][ T6260] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 123.517689][ T6260] ? __x64_sys_mmap+0x125/0x190 [ 123.517752][ T6260] ? do_syscall_64+0xcd/0xf80 [ 123.517780][ T6260] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.517816][ T6260] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 123.517867][ T6260] ? policy_nodemask+0xea/0x4e0 [ 123.517920][ T6260] alloc_pages_mpol+0x1fb/0x550 [ 123.517967][ T6260] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 123.518030][ T6260] alloc_pages_noprof+0x131/0x390 [ 123.518081][ T6260] pte_alloc_one+0x1e/0x3d0 [ 123.518127][ T6260] __pte_alloc+0x6d/0x3f0 [ 123.518171][ T6260] ? __pfx___pte_alloc+0x10/0x10 [ 123.518217][ T6260] ? do_raw_spin_lock+0x12c/0x2b0 [ 123.518253][ T6260] ? find_held_lock+0x2b/0x80 [ 123.518294][ T6260] do_anonymous_page+0x1092/0x2190 [ 123.518330][ T6260] ? do_raw_spin_unlock+0x172/0x230 [ 123.518368][ T6260] ? _raw_spin_unlock+0x28/0x50 [ 123.518413][ T6260] ? __pmd_alloc+0x6aa/0x9c0 [ 123.518465][ T6260] __handle_mm_fault+0x1ecf/0x2bb0 [ 123.518511][ T6260] ? __pfx___handle_mm_fault+0x10/0x10 [ 123.518579][ T6260] handle_mm_fault+0x3fe/0xad0 [ 123.518621][ T6260] __get_user_pages+0x54e/0x3590 [ 123.518685][ T6260] ? __pfx___get_user_pages+0x10/0x10 [ 123.518759][ T6260] populate_vma_page_range+0x267/0x3f0 [ 123.518814][ T6260] ? __pfx_populate_vma_page_range+0x10/0x10 [ 123.518866][ T6260] ? __pfx_find_vma_intersection+0x10/0x10 [ 123.518917][ T6260] ? do_mmap+0x69c/0x1210 [ 123.518970][ T6260] __mm_populate+0x1d8/0x380 [ 123.519024][ T6260] ? __pfx___mm_populate+0x10/0x10 [ 123.519079][ T6260] ? up_write+0x282/0x4e0 [ 123.519118][ T6260] vm_mmap_pgoff+0x37f/0x470 [ 123.519169][ T6260] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 123.519224][ T6260] ? __x64_sys_futex+0x1e0/0x4c0 [ 123.519259][ T6260] ? __x64_sys_futex+0x1e9/0x4c0 [ 123.519302][ T6260] ksys_mmap_pgoff+0x7d/0x5c0 [ 123.519349][ T6260] ? xfd_validate_state+0x61/0x180 [ 123.519377][ T6260] ? __pfx_ksys_write+0x10/0x10 [ 123.519431][ T6260] __x64_sys_mmap+0x125/0x190 [ 123.519470][ T6260] do_syscall_64+0xcd/0xf80 [ 123.519501][ T6260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.519535][ T6260] RIP: 0033:0x7fa84c38f7c9 [ 123.519562][ T6260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.519593][ T6260] RSP: 002b:00007fa84d2d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 123.519625][ T6260] RAX: ffffffffffffffda RBX: 00007fa84c5e5fa0 RCX: 00007fa84c38f7c9 [ 123.519646][ T6260] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 123.519666][ T6260] RBP: 00007fa84c413f91 R08: 0000000000000002 R09: 0000000000008000 [ 123.519686][ T6260] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 123.519724][ T6260] R13: 00007fa84c5e6038 R14: 00007fa84c5e5fa0 R15: 00007ffe2447ed88 [ 123.519769][ T6260] [ 124.875733][ T6283] binder: 6282:6283 unknown command 668977 [ 124.897874][ T6283] binder: 6282:6283 ioctl c0306201 0 returned -22 [ 125.070833][ T6295] netlink: 20 bytes leftover after parsing attributes in process `syz.0.155'. [ 125.163593][ T6289] zswap: compressor not available [ 126.104073][ T6323] lo: entered allmulticast mode [ 126.143102][ T6326] process 'syz.1.168' launched ':,' with NULL argv: empty string added [ 126.148968][ T6322] lo: left allmulticast mode [ 128.035265][ T6382] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 128.205463][ T6384] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 128.397106][ T6393] FAULT_INJECTION: forcing a failure. [ 128.397106][ T6393] name failslab, interval 1, probability 0, space 0, times 0 [ 128.422872][ T6393] CPU: 0 UID: 0 PID: 6393 Comm: syz.0.197 Not tainted syzkaller #0 PREEMPT(full) [ 128.422919][ T6393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 128.422939][ T6393] Call Trace: [ 128.422950][ T6393] [ 128.422962][ T6393] dump_stack_lvl+0x16c/0x1f0 [ 128.423019][ T6393] should_fail_ex+0x512/0x640 [ 128.423056][ T6393] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 128.423101][ T6393] should_failslab+0xc2/0x120 [ 128.423151][ T6393] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 128.423191][ T6393] ? __pfx_chacha_block_generic+0x10/0x10 [ 128.423229][ T6393] ? sock_alloc_inode+0x25/0x1c0 [ 128.423285][ T6393] ? __pfx_sock_alloc_inode+0x10/0x10 [ 128.423333][ T6393] ? sock_alloc_inode+0x25/0x1c0 [ 128.423381][ T6393] sock_alloc_inode+0x25/0x1c0 [ 128.423439][ T6393] alloc_inode+0x64/0x240 [ 128.423477][ T6393] sock_alloc+0x40/0x280 [ 128.423525][ T6393] __sock_create+0xc2/0x8a0 [ 128.423565][ T6393] udp_sock_create4+0xa6/0x450 [ 128.423596][ T6393] ? __pfx_udp_sock_create4+0x10/0x10 [ 128.423631][ T6393] ? lockdep_hardirqs_on+0x7c/0x110 [ 128.423682][ T6393] ? crng_make_state+0x48e/0x6c0 [ 128.423720][ T6393] rxrpc_open_socket+0x4f5/0x6b0 [ 128.423759][ T6393] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 128.423824][ T6393] ? rcu_is_watching+0x12/0xc0 [ 128.423873][ T6393] rxrpc_lookup_local+0xa01/0x1220 [ 128.423919][ T6393] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 128.423962][ T6393] ? __local_bh_enable_ip+0xa4/0x120 [ 128.424013][ T6393] rxrpc_sendmsg+0x37e/0x680 [ 128.424061][ T6393] sock_write_iter+0x566/0x610 [ 128.424094][ T6393] ? __pfx_sock_write_iter+0x10/0x10 [ 128.424140][ T6393] ? bpf_lsm_file_permission+0x9/0x10 [ 128.424178][ T6393] ? security_file_permission+0x71/0x210 [ 128.424221][ T6393] ? rw_verify_area+0xcf/0x6c0 [ 128.424267][ T6393] vfs_write+0x7d3/0x11d0 [ 128.424314][ T6393] ? __pfx_sock_write_iter+0x10/0x10 [ 128.424350][ T6393] ? __pfx_vfs_write+0x10/0x10 [ 128.424397][ T6393] ? find_held_lock+0x2b/0x80 [ 128.424466][ T6393] ksys_write+0x1f8/0x250 [ 128.424510][ T6393] ? __pfx_ksys_write+0x10/0x10 [ 128.424568][ T6393] do_syscall_64+0xcd/0xf80 [ 128.424599][ T6393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.424632][ T6393] RIP: 0033:0x7f1f0e78f7c9 [ 128.424658][ T6393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.424687][ T6393] RSP: 002b:00007f1f0c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 128.424717][ T6393] RAX: ffffffffffffffda RBX: 00007f1f0e9e5fa0 RCX: 00007f1f0e78f7c9 [ 128.424738][ T6393] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 128.424757][ T6393] RBP: 00007f1f0e813f91 R08: 0000000000000000 R09: 0000000000000000 [ 128.424775][ T6393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.424794][ T6393] R13: 00007f1f0e9e6038 R14: 00007f1f0e9e5fa0 R15: 00007ffe714540f8 [ 128.424838][ T6393] [ 128.426225][ T6393] socket: no more sockets [ 130.281606][ T6441] FAULT_INJECTION: forcing a failure. [ 130.281606][ T6441] name failslab, interval 1, probability 0, space 0, times 0 [ 130.294607][ T6441] CPU: 1 UID: 0 PID: 6441 Comm: syz.3.216 Not tainted syzkaller #0 PREEMPT(full) [ 130.294646][ T6441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 130.294664][ T6441] Call Trace: [ 130.294673][ T6441] [ 130.294684][ T6441] dump_stack_lvl+0x16c/0x1f0 [ 130.294737][ T6441] should_fail_ex+0x512/0x640 [ 130.294771][ T6441] ? kmem_cache_alloc_noprof+0x62/0x770 [ 