last executing test programs: 6.093117672s ago: executing program 0 (id=8535): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x2}, "654c6dbc7a4d30988099a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_START_OLD(r0, 0x5420, 0x0) 5.847615134s ago: executing program 0 (id=8538): mlockall$auto(0x7) mmap$auto(0x0, 0x200007, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) clone$auto(0x0, 0x5, 0x0, 0x0, 0x3ff) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 4.584107804s ago: executing program 0 (id=8548): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) socket(0x2, 0x801, 0x6) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x54) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) 4.051902159s ago: executing program 0 (id=8554): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(r0, 0x10000000084, 0x22, 0x0, 0x10) 3.699898385s ago: executing program 1 (id=8558): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0x1a9803, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) 3.354350189s ago: executing program 1 (id=8563): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x9) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c7300436b6, 0x0) write$auto(r1, 0x0, 0xa) 3.155591119s ago: executing program 0 (id=8564): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) getcwd$auto(0x0, 0xffffffffffffffff) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x283) 3.102788723s ago: executing program 1 (id=8565): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/task_delayacct\x00', 0x80282, 0x0) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42840, 0x95) read$auto(r0, 0x0, 0x1) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) 2.81202227s ago: executing program 1 (id=8568): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto(0xc8, 0x54e3, 0x5c8d) mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) 2.664581396s ago: executing program 0 (id=8570): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x1, 0x106) setuid$auto(0xe) sendmsg$auto_NBD_CMD_CONNECT(r0, 0x0, 0x20000000) setsockopt$auto(r0, 0x6, 0xd, 0x0, 0x6) 2.205844991s ago: executing program 1 (id=8572): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000036, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.768197099s ago: executing program 2 (id=8577): close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x78de, 0x101, 0x17f, 0x2}, {0x1, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) io_uring_register$auto(0x2, 0x6, 0x0, 0x0) 1.662160799s ago: executing program 2 (id=8579): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mprotect$auto(0x0, 0x8, 0x9) r0 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r0, 0x6b, 0x2, 0xfffffffffffffffe, 0x0) 1.542050003s ago: executing program 2 (id=8581): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper=0x1000000}, 0x55) 1.433893297s ago: executing program 2 (id=8582): r0 = socket(0x15, 0x5, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) select$auto(0x8, 0x0, 0x0, &(0x7f0000000240)={[0xe, 0x2000000091e3, 0x8, 0x0, 0x0, 0xf58, 0x4, 0x4412d, 0xa, 0x0, 0x4, 0xf, 0x8000000000000, 0x84c, 0x1, 0x7]}, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) 1.302694784s ago: executing program 1 (id=8583): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) 1.116636446s ago: executing program 3 (id=8585): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x0, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 916.736693ms ago: executing program 3 (id=8586): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 687.937597ms ago: executing program 3 (id=8587): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x20, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x24000000000}]}, 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x0) sendmsg$auto_ILA_CMD_FLUSH(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x40008c4) 490.373655ms ago: executing program 3 (id=8588): mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2b, 0x1, 0x0) setsockopt$auto(0x3, 0x11e, 0x1, 0x0, 0x10001) 323.026397ms ago: executing program 2 (id=8589): mmap$auto(0x0, 0x2020008, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/numa_zonelist_order\x00', 0x202, 0x0) write$auto(0x3, 0x0, 0x100085) 201.241912ms ago: executing program 3 (id=8590): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setuid$auto(0x800000000008) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) semctl$auto(0x1ff, 0x2, 0x13, 0x4) clone3$auto(&(0x7f0000000000)={0x200, 0x5, 0x7, 0x2, 0x1, 0x87, 0x8, 0xb, 0x9, 0x2, 0xcb6}, 0xaa) 31.732436ms ago: executing program 2 (id=8591): mmap$auto(0x0, 0xa, 0x72, 0x8b72, 0x2, 0x8000) sysfs$auto(0x2, 0x1f, 0x0) r0 = socket(0x2, 0x801, 0x106) listen$auto(r0, 0xf52b) getsockopt$auto(r0, 0x11c, 0x2, 0x0, 0x0) 0s ago: executing program 3 (id=8592): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeep\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) bpf$auto(0x18, &(0x7f0000000040)=@bpf_attr_4={0x7, r0, 0x5, r0}, 0x92) kernel console output (not intermixed with test programs): o+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 252.005034][T11296] CIFS mount error: No usable UNC path provided in device string! [ 252.005034][T11296] [ 252.069670][T11296] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 252.767120][T11322] udc dummy_udc.0: soft-connect without a gadget driver [ 254.541326][T11379] kernel read not supported for file /\*)A (pid: 11379 comm: syz.0.2629) [ 254.601140][ T30] audit: type=1800 audit(1769469931.957:9): pid=11379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2629" name="\*)A" dev="mqueue" ino=25532 res=0 errno=0 [ 254.922250][T11390] QAT: failed to copy from user cfg_data. [ 257.219672][ T30] audit: type=1800 audit(1769469934.577:10): pid=11457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2667" name="dbroot" dev="configfs" ino=25800 res=0 errno=0 [ 257.554664][T11469] phram: not enough arguments [ 259.221229][ T30] audit: type=1800 audit(1769469936.577:11): pid=11519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2688" name="discovery_nqn" dev="configfs" ino=25955 res=0 errno=0 syzkaller syzkaller login: [ 263.515638][T11643] : Can't lookup blockdev [ 265.350513][T11695] syz.2.2776 (11695): drop_caches: 0 [ 265.465268][T11698] [U] 0="/ [ 265.469262][T11698] [U] [ 265.472046][T11698] [U] EeQ@ [ 265.517263][T11697] [U]  [ 266.247774][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.247872][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 271.657833][T11856] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 275.343950][T11980] usb usb3: usbfs: interface 0 claimed by hub while 'syz.0.2914' sets config #-1 [ 279.728178][T12073] zram: Can't change algorithm for initialized device [ 279.980084][T12077] program syz.0.2962 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 280.022911][T12077] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 284.721664][T12172] bond0: option packets_per_slave: invalid value ( Xnp) [ 284.760483][T12172] bond0: option packets_per_slave: allowed values 0 - 65535 [ 287.104732][T12220] tipc: Can't bind to reserved service type 0 [ 287.902409][T12238] : Can't lookup blockdev [ 291.334445][T12333] ceph: Failed to parse sending metrics switch value 'P^' [ 292.554525][T12362] bond0: no command found in slaves file - use +ifname or -ifname [ 293.212637][T12376] random: crng reseeded on system resumption [ 296.564157][ T5893] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 296.571129][ T52] Bluetooth: hci2: command 0x2016 tx timeout [ 296.592413][ T5893] Bluetooth: hci2: Opcode 0x0406 failed: -110 [ 298.654259][ T52] Bluetooth: hci2: command 0x2016 tx timeout [ 298.987824][T12543] ACPI: Can not change Invalid GPE/Fixed Event status [ 300.286484][T12579] ICMPv6: process `syz.2.3210' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 303.538268][T12672] vhci_hcd vhci_hcd.2: invalid port number 194 [ 303.574527][T12672] vhci_hcd vhci_hcd.2: invalid port number 194 [ 303.897065][T12685] ICMPv6: process `syz.3.3262' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 303.958369][T12684] hub 8-0:1.0: USB hub found [ 304.003766][T12684] hub 8-0:1.0: 1 port detected [ 304.200062][T12693] QAT: Invalid ioctl 21531 [ 304.918435][T12715] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 306.074725][T12751] kafs: addr_prefs: Invalid Command [ 306.294773][T12757] block2mtd: device name too long [ 306.474787][T12761] block2mtd: illegal erase size [ 306.504131][T12763] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 306.549222][T12765] misc userio: Invalid payload size [ 308.734240][T12832] Invalid input. Must be >= 4608 [ 312.374666][T12941] [ 313.142266][T12968] aoe: invalid device specification [ 313.781584][T12988] block2mtd: Using custom MTD label '' for dev [ 313.825632][T12988] block2mtd: error: cannot open device [ 314.584038][ T30] audit: type=1800 audit(1769469991.937:12): pid=13016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3425" name="dbroot" dev="configfs" ino=30699 res=0 errno=0 [ 314.838343][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 314.845065][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.890615][T13086] vivid-007: ================= START STATUS ================= [ 316.924983][T13086] vivid-007: Enable Output Cropping: true [ 316.931016][T13086] vivid-007: Enable Output Composing: true [ 317.012304][T13086] vivid-007: Enable Output Scaler: true [ 317.045217][T13086] vivid-007: Tx RGB Quantization Range: Automatic [ 317.085561][T13086] vivid-007: Transmit Mode: HDMI [ 317.110941][T13086] vivid-007: Hotplug Present: 0x00000000 [ 317.137568][T13086] vivid-007: RxSense Present: 0x00000000 [ 317.194655][T13086] vivid-007: EDID Present: 0x00000000 [ 317.223987][T13086] vivid-007: ================== END STATUS ================== [ 317.334754][T13098] program syz.0.3464 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 317.426486][T13100] bdi 7:7: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 320.539587][T13201] cifs: Unknown parameter ';B5irDְp' [ 320.574868][T13201] CIFS mount error: No usable UNC path provided in device string! [ 320.574868][T13201] [ 320.626748][T13201] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 321.681782][T13235] i2c i2c-0: delete_device: Can't find device in list [ 322.204250][T13252] : Can't lookup blockdev [ 327.138836][T13397] kfence: disabled [ 327.700426][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.707239][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 329.081339][T13457] : Can't lookup blockdev [ 330.383329][T13497] kafs: addr_prefs: Invalid Command [ 330.453188][T13500] bonding: no command found in bonding_masters - use +ifname or -ifname [ 331.334162][T13523] usbcore.quirks: string doesn't fit in 127 chars. [ 334.015729][T13602] i2c i2c-0: new_device: Missing parameters [ 335.306080][T13642] ICMPv6: process `syz.0.3729' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 337.295393][T13704] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 338.284773][ T52] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 338.284808][ T52] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 338.300947][ T52] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 339.529002][T13765] delete_channel: no stack [ 339.981613][T13778] : Can't lookup blockdev [ 341.931762][T13857] i2c i2c-0: new_device: Invalid device name [ 343.226690][T13898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 343.270713][T13898] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 343.333430][T13898] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 343.374326][T13898] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 343.447123][T13898] page dumped because: unmovable page [ 343.475990][T13898] page_owner info is not present (never set?) [ 343.674288][T13912] writes to the poll attribute are ignored. [ 343.681005][T13912] please use driver specific parameters instead. [ 345.138713][ T52] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 345.138745][ T52] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 345.155828][ T52] Bluetooth: hci2: Dropping invalid advertising data [ 345.162826][ T52] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 345.377250][T13972] block2mtd: illegal erase size [ 345.428647][T13975] process 'syz.1.3872' launched './file0' with NULL argv: empty string added [ 346.659260][ T52] Bluetooth: hci2: unexpected event 0x3e length: 0 < 1 [ 347.136763][T14038] cougar: G6 mapped to space [ 347.990197][ T52] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 349.344083][T14118] usb usb37: usbfs: process 14118 (syz.2.3916) did not claim interface 0 before use [ 349.713069][T14127] usbip-vudc usbip-vudc.0: gadget not bound [ 351.426854][ T52] Bluetooth: hci2: unexpected event 0x14 length: 16 > 6 [ 352.589885][T14248] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 352.919056][T14248] PCI: Can't parse resource_alignment parameter: B [ 354.828371][T14316] hub 27-0:1.0: USB hub found [ 354.876863][T14316] hub 27-0:1.0: 1 port detected [ 355.463911][T14338] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 360.134953][T14497] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 364.836133][T14654] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3) [ 365.546019][T14677] program syz.0.4113 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 367.026544][ T52] Bluetooth: hci1: unexpected event 0x14 length: 16 > 6 [ 367.123413][T14742] FAULT_INJECTION: forcing a failure. [ 367.123413][T14742] name failslab, interval 1, probability 0, space 0, times 1 [ 367.244205][T14742] CPU: 0 UID: 0 PID: 14742 Comm: syz.1.4134 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 367.244249][T14742] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 367.244260][T14742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 367.244288][T14742] Call Trace: [ 367.244295][T14742] [ 367.244304][T14742] dump_stack_lvl+0x100/0x190 [ 367.244338][T14742] should_fail_ex.cold+0x5/0xa [ 367.244379][T14742] should_failslab+0xc2/0x120 [ 367.244413][T14742] __kmalloc_cache_noprof+0x80/0x810 [ 367.244437][T14742] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 367.244464][T14742] ? sctp_endpoint_new+0xfc/0xb20 [ 367.244497][T14742] ? __debug_object_init+0x2de/0x3d0 [ 367.244532][T14742] ? sctp_endpoint_new+0xfc/0xb20 [ 367.244566][T14742] sctp_endpoint_new+0xfc/0xb20 [ 367.244603][T14742] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 367.244637][T14742] ? lockdep_init_map_type+0x5c/0x250 [ 367.244673][T14742] ? lockdep_init_map_type+0x5c/0x250 [ 367.244705][T14742] ? lockdep_init_map_type+0x5c/0x250 [ 367.244742][T14742] sctp_init_sock+0xe2b/0x1300 [ 367.244776][T14742] ? __pfx_sctp_init_sock+0x10/0x10 [ 367.244810][T14742] inet_create+0x94c/0x1060 [ 367.244839][T14742] ? inet_create+0x94/0x1060 [ 367.244870][T14742] __sock_create+0x339/0x860 [ 367.244903][T14742] __sys_socket+0x14d/0x260 [ 367.244929][T14742] ? fput+0x79/0x100 [ 367.244961][T14742] ? __pfx___sys_socket+0x10/0x10 [ 367.244987][T14742] ? xfd_validate_state+0x129/0x190 [ 367.245033][T14742] __x64_sys_socket+0x72/0xb0 [ 367.245060][T14742] ? lockdep_hardirqs_on+0x78/0x100 [ 367.245091][T14742] do_syscall_64+0xc9/0xf80 [ 367.245122][T14742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.245147][T14742] RIP: 0033:0x7f36b419aeb9 [ 367.245170][T14742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 367.245193][T14742] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 367.245219][T14742] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 367.245234][T14742] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 367.245248][T14742] RBP: 00007f36b4208c1f R08: 0000000000000000 R09: 0000000000000000 [ 367.245262][T14742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.245349][T14742] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 367.245390][T14742] [ 368.478105][T14791] netlink: 'syz.1.4151': attribute type 11 has an invalid length. [ 368.507894][T14791] netlink: 'syz.1.4151': attribute type 11 has an invalid length. [ 368.534323][T14791] netlink: 'syz.1.4151': attribute type 11 has an invalid length. [ 368.542314][T14791] netlink: 'syz.1.4151': attribute type 11 has an invalid length. [ 369.075980][T14812] netlink: Unknown NAT attribute (type=262, max=9) [ 371.034610][T14876] netlink: 'syz.2.4180': attribute type 1 has an invalid length. [ 371.324104][T14887] nbd: must specify an index to disconnect [ 373.048584][T14953] openvswitch: netlink: Multiple metadata blocks provided [ 374.890140][T15023] netlink: get zone limit has 8 unknown bytes [ 376.310823][T15054] NFSD: Failed to start, no listeners configured. [ 376.921325][T15091] FAULT_INJECTION: forcing a failure. [ 376.921325][T15091] name failslab, interval 1, probability 0, space 0, times 0 [ 