last executing test programs: 1m22.803698165s ago: executing program 1 (id=1206): statmount$auto(0x0, 0x0, 0x1fe, 0xd) ioctl$auto_BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f00000013c0)={@inferred, "3763e45bf736e7a788ff30f1e71ca705d63325182a1e9eaf029ee051ed398ee7279068dfbbb11f7c9ca53bd2f4cea9c6145e94cfd6af686072b200e2dab1695e5ec9486f2f2c8644e38215c3ff22bad25c245d5c3909f1d1a056b45db4936aa3de5c2bf54b963239c0c0a54112011f0b29f22a8464e122cd32e81173250546fe52826ecce72a4f239ceff607292e473ef3d8fbe9b27e460f36bf820dab0fad8d6d2c90e601a4782263a09fff1b8da9b29a3c3e27f596b85685b87689dd75d81a352421c072915e9ca3a17d995886a9c1a4aa47cd7a8243e72c3ca2fe84d9fcfb62969373ba75a4cf4cb12e79aee2bef4493cf9ee2625922ac92a90e303ffe05018abc01dcf02fd5df34d39e8ff5a69f1c5132572dab40a4cdf4682bd5b251e9673e4653fbf519b7f48953d1686e261d1ecb058be6de590f481e59ef2f3d2a080bc6dc76896cd9a778312bb14ff8432dd8434e78dd7d7d6edddcaefdd77187ceff52c68b3219264a72a4e667c6d92619b48b1f6153d0228de03296d77e859a7a212c75ea9b25b599bb1da825054f4ee8d5bcec1c30f836454340c5027c27c32df5b2840882e24e523519ed70dcfe3b3ca2a4229d1da49555ca35d738886d60a5090e3a71b2e28c409c36adb92e0ea293d731ef2563d33c5171d900bb1bb2ccf54bcfb0433f7269b14590cde5d9f33c78e047dcdf5925e20ae8119bfecedac3970b8a22e14bce0e3078c557f3bca8318b7c2dc12fc85866f8f3ba25cf9798262cad2f989f8d285e7618b8092d10ce700f5d7e4dd1fa94b5a1d84b95415c545e68cbd689d5f27265bbb614409f509a1f4e8b9c9fb6535520a70eb459c8696d9f26a41688fdfc3bf7e5eed0ebcd6fa1f1d52231a4492d1c04266450aa054b6fb79892cb190b1c75c7fc5833efc6245921fbc01a79634591abccb4eb2bd5c01be534c56a43df0ef95c848d749cf4f497d4f8e03b985799220f6857a06fb8ba039879227553775670d83161c499e858aa5e23442ba670bfd51f6f7f2d5dd009826e97bc0e1ebda818c566106149835e0036bc32cb8e4b6b13e36d2d3dc1a896c4cc134ba9563cf9a0b80844e2019da7a975ed4adf7c923aa753769bf02de5cb0a29d4edce49c848ee3221331b93cb5802343067519c6047a166c139e2e7e17aa08e3628b6b5898944d1aa7ceb33303f7833930c9b757c384b95025e6f2280cf5eaf20c9379e6cb6833b0fdbe252e9ce000cab77d67db6993ce0b5ea470cb18fc18b59137885903e46c3f8afc8221263618cd65398470fd96575101ab2231ef34e612dc29c9102c02f4913fdd0ac6bde1339cd7813e3114c8c583a512c6274667c56c44bb6c6ca60cf7c720d4e083691d02d5cf431d6b747790ec863f8ac087df3248f5fba164196756eca7d1752532f587b3454982a5fa5ee5e08b6d573b5ab112e2c6eb6d4113da97618770aaeae96d2016eb76e3663e19ef6824e1c2a99fb185e7efb75413f84b6f7efbd39b95be47d9e0106cce3bdab853fa40a43c6bf7e150770002794cbe2a162ac6207d8c1e4a7296e7e05861eaf6b5fc9bc18e9f20b031f4f2d2f7cb13a368c1dd7a652df28f0da1b5e8a6766c51d8c2eba01a1ea81f43cb9cb1075faeef7a2f97de3742d8fffc0d8d7514a7024e3f89c4445198e66c1da58aced6e39724f212b345b4183b9128cecba5252f467f0c657d857a905d96d39ddd40101df4d4472471b4cf9c216585188f5effff3d674e5e0d2a74353965978c0181d4ce32d0f65570c53cec061afeee4a9d92d5bd3424223b5a8ed227f048d40ae986739490262db7d53ca685d800a1e67f71e7d334d01ddc8d6c368b23f4b23d40ae59ce4c9c05846d8048334594b92aa91e601149426670d0b09b2de53055a1f257a9bc660fb401553c724bfb4d13a4b8e72ffefc60e8fda33a06f86a0ba7517d4327fbf677394abcda691ab80f05a1ea9b1a7689dbd181e059c2de952d5b7e99852b045073ebf3a4dcd09ecb634a40b6770bdac45c8ecec65d4eece0e25f98f9cdac3b5068e758777754906aa64d6e42259a68517517f9a56ec10d25833562458cf097792f0923a2b317715e618a1b451c7ab1c2e0a5c8e17fe7993a1b165018b803e4a9a6d95a904c9b6b5232fcc586f1d2648a22f70092f72c20ec2cdb1813adbed7b1c5640045204cb35b8d2055481a9b3b5a14cc407efd830e4b44445d53ec18f3cbfbf1f2bd10d5548df8c4f55aac22d05e3822450f2e0827668d89b4cb0e37c86736ea37e5f6e390b498769e23975207a2479b21589097235edd14ff12f9fb09965ee759a88d23741881f61e35e48140eb5e9b1b0d657a1b9fa0febcf6fd9466e507d6a41c75180ab7763dc74cd55fe4574bb490300fd4b2ee43634cb9033635f0ee22ae4b527b995f77ca3ff15ab8a3f04c04a9e6169805c15e9820660d393ed01252915ed361511bc7381e08bbf9416f3c1ba93ec15b36b429fe3b23a4ca692bf27784ff2357e79547a98c64bfbb5124326b1dac28320789f7bdcb9c6988f6579cd53db5ab32bd49bbf8813d42f33ee41643e97ad57ee286f86b6166650f6f837e8580101b1fe99463d4a35c52297f4229091c66f24a3aeb1afa45c929def3c7b3a8e881fb35222555d82646a1cb6cec897244c6b71dd3d989a25f25962ce32dd0ff715eff156f2400c39370f9cd2fdab33a75c5de194768cabe37cc8eb2ceddf0e3099c5599bfaf58caa8da560fdea94b78a755b8a3fd3b0c17301ff592c6f30c4d09cda25bcfff02e71b34e8013295d9ecc6e8524ae6a406c948821956ae1a2a97c0844f305014c70082bc8184c219a19332eb21b1f67e7645d2a334c049b55b30bf850e602799ff69b4b32e7f8ec5bac13ee14e1038c9f4dfa25911fb0bba0b8ae29501b89daed766fff036d1da6b6e967bab76b958407f1d3e0d2dd96d6eed3ae59c9247dc441114b07de016d25028466600f7b45904abb3ec5b5f37d2261c849a68025d9c6ce8df80379b8e6915beb43bdfad1c214f016debd405797d325089b765126b7861f9deeb79c0d286f7f9117d6ee20e60b4695d168088ed982bcca5f7869b32a7402cbf19e3ee5f11060036f237a57c004d390d96b6121e761493835d9d38485896b1ab3bc772fd340d8f2da59a65c6baac1301f9152ff298907d3394540cc763679b24fe2c045a410cb645a426fe6bd0f11283f68050e769caf046afa8032c696dbb3e92a70318179569ec61cf59c04f6afc4b23b8e9646f7de8680d905de76faf9433d1fd12b5eb57bfb571f82d067afb46f7cc0d2a74a2ecbd00f44f0cc7d51f789d25f9076e49a9899778a7f8c8fb05424d3755474a42c4c7ad468a58de49a1ae3718ac16b15b05913a30c29b0ae79329b37ceac091e506ebfc69e7116a66dc4882ab2dc8435d937539048de3f5f171cc5a4450893055047c7a21988ecba2c4890dba69a90730c134e80ce9d0d51ec13a728942c2e226c5afe8b8ed6cc7a25525605337827f0a0086d74915bb0c22e13910d1d1f3552b050c008ca5b0d5ebba70a772f3e25fcd4bcbf3f8726d532f2e26d3f08ddfd23732efc0e2f9c0be1a28bbba5e4c8f2e91b442979b674b01677685eb5e8839c90c23e273b9042a29bf515218800cb91cfa4969af515fdb438c7678ddb6ea54c0cf15ef8039c1297e1a41fbc9b34d91ec8e447ff0eb160103454b644a415aba5123a5da491c87071f62fa6ff70166d4d610fc86068e949a90a83e8151912aa7226c679073cf327b38b8bef929a4b3bc9afc539c67a8e0a169abe5f98690d80735b24bce5bd696d4bf3903857cd825675b807d4be27a194ce7d04e7876681aa17c2e4c45ce510e476c4206a0bba924d02bf8e579ebc8660a8e17a3c2113459b0ffb15b8a3e3d5c80336d1bbf248a92a47a4c25178a6e6eb3108955188727fae17a8a99f1c27993a514935cee40b7dfecf0d93769e2f78775c00b54365271716a06432437a035d4b0a3971922c0b3d0856ed79b51880e1fcae4d5d2534c2db0fe52ad777cfd035e273eaa289a7709bb4496cd865b93a6372cfa6f2dc5f14a0435fab67e8a2f98ef426a70018af6f14572d2e68d913b18764756895f4692afebca4453f9659396eb7c0a403d72524ea3df93792b1c016cfc38f634ffb5c636ce275e86ba5390b6b4a8768923821f80974751de3be24602cf5fd0c57c50bdd11f6fa920482b926dd2f896887e8590227fcbfc81bf877691ec182e006cba1da669b6b531e3e1e3d2d9d1706b60256e3efc9d0e9326948fcb205272a53a76047513c2f97fc89f3922fc3956d51362d2f1d002113bbf82fdac4969c3d6cecf77827ac112b6882021d0644e181631b48989f3f07507cafc81b6f0e0d285d029f392a726b074e49bde2dbef4b69f467ac53f0f0fcc9d786b757071b2566cd0fb8b04e98d7cc9bd463d8d67f546232be8243eda33c6aff9162696e3f0a9e1f5ede97e2b0e7ef5c8014b3f439f07a7db77c79e6907c48dbda8b7f3712f0880b91a283ca364afa969ab55c2957a53382fc86913c7bbb6a205aa3fa7b8b8edc1ed6ec3793ae86bf6b885ffcd09eec1cb34735223a6f680a6a64eb9270762a0d409cf17bbcaa13764123256a80d25d1ecfa955ed06203b309cd4b89c373437c5565e6b64646324f5961826b26a0e08c752bb64e29dc6f4377caab19526fe409a44d89cbec924c305e818ed30cf4b6abca778a799c53a6b9f82f73e888daf366bbd942e9e23af2a2d0910839de36244eee44f4b485362272d58b6e0a4ce0cf7d0bb8cea1bf208a99658f3be409168646b35a11b36af1da67b4329f3ec40228019a597d5996a8e076eae7994bfb468787c203b6a1ba0499e61a47500f6a092875dafa27a4779dbbb43c0abbac151aafd9301b3024e48139313504fc528def90ea80fd21126d48c272352d34432fe92229ef4ce46008ec0ccff987f49e76155f782012c7223dedea4a790c39e5a5a312a3de475c1ebb9a5e1b6280149e53e10359d0a2c0cc2cf8c18a6e5d5e013e6ce9cca0d785674d8e98118b3ca8843a8570a508c6e8886e99868f8ca25d18ec4b056d882adeac4bb88eceefe5f71fbf2523b618849430e25309d89dda1346c2594a5fc6e14781e6804985c86521d45a30a9c98865496ac8482fa13b75c491078637a4906d8abf71c231c558e88de82d72d95c1483d2932d2c0490efd4546fa3131b3e324fe2064c871ee740e7694f3bdc190d58ecf64848e0b40dcab5267dcd5ec0c8bc54c067b4876a592da7802c1ec7711caa2ca6350d72fd02ee7c4189ba8335b31568225feca00e726b4b54cb271f93041fdd36638b176a0298fad233e2151d075498d9668b44b2780822c32d56d4ac925cf87099c11f4a07840ed6d734ce343b88980bd494e7ae648f199d06b9f659abba0e9bffa236f98eca103c758e29473bda7b180c2e65192d35db5c84204fecda7757419977eceff3e1223ca02de4f610b1ade26493e60613a6e963d7ba06d5a0c5ad978ec718cfa3e74ad047743abc1ef53fb37346378ca76ce68e1700eb90dbf21a387751bef29047e6bb99dde31ea3d39efc6ee7d4e6fcc063bddc49977ad6177438c5413e29ee79492147865f2a08524ca17b7f6a528a9938c0735e9cdccb808af57f873e20d0e8688b8942a40e2577bbe01026e8d9b2358eba068ce284d00c92c1b908cd17f95a05964f12afa65607d57ef06825fd854ae80a3c3d0a8bf7027c3d510346f9ee83c3cfd94706aeddae8d1c541afb517f0b816064c6"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef) 1m22.618632732s ago: executing program 1 (id=1208): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x3, 0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyrc\x00', 0x101000, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x40045431, 0x0) 1m22.541325528s ago: executing program 1 (id=1209): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22202, 0x0) pread64$auto(r0, 0x0, 0x3fffffd, 0x9) read$auto_mon_fops_text_t_mon_text(r0, 0x0, 0x60) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0x0, 0x0) 1m22.022302191s ago: executing program 1 (id=1213): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x3, 0x2a) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fanotify_init$auto(0xd2, 0x5) 1m21.862304175s ago: executing program 1 (id=1216): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 1m21.447146784s ago: executing program 1 (id=1220): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/slab/kmalloc-64/cpu_partial\x00', 0x109101, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) read$auto(r0, 0x0, 0x1ff) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) 1m21.039364922s ago: executing program 32 (id=1220): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/slab/kmalloc-64/cpu_partial\x00', 0x109101, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) read$auto(r0, 0x0, 0x1ff) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) 1m19.521672936s ago: executing program 0 (id=1235): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000240), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'ip6_vti0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x28, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HSR_A_IFINDEX={0x8, 0x2, r3}, @HSR_A_NODE_ADDR={0xa, 0x1, @local}]}, 0x28}, 0x1, 0x0, 0x0, 0x40800}, 0x20000010) 1m19.172243565s ago: executing program 0 (id=1238): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x4, 0x7, 0x0, 0x400, 0x9a, "077c1315ff06c9cc9ff4956913870ef95ebcd43e985b110210346f7f05f8bd5d8b4458e71254da2aab17208e518d2a9b3c20bd53a710ce119b1b61b0"}) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xa}, 0x1) 1m18.576576407s ago: executing program 0 (id=1243): socket$nl_generic(0x11, 0x3, 0x10) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r0 = socket(0xa, 0x3, 0x3b) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'geneve1\x00', 0x0}) sendto$auto(0x3, 0x0, 0x13, 0xfffffff9, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, r1, 0x10, 0x1000000}, 0x22) 1m18.403371223s ago: executing program 0 (id=1245): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) connect$auto(0x4, 0x0, 0x10) 1m17.810715929s ago: executing program 0 (id=1248): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 1m15.011910168s ago: executing program 0 (id=1263): mremap$auto(0x200000000000, 0x4, 0x4, 0x3, 0x100000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x7fffffff, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1c, &(0x7f0000000240), 0x1) 1m14.365247196s ago: executing program 33 (id=1263): mremap$auto(0x200000000000, 0x4, 0x4, 0x3, 0x100000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x7fffffff, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1c, &(0x7f0000000240), 0x1) 2.255141184s ago: executing program 2 (id=1935): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) setsockopt$auto(0x3, 0x10000000084, 0x24, 0x0, 0x8) 1.979870156s ago: executing program 3 (id=1938): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) listen$auto(0x3, 0x81) 1.949603066s ago: executing program 4 (id=1939): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kcmp$auto(0x0, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) r0 = epoll_create$auto(0x3e) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) 1.828732414s ago: executing program 2 (id=1940): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x25, 0x1, 0x3) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) 1.821493418s ago: executing program 3 (id=1941): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf2502cff3291849be3657003c80080019"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.672464845s ago: executing program 2 (id=1943): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x1) r0 = open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) fanotify_mark$auto(0x0, 0x105, 0x8009, r0, 0x0) 1.640772834s ago: executing program 5 (id=1944): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_FS_IOC_GETFSUUID(0xffffffffffffffff, 0x80111500, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(0x0, 0x2) r0 = fcntl$auto(0xff80000000000000, 0x409, 0x3f) fallocate$auto(r0, 0x1, 0xd, 0x5) 1.618237641s ago: executing program 4 (id=1945): mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) ioctl$auto(0x3, 0x4020565a, 0x38) close_range$auto(0x2, 0x8, 0x0) 1.217320536s ago: executing program 5 (id=1946): mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r0) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="110b27f27200fbdbdf250c"], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x9800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.189526936s ago: executing program 4 (id=1947): socket(0x1d, 0x3, 0x1) execveat$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000) r0 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r1, 0xfd}, 0x6a) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a) 1.122050384s ago: executing program 2 (id=1948): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 956.83ms ago: executing program 5 (id=1949): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) r2 = setfsuid$auto(0xee00) r3 = setfsuid$auto(0xee01) setresuid$auto(r2, r3, r2) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000000)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 919.403407ms ago: executing program 3 (id=1950): syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) socket(0x11, 0x3, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getsockopt$auto(0x6, 0x107, 0x15, 0x0, 0x0) 822.741182ms ago: executing program 4 (id=1951): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x7}, 0x3) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) 774.281245ms ago: executing program 5 (id=1952): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0xf, 0x7, 0x8, 0x0) r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r0, 0x110, 0x7, 0x0, 0x4) 765.948715ms ago: executing program 2 (id=1953): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0xa) socket(0xa, 0x2, 0x3a) getsockopt$auto(0x6, 0x0, 0x50, 0xfffffffffffffffe, 0x0) 743.416482ms ago: executing program 3 (id=1954): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='V'], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfffffffc, &(0x7f0000000100)={0x0, 0xfbe}, 0x8, 0x0, 0x7}, 0x880}, 0x7, 0x4008) 477.453424ms ago: executing program 5 (id=1955): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x54) shutdown$auto(0x200000003, 0x2) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x4) 358.656477ms ago: executing program 2 (id=1956): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0) ioctl$auto_CEC_RECEIVE(r0, 0xc0386106, 0x0) 341.967627ms ago: executing program 4 (id=1957): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) process_vm_writev$auto(0x0, &(0x7f00000011c0)={&(0x7f00000001c0)="42777dd1330b458d0b5c44ca32e94fc00cfbce962ee7d8f31c0f90c327830f55adfdceafcc0f7b5a21ea23bdf5344d47d49d60218e57bb33118d04fdd37f5fd17f96a318132a5dd282784244bd58b9a0c8adc60d2f8535b3", 0x8}, 0x7, 0x0, 0x7, 0xb5) sendmsg$auto_TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="01000200000000006bbc9d65365cbf8013"], 0x18}, 0x1, 0x0, 0x0, 0x4000094}, 0x8080) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c0300000000000000a3677337f9eca9075f6bba4416", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100) 218.133174ms ago: executing program 3 (id=1958): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) sendto$auto(0x3, 0x0, 0x18, 0x7, &(0x7f0000000180)=@hci={0x1f, 0xdd86, 0x7}, 0x22) prctl$auto(0x0, 0xffff, 0x0, 0xffffffffffffffff, 0x6) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x1, 0x0) io_uring_register$auto(0x2, 0x6, 0x0, 0x86) 168.030143ms ago: executing program 5 (id=1959): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fstat$auto(0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x10e, 0x1, 0x0, 0xe) r1 = socket(0xa, 0x801, 0x106) listen$auto(r1, 0x5) 7.446378ms ago: executing program 4 (id=1960): mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) pipe2$auto(0x0, 0x80) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r0, 0x0, 0xe) 0s ago: executing program 3 (id=1961): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x410180, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1208}, 0x1, 0x0, 0x0, 0x4004080}, 