last executing test programs: 2.377526828s ago: executing program 1 (id=1613): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="13002cbd7000dddbdf251700000008000300", @ANYRES32=r2], 0x2c}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) 1.872249623s ago: executing program 1 (id=1617): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) close_range$auto(0x2, 0xa, 0x0) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') 1.832764139s ago: executing program 2 (id=1618): r0 = socket(0x1e, 0x2, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) getsockopt$auto(r0, 0x10f, 0x83, 0x0, 0x0) 1.627109124s ago: executing program 3 (id=1628): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xba8) memfd_secret$auto(0x0) ftruncate$auto(0x3, 0x700) 1.532411187s ago: executing program 2 (id=1620): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x85, 0x0) r0 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) write$auto_rfkill_fops_core(r0, 0x0, 0x700) 1.351788701s ago: executing program 0 (id=1622): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 1.351706607s ago: executing program 3 (id=1623): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x101800, 0x0) ioctl$auto(r0, 0x4b46, 0x1) 1.344713899s ago: executing program 1 (id=1624): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x20000, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x4}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.108712397s ago: executing program 3 (id=1625): pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdds\x1cJ\x99\x00:2\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0x0, 0xff}, 0x92) 1.107840221s ago: executing program 2 (id=1634): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x100000000000031, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) 1.075738234s ago: executing program 0 (id=1626): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x6, 0x4, 0x7, 0x67, 0x400, 0x0, 0x0, 0x80f0c8, 0x0, "2fc1d5cbcb9f6b5e511f0dd8d6068f65", r1, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x3ad, 0x3, 0x0, 0x3, @attach_prog_fd, 0x4, 0xffff, 0x8, 0x81, 0xfffffffe}, 0x4a) 887.26748ms ago: executing program 2 (id=1627): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(r0, 0x10e, 0x9, 0xfffffffffffffffe, 0x0) 871.646491ms ago: executing program 3 (id=1629): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/sound/ctl-led/speaker/mode\x00', 0x182, 0x0) read$auto(0x3, 0x0, 0xf3c) write$auto(r0, 0x0, 0xd149) 850.250674ms ago: executing program 0 (id=1630): close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x4, 0x0) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x4, 0x0, 0x4) 838.611394ms ago: executing program 1 (id=1631): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x24, r0, 0x13, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x80000000}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x48050) 598.88876ms ago: executing program 3 (id=1632): write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000140)="671d264add77b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763c1dbfee3f787fc87cd0f5600ac8caf4bde4c30b530ac6ebbff", 0x37) r0 = socket(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0xf8, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_OURS={0xe1, 0x3, 0x0, 0x1, [@typed={0x8, 0xc0, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x4, 0x2a}, @typed={0x4, 0x11}, @typed={0x8, 0x2e, 0x0, 0x0, @fd}, @generic="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b6cdd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014", @nested={0x10, 0x5, 0x0, 0x1, [@typed={0xc, 0xc5, 0x0, 0x0, @u64=0x3}]}, @generic="21aadf3f78e2cd52d7f733c38da99fe8ec1ead"]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 597.368447ms ago: executing program 0 (id=1633): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) 408.369284ms ago: executing program 1 (id=1635): r0 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000003640)={r0, 0x4, 0xffff}, 0x4, 0x100000) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003980)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="01032cbd7000fddbdf250a00000008000200b7b9e2214b064ba0372435e0149b1813cb185ed1b511082b13a732abab53742bc920273fa64291be63304ecca7b4d6fb12"], 0x1c}, 0x1, 0xffffffa6, 0x0, 0x20000000}, 0x40000) 366.107527ms ago: executing program 3 (id=1636): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/power/pm_freeze_timeout\x00', 0x80002, 0x0) read$auto(0x3, 0x0, 0x80) write$auto(0x3, 0x0, 0xfffffdef) 250.130075ms ago: executing program 2 (id=1637): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) 249.134952ms ago: executing program 0 (id=1638): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x100000000000035, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) 50.622588ms ago: executing program 2 (id=1639): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) clock_nanosleep$auto(0x8, 0x0, 0x0, &(0x7f00000000c0)={0x7fffffffffffffff, 0x6}) 661.501µs ago: executing program 1 (id=1640): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/audit\x00', 0x20080, 0x0) read$auto_tomoyo_operations_securityfs_if(r0, 0x0, 0x0) pread64$auto(r0, 0x0, 0xb69c, 0x2) 0s ago: executing program 0 (id=1648): openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/current_tracer\x00', 0x40482, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfdef) kernel console output (not intermixed with test programs): no interfaces have a carrier [ 70.074996][ T5497] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.089951][ T5497] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts. syzkaller login: [ 99.288267][ T5820] cgroup: Unknown subsys name 'net' [ 99.416687][ T5820] cgroup: Unknown subsys name 'cpuset' [ 99.426592][ T5820] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 101.352135][ T5820] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.203639][ T24] cfg80211: failed to load regulatory.db [ 103.633529][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.641752][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.650236][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.658657][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.666732][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.675233][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.678799][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.693054][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.701315][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.709247][ T5849] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.715581][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.719477][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.727039][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.732078][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.739052][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.746308][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.758985][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.772318][ T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.780984][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.796843][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.344669][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 104.529755][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 104.570878][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 104.626585][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.633961][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.641420][ T5838] bridge_slave_0: entered allmulticast mode [ 104.650896][ T5838] bridge_slave_0: entered promiscuous mode [ 104.705657][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.713442][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.720654][ T5838] bridge_slave_1: entered allmulticast mode [ 104.728937][ T5838] bridge_slave_1: entered promiscuous mode [ 104.736429][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 104.820854][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.890873][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.967033][ T5838] team0: Port device team_slave_0 added [ 104.973703][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.980875][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.988986][ T5835] bridge_slave_0: entered allmulticast mode [ 104.996554][ T5835] bridge_slave_0: entered promiscuous mode [ 105.028417][ T5838] team0: Port device team_slave_1 added [ 105.034741][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.042440][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.049662][ T5835] bridge_slave_1: entered allmulticast mode [ 105.057314][ T5835] bridge_slave_1: entered promiscuous mode [ 105.079729][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.086929][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.094524][ T5834] bridge_slave_0: entered allmulticast mode [ 105.101916][ T5834] bridge_slave_0: entered promiscuous mode [ 105.180299][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.190301][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.197873][ T5834] bridge_slave_1: entered allmulticast mode [ 105.206201][ T5834] bridge_slave_1: entered promiscuous mode [ 105.213961][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.221143][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.228721][ T5836] bridge_slave_0: entered allmulticast mode [ 105.236888][ T5836] bridge_slave_0: entered promiscuous mode [ 105.246145][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.253345][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.279563][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.295187][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.324655][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.332696][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.339934][ T5836] bridge_slave_1: entered allmulticast mode [ 105.348393][ T5836] bridge_slave_1: entered promiscuous mode [ 105.356285][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.363400][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.389816][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.403784][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.449194][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.515062][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.547063][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.559662][ T5835] team0: Port device team_slave_0 added [ 105.570608][ T5835] team0: Port device team_slave_1 added [ 105.594705][ T5834] team0: Port device team_slave_0 added [ 105.604810][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.644867][ T5834] team0: Port device team_slave_1 added [ 105.725449][ T5838] hsr_slave_0: entered promiscuous mode [ 105.733677][ T5838] hsr_slave_1: entered promiscuous mode [ 105.755792][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.762899][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.789026][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.800923][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.808588][ T5152] Bluetooth: hci2: command tx timeout [ 105.808593][ T5842] Bluetooth: hci1: command tx timeout [ 105.813233][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.846195][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.859334][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.866766][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.893128][ T5152] Bluetooth: hci3: command tx timeout [ 105.893137][ T5842] Bluetooth: hci0: command tx timeout [ 105.893970][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.919415][ T5836] team0: Port device team_slave_0 added [ 105.929450][ T5836] team0: Port device team_slave_1 added [ 105.936262][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.943284][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.969830][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.025232][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.032681][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.059910][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.110575][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.117955][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.144881][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.202581][ T5835] hsr_slave_0: entered promiscuous mode [ 106.209708][ T5835] hsr_slave_1: entered promiscuous mode [ 106.216663][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.224656][ T5835] Cannot create hsr debugfs directory [ 106.287618][ T5836] hsr_slave_0: entered promiscuous mode [ 106.294142][ T5836] hsr_slave_1: entered promiscuous mode [ 106.300346][ T5836] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.308556][ T5836] Cannot create hsr debugfs directory [ 106.350884][ T5834] hsr_slave_0: entered promiscuous mode [ 106.357449][ T5834] hsr_slave_1: entered promiscuous mode [ 106.364135][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.371842][ T5834] Cannot create hsr debugfs directory [ 106.860704][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.878076][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.890290][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.910638][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.983217][ T5836] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.006235][ T5836] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.017982][ T5836] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.030647][ T5836] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.113991][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.143063][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.168815][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.204120][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 107.270744][ T5834] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.284282][ T5834] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.310900][ T5834] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.332476][ T5834] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.408240][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.518572][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.555127][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.562509][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.601110][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.608391][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.625655][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.648342][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.691435][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.716866][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.752855][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.767472][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.774724][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.788193][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.795453][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.817139][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.824467][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.867419][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.874675][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.882457][ T5152] Bluetooth: hci2: command tx timeout [ 107.887935][ T5152] Bluetooth: hci1: command tx timeout [ 107.935540][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.962746][ T5152] Bluetooth: hci3: command tx timeout [ 107.962849][ T5842] Bluetooth: hci0: command tx timeout [ 108.001750][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.009001][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.068480][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 108.109148][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.116454][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.135027][ T5836] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 108.438403][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.631480][ T5838] veth0_vlan: entered promiscuous mode [ 108.693098][ T5838] veth1_vlan: entered promiscuous mode [ 108.821657][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.856699][ T5838] veth0_macvtap: entered promiscuous mode [ 108.869815][ T5838] veth1_macvtap: entered promiscuous mode [ 108.889059][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.932407][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.960127][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.980136][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.996186][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.008805][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.019202][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.028701][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.117302][ T5835] veth0_vlan: entered promiscuous mode [ 109.159963][ T5836] veth0_vlan: entered promiscuous mode [ 109.193392][ T5835] veth1_vlan: entered promiscuous mode [ 109.231623][ T3004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.249297][ T3004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.266689][ T5836] veth1_vlan: entered promiscuous mode [ 109.326233][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.333688][ T5834] veth0_vlan: entered promiscuous mode [ 109.339957][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.367631][ T5834] veth1_vlan: entered promiscuous mode [ 109.393715][ T5835] veth0_macvtap: entered promiscuous mode [ 109.456208][ T5834] veth0_macvtap: entered promiscuous mode [ 109.466364][ T5835] veth1_macvtap: entered promiscuous mode [ 109.481394][ T5834] veth1_macvtap: entered promiscuous mode [ 109.491247][ T5838] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.493425][ T5836] veth0_macvtap: entered promiscuous mode [ 109.543103][ T5836] veth1_macvtap: entered promiscuous mode [ 109.596026][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.635578][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.646775][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.658234][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.686349][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.697894][ T5835] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.708029][ T5835] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.710265][ T5922] block nbd0: Unsupported socket: shutdown callout must be supported. [ 109.718778][ T5835] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.746501][ T5835] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.763294][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.776077][ T5834] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.785254][ T5834] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.799197][ T5834] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.809328][ T5834] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.832882][ T5836] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.841665][ T5836] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.850966][ T5836] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.861582][ T5836] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.966189][ T5842] Bluetooth: hci1: command tx timeout [ 109.969911][ T5152] Bluetooth: hci2: command tx timeout [ 110.005512][ T5924] kAFS: Invalid Command on /proc/fs/afs/cells file [ 110.044798][ T5152] Bluetooth: hci0: command tx timeout [ 110.045630][ T5842] Bluetooth: hci3: command tx timeout [ 110.144098][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.158923][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.219057][ T3012] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.230395][ T3012] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.282403][ T3004] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.302068][ T3004] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.388459][ T3004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.405302][ T3004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.448524][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.479240][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.630385][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.655290][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.977541][ T5939] ======================================================= [ 110.977541][ T5939] WARNING: The mand mount option has been deprecated and [ 110.977541][ T5939] and is ignored by this kernel. Remove the mand [ 110.977541][ T5939] option from the mount to silence this warning. [ 110.977541][ T5939] ======================================================= [ 112.047482][ T5842] Bluetooth: hci1: command tx timeout [ 112.047916][ T5152] Bluetooth: hci2: command tx timeout [ 112.124616][ T5152] Bluetooth: hci3: command tx timeout [ 112.130152][ T5152] Bluetooth: hci0: command tx timeout [ 113.092194][ T5993] capability: warning: `syz.0.31' uses 32-bit capabilities (legacy support in use) [ 114.378423][ T6026] Zero length message leads to an empty skb [ 117.959540][ T6098] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967282 out of range (51000000..2150000000) [ 121.057917][ T6167] FAULT_INJECTION: forcing a failure. [ 121.057917][ T6167] name failslab, interval 1, probability 0, space 0, times 1 [ 121.137995][ T6167] CPU: 0 UID: 0 PID: 6167 Comm: syz.2.107 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 121.138043][ T6167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 121.138066][ T6167] Call Trace: [ 121.138077][ T6167] [ 121.138093][ T6167] dump_stack_lvl+0x16c/0x1f0 [ 121.138156][ T6167] should_fail_ex+0x512/0x640 [ 121.138203][ T6167] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 121.138253][ T6167] should_failslab+0xc2/0x120 [ 121.138284][ T6167] __kmalloc_cache_noprof+0x6a/0x3e0 [ 121.138331][ T6167] ? do_kimage_alloc_init+0x40/0x350 [ 121.138390][ T6167] do_kimage_alloc_init+0x40/0x350 [ 121.138441][ T6167] do_kexec_load+0x1fd/0x8d0 [ 121.138474][ T6167] ? __pfx_do_kexec_load+0x10/0x10 [ 121.138509][ T6167] ? _copy_from_user+0x59/0xd0 [ 121.138565][ T6167] __x64_sys_kexec_load+0x1bf/0x230 [ 121.138600][ T6167] do_syscall_64+0xcd/0x490 [ 121.138660][ T6167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.138695][ T6167] RIP: 0033:0x7f798138e929 [ 121.138726][ T6167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.138759][ T6167] RSP: 002b:00007f7982180038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 121.138793][ T6167] RAX: ffffffffffffffda RBX: 00007f79815b5fa0 RCX: 00007f798138e929 [ 121.138814][ T6167] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 121.138833][ T6167] RBP: 00007f7981410b39 R08: 0000000000000000 R09: 0000000000000000 [ 121.138852][ T6167] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 121.138871][ T6167] R13: 0000000000000000 R14: 00007f79815b5fa0 R15: 00007ffd6582f0e8 [ 121.138918][ T6167] [ 121.448698][ T6175] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 122.461351][ T6204] netlink: 206 bytes leftover after parsing attributes in process `syz.2.125'. [ 122.841770][ T6217] netlink: 342 bytes leftover after parsing attributes in process `syz.1.130'. [ 123.741179][ T6242] process 'syz.2.141' launched ':,' with NULL argv: empty string added [ 125.053614][ T6281] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 125.069057][ T6281] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 125.098958][ T6281] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 125.126025][ T6281] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 125.151529][ T6281] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 125.234474][ T6281] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 125.304523][ T6281] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 125.324304][ T6281] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 125.368680][ T6281] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 125.399340][ T6281] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 125.421317][ T6281] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 125.434758][ T6281] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 126.008794][ T6302] nbd: socks must be embedded in a SOCK_ITEM attr [ 126.846395][ T6328] input: jJǸ-9%vlQ J8fi as /devices/virtual/input/input6 [ 127.082545][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 127.162225][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 127.322121][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 127.402144][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.190298][ T30] audit: type=1800 audit(1751502011.806:2): pid=6366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=08 name="lu_gp_id" dev="configfs" ino=8355 res=0 errno=0 [ 129.162325][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 129.242192][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 129.402268][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 129.482772][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.934866][ T6417] vivid-009: ================= START STATUS ================= [ 129.953118][ T6417] vivid-009: Enable Output Cropping: true grabbed [ 129.959882][ T6417] vivid-009: Enable Output Composing: true grabbed [ 130.013542][ T6417] vivid-009: Enable Output Scaler: true grabbed [ 130.053488][ T6417] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 130.092055][ T6417] vivid-009: Transmit Mode: HDMI grabbed [ 130.117789][ T6417] vivid-009: Hotplug Present: 0x00000000 [ 130.132063][ T6417] vivid-009: RxSense Present: 0x00000000 [ 130.143541][ T6417] vivid-009: EDID Present: 0x00000000 [ 130.159540][ T6417] vivid-009: ================== END STATUS ================== [ 130.553800][ T6437] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 131.171891][ T6456] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 131.246298][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 131.322249][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 131.482396][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 131.562081][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 132.945045][ T6499] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78004 [ 132.986132][ T6499] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 133.012023][ T6499] page_type: f2(table) [ 133.016214][ T6499] raw: 00fff00000000000 0000000000000000 0000000000000000 0000000000000000 [ 133.034258][ T6499] raw: ffff888000000000 ffff88807e1a9f60 00000001f2000000 0000000000000000 [ 133.046409][ T6499] page dumped because: unmovable page [ 133.051871][ T6499] page_owner tracks the page as allocated [ 133.060558][ T6499] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 5202, tgid 5202 (udevd), ts 121520915556, free_ts 121506659056 [ 133.081313][ T6499] post_alloc_hook+0x1c0/0x230 [ 133.086688][ T6499] get_page_from_freelist+0x1321/0x3890 [ 133.095075][ T6499] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 133.101079][ T6499] alloc_pages_mpol+0x1fb/0x550 [ 133.107988][ T6499] alloc_pages_noprof+0x131/0x390 [ 133.114974][ T6499] __pmd_alloc+0x3b/0x930 [ 133.119390][ T6499] copy_page_range+0x2419/0x5740 [ 133.126559][ T6499] dup_mmap+0xe88/0x21d0 [ 133.130895][ T6499] copy_process+0x4081/0x76a0 [ 133.138869][ T6499] kernel_clone+0xfc/0x960 [ 133.144241][ T6499] __do_sys_clone+0xce/0x120 [ 133.149069][ T6499] do_syscall_64+0xcd/0x490 [ 133.154304][ T6499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.162330][ T6499] page last free pid 15 tgid 15 stack trace: [ 133.168423][ T6499] __free_frozen_pages+0x7fe/0x1180 [ 133.182308][ T6499] tlb_remove_table_rcu+0x116/0x1a0 [ 133.187901][ T6499] rcu_core+0x799/0x14e0 [ 133.218191][ T6499] handle_softirqs+0x219/0x8e0 [ 133.231172][ T6499] run_ksoftirqd+0x3a/0x60 [ 133.236574][ T6499] smpboot_thread_fn+0x3f7/0xae0 [ 133.241628][ T6499] kthread+0x3c5/0x780 [ 133.262128][ T6499] ret_from_fork+0x5d4/0x6f0 [ 133.266852][ T6499] ret_from_fork_asm+0x1a/0x30 [ 133.802713][ T6517] netlink: 12 bytes leftover after parsing attributes in process `syz.2.261'. [ 136.844745][ T6600] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 137.926499][ T6626] FAULT_INJECTION: forcing a failure. [ 137.926499][ T6626] name failslab, interval 1, probability 0, space 0, times 0 [ 137.954294][ T6626] CPU: 0 UID: 0 PID: 6626 Comm: syz.3.306 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 137.954343][ T6626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 137.954362][ T6626] Call Trace: [ 137.954373][ T6626] [ 137.954385][ T6626] dump_stack_lvl+0x16c/0x1f0 [ 137.954443][ T6626] should_fail_ex+0x512/0x640 [ 137.954490][ T6626] ? __kmalloc_noprof+0xbf/0x510 [ 137.954542][ T6626] ? create_ruleset+0x21/0x140 [ 137.954591][ T6626] should_failslab+0xc2/0x120 [ 137.954622][ T6626] __kmalloc_noprof+0xd2/0x510 [ 137.954669][ T6626] ? __might_fault+0xe3/0x190 [ 137.954717][ T6626] ? __might_fault+0xe3/0x190 [ 137.954771][ T6626] create_ruleset+0x21/0x140 [ 137.954823][ T6626] landlock_create_ruleset+0x77/0x230 [ 137.954883][ T6626] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 137.954937][ T6626] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 137.955008][ T6626] do_syscall_64+0xcd/0x490 [ 137.955063][ T6626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.955096][ T6626] RIP: 0033:0x7f2c3658e929 [ 137.955122][ T6626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.955153][ T6626] RSP: 002b:00007f2c37366038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 137.955184][ T6626] RAX: ffffffffffffffda RBX: 00007f2c367b5fa0 RCX: 00007f2c3658e929 [ 137.955204][ T6626] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 137.955230][ T6626] RBP: 00007f2c36610b39 R08: 0000000000000000 R09: 0000000000000000 [ 137.955250][ T6626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.955269][ T6626] R13: 0000000000000000 R14: 00007f2c367b5fa0 R15: 00007ffd46b531b8 [ 137.955311][ T6626] [ 139.864155][ T6672] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 143.167449][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.179045][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.302415][ T6764] zswap: compressor not available [ 144.991570][ T6784] input: f as /devices/virtual/input/input8 [ 145.209657][ T6790] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 148.377846][ T6857] syz.0.396 uses obsolete (PF_INET,SOCK_PACKET) [ 152.482225][ T6953] syz.3.434 (6953) used greatest stack depth: 20936 bytes left [ 153.155417][ T6978] netlink: 'syz.2.446': attribute type 1 has an invalid length. [ 153.421510][ T6984] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 158.819249][ T7109] dump_stack_lvl+0x16c/0x1f0 [ 158.819308][ T7109] should_fail_ex+0x512/0x640 [ 158.819353][ T7109] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 158.819403][ T7109] should_failslab+0xc2/0x120 [ 158.819434][ T7109] __kmalloc_cache_noprof+0x6a/0x3e0 [ 158.819480][ T7109] ? acct_on+0x57/0x870 [ 158.819531][ T7109] acct_on+0x57/0x870 [ 158.819578][ T7109] __x64_sys_acct+0xaf/0x230 [ 158.819623][ T7109] ? lockdep_hardirqs_on+0x7c/0x110 [ 158.819672][ T7109] do_syscall_64+0xcd/0x490 [ 158.819727][ T7109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.819760][ T7109] RIP: 0033:0x7f5a9158e929 [ 158.819786][ T7109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.819817][ T7109] RSP: 002b:00007f5a92327038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 158.819848][ T7109] RAX: ffffffffffffffda RBX: 00007f5a917b5fa0 RCX: 00007f5a9158e929 [ 158.819869][ T7109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 158.819889][ T7109] RBP: 00007f5a91610b39 R08: 0000000000000000 R09: 0000000000000000 [ 158.819909][ T7109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.819928][ T7109] R13: 0000000000000000 R14: 00007f5a917b5fa0 R15: 00007ffeade1d508 [ 158.819978][ T7109] [ 159.170673][ T7118] netlink: 'syz.3.509': attribute type 2 has an invalid length. [ 159.178603][ T7118] netlink: 12 bytes leftover after parsing attributes in process `syz.3.509'. [ 166.442710][ T7313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.589'. [ 166.482302][ T7308] zswap: compressor not available [ 166.848254][ T7323] netlink: 16 bytes leftover after parsing attributes in process `syz.0.594'. [ 168.257847][ T7361] block nbd9: NBD_DISCONNECT [ 168.995929][ T7379] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.616' sets config #0 [ 171.677640][ T7450] input: jJǸ-9%vlQ J8fi as /devices/virtual/input/input10 [ 172.798281][ T7475] device-mapper: ioctl: Invalid ioctl structure: name , dev b00010007 [ 173.780849][ T7504] FAULT_INJECTION: forcing a failure. [ 173.780849][ T7504] name failslab, interval 1, probability 0, space 0, times 0 [ 173.822454][ T7504] CPU: 0 UID: 0 PID: 7504 Comm: syz.2.659 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 173.822502][ T7504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 173.822521][ T7504] Call Trace: [ 173.822531][ T7504] [ 173.822544][ T7504] dump_stack_lvl+0x16c/0x1f0 [ 173.822600][ T7504] should_fail_ex+0x512/0x640 [ 173.822664][ T7504] ? fs_reclaim_acquire+0xae/0x150 [ 173.822708][ T7504] should_failslab+0xc2/0x120 [ 173.822740][ T7504] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 173.822791][ T7504] ? security_inode_alloc+0x3b/0x2b0 [ 173.822832][ T7504] security_inode_alloc+0x3b/0x2b0 [ 173.822870][ T7504] inode_init_always_gfp+0xce4/0x1030 [ 173.822924][ T7504] alloc_inode+0x86/0x240 [ 173.822957][ T7504] create_pipe_files+0x4c/0x930 [ 173.823017][ T7504] do_pipe2+0xaf/0x1c0 [ 173.823067][ T7504] ? __pfx_do_pipe2+0x10/0x10 [ 173.823119][ T7504] ? xfd_validate_state+0x61/0x180 [ 173.823160][ T7504] ? __pfx_ksys_write+0x10/0x10 [ 173.823218][ T7504] __x64_sys_pipe+0x33/0x50 [ 173.823270][ T7504] do_syscall_64+0xcd/0x490 [ 173.823325][ T7504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.823357][ T7504] RIP: 0033:0x7f798138e929 [ 173.823383][ T7504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.823416][ T7504] RSP: 002b:00007f7982180038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 173.823447][ T7504] RAX: ffffffffffffffda RBX: 00007f79815b5fa0 RCX: 00007f798138e929 [ 173.823469][ T7504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 173.823488][ T7504] RBP: 00007f7981410b39 R08: 0000000000000000 R09: 0000000000000000 [ 173.823508][ T7504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.823528][ T7504] R13: 0000000000000000 R14: 00007f79815b5fa0 R15: 00007ffd6582f0e8 [ 173.823570][ T7504] [ 174.447723][ T7509] Invalid ELF header magic: != ELF [ 177.136324][ T7565] binder: 7564:7565 unknown command 4294967282 [ 177.181729][ T7567] FAULT_INJECTION: forcing a failure. [ 177.181729][ T7567] name failslab, interval 1, probability 0, space 0, times 0 [ 177.191900][ T7565] binder: 7564:7565 ioctl c0306201 2000000000c0 returned -22 [ 177.215306][ T7567] CPU: 1 UID: 0 PID: 7567 Comm: syz.3.686 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 177.215356][ T7567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 177.215376][ T7567] Call Trace: [ 177.215387][ T7567] [ 177.215399][ T7567] dump_stack_lvl+0x16c/0x1f0 [ 177.215458][ T7567] should_fail_ex+0x512/0x640 [ 177.215507][ T7567] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 177.215563][ T7567] should_failslab+0xc2/0x120 [ 177.215596][ T7567] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 177.215649][ T7567] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 177.215686][ T7567] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 177.215718][ T7567] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 177.215751][ T7567] alloc_inode+0x64/0x240 [ 177.215786][ T7567] new_inode+0x22/0x1c0 [ 177.215824][ T7567] hugetlbfs_get_inode+0x354/0x730 [ 177.215862][ T7567] hugetlb_file_setup+0x15b/0x620 [ 177.215908][ T7567] ksys_mmap_pgoff+0x189/0x5c0 [ 177.215952][ T7567] __x64_sys_mmap+0x125/0x190 [ 177.216004][ T7567] do_syscall_64+0xcd/0x490 [ 177.216066][ T7567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.216101][ T7567] RIP: 0033:0x7f2c3658e929 [ 177.216128][ T7567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.216159][ T7567] RSP: 002b:00007f2c37366038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 177.216191][ T7567] RAX: ffffffffffffffda RBX: 00007f2c367b5fa0 RCX: 00007f2c3658e929 [ 177.216212][ T7567] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 177.216231][ T7567] RBP: 00007f2c36610b39 R08: 0000000000000401 R09: 0000300000000000 [ 177.216250][ T7567] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 177.216269][ T7567] R13: 0000000000000000 R14: 00007f2c367b5fa0 R15: 00007ffd46b531b8 [ 177.216309][ T7567] [ 179.378808][ T7610] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input11 [ 180.751110][ T7654] binder: 7652:7654 ioctl c018620b 0 returned -14 [ 182.205584][ T7703] block2mtd: error: cannot open device i [ 182.321112][ T7705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.748'. [ 183.305807][ T7737] random: crng reseeded on system resumption [ 184.615282][ T7774] can: request_module (can-proto-0) failed. [ 185.398393][ T30] audit: type=1800 audit(1751502069.016:3): pid=7803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.792" name="dmabuf" dev="dmabuf" ino=6 res=0 errno=0 [ 187.765440][ T7867] ovs_: entered promiscuous mode [ 189.540525][ T5152] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 189.540571][ T5152] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 189.556214][ T5152] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 189.556285][ T5152] Bluetooth: hci1: adv larger than maximum supported [ 189.563739][ T5152] Bluetooth: hci1: adv larger than maximum supported [ 189.570478][ T5152] Bluetooth: hci1: Malformed LE Event: 0x0d [ 190.577274][ T7949] netlink: 206 bytes leftover after parsing attributes in process `syz.0.856'. [ 192.076304][ T7992] zero sized request [ 196.115356][ T8084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 196.137916][ T8084] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 199.428765][ T8195] netlink: 93 bytes leftover after parsing attributes in process `syz.2.960'. [ 199.756925][ T8197] zswap: compressor not available [ 201.746382][ T8274] FAULT_INJECTION: forcing a failure. [ 201.746382][ T8274] name failslab, interval 1, probability 0, space 0, times 0 [ 201.778105][ T8274] CPU: 0 UID: 0 PID: 8274 Comm: syz.3.993 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 201.778151][ T8274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 201.778171][ T8274] Call Trace: [ 201.778182][ T8274] [ 201.778195][ T8274] dump_stack_lvl+0x16c/0x1f0 [ 201.778255][ T8274] should_fail_ex+0x512/0x640 [ 201.778300][ T8274] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 201.778354][ T8274] should_failslab+0xc2/0x120 [ 201.778385][ T8274] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 201.778437][ T8274] ? sk_prot_alloc+0x60/0x2a0 [ 201.778500][ T8274] sk_prot_alloc+0x60/0x2a0 [ 201.778540][ T8274] sk_alloc+0x36/0xc20 [ 201.778590][ T8274] rds_create+0x9e/0x5f0 [ 201.778636][ T8274] __sock_create+0x338/0x8d0 [ 201.778683][ T8274] __sys_socket+0x14d/0x260 [ 201.778724][ T8274] ? __pfx___sys_socket+0x10/0x10 [ 201.778764][ T8274] ? xfd_validate_state+0x61/0x180 [ 201.778817][ T8274] __x64_sys_socket+0x72/0xb0 [ 201.778854][ T8274] ? lockdep_hardirqs_on+0x7c/0x110 [ 201.778913][ T8274] do_syscall_64+0xcd/0x490 [ 201.778976][ T8274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.779009][ T8274] RIP: 0033:0x7f2c3658e929 [ 201.779036][ T8274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.779068][ T8274] RSP: 002b:00007f2c37366038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 201.779098][ T8274] RAX: ffffffffffffffda RBX: 00007f2c367b5fa0 RCX: 00007f2c3658e929 [ 201.779119][ T8274] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 201.779138][ T8274] RBP: 00007f2c36610b39 R08: 0000000000000000 R09: 0000000000000000 [ 201.779156][ T8274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.779175][ T8274] R13: 0000000000000000 R14: 00007f2c367b5fa0 R15: 00007ffd46b531b8 [ 201.779215][ T8274] [ 202.815680][ T8300] FAULT_INJECTION: forcing a failure. [ 202.815680][ T8300] name failslab, interval 1, probability 0, space 0, times 0 [ 202.840006][ T8300] CPU: 1 UID: 0 PID: 8300 Comm: syz.2.1005 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 202.840050][ T8300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 202.840069][ T8300] Call Trace: [ 202.840078][ T8300] [ 202.840090][ T8300] dump_stack_lvl+0x16c/0x1f0 [ 202.840146][ T8300] should_fail_ex+0x512/0x640 [ 202.840191][ T8300] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 202.840246][ T8300] should_failslab+0xc2/0x120 [ 202.840278][ T8300] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 202.840329][ T8300] ? sk_prot_alloc+0x60/0x2a0 [ 202.840369][ T8300] sk_prot_alloc+0x60/0x2a0 [ 202.840409][ T8300] sk_alloc+0x36/0xc20 [ 202.840460][ T8300] rds_create+0x9e/0x5f0 [ 202.840507][ T8300] __sock_create+0x338/0x8d0 [ 202.840567][ T8300] __sys_socket+0x14d/0x260 [ 202.840609][ T8300] ? __pfx___sys_socket+0x10/0x10 [ 202.840651][ T8300] ? xfd_validate_state+0x61/0x180 [ 202.840710][ T8300] __x64_sys_socket+0x72/0xb0 [ 202.840750][ T8300] ? lockdep_hardirqs_on+0x7c/0x110 [ 202.840801][ T8300] do_syscall_64+0xcd/0x490 [ 202.840857][ T8300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.840890][ T8300] RIP: 0033:0x7f798138e929 [ 202.840916][ T8300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.840947][ T8300] RSP: 002b:00007f7982180038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 202.840978][ T8300] RAX: ffffffffffffffda RBX: 00007f79815b5fa0 RCX: 00007f798138e929 [ 202.840999][ T8300] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 202.841018][ T8300] RBP: 00007f7981410b39 R08: 0000000000000000 R09: 0000000000000000 [ 202.841038][ T8300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.841058][ T8300] R13: 0000000000000000 R14: 00007f79815b5fa0 R15: 00007ffd6582f0e8 [ 202.841100][ T8300] [ 204.607848][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.617734][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.228913][ T8370] FAULT_INJECTION: forcing a failure. [ 205.228913][ T8370] name failslab, interval 1, probability 0, space 0, times 0 [ 205.258222][ T8370] CPU: 1 UID: 0 PID: 8370 Comm: syz.0.1030 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 205.258268][ T8370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 205.258287][ T8370] Call Trace: [ 205.258297][ T8370] [ 205.258310][ T8370] dump_stack_lvl+0x16c/0x1f0 [ 205.258365][ T8370] should_fail_ex+0x512/0x640 [ 205.258412][ T8370] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 205.258464][ T8370] should_failslab+0xc2/0x120 [ 205.258496][ T8370] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 205.258549][ T8370] ? sk_prot_alloc+0x60/0x2a0 [ 205.258597][ T8370] sk_prot_alloc+0x60/0x2a0 [ 205.258635][ T8370] sk_alloc+0x36/0xc20 [ 205.258684][ T8370] rds_create+0x9e/0x5f0 [ 205.258729][ T8370] __sock_create+0x338/0x8d0 [ 205.258776][ T8370] __sys_socket+0x14d/0x260 [ 205.258817][ T8370] ? __pfx___sys_socket+0x10/0x10 [ 205.258858][ T8370] ? xfd_validate_state+0x61/0x180 [ 205.258911][ T8370] __x64_sys_socket+0x72/0xb0 [ 205.258950][ T8370] ? lockdep_hardirqs_on+0x7c/0x110 [ 205.258999][ T8370] do_syscall_64+0xcd/0x490 [ 205.259052][ T8370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.259085][ T8370] RIP: 0033:0x7f5a9158e929 [ 205.259111][ T8370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.259140][ T8370] RSP: 002b:00007f5a92327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 205.259170][ T8370] RAX: ffffffffffffffda RBX: 00007f5a917b5fa0 RCX: 00007f5a9158e929 [ 205.259192][ T8370] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 205.259211][ T8370] RBP: 00007f5a91610b39 R08: 0000000000000000 R09: 0000000000000000 [ 205.259230][ T8370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.259249][ T8370] R13: 0000000000000000 R14: 00007f5a917b5fa0 R15: 00007ffeade1d508 [ 205.259291][ T8370] [ 206.370063][ T8396] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1050'. [ 207.077649][ T8420] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 207.143229][ T8424] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1062'. [ 207.946381][ T8450] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input14 [ 208.322798][ T8462] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1075'. [ 209.168846][ T8489] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 209.493351][ T8498] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1090'. [ 210.087524][ T8519] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input16 [ 237.472776][ T9208] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 237.479005][ T9208] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 237.508780][ T9208] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 237.542702][ T9208] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 239.571836][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 239.578766][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 239.584981][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 239.585425][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 239.822813][ T9265] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1409'. [ 240.223990][ T9276] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1413'. [ 241.541687][ T9315] FAULT_INJECTION: forcing a failure. [ 241.541687][ T9315] name failslab, interval 1, probability 0, space 0, times 0 [ 241.558745][ T9315] CPU: 1 UID: 0 PID: 9315 Comm: syz.3.1432 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 241.558792][ T9315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 241.558812][ T9315] Call Trace: [ 241.558823][ T9315] [ 241.558835][ T9315] dump_stack_lvl+0x16c/0x1f0 [ 241.558894][ T9315] should_fail_ex+0x512/0x640 [ 241.558942][ T9315] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 241.559001][ T9315] should_failslab+0xc2/0x120 [ 241.559033][ T9315] __kmalloc_cache_noprof+0x6a/0x3e0 [ 241.559079][ T9315] ? do_kimage_alloc_init+0x40/0x350 [ 241.559137][ T9315] do_kimage_alloc_init+0x40/0x350 [ 241.559189][ T9315] do_kexec_load+0x1fd/0x8d0 [ 241.559223][ T9315] ? __pfx_do_kexec_load+0x10/0x10 [ 241.559259][ T9315] ? _copy_from_user+0x59/0xd0 [ 241.559315][ T9315] __x64_sys_kexec_load+0x1bf/0x230 [ 241.559352][ T9315] do_syscall_64+0xcd/0x490 [ 241.559407][ T9315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.559441][ T9315] RIP: 0033:0x7f2c3658e929 [ 241.559468][ T9315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.559498][ T9315] RSP: 002b:00007f2c37366038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 241.559528][ T9315] RAX: ffffffffffffffda RBX: 00007f2c367b5fa0 RCX: 00007f2c3658e929 [ 241.559549][ T9315] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 241.559569][ T9315] RBP: 00007f2c36610b39 R08: 0000000000000000 R09: 0000000000000000 [ 241.559589][ T9315] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 241.559608][ T9315] R13: 0000000000000000 R14: 00007f2c367b5fa0 R15: 00007ffd46b531b8 [ 241.559649][ T9315] [ 242.796146][ T9339] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967282 out of range (51000000..2150000000) [ 248.346872][ T9497] kAFS: Invalid Command on /proc/fs/afs/cells file [ 248.548243][ T9504] block nbd0: Unsupported socket: shutdown callout must be supported. [ 250.559722][ T9543] zswap: compressor not available [ 250.979021][ T9561] input: f as /devices/virtual/input/input17 [ 251.273145][ T30] audit: type=1800 audit(1751502134.896:4): pid=9571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=08 name="lu_gp_id" dev="configfs" ino=17057 res=0 errno=0 [ 252.655857][ T9610] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 254.083365][ T9640] vivid-009: ================= START STATUS ================= [ 254.091228][ T9640] vivid-009: Enable Output Cropping: true grabbed [ 254.121701][ T9640] vivid-009: Enable Output Composing: true grabbed [ 254.147158][ T9640] vivid-009: Enable Output Scaler: true grabbed [ 254.166722][ T9640] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 254.194006][ T9640] vivid-009: Transmit Mode: HDMI grabbed [ 254.209187][ T9640] vivid-009: Hotplug Present: 0x00000000 [ 254.226608][ T9640] vivid-009: RxSense Present: 0x00000000 [ 