376.959895][T15091] CPU: 0 UID: 0 PID: 15091 Comm: syz.2.4263 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 376.959941][T15091] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 376.959952][T15091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 376.959966][T15091] Call Trace: [ 376.959974][T15091] [ 376.959983][T15091] dump_stack_lvl+0x100/0x190 [ 376.960016][T15091] should_fail_ex.cold+0x5/0xa [ 376.960056][T15091] should_failslab+0xc2/0x120 [ 376.960090][T15091] __kmalloc_cache_noprof+0x80/0x810 [ 376.960115][T15091] ? call_usermodehelper_setup+0xaf/0x360 [ 376.960138][T15091] ? __kmalloc_node_track_caller_noprof+0x373/0x9d0 [ 376.960170][T15091] ? __pfx_free_modprobe_argv+0x10/0x10 [ 376.960209][T15091] ? call_usermodehelper_setup+0xaf/0x360 [ 376.960232][T15091] call_usermodehelper_setup+0xaf/0x360 [ 376.960268][T15091] __request_module+0x3c7/0x650 [ 376.960306][T15091] ? __pfx___request_module+0x10/0x10 [ 376.960351][T15091] ? __wake_up+0x3f/0x60 [ 376.960378][T15091] ? __wake_up+0x3f/0x60 [ 376.960406][T15091] ? rcu_is_watching+0x12/0xc0 [ 376.960430][T15091] ? lockdep_hardirqs_on+0x78/0x100 [ 376.960463][T15091] netlink_create+0x450/0x610 [ 376.960504][T15091] __sock_create+0x339/0x860 [ 376.960536][T15091] __sys_socket+0x14d/0x260 [ 376.960562][T15091] ? fput+0x79/0x100 [ 376.960594][T15091] ? __pfx___sys_socket+0x10/0x10 [ 376.960621][T15091] ? xfd_validate_state+0x129/0x190 [ 376.960666][T15091] __x64_sys_socket+0x72/0xb0 [ 376.960693][T15091] ? lockdep_hardirqs_on+0x78/0x100 [ 376.960720][T15091] do_syscall_64+0xc9/0xf80 [ 376.960750][T15091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.960774][T15091] RIP: 0033:0x7f9f2bb9aeb9 [ 376.960792][T15091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 376.960815][T15091] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 376.960837][T15091] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 376.960853][T15091] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 376.960872][T15091] RBP: 00007f9f2bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 376.960886][T15091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 376.960899][T15091] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 376.960929][T15091] [ 377.595893][T15110] netlink: 'syz.2.4270': attribute type 11 has an invalid length. [ 377.634158][T15110] netlink: 'syz.2.4270': attribute type 11 has an invalid length. [ 377.658184][T15110] netlink: 'syz.2.4270': attribute type 11 has an invalid length. [ 377.677685][T15110] netlink: 'syz.2.4270': attribute type 11 has an invalid length. [ 379.433412][T15164] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4291'. [ 379.515350][T15169] input input29: cannot allocate more than FF_MAX_EFFECTS effects [ 379.902705][T15180] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 379.975902][T15184] netlink: 'syz.0.4298': attribute type 11 has an invalid length. [ 380.055276][T15184] netlink: 'syz.0.4298': attribute type 11 has an invalid length. [ 380.123977][T15184] netlink: 'syz.0.4298': attribute type 11 has an invalid length. [ 380.184977][T15184] netlink: 'syz.0.4298': attribute type 11 has an invalid length. [ 381.501354][T15179] kexec: Could not allocate control_code_buffer [ 382.112332][T15245] Zero length message leads to an empty skb [ 382.456750][T15252] NFSD: Failed to start, no listeners configured. [ 382.716276][T15272] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 382.723133][T15272] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 383.724683][T15306] FAULT_INJECTION: forcing a failure. [ 383.724683][T15306] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 383.803963][T15306] CPU: 0 UID: 0 PID: 15306 Comm: syz.3.4345 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 383.804007][T15306] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 383.804018][T15306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 383.804032][T15306] Call Trace: [ 383.804040][T15306] [ 383.804048][T15306] dump_stack_lvl+0x100/0x190 [ 383.804081][T15306] should_fail_ex.cold+0x5/0xa [ 383.804121][T15306] core_sys_select+0x938/0xbb0 [ 383.804153][T15306] ? __pfx_core_sys_select+0x10/0x10 [ 383.804208][T15306] ? ktime_get_ts64+0x2d2/0x3f0 [ 383.804239][T15306] ? read_tsc+0x9/0x20 [ 383.804268][T15306] ? ktime_get_ts64+0x256/0x3f0 [ 383.804301][T15306] kern_select+0x20c/0x270 [ 383.804328][T15306] ? __pfx_kern_select+0x10/0x10 [ 383.804363][T15306] __x64_sys_select+0xbd/0x160 [ 383.804387][T15306] ? do_syscall_64+0x94/0xf80 [ 383.804415][T15306] ? lockdep_hardirqs_on+0x78/0x100 [ 383.804450][T15306] do_syscall_64+0xc9/0xf80 [ 383.804481][T15306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.804505][T15306] RIP: 0033:0x7f1c80b9aeb9 [ 383.804524][T15306] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 383.804547][T15306] RSP: 002b:00007f1c81a69028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 383.804569][T15306] RAX: ffffffffffffffda RBX: 00007f1c80e15fa0 RCX: 00007f1c80b9aeb9 [ 383.804585][T15306] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 0000000000000003 [ 383.804599][T15306] RBP: 00007f1c80c08c1f R08: 00002000000000c0 R09: 0000000000000000 [ 383.804614][T15306] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 383.804628][T15306] R13: 00007f1c80e16038 R14: 00007f1c80e15fa0 R15: 00007ffd5bca6968 [ 383.804657][T15306] [ 384.767931][T15330] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 384.836282][T15333] nfsd: Unknown parameter '*' [ 385.014797][T15337] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 385.371861][T15347] tc_dump_action: action bad kind [ 385.416159][T15346] nbd: must specify a device to reconfigure [ 386.752136][T15386] NFSD: Failed to start, no listeners configured. [ 388.291312][T15434] NFSD: Failed to start, no listeners configured. [ 389.133561][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.140050][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.087270][T15482] NFSD: Failed to start, no listeners configured. [ 390.105027][T15492] openvswitch: netlink: IPv6 tunnel dst address is zero [ 390.934561][T15515] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 393.647643][T15590] dump_stack_lvl+0x100/0x190 [ 393.647683][T15590] should_fail_ex.cold+0x5/0xa [ 393.647724][T15590] should_failslab+0xc2/0x120 [ 393.647759][T15590] kmem_cache_alloc_noprof+0x83/0x780 [ 393.647791][T15590] ? ptlock_alloc+0x1f/0x70 [ 393.647820][T15590] ? ptlock_alloc+0x1f/0x70 [ 393.647844][T15590] ptlock_alloc+0x1f/0x70 [ 393.647868][T15590] pte_alloc_one+0x84/0x3e0 [ 393.647900][T15590] __pte_alloc+0x6d/0x3f0 [ 393.647934][T15590] ? __pfx___pte_alloc+0x10/0x10 [ 393.647969][T15590] ? _raw_spin_unlock+0x28/0x50 [ 393.647992][T15590] ? __pmd_alloc+0x6aa/0x9c0 [ 393.648032][T15590] move_page_tables+0x24eb/0x43e0 [ 393.648074][T15590] ? __pfx_move_page_tables+0x10/0x10 [ 393.648115][T15590] ? lock_acquire+0x17c/0x330 [ 393.648153][T15590] copy_vma_and_data+0x25c/0x7c0 [ 393.648184][T15590] ? __pfx_copy_vma_and_data+0x10/0x10 [ 393.648224][T15590] ? find_held_lock+0x2b/0x80 [ 393.648247][T15590] ? move_vma+0x50c/0x1990 [ 393.648272][T15590] ? move_vma+0x50c/0x1990 [ 393.648306][T15590] move_vma+0x51e/0x1990 [ 393.648338][T15590] ? __pfx_move_vma+0x10/0x10 [ 393.648368][T15590] ? thp_get_unmapped_area_vmflags+0x27f/0x2d0 [ 393.648410][T15590] ? cap_mmap_addr+0x4b/0x120 [ 393.648439][T15590] ? bpf_lsm_mmap_addr+0x9/0x10 [ 393.648472][T15590] ? security_mmap_addr+0x71/0x1e0 [ 393.648510][T15590] ? __get_unmapped_area+0x255/0x3e0 [ 393.648549][T15590] ? vrm_set_new_addr+0x204/0x290 [ 393.648584][T15590] mremap_to+0x1b7/0x450 [ 393.648613][T15590] do_mremap+0xb76/0x2130 [ 393.648663][T15590] ? __pfx_do_mremap+0x10/0x10 [ 393.648697][T15590] ? ksys_write+0x190/0x250 [ 393.648731][T15590] __do_sys_mremap+0x126/0x170 [ 393.648760][T15590] ? __pfx___do_sys_mremap+0x10/0x10 [ 393.648796][T15590] ? __x64_sys_futex+0x34f/0x4d0 [ 393.648847][T15590] do_syscall_64+0xc9/0xf80 [ 393.648878][T15590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.648902][T15590] RIP: 0033:0x7f1c80b9aeb9 [ 393.648921][T15590] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 393.648944][T15590] RSP: 002b:00007f1c81a69028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 393.648966][T15590] RAX: ffffffffffffffda RBX: 00007f1c80e15fa0 RCX: 00007f1c80b9aeb9 [ 393.648982][T15590] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 000000110c230000 [ 393.648996][T15590] RBP: 00007f1c80c08c1f R08: 0000000100000000 R09: 0000000000000000 [ 393.649010][T15590] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 393.649024][T15590] R13: 00007f1c80e16038 R14: 00007f1c80e15fa0 R15: 00007ffd5bca6968 [ 393.649054][T15590] [ 395.134275][T15621] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 396.630101][T15675] sctp: [Deprecated]: syz.0.4472 (pid 15675) Use of int in max_burst socket option deprecated. [ 396.630101][T15675] Use struct sctp_assoc_value instead [ 399.947403][T15783] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 401.256202][T15820] usb usb3: usbfs: interface 0 claimed by hub while 'syz.1.4525' sets config #0 [ 403.294701][T15882] block nbd2: not configured, cannot reconfigure [ 405.568148][T15947] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 405.910904][T15956] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 408.147770][T16018] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 408.348408][T16022] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4601'. [ 408.508692][T16028] netlink: 29 bytes leftover after parsing attributes in process `syz.3.4601'. [ 409.664355][T16046] openvswitch: netlink: IP tunnel dst address not specified [ 411.667455][T16104] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 411.714148][T16104] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 412.545070][T16126] [U] ^\ [ 413.828972][T16175] netlink: 'syz.1.4661': attribute type 1 has an invalid length. [ 416.192255][T16254] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 416.899761][T16275] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4698'. [ 420.641468][T16412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4733'. [ 421.129858][T16422] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4737'. [ 421.675890][T16436] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 421.682686][T16436] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 422.532055][T16466] netlink: 'syz.3.4753': attribute type 2 has an invalid length. [ 422.757769][T16472] netlink: 'syz.0.4755': attribute type 1 has an invalid length. [ 424.465275][T16532] FAULT_INJECTION: forcing a failure. [ 424.465275][T16532] name failslab, interval 1, probability 0, space 0, times 0 [ 424.543959][T16532] CPU: 0 UID: 0 PID: 16532 Comm: syz.0.4779 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 424.544005][T16532] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 424.544016][T16532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 424.544031][T16532] Call Trace: [ 424.544039][T16532] [ 424.544050][T16532] dump_stack_lvl+0x100/0x190 [ 424.544085][T16532] should_fail_ex.cold+0x5/0xa [ 424.544126][T16532] should_failslab+0xc2/0x120 [ 424.544160][T16532] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 424.544199][T16532] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 424.544226][T16532] ? sock_alloc_inode+0x25/0x1c0 [ 424.544254][T16532] ? __pfx_sock_alloc_inode+0x10/0x10 [ 424.544277][T16532] ? sock_alloc_inode+0x25/0x1c0 [ 424.544298][T16532] ? apparmor_socket_create+0x59/0x310 [ 424.544331][T16532] sock_alloc_inode+0x25/0x1c0 [ 424.544355][T16532] alloc_inode+0x68/0x250 [ 424.544391][T16532] sock_alloc+0x44/0x280 [ 424.544410][T16532] ? security_socket_create+0x7f/0x250 [ 424.544443][T16532] __sock_create+0xc2/0x860 [ 424.544470][T16532] ? lockdep_init_map_type+0x5c/0x250 [ 424.544507][T16532] smc_create+0x163/0x290 [ 424.544535][T16532] __sock_create+0x339/0x860 [ 424.544567][T16532] __sys_socket+0x14d/0x260 [ 424.544594][T16532] ? fput+0x79/0x100 [ 424.544625][T16532] ? __pfx___sys_socket+0x10/0x10 [ 424.544652][T16532] ? xfd_validate_state+0x129/0x190 [ 424.544698][T16532] __x64_sys_socket+0x72/0xb0 [ 424.544725][T16532] ? lockdep_hardirqs_on+0x78/0x100 [ 424.544753][T16532] do_syscall_64+0xc9/0xf80 [ 424.544784][T16532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.544809][T16532] RIP: 0033:0x7f6d6e79aeb9 [ 424.544828][T16532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 424.544851][T16532] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 424.544873][T16532] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 424.544889][T16532] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b [ 424.544904][T16532] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 424.544918][T16532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 424.544941][T16532] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 424.544971][T16532] [ 424.544994][T16532] socket: no more sockets [ 425.482100][T16552] tipc: Started in network mode [ 425.501124][T16552] tipc: Node identity ffffffff, cluster identity 4711 [ 425.520444][T16552] tipc: Node number set to 4294967295 [ 426.333282][T16578] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[16578] [ 426.450202][T16583] netlink: 'syz.2.4801': attribute type 1 has an invalid length. [ 427.199878][T16608] nvme_fcloop: unknown parameter or missing value '' [ 428.759633][T16654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4827'. [ 429.076345][T16665] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4831'. [ 429.341204][T16670] .^: entered promiscuous mode [ 429.424690][T16677] openvswitch: netlink: Duplicate key (type 15). [ 429.716164][T16688] No such timeout policy "" [ 429.716220][T16688] netlink: Failed to associated timeout policy '' [ 432.206353][T16768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4871'. [ 433.054301][ T30] audit: type=1326 audit(4294967384.633:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16794 comm="syz.2.4881" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9f2bb9aeb9 code=0x0 [ 440.106323][ T52] Bluetooth: hci1: unexpected event 0x30 length: 47 > 3 [ 443.977271][T17196] bond0: option arp_validate: invalid value (842) [ 445.531268][T17250] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd1f [ 447.478161][T17307] openvswitch: netlink: Multiple metadata blocks provided [ 448.064357][T17329] openvswitch: netlink: IP tunnel TTL not specified. [ 448.844978][T17351] misc userio: No port type given on /dev/userio [ 449.264945][T17370] netlink: 'syz.0.5099': attribute type 1 has an invalid length. [ 450.585676][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 450.592177][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 451.116299][T17440] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 451.916429][ T52] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 451.916512][ T52] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 451.932688][ T52] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 451.932713][ T52] Bluetooth: hci0: Unknown advertising packet type: 0x39 [ 451.943846][ T52] Bluetooth: hci0: adv larger than maximum supported [ 451.951201][ T52] Bluetooth: hci0: Malformed LE Event: 0x0d [ 452.386441][T17491] openvswitch: netlink: Missing valid actions attribute. [ 452.909293][T17507] netlink: 'syz.3.5142': attribute type 11 has an invalid length. [ 456.450363][T17638] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 458.097036][T17692] netlink: Failed to add  helper -22 [ 458.734061][T17735] dyndbg: expected <4096 bytes into control [ 459.262864][T17753] capability: warning: `syz.1.5214' uses 32-bit capabilities (legacy support in use) [ 459.575326][T17764] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 459.664551][T17767] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 463.367801][T17904] netlink: 'syz.0.5263': attribute type 11 has an invalid length. [ 463.415199][T17904] netlink: 'syz.0.5263': attribute type 11 has an invalid length. [ 463.423291][T17904] netlink: 'syz.0.5263': attribute type 11 has an invalid length. [ 463.491269][T17904] netlink: 'syz.0.5263': attribute type 11 has an invalid length. [ 465.985026][ T52] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 465.985058][ T52] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 466.001412][ T52] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 466.001440][ T52] Bluetooth: hci1: adv larger than maximum supported [ 466.011794][ T52] Bluetooth: hci1: Unknown advertising packet type: 0x3b [ 466.018862][ T52] Bluetooth: hci1: Malformed LE Event: 0x0d [ 466.443901][T18009] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 468.006952][ T52] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 468.183122][ T5145] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 