last executing test programs: 1.816404578s ago: executing program 3 (id=5460): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x0, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 1.727261342s ago: executing program 1 (id=5461): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x3, 0x3b) capget$auto(0x0, 0xfffffffffffffffe) getsockopt$auto(r0, 0x29, 0x3d, 0x0, 0x0) 1.566483426s ago: executing program 1 (id=5465): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setreuid$auto(0x4, 0x8) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x40, 0x1ff, 0x9}) 1.500630935s ago: executing program 0 (id=5467): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x10000, 0x0, 0x7, 0x4}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x8, 0x8, 0x3ff, 0xf, 0x5}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0) 1.450243289s ago: executing program 1 (id=5468): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.375824186s ago: executing program 2 (id=5470): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) setsockopt$auto(r0, 0x114, 0x1, 0x0, 0x1b) 1.226344428s ago: executing program 2 (id=5471): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x40, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8, 0xf, 0x5}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x9}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0) 1.223207448s ago: executing program 0 (id=5479): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r0 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r0, 0x65, 0x8, 0x0, 0x0) 1.123666678s ago: executing program 0 (id=5472): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) mount_setattr$auto(0x0, 0xfffffffffffffffe, 0x100, 0x0, 0x20) 1.113877418s ago: executing program 2 (id=5473): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) ioprio_set$auto(0x2, 0x800000000, 0x8) 1.024410659s ago: executing program 0 (id=5474): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x14) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) 1.024323485s ago: executing program 3 (id=5475): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x20, r1, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_SCAN_SSIDS={0x4}]}, 0x20}}, 0x4000000) 1.015326384s ago: executing program 1 (id=5476): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xa6ff, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 906.287101ms ago: executing program 2 (id=5477): socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) bind$auto(0x3, 0x0, 0x68) 794.725191ms ago: executing program 1 (id=5478): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) 764.358786ms ago: executing program 3 (id=5480): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) setfsuid$auto(0xee00) 595.278068ms ago: executing program 3 (id=5481): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x200008, 0x19) 552.833199ms ago: executing program 0 (id=5482): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x0, 0x34, 0x0, 0x0) 470.767067ms ago: executing program 2 (id=5483): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x0, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 294.663921ms ago: executing program 3 (id=5484): r0 = gettid() ppoll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0xfd, 0x1}, 0x3, &(0x7f0000000080)={0x6, 0x6}, 0x0, 0x8) mmap$auto(0x200000000000, 0x2020009, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000) tkill$auto(r0, 0x7) 294.01129ms ago: executing program 0 (id=5492): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) execve$auto(0x0, 0x0, 0x0) 121.381359ms ago: executing program 2 (id=5485): mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) semctl$auto(0x1ff, 0x100000001, 0x13, 0x9) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) 88.577102ms ago: executing program 3 (id=5486): r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = getpgid(0x0) sendmsg$auto_TIPC_NL_MON_PEER_GET(r1, &(0x7f0000006140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, r0, 0x711, 0x70b52c, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid=r2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4405}, 0x4c848) 0s ago: executing program 1 (id=5487): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.159981][ T5847] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.168851][ T5847] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.180810][ T5847] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.189766][ T5847] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.426114][ T3556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.445288][ T3556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.483188][ T3556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.516978][ T3556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.567944][ T3556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.583001][ T3556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.657473][ T3556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.665775][ T3556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.737968][ T2959] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.761286][ T2959] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.770630][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.779918][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.841472][ T842] cfg80211: failed to load regulatory.db [ 91.995090][ T5856] Bluetooth: hci0: command tx timeout [ 92.075252][ T5856] Bluetooth: hci1: command tx timeout [ 92.076748][ T5854] Bluetooth: hci2: command tx timeout [ 92.207841][ T5956] sd 0:0:1:0: PR command failed: 1026 [ 92.213345][ T5956] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 92.236760][ T5854] Bluetooth: hci3: command tx timeout [ 92.269208][ T5956] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 92.882701][ T5982] program syz.3.18 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.910971][ T5980] netlink: 'syz.1.19': attribute type 1 has an invalid length. [ 93.138652][ T5988] openvswitch: netlink: Missing valid actions attribute. [ 94.075724][ T5854] Bluetooth: hci0: command tx timeout [ 94.154984][ T5854] Bluetooth: hci1: command tx timeout [ 94.155421][ T5856] Bluetooth: hci2: command tx timeout [ 94.286593][ T6025] netlink: 'syz.3.38': attribute type 11 has an invalid length. [ 94.294936][ T6025] netlink: 'syz.3.38': attribute type 11 has an invalid length. [ 94.303047][ T6025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.38'. [ 94.312686][ T6025] netlink: 'syz.3.38': attribute type 11 has an invalid length. [ 94.320845][ T5856] Bluetooth: hci3: command tx timeout [ 94.327153][ T6025] netlink: 20 bytes leftover after parsing attributes in process `syz.3.38'. [ 94.336273][ T6025] netlink: 200 bytes leftover after parsing attributes in process `syz.3.38'. [ 95.102889][ T30] audit: type=1800 audit(1753845115.522:2): pid=6048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.49" name="dbroot" dev="configfs" ino=6629 res=0 errno=0 [ 96.950012][ T6109] netlink: 16 bytes leftover after parsing attributes in process `syz.3.75'. [ 97.165200][ T6115] FAULT_INJECTION: forcing a failure. [ 97.165200][ T6115] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 97.204548][ T6115] CPU: 1 UID: 0 PID: 6115 Comm: syz.2.78 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 97.204585][ T6115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 97.204605][ T6115] Call Trace: [ 97.204614][ T6115] [ 97.204627][ T6115] dump_stack_lvl+0x16c/0x1f0 [ 97.204667][ T6115] should_fail_ex+0x512/0x640 [ 97.204706][ T6115] should_fail_alloc_page+0xe7/0x130 [ 97.204737][ T6115] prepare_alloc_pages+0x3c2/0x610 [ 97.204777][ T6115] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 97.204809][ T6115] ? __pfx_stack_trace_save+0x10/0x10 [ 97.204836][ T6115] ? stack_depot_save_flags+0x28/0xa40 [ 97.204872][ T6115] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 97.204904][ T6115] ? kasan_save_stack+0x42/0x60 [ 97.204930][ T6115] ? kasan_save_stack+0x33/0x60 [ 97.204956][ T6115] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 97.204984][ T6115] ? __pmd_alloc+0xbf/0x930 [ 97.205016][ T6115] ? handle_mm_fault+0x589/0xd10 [ 97.205038][ T6115] ? populate_vma_page_range+0x278/0x3a0 [ 97.205073][ T6115] ? __mm_populate+0x1d8/0x380 [ 97.205106][ T6115] ? vm_mmap_pgoff+0x362/0x450 [ 97.205134][ T6115] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 97.205163][ T6115] ? __x64_sys_mmap+0x125/0x190 [ 97.205203][ T6115] ? do_syscall_64+0xcd/0x490 [ 97.205233][ T6115] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.205274][ T6115] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 97.205315][ T6115] ? policy_nodemask+0xea/0x4e0 [ 97.205350][ T6115] alloc_pages_mpol+0x1fb/0x550 [ 97.205383][ T6115] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 97.205411][ T6115] ? css_rstat_updated+0x9d/0xd30 [ 97.205466][ T6115] alloc_pages_noprof+0x131/0x390 [ 97.205500][ T6115] pte_alloc_one+0x1c/0x3a0 [ 97.205528][ T6115] __pte_alloc+0x6d/0x3c0 [ 97.205559][ T6115] ? __pfx___pte_alloc+0x10/0x10 [ 97.205590][ T6115] ? _raw_spin_unlock+0x28/0x50 [ 97.205617][ T6115] ? __pmd_alloc+0x3fb/0x930 [ 97.205654][ T6115] __handle_mm_fault+0x4358/0x5490 [ 97.205688][ T6115] ? __pfx___handle_mm_fault+0x10/0x10 [ 97.205745][ T6115] handle_mm_fault+0x589/0xd10 [ 97.205777][ T6115] __get_user_pages+0x589/0x3b80 [ 97.205823][ T6115] ? __pfx_mt_find+0x10/0x10 [ 97.205858][ T6115] ? __pfx___get_user_pages+0x10/0x10 [ 97.205907][ T6115] populate_vma_page_range+0x278/0x3a0 [ 97.205947][ T6115] ? __pfx_populate_vma_page_range+0x10/0x10 [ 97.205982][ T6115] ? __pfx_find_vma_intersection+0x10/0x10 [ 97.206019][ T6115] ? do_mmap+0x69c/0x1210 [ 97.206058][ T6115] __mm_populate+0x1d8/0x380 [ 97.206095][ T6115] ? __pfx___mm_populate+0x10/0x10 [ 97.206134][ T6115] ? up_write+0x1b2/0x520 [ 97.206162][ T6115] vm_mmap_pgoff+0x362/0x450 [ 97.206198][ T6115] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 97.206240][ T6115] ? __x64_sys_futex+0x1e0/0x4c0 [ 97.206269][ T6115] ? __x64_sys_futex+0x1e9/0x4c0 [ 97.206306][ T6115] ksys_mmap_pgoff+0x7d/0x5c0 [ 97.206338][ T6115] ? xfd_validate_state+0x61/0x180 [ 97.206370][ T6115] ? __pfx_ksys_write+0x10/0x10 [ 97.206402][ T6115] __x64_sys_mmap+0x125/0x190 [ 97.206449][ T6115] do_syscall_64+0xcd/0x490 [ 97.206485][ T6115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.206510][ T6115] RIP: 0033:0x7feefc78e9a9 [ 97.206539][ T6115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.206563][ T6115] RSP: 002b:00007feefd61c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 97.206587][ T6115] RAX: ffffffffffffffda RBX: 00007feefc9b5fa0 RCX: 00007feefc78e9a9 [ 97.206605][ T6115] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 97.206621][ T6115] RBP: 00007feefc810d69 R08: 0000000000000002 R09: 0000000000008000 [ 97.206637][ T6115] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 97.206651][ T6115] R13: 0000000000000000 R14: 00007feefc9b5fa0 R15: 00007ffded4b3798 [ 97.206685][ T6115] [ 97.612008][ T6119] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 98.139294][ T6140] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 98.293759][ T6142] netlink: 'syz.1.91': attribute type 1 has an invalid length. [ 98.528382][ T6154] syz.1.95 (6154) used obsolete PPPIOCDETACH ioctl [ 98.582025][ T6156] netlink: 'syz.3.98': attribute type 1 has an invalid length. [ 98.929752][ T6171] openvswitch: netlink: Flow key attribute not present in set flow. [ 99.929047][ T6207] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 103.377027][ T6330] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd32 [ 103.718127][ T6337] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.355236][ T6359] process 'syz.3.189' launched '/dev/fd/3' with NULL argv: empty string added [ 104.559403][ T6365] netlink: 'syz.1.193': attribute type 1 has an invalid length. [ 105.839673][ T6412] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 106.506995][ T6429] capability: warning: `syz.3.221' uses 32-bit capabilities (legacy support in use) [ 107.146500][ T6453] openvswitch: netlink: IP tunnel dst address not specified [ 107.881559][ T6478] netlink: 'syz.1.243': attribute type 11 has an invalid length. [ 107.934776][ T6478] netlink: 'syz.1.243': attribute type 11 has an invalid length. [ 107.942566][ T6478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.243'. [ 107.974457][ T6478] netlink: 'syz.1.243': attribute type 11 has an invalid length. [ 107.984185][ T6478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.243'. [ 108.003316][ T6478] netlink: 200 bytes leftover after parsing attributes in process `syz.1.243'. [ 110.821255][ T6570] ======================================================= [ 110.821255][ T6570] WARNING: The mand mount option has been deprecated and [ 110.821255][ T6570] and is ignored by this kernel. Remove the mand [ 110.821255][ T6570] option from the mount to silence this warning. [ 110.821255][ T6570] ======================================================= [ 110.856122][ C0] vkms_vblank_simulate: vblank timer overrun [ 111.049451][ T6577] mmap: syz.1.288 (6577) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 112.376961][ T6618] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 117.337473][ T6773] svc: failed to register nfsdv3 RPC service (errno 111). [ 117.377034][ T6773] svc: failed to register nfsaclv3 RPC service (errno 111). [ 117.531795][ T6784] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 118.298505][ T6805] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 118.496321][ T6814] netlink: 'syz.3.395': attribute type 4 has an invalid length. [ 118.504119][ T6814] netlink: 'syz.3.395': attribute type 1 has an invalid length. [ 118.747284][ T6820] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 120.154061][ T30] audit: type=1804 audit(4294967312.480:3): pid=6872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.420" name="/newroot/110/file0" dev="tmpfs" ino=573 res=1 errno=0 [ 122.542980][ T6948] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 122.549716][ T6948] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 123.408370][ T6975] aoe: copy from user failed [ 123.418504][ T6975] aoe: could not set interface list: too many interfaces [ 124.077846][ T6998] usb usb37: usbfs: process 6998 (syz.2.477) did not claim interface 0 before use [ 124.419478][ T7012] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 127.313885][ T30] audit: type=1800 audit(4294967319.640:4): pid=7093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.525" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 127.470717][ T7101] netlink: ct family unspecified [ 128.468862][ T7121] ubi0: attaching mtd0 [ 128.473128][ T7121] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 128.728702][ T7129] .^: entered promiscuous mode [ 130.920422][ T7197] ksmbd: Unknown IPC event: 14, ignore. [ 131.275366][ T7211] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.295753][ T7211] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.815510][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.822078][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.411471][ T7287] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 133.428403][ T7281] netlink: 'syz.1.604': attribute type 2 has an invalid length. [ 134.232958][ T7321] netlink: 4 bytes leftover after parsing attributes in process `syz.0.617'. [ 134.992111][ T7342] ptrace attach of "./syz-executor exec"[5851] was attempted by ""[7342] [ 135.229826][ T7357] syz.0.630 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 137.537169][ T7444] bond0: option lp_interval: invalid value () [ 137.574888][ T7444] bond0: option lp_interval: allowed values 1 - 2147483647 [ 137.788847][ T7454] openvswitch: netlink: Duplicate or invalid key (type 0). [ 138.202155][ T7469] tipc: Started in network mode [ 138.227501][ T7469] tipc: Node identity 30303030, cluster identity 4711 [ 138.247856][ T7469] tipc: Node number set to 808464432 [ 138.822342][ T7493] netlink: 'syz.2.679': attribute type 1 has an invalid length. [ 139.366032][ T7516] Zero length message leads to an empty skb [ 139.618343][ T7526] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 139.649184][ T7530] MTRR 1 not used [ 140.837320][ T7577] writing to auto_msgmni has no effect [ 141.084468][ T7584] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 142.342750][ T7629] futex_wake_op: syz.2.732 tries to shift op by -9; fix this program [ 143.485823][ T7666] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 144.283422][ T7698] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input5 [ 144.768698][ T7717] openvswitch: netlink: IP tunnel dst address not specified [ 145.669433][ T7755] netlink: 32 bytes leftover after parsing attributes in process `syz.2.788'. [ 146.070133][ T7770] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 146.680491][ T7798] netlink: 'syz.0.808': attribute type 2 has an invalid length. [ 149.621038][ T7892] netlink: 16 bytes leftover after parsing attributes in process `syz.3.849'. [ 149.939122][ T7902] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 149.958622][ T7904] netlink: 4 bytes leftover after parsing attributes in process `syz.3.854'. [ 150.572395][ T7923] device-mapper: ioctl: Invalid ioctl structure: name , dev 7f00010002 [ 151.408685][ T7953] netlink: 4 bytes leftover after parsing attributes in process `syz.2.877'. [ 152.799640][ T8001] FAULT_INJECTION: forcing a failure. [ 152.799640][ T8001] name failslab, interval 1, probability 0, space 0, times 1 [ 152.827193][ T8001] CPU: 0 UID: 0 PID: 8001 Comm: syz.0.898 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 152.827233][ T8001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 152.827249][ T8001] Call Trace: [ 152.827258][ T8001] [ 152.827268][ T8001] dump_stack_lvl+0x16c/0x1f0 [ 152.827307][ T8001] should_fail_ex+0x512/0x640 [ 152.827338][ T8001] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 152.827366][ T8001] should_failslab+0xc2/0x120 [ 152.827398][ T8001] __kmalloc_cache_noprof+0x6a/0x3e0 [ 152.827420][ T8001] ? rcu_is_watching+0x12/0xc0 [ 152.827447][ T8001] ? call_usermodehelper_setup+0xaf/0x360 [ 152.827476][ T8001] ? __pfx_free_modprobe_argv+0x10/0x10 [ 152.827503][ T8001] call_usermodehelper_setup+0xaf/0x360 [ 152.827535][ T8001] __request_module+0x3bd/0x690 [ 152.827559][ T8001] ? __pfx___request_module+0x10/0x10 [ 152.827597][ T8001] ? rcu_is_watching+0x12/0xc0 [ 152.827625][ T8001] ? lockdep_hardirqs_on+0x7c/0x110 [ 152.827660][ T8001] netlink_create+0x226/0x620 [ 152.827700][ T8001] __sock_create+0x335/0x8d0 [ 152.827732][ T8001] __sys_socket+0x14d/0x260 [ 152.827757][ T8001] ? fput+0x70/0xf0 [ 152.827789][ T8001] ? __pfx___sys_socket+0x10/0x10 [ 152.827824][ T8001] ? xfd_validate_state+0x61/0x180 [ 152.827859][ T8001] ? __pfx_ksys_write+0x10/0x10 [ 152.827893][ T8001] __x64_sys_socket+0x72/0xb0 [ 152.827918][ T8001] ? lockdep_hardirqs_on+0x7c/0x110 [ 152.827948][ T8001] do_syscall_64+0xcd/0x490 [ 152.827982][ T8001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.828007][ T8001] RIP: 0033:0x7f0abdf8e9a9 [ 152.828028][ T8001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.828051][ T8001] RSP: 002b:00007f0abee63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 152.828075][ T8001] RAX: ffffffffffffffda RBX: 00007f0abe1b5fa0 RCX: 00007f0abdf8e9a9 [ 152.828091][ T8001] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 152.828105][ T8001] RBP: 00007f0abe010d69 R08: 0000000000000000 R09: 0000000000000000 [ 152.828119][ T8001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.828132][ T8001] R13: 0000000000000000 R14: 00007f0abe1b5fa0 R15: 00007ffc8dd87e38 [ 152.828164][ T8001] [ 153.957661][ T8034] netlink: 16 bytes leftover after parsing attributes in process `syz.1.913'. [ 155.585473][ T8092] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 155.615483][ T8092] CIFS mount error: No usable UNC path provided in device string! [ 155.615483][ T8092] [ 155.635105][ T8092] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 155.807329][ T30] audit: type=1800 audit(4294967348.140:5): pid=8101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.943" name="lu_gp_id" dev="configfs" ino=13102 res=0 errno=0 [ 156.013266][ T8109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.946'. [ 156.822891][ T8138] ucma_write: process 508 (syz.3.960) changed security contexts after opening file descriptor, this is not allowed. [ 158.184229][ T8199] netlink: 'syz.1.988': attribute type 11 has an invalid length. [ 159.650294][ T8256] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 159.819175][ T8260] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 160.333062][ T8280] device-mapper: ioctl: name not supplied when creating device [ 161.920009][ T8344] nbd: must specify an index to disconnect [ 161.940004][ T5856] Bluetooth: hci0: unexpected subevent 0x01 length: 122 > 18 [ 162.146145][ T8354] tc_dump_action: action bad kind [ 162.372024][ T8361] netlink: 'syz.0.1063': attribute type 3 has an invalid length. syzkaller syzkaller login: [ 165.343092][ T8485] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 165.436597][ T8489] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 166.011426][ T8511] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 166.277968][ T8521] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 166.431541][ T8524] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 167.115344][ T8551] netlink: 29 bytes leftover after parsing attributes in process `syz.0.1147'. [ 167.311085][ T8561] netlink: 'syz.0.1151': attribute type 8 has an invalid length. syzkaller syzkaller login: [ 168.340476][ T5856] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 168.340513][ T5856] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 168.358388][ T5856] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 168.358454][ T5856] Bluetooth: hci3: adv larger than maximum supported [ 168.365808][ T5856] Bluetooth: hci3: adv larger than maximum supported [ 168.372516][ T5856] Bluetooth: hci3: Malformed LE Event: 0x0d [ 168.665265][ T8622] FAULT_INJECTION: forcing a failure. [ 168.665265][ T8622] name failslab, interval 1, probability 0, space 0, times 0 [ 168.711893][ T8622] CPU: 0 UID: 0 PID: 8622 Comm: syz.0.1179 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 168.711930][ T8622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 168.711946][ T8622] Call Trace: [ 168.711955][ T8622] [ 168.711965][ T8622] dump_stack_lvl+0x16c/0x1f0 [ 168.712003][ T8622] should_fail_ex+0x512/0x640 [ 168.712035][ T8622] ? __kmalloc_noprof+0xbf/0x510 [ 168.712066][ T8622] ? alloc_pipe_info+0x1ec/0x590 [ 168.712093][ T8622] should_failslab+0xc2/0x120 [ 168.712124][ T8622] __kmalloc_noprof+0xd2/0x510 [ 168.712159][ T8622] alloc_pipe_info+0x1ec/0x590 [ 168.712192][ T8622] create_pipe_files+0x8c/0x9a0 [ 168.712225][ T8622] do_pipe2+0xaf/0x1c0 [ 168.712253][ T8622] ? __pfx_do_pipe2+0x10/0x10 [ 168.712280][ T8622] ? xfd_validate_state+0x61/0x180 [ 168.712309][ T8622] ? __pfx_ksys_write+0x10/0x10 [ 168.712343][ T8622] __x64_sys_pipe+0x33/0x50 [ 168.712371][ T8622] do_syscall_64+0xcd/0x490 [ 168.712404][ T8622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.712428][ T8622] RIP: 0033:0x7f0abdf8e9a9 [ 168.712449][ T8622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.712484][ T8622] RSP: 002b:00007f0abee63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 168.712509][ T8622] RAX: ffffffffffffffda RBX: 00007f0abe1b5fa0 RCX: 00007f0abdf8e9a9 [ 168.712526][ T8622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080 [ 168.712542][ T8622] RBP: 00007f0abe010d69 R08: 0000000000000000 R09: 0000000000000000 [ 168.712557][ T8622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.712571][ T8622] R13: 0000000000000000 R14: 00007f0abe1b5fa0 R15: 00007ffc8dd87e38 [ 168.712605][ T8622] [ 170.322809][ T8697] sg_read: process 656 (syz.1.1214) changed security contexts after opening file descriptor, this is not allowed. [ 171.388994][ T8749] openvswitch: netlink: Duplicate key (type 15). [ 171.572583][ T8757] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 171.689243][ T8762] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 172.442511][ T8791] FAULT_INJECTION: forcing a failure. [ 172.442511][ T8791] name failslab, interval 1, probability 0, space 0, times 0 [ 172.462936][ T8791] CPU: 1 UID: 0 PID: 8791 Comm: syz.3.1256 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 172.462973][ T8791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 172.462988][ T8791] Call Trace: [ 172.462996][ T8791] [ 172.463005][ T8791] dump_stack_lvl+0x16c/0x1f0 [ 172.463044][ T8791] should_fail_ex+0x512/0x640 [ 172.463075][ T8791] ? __kvmalloc_node_noprof+0x124/0x620 [ 172.463106][ T8791] should_failslab+0xc2/0x120 [ 172.463135][ T8791] __kvmalloc_node_noprof+0x137/0x620 [ 172.463163][ T8791] ? io_alloc_cache_init+0x33/0x170 [ 172.463211][ T8791] ? io_alloc_cache_init+0x33/0x170 [ 172.463241][ T8791] io_alloc_cache_init+0x33/0x170 [ 172.463276][ T8791] io_uring_setup+0x5e1/0x2080 [ 172.463308][ T8791] ? __pfx_io_uring_setup+0x10/0x10 [ 172.463333][ T8791] ? do_futex+0x122/0x350 [ 172.463366][ T8791] ? __pfx_do_futex+0x10/0x10 [ 172.463419][ T8791] ? xfd_validate_state+0x61/0x180 [ 172.463450][ T8791] ? __pfx_ksys_write+0x10/0x10 [ 172.463483][ T8791] __x64_sys_io_uring_setup+0xc2/0x170 [ 172.463513][ T8791] do_syscall_64+0xcd/0x490 [ 172.463547][ T8791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.463572][ T8791] RIP: 0033:0x7faf6998e9a9 [ 172.463592][ T8791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.463614][ T8791] RSP: 002b:00007faf6a8c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 172.463638][ T8791] RAX: ffffffffffffffda RBX: 00007faf69bb5fa0 RCX: 00007faf6998e9a9 [ 172.463655][ T8791] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 172.463670][ T8791] RBP: 00007faf69a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 172.463684][ T8791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.463698][ T8791] R13: 0000000000000000 R14: 00007faf69bb5fa0 R15: 00007ffc867aa7c8 [ 172.463730][ T8791] [ 172.701767][ T8793] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 172.873844][ T8795] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 173.395704][ T8816] FAULT_INJECTION: forcing a failure. [ 173.395704][ T8816] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 173.432695][ T8816] CPU: 0 UID: 0 PID: 8816 Comm: syz.2.1268 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 173.432733][ T8816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.432747][ T8816] Call Trace: [ 173.432755][ T8816] [ 173.432765][ T8816] dump_stack_lvl+0x16c/0x1f0 [ 173.432803][ T8816] should_fail_ex+0x512/0x640 [ 173.432840][ T8816] should_fail_alloc_page+0xe7/0x130 [ 173.432875][ T8816] prepare_alloc_pages+0x3c2/0x610 [ 173.432916][ T8816] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 173.432948][ T8816] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 173.432978][ T8816] ? stack_depot_save_flags+0x3e0/0xa40 [ 173.433019][ T8816] ? kasan_save_stack+0x42/0x60 [ 173.433046][ T8816] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 173.433073][ T8816] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 173.433110][ T8816] ? __get_vm_area_node+0x1ca/0x330 [ 173.433146][ T8816] ? __bpf_map_area_alloc+0x12e/0x200 [ 173.433173][ T8816] ? htab_map_alloc+0x44b/0x1570 [ 173.433194][ T8816] ? map_create+0x58f/0x1db0 [ 173.433228][ T8816] ? __sys_bpf+0x4d8d/0x4ea0 [ 173.433249][ T8816] ? __x64_sys_bpf+0x78/0xc0 [ 173.433272][ T8816] ? do_syscall_64+0xcd/0x490 [ 173.433302][ T8816] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.433340][ T8816] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 173.433380][ T8816] ? policy_nodemask+0xea/0x4e0 [ 173.433414][ T8816] alloc_pages_mpol+0x1fb/0x550 [ 173.433447][ T8816] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 173.433487][ T8816] alloc_pages_noprof+0x131/0x390 [ 173.433520][ T8816] get_free_pages_noprof+0x10/0xb0 [ 173.433552][ T8816] kasan_populate_vmalloc+0x89/0x1f0 [ 173.433585][ T8816] alloc_vmap_area+0x959/0x29c0 [ 173.433634][ T8816] ? __pfx_alloc_vmap_area+0x10/0x10 [ 173.433678][ T8816] __get_vm_area_node+0x1ca/0x330 [ 173.433720][ T8816] __vmalloc_node_range_noprof+0x271/0x14b0 [ 173.433759][ T8816] ? htab_map_alloc+0x44b/0x1570 [ 173.433780][ T8816] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 173.433818][ T8816] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 173.433855][ T8816] ? htab_map_alloc+0x44b/0x1570 [ 173.433880][ T8816] ? mark_held_locks+0x49/0x80 [ 173.433919][ T8816] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 173.433958][ T8816] ? pcpu_alloc_noprof+0x1f5/0x1470 [ 173.433994][ T8816] ? htab_map_alloc+0x44b/0x1570 [ 173.434015][ T8816] __bpf_map_area_alloc+0x12e/0x200 [ 173.434042][ T8816] ? htab_map_alloc+0x44b/0x1570 [ 173.434070][ T8816] htab_map_alloc+0x44b/0x1570 [ 173.434104][ T8816] ? security_capable+0x7e/0x260 [ 173.434139][ T8816] ? ns_capable+0xd7/0x110 [ 173.434173][ T8816] map_create+0x58f/0x1db0 [ 173.434222][ T8816] ? __pfx_map_create+0x10/0x10 [ 173.434256][ T8816] ? __might_fault+0xe3/0x190 [ 173.434281][ T8816] ? __might_fault+0xe3/0x190 [ 173.434306][ T8816] ? __might_fault+0x13b/0x190 [ 173.434344][ T8816] __sys_bpf+0x4d8d/0x4ea0 [ 173.434367][ T8816] ? __pfx_futex_wake+0x10/0x10 [ 173.434406][ T8816] ? __pfx___sys_bpf+0x10/0x10 [ 173.434431][ T8816] ? ksys_write+0x190/0x250 [ 173.434464][ T8816] ? do_futex+0x122/0x350 [ 173.434497][ T8816] ? __pfx_do_futex+0x10/0x10 [ 173.434543][ T8816] ? fput+0x70/0xf0 [ 173.434574][ T8816] ? xfd_validate_state+0x61/0x180 [ 173.434606][ T8816] ? __pfx_ksys_write+0x10/0x10 [ 173.434638][ T8816] __x64_sys_bpf+0x78/0xc0 [ 173.434662][ T8816] ? lockdep_hardirqs_on+0x7c/0x110 [ 173.434697][ T8816] do_syscall_64+0xcd/0x490 [ 173.434731][ T8816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.434754][ T8816] RIP: 0033:0x7feefc78e9a9 [ 173.434774][ T8816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.434799][ T8816] RSP: 002b:00007feefd61c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 173.434823][ T8816] RAX: ffffffffffffffda RBX: 00007feefc9b5fa0 RCX: 00007feefc78e9a9 [ 173.434840][ T8816] RDX: 0000000000000098 RSI: 0000200000000100 RDI: 0000000000000000 [ 173.434855][ T8816] RBP: 00007feefc810d69 R08: 0000000000000000 R09: 0000000000000000 [ 173.434869][ T8816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.434883][ T8816] R13: 0000000000000000 R14: 00007feefc9b5fa0 R15: 00007ffded4b3798 [ 173.434914][ T8816] [ 174.094033][ T8833] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 174.788621][ T8862] netlink: 'syz.2.1289': attribute type 1 has an invalid length. [ 174.836272][ T8867] netlink: zone id is out of range [ 174.854881][ T8867] netlink: zone id is out of range [ 174.870431][ T8867] netlink: zone id is out of range [ 174.884581][ T8867] netlink: zone id is out of range [ 174.903578][ T8867] netlink: zone id is out of range [ 174.913685][ T8867] netlink: zone id is out of range [ 174.923791][ T8867] netlink: zone id is out of range [ 174.955056][ T8867] netlink: zone id is out of range [ 177.302257][ T8986] net_ratelimit: 8 callbacks suppressed [ 177.302277][ T8986] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 177.428351][ T8990] openvswitch: netlink: Message has 8 unknown bytes. [ 177.854161][ T9009] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 178.066913][ T9016] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 178.472782][ T9032] hub 1-0:1.0: USB hub found [ 178.483295][ T9032] hub 1-0:1.0: 1 port detected [ 178.762557][ T9046] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 178.944236][ T9047] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 179.856547][ T9088] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 180.159988][ T9091] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 180.710999][ T9123] netlink: 'syz.0.1409': attribute type 1 has an invalid length. [ 181.985006][ T9177] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 182.130989][ T9184] FAULT_INJECTION: forcing a failure. [ 182.130989][ T9184] name failslab, interval 1, probability 0, space 0, times 0 [ 182.155035][ T9184] CPU: 1 UID: 0 PID: 9184 