last executing test programs: 2.742470236s ago: executing program 1 (id=378): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) r1 = dup$auto(r0) write$auto_lowpan_enable_fops_(r1, &(0x7f0000000080)="d0263b6845bdcff05e826b663fde481e1f00b90104f596d2", 0x18) 2.557823178s ago: executing program 1 (id=381): close_range$auto(0x2, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) 2.379546797s ago: executing program 1 (id=384): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000080)=@generic={0x3, "68194373648c8cf4466903937bcc"}, 0x6b) r0 = gettid() rt_sigqueueinfo$auto(r0, 0x1, 0x0) 2.280472583s ago: executing program 1 (id=386): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x18, 0x4, 0x1) getsockopt$auto(0x6, 0x111, 0x14, 0x0, 0x0) 2.140835025s ago: executing program 1 (id=389): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(r0, 0x400454ca, 0x38) write$auto(r0, 0x0, 0xc040f6) 2.084157093s ago: executing program 2 (id=390): mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) r0 = openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/make-it-fail\x00', 0x40002, 0x0) write$auto_proc_fault_inject_operations_base(r0, 0x0, 0x0) 1.897751117s ago: executing program 2 (id=393): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) pipe$auto(0x0) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) 1.686985125s ago: executing program 2 (id=396): openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x5, 0x0, 0x104, 0x0, 0x1f, 0xb}, 0x80000c}, 0x1, 0x20000000) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, &(0x7f00000000c0)={0xa, 0x81, 0x70}, 0x1f4, 0x0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1, 0x0) 972.566901ms ago: executing program 0 (id=403): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0x8, 0x329, 0x10011, 0x2, 0x8000) mprotect$auto(0x0, 0x5, 0x8) 961.87677ms ago: executing program 3 (id=404): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) r0 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r0, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d}) 848.927837ms ago: executing program 0 (id=405): r0 = socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto(r0, 0x890b, 0x9) 827.162772ms ago: executing program 3 (id=406): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) r0 = socket(0x15, 0x5, 0x0) setsockopt$auto_SO_BUSY_POLL_BUDGET(r0, 0x1, 0x46, 0x0, 0x94) 740.233864ms ago: executing program 2 (id=407): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/hid_magicmouse/parameters/scroll_speed\x00', 0x101142, 0x0) write$auto(r1, 0x0, 0x40db) 698.343526ms ago: executing program 3 (id=408): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x3}, 0x7, 0xe, 0x0) write$auto(0x3, 0x0, 0x10001) 577.135191ms ago: executing program 2 (id=409): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) write$auto(0x3, 0x0, 0xfdef) 525.924793ms ago: executing program 0 (id=410): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = io_uring_setup$auto(0x86, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001280)='/dev/v4l-subdev0\x00', 0x101000, 0x0) ioctl$auto(r1, 0xc0205648, r0) 466.465288ms ago: executing program 3 (id=411): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) connect$auto(0x3, &(0x7f0000000000), 0x55) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1e, &(0x7f0000000000), 0x1) 404.528235ms ago: executing program 2 (id=412): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40080, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) set_mempolicy_home_node$auto(0x0, 0x10001, 0x0, 0x0) 332.59529ms ago: executing program 0 (id=413): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001a00)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x200000c0) 280.471734ms ago: executing program 3 (id=414): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r0 = socket(0x11, 0x2, 0x40000e) capset$auto(0x0, &(0x7f0000000000)={0xfffffffe, 0x41, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, 0x0, 0x2e, 0x0, 0x7, 0x1083}, 0x5}, 0x2, 0x100) 226.441732ms ago: executing program 0 (id=415): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) getcwd$auto(0x0, 0xffffffffffffffff) mount_setattr$auto(0x5, 0x0, 0x0, &(0x7f0000000640)={0x1, 0x9, 0x80000}, 0x283) 112.423182ms ago: executing program 0 (id=416): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x4, 0x0, 0x100082) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) shutdown$auto(0x200000003, 0x2) 65.811016ms ago: executing program 3 (id=417): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) 0s ago: executing program 1 (id=418): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='l\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.152' (ED25519) to the list of known hosts. [ 90.922323][ T5815] cgroup: Unknown subsys name 'net' [ 91.061824][ T5815] cgroup: Unknown subsys name 'cpuset' [ 91.072357][ T5815] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 93.025390][ T5815] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 95.223943][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.225946][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.232862][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.246959][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.254971][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.262170][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.269466][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.277853][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.285646][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.293825][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.301796][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.307586][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.310035][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.322658][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.324074][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.333483][ T5832] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.338274][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.344471][ T5832] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.351908][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.367944][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.974019][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 95.987277][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 96.062321][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 96.162312][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 96.231176][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.239776][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.247070][ T5827] bridge_slave_0: entered allmulticast mode [ 96.254961][ T5827] bridge_slave_0: entered promiscuous mode [ 96.271555][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.279507][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.286718][ T5827] bridge_slave_1: entered allmulticast mode [ 96.294046][ T5827] bridge_slave_1: entered promiscuous mode [ 96.366546][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.373754][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.381649][ T5825] bridge_slave_0: entered allmulticast mode [ 96.389446][ T5825] bridge_slave_0: entered promiscuous mode [ 96.420602][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.434059][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.443357][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.450789][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.458373][ T5825] bridge_slave_1: entered allmulticast mode [ 96.465675][ T5825] bridge_slave_1: entered promiscuous mode [ 96.524179][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.531777][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.539312][ T5836] bridge_slave_0: entered allmulticast mode [ 96.546692][ T5836] bridge_slave_0: entered promiscuous mode [ 96.593634][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.600940][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.608513][ T5836] bridge_slave_1: entered allmulticast mode [ 96.616081][ T5836] bridge_slave_1: entered promiscuous mode [ 96.642668][ T5827] team0: Port device team_slave_0 added [ 96.651605][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.675019][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.682339][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.690001][ T5826] bridge_slave_0: entered allmulticast mode [ 96.697602][ T5826] bridge_slave_0: entered promiscuous mode [ 96.707574][ T5827] team0: Port device team_slave_1 added [ 96.715617][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.751639][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.758968][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.766146][ T5826] bridge_slave_1: entered allmulticast mode [ 96.774609][ T5826] bridge_slave_1: entered promiscuous mode [ 96.811705][ T5825] team0: Port device team_slave_0 added [ 96.820583][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.833784][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.899409][ T9] cfg80211: failed to load regulatory.db [ 96.910323][ T5825] team0: Port device team_slave_1 added [ 96.929600][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.936585][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.963149][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.979457][ T5836] team0: Port device team_slave_0 added [ 97.000075][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.014515][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.024597][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.031591][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.058084][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.078293][ T5836] team0: Port device team_slave_1 added [ 97.128842][ T5826] team0: Port device team_slave_0 added [ 97.151565][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.159275][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.185462][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.211503][ T5826] team0: Port device team_slave_1 added [ 97.246322][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.253620][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.280463][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.319192][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.326185][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.352579][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.364316][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.371622][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.397619][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.409369][ T5829] Bluetooth: hci3: command tx timeout [ 97.411548][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.421883][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.447881][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.461354][ T55] Bluetooth: hci2: command tx timeout [ 