468.183154][ T5145] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 468.198681][ T5145] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 468.198708][ T5145] Bluetooth: hci2: adv larger than maximum supported [ 468.209323][ T5145] Bluetooth: hci2: adv larger than maximum supported [ 468.216957][ T5145] Bluetooth: hci2: Unknown advertising packet type: 0x1f [ 468.223771][ T5145] Bluetooth: hci2: Malformed LE Event: 0x0d [ 470.585335][ T5145] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 470.585369][ T5145] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 470.600689][ T5145] Bluetooth: hci0: Dropping invalid advertising data [ 470.617148][ T5145] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 470.617185][ T5145] Bluetooth: hci0: Dropping invalid advertising data [ 470.632808][ T5145] Bluetooth: hci0: Malformed LE Event: 0x02 [ 470.836017][T18172] random: crng reseeded on system resumption [ 471.246090][ T5145] Bluetooth: hci2: SCO packet too small [ 472.330318][T18227] openvswitch: netlink: Message has 20 unknown bytes. [ 472.562341][T18234] openvswitch: netlink: Duplicate or invalid key (type 0). [ 473.384053][T18265] sd 0:0:1:0: PR command failed: 1026 [ 473.426188][T18265] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 473.459096][T18265] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 473.624163][ T5145] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 474.160428][ T52] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 474.160459][ T52] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 474.176496][ T52] Bluetooth: hci1: Dropping invalid advertising data [ 474.183222][ T52] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 474.183271][ T52] Bluetooth: hci1: Dropping invalid advertising data [ 474.197573][ T52] Bluetooth: hci1: Malformed LE Event: 0x02 [ 474.873582][T18336] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5384'. [ 474.934702][T18344] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5384'. [ 476.422912][ T52] Bluetooth: hci1: unexpected subevent 0x18 length: 123 > 19 [ 476.430555][ T52] Bluetooth: hci1: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 478.797485][T18467] : entered promiscuous mode [ 480.046823][ T52] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 481.723995][T18567] netlink: 'syz.1.5461': attribute type 1 has an invalid length. [ 481.812447][T18571] netlink: 'syz.2.5464': attribute type 8 has an invalid length. [ 483.308416][T18614] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 483.997673][T18632] netlink: 'syz.2.5487': attribute type 11 has an invalid length. [ 484.031024][T18632] netlink: 'syz.2.5487': attribute type 11 has an invalid length. [ 485.815771][T18680] netlink: zone id is out of range [ 486.140802][T18685] NFSD: Failed to start, no listeners configured. [ 486.580355][T18702] delete_channel: no stack [ 486.828686][T18709] netlink: 'syz.0.5514': attribute type 11 has an invalid length. [ 487.400130][T18726] vhci_hcd vhci_hcd.1: invalid port number 255 [ 487.434328][T18726] vhci_hcd vhci_hcd.1: default hub control req: 600d v002b i00ff l1 [ 488.455905][T18752] &#$@\]\-: entered promiscuous mode [ 489.858223][T18800] netlink: Unknown conntrack attr (type=257, max=9) [ 489.896668][T18804] netlink: 'syz.0.5550': attribute type 1 has an invalid length. [ 492.711793][T18890] netlink: zone id is out of range [ 493.638714][ T5145] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 495.802702][T19019] openvswitch: netlink: Message has 4 unknown bytes. [ 496.092002][T19029] FAULT_INJECTION: forcing a failure. [ 496.092002][T19029] name failslab, interval 1, probability 0, space 0, times 0 [ 496.167195][T19029] CPU: 0 UID: 0 PID: 19029 Comm: syz.0.5625 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 496.167246][T19029] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 496.167256][T19029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 496.167273][T19029] Call Trace: [ 496.167281][T19029] [ 496.167290][T19029] dump_stack_lvl+0x100/0x190 [ 496.167323][T19029] should_fail_ex.cold+0x5/0xa [ 496.167363][T19029] should_failslab+0xc2/0x120 [ 496.167397][T19029] kmem_cache_alloc_noprof+0x83/0x780 [ 496.167429][T19029] ? kcm_create+0x11e/0x6a0 [ 496.167462][T19029] ? kcm_create+0x11e/0x6a0 [ 496.167487][T19029] kcm_create+0x11e/0x6a0 [ 496.167517][T19029] __sock_create+0x339/0x860 [ 496.167550][T19029] __sys_socket+0x14d/0x260 [ 496.167576][T19029] ? fput+0x79/0x100 [ 496.167608][T19029] ? __pfx___sys_socket+0x10/0x10 [ 496.167635][T19029] ? xfd_validate_state+0x129/0x190 [ 496.167680][T19029] __x64_sys_socket+0x72/0xb0 [ 496.167707][T19029] ? lockdep_hardirqs_on+0x78/0x100 [ 496.167734][T19029] do_syscall_64+0xc9/0xf80 [ 496.167765][T19029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 496.167789][T19029] RIP: 0033:0x7f6d6e79aeb9 [ 496.167807][T19029] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 496.167830][T19029] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 496.167855][T19029] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 496.167871][T19029] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 496.167885][T19029] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 496.167899][T19029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 496.167912][T19029] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 496.167942][T19029] [ 496.403497][T19033] netlink: 'syz.1.5627': attribute type 2 has an invalid length. [ 496.893997][T19044] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700010007 [ 496.914168][T19045] netlink: 'syz.1.5632': attribute type 1 has an invalid length. [ 497.619315][T19070] FAULT_INJECTION: forcing a failure. [ 497.619315][T19070] name failslab, interval 1, probability 0, space 0, times 0 [ 497.691817][T19070] CPU: 0 UID: 0 PID: 19070 Comm: syz.2.5642 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 497.691861][T19070] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 497.691871][T19070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 497.691885][T19070] Call Trace: [ 497.691893][T19070] [ 497.691902][T19070] dump_stack_lvl+0x100/0x190 [ 497.691935][T19070] should_fail_ex.cold+0x5/0xa [ 497.691985][T19070] should_failslab+0xc2/0x120 [ 497.692019][T19070] kmem_cache_alloc_noprof+0x83/0x780 [ 497.692051][T19070] ? __anon_vma_prepare+0xae/0x5e0 [ 497.692083][T19070] ? __anon_vma_prepare+0xae/0x5e0 [ 497.692108][T19070] __anon_vma_prepare+0xae/0x5e0 [ 497.692132][T19070] ? do_raw_spin_lock+0x128/0x260 [ 497.692172][T19070] __vmf_anon_prepare+0x11f/0x250 [ 497.692212][T19070] do_huge_pmd_anonymous_page+0x161/0x1c00 [ 497.692243][T19070] ? __pmd_alloc+0x6aa/0x9c0 [ 497.692283][T19070] __handle_mm_fault+0x1e96/0x2b50 [ 497.692313][T19070] ? mt_find+0x45e/0x8e0 [ 497.692345][T19070] ? __pfx___handle_mm_fault+0x10/0x10 [ 497.692369][T19070] ? __pfx_mt_find+0x10/0x10 [ 497.692422][T19070] handle_mm_fault+0x36d/0xa20 [ 497.692454][T19070] __get_user_pages+0xf9c/0x34d0 [ 497.692501][T19070] ? __pfx___get_user_pages+0x10/0x10 [ 497.692546][T19070] populate_vma_page_range+0x267/0x3f0 [ 497.692587][T19070] ? __pfx_populate_vma_page_range+0x10/0x10 [ 497.692625][T19070] ? __pfx_find_vma_intersection+0x10/0x10 [ 497.692662][T19070] ? do_mmap+0x93f/0x12f0 [ 497.692700][T19070] __mm_populate+0x107/0x3a0 [ 497.692740][T19070] ? __pfx___mm_populate+0x10/0x10 [ 497.692780][T19070] ? up_write+0x290/0x4f0 [ 497.692818][T19070] vm_mmap_pgoff+0x37f/0x470 [ 497.692858][T19070] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 497.692901][T19070] ? __x64_sys_futex+0x34f/0x4d0 [ 497.692933][T19070] ? __x64_sys_futex+0x358/0x4d0 [ 497.692977][T19070] ksys_mmap_pgoff+0x7d/0x5b0 [ 497.693017][T19070] __x64_sys_mmap+0x125/0x190 [ 497.693043][T19070] do_syscall_64+0xc9/0xf80 [ 497.693074][T19070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.693098][T19070] RIP: 0033:0x7f9f2bb9aeb9 [ 497.693117][T19070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 497.693140][T19070] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 497.693162][T19070] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 497.693178][T19070] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 497.693192][T19070] RBP: 00007f9f2bc08c1f R08: 0000000000000002 R09: 0000000000008000 [ 497.693206][T19070] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 497.693220][T19070] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 497.693250][T19070] [ 499.084203][T19105] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 499.626586][T19125] queue_state_write: unsupported operation '' [ 499.632744][T19125] queue_state_write: use 'run', 'start' or 'kick' [ 500.186858][T19146] openvswitch: netlink: IPv4 tunnel dst address is zero [ 500.648937][T19163] usb usb26: usbfs: interface 0 claimed by hub while 'syz.3.5676' resets device [ 500.949414][ T5145] Bluetooth: hci0: unexpected event 0x2c length: 42 > 17 [ 501.406545][ T30] audit: type=1806 audit(4294967452.983:14): xattr="" res=-22 [ 501.594409][T19196] openvswitch: netlink: IP tunnel dst address not specified [ 502.134027][T19221] perf: Dynamic interrupt throttling disabled, can hang your system! [ 504.624358][T19324] netlink: Conntrack attr has 16 unknown bytes [ 504.896516][T19336] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 505.103042][T19341] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 505.194054][T19349] program syz.3.5745 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 505.457785][T19356] delete_channel: no stack [ 506.784488][T19410] IPVS: length: 131 != 8 [ 508.318404][T19469] netlink: 'syz.2.5792': attribute type 1 has an invalid length. [ 509.311264][T19501] Invalid ELF header magic: != ELF [ 509.861436][T19523] : entered promiscuous mode [ 510.025578][T19533] netlink: del zone limit has 8 unknown bytes [ 512.009972][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 512.016492][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.679340][T19622] Invalid ELF header magic: != ELF [ 513.037064][T19630] netlink: Failed to add  helper -22 [ 513.553406][T19655] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5863'. [ 513.593849][T19655] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5863'. [ 513.906548][T19670] delete_channel: no stack [ 514.176363][T19680] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 514.648637][T19684] syz.0.5874 (19684) used greatest stack depth: 19688 bytes left [ 514.993925][T19705] netlink: 'syz.2.5882': attribute type 2 has an invalid length. [ 515.079640][T19712] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 516.275053][T19750] openvswitch: netlink: Key type 261 is out of range max 32 [ 516.947508][T19773] HfR: entered promiscuous mode [ 517.070570][T19781] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5910'. [ 518.786922][T19850] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 518.866810][T19853] ucma_write: process 3120 (syz.2.5936) changed security contexts after opening file descriptor, this is not allowed. [ 519.142863][ T30] audit: type=1800 audit(4294967470.723:15): pid=19861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5939" name="lu_gp_id" dev="configfs" ino=49453 res=0 errno=0 [ 520.174529][ T30] audit: type=1107 audit(4294967471.743:16): pid=19893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 520.253896][ T30] audit: type=1107 audit(4294967471.753:17): pid=19893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 521.832243][T19965] netlink: 206 bytes leftover after parsing attributes in process `syz.2.5978'. [ 522.130949][T19975] netlink: 'syz.2.5982': attribute type 1 has an invalid length. [ 523.123088][ T5145] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 523.625887][T20038] netlink: 'syz.0.6006': attribute type 4 has an invalid length. [ 523.707200][T20038] netlink: 'syz.0.6006': attribute type 1 has an invalid length. [ 528.607897][T20213] netlink: ct family unspecified [ 529.171009][T20238] netlink: NAT attribute type 6 has unexpected length (4 != 2) [ 529.368473][T20244] openvswitch: netlink: Message has 4 unknown bytes. [ 533.052418][T20394] ptrace attach of "./syz-executor exec"[5827] was attempted by ""[20394] [ 533.224807][T20399] netlink: 'syz.2.6143': attribute type 2 has an invalid length. [ 533.263873][T20399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6143'. [ 534.011524][T20428] netlink: 'syz.1.6155': attribute type 11 has an invalid length. [ 538.082300][T20588] netlink: 'syz.0.6216': attribute type 2 has an invalid length. [ 538.674059][T20606] ksmbd: Unknown IPC event: 14, ignore. [ 540.297175][T20663] sctp: [Deprecated]: syz.2.6244 (pid 20663) Use of struct sctp_assoc_value in delayed_ack socket option. [ 540.297175][T20663] Use struct sctp_sack_info instead [ 540.339083][T20667] MTRR 1 not used [ 542.082377][T20735] synth uevent: /module/orangefs: unknown uevent action string [ 542.434069][T20747] netlink: 'syz.0.6272': attribute type 1 has an invalid length. [ 542.441942][T20747] netlink: 33 bytes leftover after parsing attributes in process `syz.0.6272'. [ 544.321700][T20801] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 546.377546][T20874] netlink: 'syz.3.6319': attribute type 1 has an invalid length. [ 546.451462][T20873] netlink: 'syz.2.6322': attribute type 2 has an invalid length. [ 547.586609][T20915] netlink: zone id is out of range [ 547.629875][T20915] netlink: zone id is out of range [ 547.772635][T20915] netlink: set zone limit has 8 unknown bytes [ 548.487957][T20936] NFSD: Failed to start, no listeners configured. [ 548.875552][T20965] netlink: 'syz.2.6351': attribute type 1 has an invalid length. [ 550.663956][T21027] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 551.224823][T21046] FAULT_INJECTION: forcing a failure. [ 551.224823][T21046] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 551.276227][T21046] CPU: 0 UID: 0 PID: 21046 Comm: syz.1.6381 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 551.276274][T21046] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 551.276287][T21046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 551.276301][T21046] Call Trace: [ 551.276309][T21046] [ 551.276317][T21046] dump_stack_lvl+0x100/0x190 [ 551.276351][T21046] should_fail_ex.cold+0x5/0xa [ 551.276391][T21046] core_sys_select+0x5d1/0xbb0 [ 551.276423][T21046] ? __pfx_core_sys_select+0x10/0x10 [ 551.276478][T21046] ? ktime_get_ts64+0x2d2/0x3f0 [ 551.276509][T21046] ? read_tsc+0x9/0x20 [ 551.276537][T21046] ? ktime_get_ts64+0x256/0x3f0 [ 551.276570][T21046] kern_select+0x20c/0x270 [ 551.276597][T21046] ? __pfx_kern_select+0x10/0x10 [ 551.276633][T21046] __x64_sys_select+0xbd/0x160 [ 551.276656][T21046] ? do_syscall_64+0x94/0xf80 [ 551.276684][T21046] ? lockdep_hardirqs_on+0x78/0x100 [ 551.276711][T21046] do_syscall_64+0xc9/0xf80 [ 551.276742][T21046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.276766][T21046] RIP: 0033:0x7f36b419aeb9 [ 551.276784][T21046] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 551.276807][T21046] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 551.276830][T21046] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 551.276845][T21046] RDX: 0000200000000180 RSI: 0000000000000000 RDI: 0000000000000003 [ 551.276860][T21046] RBP: 00007f36b4208c1f R08: 00002000000000c0 R09: 0000000000000000 [ 551.276874][T21046] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 551.276888][T21046] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 551.276918][T21046] [ 551.763352][T21063] openvswitch: netlink: Flow key attribute not present in set flow. [ 552.180864][T21082] netlink: NAT attribute has 4 unknown bytes [ 552.711381][T21096] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 553.715434][T21136] netlink: 'syz.1.6416': attribute type 11 has an invalid length. [ 553.970294][T21144] netlink: 'syz.1.6419': attribute type 1 has an invalid length. [ 555.483452][T21193] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 558.855755][T21301] nbd: illegal input index 37139 [ 560.338604][T21361] openvswitch: netlink: IP tunnel dst address not specified [ 561.947706][ T5145] Bluetooth: hci0: ACL packet too small [ 565.746882][T21564] netlink: 'syz.3.6578': attribute type 11 has an invalid length. [ 565.770496][T21564] netlink: 'syz.3.6578': attribute type 11 has an invalid length. [ 565.817904][T21564] netlink: 'syz.3.6578': attribute type 11 has an invalid length. [ 565.919810][T21570] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 568.061616][T21657] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6612'. [ 568.269921][T21660] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6613'. [ 568.312250][T21660] tc_dump_action: action bad kind [ 570.994248][T21740] netlink: 'syz.1.6645': attribute type 1 has an invalid length. [ 571.054589][T21740] netlink: 'syz.1.6645': attribute