last executing test programs: 14.78172301s ago: executing program 1 (id=1428): mmap$auto(0x0, 0x2000d, 0xdf, 0xeb1, 0x9, 0x7fff) getsockopt$auto(0x2, 0x7, 0x4, &(0x7f0000000000)='-#&:@!!*@]*^T\'&-,\x00', &(0x7f0000000040)=0x914c) prctl$auto(0x28, 0x7, 0x8100000000, 0x3, 0x2) getsockopt$auto(0x7, 0x6, 0x4, &(0x7f0000000080)='-#&:@!!*@]*^T\'&-,\x00', &(0x7f00000000c0)=0x6) 14.340217907s ago: executing program 1 (id=1430): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_SMC_PNETID(&(0x7f00000016c0), r0) mmap$auto(0x0, 0x9, 0xdf, 0xc78, 0x4, 0x10000) socket(0x2, 0x3, 0x1) socket$nl_generic(0x10, 0x3, 0x10) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) setsockopt$auto(0x2, 0x1, 0x1ae, &(0x7f0000000040)='SMC_PNETID\x00', 0xf) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) setsockopt$auto(0x10, 0x1, 0x9, &(0x7f0000000000)='SMC_PNETID\x00', 0xfffffbff) getsockopt$auto(0x6, 0x11c, 0x3, 0xfffffffffffffffe, 0x0) sendmsg$auto_SMC_PNETID_DEL(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x14, r1, 0x1, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x120}, 0x4040) 13.798975123s ago: executing program 1 (id=1434): mmap$auto(0x0, 0x9, 0x3, 0x8b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x800017) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) epoll_pwait2$auto(0x1, 0xfffffffffffffffc, 0x3, 0xfffffffffffffffd, 0xffffffffffffffff, 0x6) 13.375703883s ago: executing program 1 (id=1436): socket(0xa, 0x2, 0x73) r0 = socket(0x6, 0x3, 0x1) mmap$auto(0x4c, 0x0, 0x72, 0x8b72, 0x8f1, 0x3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) getpriority$auto(0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) fgetxattr$auto(0xf37, 0xffffffffffffffff, 0xfffffffffffffffd, 0x8) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40014}, 0x10) (async) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40014}, 0x10) mmap$auto(0x2, 0x40009, 0xdf, 0x9b72, 0xa, 0x6) setns$auto(0xcfc, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mseal$auto(0x1ffff000, 0x7dda, 0x0) (async) mseal$auto(0x1ffff000, 0x7dda, 0x0) munmap$auto(0x20001000, 0x2000000c) (async) munmap$auto(0x20001000, 0x2000000c) socket(0x23, 0x4, 0x200) setsockopt$auto(0x5, 0x8000, 0x1, &(0x7f0000000000)='$\x00', 0x5) mlock2$auto(0x400000000000001, 0x5, 0x0) socket(0x2, 0x1, 0x0) (async) socket(0x2, 0x1, 0x0) listen$auto(0x3, 0x81) (async) listen$auto(0x3, 0x81) sendfile$auto(0x1, 0x3, 0x0, 0xc01) kill$auto(0x1, 0x0) pidfd_getfd$auto(0xa, 0x0, 0x8) mremap$auto(0x0, 0x2, 0x8, 0x3, 0x7effffffb000) 9.720021037s ago: executing program 1 (id=1448): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_HSR(&(0x7f0000000dc0), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f0000000e40)={0x1c, r1, 0xcca410819d59690b, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IFINDEX={0x8}]}, 0x1c}}, 0x4000) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="0153bf"], 0x14}, 0x1, 0x0, 0x0, 0x844}, 0x20000000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) epoll_ctl$auto(0x5, 0x2, 0x8000000000000000, 0x0) madvise$auto(0x0, 0x7ffffffffffffffc, 0xc) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) 6.09612416s ago: executing program 3 (id=1459): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x1d, 0x2, 0x6) poll$auto(0x0, 0x2, 0xc) move_mount$auto(0x2, &(0x7f0000000080)='$%%\\)\\9{@\']\x00\x9d:$\xbe\x96H\x19\x01x\x12\'\xd4\xaf\xf0\x90\xf5\t3\x8d\bB\x0fq\x1cu\xf3\xf5W\x02\x9f\x7f)\xd4\x83\x8dr\xc7&\xe1\xf5L\xd9O\xaf\xe8e\x88\x989\'d\x18\x95\xb1\x84\x0f\xb1M9\xff\x8dT\xe4\x1f\x10\x94\xf7\x18\xe64\">\xa3\xc3\x9b\xe5M\xbd\xccU\x1dP0>\xe9\xf5\x05\xcbD(\xfa\x9cS7\xcd\b.\xcc\xac\x89\xe8B\xab\xff<\xb7\x16\xccLt\xb5\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00R^\xcc\xb8\xe9#t\xd7\xcb\x84QG\xc8\xb7sa\x8a1\b:\xd9\xf9ZfV\x92 \x14_\f\xa4p\xddW\xea\x1fL\xa5\xa5c+Y\xd7\x008k\xc5\x80\xe5\xfb\xca\xca\xc5\x8b\b\x02!(Z\xf4\xe3\xbd!\"\x89\xf5\xedd\xf0\x1c\xb7\xb0<1b\xa0\xf6\xce\x15=F\xa5\xe0\xd7Z\x96\x98Hok\xe4J\xff\x8dLG\xe7:', 0x3, &(0x7f0000000000)='\x00', 0x101) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) clone$auto(0x1002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x780) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000) fcntl$auto(0x4, 0x4, 0xa553) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x5, 0xffffff44, 0xe) 4.872009286s ago: executing program 0 (id=1462): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000940), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1200c801}, 0x240000c8) 4.099878398s ago: executing program 0 (id=1463): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioperm$auto(0xde, 0x9, 0x500402) keyctl$auto(0x20000000000001f, 0x20000002, 0x8000, 0xf, 0x8400000000000007) ioctl$auto(0x6, 0x8, 0x4) lremovexattr$auto(0xfffffffffffffffd, 0xfffffffffffffffd) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000940), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1200c801}, 0x240000c8) 3.971901331s ago: executing program 3 (id=1465): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000e00), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_ECHOREQ(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="4debb652276ae7cdb94bc5b88ec6937c1b958d6d000000003ce5339ea1a8982d36585eaf010f262ff6a07ef20622d198eb415fa18e8c185a3586c1d9e806860d46c230e5c9cd3a66d8872975a2f82820c788738fc8630d663cd9aa6cca7e1add27f7446dfce7d03476e5d878e565e12e4c1b24af673119e6485593a3e65f30e292ef"], 0x14}, 0x1, 0x0, 0x0, 0x2}, 0x40800) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000e00), 0xffffffffffffffff) (async) sendmsg$auto_GTP_CMD_ECHOREQ(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="4debb652276ae7cdb94bc5b88ec6937c1b958d6d000000003ce5339ea1a8982d36585eaf010f262ff6a07ef20622d198eb415fa18e8c185a3586c1d9e806860d46c230e5c9cd3a66d8872975a2f82820c788738fc8630d663cd9aa6cca7e1add27f7446dfce7d03476e5d878e565e12e4c1b24af673119e6485593a3e65f30e292ef"], 0x14}, 0x1, 0x0, 0x0, 0x2}, 0x40800) (async) 3.58379071s ago: executing program 0 (id=1467): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) keyctl$auto(0xffffffffffff7fff, 0x100000002, 0x8, 0xff, 0xacef) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x1ffff000, 0x6, 0x1, 0x0, 0x7ffb, 0x2) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) lsm_list_modules$auto(0x0, 0x0, 0x0) mbind$auto(0xf000, 0x1ff, 0x100000004, 0x0, 0x6, 0x2) socket(0x11, 0x2, 0x73) socket(0x23, 0x80805, 0x0) read$auto(0x3, 0x0, 0x7) mmap$auto(0x6, 0x3, 0x5, 0x18, 0x3, 0xb) socket(0xa, 0x2, 0x73) connect$auto(0x5, &(0x7f0000000240)={0x402, @sockaddr_1_1}, 0x7) socket(0x2, 0xa, 0xe57a) socket(0x2b, 0x1, 0x1) setsockopt$auto(0x6, 0x8000000000000006, 0x25, 0x0, 0x7ffffc) 3.480138536s ago: executing program 3 (id=1468): socket(0xa, 0x3, 0x6) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x8916, 0x91) madvise$auto(0x1ffff000, 0x208000000010001, 0x8) madvise$auto(0x0, 0x3, 0x14) unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) clone$auto(0xfffffffe00000, 0x5, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x4) 3.269066928s ago: executing program 1 (id=1469): r0 = socket(0x1, 0x4, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') ioctl$NS_GET_PARENT(r1, 0xb701, 0x0) socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth1_macvtap\x00'}) 2.376689867s ago: executing program 3 (id=1470): socket(0x18, 0x4, 0x1) connect$auto(0x3, &(0x7f0000000180)={0x5, @sockaddr_1_1}, 0x54) r0 = socket(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20048810}, 0x4804) 2.273349082s ago: executing program 0 (id=1471): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000940), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1200c801}, 0x240000c8) 2.050729433s ago: executing program 0 (id=1472): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(0x6, 0x40000000084, 0x24, 0xfffffffffffffffe, 0x0) waitid$auto(0xbe7d, 0x10000, 0xffffffffffffffff, 0xf, 0xfffffffffffffffc) 1.687897063s ago: executing program 2 (id=1474): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000940), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1200c801}, 0x240000c8) (fail_nth: 3) 1.674398743s ago: executing program 2 (id=1475): mmap$auto(0xfffffffffffffffe, 0x2000000008, 0x7, 0x1000000000000c78, 0x0, 0x10000) ioperm$auto(0x3b, 0xf99b, 0x6) preadv2$auto(0x100000000, 0xfffffffffffffffc, 0x2, 0x400, 0xfffffffffffffffe, 0x400) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000002100), r0) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000002140)={0x18, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000054}, 0x4000870) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) 1.538417407s ago: executing program 2 (id=1476): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(0x0, 0x402, 0x80000001) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) lseek$auto(0x81, 0x8, 0xffff0001) getsockopt$auto(0x6, 0x40000000084, 0x1f, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xffff, 0x6, 0xfffffffffffffff7, 0xfffffffffffffffd) lsm_list_modules$auto(0x0, 0x0, 0x0) move_pages$auto(0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x2) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/mnt\x00') 1.409957951s ago: executing program 3 (id=1477): r0 = socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) socket(0xa, 0x1, 0x0) socket(0x22, 0x2, 0x3) shutdown$auto(0x200000003, 0x2) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000940), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1200c801}, 0x240000c8) 1.292732614s ago: executing program 2 (id=1478): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={0x0, 0x14}, 0x1, 0x0, 0x0, 0xecac9eb1bdd4400c}, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x22, 0x2, 0x4) sendfile$auto(0x1, 0x3, 0x0, 0xc01) write$auto(0x0, &(0x7f0000000000)=':\x00', 0x9) rseq$auto(&(0x7f0000000000)={0xf8, 0x3, 0x9, 0xd5, 0x7, 0xfffeffff, "2b344599651c3ee4c974950b4244930d681061cee0b5a57b0893aa5834d5efc8435edbc1fd6137e97e01752127b40162f409240400c8e4ad7c7c70cb0595d28818f75e2fdb716ffd100992dde127a07937df892142140c781eae773099188c584b1efed53be8bbeea4b748d9"}, 0x6, 0x0, 0x7) ioprio_set$auto(0x3, 0x400000000064, 0x72e2f0a) fsetxattr$auto(0x0, &(0x7f0000000100)='[,!\x00', &(0x7f0000000140)="4e39b41f72553da49a2592510b45c0bab6304d3d953db302db21c5065d96e23bf02ec5c62ef9c42021ba1bde806446fc2c0d8b5b108c7b26d0b1b8a8ba93213d8ce7b5839f2ac99470ca381c877a96bdbfc2fd08d69292ed479b5fe60fdb3909a5b85aa831de3746cb78d8c86b7fd7ffdb655eb9af7f283e2139b120647586b4b7d9c7a85f1a5dcf", 0x5, 0x2) 894.452808ms ago: executing program 0 (id=1479): socket(0xa, 0x3, 0x6) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x8916, 0x91) madvise$auto(0x1ffff000, 0x208000000010001, 0x8) madvise$auto(0x0, 0x3, 0x14) unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) clone$auto(0xfffffffe00000, 0x5, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x4) 471.586844ms ago: executing program 3 (id=1480): r0 = open(&(0x7f0000000040)='./file0\x00', 0x210000, 0x45) sendmsg$auto_NL80211_CMD_GET_STATION(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)={0x17c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_MLO_LINK_DISABLED={0x4}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x7}, @NL80211_ATTR_MAC={0x82, 0x6, "40a94f89785300d38e60314041bd996df59a512bb9f3d33bcceb9be73ec0472cc6921b8f3cf2f86e9c4c0c76987cdf5c56cc924b7bc66cd5346a9b6fb9e1854bab9b666c016ea7b08537359458f07831db51eafacb5361b5671a6cd7b8c9837f98d4f4a6047f2e1af53c2e85f3d0860e892c9994747d3a7c6bf650c4cd4c"}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x9}, @NL80211_ATTR_MESH_CONFIG={0x6b, 0x23, "6c4250a60f700ed82ea333fec4dffd9cf4c1ea08f581a8d55cc769cba1baf6c2a1a6e1bb98cceedef308fc236de482eefc538bb399484273cbb1c6116815406a36074dd2154515422cf157d3251f59dc67604d11a1201229c9b7195e1f95304e8cb00d35a53723"}, @NL80211_ATTR_FILS_ERP_REALM={0x59, 0xfa, "1b18bb223530692e3770ab8014c8aa2ba09f51a18c0f860dfac327b44da990132e32d6eb3fa0fa3ed27289d6e8e8f5fb3f4aa9bbfe2deb1ba59bb1575a6adaf018c5db6ebf48c068e190772a64ec32f1727278242c"}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xbe1}]}, 0x17c}, 0x1, 0x0, 0x0, 0xc005}, 0x8000) close_range$auto(0x0, 0xfffffffffffff040, 0x4000000000002) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) setsockopt$auto(0x4, 0x0, 0x20, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) mlock$auto(0xfbe8, 0x4) mlock$auto(0x4, 0x0) mmap$auto(0xccaa, 0x100000001, 0x5, 0x369b, 0x5, 0x0) mlock$auto(0x7c88, 0x7fff) futex_waitv$auto(0x0, 0x9, 0x0, 0xfffffffffffffffd, 0x7) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(0x1, 0x0, 0x0, 0xc01) socket(0x23, 0x5, 0x0) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010028bd70"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x4040090) sendmmsg$auto(0x1, &(0x7f0000000140)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xa}, 0x9, &(0x7f0000000380), 0xd, 0x5}, 0x69}, 0x1, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) mbind$auto(0xffffffff, 0x3, 0x6, &(0x7f0000000000)=0x10001, 0x8001, 0x1) futex$auto(&(0x7f00000001c0)=0x5, 0x8, 0x200, &(0x7f0000000280)={0x2, 0xffffffffffffffff}, &(0x7f00000002c0)=0x400, 0xffffffff) 296.161774ms ago: executing program 2 (id=1481): mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) timer_create$auto(0x8, 0x0, 0x0) mq_notify$auto(0xfffffff1, &(0x7f0000000000)={@sival_int=0xcc000000, 0x1ff, 0x3}) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) timer_create$auto(0x8, 0x0, 0x0) (async) mq_notify$auto(0xfffffff1, &(0x7f0000000000)={@sival_int=0xcc000000, 0x1ff, 0x3}) (async) 0s ago: executing program 2 (id=1482): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) eventfd$auto(0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000e40), 0xffffffffffffffff) socket(0x8, 0x0, 0x6) socket(0x1e, 0x1, 0x0) connect$auto(0x3, 0xfffffffffffffffe, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000e80)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@HWSIM_ATTR_IFTYPE_SUPPORT={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0xc0) socket(0xa, 0x3, 0x6) ioctl$auto(0x3, 0x8916, 0x91) madvise$auto(0x1ffff000, 0x208000000010001, 0x8) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x3, 0x14) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x23, 0x18) setresgid$auto(0xfff, 0x8, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r3, @ANYBLOB="010025bd7000fadbdf25040000008a0016001a"], 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800) r4 = socket$nl_generic(0x10, 0x3, 0x10) fgetxattr$auto(0xcde5, &(0x7f0000000140)='+/\x00', &(0x7f0000000180)="ac4b049b5fd1473a9f57b7e352a494410455e4c0492514a3ff22cf2c9def62f3f93a91b3c8fc881302f0ba73b2b9566a9e857aee92eca635e1cb448d70d3ce745487def55b7dcb24f3789cf0f74f5f92c05fba4497b6de1f5ad5730e0d6dacc9d905d4c55a2cbce4a6af03a681375ce2b04ccc92e65d6ce544763fa4201af9607437b37d989d037830b575b3c5af212fe0f78e03e7010d9a37989a623a2f9bd88f656b2b74283aa8ecee6cae914bdb4f004ee57424b53fbb346bf1a77ab328815ddceacf5ba8f84835b02655fdf3354fca74f87f130d74886e5d239bd6fef19b7c97dddc3ea01bb736", 0x8) r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), 0xffffffffffffffff) getitimer$auto(0x5, &(0x7f0000000280)={{0xc5b, 0x33}, {0x80000001, 0xffffffffffffffff}}) sendmsg$auto_BATADV_CMD_GET_HARDIF(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x1, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x800) unshare$auto(0x200) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.154' (ED25519) to the list of known hosts. [ 74.519533][ T5220] cgroup: Unknown subsys name 'net' [ 