last executing test programs: 2.655914876s ago: executing program 1 (id=2693): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80805, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) 2.655276603s ago: executing program 0 (id=2701): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100cda4429629bd7100f9db5f250200000000", @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0x2c0080c0}, 0x80) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008) 2.509977549s ago: executing program 0 (id=2694): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) unshare$auto(0x40000080) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4) 2.509905317s ago: executing program 3 (id=2695): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) socket(0x11, 0x80003, 0x300) sendto$auto(0x3, 0x0, 0xfdef, 0x7, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x20) 2.287611648s ago: executing program 3 (id=2697): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r0, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(r0, 0x8926, r0) 2.075294758s ago: executing program 3 (id=2698): unshare$auto(0xfffffffffffffffd) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) socket(0x2, 0x1, 0x106) ioctl$auto(r0, 0x2, 0x9) ioctl$auto(r0, 0x400c4d09, r0) 1.894355251s ago: executing program 3 (id=2699): socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) shutdown$auto(0x200000003, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.888401803s ago: executing program 1 (id=2700): r0 = socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x12}}, 0x54) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(r0, 0x0, 0x9a6, 0xe000) write$auto(0x3, 0x0, 0x800) 1.811540573s ago: executing program 0 (id=2703): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) sendmsg$auto_TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc8c0}, 0x800) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, 0x0, 0x1, 0x0, 0x4, 0x3}, 0x5}, 0x2, 0x100) 1.657888877s ago: executing program 0 (id=2704): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) utimensat$auto(r0, 0x0, 0x0, 0x400) 1.593568417s ago: executing program 1 (id=2705): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x20f41, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x4e, 0x0, 0xc, 0x0, 0xabb2, 0x210b}, 0x800008}, 0x1, 0xfffffffe) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7112}, 0x8) 1.563779316s ago: executing program 3 (id=2706): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x7352, 0x41, 0x200000000065f, 0x401ffde, 0x7, 0x3, 0x2, 0x9, 0x3eb, 0x5, 0x2, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffb, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}, 0x9, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x157b, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.433043419s ago: executing program 2 (id=2707): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(&(0x7f0000000380)='_k\x8ba59Be\x92\xdf\xd8Y&\x1bM\xb5\xaaH9\xd9\x84\x184P\xdb\xbaaDq% \x81\xa4\xa89\xf9\xd7\xef\xd2\x03\xdb!!\x99QBX@\xea\\z\xec\xb1\xcc,g\xb1L\x90/\xa80\x16\xc3\x97\x9e\x88G;\xe2Cpw$>\xb4\f^\x9a\x9c\n\x9e\xba9\xb4\xb9\x88\xbf\xd4\xach\x16x\xf0\xea\xcd\xbbnS\x88\xc3\xa3\x15]\xa1\x14\x93\xd31\x82kR\x87\xbc\xf2@\xbe\"\x98@\x80\x98\xd2\x8cz\xe7\xcdFHX\xf5ff\xef\xb2\xff\xcf\xd4\"\xef\x12\x88\bU4!\xee\x9d\n\xc7', 0x3) mmap$auto(0x7ffffdfde000, 0x2020006, 0x9, 0x11, 0x8000000000000000, 0x8000) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) brk$auto(0x7fffffffafff) brk$auto(0x7fffffffefff) 1.378211826s ago: executing program 1 (id=2708): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffdf, 0x7, 0x4, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f00"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.366245483s ago: executing program 2 (id=2709): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000002081, 0x8, 0x2, 0xfffffffffffffff8}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.297896444s ago: executing program 2 (id=2710): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8842, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/v4l-subdev7\x00', 0x0, 0x0) 877.783845ms ago: executing program 2 (id=2711): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x101082, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$auto(r0, 0xc0045543, r1) 841.612069ms ago: executing program 1 (id=2712): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) capset$auto(0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) 721.712487ms ago: executing program 2 (id=2713): socket(0xf, 0x3, 0x2) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x10, 0x2, 0x6) read$auto(0x3, 0x0, 0xf3c) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) 653.78225ms ago: executing program 3 (id=2714): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8842, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) 609.55209ms ago: executing program 0 (id=2715): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0x0) pipe2$auto(0x0, 0x80) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) listen$auto(0x3, 0x83) close_range$auto(0x2, 0x8, 0x0) 464.940838ms ago: executing program 2 (id=2716): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000180)={0x9, &(0x7f0000000000)={0x50, 0xf4, 0xb0}}) write$auto(0x3, 0x0, 0xfdef) 450.527883ms ago: executing program 1 (id=2717): sendmsg$auto_NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="60120000", @ANYRES16, @ANYBLOB="01002bbd7000fddbdf253f00000042125e80120157803b38694e6b0fca720453224d88a2393983143415c642e3c360ab48d694e21204e89b4c8ab7d4be6f1bd65055c54d3fedb9b4591e6ee6576b1f011e23c80c6ea478e8f3da21f26ade35148398f2ef3e09640a60c3c91182270b133cd2c31dc32b05b5ee01b088c4974eef13d2e4f95cb2ac0310e4be67d9c413ba544ba9032697b70cfabb60ec8054e108535328bdec1e0b739a64b91ce719be7daf4bef038618c8fccd0944385a98747f2a7268f08864bda87a2213c48acc5e6c42979968e0f3768eb883808e04e10e569b844eaaeaa3189ba059a1cceea2c7c642a436757dd6815ec3f1582f74e9dee4e0f7e472575ed6621d42aeaa18af25da7d3268e408003100", @ANYRES32=0x0, @ANYBLOB="080081000700000000000400058008002600", @ANYRES32=0x0, @ANYBLOB="67a34f3643a24c499e4c63b8933bc03715b91d650cbaa8940368ce12126cb0aac0004ecf7aa17f73a3580b834e2e6b914d225f52f74ac0fea28df7265abd3ee736be519502d1717de6cd8673330df94952258d016e7ea44db5c61bf50173c5f714008eb6ba9a3ec87482ad4433f20ae1aeaef535a29b40dc43a545955f7c53b5bc1c64e04a1f25edacecc1e88d36cbcfde4c02e45b5a5d96c28b396e509d080083007f000001140083000000000000000000000000000000000164100080081001800400e6804f9d3286f5dc37e371f2459a3d66ebdfbc0ffda4cd833e918c26af5fd11a1099cf1bafb1021a26bac24ecbd707760cd870c1561769fa8c7e9a939af2db3a623ac30c74e2d416fb9af4b9f936e69756ea46e2ca2b5fd29901458eba4ec4f39bec5c9948a29368c214eec7410d0117d0eeb576c3a522600b452fb976eb7e0fa7d306778d000bc42187176a9921361dd2a35d73b58cfc18c6692d74059fda389d16c17708dda577c841913e44028f9421866c3b5f2fdfe6cec6dca9949c9565b7819064e6d58eb88c6f3206013985acbc070726d3a18ede631b42b63e48e22bb3eb3310ce27ed3d87788dadd5b689768f5d9a1851f571a532595e242e8193fb161d541cf6cf8b33d1ac2f50cb54486d88af170aaad39514a106b69034e566a8683dee50b27ad1197cd43d4e1f86a11056f50af8a2a22712534dddb5038f30e7f9ed9931d73f18a01c2ae5be38a9d7997e9ce58d870cb1053a892e1b121f1a3ddc5f77d0e8732f2831d4cdc963f0914b6571a42c8f84b3f5f56b00903a820a383aae4d18152b4971974fe87c021438e2c83a0fc7aea2b928292d41bffe9c8a0530e5100e1d758d4ae7400bade7a8f8e5bcec452c0956ff05cac08c513de68f87ba7c43ab2296ee307bd1974d277b6a1bd9ea8e8aae39fa1cbafaedd754b6ffa0a1be7bcd1ee8a21d951eb5817fb3cb8f6fe6de3ef17cd5e2732914ce89185bce0cefdaeecd0d11d6857d798411db6e54e4a4541fecd51b8e182d068ce78ee082dcd94c0d82533dfde08ec897128faad32bb46685ddc3ec95472aba2dfb8a9b74352bd81faeb23cdc62115b88c4d48f65c5039e333c02dfbfcd742852cc9ad54274cd3917137de8e8e9ab7b73b64f86051d996f7574b5f66eb9bdfa7c28350aa1e5358c54de919fd9b0b8b9cb6742f91611ab6fa32f7e26d5f031e3826edd4e9a1d8b4683a983b9b5c31ee73bf5e534e0f076c7da397d47274c2ccfc5fbac9c94d219858ecf9cbec11ab987cd5e3efe607670f2075045f7fa76aa8b0e39a58b11efdf611c8ab9fe1ca4d16487f88bd4d144fe32315a1b006986c392bb2159ec69a6315ee61b97f49e24046859d019ac7d55782a3a1eacf3e09c61270e20a74125d574083bf57a8ea7fd4b3408c66d3a9d8ae40020ae1032a119234507dff4bb5dbf5fc434adcb01730ed5d88fe385012bd2d043291420576e36c0368a0a57cfa58319209402c836b06bfcc5f3a715075df18cd8e4eba8918aefa03bb0581df7ef430ce922f046cf7342f70b1902c9456196ef2e2ef606a4f2278d6ebc5b982af304aadc47e3481e4300d5ef1c2c4677cd370219ce8f5b88f33ff139fa5a102311406746af4d69a579fb19f633b58cf80205774514138392b42d1a49c24f6976380fc388073299b78e495e278d227288534bfea710bf44e2284ae5906324839004b6540d4fa7e866e8aa91707a63193fa955ec5d673c1a9cbe5eb056a53f60a067f998234dd10cdd6eb234af4e898bc31a0f64ffb774f09748a2eb2289bec50ddb5b06b11e08512dc7bfcfa4c4bbaa842a439d9db5b182ad749d23a461a83f530d1aadbe103726f6dcebb044486578acb34ad7390c691e564fde7289ad818797e4363d995a3828a67218b7374e3f02f023a3aa92c7e5dcdc179efc2407a49d3e7a8c6e0edde033e3060482163291eafdeff6a2dd194ac208ebb82827bcb60188ec9b71192c4b7843729fbb65f049e11640aab0ddbb6544d75f36f5961e68c02edd3892cb24a6b25c426ce7e6b104498087e47f67b786596fa7c02ce1956b710ca5df9282509378faa646312186495863807b7e2f47cdef0fb21579576b2700ae11c2db7b2d04fbdcb677e67db4e33dc017d7eba07392c80653193d42e9f4159db3fa718089"], 0x1260}, 0x1, 0x0, 0x0, 0x1}, 0x8000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000012c0)=ANY=[@ANYBLOB="44010000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250a00000008000100", @ANYRES32=r3, @ANYBLOB="280109800c00"], 0x144}, 0x1, 0x0, 0x0, 0x4040085}, 0x0) 0s ago: executing program 0 (id=2718): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/veth1_macvtap/locktime\x00', 0x103142, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/udp_port\x00', 0x202, 0x0) sendfile$auto(r1, r0, 0x0, 0x6) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 syzkaller syzkaller login: [ 206.622015][ T9184] zswap: compressor 000 not available syzkaller syzkaller login: [ 211.884621][ T5862] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 211.973314][ T9373] FAULT_INJECTION: forcing a failure. [ 211.973314][ T9373] name failslab, interval 1, probability 0, space 0, times 0 [ 211.987552][ T9373] CPU: 1 UID: 0 PID: 9373 Comm: syz.0.1381 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 211.987587][ T9373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 211.987603][ T9373] Call Trace: [ 211.987612][ T9373] [ 211.987621][ T9373] dump_stack_lvl+0x16c/0x1f0 [ 211.987652][ T9373] should_fail_ex+0x512/0x640 [ 211.987678][ T9373] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 211.987708][ T9373] should_failslab+0xc2/0x120 [ 211.987737][ T9373] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 211.987763][ T9373] ? __thp_vma_allowable_orders+0x1c5/0xb10 [ 211.987793][ T9373] ? ptlock_alloc+0x1f/0x70 [ 211.987833][ T9373] ptlock_alloc+0x1f/0x70 [ 211.987866][ T9373] pte_alloc_one+0x82/0x3a0 [ 211.987890][ T9373] __handle_mm_fault+0x3a68/0x5490 [ 211.987936][ T9373] ? __pfx___handle_mm_fault+0x10/0x10 [ 211.987968][ T9373] ? __pfx_mt_find+0x10/0x10 [ 211.988015][ T9373] ? find_vma+0xbf/0x140 [ 211.988044][ T9373] ? __pfx_find_vma+0x10/0x10 [ 211.988076][ T9373] handle_mm_fault+0x589/0xd10 [ 211.988113][ T9373] ? __pkru_allows_pkey+0x51/0xb0 [ 211.988148][ T9373] do_user_addr_fault+0x7a6/0x1370 [ 211.988185][ T9373] ? rcu_is_watching+0x12/0xc0 [ 211.988215][ T9373] exc_page_fault+0x5c/0xb0 [ 211.988239][ T9373] asm_exc_page_fault+0x26/0x30 [ 211.988262][ T9373] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 211.988294][ T9373] Code: c4 10 e9 84 11 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 11 04 00 66 66 [ 211.988317][ T9373] RSP: 0018:ffffc9000b5b7d70 EFLAGS: 00050202 [ 211.988337][ T9373] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 211.988352][ T9373] RDX: fffff520016b6fbc RSI: 0000000000000000 RDI: ffffc9000b5b7de0 [ 211.988368][ T9373] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520016b6fbc [ 211.988383][ T9373] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000 [ 211.988397][ T9373] R13: ffffc9000b5b7de0 R14: 0000000000000000 R15: 0000000000000000 [ 211.988431][ T9373] _copy_from_user+0x98/0xd0 [ 211.988461][ T9373] do_sock_getsockopt+0x3ca/0x440 [ 211.988495][ T9373] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 211.988524][ T9373] ? __fget_files+0x204/0x3c0 [ 211.988583][ T9373] __sys_getsockopt+0x123/0x1b0 [ 211.988617][ T9373] __x64_sys_getsockopt+0xbd/0x160 [ 211.988641][ T9373] ? do_syscall_64+0x91/0x490 [ 211.988666][ T9373] ? lockdep_hardirqs_on+0x7c/0x110 [ 211.988689][ T9373] do_syscall_64+0xcd/0x490 [ 211.988717][ T9373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.988742][ T9373] RIP: 0033:0x7f7d32b8e9a9 [ 211.988762][ T9373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.988784][ T9373] RSP: 002b:00007f7d339d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 211.988806][ T9373] RAX: ffffffffffffffda RBX: 00007f7d32db5fa0 RCX: 00007f7d32b8e9a9 [ 211.988822][ T9373] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003 [ 211.988837][ T9373] RBP: 00007f7d32c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 211.988851][ T9373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 211.988866][ T9373] R13: 0000000000000000 R14: 00007f7d32db5fa0 R15: 00007ffd73a4a3d8 [ 211.988899][ T9373] [ 213.032201][ T9395] FAULT_INJECTION: forcing a failure. [ 213.032201][ T9395] name failslab, interval 1, probability 0, space 0, times 0 [ 213.054757][ T9395] CPU: 1 UID: 0 PID: 9395 Comm: syz.2.1394 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 213.054795][ T9395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 213.054810][ T9395] Call Trace: [ 213.054819][ T9395] [ 213.054829][ T9395] dump_stack_lvl+0x16c/0x1f0 [ 213.054860][ T9395] should_fail_ex+0x512/0x640 [ 213.054886][ T9395] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 213.054928][ T9395] should_failslab+0xc2/0x120 [ 213.054958][ T9395] __kmalloc_cache_noprof+0x6a/0x3e0 [ 213.054992][ T9395] ? find_held_lock+0x2b/0x80 [ 213.055018][ T9395] ? yama_ptracer_add+0x48/0x590 [ 213.055059][ T9395] yama_ptracer_add+0x48/0x590 [ 213.055093][ T9395] yama_task_prctl+0xf4/0x1f0 [ 213.055132][ T9395] security_task_prctl+0xc2/0x160 [ 213.055163][ T9395] __do_sys_prctl+0xaa/0x24c0 [ 213.055200][ T9395] ? __pfx___do_sys_prctl+0x10/0x10 [ 213.055241][ T9395] do_syscall_64+0xcd/0x490 [ 213.055266][ T9395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.055289][ T9395] RIP: 0033:0x7f695058e9a9 [ 213.055307][ T9395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.055328][ T9395] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 213.055349][ T9395] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 213.055364][ T9395] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000059616d61 [ 213.055379][ T9395] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 213.055393][ T9395] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 213.055407][ T9395] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 213.055443][ T9395] [ 214.190069][ T9427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1407'. [ 215.763621][ T9466] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1424'. [ 216.090317][ T9474] ======================================================= [ 