type 1 has an invalid length. [ 571.063067][T21740] netlink: 124 bytes leftover after parsing attributes in process `syz.1.6645'. [ 571.169996][T21740] netlink: 100 bytes leftover after parsing attributes in process `syz.1.6645'. [ 571.294914][T21748] HSR: entered promiscuous mode [ 572.686589][ T5145] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 573.010129][T21796] CIFS mount error: No usable UNC path provided in device string! [ 573.010129][T21796] [ 573.119370][T21796] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 573.451027][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.457468][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.739091][T21814] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 573.797886][T21819] netlink: zone id is out of range [ 573.826603][T21819] netlink: zone id is out of range [ 573.862833][T21819] netlink: zone id is out of range [ 573.887579][T21819] netlink: zone id is out of range [ 573.943857][T21819] netlink: set zone limit has 8 unknown bytes [ 575.047880][T21855] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 575.454086][T21868] openvswitch: netlink: Flow key attr not present in new flow. [ 576.767414][T21910] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 577.507668][T21934] netlink: zone id is out of range [ 577.563992][T21934] netlink: zone id is out of range [ 579.682652][T22017] net_ratelimit: 55 callbacks suppressed [ 579.682672][T22017] openvswitch: netlink: IP tunnel dst address not specified [ 579.940266][T22029] zram0: detected capacity change from 16 to 0 [ 580.222256][T22029] zram: Removed device: zram0 [ 581.345289][T22077] netlink: zone id is out of range [ 581.353620][T22077] netlink: zone id is out of range [ 581.527331][T22077] netlink: set zone limit has 8 unknown bytes [ 583.514653][T22159] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 583.542114][T22161] netlink: zone id is out of range [ 583.577795][T22161] netlink: zone id is out of range [ 583.595495][T22161] netlink: zone id is out of range [ 583.601041][T22161] netlink: zone id is out of range [ 583.679092][T22161] netlink: zone id is out of range [ 583.834106][T22170] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6806'. [ 583.988244][T22176] nbd: couldn't find a device at index 35644 [ 585.350642][T22226] nbd: must specify a size in bytes for the device [ 585.444270][T22229] net_ratelimit: 23 callbacks suppressed [ 585.444290][T22229] openvswitch: netlink: IP tunnel dst address not specified [ 585.912465][T22251] MTRR 1 not used [ 586.143651][T22258] sd 0:0:1:0: PR command failed: 1026 [ 586.173226][T22258] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 586.190378][T22258] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 587.516388][T22307] FAULT_INJECTION: forcing a failure. [ 587.516388][T22307] name failslab, interval 1, probability 0, space 0, times 0 [ 587.569354][T22307] CPU: 0 UID: 0 PID: 22307 Comm: syz.1.6858 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 587.569406][T22307] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 587.569417][T22307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 587.569431][T22307] Call Trace: [ 587.569438][T22307] [ 587.569447][T22307] dump_stack_lvl+0x100/0x190 [ 587.569479][T22307] should_fail_ex.cold+0x5/0xa [ 587.569519][T22307] should_failslab+0xc2/0x120 [ 587.569554][T22307] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 587.569589][T22307] ? __d_alloc+0x34/0xa80 [ 587.569623][T22307] ? __d_alloc+0x34/0xa80 [ 587.569650][T22307] __d_alloc+0x34/0xa80 [ 587.569682][T22307] d_alloc_pseudo+0x1c/0xc0 [ 587.569720][T22307] alloc_file_pseudo+0xcf/0x230 [ 587.569757][T22307] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 587.569794][T22307] ? _raw_spin_unlock+0x28/0x50 [ 587.569818][T22307] ? alloc_fd+0x476/0x790 [ 587.569846][T22307] __anon_inode_getfile+0xe8/0x280 [ 587.569886][T22307] __anon_inode_getfd+0x5c/0xe0 [ 587.569921][T22307] map_create+0x17fc/0x2ba0 [ 587.569945][T22307] ? preempt_schedule_thunk+0x16/0x30 [ 587.569977][T22307] ? __pfx_map_create+0x10/0x10 [ 587.569999][T22307] ? __might_fault+0xc5/0x140 [ 587.570025][T22307] ? __might_fault+0xc5/0x140 [ 587.570062][T22307] __sys_bpf+0xcec/0x5050 [ 587.570088][T22307] ? futex_private_hash_put+0x107/0x1c0 [ 587.570122][T22307] ? __pfx___sys_bpf+0x10/0x10 [ 587.570152][T22307] ? __pfx_futex_wake+0x10/0x10 [ 587.570194][T22307] ? ksys_write+0x190/0x250 [ 587.570227][T22307] ? do_futex+0x192/0x350 [ 587.570274][T22307] ? fput+0x79/0x100 [ 587.570305][T22307] ? xfd_validate_state+0x129/0x190 [ 587.570350][T22307] __x64_sys_bpf+0x7b/0xc0 [ 587.570383][T22307] ? lockdep_hardirqs_on+0x78/0x100 [ 587.570412][T22307] do_syscall_64+0xc9/0xf80 [ 587.570442][T22307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.570466][T22307] RIP: 0033:0x7f36b419aeb9 [ 587.570485][T22307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 587.570508][T22307] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 587.570531][T22307] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 587.570546][T22307] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 587.570560][T22307] RBP: 00007f36b4208c1f R08: 0000000000000000 R09: 0000000000000000 [ 587.570574][T22307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 587.570588][T22307] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 587.570618][T22307] [ 588.083431][T22326] netlink: 'syz.3.6865': attribute type 1 has an invalid length. [ 589.525431][T22373] netlink: 'syz.0.6884': attribute type 1 has an invalid length. [ 589.582979][T22373] nbd: error processing sock list [ 589.805641][T22379] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6886'. [ 591.647931][T22451] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 593.313007][ T30] audit: type=1326 audit(4294967544.893:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22494 comm="syz.3.6930" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1c80b9aeb9 code=0x0 [ 595.672305][T22576] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6959'. [ 598.356008][T22683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6993'. [ 598.954454][T22705] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7000'. [ 600.241902][T22743] netlink: 'syz.3.7014': attribute type 3 has an invalid length. [ 600.324295][T22743] netlink: 332 bytes leftover after parsing attributes in process `syz.3.7014'. [ 601.550376][T22775] zswap: compressor not available [ 603.490901][T22860] bridge0: port 3(hsr0) entered blocking state [ 603.526784][T22860] bridge0: port 3(hsr0) entered disabled state [ 603.566453][T22860] hsr0: entered allmulticast mode [ 603.600701][T22860] hsr_slave_0: entered allmulticast mode [ 603.623824][T22860] hsr_slave_1: entered allmulticast mode [ 603.662797][T22860] hsr0: entered promiscuous mode [ 603.684480][T22860] bridge0: port 3(hsr0) entered blocking state [ 603.691279][T22860] bridge0: port 3(hsr0) entered forwarding state [ 604.079577][T22873] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7063'. [ 606.771965][T22952] bridge0: port 3(hsr0) entered blocking state [ 606.842328][T22952] bridge0: port 3(hsr0) entered disabled state [ 606.866443][T22952] hsr0: entered allmulticast mode [ 606.903210][T22952] hsr_slave_0: entered allmulticast mode [ 606.960280][T22952] hsr_slave_1: entered allmulticast mode [ 607.026943][T22952] hsr0: entered promiscuous mode [ 607.062301][T22952] bridge0: port 3(hsr0) entered blocking state [ 607.068844][T22952] bridge0: port 3(hsr0) entered forwarding state [ 607.658531][T22998] sctp: [Deprecated]: syz.0.7101 (pid 22998) Use of int in maxseg socket option. [ 607.658531][T22998] Use struct sctp_assoc_value instead [ 611.369970][T23110] FAULT_INJECTION: forcing a failure. [ 611.369970][T23110] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 611.438378][T23110] CPU: 0 UID: 0 PID: 23110 Comm: syz.1.7145 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 611.438423][T23110] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 611.438434][T23110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 611.438448][T23110] Call Trace: [ 611.438456][T23110] [ 611.438465][T23110] dump_stack_lvl+0x100/0x190 [ 611.438499][T23110] should_fail_ex.cold+0x5/0xa [ 611.438535][T23110] ? prepare_alloc_pages+0x16d/0x5f0 [ 611.438596][T23110] should_fail_alloc_page+0xeb/0x140 [ 611.438632][T23110] prepare_alloc_pages+0x1f0/0x5f0 [ 611.438674][T23110] __alloc_frozen_pages_noprof+0x193/0x2410 [ 611.438719][T23110] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 611.438767][T23110] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 611.438794][T23110] ? policy_nodemask+0xed/0x4f0 [ 611.438833][T23110] alloc_pages_mpol+0x1fb/0x550 [ 611.438869][T23110] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 611.438911][T23110] alloc_pages_noprof+0x131/0x390 [ 611.438947][T23110] pte_alloc_one+0x1e/0x3e0 [ 611.438978][T23110] do_huge_pmd_anonymous_page+0x836/0x1c00 [ 611.439014][T23110] __handle_mm_fault+0x1e96/0x2b50 [ 611.439045][T23110] ? mt_find+0x45e/0x8e0 [ 611.439076][T23110] ? __pfx___handle_mm_fault+0x10/0x10 [ 611.439100][T23110] ? __pfx_mt_find+0x10/0x10 [ 611.439152][T23110] handle_mm_fault+0x36d/0xa20 [ 611.439184][T23110] __get_user_pages+0xf9c/0x34d0 [ 611.439229][T23110] ? down_read_killable+0x30e/0x4c0 [ 611.439261][T23110] ? __lock_acquire+0x4a5/0x2630 [ 611.439298][T23110] ? __pfx___get_user_pages+0x10/0x10 [ 611.439343][T23110] __gup_longterm_locked+0x87d/0x16f0 [ 611.439389][T23110] ? __pfx___gup_longterm_locked+0x10/0x10 [ 611.439429][T23110] ? try_get_folio+0x262/0x750 [ 611.439461][T23110] ? pmd_write+0xd3/0x150 [ 611.439492][T23110] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 611.439533][T23110] gup_fast_fallback+0x18c6/0x2460 [ 611.439598][T23110] ? __pfx_gup_fast_fallback+0x10/0x10 [ 611.439635][T23110] ? ksys_write+0x12a/0x250 [ 611.439661][T23110] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.439698][T23110] pin_user_pages_fast+0xa7/0xf0 [ 611.439736][T23110] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 611.439782][T23110] iov_iter_extract_pages+0xa0d/0x1ef0 [ 611.439828][T23110] ? pfn_valid+0x98/0x4e0 [ 611.439860][T23110] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 611.439898][T23110] ? bvec_try_merge_page+0x1cd/0x290 [ 611.439935][T23110] ? bio_add_page+0x162/0x760 [ 611.439968][T23110] ? iov_iter_revert+0x252/0x5b0 [ 611.440007][T23110] bio_iov_iter_get_pages+0x35e/0x12c0 [ 611.440062][T23110] ? __pfx_bio_iov_iter_get_pages+0x10/0x10 [ 611.440101][T23110] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 611.440141][T23110] ? iov_iter_npages+0xf8/0x500 [ 611.440176][T23110] blkdev_direct_IO+0x1302/0x1fb0 [ 611.440219][T23110] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 611.440253][T23110] ? filemap_check_errors+0xa9/0x150 [ 611.440299][T23110] blkdev_write_iter+0x703/0xd70 [ 611.440334][T23110] vfs_write+0x6ac/0x1070 [ 611.440361][T23110] ? __pfx_blkdev_write_iter+0x10/0x10 [ 611.440394][T23110] ? __pfx_vfs_write+0x10/0x10 [ 611.440418][T23110] ? find_held_lock+0x2b/0x80 [ 611.440459][T23110] ksys_write+0x12a/0x250 [ 611.440486][T23110] ? __pfx_ksys_write+0x10/0x10 [ 611.440521][T23110] do_syscall_64+0xc9/0xf80 [ 611.440552][T23110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.440583][T23110] RIP: 0033:0x7f36b419aeb9 [ 611.440602][T23110] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 611.440625][T23110] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 611.440647][T23110] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 611.440663][T23110] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000003 [ 611.440678][T23110] RBP: 00007f36b4208c1f R08: 0000000000000000 R09: 0000000000000000 [ 611.440692][T23110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 611.440706][T23110] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 611.440736][T23110] [ 611.881314][T23115] phram: not enough arguments [ 611.971913][T23117] netlink: 334 bytes leftover after parsing attributes in process `syz.3.7150'. [ 612.045854][T23121] netlink: 29 bytes leftover after parsing attributes in process `syz.1.7148'. [ 615.415587][T23212] FAULT_INJECTION: forcing a failure. [ 615.415587][T23212] name failslab, interval 1, probability 0, space 0, times 0 [ 615.450416][T23212] CPU: 0 UID: 0 PID: 23212 Comm: syz.2.7187 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 615.450461][T23212] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 615.450472][T23212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 615.450486][T23212] Call Trace: [ 615.450494][T23212] [ 615.450503][T23212] dump_stack_lvl+0x100/0x190 [ 615.450537][T23212] should_fail_ex.cold+0x5/0xa [ 615.450578][T23212] should_failslab+0xc2/0x120 [ 615.450613][T23212] kmem_cache_alloc_noprof+0x83/0x780 [ 615.450645][T23212] ? sk_prot_alloc+0x60/0x2a0 [ 615.450674][T23212] ? sk_prot_alloc+0x60/0x2a0 [ 615.450696][T23212] sk_prot_alloc+0x60/0x2a0 [ 615.450722][T23212] sk_alloc+0x36/0xe80 [ 615.450755][T23212] smc_create+0x11a/0x290 [ 615.450784][T23212] __sock_create+0x339/0x860 [ 615.450816][T23212] __sys_socket+0x14d/0x260 [ 615.450845][T23212] ? __pfx___sys_socket+0x10/0x10 [ 615.450876][T23212] ? xfd_validate_state+0x129/0x190 [ 615.450922][T23212] __x64_sys_socket+0x72/0xb0 [ 615.450949][T23212] ? lockdep_hardirqs_on+0x78/0x100 [ 615.450977][T23212] do_syscall_64+0xc9/0xf80 [ 615.451008][T23212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.451032][T23212] RIP: 0033:0x7f9f2bb9aeb9 [ 615.451050][T23212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 615.451073][T23212] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 615.451103][T23212] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 615.451119][T23212] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b [ 615.451151][T23212] RBP: 00007f9f2bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 615.451165][T23212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.451179][T23212] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 615.451209][T23212] [ 616.168424][T23217] ovs_: entered promiscuous mode [ 616.793619][T23231] FAULT_INJECTION: forcing a failure. [ 616.793619][T23231] name failslab, interval 1, probability 0, space 0, times 0 [ 616.836153][T23231] CPU: 0 UID: 0 PID: 23231 Comm: syz.2.7192 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 616.836204][T23231] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 616.836216][T23231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 616.836230][T23231] Call Trace: [ 616.836237][T23231] [ 616.836246][T23231] dump_stack_lvl+0x100/0x190 [ 616.836280][T23231] should_fail_ex.cold+0x5/0xa [ 616.836322][T23231] should_failslab+0xc2/0x120 [ 616.836356][T23231] __kmalloc_cache_noprof+0x80/0x810 [ 616.836380][T23231] ? fput+0x79/0x100 [ 616.836410][T23231] ? do_epoll_create+0x62/0x4b0 [ 616.836441][T23231] ? do_epoll_create+0x62/0x4b0 [ 616.836467][T23231] do_epoll_create+0x62/0x4b0 [ 616.836494][T23231] __x64_sys_epoll_create+0x45/0x70 [ 616.836523][T23231] do_syscall_64+0xc9/0xf80 [ 616.836554][T23231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.836577][T23231] RIP: 0033:0x7f9f2bb9aeb9 [ 616.836596][T23231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 616.836618][T23231] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 616.836641][T23231] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 616.836656][T23231] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000003e [ 616.836670][T23231] RBP: 00007f9f2bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 616.836684][T23231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.836698][T23231] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 616.836728][T23231] [ 617.690492][T23221] kexec: Could not allocate control_code_buffer [ 618.525316][T23261] bridge0: port 4(veth1_macvtap) entered blocking state [ 618.560688][T23261] bridge0: port 4(veth1_macvtap) entered disabled state [ 618.592710][T23261] veth1_macvtap: entered allmulticast mode [ 618.624509][T23261] veth1_macvtap: left allmulticast mode [ 619.421595][T23301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7215'. [ 619.465065][T23301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7215'. [ 620.168222][T23335] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7222'. [ 620.715710][T23354] FAULT_INJECTION: forcing a failure. [ 620.715710][T23354] name failslab, interval 1, probability 0, space 0, times 0 [ 620.776743][T23354] CPU: 0 UID: 0 PID: 23354 Comm: syz.0.7228 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 620.776787][T23354] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 620.776798][T23354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 620.776812][T23354] Call Trace: [ 620.776821][T23354] [ 620.776830][T23354] dump_stack_lvl+0x100/0x190 [ 