0x40) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) kernel console output (not intermixed with test programs): entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.490525][ T6651] RIP: 0033:0x7f35fc58ebe9 [ 139.490550][ T6651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.490582][ T6651] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 139.490612][ T6651] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 139.490634][ T6651] RDX: 0000000000000002 RSI: 0000000000000003 RDI: 000000000000000f [ 139.490653][ T6651] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 139.490672][ T6651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.490690][ T6651] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 139.490731][ T6651] [ 139.982580][ T51] Bluetooth: hci0: command tx timeout [ 140.134419][ T6657] mmap: syz.2.298 (6657) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 140.677942][ T36] team0 (unregistering): Port device team_slave_1 removed [ 140.790421][ T36] team0 (unregistering): Port device team_slave_0 removed [ 140.989562][ T6667] mtrr: base(0x7961000) is not aligned on a size(0x0000) boundary [ 142.062616][ T51] Bluetooth: hci0: command tx timeout [ 142.172879][ T6691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.311'. [ 142.393482][ T6587] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.409238][ T6587] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.418840][ T6587] bridge_slave_0: entered allmulticast mode [ 142.431485][ T6587] bridge_slave_0: entered promiscuous mode [ 142.479950][ T6587] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.512869][ T6587] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.520356][ T6587] bridge_slave_1: entered allmulticast mode [ 142.571223][ T6587] bridge_slave_1: entered promiscuous mode [ 143.083000][ T6587] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 143.134359][ T6587] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 143.336517][ T6587] team0: Port device team_slave_0 added [ 143.385096][ T6587] team0: Port device team_slave_1 added [ 143.498898][ T6722] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 143.617786][ T6587] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 143.641936][ T6587] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.680958][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.690500][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.712784][ T6587] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 143.772643][ T6587] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 143.779779][ T6587] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.897982][ T6587] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 144.142548][ T51] Bluetooth: hci0: command tx timeout [ 144.275484][ T6740] netlink: 206 bytes leftover after parsing attributes in process `syz.2.326'. [ 144.333784][ T6587] hsr_slave_0: entered promiscuous mode [ 144.340660][ T6587] hsr_slave_1: entered promiscuous mode [ 144.384810][ T6587] debugfs: 'hsr0' already exists in 'hsr' [ 144.390624][ T6587] Cannot create hsr debugfs directory [ 146.396986][ T6587] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 146.428612][ T6587] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 146.508256][ T6587] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 146.578397][ T6587] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 146.911221][ T6587] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.990360][ T6587] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.039191][ T1000] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.046456][ T1000] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.138033][ T1000] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.145772][ T1000] bridge0: port 2(bridge_slave_1) entered forwarding state [ 148.012299][ T6587] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 148.167874][ T6587] veth0_vlan: entered promiscuous mode [ 148.200831][ T6587] veth1_vlan: entered promiscuous mode [ 148.344237][ T6587] veth0_macvtap: entered promiscuous mode [ 148.395731][ T6587] veth1_macvtap: entered promiscuous mode [ 148.478031][ T6587] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.534431][ T6587] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.589489][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.633073][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.687082][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.722867][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.083638][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.108630][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.772235][ T1000] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.825356][ T1000] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.167033][ T6877] zswap: compressor not available [ 150.825610][ T6898] zswap: compressor not available [ 152.832020][ T6977] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 153.839536][ T7011] XFS: Clearing xfsstats [ 154.427136][ T7034] FAULT_INJECTION: forcing a failure. [ 154.427136][ T7034] name failslab, interval 1, probability 0, space 0, times 0 [ 154.458206][ T7034] CPU: 1 UID: 0 PID: 7034 Comm: syz.0.420 Tainted: G I syzkaller #0 PREEMPT(full) [ 154.458258][ T7034] Tainted: [I]=FIRMWARE_WORKAROUND [ 154.458271][ T7034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 154.458289][ T7034] Call Trace: [ 154.458300][ T7034] [ 154.458312][ T7034] dump_stack_lvl+0x16c/0x1f0 [ 154.458362][ T7034] should_fail_ex+0x512/0x640 [ 154.458409][ T7034] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 154.458448][ T7034] should_failslab+0xc2/0x120 [ 154.458494][ T7034] __kmalloc_cache_noprof+0x6a/0x3e0 [ 154.458529][ T7034] ? apparmor_capable+0x114/0x1d0 [ 154.458564][ T7034] ? fsnotify_alloc_group+0x92/0x330 [ 154.458608][ T7034] fsnotify_alloc_group+0x92/0x330 [ 154.458647][ T7034] __do_sys_fanotify_init+0x287/0xc00 [ 154.458703][ T7034] ? rcu_is_watching+0x12/0xc0 [ 154.458743][ T7034] do_syscall_64+0xcd/0x490 [ 154.458792][ T7034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.458826][ T7034] RIP: 0033:0x7f4f0718ebe9 [ 154.458851][ T7034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.458881][ T7034] RSP: 002b:00007f4f080ea038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 154.458912][ T7034] RAX: ffffffffffffffda RBX: 00007f4f073c5fa0 RCX: 00007f4f0718ebe9 [ 154.458933][ T7034] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000004000 [ 154.458954][ T7034] RBP: 00007f4f07211e19 R08: 0000000000000000 R09: 0000000000000000 [ 154.458974][ T7034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.458994][ T7034] R13: 00007f4f073c6038 R14: 00007f4f073c5fa0 R15: 00007fff5dff6a58 [ 154.459036][ T7034] [ 154.635237][ C1] vkms_vblank_simulate: vblank timer overrun [ 155.140476][ T7048] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 155.307267][ T7050] FAULT_INJECTION: forcing a failure. [ 155.307267][ T7050] name failslab, interval 1, probability 0, space 0, times 0 [ 155.325828][ T7050] CPU: 1 UID: 0 PID: 7050 Comm: syz.2.429 Tainted: G I syzkaller #0 PREEMPT(full) [ 155.325884][ T7050] Tainted: [I]=FIRMWARE_WORKAROUND [ 155.325897][ T7050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 155.325916][ T7050] Call Trace: [ 155.325927][ T7050] [ 155.325940][ T7050] dump_stack_lvl+0x16c/0x1f0 [ 155.325992][ T7050] should_fail_ex+0x512/0x640 [ 155.326039][ T7050] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 155.326085][ T7050] should_failslab+0xc2/0x120 [ 155.326127][ T7050] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 155.326176][ T7050] ? ptlock_alloc+0x1f/0x70 [ 155.326216][ T7050] ptlock_alloc+0x1f/0x70 [ 155.326248][ T7050] pte_alloc_one+0x82/0x3a0 [ 155.326286][ T7050] do_pte_missing+0x1afc/0x3ba0 [ 155.326322][ T7050] ? do_raw_spin_unlock+0x172/0x230 [ 155.326378][ T7050] ? __pmd_alloc+0x3fb/0x930 [ 155.326432][ T7050] __handle_mm_fault+0x152a/0x2a50 [ 155.326472][ T7050] ? mt_find+0x3ef/0xa30 [ 155.326522][ T7050] ? __pfx___handle_mm_fault+0x10/0x10 [ 155.326553][ T7050] ? __pfx_mt_find+0x10/0x10 [ 155.326635][ T7050] ? find_vma+0xbf/0x140 [ 155.326678][ T7050] ? __pfx_find_vma+0x10/0x10 [ 155.326727][ T7050] handle_mm_fault+0x589/0xd10 [ 155.326763][ T7050] ? trace_raw_output_exceptions+0x131/0x150 [ 155.326818][ T7050] do_user_addr_fault+0x7a6/0x1370 [ 155.326875][ T7050] ? rcu_is_watching+0x12/0xc0 [ 155.326913][ T7050] exc_page_fault+0x5c/0xb0 [ 155.326955][ T7050] asm_exc_page_fault+0x26/0x30 [ 155.326987][ T7050] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 155.327022][ T7050] Code: c4 10 e9 54 1f 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 155.327053][ T7050] RSP: 0018:ffffc90004727d70 EFLAGS: 00050202 [ 155.327080][ T7050] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 155.327100][ T7050] RDX: fffff520008e4fbc RSI: 0000000000000000 RDI: ffffc90004727de0 [ 155.327133][ T7050] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520008e4fbc [ 155.327153][ T7050] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 155.327178][ T7050] R13: ffffc90004727de0 R14: 0000000000000000 R15: 0000000000000000 [ 155.327219][ T7050] _copy_from_user+0x98/0xd0 [ 155.327273][ T7050] do_sock_getsockopt+0x3ca/0x440 [ 155.327329][ T7050] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 155.327393][ T7050] ? __fget_files+0x204/0x3c0 [ 155.327451][ T7050] __sys_getsockopt+0x123/0x1b0 [ 155.327504][ T7050] __x64_sys_getsockopt+0xbd/0x160 [ 155.327544][ T7050] ? do_syscall_64+0x91/0x490 [ 155.327587][ T7050] ? lockdep_hardirqs_on+0x7c/0x110 [ 155.327629][ T7050] do_syscall_64+0xcd/0x490 [ 155.327679][ T7050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.327711][ T7050] RIP: 0033:0x7f35fc58ebe9 [ 155.327736][ T7050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.327767][ T7050] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 155.327797][ T7050] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 155.327818][ T7050] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003 [ 155.327838][ T7050] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 155.327858][ T7050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.327877][ T7050] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 155.327920][ T7050] [ 155.680650][ C1] vkms_vblank_simulate: vblank timer overrun [ 155.773268][ T7055] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 156.564668][ T7083] netlink: 'syz.2.441': attribute type 2 has an invalid length. [ 156.761013][ T7087] netlink: 206 bytes leftover after parsing attributes in process `syz.2.443'. [ 158.343328][ T7138] netlink: 338 bytes leftover after parsing attributes in process `syz.1.466'. [ 158.813709][ T7150] ubi0: attaching mtd0 [ 158.850122][ T7150] ubi0: scanning is finished [ 158.873938][ T7150] ubi0: empty MTD device detected [ 159.086498][ T7150] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 159.095137][ T7150] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 159.123309][ T7150] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 159.152653][ T7150] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 159.172783][ T7150] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 159.191450][ T7150] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 159.223113][ T7150] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4028108388 [ 159.253395][ T7150] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 159.281392][ T7162] ubi0: background thread "ubi_bgt0d" started, PID 7162 [ 159.284128][ T7156] ubi0: detaching mtd0 [ 159.347268][ T7156] ubi0: mtd0 is detached [ 160.792236][ T7198] FAULT_INJECTION: forcing a failure. [ 160.792236][ T7198] name failslab, interval 1, probability 0, space 0, times 0 [ 160.883127][ T7198] CPU: 1 UID: 0 PID: 7198 Comm: syz.3.491 Tainted: G I syzkaller #0 PREEMPT(full) [ 160.883183][ T7198] Tainted: [I]=FIRMWARE_WORKAROUND [ 160.883196][ T7198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 160.883215][ T7198] Call Trace: [ 160.883226][ T7198] [ 160.883238][ T7198] dump_stack_lvl+0x16c/0x1f0 [ 160.883288][ T7198] should_fail_ex+0x512/0x640 [ 160.883333][ T7198] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 160.883378][ T7198] should_failslab+0xc2/0x120 [ 160.883422][ T7198] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 160.883461][ T7198] ? d_instantiate+0x77/0x90 [ 160.883502][ T7198] ? alloc_empty_file+0x55/0x1e0 [ 160.883557][ T7198] alloc_empty_file+0x55/0x1e0 [ 160.883632][ T7198] alloc_file_pseudo+0x13a/0x230 [ 160.883684][ T7198] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 160.883745][ T7198] ? _raw_spin_unlock+0x28/0x50 [ 160.883783][ T7198] ? alloc_fd+0x471/0x7d0 [ 160.883821][ T7198] __anon_inode_getfile+0xe8/0x280 [ 160.883860][ T7198] ? __init_waitqueue_head+0xca/0x150 [ 160.883917][ T7198] do_epoll_create+0x324/0x480 [ 160.883953][ T7198] __x64_sys_epoll_create+0x45/0x70 [ 160.883989][ T7198] do_syscall_64+0xcd/0x490 [ 160.884038][ T7198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.884071][ T7198] RIP: 0033:0x7f306d78ebe9 [ 160.884098][ T7198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.884130][ T7198] RSP: 002b:00007f306e5a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 160.884162][ T7198] RAX: ffffffffffffffda RBX: 00007f306d9c5fa0 RCX: 00007f306d78ebe9 [ 160.884183][ T7198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 160.884203][ T7198] RBP: 00007f306d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 160.884223][ T7198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.884242][ T7198] R13: 00007f306d9c6038 R14: 00007f306d9c5fa0 R15: 00007ffeb6e00c68 [ 160.884284][ T7198] [ 161.550357][ T7220] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 163.593794][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.3.528'. [ 163.737273][ T7285] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 164.224593][ T7295] ptrace attach of "./syz-executor exec"[5870] was attempted by "K}::TL=1Cti9ʹke,J5I{h5d7͓<(|4_8$SoPnۏ,T8HV×NIېkgsKGwRZHC\x077*5S:])#\x0bjba\x09!T=ȀFϠ1!2ߪ>LryXԝ/ČVCӬܷZ'(]bLVny9b\x0b\x0di- ȱTMZkC;.~$@D0+O% HcqJ2bA]5?jVz\x0aqYے|fbX'\x09,JX6F* E\x07`' [ 165.037100][ T7310] syz.1.541 uses obsolete (PF_INET,SOCK_PACKET) [ 165.774450][ T7321] netlink: 28 bytes leftover after parsing attributes in process `syz.2.544'. [ 171.162944][ T7461] zero sized request [ 171.387699][ T7466] ubi0: attaching mtd0 [ 171.409220][ T7466] ubi0: scanning is finished [ 171.630525][ T7466] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 171.639900][ T7466] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 171.692711][ T7466] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 171.755415][ T7466] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 171.764412][ T7466] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 171.771248][ T7466] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 171.781077][ T7466] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 4028108388 [ 171.842684][ T7466] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 171.880451][ T7476] ubi0: background thread "ubi_bgt0d" started, PID 7476 [ 171.880504][ T7469] ubi0: detaching mtd0 [ 172.095470][ T7469] ubi0: mtd0 is detached [ 172.380567][ T7494] netlink: 28 bytes leftover after parsing attributes in process `syz.1.616'. [ 173.179660][ T7519] ubi0: attaching mtd0 [ 173.191054][ T7519] ubi0: scanning is finished [ 173.405689][ T7519] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 173.444288][ T7519] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 173.512617][ T7519] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 173.520656][ T7519] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 173.569987][ T7533] netlink: 342 bytes leftover after parsing attributes in process `syz.1.632'. [ 173.618846][ T7519] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 173.692527][ T7519] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 173.700779][ T7519] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 4028108388 [ 173.793095][ T7519] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 173.840370][ T7521] ubi0: detaching mtd0 [ 173.840861][ T7527] ubi0: background thread "ubi_bgt0d" started, PID 7527 [ 173.941334][ T7521] ubi0: mtd0 is detached [ 175.353396][ T7571] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 175.482536][ T30] audit: type=1800 audit(1756911306.428:2): pid=7574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.649" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 176.701144][ T7605] netlink: 334 bytes leftover after parsing attributes in process `syz.1.663'. [ 177.084891][ T7612] FAULT_INJECTION: forcing a failure. [ 177.084891][ T7612] name failslab, interval 1, probability 0, space 0, times 0 [ 177.098241][ T7612] CPU: 0 UID: 0 PID: 7612 Comm: syz.2.666 Tainted: G I syzkaller #0 PREEMPT(full) [ 177.098295][ T7612] Tainted: [I]=FIRMWARE_WORKAROUND [ 177.098308][ T7612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 177.098328][ T7612] Call Trace: [ 177.098339][ T7612] [ 177.098352][ T7612] dump_stack_lvl+0x16c/0x1f0 [ 177.098404][ T7612] should_fail_ex+0x512/0x640 [ 177.098453][ T7612] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 177.098494][ T7612] should_failslab+0xc2/0x120 [ 177.098540][ T7612] __kmalloc_cache_noprof+0x6a/0x3e0 [ 177.098576][ T7612] ? snd_seq_port_connect+0x61/0x580 [ 177.098634][ T7612] snd_seq_port_connect+0x61/0x580 [ 177.098694][ T7612] ? _raw_read_unlock+0x28/0x50 [ 177.098735][ T7612] ? check_subscription_permission.isra.0+0xf5/0x240 [ 177.098797][ T7612] snd_seq_ioctl_subscribe_port+0x211/0x450 [ 177.098856][ T7612] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 177.098928][ T7612] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 177.098986][ T7612] snd_seq_oss_midi_open+0x442/0x660 [ 177.099029][ T7612] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 177.099081][ T7612] ? rcu_is_watching+0x12/0xc0 [ 177.099115][ T7612] ? trace_contention_end+0xdd/0x130 [ 177.099170][ T7612] snd_seq_oss_synth_reset+0x437/0x880 [ 177.099214][ T7612] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 177.099256][ T7612] ? __pfx___fsnotify_parent+0x10/0x10 [ 177.099303][ T7612] snd_seq_oss_reset+0x73/0x290 [ 177.099337][ T7612] ? __pfx_odev_release+0x10/0x10 [ 177.099386][ T7612] snd_seq_oss_release+0x7c/0x180 [ 177.099418][ T7612] odev_release+0x4c/0x70 [ 177.099465][ T7612] __fput+0x3ff/0xb70 [ 177.099528][ T7612] task_work_run+0x14d/0x240 [ 177.099583][ T7612] ? __pfx_task_work_run+0x10/0x10 [ 177.099637][ T7612] ? __pfx___do_sys_close_range+0x10/0x10 [ 177.099694][ T7612] exit_to_user_mode_loop+0xeb/0x110 [ 177.099748][ T7612] do_syscall_64+0x3f6/0x490 [ 177.099798][ T7612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.099832][ T7612] RIP: 0033:0x7f35fc58ebe9 [ 177.099858][ T7612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.099888][ T7612] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 177.099919][ T7612] RAX: 0000000000000000 RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 177.099940][ T7612] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 177.099959][ T7612] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 177.099979][ T7612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.099998][ T7612] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 177.100042][ T7612] [ 178.137962][ T7633] netlink: 28 bytes leftover after parsing attributes in process `syz.0.673'. [ 179.171565][ T7671] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 180.941101][ T30] audit: type=1804 audit(1756911311.908:3): pid=7732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.720" name=2F6E6577726F6F742F3134332F22050820 dev="tmpfs" ino=740 res=1 errno=0 [ 180.977580][ T30] audit: type=1800 audit(1756911311.908:4): pid=7732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.720" name=22050820 dev="tmpfs" ino=740 res=0 errno=0 [ 182.761419][ T7788] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 183.054290][ T7794] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input10 [ 184.483389][ T7821] FAULT_INJECTION: forcing a failure. [ 184.483389][ T7821] name failslab, interval 1, probability 0, space 0, times 0 [ 184.496987][ T7821] CPU: 0 UID: 0 PID: 7821 Comm: syz.1.756 Tainted: G I syzkaller #0 PREEMPT(full) [ 184.497040][ T7821] Tainted: [I]=FIRMWARE_WORKAROUND [ 184.497053][ T7821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 184.497082][ T7821] Call Trace: [ 184.497093][ T7821] [ 184.497106][ T7821] dump_stack_lvl+0x16c/0x1f0 [ 184.497160][ T7821] should_fail_ex+0x512/0x640 [ 184.497206][ T7821] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 184.497246][ T7821] should_failslab+0xc2/0x120 [ 184.497291][ T7821] __kmalloc_cache_noprof+0x6a/0x3e0 [ 184.497326][ T7821] ? percpu_ref_init+0xec/0x410 [ 184.497369][ T7821] ? __pfx_swap_users_ref_free+0x10/0x10 [ 184.497409][ T7821] percpu_ref_init+0xec/0x410 [ 184.497456][ T7821] __do_sys_swapon+0x15a/0x3bd0 [ 184.497498][ T7821] ? __pfx_do_futex+0x10/0x10 [ 184.497544][ T7821] ? __pfx___might_resched+0x10/0x10 [ 184.497582][ T7821] ? __x64_sys_futex+0x1e0/0x4c0 [ 184.497623][ T7821] ? __x64_sys_futex+0x1e9/0x4c0 [ 184.497666][ T7821] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 184.497712][ T7821] ? __pfx___do_sys_swapon+0x10/0x10 [ 184.497764][ T7821] do_syscall_64+0xcd/0x490 [ 184.497815][ T7821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.497850][ T7821] RIP: 0033:0x7f5246d8ebe9 [ 184.497876][ T7821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.497908][ T7821] RSP: 002b:00007f5247cd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a7 [ 184.497939][ T7821] RAX: ffffffffffffffda RBX: 00007f5246fc5fa0 RCX: 00007f5246d8ebe9 [ 184.497961][ T7821] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 184.497979][ T7821] RBP: 00007f5246e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 184.497999][ T7821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.498019][ T7821] R13: 00007f5246fc6038 R14: 00007f5246fc5fa0 R15: 00007ffe884ee268 [ 184.498061][ T7821] [ 186.116040][ T7853] FAULT_INJECTION: forcing a failure. [ 186.116040][ T7853] name failslab, interval 1, probability 0, space 0, times 0 [ 186.131603][ T7853] CPU: 1 UID: 0 PID: 7853 Comm: syz.2.767 Tainted: G I syzkaller #0 PREEMPT(full) [ 186.131659][ T7853] Tainted: [I]=FIRMWARE_WORKAROUND [ 186.131672][ T7853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.131691][ T7853] Call Trace: [ 186.131702][ T7853] [ 186.131714][ T7853] dump_stack_lvl+0x16c/0x1f0 [ 186.131774][ T7853] should_fail_ex+0x512/0x640 [ 186.131819][ T7853] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 186.131870][ T7853] should_failslab+0xc2/0x120 [ 186.131914][ T7853] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 186.131955][ T7853] ? alloc_inode+0xc3/0x240 [ 186.132008][ T7853] alloc_inode+0xc3/0x240 [ 186.132055][ T7853] path_from_stashed+0x25b/0x750 [ 186.132092][ T7853] ? alloc_fd+0x471/0x7d0 [ 186.132131][ T7853] pidfs_alloc_file+0xf8/0x290 [ 186.132163][ T7853] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 186.132200][ T7853] ? _raw_spin_unlock_irq+0x23/0x50 [ 186.132241][ T7853] pidfd_prepare+0x129/0x200 [ 186.132285][ T7853] __x64_sys_pidfd_open+0x105/0x1a0 [ 186.132337][ T7853] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 186.132391][ T7853] ? rcu_is_watching+0x12/0xc0 [ 186.132426][ T7853] do_syscall_64+0xcd/0x490 [ 186.132473][ T7853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.132506][ T7853] RIP: 0033:0x7f35fc58ebe9 [ 186.132531][ T7853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.132563][ T7853] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 186.132594][ T7853] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 186.132615][ T7853] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 186.132635][ T7853] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 186.132655][ T7853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.132675][ T7853] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 186.132717][ T7853] [ 186.480418][ T7857] FAULT_INJECTION: forcing a failure. [ 186.480418][ T7857] name failslab, interval 1, probability 0, space 0, times 0 [ 186.493734][ T7857] CPU: 1 UID: 0 PID: 7857 Comm: syz.3.770 Tainted: G I syzkaller #0 PREEMPT(full) [ 186.493901][ T7857] Tainted: [I]=FIRMWARE_WORKAROUND [ 186.493914][ T7857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.493933][ T7857] Call Trace: [ 186.493946][ T7857] [ 186.493960][ T7857] dump_stack_lvl+0x16c/0x1f0 [ 186.494009][ T7857] should_fail_ex+0x512/0x640 [ 186.494065][ T7857] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 186.494110][ T7857] should_failslab+0xc2/0x120 [ 186.494157][ T7857] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 186.494198][ T7857] ? new_userfaultfd+0x79/0x3d0 [ 186.494256][ T7857] new_userfaultfd+0x79/0x3d0 [ 186.494311][ T7857] __x64_sys_userfaultfd+0x4b/0xb0 [ 186.494345][ T7857] do_syscall_64+0xcd/0x490 [ 186.494396][ T7857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.494428][ T7857] RIP: 0033:0x7f306d78ebe9 [ 186.494455][ T7857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.494485][ T7857] RSP: 002b:00007f306e5a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 186.494517][ T7857] RAX: ffffffffffffffda RBX: 00007f306d9c5fa0 RCX: 00007f306d78ebe9 [ 186.494538][ T7857] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 186.494557][ T7857] RBP: 00007f306d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 186.494576][ T7857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.494595][ T7857] R13: 00007f306d9c6038 R14: 00007f306d9c5fa0 R15: 00007ffeb6e00c68 [ 186.494638][ T7857] [ 186.808229][ T7861] netlink: 346 bytes leftover after parsing attributes in process `syz.3.774'. [ 187.041463][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.168892][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.285780][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.461023][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.011969][ T13] bridge_slave_1: left allmulticast mode [ 188.072649][ T13] bridge_slave_1: left promiscuous mode [ 188.078896][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.171989][ T13] bridge_slave_0: left allmulticast mode [ 188.215742][ T13] bridge_slave_0: left promiscuous mode [ 188.221950][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.389453][ T7902] overlayfs: missing 'lowerdir' [ 188.575400][ T5868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 188.603570][ T5868] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 188.613538][ T5868] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 188.627641][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 188.645290][ T5868] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 190.060893][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.104138][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 190.136545][ T13] bond0 (unregistering): Released all slaves [ 190.703020][ T51] Bluetooth: hci3: command tx timeout [ 191.039928][ T13] hsr_slave_0: left promiscuous mode [ 191.059174][ T13] hsr_slave_1: left promiscuous mode [ 191.066857][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 191.088878][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 191.110934][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 191.121461][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 191.149127][ T13] veth1_macvtap: left promiscuous mode [ 191.158166][ T13] veth0_macvtap: left promiscuous mode [ 191.164164][ T13] veth1_vlan: left promiscuous mode [ 191.169857][ T13] veth0_vlan: left promiscuous mode [ 192.204854][ T13] team0 (unregistering): Port device team_slave_1 removed [ 192.261247][ T13] team0 (unregistering): Port device team_slave_0 removed [ 192.785138][ T51] Bluetooth: hci3: command tx timeout [ 193.447048][ T8027] netlink: 342 bytes leftover after parsing attributes in process `syz.2.827'. [ 193.515754][ T7908] chnl_net:caif_netlink_parms(): no params data found [ 194.117541][ T8054] FAULT_INJECTION: forcing a failure. [ 194.117541][ T8054] name fail_futex, interval 1, probability 0, space 0, times 1 [ 194.161865][ T7908] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.183477][ T8054] CPU: 0 UID: 0 PID: 8054 Comm: syz.2.834 Tainted: G I syzkaller #0 PREEMPT(full) [ 194.183526][ T8054] Tainted: [I]=FIRMWARE_WORKAROUND [ 194.183537][ T8054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 194.183553][ T8054] Call Trace: [ 194.183563][ T8054] [ 194.183573][ T8054] dump_stack_lvl+0x16c/0x1f0 [ 194.183617][ T8054] should_fail_ex+0x512/0x640 [ 194.183663][ T8054] should_fail_futex+0x4c/0x60 [ 194.183698][ T8054] __x64_sys_futex+0x25e/0x4c0 [ 194.183737][ T8054] ? fdget_pos+0x2b8/0x370 [ 194.183770][ T8054] ? __pfx___x64_sys_futex+0x10/0x10 [ 194.183807][ T8054] ? xfd_validate_state+0x61/0x180 [ 194.183848][ T8054] ? __pfx_ksys_write+0x10/0x10 [ 194.183892][ T8054] do_syscall_64+0xcd/0x490 [ 194.183933][ T8054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.183961][ T8054] RIP: 0033:0x7f35fc58ebe9 [ 194.183984][ T8054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.184011][ T8054] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 194.184037][ T8054] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 194.184056][ T8054] RDX: 0000000000000004 RSI: 000000000000000d RDI: 0000000000000000 [ 194.184072][ T8054] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000008 [ 194.184088][ T8054] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.184105][ T8054] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 194.184153][ T8054] [ 194.222731][ T7908] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.399312][ T7908] bridge_slave_0: entered allmulticast mode [ 194.413282][ T7908] bridge_slave_0: entered promiscuous mode [ 194.452353][ T7908] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.460203][ T7908] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.468126][ T7908] bridge_slave_1: entered allmulticast mode [ 194.477422][ T7908] bridge_slave_1: entered promiscuous mode [ 194.648436][ T7908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.726636][ T7908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.863187][ T51] Bluetooth: hci3: command tx timeout [ 195.086161][ T7908] team0: Port device team_slave_0 added [ 195.116750][ T7908] team0: Port device team_slave_1 added [ 195.284600][ T7908] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 195.291616][ T7908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.319834][ T7908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 195.399475][ T7908] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 195.413170][ T7908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.483747][ T7908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 195.631420][ T7908] hsr_slave_0: entered promiscuous mode [ 195.646547][ T7908] hsr_slave_1: entered promiscuous mode [ 196.490383][ T8122] FAULT_INJECTION: forcing a failure. [ 196.490383][ T8122] name failslab, interval 1, probability 0, space 0, times 0 [ 196.524560][ T8122] CPU: 0 UID: 0 PID: 8122 Comm: syz.1.858 Tainted: G I syzkaller #0 PREEMPT(full) [ 196.524617][ T8122] Tainted: [I]=FIRMWARE_WORKAROUND [ 196.524630][ T8122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 196.524649][ T8122] Call Trace: [ 196.524660][ T8122] [ 196.524673][ T8122] dump_stack_lvl+0x16c/0x1f0 [ 196.524724][ T8122] should_fail_ex+0x512/0x640 [ 196.524770][ T8122] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 196.524809][ T8122] should_failslab+0xc2/0x120 [ 196.524853][ T8122] __kmalloc_cache_noprof+0x6a/0x3e0 [ 196.524886][ T8122] ? bpf_lsm_capable+0x9/0x10 [ 196.524916][ T8122] ? __do_sys_timerfd_create+0xea/0x3e0 [ 196.524968][ T8122] __do_sys_timerfd_create+0xea/0x3e0 [ 196.525024][ T8122] ? do_syscall_64+0x91/0x490 [ 196.525079][ T8122] do_syscall_64+0xcd/0x490 [ 196.525128][ T8122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.525162][ T8122] RIP: 0033:0x7f5246d8ebe9 [ 196.525187][ T8122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.525219][ T8122] RSP: 002b:00007f5247cd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 196.525250][ T8122] RAX: ffffffffffffffda RBX: 00007f5246fc5fa0 RCX: 00007f5246d8ebe9 [ 196.525279][ T8122] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000000000000008 [ 196.525299][ T8122] RBP: 00007f5246e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 196.525319][ T8122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.525338][ T8122] R13: 00007f5246fc6038 R14: 00007f5246fc5fa0 R15: 00007ffe884ee268 [ 196.525381][ T8122] [ 196.942860][ T51] Bluetooth: hci3: command tx timeout [ 197.202301][ T8144] Zero length message leads to an empty skb [ 197.539978][ T7908] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 197.557027][ T7908] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 197.578308][ T7908] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 197.616935][ T7908] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 197.906800][ T8168] FAULT_INJECTION: forcing a failure. [ 197.906800][ T8168] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 197.931328][ T8168] CPU: 1 UID: 0 PID: 8168 Comm: syz.1.871 Tainted: G I syzkaller #0 PREEMPT(full) [ 197.931395][ T8168] Tainted: [I]=FIRMWARE_WORKAROUND [ 197.931407][ T8168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 197.931426][ T8168] Call Trace: [ 197.931438][ T8168] [ 197.931450][ T8168] dump_stack_lvl+0x16c/0x1f0 [ 197.931504][ T8168] should_fail_ex+0x512/0x640 [ 197.931557][ T8168] should_fail_alloc_page+0xe7/0x130 [ 197.931603][ T8168] prepare_alloc_pages+0x3c2/0x610 [ 197.931658][ T8168] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 197.931701][ T8168] ? finish_task_switch.isra.0+0x21c/0xc10 [ 197.931738][ T8168] ? rcu_is_watching+0x12/0xc0 [ 197.931769][ T8168] ? finish_task_switch.isra.0+0x221/0xc10 [ 197.931824][ T8168] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 197.931954][ T8168] ? rcu_is_watching+0x12/0xc0 [ 197.931988][ T8168] ? trace_sched_exit_tp+0xd1/0x120 [ 197.932041][ T8168] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 197.932100][ T8168] ? __lock_acquire+0x62e/0x1ce0 [ 197.932151][ T8168] ? __pfx___schedule+0x10/0x10 [ 197.932184][ T8168] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 197.932234][ T8168] ? policy_nodemask+0xea/0x4e0 [ 197.932282][ T8168] alloc_pages_mpol+0x1fb/0x550 [ 197.932328][ T8168] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 197.932378][ T8168] ? __lock_acquire+0x62e/0x1ce0 [ 197.932428][ T8168] folio_alloc_mpol_noprof+0x36/0x2f0 [ 197.932480][ T8168] vma_alloc_folio_noprof+0xed/0x1e0 [ 197.932527][ T8168] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 197.932588][ T8168] do_pte_missing+0x2230/0x3ba0 [ 197.932624][ T8168] ? find_held_lock+0x2b/0x80 [ 197.932668][ T8168] __handle_mm_fault+0x152a/0x2a50 [ 197.932715][ T8168] ? __pfx___handle_mm_fault+0x10/0x10 [ 197.932757][ T8168] ? lock_vma_under_rcu+0x1eb/0x530 [ 197.932806][ T8168] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 197.932862][ T8168] handle_mm_fault+0x589/0xd10 [ 197.932899][ T8168] ? trace_raw_output_exceptions+0x131/0x150 [ 197.932960][ T8168] do_user_addr_fault+0x60c/0x1370 [ 197.933014][ T8168] ? rcu_is_watching+0x12/0xc0 [ 197.933055][ T8168] exc_page_fault+0x5c/0xb0 [ 197.933098][ T8168] asm_exc_page_fault+0x26/0x30 [ 197.933130][ T8168] RIP: 0033:0x7f5246c5a5ab [ 197.933156][ T8168] Code: 00 00 00 48 8d 3d 3d 3a 19 00 48 89 c1 31 c0 e8 4b 3c ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 3a 19 00 48 89 34 24 48 8b 14 24 48 8b [ 197.933187][ T8168] RSP: 002b:00007f5247cd3fb0 EFLAGS: 00010202 [ 197.933214][ T8168] RAX: 0000000000000000 RBX: 00007f5246fc5fa0 RCX: 0000000000000000 [ 197.933234][ T8168] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000100 [ 197.933255][ T8168] RBP: 00007f5246e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 197.933274][ T8168] R10: 0000200000000100 R11: 0000000000000000 R12: 0000000000000000 [ 197.933294][ T8168] R13: 00007f5246fc6038 R14: 00007f5246fc5fa0 R15: 00007ffe884ee268 [ 197.933338][ T8168] [ 198.263344][ T7908] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.287255][ T7908] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.308529][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.315913][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.334000][ T8168] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 198.355151][ T1155] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.364003][ T1155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.091217][ T8196] bonding: no command found in bonding_masters - use +ifname or -ifname [ 199.470562][ T7908] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.814141][ T7908] veth0_vlan: entered promiscuous mode [ 199.916417][ T7908] veth1_vlan: entered promiscuous mode [ 200.120501][ T7908] veth0_macvtap: entered promiscuous mode [ 200.147735][ T7908] veth1_macvtap: entered promiscuous mode [ 200.235267][ T7908] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.286142][ T7908] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.361675][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.422626][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.473810][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.519162][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.693796][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.701826][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.836186][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.866057][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.973357][ T7908] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 202.683662][ T8311] netlink: 342 bytes leftover after parsing attributes in process `syz.2.916'. [ 203.256501][ T8327] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 203.775935][ T8346] FAULT_INJECTION: forcing a failure. [ 203.775935][ T8346] name failslab, interval 1, probability 0, space 0, times 0 [ 203.882815][ T8346] CPU: 1 UID: 0 PID: 8346 Comm: syz.3.927 Tainted: G I syzkaller #0 PREEMPT(full) [ 203.882867][ T8346] Tainted: [I]=FIRMWARE_WORKAROUND [ 203.882880][ T8346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 203.882898][ T8346] Call Trace: [ 203.882908][ T8346] [ 203.882920][ T8346] dump_stack_lvl+0x16c/0x1f0 [ 203.882970][ T8346] should_fail_ex+0x512/0x640 [ 203.883016][ T8346] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 203.883054][ T8346] should_failslab+0xc2/0x120 [ 203.883098][ T8346] __kmalloc_cache_noprof+0x6a/0x3e0 [ 203.883129][ T8346] ? find_held_lock+0x2b/0x80 [ 203.883160][ T8346] ? yama_ptracer_add+0x48/0x590 [ 203.883216][ T8346] yama_ptracer_add+0x48/0x590 [ 203.883266][ T8346] yama_task_prctl+0xf4/0x1d0 [ 203.883315][ T8346] security_task_prctl+0xbf/0x160 [ 203.883374][ T8346] __do_sys_prctl+0xaa/0x20e0 [ 203.883431][ T8346] ? __pfx___do_sys_prctl+0x10/0x10 [ 203.883504][ T8346] do_syscall_64+0xcd/0x490 [ 203.883551][ T8346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.883584][ T8346] RIP: 0033:0x7f306d78ebe9 [ 203.883611][ T8346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.883643][ T8346] RSP: 002b:00007f306e5a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 203.883674][ T8346] RAX: ffffffffffffffda RBX: 00007f306d9c5fa0 RCX: 00007f306d78ebe9 [ 203.883696][ T8346] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000059616d61 [ 203.883716][ T8346] RBP: 00007f306d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 203.883737][ T8346] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 203.883757][ T8346] R13: 00007f306d9c6038 R14: 00007f306d9c5fa0 R15: 00007ffeb6e00c68 [ 203.883798][ T8346] [ 204.171897][ T51] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 204.806674][ T8369] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 205.108594][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.115974][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 209.095827][ T8439] kexec: Could not allocate control_code_buffer [ 211.338587][ T8499] syz.1.984 uses obsolete (PF_INET,SOCK_PACKET) [ 212.010814][ T8525] FAULT_INJECTION: forcing a failure. [ 212.010814][ T8525] name fail_futex, interval 1, probability 0, space 0, times 0 [ 212.025767][ T8525] CPU: 0 UID: 0 PID: 8525 Comm: syz.1.991 Tainted: G I syzkaller #0 PREEMPT(full) [ 212.025822][ T8525] Tainted: [I]=FIRMWARE_WORKAROUND [ 212.025834][ T8525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 212.025853][ T8525] Call Trace: [ 212.025864][ T8525] [ 212.025877][ T8525] dump_stack_lvl+0x16c/0x1f0 [ 212.025929][ T8525] should_fail_ex+0x512/0x640 [ 212.025984][ T8525] should_fail_futex+0x4c/0x60 [ 212.026025][ T8525] futex_lock_pi_atomic+0x101/0xd50 [ 212.026084][ T8525] futex_lock_pi+0x23f/0x7c0 [ 212.026142][ T8525] ? __pfx_futex_lock_pi+0x10/0x10 [ 212.026198][ T8525] ? __futex_wait+0x24c/0x2f0 [ 212.026280][ T8525] ? futex_private_hash_put+0x18a/0x300 [ 212.026326][ T8525] ? __pfx_futex_wake_mark+0x10/0x10 [ 212.026392][ T8525] ? ksys_write+0x190/0x250 [ 212.026437][ T8525] do_futex+0x11a/0x350 [ 212.026479][ T8525] ? __pfx_do_futex+0x10/0x10 [ 212.026532][ T8525] __x64_sys_futex+0x1e0/0x4c0 [ 212.026579][ T8525] ? fput+0x9b/0xd0 [ 212.026624][ T8525] ? __pfx___x64_sys_futex+0x10/0x10 [ 212.026688][ T8525] ? xfd_validate_state+0x61/0x180 [ 212.026737][ T8525] ? __pfx_ksys_write+0x10/0x10 [ 212.026800][ T8525] do_syscall_64+0xcd/0x490 [ 212.026853][ T8525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.026887][ T8525] RIP: 0033:0x7f5246d8ebe9 [ 212.026914][ T8525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.026946][ T8525] RSP: 002b:00007f5247cd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 212.026977][ T8525] RAX: ffffffffffffffda RBX: 00007f5246fc5fa0 RCX: 00007f5246d8ebe9 [ 212.026998][ T8525] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 212.027016][ T8525] RBP: 00007f5246e11e19 R08: 0000000000000000 R09: 000000008000fff2 [ 212.027036][ T8525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 212.027055][ T8525] R13: 00007f5246fc6038 R14: 00007f5246fc5fa0 R15: 00007ffe884ee268 [ 212.027097][ T8525] [ 212.421872][ T30] audit: type=1800 audit(1756911343.388:5): pid=8531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.993" name="dynamic_events" dev="tracefs" ino=1069 res=0 errno=0 [ 214.527848][ T8606] netlink: 'syz.3.1020': attribute type 4 has an invalid length. [ 214.552603][ T8606] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1020'. [ 216.546960][ T8666] FAULT_INJECTION: forcing a failure. [ 216.546960][ T8666] name failslab, interval 1, probability 0, space 0, times 0 [ 216.560651][ T8666] CPU: 1 UID: 0 PID: 8666 Comm: syz.0.1045 Tainted: G I syzkaller #0 PREEMPT(full) [ 216.560702][ T8666] Tainted: [I]=FIRMWARE_WORKAROUND [ 216.560715][ T8666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 216.560734][ T8666] Call Trace: [ 216.560745][ T8666] [ 216.560757][ T8666] dump_stack_lvl+0x16c/0x1f0 [ 216.560808][ T8666] should_fail_ex+0x512/0x640 [ 216.560869][ T8666] ? aa_label_asxprint+0x75/0x140 [ 216.560905][ T8666] should_failslab+0xc2/0x120 [ 216.560949][ T8666] __kmalloc_noprof+0xd2/0x510 [ 216.561000][ T8666] aa_label_asxprint+0x75/0x140 [ 216.561041][ T8666] apparmor_lsmprop_to_secctx+0xb2/0x1a0 [ 216.561092][ T8666] security_lsmprop_to_secctx+0x94/0x260 [ 216.561140][ T8666] audit_log_task_context+0x134/0x1a0 [ 216.561184][ T8666] ? __pfx_audit_log_task_context+0x10/0x10 [ 216.561230][ T8666] ? from_kuid+0x8d/0xd0 [ 216.561277][ T8666] ? __pfx_from_kuid+0x10/0x10 [ 216.561337][ T8666] integrity_audit_message+0x269/0x580 [ 216.561391][ T8666] ? take_dentry_name_snapshot+0x314/0x7d0 [ 216.561441][ T8666] ? __pfx_integrity_audit_message+0x10/0x10 [ 216.561496][ T8666] ? take_dentry_name_snapshot+0x319/0x7d0 [ 216.561551][ T8666] integrity_audit_msg+0x41/0x60 [ 216.561611][ T8666] ima_collect_measurement+0x786/0xa40 [ 216.561666][ T8666] ? __pfx_ima_collect_measurement+0x10/0x10 [ 216.561739][ T8666] ? do_raw_read_unlock+0x44/0xe0 [ 216.561802][ T8666] ? vfs_getxattr_alloc+0xec/0x340 [ 216.561868][ T8666] ? ima_get_hash_algo+0x27c/0x400 [ 216.561899][ T8666] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 216.561942][ T8666] ? process_measurement+0x11fa/0x23e0 [ 216.561975][ T8666] process_measurement+0x11fa/0x23e0 [ 216.562025][ T8666] ? __pfx_process_measurement+0x10/0x10 [ 216.562080][ T8666] ? find_held_lock+0x2b/0x80 [ 216.562150][ T8666] ? futex_private_hash_put+0x18a/0x300 [ 216.562199][ T8666] ? futex_hash_put+0x3e/0x50 [ 216.562242][ T8666] ima_file_mmap+0x1b1/0x1d0 [ 216.562275][ T8666] ? __pfx_ima_file_mmap+0x10/0x10 [ 216.562319][ T8666] security_mmap_file+0x88c/0x990 [ 216.562367][ T8666] vm_mmap_pgoff+0xec/0x470 [ 216.562420][ T8666] ? find_held_lock+0x2b/0x80 [ 216.562451][ T8666] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 216.562503][ T8666] ? __fget_files+0x20e/0x3c0 [ 216.562555][ T8666] ksys_mmap_pgoff+0x32c/0x5c0 [ 216.562600][ T8666] ? __pfx_ksys_write+0x10/0x10 [ 216.562644][ T8666] __x64_sys_mmap+0x125/0x190 [ 216.562700][ T8666] do_syscall_64+0xcd/0x490 [ 216.562749][ T8666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.562781][ T8666] RIP: 0033:0x7f1bded8ebe9 [ 216.562807][ T8666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.562846][ T8666] RSP: 002b:00007f1bdfcd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 216.562877][ T8666] RAX: ffffffffffffffda RBX: 00007f1bdefc5fa0 RCX: 00007f1bded8ebe9 [ 216.562898][ T8666] RDX: 00000000000000df RSI: 0000000000400009 RDI: 0000000000000007 [ 216.562918][ T8666] RBP: 00007f1bdee11e19 R08: 8000000000000003 R09: 0000000000008000 [ 216.562939][ T8666] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000000 [ 216.562959][ T8666] R13: 00007f1bdefc6038 R14: 00007f1bdefc5fa0 R15: 00007ffc33d3a5f8 [ 216.563003][ T8666] [ 216.932649][ T8666] audit: error in audit_log_task_context [ 216.963519][ T30] audit: type=1800 audit(1756911347.518:6): pid=8666 uid=0 auid=4294967295 ses=4294967295 op=collect_data cause=failed(directio) comm="syz.0.1045" name="file0" dev="tmpfs" ino=129 res=0 errno=0 [ 217.379500][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 217.434962][ T8683] FAULT_INJECTION: forcing a failure. [ 217.434962][ T8683] name failslab, interval 1, probability 0, space 0, times 0 [ 217.449759][ T8683] CPU: 1 UID: 0 PID: 8683 Comm: syz.0.1055 Tainted: G I syzkaller #0 PREEMPT(full) [ 217.449814][ T8683] Tainted: [I]=FIRMWARE_WORKAROUND [ 217.449826][ T8683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 217.449845][ T8683] Call Trace: [ 217.449856][ T8683] [ 217.449868][ T8683] dump_stack_lvl+0x16c/0x1f0 [ 217.449918][ T8683] should_fail_ex+0x512/0x640 [ 217.449964][ T8683] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 217.450003][ T8683] should_failslab+0xc2/0x120 [ 217.450047][ T8683] __kmalloc_cache_noprof+0x6a/0x3e0 [ 217.450082][ T8683] ? __wake_up+0x3f/0x60 [ 217.450116][ T8683] ? snd_pcm_common_ioctl+0x1f9c/0x3b80 [ 217.450164][ T8683] snd_pcm_common_ioctl+0x1f9c/0x3b80 [ 217.450209][ T8683] ? do_vfs_ioctl+0x128/0x14f0 [ 217.450262][ T8683] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 217.450318][ T8683] ? __pfx_snd_pcm_common_ioctl+0x10/0x10 [ 217.450370][ T8683] ? find_held_lock+0x2b/0x80 [ 217.450403][ T8683] ? hook_file_ioctl_common+0x145/0x410 [ 217.450458][ T8683] ? __fget_files+0x20e/0x3c0 [ 217.450501][ T8683] snd_pcm_ioctl+0x7e/0xb0 [ 217.450557][ T8683] ? __pfx_snd_pcm_ioctl+0x10/0x10 [ 217.450599][ T8683] __x64_sys_ioctl+0x18b/0x210 [ 217.450656][ T8683] do_syscall_64+0xcd/0x490 [ 217.450706][ T8683] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.450740][ T8683] RIP: 0033:0x7f1bded8ebe9 [ 217.450765][ T8683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.450796][ T8683] RSP: 002b:00007f1bdfcd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.450826][ T8683] RAX: ffffffffffffffda RBX: 00007f1bdefc5fa0 RCX: 00007f1bded8ebe9 [ 217.450847][ T8683] RDX: 0000000000000000 RSI: 00000000c1004110 RDI: 0000000000000003 [ 217.450867][ T8683] RBP: 00007f1bdee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 217.450887][ T8683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.450906][ T8683] R13: 00007f1bdefc6038 R14: 00007f1bdefc5fa0 R15: 00007ffc33d3a5f8 [ 217.450949][ T8683] [ 217.738806][ T8687] FAULT_INJECTION: forcing a failure. [ 217.738806][ T8687] name failslab, interval 1, probability 0, space 0, times 0 [ 217.756573][ T8687] CPU: 1 UID: 0 PID: 8687 Comm: syz.2.1054 Tainted: G I syzkaller #0 PREEMPT(full) [ 217.756624][ T8687] Tainted: [I]=FIRMWARE_WORKAROUND [ 217.756635][ T8687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 217.756654][ T8687] Call Trace: [ 217.756664][ T8687] [ 217.756676][ T8687] dump_stack_lvl+0x16c/0x1f0 [ 217.756728][ T8687] should_fail_ex+0x512/0x640 [ 217.756779][ T8687] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 217.756815][ T8687] should_failslab+0xc2/0x120 [ 217.756853][ T8687] __kmalloc_cache_noprof+0x6a/0x3e0 [ 217.756884][ T8687] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 217.756918][ T8687] ? kasan_save_track+0x14/0x30 [ 217.756961][ T8687] snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 217.757006][ T8687] ? __mutex_lock+0x1c5/0x1060 [ 217.757058][ T8687] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 217.757095][ T8687] ? __pfx___mutex_lock+0x10/0x10 [ 217.757151][ T8687] ? __fsnotify_parent+0x24b/0xc40 [ 217.757199][ T8687] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 217.757234][ T8687] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 217.757267][ T8687] snd_pcm_oss_sync+0x1de/0x840 [ 217.757305][ T8687] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 217.757338][ T8687] snd_pcm_oss_release+0x28b/0x310 [ 217.757374][ T8687] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 217.757406][ T8687] __fput+0x3ff/0xb70 [ 217.757464][ T8687] task_work_run+0x14d/0x240 [ 217.757518][ T8687] ? __pfx_task_work_run+0x10/0x10 [ 217.757571][ T8687] ? __pfx___do_sys_close_range+0x10/0x10 [ 217.757619][ T8687] exit_to_user_mode_loop+0xeb/0x110 [ 217.757671][ T8687] do_syscall_64+0x3f6/0x490 [ 217.757717][ T8687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.757750][ T8687] RIP: 0033:0x7f35fc58ebe9 [ 217.757785][ T8687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.757816][ T8687] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 217.757847][ T8687] RAX: 0000000000000000 RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 217.757867][ T8687] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 [ 217.757886][ T8687] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 217.757905][ T8687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.757924][ T8687] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 217.757966][ T8687] [ 219.012526][ T8724] process 'syz.1.1072' launched '/dev/fd/4' with NULL argv: empty string added [ 219.654110][ T8741] nbd: socks must be embedded in a SOCK_ITEM attr [ 219.676482][ T8741] block nbd0: shutting down sockets [ 220.097544][ T8755] sctp: [Deprecated]: syz.3.1084 (pid 8755) Use of int in maxseg socket option. [ 220.097544][ T8755] Use struct sctp_assoc_value instead [ 220.507769][ T30] audit: type=1804 audit(1756911351.468:7): pid=8770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1090" name="/newroot/305/file0" dev="tmpfs" ino=1560 res=1 errno=0 [ 220.628164][ T30] audit: type=1804 audit(1756911351.588:8): pid=8768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1090" name="/newroot/305/file0" dev="tmpfs" ino=1560 res=1 errno=0 [ 222.363733][ T8812] zswap: compressor 000 not available [ 223.907084][ T1342] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.964139][ T8877] nbd: socks must be embedded in a SOCK_ITEM attr [ 223.977399][ T8877] block nbd0: shutting down sockets [ 224.186667][ T8884] netlink: 139 bytes leftover after parsing attributes in process `syz.0.1126'. [ 224.429693][ T8889] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1131'. [ 225.154409][ T8899] ima: policy update failed [ 225.182766][ T30] audit: type=1802 audit(1756911356.148:9): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1133" res=0 errno=0 [ 226.442822][ T8926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1143'. [ 227.298242][ T8954] zswap: compressor 000 not available [ 227.303212][ T8959] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 227.665231][ T5873] Bluetooth: hci1: command 0x0406 tx timeout [ 227.665333][ T5873] Bluetooth: hci2: command 0x0406 tx timeout [ 229.120375][ T9003] FAULT_INJECTION: forcing a failure. [ 229.120375][ T9003] name failslab, interval 1, probability 0, space 0, times 0 [ 229.162580][ T9003] CPU: 1 UID: 0 PID: 9003 Comm: syz.2.1176 Tainted: G I syzkaller #0 PREEMPT(full) [ 229.162637][ T9003] Tainted: [I]=FIRMWARE_WORKAROUND [ 229.162650][ T9003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 229.162670][ T9003] Call Trace: [ 229.162682][ T9003] [ 229.162694][ T9003] dump_stack_lvl+0x16c/0x1f0 [ 229.162749][ T9003] should_fail_ex+0x512/0x640 [ 229.162798][ T9003] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 229.162843][ T9003] should_failslab+0xc2/0x120 [ 229.162899][ T9003] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 229.162940][ T9003] ? security_file_alloc+0x34/0x2b0 [ 229.163004][ T9003] security_file_alloc+0x34/0x2b0 [ 229.163051][ T9003] init_file+0x93/0x4c0 [ 229.163101][ T9003] alloc_empty_file+0x73/0x1e0 [ 229.163153][ T9003] alloc_file_pseudo+0x13a/0x230 [ 229.163206][ T9003] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 229.163257][ T9003] ? security_inode_init_security_anon+0x79/0x240 [ 229.163305][ T9003] secretmem_file_create.constprop.0+0x89/0x290 [ 229.163352][ T9003] __x64_sys_memfd_secret+0xc1/0x150 [ 229.163397][ T9003] do_syscall_64+0xcd/0x490 [ 229.163447][ T9003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.163480][ T9003] RIP: 0033:0x7f35fc58ebe9 [ 229.163507][ T9003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.163539][ T9003] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 229.163575][ T9003] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 229.163596][ T9003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 229.163614][ T9003] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 229.163633][ T9003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.163651][ T9003] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 229.163693][ T9003] [ 229.622283][ T30] audit: type=1804 audit(1756911360.548:10): pid=9007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1179" name="/newroot/281/file0" dev="tmpfs" ino=1437 res=1 errno=0 [ 229.761815][ T30] audit: type=1804 audit(1756911360.588:11): pid=9007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1179" name="/newroot/281/file0" dev="tmpfs" ino=1437 res=1 errno=0 [ 230.015345][ T9016] FAULT_INJECTION: forcing a failure. [ 230.015345][ T9016] name failslab, interval 1, probability 0, space 0, times 0 [ 230.052728][ T9016] CPU: 0 UID: 0 PID: 9016 Comm: syz.0.1182 Tainted: G I syzkaller #0 PREEMPT(full) [ 230.052779][ T9016] Tainted: [I]=FIRMWARE_WORKAROUND [ 230.052791][ T9016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 230.052809][ T9016] Call Trace: [ 230.052820][ T9016] [ 230.052833][ T9016] dump_stack_lvl+0x16c/0x1f0 [ 230.052883][ T9016] should_fail_ex+0x512/0x640 [ 230.052930][ T9016] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 230.052970][ T9016] should_failslab+0xc2/0x120 [ 230.053015][ T9016] __kmalloc_cache_noprof+0x6a/0x3e0 [ 230.053051][ T9016] ? __do_sys_memfd_create+0x17b/0x8a0 [ 230.053110][ T9016] __do_sys_memfd_create+0x17b/0x8a0 [ 230.053169][ T9016] do_syscall_64+0xcd/0x490 [ 230.053218][ T9016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.053251][ T9016] RIP: 0033:0x7f1bded8ebe9 [ 230.053277][ T9016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.053309][ T9016] RSP: 002b:00007f1bdfcd8038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 230.053339][ T9016] RAX: ffffffffffffffda RBX: 00007f1bdefc5fa0 RCX: 00007f1bded8ebe9 [ 230.053361][ T9016] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 230.053381][ T9016] RBP: 00007f1bdee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 230.053401][ T9016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.053420][ T9016] R13: 00007f1bdefc6038 R14: 00007f1bdefc5fa0 R15: 00007ffc33d3a5f8 [ 230.053462][ T9016] [ 231.634073][ T9059] netlink: 'syz.1.1201': attribute type 1 has an invalid length. [ 233.697728][ T1155] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.849686][ T1155] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.001590][ T1155] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.078587][ T9116] bridge0: port 3(bond0) entered blocking state [ 234.086377][ T9116] bridge0: port 3(bond0) entered disabled state [ 234.097162][ T9116] bond0: entered allmulticast mode [ 234.112575][ T9116] bond_slave_0: entered allmulticast mode [ 234.118420][ T9116] bond_slave_1: entered allmulticast mode [ 234.151030][ T9116] bond0: entered promiscuous mode [ 234.169051][ T9116] bond_slave_0: entered promiscuous mode [ 234.192946][ T9116] bond_slave_1: entered promiscuous mode [ 234.206040][ T9116] bridge0: port 3(bond0) entered blocking state [ 234.212984][ T9116] bridge0: port 3(bond0) entered forwarding state [ 234.370319][ T1155] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.872887][ T1155] bridge_slave_1: left allmulticast mode [ 234.892730][ T1155] bridge_slave_1: left promiscuous mode [ 234.898953][ T1155] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.963382][ T5868] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 234.974494][ T5868] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 234.984033][ T5868] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 234.996399][ T5868] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 235.012015][ T5868] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 235.019958][ T1155] bridge_slave_0: left allmulticast mode [ 235.079060][ T1155] bridge_slave_0: left promiscuous mode [ 235.122326][ T1155] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.380585][ T9148] netlink: 130 bytes leftover after parsing attributes in process `syz.0.1232'. [ 236.227615][ T9173] capability: warning: `syz.3.1240' uses 32-bit capabilities (legacy support in use) [ 236.584320][ T1155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 236.617685][ T1155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 236.640589][ T1155] bond0 (unregistering): Released all slaves [ 237.103016][ T51] Bluetooth: hci4: command tx timeout [ 237.641291][ T1155] hsr_slave_0: left promiscuous mode [ 237.667467][ T1155] hsr_slave_1: left promiscuous mode [ 237.684576][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 237.714321][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 237.760857][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 237.780249][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 237.791592][ T9196] zswap: compressor not available [ 237.846131][ T1155] veth1_macvtap: left promiscuous mode [ 237.852113][ T1155] veth0_macvtap: left promiscuous mode [ 237.859477][ T1155] veth1_vlan: left promiscuous mode [ 237.880014][ T1155] veth0_vlan: left promiscuous mode [ 238.798043][ T9231] program syz.2.1255 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 238.936438][ T1155] team0 (unregistering): Port device team_slave_1 removed [ 238.995180][ T1155] team0 (unregistering): Port device team_slave_0 removed [ 239.192726][ T51] Bluetooth: hci4: command tx timeout [ 239.984152][ T9248] nbd: socks must be embedded in a SOCK_ITEM attr [ 239.999193][ T9248] block nbd0: shutting down sockets [ 240.132371][ T9135] chnl_net:caif_netlink_parms(): no params data found [ 240.554353][ T9135] bridge0: port 1(bridge_slave_0) entered blocking state [ 240.561660][ T9135] bridge0: port 1(bridge_slave_0) entered disabled state [ 240.582721][ T9135] bridge_slave_0: entered allmulticast mode [ 240.603051][ T9135] bridge_slave_0: entered promiscuous mode [ 240.624346][ T9135] bridge0: port 2(bridge_slave_1) entered blocking state [ 240.631735][ T9135] bridge0: port 2(bridge_slave_1) entered disabled state [ 240.639964][ T9135] bridge_slave_1: entered allmulticast mode [ 240.648639][ T9135] bridge_slave_1: entered promiscuous mode [ 240.777355][ T9135] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 240.807547][ T9135] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 240.976266][ T1155] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.262678][ T51] Bluetooth: hci4: command tx timeout [ 241.465749][ T1155] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.528246][ T9135] team0: Port device team_slave_0 added [ 241.573989][ T9135] team0: Port device team_slave_1 added [ 241.586908][ T5868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 241.597755][ T5868] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 241.612569][ T5868] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 241.622095][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 241.633169][ T5868] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 241.690865][ T1155] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.865708][ T9135] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 241.876083][ T9135] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 241.905794][ T9135] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 241.960051][ T1155] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.988667][ T9135] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 241.997496][ T9135] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.026327][ T9135] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 242.266205][ T9135] hsr_slave_0: entered promiscuous mode [ 242.286065][ T9135] hsr_slave_1: entered promiscuous mode [ 242.298590][ T9135] debugfs: 'hsr0' already exists in 'hsr' [ 242.305763][ T9135] Cannot create hsr debugfs directory [ 242.719304][ T1155] bond0: left allmulticast mode [ 242.724579][ T1155] bond_slave_0: left allmulticast mode [ 242.730272][ T1155] bond_slave_1: left allmulticast mode [ 242.745096][ T1155] bond0: left promiscuous mode [ 242.772599][ T1155] bond_slave_0: left promiscuous mode [ 242.778390][ T1155] bond_slave_1: left promiscuous mode [ 242.793328][ T1155] bridge0: port 3(bond0) entered disabled state [ 242.833822][ T1155] bridge_slave_1: left allmulticast mode [ 242.839799][ T1155] bridge_slave_1: left promiscuous mode [ 242.852817][ T1155] bridge0: port 2(bridge_slave_1) entered disabled state [ 242.876065][ T1155] bridge_slave_0: left allmulticast mode [ 242.885210][ T1155] bridge_slave_0: left promiscuous mode [ 242.891505][ T1155] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.342896][ T51] Bluetooth: hci4: command tx timeout [ 243.741138][ T1155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 243.750032][ T51] Bluetooth: hci3: command tx timeout [ 243.759118][ T1155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 243.771783][ T1155] bond0 (unregistering): Released all slaves [ 244.346830][ T9280] chnl_net:caif_netlink_parms(): no params data found [ 244.421608][ T1155] hsr_slave_0: left promiscuous mode [ 244.464239][ T1155] hsr_slave_1: left promiscuous mode [ 244.481038][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 244.499237][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 244.518025][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 244.529871][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 244.553407][ T9346] __vm_enough_memory: pid: 9346, comm: syz.2.1287, bytes: 4398046511104 not enough memory for the allocation [ 244.590067][ T1155] veth1_macvtap: left promiscuous mode [ 244.596272][ T1155] veth0_macvtap: left promiscuous mode [ 244.603094][ T1155] veth1_vlan: left promiscuous mode [ 244.613266][ T1155] veth0_vlan: left promiscuous mode [ 245.719350][ T9367] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1291'. [ 245.789914][ T1155] team0 (unregistering): Port device team_slave_1 removed [ 245.822589][ T51] Bluetooth: hci3: command tx timeout [ 245.851594][ T1155] team0 (unregistering): Port device team_slave_0 removed [ 246.726525][ T9135] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 246.756888][ T9280] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.764898][ T9280] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.784444][ T9280] bridge_slave_0: entered allmulticast mode [ 246.802367][ T9280] bridge_slave_0: entered promiscuous mode [ 246.812508][ T9135] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 246.826525][ T9135] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 246.847928][ T9135] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 246.880948][ T9280] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.890966][ T9280] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.901936][ T9280] bridge_slave_1: entered allmulticast mode [ 246.911590][ T9280] bridge_slave_1: entered promiscuous mode [ 247.032396][ T9280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 247.074475][ T9280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 247.230639][ T9280] team0: Port device team_slave_0 added [ 247.251871][ T9280] team0: Port device team_slave_1 added [ 247.412577][ T9280] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 247.456062][ T9280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.553927][ T9280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 247.632209][ T9280] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 247.677007][ T9280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.753824][ T9280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 247.892825][ T51] Bluetooth: hci3: command tx timeout [ 248.063744][ T9280] hsr_slave_0: entered promiscuous mode [ 248.072468][ T9280] hsr_slave_1: entered promiscuous mode [ 248.411806][ T9135] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.582770][ T9135] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.738206][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.745626][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 248.812842][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.820249][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.217999][ T9280] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 249.259824][ T9280] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 249.324305][ T9280] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 249.380577][ T9280] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 249.800751][ T9280] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.877423][ T9280] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.914690][ T9135] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 249.970601][ T51] Bluetooth: hci3: command tx timeout [ 249.985609][ T1000] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.994169][ T1000] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.018843][ T1000] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.026612][ T1000] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.989673][ T9135] veth0_vlan: entered promiscuous mode [ 251.048209][ T9280] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 251.109521][ T9135] veth1_vlan: entered promiscuous mode [ 251.197516][ T9509] kAFS: bad VL server IP address [ 251.253366][ T9135] veth0_macvtap: entered promiscuous mode [ 251.280758][ T9135] veth1_macvtap: entered promiscuous mode [ 251.341133][ T9135] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 251.389262][ T9135] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 251.431050][ T1165] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.465494][ T1165] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.491545][ T1165] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.530282][ T1165] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.822004][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 251.830182][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 251.974292][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 252.000715][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 252.166592][ T9533] netlink: 19 bytes leftover after parsing attributes in process `syz.2.1330'. [ 252.416681][ T9280] veth0_vlan: entered promiscuous mode [ 252.474264][ T9280] veth1_vlan: entered promiscuous mode [ 252.596122][ T9280] veth0_macvtap: entered promiscuous mode [ 252.628659][ T9280] veth1_macvtap: entered promiscuous mode [ 252.744748][ T9280] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 252.775975][ T9280] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 252.833817][ T1155] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.885216][ T1155] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.915246][ T1155] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.949457][ T1155] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.222585][ T1165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 253.263135][ T1165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.341246][ T9556] netlink: 'syz.2.1336': attribute type 1 has an invalid length. [ 253.380268][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 253.414198][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.842463][ T9571] ACPI: Enabling force_remove is not supported anymore. Please report to linux-acpi@vger.kernel.org if you depend on this functionality [ 253.925957][ T30] audit: type=1804 audit(1756913432.943:12): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1265" name="/newroot/0/file0" dev="tmpfs" ino=18 res=1 errno=0 [ 253.941759][ T30] audit: type=1804 audit(1756913432.953:13): pid=9574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1265" name="/newroot/0/file0" dev="tmpfs" ino=18 res=1 errno=0 [ 253.973384][ T30] audit: type=1800 audit(1756913432.993:14): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1265" name="file0" dev="tmpfs" ino=18 res=0 errno=0 [ 255.238585][ T9608] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1352'. [ 257.863848][ T9673] __vm_enough_memory: pid: 9673, comm: syz.3.1373, bytes: 4398046511104 not enough memory for the allocation [ 258.539642][ T9691] FAULT_INJECTION: forcing a failure. [ 258.539642][ T9691] name failslab, interval 1, probability 0, space 0, times 0 [ 258.579273][ T9691] CPU: 1 UID: 0 PID: 9691 Comm: syz.2.1379 Tainted: G I syzkaller #0 PREEMPT(full) [ 258.579326][ T9691] Tainted: [I]=FIRMWARE_WORKAROUND [ 258.579339][ T9691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 258.579372][ T9691] Call Trace: [ 258.579384][ T9691] [ 258.579397][ T9691] dump_stack_lvl+0x16c/0x1f0 [ 258.579449][ T9691] should_fail_ex+0x512/0x640 [ 258.579495][ T9691] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 258.579540][ T9691] should_failslab+0xc2/0x120 [ 258.579583][ T9691] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 258.579622][ T9691] ? __pfx_do_futex+0x10/0x10 [ 258.579663][ T9691] ? copy_fs_struct+0x49/0x340 [ 258.579719][ T9691] copy_fs_struct+0x49/0x340 [ 258.579772][ T9691] ksys_unshare+0x356/0xa40 [ 258.579817][ T9691] ? __pfx_ksys_unshare+0x10/0x10 [ 258.579872][ T9691] ? xfd_validate_state+0x61/0x180 [ 258.579942][ T9691] __x64_sys_unshare+0x31/0x40 [ 258.579988][ T9691] do_syscall_64+0xcd/0x490 [ 258.580040][ T9691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.580073][ T9691] RIP: 0033:0x7f35fc58ebe9 [ 258.580099][ T9691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.580130][ T9691] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 258.580161][ T9691] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 258.580182][ T9691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 258.580202][ T9691] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 258.580226][ T9691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 258.580246][ T9691] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 258.580293][ T9691] [ 258.772352][ C1] vkms_vblank_simulate: vblank timer overrun [ 261.376430][ T9767] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 261.865830][ T9782] FAULT_INJECTION: forcing a failure. [ 261.865830][ T9782] name failslab, interval 1, probability 0, space 0, times 0 [ 261.903164][ T9782] CPU: 1 UID: 0 PID: 9782 Comm: syz.5.1409 Tainted: G I syzkaller #0 PREEMPT(full) [ 261.903219][ T9782] Tainted: [I]=FIRMWARE_WORKAROUND [ 261.903232][ T9782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 261.903252][ T9782] Call Trace: [ 261.903263][ T9782] [ 261.903276][ T9782] dump_stack_lvl+0x16c/0x1f0 [ 261.903328][ T9782] should_fail_ex+0x512/0x640 [ 261.903373][ T9782] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 261.903412][ T9782] should_failslab+0xc2/0x120 [ 261.903456][ T9782] __kmalloc_cache_noprof+0x6a/0x3e0 [ 261.903491][ T9782] ? copy_ipcs+0x19f/0x610 [ 261.903534][ T9782] copy_ipcs+0x19f/0x610 [ 261.903568][ T9782] ? copy_utsname+0xab/0x470 [ 261.903618][ T9782] create_new_namespaces+0x20a/0xa90 [ 261.903656][ T9782] ? security_capable+0x7e/0x260 [ 261.903702][ T9782] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 261.903746][ T9782] ksys_unshare+0x45b/0xa40 [ 261.903792][ T9782] ? __pfx_ksys_unshare+0x10/0x10 [ 261.903838][ T9782] ? xfd_validate_state+0x61/0x180 [ 261.903897][ T9782] __x64_sys_unshare+0x31/0x40 [ 261.903942][ T9782] do_syscall_64+0xcd/0x490 [ 261.903990][ T9782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.904023][ T9782] RIP: 0033:0x7fe29918ebe9 [ 261.904055][ T9782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.904087][ T9782] RSP: 002b:00007fe299f46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 261.904119][ T9782] RAX: ffffffffffffffda RBX: 00007fe2993c5fa0 RCX: 00007fe29918ebe9 [ 261.904140][ T9782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 261.904158][ T9782] RBP: 00007fe299211e19 R08: 0000000000000000 R09: 0000000000000000 [ 261.904177][ T9782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.904196][ T9782] R13: 00007fe2993c6038 R14: 00007fe2993c5fa0 R15: 00007ffe1a5fb118 [ 261.904237][ T9782] [ 262.903156][ T9802] netlink: 'syz.5.1416': attribute type 9 has an invalid length. [ 262.919492][ T9802] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1416'. [ 264.070284][ T9834] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 265.601551][ T9876] Device name cannot be null; rc = [-22] [ 266.443224][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.451657][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.488802][ T9914] FAULT_INJECTION: forcing a failure. [ 266.488802][ T9914] name failslab, interval 1, probability 0, space 0, times 0 [ 266.579884][ T9914] CPU: 1 UID: 0 PID: 9914 Comm: syz.4.1452 Tainted: G I syzkaller #0 PREEMPT(full) [ 266.579937][ T9914] Tainted: [I]=FIRMWARE_WORKAROUND [ 266.579950][ T9914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 266.579969][ T9914] Call Trace: [ 266.579980][ T9914] [ 266.579992][ T9914] dump_stack_lvl+0x16c/0x1f0 [ 266.580043][ T9914] should_fail_ex+0x512/0x640 [ 266.580099][ T9914] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 266.580145][ T9914] should_failslab+0xc2/0x120 [ 266.580190][ T9914] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 266.580227][ T9914] ? __pfx___might_resched+0x10/0x10 [ 266.580262][ T9914] ? __anon_vma_prepare+0xae/0x5e0 [ 266.580314][ T9914] __anon_vma_prepare+0xae/0x5e0 [ 266.580349][ T9914] ? __filemap_get_folio+0x32b/0xc30 [ 266.580399][ T9914] __vmf_anon_prepare+0x11c/0x240 [ 266.580452][ T9914] hugetlb_fault+0x1ba4/0x2f40 [ 266.580492][ T9914] ? __pfx_hugetlb_fault+0x10/0x10 [ 266.580547][ T9914] ? find_vma+0xbf/0x140 [ 266.580590][ T9914] ? __pfx_find_vma+0x10/0x10 [ 266.580637][ T9914] handle_mm_fault+0xbfa/0xd10 [ 266.580671][ T9914] ? trace_raw_output_exceptions+0x131/0x150 [ 266.580727][ T9914] do_user_addr_fault+0x7a6/0x1370 [ 266.580794][ T9914] ? rcu_is_watching+0x12/0xc0 [ 266.580833][ T9914] exc_page_fault+0x5c/0xb0 [ 266.580878][ T9914] asm_exc_page_fault+0x26/0x30 [ 266.580909][ T9914] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 266.580944][ T9914] Code: e9 54 1f 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f [ 266.580974][ T9914] RSP: 0018:ffffc90003157db0 EFLAGS: 00050202 [ 266.581000][ T9914] RAX: 000000000000002f RBX: 0000000000000004 RCX: 0000000000000004 [ 266.581017][ T9914] RDX: ffffed100683a200 RSI: ffff8880341d0ffc RDI: 0000000000000000 [ 266.581036][ T9914] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100683a1ff [ 266.581055][ T9914] R10: ffff8880341d0fff R11: 0000000000000000 R12: ffff8880341d0ffc [ 266.581073][ T9914] R13: 0000000000000004 R14: 00007ffffffff000 R15: 0000000000000000 [ 266.581113][ T9914] _copy_to_user+0xbb/0xd0 [ 266.581147][ T9914] __do_sys_getcwd+0x483/0x930 [ 266.581208][ T9914] ? __pfx___do_sys_getcwd+0x10/0x10 [ 266.581260][ T9914] ? xfd_validate_state+0x61/0x180 [ 266.581316][ T9914] ? __pfx_ksys_write+0x10/0x10 [ 266.581373][ T9914] do_syscall_64+0xcd/0x490 [ 266.581422][ T9914] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.581454][ T9914] RIP: 0033:0x7f00fed8ebe9 [ 266.581480][ T9914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.581510][ T9914] RSP: 002b:00007f00ffb2d038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 266.581540][ T9914] RAX: ffffffffffffffda RBX: 00007f00fefc5fa0 RCX: 00007f00fed8ebe9 [ 266.581562][ T9914] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 266.581581][ T9914] RBP: 00007f00fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 266.581600][ T9914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 266.581619][ T9914] R13: 00007f00fefc6038 R14: 00007f00fefc5fa0 R15: 00007ffca2890f68 [ 266.581660][ T9914] [ 268.686967][ T9981] syz.5.1474 (9981): /proc/9979/oom_adj is deprecated, please use /proc/9979/oom_score_adj instead. [ 269.184548][ T9995] usb usb36: usbfs: process 9995 (syz.5.1479) did not claim interface 0 before use [ 270.344137][T10029] FAULT_INJECTION: forcing a failure. [ 270.344137][T10029] name failslab, interval 1, probability 0, space 0, times 0 [ 270.415640][T10029] CPU: 0 UID: 0 PID: 10029 Comm: syz.4.1489 Tainted: G I syzkaller #0 PREEMPT(full) [ 270.415697][T10029] Tainted: [I]=FIRMWARE_WORKAROUND [ 270.415710][T10029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 270.415729][T10029] Call Trace: [ 270.415740][T10029] [ 270.415753][T10029] dump_stack_lvl+0x16c/0x1f0 [ 270.415806][T10029] should_fail_ex+0x512/0x640 [ 270.415854][T10029] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 270.415910][T10029] should_failslab+0xc2/0x120 [ 270.415957][T10029] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 270.416000][T10029] ? alloc_inode+0xc3/0x240 [ 270.416068][T10029] alloc_inode+0xc3/0x240 [ 270.416118][T10029] path_from_stashed+0x25b/0x750 [ 270.416170][T10029] ns_ioctl+0xb8c/0xe50 [ 270.416207][T10029] ? __pfx_ns_ioctl+0x10/0x10 [ 270.416242][T10029] ? __fget_files+0x20e/0x3c0 [ 270.416285][T10029] ? __pfx_ns_ioctl+0x10/0x10 [ 270.416322][T10029] __x64_sys_ioctl+0x18b/0x210 [ 270.416378][T10029] do_syscall_64+0xcd/0x490 [ 270.416435][T10029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.416469][T10029] RIP: 0033:0x7f00fed8ebe9 [ 270.416496][T10029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.416528][T10029] RSP: 002b:00007f00ffb2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 270.416569][T10029] RAX: ffffffffffffffda RBX: 00007f00fefc5fa0 RCX: 00007f00fed8ebe9 [ 270.416591][T10029] RDX: 0000000000000003 RSI: 000000004020940c RDI: 0000000000000003 [ 270.416612][T10029] RBP: 00007f00fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 270.416633][T10029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.416653][T10029] R13: 00007f00fefc6038 R14: 00007f00fefc5fa0 R15: 00007ffca2890f68 [ 270.416695][T10029] [ 270.622362][T10031] Device name cannot be null; rc = [-22] [ 272.005613][T10078] CIFS: VFS: Unsupported security flags: 0x20 [ 273.097490][T10111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1517'. [ 273.758375][T10135] netlink: 206 bytes leftover after parsing attributes in process `syz.4.1524'. [ 274.044074][T10147] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 278.801680][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 279.011665][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 279.143026][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 279.161227][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 279.171091][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 279.224402][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 281.961718][T10394] FAULT_INJECTION: forcing a failure. [ 281.961718][T10394] name failslab, interval 1, probability 0, space 0, times 0 [ 282.012454][T10394] CPU: 0 UID: 0 PID: 10394 Comm: syz.3.1603 Tainted: G I syzkaller #0 PREEMPT(full) [ 282.012514][T10394] Tainted: [I]=FIRMWARE_WORKAROUND [ 282.012528][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 282.012553][T10394] Call Trace: [ 282.012565][T10394] [ 282.012577][T10394] dump_stack_lvl+0x16c/0x1f0 [ 282.012630][T10394] should_fail_ex+0x512/0x640 [ 282.012688][T10394] ? __kmalloc_noprof+0xbf/0x510 [ 282.012730][T10394] ? sk_prot_alloc+0x1a8/0x2a0 [ 282.012756][T10394] should_failslab+0xc2/0x120 [ 282.012802][T10394] __kmalloc_noprof+0xd2/0x510 [ 282.012858][T10394] sk_prot_alloc+0x1a8/0x2a0 [ 282.012892][T10394] sk_alloc+0x36/0xc20 [ 282.013063][T10394] __netlink_create+0x5e/0x2c0 [ 282.013101][T10394] ? __wake_up+0x3f/0x60 [ 282.013149][T10394] netlink_create+0x39e/0x620 [ 282.013193][T10394] ? __pfx_genl_bind+0x10/0x10 [ 282.013240][T10394] ? __pfx_genl_unbind+0x10/0x10 [ 282.013286][T10394] ? __pfx_genl_release+0x10/0x10 [ 282.013341][T10394] __sock_create+0x338/0x8d0 [ 282.013384][T10394] __sys_socket+0x14d/0x260 [ 282.013417][T10394] ? __pfx___sys_socket+0x10/0x10 [ 282.013452][T10394] ? xfd_validate_state+0x61/0x180 [ 282.013505][T10394] ? __pfx_do_pwritev+0x10/0x10 [ 282.013552][T10394] __x64_sys_socket+0x72/0xb0 [ 282.013584][T10394] ? lockdep_hardirqs_on+0x7c/0x110 [ 282.013629][T10394] do_syscall_64+0xcd/0x490 [ 282.013679][T10394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.013712][T10394] RIP: 0033:0x7f306d78ebe9 [ 282.013740][T10394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.013773][T10394] RSP: 002b:00007f306e5a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 282.013806][T10394] RAX: ffffffffffffffda RBX: 00007f306d9c5fa0 RCX: 00007f306d78ebe9 [ 282.013829][T10394] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 282.013849][T10394] RBP: 00007f306d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 282.013870][T10394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.013890][T10394] R13: 00007f306d9c6038 R14: 00007f306d9c5fa0 R15: 00007ffeb6e00c68 [ 282.013941][T10394] [ 282.253643][T10398] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1607'. [ 282.627853][T10405] FAULT_INJECTION: forcing a failure. [ 282.627853][T10405] name failslab, interval 1, probability 0, space 0, times 0 [ 282.661299][T10405] CPU: 0 UID: 0 PID: 10405 Comm: syz.3.1610 Tainted: G I syzkaller #0 PREEMPT(full) [ 282.661364][T10405] Tainted: [I]=FIRMWARE_WORKAROUND [ 282.661377][T10405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 282.661396][T10405] Call Trace: [ 282.661408][T10405] [ 282.661420][T10405] dump_stack_lvl+0x16c/0x1f0 [ 282.661472][T10405] should_fail_ex+0x512/0x640 [ 282.661518][T10405] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 282.661564][T10405] should_failslab+0xc2/0x120 [ 282.661609][T10405] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 282.661647][T10405] ? __pfx_map_id_range_down+0x10/0x10 [ 282.661696][T10405] ? __x64_sys_futex+0x1e0/0x4c0 [ 282.661735][T10405] ? __x64_sys_futex+0x1e9/0x4c0 [ 282.661773][T10405] ? prepare_creds+0x2c/0x7d0 [ 282.661841][T10405] prepare_creds+0x2c/0x7d0 [ 282.661891][T10405] __sys_setreuid+0x101/0xaf0 [ 282.661927][T10405] ? rcu_is_watching+0x12/0xc0 [ 282.661963][T10405] do_syscall_64+0xcd/0x490 [ 282.662013][T10405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.662045][T10405] RIP: 0033:0x7f306d78ebe9 [ 282.662070][T10405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.662102][T10405] RSP: 002b:00007f306e5a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 282.662131][T10405] RAX: ffffffffffffffda RBX: 00007f306d9c5fa0 RCX: 00007f306d78ebe9 [ 282.662152][T10405] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 [ 282.662170][T10405] RBP: 00007f306d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 282.662200][T10405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.662220][T10405] R13: 00007f306d9c6038 R14: 00007f306d9c5fa0 R15: 00007ffeb6e00c68 [ 282.662260][T10405] [ 283.508724][T10427] FAULT_INJECTION: forcing a failure. [ 283.508724][T10427] name failslab, interval 1, probability 0, space 0, times 0 [ 283.521971][T10427] CPU: 0 UID: 0 PID: 10427 Comm: syz.2.1616 Tainted: G I syzkaller #0 PREEMPT(full) [ 283.522027][T10427] Tainted: [I]=FIRMWARE_WORKAROUND [ 283.522039][T10427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 283.522058][T10427] Call Trace: [ 283.522070][T10427] [ 283.522083][T10427] dump_stack_lvl+0x16c/0x1f0 [ 283.522134][T10427] should_fail_ex+0x512/0x640 [ 283.522182][T10427] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.522227][T10427] should_failslab+0xc2/0x120 [ 283.522270][T10427] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.522308][T10427] ? lockdep_init_map_type+0x5c/0x280 [ 283.522353][T10427] ? fcntl_setlease+0x389/0x5a0 [ 283.522391][T10427] fcntl_setlease+0x389/0x5a0 [ 283.522423][T10427] ? __pfx_fcntl_setlease+0x10/0x10 [ 283.522477][T10427] do_fcntl+0x751/0x15a0 [ 283.522526][T10427] ? __pfx_do_fcntl+0x10/0x10 [ 283.522584][T10427] ? tomoyo_file_fcntl+0x6c/0xc0 [ 283.522621][T10427] __x64_sys_fcntl+0x163/0x200 [ 283.522673][T10427] do_syscall_64+0xcd/0x490 [ 283.522721][T10427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.522750][T10427] RIP: 0033:0x7f35fc58ebe9 [ 