216.090317][ T9474] WARNING: The mand mount option has been deprecated and [ 216.090317][ T9474] and is ignored by this kernel. Remove the mand [ 216.090317][ T9474] option from the mount to silence this warning. [ 216.090317][ T9474] ======================================================= [ 216.310065][ T9481] FAULT_INJECTION: forcing a failure. [ 216.310065][ T9481] name failslab, interval 1, probability 0, space 0, times 0 [ 216.341062][ T9481] CPU: 1 UID: 0 PID: 9481 Comm: syz.3.1431 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 216.341098][ T9481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 216.341113][ T9481] Call Trace: [ 216.341121][ T9481] [ 216.341132][ T9481] dump_stack_lvl+0x16c/0x1f0 [ 216.341164][ T9481] should_fail_ex+0x512/0x640 [ 216.341190][ T9481] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 216.341223][ T9481] should_failslab+0xc2/0x120 [ 216.341252][ T9481] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 216.341277][ T9481] ? __pfx___might_resched+0x10/0x10 [ 216.341304][ T9481] ? __anon_vma_prepare+0xae/0x5e0 [ 216.341334][ T9481] __anon_vma_prepare+0xae/0x5e0 [ 216.341363][ T9481] __vmf_anon_prepare+0x11c/0x240 [ 216.341397][ T9481] __handle_mm_fault+0x27f6/0x5490 [ 216.341444][ T9481] ? __pfx___handle_mm_fault+0x10/0x10 [ 216.341481][ T9481] ? __pte_offset_map_lock+0x174/0x310 [ 216.341512][ T9481] ? find_held_lock+0x2b/0x80 [ 216.341537][ T9481] ? find_held_lock+0x2b/0x80 [ 216.341572][ T9481] ? follow_page_pte+0x3af/0x14c0 [ 216.341613][ T9481] handle_mm_fault+0x589/0xd10 [ 216.341657][ T9481] __get_user_pages+0x589/0x3b80 [ 216.341700][ T9481] ? __pfx_mt_find+0x10/0x10 [ 216.341729][ T9481] ? __pfx___get_user_pages+0x10/0x10 [ 216.341776][ T9481] populate_vma_page_range+0x278/0x3a0 [ 216.341813][ T9481] ? __pfx_populate_vma_page_range+0x10/0x10 [ 216.341846][ T9481] ? __pfx_find_vma_intersection+0x10/0x10 [ 216.341880][ T9481] ? do_mmap+0x69c/0x1210 [ 216.341916][ T9481] __mm_populate+0x1d8/0x380 [ 216.341951][ T9481] ? __pfx___mm_populate+0x10/0x10 [ 216.341994][ T9481] ? up_write+0x1b2/0x520 [ 216.342035][ T9481] vm_mmap_pgoff+0x362/0x450 [ 216.342072][ T9481] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 216.342110][ T9481] ? __x64_sys_futex+0x1e0/0x4c0 [ 216.342139][ T9481] ? __x64_sys_futex+0x1e9/0x4c0 [ 216.342173][ T9481] ksys_mmap_pgoff+0x7d/0x5c0 [ 216.342203][ T9481] ? xfd_validate_state+0x61/0x180 [ 216.342233][ T9481] ? __pfx_ksys_write+0x10/0x10 [ 216.342262][ T9481] __x64_sys_mmap+0x125/0x190 [ 216.342300][ T9481] do_syscall_64+0xcd/0x490 [ 216.342328][ T9481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.342352][ T9481] RIP: 0033:0x7f7afb58e9a9 [ 216.342373][ T9481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.342395][ T9481] RSP: 002b:00007f7afc3b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 216.342420][ T9481] RAX: ffffffffffffffda RBX: 00007f7afb7b5fa0 RCX: 00007f7afb58e9a9 [ 216.342436][ T9481] RDX: 00000000000000df RSI: 0000000000000008 RDI: 0000000000000000 [ 216.342449][ T9481] RBP: 00007f7afb610d69 R08: 0000000000000002 R09: 0000000040008000 [ 216.342464][ T9481] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 216.342479][ T9481] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 216.342514][ T9481] [ 219.364090][ T9551] sctp: [Deprecated]: syz.3.1461 (pid 9551) Use of int in max_burst socket option deprecated. [ 219.364090][ T9551] Use struct sctp_assoc_value instead [ 220.337808][ T9589] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1480'. [ 221.825328][ T9627] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1505'. [ 223.112011][ T9684] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 227.009111][ T9811] FAULT_INJECTION: forcing a failure. [ 227.009111][ T9811] name failslab, interval 1, probability 0, space 0, times 0 [ 227.042226][ T9811] CPU: 0 UID: 0 PID: 9811 Comm: syz.1.1578 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 227.042262][ T9811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 227.042278][ T9811] Call Trace: [ 227.042287][ T9811] [ 227.042296][ T9811] dump_stack_lvl+0x16c/0x1f0 [ 227.042329][ T9811] should_fail_ex+0x512/0x640 [ 227.042355][ T9811] ? __kvmalloc_node_noprof+0x124/0x620 [ 227.042400][ T9811] should_failslab+0xc2/0x120 [ 227.042430][ T9811] __kvmalloc_node_noprof+0x137/0x620 [ 227.042469][ T9811] ? io_alloc_cache_init+0x33/0x170 [ 227.042503][ T9811] ? io_alloc_cache_init+0x33/0x170 [ 227.042536][ T9811] io_alloc_cache_init+0x33/0x170 [ 227.042565][ T9811] io_uring_setup+0x5e1/0x2080 [ 227.042609][ T9811] ? __pfx_io_uring_setup+0x10/0x10 [ 227.042644][ T9811] ? do_futex+0x122/0x350 [ 227.042675][ T9811] ? __pfx_do_futex+0x10/0x10 [ 227.042725][ T9811] ? xfd_validate_state+0x61/0x180 [ 227.042756][ T9811] ? __pfx_ksys_write+0x10/0x10 [ 227.042788][ T9811] __x64_sys_io_uring_setup+0xc2/0x170 [ 227.042826][ T9811] do_syscall_64+0xcd/0x490 [ 227.042855][ T9811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.042881][ T9811] RIP: 0033:0x7fc71f98e9a9 [ 227.042901][ T9811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.042925][ T9811] RSP: 002b:00007fc7208a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 227.042948][ T9811] RAX: ffffffffffffffda RBX: 00007fc71fbb5fa0 RCX: 00007fc71f98e9a9 [ 227.042965][ T9811] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 227.042979][ T9811] RBP: 00007fc71fa10d69 R08: 0000000000000000 R09: 0000000000000000 [ 227.042995][ T9811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.043009][ T9811] R13: 0000000000000000 R14: 00007fc71fbb5fa0 R15: 00007ffd8bf439c8 [ 227.043044][ T9811] [ 228.690530][ T9850] sctp: [Deprecated]: syz.0.1593 (pid 9850) Use of int in max_burst socket option deprecated. [ 228.690530][ T9850] Use struct sctp_assoc_value instead [ 229.710490][ T9882] sctp: [Deprecated]: syz.1.1610 (pid 9882) Use of int in max_burst socket option deprecated. [ 229.710490][ T9882] Use struct sctp_assoc_value instead [ 230.044710][ T9897] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1614'. [ 230.528985][ T9913] sctp: [Deprecated]: syz.2.1621 (pid 9913) Use of int in max_burst socket option deprecated. [ 230.528985][ T9913] Use struct sctp_assoc_value instead [ 231.568396][ T9937] mtrr: base(0x100000000) is not aligned on a size(0x0000) boundary [ 233.427641][ T9953] kexec: Could not allocate control_code_buffer [ 235.438608][T10020] netlink: 'syz.3.1671': attribute type 1 has an invalid length. [ 235.600442][T10025] netlink: 222 bytes leftover after parsing attributes in process `syz.0.1681'. [ 235.998304][T10042] netlink: 19 bytes leftover after parsing attributes in process `syz.1.1680'. [ 236.639727][T10069] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1691'. [ 237.503749][T10095] netlink: 'syz.2.1704': attribute type 1 has an invalid length. [ 238.492593][T10126] zswap: compressor 000 not available [ 238.570570][T10137] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1722'. [ 239.442913][T10167] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1735'. [ 240.813875][T10217] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1756'. [ 242.060816][T10260] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1785'. [ 242.256054][T10270] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 244.281214][T10317] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1803'. [ 244.391600][T10319] binder: 10318:10319 unknown command 0 [ 244.425366][T10319] binder: 10318:10319 ioctl c0306201 0 returned -22 [ 244.731735][T10325] warning: `syz.1.1807' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 245.548972][T10357] nbd: socks must be embedded in a SOCK_ITEM attr [ 245.579690][T10357] block nbd2: shutting down sockets [ 246.050316][T10378] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.1826' sets config #0 [ 246.062004][T10373] netlink: 19 bytes leftover after parsing attributes in process `syz.2.1829'. [ 246.803380][ T5855] Bluetooth: hci1: ACL packet too small [ 247.034456][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1849'. [ 247.261470][T10428] 0x000000000001-0x000000020000 : "" [ 247.344843][T10428] ftl_cs: FTL header corrupt! [ 248.255658][T10470] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1869'. [ 251.318063][T10577] 0x000000000001-0x000000020000 : "" [ 251.335697][T10577] ftl_cs: FTL header corrupt! [ 252.067169][T10522] kexec: Could not allocate control_code_buffer [ 254.909284][T10697] XFS: Clearing xfsstats [ 255.716021][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.723111][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.501777][T10761] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1988'. [ 256.840688][T10770] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 257.526510][T10794] 0x000000000001-0x000000020000 : "" [ 257.551620][T10794] ftl_cs: FTL header corrupt! [ 259.815538][T10842] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2019'. [ 259.953761][T10820] kexec: Could not allocate control_code_buffer [ 260.069325][T10849] netlink: 'syz.1.2024': attribute type 1 has an invalid length. [ 260.209629][T10855] 0x000000000001-0x000000020000 : "" [ 260.243548][T10855] ftl_cs: FTL header corrupt! [ 260.941989][T10884] XFS: Clearing xfsstats [ 261.438688][T10910] FAULT_INJECTION: forcing a failure. [ 261.438688][T10910] name failslab, interval 1, probability 0, space 0, times 0 [ 261.456583][T10910] CPU: 1 UID: 0 PID: 10910 Comm: syz.2.2054 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 261.456625][T10910] Tainted: [I]=FIRMWARE_WORKAROUND [ 261.456636][T10910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 261.456651][T10910] Call Trace: [ 261.456660][T10910] [ 261.456671][T10910] dump_stack_lvl+0x16c/0x1f0 [ 261.456705][T10910] should_fail_ex+0x512/0x640 [ 261.456730][T10910] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 261.456783][T10910] should_failslab+0xc2/0x120 [ 261.456813][T10910] __kmalloc_cache_noprof+0x6a/0x3e0 [ 261.456848][T10910] ? do_raw_spin_unlock+0x172/0x230 [ 261.456883][T10910] ? sched_core_share_pid+0x3ec/0x9f0 [ 261.456915][T10910] sched_core_share_pid+0x3ec/0x9f0 [ 261.456944][T10910] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 261.456982][T10910] ? __pfx_sched_core_share_pid+0x10/0x10 [ 261.457011][T10910] ? static_key_count+0x5a/0x70 [ 261.457041][T10910] ? security_task_prctl+0x11c/0x160 [ 261.457074][T10910] __do_sys_prctl+0x31a/0x24c0 [ 261.457112][T10910] ? __pfx___do_sys_prctl+0x10/0x10 [ 261.457153][T10910] do_syscall_64+0xcd/0x490 [ 261.457183][T10910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.457207][T10910] RIP: 0033:0x7f695058e9a9 [ 261.457227][T10910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.457251][T10910] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 261.457276][T10910] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 261.457293][T10910] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e [ 261.457308][T10910] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 261.457323][T10910] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 261.457337][T10910] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 261.457370][T10910] [ 261.790620][T10919] FAULT_INJECTION: forcing a failure. [ 261.790620][T10919] name failslab, interval 1, probability 0, space 0, times 0 [ 261.816761][T10919] CPU: 0 UID: 0 PID: 10919 Comm: syz.2.2058 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 261.816806][T10919] Tainted: [I]=FIRMWARE_WORKAROUND [ 261.816815][T10919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 261.816831][T10919] Call Trace: [ 261.816840][T10919] [ 261.816850][T10919] dump_stack_lvl+0x16c/0x1f0 [ 261.816882][T10919] should_fail_ex+0x512/0x640 [ 261.816909][T10919] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 261.816940][T10919] should_failslab+0xc2/0x120 [ 261.816970][T10919] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 261.816997][T10919] ? find_held_lock+0x2b/0x80 [ 261.817023][T10919] ? pidfs_alloc_inode+0x25/0x80 [ 261.817055][T10919] ? stashed_dentry_get+0xec/0x2a0 [ 261.817082][T10919] ? __pfx_pidfs_alloc_inode+0x10/0x10 [ 261.817112][T10919] pidfs_alloc_inode+0x25/0x80 [ 261.817143][T10919] alloc_inode+0x61/0x240 [ 261.817174][T10919] path_from_stashed+0x2be/0xb00 [ 261.817205][T10919] ? __pfx_path_from_stashed+0x10/0x10 [ 261.817228][T10919] ? find_held_lock+0x2b/0x80 [ 261.817255][T10919] ? alloc_fd+0x471/0x7d0 [ 261.817296][T10919] pidfs_alloc_file+0xf8/0x330 [ 261.817329][T10919] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 261.817367][T10919] ? _raw_spin_unlock_irq+0x23/0x50 [ 261.817406][T10919] pidfd_prepare+0x10c/0x1b0 [ 261.817439][T10919] __x64_sys_pidfd_open+0x105/0x1a0 [ 261.817475][T10919] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 261.817515][T10919] ? rcu_is_watching+0x12/0xc0 [ 261.817545][T10919] do_syscall_64+0xcd/0x490 [ 261.817573][T10919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.817599][T10919] RIP: 0033:0x7f695058e9a9 [ 261.817619][T10919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.817642][T10919] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 261.817666][T10919] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 261.817683][T10919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 261.817705][T10919] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 261.817720][T10919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.817735][T10919] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 261.817770][T10919] [ 262.911938][T10959] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2075'. [ 263.799188][T10990] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2091'. [ 264.382084][T11020] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2104'. [ 264.392316][T11020] vlan1: entered allmulticast mode [ 264.398427][T11020] veth0_vlan: entered allmulticast mode [ 264.667818][T11024] zswap: compressor 000 not available [ 267.195219][T11074] kexec: Could not allocate control_code_buffer [ 268.345185][T11121] FAULT_INJECTION: forcing a failure. [ 268.345185][T11121] name failslab, interval 1, probability 0, space 0, times 0 [ 268.360199][T11121] CPU: 1 UID: 0 PID: 11121 Comm: syz.1.2146 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 268.360243][T11121] Tainted: [I]=FIRMWARE_WORKAROUND [ 268.360253][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 268.360268][T11121] Call Trace: [ 268.360276][T11121] [ 268.360286][T11121] dump_stack_lvl+0x16c/0x1f0 [ 268.360320][T11121] should_fail_ex+0x512/0x640 [ 268.360348][T11121] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 268.360377][T11121] should_failslab+0xc2/0x120 [ 268.360406][T11121] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 268.360440][T11121] ? __kernfs_new_node+0xd2/0x8e0 [ 268.360487][T11121] __kernfs_new_node+0xd2/0x8e0 [ 268.360531][T11121] ? __pfx___kernfs_new_node+0x10/0x10 [ 268.360578][T11121] ? find_held_lock+0x2b/0x80 [ 268.360607][T11121] ? kernfs_root+0xee/0x2a0 [ 268.360639][T11121] kernfs_new_node+0x13c/0x1e0 [ 268.360673][T11121] __kernfs_create_file+0x53/0x350 [ 268.360710][T11121] sysfs_add_file_mode_ns+0x207/0x3c0 [ 268.360754][T11121] internal_create_group+0x578/0xf30 [ 