130.294813][ T6441] should_failslab+0xc2/0x120 [ 130.294860][ T6441] kmem_cache_alloc_noprof+0x83/0x770 [ 130.294898][ T6441] ? prepare_creds+0x2c/0x940 [ 130.294941][ T6441] ? prepare_creds+0x2c/0x940 [ 130.294974][ T6441] prepare_creds+0x2c/0x940 [ 130.295013][ T6441] join_session_keyring+0x17/0x340 [ 130.295052][ T6441] __do_sys_keyctl+0x482/0x590 [ 130.295086][ T6441] do_syscall_64+0xcd/0xf80 [ 130.295117][ T6441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.295149][ T6441] RIP: 0033:0x7fa84c38f7c9 [ 130.295174][ T6441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.295204][ T6441] RSP: 002b:00007fa84d2d4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 130.295236][ T6441] RAX: ffffffffffffffda RBX: 00007fa84c5e5fa0 RCX: 00007fa84c38f7c9 [ 130.295257][ T6441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 130.295277][ T6441] RBP: 00007fa84c413f91 R08: 000000000000000c R09: 0000000000000000 [ 130.295296][ T6441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.295315][ T6441] R13: 00007fa84c5e6038 R14: 00007fa84c5e5fa0 R15: 00007ffe2447ed88 [ 130.295358][ T6441] [ 131.293651][ T2953] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.410902][ T2953] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.530938][ T2953] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.667295][ T2953] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.840287][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 131.856060][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 131.865359][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 131.874790][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 131.886269][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 132.251265][ T2953] bridge_slave_1: left allmulticast mode [ 132.257259][ T2953] bridge_slave_1: left promiscuous mode [ 132.267737][ T2953] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.292827][ T2953] bridge_slave_0: left allmulticast mode [ 132.299006][ T2953] bridge_slave_0: left promiscuous mode [ 132.305417][ T2953] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.093080][ T2953] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 133.137151][ T2953] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 133.152675][ T2953] bond0 (unregistering): Released all slaves [ 133.527425][ T6507] block nbd8: shutting down sockets [ 133.933405][ T5847] Bluetooth: hci1: command tx timeout [ 133.951930][ T6465] chnl_net:caif_netlink_parms(): no params data found [ 134.157386][ T2953] hsr_slave_0: left promiscuous mode [ 134.218129][ T2953] hsr_slave_1: left promiscuous mode [ 134.238796][ T2953] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 134.257182][ T2953] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 134.292481][ T2953] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 134.299953][ T2953] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 134.390320][ T2953] veth1_macvtap: left promiscuous mode [ 134.396290][ T2953] veth0_macvtap: left promiscuous mode [ 134.403095][ T2953] veth1_vlan: left promiscuous mode [ 134.408641][ T2953] veth0_vlan: left promiscuous mode [ 135.501000][ T2953] team0 (unregistering): Port device team_slave_1 removed [ 135.553305][ T2953] team0 (unregistering): Port device team_slave_0 removed [ 135.562910][ T6562] mtrr: base(0x1000) is not aligned on a size(0x0000) boundary [ 136.002167][ T5847] Bluetooth: hci1: command tx timeout [ 136.272311][ T6465] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.279635][ T6465] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.301390][ T6465] bridge_slave_0: entered allmulticast mode [ 136.320433][ T6465] bridge_slave_0: entered promiscuous mode [ 136.352286][ T6465] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.386635][ T6465] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.414735][ T6465] bridge_slave_1: entered allmulticast mode [ 136.435252][ T6465] bridge_slave_1: entered promiscuous mode [ 136.526832][ T6584] FAULT_INJECTION: forcing a failure. [ 136.526832][ T6584] name failslab, interval 1, probability 0, space 0, times 0 [ 136.551880][ T6584] CPU: 1 UID: 0 PID: 6584 Comm: syz.3.264 Not tainted syzkaller #0 PREEMPT(full) [ 136.551923][ T6584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 136.551941][ T6584] Call Trace: [ 136.551952][ T6584] [ 136.551964][ T6584] dump_stack_lvl+0x16c/0x1f0 [ 136.552022][ T6584] should_fail_ex+0x512/0x640 [ 136.552059][ T6584] ? __kmalloc_cache_noprof+0x5f/0x800 [ 136.552102][ T6584] should_failslab+0xc2/0x120 [ 136.552152][ T6584] __kmalloc_cache_noprof+0x80/0x800 [ 136.552189][ T6584] ? __do_sys_close_range+0x278/0x730 [ 136.552237][ T6584] ? __do_sys_memfd_create+0x18e/0xba0 [ 136.552279][ T6584] ? __do_sys_memfd_create+0x18e/0xba0 [ 136.552313][ T6584] __do_sys_memfd_create+0x18e/0xba0 [ 136.552357][ T6584] do_syscall_64+0xcd/0xf80 [ 136.552388][ T6584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.552419][ T6584] RIP: 0033:0x7fa84c38f7c9 [ 136.552444][ T6584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.552475][ T6584] RSP: 002b:00007fa84d2d4038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 136.552506][ T6584] RAX: ffffffffffffffda RBX: 00007fa84c5e5fa0 RCX: 00007fa84c38f7c9 [ 136.552526][ T6584] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000 [ 136.552545][ T6584] RBP: 00007fa84c413f91 R08: 0000000000000000 R09: 0000000000000000 [ 136.552564][ T6584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.552583][ T6584] R13: 00007fa84c5e6038 R14: 00007fa84c5e5fa0 R15: 00007ffe2447ed88 [ 136.552626][ T6584] [ 136.731153][ T6465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 136.744362][ T6465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 136.789993][ T6465] team0: Port device team_slave_0 added [ 136.805065][ T6465] team0: Port device team_slave_1 added [ 136.849191][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.856335][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 136.885961][ T6465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.900188][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 136.908592][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 136.951856][ T6465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 137.127894][ T6465] hsr_slave_0: entered promiscuous mode [ 137.148581][ T6465] hsr_slave_1: entered promiscuous mode [ 137.164826][ T6465] debugfs: 'hsr0' already exists in 'hsr' [ 137.172268][ T6465] Cannot create hsr debugfs directory [ 138.077516][ T5847] Bluetooth: hci1: command tx timeout [ 139.758237][ T6675] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 140.058224][ T6688] netlink: 346 bytes leftover after parsing attributes in process `syz.0.289'. [ 140.151700][ T5847] Bluetooth: hci1: command tx timeout [ 140.353024][ T6700] FAULT_INJECTION: forcing a failure. [ 140.353024][ T6700] name failslab, interval 1, probability 0, space 0, times 0 [ 140.388792][ T6700] CPU: 1 UID: 0 PID: 6700 Comm: syz.0.293 Not tainted syzkaller #0 PREEMPT(full) [ 140.388837][ T6700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 140.388857][ T6700] Call Trace: [ 140.388868][ T6700] [ 140.388880][ T6700] dump_stack_lvl+0x16c/0x1f0 [ 140.388939][ T6700] should_fail_ex+0x512/0x640 [ 140.388974][ T6700] ? kmem_cache_alloc_noprof+0x62/0x770 [ 140.389018][ T6700] should_failslab+0xc2/0x120 [ 140.389070][ T6700] kmem_cache_alloc_noprof+0x83/0x770 [ 140.389106][ T6700] ? net_alloc_generic+0x1e/0x70 [ 140.389149][ T6700] ? copy_net_ns+0xe8/0x7c0 [ 140.389206][ T6700] ? copy_net_ns+0xe8/0x7c0 [ 140.389252][ T6700] copy_net_ns+0xe8/0x7c0 [ 140.389296][ T6700] ? copy_cgroup_ns+0x71/0x980 [ 140.389331][ T6700] create_new_namespaces+0x3ea/0xab0 [ 140.389386][ T6700] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 140.389444][ T6700] ksys_unshare+0x45b/0xa40 [ 140.389496][ T6700] ? __pfx_ksys_unshare+0x10/0x10 [ 140.389556][ T6700] ? xfd_validate_state+0x61/0x180 [ 140.389597][ T6700] __x64_sys_unshare+0x31/0x40 [ 140.389625][ T6700] do_syscall_64+0xcd/0xf80 [ 140.389657][ T6700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.389690][ T6700] RIP: 0033:0x7f1f0e78f7c9 [ 140.389715][ T6700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.389746][ T6700] RSP: 002b:00007f1f0c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 140.389777][ T6700] RAX: ffffffffffffffda RBX: 00007f1f0e9e5fa0 RCX: 00007f1f0e78f7c9 [ 140.389797][ T6700] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 140.389817][ T6700] RBP: 00007f1f0e813f91 R08: 0000000000000000 R09: 0000000000000000 [ 140.389837][ T6700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 140.389856][ T6700] R13: 00007f1f0e9e6038 R14: 00007f1f0e9e5fa0 R15: 00007ffe714540f8 [ 140.389900][ T6700] [ 142.523593][ T6767] netlink: 472 bytes leftover after parsing attributes in process `syz.0.318'. [ 142.912246][ T6780] FAULT_INJECTION: forcing a failure. [ 142.912246][ T6780] name failslab, interval 1, probability 0, space 0, times 0 [ 142.925989][ T6780] CPU: 0 UID: 0 PID: 6780 Comm: syz.0.324 Not tainted syzkaller #0 PREEMPT(full) [ 142.926032][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 142.926051][ T6780] Call Trace: [ 142.926061][ T6780] [ 142.926073][ T6780] dump_stack_lvl+0x16c/0x1f0 [ 142.926132][ T6780] should_fail_ex+0x512/0x640 [ 142.926166][ T6780] ? kmem_cache_alloc_noprof+0x62/0x770 [ 142.926211][ T6780] should_failslab+0xc2/0x120 [ 142.926261][ T6780] kmem_cache_alloc_noprof+0x83/0x770 [ 142.926312][ T6780] ? alloc_uid+0x13d/0x4c0 [ 142.926368][ T6780] ? alloc_uid+0x13d/0x4c0 [ 142.926413][ T6780] alloc_uid+0x13d/0x4c0 [ 142.926462][ T6780] ? __pfx_alloc_uid+0x10/0x10 [ 142.926511][ T6780] ? bpf_lsm_capable+0x9/0x10 [ 142.926554][ T6780] ? security_capable+0x7e/0x260 [ 142.926613][ T6780] __sys_setuid+0x1cc/0x440 [ 142.926657][ T6780] do_syscall_64+0xcd/0xf80 [ 142.926689][ T6780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.926720][ T6780] RIP: 0033:0x7f1f0e78f7c9 [ 142.926745][ T6780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.926775][ T6780] RSP: 002b:00007f1f0c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 142.926805][ T6780] RAX: ffffffffffffffda RBX: 00007f1f0e9e5fa0 RCX: 00007f1f0e78f7c9 [ 142.926826][ T6780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 142.926844][ T6780] RBP: 00007f1f0e813f91 R08: 0000000000000000 R09: 0000000000000000 [ 142.926864][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 142.926882][ T6780] R13: 00007f1f0e9e6038 R14: 00007f1f0e9e5fa0 R15: 00007ffe714540f8 [ 142.926925][ T6780] [ 143.170970][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.177712][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.673576][ T6788] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 143.915689][ T6793] ======================================================= [ 143.915689][ T6793] WARNING: The mand mount option has been deprecated and [ 143.915689][ T6793] and is ignored by this kernel. Remove the mand [ 143.915689][ T6793] option from the mount to silence this warning. [ 143.915689][ T6793] ======================================================= [ 144.501681][ T6810] FAULT_INJECTION: forcing a failure. [ 144.501681][ T6810] name failslab, interval 1, probability 0, space 0, times 0 [ 144.520332][ T6810] CPU: 0 UID: 0 PID: 6810 Comm: syz.0.337 Not tainted syzkaller #0 PREEMPT(full) [ 144.520375][ T6810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 144.520392][ T6810] Call Trace: [ 144.520401][ T6810] [ 144.520413][ T6810] dump_stack_lvl+0x16c/0x1f0 [ 144.520468][ T6810] should_fail_ex+0x512/0x640 [ 144.520500][ T6810] ? kmem_cache_alloc_noprof+0x62/0x770 [ 144.520542][ T6810] should_failslab+0xc2/0x120 [ 144.520592][ T6810] kmem_cache_alloc_noprof+0x83/0x770 [ 144.520627][ T6810] ? copy_fs_struct+0x49/0x340 [ 144.520670][ T6810] ? copy_fs_struct+0x49/0x340 [ 144.520703][ T6810] copy_fs_struct+0x49/0x340 [ 144.520744][ T6810] ksys_unshare+0x356/0xa40 [ 144.520804][ T6810] ? __pfx_ksys_unshare+0x10/0x10 [ 144.520871][ T6810] __x64_sys_unshare+0x31/0x40 [ 144.520904][ T6810] do_syscall_64+0xcd/0xf80 [ 144.520927][ T6810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.520951][ T6810] RIP: 0033:0x7f1f0e78f7c9 [ 144.520968][ T6810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.520990][ T6810] RSP: 002b:00007f1f0c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 144.521011][ T6810] RAX: ffffffffffffffda RBX: 00007f1f0e9e5fa0 RCX: 00007f1f0e78f7c9 [ 144.521025][ T6810] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 144.521039][ T6810] RBP: 00007f1f0e813f91 R08: 0000000000000000 R09: 0000000000000000 [ 144.521052][ T6810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.521065][ T6810] R13: 00007f1f0e9e6038 R14: 00007f1f0e9e5fa0 R15: 00007ffe714540f8 [ 144.521095][ T6810] [ 145.239663][ T6828] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 145.860659][ T1340] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.952294][ T1340] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.043989][ T1340] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.152950][ T1340] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.252157][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 146.266610][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 146.276019][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 146.291793][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 146.299866][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 146.393029][ T1340] bridge_slave_1: left allmulticast mode [ 146.399030][ T1340] bridge_slave_1: left promiscuous mode [ 146.404979][ T1340] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.416442][ T1340] bridge_slave_0: left allmulticast mode [ 146.425249][ T1340] bridge_slave_0: left promiscuous mode [ 146.431579][ T1340] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.770989][ T1340] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 146.782770][ T1340] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 146.793214][ T1340] bond0 (unregistering): Released all slaves [ 147.142830][ T1340] hsr_slave_0: left promiscuous mode [ 147.154168][ T1340] hsr_slave_1: left promiscuous mode [ 147.162552][ T1340] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.171816][ T1340] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.181243][ T1340] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 147.189145][ T1340] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.218078][ T1340] veth1_macvtap: left promiscuous mode [ 147.224525][ T1340] veth0_macvtap: left promiscuous mode [ 147.230253][ T1340] veth1_vlan: left promiscuous mode [ 147.238056][ T1340] veth0_vlan: left promiscuous mode [ 147.758132][ T1340] team0 (unregistering): Port device team_slave_1 removed [ 147.792761][ T1340] team0 (unregistering): Port device team_slave_0 removed [ 148.181714][ T6850] chnl_net:caif_netlink_parms(): no params data found [ 148.337460][ T5847] Bluetooth: hci3: command tx timeout [ 148.358962][ T6850] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.366845][ T6850] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.374567][ T6850] bridge_slave_0: entered allmulticast mode [ 148.383498][ T6850] bridge_slave_0: entered promiscuous mode [ 148.392869][ T6850] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.400579][ T6850] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.408601][ T6850] bridge_slave_1: entered allmulticast mode [ 148.416783][ T6850] bridge_slave_1: entered promiscuous mode [ 148.469570][ T6850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 148.486122][ T6850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 148.532571][ T6850] team0: Port device team_slave_0 added [ 148.544189][ T6850] team0: Port device team_slave_1 added [ 148.597818][ T6850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 148.605276][ T6850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 148.632806][ T6850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 148.648452][ T6850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 148.655554][ T6850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 148.682293][ T6850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 148.754806][ T6850] hsr_slave_0: entered promiscuous mode [ 148.764535][ T6850] hsr_slave_1: entered promiscuous mode [ 148.771994][ T6850] debugfs: 'hsr0' already exists in 'hsr' [ 148.778625][ T6850] Cannot create hsr debugfs directory [ 150.407428][ T5847] Bluetooth: hci3: command tx timeout [ 152.476082][ T5847] Bluetooth: hci3: command tx timeout [ 153.333472][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 153.345443][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 153.363220][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 153.381872][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 153.394302][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 153.591512][ T6927] chnl_net:caif_netlink_parms(): no params data found [ 153.712056][ T6927] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.719766][ T6927] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.727571][ T6927] bridge_slave_0: entered allmulticast mode [ 153.736226][ T6927] bridge_slave_0: entered promiscuous mode [ 153.746474][ T6927] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.755818][ T6927] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.766943][ T6927] bridge_slave_1: entered allmulticast mode [ 153.775748][ T6927] bridge_slave_1: entered promiscuous mode [ 153.818586][ T6927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 153.833520][ T6927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.884390][ T6927] team0: Port device team_slave_0 added [ 153.895666][ T6927] team0: Port device team_slave_1 added [ 153.940610][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 153.949201][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 153.976777][ T6927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 153.991871][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 153.999500][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 154.026954][ T6927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 154.093585][ T6927] hsr_slave_0: entered promiscuous mode [ 154.100315][ T6927] hsr_slave_1: entered promiscuous mode [ 154.106572][ T6927] debugfs: 'hsr0' already exists in 'hsr' [ 154.115231][ T6927] Cannot create hsr debugfs directory [ 154.545479][ T5838] Bluetooth: hci3: command tx timeout [ 155.420807][ T5838] Bluetooth: hci4: command tx timeout [ 157.490043][ T5838] Bluetooth: hci4: command tx timeout [ 159.559195][ T5838] Bluetooth: hci4: command tx timeout [ 161.628357][ T5838] Bluetooth: hci4: command tx timeout [ 191.845541][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 191.854137][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 191.862708][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 191.872240][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 191.880612][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 192.064990][ T7007] chnl_net:caif_netlink_parms(): no params data found [ 192.153960][ T7007] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.161388][ T7007] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.168623][ T7007] bridge_slave_0: entered allmulticast mode [ 192.176366][ T7007] bridge_slave_0: entered promiscuous mode [ 192.187545][ T7007] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.195074][ T7007] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.202697][ T7007] bridge_slave_1: entered allmulticast mode [ 192.210913][ T7007] bridge_slave_1: entered promiscuous mode [ 192.245002][ T7007] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.258448][ T7007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.296627][ T7007] team0: Port device team_slave_0 added [ 192.304887][ T7007] team0: Port device team_slave_1 added [ 192.334879][ T7007] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.341949][ T7007] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.368744][ T7007] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.381403][ T7007] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.389319][ T7007] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 192.415681][ T7007] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.467185][ T7007] hsr_slave_0: entered promiscuous mode [ 192.474206][ T7007] hsr_slave_1: entered promiscuous mode [ 192.480927][ T7007] debugfs: 'hsr0' already exists in 'hsr' [ 192.486696][ T7007] Cannot create hsr debugfs directory [ 193.940543][ T5838] Bluetooth: hci2: command tx timeout [ 196.009748][ T5838] Bluetooth: hci2: command tx timeout [ 198.078880][ T5838] Bluetooth: hci2: command tx timeout [ 200.148124][ T5838] Bluetooth: hci2: command tx timeout [ 204.290951][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.297387][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 206.335349][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 206.346069][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 206.355058][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 