Comm: syz.2.1436 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 182.155073][ T9184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 182.155091][ T9184] Call Trace: [ 182.155100][ T9184] [ 182.155114][ T9184] dump_stack_lvl+0x16c/0x1f0 [ 182.155152][ T9184] should_fail_ex+0x512/0x640 [ 182.155186][ T9184] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 182.155214][ T9184] should_failslab+0xc2/0x120 [ 182.155246][ T9184] __kmalloc_cache_noprof+0x6a/0x3e0 [ 182.155272][ T9184] ? percpu_ref_init+0xec/0x410 [ 182.155302][ T9184] ? __pfx_io_ring_ctx_ref_free+0x10/0x10 [ 182.155335][ T9184] percpu_ref_init+0xec/0x410 [ 182.155366][ T9184] io_uring_setup+0x453/0x2080 [ 182.155397][ T9184] ? __pfx_io_uring_setup+0x10/0x10 [ 182.155423][ T9184] ? do_futex+0x122/0x350 [ 182.155482][ T9184] ? __pfx_do_futex+0x10/0x10 [ 182.155535][ T9184] ? xfd_validate_state+0x61/0x180 [ 182.155568][ T9184] ? __pfx_ksys_write+0x10/0x10 [ 182.155602][ T9184] __x64_sys_io_uring_setup+0xc2/0x170 [ 182.155631][ T9184] do_syscall_64+0xcd/0x490 [ 182.155666][ T9184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.155691][ T9184] RIP: 0033:0x7feefc78e9a9 [ 182.155712][ T9184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.155735][ T9184] RSP: 002b:00007feefd61c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 182.155757][ T9184] RAX: ffffffffffffffda RBX: 00007feefc9b5fa0 RCX: 00007feefc78e9a9 [ 182.155774][ T9184] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 182.155789][ T9184] RBP: 00007feefc810d69 R08: 0000000000000000 R09: 0000000000000000 [ 182.155803][ T9184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.155818][ T9184] R13: 0000000000000000 R14: 00007feefc9b5fa0 R15: 00007ffded4b3798 [ 182.155852][ T9184] [ 183.148860][ T9221] FAULT_INJECTION: forcing a failure. [ 183.148860][ T9221] name failslab, interval 1, probability 0, space 0, times 0 [ 183.174791][ T9221] CPU: 1 UID: 0 PID: 9221 Comm: syz.1.1450 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 183.174829][ T9221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 183.174842][ T9221] Call Trace: [ 183.174850][ T9221] [ 183.174860][ T9221] dump_stack_lvl+0x16c/0x1f0 [ 183.174897][ T9221] should_fail_ex+0x512/0x640 [ 183.174930][ T9221] ? __kvmalloc_node_noprof+0x124/0x620 [ 183.174961][ T9221] should_failslab+0xc2/0x120 [ 183.174991][ T9221] __kvmalloc_node_noprof+0x137/0x620 [ 183.175019][ T9221] ? io_alloc_cache_init+0x33/0x170 [ 183.175056][ T9221] ? io_alloc_cache_init+0x33/0x170 [ 183.175085][ T9221] io_alloc_cache_init+0x33/0x170 [ 183.175119][ T9221] io_uring_setup+0x5ff/0x2080 [ 183.175151][ T9221] ? __pfx_io_uring_setup+0x10/0x10 [ 183.175177][ T9221] ? do_futex+0x122/0x350 [ 183.175210][ T9221] ? __pfx_do_futex+0x10/0x10 [ 183.175262][ T9221] ? xfd_validate_state+0x61/0x180 [ 183.175296][ T9221] ? __pfx_ksys_write+0x10/0x10 [ 183.175329][ T9221] __x64_sys_io_uring_setup+0xc2/0x170 [ 183.175359][ T9221] do_syscall_64+0xcd/0x490 [ 183.175416][ T9221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.175442][ T9221] RIP: 0033:0x7f104958e9a9 [ 183.175462][ T9221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.175485][ T9221] RSP: 002b:00007f104a321038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 183.175508][ T9221] RAX: ffffffffffffffda RBX: 00007f10497b5fa0 RCX: 00007f104958e9a9 [ 183.175522][ T9221] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 183.175537][ T9221] RBP: 00007f1049610d69 R08: 0000000000000000 R09: 0000000000000000 [ 183.175551][ T9221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.175565][ T9221] R13: 0000000000000000 R14: 00007f10497b5fa0 R15: 00007ffd60b167b8 [ 183.175596][ T9221] [ 183.561090][ T9227] hub 1-0:1.0: USB hub found [ 183.622207][ T9227] hub 1-0:1.0: 1 port detected [ 183.872316][ T9246] binder: 9245:9246 ioctl 400c620e 0 returned -14 [ 183.937806][ T9249] openvswitch: netlink: Message has 20 unknown bytes. [ 184.061398][ T9253] : entered promiscuous mode [ 184.356161][ T9265] hub 1-0:1.0: USB hub found [ 184.361282][ T9265] hub 1-0:1.0: 1 port detected [ 184.462890][ T9267] vhci_hcd: invalid port number 21 [ 185.149886][ T9292] program syz.1.1484 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.069774][ T9322] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1497'. [ 187.601451][ T9381] IPVS: length: 131 != 8 [ 188.459827][ T9405] : entered promiscuous mode [ 189.132376][ T9437] phram: not enough arguments [ 189.396966][ T9446] openvswitch: netlink: Multiple metadata blocks provided [ 189.423344][ T9444] svc: failed to register nfsdv3 RPC service (errno 111). [ 189.444621][ T9444] svc: failed to register nfsaclv3 RPC service (errno 111). [ 190.008068][ T9465] nbd: must specify at least one socket [ 190.240136][ T9475] program syz.2.1567 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 190.583597][ T9487] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 190.708017][ T9493] FAULT_INJECTION: forcing a failure. [ 190.708017][ T9493] name failslab, interval 1, probability 0, space 0, times 0 [ 190.732138][ T9493] CPU: 0 UID: 0 PID: 9493 Comm: syz.1.1575 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 190.732173][ T9493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 190.732189][ T9493] Call Trace: [ 190.732198][ T9493] [ 190.732209][ T9493] dump_stack_lvl+0x16c/0x1f0 [ 190.732245][ T9493] should_fail_ex+0x512/0x640 [ 190.732276][ T9493] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 190.732309][ T9493] should_failslab+0xc2/0x120 [ 190.732342][ T9493] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 190.732372][ T9493] ? __d_alloc+0x32/0xae0 [ 190.732403][ T9493] __d_alloc+0x32/0xae0 [ 190.732435][ T9493] d_alloc_pseudo+0x1c/0xc0 [ 190.732470][ T9493] alloc_file_pseudo+0xcf/0x230 [ 190.732504][ T9493] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 190.732539][ T9493] ? alloc_fd+0x471/0x7d0 [ 190.732570][ T9493] sock_alloc_file+0x50/0x210 [ 190.732607][ T9493] __sys_socket+0x1c0/0x260 [ 190.732630][ T9493] ? fput+0x70/0xf0 [ 190.732659][ T9493] ? __pfx___sys_socket+0x10/0x10 [ 190.732684][ T9493] ? xfd_validate_state+0x61/0x180 [ 190.732716][ T9493] ? __pfx_ksys_write+0x10/0x10 [ 190.732750][ T9493] __x64_sys_socket+0x72/0xb0 [ 190.732775][ T9493] ? lockdep_hardirqs_on+0x7c/0x110 [ 190.732805][ T9493] do_syscall_64+0xcd/0x490 [ 190.732839][ T9493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.732863][ T9493] RIP: 0033:0x7f104958e9a9 [ 190.732884][ T9493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.732908][ T9493] RSP: 002b:00007f104a321038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 190.732933][ T9493] RAX: ffffffffffffffda RBX: 00007f10497b5fa0 RCX: 00007f104958e9a9 [ 190.732949][ T9493] RDX: 0000000000000000 RSI: 0000000000080003 RDI: 0000000000000011 [ 190.732964][ T9493] RBP: 00007f1049610d69 R08: 0000000000000000 R09: 0000000000000000 [ 190.732979][ T9493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.732993][ T9493] R13: 0000000000000000 R14: 00007f10497b5fa0 R15: 00007ffd60b167b8 [ 190.733026][ T9493] [ 192.054628][ T9545] FAULT_INJECTION: forcing a failure. [ 192.054628][ T9545] name failslab, interval 1, probability 0, space 0, times 0 [ 192.094838][ T9545] CPU: 1 UID: 0 PID: 9545 Comm: syz.3.1599 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 192.094876][ T9545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 192.094892][ T9545] Call Trace: [ 192.094900][ T9545] [ 192.094910][ T9545] dump_stack_lvl+0x16c/0x1f0 [ 192.094948][ T9545] should_fail_ex+0x512/0x640 [ 192.094980][ T9545] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 192.095017][ T9545] should_failslab+0xc2/0x120 [ 192.095049][ T9545] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 192.095077][ T9545] ? d_instantiate+0x77/0x90 [ 192.095103][ T9545] ? alloc_empty_file+0x55/0x1e0 [ 192.095142][ T9545] alloc_empty_file+0x55/0x1e0 [ 192.095174][ T9545] alloc_file_pseudo+0x13a/0x230 [ 192.095210][ T9545] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 192.095244][ T9545] ? do_raw_spin_unlock+0x172/0x230 [ 192.095271][ T9545] __anon_inode_getfile+0xe8/0x280 [ 192.095303][ T9545] anon_inode_getfile_fmode+0x37/0xa0 [ 192.095332][ T9545] __do_sys_fanotify_init+0x96d/0xc00 [ 192.095372][ T9545] do_syscall_64+0xcd/0x490 [ 192.095407][ T9545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.095429][ T9545] RIP: 0033:0x7faf6998e9a9 [ 192.095449][ T9545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.095472][ T9545] RSP: 002b:00007faf6a8c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 192.095497][ T9545] RAX: ffffffffffffffda RBX: 00007faf69bb5fa0 RCX: 00007faf6998e9a9 [ 192.095514][ T9545] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 192.095529][ T9545] RBP: 00007faf69a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 192.095544][ T9545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 192.095559][ T9545] R13: 0000000000000000 R14: 00007faf69bb5fa0 R15: 00007ffc867aa7c8 [ 192.095593][ T9545] [ 192.312273][ T9550] netlink: 'syz.0.1601': attribute type 1 has an invalid length. [ 192.969562][ T9582] syz.2.1617 uses obsolete (PF_INET,SOCK_PACKET) [ 193.537997][ T9611] openvswitch: netlink: Key type 261 is out of range max 32 [ 193.681504][ T9615] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 193.727749][ T9620] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 194.239106][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.247734][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.500198][ T9656] svc: failed to register nfsdv3 RPC service (errno 111). [ 194.509964][ T9656] svc: failed to register nfsaclv3 RPC service (errno 111).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                [ 397.811640][T16540] netlink: 'syz.0.4636': attribute type 1 has an invalid length. syzkaller syzkaller login: [ 398.690115][T16568] ovs_: entered promiscuous mode [ 399.413131][T16589] erspan0: entered allmulticast mode [ 400.307901][T16620] ovs_: entered promiscuous mode [ 401.925512][T16679] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input35 [ 407.770926][T16731] __vm_enough_memory: pid: 16731, comm: syz.3.4713, bytes: 4398046511104 not enough memory for the allocation [ 408.320271][T16759] overlayfs: missing 'lowerdir' [ 408.497548][T16766] Console: switching to colour VGA+ 80x25 [ 409.754245][T16827] FAULT_INJECTION: forcing a failure. [ 409.754245][T16827] name failslab, interval 1, probability 0, space 0, times 0 [ 409.767871][T16827] CPU: 0 UID: 0 PID: 16827 Comm: syz.1.4758 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 409.767908][T16827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 409.767924][T16827] Call Trace: [ 409.767933][T16827] [ 409.767944][T16827] dump_stack_lvl+0x16c/0x1f0 [ 409.767982][T16827] should_fail_ex+0x512/0x640 [ 409.768014][T16827] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 409.768048][T16827] should_failslab+0xc2/0x120 [ 409.768080][T16827] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 409.768110][T16827] ? __pmd_alloc+0xbf/0x930 [ 409.768150][T16827] __pmd_alloc+0xbf/0x930 [ 409.768189][T16827] __handle_mm_fault+0xaac/0x5490 [ 409.768223][T16827] ? __pfx___handle_mm_fault+0x10/0x10 [ 409.768280][T16827] handle_mm_fault+0x589/0xd10 [ 409.768310][T16827] __get_user_pages+0x589/0x3b80 [ 409.768351][T16827] ? __pfx_mt_find+0x10/0x10 [ 409.768387][T16827] ? __pfx___get_user_pages+0x10/0x10 [ 409.768433][T16827] populate_vma_page_range+0x278/0x3a0 [ 409.768473][T16827] ? __pfx_populate_vma_page_range+0x10/0x10 [ 409.768510][T16827] ? __pfx_find_vma_intersection+0x10/0x10 [ 409.768546][T16827] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 409.768580][T16827] __mm_populate+0x1d8/0x380 [ 409.768628][T16827] ? __pfx___mm_populate+0x10/0x10 [ 409.768669][T16827] ? up_write+0x1b2/0x520 [ 409.768697][T16827] do_mlock+0x448/0x810 [ 409.768730][T16827] ? __pfx_do_mlock+0x10/0x10 [ 409.768757][T16827] ? __x64_sys_futex+0x1e0/0x4c0 [ 409.768787][T16827] ? __x64_sys_futex+0x1e9/0x4c0 [ 409.768820][T16827] ? fput+0x70/0xf0 [ 409.768850][T16827] ? __pfx___x64_sys_futex+0x10/0x10 [ 409.768881][T16827] ? ksys_write+0x1ac/0x250 [ 409.768906][T16827] ? __pfx_ksys_write+0x10/0x10 [ 409.768939][T16827] __x64_sys_mlock2+0xbd/0x100 [ 409.768969][T16827] do_syscall_64+0xcd/0x490 [ 409.769005][T16827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.769030][T16827] RIP: 0033:0x7f104958e9a9 [ 409.769050][T16827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 409.769074][T16827] RSP: 002b:00007f104a321038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145 [ 409.769098][T16827] RAX: ffffffffffffffda RBX: 00007f10497b5fa0 RCX: 00007f104958e9a9 [ 409.769116][T16827] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000006 [ 409.769131][T16827] RBP: 00007f1049610d69 R08: 0000000000000000 R09: 0000000000000000 [ 409.769144][T16827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 409.769157][T16827] R13: 0000000000000000 R14: 00007f10497b5fa0 R15: 00007ffd60b167b8 [ 409.769186][T16827] [ 411.648109][T16883] could not allocate digest TFM handle [ 411.877322][T16906] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4791'. [ 413.297372][T16964] mtrr: base(0x7961000) is not aligned on a size(0x0000) boundary [ 413.645334][T16980] sctp: [Deprecated]: syz.2.4824 (pid 16980) Use of struct sctp_assoc_value in delayed_ack socket option. [ 413.645334][T16980] Use struct sctp_sack_info instead [ 413.772063][T16977] syz.1.4820 (16977) used greatest stack depth: 20072 bytes left [ 413.990429][T16985] zswap: compressor not available [ 414.033031][T16997] device-mapper: ioctl: Unable to rename non-existent device,  to [ 414.832165][T17023] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967282 out of range (51000000..2150000000) [ 416.199732][T17070] FAULT_INJECTION: forcing a failure. [ 416.199732][T17070] name failslab, interval 1, probability 0, space 0, times 0 [ 416.251069][T17070] CPU: 0 UID: 0 PID: 17070 Comm: syz.1.4860 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 416.251108][T17070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 416.251124][T17070] Call Trace: [ 416.251132][T17070] [ 416.251143][T17070] dump_stack_lvl+0x16c/0x1f0 [ 416.251182][T17070] should_fail_ex+0x512/0x640 [ 416.251214][T17070] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 416.251242][T17070] should_failslab+0xc2/0x120 [ 416.251273][T17070] __kmalloc_cache_noprof+0x6a/0x3e0 [ 416.251298][T17070] ? alloc_super+0x52/0xbd0 [ 416.251328][T17070] alloc_super+0x52/0xbd0 [ 416.251350][T17070] ? sget_fc+0xd3/0xc20 [ 416.251390][T17070] sget_fc+0x116/0xc20 [ 416.251417][T17070] ? __pfx_set_anon_super_fc+0x10/0x10 [ 416.251458][T17070] ? __pfx_mqueue_fill_super+0x10/0x10 [ 416.251490][T17070] get_tree_nodev+0x28/0x190 [ 416.251519][T17070] mqueue_get_tree+0xf1/0x130 [ 416.251550][T17070] vfs_get_tree+0x8b/0x340 [ 416.251586][T17070] fc_mount_longterm+0x18/0x160 [ 416.251622][T17070] mq_init_ns+0x426/0x620 [ 416.251660][T17070] copy_ipcs+0x383/0x610 [ 416.251692][T17070] ? copy_utsname+0xab/0x470 [ 416.251730][T17070] create_new_namespaces+0x20a/0xa90 [ 416.251756][T17070] ? security_capable+0x7e/0x260 [ 416.251792][T17070] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 416.251819][T17070] ksys_unshare+0x45b/0xa40 [ 416.251853][T17070] ? __pfx_ksys_unshare+0x10/0x10 [ 416.251886][T17070] ? xfd_validate_state+0x61/0x180 [ 416.251925][T17070] __x64_sys_unshare+0x31/0x40 [ 416.251956][T17070] do_syscall_64+0xcd/0x490 [ 416.251989][T17070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.252012][T17070] RIP: 0033:0x7f104958e9a9 [ 416.252033][T17070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 416.252058][T17070] RSP: 002b:00007f104a321038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 416.252080][T17070] RAX: ffffffffffffffda RBX: 00007f10497b5fa0 RCX: 00007f104958e9a9 [ 416.252096][T17070] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 416.252109][T17070] RBP: 00007f1049610d69 R08: 0000000000000000 R09: 0000000000000000 [ 416.252124][T17070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 416.252138][T17070] R13: 0000000000000000 