620.776863][T23354] should_fail_ex.cold+0x5/0xa [ 620.776903][T23354] should_failslab+0xc2/0x120 [ 620.776938][T23354] kmem_cache_alloc_noprof+0x83/0x780 [ 620.776971][T23354] ? prepare_creds+0x2c/0x950 [ 620.776997][T23354] ? prepare_creds+0x2c/0x950 [ 620.777016][T23354] prepare_creds+0x2c/0x950 [ 620.777039][T23354] __sys_setfsuid+0xda/0x380 [ 620.777065][T23354] ? rcu_is_watching+0x12/0xc0 [ 620.777091][T23354] do_syscall_64+0xc9/0xf80 [ 620.777122][T23354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.777146][T23354] RIP: 0033:0x7f6d6e79aeb9 [ 620.777164][T23354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.777187][T23354] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 620.777210][T23354] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 620.777226][T23354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 620.777240][T23354] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 620.777254][T23354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.777268][T23354] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 620.777298][T23354] [ 621.565171][T23379] FAULT_INJECTION: forcing a failure. [ 621.565171][T23379] name failslab, interval 1, probability 0, space 0, times 0 [ 621.616065][T23379] CPU: 0 UID: 0 PID: 23379 Comm: syz.0.7236 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 621.616110][T23379] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 621.616120][T23379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 621.616135][T23379] Call Trace: [ 621.616143][T23379] [ 621.616152][T23379] dump_stack_lvl+0x100/0x190 [ 621.616185][T23379] should_fail_ex.cold+0x5/0xa [ 621.616225][T23379] should_failslab+0xc2/0x120 [ 621.616258][T23379] __kmalloc_cache_noprof+0x80/0x810 [ 621.616284][T23379] ? do_kimage_alloc_init+0x40/0x320 [ 621.616321][T23379] ? do_kimage_alloc_init+0x40/0x320 [ 621.616346][T23379] do_kimage_alloc_init+0x40/0x320 [ 621.616372][T23379] do_kexec_load+0x11b/0x810 [ 621.616403][T23379] ? __pfx_do_kexec_load+0x10/0x10 [ 621.616433][T23379] ? _copy_from_user+0x59/0xd0 [ 621.616479][T23379] __x64_sys_kexec_load+0x1bf/0x230 [ 621.616512][T23379] do_syscall_64+0xc9/0xf80 [ 621.616543][T23379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.616567][T23379] RIP: 0033:0x7f6d6e79aeb9 [ 621.616586][T23379] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 621.616608][T23379] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 621.616631][T23379] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 621.616647][T23379] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 621.616661][T23379] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 621.616675][T23379] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 621.616689][T23379] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 621.616718][T23379] [ 623.894209][T23455] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 625.824968][T23560] Invalid ELF header magic: != ELF [ 626.034653][ T30] audit: type=1326 audit(4294967577.613:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23568 comm="syz.3.7292" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1c80b9aeb9 code=0x0 [ 626.588232][T23586] FAULT_INJECTION: forcing a failure. [ 626.588232][T23586] name fail_futex, interval 1, probability 0, space 0, times 1 [ 626.641753][T23586] CPU: 0 UID: 0 PID: 23586 Comm: syz.0.7298 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 626.641798][T23586] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 626.641809][T23586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 626.641823][T23586] Call Trace: [ 626.641831][T23586] [ 626.641840][T23586] dump_stack_lvl+0x100/0x190 [ 626.641872][T23586] should_fail_ex.cold+0x5/0xa [ 626.641908][T23586] ? find_held_lock+0x2b/0x80 [ 626.641934][T23586] get_futex_key+0x295/0x1620 [ 626.641967][T23586] ? __pfx_get_futex_key+0x10/0x10 [ 626.641997][T23586] ? __futex_wait+0x256/0x300 [ 626.642022][T23586] ? __pfx___futex_wait+0x10/0x10 [ 626.642047][T23586] futex_requeue+0x250/0x20d0 [ 626.642091][T23586] ? futex_hash+0x2c5/0x380 [ 626.642142][T23586] ? __pfx_futex_requeue+0x10/0x10 [ 626.642185][T23586] ? futex_wait+0x125/0x380 [ 626.642216][T23586] ? ksys_write+0x190/0x250 [ 626.642242][T23586] ? ksys_write+0x190/0x250 [ 626.642273][T23586] do_futex+0x2af/0x350 [ 626.642308][T23586] ? __pfx_do_futex+0x10/0x10 [ 626.642352][T23586] __x64_sys_futex+0x34f/0x4d0 [ 626.642387][T23586] ? fput+0x79/0x100 [ 626.642419][T23586] ? __pfx___x64_sys_futex+0x10/0x10 [ 626.642452][T23586] ? xfd_validate_state+0x129/0x190 [ 626.642499][T23586] do_syscall_64+0xc9/0xf80 [ 626.642531][T23586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.642555][T23586] RIP: 0033:0x7f6d6e79aeb9 [ 626.642574][T23586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 626.642596][T23586] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 626.642619][T23586] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 626.642635][T23586] RDX: 0000000000000008 RSI: 0000000000000004 RDI: 0000000000000000 [ 626.642649][T23586] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 000000008000fff5 [ 626.642663][T23586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 626.642677][T23586] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 626.642706][T23586] [ 627.171997][T23598] input: 9%vJ,6 as /devices/virtual/input/input31 [ 629.061600][T23671] netlink: 'syz.1.7330': attribute type 2 has an invalid length. [ 629.371460][T23681] FAULT_INJECTION: forcing a failure. [ 629.371460][T23681] name failslab, interval 1, probability 0, space 0, times 0 [ 629.432376][T23681] CPU: 0 UID: 0 PID: 23681 Comm: syz.0.7334 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 629.432422][T23681] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 629.432433][T23681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 629.432447][T23681] Call Trace: [ 629.432455][T23681] [ 629.432464][T23681] dump_stack_lvl+0x100/0x190 [ 629.432498][T23681] should_fail_ex.cold+0x5/0xa [ 629.432539][T23681] should_failslab+0xc2/0x120 [ 629.432583][T23681] kmem_cache_alloc_noprof+0x83/0x780 [ 629.432618][T23681] ? create_new_namespaces+0x30/0xab0 [ 629.432652][T23681] ? create_new_namespaces+0x30/0xab0 [ 629.432677][T23681] create_new_namespaces+0x30/0xab0 [ 629.432704][T23681] ? bpf_lsm_capable+0x9/0x10 [ 629.432724][T23681] ? security_capable+0x80/0x260 [ 629.432759][T23681] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 629.432790][T23681] ksys_unshare+0x455/0xab0 [ 629.432828][T23681] ? __pfx_ksys_unshare+0x10/0x10 [ 629.432864][T23681] ? xfd_validate_state+0x129/0x190 [ 629.432912][T23681] __x64_sys_unshare+0x31/0x40 [ 629.432948][T23681] do_syscall_64+0xc9/0xf80 [ 629.432980][T23681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.433005][T23681] RIP: 0033:0x7f6d6e79aeb9 [ 629.433024][T23681] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 629.433047][T23681] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 629.433071][T23681] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 629.433087][T23681] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 629.433101][T23681] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 629.433116][T23681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 629.433131][T23681] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 629.433161][T23681] [ 631.730176][T23758] openvswitch: netlink: IP tunnel TTL not specified. [ 632.875833][T23795] FAULT_INJECTION: forcing a failure. [ 632.875833][T23795] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 632.943833][T23795] CPU: 0 UID: 0 PID: 23795 Comm: syz.2.7377 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 632.943886][T23795] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 632.943897][T23795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 632.943911][T23795] Call Trace: [ 632.943919][T23795] [ 632.943927][T23795] dump_stack_lvl+0x100/0x190 [ 632.943961][T23795] should_fail_ex.cold+0x5/0xa [ 632.944001][T23795] _copy_from_user+0x2e/0xd0 [ 632.944040][T23795] get_itimerspec64+0x16c/0x2f0 [ 632.944074][T23795] ? __pfx_get_itimerspec64+0x10/0x10 [ 632.944107][T23795] ? __pfx_do_futex+0x10/0x10 [ 632.944139][T23795] ? _copy_from_user+0x59/0xd0 [ 632.944187][T23795] __x64_sys_timerfd_settime+0x15f/0x280 [ 632.944226][T23795] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 632.944263][T23795] ? __x64_sys_futex+0x358/0x4d0 [ 632.944308][T23795] ? rcu_is_watching+0x12/0xc0 [ 632.944334][T23795] do_syscall_64+0xc9/0xf80 [ 632.944365][T23795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.944389][T23795] RIP: 0033:0x7f9f2bb9aeb9 [ 632.944407][T23795] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 632.944430][T23795] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 632.944453][T23795] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 632.944469][T23795] RDX: 0000200000000000 RSI: 0000000000000008 RDI: ffffffffffffffff [ 632.944483][T23795] RBP: 00007f9f2bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 632.944497][T23795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 632.944511][T23795] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 632.944541][T23795] [ 634.489086][T23850] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 634.495886][T23850] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 634.583219][T23854] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 634.614854][T23854] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 634.896743][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.903474][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.661236][T23837] kexec: Could not allocate control_code_buffer [ 636.743638][T23916] sctp: [Deprecated]: syz.3.7419 (pid 23916) Use of int in maxseg socket option. [ 636.743638][T23916] Use struct sctp_assoc_value instead [ 637.385342][T23935] netlink: 350 bytes leftover after parsing attributes in process `syz.0.7426'. [ 637.727390][T23947] FAULT_INJECTION: forcing a failure. [ 637.727390][T23947] name failslab, interval 1, probability 0, space 0, times 0 [ 637.803881][T23947] CPU: 0 UID: 0 PID: 23947 Comm: syz.1.7431 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 637.803926][T23947] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 637.803937][T23947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 637.803951][T23947] Call Trace: [ 637.803959][T23947] [ 637.803988][T23947] dump_stack_lvl+0x100/0x190 [ 637.804021][T23947] should_fail_ex.cold+0x5/0xa [ 637.804060][T23947] should_failslab+0xc2/0x120 [ 637.804095][T23947] kmem_cache_alloc_noprof+0x83/0x780 [ 637.804127][T23947] ? prepare_creds+0x2c/0x950 [ 637.804153][T23947] ? prepare_creds+0x2c/0x950 [ 637.804172][T23947] prepare_creds+0x2c/0x950 [ 637.804219][T23947] __sys_setresuid+0x458/0x1280 [ 637.804246][T23947] ? rcu_is_watching+0x12/0xc0 [ 637.804272][T23947] do_syscall_64+0xc9/0xf80 [ 637.804303][T23947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.804327][T23947] RIP: 0033:0x7f36b419aeb9 [ 637.804345][T23947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 637.804368][T23947] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 637.804391][T23947] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 637.804407][T23947] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff [ 637.804421][T23947] RBP: 00007f36b4208c1f R08: 0000000000000000 R09: 0000000000000000 [ 637.804436][T23947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 637.804449][T23947] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 637.804479][T23947] [ 638.030361][T23950] aoe: copy from user failed [ 638.035107][T23950] aoe: could not set interface list: too many interfaces [ 638.789842][T23970] bridge0: port 3(bond0) entered blocking state [ 638.833282][T23970] bridge0: port 3(bond0) entered disabled state [ 638.863984][T23970] bond0: entered allmulticast mode [ 638.869264][T23970] bond_slave_0: entered allmulticast mode [ 638.914037][T23970] bond_slave_1: entered allmulticast mode [ 638.949983][T23970] bond0: entered promiscuous mode [ 638.985169][T23970] bond_slave_0: entered promiscuous mode [ 639.012604][T23970] bond_slave_1: entered promiscuous mode [ 639.045005][T23970] bridge0: port 3(bond0) entered blocking state [ 639.051656][T23970] bridge0: port 3(bond0) entered forwarding state [ 640.258773][T24010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7455'. [ 640.386619][T24012] NFSD: Failed to start, no listeners configured. [ 642.964793][T24085] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7477'. [ 643.885203][T24104] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7485'. [ 644.355145][T24119] bridge0: port 4(dummy0) entered blocking state [ 644.448563][T24119] bridge0: port 4(dummy0) entered disabled state [ 644.484515][T24119] dummy0: entered allmulticast mode [ 644.588471][T24119] dummy0: entered promiscuous mode [ 644.696287][T24119] bridge0: port 4(dummy0) entered blocking state [ 644.702905][T24119] bridge0: port 4(dummy0) entered forwarding state [ 644.799623][T24127] bridge0: port 4(bond0) entered blocking state [ 644.815357][T24127] bridge0: port 4(bond0) entered disabled state [ 644.853028][T24127] bond0: entered allmulticast mode [ 644.868796][T24127] bond_slave_0: entered allmulticast mode [ 644.901606][T24127] bond_slave_1: entered allmulticast mode [ 644.927713][T24127] bond0: entered promiscuous mode [ 644.960486][T24127] bond_slave_0: entered promiscuous mode [ 644.982147][T24127] bond_slave_1: entered promiscuous mode [ 645.024449][T24127] bridge0: port 4(bond0) entered blocking state [ 645.031061][T24127] bridge0: port 4(bond0) entered forwarding state [ 645.945410][T24159] netlink: 346 bytes leftover after parsing attributes in process `syz.0.7503'. [ 646.853491][T24190] FAULT_INJECTION: forcing a failure. [ 646.853491][T24190] name failslab, interval 1, probability 0, space 0, times 0 [ 646.853533][T24190] CPU: 0 UID: 0 PID: 24190 Comm: syz.0.7508 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 646.853573][T24190] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 646.853584][T24190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 646.853599][T24190] Call Trace: [ 646.853606][T24190] [ 646.853615][T24190] dump_stack_lvl+0x100/0x190 [ 646.853648][T24190] should_fail_ex.cold+0x5/0xa [ 646.853702][T24190] should_failslab+0xc2/0x120 [ 646.853737][T24190] kmem_cache_alloc_noprof+0x83/0x780 [ 646.853770][T24190] ? sk_prot_alloc+0x60/0x2a0 [ 646.853800][T24190] ? sk_prot_alloc+0x60/0x2a0 [ 646.853821][T24190] sk_prot_alloc+0x60/0x2a0 [ 646.853848][T24190] sk_alloc+0x36/0xe80 [ 646.853882][T24190] pn_socket_create+0x22d/0x560 [ 646.853913][T24190] __sock_create+0x339/0x860 [ 646.853945][T24190] __sys_socket+0x14d/0x260 [ 646.853974][T24190] ? __pfx___sys_socket+0x10/0x10 [ 646.854002][T24190] ? xfd_validate_state+0x129/0x190 [ 646.854048][T24190] __x64_sys_socket+0x72/0xb0 [ 646.854075][T24190] ? lockdep_hardirqs_on+0x78/0x100 [ 646.854103][T24190] do_syscall_64+0xc9/0xf80 [ 646.854133][T24190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 646.854158][T24190] RIP: 0033:0x7f6d6e79aeb9 [ 646.854176][T24190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 646.854200][T24190] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 646.854223][T24190] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 646.854239][T24190] RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000023 [ 646.854254][T24190] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 646.854269][T24190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 646.854283][T24190] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 646.854313][T24190] [ 647.448823][T24202] netlink: 'syz.0.7513': attribute type 1 has an invalid length. [ 647.575534][T24203] FAULT_INJECTION: forcing a failure. [ 647.575534][T24203] name failslab, interval 1, probability 0, space 0, times 0 [ 647.575579][T24203] CPU: 0 UID: 0 PID: 24203 Comm: syz.2.7512 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 647.575621][T24203] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 647.575641][T24203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 647.575657][T24203] Call Trace: [ 647.575665][T24203] [ 647.575674][T24203] dump_stack_lvl+0x100/0x190 [ 647.575708][T24203] should_fail_ex.cold+0x5/0xa [ 647.575750][T24203] should_failslab+0xc2/0x120 [ 647.575785][T24203] kmem_cache_alloc_noprof+0x83/0x780 [ 647.575819][T24203] ? security_file_alloc+0x34/0x2c0 [ 647.575864][T24203] ? security_file_alloc+0x34/0x2c0 [ 647.575905][T24203] security_file_alloc+0x34/0x2c0 [ 647.575946][T24203] init_file+0x93/0x4c0 [ 647.575982][T24203] alloc_empty_file+0x73/0x1c0 [ 647.576019][T24203] dentry_open+0x46/0xd0 [ 647.576056][T24203] pidfs_alloc_file+0x18f/0x290 [ 647.576083][T24203] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 