206.364938][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 206.373977][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 206.548263][ T7023] chnl_net:caif_netlink_parms(): no params data found [ 206.638734][ T7023] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.646027][ T7023] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.653810][ T7023] bridge_slave_0: entered allmulticast mode [ 206.662214][ T7023] bridge_slave_0: entered promiscuous mode [ 206.671101][ T7023] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.678704][ T7023] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.686168][ T7023] bridge_slave_1: entered allmulticast mode [ 206.693519][ T7023] bridge_slave_1: entered promiscuous mode [ 206.727502][ T7023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.739853][ T7023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.774366][ T7023] team0: Port device team_slave_0 added [ 206.786532][ T7023] team0: Port device team_slave_1 added [ 206.816015][ T7023] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.823011][ T7023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 206.849530][ T7023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.864289][ T7023] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.871270][ T7023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 206.897379][ T7023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.950001][ T7023] hsr_slave_0: entered promiscuous mode [ 206.957574][ T7023] hsr_slave_1: entered promiscuous mode [ 206.964052][ T7023] debugfs: 'hsr0' already exists in 'hsr' [ 206.969794][ T7023] Cannot create hsr debugfs directory [ 208.425106][ T5838] Bluetooth: hci5: command tx timeout [ 210.494313][ T5838] Bluetooth: hci5: command tx timeout [ 212.563504][ T5838] Bluetooth: hci5: command tx timeout [ 213.342179][ T5847] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 213.351760][ T5847] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 213.361704][ T5847] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 213.372244][ T5847] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 213.380428][ T5847] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 213.561360][ T7033] chnl_net:caif_netlink_parms(): no params data found [ 213.646491][ T7033] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.653876][ T7033] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.661497][ T7033] bridge_slave_0: entered allmulticast mode [ 213.669196][ T7033] bridge_slave_0: entered promiscuous mode [ 213.679019][ T7033] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.686236][ T7033] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.693867][ T7033] bridge_slave_1: entered allmulticast mode [ 213.701398][ T7033] bridge_slave_1: entered promiscuous mode [ 213.736940][ T7033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 213.749718][ T7033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.784525][ T7033] team0: Port device team_slave_0 added [ 213.792963][ T7033] team0: Port device team_slave_1 added [ 213.822628][ T7033] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.829676][ T7033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 213.855825][ T7033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.869243][ T7033] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.876210][ T7033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 213.902972][ T7033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.954370][ T7033] hsr_slave_0: entered promiscuous mode [ 213.961003][ T7033] hsr_slave_1: entered promiscuous mode [ 213.967762][ T7033] debugfs: 'hsr0' already exists in 'hsr' [ 213.973510][ T7033] Cannot create hsr debugfs directory [ 214.632777][ T5847] Bluetooth: hci5: command tx timeout [ 215.438626][ T5847] Bluetooth: hci6: command tx timeout [ 217.497891][ T5847] Bluetooth: hci6: command tx timeout [ 219.578241][ T5847] Bluetooth: hci6: command tx timeout [ 221.636537][ T5847] Bluetooth: hci6: command tx timeout [ 226.729836][ T5838] Bluetooth: hci0: command 0x0406 tx timeout [ 251.851078][ T5838] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 251.860964][ T5838] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 251.869208][ T5838] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 251.877410][ T5838] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 251.887433][ T5838] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 252.068439][ T7044] chnl_net:caif_netlink_parms(): no params data found [ 252.156573][ T7044] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.163969][ T7044] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.171487][ T7044] bridge_slave_0: entered allmulticast mode [ 252.179112][ T7044] bridge_slave_0: entered promiscuous mode [ 252.188869][ T7044] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.196118][ T7044] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.203680][ T7044] bridge_slave_1: entered allmulticast mode [ 252.212234][ T7044] bridge_slave_1: entered promiscuous mode [ 252.245652][ T7044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.258484][ T7044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.294153][ T7044] team0: Port device team_slave_0 added [ 252.302583][ T7044] team0: Port device team_slave_1 added [ 252.332911][ T7044] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.339934][ T7044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 252.366482][ T7044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.379323][ T7044] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.386572][ T7044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 252.413370][ T7044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.468109][ T7044] hsr_slave_0: entered promiscuous mode [ 252.474661][ T7044] hsr_slave_1: entered promiscuous mode [ 252.481712][ T7044] debugfs: 'hsr0' already exists in 'hsr' [ 252.487834][ T7044] Cannot create hsr debugfs directory [ 253.948421][ T5847] Bluetooth: hci7: command tx timeout [ 256.017528][ T5838] Bluetooth: hci7: command tx timeout [ 257.291046][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 258.086765][ T5847] Bluetooth: hci7: command tx timeout [ 260.156152][ T5847] Bluetooth: hci7: command tx timeout [ 265.412909][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.419466][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.815147][ T5838] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 266.825479][ T5838] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 266.834436][ T5838] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 266.843009][ T5838] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 266.852100][ T5838] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 267.038909][ T7061] chnl_net:caif_netlink_parms(): no params data found [ 267.129497][ T7061] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.136897][ T7061] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.144335][ T7061] bridge_slave_0: entered allmulticast mode [ 267.153232][ T7061] bridge_slave_0: entered promiscuous mode [ 267.163115][ T7061] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.170991][ T7061] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.178254][ T7061] bridge_slave_1: entered allmulticast mode [ 267.185899][ T7061] bridge_slave_1: entered promiscuous mode [ 267.218190][ T7061] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.231256][ T7061] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 267.266735][ T7061] team0: Port device team_slave_0 added [ 267.275115][ T7061] team0: Port device team_slave_1 added [ 267.304175][ T7061] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.311191][ T7061] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 267.338078][ T7061] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.351498][ T7061] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.358698][ T7061] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 267.385106][ T7061] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.435464][ T7061] hsr_slave_0: entered promiscuous mode [ 267.442794][ T7061] hsr_slave_1: entered promiscuous mode [ 267.449266][ T7061] debugfs: 'hsr0' already exists in 'hsr' [ 267.455013][ T7061] Cannot create hsr debugfs directory [ 268.910559][ T5838] Bluetooth: hci8: command tx timeout [ 270.979900][ T5847] Bluetooth: hci8: command tx timeout [ 272.573348][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 273.058911][ T5838] Bluetooth: hci8: command tx timeout [ 273.811304][ T5847] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 273.820258][ T5847] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 273.828287][ T5847] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 273.837309][ T5847] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 273.847928][ T5847] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 274.037854][ T7072] chnl_net:caif_netlink_parms(): no params data found [ 274.130224][ T7072] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.137621][ T7072] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.144998][ T7072] bridge_slave_0: entered allmulticast mode [ 274.152486][ T7072] bridge_slave_0: entered promiscuous mode [ 274.160871][ T7072] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.172246][ T7072] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.179639][ T7072] bridge_slave_1: entered allmulticast mode [ 274.190806][ T7072] bridge_slave_1: entered promiscuous mode [ 274.223654][ T7072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.236115][ T7072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 274.271795][ T7072] team0: Port device team_slave_0 added [ 274.280318][ T7072] team0: Port device team_slave_1 added [ 274.310990][ T7072] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 274.318040][ T7072] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 274.344235][ T7072] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 274.357854][ T7072] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 274.365260][ T7072] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 274.391377][ T7072] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 274.443054][ T7072] hsr_slave_0: entered promiscuous mode [ 274.450007][ T7072] hsr_slave_1: entered promiscuous mode [ 274.456729][ T7072] debugfs: 'hsr0' already exists in 'hsr' [ 274.462569][ T7072] Cannot create hsr debugfs directory [ 275.118356][ T5847] Bluetooth: hci8: command tx timeout [ 275.914219][ T5838] Bluetooth: hci9: command tx timeout [ 277.664963][ T5838] Bluetooth: hci4: command 0x0406 tx timeout [ 277.983599][ T5847] Bluetooth: hci9: command tx timeout [ 280.052910][ T5847] Bluetooth: hci9: command tx timeout [ 282.121865][ T5847] Bluetooth: hci9: command tx timeout [ 282.599496][ T31] INFO: task syz-executor:6465 blocked for more than 143 seconds. [ 282.607715][ T31] Not tainted syzkaller #0 [ 282.612829][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 282.621589][ T31] task:syz-executor state:D stack:23576 pid:6465 tgid:6465 ppid:1 task_flags:0x480140 flags:0x00080002 [ 282.634557][ T31] Call Trace: [ 282.637863][ T31] [ 282.641941][ T31] ? __schedule+0x10b9/0x6150 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 282.647219][ T31] __schedule+0x1139/0x6150 [ 282.651896][ T31] ? __lock_acquire+0x436/0x2890 [ 282.657832][ T31] ? __pfx___schedule+0x10/0x10 [ 282.663084][ T31] ? find_held_lock+0x2b/0x80 [ 282.667837][ T31] ? schedule+0x2d7/0x3a0 [ 282.672322][ T31] schedule+0xe7/0x3a0 [ 282.676462][ T31] schedule_timeout+0x257/0x290 [ 282.681452][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 282.686898][ T31] ? mark_held_locks+0x49/0x80 [ 282.691776][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 282.697137][ T31] __wait_for_common+0x2fc/0x4e0 [ 282.702220][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 282.708284][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 282.713925][ T31] remove_one+0x312/0x420 [ 282.718306][ T31] ? find_next_child+0x18f/0x280 [ 282.724401][ T31] __simple_recursive_removal+0x15b/0x610 [ 282.758561][ T31] ? __pfx_remove_one+0x10/0x10 [ 282.763509][ T31] debugfs_remove+0x5d/0x80 [ 282.768080][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 282.812520][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 282.823897][ T31] nsim_drv_remove+0x52/0x1d0 [ 282.828741][ T31] ? __pfx_nsim_bus_remove+0x10/0x10 [ 282.834115][ T31] device_remove+0xcb/0x170 [ 282.838727][ T31] device_release_driver_internal+0x44b/0x620 [ 282.844891][ T31] bus_remove_device+0x22f/0x450 [ 282.850391][ T31] device_del+0x396/0x9f0 [ 282.854811][ T31] ? __pfx_device_del+0x10/0x10 [ 282.866516][ T31] ? __lock_acquire+0x436/0x2890 [ 282.871601][ T31] device_unregister+0x1d/0xe0 [ 282.876424][ T31] del_device_store+0x355/0x4a0 [ 282.881481][ T31] ? __pfx_del_device_store+0x10/0x10 [ 282.886921][ T31] ? find_held_lock+0x2b/0x80 [ 282.891733][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 282.896650][ T31] ? __pfx_del_device_store+0x10/0x10 [ 282.902211][ T31] bus_attr_store+0x74/0xb0 [ 282.906779][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 282.912543][ T31] sysfs_kf_write+0xf2/0x150 [ 282.917191][ T31] kernfs_fop_write_iter+0x3af/0x570 [ 282.922735][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 282.928077][ T31] vfs_write+0x7d3/0x11d0 [ 282.932452][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 282.938391][ T31] ? __pfx_vfs_write+0x10/0x10 [ 282.943216][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 282.948515][ T31] ksys_write+0x12a/0x250 [ 282.953174][ T31] ? __pfx_ksys_write+0x10/0x10 [ 282.958185][ T31] do_syscall_64+0xcd/0xf80 [ 282.962737][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.969952][ T31] RIP: 0033:0x7f507378e27f [ 282.974432][ T31] RSP: 002b:00007ffdcfc8faf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 282.982971][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f507378e27f [ 282.991096][ T31] RDX: 0000000000000001 RSI: 00007ffdcfc8fb40 RDI: 0000000000000005 [ 282.999235][ T31] RBP: 00007f50738152cb