R14: 00007f10497b5fa0 R15: 00007ffd60b167b8 [ 416.252168][T17070] [ 417.452738][T17109] nbd: socks must be embedded in a SOCK_ITEM attr [ 417.470824][T17113] bridge0: port 4(ipvlan1) entered blocking state [ 417.477650][T17113] bridge0: port 4(ipvlan1) entered disabled state [ 417.484284][T17113] ipvlan1: entered allmulticast mode [ 417.490249][T17113] veth0_vlan: entered allmulticast mode [ 417.501903][T17113] ipvlan1: left allmulticast mode [ 417.512183][T17113] veth0_vlan: left allmulticast mode [ 417.989974][T17125] zswap: compressor not available [ 420.329682][T17150] kexec: Could not allocate control_code_buffer [ 420.528463][ T5919] Process accounting resumed [ 420.948511][T17220] zswap: compressor not available [ 421.579284][T17247] FAULT_INJECTION: forcing a failure. [ 421.579284][T17247] name failslab, interval 1, probability 0, space 0, times 0 [ 421.654929][T17247] CPU: 1 UID: 0 PID: 17247 Comm: syz.3.4938 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 421.654968][T17247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 421.654992][T17247] Call Trace: [ 421.655001][T17247] [ 421.655011][T17247] dump_stack_lvl+0x16c/0x1f0 [ 421.655049][T17247] should_fail_ex+0x512/0x640 [ 421.655081][T17247] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 421.655114][T17247] should_failslab+0xc2/0x120 [ 421.655147][T17247] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 421.655174][T17247] ? d_instantiate+0x77/0x90 [ 421.655201][T17247] ? alloc_empty_file+0x55/0x1e0 [ 421.655240][T17247] alloc_empty_file+0x55/0x1e0 [ 421.655275][T17247] alloc_file_pseudo+0x13a/0x230 [ 421.655311][T17247] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 421.655348][T17247] ? _raw_spin_unlock+0x28/0x50 [ 421.655375][T17247] ? alloc_fd+0x471/0x7d0 [ 421.655402][T17247] __anon_inode_getfile+0xe8/0x280 [ 421.655430][T17247] ? __init_waitqueue_head+0xca/0x150 [ 421.655460][T17247] do_epoll_create+0x324/0x480 [ 421.655485][T17247] __x64_sys_epoll_create+0x45/0x70 [ 421.655511][T17247] do_syscall_64+0xcd/0x490 [ 421.655546][T17247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.655572][T17247] RIP: 0033:0x7faf6998e9a9 [ 421.655593][T17247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.655617][T17247] RSP: 002b:00007faf6a8c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 421.655642][T17247] RAX: ffffffffffffffda RBX: 00007faf69bb5fa0 RCX: 00007faf6998e9a9 [ 421.655660][T17247] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 421.655674][T17247] RBP: 00007faf69a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 421.655689][T17247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.655704][T17247] R13: 0000000000000000 R14: 00007faf69bb5fa0 R15: 00007ffc867aa7c8 [ 421.655736][T17247] [ 423.111511][T17280] sctp: [Deprecated]: syz.3.4953 (pid 17280) Use of struct sctp_assoc_value in delayed_ack socket option. [ 423.111511][T17280] Use struct sctp_sack_info instead [ 423.507510][T17298] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input36 [ 425.049371][T17349] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input37 [ 426.163346][ T30] audit: type=1800 audit(1843104545.760:18): pid=17389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=08 name="lu_gp_id" dev="configfs" ino=44993 res=0 errno=0 [ 427.295850][T17439] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5024'. [ 431.008580][T17603] FAULT_INJECTION: forcing a failure. [ 431.008580][T17603] name fail_futex, interval 1, probability 0, space 0, times 0 [ 431.021634][T17603] CPU: 0 UID: 0 PID: 17603 Comm: syz.1.5095 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 431.021670][T17603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 431.021686][T17603] Call Trace: [ 431.021693][T17603] [ 431.021703][T17603] dump_stack_lvl+0x16c/0x1f0 [ 431.021744][T17603] should_fail_ex+0x512/0x640 [ 431.021782][T17603] should_fail_futex+0x4c/0x60 [ 431.021814][T17603] futex_lock_pi_atomic+0x101/0xdb0 [ 431.021857][T17603] futex_lock_pi+0x23d/0x740 [ 431.021899][T17603] ? __pfx_futex_lock_pi+0x10/0x10 [ 431.021933][T17603] ? __futex_wait+0x24c/0x2f0 [ 431.021997][T17603] ? __futex_hash.constprop.0+0x1e9/0x440 [ 431.022034][T17603] ? __pfx_futex_wake_mark+0x10/0x10 [ 431.022084][T17603] ? ksys_write+0x190/0x250 [ 431.022117][T17603] do_futex+0x11a/0x350 [ 431.022159][T17603] ? __pfx_do_futex+0x10/0x10 [ 431.022202][T17603] __x64_sys_futex+0x1e0/0x4c0 [ 431.022238][T17603] ? fput+0x70/0xf0 [ 431.022268][T17603] ? __pfx___x64_sys_futex+0x10/0x10 [ 431.022300][T17603] ? xfd_validate_state+0x61/0x180 [ 431.022333][T17603] ? __pfx_ksys_write+0x10/0x10 [ 431.022370][T17603] do_syscall_64+0xcd/0x490 [ 431.022402][T17603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.022429][T17603] RIP: 0033:0x7f104958e9a9 [ 431.022449][T17603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.022472][T17603] RSP: 002b:00007f104a321038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 431.022497][T17603] RAX: ffffffffffffffda RBX: 00007f10497b5fa0 RCX: 00007f104958e9a9 [ 431.022514][T17603] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 431.022529][T17603] RBP: 00007f1049610d69 R08: 0000000000000000 R09: 000000008000fff2 [ 431.022545][T17603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.022560][T17603] R13: 0000000000000000 R14: 00007f10497b5fa0 R15: 00007ffd60b167b8 [ 431.022593][T17603] [ 436.749809][T17820] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5192'. [ 437.694534][T17841] could not allocate digest TFM handle [ 437.725740][T17858] nbd: socks must be embedded in a SOCK_ITEM attr [ 437.785497][T17861] TCP: TCP_TX_DELAY enabled [ 438.501509][T17890] nbd: socks must be embedded in a SOCK_ITEM attr [ 438.875119][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 440.001424][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.007845][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.136777][T17937] sctp: [Deprecated]: syz.3.5238 (pid 17937) Use of struct sctp_assoc_value in delayed_ack socket option. [ 440.136777][T17937] Use struct sctp_sack_info instead [ 440.338395][T17946] mtrr: base(0x7961000) is not aligned on a size(0x0000) boundary [ 442.822776][T18032] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5272'. [ 442.850883][T18034] netlink: 350 bytes leftover after parsing attributes in process `syz.1.5274'. [ 442.902290][T18036] snd_virmidi snd_virmidi.0: control 61678:131081:3:y>o[k<:32769 is already present [ 446.739401][T18120] kexec: Could not allocate control_code_buffer [ 448.775975][T18239] FAULT_INJECTION: forcing a failure. [ 448.775975][T18239] name failslab, interval 1, probability 0, space 0, times 0 [ 448.815748][T18239] CPU: 0 UID: 0 PID: 18239 Comm: syz.1.5365 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 448.815788][T18239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 448.815805][T18239] Call Trace: [ 448.815814][T18239] [ 448.815824][T18239] dump_stack_lvl+0x16c/0x1f0 [ 448.815862][T18239] should_fail_ex+0x512/0x640 [ 448.815894][T18239] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 448.815926][T18239] should_failslab+0xc2/0x120 [ 448.815959][T18239] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 448.815989][T18239] ? security_file_alloc+0x34/0x2b0 [ 448.816020][T18239] security_file_alloc+0x34/0x2b0 [ 448.816045][T18239] init_file+0x93/0x4c0 [ 448.816085][T18239] alloc_empty_file+0x73/0x1e0 [ 448.816121][T18239] alloc_file_pseudo+0x13a/0x230 [ 448.816159][T18239] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 448.816196][T18239] ? _raw_spin_unlock+0x28/0x50 [ 448.816224][T18239] ? alloc_fd+0x471/0x7d0 [ 448.816250][T18239] __anon_inode_getfile+0xe8/0x280 [ 448.816278][T18239] ? __init_waitqueue_head+0xca/0x150 [ 448.816309][T18239] do_epoll_create+0x324/0x480 [ 448.816334][T18239] __x64_sys_epoll_create+0x45/0x70 [ 448.816360][T18239] do_syscall_64+0xcd/0x490 [ 448.816395][T18239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.816420][T18239] RIP: 0033:0x7f104958e9a9 [ 448.816442][T18239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.816466][T18239] RSP: 