647.576118][T24203] pidfd_prepare+0x129/0x200 [ 647.576154][T24203] __x64_sys_pidfd_open+0x105/0x1a0 [ 647.576192][T24203] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 647.576233][T24203] ? rcu_is_watching+0x12/0xc0 [ 647.576260][T24203] do_syscall_64+0xc9/0xf80 [ 647.576292][T24203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.576319][T24203] RIP: 0033:0x7f9f2bb9aeb9 [ 647.576338][T24203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 647.576363][T24203] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 647.576386][T24203] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 647.576403][T24203] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 647.576417][T24203] RBP: 00007f9f2bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 647.576432][T24203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.576446][T24203] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 647.576478][T24203] [ 649.971853][T24248] zswap: compressor not available [ 652.400646][T24312] ovs_?: entered promiscuous mode [ 652.533892][ T30] audit: type=1804 audit(4294967604.113:20): pid=24320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.7541" name="/newroot/1875/file0" dev="tmpfs" ino=9448 res=1 errno=0 [ 652.987600][T24335] sctp: [Deprecated]: syz.0.7546 (pid 24335) Use of struct sctp_assoc_value in delayed_ack socket option. [ 652.987600][T24335] Use struct sctp_sack_info instead [ 653.311797][ T5145] Bluetooth: hci0: Malformed HCI Event [ 653.509079][T24350] netlink: 206 bytes leftover after parsing attributes in process `syz.2.7551'. [ 655.631439][T24397] netlink: 350 bytes leftover after parsing attributes in process `syz.2.7568'. [ 655.825196][T24400] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7570'. [ 656.364580][ T30] audit: type=1804 audit(4294967607.943:21): pid=24416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.7575" name="/newroot/1902/file0" dev="tmpfs" ino=9597 res=1 errno=0 [ 658.938908][T24503] program syz.0.7600 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 659.405470][T24513] FAULT_INJECTION: forcing a failure. [ 659.405470][T24513] name failslab, interval 1, probability 0, space 0, times 0 [ 659.473801][T24513] CPU: 0 UID: 0 PID: 24513 Comm: syz.0.7602 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 659.473847][T24513] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 659.473859][T24513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 659.473873][T24513] Call Trace: [ 659.473882][T24513] [ 659.473890][T24513] dump_stack_lvl+0x100/0x190 [ 659.473924][T24513] should_fail_ex.cold+0x5/0xa [ 659.473964][T24513] should_failslab+0xc2/0x120 [ 659.473999][T24513] kmem_cache_alloc_noprof+0x83/0x780 [ 659.474031][T24513] ? __pmd_alloc+0xbf/0x9c0 [ 659.474074][T24513] ? __pmd_alloc+0xbf/0x9c0 [ 659.474110][T24513] __pmd_alloc+0xbf/0x9c0 [ 659.474150][T24513] __handle_mm_fault+0xa99/0x2b50 [ 659.474180][T24513] ? mt_find+0x45e/0x8e0 [ 659.474212][T24513] ? __pfx___handle_mm_fault+0x10/0x10 [ 659.474237][T24513] ? __pfx_mt_find+0x10/0x10 [ 659.474297][T24513] handle_mm_fault+0x36d/0xa20 [ 659.474329][T24513] __get_user_pages+0xf9c/0x34d0 [ 659.474378][T24513] ? __pfx___get_user_pages+0x10/0x10 [ 659.474424][T24513] populate_vma_page_range+0x267/0x3f0 [ 659.474465][T24513] ? __pfx_populate_vma_page_range+0x10/0x10 [ 659.474504][T24513] ? __pfx_find_vma_intersection+0x10/0x10 [ 659.474541][T24513] ? do_mmap+0x93f/0x12f0 [ 659.474580][T24513] __mm_populate+0x107/0x3a0 [ 659.474619][T24513] ? __pfx___mm_populate+0x10/0x10 [ 659.474660][T24513] ? up_write+0x290/0x4f0 [ 659.474699][T24513] vm_mmap_pgoff+0x37f/0x470 [ 659.474739][T24513] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 659.474782][T24513] ? __x64_sys_futex+0x34f/0x4d0 [ 659.474815][T24513] ? __x64_sys_futex+0x358/0x4d0 [ 659.474852][T24513] ksys_mmap_pgoff+0x7d/0x5b0 [ 659.474892][T24513] __x64_sys_mmap+0x125/0x190 [ 659.474919][T24513] do_syscall_64+0xc9/0xf80 [ 659.474950][T24513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.474975][T24513] RIP: 0033:0x7f6d6e79aeb9 [ 659.474995][T24513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 659.475019][T24513] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 659.475042][T24513] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 659.475058][T24513] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 659.475073][T24513] RBP: 00007f6d6e808c1f R08: ffffffffffffffff R09: 0000000000008000 [ 659.475088][T24513] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 659.475102][T24513] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 659.475132][T24513] [ 659.950040][T24524] ubi: mtd0 is already attached to ubi31 [ 661.398464][T24584] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7620'. [ 665.253398][T24691] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7650'. [ 667.029238][T24738] zswap: compressor not available [ 668.353974][ T30] audit: type=1807 audit(2147483651.510:22): UNKNOWN= [ 668.380135][T24781] ima: policy update failed [ 668.484779][ T30] audit: type=1802 audit(2147483651.540:23): pid=24783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.7684" res=0 errno=0 [ 668.923062][ T30] audit: type=1802 audit(2147483652.080:24): pid=24781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.7684" res=0 errno=0 [ 671.674262][T24893] netlink: 206 bytes leftover after parsing attributes in process `syz.3.7713'. [ 672.106153][T24898] Process accounting resumed [ 676.211626][T25040] netlink: 21 bytes leftover after parsing attributes in process `syz.0.7757'. [ 679.579088][T25122] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7787'. [ 680.034119][ T30] audit: type=1800 audit(2147483663.190:25): pid=25135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7793" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 681.850378][T25193] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 684.741100][T25288] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 685.425232][T25310] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ekl*[GCHFx^ĒPktkyve' [ 685.699336][T25316] netlink: 'syz.0.7862': attribute type 1 has an invalid length. [ 685.821765][T25310] CIFS mount error: No usable UNC path provided in device string! [ 685.821765][T25310] [ 685.929715][T25310] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 688.109434][T25373] zswap: compressor not available [ 692.174363][T25567] Invalid ELF header len 5 [ 694.722245][T25650] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 695.037844][T25665] FAULT_INJECTION: forcing a failure. [ 695.037844][T25665] name failslab, interval 1, probability 0, space 0, times 0 [ 695.099119][T25665] CPU: 0 UID: 0 PID: 25665 Comm: syz.0.7947 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 695.099164][T25665] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 695.099175][T25665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 695.099190][T25665] Call Trace: [ 695.099197][T25665] [ 695.099206][T25665] dump_stack_lvl+0x100/0x190 [ 695.099240][T25665] should_fail_ex.cold+0x5/0xa [ 695.099280][T25665] should_failslab+0xc2/0x120 [ 695.099314][T25665] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 695.099350][T25665] ? __d_alloc+0x34/0xa80 [ 695.099385][T25665] ? __d_alloc+0x34/0xa80 [ 695.099413][T25665] __d_alloc+0x34/0xa80 [ 695.099440][T25665] ? __ns_ref_active_get+0x9f/0x1b0 [ 695.099483][T25665] path_from_stashed+0x427/0x750 [ 695.099519][T25665] open_namespace+0x93/0x1c0 [ 695.099549][T25665] ? __pfx_open_namespace+0x10/0x10 [ 695.099577][T25665] ? apparmor_capable+0x1d7/0x4e0 [ 695.099617][T25665] open_related_ns+0x41/0x70 [ 695.099645][T25665] __tun_chr_ioctl+0x2e55/0x47c0 [ 695.099681][T25665] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 695.099725][T25665] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 695.099764][T25665] ? find_held_lock+0x2b/0x80 [ 695.099787][T25665] ? hook_file_ioctl_common+0x146/0x410 [ 695.099830][T25665] ? __fget_files+0x21f/0x3d0 [ 695.099860][T25665] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 695.099899][T25665] __x64_sys_ioctl+0x18e/0x210 [ 695.099939][T25665] do_syscall_64+0xc9/0xf80 [ 695.099971][T25665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.099996][T25665] RIP: 0033:0x7f6d6e79aeb9 [ 695.100015][T25665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 695.100039][T25665] RSP: 002b:00007f6d6f67e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 695.100062][T25665] RAX: ffffffffffffffda RBX: 00007f6d6ea16090 RCX: 00007f6d6e79aeb9 [ 695.100077][T25665] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 695.100092][T25665] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 695.100106][T25665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.100120][T25665] R13: 00007f6d6ea16128 R14: 00007f6d6ea16090 R15: 00007ffe31177de8 [ 695.100156][T25665] [ 695.786677][T25688] futex_wake_op: syz.2.7952 tries to shift op by -2048; fix this program [ 695.815816][T25688] futex_wake_op: syz.2.7952 tries to shift op by -2048; fix this program [ 695.851082][T25688] 0x000000000001-0x000000020000 : "" [ 695.944335][T25688] ftl_cs: FTL header corrupt! [ 696.374588][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 696.381042][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 696.624112][T25711] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input32 [ 696.961595][T25722] ovs_: entered promiscuous mode [ 697.254253][T25730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7960'. [ 699.111559][T25811] bridge_slave_1: left allmulticast mode [ 699.134177][T25811] bridge_slave_1: left promiscuous mode [ 699.142803][T25811] bridge0: port 2(bridge_slave_1) entered disabled state [ 702.282823][T25906] Process accounting paused [ 702.647839][T25922] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8020'. [ 702.894956][T25929] bridge0: port 5(ipvlan0) entered blocking state [ 702.901747][T25929] bridge0: port 5(ipvlan0) entered disabled state [ 702.953244][T25929] ipvlan0: entered allmulticast mode [ 703.009489][T25929] veth0_vlan: entered allmulticast mode [ 703.046714][T25929] ipvlan0: left allmulticast mode [ 703.064161][T25929] veth0_vlan: left allmulticast mode [ 704.282787][T25979] FAULT_INJECTION: forcing a failure. [ 704.282787][T25979] name failslab, interval 1, probability 0, space 0, times 0 [ 704.343519][T25979] CPU: 0 UID: 0 PID: 25979 Comm: syz.0.8040 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 704.343568][T25979] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 704.343581][T25979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 704.343597][T25979] Call Trace: [ 704.343606][T25979] [ 704.343621][T25979] dump_stack_lvl+0x100/0x190 [ 704.343664][T25979] should_fail_ex.cold+0x5/0xa [ 704.343708][T25979] should_failslab+0xc2/0x120 [ 704.343746][T25979] kmem_cache_alloc_noprof+0x83/0x780 [ 704.343781][T25979] ? __pmd_alloc+0xbf/0x9c0 [ 704.343827][T25979] ? __pmd_alloc+0xbf/0x9c0 [ 704.343866][T25979] __pmd_alloc+0xbf/0x9c0 [ 704.343909][T25979] __handle_mm_fault+0xa99/0x2b50 [ 704.343941][T25979] ? mt_find+0x45e/0x8e0 [ 704.343975][T25979] ? __pfx___handle_mm_fault+0x10/0x10 [ 704.344002][T25979] ? __pfx_mt_find+0x10/0x10 [ 704.344060][T25979] handle_mm_fault+0x36d/0xa20 [ 704.344094][T25979] __get_user_pages+0xf9c/0x34d0 [ 704.344146][T25979] ? __pfx___get_user_pages+0x10/0x10 [ 704.344195][T25979] populate_vma_page_range+0x267/0x3f0 [ 704.344239][T25979] ? __pfx_populate_vma_page_range+0x10/0x10 [ 704.344281][T25979] ? __pfx_find_vma_intersection+0x10/0x10 [ 704.344321][T25979] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 704.344357][T25979] __mm_populate+0x107/0x3a0 [ 704.344403][T25979] ? __pfx___mm_populate+0x10/0x10 [ 704.344446][T25979] ? up_write+0x290/0x4f0 [ 704.344489][T25979] do_mlock+0x3f0/0x7f0 [ 704.344522][T25979] ? __pfx_do_mlock+0x10/0x10 [ 704.344550][T25979] ? __x64_sys_futex+0x34f/0x4d0 [ 704.344586][T25979] ? __x64_sys_futex+0x358/0x4d0 [ 704.344623][T25979] ? fput+0x79/0x100 [ 704.344664][T25979] ? xfd_validate_state+0x129/0x190 [ 704.344715][T25979] __x64_sys_mlock+0x59/0x80 [ 704.344747][T25979] do_syscall_64+0xc9/0xf80 [ 704.344781][T25979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.344808][T25979] RIP: 0033:0x7f6d6e79aeb9 [ 704.344828][T25979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 704.344853][T25979] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 704.344878][T25979] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 704.344896][T25979] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000fbe8 [ 704.344911][T25979] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 704.344927][T25979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 704.344942][T25979] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 704.344976][T25979] [ 708.931136][ T5145] Bluetooth: hci3: unexpected event 0x03 length: 43 > 11 [ 711.836493][T26232] bridge0: port 2(veth0_to_bridge) entered blocking state [ 711.876009][T26235] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8126'. [ 711.907209][T26232] bridge0: port 2(veth0_to_bridge) entered disabled state [ 711.946002][T26232] veth0_to_bridge: entered allmulticast mode [ 711.979175][T26232] veth0_to_bridge: entered promiscuous mode [ 712.011671][T26232] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 712.115239][T26232] bridge0: port 2(veth0_to_bridge) entered blocking state [ 712.122931][T26232] bridge0: port 2(veth0_to_bridge) entered listening state [ 712.861208][T26259] netlink: 100 bytes leftover after parsing attributes in process `syz.1.8135'. [ 713.203910][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 713.217967][ C0] bridge0: port 2(veth0_to_bridge) entered blocking state [ 713.834053][T26293] FAULT_INJECTION: forcing a failure. [ 713.834053][T26293] name failslab, interval 1, probability 0, space 0, times 0 [ 713.898064][T26293] CPU: 0 UID: 0 PID: 26293 Comm: syz.2.8146 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 713.898110][T26293] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 713.898121][T26293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 713.898136][T26293] Call Trace: [ 713.898143][T26293] [ 713.898152][T26293] dump_stack_lvl+0x100/0x190 [ 713.898186][T26293] should_fail_ex.cold+0x5/0xa [ 713.898226][T26293] should_failslab+0xc2/0x120 [ 713.898260][T26293] ? __vb2_queue_alloc+0x23e/0x1150 [ 713.898294][T26293] __kmalloc_noprof+0xf6/0x9c0 [ 713.898316][T26293] ? vb2_core_reqbufs+0x3b9/0xf30 [ 713.898367][T26293] ? __vb2_queue_alloc+0x23e/0x1150 [ 713.898400][T26293] __vb2_queue_alloc+0x23e/0x1150 [ 713.898449][T26293] vb2_core_reqbufs+0x899/0xf30 [ 713.898491][T26293] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 713.898542][T26293] __vb2_init_fileio+0x32d/0xff0 [ 713.898577][T26293] ? lockdep_hardirqs_on+0x78/0x100 [ 713.898608][T26293] ? __pollwait+0x276/0x470 [ 713.898635][T26293] vb2_core_poll+0x611/0x740 [ 713.898677][T26293] vb2_poll+0x4b/0xe0 [ 713.898709][T26293] vb2_fop_poll+0x10e/0x350 [ 713.898743][T26293] ? __pfx_vb2_fop_poll+0x10/0x10 [ 713.898775][T26293] v4l2_poll+0x15f/0x220 [ 713.898805][T26293] ? __pfx_v4l2_poll+0x10/0x10 [ 713.898834][T26293] do_sys_poll+0x6e5/0xeb0 [ 713.898869][T26293] ? __pfx_do_sys_poll+0x10/0x10 [ 713.898917][T26293] ? __futex_wait+0x256/0x300 [ 713.898942][T26293] ? __pfx___pollwait+0x10/0x10 [ 713.898970][T26293] ? __pfx_pollwake+0x10/0x10 [ 713.899036][T26293] ? ktime_get_ts64+0x2d2/0x3f0 [ 713.899067][T26293] ? read_tsc+0x9/0x20 [ 713.899096][T26293] ? ktime_get_ts64+0x256/0x3f0 [ 713.899129][T26293] ? poll_select_set_timeout+0xcc/0x160 [ 713.899160][T26293] __x64_sys_poll+0x1a6/0x440 [ 713.899185][T26293] ? __pfx___x64_sys_poll+0x10/0x10 [ 713.899220][T26293] do_syscall_64+0xc9/0xf80 [ 713.899251][T26293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.899275][T26293] RIP: 0033:0x7f9f2bb9aeb9 [ 713.899294][T26293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 713.899318][T26293] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 713.899347][T26293] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 713.899363][T26293] RDX: 0000000000000007 RSI: 0000000000000003 RDI: 0000200000000480 [ 713.899378][T26293] RBP: 00007f9f2bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 713.899393][T26293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 713.899407][T26293] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 713.899439][T26293] [ 714.364927][T26298] FAULT_INJECTION: forcing a failure. [ 714.364927][T26298] name failslab, interval 1, probability 0, space 0, times 0 [ 714.377881][T26298] CPU: 0 UID: 0 PID: 26298 Comm: syz.1.8149 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 714.377927][T26298] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 714.377938][T26298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 714.377953][T26298] Call