R08: 0000000000000000 R09: 00007ffdcfc8f947 [ 283.007387][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 283.015741][ T31] R13: 00007ffdcfc8fb40 R14: 00007f5074514620 R15: 0000000000000003 [ 283.023960][ T31] [ 283.027096][ T31] INFO: task syz.3.274:6622 blocked for more than 143 seconds. [ 283.034681][ T31] Not tainted syzkaller #0 [ 283.039921][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 283.048763][ T31] task:syz.3.274 state:D stack:27160 pid:6622 tgid:6621 ppid:5837 task_flags:0x400140 flags:0x00080002 [ 283.062222][ T31] Call Trace: [ 283.065554][ T31] [ 283.068579][ T31] ? __schedule+0x10b9/0x6150 [ 283.073324][ T31] __schedule+0x1139/0x6150 [ 283.079070][ T31] ? __lock_acquire+0x436/0x2890 [ 283.084092][ T31] ? __pfx___schedule+0x10/0x10 [ 283.089091][ T31] ? find_held_lock+0x2b/0x80 [ 283.093834][ T31] ? schedule+0x2d7/0x3a0 [ 283.098338][ T31] schedule+0xe7/0x3a0 [ 283.102477][ T31] schedule_preempt_disabled+0x13/0x30 [ 283.108539][ T31] __mutex_lock+0xc69/0x1ca0 [ 283.113815][ T31] ? devlink_health_report+0x6b4/0xaa0 [ 283.119530][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 283.124612][ T31] ? devlink_recover_notify.constprop.0+0x200/0x670 [ 283.131366][ T31] ? irqentry_exit+0x1dd/0x8c0 [ 283.136261][ T31] ? trace_irq_disable.constprop.0+0xd4/0x110 [ 283.142563][ T31] ? devlink_health_report+0x6b4/0xaa0 [ 283.148461][ T31] devlink_health_report+0x6b4/0xaa0 [ 283.154595][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 283.160763][ T31] ? rep_movs_alternative+0x30/0x90 [ 283.166034][ T31] ? _copy_from_user+0x59/0xd0 [ 283.170928][ T31] nsim_dev_health_break_write+0x166/0x210 [ 283.186147][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 283.192581][ T31] full_proxy_write+0x131/0x1a0 [ 283.206053][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 283.211529][ T31] vfs_writev+0x5df/0xde0 [ 283.226003][ T31] ? __pfx_vfs_writev+0x10/0x10 [ 283.230966][ T31] ? putname+0xf5/0x1a0 [ 283.235206][ T31] ? do_writev+0x132/0x340 [ 283.255990][ T31] do_writev+0x132/0x340 [ 283.260414][ T31] ? __pfx_do_writev+0x10/0x10 [ 283.265233][ T31] do_syscall_64+0xcd/0xf80 [ 283.270431][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.278017][ T31] RIP: 0033:0x7fa84c38f7c9 [ 283.282486][ T31] RSP: 002b:00007fa84d2d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 283.291569][ T31] RAX: ffffffffffffffda RBX: 00007fa84c5e5fa0 RCX: 00007fa84c38f7c9 [ 283.301334][ T31] RDX: 000000000000000b RSI: 0000200000000000 RDI: 0000000000000000 [ 283.311732][ T31] RBP: 00007fa84c413f91 R08: 0000000000000000 R09: 0000000000000000 [ 283.320315][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.328726][ T31] R13: 00007fa84c5e6038 R14: 00007fa84c5e5fa0 R15: 00007ffe2447ed88 [ 283.337092][ T31] [ 283.342341][ T31] [ 283.342341][ T31] Showing all locks held in the system: [ 283.374034][ T31] 3 locks held by kworker/0:0/9: [ 283.379448][ T31] 1 lock held by khungtaskd/31: [ 283.384342][ T31] #0: ffffffff8e3c9520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 283.400021][ T31] 2 locks held by getty/5591: [ 283.404761][ T31] #0: ffff888034ead0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 283.418765][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510 [ 283.429369][ T31] 7 locks held by syz-executor/6465: [ 283.434698][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.444271][ T31] #1: ffff888030257488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.454885][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.467207][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.487967][ T31] #4: ffff8880333eb0e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620 [ 283.499115][ T31] #5: ffff8880333ec250 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0 [ 283.510730][ T31] #6: ffff8880590b6988 (&sb->s_type->i_mutex_key#9/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 283.523324][ T31] 2 locks held by syz.3.274/6622: [ 283.531033][ T31] #0: ffff888141a88420 (sb_writers#8){.+.+}-{0:0}, at: do_writev+0x132/0x340 [ 283.544272][ T31] #1: ffff8880333ec250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_health_report+0x6b4/0xaa0 [ 283.555192][ T31] 4 locks held by syz-executor/6850: [ 283.560515][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.570079][ T31] #1: ffff88805befa888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.580061][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.590303][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.600725][ T31] 4 locks held by syz-executor/6927: [ 283.606126][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.615242][ T31] #1: ffff88805c391c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.625459][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.635681][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.646178][ T31] 4 locks held by syz-executor/7007: [ 283.651470][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.660699][ T31] #1: ffff88805c376088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.670897][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.681118][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.691513][ T31] 4 locks held by syz-executor/7023: [ 283.696885][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.706003][ T31] #1: ffff88805da7a088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.715857][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.726348][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.736847][ T31] 4 locks held by syz-executor/7033: [ 283.742177][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.751334][ T31] #1: ffff88814e71a088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.761214][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.771617][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.782089][ T31] 4 locks held by syz-executor/7044: [ 283.787455][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.796561][ T31] #1: ffff88805be4a888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.806468][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.816629][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.827335][ T31] 4 locks held by syz-executor/7061: [ 283.832721][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.841804][ T31] #1: ffff88805c9b2c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.851697][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.861862][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.872706][ T31] 4 locks held by syz-executor/7072: [ 283.878057][ T31] #0: ffff888034722420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 283.887497][ T31] #1: ffff88805c91ec88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 283.897516][ T31] #2: ffff88802846f3c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 283.907927][ T31] #3: ffffffff8f6bb3c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 283.918388][ T31] [ 283.920798][ T31] ============================================= [ 283.920798][ T31] [ 283.932203][ T31] NMI backtrace for cpu 0 [ 