268.360789][T11121] ? __pfx_internal_create_group+0x10/0x10 [ 268.360819][T11121] ? kernfs_create_link+0x1bd/0x240 [ 268.360857][T11121] internal_create_groups+0x9d/0x150 [ 268.360883][T11121] device_add+0xf30/0x1a70 [ 268.360919][T11121] ? __pfx_device_add+0x10/0x10 [ 268.360952][T11121] ? lockdep_init_map_type+0x5c/0x280 [ 268.360988][T11121] ? __init_waitqueue_head+0xca/0x150 [ 268.361021][T11121] netdev_register_kobject+0x182/0x3a0 [ 268.361058][T11121] register_netdevice+0x13dc/0x2270 [ 268.361096][T11121] ? __pfx_register_netdevice+0x10/0x10 [ 268.361134][T11121] ? __pfx_loopback_net_init+0x10/0x10 [ 268.361170][T11121] register_netdev+0x34/0x50 [ 268.361198][T11121] loopback_net_init+0x7a/0x170 [ 268.361232][T11121] ? __pfx_loopback_net_init+0x10/0x10 [ 268.361264][T11121] ops_init+0x1df/0x5f0 [ 268.361297][T11121] setup_net+0x1ff/0x510 [ 268.361323][T11121] ? lockdep_init_map_type+0x5c/0x280 [ 268.361357][T11121] ? __pfx_setup_net+0x10/0x10 [ 268.361389][T11121] ? debug_mutex_init+0x37/0x70 [ 268.361418][T11121] copy_net_ns+0x2a6/0x5f0 [ 268.361462][T11121] create_new_namespaces+0x3ea/0xa90 [ 268.361502][T11121] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 268.361534][T11121] ksys_unshare+0x45b/0xa40 [ 268.361568][T11121] ? __pfx_ksys_unshare+0x10/0x10 [ 268.361603][T11121] ? xfd_validate_state+0x61/0x180 [ 268.361645][T11121] __x64_sys_unshare+0x31/0x40 [ 268.361676][T11121] do_syscall_64+0xcd/0x490 [ 268.361706][T11121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.361732][T11121] RIP: 0033:0x7fc71f98e9a9 [ 268.361754][T11121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.361779][T11121] RSP: 002b:00007fc7208a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 268.361803][T11121] RAX: ffffffffffffffda RBX: 00007fc71fbb5fa0 RCX: 00007fc71f98e9a9 [ 268.361820][T11121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 268.361836][T11121] RBP: 00007fc71fa10d69 R08: 0000000000000000 R09: 0000000000000000 [ 268.361851][T11121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.361865][T11121] R13: 0000000000000000 R14: 00007fc71fbb5fa0 R15: 00007ffd8bf439c8 [ 268.361898][T11121] [ 268.873808][T11125] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2148'. [ 269.396798][T11148] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2159'. [ 269.734877][T11160] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2165'. [ 270.083443][T11179] netlink: 302 bytes leftover after parsing attributes in process `syz.1.2174'. [ 270.366899][T11191] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2179'. [ 270.685380][T11201] vivid-003: ================= START STATUS ================= [ 270.719510][T11201] vivid-003: Radio HW Seek Mode: Bounded [ 270.735099][T11201] vivid-003: Radio Programmable HW Seek: false [ 270.753180][T11201] vivid-003: RDS Rx I/O Mode: Block I/O [ 270.762932][T11201] vivid-003: Generate RBDS Instead of RDS: false [ 270.772938][T11201] vivid-003: RDS Reception: true [ 270.782918][T11201] vivid-003: RDS Program Type: 0 inactive [ 270.789824][T11201] vivid-003: RDS PS Name: inactive [ 270.800423][T11201] vivid-003: RDS Radio Text: inactive [ 270.807031][T11201] vivid-003: RDS Traffic Announcement: false inactive [ 270.819265][T11201] vivid-003: RDS Traffic Program: false inactive [ 270.830256][T11201] vivid-003: RDS Music: false inactive [ 270.840653][T11201] vivid-003: ================== END STATUS ================== [ 271.472129][T11218] FAULT_INJECTION: forcing a failure. [ 271.472129][T11218] name failslab, interval 1, probability 0, space 0, times 0 [ 271.504393][T11218] CPU: 0 UID: 0 PID: 11218 Comm: syz.1.2190 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 271.504437][T11218] Tainted: [I]=FIRMWARE_WORKAROUND [ 271.504448][T11218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 271.504462][T11218] Call Trace: [ 271.504469][T11218] [ 271.504479][T11218] dump_stack_lvl+0x16c/0x1f0 [ 271.504510][T11218] should_fail_ex+0x512/0x640 [ 271.504537][T11218] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 271.504569][T11218] should_failslab+0xc2/0x120 [ 271.504599][T11218] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 271.504629][T11218] ? proc_alloc_inode+0x25/0x200 [ 271.504657][T11218] ? __pfx_proc_alloc_inode+0x10/0x10 [ 271.504679][T11218] proc_alloc_inode+0x25/0x200 [ 271.504702][T11218] alloc_inode+0x61/0x240 [ 271.504733][T11218] new_inode+0x22/0x1c0 [ 271.504760][T11218] ? proc_lookup_de+0x217/0x320 [ 271.504790][T11218] proc_get_inode+0x1d/0x780 [ 271.504817][T11218] proc_lookup_de+0x253/0x320 [ 271.504858][T11218] proc_tgid_net_lookup+0x75/0x120 [ 271.504896][T11218] __lookup_slow+0x24e/0x460 [ 271.504932][T11218] ? __pfx___lookup_slow+0x10/0x10 [ 271.504991][T11218] ? lookup_fast+0x156/0x610 [ 271.505043][T11218] walk_component+0x353/0x5b0 [ 271.505083][T11218] link_path_walk+0x627/0xe20 [ 271.505133][T11218] path_openat+0x1b0/0x2cb0 [ 271.505155][T11218] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.505195][T11218] ? __pfx_path_openat+0x10/0x10 [ 271.505222][T11218] ? __lock_acquire+0xb8a/0x1c90 [ 271.505259][T11218] do_filp_open+0x20b/0x470 [ 271.505285][T11218] ? __pfx_do_filp_open+0x10/0x10 [ 271.505323][T11218] ? __pfx_kfree_link+0x10/0x10 [ 271.505366][T11218] ? alloc_fd+0x471/0x7d0 [ 271.505414][T11218] do_sys_openat2+0x11b/0x1d0 [ 271.505446][T11218] ? __pfx_do_sys_openat2+0x10/0x10 [ 271.505493][T11218] __x64_sys_openat+0x174/0x210 [ 271.505525][T11218] ? __pfx___x64_sys_openat+0x10/0x10 [ 271.505573][T11218] do_syscall_64+0xcd/0x490 [ 271.505603][T11218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.505627][T11218] RIP: 0033:0x7fc71f98e9a9 [ 271.505649][T11218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.505673][T11218] RSP: 002b:00007fc7208a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 271.505698][T11218] RAX: ffffffffffffffda RBX: 00007fc71fbb5fa0 RCX: 00007fc71f98e9a9 [ 271.505716][T11218] RDX: 0000000000101002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 271.505732][T11218] RBP: 00007fc71fa10d69 R08: 0000000000000000 R09: 0000000000000000 [ 271.505747][T11218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 271.505761][T11218] R13: 0000000000000000 R14: 00007fc71fbb5fa0 R15: 00007ffd8bf439c8 [ 271.505793][T11218] [ 272.935028][T11256] netlink: 'syz.2.2206': attribute type 3 has an invalid length. [ 273.648675][T11282] FAULT_INJECTION: forcing a failure. [ 273.648675][T11282] name failslab, interval 1, probability 0, space 0, times 0 [ 273.664343][T11282] CPU: 1 UID: 0 PID: 11282 Comm: syz.2.2218 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 273.664386][T11282] Tainted: [I]=FIRMWARE_WORKAROUND [ 273.664396][T11282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 273.664411][T11282] Call Trace: [ 273.664419][T11282] [ 273.664428][T11282] dump_stack_lvl+0x16c/0x1f0 [ 273.664458][T11282] should_fail_ex+0x512/0x640 [ 273.664483][T11282] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 273.664526][T11282] should_failslab+0xc2/0x120 [ 273.664556][T11282] __kmalloc_cache_noprof+0x6a/0x3e0 [ 273.664595][T11282] ? trace_kmalloc+0x2b/0xd0 [ 273.664623][T11282] ? snd_virmidi_input_open+0xc8/0x4a0 [ 273.664660][T11282] snd_virmidi_input_open+0xc8/0x4a0 [ 273.664696][T11282] open_substream+0x478/0x9b0 [ 273.664734][T11282] rawmidi_open_priv+0x513/0x6e0 [ 273.664777][T11282] snd_rawmidi_open+0x4cc/0xbf0 [ 273.664821][T11282] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 273.664859][T11282] ? __pfx_default_wake_function+0x10/0x10 [ 273.664892][T11282] ? kobject_get_unless_zero+0x156/0x1e0 [ 273.664932][T11282] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 273.664969][T11282] snd_open+0x1fe/0x450 [ 273.665000][T11282] ? __pfx_snd_open+0x10/0x10 [ 273.665028][T11282] chrdev_open+0x231/0x6a0 [ 273.665060][T11282] ? __pfx_apparmor_file_open+0x10/0x10 [ 273.665100][T11282] ? __pfx_chrdev_open+0x10/0x10 [ 273.665131][T11282] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 273.665177][T11282] do_dentry_open+0x744/0x1c10 [ 273.665203][T11282] ? __pfx_chrdev_open+0x10/0x10 [ 273.665238][T11282] vfs_open+0x82/0x3f0 [ 273.665275][T11282] path_openat+0x1de4/0x2cb0 [ 273.665313][T11282] ? __pfx_path_openat+0x10/0x10 [ 273.665341][T11282] ? __lock_acquire+0xb8a/0x1c90 [ 273.665379][T11282] do_filp_open+0x20b/0x470 [ 273.665404][T11282] ? __pfx_do_filp_open+0x10/0x10 [ 273.665458][T11282] ? alloc_fd+0x471/0x7d0 [ 273.665506][T11282] do_sys_openat2+0x11b/0x1d0 [ 273.665537][T11282] ? __pfx_do_sys_openat2+0x10/0x10 [ 273.665584][T11282] __x64_sys_openat+0x174/0x210 [ 273.665617][T11282] ? __pfx___x64_sys_openat+0x10/0x10 [ 273.665665][T11282] do_syscall_64+0xcd/0x490 [ 273.665694][T11282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.665720][T11282] RIP: 0033:0x7f695058e9a9 [ 273.665741][T11282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.665765][T11282] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 273.665789][T11282] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 273.665805][T11282] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 273.665822][T11282] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 273.665837][T11282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.665852][T11282] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 273.665888][T11282] [ 273.989921][ C1] vkms_vblank_simulate: vblank timer overrun [ 274.457351][T11297] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2225'. [ 274.715987][T11302] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.273651][T11322] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2235'. [ 275.296600][T11324] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2236'. [ 275.407875][T11327] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2237'. [ 277.193038][T11400] netlink: 130 bytes leftover after parsing attributes in process `syz.2.2271'. [ 277.271056][T11402] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2269'. [ 277.438222][T11402] team0: Port device team_slave_1 removed [ 278.272290][T11415] FAULT_INJECTION: forcing a failure. [ 278.272290][T11415] name failslab, interval 1, probability 0, space 0, times 0 [ 278.370834][T11415] CPU: 1 UID: 0 PID: 11415 Comm: syz.0.2276 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 278.370880][T11415] Tainted: [I]=FIRMWARE_WORKAROUND [ 278.370890][T11415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 278.370906][T11415] Call Trace: [ 278.370915][T11415] [ 278.370927][T11415] dump_stack_lvl+0x16c/0x1f0 [ 278.370961][T11415] should_fail_ex+0x512/0x640 [ 278.370988][T11415] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 278.371020][T11415] should_failslab+0xc2/0x120 [ 278.371050][T11415] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 278.371078][T11415] ? __kernfs_new_node+0xd2/0x8e0 [ 278.371123][T11415] __kernfs_new_node+0xd2/0x8e0 [ 278.371166][T11415] ? __pfx___kernfs_new_node+0x10/0x10 [ 278.371213][T11415] ? find_held_lock+0x2b/0x80 [ 278.371241][T11415] ? kernfs_root+0xee/0x2a0 [ 278.371274][T11415] kernfs_new_node+0x13c/0x1e0 [ 278.371309][T11415] __kernfs_create_file+0x53/0x350 [ 278.371347][T11415] sysfs_add_file_mode_ns+0x207/0x3c0 [ 278.371393][T11415] internal_create_group+0x578/0xf30 [ 278.371428][T11415] ? __pfx_internal_create_group+0x10/0x10 [ 278.371461][T11415] ? kernfs_create_link+0x1bd/0x240 [ 278.371499][T11415] internal_create_groups+0x9d/0x150 [ 278.371528][T11415] device_add+0xf30/0x1a70 [ 278.371564][T11415] ? __pfx_device_add+0x10/0x10 [ 278.371596][T11415] ? lockdep_init_map_type+0x5c/0x280 [ 278.371631][T11415] ? __init_waitqueue_head+0xca/0x150 [ 278.371666][T11415] netdev_register_kobject+0x182/0x3a0 [ 278.371704][T11415] register_netdevice+0x13dc/0x2270 [ 278.371750][T11415] ? __pfx_register_netdevice+0x10/0x10 [ 278.371790][T11415] ? __pfx_loopback_net_init+0x10/0x10 [ 278.371825][T11415] register_netdev+0x34/0x50 [ 278.371857][T11415] loopback_net_init+0x7a/0x170 [ 278.371893][T11415] ? __pfx_loopback_net_init+0x10/0x10 [ 278.371925][T11415] ops_init+0x1df/0x5f0 [ 278.371959][T11415] setup_net+0x1ff/0x510 [ 278.371986][T11415] ? lockdep_init_map_type+0x5c/0x280 [ 278.372020][T11415] ? __pfx_setup_net+0x10/0x10 [ 278.372052][T11415] ? debug_mutex_init+0x37/0x70 [ 278.372082][T11415] copy_net_ns+0x2a6/0x5f0 [ 278.372117][T11415] create_new_namespaces+0x3ea/0xa90 [ 278.372155][T11415] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 278.372188][T11415] ksys_unshare+0x45b/0xa40 [ 278.372222][T11415] ? __pfx_ksys_unshare+0x10/0x10 [ 278.372256][T11415] ? xfd_validate_state+0x61/0x180 [ 278.372300][T11415] __x64_sys_unshare+0x31/0x40 [ 278.372332][T11415] do_syscall_64+0xcd/0x490 [ 278.372362][T11415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.372389][T11415] RIP: 0033:0x7f7d32b8e9a9 [ 278.372411][T11415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.372436][T11415] RSP: 002b:00007f7d339d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 278.372462][T11415] RAX: ffffffffffffffda RBX: 00007f7d32db5fa0 RCX: 00007f7d32b8e9a9 [ 278.372479][T11415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 278.372495][T11415] RBP: 00007f7d32c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 278.372511][T11415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.372526][T11415] R13: 0000000000000000 R14: 00007f7d32db5fa0 R15: 00007ffd73a4a3d8 [ 278.372562][T11415] [ 278.856576][T11410] kexec: Could not allocate control_code_buffer [ 279.088671][T11434] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2285'. [ 279.115338][T11434] hsr0: entered allmulticast mode [ 279.121032][T11434] hsr_slave_0: entered allmulticast mode [ 279.133012][T11434] hsr_slave_1: entered allmulticast mode [ 279.156476][T11437] __vm_enough_memory: pid: 11437, comm: syz.3.2284, bytes: 4398046511104 not enough memory for the allocation [ 280.949359][T11474] netlink: 130 bytes leftover after parsing attributes in process `syz.2.2298'. [ 281.439377][T11490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2305'. [ 281.458606][T11490] netlink: 354 bytes leftover after parsing attributes in process `syz.3.2305'. [ 281.545285][T11485] Process accounting resumed [ 282.219555][T11524] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2319'. [ 283.032257][T11555] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2334'. [ 283.044910][T11556] FAULT_INJECTION: forcing a failure. [ 283.044910][T11556] name failslab, interval 1, probability 0, space 0, times 0 [ 283.059290][T11556] CPU: 0 UID: 0 PID: 11556 Comm: syz.2.2335 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 283.059331][T11556] Tainted: [I]=FIRMWARE_WORKAROUND [ 283.059341][T11556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 283.059355][T11556] Call Trace: [ 283.059364][T11556] [ 283.059374][T11556] dump_stack_lvl+0x16c/0x1f0 [ 283.059407][T11556] should_fail_ex+0x512/0x640 [ 283.059433][T11556] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.059461][T11556] should_failslab+0xc2/0x120 [ 283.059489][T11556] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.059514][T11556] ? alloc_file_pseudo+0x1b3/0x230 [ 283.059543][T11556] ? alloc_empty_file+0x55/0x1e0 [ 283.059577][T11556] alloc_empty_file+0x55/0x1e0 [ 283.059609][T11556] alloc_file_clone+0x5f/0x110 [ 283.059641][T11556] create_pipe_files+0x412/0x930 [ 283.059674][T11556] do_pipe2+0xaf/0x1c0 [ 283.059700][T11556] ? __pfx_do_pipe2+0x10/0x10 [ 283.059724][T11556] ? __pfx___x64_sys_futex+0x10/0x10 [ 283.059756][T11556] ? __pfx_do_writev+0x10/0x10 [ 283.059801][T11556] __x64_sys_pipe+0x33/0x50 [ 283.059827][T11556] do_syscall_64+0xcd/0x490 [ 283.059853][T11556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.059877][T11556] RIP: 0033:0x7f695058e9a9 [ 283.059898][T11556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.059922][T11556] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 283.059946][T11556] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 283.059963][T11556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 283.059979][T11556] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 283.059994][T11556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.060009][T11556] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 283.060043][T11556] syzkaller syzkaller login: [ 286.805547][T11651] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2369'. [ 286.951859][T11655] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2373'. [ 287.384787][T11662] FAULT_INJECTION: forcing a failure. [ 287.384787][T11662] name failslab, interval 1, probability 0, space 0, times 0 [ 287.484265][T11662] CPU: 1 UID: 0 PID: 11662 Comm: syz.3.2376 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 287.484311][T11662] Tainted: [I]=FIRMWARE_WORKAROUND [ 287.484321][T11662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 287.484337][T11662] Call Trace: [ 287.484345][T11662] [ 287.484355][T11662] dump_stack_lvl+0x16c/0x1f0 [ 287.484388][T11662] should_fail_ex+0x512/0x640 [ 287.484415][T11662] ? __kmalloc_noprof+0xbf/0x510 [ 287.484445][T11662] ? memcg_list_lru_alloc+0x4e9/0x740 [ 287.484470][T11662] should_failslab+0xc2/0x120 [ 287.484500][T11662] __kmalloc_noprof+0xd2/0x510 [ 287.484524][T11662] ? __lock_acquire+0x622/0x1c90 [ 287.484564][T11662] memcg_list_lru_alloc+0x4e9/0x740 [ 287.484600][T11662] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 287.484639][T11662] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 287.484682][T11662] __memcg_slab_post_alloc_hook+0x133/0x960 [ 287.484721][T11662] ? kasan_save_track+0x14/0x30 [ 287.484750][T11662] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 287.484777][T11662] ? alloc_inode+0xc3/0x240 [ 287.484812][T11662] alloc_inode+0xc3/0x240 [ 287.484843][T11662] path_from_stashed+0x2be/0xb00 [ 287.484874][T11662] ? __pfx_path_from_stashed+0x10/0x10 [ 287.484913][T11662] ? do_raw_read_unlock+0x44/0xe0 [ 287.484943][T11662] ns_get_path+0x5f/0x80 [ 287.484982][T11662] proc_ns_get_link+0x121/0x260 [ 287.485022][T11662] ? __pfx_proc_ns_get_link+0x10/0x10 [ 287.485062][T11662] ? atime_needs_update+0x8b/0x710 [ 287.485095][T11662] ? __pfx_proc_ns_get_link+0x10/0x10 [ 287.485133][T11662] step_into+0x1a29/0x2270 [ 287.485175][T11662] ? __pfx_step_into+0x10/0x10 [ 287.485208][T11662] ? find_held_lock+0x2b/0x80 [ 287.485247][T11662] path_openat+0x6db/0x2cb0 [ 287.485283][T11662] ? __pfx_path_openat+0x10/0x10 [ 287.485311][T11662] ? __lock_acquire+0xb8a/0x1c90 [ 287.485347][T11662] do_filp_open+0x20b/0x470 [ 287.485373][T11662] ? __pfx_do_filp_open+0x10/0x10 [ 287.485424][T11662] ? alloc_fd+0x471/0x7d0 [ 287.485470][T11662] do_sys_openat2+0x11b/0x1d0 [ 287.485503][T11662] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.485549][T11662] __x64_sys_openat+0x174/0x210 [ 287.485582][T11662] ? __pfx___x64_sys_openat+0x10/0x10 [ 287.485630][T11662] do_syscall_64+0xcd/0x490 [ 287.485659][T11662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.485684][T11662] RIP: 0033:0x7f7afb58d310 [ 287.485705][T11662] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 287.485727][T11662] RSP: 002b:00007f7afc3b1f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 287.485750][T11662] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f7afb58d310 [ 287.485766][T11662] RDX: 0000000000000002 RSI: 00007f7afc3b1fa0 RDI: 00000000ffffff9c [ 287.485781][T11662] RBP: 00007f7afc3b1fa0 R08: 0000000000000000 R09: 0000000000000000 [ 287.485796][T11662] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 287.485811][T11662] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 287.485845][T11662] [ 288.507309][ T5855] Bluetooth: hci1: command 0x0406 tx timeout [ 289.087315][T11691] sctp: [Deprecated]: syz.2.2386 (pid 11691) Use of int in max_burst socket option deprecated. [ 289.087315][T11691] Use struct sctp_assoc_value instead [ 289.369527][ T5862] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 289.369563][ T5862] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 289.391488][ T5862] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 289.391521][ T5862] Bluetooth: hci3: adv larger than maximum supported [ 289.399370][ T5862] Bluetooth: hci3: Unknown advertising packet type: 0x7b [ 289.406831][ T5862] Bluetooth: hci3: Malformed LE Event: 0x0d [ 289.552634][T11698] FAULT_INJECTION: forcing a failure. [ 289.552634][T11698] name failslab, interval 1, probability 0, space 0, times 0 [ 289.586778][T11698] CPU: 1 UID: 0 PID: 11698 Comm: syz.3.2387 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 289.586821][T11698] Tainted: [I]=FIRMWARE_WORKAROUND [ 289.586831][T11698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 289.586845][T11698] Call Trace: [ 289.586853][T11698] [ 289.586863][T11698] dump_stack_lvl+0x16c/0x1f0 [ 289.586895][T11698] should_fail_ex+0x512/0x640 [ 289.586921][T11698] ? __kmalloc_noprof+0xbf/0x510 [ 289.586949][T11698] ? ima_write_template_field_data+0x5d/0x1f0 [ 289.586984][T11698] should_failslab+0xc2/0x120 [ 289.587020][T11698] __kmalloc_noprof+0xd2/0x510 [ 289.587054][T11698] ima_write_template_field_data+0x5d/0x1f0 [ 289.587098][T11698] ima_eventdigest_init_common+0x154/0x430 [ 289.587138][T11698] ? __pfx_ima_eventdigest_init_common+0x10/0x10 [ 289.587192][T11698] ? rcu_is_watching+0x12/0xc0 [ 289.587219][T11698] ? trace_kmalloc+0x2b/0xd0 [ 289.587248][T11698] ? __kmalloc_noprof+0x242/0x510 [ 289.587270][T11698] ? __print_lock_name+0x61/0xe0 [ 289.587300][T11698] ima_alloc_init_template+0x39d/0x720 [ 289.587340][T11698] ima_store_measurement+0x1eb/0x5c0 [ 289.587374][T11698] ? __pfx_ima_store_measurement+0x10/0x10 [ 289.587404][T11698] ? vfs_getxattr_alloc+0xec/0x340 [ 289.587455][T11698] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 289.587485][T11698] process_measurement+0x1ddb/0x23e0 [ 289.587536][T11698] ? __pfx_process_measurement+0x10/0x10 [ 289.587567][T11698] ? alloc_empty_file+0x73/0x1e0 [ 289.587597][T11698] ? hugetlb_file_setup+0x4cd/0x620 [ 289.587626][T11698] ? ksys_mmap_pgoff+0x189/0x5c0 [ 289.587657][T11698] ? __x64_sys_mmap+0x125/0x190 [ 289.587744][T11698] ima_file_mmap+0x1b1/0x1d0 [ 289.587776][T11698] ? __pfx_ima_file_mmap+0x10/0x10 [ 289.587812][T11698] security_mmap_file+0x88c/0x990 [ 289.587854][T11698] vm_mmap_pgoff+0xec/0x450 [ 289.587891][T11698] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 289.587920][T11698] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 289.587952][T11698] ? hugetlbfs_get_inode+0x31f/0x730 [ 289.588000][T11698] ksys_mmap_pgoff+0x1c8/0x5c0 [ 289.588040][T11698] __x64_sys_mmap+0x125/0x190 [ 289.588080][T11698] do_syscall_64+0xcd/0x490 [ 289.588111][T11698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.588138][T11698] RIP: 0033:0x7f7afb58e9a9 [ 289.588160][T11698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.588184][T11698] RSP: 002b:00007f7afc3b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 289.588209][T11698] RAX: ffffffffffffffda RBX: 00007f7afb7b5fa0 RCX: 00007f7afb58e9a9 [ 289.588225][T11698] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 289.588241][T11698] RBP: 00007f7afb610d69 R08: 0000000000000401 R09: 0000300000000000 [ 289.588257][T11698] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 289.588272][T11698] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 289.588307][T11698] [ 289.611986][ T30] audit: type=1804 audit(4294967366.989:11): pid=11698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.2387" name="anon_hugepage" dev="hugetlbfs" ino=28976 res=0 errno=0 [ 289.988191][T11705] netlink: 74 bytes leftover after parsing attributes in process `syz.3.2390'. [ 290.810066][T11725] FAULT_INJECTION: forcing a failure. [ 290.810066][T11725] name failslab, interval 1, probability 0, space 0, times 0 [ 290.824726][T11725] CPU: 0 UID: 0 PID: 11725 Comm: syz.2.2399 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 290.824767][T11725] Tainted: [I]=FIRMWARE_WORKAROUND [ 290.824777][T11725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 290.824792][T11725] Call Trace: [ 290.824800][T11725] [ 290.824809][T11725] dump_stack_lvl+0x16c/0x1f0 [ 290.824837][T11725] should_fail_ex+0x512/0x640 [ 290.824860][T11725] ? __kvmalloc_node_noprof+0x124/0x620 [ 290.824899][T11725] should_failslab+0xc2/0x120 [ 290.824924][T11725] __kvmalloc_node_noprof+0x137/0x620 [ 290.824958][T11725] ? io_alloc_cache_init+0x33/0x170 [ 290.824987][T11725] ? io_alloc_cache_init+0x33/0x170 [ 290.825007][T11725] io_alloc_cache_init+0x33/0x170 [ 290.825031][T11725] io_uring_setup+0x63b/0x2080 [ 290.825066][T11725] ? __pfx_io_uring_setup+0x10/0x10 [ 290.825097][T11725] ? do_futex+0x122/0x350 [ 290.825124][T11725] ? __pfx_do_futex+0x10/0x10 [ 290.825147][T11725] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 290.825188][T11725] ? xfd_validate_state+0x61/0x180 [ 290.825215][T11725] ? __pfx_do_writev+0x10/0x10 [ 290.825253][T11725] __x64_sys_io_uring_setup+0xc2/0x170 [ 290.825286][T11725] do_syscall_64+0xcd/0x490 [ 290.825311][T11725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.825333][T11725] RIP: 0033:0x7f695058e9a9 [ 290.825351][T11725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.825371][T11725] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 290.825392][T11725] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 290.825406][T11725] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000002000 [ 290.825419][T11725] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 290.825432][T11725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.825445][T11725] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 290.825474][T11725] [ 291.310724][ T5862] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 291.310765][ T5862] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 291.327822][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 291.327879][ T5862] Bluetooth: hci1: adv larger than maximum supported [ 291.336243][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7b [ 291.343651][ T5862] Bluetooth: hci1: Malformed LE Event: 0x0d [ 292.150207][T11758] random: crng reseeded on system resumption [ 292.597245][ T5862] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 292.597286][ T5862] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 292.614831][ T5862] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 292.614864][ T5862] Bluetooth: hci0: adv larger than maximum supported [ 292.622652][ T5862] Bluetooth: hci0: Unknown advertising packet type: 0x7b [ 292.632840][ T5862] Bluetooth: hci0: Malformed LE Event: 0x0d syzkaller syzkaller login: [ 292.885017][T11780] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2418'. [ 292.900614][T11773] zswap: compressor not available [ 293.071819][T11785] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2421'. [ 293.170842][T11790] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2422'. [ 293.419768][T11800] usb usb28: usbfs: process 11800 (syz.3.2426) did not claim interface 0 before use [ 293.655628][T11809] netlink: 26 bytes leftover after parsing attributes in process `syz.2.2431'. [ 293.667044][T11809] openvswitch: netlink: IP tunnel dst address not specified [ 293.979047][ T5862] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 293.979088][ T5862] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 293.995503][ T5862] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 293.995558][ T5862] Bluetooth: hci2: Malformed LE Event: 0x0d [ 294.088178][T11825] FAULT_INJECTION: forcing a failure. [ 294.088178][T11825] name failslab, interval 1, probability 0, space 0, times 0 [ 294.102613][T11825] CPU: 0 UID: 0 PID: 11825 Comm: syz.2.2436 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 294.102658][T11825] Tainted: [I]=FIRMWARE_WORKAROUND [ 294.102668][T11825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 294.102685][T11825] Call Trace: [ 294.102694][T11825] [ 294.102704][T11825] dump_stack_lvl+0x16c/0x1f0 [ 294.102738][T11825] should_fail_ex+0x512/0x640 [ 294.102763][T11825] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 294.102794][T11825] should_failslab+0xc2/0x120 [ 294.102824][T11825] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 294.102849][T11825] ? do_futex+0x122/0x350 [ 294.102875][T11825] ? __do_sys_getcwd+0xe0/0x930 [ 294.102909][T11825] __do_sys_getcwd+0xe0/0x930 [ 294.102943][T11825] ? __x64_sys_futex+0x1e0/0x4c0 [ 294.102969][T11825] ? __x64_sys_futex+0x1e9/0x4c0 [ 294.102996][T11825] ? __pfx___do_sys_getcwd+0x10/0x10 [ 294.103028][T11825] ? xfd_validate_state+0x61/0x180 [ 294.103057][T11825] ? __pfx_ksys_write+0x10/0x10 [ 294.103090][T11825] do_syscall_64+0xcd/0x490 [ 294.103118][T11825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.103143][T11825] RIP: 0033:0x7f695058e9a9 [ 294.103166][T11825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.103192][T11825] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 294.103216][T11825] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 294.103234][T11825] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 294.103250][T11825] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 294.103265][T11825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.103281][T11825] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 294.103317][T11825] syzkaller syzkaller login: [ 294.780159][T11831] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2441'. [ 294.829457][T11833] FAULT_INJECTION: forcing a failure. [ 294.829457][T11833] name failslab, interval 1, probability 0, space 0, times 0 [ 294.859253][T11833] CPU: 1 UID: 0 PID: 11833 Comm: syz.3.2439 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 294.859305][T11833] Tainted: [I]=FIRMWARE_WORKAROUND [ 294.859315][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 294.859331][T11833] Call Trace: [ 294.859341][T11833] [ 294.859351][T11833] dump_stack_lvl+0x16c/0x1f0 [ 294.859383][T11833] should_fail_ex+0x512/0x640 [ 294.859410][T11833] ? fs_reclaim_acquire+0xae/0x150 [ 294.859446][T11833] ? tomoyo_open_control+0x51f/0xa30 [ 294.859473][T11833] should_failslab+0xc2/0x120 [ 294.859499][T11833] __kmalloc_noprof+0xd2/0x510 [ 294.859533][T11833] tomoyo_open_control+0x51f/0xa30 [ 294.859569][T11833] do_dentry_open+0x744/0x1c10 [ 294.859596][T11833] ? __pfx_tomoyo_open+0x10/0x10 [ 294.859625][T11833] vfs_open+0x82/0x3f0 [ 294.859659][T11833] path_openat+0x1de4/0x2cb0 [ 294.859694][T11833] ? __pfx_path_openat+0x10/0x10 [ 294.859720][T11833] ? __lock_acquire+0xb8a/0x1c90 [ 294.859753][T11833] do_filp_open+0x20b/0x470 [ 294.859778][T11833] ? __pfx_do_filp_open+0x10/0x10 [ 294.859829][T11833] ? alloc_fd+0x471/0x7d0 [ 294.859874][T11833] do_sys_openat2+0x11b/0x1d0 [ 294.859905][T11833] ? __pfx_do_sys_openat2+0x10/0x10 [ 294.859950][T11833] __x64_sys_openat+0x174/0x210 [ 294.859983][T11833] ? __pfx___x64_sys_openat+0x10/0x10 [ 294.860029][T11833] do_syscall_64+0xcd/0x490 [ 294.860058][T11833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.860085][T11833] RIP: 0033:0x7f7afb58e9a9 [ 294.860105][T11833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.860131][T11833] RSP: 002b:00007f7afc3b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 294.860156][T11833] RAX: ffffffffffffffda RBX: 00007f7afb7b5fa0 RCX: 00007f7afb58e9a9 [ 294.860173][T11833] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 294.860190][T11833] RBP: 00007f7afb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 294.860204][T11833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.860217][T11833] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 294.860254][T11833] [ 295.513064][ T5862] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 295.513103][ T5862] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 295.529859][ T5862] bt_err_ratelimited: 2 callbacks suppressed [ 295.529877][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 295.537294][ T5862] Bluetooth: hci1: adv larger than maximum supported [ 295.545560][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7b [ 295.553068][ T5862] Bluetooth: hci1: Malformed LE Event: 0x0d [ 295.806137][T11862] sctp: [Deprecated]: syz.3.2450 (pid 11862) Use of int in max_burst socket option deprecated. [ 295.806137][T11862] Use struct sctp_assoc_value instead [ 296.733967][T11878] FAULT_INJECTION: forcing a failure. [ 296.733967][T11878] name failslab, interval 1, probability 0, space 0, times 0 [ 296.748271][T11878] CPU: 0 UID: 0 PID: 11878 Comm: syz.2.2457 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 296.748296][T11878] Tainted: [I]=FIRMWARE_WORKAROUND [ 296.748302][T11878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 296.748311][T11878] Call Trace: [ 296.748316][T11878] [ 296.748322][T11878] dump_stack_lvl+0x16c/0x1f0 [ 296.748343][T11878] should_fail_ex+0x512/0x640 [ 296.748359][T11878] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 296.748383][T11878] should_failslab+0xc2/0x120 [ 296.748400][T11878] __kmalloc_cache_noprof+0x6a/0x3e0 [ 296.748421][T11878] ? __mutex_lock+0x1ca/0xb90 [ 296.748435][T11878] ? alloc_tty_struct+0x96/0x8c0 [ 296.748456][T11878] alloc_tty_struct+0x96/0x8c0 [ 296.748471][T11878] ? __pfx___mutex_lock+0x10/0x10 [ 296.748486][T11878] ? __pfx_alloc_tty_struct+0x10/0x10 [ 296.748502][T11878] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 296.748522][T11878] tty_init_dev.part.0+0x1e/0x500 [ 296.748540][T11878] tty_init_dev+0x60/0x80 [ 296.748557][T11878] ? __pfx_ptmx_open+0x10/0x10 [ 296.748577][T11878] ptmx_open+0x10d/0x360 [ 296.748598][T11878] ? __pfx_ptmx_open+0x10/0x10 [ 296.748619][T11878] chrdev_open+0x231/0x6a0 [ 296.748634][T11878] ? __pfx_apparmor_file_open+0x10/0x10 [ 296.748656][T11878] ? __pfx_chrdev_open+0x10/0x10 [ 296.748672][T11878] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 296.748698][T11878] do_dentry_open+0x744/0x1c10 [ 296.748713][T11878] ? __pfx_chrdev_open+0x10/0x10 [ 296.748731][T11878] vfs_open+0x82/0x3f0 [ 296.748752][T11878] path_openat+0x1de4/0x2cb0 [ 296.748772][T11878] ? __pfx_path_openat+0x10/0x10 [ 296.748787][T11878] ? __lock_acquire+0xb8a/0x1c90 [ 296.748809][T11878] do_filp_open+0x20b/0x470 [ 296.748823][T11878] ? __pfx_do_filp_open+0x10/0x10 [ 296.748850][T11878] ? alloc_fd+0x471/0x7d0 [ 296.748877][T11878] do_sys_openat2+0x11b/0x1d0 [ 296.748895][T11878] ? __pfx_do_sys_openat2+0x10/0x10 [ 296.748920][T11878] __x64_sys_openat+0x174/0x210 [ 296.748939][T11878] ? __pfx___x64_sys_openat+0x10/0x10 [ 296.748965][T11878] do_syscall_64+0xcd/0x490 [ 296.748982][T11878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.748996][T11878] RIP: 0033:0x7f695058e9a9 [ 296.749009][T11878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.749022][T11878] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 296.749036][T11878] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 296.749045][T11878] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 296.749054][T11878] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 296.749062][T11878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.749071][T11878] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 296.749089][T11878] [ 297.077523][T11856] kexec: Could not allocate control_code_buffer [ 297.459846][ T5862] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 297.459882][ T5862] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 297.476976][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 297.477008][ T5862] Bluetooth: hci1: adv larger than maximum supported [ 297.485711][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7b [ 297.493224][ T5862] Bluetooth: hci1: Malformed LE Event: 0x0d [ 297.645649][T11895] netlink: 'syz.2.2462': attribute type 64 has an invalid length. [ 297.657425][T11895] netlink: 74 bytes leftover after parsing attributes in process `syz.2.2462'. [ 297.772765][T11897] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 298.023764][T11905] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2468'. [ 298.518941][ T5862] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 298.518977][ T5862] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 298.535475][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 298.535506][ T5862] Bluetooth: hci1: adv larger than maximum supported [ 298.543341][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7b [ 298.550857][ T5862] Bluetooth: hci1: Malformed LE Event: 0x0d [ 298.817129][T11928] FAULT_INJECTION: forcing a failure. [ 298.817129][T11928] name failslab, interval 1, probability 0, space 0, times 0 [ 298.850190][T11928] CPU: 0 UID: 0 PID: 11928 Comm: syz.1.2476 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 298.850232][T11928] Tainted: [I]=FIRMWARE_WORKAROUND [ 298.850241][T11928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 298.850254][T11928] Call Trace: [ 298.850262][T11928] [ 298.850271][T11928] dump_stack_lvl+0x16c/0x1f0 [ 298.850311][T11928] should_fail_ex+0x512/0x640 [ 298.850337][T11928] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 298.850369][T11928] should_failslab+0xc2/0x120 [ 298.850399][T11928] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 298.850428][T11928] ? alloc_inode+0xc3/0x240 [ 298.850463][T11928] alloc_inode+0xc3/0x240 [ 298.850494][T11928] path_from_stashed+0x2be/0xb00 [ 298.850526][T11928] ? __pfx_path_from_stashed+0x10/0x10 [ 298.850554][T11928] ? do_raw_read_unlock+0x44/0xe0 [ 298.850586][T11928] ns_get_path+0x5f/0x80 [ 298.850622][T11928] proc_ns_get_link+0x121/0x260 [ 298.850659][T11928] ? __pfx_proc_ns_get_link+0x10/0x10 [ 298.850700][T11928] ? atime_needs_update+0x8b/0x710 [ 298.850734][T11928] ? __pfx_proc_ns_get_link+0x10/0x10 [ 298.850770][T11928] step_into+0x1a29/0x2270 [ 298.850814][T11928] ? __pfx_step_into+0x10/0x10 [ 298.850848][T11928] ? find_held_lock+0x2b/0x80 [ 298.850885][T11928] path_openat+0x6db/0x2cb0 [ 298.850923][T11928] ? __pfx_path_openat+0x10/0x10 [ 298.850951][T11928] ? __lock_acquire+0xb8a/0x1c90 [ 298.850986][T11928] do_filp_open+0x20b/0x470 [ 298.851010][T11928] ? __pfx_do_filp_open+0x10/0x10 [ 298.851055][T11928] ? alloc_fd+0x471/0x7d0 [ 298.851100][T11928] do_sys_openat2+0x11b/0x1d0 [ 298.851131][T11928] ? __pfx_do_sys_openat2+0x10/0x10 [ 298.851178][T11928] __x64_sys_openat+0x174/0x210 [ 298.851210][T11928] ? __pfx___x64_sys_openat+0x10/0x10 [ 298.851256][T11928] do_syscall_64+0xcd/0x490 [ 298.851292][T11928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.851319][T11928] RIP: 0033:0x7fc71f98d310 [ 298.851341][T11928] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 298.851366][T11928] RSP: 002b:00007fc7208a0f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 298.851392][T11928] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc71f98d310 [ 298.851410][T11928] RDX: 0000000000000002 RSI: 00007fc7208a0fa0 RDI: 00000000ffffff9c [ 298.851426][T11928] RBP: 00007fc7208a0fa0 R08: 0000000000000000 R09: 0000000000000000 [ 298.851442][T11928] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 298.851457][T11928] R13: 0000000000000000 R14: 00007fc71fbb5fa0 R15: 00007ffd8bf439c8 [ 298.851501][T11928] [ 299.631543][ T5862] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 299.631584][ T5862] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 299.647958][ T5862] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 299.648015][ T5862] Bluetooth: hci1: Malformed LE Event: 0x0d [ 300.089178][T11956] FAULT_INJECTION: forcing a failure. [ 300.089178][T11956] name failslab, interval 1, probability 0, space 0, times 0 [ 300.114329][T11956] CPU: 0 UID: 0 PID: 11956 Comm: syz.2.2488 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 300.114375][T11956] Tainted: [I]=FIRMWARE_WORKAROUND [ 300.114385][T11956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 300.114403][T11956] Call Trace: [ 300.114411][T11956] [ 300.114420][T11956] dump_stack_lvl+0x16c/0x1f0 [ 300.114453][T11956] should_fail_ex+0x512/0x640 [ 300.114480][T11956] ? __kmalloc_noprof+0xbf/0x510 [ 300.114509][T11956] ? memcg_list_lru_alloc+0x4e9/0x740 [ 300.114534][T11956] should_failslab+0xc2/0x120 [ 300.114563][T11956] __kmalloc_noprof+0xd2/0x510 [ 300.114587][T11956] ? __lock_acquire+0x622/0x1c90 [ 300.114626][T11956] memcg_list_lru_alloc+0x4e9/0x740 [ 300.114662][T11956] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 300.114699][T11956] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 300.114742][T11956] __memcg_slab_post_alloc_hook+0x133/0x960 [ 300.114780][T11956] ? kasan_save_track+0x14/0x30 [ 300.114809][T11956] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 300.114837][T11956] ? alloc_inode+0xc3/0x240 [ 300.114873][T11956] alloc_inode+0xc3/0x240 [ 300.114904][T11956] path_from_stashed+0x2be/0xb00 [ 300.114934][T11956] ? __pfx_path_from_stashed+0x10/0x10 [ 300.114962][T11956] ? do_raw_read_unlock+0x44/0xe0 [ 300.114993][T11956] ns_get_path+0x5f/0x80 [ 300.115029][T11956] proc_ns_get_link+0x121/0x260 [ 300.115067][T11956] ? __pfx_proc_ns_get_link+0x10/0x10 [ 300.115102][T11956] ? atime_needs_update+0x8b/0x710 [ 300.115134][T11956] ? __pfx_proc_ns_get_link+0x10/0x10 [ 300.115170][T11956] step_into+0x1a29/0x2270 [ 300.115225][T11956] ? __pfx_step_into+0x10/0x10 [ 300.115262][T11956] ? find_held_lock+0x2b/0x80 [ 300.115301][T11956] path_openat+0x6db/0x2cb0 [ 300.115338][T11956] ? __pfx_path_openat+0x10/0x10 [ 300.115367][T11956] ? __lock_acquire+0xb8a/0x1c90 [ 300.115404][T11956] do_filp_open+0x20b/0x470 [ 300.115429][T11956] ? __pfx_do_filp_open+0x10/0x10 [ 300.115481][T11956] ? alloc_fd+0x471/0x7d0 [ 300.115527][T11956] do_sys_openat2+0x11b/0x1d0 [ 300.115561][T11956] ? __pfx_do_sys_openat2+0x10/0x10 [ 300.115606][T11956] __x64_sys_openat+0x174/0x210 [ 300.115640][T11956] ? __pfx___x64_sys_openat+0x10/0x10 [ 300.115688][T11956] do_syscall_64+0xcd/0x490 [ 300.115719][T11956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.115746][T11956] RIP: 0033:0x7f695058d310 [ 300.115768][T11956] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 300.115793][T11956] RSP: 002b:00007f6951485f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 300.115818][T11956] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f695058d310 [ 300.115835][T11956] RDX: 0000000000000002 RSI: 00007f6951485fa0 RDI: 00000000ffffff9c [ 300.115852][T11956] RBP: 00007f6951485fa0 R08: 0000000000000000 R09: 0000000000000000 [ 300.115869][T11956] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 300.115884][T11956] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 300.115918][T11956] [ 300.576193][T11960] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2489'. [ 301.753535][T11994] FAULT_INJECTION: forcing a failure. [ 301.753535][T11994] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 301.760543][T11980] zswap: compressor not available [ 301.776512][T11994] CPU: 0 UID: 0 PID: 11994 Comm: syz.2.2501 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 301.776555][T11994] Tainted: [I]=FIRMWARE_WORKAROUND [ 301.776565][T11994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 301.776582][T11994] Call Trace: [ 301.776591][T11994] [ 301.776601][T11994] dump_stack_lvl+0x16c/0x1f0 [ 301.776633][T11994] should_fail_ex+0x512/0x640 [ 301.776667][T11994] should_fail_alloc_page+0xe7/0x130 [ 301.776700][T11994] prepare_alloc_pages+0x3c2/0x610 [ 301.776735][T11994] ? rcu_is_watching+0x12/0xc0 [ 301.776766][T11994] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 301.776804][T11994] ? __lock_acquire+0xb8a/0x1c90 [ 301.776856][T11994] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 301.776884][T11994] ? do_raw_spin_lock+0x12c/0x2b0 [ 301.776922][T11994] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 301.776959][T11994] ? find_held_lock+0x2b/0x80 [ 301.776997][T11994] ? __lock_acquire+0xb8a/0x1c90 [ 301.777028][T11994] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 301.777067][T11994] ? policy_nodemask+0xea/0x4e0 [ 301.777100][T11994] alloc_pages_mpol+0x1fb/0x550 [ 301.777130][T11994] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 301.777171][T11994] folio_alloc_mpol_noprof+0x36/0x2f0 [ 301.777205][T11994] shmem_alloc_folio+0x135/0x160 [ 301.777243][T11994] shmem_alloc_and_add_folio+0x499/0xc20 [ 301.777292][T11994] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 301.777335][T11994] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 301.777369][T11994] shmem_get_folio_gfp+0x67f/0x1600 [ 301.777399][T11994] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 301.777427][T11994] ? __lock_acquire+0x622/0x1c90 [ 301.777464][T11994] shmem_fault+0x1fe/0xa30 [ 301.777492][T11994] ? __pfx_shmem_fault+0x10/0x10 [ 301.777529][T11994] ? __lock_acquire+0xb8a/0x1c90 [ 301.777571][T11994] __do_fault+0x10d/0x490 [ 301.777598][T11994] ? __pfx_filemap_map_pages+0x10/0x10 [ 301.777627][T11994] __handle_mm_fault+0x374c/0x5490 [ 301.777674][T11994] ? __pfx___handle_mm_fault+0x10/0x10 [ 301.777712][T11994] ? __pte_offset_map_lock+0x174/0x310 [ 301.777743][T11994] ? find_held_lock+0x2b/0x80 [ 301.777768][T11994] ? find_held_lock+0x2b/0x80 [ 301.777810][T11994] ? follow_page_pte+0x3af/0x14c0 [ 301.777853][T11994] handle_mm_fault+0x589/0xd10 [ 301.777899][T11994] __get_user_pages+0x589/0x3b80 [ 301.777948][T11994] ? __pfx___get_user_pages+0x10/0x10 [ 301.777981][T11994] ? __pfx_down_read_killable+0x10/0x10 [ 301.778013][T11994] ? __lock_acquire+0xb8a/0x1c90 [ 301.778052][T11994] faultin_page_range+0x249/0x980 [ 301.778096][T11994] madvise_do_behavior+0x268/0x3f0 [ 301.778133][T11994] ? __pfx_madvise_do_behavior+0x10/0x10 [ 301.778185][T11994] do_madvise+0x161/0x230 [ 301.778217][T11994] ? __pfx_do_madvise+0x10/0x10 [ 301.778264][T11994] ? xfd_validate_state+0x61/0x180 [ 301.778296][T11994] ? __pfx_do_writev+0x10/0x10 [ 301.778340][T11994] __x64_sys_madvise+0xa9/0x110 [ 301.778371][T11994] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.778396][T11994] do_syscall_64+0xcd/0x490 [ 301.778425][T11994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.778451][T11994] RIP: 0033:0x7f695058e9a9 [ 301.778472][T11994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.778496][T11994] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 301.778521][T11994] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 301.778539][T11994] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 301.778555][T11994] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 301.778571][T11994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.778587][T11994] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 301.778623][T11994] [ 302.713837][T12003] openvswitch: netlink: IP tunnel dst address not specified [ 302.731207][T12003] openvswitch: netlink: IP tunnel dst address not specified [ 303.002889][T12007] FAULT_INJECTION: forcing a failure. [ 303.002889][T12007] name failslab, interval 1, probability 0, space 0, times 0 [ 303.019936][T12007] CPU: 1 UID: 0 PID: 12007 Comm: syz.2.2507 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 303.019981][T12007] Tainted: [I]=FIRMWARE_WORKAROUND [ 303.019990][T12007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 303.020006][T12007] Call Trace: [ 303.020015][T12007] [ 303.020026][T12007] dump_stack_lvl+0x16c/0x1f0 [ 303.020058][T12007] should_fail_ex+0x512/0x640 [ 303.020083][T12007] ? fs_reclaim_acquire+0xae/0x150 [ 303.020119][T12007] ? ima_alloc_init_template+0x19d/0x720 [ 303.020146][T12007] should_failslab+0xc2/0x120 [ 303.020174][T12007] __kmalloc_noprof+0xd2/0x510 [ 303.020199][T12007] ? __print_lock_name+0x61/0xe0 [ 303.020229][T12007] ima_alloc_init_template+0x19d/0x720 [ 303.020260][T12007] ? take_dentry_name_snapshot+0x319/0x7d0 [ 303.020296][T12007] ima_store_measurement+0x1eb/0x5c0 [ 303.020329][T12007] ? __pfx_ima_store_measurement+0x10/0x10 [ 303.020360][T12007] ? vfs_getxattr_alloc+0xec/0x340 [ 303.020407][T12007] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 303.020439][T12007] process_measurement+0x1ddb/0x23e0 [ 303.020481][T12007] ? __pfx_process_measurement+0x10/0x10 [ 303.020513][T12007] ? alloc_empty_file+0x73/0x1e0 [ 303.020541][T12007] ? hugetlb_file_setup+0x4cd/0x620 [ 303.020572][T12007] ? ksys_mmap_pgoff+0x189/0x5c0 [ 303.020600][T12007] ? __x64_sys_mmap+0x125/0x190 [ 303.020699][T12007] ima_file_mmap+0x1b1/0x1d0 [ 303.020729][T12007] ? __pfx_ima_file_mmap+0x10/0x10 [ 303.020766][T12007] security_mmap_file+0x88c/0x990 [ 303.020805][T12007] vm_mmap_pgoff+0xec/0x450 [ 303.020841][T12007] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 303.020868][T12007] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 303.020901][T12007] ? hugetlbfs_get_inode+0x31f/0x730 [ 303.020943][T12007] ksys_mmap_pgoff+0x1c8/0x5c0 [ 303.020981][T12007] __x64_sys_mmap+0x125/0x190 [ 303.021019][T12007] do_syscall_64+0xcd/0x490 [ 303.021049][T12007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.021075][T12007] RIP: 0033:0x7f695058e9a9 [ 303.021098][T12007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.021125][T12007] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 303.021150][T12007] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 303.021168][T12007] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 303.021184][T12007] RBP: 00007f6950610d69 R08: 0000000000000401 R09: 0000300000000000 [ 303.021200][T12007] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 303.021215][T12007] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 303.021251][T12007] [ 303.312715][ T30] audit: type=1804 audit(4294967380.419:12): pid=12007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.2507" name="anon_hugepage" dev="hugetlbfs" ino=30426 res=0 errno=0 [ 304.138938][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2517'. [ 304.445177][T12037] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2519'. [ 306.173430][T12060] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2529'. [ 306.189553][T12060] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2529'. [ 306.415024][T12071] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2533'. [ 307.484161][T12118] [U]  [ 307.487287][T12118] [U] [ 307.490290][T12118] [U] [ 307.493288][T12118] [U] [ 307.505651][T12118] [U] [ 307.508667][T12118] [U] [ 307.511652][T12118] [U] [ 307.514643][T12118] [U] [ 307.519330][T12118] [U] [ 307.522342][T12118] [U] [ 307.525326][T12118] [U] [ 307.528292][T12118] [U] [ 307.532295][T12118] [U] [ 307.535318][T12118] [U] [ 307.538305][T12118] [U] [ 307.541291][T12118] [U] [ 307.551883][T12118] [U] [ 307.554887][T12118] [U] [ 307.557854][T12118] [U] [ 307.560816][T12118] [U] [ 307.565111][T12118] [U] [ 307.568111][T12118] [U] [ 307.571087][T12118] [U] [ 307.574070][T12118] [U] [ 307.578143][T12118] [U] [ 307.581138][T12118] [U] [ 307.584116][T12118] [U] [ 307.587085][T12118] [U] [ 307.591687][T12118] [U] [ 307.594688][T12118] [U] [ 307.597679][T12118] [U] [ 307.600660][T12118] [U] [ 307.604932][T12118] [U] [ 307.607933][T12118] [U] [ 307.610908][T12118] [U] [ 307.613876][T12118] [U] [ 307.617722][T12118] [U] [ 307.620721][T12118] [U] [ 307.623701][T12118] [U] [ 307.626685][T12118] [U] [ 307.630855][T12118] [U] [ 307.633853][T12118] [U] [ 307.636838][T12118] [U] [ 307.639818][T12118] [U] [ 307.643723][T12118] [U] [ 307.646727][T12118] [U] [ 307.649712][T12118] [U] [ 307.652693][T12118] [U] [ 307.657336][T12118] [U] [ 307.660344][T12118] [U] [ 307.663332][T12118] [U] [ 307.666316][T12118] [U] [ 307.674563][T12118] [U] [ 307.677564][T12118] [U] [ 307.680545][T12118] [U] [ 307.683520][T12118] [U] [ 307.687037][T12118] [U] [ 307.690030][T12118] [U] [ 307.693009][T12118] [U] [ 307.695991][T12118] [U] [ 307.699588][T12118] [U] [ 307.702583][T12118] [U] [ 307.705566][T12118] [U] [ 307.708541][T12118] [U] [ 307.712233][T12118] [U] [ 307.715221][T12118] [U] [ 307.718207][T12118] [U] [ 307.721188][T12118] [U] [ 307.725563][T12118] [U] [ 307.728558][T12118] [U] [ 307.731543][T12118] [U] [ 307.734525][T12118] [U] [ 307.754377][T12118] [U] [ 307.757393][T12118] [U] [ 307.760361][T12118] [U] [ 307.763321][T12118] [U] [ 307.766554][T12118] [U] [ 307.769547][T12118] [U] [ 307.772528][T12118] [U] [ 307.775508][T12118] [U] [ 307.778717][T12118] [U] [ 307.781697][T12118] [U] [ 307.784670][T12118] [U] [ 307.787650][T12118] [U] [ 307.794796][T12118] [U] [ 307.797798][T12118] [U] [ 307.800776][T12118] [U] [ 307.803754][T12118] [U] [ 307.811674][T12118] [U] [ 307.814676][T12118] [U] [ 307.817657][T12118] [U] [ 307.820641][T12118] [U] [ 307.834382][T12118] [U] [ 307.837403][T12118] [U] [ 307.840425][T12118] [U] [ 307.843416][T12118] [U] [ 307.854414][T12118] [U] [ 307.857438][T12118] [U] [ 307.860426][T12118] [U] [ 307.863417][T12118] [U] [ 307.867276][T12118] [U] [ 307.870289][T12118] [U] [ 307.873280][T12118] [U] [ 307.876263][T12118] [U] [ 307.879491][T12118] [U] [ 307.882480][T12118] [U] [ 307.885464][T12118] [U] [ 307.888443][T12118] [U] [ 307.891955][T12118] [U] [ 307.894948][T12118] [U] [ 307.897928][T12118] [U] [ 307.900904][T12118] [U] [ 307.904304][T12118] [U] [ 307.907307][T12118] [U] [ 307.910297][T12118] [U] [ 307.913279][T12118] [U] [ 307.916557][T12118] [U] [ 307.919548][T12118] [U] [ 307.922524][T12118] [U] [ 307.925501][T12118] [U] [ 307.928680][T12118] [U] [ 307.931654][T12118] [U] [ 307.934619][T12118] [U] [ 307.937580][T12118] [U] [ 307.940705][T12118] [U] [ 307.943687][T12118] [U] [ 307.946659][T12118] [U] [ 307.987882][T12117] [U] [ 309.046050][T12167] FAULT_INJECTION: forcing a failure. [ 309.046050][T12167] name failslab, interval 1, probability 0, space 0, times 0 [ 309.056097][T12165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2569'. [ 309.075595][T12167] CPU: 0 UID: 0 PID: 12167 Comm: syz.2.2571 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 309.075639][T12167] Tainted: [I]=FIRMWARE_WORKAROUND [ 309.075650][T12167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 309.075666][T12167] Call Trace: [ 309.075676][T12167] [ 309.075686][T12167] dump_stack_lvl+0x16c/0x1f0 [ 309.075719][T12167] should_fail_ex+0x512/0x640 [ 309.075745][T12167] ? __kmalloc_noprof+0xbf/0x510 [ 309.075775][T12167] ? sk_prot_alloc+0x1a8/0x2a0 [ 309.075805][T12167] should_failslab+0xc2/0x120 [ 309.075836][T12167] __kmalloc_noprof+0xd2/0x510 [ 309.075868][T12167] sk_prot_alloc+0x1a8/0x2a0 [ 309.075900][T12167] sk_alloc+0x36/0xc20 [ 309.075924][T12167] pppol2tp_create+0x32/0x250 [ 309.075959][T12167] pppox_create+0x15c/0x2c0 [ 309.075991][T12167] __sock_create+0x335/0x8d0 [ 309.076026][T12167] __sys_socket+0x14d/0x260 [ 309.076058][T12167] ? __pfx___sys_socket+0x10/0x10 [ 309.076087][T12167] ? xfd_validate_state+0x61/0x180 [ 309.076116][T12167] ? __pfx_do_pwritev+0x10/0x10 [ 309.076153][T12167] __x64_sys_socket+0x72/0xb0 [ 309.076185][T12167] ? lockdep_hardirqs_on+0x7c/0x110 [ 309.076209][T12167] do_syscall_64+0xcd/0x490 [ 309.076238][T12167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.076264][T12167] RIP: 0033:0x7f695058e9a9 [ 309.076286][T12167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.076312][T12167] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 309.076337][T12167] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 309.076355][T12167] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000018 [ 309.076372][T12167] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 309.076387][T12167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.076403][T12167] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 309.076437][T12167] [ 310.244559][T12198] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2584'. [ 310.313988][T12200] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2590'. [ 311.960972][T12238] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2599'. [ 311.991341][T12233] Process accounting paused [ 313.448705][T12274] FAULT_INJECTION: forcing a failure. [ 313.448705][T12274] name failslab, interval 1, probability 0, space 0, times 0 [ 313.473188][T12274] CPU: 1 UID: 0 PID: 12274 Comm: syz.2.2616 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 313.473234][T12274] Tainted: [I]=FIRMWARE_WORKAROUND [ 313.473244][T12274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 313.473259][T12274] Call Trace: [ 313.473269][T12274] [ 313.473279][T12274] dump_stack_lvl+0x16c/0x1f0 [ 313.473311][T12274] should_fail_ex+0x512/0x640 [ 313.473342][T12274] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 313.473379][T12274] should_failslab+0xc2/0x120 [ 313.473409][T12274] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 313.473441][T12274] ? devinet_init_net+0x9c/0x910 [ 313.473476][T12274] ? __pfx_devinet_init_net+0x10/0x10 [ 313.473510][T12274] kmemdup_noprof+0x29/0x60 [ 313.473537][T12274] devinet_init_net+0x9c/0x910 [ 313.473572][T12274] ? __pfx_devinet_init_net+0x10/0x10 [ 313.473605][T12274] ops_init+0x1df/0x5f0 [ 313.473638][T12274] setup_net+0x1ff/0x510 [ 313.473664][T12274] ? lockdep_init_map_type+0x5c/0x280 [ 313.473701][T12274] ? __pfx_setup_net+0x10/0x10 [ 313.473733][T12274] ? debug_mutex_init+0x37/0x70 [ 313.473763][T12274] copy_net_ns+0x2a6/0x5f0 [ 313.473798][T12274] create_new_namespaces+0x3ea/0xa90 [ 313.473834][T12274] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 313.473868][T12274] ksys_unshare+0x45b/0xa40 [ 313.473901][T12274] ? __pfx_ksys_unshare+0x10/0x10 [ 313.473958][T12274] __x64_sys_unshare+0x31/0x40 [ 313.473991][T12274] do_syscall_64+0xcd/0x490 [ 313.474022][T12274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.474049][T12274] RIP: 0033:0x7f695058e9a9 [ 313.474070][T12274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.474096][T12274] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 313.474121][T12274] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 313.474138][T12274] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 313.474154][T12274] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 313.474173][T12274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 313.474186][T12274] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 313.474222][T12274] [ 314.528261][T12298] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 315.599417][T12326] netlink: 'syz.0.2637': attribute type 1 has an invalid length. [ 316.671630][T12368] FAULT_INJECTION: forcing a failure. [ 316.671630][T12368] name failslab, interval 1, probability 0, space 0, times 0 [ 316.744884][T12368] CPU: 0 UID: 0 PID: 12368 Comm: syz.3.2651 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 316.744936][T12368] Tainted: [I]=FIRMWARE_WORKAROUND [ 316.744946][T12368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 316.744963][T12368] Call Trace: [ 316.744972][T12368] [ 316.744982][T12368] dump_stack_lvl+0x16c/0x1f0 [ 316.745020][T12368] should_fail_ex+0x512/0x640 [ 316.745046][T12368] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 316.745090][T12368] should_failslab+0xc2/0x120 [ 316.745121][T12368] __kmalloc_cache_noprof+0x6a/0x3e0 [ 316.745168][T12368] ? vsnprintf+0x318/0x1160 [ 316.745205][T12368] ? __alloc_workqueue+0xda2/0x1810 [ 316.745243][T12368] __alloc_workqueue+0xda2/0x1810 [ 316.745274][T12368] ? __pfx_vsnprintf+0x10/0x10 [ 316.745309][T12368] ? lockdep_hardirqs_on+0x7c/0x110 [ 316.745333][T12368] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 316.745375][T12368] alloc_workqueue+0xd2/0x200 [ 316.745407][T12368] ? __pfx_alloc_workqueue+0x10/0x10 [ 316.745450][T12368] ? __pfx___debug_object_init+0x10/0x10 [ 316.745502][T12368] nci_register_device+0x21e/0xb80 [ 316.745545][T12368] ? __pfx_nci_register_device+0x10/0x10 [ 316.745587][T12368] ? lockdep_init_map_type+0x5c/0x280 [ 316.745630][T12368] virtual_ncidev_open+0x141/0x220 [ 316.745668][T12368] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 316.745704][T12368] misc_open+0x35d/0x420 [ 316.745740][T12368] ? __pfx_misc_open+0x10/0x10 [ 316.745774][T12368] chrdev_open+0x231/0x6a0 [ 316.745801][T12368] ? __pfx_apparmor_file_open+0x10/0x10 [ 316.745839][T12368] ? __pfx_chrdev_open+0x10/0x10 [ 316.745872][T12368] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 316.745917][T12368] do_dentry_open+0x744/0x1c10 [ 316.745944][T12368] ? __pfx_chrdev_open+0x10/0x10 [ 316.745978][T12368] vfs_open+0x82/0x3f0 [ 316.746022][T12368] path_openat+0x1de4/0x2cb0 [ 316.746060][T12368] ? __pfx_path_openat+0x10/0x10 [ 316.746086][T12368] ? __lock_acquire+0xb8a/0x1c90 [ 316.746123][T12368] do_filp_open+0x20b/0x470 [ 316.746148][T12368] ? __pfx_do_filp_open+0x10/0x10 [ 316.746199][T12368] ? alloc_fd+0x471/0x7d0 [ 316.746245][T12368] do_sys_openat2+0x11b/0x1d0 [ 316.746275][T12368] ? __pfx_do_sys_openat2+0x10/0x10 [ 316.746320][T12368] __x64_sys_openat+0x174/0x210 [ 316.746352][T12368] ? __pfx___x64_sys_openat+0x10/0x10 [ 316.746395][T12368] do_syscall_64+0xcd/0x490 [ 316.746425][T12368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.746448][T12368] RIP: 0033:0x7f7afb58e9a9 [ 316.746470][T12368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.746494][T12368] RSP: 002b:00007f7afc3b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 