97.467174][ T5829] Bluetooth: hci1: command tx timeout [ 97.473210][ T55] Bluetooth: hci0: command tx timeout [ 97.494025][ T5827] hsr_slave_0: entered promiscuous mode [ 97.500791][ T5827] hsr_slave_1: entered promiscuous mode [ 97.508196][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.515183][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.541719][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.585248][ T5825] hsr_slave_0: entered promiscuous mode [ 97.591888][ T5825] hsr_slave_1: entered promiscuous mode [ 97.598269][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.606062][ T5825] Cannot create hsr debugfs directory [ 97.696925][ T5836] hsr_slave_0: entered promiscuous mode [ 97.703394][ T5836] hsr_slave_1: entered promiscuous mode [ 97.709997][ T5836] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.717706][ T5836] Cannot create hsr debugfs directory [ 97.779774][ T5826] hsr_slave_0: entered promiscuous mode [ 97.786342][ T5826] hsr_slave_1: entered promiscuous mode [ 97.793405][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.801372][ T5826] Cannot create hsr debugfs directory [ 98.248495][ T5827] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.266878][ T5827] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.282721][ T5827] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.303943][ T5827] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.368720][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.396042][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.417227][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.429767][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.486953][ T5836] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.512984][ T5836] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.535351][ T5836] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.557650][ T5836] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.667304][ T5826] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.679577][ T5826] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.707950][ T5826] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.721480][ T5826] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.745613][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.816701][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.846168][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.857557][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.865044][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.895307][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.902524][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.966389][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.980848][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.005884][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.013075][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.043914][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.051122][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.106266][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.180116][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.187428][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.233603][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.240859][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.286766][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.395317][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.439288][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.446504][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.461006][ T55] Bluetooth: hci3: command tx timeout [ 99.483650][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.490882][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.514826][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.537720][ T55] Bluetooth: hci0: command tx timeout [ 99.543191][ T55] Bluetooth: hci1: command tx timeout [ 99.549191][ T5829] Bluetooth: hci2: command tx timeout [ 99.716741][ T5827] veth0_vlan: entered promiscuous mode [ 99.748784][ T5827] veth1_vlan: entered promiscuous mode [ 99.789522][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.821320][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.862961][ T5827] veth0_macvtap: entered promiscuous mode [ 99.892793][ T5827] veth1_macvtap: entered promiscuous mode [ 99.971832][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.998501][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.012216][ T5825] veth0_vlan: entered promiscuous mode [ 100.034501][ T5827] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.043438][ T5827] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.053044][ T5827] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.062020][ T5827] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.101093][ T5825] veth1_vlan: entered promiscuous mode [ 100.114076][ T5836] veth0_vlan: entered promiscuous mode [ 100.135285][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.187280][ T5836] veth1_vlan: entered promiscuous mode [ 100.237616][ T5825] veth0_macvtap: entered promiscuous mode [ 100.250293][ T5825] veth1_macvtap: entered promiscuous mode [ 100.307997][ T3018] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.308501][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.315971][ T3018] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.330142][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.353821][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.374202][ T5826] veth0_vlan: entered promiscuous mode [ 100.394212][ T5836] veth0_macvtap: entered promiscuous mode [ 100.420050][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.430822][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.442575][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.456443][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.465299][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.474563][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.483359][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.496739][ T5826] veth1_vlan: entered promiscuous mode [ 100.514514][ T5836] veth1_macvtap: entered promiscuous mode [ 100.538792][ T3018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.546654][ T3018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.549301][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.565113][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.576021][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.589631][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.601658][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.626589][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.639798][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.650515][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.661601][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.673443][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.696755][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.730026][ T5836] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.751118][ T5836] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.759964][ T5836] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.769115][ T5836] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.789380][ T5826] veth0_macvtap: entered promiscuous mode [ 100.823464][ T5826] veth1_macvtap: entered promiscuous mode [ 100.866599][ T5889] process 'syz.3.4' launched '/dev/fd/3' with NULL argv: empty string added [ 100.905746][ T194] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.916715][ T194] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.925062][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.946367][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.978014][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.997775][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.010230][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.020807][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.032329][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.069476][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.087351][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.098290][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.112733][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.122941][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.133638][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.146495][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.184107][ T194] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.198039][ T194] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.213492][ T5826] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.228813][ T5826] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.244403][ T5826] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.260014][ T5826] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.307465][ T3018] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.315341][ T3018] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.357161][ T5894] netlink: 194 bytes leftover after parsing attributes in process `syz.3.6'. [ 101.371201][ T5894] Zero length message leads to an empty skb [ 101.412849][ T3018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.435793][ T3018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.540800][ T55] Bluetooth: hci3: command tx timeout [ 101.566581][ T194] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.578774][ T194] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.618024][ T55] Bluetooth: hci1: command tx timeout [ 101.623792][ T5832] Bluetooth: hci2: command tx timeout [ 101.629597][ T5832] Bluetooth: hci0: command tx timeout [ 101.667580][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.675465][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.685567][ T5898] syz.3.7 uses obsolete (PF_INET,SOCK_PACKET) [ 102.058845][ T5905] nbd: socks must be embedded in a SOCK_ITEM attr [ 102.080473][ T5905] block nbd0: shutting down sockets [ 102.808215][ T5928] netlink: 130 bytes leftover after parsing attributes in process `syz.0.17'. [ 103.623908][ T5832] Bluetooth: hci3: command tx timeout [ 103.698230][ T5832] Bluetooth: hci0: command tx timeout [ 103.703700][ T5832] Bluetooth: hci1: command tx timeout [ 103.710530][ T55] Bluetooth: hci2: command tx timeout [ 104.343130][ T5971] Device name cannot be null; rc = [-22] [ 107.009873][ T6036] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.230876][ T6043] netlink: 342 bytes leftover after parsing attributes in process `syz.1.64'. [ 109.721430][ T6099] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 110.967518][ T6127] capability: warning: `syz.1.95' uses 32-bit capabilities (legacy support in use) [ 111.634317][ T6147] netlink: 28 bytes leftover after parsing attributes in process `syz.0.105'. [ 111.667842][ T6147] caif0: entered promiscuous mode [ 112.481491][ T6161] CIFS: VFS: Unsupported security flags: 0x10 [ 112.686809][ T6165] mmap: syz.0.112 (6165) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 113.716486][ T6194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.123'. [ 116.977968][ T6295] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.907755][ T6396] device-mapper: ioctl: Unable to rename non-existent device,  to [ 123.865661][ T6480] netlink: 'syz.2.241': attribute type 11 has an invalid length. [ 124.372964][ T5832] Bluetooth: hci0: Malformed Event: 0x2f [ 124.564872][ T5832] Bluetooth: hci0: ISO packet too small [ 124.730816][ T6505] netlink: 28 bytes leftover after parsing attributes in process `syz.1.251'. [ 124.744996][ T6505] ipvlan1: entered allmulticast mode [ 124.761601][ T6505] veth0_vlan: entered allmulticast mode [ 126.676769][ T6512] kexec: Could not allocate control_code_buffer [ 127.017201][ T5832] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 127.017247][ T5832] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 127.036382][ T5832] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 127.036446][ T5832] Bluetooth: hci3: adv larger than maximum supported [ 127.044959][ T5832] Bluetooth: hci3: Malformed LE Event: 0x0d [ 127.173343][ T6566] netlink: 294 bytes leftover after parsing attributes in process `syz.1.276'. [ 128.290494][ T6600] ======================================================= [ 128.290494][ T6600] WARNING: The mand mount option has been deprecated and [ 128.290494][ T6600] and is ignored by this kernel. Remove the mand [ 128.290494][ T6600] option from the mount to silence this warning. [ 128.290494][ T6600] ======================================================= [ 129.041110][ T6628] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 130.069811][ T6664] netlink: 338 bytes leftover after parsing attributes in process `syz.0.317'. [ 131.594431][ T6717] netlink: 214 bytes leftover after parsing attributes in process `syz.2.341'. [ 131.938342][ T6723] nbd: socks must be embedded in a SOCK_ITEM attr [ 131.952980][ T6723] block nbd0: shutting down sockets [ 132.756700][ T6698] kexec: Could not allocate control_code_buffer [ 134.042420][ T6785] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in; [ 134.042420][ T6785] program syz.0.372 not setting count and/or reply_len properly [ 134.276642][ T6800] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 134.980052][ T6826] kafs: addr_prefs: Invalid Command [ 136.967959][ T5825] ------------[ cut here ]------------ [ 136.973488][ T5825] ODEBUG: free active (active state 0) object: ffff888070f71248 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 137.016407][ T5825] WARNING: CPU: 0 PID: 5825 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 137.026470][ T5825] Modules linked in: [ 137.031077][ T5825] CPU: 0 UID: 0 PID: 5825 Comm: syz-executor Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 137.043823][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 137.054647][ T5825] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 137.061041][ T5825] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 78 f4 8b 4c 89 e6 48 c7 c7 40 6d f4 8b e8 ef b5 a7 fc 90 <0f> 0b 90 90 58 83 05 a6 71 b2 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 137.080816][ T5825] RSP: 0018:ffffc90003f5f988 EFLAGS: 00010286 [ 137.086922][ T5825] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a8f78 [ 137.095871][ T5825] RDX: ffff8880252e8000 RSI: ffffffff817a8f85 RDI: 0000000000000001 [ 137.104552][ T5825] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 137.112622][ T5825] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8bf473e0 [ 137.120810][ T5825] R13: ffffffff8b8fc600 R14: ffffffff8a759c00 R15: ffffc90003f5fa88 [ 137.128876][ T5825] FS: 0000000000000000(0000) GS:ffff8881249ed000(0000) knlGS:0000000000000000 [ 137.138389][ T5825] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.145033][ T5825] CR2: 00007f28396e56c0 CR3: 0000000070422000 CR4: 00000000003526f0 [ 137.153225][ T5825] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 137.161267][ T5825] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 137.169324][ T5825] Call Trace: [ 137.172637][ T5825] [ 137.175618][ T5825] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 137.181165][ T5825] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 137.187016][ T5825] debug_check_no_obj_freed+0x4b7/0x600 [ 137.193323][ T5825] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 137.199995][ T5825] ? rcu_is_watching+0x12/0xc0 [ 137.204832][ T5825] ? kmem_cache_free+0x2d4/0x4d0 [ 137.209867][ T5825] kfree+0x291/0x4d0 [ 137.213824][ T5825] ? hci_release_dev+0x4d8/0x600 [ 137.219003][ T5825] hci_release_dev+0x4d8/0x600 [ 137.223818][ T5825] ? __pfx_hci_release_dev+0x10/0x10 [ 137.229227][ T5825] ? rcu_is_watching+0x12/0xc0 [ 137.234042][ T5825] ? kfree+0x252/0x4d0 [ 137.238196][ T5825] bt_host_release+0x6a/0xb0 [ 137.242817][ T5825] ? __pfx_bt_host_release+0x10/0x10 [ 137.248193][ T5825] device_release+0xa1/0x240 [ 137.252827][ T5825] kobject_put+0x1e4/0x5a0 [ 137.257429][ T5825] ? __pfx_vhci_release+0x10/0x10 [ 137.262511][ T5825] put_device+0x1f/0x30 [ 137.266720][ T5825] vhci_release+0x81/0xf0 [ 137.271154][ T5825] __fput+0x3ff/0xb70 [ 137.275193][ T5825] task_work_run+0x14d/0x240 [ 137.279896][ T5825] ? __pfx_task_work_run+0x10/0x10 [ 137.285072][ T5825] ? switch_task_namespaces+0xeb/0x100 [ 137.290624][ T5825] do_exit+0xafb/0x2c30 [ 137.295565][ T5825] ? do_raw_spin_lock+0x12c/0x2b0 [ 137.301287][ T5825] ? __pfx_do_exit+0x10/0x10 [ 137.305947][ T5825] ? rcu_is_watching+0x12/0xc0 [ 137.310822][ T5825] do_group_exit+0xd3/0x2a0 [ 137.315388][ T5825] __x64_sys_exit_group+0x3e/0x50 [ 137.320566][ T5825] x64_sys_call+0x1530/0x1730 [ 137.325304][ T5825] do_syscall_64+0xcd/0x230 [ 137.329923][ T5825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.335887][ T5825] RIP: 0033:0x7f5f0bd8e969 [ 137.340417][ T5825] Code: Unable to access opcode bytes at 0x7f5f0bd8e93f. [ 137.347508][ T5825] RSP: 002b:00007fff46e33798 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.355975][ T5825] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5f0bd8e969 [ 137.364029][ T5825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 137.372062][ T5825] RBP: 00007f5f0be12287 R08: 00007fff46e31536 R09: 00000000000927c0 [ 137.380224][ T5825] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 137.388338][ T5825] R13: 00000000000927c0 R14: 0000000000021617 R15: 00007fff46e33950 [ 137.396814][ T5825] [ 137.400468][ T5825] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 137.407787][ T5825] CPU: 0 UID: 0 PID: 5825 Comm: syz-executor Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 137.419952][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 137.430013][ T5825] Call Trace: [ 137.433298][ T5825] [ 137.436239][ T5825] dump_stack_lvl+0x3d/0x1f0 [ 137.440852][ T5825] panic+0x71c/0x800 [ 137.444773][ T5825] ? __pfx_panic+0x10/0x10 [ 137.449238][ T5825] ? show_trace_log_lvl+0x29b/0x3e0 [ 137.454542][ T5825] ? check_panic_on_warn+0x1f/0xb0 [ 137.459774][ T5825] ? debug_print_object+0x1a2/0x2b0 [ 137.465012][ T5825] check_panic_on_warn+0xab/0xb0 [ 137.469980][ T5825] __warn+0xf6/0x3c0 [ 137.473899][ T5825] ? debug_print_object+0x1a2/0x2b0 [ 137.479130][ T5825] report_bug+0x3c3/0x580 [ 137.483478][ T5825] ? debug_print_object+0x1a2/0x2b0 [ 137.488733][ T5825] handle_bug+0x184/0x210 [ 137.493094][ T5825] exc_invalid_op+0x17/0x50 [ 137.497641][ T5825] asm_exc_invalid_op+0x1a/0x20 [ 137.502529][ T5825] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 137.508373][ T5825] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 78 f4 8b 4c 89 e6 48 c7 c7 40 6d f4 8b e8 ef b5 a7 fc 90 <0f> 0b 90 90 58 83 05 a6 71 b2 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 137.527996][ T5825] RSP: 0018:ffffc90003f5f988 EFLAGS: 00010286 [ 137.534075][ T5825] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a8f78 [ 137.542057][ T5825] RDX: ffff8880252e8000 RSI: ffffffff817a8f85 RDI: 0000000000000001 [ 137.550048][ T5825] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 137.558028][ T5825] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8bf473e0 [ 137.566024][ T5825] R13: ffffffff8b8fc600 R14: ffffffff8a759c00 R15: ffffc90003f5fa88 [ 137.574004][ T5825] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 137.579485][ T5825] ? __warn_printk+0x198/0x350 [ 137.584284][ T5825] ? __warn_printk+0x1a5/0x350 [ 137.589071][ T5825] ? debug_print_object+0x1a1/0x2b0 [ 137.594291][ T5825] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 137.599764][ T5825] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 137.605592][ T5825] debug_check_no_obj_freed+0x4b7/0x600 [ 137.611170][ T5825] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 137.617247][ T5825] ? rcu_is_watching+0x12/0xc0 [ 137.622029][ T5825] ? kmem_cache_free+0x2d4/0x4d0 [ 137.626983][ T5825] kfree+0x291/0x4d0 [ 137.630911][ T5825] ? hci_release_dev+0x4d8/0x600 [ 137.635881][ T5825] hci_release_dev+0x4d8/0x600 [ 137.640700][ T5825] ? __pfx_hci_release_dev+0x10/0x10 [ 137.646020][ T5825] ? rcu_is_watching+0x12/0xc0 [ 137.650814][ T5825] ? kfree+0x252/0x4d0 [ 137.654940][ T5825] bt_host_release+0x6a/0xb0 [ 137.659557][ T5825] ? __pfx_bt_host_release+0x10/0x10 [ 137.664876][ T5825] device_release+0xa1/0x240 [ 137.669501][ T5825] kobject_put+0x1e4/0x5a0 [ 137.673944][ T5825] ? __pfx_vhci_release+0x10/0x10 [ 137.678987][ T5825] put_device+0x1f/0x30 [ 137.683169][ T5825] vhci_release+0x81/0xf0 [ 137.687541][ T5825] __fput+0x3ff/0xb70 [ 137.691573][ T5825] task_work_run+0x14d/0x240 [ 137.696195][ T5825] ? __pfx_task_work_run+0x10/0x10 [ 137.701334][ T5825] ? switch_task_namespaces+0xeb/0x100 [ 137.706820][ T5825] do_exit+0xafb/0x2c30 [ 137.711004][ T5825] ? do_raw_spin_lock+0x12c/0x2b0 [ 137.716073][ T5825] ? __pfx_do_exit+0x10/0x10 [ 137.720698][ T5825] ? rcu_is_watching+0x12/0xc0 [ 137.725480][ T5825] do_group_exit+0xd3/0x2a0 [ 137.730018][ T5825] __x64_sys_exit_group+0x3e/0x50 [ 137.735076][ T5825] x64_sys_call+0x1530/0x1730 [ 137.739781][ T5825] do_syscall_64+0xcd/0x230 [ 137.744392][ T5825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.750297][ T5825] RIP: 0033:0x7f5f0bd8e969 [ 137.754720][ T5825] Code: Unable to access opcode bytes at 0x7f5f0bd8e93f. [ 137.761762][ T5825] RSP: 002b:00007fff46e33798 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.770199][ T5825] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5f0bd8e969 [ 137.778186][ T5825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 137.786169][ T5825] RBP: 00007f5f0be12287 R08: 00007fff46e31536 R09: 00000000000927c0 [ 137.794151][ T5825] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 137.802128][ T5825] R13: 00000000000927c0 R14: 0000000000021617 R15: 00007fff46e33950 [ 137.810143][ T5825] [ 137.813478][ T5825] Kernel Offset: disabled [ 137.817810][ T5825] Rebooting in 86400 seconds..