Trace: [ 714.377964][T26298] [ 714.377974][T26298] dump_stack_lvl+0x100/0x190 [ 714.378007][T26298] should_fail_ex.cold+0x5/0xa [ 714.378048][T26298] should_failslab+0xc2/0x120 [ 714.378081][T26298] ? create_ruleset+0x21/0x140 [ 714.378111][T26298] __kmalloc_noprof+0xf6/0x9c0 [ 714.378137][T26298] ? find_held_lock+0x2b/0x80 [ 714.378166][T26298] ? create_ruleset+0x21/0x140 [ 714.378195][T26298] create_ruleset+0x21/0x140 [ 714.378227][T26298] landlock_create_ruleset+0x77/0x230 [ 714.378263][T26298] __do_sys_landlock_create_ruleset+0x255/0x4b0 [ 714.378321][T26298] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 714.378353][T26298] ? xfd_validate_state+0x129/0x190 [ 714.378402][T26298] do_syscall_64+0xc9/0xf80 [ 714.378434][T26298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.378459][T26298] RIP: 0033:0x7f36b419aeb9 [ 714.378478][T26298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 714.378501][T26298] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 714.378524][T26298] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 714.378541][T26298] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 714.378556][T26298] RBP: 00007f36b4208c1f R08: 0000000000000000 R09: 0000000000000000 [ 714.378570][T26298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 714.378584][T26298] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 714.378615][T26298] [ 714.717540][T26305] netlink: 342 bytes leftover after parsing attributes in process `syz.0.8150'. [ 715.362970][T26327] bridge0: port 4(veth0_to_bridge) entered blocking state [ 715.377153][T26327] bridge0: port 4(veth0_to_bridge) entered disabled state [ 715.377335][T26327] veth0_to_bridge: entered allmulticast mode [ 715.387310][T26327] veth0_to_bridge: entered promiscuous mode [ 715.387473][T26327] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 715.387909][T26327] bridge0: port 4(veth0_to_bridge) entered blocking state [ 715.387998][T26327] bridge0: port 4(veth0_to_bridge) entered forwarding state [ 715.928235][T26343] netlink: 'syz.0.8166': attribute type 1 has an invalid length. [ 718.696119][T26442] netlink: 186 bytes leftover after parsing attributes in process `syz.0.8201'. [ 719.765480][T26501] FAULT_INJECTION: forcing a failure. [ 719.765480][T26501] name failslab, interval 1, probability 0, space 0, times 0 [ 719.838886][T26501] CPU: 0 UID: 0 PID: 26501 Comm: syz.0.8213 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 719.838932][T26501] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 719.838943][T26501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 719.838958][T26501] Call Trace: [ 719.838965][T26501] [ 719.838975][T26501] dump_stack_lvl+0x100/0x190 [ 719.839008][T26501] should_fail_ex.cold+0x5/0xa [ 719.839055][T26501] should_failslab+0xc2/0x120 [ 719.839089][T26501] __kmalloc_cache_noprof+0x80/0x810 [ 719.839115][T26501] ? snd_seq_port_connect+0x61/0x560 [ 719.839142][T26501] ? snd_seq_port_use_ptr+0x14d/0x1b0 [ 719.839168][T26501] ? snd_seq_port_connect+0x61/0x560 [ 719.839192][T26501] snd_seq_port_connect+0x61/0x560 [ 719.839217][T26501] ? _raw_read_unlock+0x28/0x50 [ 719.839243][T26501] ? check_subscription_permission.isra.0+0x146/0x240 [ 719.839274][T26501] snd_seq_ioctl_subscribe_port+0x20d/0x4f0 [ 719.839306][T26501] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 719.839347][T26501] call_seq_client_ctl+0xa3/0x130 [ 719.839373][T26501] snd_seq_kernel_client_ctl+0x77/0xd0 [ 719.839400][T26501] snd_seq_oss_midi_open+0x48b/0x6b0 [ 719.839435][T26501] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 719.839469][T26501] ? snd_seq_oss_midi_reset+0x11a/0x4c0 [ 719.839503][T26501] ? __pfx___might_resched+0x10/0x10 [ 719.839547][T26501] ? __mutex_lock+0x26a/0x1b90 [ 719.839583][T26501] snd_seq_oss_synth_reset+0x439/0x8e0 [ 719.839619][T26501] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 719.839654][T26501] ? __pfx___fsnotify_parent+0x10/0x10 [ 719.839689][T26501] snd_seq_oss_reset+0x73/0x290 [ 719.839716][T26501] ? __pfx_odev_release+0x10/0x10 [ 719.839742][T26501] snd_seq_oss_release+0x7c/0x180 [ 719.839769][T26501] ? __pfx_odev_release+0x10/0x10 [ 719.839792][T26501] odev_release+0x56/0xa0 [ 719.839815][T26501] __fput+0x3ff/0xb40 [ 719.839855][T26501] task_work_run+0x150/0x240 [ 719.839895][T26501] ? __pfx_task_work_run+0x10/0x10 [ 719.839941][T26501] exit_to_user_mode_loop+0x100/0x4b0 [ 719.839975][T26501] ? rcu_is_watching+0x12/0xc0 [ 719.840000][T26501] do_syscall_64+0x4ea/0xf80 [ 719.840038][T26501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.840063][T26501] RIP: 0033:0x7f6d6e79aeb9 [ 719.840082][T26501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 719.840106][T26501] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 719.840130][T26501] RAX: 0000000000000000 RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 719.840146][T26501] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 719.840161][T26501] RBP: 00007f6d6e808c1f R08: 0000000000000000 R09: 0000000000000000 [ 719.840176][T26501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 719.840190][T26501] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 719.840221][T26501] [ 723.067498][T26580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8246'. [ 724.087373][T26614] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8259'. [ 724.756330][T26641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8267'. [ 724.792772][T26641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8267'. [ 724.884897][T26646] FAULT_INJECTION: forcing a failure. [ 724.884897][T26646] name failslab, interval 1, probability 0, space 0, times 0 [ 724.928692][T26646] CPU: 0 UID: 0 PID: 26646 Comm: syz.1.8269 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 724.928739][T26646] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 724.928750][T26646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 724.928765][T26646] Call Trace: [ 724.928773][T26646] [ 724.928783][T26646] dump_stack_lvl+0x100/0x190 [ 724.928817][T26646] should_fail_ex.cold+0x5/0xa [ 724.928858][T26646] should_failslab+0xc2/0x120 [ 724.928897][T26646] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 724.928929][T26646] ? dquot_alloc_inode+0x51b/0xb10 [ 724.928966][T26646] ? __d_alloc+0x34/0xa80 [ 724.928999][T26646] ? __d_alloc+0x34/0xa80 [ 724.929027][T26646] __d_alloc+0x34/0xa80 [ 724.929060][T26646] d_alloc_pseudo+0x1c/0xc0 [ 724.929097][T26646] alloc_file_pseudo+0xcf/0x230 [ 724.929152][T26646] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 724.929198][T26646] __shmem_file_setup+0x1a3/0x330 [ 724.929226][T26646] shmem_zero_setup+0x93/0x1b0 [ 724.929259][T26646] __mmap_region+0x2101/0x2820 [ 724.929291][T26646] ? __pfx___mmap_region+0x10/0x10 [ 724.929339][T26646] ? finish_task_switch.isra.0+0x204/0xb70 [ 724.929367][T26646] ? lockdep_hardirqs_on+0x78/0x100 [ 724.929399][T26646] ? finish_task_switch.isra.0+0x204/0xb70 [ 724.929479][T26646] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 724.929518][T26646] ? rcu_is_watching+0x12/0xc0 [ 724.929549][T26646] mmap_region+0x180/0x3e0 [ 724.929583][T26646] do_mmap+0xc63/0x12f0 [ 724.929627][T26646] ? __pfx_do_mmap+0x10/0x10 [ 724.929663][T26646] ? __pfx_down_write_killable+0x10/0x10 [ 724.929702][T26646] vm_mmap_pgoff+0x29e/0x470 [ 724.929743][T26646] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 724.929787][T26646] ? __x64_sys_futex+0x34f/0x4d0 [ 724.929819][T26646] ? __x64_sys_futex+0x358/0x4d0 [ 724.929856][T26646] ksys_mmap_pgoff+0x7d/0x5b0 [ 724.929896][T26646] __x64_sys_mmap+0x125/0x190 [ 724.929922][T26646] do_syscall_64+0xc9/0xf80 [ 724.929953][T26646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.929978][T26646] RIP: 0033:0x7f36b419aeb9 [ 724.929997][T26646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 724.930021][T26646] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 724.930045][T26646] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 724.930061][T26646] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 724.930075][T26646] RBP: 00007f36b4208c1f R08: fffffffffffffffa R09: 0000000000008000 [ 724.930091][T26646] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 724.930105][T26646] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 724.930142][T26646] [ 725.952302][T26673] sg_write: process 4364 (syz.2.8280) changed security contexts after opening file descriptor, this is not allowed. [ 726.240925][T26683] FAULT_INJECTION: forcing a failure. [ 726.240925][T26683] name failslab, interval 1, probability 0, space 0, times 0 [ 726.302529][T26683] CPU: 0 UID: 0 PID: 26683 Comm: syz.2.8283 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 726.302581][T26683] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 726.302593][T26683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 726.302608][T26683] Call Trace: [ 726.302615][T26683] [ 726.302624][T26683] dump_stack_lvl+0x100/0x190 [ 726.302658][T26683] should_fail_ex.cold+0x5/0xa [ 726.302698][T26683] should_failslab+0xc2/0x120 [ 726.302732][T26683] __kvmalloc_node_noprof+0x101/0xac0 [ 726.302762][T26683] ? __x64_sys_futex+0x34f/0x4d0 [ 726.302795][T26683] ? __x64_sys_futex+0x358/0x4d0 [ 726.302828][T26683] ? keyctl_update_key+0xdf/0x160 [ 726.302884][T26683] ? keyctl_update_key+0xdf/0x160 [ 726.302912][T26683] keyctl_update_key+0xdf/0x160 [ 726.302943][T26683] __do_sys_keyctl+0x302/0x5a0 [ 726.302978][T26683] do_syscall_64+0xc9/0xf80 [ 726.303016][T26683] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.303041][T26683] RIP: 0033:0x7f9f2bb9aeb9 [ 726.303059][T26683] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 726.303083][T26683] RSP: 002b:00007f9f2c9df028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 726.303107][T26683] RAX: ffffffffffffffda RBX: 00007f9f2be15fa0 RCX: 00007f9f2bb9aeb9 [ 726.303123][T26683] RDX: 0000000000000107 RSI: ffffeffffffffffe RDI: 0000000000000002 [ 726.303138][T26683] RBP: 00007f9f2bc08c1f R08: 000800000000000c R09: 0000000000000000 [ 726.303153][T26683] R10: 0000000000000803 R11: 0000000000000246 R12: 0000000000000000 [ 726.303167][T26683] R13: 00007f9f2be16038 R14: 00007f9f2be15fa0 R15: 00007ffdf47ac1c8 [ 726.303197][T26683] [ 728.580165][T26755] ubi: mtd0 is already attached to ubi31 [ 729.615492][T26735] kexec: Could not allocate control_code_buffer [ 731.118245][ T5145] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 732.545057][T26875] Process accounting resumed [ 732.659570][T26889] ovs_: entered promiscuous mode [ 733.370642][T26918] bridge0: port 5(team0) entered blocking state [ 733.400904][T26918] bridge0: port 5(team0) entered disabled state [ 733.421558][T26918] team0: entered allmulticast mode [ 733.439991][T26918] team_slave_0: entered allmulticast mode [ 733.470569][T26918] team_slave_1: entered allmulticast mode [ 733.501051][T26918] team0: entered promiscuous mode [ 733.518026][T26918] team_slave_0: entered promiscuous mode [ 733.542357][T26918] team_slave_1: entered promiscuous mode [ 733.572470][T26918] bridge0: port 5(team0) entered blocking state [ 733.579042][T26918] bridge0: port 5(team0) entered forwarding state [ 734.482168][T26970] netlink: Unknown conntrack attr (0) [ 735.007929][T26980] zswap: compressor not available [ 737.731823][T27083] bridge0: port 6(syz_tun) entered blocking state [ 737.759578][T27083] bridge0: port 6(syz_tun) entered disabled state [ 737.788846][T27083] syz_tun: entered allmulticast mode [ 737.820209][T27083] syz_tun: entered promiscuous mode [ 737.849164][T27083] bridge0: port 6(syz_tun) entered blocking state [ 737.856207][T27083] bridge0: port 6(syz_tun) entered forwarding state [ 738.631182][T27108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8430'. [ 739.482122][T27120] zswap: compressor not available [ 740.441724][T27165] netlink: 'syz.2.8450': attribute type 2 has an invalid length. [ 741.194134][T27188] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 741.200684][T27188] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 742.602917][T27219] could not allocate digest TFM handle [ 743.275096][T27256] syz.2.8481 (27256) used obsolete PPPIOCDETACH ioctl [ 743.405317][T27264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8484'. [ 743.860841][T27283] FAULT_INJECTION: forcing a failure. [ 743.860841][T27283] name failslab, interval 1, probability 0, space 0, times 0 [ 743.933003][T27283] CPU: 0 UID: 0 PID: 27283 Comm: syz.0.8491 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 743.933048][T27283] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 743.933059][T27283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 743.933081][T27283] Call Trace: [ 743.933088][T27283] [ 743.933097][T27283] dump_stack_lvl+0x100/0x190 [ 743.933130][T27283] should_fail_ex.cold+0x5/0xa [ 743.933171][T27283] should_failslab+0xc2/0x120 [ 743.933205][T27283] ? iovec_from_user+0x108/0x140 [ 743.933242][T27283] __kmalloc_noprof+0xf6/0x9c0 [ 743.933266][T27283] ? __import_iovec+0x1d2/0x640 [ 743.933310][T27283] ? iovec_from_user+0x108/0x140 [ 743.933345][T27283] ? import_iovec+0x82/0xb0 [ 743.933380][T27283] iovec_from_user+0x108/0x140 [ 743.933420][T27283] process_vm_rw+0x1e5/0x2d0 [ 743.933458][T27283] ? __pfx_process_vm_rw+0x10/0x10 [ 743.933496][T27283] ? do_user_addr_fault+0x8d6/0x12f0 [ 743.933550][T27283] ? xfd_validate_state+0x129/0x190 [ 743.933587][T27283] ? __task_pid_nr_ns+0x1f5/0x500 [ 743.933624][T27283] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 743.933657][T27283] ? do_syscall_64+0x94/0xf80 [ 743.933685][T27283] ? lockdep_hardirqs_on+0x78/0x100 [ 743.933712][T27283] do_syscall_64+0xc9/0xf80 [ 743.933743][T27283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.933767][T27283] RIP: 0033:0x7f6d6e79aeb9 [ 743.933786][T27283] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 743.933810][T27283] RSP: 002b:00007f6d6f69f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 743.933832][T27283] RAX: ffffffffffffffda RBX: 00007f6d6ea15fa0 RCX: 00007f6d6e79aeb9 [ 743.933872][T27283] RDX: 0000040000000001 RSI: 0000200000000000 RDI: 0000000000001169 [ 743.933888][T27283] RBP: 00007f6d6e808c1f R08: 000000000000000a R09: 0000000000000000 [ 743.933902][T27283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 743.933917][T27283] R13: 00007f6d6ea16038 R14: 00007f6d6ea15fa0 R15: 00007ffe31177de8 [ 743.933948][T27283] [ 744.215498][T27280] netlink: set zone limit has 8 unknown bytes [ 744.742753][T27301] sock: sock_set_timeout: `syz.2.8498' (pid 27301) tries to set negative timeout [ 745.261975][T27318] netlink: 342 bytes leftover after parsing attributes in process `syz.2.8505'. [ 745.673937][T27330] openvswitch: netlink: IP tunnel TTL not specified. [ 749.047899][T27435] futex_wake_op: syz.2.8545 tries to shift op by -2048; fix this program [ 751.226477][T27499] FAULT_INJECTION: forcing a failure. [ 751.226477][T27499] name failslab, interval 1, probability 0, space 0, times 0 [ 751.314445][T27499] CPU: 0 UID: 0 PID: 27499 Comm: syz.1.8568 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 751.314491][T27499] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 751.314502][T27499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 751.314517][T27499] Call Trace: [ 751.314524][T27499] [ 751.314533][T27499] dump_stack_lvl+0x100/0x190 [ 751.314567][T27499] should_fail_ex.cold+0x5/0xa [ 751.314607][T27499] should_failslab+0xc2/0x120 [ 751.314642][T27499] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 751.314674][T27499] ? mas_alloc_nodes+0x280/0x390 [ 751.314698][T27499] ? shmem_alloc_inode+0x25/0x50 [ 751.314738][T27499] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 751.314774][T27499] ? shmem_alloc_inode+0x25/0x50 [ 751.314809][T27499] shmem_alloc_inode+0x25/0x50 [ 751.314844][T27499] alloc_inode+0x68/0x250 [ 751.314880][T27499] new_inode+0x22/0x1c0 [ 751.314918][T27499] shmem_get_inode+0x197/0xf30 [ 751.314946][T27499] __shmem_file_setup+0x107/0x330 [ 751.314974][T27499] shmem_zero_setup+0x93/0x1b0 [ 751.315007][T27499] __mmap_region+0x2101/0x2820 [ 751.315040][T27499] ? __pfx___mmap_region+0x10/0x10 [ 751.315088][T27499] ? finish_task_switch.isra.0+0x204/0xb70 [ 751.315116][T27499] ? lockdep_hardirqs_on+0x78/0x100 [ 751.315144][T27499] ? finish_task_switch.isra.0+0x204/0xb70 [ 751.315223][T27499] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 751.315271][T27499] ? rcu_is_watching+0x12/0xc0 [ 751.315302][T27499] mmap_region+0x180/0x3e0 [ 751.315337][T27499] do_mmap+0xc63/0x12f0 [ 751.315378][T27499] ? __pfx_do_mmap+0x10/0x10 [ 751.315414][T27499] ? __pfx_down_write_killable+0x10/0x10 [ 751.315447][T27499] ? rcu_read_lock_any_held+0x6a/0xa0 [ 751.315477][T27499] vm_mmap_pgoff+0x29e/0x470 [ 751.315518][T27499] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 751.315556][T27499] ? __do_sys_close_range+0x230/0x740 [ 