UBSAN: signed-integer-overflow in ip_idents_reserve ================================================================================ UBSAN: signed-integer-overflow in ./arch/x86/include/asm/atomic.h:165:11 1251854394 + 1856889025 cannot be represented in type 'int' CPU: 1 PID: 5984 Comm: modprobe Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 Call Trace: dump_stack+0xfd/0x16e lib/dump_stack.c:118 ubsan_epilogue+0xa/0x30 lib/ubsan.c:148 handle_overflow+0x192/0x1b0 lib/ubsan.c:180 arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline] atomic_add_return include/asm-generic/atomic-instrumented.h:73 [inline] ip_idents_reserve+0x14a/0x170 net/ipv4/route.c:521 __ip_select_ident+0xe4/0x1c0 net/ipv4/route.c:538 iptunnel_xmit+0x466/0x7b0 net/ipv4/ip_tunnel_core.c:80 udp_tunnel_xmit_skb+0x1ba/0x290 net/ipv4/udp_tunnel_core.c:190 geneve_xmit_skb drivers/net/geneve.c:1004 [inline] geneve_xmit+0x1d05/0x2140 drivers/net/geneve.c:1117 __netdev_start_xmit include/linux/netdevice.h:4824 [inline] netdev_start_xmit include/linux/netdevice.h:4838 [inline] xmit_one net/core/dev.c:3601 [inline] dev_hard_start_xmit+0x294/0x780 net/core/dev.c:3617 __dev_queue_xmit+0x1678/0x28b0 net/core/dev.c:4203 neigh_output include/net/neighbour.h:509 [inline] ip6_finish_output2+0x1020/0x1490 net/ipv6/ip6_output.c:130 NF_HOOK+0x45/0x2c0 include/linux/netfilter.h:297 mld_sendpack+0x5f9/0xa70 net/ipv6/mcast.c:1676 mld_send_cr net/ipv6/mcast.c:1972 [inline] mld_ifc_timer_expire+0x7e1/0x990 net/ipv6/mcast.c:2471 call_timer_fn+0x105/0x440 kernel/time/timer.c:1444 expire_timers kernel/time/timer.c:1489 [inline] __run_timers+0x5d8/0x7a0 kernel/time/timer.c:1783 run_timer_softirq+0x19/0x30 kernel/time/timer.c:1796 __do_softirq+0x23c/0x8ae kernel/softirq.c:298 asm_call_irq_on_stack+0xf/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0x6d/0xb0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:393 [inline] __irq_exit_rcu+0x1e1/0x1f0 kernel/softirq.c:423 irq_exit_rcu+0x5/0x20 kernel/softirq.c:435 sysvec_apic_timer_interrupt+0x9d/0xb0 arch/x86/kernel/apic/apic.c:1106 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:635 RIP: 0010:xas_next_entry+0x96/0x3d0 include/linux/xarray.h:1645 Code: b6 04 18 84 c0 0f 85 19 03 00 00 41 0f b6 2c 24 31 ff 89 ee e8 1b 31 de ff 85 ed 0f 85 f5 02 00 00 4c 89 64 24 18 49 8d 4f 12 <48> 89 0c 24 48 c1 e9 03 48 89 4c 24 20 0f b6 04 19 84 c0 0f 85 fc RSP: 0000:ffffc900018ffc60 EFLAGS: 00000246 RAX: ffffffff81918485 RBX: dffffc0000000000 RCX: ffffc900018ffd2a RDX: ffff888021f18000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff940000ad161 R10: fffff940000ad161 R11: 1ffffd40000ad160 R12: ffff8880245a3180 R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc900018ffd18 filemap_map_pages+0x5fe/0xa30 mm/filemap.c:2853 do_fault_around mm/memory.c:4089 [inline] do_read_fault mm/memory.c:4123 [inline] do_fault mm/memory.c:4256 [inline] handle_pte_fault mm/memory.c:4497 [inline] __handle_mm_fault mm/memory.c:4632 [inline] handle_mm_fault+0x16b8/0x2930 mm/memory.c:4730 do_user_addr_fault+0x468/0xa50 arch/x86/mm/fault.c:1345 handle_page_fault arch/x86/mm/fault.c:1402 [inline] exc_page_fault+0x67/0x100 arch/x86/mm/fault.c:1458 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:571 RIP: 0033:0x7f8f0a2e0a55 Code: d2 39 c1 0f 8f 7c 00 00 00 2d 80 0f 00 00 0f 86 a8 fc