last executing test programs: 2.36675165s ago: executing program 0 (id=4820): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) syz_clone(0x280, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) 2.073274s ago: executing program 2 (id=4826): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) read$auto(r0, 0x0, 0x9) write$auto(r0, 0x0, 0x81) 1.87675927s ago: executing program 2 (id=4828): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/irq/3/effective_affinity_list\x00', 0x800, 0x0) msgctl$auto_IPC_INFO(0x400, 0x3, &(0x7f0000000ac0)={{0x0, 0xee01, 0x0, 0x7, 0x7, 0x3b, 0x4}, 0x0, 0x0, 0x401, 0x0, 0xd781, 0x3, 0x4, 0x5, 0x4, 0xf65e, @raw=0x5be}) r3 = setfsuid$auto(r1) fchown$auto(r0, r3, r2) 1.631131559s ago: executing program 2 (id=4831): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000900), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000980)={'virt_wifi0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r0, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000000a80)={0x20, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r2}, @MACSEC_ATTR_OFFLOAD={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x40840) 1.533101057s ago: executing program 1 (id=4832): mmap$auto(0x0, 0x40, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x801, 0x106) listen$auto(0x3, 0x81) setsockopt$auto(r0, 0x6, 0x3, 0x0, 0xa1) 1.431540764s ago: executing program 2 (id=4834): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x84) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0x8) 1.307748784s ago: executing program 1 (id=4836): mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) connect$auto(0x3, 0x0, 0x2) 1.202295924s ago: executing program 0 (id=4838): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x1, 0x84) timer_create$auto(0x8, 0x0, 0x0) getsockopt$auto(r0, 0x84, 0x85, 0x0, 0x0) 1.145323287s ago: executing program 3 (id=4839): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) uname$auto(0x0) r0 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r0, 0x29, 0x30, 0x0, 0x0) 1.084323987s ago: executing program 0 (id=4840): r0 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) setsockopt$auto(r0, 0x1, 0x12, &(0x7f0000000400)='\'\ak\xb6\xc8\vFx\xed\xd6\xf8\x00\x10\xa4#\x92`\xdb\xafL\x0f\xfbUV\xa6KH]Cv\xbf\xf2a\v', 0xeb66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 1.081167663s ago: executing program 2 (id=4841): unshare$auto(0x40000080) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/36u\x00', 0x26040, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.035623733s ago: executing program 1 (id=4842): close_range$auto(0x2, 0x8, 0x0) openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket(0x11, 0x80003, 0x300) accept$auto(0x3, 0x0, 0x0) 997.63161ms ago: executing program 3 (id=4843): mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) link$auto(&(0x7f0000000940)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2DW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xea\xa5\xff \xec\xe8\xca\xbf\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\v\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4N\xbb\xc2\xf8\x9c\xd0+t\x87r\x02\x05\xdb\xe4\xde\xed\x02\x00\x00\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00M\x83\xdb\xaf\xc4\xf23l\xae\xc5\x1d\xc4\xb0\x06\xd06\x1dX\x03\xe3\x9e\xd3\xd96\xcf\xd9\xa3\xcb\xd6B\xc3\x0f#\xd2\x1a\xf9L\xf5\x87My\xce\x19*\xde\x8d+#\x13\x15\xd3Y\x98\xe1\xc3@\x0e\x9c\xc2\xf8\b\xaf\x89\xe5\x00\x89-pWD\xb5&\xc9\x8e\x8d,\xb7}1\x84U\x18y\xa90\xf5\x80\x981U\x17\x14]\xc56j\xe7\x0e\xecBr\xa9]\"\xd36^m\x12\xb6\xbc\x80\xa4h{\xde\xcf\xf7d\x87rl\x11\xf7\x15\xcb~\xb9\x01\x0e\xd7O_\x91\xe1\xead\xee\xed]/p\xd6\xff\x17\xe4\aV\"I\xca\x90\xc7i\'\xa3R\x81\xf1}4\xbeU\x00\xa4\x1d\xea!Z\xd4|\xbe\x987\n!\x9b?\xb9l_\xd8$av\xfe%\xa2\xda\x82\x14\xc311;\xa4ob\x87\xdbY\xe2\x00', &(0x7f0000000b40)='./file0\x00') 932.315415ms ago: executing program 0 (id=4844): r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000100), 0x60423, 0x0) unshare$auto(0x40000080) listen$auto(0x3, 0x81) ioctl$auto_SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000040)) 832.670787ms ago: executing program 3 (id=4845): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0xffc, 0x8, 0x80000000000000a, 0x0, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 757.108803ms ago: executing program 1 (id=4846): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) sysfs$auto(0x2, 0x22, 0x0) r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x2716, 0xfffffffffffffffc, 0x0) 533.57975ms ago: executing program 1 (id=4847): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/scsi_mod/parameters/max_luns\x00', 0x121102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x1f40) write$auto(0x3, 0x0, 0xfdef) 532.531077ms ago: executing program 3 (id=4848): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) umount2$auto(&(0x7f0000000000)='.\x00', 0x8) 401.18433ms ago: executing program 3 (id=4849): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x5, 0x84) io_uring_setup$auto(0x401, 0x0) getsockopt$auto(r0, 0x84, 0x1, 0x0, 0x0) 345.960462ms ago: executing program 1 (id=4850): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.997056][ T8018] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 144.997069][ T8018] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 144.997078][ T8018] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 144.997086][ T8018] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 144.997094][ T8018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.997102][ T8018] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 144.997120][ T8018] [ 145.739168][ T7816] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 145.809832][ T7816] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 145.888632][ T7816] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 145.954258][ T7816] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 146.050537][ T6205] Bluetooth: hci0: command tx timeout [ 146.308195][ T7816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.399328][ T7816] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.454347][ T6106] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.461562][ T6106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.580831][ T6106] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.588014][ T6106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.160728][ T8087] FAULT_INJECTION: forcing a failure. [ 147.160728][ T8087] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 147.251875][ T8087] CPU: 0 UID: 0 PID: 8087 Comm: syz.2.967 Tainted: G U syzkaller #0 PREEMPT(full) [ 147.251900][ T8087] Tainted: [U]=USER [ 147.251905][ T8087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 147.251913][ T8087] Call Trace: [ 147.251918][ T8087] [ 147.251924][ T8087] dump_stack_lvl+0x16c/0x1f0 [ 147.251951][ T8087] should_fail_ex+0x512/0x640 [ 147.251970][ T8087] core_sys_select+0x94e/0xc20 [ 147.251994][ T8087] ? __pfx_core_sys_select+0x10/0x10 [ 147.252015][ T8087] ? __lock_acquire+0x436/0x2890 [ 147.252042][ T8087] ? read_tsc+0x9/0x20 [ 147.252058][ T8087] ? ktime_get_ts64+0x256/0x400 [ 147.252076][ T8087] kern_select+0x15d/0x1e0 [ 147.252093][ T8087] ? __pfx_kern_select+0x10/0x10 [ 147.252113][ T8087] ? xfd_validate_state+0x61/0x180 [ 147.252125][ T8087] ? __pfx_ksys_write+0x10/0x10 [ 147.252146][ T8087] __x64_sys_select+0xbd/0x160 [ 147.252163][ T8087] ? do_syscall_64+0x91/0xf80 [ 147.252174][ T8087] ? lockdep_hardirqs_on+0x7c/0x110 [ 147.252193][ T8087] do_syscall_64+0xcd/0xf80 [ 147.252206][ T8087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.252219][ T8087] RIP: 0033:0x7fa02b58f7c9 [ 147.252230][ T8087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.252242][ T8087] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 147.252262][ T8087] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 147.252271][ T8087] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 0000000000000003 [ 147.252280][ T8087] RBP: 00007fa02b613f91 R08: 00002000000000c0 R09: 0000000000000000 [ 147.252288][ T8087] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 147.252296][ T8087] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 147.252314][ T8087] [ 147.468621][ T7816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.495727][ T7816] veth0_vlan: entered promiscuous mode [ 147.656793][ T7816] veth1_vlan: entered promiscuous mode [ 147.830944][ T7816] veth0_macvtap: entered promiscuous mode [ 147.873464][ T7816] veth1_macvtap: entered promiscuous mode [ 147.955289][ T7816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.020800][ T7816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.122002][ T6065] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.213160][ T6065] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.302456][ T6065] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.380648][ T6065] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.528134][ T6065] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.573326][ T6065] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.702492][ T6065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.758166][ T6065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.867469][ T8130] netlink: 'syz.3.983': attribute type 2 has an invalid length. [ 150.255403][ T8186] usb usb36: usbfs: process 8186 (syz.3.1003) did not claim interface 0 before use [ 151.477432][ T8242] netlink: 'syz.1.1023': attribute type 11 has an invalid length. [ 151.485308][ T8242] netlink: 'syz.1.1023': attribute type 11 has an invalid length. [ 151.558156][ T8242] netlink: 'syz.1.1023': attribute type 11 has an invalid length. [ 151.579607][ T8242] netlink: 'syz.1.1023': attribute type 11 has an invalid length. [ 155.506665][ T8408] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 155.633261][ T8414] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 156.678928][ T8459] FAULT_INJECTION: forcing a failure. [ 156.678928][ T8459] name failslab, interval 1, probability 0, space 0, times 0 [ 156.753721][ T8459] CPU: 0 UID: 0 PID: 8459 Comm: syz.0.1109 Tainted: G U syzkaller #0 PREEMPT(full) [ 156.753747][ T8459] Tainted: [U]=USER [ 156.753752][ T8459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 156.753760][ T8459] Call Trace: [ 156.753765][ T8459] [ 156.753770][ T8459] dump_stack_lvl+0x16c/0x1f0 [ 156.753797][ T8459] should_fail_ex+0x512/0x640 [ 156.753819][ T8459] ? __kmalloc_cache_noprof+0x5f/0x800 [ 156.753838][ T8459] should_failslab+0xc2/0x120 [ 156.753859][ T8459] __kmalloc_cache_noprof+0x80/0x800 [ 156.753876][ T8459] ? percpu_ref_init+0xec/0x410 [ 156.753898][ T8459] ? percpu_ref_init+0xec/0x410 [ 156.753915][ T8459] ? __pfx_io_ring_ctx_ref_free+0x10/0x10 [ 156.753934][ T8459] percpu_ref_init+0xec/0x410 [ 156.753955][ T8459] io_uring_setup+0x3e9/0x1f80 [ 156.753974][ T8459] ? __pfx_io_uring_setup+0x10/0x10 [ 156.753992][ T8459] ? do_futex+0x122/0x350 [ 156.754007][ T8459] ? __pfx_do_futex+0x10/0x10 [ 156.754028][ T8459] ? fput+0x70/0xf0 [ 156.754042][ T8459] ? xfd_validate_state+0x61/0x180 [ 156.754053][ T8459] ? __pfx_ksys_write+0x10/0x10 [ 156.754075][ T8459] __x64_sys_io_uring_setup+0xc2/0x170 [ 156.754093][ T8459] do_syscall_64+0xcd/0xf80 [ 156.754106][ T8459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.754119][ T8459] RIP: 0033:0x7fb3d458f7c9 [ 156.754131][ T8459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.754143][ T8459] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 156.754156][ T8459] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 156.754165][ T8459] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000001d48 [ 156.754172][ T8459] RBP: 00007fb3d4613f91 R08: 0000000000000000 R09: 0000000000000000 [ 156.754180][ T8459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.754187][ T8459] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 156.754204][ T8459] [ 158.163289][ T8513] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 159.769650][ T8581] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 160.105915][ T8595] netlink: del zone limit has 8 unknown bytes [ 162.217873][ T30] audit: type=1107 audit(1768380978.449:4): pid=8690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 162.251935][ T8694] ptrace attach of "./syz-executor exec"[5834] was attempted by ""[8694] [ 162.288502][ T30] audit: type=1107 audit(1768380978.469:5): pid=8690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 163.485633][ T8742] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 164.701754][ T8792] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd1f [ 165.059661][ T8807] sd 0:0:1:0: PR command failed: 1026 [ 165.135878][ T8807] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 165.163157][ T8807] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 165.199145][ T8815] mmap: syz.0.1277 (8815): VmData 45883392 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 165.516365][ T8824] openvswitch: netlink: IPv4 tunnel dst address is zero [ 166.224534][ T8857] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 167.199757][ T8901] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 168.067229][ T8941] nbd: illegal input index -1073741824 [ 168.437820][ T8953] FAULT_INJECTION: forcing a failure. [ 168.437820][ T8953] name failslab, interval 1, probability 0, space 0, times 0 [ 168.572526][ T8953] CPU: 0 UID: 0 PID: 8953 Comm: syz.2.1342 Tainted: G U syzkaller #0 PREEMPT(full) [ 168.572550][ T8953] Tainted: [U]=USER [ 168.572555][ T8953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 168.572563][ T8953] Call Trace: [ 168.572568][ T8953] [ 168.572574][ T8953] dump_stack_lvl+0x16c/0x1f0 [ 168.572600][ T8953] should_fail_ex+0x512/0x640 [ 168.572615][ T8953] ? fs_reclaim_acquire+0xae/0x150 [ 168.572637][ T8953] should_failslab+0xc2/0x120 [ 168.572658][ T8953] kmem_cache_alloc_noprof+0x83/0x770 [ 168.572674][ T8953] ? __pfx_map_id_range_down+0x10/0x10 [ 168.572692][ T8953] ? security_inode_alloc+0x3b/0x2b0 [ 168.572709][ T8953] ? security_inode_alloc+0x3b/0x2b0 [ 168.572722][ T8953] security_inode_alloc+0x3b/0x2b0 [ 168.572737][ T8953] inode_init_always_gfp+0xced/0x1040 [ 168.572759][ T8953] alloc_inode+0x86/0x240 [ 168.572773][ T8953] new_inode+0x22/0x1c0 [ 168.572789][ T8953] hugetlbfs_get_inode+0x354/0x700 [ 168.572802][ T8953] ? security_capable+0x7e/0x260 [ 168.572823][ T8953] hugetlb_file_setup+0x38d/0x620 [ 168.572839][ T8953] newseg+0xa74/0xe60 [ 168.572859][ T8953] ? __pfx_newseg+0x10/0x10 [ 168.572877][ T8953] ? ksys_write+0x190/0x250 [ 168.572897][ T8953] ipcget+0xf6/0xfa0 [ 168.572914][ T8953] ? do_futex+0x122/0x350 [ 168.572929][ T8953] ? __pfx_do_futex+0x10/0x10 [ 168.572946][ T8953] ? __pfx_ipcget+0x10/0x10 [ 168.572964][ T8953] ? __x64_sys_futex+0x1e0/0x4c0 [ 168.572977][ T8953] ? __x64_sys_futex+0x1e9/0x4c0 [ 168.572994][ T8953] __x64_sys_shmget+0x13b/0x1b0 [ 168.573012][ T8953] ? __pfx___x64_sys_shmget+0x10/0x10 [ 168.573031][ T8953] ? rcu_is_watching+0x12/0xc0 [ 168.573051][ T8953] do_syscall_64+0xcd/0xf80 [ 168.573064][ T8953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.573077][ T8953] RIP: 0033:0x7fa02b58f7c9 [ 168.573088][ T8953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.573100][ T8953] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 168.573113][ T8953] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 168.573122][ T8953] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 168.573129][ T8953] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 168.573137][ T8953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.573144][ T8953] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 168.573163][ T8953] [ 171.679075][ T9062] netlink: 'syz.2.1393': attribute type 1 has an invalid length. [ 172.070666][ T9080] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 172.077272][ T9080] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 174.446522][ T9170] perf: Dynamic interrupt throttling disabled, can hang your system! [ 174.908397][ T9194] netlink: 'syz.3.1453': attribute type 1 has an invalid length. [ 174.917677][ T9195] FAULT_INJECTION: forcing a failure. [ 174.917677][ T9195] name failslab, interval 1, probability 0, space 0, times 0 [ 174.930491][ T9195] CPU: 0 UID: 0 PID: 9195 Comm: syz.1.1454 Tainted: G U syzkaller #0 PREEMPT(full) [ 174.930514][ T9195] Tainted: [U]=USER [ 174.930519][ T9195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 174.930527][ T9195] Call Trace: [ 174.930533][ T9195] [ 174.930544][ T9195] dump_stack_lvl+0x16c/0x1f0 [ 174.930570][ T9195] should_fail_ex+0x512/0x640 [ 174.930590][ T9195] should_failslab+0xc2/0x120 [ 174.930612][ T9195] kmem_cache_alloc_noprof+0x83/0x770 [ 174.930627][ T9195] ? pcpu_alloc_noprof+0x94a/0x1470 [ 174.930642][ T9195] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 174.930663][ T9195] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 174.930679][ T9195] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 174.930699][ T9195] idr_get_free+0x528/0xa30 [ 174.930723][ T9195] idr_alloc_u32+0x1ac/0x320 [ 174.930743][ T9195] ? __pfx_idr_alloc_u32+0x10/0x10 [ 174.930763][ T9195] ? lock_acquire+0x179/0x330 [ 174.930779][ T9195] idr_alloc_cyclic+0x10b/0x230 [ 174.930798][ T9195] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 174.930815][ T9195] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 174.930830][ T9195] ? lsm_blob_alloc+0x2b/0x90 [ 174.930853][ T9195] map_create+0x143c/0x2a10 [ 174.930878][ T9195] ? __pfx_map_create+0x10/0x10 [ 174.930894][ T9195] ? __might_fault+0xe3/0x190 [ 174.930909][ T9195] ? __might_fault+0xe3/0x190 [ 174.930922][ T9195] ? __might_fault+0x13b/0x190 [ 174.930943][ T9195] __sys_bpf+0x3d9d/0x4980 [ 174.930955][ T9195] ? futex_private_hash_put+0x160/0x1b0 [ 174.930971][ T9195] ? __pfx___sys_bpf+0x10/0x10 [ 174.930982][ T9195] ? __pfx_futex_wait+0x10/0x10 [ 174.931010][ T9195] ? do_futex+0x122/0x350 [ 174.931034][ T9195] ? fput+0x70/0xf0 [ 174.931047][ T9195] ? xfd_validate_state+0x61/0x180 [ 174.931058][ T9195] ? __pfx_ksys_write+0x10/0x10 [ 174.931080][ T9195] __x64_sys_bpf+0x78/0xc0 [ 174.931091][ T9195] ? lockdep_hardirqs_on+0x7c/0x110 [ 174.931111][ T9195] do_syscall_64+0xcd/0xf80 [ 174.931124][ T9195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.931138][ T9195] RIP: 0033:0x7f816f18f7c9 [ 174.931149][ T9195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.931161][ T9195] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 174.931175][ T9195] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 174.931183][ T9195] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 174.931191][ T9195] RBP: 00007f816f213f91 R08: 0000000000000000 R09: 0000000000000000 [ 174.931200][ T9195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.931208][ T9195] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 174.931226][ T9195] [ 175.788083][ T9225] nfs: Unknown parameter 'nl802154' [ 176.197680][ T9245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1478'. [ 176.561768][ T6205] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 177.750928][ T6205] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 177.758300][ T6205] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 177.773661][ T6205] Bluetooth: hci2: Dropping invalid advertising data [ 177.784583][ T6205] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 177.784605][ T6205] Bluetooth: hci2: Dropping invalid advertising data [ 177.798708][ T6205] Bluetooth: hci2: Malformed LE Event: 0x02 [ 178.193461][ T9344] delete_channel: no stack [ 178.413019][ T9354] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 179.404465][ T9401] FAULT_INJECTION: forcing a failure. [ 179.404465][ T9401] name failslab, interval 1, probability 0, space 0, times 0 [ 179.457488][ T9401] CPU: 0 UID: 0 PID: 9401 Comm: syz.2.1551 Tainted: G U syzkaller #0 PREEMPT(full) [ 179.457513][ T9401] Tainted: [U]=USER [ 179.457518][ T9401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 179.457526][ T9401] Call Trace: [ 179.457531][ T9401] [ 179.457539][ T9401] dump_stack_lvl+0x16c/0x1f0 [ 179.457568][ T9401] should_fail_ex+0x512/0x640 [ 179.457584][ T9401] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 179.457604][ T9401] should_failslab+0xc2/0x120 [ 179.457625][ T9401] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 179.457642][ T9401] ? __d_alloc+0x35/0xa80 [ 179.457658][ T9401] ? __d_alloc+0x35/0xa80 [ 179.457668][ T9401] __d_alloc+0x35/0xa80 [ 179.457678][ T9401] ? __ns_ref_active_get+0x96/0x1b0 [ 179.457699][ T9401] path_from_stashed+0x427/0x750 [ 179.457724][ T9401] open_namespace+0x8c/0x250 [ 179.457743][ T9401] ? __pfx_open_namespace+0x10/0x10 [ 179.457767][ T9401] open_related_ns+0x41/0x70 [ 179.457787][ T9401] __tun_chr_ioctl+0x1fae/0x4880 [ 179.457801][ T9401] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 179.457820][ T9401] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 179.457836][ T9401] ? hook_file_ioctl_common+0x144/0x410 [ 179.457858][ T9401] ? __fget_files+0x20e/0x3c0 [ 179.457879][ T9401] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 179.457894][ T9401] __x64_sys_ioctl+0x18e/0x210 [ 179.457911][ T9401] do_syscall_64+0xcd/0xf80 [ 179.457924][ T9401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.457938][ T9401] RIP: 0033:0x7fa02b58f7c9 [ 179.457949][ T9401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.457961][ T9401] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 179.457974][ T9401] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 179.457983][ T9401] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 179.457990][ T9401] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 179.457998][ T9401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.458005][ T9401] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 179.458023][ T9401] [ 179.815058][ T9415] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 179.915980][ T30] audit: type=1800 audit(1768380996.119:6): pid=9419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1560" name="lu_gp_id" dev="configfs" ino=21049 res=0 errno=0 [ 180.339693][ T6205] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 180.339715][ T6205] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 180.354759][ T6205] Bluetooth: hci0: Dropping invalid advertising data [ 180.365077][ T6205] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 180.365100][ T6205] Bluetooth: hci0: Dropping invalid advertising data [ 180.381281][ T6205] Bluetooth: hci0: Malformed LE Event: 0x02 [ 180.471831][ T9446] syz.3.1573 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 180.635445][ T9452] netlink: 'syz.1.1575': attribute type 1 has an invalid length. [ 181.530263][ T9495] netlink: 'syz.2.1595': attribute type 10 has an invalid length. [ 182.068340][ T9518] netlink: 'syz.2.1604': attribute type 1 has an invalid length. [ 182.086850][ T9520] FAULT_INJECTION: forcing a failure. [ 182.086850][ T9520] name failslab, interval 1, probability 0, space 0, times 0 [ 182.152804][ T9520] CPU: 0 UID: 0 PID: 9520 Comm: syz.1.1605 Tainted: G U syzkaller #0 PREEMPT(full) [ 182.152829][ T9520] Tainted: [U]=USER [ 182.152834][ T9520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 182.152842][ T9520] Call Trace: [ 182.152847][ T9520] [ 182.152853][ T9520] dump_stack_lvl+0x16c/0x1f0 [ 182.152878][ T9520] should_fail_ex+0x512/0x640 [ 182.152893][ T9520] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 182.152912][ T9520] should_failslab+0xc2/0x120 [ 182.152943][ T9520] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 182.152961][ T9520] ? __d_alloc+0x35/0xa80 [ 182.152977][ T9520] ? __d_alloc+0x35/0xa80 [ 182.152987][ T9520] __d_alloc+0x35/0xa80 [ 182.152998][ T9520] ? __pfx_from_vfsgid+0x10/0x10 [ 182.153016][ T9520] d_alloc_pseudo+0x1c/0xc0 [ 182.153031][ T9520] alloc_file_pseudo+0xcf/0x230 [ 182.153046][ T9520] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 182.153061][ T9520] ? hugetlbfs_get_inode+0x31f/0x700 [ 182.153077][ T9520] hugetlb_file_setup+0x4ce/0x620 [ 182.153093][ T9520] ksys_mmap_pgoff+0x189/0x5c0 [ 182.153114][ T9520] __x64_sys_mmap+0x125/0x190 [ 182.153130][ T9520] do_syscall_64+0xcd/0xf80 [ 182.153143][ T9520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.153157][ T9520] RIP: 0033:0x7f816f18f7c9 [ 182.153169][ T9520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.153184][ T9520] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 182.153198][ T9520] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 182.153207][ T9520] RDX: 00004000000000e3 RSI: 0000000000200004 RDI: 0000000000000000 [ 182.153215][ T9520] RBP: 00007f816f213f91 R08: 000000000000000d R09: 0000300000000000 [ 182.153224][ T9520] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 182.153232][ T9520] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 182.153251][ T9520] [ 182.514232][ T9529] netlink: 'syz.2.1609': attribute type 1 has an invalid length. [ 182.522970][ T9529] netlink: 33 bytes leftover after parsing attributes in process `syz.2.1609'. [ 182.613035][ T9534] netlink: 'syz.2.1611': attribute type 1 has an invalid length. [ 183.240819][ T9565] netlink: zone id is out of range [ 183.276915][ T9565] netlink: zone id is out of range [ 183.282055][ T9565] netlink: zone id is out of range [ 183.312143][ T9565] netlink: get zone limit has 4 unknown bytes [ 183.347751][ T9569] openvswitch: netlink: Flow actions attr not present in new flow. [ 184.048989][ T9609] netlink: Conntrack attr has 16 unknown bytes [ 184.380268][ T9627] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 186.533931][ T9729] tc_dump_action: action bad kind [ 187.176902][ T9764] nbd: illegal input index 37139 [ 187.904538][ T9800] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1736'. [ 188.175652][ T9815] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 189.787696][ T9898] openvswitch: netlink: Missing valid actions attribute. [ 189.945324][ T9905] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1786'. [ 190.061735][ T9911] FAULT_INJECTION: forcing a failure. [ 190.061735][ T9911] name failslab, interval 1, probability 0, space 0, times 0 [ 190.127826][ T9911] CPU: 0 UID: 0 PID: 9911 Comm: syz.1.1789 Tainted: G U syzkaller #0 PREEMPT(full) [ 190.127853][ T9911] Tainted: [U]=USER [ 190.127857][ T9911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 190.127865][ T9911] Call Trace: [ 190.127870][ T9911] [ 190.127876][ T9911] dump_stack_lvl+0x16c/0x1f0 [ 190.127902][ T9911] should_fail_ex+0x512/0x640 [ 190.127918][ T9911] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 190.127938][ T9911] should_failslab+0xc2/0x120 [ 190.127959][ T9911] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 190.127975][ T9911] ? __debug_object_init+0x2de/0x3d0 [ 190.127996][ T9911] ? sock_alloc_inode+0x25/0x1c0 [ 190.128018][ T9911] ? __pfx_sock_alloc_inode+0x10/0x10 [ 190.128044][ T9911] ? sock_alloc_inode+0x25/0x1c0 [ 190.128064][ T9911] sock_alloc_inode+0x25/0x1c0 [ 190.128084][ T9911] alloc_inode+0x64/0x240 [ 190.128100][ T9911] sock_alloc+0x40/0x280 [ 190.128119][ T9911] __sock_create+0xc2/0x8a0 [ 190.128132][ T9911] ? lockdep_init_map_type+0x5c/0x270 [ 190.128149][ T9911] smc_create+0x15d/0x2a0 [ 190.128168][ T9911] __sock_create+0x339/0x8a0 [ 190.128184][ T9911] __sys_socket+0x14d/0x260 [ 190.128196][ T9911] ? fput+0x70/0xf0 [ 190.128208][ T9911] ? __pfx___sys_socket+0x10/0x10 [ 190.128221][ T9911] ? xfd_validate_state+0x61/0x180 [ 190.128233][ T9911] ? __pfx_ksys_write+0x10/0x10 [ 190.128254][ T9911] __x64_sys_socket+0x72/0xb0 [ 190.128267][ T9911] ? lockdep_hardirqs_on+0x7c/0x110 [ 190.128287][ T9911] do_syscall_64+0xcd/0xf80 [ 190.128299][ T9911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.128313][ T9911] RIP: 0033:0x7f816f18f7c9 [ 190.128325][ T9911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.128337][ T9911] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 190.128350][ T9911] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 190.128358][ T9911] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b [ 190.128365][ T9911] RBP: 00007f816f213f91 R08: 0000000000000000 R09: 0000000000000000 [ 190.128373][ T9911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.128380][ T9911] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 190.128397][ T9911] [ 190.128406][ T9911] socket: no more sockets [ 190.863818][ T30] audit: type=1326 audit(1768381007.089:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9940 comm="syz.0.1805" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb3d458f7c9 code=0x0 [ 191.163255][ T9959] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 191.555088][ T9977] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 194.168875][T10115] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 194.906160][T10154] netlink: NAT attribute has 8 unknown bytes [ 195.139683][T10162] netlink: Failed to add  helper -22 [ 195.281193][T10174] netlink: 'syz.2.1916': attribute type 2 has an invalid length. [ 195.346808][T10178] netlink: 'syz.3.1918': attribute type 1 has an invalid length. [ 196.371936][T10221] &#$@\]\-: entered promiscuous mode [ 196.902426][T10243] netlink: 'syz.2.1946': attribute type 11 has an invalid length. [ 196.940899][T10243] netlink: 'syz.2.1946': attribute type 11 has an invalid length. [ 196.984348][T10243] netlink: 'syz.2.1946': attribute type 11 has an invalid length. [ 197.009845][T10243] netlink: 'syz.2.1946': attribute type 11 has an invalid length. [ 197.064630][T10242] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 197.705024][T10277] netlink: 'syz.1.1961': attribute type 8 has an invalid length. [ 198.020764][T10288] netlink: 206 bytes leftover after parsing attributes in process `syz.1.1966'. [ 199.484164][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.490564][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.683213][T10365] &#$@\]\-: entered promiscuous mode [ 199.831303][T10373] netlink: zone id is out of range [ 199.853459][T10373] netlink: zone id is out of range [ 199.876210][T10373] netlink: zone id is out of range [ 199.881337][T10373] netlink: zone id is out of range [ 199.922560][T10373] netlink: zone id is out of range [ 199.947985][T10373] netlink: zone id is out of range [ 199.977476][T10373] netlink: zone id is out of range [ 199.994492][T10373] netlink: zone id is out of range [ 200.024404][T10373] netlink: zone id is out of range [ 200.050130][T10373] netlink: zone id is out of range [ 200.061922][T10373] netlink: zone id is out of range [ 200.103269][T10373] netlink: zone id is out of range [ 200.118675][T10373] netlink: zone id is out of range [ 200.147902][T10373] netlink: zone id is out of range [ 200.733719][T10415] warning: `syz.2.2026' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 201.851594][T10475] netlink: 'syz.2.2055': attribute type 1 has an invalid length. [ 202.036507][T10485] binder: 10484:10485 ioctl 400c620e 0 returned -14 [ 203.054977][T10535] netlink: 'syz.2.2083': attribute type 1 has an invalid length. [ 203.247719][ T30] audit: type=1326 audit(1768381019.479:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz.3.2086" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fde1ad8f7c9 code=0x0 [ 205.420310][T10630] nbd: couldn't find a device at index 35644 [ 205.723165][T10649] netlink: 'syz.3.2136': attribute type 1 has an invalid length. [ 205.774254][T10649] netlink: 'syz.3.2136': attribute type 1 has an invalid length. [ 205.800272][T10649] netlink: 124 bytes leftover after parsing attributes in process `syz.3.2136'. [ 205.847037][T10649] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2136'. [ 206.241656][T10671] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2146'. [ 206.678636][ T6061] Bluetooth: hci3: command 0x0406 tx timeout [ 206.684701][ T6061] Bluetooth: hci1: command 0x0406 tx timeout [ 206.694527][ T6061] Bluetooth: hci2: command 0x0406 tx timeout [ 208.058150][T10744] netlink: 'syz.3.2178': attribute type 12 has an invalid length. [ 208.231748][T10747] net_ratelimit: 19 callbacks suppressed [ 208.231762][T10747] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 208.267376][T10751] binder: 10750:10751 ioctl c0306201 0 returned -14 [ 208.420253][ T30] audit: type=1800 audit(1768381024.639:9): pid=10756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2183" name="lu_gp_id" dev="configfs" ino=25717 res=0 errno=0 [ 210.194470][T10836] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2220'. [ 210.672121][T10855] openvswitch: netlink: Key type 261 is out of range max 32 [ 211.571246][T10890] netlink: 'syz.2.2246': attribute type 2 has an invalid length. [ 212.639527][T10925] netlink: zone id is out of range [ 212.644660][T10925] netlink: zone id is out of range [ 212.686001][T10925] netlink: zone id is out of range [ 212.712741][T10925] netlink: zone id is out of range [ 212.731590][T10925] netlink: zone id is out of range [ 212.758908][T10925] netlink: zone id is out of range [ 212.786053][T10925] netlink: zone id is out of range [ 212.796354][T10925] netlink: zone id is out of range [ 213.567294][T10950] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 214.105766][T10971] netlink: 'syz.2.2283': attribute type 2 has an invalid length. [ 214.142338][T10971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2283'. [ 214.318617][T10978] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 214.445960][T10978] CIFS mount error: No usable UNC path provided in device string! [ 214.445960][T10978] [ 214.486040][T10978] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 215.686488][T11026] netlink: 'syz.0.2307': attribute type 11 has an invalid length. [ 215.791234][T11026] netlink: 'syz.0.2307': attribute type 11 has an invalid length. [ 215.853073][T11030] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 215.875468][T11026] netlink: 'syz.0.2307': attribute type 11 has an invalid length. [ 216.298332][T11044] net_ratelimit: 49 callbacks suppressed [ 216.298364][T11044] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 216.606416][T11054] nvme_fcloop: unknown parameter or missing value '' [ 216.802025][T11007] udevd[11007]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 216.904115][T11065] netlink: ct_mark mask cannot be 0 [ 217.640526][T11084] netlink: 'syz.3.2332': attribute type 1 has an invalid length. [ 219.710101][T11152] NFSD: Failed to start, no listeners configured. [ 222.694199][T11266] netlink: 'syz.0.2417': attribute type 1 has an invalid length. [ 223.920892][T11320] random: crng reseeded on system resumption [ 224.029299][T11325] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 224.140307][T11329] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 224.587286][T11351] random: crng reseeded on system resumption [ 224.635699][T11353] openvswitch: netlink: Key type 29 is not supported [ 225.378079][T11383] random: crng reseeded on system resumption [ 225.929481][T11399] NFSD: Failed to start, no listeners configured. [ 227.796274][T11486] netlink: 'syz.2.2517': attribute type 2 has an invalid length. [ 230.053792][T11589] NFSD: Failed to start, no listeners configured. syzkaller syzkaller login: [ 230.766330][T11626] MTRR 1 not used [ 230.973504][T11634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2587'. [ 231.067761][T11640] capability: warning: `syz.3.2590' uses 32-bit capabilities (legacy support in use) [ 231.170834][T11643] netlink: get zone limit has 8 unknown bytes [ 231.867993][T11679] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 232.067301][T11690] openvswitch: netlink: Duplicate key (type 15). [ 232.176167][T11694] sctp: [Deprecated]: syz.2.2616 (pid 11694) Use of int in max_burst socket option deprecated. [ 232.176167][T11694] Use struct sctp_assoc_value instead [ 232.354620][ T6100] Bluetooth: hci3: unexpected event 0x2c length: 42 > 17 [ 232.727395][T11726] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2631'. [ 232.848861][T11730] FAULT_INJECTION: forcing a failure. [ 232.848861][T11730] name failslab, interval 1, probability 0, space 0, times 0 [ 232.913451][T11730] CPU: 0 UID: 0 PID: 11730 Comm: syz.3.2633 Tainted: G U syzkaller #0 PREEMPT(full) [ 232.913477][T11730] Tainted: [U]=USER [ 232.913481][T11730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 232.913489][T11730] Call Trace: [ 232.913494][T11730] [ 232.913501][T11730] dump_stack_lvl+0x16c/0x1f0 [ 232.913527][T11730] should_fail_ex+0x512/0x640 [ 232.913543][T11730] ? __kmalloc_cache_noprof+0x5f/0x800 [ 232.913560][T11730] should_failslab+0xc2/0x120 [ 232.913581][T11730] __kmalloc_cache_noprof+0x80/0x800 [ 232.913596][T11730] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 232.913616][T11730] ? sctp_endpoint_new+0xfc/0xb20 [ 232.913631][T11730] ? sctp_endpoint_new+0xfc/0xb20 [ 232.913643][T11730] sctp_endpoint_new+0xfc/0xb20 [ 232.913657][T11730] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 232.913670][T11730] ? lockdep_init_map_type+0x5c/0x270 [ 232.913684][T11730] ? lockdep_init_map_type+0x5c/0x270 [ 232.913700][T11730] sctp_init_sock+0xe2b/0x1310 [ 232.913719][T11730] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 232.913740][T11730] sctp_v6_init_sock+0x16/0x70 [ 232.913758][T11730] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 232.913777][T11730] inet6_create+0xb30/0x12b0 [ 232.913799][T11730] ? inet6_create+0x7f/0x12b0 [ 232.913820][T11730] __sock_create+0x339/0x8a0 [ 232.913838][T11730] __sys_socket+0x14d/0x260 [ 232.913851][T11730] ? fput+0x70/0xf0 [ 232.913864][T11730] ? __pfx___sys_socket+0x10/0x10 [ 232.913877][T11730] ? xfd_validate_state+0x61/0x180 [ 232.913889][T11730] ? __pfx_ksys_write+0x10/0x10 [ 232.913910][T11730] __x64_sys_socket+0x72/0xb0 [ 232.913932][T11730] ? lockdep_hardirqs_on+0x7c/0x110 [ 232.913953][T11730] do_syscall_64+0xcd/0xf80 [ 232.913967][T11730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.913981][T11730] RIP: 0033:0x7fde1ad8f7c9 [ 232.913993][T11730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.914005][T11730] RSP: 002b:00007fde1bd06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 232.914018][T11730] RAX: ffffffffffffffda RBX: 00007fde1afe5fa0 RCX: 00007fde1ad8f7c9 [ 232.914027][T11730] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 232.914034][T11730] RBP: 00007fde1ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 232.914041][T11730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.914049][T11730] R13: 00007fde1afe6038 R14: 00007fde1afe5fa0 R15: 00007ffcc797e548 [ 232.914067][T11730] [ 233.200966][T11736] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3) [ 233.670919][T11762] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 234.253922][T11789] FAULT_INJECTION: forcing a failure. [ 234.253922][T11789] name failslab, interval 1, probability 0, space 0, times 0 [ 234.308945][T11789] CPU: 0 UID: 0 PID: 11789 Comm: syz.3.2660 Tainted: G U syzkaller #0 PREEMPT(full) [ 234.308969][T11789] Tainted: [U]=USER [ 234.308974][T11789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 234.308982][T11789] Call Trace: [ 234.308987][T11789] [ 234.308993][T11789] dump_stack_lvl+0x16c/0x1f0 [ 234.309029][T11789] should_fail_ex+0x512/0x640 [ 234.309045][T11789] ? __kmalloc_cache_noprof+0x5f/0x800 [ 234.309064][T11789] should_failslab+0xc2/0x120 [ 234.309084][T11789] __kmalloc_cache_noprof+0x80/0x800 [ 234.309099][T11789] ? watch_queue_init+0x45/0x170 [ 234.309118][T11789] ? watch_queue_init+0x45/0x170 [ 234.309132][T11789] watch_queue_init+0x45/0x170 [ 234.309148][T11789] create_pipe_files+0x67f/0x9a0 [ 234.309170][T11789] do_pipe2+0xaf/0x1c0 [ 234.309188][T11789] ? __pfx_do_pipe2+0x10/0x10 [ 234.309208][T11789] ? xfd_validate_state+0x61/0x180 [ 234.309225][T11789] __x64_sys_pipe2+0x54/0x80 [ 234.309244][T11789] do_syscall_64+0xcd/0xf80 [ 234.309258][T11789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.309271][T11789] RIP: 0033:0x7fde1ad8f7c9 [ 234.309283][T11789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.309295][T11789] RSP: 002b:00007fde1bd06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 234.309307][T11789] RAX: ffffffffffffffda RBX: 00007fde1afe5fa0 RCX: 00007fde1ad8f7c9 [ 234.309316][T11789] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000 [ 234.309323][T11789] RBP: 00007fde1ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 234.309331][T11789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.309338][T11789] R13: 00007fde1afe6038 R14: 00007fde1afe5fa0 R15: 00007ffcc797e548 [ 234.309356][T11789] [ 234.601220][T11798] nbd: couldn't find device at index 33904 [ 234.641577][T11800] netlink: 'syz.3.2669': attribute type 1 has an invalid length. [ 234.757773][T11806] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2665'. [ 234.796831][T11808] netlink: ct family unspecified [ 234.866036][T11812] MTRR 1 not used [ 235.180862][T11829] openvswitch: netlink: IP tunnel dst address not specified [ 236.838538][T11911] openvswitch: netlink: IP tunnel dst address not specified [ 237.059611][T11924] nbd: must specify an index to disconnect [ 237.439098][T11941] : entered promiscuous mode [ 237.472348][T11942] delete_channel: no stack [ 238.189018][T11980] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 18 [ 242.527053][T12196] CPU: 0 UID: 0 PID: 12196 Comm: syz.2.2852 Tainted: G U syzkaller #0 PREEMPT(full) [ 242.527078][T12196] Tainted: [U]=USER [ 242.527082][T12196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 242.527101][T12196] Call Trace: [ 242.527106][T12196] [ 242.527112][T12196] dump_stack_lvl+0x16c/0x1f0 [ 242.527139][T12196] should_fail_ex+0x512/0x640 [ 242.527155][T12196] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 242.527174][T12196] should_failslab+0xc2/0x120 [ 242.527194][T12196] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 242.527212][T12196] ? __d_alloc+0x35/0xa80 [ 242.527228][T12196] ? __d_alloc+0x35/0xa80 [ 242.527238][T12196] __d_alloc+0x35/0xa80 [ 242.527248][T12196] ? bpf_lsm_inode_permission+0x9/0x10 [ 242.527265][T12196] d_alloc+0x4a/0x1e0 [ 242.527278][T12196] vfs_tmpfile+0x148/0x9b0 [ 242.527301][T12196] path_openat+0x1936/0x3140 [ 242.527318][T12196] ? do_syscall_64+0xcd/0xf80 [ 242.527329][T12196] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.527348][T12196] ? __pfx_path_openat+0x10/0x10 [ 242.527370][T12196] ? __lock_acquire+0x436/0x2890 [ 242.527385][T12196] do_filp_open+0x20b/0x470 [ 242.527404][T12196] ? __pfx_do_filp_open+0x10/0x10 [ 242.527436][T12196] ? _raw_spin_unlock+0x28/0x50 [ 242.527453][T12196] ? alloc_fd+0x471/0x7d0 [ 242.527477][T12196] do_sys_openat2+0x121/0x290 [ 242.527492][T12196] ? __pfx_do_sys_openat2+0x10/0x10 [ 242.527513][T12196] __x64_sys_open+0x153/0x1e0 [ 242.527528][T12196] ? __pfx___x64_sys_open+0x10/0x10 [ 242.527546][T12196] ? rcu_is_watching+0x12/0xc0 [ 242.527565][T12196] do_syscall_64+0xcd/0xf80 [ 242.527578][T12196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.527594][T12196] RIP: 0033:0x7fa02b58f7c9 [ 242.527606][T12196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.527618][T12196] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 242.527631][T12196] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 242.527640][T12196] RDX: 0000000000000408 RSI: 0000000000591002 RDI: 0000200000000100 [ 242.527649][T12196] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 242.527657][T12196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.527665][T12196] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 242.527684][T12196] [ 243.253396][T12221] [U] ^\ [ 243.887553][T12252] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2878'. [ 243.908943][T12253] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 244.418283][T12276] netlink: 'syz.1.2891': attribute type 1 has an invalid length. [ 245.811671][T12346] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 246.034932][T12356] netlink: 'syz.0.2930': attribute type 11 has an invalid length. [ 246.058708][T12356] netlink: 'syz.0.2930': attribute type 11 has an invalid length. [ 246.075930][T12356] netlink: 'syz.0.2930': attribute type 11 has an invalid length. [ 246.251700][T12367] openvswitch: netlink: IP tunnel TTL not specified. [ 246.817039][T12395] netlink: 'syz.0.2948': attribute type 1 has an invalid length. [ 248.522093][T12465] tc_dump_action: action bad kind [ 250.095217][T12538] nbd: must specify a device to reconfigure [ 250.626824][ T6100] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 251.240991][T12584] input input11: cannot allocate more than FF_MAX_EFFECTS effects [ 251.288411][T12586] openvswitch: netlink: Multiple metadata blocks provided [ 251.493131][T12594] netlink: 'syz.0.3039': attribute type 4 has an invalid length. [ 251.530648][T12594] netlink: 'syz.0.3039': attribute type 1 has an invalid length. [ 251.866840][T12611] openvswitch: netlink: Flow key attr not present in new flow. [ 252.290359][T12631] openvswitch: netlink: Key 15 has unexpected len 16 expected 4 [ 253.404678][T12677] FAULT_INJECTION: forcing a failure. [ 253.404678][T12677] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 253.466298][T12677] CPU: 0 UID: 0 PID: 12677 Comm: syz.0.3078 Tainted: G U syzkaller #0 PREEMPT(full) [ 253.466323][T12677] Tainted: [U]=USER [ 253.466328][T12677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 253.466337][T12677] Call Trace: [ 253.466342][T12677] [ 253.466348][T12677] dump_stack_lvl+0x16c/0x1f0 [ 253.466374][T12677] should_fail_ex+0x512/0x640 [ 253.466393][T12677] should_fail_alloc_page+0xe7/0x130 [ 253.466416][T12677] prepare_alloc_pages+0x401/0x670 [ 253.466436][T12677] ? kernel_text_address+0x8d/0x100 [ 253.466453][T12677] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 253.466477][T12677] ? stack_trace_save+0x8e/0xc0 [ 253.466497][T12677] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 253.466514][T12677] ? trace_mm_page_alloc+0x11b/0x180 [ 253.466537][T12677] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 253.466551][T12677] ? __pmd_alloc+0xbf/0x9c0 [ 253.466569][T12677] ? __handle_mm_fault+0xbeb/0x2bb0 [ 253.466582][T12677] ? handle_mm_fault+0x3fe/0xad0 [ 253.466596][T12677] ? __get_user_pages+0x54e/0x3590 [ 253.466614][T12677] ? populate_vma_page_range+0x267/0x3f0 [ 253.466632][T12677] ? __mm_populate+0x1d8/0x380 [ 253.466650][T12677] ? vm_mmap_pgoff+0x37f/0x470 [ 253.466666][T12677] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 253.466683][T12677] ? __x64_sys_mmap+0x125/0x190 [ 253.466695][T12677] ? do_syscall_64+0xcd/0xf80 [ 253.466706][T12677] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.466719][T12677] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 253.466740][T12677] ? policy_nodemask+0xea/0x4e0 [ 253.466760][T12677] alloc_pages_mpol+0x1fb/0x550 [ 253.466780][T12677] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 253.466805][T12677] alloc_pages_noprof+0x131/0x390 [ 253.466824][T12677] pte_alloc_one+0x1e/0x3d0 [ 253.466843][T12677] __pte_alloc+0x6d/0x3f0 [ 253.466860][T12677] ? __pfx___pte_alloc+0x10/0x10 [ 253.466878][T12677] ? do_raw_spin_lock+0x12c/0x2b0 [ 253.466893][T12677] ? find_held_lock+0x2b/0x80 [ 253.466910][T12677] do_anonymous_page+0x1092/0x2190 [ 253.466924][T12677] ? do_raw_spin_unlock+0x172/0x230 [ 253.466949][T12677] ? _raw_spin_unlock+0x28/0x50 [ 253.466969][T12677] ? __pmd_alloc+0x6aa/0x9c0 [ 253.466992][T12677] __handle_mm_fault+0x1ecf/0x2bb0 [ 253.467012][T12677] ? __pfx___handle_mm_fault+0x10/0x10 [ 253.467042][T12677] handle_mm_fault+0x3fe/0xad0 [ 253.467060][T12677] __get_user_pages+0x54e/0x3590 [ 253.467087][T12677] ? __pfx___get_user_pages+0x10/0x10 [ 253.467111][T12677] populate_vma_page_range+0x267/0x3f0 [ 253.467132][T12677] ? __pfx_populate_vma_page_range+0x10/0x10 [ 253.467151][T12677] ? __pfx_find_vma_intersection+0x10/0x10 [ 253.467171][T12677] ? do_mmap+0x69c/0x1210 [ 253.467191][T12677] __mm_populate+0x1d8/0x380 [ 253.467211][T12677] ? __pfx___mm_populate+0x10/0x10 [ 253.467232][T12677] ? up_write+0x282/0x4e0 [ 253.467248][T12677] vm_mmap_pgoff+0x37f/0x470 [ 253.467268][T12677] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 253.467290][T12677] ? __x64_sys_futex+0x1e0/0x4c0 [ 253.467304][T12677] ? __x64_sys_futex+0x1e9/0x4c0 [ 253.467321][T12677] ksys_mmap_pgoff+0x7d/0x5c0 [ 253.467338][T12677] ? xfd_validate_state+0x61/0x180 [ 253.467350][T12677] ? __pfx_ksys_write+0x10/0x10 [ 253.467370][T12677] __x64_sys_mmap+0x125/0x190 [ 253.467386][T12677] do_syscall_64+0xcd/0xf80 [ 253.467399][T12677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.467412][T12677] RIP: 0033:0x7fb3d458f7c9 [ 253.467424][T12677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.467436][T12677] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 253.467449][T12677] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 253.467458][T12677] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 253.467466][T12677] RBP: 00007fb3d4613f91 R08: 0000000000000002 R09: 0000000000008000 [ 253.467474][T12677] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 253.467482][T12677] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 253.467500][T12677] [ 254.597362][T12711] netlink: set zone limit has 8 unknown bytes [ 254.615026][T12713] netlink: 'syz.2.3096': attribute type 11 has an invalid length. [ 254.633272][T12713] netlink: 'syz.2.3096': attribute type 11 has an invalid length. [ 255.199011][T12744] FAULT_INJECTION: forcing a failure. [ 255.199011][T12744] name failslab, interval 1, probability 0, space 0, times 0 [ 255.276527][T12744] CPU: 0 UID: 0 PID: 12744 Comm: syz.0.3111 Tainted: G U syzkaller #0 PREEMPT(full) [ 255.276553][T12744] Tainted: [U]=USER [ 255.276558][T12744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 255.276566][T12744] Call Trace: [ 255.276571][T12744] [ 255.276577][T12744] dump_stack_lvl+0x16c/0x1f0 [ 255.276611][T12744] should_fail_ex+0x512/0x640 [ 255.276626][T12744] ? kmem_cache_alloc_noprof+0x62/0x770 [ 255.276645][T12744] should_failslab+0xc2/0x120 [ 255.276665][T12744] kmem_cache_alloc_noprof+0x83/0x770 [ 255.276681][T12744] ? alloc_empty_file+0x55/0x1e0 [ 255.276699][T12744] ? alloc_empty_file+0x55/0x1e0 [ 255.276713][T12744] alloc_empty_file+0x55/0x1e0 [ 255.276735][T12744] alloc_file_pseudo+0x13a/0x230 [ 255.276751][T12744] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 255.276766][T12744] ? security_inode_init_security_anon+0x79/0x240 [ 255.276786][T12744] __anon_inode_getfile+0xe8/0x280 [ 255.276803][T12744] new_userfaultfd+0x260/0x490 [ 255.276822][T12744] __x64_sys_userfaultfd+0x4b/0xb0 [ 255.276840][T12744] do_syscall_64+0xcd/0xf80 [ 255.276853][T12744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.276867][T12744] RIP: 0033:0x7fb3d458f7c9 [ 255.276878][T12744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.276890][T12744] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 255.276903][T12744] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 255.276911][T12744] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 255.276919][T12744] RBP: 00007fb3d4613f91 R08: 0000000000000000 R09: 0000000000000000 [ 255.276927][T12744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.276934][T12744] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 255.276952][T12744] [ 256.035582][ T6100] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 256.380186][ T6100] Bluetooth: hci3: unexpected subevent 0x18 length: 123 > 19 [ 256.392800][ T6100] Bluetooth: hci3: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 256.893470][T12813] netlink: 148 bytes leftover after parsing attributes in process `syz.1.3143'. syzkaller syzkaller login: [ 257.685319][T12850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3160'. [ 257.860618][ T6100] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 257.876908][T12859] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3163'. [ 257.929922][T12862] netlink: 'syz.0.3164': attribute type 11 has an invalid length. [ 258.055181][T12868] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 258.537750][T12888] synth uevent: /module/orangefs: unknown uevent action string [ 258.586026][T12892] netlink: 'syz.1.3178': attribute type 11 has an invalid length. [ 258.753075][T12898] NFSD: Failed to start, no listeners configured. [ 258.827827][T12903] .