283.522775][T10427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.522806][T10427] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 283.522839][T10427] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 283.522870][T10427] RDX: 0000000000000001 RSI: 0000000000000400 RDI: 0000000000000003 [ 283.522894][T10427] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 283.522915][T10427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.522933][T10427] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 283.522973][T10427] [ 285.981587][T10499] FAULT_INJECTION: forcing a failure. [ 285.981587][T10499] name failslab, interval 1, probability 0, space 0, times 0 [ 286.003014][T10499] CPU: 0 UID: 0 PID: 10499 Comm: syz.4.1648 Tainted: G I syzkaller #0 PREEMPT(full) [ 286.003072][T10499] Tainted: [I]=FIRMWARE_WORKAROUND [ 286.003086][T10499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 286.003106][T10499] Call Trace: [ 286.003118][T10499] [ 286.003131][T10499] dump_stack_lvl+0x16c/0x1f0 [ 286.003184][T10499] should_fail_ex+0x512/0x640 [ 286.003232][T10499] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 286.003272][T10499] should_failslab+0xc2/0x120 [ 286.003316][T10499] __kmalloc_cache_noprof+0x6a/0x3e0 [ 286.003353][T10499] ? percpu_ref_init+0xec/0x410 [ 286.003397][T10499] ? __pfx_free_ioctx_reqs+0x10/0x10 [ 286.003433][T10499] percpu_ref_init+0xec/0x410 [ 286.003473][T10499] ? __init_waitqueue_head+0xca/0x150 [ 286.003529][T10499] ioctx_alloc+0x3bc/0x2120 [ 286.003582][T10499] ? find_held_lock+0x2b/0x80 [ 286.003616][T10499] ? __pfx_ioctx_alloc+0x10/0x10 [ 286.003651][T10499] ? __might_fault+0x13b/0x190 [ 286.003701][T10499] __x64_sys_io_setup+0xc9/0x210 [ 286.003746][T10499] do_syscall_64+0xcd/0x490 [ 286.003794][T10499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.003829][T10499] RIP: 0033:0x7f00fed8ebe9 [ 286.003853][T10499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.003885][T10499] RSP: 002b:00007f00ffb2d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 286.003924][T10499] RAX: ffffffffffffffda RBX: 00007f00fefc5fa0 RCX: 00007f00fed8ebe9 [ 286.003947][T10499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000008afc [ 286.003967][T10499] RBP: 00007f00fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 286.003987][T10499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.004007][T10499] R13: 00007f00fefc6038 R14: 00007f00fefc5fa0 R15: 00007ffca2890f68 [ 286.004051][T10499] [ 286.812335][T10517] bridge0: port 3(syz_tun) entered blocking state [ 286.819340][T10517] bridge0: port 3(syz_tun) entered disabled state [ 286.828963][T10517] syz_tun: entered allmulticast mode [ 286.841563][T10517] syz_tun: entered promiscuous mode [ 286.892058][T10517] bridge0: port 3(syz_tun) entered blocking state [ 286.899209][T10517] bridge0: port 3(syz_tun) entered forwarding state [ 287.490455][T10534] dyndbg: bad flag-op , at start of  [ 287.496549][T10534] dyndbg: flags parse failed [ 287.976587][ T51] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 287.976634][ T51] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 287.992503][ T51] Bluetooth: hci2: Dropping invalid advertising data [ 288.000243][ T51] Bluetooth: hci2: Dropping invalid advertising data [ 288.008444][ T51] Bluetooth: hci2: Dropping invalid advertising data [ 288.016187][ T51] Bluetooth: hci2: Malformed LE Event: 0x02 [ 288.759606][T10556] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 288.802103][T10556] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 288.914660][T10556] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 288.938700][T10556] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 288.999459][T10556] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 289.032340][T10556] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 289.040885][T10582] FAULT_INJECTION: forcing a failure. [ 289.040885][T10582] name failslab, interval 1, probability 0, space 0, times 0 [ 289.054332][T10582] CPU: 1 UID: 0 PID: 10582 Comm: syz.5.1683 Tainted: G I syzkaller #0 PREEMPT(full) [ 289.054384][T10582] Tainted: [I]=FIRMWARE_WORKAROUND [ 289.054396][T10582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 289.054416][T10582] Call Trace: [ 289.054426][T10582] [ 289.054439][T10582] dump_stack_lvl+0x16c/0x1f0 [ 289.054496][T10582] should_fail_ex+0x512/0x640 [ 289.054551][T10582] should_failslab+0xc2/0x120 [ 289.054598][T10582] __kmalloc_cache_noprof+0x6a/0x3e0 [ 289.054635][T10582] ? report_access+0x100/0x550 [ 289.054691][T10582] report_access+0x100/0x550 [ 289.054744][T10582] yama_ptrace_access_check+0x589/0xd10 [ 289.054803][T10582] security_ptrace_access_check+0xb2/0x210 [ 289.054840][T10582] __ptrace_may_access+0x498/0x950 [ 289.054887][T10582] ptrace_attach+0x24a/0x6a0 [ 289.054933][T10582] __x64_sys_ptrace+0x25c/0x2a0 [ 289.054980][T10582] do_syscall_64+0xcd/0x490 [ 289.055031][T10582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.055067][T10582] RIP: 0033:0x7fe29918ebe9 [ 289.055092][T10582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.055126][T10582] RSP: 002b:00007fe299f46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 289.055156][T10582] RAX: ffffffffffffffda RBX: 00007fe2993c5fa0 RCX: 00007fe29918ebe9 [ 289.055176][T10582] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000004206 [ 289.055195][T10582] RBP: 00007fe299211e19 R08: 0000000000000000 R09: 0000000000000000 [ 289.055214][T10582] R10: 0000000000200005 R11: 0000000000000246 R12: 0000000000000000 [ 289.055233][T10582] R13: 00007fe2993c6038 R14: 00007fe2993c5fa0 R15: 00007ffe1a5fb118 [ 289.055275][T10582] [ 289.248550][T10556] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 289.310922][T10556] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 289.326360][T10556] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 289.409187][T10556] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 289.874317][T10596] FAULT_INJECTION: forcing a failure. [ 289.874317][T10596] name failslab, interval 1, probability 0, space 0, times 0 [ 289.903114][T10596] CPU: 1 UID: 0 PID: 10596 Comm: syz.5.1689 Tainted: G I syzkaller #0 PREEMPT(full) [ 289.903171][T10596] Tainted: [I]=FIRMWARE_WORKAROUND [ 289.903184][T10596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 289.903204][T10596] Call Trace: [ 289.903215][T10596] [ 289.903227][T10596] dump_stack_lvl+0x16c/0x1f0 [ 289.903279][T10596] should_fail_ex+0x512/0x640 [ 289.903326][T10596] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 289.903370][T10596] should_failslab+0xc2/0x120 [ 289.903413][T10596] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 289.903457][T10596] ? key_alloc+0x3e0/0x1330 [ 289.903506][T10596] key_alloc+0x3e0/0x1330 [ 289.903561][T10596] ? rcu_is_watching+0x12/0xc0 [ 289.903594][T10596] ? __pfx_key_alloc+0x10/0x10 [ 289.903635][T10596] ? __kmalloc_noprof+0x242/0x510 [ 289.903694][T10596] keyring_alloc+0x44/0xc0 [ 289.903748][T10596] install_thread_keyring_to_cred+0xc1/0x140 [ 289.903792][T10596] keyctl_set_reqkey_keyring+0xcf/0x1c0 [ 289.903832][T10596] __do_sys_keyctl+0x6d/0x590 [ 289.903872][T10596] do_syscall_64+0xcd/0x490 [ 289.903920][T10596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.903954][T10596] RIP: 0033:0x7fe29918ebe9 [ 289.903979][T10596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.904012][T10596] RSP: 002b:00007fe299f46038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 289.904043][T10596] RAX: ffffffffffffffda RBX: 00007fe2993c5fa0 RCX: 00007fe29918ebe9 [ 289.904066][T10596] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000e [ 289.904086][T10596] RBP: 00007fe299211e19 R08: 0000000000000008 R09: 0000000000000000 [ 289.904108][T10596] R10: 0000000000005eaf R11: 0000000000000246 R12: 0000000000000000 [ 289.904129][T10596] R13: 00007fe2993c6038 R14: 00007fe2993c5fa0 R15: 00007ffe1a5fb118 [ 289.904172][T10596] [ 290.152251][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 290.433728][T10613] FAULT_INJECTION: forcing a failure. [ 290.433728][T10613] name failslab, interval 1, probability 0, space 0, times 0 [ 290.484362][T10613] CPU: 1 UID: 0 PID: 10613 Comm: syz.2.1696 Tainted: G I syzkaller #0 PREEMPT(full) [ 290.484426][T10613] Tainted: [I]=FIRMWARE_WORKAROUND [ 290.484439][T10613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 290.484459][T10613] Call Trace: [ 290.484471][T10613] [ 290.484483][T10613] dump_stack_lvl+0x16c/0x1f0 [ 290.484534][T10613] should_fail_ex+0x512/0x640 [ 290.484579][T10613] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 290.484617][T10613] should_failslab+0xc2/0x120 [ 290.484661][T10613] __kmalloc_cache_noprof+0x6a/0x3e0 [ 290.484704][T10613] ? mqueue_init_fs_context+0x4b/0x480 [ 290.484744][T10613] ? __pfx_mqueue_init_fs_context+0x10/0x10 [ 290.484779][T10613] mqueue_init_fs_context+0x4b/0x480 [ 290.484812][T10613] ? __pfx_mqueue_init_fs_context+0x10/0x10 [ 290.484849][T10613] alloc_fs_context+0x54a/0x9c0 [ 290.484898][T10613] mq_init_ns+0x172/0x620 [ 290.484939][T10613] copy_ipcs+0x383/0x610 [ 290.484976][T10613] ? copy_utsname+0xab/0x470 [ 290.485036][T10613] create_new_namespaces+0x20a/0xa90 [ 290.485075][T10613] ? security_capable+0x7e/0x260 [ 290.485115][T10613] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 290.485159][T10613] ksys_unshare+0x45b/0xa40 [ 290.485206][T10613] ? __pfx_ksys_unshare+0x10/0x10 [ 290.485253][T10613] ? xfd_validate_state+0x61/0x180 [ 290.485316][T10613] __x64_sys_unshare+0x31/0x40 [ 290.485368][T10613] do_syscall_64+0xcd/0x490 [ 290.485417][T10613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.485450][T10613] RIP: 0033:0x7f35fc58ebe9 [ 290.485476][T10613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.485509][T10613] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 290.485542][T10613] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 290.485565][T10613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 290.485595][T10613] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 290.485616][T10613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.485635][T10613] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 290.485679][T10613] [ 290.488336][T10617] program syz.3.1698 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 290.954816][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 291.030556][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 291.356031][ T5868] Bluetooth: hci3: command 0x0c1a tx timeout [ 291.370637][ T30] audit: type=1806 audit(1756913470.578:15): xattr="0x00060000" res=-22 [ 292.222147][ T5868] Bluetooth: hci1: command 0x0406 tx timeout [ 292.859290][T10688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1728'. [ 292.886818][T10688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1728'. [ 293.017949][ T5868] Bluetooth: hci2: command 0x0406 tx timeout [ 293.107617][ T5868] Bluetooth: hci4: command 0x0c1a tx timeout [ 293.124228][T10698] netlink: 'syz.3.1732': attribute type 2 has an invalid length. [ 293.197034][T10698] netlink: 'syz.3.1732': attribute type 2 has an invalid length. [ 293.425450][ T5868] Bluetooth: hci3: command 0x0c1a tx timeout [ 293.472840][T10711] FAULT_INJECTION: forcing a failure. [ 293.472840][T10711] name failslab, interval 1, probability 0, space 0, times 0 [ 293.489536][T10711] CPU: 1 UID: 0 PID: 10711 Comm: syz.4.1739 Tainted: G I syzkaller #0 PREEMPT(full) [ 293.489589][T10711] Tainted: [I]=FIRMWARE_WORKAROUND [ 293.489603][T10711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 293.489623][T10711] Call Trace: [ 293.489635][T10711] [ 293.489648][T10711] dump_stack_lvl+0x16c/0x1f0 [ 293.489699][T10711] should_fail_ex+0x512/0x640 [ 293.489744][T10711] ? fs_reclaim_acquire+0xae/0x150 [ 293.489800][T10711] should_failslab+0xc2/0x120 [ 293.489844][T10711] __kmalloc_cache_noprof+0x6a/0x3e0 [ 293.489878][T10711] ? __lock_acquire+0x62e/0x1ce0 [ 293.489919][T10711] ? usb_control_msg+0xbc/0x4a0 [ 293.489970][T10711] usb_control_msg+0xbc/0x4a0 [ 293.490017][T10711] ? __pfx_usb_control_msg+0x10/0x10 [ 293.490072][T10711] hub_ext_port_status+0x14e/0x670 [ 293.490124][T10711] hub_activate+0x6e5/0x1d60 [ 293.490182][T10711] ? __pfx_hub_activate+0x10/0x10 [ 293.490223][T10711] ? find_held_lock+0x2b/0x80 [ 293.490255][T10711] ? proc_do_submiturb+0x16e0/0x3b10 [ 293.490303][T10711] hub_resume+0xa8/0x3f0 [ 293.490347][T10711] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 293.490403][T10711] ? __pfx_hub_resume+0x10/0x10 [ 293.490449][T10711] ? __pfx_hcd_bus_resume+0x10/0x10 [ 293.490494][T10711] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 293.490535][T10711] usb_resume_both+0x273/0x800 [ 293.490570][T10711] ? __pfx_usb_resume_both+0x10/0x10 [ 293.490605][T10711] ? __pfx_usb_runtime_resume+0x10/0x10 [ 293.490644][T10711] ? __pfx_usb_runtime_resume+0x10/0x10 [ 293.490683][T10711] __rpm_callback+0xc8/0x610 [ 293.490732][T10711] ? __pfx_usb_runtime_resume+0x10/0x10 [ 293.490771][T10711] rpm_callback+0x1b7/0x200 [ 293.490814][T10711] ? __pfx_usb_runtime_resume+0x10/0x10 [ 293.490851][T10711] rpm_resume+0xd0a/0x1310 [ 293.490905][T10711] ? __pfx_rpm_resume+0x10/0x10 [ 293.490946][T10711] ? do_raw_spin_lock+0x12c/0x2b0 [ 293.490999][T10711] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 293.491066][T10711] __pm_runtime_resume+0xb6/0x170 [ 293.491116][T10711] usb_autoresume_device+0x23/0xe0 [ 293.491156][T10711] usbdev_open+0x228/0x8b0 [ 293.491195][T10711] ? do_raw_spin_lock+0x12c/0x2b0 [ 293.491246][T10711] ? __pfx_usbdev_open+0x10/0x10 [ 293.491286][T10711] ? chrdev_open+0x58c/0x6a0 [ 293.491333][T10711] ? __pfx_usbdev_open+0x10/0x10 [ 293.491370][T10711] chrdev_open+0x231/0x6a0 [ 293.491425][T10711] ? __pfx_chrdev_open+0x10/0x10 [ 293.491471][T10711] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 293.491517][T10711] do_dentry_open+0x97f/0x1530 [ 293.491556][T10711] ? __pfx_chrdev_open+0x10/0x10 [ 293.491607][T10711] vfs_open+0x82/0x3f0 [ 293.491661][T10711] path_openat+0x1de4/0x2cb0 [ 293.491712][T10711] ? __pfx_path_openat+0x10/0x10 [ 293.491761][T10711] do_filp_open+0x20b/0x470 [ 293.491799][T10711] ? __pfx_do_filp_open+0x10/0x10 [ 293.491869][T10711] ? alloc_fd+0x471/0x7d0 [ 293.491917][T10711] do_sys_openat2+0x11b/0x1d0 [ 293.491968][T10711] ? __pfx_do_sys_openat2+0x10/0x10 [ 293.492036][T10711] __x64_sys_openat+0x174/0x210 [ 293.492089][T10711] ? __pfx___x64_sys_openat+0x10/0x10 [ 293.492158][T10711] do_syscall_64+0xcd/0x490 [ 293.492208][T10711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.492243][T10711] RIP: 0033:0x7f00fed8ebe9 [ 293.492270][T10711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.492303][T10711] RSP: 002b:00007f00ffb2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 293.492335][T10711] RAX: ffffffffffffffda RBX: 00007f00fefc5fa0 RCX: 00007f00fed8ebe9 [ 293.492357][T10711] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 293.492378][T10711] RBP: 00007f00fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 293.492410][T10711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.492430][T10711] R13: 00007f00fefc6038 R14: 00007f00fefc5fa0 R15: 00007ffca2890f68 [ 293.492474][T10711] [ 293.492494][T10711] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 294.408887][T10729] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1744'. [ 294.476002][T10729] caif0: entered promiscuous mode [ 295.173304][ T5868] Bluetooth: hci4: command 0x0c1a tx timeout [ 295.206392][T10746] sock: sock_timestamping_bind_phc: sock not bind to device [ 295.243816][T10750] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1753'. [ 295.261238][T10749] ======================================================= [ 295.261238][T10749] WARNING: The mand mount option has been deprecated and [ 295.261238][T10749] and is ignored by this kernel. Remove the mand [ 295.261238][T10749] option from the mount to silence this warning. [ 295.261238][T10749] ======================================================= [ 295.300133][T10750] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1753'. [ 295.487165][ T5868] Bluetooth: hci3: command 0x0c1a tx timeout [ 295.943532][T10775] sd 0:0:1:0: PR command failed: 1026 [ 295.957422][T10775] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 295.969559][T10775] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 299.481538][T10862] netlink: 'syz.4.1799': attribute type 3 has an invalid length. [ 300.582760][T10900] vhci_hcd: not connected 4 [ 300.787550][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 301.304332][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 301.533136][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 301.545826][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 302.193553][T10935] netlink: 'syz.5.1830': attribute type 13 has an invalid length. [ 302.780007][T10957] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1839'. [ 303.302919][T10971] random: crng reseeded on system resumption [ 306.389943][T11055] netlink: 'syz.4.1873': attribute type 1 has an invalid length. [ 306.415192][T11055] netlink: 322 bytes leftover after parsing attributes in process `syz.4.1873'. [ 306.471574][T11058] netlink: 'syz.4.1873': attribute type 1 has an invalid length. [ 306.528563][T11058] netlink: 322 bytes leftover after parsing