74.639952][ T5220] cgroup: Unknown subsys name 'cpuset' [ 74.648537][ T5220] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 76.354925][ T5220] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 76.657955][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.664524][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 78.432144][ T5233] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.446563][ T5233] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.466196][ T5233] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.475003][ T5233] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.485989][ T5233] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 78.493510][ T5233] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.513195][ T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.523729][ T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.540808][ T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.552201][ T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.560853][ T55] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 78.568886][ T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 78.588314][ T5233] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.598428][ T5233] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.599208][ T5241] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.607336][ T5233] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.615452][ T5241] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.621998][ T5233] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.629168][ T5241] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.637819][ T5233] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 78.643701][ T5241] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.648868][ T5233] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.657101][ T5241] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 78.670357][ T5241] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.089448][ T5229] chnl_net:caif_netlink_parms(): no params data found [ 79.155253][ T5236] chnl_net:caif_netlink_parms(): no params data found [ 79.171600][ T5240] chnl_net:caif_netlink_parms(): no params data found [ 79.237981][ T5234] chnl_net:caif_netlink_parms(): no params data found [ 79.289380][ T5229] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.297547][ T5229] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.305025][ T5229] bridge_slave_0: entered allmulticast mode [ 79.312535][ T5229] bridge_slave_0: entered promiscuous mode [ 79.360174][ T5229] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.367701][ T5229] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.374928][ T5229] bridge_slave_1: entered allmulticast mode [ 79.382116][ T5229] bridge_slave_1: entered promiscuous mode [ 79.441816][ T5240] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.451977][ T5240] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.460427][ T5240] bridge_slave_0: entered allmulticast mode [ 79.468645][ T5240] bridge_slave_0: entered promiscuous mode [ 79.480059][ T5229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.492480][ T5229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.514538][ T5240] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.521998][ T5240] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.529423][ T5240] bridge_slave_1: entered allmulticast mode [ 79.537011][ T5240] bridge_slave_1: entered promiscuous mode [ 79.553354][ T5236] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.560879][ T5236] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.568971][ T5236] bridge_slave_0: entered allmulticast mode [ 79.576537][ T5236] bridge_slave_0: entered promiscuous mode [ 79.584186][ T5236] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.591542][ T5236] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.599350][ T5236] bridge_slave_1: entered allmulticast mode [ 79.607152][ T5236] bridge_slave_1: entered promiscuous mode [ 79.687447][ T5240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.703261][ T5229] team0: Port device team_slave_0 added [ 79.712139][ T5236] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.722144][ T5234] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.729982][ T5234] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.742119][ T5234] bridge_slave_0: entered allmulticast mode [ 79.749454][ T5234] bridge_slave_0: entered promiscuous mode [ 79.759327][ T5234] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.766717][ T5234] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.773931][ T5234] bridge_slave_1: entered allmulticast mode [ 79.781734][ T5234] bridge_slave_1: entered promiscuous mode [ 79.789946][ T5240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.805040][ T5229] team0: Port device team_slave_1 added [ 79.813029][ T5236] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.880811][ T5236] team0: Port device team_slave_0 added [ 79.889659][ T5234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.901807][ T5234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.930606][ T5236] team0: Port device team_slave_1 added [ 79.957265][ T5240] team0: Port device team_slave_0 added [ 79.964068][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.971632][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.998001][ T5229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.032113][ T5234] team0: Port device team_slave_0 added [ 80.040606][ T5240] team0: Port device team_slave_1 added [ 80.057443][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.065256][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.092056][ T5229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.116304][ T5236] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.123401][ T5236] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.149711][ T5236] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.162903][ T5234] team0: Port device team_slave_1 added [ 80.187366][ T5236] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.194464][ T5236] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.220589][ T5236] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.242089][ T5240] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.249243][ T5240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.276605][ T5240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.290172][ T5240] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.297253][ T5240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.323329][ T5240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.383642][ T5229] hsr_slave_0: entered promiscuous mode [ 80.393223][ T5229] hsr_slave_1: entered promiscuous mode [ 80.401195][ T5234] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.412516][ T5234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.442333][ T5234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.455025][ T5234] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.462135][ T5234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.488286][ T5234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.535245][ T5240] hsr_slave_0: entered promiscuous mode [ 80.542688][ T5240] hsr_slave_1: entered promiscuous mode [ 80.549150][ T5240] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.557124][ T5240] Cannot create hsr debugfs directory [ 80.582929][ T5236] hsr_slave_0: entered promiscuous mode [ 80.589106][ T5241] Bluetooth: hci0: command tx timeout [ 80.595075][ T5236] hsr_slave_1: entered promiscuous mode [ 80.601542][ T5236] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.609578][ T5236] Cannot create hsr debugfs directory [ 80.672030][ T5234] hsr_slave_0: entered promiscuous mode [ 80.678872][ T5234] hsr_slave_1: entered promiscuous mode [ 80.684921][ T5234] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.692593][ T5234] Cannot create hsr debugfs directory [ 80.736148][ T5241] Bluetooth: hci3: command tx timeout [ 80.747733][ T5238] Bluetooth: hci1: command tx timeout [ 80.753612][ T5241] Bluetooth: hci2: command tx timeout [ 81.006282][ T5229] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.021627][ T5229] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.043196][ T5229] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.064243][ T5229] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 81.108288][ T5240] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.127089][ T5240] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.161901][ T5240] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.172615][ T5240] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.218865][ T5234] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.244831][ T5234] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.275786][ T5234] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.294355][ T5234] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.359503][ T5236] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.387836][ T5236] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.410724][ T5236] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.421681][ T5236] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.439073][ T5240] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.461236][ T5229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.488179][ T5240] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.521518][ T3002] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.528928][ T3002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.553639][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.560837][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.594344][ T5229] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.634112][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.641415][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.681391][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.688550][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.780839][ T5234] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.831809][ T5234] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.871542][ T5236] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.889207][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.896451][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.947814][ T5236] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.987312][ T3002] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.994693][ T3002] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.040127][ T3002] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.047422][ T3002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.073501][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.081242][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.119475][ T5240] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.242088][ T5240] veth0_vlan: entered promiscuous mode [ 82.269864][ T5240] veth1_vlan: entered promiscuous mode [ 82.321095][ T5229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.408032][ T5240] veth0_macvtap: entered promiscuous mode [ 82.450135][ T5240] veth1_macvtap: entered promiscuous mode [ 82.503100][ T5229] veth0_vlan: entered promiscuous mode [ 82.520353][ T5240] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.538885][ T5240] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.561901][ T5240] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.572325][ T5240] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.583416][ T5240] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.593017][ T5240] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.605740][ T5229] veth1_vlan: entered promiscuous mode [ 82.624361][ T5236] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.656063][ T5241] Bluetooth: hci0: command tx timeout [ 82.677568][ T5234] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.704496][ T5229] veth0_macvtap: entered promiscuous mode [ 82.745281][ T5229] veth1_macvtap: entered promiscuous mode [ 82.816395][ T5238] Bluetooth: hci1: command tx timeout [ 82.821915][ T4620] Bluetooth: hci3: command tx timeout [ 82.825368][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.827781][ T5241] Bluetooth: hci2: command tx timeout [ 82.849028][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.862219][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.885403][ T5236] veth0_vlan: entered promiscuous mode [ 82.918482][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.929472][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.941050][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.953230][ T3002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.965167][ T5236] veth1_vlan: entered promiscuous mode [ 82.971893][ T3002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.005373][ T5229] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.021862][ T5229] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.031797][ T5229] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.040925][ T5229] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.082884][ T5234] veth0_vlan: entered promiscuous mode [ 83.096183][ T1836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.102372][ T5234] veth1_vlan: entered promiscuous mode [ 83.111502][ T1836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.213449][ T5236] veth0_macvtap: entered promiscuous mode [ 83.239813][ T5240] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 83.286860][ T5234] veth0_macvtap: entered promiscuous mode [ 83.305155][ T5234] veth1_macvtap: entered promiscuous mode [ 83.317755][ T5236] veth1_macvtap: entered promiscuous mode [ 83.330413][ T5234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.341045][ T5234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.351418][ T5234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.363464][ T5234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.376691][ T5234] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.401116][ T1836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.415647][ T1836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.445507][ T5234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.460453][ T5234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.471167][ T5234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.484104][ T5234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.505235][ T5234] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.561128][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.578792][ T5234] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.587998][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.607554][ T5234] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.641742][ T5234] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.660918][ T5234] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.697092][ T5236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.713969][ T5236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.723998][ T5236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.742310][ T5236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.766265][ T5236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.783437][ T5236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.807883][ T5236] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.829678][ T5236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.866542][ T5236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.877093][ T5236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.888594][ T5236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.899815][ T5236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.910718][ T5236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.923176][ T5236] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.989388][ T5236] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.019638][ T5236] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.038363][ T5236] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.054223][ T5236] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.271167][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.280878][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.357831][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.390987][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.574266][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.599700][ T1836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.607878][ T1836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.608096][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.737803][ T5241] Bluetooth: hci0: command tx timeout [ 84.897091][ T5241] Bluetooth: hci2: command tx timeout [ 84.902592][ T5241] Bluetooth: hci3: command tx timeout [ 84.906037][ T4620] Bluetooth: hci1: command tx timeout [ 85.445260][ T5313] mmap: syz.1.8 (5313) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 86.817084][ T4620] Bluetooth: hci0: command tx timeout [ 87.001048][ T4620] Bluetooth: hci1: command tx timeout [ 87.006636][ T4620] Bluetooth: hci3: command tx timeout [ 87.012078][ T4620] Bluetooth: hci2: command tx timeout [ 88.851373][ T5342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 88.862538][ T5345] kernel read not supported for file /#)-\&[} (pid: 5345 comm: syz.1.15) [ 88.905265][ T29] audit: type=1800 audit(1727406646.140:2): pid=5345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.15" name="#)-\&[}" dev="mqueue" ino=6096 res=0 errno=0 [ 92.032899][ T937] cfg80211: failed to load regulatory.db [ 97.734291][ T5432] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 97.806553][ T5401] syz.0.28 uses obsolete (PF_INET,SOCK_PACKET) [ 103.796366][ T5454] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 110.719688][ T5500] ======================================================= [ 110.719688][ T5500] WARNING: The mand mount option has been deprecated and [ 110.719688][ T5500] and is ignored by this kernel. Remove the mand [ 110.719688][ T5500] option from the mount to silence this warning. [ 110.719688][ T5500] ======================================================= [ 113.076286][ T5520] netlink: 24 bytes leftover after parsing attributes in process `syz.2.57'. [ 116.824427][ T4620] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 116.837920][ T4620] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 116.848519][ T4620] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 116.883231][ T4620] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 116.896354][ T4620] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 116.904083][ T4620] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 117.259777][ T5545] chnl_net:caif_netlink_parms(): no params data found [ 118.342190][ T5545] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.371187][ T5545] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.385940][ T5545] bridge_slave_0: entered allmulticast mode [ 118.403451][ T5545] bridge_slave_0: entered promiscuous mode [ 118.413597][ T5545] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.421208][ T5545] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.428547][ T5545] bridge_slave_1: entered allmulticast mode [ 118.435970][ T5545] bridge_slave_1: entered promiscuous mode [ 118.985834][ T5241] Bluetooth: hci4: command tx timeout [ 119.180505][ T5545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 119.219059][ T5545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 120.810292][ T5545] team0: Port device team_slave_0 added [ 120.831434][ T5545] team0: Port device team_slave_1 added [ 120.944653][ T5383] syz.1.23 (5383) used greatest stack depth: 19440 bytes left [ 121.057898][ T5241] Bluetooth: hci4: command tx timeout [ 121.441731][ T5545] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 121.449419][ T5545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.539111][ T5545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 121.566428][ T5545] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 121.583652][ T5545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.641079][ T5545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 122.463652][ T5366] syz.1.18 (5366) used greatest stack depth: 18848 bytes left [ 123.146599][ T5241] Bluetooth: hci4: command tx timeout [ 124.430731][ T5322] syz.1.9 (5322) used greatest stack depth: 18352 bytes left [ 124.789741][ T5545] hsr_slave_0: entered promiscuous mode [ 124.977111][ T5545] hsr_slave_1: entered promiscuous mode [ 125.005249][ T5545] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 125.021863][ T5545] Cannot create hsr debugfs directory [ 125.215935][ T5241] Bluetooth: hci4: command tx timeout [ 131.823592][ T62] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.834672][ T62] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.143189][ T62] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.349727][ T62] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.850392][ T62] bridge_slave_1: left allmulticast mode [ 136.886306][ T62] bridge_slave_1: left promiscuous mode [ 136.893458][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.007182][ T62] bridge_slave_0: left allmulticast mode [ 137.013088][ T62] bridge_slave_0: left promiscuous mode [ 137.055965][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.100354][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.106927][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.347248][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 139.370432][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 139.413910][ T62] bond0 (unregistering): Released all slaves [ 141.151964][ T62] hsr_slave_0: left promiscuous mode [ 141.187535][ T62] hsr_slave_1: left promiscuous mode [ 141.215760][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.223324][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.309121][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.335738][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.499795][ T62] veth1_macvtap: left promiscuous mode [ 141.525105][ T62] veth0_macvtap: left promiscuous mode [ 141.546957][ T62] veth1_vlan: left promiscuous mode [ 141.553511][ T62] veth0_vlan: left promiscuous mode [ 143.842161][ T5868] netlink: 'syz.3.141': attribute type 2 has an invalid length. [ 144.406828][ T62] team0 (unregistering): Port device team_slave_1 removed [ 144.623455][ T62] team0 (unregistering): Port device team_slave_0 removed [ 146.352245][ T5545] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 146.458945][ T5545] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 146.583589][ T5545] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 146.702532][ T5545] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 147.052405][ T5545] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.118806][ T5545] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.142303][ T3002] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.149547][ T3002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.201699][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.209071][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.744414][ T5545] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.873913][ T5545] veth0_vlan: entered promiscuous mode [ 147.933370][ T5545] veth1_vlan: entered promiscuous mode [ 148.038475][ T5545] veth0_macvtap: entered promiscuous mode [ 148.078232][ T5545] veth1_macvtap: entered promiscuous mode [ 148.130353][ T5545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.163219][ T5545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.181700][ T5545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.200091][ T5545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.212472][ T5545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.236415][ T5545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.288183][ T5545] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.319815][ T5545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.376346][ T5545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.415637][ T5545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.445709][ T5545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.475621][ T5545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.515627][ T5545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.547255][ T5545] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.585131][ T5545] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.635705][ T5545] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.665756][ T5545] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.695694][ T5545] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.951788][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.005641][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.077440][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.098644][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.780741][ T5961] syz.2.166 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 151.843450][ T6003] Zero length message leads to an empty skb [ 155.844354][ T6063] could not allocate digest TFM handle [ 156.462659][ T6082] FAULT_INJECTION: forcing a failure. [ 156.462659][ T6082] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 156.536830][ T6082] CPU: 0 UID: 0 PID: 6082 Comm: syz.1.204 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 156.547191][ T6082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 156.557331][ T6082] Call Trace: [ 156.560664][ T6082] [ 156.563654][ T6082] dump_stack_lvl+0x16c/0x1f0 [ 156.568533][ T6082] should_fail_ex+0x497/0x5b0 [ 156.573310][ T6082] _copy_to_user+0x30/0xc0 [ 156.577827][ T6082] simple_read_from_buffer+0xd0/0x160 [ 156.583303][ T6082] proc_fail_nth_read+0x198/0x270 [ 156.588480][ T6082] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 156.594305][ T6082] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 156.600067][ T6082] vfs_read+0x1ce/0xbd0 [ 156.604435][ T6082] ? __fget_files+0x23a/0x3f0 [ 156.609244][ T6082] ? fdget_pos+0x24c/0x360 [ 156.613765][ T6082] ? __pfx_lock_release+0x10/0x10 [ 156.619084][ T6082] ? __pfx_vfs_read+0x10/0x10 [ 156.623896][ T6082] ? __pfx___mutex_lock+0x10/0x10 [ 156.629018][ T6082] ? __fget_files+0x244/0x3f0 [ 156.634406][ T6082] ksys_read+0x12f/0x260 [ 156.638908][ T6082] ? __pfx_ksys_read+0x10/0x10 [ 156.644163][ T6082] do_syscall_64+0xcd/0x250 [ 156.649109][ T6082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.655659][ T6082] RIP: 0033:0x7fef4f97c97c [ 156.660252][ T6082] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 156.680166][ T6082] RSP: 002b:00007fef50747030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 156.688668][ T6082] RAX: ffffffffffffffda RBX: 00007fef4fb36058 RCX: 00007fef4f97c97c [ 156.696712][ T6082] RDX: 000000000000000f RSI: 00007fef507470a0 RDI: 0000000000000004 [ 156.704790][ T6082] RBP: 00007fef50747090 R08: 0000000000000000 R09: 0000000000000000 [ 156.712911][ T6082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.720957][ T6082] R13: 0000000000000000 R14: 00007fef4fb36058 R15: 00007ffd49a3c348 [ 156.729081][ T6082] [ 165.556038][ T4620] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 165.568350][ T4620] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 165.577345][ T4620] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 165.586983][ T4620] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 165.606605][ T4620] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 165.624484][ T4620] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 166.327182][ T6155] chnl_net:caif_netlink_parms(): no params data found [ 167.696391][ T4620] Bluetooth: hci1: command tx timeout [ 169.775865][ T4620] Bluetooth: hci1: command tx timeout [ 171.865811][ T4620] Bluetooth: hci1: command tx timeout [ 173.936313][ T4620] Bluetooth: hci1: command tx timeout [ 173.962083][ T6155] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.988910][ T6155] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.031879][ T6155] bridge_slave_0: entered allmulticast mode [ 174.075171][ T6155] bridge_slave_0: entered promiscuous mode [ 174.129269][ T6155] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.163745][ T6155] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.176634][ T6155] bridge_slave_1: entered allmulticast mode [ 174.194126][ T6155] bridge_slave_1: entered promiscuous mode [ 174.532582][ T6155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.560560][ T6155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.741093][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.825024][ T6155] team0: Port device team_slave_0 added [ 174.854998][ T6155] team0: Port device team_slave_1 added [ 174.933735][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.170981][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.217157][ T6155] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 175.234625][ T6155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.295252][ T6155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.398026][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.443458][ T6155] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.469940][ T6155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.545581][ T6155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.763334][ T6155] hsr_slave_0: entered promiscuous mode [ 175.785905][ T6155] hsr_slave_1: entered promiscuous mode [ 175.805677][ T6155] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.816012][ T6155] Cannot create hsr debugfs directory [ 176.080436][ T12] bridge_slave_1: left allmulticast mode [ 176.095968][ T12] bridge_slave_1: left promiscuous mode [ 176.137474][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.192389][ T12] bridge_slave_0: left allmulticast mode [ 176.212092][ T12] bridge_slave_0: left promiscuous mode [ 176.224491][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.466801][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 177.533790][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.548304][ T12] bond0 (unregistering): Released all slaves [ 178.747397][ T12] hsr_slave_0: left promiscuous mode [ 178.973969][ T12] hsr_slave_1: left promiscuous mode [ 179.151764][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 179.161079][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 179.202921][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 179.226902][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 179.306758][ T12] veth1_macvtap: left promiscuous mode [ 179.312519][ T12] veth0_macvtap: left promiscuous mode [ 179.325011][ T12] veth1_vlan: left promiscuous mode [ 179.331767][ T12] veth0_vlan: left promiscuous mode [ 179.354628][ T6298] kernel read not supported for file /ÿ)-\&[} (pid: 6298 comm: syz.1.268) [ 179.367146][ T29] audit: type=1800 