283.932227][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 283.932263][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 283.932280][ T31] Call Trace: [ 283.932290][ T31] [ 283.932301][ T31] dump_stack_lvl+0x116/0x1f0 [ 283.932355][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 283.932394][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 283.932427][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 283.932470][ T31] sys_info+0x133/0x180 [ 283.932501][ T31] watchdog+0xe66/0x1180 [ 283.932555][ T31] ? rcu_is_watching+0x12/0xc0 [ 283.932597][ T31] ? __pfx_watchdog+0x10/0x10 [ 283.932641][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 283.932692][ T31] ? __kthread_parkme+0x19e/0x250 [ 283.932737][ T31] ? __pfx_watchdog+0x10/0x10 [ 283.932790][ T31] kthread+0x3c5/0x780 [ 283.932818][ T31] ? __pfx_kthread+0x10/0x10 [ 283.932873][ T31] ? rcu_is_watching+0x12/0xc0 [ 283.932914][ T31] ? __pfx_kthread+0x10/0x10 [ 283.932945][ T31] ret_from_fork+0x983/0xb10 [ 283.932976][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 283.933012][ T31] ? __switch_to+0x7af/0x10d0 [ 283.933050][ T31] ? __pfx_kthread+0x10/0x10 [ 283.933082][ T31] ret_from_fork_asm+0x1a/0x30 [ 283.933147][ T31] [ 283.933160][ T31] Sending NMI from CPU 0 to CPUs 1: [ 284.069462][ C1] NMI backtrace for cpu 1 [ 284.069481][ C1] CPU: 1 UID: 0 PID: 7083 Comm: udevd Not tainted syzkaller #0 PREEMPT(full) [ 284.069510][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 284.069524][ C1] RIP: 0010:rcu_is_watching+0x6d/0xc0 [ 284.069564][ C1] Code: 48 03 1c ed 20 4f d7 8d 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 0f b6 14 02 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 04 <84> d2 75 24 8b 03 c1 e8 02 83 e0 01 65 ff 0d 00 d4 0f 12 74 07 5b [ 284.069592][ C1] RSP: 0018:ffffc900036972c0 EFLAGS: 00000206 [ 284.069611][ C1] RAX: 0000000000000003 RBX: ffff8880b85339e8 RCX: 0000000095d6bf12 [ 284.069627][ C1] RDX: 0000000000000000 RSI: ffffffff8bf2b600 RDI: ffffffff8dd74f28 [ 284.069643][ C1] RBP: 0000000000000001 R08: 00000000ceea5d17 R09: 000000007ceea5d1 [ 284.069659][ C1] R10: 0000000000000002 R11: ffff8880254866b0 R12: ffffffff81a8eb00 [ 284.069674][ C1] R13: ffffc90003697348 R14: 0000000000000000 R15: ffff888025485b80 [ 284.069690][ C1] FS: 00007f6bbf29c880(0000) GS:ffff8881249f9000(0000) knlGS:0000000000000000 [ 284.069713][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 284.069729][ C1] CR2: 00007f6bbeb98941 CR3: 000000006380a000 CR4: 00000000003526f0 [ 284.069744][ C1] Call Trace: [ 284.069751][ C1] [ 284.069761][ C1] unwind_next_frame+0xa86/0x20b0 [ 284.069794][ C1] ? do_filp_open+0x20b/0x470 [ 284.069834][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 284.069874][ C1] arch_stack_walk+0x94/0x100 [ 284.069912][ C1] ? do_filp_open+0x20b/0x470 [ 284.069952][ C1] stack_trace_save+0x8e/0xc0 [ 284.069989][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 284.070026][ C1] ? __kernel_text_address+0xd/0x40 [ 284.070056][ C1] ? __lock_acquire+0x436/0x2890 [ 284.070079][ C1] kasan_save_stack+0x33/0x60 [ 284.070112][ C1] ? kasan_save_stack+0x33/0x60 [ 284.070143][ C1] ? kasan_save_track+0x14/0x30 [ 284.070174][ C1] ? __kasan_slab_alloc+0x89/0x90 [ 284.070208][ C1] ? kmem_cache_alloc_lru_noprof+0x262/0x770 [ 284.070237][ C1] ? __d_alloc+0x35/0xa80 [ 284.070257][ C1] ? d_alloc_parallel+0x111/0x1510 [ 284.070285][ C1] ? lookup_open.isra.0+0x66c/0x1780 [ 284.070314][ C1] ? path_openat+0x12bb/0x3140 [ 284.070348][ C1] ? do_filp_open+0x20b/0x470 [ 284.070417][ C1] kasan_save_track+0x14/0x30 [ 284.070454][ C1] __kasan_slab_alloc+0x89/0x90 [ 284.070496][ C1] kmem_cache_alloc_lru_noprof+0x262/0x770 [ 284.070532][ C1] ? stack_trace_save+0x8e/0xc0 [ 284.070575][ C1] ? __d_alloc+0x35/0xa80 [ 284.070601][ C1] ? __d_alloc+0x35/0xa80 [ 284.070620][ C1] __d_alloc+0x35/0xa80 [ 284.070642][ C1] d_alloc_parallel+0x111/0x1510 [ 284.070680][ C1] ? find_held_lock+0x2b/0x80 [ 284.070711][ C1] ? __pfx_d_alloc_parallel+0x10/0x10 [ 284.070744][ C1] ? __d_lookup+0x266/0x4a0 [ 284.070778][ C1] lookup_open.isra.0+0x66c/0x1780 [ 284.070813][ C1] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 284.070856][ C1] ? lookup_fast+0x156/0x610 [ 284.070888][ C1] path_openat+0x12bb/0x3140 [ 284.070937][ C1] ? __pfx_path_openat+0x10/0x10 [ 284.070981][ C1] do_filp_open+0x20b/0x470 [ 284.071018][ C1] ? __pfx_do_filp_open+0x10/0x10 [ 284.071069][ C1] ? alloc_fd+0x471/0x7d0 [ 284.071110][ C1] do_sys_openat2+0x121/0x290 [ 284.071137][ C1] ? __pfx_do_sys_openat2+0x10/0x10 [ 284.071165][ C1] ? count_memcg_events+0x122/0x290 [ 284.071205][ C1] __x64_sys_openat+0x174/0x210 [ 284.071233][ C1] ? __pfx___x64_sys_openat+0x10/0x10 [ 284.071263][ C1] ? do_user_addr_fault+0x843/0x1370 [ 284.071297][ C1] do_syscall_64+0xcd/0xf80 [ 284.071320][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.071344][ C1] RIP: 0033:0x7f6bbeaa7407 [ 284.071362][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 284.071385][ C1] RSP: 002b:00007ffc2fc80d60 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 284.071409][ C1] RAX: ffffffffffffffda RBX: 00007f6bbf29c880 RCX: 00007f6bbeaa7407 [ 284.071427][ C1] RDX: 0000000000080000 RSI: 00007ffc2fc80ed0 RDI: ffffffffffffff9c [ 284.071445][ C1] RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000 [ 284.071460][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000555cc7c937f5 [ 284.071478][ C1] R13: 0000555cc7c937f5 R14: 0000000000000001 R15: 0000555cc7cae140 [ 284.071508][ C1] [ 284.518102][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 284.525024][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 284.534184][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 284.544289][ T31] Call Trace: [ 284.547576][ T31] [ 284.550536][ T31] dump_stack_lvl+0x3d/0x1f0 [ 284.555202][ T31] vpanic+0x640/0x6f0 [ 284.559227][ T31] panic+0xca/0xd0 [ 284.562992][ T31] ? __pfx_panic+0x10/0x10 [ 284.567445][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 284.573462][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 284.579654][ T31] ? nmi_trigger_cpumask_backtrace+0x2be/0x300 [ 284.585872][ T31] ? watchdog+0xe83/0x1180 [ 284.590351][ T31] ? watchdog+0xe76/0x1180 [ 284.594820][ T31] watchdog+0xe94/0x1180 [ 284.599125][ T31] ? rcu_is_watching+0x12/0xc0 [ 284.603945][ T31] ? __pfx_watchdog+0x10/0x10 [ 284.608672][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 284.613927][ T31] ? __kthread_parkme+0x19e/0x250 [ 284.619002][ T31] ? __pfx_watchdog+0x10/0x10 [ 284.623736][ T31] kthread+0x3c5/0x780 [ 284.627854][ T31] ? __pfx_kthread+0x10/0x10 [ 284.632498][ T31] ? rcu_is_watching+0x12/0xc0 [ 284.637312][ T31] ? __pfx_kthread+0x10/0x10 [ 284.641945][ T31] ret_from_fork+0x983/0xb10 [ 284.646567][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 284.651718][ T31] ? __switch_to+0x7af/0x10d0 [ 284.656451][ T31] ? __pfx_kthread+0x10/0x10 [ 284.661075][ T31] ret_from_fork_asm+0x1a/0x30 [ 284.665911][ T31] [ 284.669550][ T31] Kernel Offset: disabled [ 284.673893][ T31] Rebooting in 86400 seconds..