attributes in process `syz.4.1873'. [ 307.580922][T11072] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1877'. [ 308.320903][T11098] netlink: 'syz.2.1885': attribute type 28 has an invalid length. [ 308.369255][T11098] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1885'. [ 308.416083][T11100] usb usb28: usbfs: process 11100 (syz.3.1886) did not claim interface 0 before use [ 308.511712][T11102] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1887'. [ 308.524543][T11102] team_slave_0: entered allmulticast mode [ 308.898766][T11118] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1895'. [ 308.918050][T11118] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1895'. [ 309.759967][T11144] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1905'. [ 309.875002][T11147] FAULT_INJECTION: forcing a failure. [ 309.875002][T11147] name failslab, interval 1, probability 0, space 0, times 0 [ 309.908786][T11147] CPU: 1 UID: 0 PID: 11147 Comm: syz.2.1906 Tainted: G I syzkaller #0 PREEMPT(full) [ 309.908843][T11147] Tainted: [I]=FIRMWARE_WORKAROUND [ 309.908856][T11147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 309.908877][T11147] Call Trace: [ 309.908888][T11147] [ 309.908900][T11147] dump_stack_lvl+0x16c/0x1f0 [ 309.908955][T11147] should_fail_ex+0x512/0x640 [ 309.909002][T11147] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 309.909190][T11147] should_failslab+0xc2/0x120 [ 309.909236][T11147] __kmalloc_cache_noprof+0x6a/0x3e0 [ 309.909273][T11147] ? snd_seq_create_port+0xf7/0xae0 [ 309.909327][T11147] snd_seq_create_port+0xf7/0xae0 [ 309.909388][T11147] snd_seq_ioctl_create_port+0x253/0x950 [ 309.909443][T11147] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 309.909491][T11147] ? kasan_save_stack+0x42/0x60 [ 309.909524][T11147] ? kasan_save_stack+0x33/0x60 [ 309.909557][T11147] ? kasan_save_track+0x14/0x30 [ 309.909599][T11147] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 309.909658][T11147] create_port+0x197/0x260 [ 309.909706][T11147] ? __pfx_create_port+0x10/0x10 [ 309.909762][T11147] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 309.909796][T11147] ? __pfx_free_devinfo+0x10/0x10 [ 309.909878][T11147] ? mark_held_locks+0x49/0x80 [ 309.909919][T11147] ? _raw_spin_unlock_irq+0x23/0x50 [ 309.909962][T11147] snd_seq_oss_open+0x36c/0xa20 [ 309.910033][T11147] odev_open+0x6f/0x90 [ 309.910087][T11147] ? __pfx_odev_open+0x10/0x10 [ 309.910134][T11147] soundcore_open+0x409/0x580 [ 309.910183][T11147] ? __pfx_soundcore_open+0x10/0x10 [ 309.910232][T11147] chrdev_open+0x231/0x6a0 [ 309.910274][T11147] ? __pfx_apparmor_file_open+0x10/0x10 [ 309.910312][T11147] ? __pfx_chrdev_open+0x10/0x10 [ 309.910356][T11147] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 309.910402][T11147] do_dentry_open+0x97f/0x1530 [ 309.910444][T11147] ? __pfx_chrdev_open+0x10/0x10 [ 309.910495][T11147] vfs_open+0x82/0x3f0 [ 309.910549][T11147] path_openat+0x1de4/0x2cb0 [ 309.910602][T11147] ? __pfx_path_openat+0x10/0x10 [ 309.910652][T11147] do_filp_open+0x20b/0x470 [ 309.910693][T11147] ? __pfx_do_filp_open+0x10/0x10 [ 309.910765][T11147] ? alloc_fd+0x471/0x7d0 [ 309.910812][T11147] do_sys_openat2+0x11b/0x1d0 [ 309.910863][T11147] ? __pfx_do_sys_openat2+0x10/0x10 [ 309.910930][T11147] __x64_sys_openat+0x174/0x210 [ 309.910982][T11147] ? __pfx___x64_sys_openat+0x10/0x10 [ 309.911061][T11147] do_syscall_64+0xcd/0x490 [ 309.911111][T11147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.911144][T11147] RIP: 0033:0x7f35fc58ebe9 [ 309.911170][T11147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.911204][T11147] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 309.911236][T11147] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 309.911257][T11147] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 309.911288][T11147] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 309.911308][T11147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.911327][T11147] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 309.911370][T11147] [ 310.300739][T11147] ALSA: seq_oss: can't create port [ 310.484355][T11158] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1910'. [ 310.707036][T11164] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1914'. [ 310.889628][T11172] Format for adding new port is "id [perm_addr]" (uint MAC). [ 312.031640][T11197] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1927'. [ 312.744248][T11211] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1933'. [ 313.498402][T11233] FAULT_INJECTION: forcing a failure. [ 313.498402][T11233] name failslab, interval 1, probability 0, space 0, times 0 [ 313.545636][T11233] CPU: 1 UID: 0 PID: 11233 Comm: syz.2.1943 Tainted: G I syzkaller #0 PREEMPT(full) [ 313.545691][T11233] Tainted: [I]=FIRMWARE_WORKAROUND [ 313.545704][T11233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 313.545724][T11233] Call Trace: [ 313.545735][T11233] [ 313.545749][T11233] dump_stack_lvl+0x16c/0x1f0 [ 313.545932][T11233] should_fail_ex+0x512/0x640 [ 313.545980][T11233] ? fs_reclaim_acquire+0xae/0x150 [ 313.546035][T11233] ? mempool_init_node+0x305/0x6e0 [ 313.546084][T11233] should_failslab+0xc2/0x120 [ 313.546129][T11233] __kmalloc_noprof+0xd2/0x510 [ 313.546179][T11233] ? __pfx_mempool_kmalloc+0x10/0x10 [ 313.546223][T11233] mempool_init_node+0x305/0x6e0 [ 313.546283][T11233] ? __pfx_mempool_kmalloc+0x10/0x10 [ 313.546326][T11233] ? __pfx_mempool_kfree+0x10/0x10 [ 313.546374][T11233] mempool_init_noprof+0x3a/0x50 [ 313.546437][T11233] do_fanotify_mark+0x2db2/0x3600 [ 313.546512][T11233] ? __pfx_do_fanotify_mark+0x10/0x10 [ 313.546568][T11233] ? __x64_sys_futex+0x1e9/0x4c0 [ 313.546618][T11233] ? xfd_validate_state+0x61/0x180 [ 313.546665][T11233] ? __pfx_ksys_write+0x10/0x10 [ 313.546711][T11233] __x64_sys_fanotify_mark+0xbd/0x160 [ 313.546762][T11233] ? do_syscall_64+0x91/0x490 [ 313.546886][T11233] ? lockdep_hardirqs_on+0x7c/0x110 [ 313.546930][T11233] do_syscall_64+0xcd/0x490 [ 313.546980][T11233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.547013][T11233] RIP: 0033:0x7f35fc58ebe9 [ 313.547039][T11233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.547073][T11233] RSP: 002b:00007f35fd362038 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 313.547105][T11233] RAX: ffffffffffffffda RBX: 00007f35fc7c5fa0 RCX: 00007f35fc58ebe9 [ 313.547125][T11233] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000 [ 313.547144][T11233] RBP: 00007f35fc611e19 R08: 0000000000000000 R09: 0000000000000000 [ 313.547163][T11233] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 313.547181][T11233] R13: 00007f35fc7c6038 R14: 00007f35fc7c5fa0 R15: 00007ffd943956f8 [ 313.547224][T11233] [ 313.869505][T11228] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1941'. [ 314.101652][T11241] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1948'. [ 314.381967][T11250] FAULT_INJECTION: forcing a failure. [ 314.381967][T11250] name failslab, interval 1, probability 0, space 0, times 0 [ 314.406239][T11250] CPU: 0 UID: 0 PID: 11250 Comm: syz.4.1951 Tainted: G I syzkaller #0 PREEMPT(full) [ 314.406296][T11250] Tainted: [I]=FIRMWARE_WORKAROUND [ 314.406309][T11250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 314.406329][T11250] Call Trace: [ 314.406340][T11250] [ 314.406353][T11250] dump_stack_lvl+0x16c/0x1f0 [ 314.406406][T11250] should_fail_ex+0x512/0x640 [ 314.406454][T11250] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 314.406493][T11250] should_failslab+0xc2/0x120 [ 314.406537][T11250] __kmalloc_cache_noprof+0x6a/0x3e0 [ 314.406572][T11250] ? mark_held_locks+0x49/0x80 [ 314.406612][T11250] ? rfkill_fop_open+0x1b6/0x750 [ 314.406653][T11250] rfkill_fop_open+0x1b6/0x750 [ 314.406693][T11250] ? __pfx_rfkill_fop_open+0x10/0x10 [ 314.406728][T11250] misc_open+0x35d/0x420 [ 314.406779][T11250] ? __pfx_misc_open+0x10/0x10 [ 314.406813][T11250] chrdev_open+0x231/0x6a0 [ 314.406861][T11250] ? __pfx_apparmor_file_open+0x10/0x10 [ 314.406897][T11250] ? __pfx_chrdev_open+0x10/0x10 [ 314.406943][T11250] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 314.406999][T11250] do_dentry_open+0x97f/0x1530 [ 314.407042][T11250] ? __pfx_chrdev_open+0x10/0x10 [ 314.407095][T11250] vfs_open+0x82/0x3f0 [ 314.407151][T11250] path_openat+0x1de4/0x2cb0 [ 314.407207][T11250] ? __pfx_path_openat+0x10/0x10 [ 314.407257][T11250] do_filp_open+0x20b/0x470 [ 314.407299][T11250] ? __pfx_do_filp_open+0x10/0x10 [ 314.407370][T11250] ? alloc_fd+0x471/0x7d0 [ 314.407418][T11250] do_sys_openat2+0x11b/0x1d0 [ 314.407469][T11250] ? __pfx_do_sys_openat2+0x10/0x10 [ 314.407537][T11250] __x64_sys_openat+0x174/0x210 [ 314.407588][T11250] ? __pfx___x64_sys_openat+0x10/0x10 [ 314.407666][T11250] do_syscall_64+0xcd/0x490 [ 314.407717][T11250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.407751][T11250] RIP: 0033:0x7f00fed8ebe9 [ 314.407779][T11250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.407812][T11250] RSP: 002b:00007f00ffb2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 314.407844][T11250] RAX: ffffffffffffffda RBX: 00007f00fefc5fa0 RCX: 00007f00fed8ebe9 [ 314.407867][T11250] RDX: 0000000000000080 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 314.407889][T11250] RBP: 00007f00fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 314.407910][T11250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.407930][T11250] R13: 00007f00fefc6038 R14: 00007f00fefc5fa0 R15: 00007ffca2890f68 [ 314.407981][T11250] [ 314.793412][T11258] sctp: [Deprecated]: syz.5.1955 (pid 11258) Use of int in max_burst socket option deprecated. [ 314.793412][T11258] Use struct sctp_assoc_value instead [ 315.134328][T11271] ------------[ cut here ]------------ [ 315.140650][T11271] DEBUG_LOCKS_WARN_ON(lock->magic != lock) [ 315.155201][T11271] WARNING: CPU: 1 PID: 11271 at kernel/locking/mutex.c:577 __mutex_lock+0x3a2/0x1060 [ 315.173343][T11271] Modules linked in: [ 315.177572][T11271] CPU: 1 UID: 0 PID: 11271 Comm: syz.4.1960 Tainted: G I syzkaller #0 PREEMPT(full) [ 315.189932][T11271] Tainted: [I]=FIRMWARE_WORKAROUND [ 315.196246][T11271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 315.206942][T11271] RIP: 0010:__mutex_lock+0x3a2/0x1060 [ 315.212657][T11271] Code: 08 84 d2 0f 85 7e 0c 00 00 44 8b 0d 98 34 19 05 45 85 c9 75 19 90 48 c7 c6 60 55 ad 8b 48 c7 c7 a0 54 ad 8b e8 af 71 e7 f5 90 <0f> 0b 90 90 90 e9 b5 fd ff ff 48 8d 85 60 ff ff ff 48 89 df 48 89 [ 315.233395][T11271] RSP: 0018:ffffc9000499fa70 EFLAGS: 00010282 [ 315.239789][T11271] RAX: 0000000000000000 RBX: ffff88802802b850 RCX: ffffc9000fe0e000 [ 315.248955][T11271] RDX: 0000000000080000 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 315.258457][T11271] RBP: ffffc9000499fbc0 R08: 0000000000000001 R09: 0000000000000000 [ 315.267198][T11271] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 315.275374][T11271] R13: 0000000000000000 R14: 1ffff92000933f5a R15: ffffffff8a9aa167 [ 315.283515][T11271] FS: 00007f00ffb2d6c0(0000) GS:ffff8881247c0000(0000) knlGS:0000000000000000 [ 315.293445][T11271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 315.300193][T11271] CR2: 0000001b2ec1cff8 CR3: 0000000028fa6000 CR4: 00000000003526f0 [ 315.309550][T11271] Call Trace: [ 315.313284][T11271] [ 315.316278][T11271] ? rcu_is_watching+0x12/0xc0 [ 315.321437][T11271] ? trace_kmem_cache_alloc+0x28/0xc0 [ 315.327500][T11271] ? kmem_cache_alloc_node_noprof+0x225/0x3b0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 315.334222][T11271] ? kmalloc_reserve+0x18b/0x2c0 [ 315.339498][T11271] ? __pfx___mutex_lock+0x10/0x10 [ 315.344709][T11271] ? __asan_memset+0x23/0x50 [ 315.350025][T11271] ? __build_skb_around+0x278/0x3b0 [ 315.355474][T11271] ? __alloc_skb+0x200/0x380 [ 315.360282][T11271] ? __pfx___alloc_skb+0x10/0x10 [ 315.365325][T11271] ? __pfx_vhci_coredump_hdr+0x10/0x10 [ 315.371099][T11271] ? __pfx_vhci_coredump+0x10/0x10 [ 315.377114][T11271] ? hci_devcd_register+0x47/0x170 [ 315.383269][T11271] hci_devcd_register+0x47/0x170 [ 315.390282][T11271] force_devcd_write+0x16c/0x340 [ 315.398255][T11271] ? __pfx_force_devcd_write+0x10/0x10 [ 315.406583][T11271] full_proxy_write+0x12e/0x1a0 [ 315.412346][T11271] ? __pfx_full_proxy_write+0x10/0x10 [ 315.418180][T11271] vfs_write+0x29d/0x11d0 [ 315.424891][T11271] ? __pfx___mutex_lock+0x10/0x10 [ 315.431259][T11271] ? __pfx_vfs_write+0x10/0x10 [ 315.436936][T11271] ? __fget_files+0x20e/0x3c0 [ 315.442434][T11271] ksys_write+0x12a/0x250 [ 315.447787][T11271] ? __pfx_ksys_write+0x10/0x10 [ 315.454316][T11271] do_syscall_64+0xcd/0x490 [ 315.459292][T11271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.467267][T11271] RIP: 0033:0x7f00fed8ebe9 [ 315.473364][T11271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.496906][T11271] RSP: 002b:00007f00ffb2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 315.507105][T11271] RAX: ffffffffffffffda RBX: 00007f00fefc5fa0 RCX: 00007f00fed8ebe9 [ 315.516083][T11271] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 315.524443][T11271] RBP: 00007f00fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 315.532981][T11271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.541931][T11271] R13: 00007f00fefc6038 R14: 00007f00fefc5fa0 R15: 00007ffca2890f68 [ 315.550205][T11271] [ 315.554805][T11271] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 315.562405][T11271] CPU: 1 UID: 0 PID: 11271 Comm: syz.4.1960 Tainted: G I syzkaller #0 PREEMPT(full) [ 315.574125][T11271] Tainted: [I]=FIRMWARE_WORKAROUND [ 315.579256][T11271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 315.589810][T11271] Call Trace: [ 315.593115][T11271] [ 315.596418][T11271] dump_stack_lvl+0x3d/0x1f0 [ 315.601153][T11271] vpanic+0x6e8/0x7a0 [ 315.605207][T11271] ? __pfx_vpanic+0x10/0x10 [ 315.609862][T11271] ? __mutex_lock+0x3a2/0x1060 [ 315.615334][T11271] panic+0xca/0xd0 [ 315.619528][T11271] ? __pfx_panic+0x10/0x10 [ 315.624280][T11271] check_panic_on_warn+0xab/0xb0 [ 315.629915][T11271] __warn+0xf6/0x3c0 [ 315.633888][T11271] ? __mutex_lock+0x3a2/0x1060 [ 315.639144][T11271] report_bug+0x3c3/0x580 [ 315.643524][T11271] ? __mutex_lock+0x3a2/0x1060 [ 315.648340][T11271] handle_bug+0x184/0x210 [ 315.652902][T11271] exc_invalid_op+0x17/0x50 [ 315.657968][T11271] asm_exc_invalid_op+0x1a/0x20 [ 315.663051][T11271] RIP: 0010:__mutex_lock+0x3a2/0x1060 [ 315.668821][T11271] Code: 08 84 d2 0f 85 7e 0c 00 00 44 8b 0d 98 34 19 05 45 85 c9 75 19 90 48 c7 c6 60 55 ad 8b 48 c7 c7 a0 54 ad 8b e8 af 71 e7 f5 90 <0f> 0b 90 90 90 e9 b5 fd ff ff 48 8d 85 60 ff ff ff 48 89 df 48 89 [ 315.688747][T11271] RSP: 0018:ffffc9000499fa70 EFLAGS: 00010282 [ 315.695309][T11271] RAX: 0000000000000000 RBX: ffff88802802b850 RCX: ffffc9000fe0e000 [ 315.703412][T11271] RDX: 0000000000080000 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 315.711505][T11271] RBP: ffffc9000499fbc0 R08: 0000000000000001 R09: 0000000000000000 [ 315.719766][T11271] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 315.728921][T11271] R13: 0000000000000000 R14: 1ffff92000933f5a R15: ffffffff8a9aa167 [ 315.737373][T11271] ? hci_devcd_register+0x47/0x170 [ 315.742647][T11271] ? __warn_printk+0x1a5/0x350 [ 315.747566][T11271] ? rcu_is_watching+0x12/0xc0 [ 315.752648][T11271] ? trace_kmem_cache_alloc+0x28/0xc0 [ 315.758278][T11271] ? kmem_cache_alloc_node_noprof+0x225/0x3b0 [ 315.764745][T11271] ? kmalloc_reserve+0x18b/0x2c0 [ 315.770008][T11271] ? __pfx___mutex_lock+0x10/0x10 [ 315.775606][T11271] ? __asan_memset+0x23/0x50 [ 315.780378][T11271] ? __build_skb_around+0x278/0x3b0 [ 315.785633][T11271] ? __alloc_skb+0x200/0x380 [ 315.790273][T11271] ? __pfx___alloc_skb+0x10/0x10 [ 315.795859][T11271] ? __pfx_vhci_coredump_hdr+0x10/0x10 [ 315.801451][T11271] ? __pfx_vhci_coredump+0x10/0x10 [ 315.806769][T11271] ? hci_devcd_register+0x47/0x170 [ 315.812021][T11271] hci_devcd_register+0x47/0x170 [ 315.817353][T11271] force_devcd_write+0x16c/0x340 [ 315.822512][T11271] ? __pfx_force_devcd_write+0x10/0x10 [ 315.828194][T11271] full_proxy_write+0x12e/0x1a0 [ 315.833266][T11271] ? __pfx_full_proxy_write+0x10/0x10 [ 315.838710][T11271] vfs_write+0x29d/0x11d0 [ 315.843100][T11271] ? __pfx___mutex_lock+0x10/0x10 [ 315.848168][T11271] ? __pfx_vfs_write+0x10/0x10 [ 315.852980][T11271] ? __fget_files+0x20e/0x3c0 [ 315.858214][T11271] ksys_write+0x12a/0x250 [ 315.862575][T11271] ? __pfx_ksys_write+0x10/0x10 [ 315.867568][T11271] do_syscall_64+0xcd/0x490 [ 315.872210][T11271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.878254][T11271] RIP: 0033:0x7f00fed8ebe9 [ 315.882793][T11271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.903168][T11271] RSP: 002b:00007f00ffb2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 315.912100][T11271] RAX: ffffffffffffffda RBX: 00007f00fefc5fa0 RCX: 00007f00fed8ebe9 [ 315.920191][T11271] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 315.928286][T11271] RBP: 00007f00fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 315.937178][T11271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.945375][T11271] R13: 00007f00fefc6038 R14: 00007f00fefc5fa0 R15: 00007ffca2890f68 [ 315.953408][T11271] [ 315.956954][T11271] Kernel Offset: disabled [ 315.961616][T11271] Rebooting in 86400 seconds..