002b:00007f104a321038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 448.816490][T18239] RAX: ffffffffffffffda RBX: 00007f10497b5fa0 RCX: 00007f104958e9a9 [ 448.816507][T18239] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 448.816522][T18239] RBP: 00007f1049610d69 R08: 0000000000000000 R09: 0000000000000000 [ 448.816537][T18239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.816552][T18239] R13: 0000000000000000 R14: 00007f10497b5fa0 R15: 00007ffd60b167b8 [ 448.816586][T18239] [ 449.797096][T18253] Invalid ELF header magic: != ELF [ 450.319597][ T5936] Process accounting resumed [ 450.763043][T18288] IPVS: length: 256 != 24 [ 451.008502][ T5919] Process accounting resumed [ 451.171198][T18304] FAULT_INJECTION: forcing a failure. [ 451.171198][T18304] name failslab, interval 1, probability 0, space 0, times 0 [ 451.215478][T18304] CPU: 1 UID: 0 PID: 18304 Comm: syz.0.5393 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 451.215517][T18304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 451.215534][T18304] Call Trace: [ 451.215543][T18304] [ 451.215553][T18304] dump_stack_lvl+0x16c/0x1f0 [ 451.215592][T18304] should_fail_ex+0x512/0x640 [ 451.215625][T18304] ? __kmalloc_noprof+0xbf/0x510 [ 451.215656][T18304] ? sk_prot_alloc+0x1a8/0x2a0 [ 451.215675][T18304] should_failslab+0xc2/0x120 [ 451.215707][T18304] __kmalloc_noprof+0xd2/0x510 [ 451.215753][T18304] sk_prot_alloc+0x1a8/0x2a0 [ 451.215780][T18304] sk_alloc+0x36/0xc20 [ 451.215815][T18304] pppoe_create+0x32/0x310 [ 451.215853][T18304] pppox_create+0x159/0x2c0 [ 451.215893][T18304] __sock_create+0x335/0x8d0 [ 451.215926][T18304] __sys_socket+0x14d/0x260 [ 451.215953][T18304] ? __pfx___sys_socket+0x10/0x10 [ 451.215979][T18304] ? xfd_validate_state+0x61/0x180 [ 451.216011][T18304] ? __pfx_ksys_write+0x10/0x10 [ 451.216045][T18304] __x64_sys_socket+0x72/0xb0 [ 451.216070][T18304] ? lockdep_hardirqs_on+0x7c/0x110 [ 451.216101][T18304] do_syscall_64+0xcd/0x490 [ 451.216136][T18304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.216160][T18304] RIP: 0033:0x7f0abdf8e9a9 [ 451.216181][T18304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.216206][T18304] RSP: 002b:00007f0abee63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 451.216230][T18304] RAX: ffffffffffffffda RBX: 00007f0abe1b5fa0 RCX: 00007f0abdf8e9a9 [ 451.216247][T18304] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000018 [ 451.216262][T18304] RBP: 00007f0abe010d69 R08: 0000000000000000 R09: 0000000000000000 [ 451.216277][T18304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 451.216292][T18304] R13: 0000000000000000 R14: 00007f0abe1b5fa0 R15: 00007ffc8dd87e38 [ 451.216326][T18304] [ 451.219471][ T30] audit: type=1800 audit(1843104570.820:19): pid=18307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=08 name="lu_gp_id" dev="configfs" ino=48042 res=0 errno=0 [ 452.584441][T18354] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input38 [ 453.001046][T18369] bridge0: port 4(hsr0) entered blocking state [ 453.020940][T18369] bridge0: port 4(hsr0) entered disabled state [ 453.029021][T18369] hsr0: entered allmulticast mode [ 453.034171][T18369] hsr_slave_0: entered allmulticast mode [ 453.040351][T18369] hsr_slave_1: entered allmulticast mode [ 453.052076][T18369] hsr0: entered promiscuous mode [ 453.086038][T18369] bridge0: port 4(hsr0) entered blocking state [ 453.092390][T18369] bridge0: port 4(hsr0) entered forwarding state [ 457.015826][T18501] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5476'. [ 457.916537][ T5850] ================================================================== [ 457.924657][ T5850] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 [ 457.932581][ T5850] Read of size 140 at addr ffffc9000c4c5000 by task kworker/u9:2/5850 [ 457.940748][ T5850] [ 457.943071][ T5850] CPU: 1 UID: 0 PID: 5850 Comm: kworker/u9:2 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 457.943097][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 457.943110][ T5850] Workqueue: hci0 hci_devcd_timeout [ 457.943135][ T5850] Call Trace: [ 457.943142][ T5850] [ 457.943150][ T5850] dump_stack_lvl+0x116/0x1f0 [ 457.943175][ T5850] print_report+0xcd/0x630 [ 457.943200][ T5850] ? __virt_addr_valid+0x81/0x610 [ 457.943225][ T5850] ? hci_devcd_dump+0x142/0x240 [ 457.943243][ T5850] kasan_report+0xe0/0x110 [ 457.943266][ T5850] ? hci_devcd_dump+0x142/0x240 [ 457.943289][ T5850] kasan_check_range+0x100/0x1b0 [ 457.943316][ T5850] __asan_memcpy+0x23/0x60 [ 457.943334][ T5850] hci_devcd_dump+0x142/0x240 [ 457.943354][ T5850] hci_devcd_timeout+0xb5/0x2e0 [ 457.943375][ T5850] ? rcu_is_watching+0x12/0xc0 [ 457.943397][ T5850] process_one_work+0x9cf/0x1b70 [ 457.943421][ T5850] ? __pfx_process_one_work+0x10/0x10 [ 457.943448][ T5850] ? assign_work+0x1a0/0x250 [ 457.943476][ T5850] worker_thread+0x6c8/0xf10 [ 457.943497][ T5850] ? __kthread_parkme+0x19e/0x250 [ 457.943522][ T5850] ? __pfx_worker_thread+0x10/0x10 [ 457.943539][ T5850] kthread+0x3c2/0x780 [ 457.943567][ T5850] ? __pfx_kthread+0x10/0x10 [ 457.943594][ T5850] ? rcu_is_watching+0x12/0xc0 [ 457.943615][ T5850] ? __pfx_kthread+0x10/0x10 [ 457.943642][ T5850] ret_from_fork+0x5d7/0x6f0 [ 457.943669][ T5850] ? __pfx_kthread+0x10/0x10 [ 457.943696][ T5850] ret_from_fork_asm+0x1a/0x30 [ 457.943724][ T5850] [ 457.943730][ T5850] [ 458.095183][ T5850] The buggy address belongs to a vmalloc virtual mapping [ 458.102218][ T5850] Memory state around the buggy address: [ 458.107845][ T5850] ffffc9000c4c4f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 458.115903][ T5850] ffffc9000c4c4f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 458.123959][ T5850] >ffffc9000c4c5000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 458.132012][ T5850] ^ [ 458.136071][ T5850] ffffc9000c4c5080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 458.144133][ T5850] ffffc9000c4c5100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 458.152185][ T5850] ================================================================== [ 458.161199][ T5850] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 458.168423][ T5850] CPU: 1 UID: 0 PID: 5850 Comm: kworker/u9:2 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 458.180237][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 458.190292][ T5850] Workqueue: hci0 hci_devcd_timeout [ 458.195500][ T5850] Call Trace: [ 458.198774][ T5850] [ 458.201699][ T5850] dump_stack_lvl+0x3d/0x1f0 [ 458.206298][ T5850] panic+0x71c/0x800 [ 458.210203][ T5850] ? __pfx_panic+0x10/0x10 [ 458.214622][ T5850] ? mark_held_locks+0x49/0x80 [ 458.219393][ T5850] ? preempt_schedule_thunk+0x16/0x30 [ 458.224771][ T5850] ? hci_devcd_dump+0x142/0x240 [ 458.229622][ T5850] ? preempt_schedule_common+0x44/0xc0 [ 458.235082][ T5850] ? check_panic_on_warn+0x1f/0xb0 [ 458.240206][ T5850] ? hci_devcd_dump+0x142/0x240 [ 458.245055][ T5850] check_panic_on_warn+0xab/0xb0 [ 458.250002][ T5850] end_report+0x107/0x170 [ 458.254334][ T5850] kasan_report+0xee/0x110 [ 458.258754][ T5850] ? hci_devcd_dump+0x142/0x240 [ 458.263610][ T5850] kasan_check_range+0x100/0x1b0 [ 458.268558][ T5850] __asan_memcpy+0x23/0x60 [ 458.272970][ T5850] hci_devcd_dump+0x142/0x240 [ 458.277650][ T5850] hci_devcd_timeout+0xb5/0x2e0 [ 458.282501][ T5850] ? rcu_is_watching+0x12/0xc0 [ 458.287269][ T5850] process_one_work+0x9cf/0x1b70 [ 458.292214][ T5850] ? __pfx_process_one_work+0x10/0x10 [ 458.297586][ T5850] ? assign_work+0x1a0/0x250 [ 458.302191][ T5850] worker_thread+0x6c8/0xf10 [ 458.306788][ T5850] ? __kthread_parkme+0x19e/0x250 [ 458.311817][ T5850] ? __pfx_worker_thread+0x10/0x10 [ 458.316929][ T5850] kthread+0x3c2/0x780 [ 458.321007][ T5850] ? __pfx_kthread+0x10/0x10 [ 458.325604][ T5850] ? rcu_is_watching+0x12/0xc0 [ 458.330368][ T5850] ? __pfx_kthread+0x10/0x10 [ 458.334967][ T5850] ret_from_fork+0x5d7/0x6f0 [ 458.339563][ T5850] ? __pfx_kthread+0x10/0x10 [ 458.344157][ T5850] ret_from_fork_asm+0x1a/0x30 [ 458.348931][ T5850] [ 458.352186][ T5850] Kernel Offset: disabled [ 458.356513][ T5850] Rebooting in 86400 seconds..