316.746520][T12368] RAX: ffffffffffffffda RBX: 00007f7afb7b5fa0 RCX: 00007f7afb58e9a9 [ 316.746539][T12368] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 316.746558][T12368] RBP: 00007f7afb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 316.746571][T12368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.746582][T12368] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 316.746615][T12368] [ 317.171927][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.186016][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.515032][T12380] [U]  [ 317.518171][T12380] [U] [ 317.521161][T12380] [U] [ 317.524145][T12380] [U] [ 317.534561][T12380] [U] [ 317.537586][T12380] [U] [ 317.540578][T12380] [U] [ 317.543565][T12380] [U] [ 317.547023][T12380] [U] [ 317.550018][T12380] [U] [ 317.553005][T12380] [U] [ 317.555985][T12380] [U] [ 317.564555][T12380] [U] [ 317.567573][T12380] [U] [ 317.570555][T12380] [U] [ 317.573530][T12380] [U] [ 317.576988][T12380] [U] [ 317.580002][T12380] [U] [ 317.582992][T12380] [U] [ 317.585979][T12380] [U] [ 317.624563][T12381] [U] [ 317.695105][T12386] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2658'. [ 317.918763][T12392] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2661'. [ 317.949322][T12395] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 318.899768][T12417] FAULT_INJECTION: forcing a failure. [ 318.899768][T12417] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 318.980036][T12417] CPU: 1 UID: 0 PID: 12417 Comm: syz.0.2667 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 318.980083][T12417] Tainted: [I]=FIRMWARE_WORKAROUND [ 318.980093][T12417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 318.980109][T12417] Call Trace: [ 318.980119][T12417] [ 318.980129][T12417] dump_stack_lvl+0x16c/0x1f0 [ 318.980162][T12417] should_fail_ex+0x512/0x640 [ 318.980195][T12417] should_fail_alloc_page+0xe7/0x130 [ 318.980228][T12417] prepare_alloc_pages+0x3c2/0x610 [ 318.980263][T12417] ? rcu_is_watching+0x12/0xc0 [ 318.980294][T12417] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 318.980323][T12417] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 318.980356][T12417] ? is_bpf_text_address+0x94/0x1a0 [ 318.980389][T12417] ? kernel_text_address+0x8d/0x100 [ 318.980427][T12417] ? __kernel_text_address+0xd/0x40 [ 318.980463][T12417] ? unwind_get_return_address+0x59/0xa0 [ 318.980500][T12417] ? arch_stack_walk+0xa6/0x100 [ 318.980528][T12417] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 318.980575][T12417] ? stack_depot_save_flags+0x28/0xa40 [ 318.980603][T12417] ? stack_trace_save+0x8e/0xc0 [ 318.980637][T12417] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 318.980676][T12417] ? policy_nodemask+0xea/0x4e0 [ 318.980708][T12417] alloc_pages_mpol+0x1fb/0x550 [ 318.980739][T12417] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 318.980778][T12417] alloc_pages_noprof+0x131/0x390 [ 318.980815][T12417] kimage_alloc_pages+0x75/0x350 [ 318.980857][T12417] kimage_alloc_control_pages+0x153/0xa00 [ 318.980904][T12417] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 318.980953][T12417] do_kexec_load+0x480/0x8d0 [ 318.980981][T12417] ? __pfx_do_kexec_load+0x10/0x10 [ 318.981009][T12417] ? _copy_from_user+0x59/0xd0 [ 318.981045][T12417] __x64_sys_kexec_load+0x1bf/0x230 [ 318.981074][T12417] do_syscall_64+0xcd/0x490 [ 318.981103][T12417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.981129][T12417] RIP: 0033:0x7f7d32b8e9a9 [ 318.981150][T12417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.981176][T12417] RSP: 002b:00007f7d339d9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 318.981203][T12417] RAX: ffffffffffffffda RBX: 00007f7d32db5fa0 RCX: 00007f7d32b8e9a9 [ 318.981221][T12417] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 318.981237][T12417] RBP: 00007f7d32c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 318.981253][T12417] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 318.981268][T12417] R13: 0000000000000000 R14: 00007f7d32db5fa0 R15: 00007ffd73a4a3d8 [ 318.981303][T12417] [ 318.982452][T12417] kexec: Could not allocate control_code_buffer [ 319.132170][T12422] FAULT_INJECTION: forcing a failure. [ 319.132170][T12422] name failslab, interval 1, probability 0, space 0, times 0 [ 319.323293][T12422] CPU: 0 UID: 0 PID: 12422 Comm: syz.3.2668 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 319.323340][T12422] Tainted: [I]=FIRMWARE_WORKAROUND [ 319.323351][T12422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 319.323366][T12422] Call Trace: [ 319.323375][T12422] [ 319.323386][T12422] dump_stack_lvl+0x16c/0x1f0 [ 319.323420][T12422] should_fail_ex+0x512/0x640 [ 319.323445][T12422] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 319.323477][T12422] should_failslab+0xc2/0x120 [ 319.323508][T12422] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 319.323535][T12422] ? __kernfs_new_node+0xd2/0x8e0 [ 319.323579][T12422] __kernfs_new_node+0xd2/0x8e0 [ 319.323621][T12422] ? __pfx___kernfs_new_node+0x10/0x10 [ 319.323668][T12422] ? find_held_lock+0x2b/0x80 [ 319.323696][T12422] ? kernfs_root+0xee/0x2a0 [ 319.323736][T12422] kernfs_new_node+0x13c/0x1e0 [ 319.323771][T12422] __kernfs_create_file+0x53/0x350 [ 319.323809][T12422] sysfs_add_file_mode_ns+0x207/0x3c0 [ 319.323856][T12422] sysfs_merge_group+0x1aa/0x340 [ 319.323883][T12422] ? __pfx_sysfs_merge_group+0x10/0x10 [ 319.323911][T12422] ? __pfx_dev_add_physical_location+0x10/0x10 [ 319.323940][T12422] ? bus_to_subsys+0x131/0x160 [ 319.323978][T12422] dpm_sysfs_add+0x237/0x280 [ 319.324009][T12422] device_add+0x9a6/0x1a70 [ 319.324041][T12422] ? __pfx_device_add+0x10/0x10 [ 319.324070][T12422] ? lockdep_init_map_type+0x5c/0x280 [ 319.324100][T12422] ? __init_waitqueue_head+0xca/0x150 [ 319.324129][T12422] rfkill_register+0x1ad/0xb40 [ 319.324170][T12422] nfc_register_device+0x11f/0x3c0 [ 319.324202][T12422] nci_register_device+0x7f1/0xb80 [ 319.324239][T12422] ? __pfx_nci_register_device+0x10/0x10 [ 319.324278][T12422] ? lockdep_init_map_type+0x5c/0x280 [ 319.324318][T12422] virtual_ncidev_open+0x141/0x220 [ 319.324352][T12422] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 319.324384][T12422] misc_open+0x35d/0x420 [ 319.324420][T12422] ? __pfx_misc_open+0x10/0x10 [ 319.324454][T12422] chrdev_open+0x231/0x6a0 [ 319.324481][T12422] ? __pfx_apparmor_file_open+0x10/0x10 [ 319.324518][T12422] ? __pfx_chrdev_open+0x10/0x10 [ 319.324548][T12422] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 319.324592][T12422] do_dentry_open+0x744/0x1c10 [ 319.324619][T12422] ? __pfx_chrdev_open+0x10/0x10 [ 319.324654][T12422] vfs_open+0x82/0x3f0 [ 319.324689][T12422] path_openat+0x1de4/0x2cb0 [ 319.324721][T12422] ? __pfx_path_openat+0x10/0x10 [ 319.324757][T12422] ? __lock_acquire+0xb8a/0x1c90 [ 319.324796][T12422] do_filp_open+0x20b/0x470 [ 319.324823][T12422] ? __pfx_do_filp_open+0x10/0x10 [ 319.324873][T12422] ? alloc_fd+0x471/0x7d0 [ 319.324921][T12422] do_sys_openat2+0x11b/0x1d0 [ 319.324950][T12422] ? __pfx_do_sys_openat2+0x10/0x10 [ 319.324993][T12422] __x64_sys_openat+0x174/0x210 [ 319.325025][T12422] ? __pfx___x64_sys_openat+0x10/0x10 [ 319.325070][T12422] do_syscall_64+0xcd/0x490 [ 319.325098][T12422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.325124][T12422] RIP: 0033:0x7f7afb58e9a9 [ 319.325144][T12422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.325171][T12422] RSP: 002b:00007f7afc3b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 319.325197][T12422] RAX: ffffffffffffffda RBX: 00007f7afb7b5fa0 RCX: 00007f7afb58e9a9 [ 319.325215][T12422] RDX: 0000000000000002 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 319.325231][T12422] RBP: 00007f7afb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 319.325247][T12422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.325261][T12422] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 319.325294][T12422] [ 320.029564][T12437] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 320.097234][T12439] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 320.108669][T12439] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 321.289291][T12464] FAULT_INJECTION: forcing a failure. [ 321.289291][T12464] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 321.361367][T12464] CPU: 0 UID: 0 PID: 12464 Comm: syz.1.2682 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 321.361413][T12464] Tainted: [I]=FIRMWARE_WORKAROUND [ 321.361423][T12464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 321.361439][T12464] Call Trace: [ 321.361448][T12464] [ 321.361458][T12464] dump_stack_lvl+0x16c/0x1f0 [ 321.361492][T12464] should_fail_ex+0x512/0x640 [ 321.361525][T12464] should_fail_alloc_page+0xe7/0x130 [ 321.361558][T12464] prepare_alloc_pages+0x3c2/0x610 [ 321.361592][T12464] ? find_held_lock+0x2b/0x80 [ 321.361623][T12464] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 321.361657][T12464] ? folio_remove_rmap_ptes+0x138/0x970 [ 321.361701][T12464] ? try_to_migrate_one+0x14e1/0x35f0 [ 321.361742][T12464] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 321.361774][T12464] ? __pfx_try_to_migrate_one+0x10/0x10 [ 321.361820][T12464] ? __up_read+0x1f8/0x750 [ 321.361857][T12464] ? __pfx___up_read+0x10/0x10 [ 321.361891][T12464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 321.361929][T12464] ? policy_nodemask+0xea/0x4e0 [ 321.361962][T12464] alloc_pages_mpol+0x1fb/0x550 [ 321.361993][T12464] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 321.362032][T12464] folio_alloc_mpol_noprof+0x36/0x2f0 [ 321.362067][T12464] alloc_migration_target_by_mpol+0x246/0x500 [ 321.362105][T12464] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 321.362140][T12464] ? __pfx___might_resched+0x10/0x10 [ 321.362170][T12464] ? folio_get_anon_vma+0xdd/0x760 [ 321.362199][T12464] migrate_pages_batch+0x3bc/0x31a0 [ 321.362238][T12464] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 321.362285][T12464] ? __pfx_migrate_pages_batch+0x10/0x10 [ 321.362331][T12464] migrate_pages_sync+0x12d/0x8a0 [ 321.362376][T12464] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 321.362422][T12464] ? __pfx_migrate_pages_sync+0x10/0x10 [ 321.362454][T12464] ? __pfx_queue_pages_test_walk+0x10/0x10 [ 321.362503][T12464] migrate_pages+0x1b67/0x23b0 [ 321.362540][T12464] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 321.362585][T12464] ? __pfx_migrate_pages+0x10/0x10 [ 321.362621][T12464] ? find_held_lock+0x2b/0x80 [ 321.362657][T12464] ? up_write+0x1b2/0x520 [ 321.362693][T12464] do_mbind+0x6f0/0xf30 [ 321.362735][T12464] ? __pfx_do_mbind+0x10/0x10 [ 321.362767][T12464] ? do_writev+0x218/0x340 [ 321.362818][T12464] ? __pfx_get_nodes+0x10/0x10 [ 321.362854][T12464] kernel_mbind+0x1e3/0x1f0 [ 321.362888][T12464] ? __pfx_kernel_mbind+0x10/0x10 [ 321.362937][T12464] do_syscall_64+0xcd/0x490 [ 321.362966][T12464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.362994][T12464] RIP: 0033:0x7fc71f98e9a9 [ 321.363017][T12464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.363042][T12464] RSP: 002b:00007fc7208a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 321.363067][T12464] RAX: ffffffffffffffda RBX: 00007fc71fbb5fa0 RCX: 00007fc71f98e9a9 [ 321.363085][T12464] RDX: 0000000100000000 RSI: 8000000000000001 RDI: 000000000000f000 [ 321.363102][T12464] RBP: 00007fc71fa10d69 R08: 0000000000000006 R09: 0000000000000002 [ 321.363118][T12464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.363137][T12464] R13: 0000000000000000 R14: 00007fc71fbb5fa0 R15: 00007ffd8bf439c8 [ 321.363171][T12464] [ 322.083983][T12480] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2687'. [ 322.186382][T12482] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2688'. [ 322.198683][T12482] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2688'. [ 323.694990][T12522] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2706'. [ 323.915935][T12528] FAULT_INJECTION: forcing a failure. [ 323.915935][T12528] name failslab, interval 1, probability 0, space 0, times 0 [ 323.930715][T12528] CPU: 1 UID: 0 PID: 12528 Comm: syz.2.2710 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 323.930760][T12528] Tainted: [I]=FIRMWARE_WORKAROUND [ 323.930769][T12528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 323.930785][T12528] Call Trace: [ 323.930794][T12528] [ 323.930804][T12528] dump_stack_lvl+0x16c/0x1f0 [ 323.930835][T12528] should_fail_ex+0x512/0x640 [ 323.930861][T12528] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 323.930903][T12528] should_failslab+0xc2/0x120 [ 323.930931][T12528] __kmalloc_cache_noprof+0x6a/0x3e0 [ 323.930968][T12528] ? __v4l2_subdev_state_alloc+0x53/0x400 [ 323.931010][T12528] __v4l2_subdev_state_alloc+0x53/0x400 [ 323.931058][T12528] subdev_open+0xa6/0x560 [ 323.931095][T12528] v4l2_open+0x225/0x490 [ 323.931120][T12528] ? __pfx_v4l2_open+0x10/0x10 [ 323.931163][T12528] chrdev_open+0x231/0x6a0 [ 323.931198][T12528] ? __pfx_apparmor_file_open+0x10/0x10 [ 323.931236][T12528] ? __pfx_chrdev_open+0x10/0x10 [ 323.931266][T12528] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 323.931310][T12528] do_dentry_open+0x744/0x1c10 [ 323.931337][T12528] ? __pfx_chrdev_open+0x10/0x10 [ 323.931373][T12528] vfs_open+0x82/0x3f0 [ 323.931409][T12528] path_openat+0x1de4/0x2cb0 [ 323.931447][T12528] ? __pfx_path_openat+0x10/0x10 [ 323.931474][T12528] ? __lock_acquire+0xb8a/0x1c90 [ 323.931513][T12528] do_filp_open+0x20b/0x470 [ 323.931539][T12528] ? __pfx_do_filp_open+0x10/0x10 [ 323.931595][T12528] ? alloc_fd+0x471/0x7d0 [ 323.931641][T12528] do_sys_openat2+0x11b/0x1d0 [ 323.931673][T12528] ? __pfx_do_sys_openat2+0x10/0x10 [ 323.931720][T12528] __x64_sys_openat+0x174/0x210 [ 323.931753][T12528] ? __pfx___x64_sys_openat+0x10/0x10 [ 323.931800][T12528] do_syscall_64+0xcd/0x490 [ 323.931829][T12528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.931856][T12528] RIP: 0033:0x7f695058e9a9 [ 323.931877][T12528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.931902][T12528] RSP: 002b:00007f6951486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 323.931926][T12528] RAX: ffffffffffffffda RBX: 00007f69507b5fa0 RCX: 00007f695058e9a9 [ 323.931943][T12528] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 323.931960][T12528] RBP: 00007f6950610d69 R08: 0000000000000000 R09: 0000000000000000 [ 323.931976][T12528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.931991][T12528] R13: 0000000000000000 R14: 00007f69507b5fa0 R15: 00007ffe6c8f9618 [ 323.932026][T12528] [ 324.584587][T12538] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2713'. [ 324.690184][T12540] random: crng reseeded on system resumption [ 324.697269][T12540] FAULT_INJECTION: forcing a failure. [ 324.697269][T12540] name failslab, interval 1, probability 0, space 0, times 0 [ 324.747339][T12540] CPU: 1 UID: 0 PID: 12540 Comm: syz.3.2714 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 324.747385][T12540] Tainted: [I]=FIRMWARE_WORKAROUND [ 324.747394][T12540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 324.747410][T12540] Call Trace: [ 324.747419][T12540] [ 324.747431][T12540] dump_stack_lvl+0x16c/0x1f0 [ 324.747464][T12540] should_fail_ex+0x512/0x640 [ 324.747499][T12540] should_failslab+0xc2/0x120 [ 324.747530][T12540] __kmalloc_cache_noprof+0x6a/0x3e0 [ 324.747567][T12540] ? do_raw_spin_lock+0x12c/0x2b0 [ 324.747604][T12540] ? find_held_lock+0x2b/0x80 [ 324.747628][T12540] ? async_schedule_node_domain+0x54/0x120 [ 324.747664][T12540] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 324.747690][T12540] async_schedule_node_domain+0x54/0x120 [ 324.747724][T12540] dev_cache_fw_image+0x38e/0x490 [ 324.747764][T12540] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 324.747809][T12540] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 324.747847][T12540] dpm_for_each_dev+0x5d/0xb0 [ 324.747883][T12540] fw_pm_notify+0x81/0x150 [ 324.747916][T12540] notifier_call_chain+0xb9/0x410 [ 324.747944][T12540] ? __pfx_fw_pm_notify+0x10/0x10 [ 324.747988][T12540] blocking_notifier_call_chain_robust+0xc8/0x160 [ 324.748023][T12540] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 324.748071][T12540] pm_notifier_call_chain_robust+0x27/0x60 [ 324.748106][T12540] snapshot_open+0x218/0x2b0 [ 324.748145][T12540] ? __pfx_snapshot_open+0x10/0x10 [ 324.748178][T12540] misc_open+0x35d/0x420 [ 324.748214][T12540] ? __pfx_misc_open+0x10/0x10 [ 324.748250][T12540] chrdev_open+0x231/0x6a0 [ 324.748277][T12540] ? __pfx_apparmor_file_open+0x10/0x10 [ 324.748314][T12540] ? __pfx_chrdev_open+0x10/0x10 [ 324.748345][T12540] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 324.748395][T12540] do_dentry_open+0x744/0x1c10 [ 324.748424][T12540] ? __pfx_chrdev_open+0x10/0x10 [ 324.748461][T12540] vfs_open+0x82/0x3f0 [ 324.748499][T12540] path_openat+0x1de4/0x2cb0 [ 324.748539][T12540] ? __pfx_path_openat+0x10/0x10 [ 324.748568][T12540] ? __lock_acquire+0xb8a/0x1c90 [ 324.748606][T12540] do_filp_open+0x20b/0x470 [ 324.748632][T12540] ? __pfx_do_filp_open+0x10/0x10 [ 324.748689][T12540] ? alloc_fd+0x471/0x7d0 [ 324.748737][T12540] do_sys_openat2+0x11b/0x1d0 [ 324.748770][T12540] ? __pfx_do_sys_openat2+0x10/0x10 [ 324.748818][T12540] __x64_sys_openat+0x174/0x210 [ 324.748851][T12540] ? __pfx___x64_sys_openat+0x10/0x10 [ 324.748901][T12540] do_syscall_64+0xcd/0x490 [ 324.748931][T12540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.748957][T12540] RIP: 0033:0x7f7afb58e9a9 [ 324.748979][T12540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 324.749006][T12540] RSP: 002b:00007f7afc3b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 324.749032][T12540] RAX: ffffffffffffffda RBX: 00007f7afb7b5fa0 RCX: 00007f7afb58e9a9 [ 324.749050][T12540] RDX: 0000000000180b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 324.749067][T12540] RBP: 00007f7afb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 324.749083][T12540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 324.749099][T12540] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 324.749143][T12540] [ 325.191502][T12540] [ 325.194121][T12540] ====================================================== [ 325.201846][T12540] WARNING: possible circular locking dependency detected [ 325.209576][T12540] 6.16.0-syzkaller #0 Tainted: G I [ 325.216840][T12540] ------------------------------------------------------ [ 325.224570][T12540] syz.3.2714/12540 is trying to acquire lock: [ 325.231251][T12540] ffff88807d30ed28 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}, at: process_measurement+0x7e0/0x23e0 [ 325.242973][T12540] [ 325.242973][T12540] but task is already holding lock: [ 325.251093][T12540] ffffffff8f50d568 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 325.260909][T12540] [ 325.260909][T12540] which lock already depends on the new lock. [ 325.260909][T12540] [ 325.272362][T12540] [ 325.272362][T12540] the existing dependency chain (in reverse order) is: [ 325.282288][T12540] [ 325.282288][T12540] -> #4 (dpm_list_mtx){+.+.}-{4:4}: [ 325.290456][T12540] __mutex_lock+0x199/0xb90 [ 325.296005][T12540] device_pm_add+0x87/0x3e0 [ 325.301548][T12540] device_add+0x9cd/0x1a70 [ 325.306987][T12540] device_create_groups_vargs+0x1f8/0x270 [ 325.313860][T12540] device_create+0xed/0x130 [ 325.319404][T12540] msr_device_create+0x31/0x70 [ 325.325234][T12540] cpuhp_invoke_callback+0x3d5/0xa10 [ 325.331630][T12540] cpuhp_thread_fun+0x47e/0x6f0 [ 325.337551][T12540] smpboot_thread_fn+0x3f4/0xae0 [ 325.343567][T12540] kthread+0x3c5/0x780 [ 325.348627][T12540] ret_from_fork+0x5d4/0x6f0 [ 325.354259][T12540] ret_from_fork_asm+0x1a/0x30 [ 325.360080][T12540] [ 325.360080][T12540] -> #3 (cpuhp_state-up){+.+.}-{0:0}: [ 325.368406][T12540] cpuhp_thread_fun+0x193/0x6f0 [ 325.374316][T12540] smpboot_thread_fn+0x3f4/0xae0 [ 325.380337][T12540] kthread+0x3c5/0x780 [ 325.385392][T12540] ret_from_fork+0x5d4/0x6f0 [ 325.391123][T12540] ret_from_fork_asm+0x1a/0x30 [ 325.396936][T12540] [ 325.396936][T12540] -> #2 (cpu_hotplug_lock){++++}-{0:0}: [ 325.405447][T12540] cpus_read_lock+0x42/0x160 [ 325.411073][T12540] ring_buffer_resize+0x105/0x15c0 [ 325.417278][T12540] __tracing_resize_ring_buffer.part.0+0x52/0x1f0 [ 325.424916][T12540] tracing_resize_ring_buffer+0x10b/0x160 [ 325.431781][T12540] tracing_entries_write+0x15b/0x220 [ 325.438212][T12540] vfs_write+0x29d/0x1150 [ 325.443542][T12540] ksys_write+0x12a/0x250 [ 325.448872][T12540] do_syscall_64+0xcd/0x490 [ 325.454396][T12540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.461474][T12540] [ 325.461474][T12540] -> #1 (trace_types_lock){+.+.}-{4:4}: [ 325.469999][T12540] __mutex_lock+0x199/0xb90 [ 325.475595][T12540] tracing_check_open_get_tr.part.0+0x45/0x130 [ 325.482961][T12540] tracing_open_generic_tr+0x66/0xf0 [ 325.489363][T12540] do_dentry_open+0x744/0x1c10 [ 325.495180][T12540] vfs_open+0x82/0x3f0 [ 325.500236][T12540] dentry_open+0x71/0xd0 [ 325.505490][T12540] ima_calc_file_hash+0x2b6/0x490 [ 325.511600][T12540] ima_collect_measurement+0x897/0xa40 [ 325.518206][T12540] process_measurement+0x11fa/0x23e0 [ 325.524595][T12540] ima_file_check+0xc5/0x110 [ 325.530224][T12540] security_file_post_open+0x8e/0x210 [ 325.536725][T12540] path_openat+0x1404/0x2cb0 [ 325.542359][T12540] do_filp_open+0x20b/0x470 [ 325.547887][T12540] do_sys_openat2+0x11b/0x1d0 [ 325.553612][T12540] __x64_sys_openat+0x174/0x210 [ 325.559528][T12540] do_syscall_64+0xcd/0x490 [ 325.565063][T12540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.572126][T12540] [ 325.572126][T12540] -> #0 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}: [ 325.581598][T12540] __lock_acquire+0x126f/0x1c90 [ 325.587527][T12540] lock_acquire+0x179/0x350 [ 325.593078][T12540] __mutex_lock+0x199/0xb90 [ 325.598609][T12540] process_measurement+0x7e0/0x23e0 [ 325.604907][T12540] ima_file_check+0xc5/0x110 [ 325.610550][T12540] security_file_post_open+0x8e/0x210 [ 325.617047][T12540] path_openat+0x1404/0x2cb0 [ 325.622670][T12540] do_file_open_root+0x322/0x610 [ 325.628676][T12540] file_open_root+0x2a7/0x450 [ 325.634389][T12540] kernel_read_file_from_path_initns+0x189/0x260 [ 325.641942][T12540] _request_firmware+0x744/0x1470 [ 325.648063][T12540] __async_dev_cache_fw_image+0xb1/0x340 [ 325.654842][T12540] async_schedule_node_domain+0xd1/0x120 [ 325.661627][T12540] dev_cache_fw_image+0x38e/0x490 [ 325.667735][T12540] dpm_for_each_dev+0x5d/0xb0 [ 325.673458][T12540] fw_pm_notify+0x81/0x150 [ 325.678893][T12540] notifier_call_chain+0xb9/0x410 [ 325.684995][T12540] blocking_notifier_call_chain_robust+0xc8/0x160 [ 325.692628][T12540] pm_notifier_call_chain_robust+0x27/0x60 [ 325.699591][T12540] snapshot_open+0x218/0x2b0 [ 325.705226][T12540] misc_open+0x35d/0x420 [ 325.710472][T12540] chrdev_open+0x231/0x6a0 [ 325.715916][T12540] do_dentry_open+0x744/0x1c10 [ 325.721740][T12540] vfs_open+0x82/0x3f0 [ 325.726801][T12540] path_openat+0x1de4/0x2cb0 [ 325.732422][T12540] do_filp_open+0x20b/0x470 [ 325.737948][T12540] do_sys_openat2+0x11b/0x1d0 [ 325.743666][T12540] __x64_sys_openat+0x174/0x210 [ 325.749576][T12540] do_syscall_64+0xcd/0x490 [ 325.755099][T12540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.762152][T12540] [ 325.762152][T12540] other info that might help us debug this: [ 325.762152][T12540] [ 325.773394][T12540] Chain exists of: [ 325.773394][T12540] &ima_iint_mutex_key[depth] --> cpuhp_state-up --> dpm_list_mtx [ 325.773394][T12540] [ 325.788414][T12540] Possible unsafe locking scenario: [ 325.788414][T12540] [ 325.796601][T12540] CPU0 CPU1 [ 325.802492][T12540] ---- ---- [ 325.808483][T12540] lock(dpm_list_mtx); [ 325.813054][T12540] lock(cpuhp_state-up); [ 325.820586][T12540] lock(dpm_list_mtx); [ 325.828020][T12540] lock(&ima_iint_mutex_key[depth]); [ 325.833933][T12540] [ 325.833933][T12540] *** DEADLOCK *** [ 325.833933][T12540] [ 325.842876][T12540] 5 locks held by syz.3.2714/12540: [ 325.848583][T12540] #0: ffffffff8f3002a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 325.857900][T12540] #1: ffffffff8e488228 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 325.869301][T12540] #2: ffffffff8e4c8910 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 325.882332][T12540] #3: ffffffff8f512b68 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 325.891829][T12540] #4: ffffffff8f50d568 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 325.902114][T12540] [ 325.902114][T12540] stack backtrace: [ 325.908585][T12540] CPU: 0 UID: 0 PID: 12540 Comm: syz.3.2714 Tainted: G I 6.16.0-syzkaller #0 PREEMPT(full) [ 325.908618][T12540] Tainted: [I]=FIRMWARE_WORKAROUND [ 325.908626][T12540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 325.908640][T12540] Call Trace: [ 325.908647][T12540] [ 325.908656][T12540] dump_stack_lvl+0x116/0x1f0 [ 325.908682][T12540] print_circular_bug+0x275/0x350 [ 325.908714][T12540] check_noncircular+0x14c/0x170 [ 325.908747][T12540] __lock_acquire+0x126f/0x1c90 [ 325.908780][T12540] lock_acquire+0x179/0x350 [ 325.908808][T12540] ? process_measurement+0x7e0/0x23e0 [ 325.908832][T12540] ? __pfx___might_resched+0x10/0x10 [ 325.908858][T12540] __mutex_lock+0x199/0xb90 [ 325.908880][T12540] ? process_measurement+0x7e0/0x23e0 [ 325.908903][T12540] ? process_measurement+0x7e0/0x23e0 [ 325.908926][T12540] ? __pfx___mutex_lock+0x10/0x10 [ 325.908947][T12540] ? __pfx___might_resched+0x10/0x10 [ 325.908971][T12540] ? find_held_lock+0x2b/0x80 [ 325.908993][T12540] ? down_write+0x14d/0x200 [ 325.909019][T12540] ? process_measurement+0x7e0/0x23e0 [ 325.909047][T12540] process_measurement+0x7e0/0x23e0 [ 325.909074][T12540] ? __pfx_process_measurement+0x10/0x10 [ 325.909100][T12540] ? find_held_lock+0x2b/0x80 [ 325.909121][T12540] ? fscrypt_file_open+0x47c/0x590 [ 325.909168][T12540] ? __pfx___fsnotify_parent+0x10/0x10 [ 325.909201][T12540] ima_file_check+0xc5/0x110 [ 325.909223][T12540] ? __pfx_ima_file_check+0x10/0x10 [ 325.909247][T12540] ? vfs_open+0x2e3/0x3f0 [ 325.909274][T12540] security_file_post_open+0x8e/0x210 [ 325.909307][T12540] path_openat+0x1404/0x2cb0 [ 325.909331][T12540] ? trace_kmem_cache_alloc+0x28/0xc0 [ 325.909358][T12540] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 325.909380][T12540] ? __pfx_path_openat+0x10/0x10 [ 325.909401][T12540] ? __asan_memcpy+0x3c/0x60 [ 325.909434][T12540] do_file_open_root+0x322/0x610 [ 325.909456][T12540] ? __pfx_do_file_open_root+0x10/0x10 [ 325.909491][T12540] ? vsnprintf+0x318/0x1160 [ 325.909525][T12540] file_open_root+0x2a7/0x450 [ 325.909547][T12540] ? __pfx_file_open_root+0x10/0x10 [ 325.909568][T12540] ? find_held_lock+0x2b/0x80 [ 325.909590][T12540] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 325.909622][T12540] kernel_read_file_from_path_initns+0x189/0x260 [ 325.909651][T12540] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 325.909678][T12540] ? trace_kmem_cache_alloc+0x28/0xc0 [ 325.909706][T12540] ? _request_firmware+0x503/0x1470 [ 325.909740][T12540] _request_firmware+0x744/0x1470 [ 325.909777][T12540] ? __pfx__request_firmware+0x10/0x10 [ 325.909811][T12540] ? dump_stack_lvl+0x1a3/0x1f0 [ 325.909833][T12540] __async_dev_cache_fw_image+0xb1/0x340 [ 325.909855][T12540] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 325.909877][T12540] ? mark_held_locks+0x49/0x80 [ 325.909904][T12540] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 325.909937][T12540] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 325.909959][T12540] async_schedule_node_domain+0xd1/0x120 [ 325.909986][T12540] dev_cache_fw_image+0x38e/0x490 [ 325.910018][T12540] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 325.910057][T12540] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 325.910089][T12540] dpm_for_each_dev+0x5d/0xb0 [ 325.910118][T12540] fw_pm_notify+0x81/0x150 [ 325.910147][T12540] notifier_call_chain+0xb9/0x410 [ 325.910172][T12540] ? __pfx_fw_pm_notify+0x10/0x10 [ 325.910204][T12540] blocking_notifier_call_chain_robust+0xc8/0x160 [ 325.910234][T12540] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 325.910268][T12540] pm_notifier_call_chain_robust+0x27/0x60 [ 325.910298][T12540] snapshot_open+0x218/0x2b0 [ 325.910324][T12540] ? __pfx_snapshot_open+0x10/0x10 [ 325.910351][T12540] misc_open+0x35d/0x420 [ 325.910382][T12540] ? __pfx_misc_open+0x10/0x10 [ 325.910412][T12540] chrdev_open+0x231/0x6a0 [ 325.910435][T12540] ? __pfx_apparmor_file_open+0x10/0x10 [ 325.910467][T12540] ? __pfx_chrdev_open+0x10/0x10 [ 325.910490][T12540] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 325.910525][T12540] do_dentry_open+0x744/0x1c10 [ 325.910546][T12540] ? __pfx_chrdev_open+0x10/0x10 [ 325.910571][T12540] vfs_open+0x82/0x3f0 [ 325.910598][T12540] path_openat+0x1de4/0x2cb0 [ 325.910623][T12540] ? __pfx_path_openat+0x10/0x10 [ 325.910644][T12540] ? __lock_acquire+0xb8a/0x1c90 [ 325.910673][T12540] do_filp_open+0x20b/0x470 [ 325.910694][T12540] ? __pfx_do_filp_open+0x10/0x10 [ 325.910723][T12540] ? alloc_fd+0x471/0x7d0 [ 325.910759][T12540] do_sys_openat2+0x11b/0x1d0 [ 325.910786][T12540] ? __pfx_do_sys_openat2+0x10/0x10 [ 325.910819][T12540] __x64_sys_openat+0x174/0x210 [ 325.910847][T12540] ? __pfx___x64_sys_openat+0x10/0x10 [ 325.910881][T12540] do_syscall_64+0xcd/0x490 [ 325.910904][T12540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.910926][T12540] RIP: 0033:0x7f7afb58e9a9 [ 325.910944][T12540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.910966][T12540] RSP: 002b:00007f7afc3b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 325.910986][T12540] RAX: ffffffffffffffda RBX: 00007f7afb7b5fa0 RCX: 00007f7afb58e9a9 [ 325.911014][T12540] RDX: 0000000000180b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 325.911034][T12540] RBP: 00007f7afb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 325.911048][T12540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.911061][T12540] R13: 0000000000000000 R14: 00007f7afb7b5fa0 R15: 00007ffd01aaf7b8 [ 325.911082][T12540] [ 325.940326][T12548] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 325.972358][T12540] (NULL device *): loading /lib/firmware/regulatory.db failed with error -12 [ 325.983513][T12549] netlink: 280 bytes leftover after parsing attributes in process `syz.1.2717'. [ 325.987447][T12540] (NULL device *): Direct firmware load for regulatory.db failed with error -12 [ 326.551535][T12540] (NULL device *): Falling back to sysfs fallback for: regulatory.db