audit(6022374288.610:3): pid=6298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.268" name=FF292D5C265B7D dev="mqueue" ino=10888 res=0 errno=0 [ 179.998979][ T12] team0 (unregistering): Port device team_slave_1 removed [ 180.086915][ T12] team0 (unregistering): Port device team_slave_0 removed [ 181.160254][ T6155] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 181.213343][ T6155] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 181.293276][ T6155] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 181.339189][ T6155] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 181.611835][ T6155] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.682725][ T6155] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.752085][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.759374][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.814382][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.821676][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.398272][ T6155] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.518431][ T6155] veth0_vlan: entered promiscuous mode [ 182.551980][ T6155] veth1_vlan: entered promiscuous mode [ 182.647302][ T6155] veth0_macvtap: entered promiscuous mode [ 182.674876][ T6155] veth1_macvtap: entered promiscuous mode [ 182.730288][ T6155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.755669][ T6155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.781116][ T6155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.812521][ T6155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.834822][ T6155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.856001][ T6155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.877806][ T6155] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.910467][ T6155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 182.938004][ T6155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.982066][ T6155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.007287][ T6155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.035672][ T6155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.068578][ T6155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.097066][ T6155] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.114425][ T6155] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.150822][ T6155] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.170972][ T6155] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.200693][ T6155] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.462860][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.495629][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.576091][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.602972][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.465252][ T6370] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 186.331557][ T6387] svc: failed to register nfsdv3 RPC service (errno 111). [ 186.371504][ T6387] svc: failed to register nfsaclv3 RPC service (errno 111). [ 186.916428][ T6397] nbd: must specify at least one socket [ 189.603009][ T6440] delete_channel: no stack [ 190.343447][ T6467] FAULT_INJECTION: forcing a failure. [ 190.343447][ T6467] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.356796][ T6467] CPU: 0 UID: 0 PID: 6467 Comm: syz.0.314 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 190.367154][ T6467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 190.377273][ T6467] Call Trace: [ 190.380609][ T6467] [ 190.383595][ T6467] dump_stack_lvl+0x16c/0x1f0 [ 190.388359][ T6467] should_fail_ex+0x497/0x5b0 [ 190.393122][ T6467] _copy_to_user+0x30/0xc0 [ 190.397620][ T6467] fs_name+0x129/0x1e0 [ 190.401770][ T6467] __x64_sys_sysfs+0xbf/0x1a0 [ 190.406527][ T6467] do_syscall_64+0xcd/0x250 [ 190.411124][ T6467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.417125][ T6467] RIP: 0033:0x7fd00897df39 [ 190.421611][ T6467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.441289][ T6467] RSP: 002b:00007fd0097f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000008b [ 190.449821][ T6467] RAX: ffffffffffffffda RBX: 00007fd008b35f80 RCX: 00007fd00897df39 [ 190.457860][ T6467] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000002 [ 190.466067][ T6467] RBP: 00007fd0097f7090 R08: 0000000000000000 R09: 0000000000000000 [ 190.474118][ T6467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.482132][ T6467] R13: 0000000000000000 R14: 00007fd008b35f80 R15: 00007ffe58901578 [ 190.490192][ T6467] [ 191.341552][ T6495] FAULT_INJECTION: forcing a failure. [ 191.341552][ T6495] name failslab, interval 1, probability 0, space 0, times 1 [ 191.355131][ T6495] CPU: 0 UID: 0 PID: 6495 Comm: syz.0.325 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 191.365461][ T6495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 191.375569][ T6495] Call Trace: [ 191.378883][ T6495] [ 191.381868][ T6495] dump_stack_lvl+0x16c/0x1f0 [ 191.386645][ T6495] should_fail_ex+0x497/0x5b0 [ 191.391399][ T6495] ? fs_reclaim_acquire+0xae/0x160 [ 191.396592][ T6495] should_failslab+0xc2/0x120 [ 191.401443][ T6495] __kmalloc_cache_noprof+0x6b/0x310 [ 191.406953][ T6495] ? lock_acquire+0x1b1/0x560 [ 191.411710][ T6495] ? allocate_file_region_entries+0x1a3/0x620 [ 191.418202][ T6495] allocate_file_region_entries+0x1a3/0x620 [ 191.424177][ T6495] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 191.430699][ T6495] region_chg+0x85/0x140 [ 191.436037][ T6495] __vma_reservation_common+0x43d/0x740 [ 191.441801][ T6495] ? __pfx___vma_reservation_common+0x10/0x10 [ 191.447937][ T6495] ? huge_pte_alloc+0x22e/0x3a0 [ 191.452827][ T6495] hugetlb_fault+0x165c/0x2fa0 [ 191.457651][ T6495] ? __pfx_hugetlb_fault+0x10/0x10 [ 191.462830][ T6495] ? find_vma+0xc0/0x140 [ 191.467355][ T6495] ? __pfx_find_vma+0x10/0x10 [ 191.472094][ T6495] handle_mm_fault+0x930/0xaa0 [ 191.476939][ T6495] do_user_addr_fault+0x7a3/0x13f0 [ 191.482127][ T6495] exc_page_fault+0x5c/0xc0 [ 191.486689][ T6495] asm_exc_page_fault+0x26/0x30 [ 191.491803][ T6495] RIP: 0010:rep_movs_alternative+0x15/0x70 [ 191.497696][ T6495] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 [ 191.517371][ T6495] RSP: 0018:ffffc90003c67e98 EFLAGS: 00050202 [ 191.523504][ T6495] RAX: 0000000000000063 RBX: 0000000000000007 RCX: 0000000000000007 [ 191.531533][ T6495] RDX: fffffbfff16a0934 RSI: ffffffff8b5049a0 RDI: 0000000000000000 [ 191.539544][ T6495] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff16a0934 [ 191.547543][ T6495] R10: 0000000000000006 R11: 0000000000000000 R12: ffffffff8b5049a0 [ 191.555828][ T6495] R13: 0000000000000007 R14: 0000000000000000 R15: ffffffff8de0a390 [ 191.563987][ T6495] _copy_to_user+0xac/0xc0 [ 191.568800][ T6495] fs_name+0x129/0x1e0 [ 191.572990][ T6495] __x64_sys_sysfs+0xbf/0x1a0 [ 191.577936][ T6495] do_syscall_64+0xcd/0x250 [ 191.582482][ T6495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.588429][ T6495] RIP: 0033:0x7fd00897df39 [ 191.593134][ T6495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.613576][ T6495] RSP: 002b:00007fd0097f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000008b [ 191.622162][ T6495] RAX: ffffffffffffffda RBX: 00007fd008b35f80 RCX: 00007fd00897df39 [ 191.630264][ T6495] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000002 [ 191.638439][ T6495] RBP: 00007fd0097f7090 R08: 0000000000000000 R09: 0000000000000000 [ 191.646706][ T6495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 191.654761][ T6495] R13: 0000000000000000 R14: 00007fd008b35f80 R15: 00007ffe58901578 [ 191.662824][ T6495] [ 191.871609][ T6506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.329'. [ 191.881006][ T6505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.329'. [ 192.661642][ T6530] FAULT_INJECTION: forcing a failure. [ 192.661642][ T6530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 192.687542][ T6530] CPU: 1 UID: 0 PID: 6530 Comm: syz.2.337 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 192.697912][ T6530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 192.708034][ T6530] Call Trace: [ 192.711350][ T6530] [ 192.714326][ T6530] dump_stack_lvl+0x16c/0x1f0 [ 192.719080][ T6530] should_fail_ex+0x497/0x5b0 [ 192.723828][ T6530] _copy_to_user+0x30/0xc0 [ 192.728327][ T6530] simple_read_from_buffer+0xd0/0x160 [ 192.733789][ T6530] proc_fail_nth_read+0x198/0x270 [ 192.738881][ T6530] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 192.744517][ T6530] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 192.750260][ T6530] vfs_read+0x1ce/0xbd0 [ 192.754527][ T6530] ? __fget_files+0x23a/0x3f0 [ 192.759274][ T6530] ? fdget_pos+0x24c/0x360 [ 192.763755][ T6530] ? __pfx_lock_release+0x10/0x10 [ 192.768942][ T6530] ? __pfx_vfs_read+0x10/0x10 [ 192.774118][ T6530] ? __pfx___mutex_lock+0x10/0x10 [ 192.779275][ T6530] ? __fget_files+0x244/0x3f0 [ 192.784002][ T6530] ksys_read+0x12f/0x260 [ 192.788293][ T6530] ? __pfx_ksys_read+0x10/0x10 [ 192.793103][ T6530] ? syscall_user_dispatch+0x77/0x140 [ 192.798529][ T6530] do_syscall_64+0xcd/0x250 [ 192.803077][ T6530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.809049][ T6530] RIP: 0033:0x7ff6b117c97c [ 192.813509][ T6530] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 192.833264][ T6530] RSP: 002b:00007ff6b1f9c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 192.841743][ T6530] RAX: ffffffffffffffda RBX: 00007ff6b1335f80 RCX: 00007ff6b117c97c [ 192.849951][ T6530] RDX: 000000000000000f RSI: 00007ff6b1f9c0a0 RDI: 0000000000000003 [ 192.858067][ T6530] RBP: 00007ff6b1f9c090 R08: 0000000000000000 R09: 0000000000000000 [ 192.866089][ T6530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.874106][ T6530] R13: 0000000000000000 R14: 00007ff6b1335f80 R15: 00007fffbc7cf698 [ 192.882133][ T6530] [ 193.488894][ T1836] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.496240][ T6546] netlink: 229 bytes leftover after parsing attributes in process `syz.3.344'. [ 193.717030][ T1836] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.896393][ T5241] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 193.906795][ T5241] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 193.915786][ T5241] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 193.937478][ T5241] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 193.966162][ T5241] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 193.976511][ T5241] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 194.011412][ T1836] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.218289][ T1836] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.212691][ T6557] chnl_net:caif_netlink_parms(): no params data found [ 196.095904][ T4620] Bluetooth: hci0: command tx timeout [ 196.302326][ T1836] bridge_slave_1: left allmulticast mode [ 196.308470][ T1836] bridge_slave_1: left promiscuous mode [ 196.325305][ T1836] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.540736][ T1836] bridge_slave_0: left allmulticast mode [ 196.546892][ T1836] bridge_slave_0: left promiscuous mode [ 196.553616][ T1836] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.813105][ T1836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.845682][ T1836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.861683][ T1836] bond0 (unregistering): Released all slaves [ 198.178042][ T4620] Bluetooth: hci0: command tx timeout [ 198.819905][ T6557] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.840862][ T6557] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.858060][ T6557] bridge_slave_0: entered allmulticast mode [ 198.879810][ T6557] bridge_slave_0: entered promiscuous mode [ 198.914063][ T6557] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.932298][ T6557] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.952288][ T6557] bridge_slave_1: entered allmulticast mode [ 198.967085][ T6557] bridge_slave_1: entered promiscuous mode [ 199.544877][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.555743][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.880502][ T6557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.033185][ T1836] hsr_slave_0: left promiscuous mode [ 200.143175][ T1836] hsr_slave_1: left promiscuous mode [ 200.173124][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 200.195748][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 200.243404][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 200.256553][ T5241] Bluetooth: hci0: command tx timeout [ 200.276454][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 200.602270][ T1836] veth1_macvtap: left promiscuous mode [ 200.627483][ T1836] veth0_macvtap: left promiscuous mode [ 200.647572][ T1836] veth1_vlan: left promiscuous mode [ 200.653692][ T1836] veth0_vlan: left promiscuous mode [ 201.695620][ T5241] Bluetooth: hci2: command 0x0406 tx timeout [ 202.342312][ T4620] Bluetooth: hci0: command tx timeout [ 203.144358][ T1836] team0 (unregistering): Port device team_slave_1 removed [ 203.282715][ T1836] team0 (unregistering): Port device team_slave_0 removed [ 205.119573][ T6557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.446206][ T6557] team0: Port device team_slave_0 added [ 205.470672][ T6557] team0: Port device team_slave_1 added [ 205.667678][ T6557] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.674728][ T6557] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.701296][ T6557] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.725127][ T6557] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.732239][ T6557] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.759256][ T6557] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.040190][ T6557] hsr_slave_0: entered promiscuous mode [ 206.078051][ T6557] hsr_slave_1: entered promiscuous mode [ 207.585361][ T6802] netlink: 'syz.3.407': attribute type 11 has an invalid length. [ 207.925690][ T6801] netlink: 'syz.3.407': attribute type 11 has an invalid length. [ 210.217357][ T6557] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 210.302040][ T6557] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 210.378617][ T6557] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 210.511511][ T6557] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 211.000058][ T6557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 211.096789][ T6557] 8021q: adding VLAN 0 to HW filter on device team0 [ 211.157899][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.165099][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.217444][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.224646][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.335176][ T6557] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 211.369564][ T6557] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 211.873708][ T6557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 212.016286][ T6557] veth0_vlan: entered promiscuous mode [ 212.057403][ T6557] veth1_vlan: entered promiscuous mode [ 212.140683][ T6557] veth0_macvtap: entered promiscuous mode [ 212.170654][ T6557] veth1_macvtap: entered promiscuous mode [ 212.212705][ T6557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.240247][ T6557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.269585][ T6557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.299319][ T6557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.318306][ T6557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.329547][ T6557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.384501][ T6557] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.440385][ T6557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.475542][ T6557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.499790][ T6557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.536691][ T6557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.562688][ T6557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.593650][ T6557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.617335][ T6557] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 212.638692][ T6557] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.662660][ T6557] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.691902][ T6557] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.725553][ T6557] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.066352][ T1836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.074250][ T1836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.136798][ T3002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.144697][ T3002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.108444][ T7103] ptrace attach of "./syz-executor exec"[5236] was attempted by "./syz-executor exec"[7103] [ 227.287459][ T7174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.487'. [ 227.999560][ T7186] could not allocate digest TFM handle [ 228.197458][ T7204] cgroup: fork rejected by pids controller in /syz1 [ 234.733682][ T7309] delete_channel: no stack [ 242.635875][ T5238] Bluetooth: hci4: command 0x0406 tx timeout [ 250.428286][ T7468] could not allocate digest TFM handle [ 252.206992][ T7496] futex_wake_op: syz.2.569 tries to shift op by 64; fix this program [ 254.530145][ T7526] could not allocate digest TFM handle [ 260.087941][ T7594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 260.981498][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.988902][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 264.330777][ T7670] delete_channel: no stack [ 273.429316][ T7829] svc: failed to register nfsdv3 RPC service (errno 111). [ 273.472160][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 273.480603][ T7829] svc: failed to register nfsaclv3 RPC service (errno 111). [ 273.491088][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 273.501957][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 273.520418][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 273.533333][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 273.541042][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 274.122819][ T7831] chnl_net:caif_netlink_parms(): no params data found [ 274.584026][ T7831] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.595866][ T7831] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.623566][ T7831] bridge_slave_0: entered allmulticast mode [ 274.642092][ T7831] bridge_slave_0: entered promiscuous mode [ 274.660150][ T7831] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.692712][ T7831] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.708253][ T7831] bridge_slave_1: entered allmulticast mode [ 274.731045][ T7831] bridge_slave_1: entered promiscuous mode [ 275.033187][ T7831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.129050][ T7831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.616754][ T4620] Bluetooth: hci3: command tx timeout [ 275.850280][ T7831] team0: Port device team_slave_0 added [ 275.878785][ T7831] team0: Port device team_slave_1 added [ 276.043935][ T7870] svc: failed to register nfsdv3 RPC service (errno 111). [ 276.094850][ T7870] svc: failed to register nfsaclv3 RPC service (errno 111). [ 276.580854][ T7831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.602777][ T7831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.663346][ T7831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.708130][ T7831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.715133][ T7831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.776929][ T7831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.957086][ T7831] hsr_slave_0: entered promiscuous mode [ 276.974407][ T7831] hsr_slave_1: entered promiscuous mode [ 277.010849][ T7831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 277.028521][ T7831] Cannot create hsr debugfs directory [ 277.695839][ T4620] Bluetooth: hci3: command tx timeout [ 278.221715][ T7831] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.316728][ T7898] delete_channel: no stack [ 279.433801][ T7831] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.825551][ T4620] Bluetooth: hci3: command tx timeout [ 281.177146][ T7831] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.855676][ T4620] Bluetooth: hci3: command tx timeout [ 282.202456][ T7831] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.027340][ T7831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 283.349319][ T7831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 283.496329][ T7831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 283.741882][ T7831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 284.384609][ T7831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 284.526138][ T7831] 8021q: adding VLAN 0 to HW filter on device team0 [ 284.656912][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.664089][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 284.690532][ T7959] netlink: 404 bytes leftover after parsing attributes in process `syz.2.714'. [ 284.707321][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.714489][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 284.802918][ T7831] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 284.813568][ T7831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 285.233355][ T7831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 285.318877][ T7831] veth0_vlan: entered promiscuous mode [ 285.342337][ T7831] veth1_vlan: entered promiscuous mode [ 285.397439][ T7831] veth0_macvtap: entered promiscuous mode [ 285.418586][ T7831] veth1_macvtap: entered promiscuous mode [ 285.505025][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.527485][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.538383][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.575513][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.585945][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.617637][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.646079][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.685693][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.727110][ T7831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 285.767611][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 285.803986][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.855536][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 285.883294][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.915557][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 285.955579][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.975502][ T7831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.015756][ T7831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.050305][ T7831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 286.079842][ T7831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.095584][ T7831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.105627][ T7831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.114475][ T7831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.958109][ T1836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.001416][ T1836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.035196][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.049631][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.276861][ T7992] svc: failed to register nfsdv3 RPC service (errno 111). [ 287.365947][ T7992] svc: failed to register nfsaclv3 RPC service (errno 111). [ 288.173192][ T1836] bridge_slave_1: left allmulticast mode [ 288.205722][ T1836] bridge_slave_1: left promiscuous mode [ 288.214261][ T1836] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.372936][ T1836] bridge_slave_0: left allmulticast mode [ 288.379435][ T1836] bridge_slave_0: left promiscuous mode [ 288.385206][ T1836] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.670415][ T5238] Bluetooth: hci1: command 0x0406 tx timeout [ 290.285410][ T1836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 290.437516][ T1836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 290.516203][ T1836] bond0 (unregistering): Released all slaves [ 291.369634][ T8094] FAULT_INJECTION: forcing a failure. [ 291.369634][ T8094] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 291.644729][ T8094] CPU: 1 UID: 0 PID: 8094 Comm: syz.2.751 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 291.655075][ T8094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.665176][ T8094] Call Trace: [ 291.668497][ T8094] [ 291.671463][ T8094] dump_stack_lvl+0x16c/0x1f0 [ 291.676203][ T8094] should_fail_ex+0x497/0x5b0 [ 291.680959][ T8094] _copy_from_user+0x30/0xf0 [ 291.685614][ T8094] copy_msghdr_from_user+0x99/0x160 [ 291.691298][ T8094] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 291.697187][ T8094] ? find_held_lock+0x2d/0x110 [ 291.702005][ T8094] ___sys_sendmsg+0xff/0x1e0 [ 291.706658][ T8094] ? __pfx____sys_sendmsg+0x10/0x10 [ 291.711965][ T8094] ? fdget+0x176/0x210 [ 291.716117][ T8094] __sys_sendmsg+0x117/0x1f0 [ 291.720776][ T8094] ? __pfx___sys_sendmsg+0x10/0x10 [ 291.725984][ T8094] do_syscall_64+0xcd/0x250 [ 291.730548][ T8094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.736506][ T8094] RIP: 0033:0x7ff6b117df39 [ 291.740942][ T8094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.760580][ T8094] RSP: 002b:00007ff6b1f9c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 291.769089][ T8094] RAX: ffffffffffffffda RBX: 00007ff6b1335f80 RCX: 00007ff6b117df39 [ 291.777085][ T8094] RDX: 0000000000008014 RSI: 00000000200001c0 RDI: 0000000000000003 [ 291.785074][ T8094] RBP: 00007ff6b1f9c090 R08: 0000000000000000 R09: 0000000000000000 [ 291.793081][ T8094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 291.801087][ T8094] R13: 0000000000000000 R14: 00007ff6b1335f80 R15: 00007fffbc7cf698 [ 291.809127][ T8094] [ 291.869625][ T8088] delete_channel: no stack [ 296.705537][ T1836] hsr_slave_0: left promiscuous mode [ 296.994108][ T1836] hsr_slave_1: left promiscuous mode [ 297.232894][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 297.251975][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 297.346443][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 297.371213][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 297.877266][ T1836] veth1_macvtap: left promiscuous mode [ 297.882887][ T1836] veth0_macvtap: left promiscuous mode [ 297.908020][ T1836] veth1_vlan: left promiscuous mode [ 297.913883][ T1836] veth0_vlan: left promiscuous mode [ 301.411702][ T1836] team0 (unregistering): Port device team_slave_1 removed [ 302.197259][ T1836] team0 (unregistering): Port device team_slave_0 removed [ 318.932176][ T5241] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 318.948773][ T5241] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 318.957370][ T5241] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 318.970381][ T5241] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 318.978331][ T5241] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 318.986248][ T5241] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 319.375681][ T5238] Bluetooth: hci0: command 0x0406 tx timeout [ 319.862119][ T8351] chnl_net:caif_netlink_parms(): no params data found [ 321.055952][ T4620] Bluetooth: hci4: command tx timeout [ 321.775268][ T8351] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.822307][ T8351] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.847010][ T8351] bridge_slave_0: entered allmulticast mode [ 321.879104][ T8351] bridge_slave_0: entered promiscuous mode [ 321.916636][ T8351] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.923994][ T8351] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.975992][ T8351] bridge_slave_1: entered allmulticast mode [ 322.013473][ T8351] bridge_slave_1: entered promiscuous mode [ 322.426454][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.432852][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.135722][ T4620] Bluetooth: hci4: command tx timeout [ 323.505134][ T1836] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.404268][ T8371] ptrace attach of ""[7831] was attempted by "./syz-executor exec"[8371] [ 325.215773][ T4620] Bluetooth: hci4: command tx timeout [ 325.277240][ T1836] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.518843][ T8351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 325.587545][ T8351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 327.094594][ T1836] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.227664][ T8351] team0: Port device team_slave_0 added [ 327.295642][ T4620] Bluetooth: hci4: command tx timeout [ 328.414799][ T8351] team0: Port device team_slave_1 added [ 328.957606][ T1836] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.537558][ T8351] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 329.545182][ T8351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.692351][ T8351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 329.865709][ T8351] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 329.872746][ T8351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.875109][ T8060] syz.2.745 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 329.974046][ T8060] CPU: 1 UID: 0 PID: 8060 Comm: syz.2.745 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 329.984406][ T8060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 329.994526][ T8060] Call Trace: [ 329.997878][ T8060] [ 330.000862][ T8060] dump_stack_lvl+0x16c/0x1f0 [ 330.005615][ T8060] dump_header+0x101/0x900 [ 330.010116][ T8060] oom_kill_process+0x270/0xa60 [ 330.015052][ T8060] out_of_memory+0x343/0x16b0 [ 330.019806][ T8060] ? lock_acquire+0x170/0x560 [ 330.024563][ T8060] ? __pfx_out_of_memory+0x10/0x10 [ 330.029750][ T8060] ? rcu_read_unlock+0x17/0x60 [ 330.034593][ T8060] ? find_held_lock+0x2d/0x110 [ 330.036507][ T8351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 330.039416][ T8060] mem_cgroup_out_of_memory+0x207/0x270 [ 330.055560][ T8060] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 330.061690][ T8060] ? do_raw_spin_unlock+0x172/0x230 [ 330.066931][ T8060] try_charge_memcg+0x5b9/0xaf0 [ 330.071828][ T8060] ? __pfx_try_charge_memcg+0x10/0x10 [ 330.077245][ T8060] ? get_mem_cgroup_from_mm+0x129/0x5f0 [ 330.082836][ T8060] __mem_cgroup_charge+0x9b/0x280 [ 330.087918][ T8060] shmem_alloc_and_add_folio+0x507/0xc00 [ 330.093613][ T8060] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 330.099805][ T8060] ? shmem_allowable_huge_orders+0x208/0x440 [ 330.105815][ T8060] ? mark_lock+0xb5/0xc60 [ 330.110190][ T8060] shmem_get_folio_gfp+0x689/0x1530 [ 330.115425][ T8060] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 330.121357][ T8060] ? inode_update_timestamps+0x165/0x580 [ 330.127040][ T8060] shmem_write_begin+0x161/0x300 [ 330.132269][ T8060] ? __pfx_shmem_write_begin+0x10/0x10 [ 330.137758][ T8060] ? lockdep_hardirqs_on+0x7c/0x110 [ 330.142987][ T8060] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 330.149879][ T8060] ? ktime_get_coarse_real_ts64+0x147/0x200 [ 