254.248004][ T9640] vivid-009: EDID Present: 0x00000000 [ 254.253633][ T9646] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78001 [ 254.271238][ T9640] vivid-009: ================== END STATUS ================== [ 254.295717][ T9646] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 254.325227][ T9646] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 254.396233][ T9646] raw: ffff888000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 254.432054][ T9646] page dumped because: unmovable page [ 254.469259][ T9646] page_owner tracks the page as allocated [ 254.486197][ T9646] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO), pid 8126, tgid 8125 (syz.0.930), ts 197401758135, free_ts 196634864735 [ 254.598757][ T9646] post_alloc_hook+0x1c0/0x230 [ 254.646864][ T9646] get_page_from_freelist+0x1321/0x3890 [ 254.702431][ T9646] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 254.708506][ T9646] alloc_pages_mpol+0x1fb/0x550 [ 254.759945][ T9646] alloc_pages_noprof+0x131/0x390 [ 254.808729][ T9646] brd_submit_bio+0x951/0x10a0 [ 254.859647][ T9646] __submit_bio+0x304/0x690 [ 254.890592][ T9656] input: jJǸ-9%vlQ J8fi as /devices/virtual/input/input19 [ 254.892669][ T9646] submit_bio_noacct_nocheck+0x852/0xd30 [ 254.938256][ T9646] submit_bio_noacct+0x50d/0x1eb0 [ 254.957547][ T9646] blkdev_direct_IO+0x16f4/0x1ff0 [ 254.977908][ T9646] blkdev_write_iter+0x6fd/0xdf0 [ 254.997830][ T9646] vfs_write+0x6c4/0x1150 [ 255.031962][ T9646] ksys_write+0x12a/0x250 [ 255.082098][ T9646] do_syscall_64+0xcd/0x490 [ 255.086729][ T9646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.128713][ T9646] page last free pid 15 tgid 15 stack trace: [ 255.148978][ T9646] __free_frozen_pages+0x7fe/0x1180 [ 255.178517][ T9646] tlb_remove_table_rcu+0x116/0x1a0 [ 255.210228][ T9646] rcu_core+0x799/0x14e0 [ 255.230487][ T9646] handle_softirqs+0x219/0x8e0 [ 255.266703][ T9646] run_ksoftirqd+0x3a/0x60 [ 255.271258][ T9646] smpboot_thread_fn+0x3f7/0xae0 [ 255.293005][ T9646] kthread+0x3c5/0x780 [ 255.297216][ T9646] ret_from_fork+0x5d4/0x6f0 [ 255.306544][ T9646] ret_from_fork_asm+0x1a/0x30 [ 256.191206][ T9691] input: jJǸ-9%vlQ J8fi as /devices/virtual/input/input20 [ 258.704245][ T9760] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1613'. [ 259.116407][ T9763] zswap: compressor not available [ 260.922473][ T5152] ================================================================== [ 260.930786][ T5152] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 [ 260.938658][ T5152] Read of size 140 at addr ffffc90017c25000 by task kworker/u9:1/5152 [ 260.946862][ T5152] [ 260.949245][ T5152] CPU: 1 UID: 0 PID: 5152 Comm: kworker/u9:1 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 260.949287][ T5152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 260.949308][ T5152] Workqueue: hci0 hci_devcd_timeout [ 260.949353][ T5152] Call Trace: [ 260.949364][ T5152] [ 260.949380][ T5152] dump_stack_lvl+0x116/0x1f0 [ 260.949429][ T5152] print_report+0xcd/0x680 [ 260.949478][ T5152] ? __virt_addr_valid+0x81/0x610 [ 260.949514][ T5152] ? hci_devcd_dump+0x142/0x240 [ 260.949555][ T5152] kasan_report+0xe0/0x110 [ 260.949583][ T5152] ? hci_devcd_dump+0x142/0x240 [ 260.949629][ T5152] kasan_check_range+0x100/0x1b0 [ 260.949665][ T5152] __asan_memcpy+0x23/0x60 [ 260.949707][ T5152] hci_devcd_dump+0x142/0x240 [ 260.949750][ T5152] hci_devcd_timeout+0xb5/0x2e0 [ 260.949792][ T5152] ? rcu_is_watching+0x12/0xc0 [ 260.949826][ T5152] process_one_work+0x9cf/0x1b70 [ 260.949883][ T5152] ? __pfx_process_one_work+0x10/0x10 [ 260.949937][ T5152] ? assign_work+0x1a0/0x250 [ 260.949987][ T5152] worker_thread+0x6c8/0xf10 [ 260.950041][ T5152] ? __kthread_parkme+0x19e/0x250 [ 260.950079][ T5152] ? __pfx_worker_thread+0x10/0x10 [ 260.950127][ T5152] kthread+0x3c5/0x780 [ 260.950170][ T5152] ? __pfx_kthread+0x10/0x10 [ 260.950215][ T5152] ? rcu_is_watching+0x12/0xc0 [ 260.950245][ T5152] ? __pfx_kthread+0x10/0x10 [ 260.950289][ T5152] ret_from_fork+0x5d4/0x6f0 [ 260.950331][ T5152] ? __pfx_kthread+0x10/0x10 [ 260.950375][ T5152] ret_from_fork_asm+0x1a/0x30 [ 260.950418][ T5152] [ 260.950429][ T5152] [ 261.103118][ T5152] The buggy address ffffc90017c25000 belongs to a vmalloc virtual mapping [ 261.111636][ T5152] Memory state around the buggy address: [ 261.117287][ T5152] ffffc90017c24f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 261.125371][ T5152] ffffc90017c24f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 261.133454][ T5152] >ffffc90017c25000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 261.141536][ T5152] ^ [ 261.145641][ T5152] ffffc90017c25080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 261.153723][ T5152] ffffc90017c25100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 261.161821][ T5152] ================================================================== [ 261.172395][ T5152] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 261.179665][ T5152] CPU: 1 UID: 0 PID: 5152 Comm: kworker/u9:1 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 261.191878][ T5152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 261.202086][ T5152] Workqueue: hci0 hci_devcd_timeout [ 261.207360][ T5152] Call Trace: [ 261.210758][ T5152] [ 261.213716][ T5152] dump_stack_lvl+0x3d/0x1f0 [ 261.218362][ T5152] panic+0x71c/0x800 [ 261.222298][ T5152] ? __pfx_panic+0x10/0x10 [ 261.226782][ T5152] ? mark_held_locks+0x49/0x80 [ 261.231589][ T5152] ? preempt_schedule_thunk+0x16/0x30 [ 261.237005][ T5152] ? hci_devcd_dump+0x142/0x240 [ 261.241909][ T5152] ? preempt_schedule_common+0x44/0xc0 [ 261.247422][ T5152] ? check_panic_on_warn+0x1f/0xb0 [ 261.252597][ T5152] ? hci_devcd_dump+0x142/0x240 [ 261.257485][ T5152] check_panic_on_warn+0xab/0xb0 [ 261.262486][ T5152] end_report+0x107/0x170 [ 261.266885][ T5152] kasan_report+0xee/0x110 [ 261.271363][ T5152] ? hci_devcd_dump+0x142/0x240 [ 261.276291][ T5152] kasan_check_range+0x100/0x1b0 [ 261.281291][ T5152] __asan_memcpy+0x23/0x60 [ 261.285762][ T5152] hci_devcd_dump+0x142/0x240 [ 261.290493][ T5152] hci_devcd_timeout+0xb5/0x2e0 [ 261.295400][ T5152] ? rcu_is_watching+0x12/0xc0 [ 261.300213][ T5152] process_one_work+0x9cf/0x1b70 [ 261.305213][ T5152] ? __pfx_process_one_work+0x10/0x10 [ 261.310641][ T5152] ? assign_work+0x1a0/0x250 [ 261.315273][ T5152] worker_thread+0x6c8/0xf10 [ 261.319927][ T5152] ? __kthread_parkme+0x19e/0x250 [ 261.324990][ T5152] ? __pfx_worker_thread+0x10/0x10 [ 261.330147][ T5152] kthread+0x3c5/0x780 [ 261.334257][ T5152] ? __pfx_kthread+0x10/0x10 [ 261.338892][ T5152] ? rcu_is_watching+0x12/0xc0 [ 261.343688][ T5152] ? __pfx_kthread+0x10/0x10 [ 261.348325][ T5152] ret_from_fork+0x5d4/0x6f0 [ 261.352958][ T5152] ? __pfx_kthread+0x10/0x10 [ 261.357606][ T5152] ret_from_fork_asm+0x1a/0x30 [ 261.362409][ T5152] [ 261.365809][ T5152] Kernel Offset: disabled [ 261.370262][ T5152] Rebooting in 86400 seconds..