751.315589][T27499] ? __x64_sys_futex+0x34f/0x4d0 [ 751.315622][T27499] ? __x64_sys_futex+0x358/0x4d0 [ 751.315659][T27499] ksys_mmap_pgoff+0x7d/0x5b0 [ 751.315699][T27499] __x64_sys_mmap+0x125/0x190 [ 751.315725][T27499] do_syscall_64+0xc9/0xf80 [ 751.315756][T27499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.315780][T27499] RIP: 0033:0x7f36b419aeb9 [ 751.315800][T27499] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 751.315824][T27499] RSP: 002b:00007f36b505f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 751.315847][T27499] RAX: ffffffffffffffda RBX: 00007f36b4415fa0 RCX: 00007f36b419aeb9 [ 751.315864][T27499] RDX: 0100001000000004 RSI: 0000000000000061 RDI: 0000000000000000 [ 751.315879][T27499] RBP: 00007f36b4208c1f R08: 0000000000000400 R09: 0000000000008000 [ 751.315893][T27499] R10: 000000000000fa31 R11: 0000000000000246 R12: 0000000000000000 [ 751.315908][T27499] R13: 00007f36b4416038 R14: 00007f36b4415fa0 R15: 00007ffe5b96d388 [ 751.315939][T27499] [ 751.970041][T27509] overlayfs: missing 'lowerdir' [ 753.076252][T27551] netlink: 338 bytes leftover after parsing attributes in process `syz.3.8586'. [ 753.707244][T27575] Ignoring unsupported numa_zonelist_order value: [ 758.857505][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 759.359562][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 760.393642][ C0] sched: DL replenish lagged too much [ 819.317198][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 844.476608][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 859.013588][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 859.020845][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P27579/1:b..l [ 859.029497][ C0] rcu: (detected by 0, t=10502 jiffies, g=111793, q=276 ncpus=1) [ 859.037321][ C0] task:syz.0.8570 state:R running task stack:27048 pid:27579 tgid:27578 ppid:5823 task_flags:0x40054c flags:0x00080000 [ 859.052135][ C0] Call Trace: [ 859.055437][ C0] [ 859.058419][ C0] ? __schedule+0xf65/0x5e10 [ 859.063198][ C0] __schedule+0xfe4/0x5e10 [ 859.067650][ C0] ? __pfx___schedule+0x10/0x10 [ 859.072541][ C0] ? mark_held_locks+0x40/0x70 [ 859.077331][ C0] preempt_schedule_irq+0x50/0x90 [ 859.082461][ C0] irqentry_exit+0x17b/0x670 [ 859.087252][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 859.093253][ C0] RIP: 0010:uncharge_folio+0x541/0x9b0 [ 859.098828][ C0] Code: 3c 02 00 0f 85 14 04 00 00 48 c7 43 38 00 00 00 00 e9 20 fe ff ff e8 6e ae 71 ff 31 d2 45 31 c9 45 31 c0 48 8d 05 00 00 00 00 <50> b9 02 00 00 00 31 f6 48 c7 c7 20 31 5e 8e e8 5b 3d 69 ff e8 c6 [ 859.118635][ C0] RSP: 0018:ffffc9000f217458 EFLAGS: 00000246 [ 859.124748][ C0] RAX: ffffffff827948d1 RBX: ffffea0002016b00 RCX: ffffffff827947ca [ 859.132884][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888034b24184 [ 859.141072][ C0] RBP: ffffea0002016b00 R08: 0000000000000000 R09: 0000000000000000 [ 859.149425][ C0] R10: ffffea0002016b07 R11: 0000000000000000 R12: ffff88814045a7c0 [ 859.157569][ C0] R13: 0000000000000001 R14: ffffea0002016b38 R15: 0000000000000000 [ 859.165580][ C0] ? uncharge_folio+0x541/0x9b0 [ 859.170629][ C0] ? uncharge_folio+0x43a/0x9b0 [ 859.175518][ C0] ? uncharge_folio+0x532/0x9b0 [ 859.180552][ C0] __mem_cgroup_uncharge_folios+0x11b/0x1e0 [ 859.186508][ C0] ? rcu_is_watching+0x12/0xc0 [ 859.191300][ C0] ? __pfx___mem_cgroup_uncharge_folios+0x10/0x10 [ 859.198205][ C0] ? mark_held_locks+0x40/0x70 [ 859.203014][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 859.209031][ C0] folios_put_refs+0x52f/0x840 [ 859.214085][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 859.219492][ C0] free_pages_and_swap_cache+0x242/0x480 [ 859.225144][ C0] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 859.231366][ C0] ? __pfx___might_resched+0x10/0x10 [ 859.236705][ C0] __tlb_batch_free_encoded_pages+0xe9/0x280 [ 859.242720][ C0] tlb_finish_mmu+0x1b0/0x810 [ 859.247429][ C0] exit_mmap+0x3c5/0xae0 [ 859.251791][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 859.256599][ C0] ? __lock_acquire+0x4a5/0x2630 [ 859.261651][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 859.267386][ C0] __mmput+0x12a/0x410 [ 859.271646][ C0] mmput+0x67/0x80 [ 859.275392][ C0] do_exit+0x78a/0x2a30 [ 859.280008][ C0] ? __pfx_do_exit+0x10/0x10 [ 859.284628][ C0] ? do_raw_spin_lock+0x128/0x260 [ 859.289675][ C0] ? find_held_lock+0x2b/0x80 [ 859.294447][ C0] ? get_signal+0x7e0/0x21e0 [ 859.299057][ C0] do_group_exit+0xd5/0x2a0 [ 859.303590][ C0] get_signal+0x1ec7/0x21e0 [ 859.308140][ C0] ? __pfx_get_signal+0x10/0x10 [ 859.313095][ C0] ? do_futex+0x192/0x350 [ 859.317448][ C0] arch_do_signal_or_restart+0x91/0x770 [ 859.323026][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 859.329386][ C0] ? __pfx___x64_sys_futex+0x10/0x10 [ 859.334781][ C0] exit_to_user_mode_loop+0x86/0x4b0 [ 859.340104][ C0] ? rcu_is_watching+0x12/0xc0 [ 859.344897][ C0] do_syscall_64+0x4ea/0xf80 [ 859.349513][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 859.355544][ C0] RIP: 0033:0x7f6d6e79aeb9 [ 859.359975][ C0] RSP: 002b:00007f6d6f69f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 859.368629][ C0] RAX: fffffffffffffe00 RBX: 00007f6d6ea15fa8 RCX: 00007f6d6e79aeb9 [ 859.376772][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6d6ea15fa8 [ 859.384774][ C0] RBP: 00007f6d6ea15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 859.392787][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 859.400768][ C0] R13: 00007f6d6ea16038 R14: 00007ffe31177d00 R15: 00007ffe31177de8 [ 859.408862][ C0] [ 859.411922][ C0] rcu: rcu_preempt kthread starved for 255 jiffies! g111793 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 859.423048][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 859.433215][ C0] rcu: RCU grace-period kthread stack dump: [ 859.439141][ C0] task:rcu_preempt state:R running task stack:28552 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 859.452933][ C0] Call Trace: [ 859.456221][ C0] [ 859.459165][ C0] ? __schedule+0xf65/0x5e10 [ 859.463771][ C0] __schedule+0xfe4/0x5e10 [ 859.468213][ C0] ? __lock_acquire+0x4a5/0x2630 [ 859.473294][ C0] ? __pfx___schedule+0x10/0x10 [ 859.478343][ C0] ? find_held_lock+0x2b/0x80 [ 859.483194][ C0] ? schedule+0x2bf/0x390 [ 859.487557][ C0] schedule+0xdd/0x390 [ 859.491687][ C0] schedule_timeout+0x127/0x280 [ 859.496604][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 859.502012][ C0] ? __pfx_process_timeout+0x10/0x10 [ 859.507405][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 859.513444][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 859.518937][ C0] rcu_gp_fqs_loop+0x1a9/0xb00 [ 859.523730][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 859.529297][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 859.534862][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 859.539820][ C0] ? __pfx_rcu_gp_cleanup+0x10/0x10 [ 859.545035][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 859.550859][ C0] rcu_gp_kthread+0x21e/0x320 [ 859.555554][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 859.560767][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 859.566589][ C0] ? __kthread_parkme+0x18c/0x230 [ 859.571633][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 859.576852][ C0] kthread+0x3b3/0x730 [ 859.580943][ C0] ? __pfx_kthread+0x10/0x10 [ 859.585760][ C0] ? ret_from_fork+0x79/0xaf0 [ 859.590474][ C0] ? ret_from_fork+0x79/0xaf0 [ 859.595181][ C0] ? rcu_is_watching+0x12/0xc0 [ 859.599962][ C0] ? __pfx_kthread+0x10/0x10 [ 859.604626][ C0] ret_from_fork+0x754/0xaf0 [ 859.609230][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 859.614612][ C0] ? __switch_to+0x7b9/0x10c0 [ 859.619421][ C0] ? __pfx_kthread+0x10/0x10 [ 859.624069][ C0] ret_from_fork_asm+0x1a/0x30 [ 859.628896][ C0] [ 859.631943][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 859.638397][ C0] CPU: 0 UID: 0 PID: 3408 Comm: kworker/R-bat_e Tainted: G U I L syzkaller #0 PREEMPT(full) [ 859.649825][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 859.657201][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 859.667464][ C0] Workqueue: bat_events batadv_tt_purge [ 859.673238][ C0] RIP: 0010:lock_release+0x19e/0x2e0 [ 859.678549][ C0] Code: ff 65 0f c1 05 5b 8a 01 12 83 f8 01 0f 85 f7 00 00 00 9c 58 f6 c4 02 0f 85 0c 01 00 00 41 f7 c6 00 02 00 00 0f 85 99 00 00 00 <48> 8b 44 24 10 65 48 2b 05 ed 42 01 12 0f 85 0f 01 00 00 48 83 c4 [ 859.698792][ C0] RSP: 0018:ffffc90000006b58 EFLAGS: 00000206 [ 859.705273][ C0] RAX: 0000000000000046 RBX: ffffffff8e5e3120 RCX: ffffc90000006b64 [ 859.713354][ C0] RDX: 0000000000000004 RSI: ffffffff8dc1b439 RDI: ffffffff8bfa32a0 [ 859.721439][ C0] RBP: ffffffff81b6438e R08: 0000000000000001 R09: 0000000000000007 [ 859.729426][ C0] R10: 0000000000000200 R11: 0000000000094603 R12: ffff888031d21e80 [ 859.737502][ C0] R13: ffffc90000006c10 R14: 0000000000000206 R15: 0000000000000005 [ 859.745568][ C0] FS: 0000000000000000(0000) GS:ffff8881245e3000(0000) knlGS:0000000000000000 [ 859.754508][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 859.761218][ C0] CR2: 00007f0e2e532f8c CR3: 00000000628fc000 CR4: 00000000003526f0 [ 859.769388][ C0] Call Trace: [ 859.772703][ C0] [ 859.775607][ C0] unwind_next_frame+0x3c3/0x1ea0 [ 859.780682][ C0] ? br_handle_frame+0xeec/0x1510 [ 859.785740][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 859.792001][ C0] arch_stack_walk+0x94/0xf0 [ 859.796613][ C0] ? __netif_receive_skb_core.constprop.0+0x6d7/0x3460 [ 859.803544][ C0] stack_trace_save+0x8e/0xc0 [ 859.808236][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 859.813640][ C0] ? __lock_acquire+0x4a5/0x2630 [ 859.818613][ C0] kasan_save_stack+0x30/0x50 [ 859.823328][ C0] ? kasan_save_stack+0x30/0x50 [ 859.828211][ C0] ? kasan_save_track+0x14/0x30 [ 859.833097][ C0] ? kasan_save_free_info+0x3b/0x70 [ 859.838397][ C0] ? __kasan_slab_free+0x5f/0x80 [ 859.843436][ C0] ? kmem_cache_free+0x143/0x720 [ 859.848560][ C0] ? kfree_skbmem+0x19a/0x210 [ 859.853374][ C0] ? sk_skb_reason_drop+0x10f/0x1b0 [ 859.858653][ C0] ? dev_kfree_skb_any_reason+0x79/0x90 [ 859.864218][ C0] ? team_dummy_transmit+0x1a/0x30 [ 859.869527][ C0] ? team_xmit+0x34e/0x460 [ 859.874056][ C0] ? dev_hard_start_xmit+0x127/0x6c0 [ 859.879449][ C0] ? __dev_queue_xmit+0x6dd/0x46f0 [ 859.884581][ C0] ? br_dev_queue_push_xmit+0x587/0x880 [ 859.890156][ C0] ? br_forward_finish+0x102/0x4d0 [ 859.895294][ C0] ? __br_forward+0x6b1/0x970 [ 859.899992][ C0] ? maybe_deliver+0xf0/0x180 [ 859.904772][ C0] ? br_flood+0x193/0x650 [ 859.909120][ C0] ? br_handle_frame_finish+0xf57/0x1f00 [ 859.914774][ C0] ? br_handle_frame+0xeec/0x1510 [ 859.919860][ C0] kasan_save_track+0x14/0x30 [ 859.924744][ C0] kasan_save_free_info+0x3b/0x70 [ 859.929885][ C0] __kasan_slab_free+0x5f/0x80 [ 859.934682][ C0] kmem_cache_free+0x143/0x720 [ 859.939467][ C0] ? kfree_skbmem+0x19a/0x210 [ 859.944166][ C0] ? kfree_skbmem+0x19a/0x210 [ 859.948858][ C0] kfree_skbmem+0x19a/0x210 [ 859.953399][ C0] sk_skb_reason_drop+0x10f/0x1b0 [ 859.958511][ C0] dev_kfree_skb_any_reason+0x79/0x90 [ 859.963903][ C0] team_dummy_transmit+0x1a/0x30 [ 859.968870][ C0] team_xmit+0x34e/0x460 [ 859.973389][ C0] dev_hard_start_xmit+0x127/0x6c0 [ 859.978644][ C0] __dev_queue_xmit+0x6dd/0x46f0 [ 859.983626][ C0] ? __lock_acquire+0x4a5/0x2630 [ 859.988849][ C0] ? unwind_next_frame+0x3c8/0x1ea0 [ 859.994097][ C0] ? __pfx___dev_queue_xmit+0x10/0x10 [ 859.999493][ C0] ? lock_acquire+0x17c/0x330 [ 860.004227][ C0] ? mark_held_locks+0x40/0x70 [ 860.009116][ C0] ? __local_bh_enable_ip+0x9e/0x120 [ 860.014784][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 860.020105][ C0] ? ebt_do_table+0x1ce6/0x2250 [ 860.024978][ C0] ? __local_bh_enable_ip+0x9e/0x120 [ 860.030345][ C0] ? ebt_do_table+0x1938/0x2250 [ 860.035298][ C0] ? br_nf_post_routing+0x5f9/0x16a0 [ 860.040796][ C0] br_dev_queue_push_xmit+0x587/0x880 [ 860.046215][ C0] ? lock_acquire+0x17c/0x330 [ 860.050998][ C0] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 860.057007][ C0] ? find_held_lock+0x2b/0x80 [ 860.061727][ C0] ? br_forward_finish+0x28d/0x4d0 [ 860.066870][ C0] ? br_forward_finish+0x28d/0x4d0 [ 860.072010][ C0] br_forward_finish+0x102/0x4d0 [ 860.077049][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 860.082542][ C0] ? net_generic+0xf4/0x2a0 [ 860.087330][ C0] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 860.093241][ C0] ? __br_forward+0x325/0x970 [ 860.097961][ C0] ? __br_forward+0x325/0x970 [ 860.102658][ C0] __br_forward+0x6b1/0x970 [ 860.107180][ C0] ? __pfx___br_forward+0x10/0x10 [ 860.112217][ C0] ? __asan_memcpy+0x3c/0x60 [ 860.116821][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 860.122290][ C0] ? __skb_clone+0x570/0x760 [ 860.126932][ C0] maybe_deliver+0xf0/0x180 [ 860.131549][ C0] br_flood+0x193/0x650 [ 860.135817][ C0] br_handle_frame_finish+0xf57/0x1f00 [ 860.141571][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 860.147598][ C0] ? find_held_lock+0x2b/0x80 [ 860.152289][ C0] ? net_generic+0xea/0x2a0 [ 860.156825][ C0] ? net_generic+0xea/0x2a0 [ 860.161385][ C0] ? net_generic+0xf4/0x2a0 [ 860.165904][ C0] ? br_nf_pre_routing+0x7a3/0x1510 [ 860.171123][ C0] br_handle_frame+0xeec/0x1510 [ 860.176173][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 860.181659][ C0] ? batadv_tt_purge+0x8b/0xbd0 [ 860.186546][ C0] ? process_one_work+0x9c2/0x1840 [ 860.191723][ C0] ? rescuer_thread+0x8f1/0xf40 [ 860.196601][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 860.202527][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 860.207932][ C0] __netif_receive_skb_core.constprop.0+0x6d7/0x3460 [ 860.214817][ C0] ? mark_held_locks+0x40/0x70 [ 860.219686][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 860.227074][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 860.232483][ C0] ? kmem_cache_free+0x143/0x720 [ 860.237507][ C0] ? llc_sap_find+0x268/0x440 [ 860.242209][ C0] ? __local_bh_enable_ip+0x9e/0x120 [ 860.247691][ C0] ? kfree_skbmem+0x19a/0x210 [ 860.252483][ C0] ? kfree_skbmem+0x19a/0x210 [ 860.257258][ C0] ? kfree_skbmem+0x19f/0x210 [ 860.261960][ C0] ? __lock_acquire+0x4a5/0x2630 [ 860.266918][ C0] ? process_backlog+0x32a/0x1580 [ 860.271980][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 860.278416][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 860.285026][ C0] ? lock_acquire+0x17c/0x330 [ 860.289733][ C0] ? process_backlog+0x32a/0x1580 [ 860.294778][ C0] ? process_backlog+0x32a/0x1580 [ 860.299820][ C0] __netif_receive_skb+0x1f/0x120 [ 860.305048][ C0] process_backlog+0x37a/0x1580 [ 860.309922][ C0] __napi_poll.constprop.0+0xaf/0x450 [ 860.315336][ C0] net_rx_action+0xa40/0xf20 [ 860.320022][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 860.325189][ C0] ? find_held_lock+0x2b/0x80 [ 860.329885][ C0] ? try_to_wake_up+0x154/0x1a60 [ 860.334841][ C0] ? try_to_wake_up+0x154/0x1a60 [ 860.339845][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 860.345233][ C0] ? sched_clock+0x38/0x60 [ 860.349698][ C0] ? sched_clock_cpu+0x6c/0x570 [ 860.354697][ C0] ? mark_held_locks+0x40/0x70 [ 860.359744][ C0] handle_softirqs+0x1ea/0x910 [ 860.364553][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 860.369862][ C0] ? batadv_tt_local_purge+0x21c/0x3d0 [ 860.375460][ C0] do_softirq+0xac/0xe0 [ 860.379660][ C0] [ 860.382597][ C0] [ 860.385619][ C0] __local_bh_enable_ip+0xf8/0x120 [ 860.390754][ C0] batadv_tt_local_purge+0x21c/0x3d0 [ 860.396236][ C0] ? look_up_lock_class+0x55/0x120 [ 860.401403][ C0] ? do_raw_spin_lock+0x128/0x260 [ 860.406549][ C0] ? __pfx_batadv_tt_local_purge+0x10/0x10 [ 860.412505][ C0] batadv_tt_purge+0x8b/0xbd0 [ 860.417295][ C0] ? do_raw_spin_unlock+0x145/0x1e0 [ 860.422526][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 860.427840][ C0] ? process_one_work+0x80b/0x1840 [ 860.433147][ C0] ? rcu_is_watching+0x12/0xc0 [ 860.438098][ C0] process_one_work+0x9c2/0x1840 [ 860.443173][ C0] ? __pfx_process_one_work+0x10/0x10 [ 860.448667][ C0] ? assign_work+0x19c/0x250 [ 860.453447][ C0] rescuer_thread+0x8f1/0xf40 [ 860.458156][ C0] ? rescuer_thread+0x118/0xf40 [ 860.463032][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 860.468254][ C0] ? __kthread_parkme+0x18c/0x230 [ 860.473313][ C0] ? kthread+0x17d/0x730 [ 860.477599][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 860.482829][ C0] kthread+0x3b3/0x730 [ 860.487128][ C0] ? __pfx_kthread+0x10/0x10 [ 860.492007][ C0] ? ret_from_fork+0x79/0xaf0 [ 860.496786][ C0] ? ret_from_fork+0x79/0xaf0 [ 860.501479][ C0] ? rcu_is_watching+0x12/0xc0 [ 860.506271][ C0] ? __pfx_kthread+0x10/0x10 [ 860.510911][ C0] ret_from_fork+0x754/0xaf0 [ 860.515529][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 860.520693][ C0] ? __switch_to+0x7b9/0x10c0 [ 860.525460][ C0] ? __pfx_kthread+0x10/0x10 [ 860.530415][ C0] ret_from_fork_asm+0x1a/0x30 [ 860.535430][ C0]