330.155818][ T8060] generic_perform_write+0x2ba/0x920 [ 330.161150][ T8060] ? __pfx_generic_perform_write+0x10/0x10 [ 330.166991][ T8060] ? __mark_inode_dirty+0x2ae/0xe60 [ 330.172248][ T8060] ? generic_update_time+0xcf/0xf0 [ 330.177391][ T8060] ? mnt_put_write_access_file+0x45/0xf0 [ 330.183071][ T8060] shmem_file_write_iter+0x10e/0x140 [ 330.188407][ T8060] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 330.194258][ T8060] __kernel_write_iter+0x318/0xa80 [ 330.199422][ T8060] ? __pfx___kernel_write_iter+0x10/0x10 [ 330.205185][ T8060] ? get_dump_page+0x15c/0x220 [ 330.210018][ T8060] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 330.215882][ T8060] dump_user_range+0x389/0x8a0 [ 330.220682][ T8060] ? __pfx_dump_user_range+0x10/0x10 [ 330.226100][ T8060] ? elf_coredump_extra_notes_write+0xba/0x4f0 [ 330.232305][ T8060] ? __pfx_writenote+0x10/0x10 [ 330.237109][ T8060] elf_core_dump+0x2766/0x3840 [ 330.241937][ T8060] ? hlock_class+0x4e/0x130 [ 330.246488][ T8060] ? __pfx_elf_core_dump+0x10/0x10 [ 330.251641][ T8060] ? kasan_save_stack+0x42/0x60 [ 330.256524][ T8060] ? kasan_save_stack+0x33/0x60 [ 330.261409][ T8060] ? __kasan_kmalloc+0xaa/0xb0 [ 330.266219][ T8060] ? __kmalloc_node_noprof+0x211/0x440 [ 330.271711][ T8060] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 330.277235][ T8060] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 330.283190][ T8060] ? asm_exc_page_fault+0x26/0x30 [ 330.288303][ T8060] ? __pfx_sort+0x10/0x10 [ 330.292678][ T8060] ? do_coredump+0x2c42/0x4160 [ 330.297475][ T8060] do_coredump+0x2c42/0x4160 [ 330.302140][ T8060] ? __pfx_do_coredump+0x10/0x10 [ 330.307109][ T8060] ? kmem_cache_free+0x152/0x4b0 [ 330.312082][ T8060] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 330.318007][ T8060] ? asm_exc_page_fault+0x26/0x30 [ 330.323119][ T8060] get_signal+0x237c/0x26d0 [ 330.327669][ T8060] ? __pfx_get_signal+0x10/0x10 [ 330.332548][ T8060] ? rcu_is_watching+0x12/0xc0 [ 330.337341][ T8060] ? trace_irq_disable.constprop.0+0xe4/0x130 [ 330.343446][ T8060] arch_do_signal_or_restart+0x90/0x7e0 [ 330.349057][ T8060] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 330.355256][ T8060] ? do_user_addr_fault+0xa4b/0x13f0 [ 330.360590][ T8060] irqentry_exit_to_user_mode+0x13f/0x280 [ 330.366366][ T8060] asm_exc_page_fault+0x26/0x30 [ 330.371252][ T8060] RIP: 0033:0x0 [ 330.374739][ T8060] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 330.382121][ T8060] RSP: 002b:000000000000000e EFLAGS: 00010217 [ 330.388224][ T8060] RAX: 0000000000000000 RBX: 00007ff6b1336058 RCX: 00007ff6b117df39 [ 330.396235][ T8060] RDX: ffffffffffffffff RSI: 0000000000000006 RDI: 000000000000ab49 [ 330.404248][ T8060] RBP: 00007ff6b11f0216 R08: 0000000000000000 R09: 0000000000000000 [ 330.412245][ T8060] R10: 9999999999999999 R11: 0000000000000246 R12: 0000000000000000 [ 330.420245][ T8060] R13: 0000000000000001 R14: 00007ff6b1336058 R15: 00007fffbc7cf698 [ 330.428271][ T8060] [ 330.432058][ T8060] memory: usage 307200kB, limit 307200kB, failcnt 16843 [ 330.439547][ T8060] memory+swap: usage 432132kB, limit 9007199254740988kB, failcnt 0 [ 330.447563][ T8060] kmem: usage 3460kB, limit 9007199254740988kB, failcnt 0 [ 330.454721][ T8060] Memory cgroup stats for /syz2: [ 330.455070][ T8060] cache 306188288 [ 330.463757][ T8060] rss 4775936 [ 330.467135][ T8060] rss_huge 0 [ 330.470385][ T8060] shmem 301678592 [ 330.474053][ T8060] mapped_file 37437440 [ 330.478370][ T8060] dirty 12288 [ 330.481699][ T8060] writeback 0 [ 330.485018][ T8060] workingset_refault_anon 1476 [ 330.490124][ T8060] workingset_refault_file 105 [ 330.494854][ T8060] swap 127930368 [ 330.498561][ T8060] swapcached 65536 [ 330.502329][ T8060] pgpgin 897001 [ 330.505893][ T8060] pgpgout 828731 [ 330.509793][ T8060] pgfault 151379 [ 330.513384][ T8060] pgmajfault 683 [ 330.517021][ T8060] inactive_anon 155770880 [ 330.521392][ T8060] active_anon 129867776 [ 330.525648][ T8060] inactive_file 4096 [ 330.529582][ T8060] active_file 0 [ 330.533084][ T8060] unevictable 25387008 [ 330.537303][ T8060] hierarchical_memory_limit 314572800 [ 330.542718][ T8060] hierarchical_memsw_limit 9223372036854771712 [ 330.549005][ T8060] total_cache 306188288 [ 330.553206][ T8060] total_rss 4775936 [ 330.557108][ T8060] total_rss_huge 0 [ 330.560870][ T8060] total_shmem 301678592 [ 330.565061][ T8060] total_mapped_file 37437440 [ 330.569759][ T8060] total_dirty 12288 [ 330.573689][ T8060] total_writeback 0 [ 330.577578][ T8060] total_workingset_refault_anon 1476 [ 330.583312][ T8060] total_workingset_refault_file 105 [ 330.588636][ T8060] total_swap 127930368 [ 330.592757][ T8060] total_swapcached 65536 [ 330.597101][ T8060] total_pgpgin 897001 [ 330.601118][ T8060] total_pgpgout 828731 [ 330.605220][ T8060] total_pgfault 151379 [ 330.609556][ T8060] total_pgmajfault 683 [ 330.613678][ T8060] total_inactive_anon 155770880 [ 330.618810][ T8060] total_active_anon 129867776 [ 330.623538][ T8060] total_inactive_file 4096 [ 330.628085][ T8060] total_active_file 0 [ 330.632109][ T8060] total_unevictable 25387008 [ 330.636826][ T8060] anon_cost 0 [ 330.640151][ T8060] file_cost 0 [ 330.643477][ T8060] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.745,pid=8070,uid=0 [ 330.659992][ T8060] Memory cgroup out of memory: Killed process 8070 (syz.2.745) total-vm:125292kB, anon-rss:744kB, file-rss:53964kB, shmem-rss:20224kB, UID:0 pgtables:236kB oom_score_adj:1000 [ 331.778595][ T8351] hsr_slave_0: entered promiscuous mode [ 331.905996][ T8351] hsr_slave_1: entered promiscuous mode [ 331.982511][ T5238] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 331.993047][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 332.002511][ T5238] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 332.011111][ T5238] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 332.020330][ T5238] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 332.029610][ T5238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 332.091728][ T8351] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 332.103095][ T8351] Cannot create hsr debugfs directory [ 333.614169][ T1836] bridge_slave_1: left allmulticast mode [ 333.644775][ T1836] bridge_slave_1: left promiscuous mode [ 333.685748][ T1836] bridge0: port 2(bridge_slave_1) entered disabled state [ 333.805073][ T1836] bridge_slave_0: left allmulticast mode [ 333.835640][ T1836] bridge_slave_0: left promiscuous mode [ 333.841453][ T1836] bridge0: port 1(bridge_slave_0) entered disabled state [ 334.095897][ T4620] Bluetooth: hci1: command tx timeout [ 336.185542][ T4620] Bluetooth: hci1: command tx timeout [ 337.984415][ T1836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 338.131253][ T1836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 338.255991][ T4620] Bluetooth: hci1: command tx timeout [ 338.270231][ T1836] bond0 (unregistering): Released all slaves [ 340.335997][ T4620] Bluetooth: hci1: command tx timeout [ 340.473627][ T8063] syz.2.745 (8063) used greatest stack depth: 17008 bytes left [ 341.668803][ T8381] chnl_net:caif_netlink_parms(): no params data found [ 342.933000][ T8381] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.963328][ T8381] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.982327][ T8381] bridge_slave_0: entered allmulticast mode [ 343.000597][ T8381] bridge_slave_0: entered promiscuous mode [ 343.031231][ T8381] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.075875][ T8381] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.111132][ T8381] bridge_slave_1: entered allmulticast mode [ 343.135931][ T8381] bridge_slave_1: entered promiscuous mode [ 343.536776][ T1836] hsr_slave_0: left promiscuous mode [ 343.674117][ T1836] hsr_slave_1: left promiscuous mode [ 343.737513][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 343.745030][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 343.769148][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 343.790533][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 343.903613][ T1836] veth1_macvtap: left promiscuous mode [ 343.937268][ T1836] veth0_macvtap: left promiscuous mode [ 343.961476][ T1836] veth1_vlan: left promiscuous mode [ 343.967095][ T1836] veth0_vlan: left promiscuous mode [ 345.519308][ T1836] team0 (unregistering): Port device team_slave_1 removed [ 345.647375][ T1836] team0 (unregistering): Port device team_slave_0 removed [ 346.660652][ T8351] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 346.710679][ T8381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 346.730817][ T8381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 346.765837][ T8351] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 346.798835][ T8351] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 346.854145][ T8351] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 346.922800][ T8381] team0: Port device team_slave_0 added [ 346.939730][ T8381] team0: Port device team_slave_1 added [ 347.089531][ T8381] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 347.104427][ T8381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.159140][ T8381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 347.196455][ T8381] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 347.203775][ T8381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.246366][ T8381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.417299][ T8381] hsr_slave_0: entered promiscuous mode [ 347.434451][ T8381] hsr_slave_1: entered promiscuous mode [ 347.441054][ T8381] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 347.449292][ T8381] Cannot create hsr debugfs directory [ 347.690931][ T8351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 348.079977][ T1836] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.150742][ T8351] 8021q: adding VLAN 0 to HW filter on device team0 [ 348.178987][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.186187][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 348.309726][ T1836] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.384823][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.392121][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 348.561875][ T1836] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.789707][ T1836] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.314063][ T1836] bridge_slave_1: left allmulticast mode [ 349.321241][ T1836] bridge_slave_1: left promiscuous mode [ 349.341186][ T1836] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.436414][ T1836] bridge_slave_0: left allmulticast mode [ 349.442141][ T1836] bridge_slave_0: left promiscuous mode [ 349.465641][ T1836] bridge0: port 1(bridge_slave_0) entered disabled state [ 351.157810][ T1836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 351.196322][ T1836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 351.254642][ T1836] bond0 (unregistering): Released all slaves [ 351.430968][ T8351] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 352.114953][ T8351] veth0_vlan: entered promiscuous mode [ 352.234900][ T8351] veth1_vlan: entered promiscuous mode [ 352.394845][ T8351] veth0_macvtap: entered promiscuous mode [ 352.484091][ T1836] hsr_slave_0: left promiscuous mode [ 352.502508][ T1836] hsr_slave_1: left promiscuous mode [ 352.524710][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 352.532971][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 352.581923][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 352.595782][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 352.678042][ T1836] veth1_macvtap: left promiscuous mode [ 352.683682][ T1836] veth0_macvtap: left promiscuous mode [ 352.725738][ T1836] veth1_vlan: left promiscuous mode [ 352.731209][ T1836] veth0_vlan: left promiscuous mode [ 353.518704][ T8577] netlink: 5 bytes leftover after parsing attributes in process `syz.2.865'. [ 354.401069][ T1836] team0 (unregistering): Port device team_slave_1 removed [ 354.508335][ T1836] team0 (unregistering): Port device team_slave_0 removed [ 355.659775][ T8351] veth1_macvtap: entered promiscuous mode [ 355.804387][ T8351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 355.835645][ T8351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.852518][ T8351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 355.872432][ T8351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.903312][ T8351] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 355.933180][ T8351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.952294][ T8351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.966062][ T8351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.995671][ T8351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.014118][ T8351] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 356.084681][ T8381] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 356.168757][ T8381] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 356.231136][ T8351] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.269323][ T8351] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.281829][ T8351] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.309333][ T8351] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.345829][ T8381] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 356.429335][ T8381] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 356.860789][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 356.883866][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 357.003699][ T3002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 357.014972][ T3002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 357.124597][ T8381] 8021q: adding VLAN 0 to HW filter on device bond0 [ 357.180544][ T8381] 8021q: adding VLAN 0 to HW filter on device team0 [ 357.205706][ T3002] bridge0: port 1(bridge_slave_0) entered blocking state [ 357.212895][ T3002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 357.261442][ T8055] bridge0: port 2(bridge_slave_1) entered blocking state [ 357.268646][ T8055] bridge0: port 2(bridge_slave_1) entered forwarding state [ 357.997693][ T8381] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 358.562894][ T8381] veth0_vlan: entered promiscuous mode [ 358.620842][ T8381] veth1_vlan: entered promiscuous mode [ 358.738843][ T8381] veth0_macvtap: entered promiscuous mode [ 358.807394][ T8381] veth1_macvtap: entered promiscuous mode [ 358.890083][ T8381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 358.935616][ T8381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 358.961561][ T8381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.006364][ T8381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.055969][ T8381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.092888][ T8381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.136803][ T8381] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 359.196140][ T8381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.231978][ T8381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.283199][ T8381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.312009][ T8381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.351177][ T8381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.401552][ T8381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.434042][ T8381] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 359.485075][ T8381] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.514452][ T8381] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.553892][ T8381] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.599275][ T8381] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.812975][ T3002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 359.836497][ T3002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 359.877130][ T1836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 359.893423][ T1836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 360.360901][ T8673] nbd: must specify at least one socket [ 360.373486][ T8680] could not allocate digest TFM handle [ 362.825960][ T8730] netlink: 20 bytes leftover after parsing attributes in process `syz.0.885'. [ 363.034149][ T8736] netlink: 20 bytes leftover after parsing attributes in process `syz.0.885'. [ 365.673287][ T8774] delete_channel: no stack [ 369.922118][ T8826] FAULT_INJECTION: forcing a failure. [ 369.922118][ T8826] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 370.062569][ T8826] CPU: 1 UID: 0 PID: 8826 Comm: syz.0.916 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 370.072901][ T8826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 370.082990][ T8826] Call Trace: [ 370.086306][ T8826] [ 370.089267][ T8826] dump_stack_lvl+0x16c/0x1f0 [ 370.094000][ T8826] should_fail_ex+0x497/0x5b0 [ 370.098729][ T8826] _copy_to_user+0x30/0xc0 [ 370.103188][ T8826] simple_read_from_buffer+0xd0/0x160 [ 370.108607][ T8826] proc_fail_nth_read+0x198/0x270 [ 370.113682][ T8826] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 370.119276][ T8826] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 370.124854][ T8826] vfs_read+0x1ce/0xbd0 [ 370.129081][ T8826] ? __fget_files+0x23a/0x3f0 [ 370.133808][ T8826] ? fdget_pos+0x24c/0x360 [ 370.138281][ T8826] ? __pfx_lock_release+0x10/0x10 [ 370.143351][ T8826] ? __fget_files+0x244/0x3f0 [ 370.148092][ T8826] ? __pfx_vfs_read+0x10/0x10 [ 370.152819][ T8826] ? __pfx___mutex_lock+0x10/0x10 [ 370.157891][ T8826] ? __fget_files+0x244/0x3f0 [ 370.162654][ T8826] ksys_read+0x12f/0x260 [ 370.166951][ T8826] ? __pfx_ksys_read+0x10/0x10 [ 370.171770][ T8826] do_syscall_64+0xcd/0x250 [ 370.176314][ T8826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.182260][ T8826] RIP: 0033:0x7fc8f977c97c [ 370.186709][ T8826] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 370.206369][ T8826] RSP: 002b:00007fc8fa5b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 370.214857][ T8826] RAX: ffffffffffffffda RBX: 00007fc8f9936058 RCX: 00007fc8f977c97c [ 370.222868][ T8826] RDX: 000000000000000f RSI: 00007fc8fa5b70a0 RDI: 0000000000000007 [ 370.230879][ T8826] RBP: 00007fc8fa5b7090 R08: 0000000000000000 R09: 0000000000000000 [ 370.238880][ T8826] R10: 9999999999999999 R11: 0000000000000246 R12: 0000000000000001 [ 370.246888][ T8826] R13: 0000000000000000 R14: 00007fc8f9936058 R15: 00007fff903604a8 [ 370.254916][ T8826] [ 371.337618][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 371.347635][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 371.358682][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 371.367373][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 371.375062][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 371.389651][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 372.539588][ T8830] chnl_net:caif_netlink_parms(): no params data found [ 373.271811][ T8830] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.296073][ T8830] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.328973][ T8830] bridge_slave_0: entered allmulticast mode [ 373.346541][ T8830] bridge_slave_0: entered promiscuous mode [ 373.384781][ T8830] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.393691][ T8830] bridge0: port 2(bridge_slave_1) entered disabled state [ 373.425797][ T8830] bridge_slave_1: entered allmulticast mode [ 373.433201][ T8830] bridge_slave_1: entered promiscuous mode [ 373.545574][ T5238] Bluetooth: hci3: command tx timeout [ 373.799583][ T8830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 373.851962][ T8830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 374.090881][ T8830] team0: Port device team_slave_0 added [ 374.146617][ T8830] team0: Port device team_slave_1 added [ 374.423409][ T8830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 374.445471][ T8830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 374.551198][ T8830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 374.599027][ T8830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 374.626036][ T8830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 374.735861][ T8830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 375.133250][ T8830] hsr_slave_0: entered promiscuous mode [ 375.191026][ T8830] hsr_slave_1: entered promiscuous mode [ 375.255976][ T8830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 375.286027][ T8830] Cannot create hsr debugfs directory [ 375.625929][ T5238] Bluetooth: hci3: command tx timeout [ 376.443619][ T8830] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.770023][ T8830] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.584127][ T8830] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.705804][ T5238] Bluetooth: hci3: command tx timeout [ 377.902315][ T8830] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.564080][ T8830] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 378.602775][ T8830] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 378.630986][ T8830] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 378.668940][ T8830] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 379.020573][ T8830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 379.085196][ T8830] 8021q: adding VLAN 0 to HW filter on device team0 [ 379.135072][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 379.142372][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 379.165178][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 379.172490][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 379.336714][ T8920] netlink: 4 bytes leftover after parsing attributes in process `syz.2.936'. [ 379.775510][ T5238] Bluetooth: hci3: command tx timeout [ 379.929548][ T8830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 380.171102][ T8830] veth0_vlan: entered promiscuous mode [ 380.190801][ T8830] veth1_vlan: entered promiscuous mode [ 380.220013][ T8830] veth0_macvtap: entered promiscuous mode [ 380.230030][ T8830] veth1_macvtap: entered promiscuous mode [ 380.248959][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 380.260642][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.271183][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 380.282150][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.292597][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 380.303389][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.314234][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 380.325131][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.337050][ T8830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 380.456245][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.467964][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.478212][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.491747][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.502321][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.526575][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.544210][ T8830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.555596][ T8830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.613891][ T8830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 380.630674][ T8830] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.695640][ T8830] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.704446][ T8830] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.749480][ T8830] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.303433][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.350937][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 381.437604][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.472985][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.893568][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.899949][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.146931][ T8986] svc: failed to register nfsdv3 RPC service (errno 111). [ 384.229758][ T8986] svc: failed to register nfsaclv3 RPC service (errno 111). [ 386.293337][ T9046] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'. [ 386.348855][ T9046] nbd: must specify at least one socket [ 387.675177][ T9069] netlink: 5 bytes leftover after parsing attributes in process `syz.1.978'. [ 387.831251][ T9068] netlink: 5 bytes leftover after parsing attributes in process `syz.1.978'. [ 404.896455][ T9271] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1041'. [ 409.007547][ T9318] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 410.946866][ T9341] netlink: 'syz.2.1060': attribute type 1 has an invalid length. [ 412.836146][ T9370] Invalid ELF header magic: != ELF [ 412.857438][ T9370] Invalid ELF header magic: != ELF [ 417.217490][ T9446] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1096'. [ 419.546966][ T9488] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 419.585295][ T9488] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 422.340265][ T9514] svc: failed to register nfsdv3 RPC service (errno 111). [ 422.380740][ T9514] svc: failed to register nfsaclv3 RPC service (errno 111). [ 430.386539][ T9655] delete_channel: no stack [ 431.295585][ T9668] delete_channel: no stack [ 433.324611][ T9702] delete_channel: no stack [ 433.508130][ T9710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1173'. [ 433.548171][ T9710] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 434.237143][ T9731] could not allocate digest TFM handle Linux [ 434.388881][ T9738] could not allocate digest TFM handle [ 436.636622][ T9787] delete_channel: no stack [ 441.879441][ T9849] delete_channel: no stack [ 442.234287][ T4620] Bluetooth: hci4: command 0x0406 tx timeout [ 443.375833][ T9885] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1224'. [ 443.385250][ T9885] nbd: must specify at least one socket [ 445.274277][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.280864][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.739007][ T9958] netlink: 4380 bytes leftover after parsing attributes in process `syz.1.1248'. [ 449.910745][ T9958] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 451.875717][ T9949] delete_channel: no stack [ 457.679885][ T4620] Bluetooth: hci1: command 0x0406 tx timeout [ 467.458221][ T29] audit: type=1804 audit(4294967326.070:4): pid=10215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1317" name="#)-\&[}" dev="mqueue" ino=29413 res=1 errno=0 [ 467.489505][T10215] kernel read not supported for file /#)-\&[} (pid: 10215 comm: syz.1.1317) [ 467.526992][ T29] audit: type=1800 audit(4294967326.140:5): pid=10215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1317" name="#)-\&[}" dev="mqueue" ino=29413 res=0 errno=0 [ 467.916529][T10216] Process accounting resumed [ 479.339994][T10458] ptrace attach of "./syz-executor exec"[8351] was attempted by "./syz-executor exec"[10458] [ 483.518873][T10513] svc: failed to register nfsdv3 RPC service (errno 111). [ 483.542002][T10513] svc: failed to register nfsaclv3 RPC service (errno 111). [ 485.950040][T10554] syz.2.1414 (10554): attempted to duplicate a private mapping with mremap. This is not supported. [ 486.750869][T10581] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1420'. [ 489.257959][T10572] netlink: 'syz.0.1417': attribute type 11 has an invalid length. [ 489.353892][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1429'. [ 491.610999][T10654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1440'. [ 492.122703][T10659] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1443'. [ 492.210201][T10659] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 492.258024][T10664] nbd: must specify at least one socket [ 495.263895][T10681] FAULT_INJECTION: forcing a failure. [ 495.263895][T10681] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 495.277158][T10681] CPU: 1 UID: 0 PID: 10681 Comm: syz.2.1451 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 495.287616][T10681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 495.297700][T10681] Call Trace: [ 495.301004][T10681] [ 495.303965][T10681] dump_stack_lvl+0x16c/0x1f0 [ 495.308701][T10681] should_fail_ex+0x497/0x5b0 [ 495.313409][T10681] _copy_from_user+0x30/0xf0 [ 495.318023][T10681] copy_msghdr_from_user+0x99/0x160 [ 495.323244][T10681] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 495.329077][T10681] ? find_held_lock+0x2d/0x110 [ 495.333864][T10681] ? __pfx___lock_acquire+0x10/0x10 [ 495.339105][T10681] ___sys_sendmsg+0xff/0x1e0 [ 495.343728][T10681] ? __pfx____sys_sendmsg+0x10/0x10 [ 495.348983][T10681] ? ksys_write+0x21e/0x260 [ 495.353501][T10681] ? __pfx_lock_release+0x10/0x10 [ 495.358560][T10681] ? fdget+0x176/0x210 [ 495.362657][T10681] __sys_sendmsg+0x117/0x1f0 [ 495.367281][T10681] ? __pfx___sys_sendmsg+0x10/0x10 [ 495.372416][T10681] ? __fget_files+0x244/0x3f0 [ 495.377140][T10681] do_syscall_64+0xcd/0x250 [ 495.381680][T10681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 495.387615][T10681] RIP: 0033:0x7ff6b117df39 [ 495.392039][T10681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 495.411661][T10681] RSP: 002b:00007ff6b1f9c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 495.420105][T10681] RAX: ffffffffffffffda RBX: 00007ff6b1335f80 RCX: 00007ff6b117df39 [ 495.428101][T10681] RDX: 00000000240000c8 RSI: 0000000020000b40 RDI: 0000000000000003 [ 495.436094][T10681] RBP: 00007ff6b1f9c090 R08: 0000000000000000 R09: 0000000000000000 [ 495.444084][T10681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 495.452073][T10681] R13: 0000000000000000 R14: 00007ff6b1335f80 R15: 00007fffbc7cf698 [ 495.460074][T10681] [ 498.580291][ T4620] Bluetooth: hci3: command 0x0406 tx timeout [ 499.089858][T10749] FAULT_INJECTION: forcing a failure. [ 499.089858][T10749] name failslab, interval 1, probability 0, space 0, times 0 [ 499.126492][T10749] CPU: 1 UID: 0 PID: 10749 Comm: syz.2.1460 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 499.136991][T10749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 499.147077][T10749] Call Trace: [ 499.150381][T10749] [ 499.153338][T10749] dump_stack_lvl+0x16c/0x1f0 [ 499.158063][T10749] should_fail_ex+0x497/0x5b0 [ 499.162773][T10749] ? fs_reclaim_acquire+0xae/0x160 [ 499.167920][T10749] should_failslab+0xc2/0x120 [ 499.172644][T10749] kmem_cache_alloc_node_noprof+0x71/0x310 [ 499.178497][T10749] ? __alloc_skb+0x2b3/0x380 [ 499.183150][T10749] __alloc_skb+0x2b3/0x380 [ 499.187618][T10749] ? __pfx___alloc_skb+0x10/0x10 [ 499.192610][T10749] ? __pfx___might_resched+0x10/0x10 [ 499.197968][T10749] netlink_alloc_large_skb+0x69/0x130 [ 499.203388][T10749] netlink_sendmsg+0x689/0xd70 [ 499.208208][T10749] ? __pfx_netlink_sendmsg+0x10/0x10 [ 499.213573][T10749] ____sys_sendmsg+0x9ae/0xb40 [ 499.218389][T10749] ? copy_msghdr_from_user+0x10b/0x160 [ 499.223900][T10749] ? __pfx_____sys_sendmsg+0x10/0x10 [ 499.229234][T10749] ? find_held_lock+0x2d/0x110 [ 499.234044][T10749] ? __pfx___lock_acquire+0x10/0x10 [ 499.239305][T10749] ___sys_sendmsg+0x135/0x1e0 [ 