^: entered promiscuous mode [ 259.715106][T12942] openvswitch: netlink: IP tunnel dst address not specified [ 260.308921][T12976] __vm_enough_memory: pid: 12976, comm: syz.2.3220, bytes: 4398046511104 not enough memory for the allocation [ 260.813732][T13005] nfsd: Unknown parameter '*' [ 260.923552][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.923607][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.155759][T13013] FAULT_INJECTION: forcing a failure. [ 261.155759][T13013] name failslab, interval 1, probability 0, space 0, times 0 [ 261.202070][T13013] CPU: 0 UID: 0 PID: 13013 Comm: syz.2.3236 Tainted: G U L syzkaller #0 PREEMPT(full) [ 261.202104][T13013] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 261.202110][T13013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 261.202120][T13013] Call Trace: [ 261.202126][T13013] [ 261.202132][T13013] dump_stack_lvl+0x16c/0x1f0 [ 261.202158][T13013] should_fail_ex+0x512/0x640 [ 261.202173][T13013] ? __kmalloc_cache_noprof+0x5f/0x800 [ 261.202190][T13013] should_failslab+0xc2/0x120 [ 261.202211][T13013] __kmalloc_cache_noprof+0x80/0x800 [ 261.202225][T13013] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 261.202245][T13013] ? sctp_endpoint_new+0xfc/0xb20 [ 261.202260][T13013] ? sctp_endpoint_new+0xfc/0xb20 [ 261.202272][T13013] sctp_endpoint_new+0xfc/0xb20 [ 261.202286][T13013] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 261.202298][T13013] ? lockdep_init_map_type+0x5c/0x270 [ 261.202313][T13013] ? lockdep_init_map_type+0x5c/0x270 [ 261.202328][T13013] sctp_init_sock+0xe2b/0x1310 [ 261.202348][T13013] ? __pfx_sctp_init_sock+0x10/0x10 [ 261.202367][T13013] inet_create+0x939/0x1040 [ 261.202384][T13013] ? inet_create+0x93/0x1040 [ 261.202402][T13013] __sock_create+0x339/0x8a0 [ 261.202419][T13013] __sys_socket+0x14d/0x260 [ 261.202433][T13013] ? fput+0x70/0xf0 [ 261.202446][T13013] ? __pfx___sys_socket+0x10/0x10 [ 261.202459][T13013] ? xfd_validate_state+0x61/0x180 [ 261.202470][T13013] ? __pfx_ksys_write+0x10/0x10 [ 261.202492][T13013] __x64_sys_socket+0x72/0xb0 [ 261.202504][T13013] ? lockdep_hardirqs_on+0x7c/0x110 [ 261.202524][T13013] do_syscall_64+0xcd/0xf80 [ 261.202536][T13013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.202550][T13013] RIP: 0033:0x7fa02b58f7c9 [ 261.202561][T13013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.202573][T13013] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 261.202586][T13013] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 261.202594][T13013] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 261.202602][T13013] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 261.202609][T13013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.202616][T13013] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 261.202634][T13013] [ 262.006160][T13030] NFSD: Failed to start, no listeners configured. [ 262.750638][T13069] openvswitch: netlink: Message has 4 unknown bytes. [ 262.999059][ T6100] Bluetooth: hci0: command 0x0406 tx timeout [ 263.337495][T13097] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 263.638272][T13114] NFSD: Failed to start, no listeners configured. [ 263.681789][T13117] netlink: 'syz.0.3285': attribute type 1 has an invalid length. [ 263.701928][T13117] nbd: error processing sock list [ 264.597491][T13158] : entered promiscuous mode [ 264.728784][T13165] netlink: 'syz.0.3308': attribute type 2 has an invalid length. [ 264.768489][T13166] netlink: 'syz.1.3306': attribute type 1 has an invalid length. [ 264.867273][T13170] dlm: non-version read from control device 1 [ 265.313910][T13187] NFSD: Failed to start, no listeners configured. [ 266.686758][T13253] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 267.097792][T13272] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3359'. [ 267.136479][T13272] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3359'. [ 268.586604][T13339] bridge0: port 3(veth1_macvtap) entered blocking state [ 268.663933][T13339] bridge0: port 3(veth1_macvtap) entered disabled state [ 268.717334][T13339] veth1_macvtap: entered allmulticast mode [ 268.781151][T13339] veth1_macvtap: left allmulticast mode [ 270.907852][T13442] netlink: 'syz.3.3440': attribute type 2 has an invalid length. [ 271.867475][T13479] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3454'. [ 271.916312][T13479] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3454'. [ 272.173440][T13490] FAULT_INJECTION: forcing a failure. [ 272.173440][T13490] name failslab, interval 1, probability 0, space 0, times 0 [ 272.231936][T13490] CPU: 0 UID: 0 PID: 13490 Comm: syz.2.3460 Tainted: G U L syzkaller #0 PREEMPT(full) [ 272.231964][T13490] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 272.231969][T13490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 272.231976][T13490] Call Trace: [ 272.231982][T13490] [ 272.231987][T13490] dump_stack_lvl+0x16c/0x1f0 [ 272.232036][T13490] should_fail_ex+0x512/0x640 [ 272.232058][T13490] ? __kvmalloc_node_noprof+0x129/0xa40 [ 272.232080][T13490] should_failslab+0xc2/0x120 [ 272.232101][T13490] __kvmalloc_node_noprof+0x14a/0xa40 [ 272.232121][T13490] ? io_uring_setup+0x2f1/0x1f80 [ 272.232143][T13490] ? io_uring_setup+0x2f1/0x1f80 [ 272.232158][T13490] io_uring_setup+0x2f1/0x1f80 [ 272.232177][T13490] ? __pfx_io_uring_setup+0x10/0x10 [ 272.232195][T13490] ? do_futex+0x122/0x350 [ 272.232210][T13490] ? __pfx_do_futex+0x10/0x10 [ 272.232234][T13490] ? xfd_validate_state+0x61/0x180 [ 272.232246][T13490] ? __task_pid_nr_ns+0x1f5/0x500 [ 272.232262][T13490] __x64_sys_io_uring_setup+0xc2/0x170 [ 272.232280][T13490] do_syscall_64+0xcd/0xf80 [ 272.232293][T13490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.232307][T13490] RIP: 0033:0x7fa02b58f7c9 [ 272.232318][T13490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.232331][T13490] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 272.232344][T13490] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 272.232353][T13490] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 272.232360][T13490] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 272.232368][T13490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.232375][T13490] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 272.232392][T13490] [ 273.171790][T13527] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3477'. [ 273.365845][ T30] audit: type=1807 audit(1768446626.584:11): UNKNOWN= [ 273.366021][ T30] audit: type=1802 audit(1768446626.584:12): pid=13529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.3478" res=0 errno=0 [ 273.476854][T13528] ima: policy update failed [ 273.625600][T13543] FAULT_INJECTION: forcing a failure. [ 273.625600][T13543] name failslab, interval 1, probability 0, space 0, times 0 [ 273.684895][T13543] CPU: 0 UID: 0 PID: 13543 Comm: syz.0.3482 Tainted: G U L syzkaller #0 PREEMPT(full) [ 273.684932][T13543] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 273.684937][T13543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 273.684945][T13543] Call Trace: [ 273.684950][T13543] [ 273.684955][T13543] dump_stack_lvl+0x16c/0x1f0 [ 273.684982][T13543] should_fail_ex+0x512/0x640 [ 273.684998][T13543] ? kmem_cache_alloc_noprof+0x62/0x770 [ 273.685017][T13543] should_failslab+0xc2/0x120 [ 273.685037][T13543] kmem_cache_alloc_noprof+0x83/0x770 [ 273.685053][T13543] ? __mpol_dup+0x74/0x380 [ 273.685070][T13543] ? __mpol_dup+0x74/0x380 [ 273.685080][T13543] __mpol_dup+0x74/0x380 [ 273.685092][T13543] ? __pfx___mpol_dup+0x10/0x10 [ 273.685105][T13543] ? sp_alloc+0x27/0x160 [ 273.685121][T13543] sp_alloc+0x4d/0x160 [ 273.685134][T13543] mpol_set_shared_policy+0xab/0x8c0 [ 273.685151][T13543] ? __pfx_shmem_set_policy+0x10/0x10 [ 273.685169][T13543] mbind_range+0x339/0x570 [ 273.685184][T13543] do_mbind+0x83a/0xf20 [ 273.685203][T13543] ? __pfx_do_mbind+0x10/0x10 [ 273.685226][T13543] ? __pfx_get_nodes+0x10/0x10 [ 273.685248][T13543] kernel_mbind+0x1e3/0x1f0 [ 273.685263][T13543] ? __pfx_kernel_mbind+0x10/0x10 [ 273.685282][T13543] do_syscall_64+0xcd/0xf80 [ 273.685295][T13543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.685309][T13543] RIP: 0033:0x7fb3d458f7c9 [ 273.685320][T13543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.685332][T13543] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 273.685344][T13543] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 273.685353][T13543] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 273.685360][T13543] RBP: 00007fb3d4613f91 R08: 0000000000000006 R09: 0000000000000002 [ 273.685368][T13543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.685375][T13543] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 273.685393][T13543] [ 274.144236][ T30] audit: type=1802 audit(1768446626.704:13): pid=13528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3478" res=0 errno=0 [ 274.389594][ T30] audit: type=1326 audit(1768446627.614:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13564 comm="syz.0.3495" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb3d458f7c9 code=0x0 [ 275.059046][T13590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3505'. [ 275.858604][T13631] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3524'. [ 275.927668][T13635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3526'. [ 277.331737][T13700] futex_wake_op: syz.2.3556 tries to shift op by -2048; fix this program [ 277.374088][T13700] futex_wake_op: syz.2.3556 tries to shift op by -2048; fix this program [ 278.553570][T13732] ovs_: entered promiscuous mode [ 279.847848][T13784] FAULT_INJECTION: forcing a failure. [ 279.847848][T13784] name failslab, interval 1, probability 0, space 0, times 0 [ 279.918010][T13784] CPU: 0 UID: 0 PID: 13784 Comm: syz.2.3593 Tainted: G U L syzkaller #0 PREEMPT(full) [ 279.918036][T13784] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 279.918041][T13784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 279.918049][T13784] Call Trace: [ 279.918054][T13784] [ 279.918061][T13784] dump_stack_lvl+0x16c/0x1f0 [ 279.918088][T13784] should_fail_ex+0x512/0x640 [ 279.918103][T13784] ? kmem_cache_alloc_noprof+0x62/0x770 [ 279.918123][T13784] should_failslab+0xc2/0x120 [ 279.918143][T13784] kmem_cache_alloc_noprof+0x83/0x770 [ 279.918158][T13784] ? security_inode_alloc+0x3b/0x2b0 [ 279.918172][T13784] ? sk_prot_alloc+0x60/0x2a0 [ 279.918195][T13784] ? sk_prot_alloc+0x60/0x2a0 [ 279.918214][T13784] sk_prot_alloc+0x60/0x2a0 [ 279.918235][T13784] sk_alloc+0x36/0xe30 [ 279.918252][T13784] rxrpc_create+0x116/0x8d0 [ 279.918272][T13784] __sock_create+0x339/0x8a0 [ 279.918288][T13784] __sys_socket+0x14d/0x260 [ 279.918310][T13784] ? fput+0x70/0xf0 [ 279.918323][T13784] ? __pfx___sys_socket+0x10/0x10 [ 279.918337][T13784] ? xfd_validate_state+0x61/0x180 [ 279.918354][T13784] __x64_sys_socket+0x72/0xb0 [ 279.918366][T13784] ? lockdep_hardirqs_on+0x7c/0x110 [ 279.918387][T13784] do_syscall_64+0xcd/0xf80 [ 279.918402][T13784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.918416][T13784] RIP: 0033:0x7fa02b58f7c9 [ 279.918426][T13784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.918439][T13784] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 279.918451][T13784] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 279.918459][T13784] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021 [ 