ff ff 45 31 c0 83 e8 60 0f 8f 8d 00 00 00 0f 1f 44 00 00 c5 fe 6f 04 17 fd 74 0c 16 c5 85 74 d0 c5 ed df c9 c5 fd d7 c9 ff c1 75 28 83 RSP: 002b:00007ffe9e48a9e8 EFLAGS: 00010283 RAX: 00000000ffffffbf RBX: 0000560d57518000 RCX: 00000000000003f0 RDX: 0000000000000000 RSI: 00007f8f0a4003f0 RDI: 00007ffe9e48af9f RBP: 00007ffe9e48ab38 R08: 0000000000000000 R09: 00007f8f0a42fa60 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe9e48ab60 R14: 00007f8f0a460000 R15: 0000560d57519d98 ================================================================================ ---------------- Code disassembly (best guess): 0: b6 04 mov $0x4,%dh 2: 18 84 c0 0f 85 19 03 sbb %al,0x319850f(%rax,%rax,8) 9: 00 00 add %al,(%rax) b: 41 0f b6 2c 24 movzbl (%r12),%ebp 10: 31 ff xor %edi,%edi 12: 89 ee mov %ebp,%esi 14: e8 1b 31 de ff call 0xffde3134 19: 85 ed test %ebp,%ebp 1b: 0f 85 f5 02 00 00 jne 0x316 21: 4c 89 64 24 18 mov %r12,0x18(%rsp) 26: 49 8d 4f 12 lea 0x12(%r15),%rcx * 2a: 48 89 0c 24 mov %rcx,(%rsp) <-- trapping instruction 2e: 48 c1 e9 03 shr $0x3,%rcx 32: 48 89 4c 24 20 mov %rcx,0x20(%rsp) 37: 0f b6 04 19 movzbl (%rcx,%rbx,1),%eax 3b: 84 c0 test %al,%al 3d: 0f .byte 0xf 3e: 85 fc test %edi,%esp Warning: Permanently added '10.128.0.71' (ED25519) to the list of known hosts. 2025/10/24 09:31:11 parsed 1 programs [ 44.480515][ T5964] cgroup: Unknown subsys name 'net' [ 44.609516][ T5964] cgroup: Unknown subsys name 'rlimit' [ 46.293130][ T5964] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 47.121939][ T5971] IPVS: ftp: loaded support on port[0] = 21 [ 47.193762][ T5971] chnl_net:caif_netlink_parms(): no params data found [ 47.220332][ T5971] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.227552][ T5971] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.235419][ T5971] device bridge_slave_0 entered promiscuous mode [ 47.243382][ T5971] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.250457][ T5971] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.258091][ T5971] device bridge_slave_1 entered promiscuous mode [ 47.271923][ T5971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.283242][ T5971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.299081][ T5971] team0: Port device team_slave_0 added [ 47.306097][ T5971] team0: Port device team_slave_1 added [ 47.317995][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.324933][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.350843][ T5971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.362226][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.369223][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.395182][ T5971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.416728][ T5971] device hsr_slave_0 entered promiscuous mode [ 47.423245][ T5971] device hsr_slave_1 entered promiscuous mode [ 47.471639][ T5971] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.480389][ T5971] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.489086][ T5971] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.497565][ T5971] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.513466][ T5971] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.520632][ T5971] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.528003][ T5971] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.535131][ T5971] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.561198][ T5971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.573567][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.582072][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.589977][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.597565][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 47.607679][ T5971] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.616985][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.625385][ T677] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.632487][ T677] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.642855][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.651418][ T677] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.658498][ T677] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.672523][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 47.681721][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 47.691754][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 47.702417][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.713153][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.723012][ T5971] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 47.769360][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 47.776980][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 47.788069][ T5971] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.802087][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.817286][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.825559][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.833747][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.843065][ T5971] device veth0_vlan entered promiscuous mode [ 47.853007][ T5971] device veth1_vlan entered promiscuous mode [ 47.868131][ T608] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 47.876210][ T608] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 47.884528][ T608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.894414][ T5971] device veth0_macvtap entered promiscuous mode [ 47.903703][ T5971] device veth1_macvtap entered promiscuous mode [ 47.916303][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.924143][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.932868][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 47.943246][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.950987][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.961028][ T5971] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.969989][ T5971] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.978838][ T5971] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.987799][ T5971] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.035897][ C1] ================================================================================ [ 48.045345][ C1] UBSAN: signed-integer-overflow in ./arch/x86/include/asm/atomic.h:165:11 [ 48.053952][ C1] 1251854394 + 1856889025 cannot be represented in type 'int' [ 48.061418][ C1] CPU: 1 PID: 5984 Comm: modprobe Not tainted syzkaller #0 [ 48.068591][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 48.078727][ C1] Call Trace: [ 48.081999][ C1] [ 48.084847][ C1] dump_stack+0xfd/0x16e [ 48.089084][ C1] ubsan_epilogue+0xa/0x30 [ 48.093473][ C1] handle_overflow+0x192/0x1b0 [ 48.098230][ C1] ? prandom_u32+0x1d/0x1f0 [ 48.102709][ C1] ip_idents_reserve+0x14a/0x170 [ 48.107672][ C1] __ip_select_ident+0xe4/0x1c0 [ 48.112497][ C1] iptunnel_xmit+0x466/0x7b0 [ 48.117065][ C1] udp_tunnel_xmit_skb+0x1ba/0x290 [ 48.122153][ C1] geneve_xmit+0x1d05/0x2140 [ 48.126729][ C1] dev_hard_start_xmit+0x294/0x780 [ 48.132192][ C1] __dev_queue_xmit+0x1678/0x28b0 [ 48.137274][ C1] ip6_finish_output2+0x1020/0x1490 [ 48.142557][ C1] NF_HOOK+0x45/0x2c0 [ 48.146551][ C1] ? NF_HOOK+0x2c0/0x2c0 [ 48.150889][ C1] mld_sendpack+0x5f9/0xa70 [ 48.155387][ C1] mld_ifc_timer_expire+0x7e1/0x990 [ 48.160579][ C1] ? lock_acquire+0x78/0x310 [ 48.165155][ C1] ? lock_release+0x69/0x610 [ 48.169820][ C1] ? debug_object_deactivate+0x9b/0x250 [ 48.175350][ C1] ? mld_gq_timer_expire+0xe0/0xe0 [ 48.180456][ C1] call_timer_fn+0x105/0x440 [ 48.185031][ C1] ? mld_gq_timer_expire+0xe0/0xe0 [ 48.190128][ C1] __run_timers+0x5d8/0x7a0 [ 48.194970][ C1] ? __do_softirq+0x164/0x8ae [ 48.199635][ C1] run_timer_softirq+0x19/0x30 [ 48.204496][ C1] __do_softirq+0x23c/0x8ae [ 48.208985][ C1] ? asm_call_irq_on_stack+0xf/0x20 [ 48.214251][ C1] asm_call_irq_on_stack+0xf/0x20 [ 48.219386][ C1] [ 48.222309][ C1] do_softirq_own_stack+0x6d/0xb0 [ 48.227317][ C1] __irq_exit_rcu+0x1e1/0x1f0 [ 48.231975][ C1] irq_exit_rcu+0x5/0x20 [ 48.236201][ C1] sysvec_apic_timer_interrupt+0x9d/0xb0 [ 48.241991][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 48.247952][ C1] RIP: 0010:xas_next_entry+0x96/0x3d0 [ 48.253418][ C1] Code: b6 04 18 84 c0 0f 85 19 03 00 00 41 0f b6 2c 24 31 ff 89 ee e8 1b 31 de ff 85 ed 0f 85 f5 02 00 00 4c 89 64 24 18 49 8d 4f 12 <48> 89 0c 24 48 c1 e9 03 48 89 4c 24 20 0f b6 04 19 84 c0 0f 85 fc [ 48.273552][ C1] RSP: 0000:ffffc900018ffc60 EFLAGS: 00000246 [ 48.279869][ C1] RAX: ffffffff81918485 RBX: dffffc0000000000 RCX: ffffc900018ffd2a [ 48.287824][ C1] RDX: ffff888021f18000 RSI: 0000000000000000 RDI: 0000000000000000 [ 48.295956][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff940000ad161 [ 48.304003][ C1] R10: fffff940000ad161 R11: 1ffffd40000ad160 R12: ffff8880245a3180 [ 48.312223][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc900018ffd18 [ 48.320216][ C1] ? xas_next_entry+0x85/0x3d0 [ 48.324967][ C1] ? unlock_page+0x17c/0x210 [ 48.329645][ C1] filemap_map_pages+0x5fe/0xa30 [ 48.334573][ C1] handle_mm_fault+0x16b8/0x2930 [ 48.339498][ C1] do_user_addr_fault+0x468/0xa50 [ 48.344635][ C1] ? asm_exc_page_fault+0x8/0x30 [ 48.349551][ C1] exc_page_fault+0x67/0x100 [ 48.354134][ C1] asm_exc_page_fault+0x1e/0x30 [ 48.359062][ C1] RIP: 0033:0x7f8f0a2e0a55 [ 48.363612][ C1] Code: d2 39 c1 0f 8f 7c 00 00 00 2d 80 0f 00 00 0f 86 a8 fc ff ff 45 31 c0 83 e8 60 0f 8f 8d 00 00 00 0f 1f 44 00 00 c5 fe 6f 04 17 fd 74 0c 16 c5 85 74 d0 c5 ed df c9 c5 fd d7 c9 ff c1 75 28 83 [ 48.383203][ C1] RSP: 002b:00007ffe9e48a9e8 EFLAGS: 00010283 [ 48.389369][ C1] RAX: 00000000ffffffbf RBX: 0000560d57518000 RCX: 00000000000003f0 [ 48.397494][ C1] RDX: 0000000000000000 RSI: 00007f8f0a4003f0 RDI: 00007ffe9e48af9f [ 48.405577][ C1] RBP: 00007ffe9e48ab38 R08: 0000000000000000 R09: 00007f8f0a42fa60 [ 48.413539][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 48.421495][ C1] R13: 00007ffe9e48ab60 R14: 00007f8f0a460000 R15: 0000560d57519d98 [ 48.429493][ C1] ================================================================================ [ 48.438917][ C1] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 48.446229][ C1] CPU: 1 PID: 5984 Comm: modprobe Not tainted syzkaller #0 [ 48.453574][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 48.463620][ C1] Call Trace: [ 48.466930][ C1] [ 48.469786][ C1] dump_stack+0xfd/0x16e [ 48.474260][ C1] panic+0x2f0/0x9c0 [ 48.478304][ C1] check_panic_on_warn+0x95/0xe0 [ 48.483324][ C1] handle_overflow+0x192/0x1b0 [ 48.488166][ C1] ? prandom_u32+0x1d/0x1f0 [ 48.492648][ C1] ip_idents_reserve+0x14a/0x170 [ 48.497566][ C1] __ip_select_ident+0xe4/0x1c0 [ 48.502403][ C1] iptunnel_xmit+0x466/0x7b0 [ 48.507007][ C1] udp_tunnel_xmit_skb+0x1ba/0x290 [ 48.512102][ C1] geneve_xmit+0x1d05/0x2140 [ 48.516699][ C1] dev_hard_start_xmit+0x294/0x780 [ 48.521904][ C1] __dev_queue_xmit+0x1678/0x28b0 [ 48.526917][ C1] ip6_finish_output2+0x1020/0x1490 [ 48.532265][ C1] NF_HOOK+0x45/0x2c0 [ 48.536362][ C1] ? NF_HOOK+0x2c0/0x2c0 [ 48.540600][ C1] mld_sendpack+0x5f9/0xa70 [ 48.545084][ C1] mld_ifc_timer_expire+0x7e1/0x990 [ 48.550256][ C1] ? lock_acquire+0x78/0x310 [ 48.554818][ C1] ? lock_release+0x69/0x610 [ 48.559386][ C1] ? debug_object_deactivate+0x9b/0x250 [ 48.564916][ C1] ? mld_gq_timer_expire+0xe0/0xe0 [ 48.570159][ C1] call_timer_fn+0x105/0x440 [ 48.574730][ C1] ? mld_gq_timer_expire+0xe0/0xe0 [ 48.580362][ C1] __run_timers+0x5d8/0x7a0 [ 48.584876][ C1] ? __do_softirq+0x164/0x8ae [ 48.589741][ C1] run_timer_softirq+0x19/0x30 [ 48.594575][ C1] __do_softirq+0x23c/0x8ae [ 48.599107][ C1] ? asm_call_irq_on_stack+0xf/0x20 [ 48.604286][ C1] asm_call_irq_on_stack+0xf/0x20 [ 48.609288][ C1] [ 48.612210][ C1] do_softirq_own_stack+0x6d/0xb0 [ 48.617294][ C1] __irq_exit_rcu+0x1e1/0x1f0 [ 48.621954][ C1] irq_exit_rcu+0x5/0x20 [ 48.626175][ C1] sysvec_apic_timer_interrupt+0x9d/0xb0 [ 48.631799][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 48.637759][ C1] RIP: 0010:xas_next_entry+0x96/0x3d0 [ 48.643107][ C1] Code: b6 04 18 84 c0 0f 85 19 03 00 00 41 0f b6 2c 24 31 ff 89 ee e8 1b 31 de ff 85 ed 0f 85 f5 02 00 00 4c 89 64 24 18 49 8d 4f 12 <48> 89 0c 24 48 c1 e9 03 48 89 4c 24 20 0f b6 04 19 84 c0 0f 85 fc [ 48.662984][ C1] RSP: 0000:ffffc900018ffc60 EFLAGS: 00000246 [ 48.669035][ C1] RAX: ffffffff81918485 RBX: dffffc0000000000 RCX: ffffc900018ffd2a [ 48.677198][ C1] RDX: ffff888021f18000 RSI: 0000000000000000 RDI: 0000000000000000 [ 48.685542][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff940000ad161 [ 48.693603][ C1] R10: fffff940000ad161 R11: 1ffffd40000ad160 R12: ffff8880245a3180 [ 48.701553][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc900018ffd18 [ 48.709709][ C1] ? xas_next_entry+0x85/0x3d0 [ 48.714730][ C1] ? unlock_page+0x17c/0x210 [ 48.719314][ C1] filemap_map_pages+0x5fe/0xa30 [ 48.724318][ C1] handle_mm_fault+0x16b8/0x2930 [ 48.729240][ C1] do_user_addr_fault+0x468/0xa50 [ 48.734236][ C1] ? asm_exc_page_fault+0x8/0x30 [ 48.739360][ C1] exc_page_fault+0x67/0x100 [ 48.743925][ C1] asm_exc_page_fault+0x1e/0x30 [ 48.748752][ C1] RIP: 0033:0x7f8f0a2e0a55 [ 48.753345][ C1] Code: d2 39 c1 0f 8f 7c 00 00 00 2d 80 0f 00 00 0f 86 a8 fc ff ff 45 31 c0 83 e8 60 0f 8f 8d 00 00 00 0f 1f 44 00 00 c5 fe 6f 04 17 fd 74 0c 16 c5 85 74 d0 c5 ed df c9 c5 fd d7 c9 ff c1 75 28 83 [ 48.773588][ C1] RSP: 002b:00007ffe9e48a9e8 EFLAGS: 00010283 [ 48.779672][ C1] RAX: 00000000ffffffbf RBX: 0000560d57518000 RCX: 00000000000003f0 [ 48.787743][ C1] RDX: 0000000000000000 RSI: 00007f8f0a4003f0 RDI: 00007ffe9e48af9f [ 48.796300][ C1] RBP: 00007ffe9e48ab38 R08: 0000000000000000 R09: 00007f8f0a42fa60 [ 48.804330][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 48.812278][ C1] R13: 00007ffe9e48ab60 R14: 00007f8f0a460000 R15: 0000560d57519d98 [ 48.820381][ C1] Kernel Offset: disabled [ 48.824731][ C1] Rebooting in 86400 seconds.. syzkaller build log: go env (err=) AR='ar' CC='gcc' CGO_CFLAGS='-O2 -g' CGO_CPPFLAGS='' CGO_CXXFLAGS='-O2 -g' CGO_ENABLED='1' CGO_FFLAGS='-O2 -g' CGO_LDFLAGS='-O2 -g' CXX='g++' GCCGO='gccgo' GO111MODULE='auto' GOAMD64='v1' GOARCH='amd64' GOAUTH='netrc' GOBIN='' GOCACHE='/syzkaller/.cache/go-build' GOCACHEPROG='' GODEBUG='' GOENV='/syzkaller/.config/go/env' GOEXE='' GOEXPERIMENT='' GOFIPS140='off' GOFLAGS='' GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build3457238269=/tmp/go-build -gno-record-gcc-switches' GOHOSTARCH='amd64' GOHOSTOS='linux' GOINSECURE='' GOMOD='/syzkaller/jobs-2/linux/gopath/src/github.com/google/syzkaller/go.mod' GOMODCACHE='/syzkaller/jobs-2/linux/gopath/pkg/mod' GONOPROXY='' GONOSUMDB='' GOOS='linux' GOPATH='/syzkaller/jobs-2/linux/gopath' GOPRIVATE='' GOPROXY='https://proxy.golang.org,direct' GOROOT='/usr/local/go' GOSUMDB='sum.golang.org' GOTELEMETRY='local' GOTELEMETRYDIR='/syzkaller/.config/go/telemetry' GOTMPDIR='' GOTOOLCHAIN='auto' GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64' GOVCS='' GOVERSION='go1.24.4' GOWORK='' PKG_CONFIG='pkg-config' git status (err=) HEAD detached at e2beed91937 nothing to commit, working tree clean tput: No value for $TERM and no -T specified tput: No value for $TERM and no -T specified Makefile:31: run command via tools/syz-env for best compatibility, see: Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env go list -f '{{.Stale}}' -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=e2beed91937c0ace342f19a2e9afb67adb3a828a -X github.com/google/syzkaller/prog.gitRevisionDate=20250911-084951" ./sys/syz-sysgen | grep -q false || go install -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=e2beed91937c0ace342f19a2e9afb67adb3a828a -X github.com/google/syzkaller/prog.gitRevisionDate=20250911-084951" ./sys/syz-sysgen make .descriptions tput: No value for $TERM and no -T specified tput: No value for $TERM and no -T specified Makefile:31: run command via tools/syz-env for best compatibility, see: Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env bin/syz-sysgen touch .descriptions GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=e2beed91937c0ace342f19a2e9afb67adb3a828a -X github.com/google/syzkaller/prog.gitRevisionDate=20250911-084951" -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog mkdir -p ./bin/linux_amd64 g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \ -m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include -DGOOS_linux=1 -DGOARCH_amd64=1 \ -DHOSTGOOS_linux=1 -DGIT_REVISION=\"e2beed91937c0ace342f19a2e9afb67adb3a828a\" /usr/bin/ld: /tmp/cciE1xKJ.o: in function `Connection::Connect(char const*, char const*)': executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEPKcS1_]+0x104): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking ./tools/check-syzos.sh 2>/dev/null