499.244036][T10749] ? __pfx____sys_sendmsg+0x10/0x10 [ 499.249301][T10749] ? ksys_write+0x21e/0x260 [ 499.253841][T10749] ? __pfx_lock_release+0x10/0x10 [ 499.258931][T10749] ? fdget+0x176/0x210 [ 499.263057][T10749] __sys_sendmsg+0x117/0x1f0 [ 499.267698][T10749] ? __pfx___sys_sendmsg+0x10/0x10 [ 499.272856][T10749] ? __fget_files+0x244/0x3f0 [ 499.277614][T10749] do_syscall_64+0xcd/0x250 [ 499.282163][T10749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.288125][T10749] RIP: 0033:0x7ff6b117df39 [ 499.292580][T10749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 499.312227][T10749] RSP: 002b:00007ff6b1f9c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 499.320680][T10749] RAX: ffffffffffffffda RBX: 00007ff6b1335f80 RCX: 00007ff6b117df39 [ 499.328707][T10749] RDX: 00000000240000c8 RSI: 0000000020000b40 RDI: 0000000000000003 [ 499.336728][T10749] RBP: 00007ff6b1f9c090 R08: 0000000000000000 R09: 0000000000000000 [ 499.344832][T10749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 499.352859][T10749] R13: 0000000000000000 R14: 00007ff6b1335f80 R15: 00007fffbc7cf698 [ 499.360887][T10749] [ 501.036494][ T1836] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.767051][ T1836] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.898660][ T4620] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 501.908783][ T4620] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 501.920932][ T4620] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 501.955308][ T4620] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 501.966592][ T4620] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 501.974410][ T4620] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 502.106924][ T1836] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.381420][ T1836] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.812706][T10786] chnl_net:caif_netlink_parms(): no params data found [ 503.093342][ T1836] bridge_slave_1: left allmulticast mode [ 503.100969][ T1836] bridge_slave_1: left promiscuous mode [ 503.107950][ T1836] bridge0: port 2(bridge_slave_1) entered disabled state [ 503.165586][ T1836] bridge_slave_0: left allmulticast mode [ 503.171850][ T1836] bridge_slave_0: left promiscuous mode [ 503.178125][ T1836] bridge0: port 1(bridge_slave_0) entered disabled state [ 504.052187][T10824] netlink: 'syz.2.1482': attribute type 11 has an invalid length. [ 504.078716][ T5238] Bluetooth: hci3: command tx timeout [ 504.156431][ T30] INFO: task syz.1.843:8683 blocked for more than 143 seconds. [ 504.195455][ T30] Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 504.224089][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 504.262429][ T30] task:syz.1.843 state:D stack:26080 pid:8683 tgid:8677 ppid:8381 flags:0x00000006 [ 504.291970][ T30] Call Trace: [ 504.305615][ T30] [ 504.313084][ T30] __schedule+0xed6/0x5920 [ 504.330296][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 504.335623][ T30] ? __pfx___schedule+0x10/0x10 [ 504.359631][ T30] ? schedule+0x298/0x350 [ 504.368767][ T30] ? __pfx_lock_release+0x10/0x10 [ 504.385119][ T30] schedule+0xe7/0x350 [ 504.393388][ T30] schedule_timeout+0x258/0x2a0 [ 504.398329][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 504.434959][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 504.460219][ T30] __wait_for_common+0x3e1/0x600 [ 504.485871][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 504.507791][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 504.540256][ T30] ? __pfx_try_to_wake_up+0x10/0x10 [ 504.545665][ T30] wait_for_completion_state+0x1c/0x40 [ 504.568223][ T30] do_coredump+0x82f/0x4160 [ 504.573077][ T30] ? stack_depot_save_flags+0x28/0x900 [ 504.578670][ T30] ? __pfx_do_coredump+0x10/0x10 [ 504.600361][ T30] ? kmem_cache_free+0x152/0x4b0 [ 504.605408][ T30] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 504.619573][ T30] ? do_syscall_64+0xda/0x250 [ 504.626659][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.650495][ T30] get_signal+0x237c/0x26d0 [ 504.655102][ T30] ? __pfx_get_signal+0x10/0x10 [ 504.660004][ T30] ? fpu__clear_user_states+0xf8/0x1e0 [ 504.680228][ T30] ? __local_bh_enable_ip+0xa4/0x120 [ 504.685587][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 504.705695][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 504.737909][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 504.746595][ T30] do_syscall_64+0xda/0x250 [ 504.760217][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.766205][ T30] RIP: 0033:0x7ff7d60403d0 [ 504.799737][ T30] RSP: 002b:00007ff7d5bfeb38 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 504.808369][ T30] RAX: 0000000000000000 RBX: 00007ff7d6336060 RCX: 00007ff7d617df39 [ 504.824882][ T30] RDX: 00007ff7d5bfeb40 RSI: 00007ff7d5bfec70 RDI: 000000000000000b [ 504.833532][ T30] RBP: 00007ff7d6336058 R08: 0000000000000000 R09: 0000000000000000 [ 504.842056][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff7d6336064 [ 504.850365][ T30] R13: 0000000000000000 R14: 00007fff2ded7610 R15: 00007fff2ded76f8 [ 504.858486][ T30] [ 504.869700][ T30] [ 504.869700][ T30] Showing all locks held in the system: [ 504.880957][ T30] 2 locks held by kworker/u8:1/12: [ 504.886143][ T30] 1 lock held by khungtaskd/30: [ 504.891095][ T30] #0: ffffffff8ddb73c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 504.901144][ T30] 3 locks held by kworker/u8:4/62: [ 504.906302][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 504.918483][ T30] #1: ffffc900015d7d80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 504.945392][ T30] #2: ffffffff8fac0e68 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 [ 504.962524][ T30] 5 locks held by kworker/u8:6/1836: [ 504.967880][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 504.985848][ T30] #1: ffffc9000479fd80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 504.996733][ T30] #2: ffffffff8faab250 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xb40 [ 505.010129][ T30] #3: ffffffff8fac0e68 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x503/0xb40 [ 505.019619][ T30] #4: ffffffff8ddc2d38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x282/0x3b0 [ 505.040677][ T30] 2 locks held by dhcpcd/4896: [ 505.060228][ T30] #0: ffffffff8fb5eed0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 505.068569][ T30] #1: ffffffff8fac0e68 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0xb4/0xb10 [ 505.107979][ T30] 2 locks held by getty/4991: [ 505.116659][ T30] #0: ffff88814c7fd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 505.142499][ T30] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 505.161535][ T30] 3 locks held by kworker/1:5/5271: [ 505.166786][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 505.210183][ T30] #1: ffffc90003ec7d80 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 505.230123][ T30] #2: ffffffff8fac0e68 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 505.260189][ T30] 1 lock held by syz.1.843/8678: [ 505.265189][ T30] 2 locks held by syz.3.1447/10676: [ 505.290119][ T30] 1 lock held by syz-executor/10786: [ 505.295475][ T30] #0: ffffffff8fac0e68 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 505.320201][ T30] 2 locks held by syz.3.1477/10811: [ 505.325467][ T30] 2 locks held by syz.0.1479/10813: [ 505.340255][ T30] #0: ffffffff8faab250 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x292/0x6b0 [ 505.349866][ T30] #1: ffffffff8fac0e68 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x1b/0x70 [ 505.380943][ T30] 2 locks held by syz.3.1480/10819: [ 505.386509][ T30] #0: ffffffff8fb5eed0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 505.410181][ T30] #1: ffffffff8fb5ef88 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x580/0x800 [ 505.419289][ T30] 3 locks held by syz.2.1482/10824: [ 505.440206][ T30] #0: ffffffff8fb5eed0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 505.448556][ T30] #1: ffffffff8fb5ef88 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x580/0x800 [ 505.470187][ T30] #2: ffffffff8fac0e68 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_register_hw+0x25a7/0x3fb0 [ 505.492989][ T30] 2 locks held by syz.2.1482/10825: [ 505.498339][ T30] #0: ffffffff8fb5eed0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 505.520279][ T30] #1: ffffffff8fb5ef88 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x580/0x800 [ 505.529475][ T30] 1 lock held by syz.3.1480/10827: [ 505.550380][ T30] [ 505.552778][ T30] ============================================= [ 505.552778][ T30] [ 505.570428][ T30] NMI backtrace for cpu 1 [ 505.574832][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 505.585025][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 505.595118][ T30] Call Trace: [ 505.598421][ T30] [ 505.601376][ T30] dump_stack_lvl+0x116/0x1f0 [ 505.606103][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 505.611107][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 505.617144][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 505.623187][ T30] watchdog+0xf0c/0x1240 [ 505.627495][ T30] ? __pfx_watchdog+0x10/0x10 [ 505.632229][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 505.637495][ T30] ? __kthread_parkme+0x148/0x220 [ 505.642576][ T30] ? __pfx_watchdog+0x10/0x10 [ 505.647310][ T30] kthread+0x2c1/0x3a0 [ 505.651449][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 505.656689][ T30] ? __pfx_kthread+0x10/0x10 [ 505.661304][ T30] ret_from_fork+0x45/0x80 [ 505.665782][ T30] ? __pfx_kthread+0x10/0x10 [ 505.670417][ T30] ret_from_fork_asm+0x1a/0x30 [ 505.675233][ T30] [ 505.679149][ T30] Sending NMI from CPU 1 to CPUs 0: [ 505.684938][ C0] NMI backtrace for cpu 0 [ 505.684952][ C0] CPU: 0 UID: 0 PID: 10827 Comm: syz.3.1480 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 505.684981][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 505.684994][ C0] RIP: 0010:stack_depot_save_flags+0x150/0x900 [ 505.685031][ C0] Code: 0d fd ac aa 15 65 ff 05 b6 cd 4c 7b 49 8b 09 49 39 c9 75 11 e9 91 00 00 00 48 8b 09 49 39 c9 0f 84 a4 01 00 00 39 59 10 75 ef <44> 3b 79 14 75 e9 31 c0 48 8b 54 c1 20 49 39 54 c5 00 75 db 48 83 [ 505.685053][ C0] RSP: 0018:ffffc90014a9f828 EFLAGS: 00000246 [ 505.685073][ C0] RAX: 00000000d98a61c1 RBX: 00000000d98a61c1 RCX: ffff88808681eca0 [ 505.685089][ C0] RDX: 00000000a24d77ed RSI: 000000000a1f480c RDI: 000000007d8d3342 [ 505.685105][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffff88823b861c10 [ 505.685120][ C0] R10: ffffffff901ca70f R11: 0000000000000000 R12: 0000000000002800 [ 505.685135][ C0] R13: ffffc90014a9f8a8 R14: 000000000000000c R15: 000000000000000c [ 505.685150][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 505.685174][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 505.685190][ C0] CR2: 0000001b2db01ff8 CR3: 000000000db7c000 CR4: 00000000003506f0 [ 505.685206][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 505.685220][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 505.685235][ C0] Call Trace: [ 505.685241][ C0] [ 505.685249][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 505.685289][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 505.685323][ C0] ? nmi_handle+0x1a9/0x5c0 [ 505.685347][ C0] ? stack_depot_save_flags+0x150/0x900 [ 505.685370][ C0] ? default_do_nmi+0x6a/0x160 [ 505.685403][ C0] ? exc_nmi+0x170/0x1e0 [ 505.685434][ C0] ? end_repeat_nmi+0xf/0x53 [ 505.685463][ C0] ? stack_depot_save_flags+0x150/0x900 [ 505.685487][ C0] ? stack_depot_save_flags+0x150/0x900 [ 505.685510][ C0] ? stack_depot_save_flags+0x150/0x900 [ 505.685534][ C0] [ 505.685540][ C0] [ 505.685551][ C0] save_stack+0x16f/0x1f0 [ 505.685573][ C0] ? __pfx_save_stack+0x10/0x10 [ 505.685595][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 505.685628][ C0] ? free_unref_page+0x5f4/0xdc0 [ 505.685654][ C0] ? vfree+0x17a/0x890 [ 505.685677][ C0] ? kcov_put+0x2a/0x40 [ 505.685703][ C0] ? kcov_close+0xd/0x20 [ 505.685729][ C0] ? __fput+0x3f6/0xb60 [ 505.685755][ C0] ? task_work_run+0x14e/0x250 [ 505.685787][ C0] ? do_exit+0xaa3/0x2ce0 [ 505.685814][ C0] ? do_group_exit+0xd3/0x2a0 [ 505.685842][ C0] ? get_signal+0x2658/0x26d0 [ 505.685865][ C0] ? arch_do_signal_or_restart+0x90/0x7e0 [ 505.685895][ C0] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 505.685920][ C0] ? asm_exc_stack_segment+0x26/0x30 [ 505.685948][ C0] __reset_page_owner+0x8d/0x400 [ 505.685971][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 505.686006][ C0] free_unref_page+0x5f4/0xdc0 [ 505.686041][ C0] vfree+0x17a/0x890 [ 505.686065][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 505.686104][ C0] ? __pfx_kcov_close+0x10/0x10 [ 505.686131][ C0] kcov_put+0x2a/0x40 [ 505.686156][ C0] kcov_close+0xd/0x20 [ 505.686181][ C0] __fput+0x3f6/0xb60 [ 505.686209][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 505.686246][ C0] task_work_run+0x14e/0x250 [ 505.686279][ C0] ? __pfx_task_work_run+0x10/0x10 [ 505.686312][ C0] ? do_raw_spin_unlock+0x172/0x230 [ 505.686337][ C0] do_exit+0xaa3/0x2ce0 [ 505.686368][ C0] ? __pfx_do_exit+0x10/0x10 [ 505.686400][ C0] do_group_exit+0xd3/0x2a0 [ 505.686430][ C0] get_signal+0x2658/0x26d0 [ 505.686458][ C0] ? __pfx_get_signal+0x10/0x10 [ 505.686481][ C0] ? __pfx_force_sig+0x10/0x10 [ 505.686505][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 505.686535][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 505.686570][ C0] ? trace_irq_disable.constprop.0+0xe4/0x130 [ 505.686605][ C0] irqentry_exit_to_user_mode+0x13f/0x280 [ 505.686631][ C0] asm_exc_stack_segment+0x26/0x30 [ 505.686654][ C0] RIP: 0033:0x7f97e6f7df41 [ 505.686671][ C0] Code: Unable to access opcode bytes at 0x7f97e6f7df17. [ 505.686681][ C0] RSP: 002b:7fffffffffffffff EFLAGS: 00010217 [ 505.686698][ C0] RAX: 0000000000000000 RBX: 00007f97e7136058 RCX: 00007f97e6f7df39 [ 505.686714][ C0] RDX: ffffffffffffffff RSI: 7fffffffffffffff RDI: 0000000000000007 [ 505.686729][ C0] RBP: 00007f97e6ff0216 R08: 0000000000000001 R09: 0000000000000000 [ 505.686744][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 505.686758][ C0] R13: 0000000000000001 R14: 00007f97e7136058 R15: 00007ffcdc332968 [ 505.686780][ C0] [ 506.190217][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 506.197146][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 506.207362][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 506.217458][ T30] Call Trace: [ 506.220766][ T30] [ 506.223727][ T30] dump_stack_lvl+0x3d/0x1f0 [ 506.228385][ T30] panic+0x71d/0x800 [ 506.232329][ T30] ? __pfx_panic+0x10/0x10 [ 506.236790][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 506.242211][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 506.248254][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 506.253680][ T30] ? watchdog+0xd76/0x1240 [ 506.258150][ T30] ? watchdog+0xd69/0x1240 [ 506.262631][ T30] watchdog+0xd87/0x1240 [ 506.266936][ T30] ? __pfx_watchdog+0x10/0x10 [ 506.271664][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 506.276910][ T30] ? __kthread_parkme+0x148/0x220 [ 506.281977][ T30] ? __pfx_watchdog+0x10/0x10 [ 506.286704][ T30] kthread+0x2c1/0x3a0 [ 506.290808][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 506.296056][ T30] ? __pfx_kthread+0x10/0x10 [ 506.300682][ T30] ret_from_fork+0x45/0x80 [ 506.305142][ T30] ? __pfx_kthread+0x10/0x10 [ 506.309769][ T30] ret_from_fork_asm+0x1a/0x30 [ 506.314605][ T30] [ 506.317980][ T30] Kernel Offset: disabled [ 506.322317][ T30] Rebooting in 86400 seconds..