279.918467][T13784] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 279.918475][T13784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 279.918482][T13784] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 279.918499][T13784] [ 282.906430][T13910] FAULT_INJECTION: forcing a failure. [ 282.906430][T13910] name failslab, interval 1, probability 0, space 0, times 0 [ 282.965243][T13910] CPU: 0 UID: 0 PID: 13910 Comm: syz.0.3647 Tainted: G U L syzkaller #0 PREEMPT(full) [ 282.965271][T13910] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 282.965276][T13910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 282.965284][T13910] Call Trace: [ 282.965289][T13910] [ 282.965295][T13910] dump_stack_lvl+0x16c/0x1f0 [ 282.965321][T13910] should_fail_ex+0x512/0x640 [ 282.965337][T13910] ? __kmalloc_noprof+0xca/0x910 [ 282.965354][T13910] should_failslab+0xc2/0x120 [ 282.965374][T13910] __kmalloc_noprof+0xeb/0x910 [ 282.965388][T13910] ? lsm_blob_alloc+0x68/0x90 [ 282.965410][T13910] ? lsm_blob_alloc+0x68/0x90 [ 282.965427][T13910] lsm_blob_alloc+0x68/0x90 [ 282.965446][T13910] security_sk_alloc+0x2f/0x270 [ 282.965460][T13910] sk_prot_alloc+0x1c7/0x2a0 [ 282.965483][T13910] sk_alloc+0x36/0xe30 [ 282.965499][T13910] mctp_pf_create+0xe8/0x360 [ 282.965520][T13910] __sock_create+0x339/0x8a0 [ 282.965536][T13910] __sys_socket+0x14d/0x260 [ 282.965549][T13910] ? __pfx___sys_socket+0x10/0x10 [ 282.965562][T13910] ? xfd_validate_state+0x61/0x180 [ 282.965574][T13910] ? __pfx_ksys_write+0x10/0x10 [ 282.965595][T13910] __x64_sys_socket+0x72/0xb0 [ 282.965607][T13910] ? lockdep_hardirqs_on+0x7c/0x110 [ 282.965627][T13910] do_syscall_64+0xcd/0xf80 [ 282.965640][T13910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.965653][T13910] RIP: 0033:0x7fb3d458f7c9 [ 282.965665][T13910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.965678][T13910] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 282.965691][T13910] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 282.965699][T13910] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d [ 282.965707][T13910] RBP: 00007fb3d4613f91 R08: 0000000000000000 R09: 0000000000000000 [ 282.965714][T13910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.965721][T13910] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 282.965739][T13910] [ 283.197278][T13913] overlayfs: missing 'lowerdir' [ 283.264600][T13915] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3650'. [ 283.317982][T13919] netlink: 'syz.1.3651': attribute type 1 has an invalid length. [ 284.089224][T13937] ima: policy update failed [ 284.098321][ T30] audit: type=1807 audit(2147483654.110:15): UNKNOWN= [ 284.098741][ T30] audit: type=1802 audit(2147483654.110:16): pid=13938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.3659" res=0 errno=0 [ 284.514209][T13962] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3670'. [ 284.686587][ T30] audit: type=1802 audit(2147483654.250:17): pid=13937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.3659" res=0 errno=0 [ 285.197634][T13991] futex_wake_op: syz.3.3682 tries to shift op by -2048; fix this program [ 285.231037][T13991] futex_wake_op: syz.3.3682 tries to shift op by -2048; fix this program [ 285.753432][T14020] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3695'. [ 287.386520][T14075] FAULT_INJECTION: forcing a failure. [ 287.386520][T14075] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.457142][T14075] CPU: 0 UID: 0 PID: 14075 Comm: syz.1.3719 Tainted: G U L syzkaller #0 PREEMPT(full) [ 287.457168][T14075] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 287.457174][T14075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 287.457182][T14075] Call Trace: [ 287.457187][T14075] [ 287.457193][T14075] dump_stack_lvl+0x16c/0x1f0 [ 287.457219][T14075] should_fail_ex+0x512/0x640 [ 287.457237][T14075] _copy_from_user+0x2e/0xd0 [ 287.457253][T14075] restore_altstack+0x93/0x170 [ 287.457267][T14075] ? __pfx_restore_altstack+0x10/0x10 [ 287.457280][T14075] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.457298][T14075] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.457318][T14075] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.457336][T14075] ? set_current_blocked+0xdd/0x120 [ 287.457353][T14075] __do_sys_rt_sigreturn+0x1ab/0x2c0 [ 287.457372][T14075] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 287.457389][T14075] ? rcu_is_watching+0x12/0xc0 [ 287.457411][T14075] do_syscall_64+0xcd/0xf80 [ 287.457424][T14075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.457438][T14075] RIP: 0033:0x7f816f12b889 [ 287.457449][T14075] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 287.457461][T14075] RSP: 002b:00007f81700cda80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 287.457474][T14075] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f12b889 [ 287.457482][T14075] RDX: 00007f81700cda80 RSI: 00007f81700cdbb0 RDI: 0000000000000011 [ 287.457490][T14075] RBP: 00007f816f213f91 R08: 0000000000000000 R09: 0000000000000000 [ 287.457498][T14075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.457505][T14075] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 287.457522][T14075] [ 287.759543][T14082] ovs_: entered promiscuous mode [ 287.901618][T14090] phram: not enough arguments [ 287.985174][T14094] netlink: 350 bytes leftover after parsing attributes in process `syz.3.3729'. [ 289.720639][T14161] FAULT_INJECTION: forcing a failure. [ 289.720639][T14161] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 289.834129][T14161] CPU: 0 UID: 0 PID: 14161 Comm: syz.2.3757 Tainted: G U L syzkaller #0 PREEMPT(full) [ 289.834155][T14161] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 289.834160][T14161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 289.834169][T14161] Call Trace: [ 289.834174][T14161] [ 289.834179][T14161] dump_stack_lvl+0x16c/0x1f0 [ 289.834206][T14161] should_fail_ex+0x512/0x640 [ 289.834225][T14161] _copy_from_user+0x2e/0xd0 [ 289.834241][T14161] get_itimerspec64+0x15b/0x2d0 [ 289.834255][T14161] ? __pfx_get_itimerspec64+0x10/0x10 [ 289.834270][T14161] ? _copy_from_user+0x59/0xd0 [ 289.834286][T14161] __x64_sys_timerfd_settime+0x15f/0x280 [ 289.834305][T14161] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 289.834338][T14161] do_syscall_64+0xcd/0xf80 [ 289.834353][T14161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.834367][T14161] RIP: 0033:0x7fa02b58f7c9 [ 289.834379][T14161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.834392][T14161] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 289.834406][T14161] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 289.834414][T14161] RDX: 0000200000000000 RSI: 0000000000000008 RDI: ffffffffffffffff [ 289.834422][T14161] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 289.834430][T14161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.834437][T14161] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 289.834454][T14161] [ 292.298894][T14227] sctp: [Deprecated]: syz.1.3786 (pid 14227) Use of int in maxseg socket option. [ 292.298894][T14227] Use struct sctp_assoc_value instead [ 293.726727][T14265] netlink: 206 bytes leftover after parsing attributes in process `syz.1.3804'. [ 295.770734][T14278] kexec: Could not allocate control_code_buffer [ 298.277564][T14419] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 298.570228][T14434] FAULT_INJECTION: forcing a failure. [ 298.570228][T14434] name failslab, interval 1, probability 0, space 0, times 0 [ 298.625988][T14434] CPU: 0 UID: 0 PID: 14434 Comm: syz.1.3879 Tainted: G U L syzkaller #0 PREEMPT(full) [ 298.626015][T14434] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 298.626020][T14434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 298.626028][T14434] Call Trace: [ 298.626033][T14434] [ 298.626039][T14434] dump_stack_lvl+0x16c/0x1f0 [ 298.626065][T14434] should_fail_ex+0x512/0x640 [ 298.626081][T14434] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 298.626102][T14434] should_failslab+0xc2/0x120 [ 298.626124][T14434] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 298.626141][T14434] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 298.626165][T14434] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 298.626184][T14434] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 298.626204][T14434] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 298.626224][T14434] alloc_inode+0x64/0x240 [ 298.626240][T14434] new_inode+0x22/0x1c0 [ 298.626255][T14434] hugetlbfs_get_inode+0x354/0x700 [ 298.626271][T14434] hugetlb_file_setup+0x15b/0x620 [ 298.626286][T14434] ksys_mmap_pgoff+0x189/0x5c0 [ 298.626308][T14434] __x64_sys_mmap+0x125/0x190 [ 298.626324][T14434] do_syscall_64+0xcd/0xf80 [ 298.626337][T14434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.626351][T14434] RIP: 0033:0x7f816f18f7c9 [ 298.626362][T14434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.626374][T14434] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 298.626387][T14434] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 298.626397][T14434] RDX: ffffffffffffffff RSI: 0000000000000002 RDI: 0000000000000000 [ 298.626405][T14434] RBP: 00007f816f213f91 R08: 0000000000000602 R09: 0000300000000000 [ 298.626414][T14434] R10: 0000000000044eb1 R11: 0000000000000246 R12: 0000000000000000 [ 298.626422][T14434] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 298.626439][T14434] [ 301.009213][T14510] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 301.015638][T14510] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 301.493132][T14528] FAULT_INJECTION: forcing a failure. [ 301.493132][T14528] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 301.543236][T14528] CPU: 0 UID: 0 PID: 14528 Comm: syz.0.3920 Tainted: G U L syzkaller #0 PREEMPT(full) [ 301.543273][T14528] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 301.543279][T14528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 301.543287][T14528] Call Trace: [ 301.543292][T14528] [ 301.543298][T14528] dump_stack_lvl+0x16c/0x1f0 [ 301.543325][T14528] should_fail_ex+0x512/0x640 [ 301.543344][T14528] should_fail_alloc_page+0xe7/0x130 [ 301.543366][T14528] prepare_alloc_pages+0x401/0x670 [ 301.543390][T14528] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 301.543406][T14528] ? mark_held_locks+0x49/0x80 [ 301.543418][T14528] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 301.543437][T14528] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.543456][T14528] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 301.543476][T14528] ? stack_depot_save_flags+0x3de/0x9b0 [ 301.543498][T14528] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 301.543513][T14528] ? __kasan_slab_alloc+0x89/0x90 [ 301.543531][T14528] ? __pmd_alloc+0xbf/0x9c0 [ 301.543550][T14528] ? handle_mm_fault+0x3fe/0xad0 [ 301.543562][T14528] ? fixup_user_fault+0x1b4/0x540 [ 301.543579][T14528] ? fault_in_user_writeable+0x70/0xe0 [ 301.543592][T14528] ? futex_lock_pi+0x690/0x7c0 [ 301.543607][T14528] ? do_futex+0x11a/0x350 [ 301.543620][T14528] ? __x64_sys_futex+0x1e0/0x4c0 [ 301.543633][T14528] ? do_syscall_64+0xcd/0xf80 [ 301.543652][T14528] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 301.543672][T14528] ? policy_nodemask+0xea/0x4e0 [ 301.543693][T14528] alloc_pages_mpol+0x1fb/0x550 [ 301.543713][T14528] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 301.543738][T14528] alloc_pages_noprof+0x131/0x390 [ 301.543758][T14528] pte_alloc_one+0x1e/0x3d0 [ 301.543776][T14528] __do_fault+0x320/0x490 [ 301.543793][T14528] do_fault+0x302/0x1ad0 [ 301.543811][T14528] ? __pfx_filemap_map_pages+0x10/0x10 [ 301.543826][T14528] ? __pmd_alloc+0x6aa/0x9c0 [ 301.543847][T14528] __handle_mm_fault+0x1919/0x2bb0 [ 301.543866][T14528] ? __pfx___handle_mm_fault+0x10/0x10 [ 301.543889][T14528] ? find_vma+0xbf/0x140 [ 301.543906][T14528] ? __pfx_find_vma+0x10/0x10 [ 301.543926][T14528] handle_mm_fault+0x3fe/0xad0 [ 301.543944][T14528] fixup_user_fault+0x1b4/0x540 [ 301.543965][T14528] fault_in_user_writeable+0x70/0xe0 [ 301.543980][T14528] futex_lock_pi+0x690/0x7c0 [ 301.544000][T14528] ? __pfx_futex_lock_pi+0x10/0x10 [ 301.544015][T14528] ? preempt_schedule_common+0x44/0xc0 [ 301.544035][T14528] ? preempt_schedule_thunk+0x16/0x30 [ 301.544055][T14528] ? __pfx_try_to_wake_up+0x10/0x10 [ 301.544077][T14528] ? futex_private_hash_put+0x160/0x1b0 [ 301.544094][T14528] ? __pfx_futex_wake_mark+0x10/0x10 [ 301.544117][T14528] ? ksys_write+0x190/0x250 [ 301.544140][T14528] do_futex+0x11a/0x350 [ 301.544154][T14528] ? __pfx_do_futex+0x10/0x10 [ 301.544174][T14528] __x64_sys_futex+0x1e0/0x4c0 [ 301.544190][T14528] ? fput+0x70/0xf0 [ 301.544202][T14528] ? __pfx___x64_sys_futex+0x10/0x10 [ 301.544217][T14528] ? xfd_validate_state+0x61/0x180 [ 301.544229][T14528] ? __pfx_ksys_write+0x10/0x10 [ 301.544260][T14528] do_syscall_64+0xcd/0xf80 [ 301.544275][T14528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.544289][T14528] RIP: 0033:0x7fb3d458f7c9 [ 301.544302][T14528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.544315][T14528] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 301.544328][T14528] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 301.544337][T14528] RDX: 0000000000000008 RSI: 0000000000000086 RDI: 0000000000000000 [ 301.544345][T14528] RBP: 00007fb3d4613f91 R08: 0000000000000000 R09: 0000000000000007 [ 301.544353][T14528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.544361][T14528] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 301.544381][T14528] [ 303.772236][T14584] netlink: set zone limit has 8 unknown bytes [ 305.022291][T14625] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 305.065783][T14625] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 306.251873][T14674] FAULT_INJECTION: forcing a failure. [ 306.251873][T14674] name failslab, interval 1, probability 0, space 0, times 0 [ 306.292368][T14674] CPU: 0 UID: 0 PID: 14674 Comm: syz.2.3988 Tainted: G U L syzkaller #0 PREEMPT(full) [ 306.292404][T14674] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 306.292409][T14674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 306.292418][T14674] Call Trace: [ 306.292423][T14674] [ 306.292429][T14674] dump_stack_lvl+0x16c/0x1f0 [ 306.292455][T14674] should_fail_ex+0x512/0x640 [ 306.292472][T14674] ? __kmalloc_noprof+0xca/0x910 [ 306.292489][T14674] should_failslab+0xc2/0x120 [ 306.292511][T14674] __kmalloc_noprof+0xeb/0x910 [ 306.292525][T14674] ? __pfx_map_id_range_down+0x10/0x10 [ 306.292543][T14674] ? security_inode_alloc+0x3b/0x2b0 [ 306.292556][T14674] ? sk_prot_alloc+0x1a8/0x2a0 [ 306.292579][T14674] ? sk_prot_alloc+0x1a8/0x2a0 [ 306.292597][T14674] sk_prot_alloc+0x1a8/0x2a0 [ 306.292618][T14674] sk_alloc+0x36/0xe30 [ 306.292634][T14674] packet_create+0x127/0x8e0 [ 306.292652][T14674] __sock_create+0x339/0x8a0 [ 306.292668][T14674] __sys_socket+0x14d/0x260 [ 306.292681][T14674] ? __fget_files+0x20e/0x3c0 [ 306.292699][T14674] ? __pfx___sys_socket+0x10/0x10 [ 306.292712][T14674] ? xfd_validate_state+0x61/0x180 [ 306.292729][T14674] __x64_sys_socket+0x72/0xb0 [ 306.292744][T14674] ? lockdep_hardirqs_on+0x7c/0x110 [ 306.292773][T14674] do_syscall_64+0xcd/0xf80 [ 306.292787][T14674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.292801][T14674] RIP: 0033:0x7fa02b58f7c9 [ 306.292813][T14674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.292826][T14674] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 306.292838][T14674] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 306.292847][T14674] RDX: 0000000000000009 RSI: 0000000000000003 RDI: 0000000000000011 [ 306.292854][T14674] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 306.292862][T14674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.292870][T14674] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 306.292889][T14674] [ 309.512675][T14795] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4042'. [ 309.717516][T14803] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 310.260310][T14833] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4060'. [ 312.587796][T14937] device-mapper: ioctl: Unable to rename non-existent device, to uuid  [ 312.658785][T14939] binder: 14932:14939 ioctl c00c620f 9 returned -22 [ 312.883867][ T30] audit: type=1800 audit(2147483662.620:18): pid=14949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4108" name="dbroot" dev="configfs" ino=40255 res=0 errno=0 [ 312.930699][T14951] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input14 [ 314.550077][T15012] FAULT_INJECTION: forcing a failure. [ 314.550077][T15012] name failslab, interval 1, probability 0, space 0, times 0 [ 314.600188][T15012] CPU: 0 UID: 0 PID: 15012 Comm: syz.1.4136 Tainted: G U L syzkaller #0 PREEMPT(full) [ 314.600219][T15012] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 314.600225][T15012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 314.600233][T15012] Call Trace: [ 314.600238][T15012] [ 314.600245][T15012] dump_stack_lvl+0x16c/0x1f0 [ 314.600271][T15012] should_fail_ex+0x512/0x640 [ 314.600287][T15012] ? fs_reclaim_acquire+0xae/0x150 [ 314.600310][T15012] should_failslab+0xc2/0x120 [ 314.600331][T15012] kmem_cache_alloc_noprof+0x83/0x770 [ 314.600346][T15012] ? __pfx_map_id_range_down+0x10/0x10 [ 314.600365][T15012] ? security_inode_alloc+0x3b/0x2b0 [ 314.600382][T15012] ? security_inode_alloc+0x3b/0x2b0 [ 314.600395][T15012] security_inode_alloc+0x3b/0x2b0 [ 314.600410][T15012] inode_init_always_gfp+0xced/0x1040 [ 314.600432][T15012] alloc_inode+0x86/0x240 [ 314.600447][T15012] new_inode+0x22/0x1c0 [ 314.600462][T15012] shmem_get_inode+0x19a/0xfb0 [ 314.600483][T15012] ? __vm_enough_memory+0x184/0x3f0 [ 314.600503][T15012] __shmem_file_setup+0x290/0x350 [ 314.600525][T15012] shmem_zero_setup+0x93/0x1b0 [ 314.600542][T15012] __mmap_region+0x2271/0x2a00 [ 314.600561][T15012] ? __pfx___mmap_region+0x10/0x10 [ 314.600581][T15012] ? kvm_sched_clock_read+0x11/0x20 [ 314.600600][T15012] ? sched_clock+0x38/0x60 [ 314.600626][T15012] ? rcu_is_watching+0x12/0xc0 [ 314.600678][T15012] ? rcu_is_watching+0x12/0xc0 [ 314.600700][T15012] mmap_region+0x1ab/0x3f0 [ 314.600716][T15012] ? __get_unmapped_area+0x267/0x3f0 [ 314.600737][T15012] do_mmap+0xa3e/0x1210 [ 314.600759][T15012] ? __pfx_do_mmap+0x10/0x10 [ 314.600778][T15012] ? __pfx_down_write_killable+0x10/0x10 [ 314.600796][T15012] vm_mmap_pgoff+0x29e/0x470 [ 314.600817][T15012] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 314.600839][T15012] ? __x64_sys_futex+0x1e0/0x4c0 [ 314.600854][T15012] ? __x64_sys_futex+0x1e9/0x4c0 [ 314.600871][T15012] ksys_mmap_pgoff+0x7d/0x5c0 [ 314.600889][T15012] ? xfd_validate_state+0x61/0x180 [ 314.600900][T15012] ? __pfx_do_writev+0x10/0x10 [ 314.600930][T15012] __x64_sys_mmap+0x125/0x190 [ 314.600946][T15012] do_syscall_64+0xcd/0xf80 [ 314.600965][T15012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.600980][T15012] RIP: 0033:0x7f816f18f7c9 [ 314.600993][T15012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.601006][T15012] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 314.601020][T15012] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 314.601029][T15012] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 314.601037][T15012] RBP: 00007f816f213f91 R08: fffffffffffffffa R09: 0000000000008000 [ 314.601046][T15012] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 314.601054][T15012] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 314.601073][T15012] [ 315.944825][T15043] netlink: 'syz.1.4151': attribute type 2 has an invalid length. [ 316.299011][T15059] zero sized request [ 318.493075][T15156] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 319.414739][T15188] netlink: 350 bytes leftover after parsing attributes in process `syz.0.4220'. [ 319.616169][T15192] FAULT_INJECTION: forcing a failure. [ 319.616169][T15192] name failslab, interval 1, probability 0, space 0, times 0 [ 319.675975][T15192] CPU: 0 UID: 0 PID: 15192 Comm: syz.0.4222 Tainted: G U L syzkaller #0 PREEMPT(full) [ 319.676003][T15192] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 319.676008][T15192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 319.676020][T15192] Call Trace: [ 319.676025][T15192] [ 319.676030][T15192] dump_stack_lvl+0x16c/0x1f0 [ 319.676057][T15192] should_fail_ex+0x512/0x640 [ 319.676073][T15192] ? __kvmalloc_node_noprof+0x129/0xa40 [ 319.676094][T15192] should_failslab+0xc2/0x120 [ 319.676115][T15192] __kvmalloc_node_noprof+0x14a/0xa40 [ 319.676135][T15192] ? vmemdup_user+0x2a/0xe0 [ 319.676155][T15192] ? vmemdup_user+0x2a/0xe0 [ 319.676169][T15192] vmemdup_user+0x2a/0xe0 [ 319.676185][T15192] setxattr_copy+0x148/0x210 [ 319.676205][T15192] path_setxattrat+0x104/0x2a0 [ 319.676224][T15192] ? __pfx_path_setxattrat+0x10/0x10 [ 319.676246][T15192] ? __pfx_set_user_sigmask+0x10/0x10 [ 319.676279][T15192] ? xfd_validate_state+0x61/0x180 [ 319.676291][T15192] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 319.676312][T15192] __x64_sys_fsetxattr+0xc5/0x140 [ 319.676331][T15192] ? do_syscall_64+0x91/0xf80 [ 319.676343][T15192] ? lockdep_hardirqs_on+0x7c/0x110 [ 319.676362][T15192] do_syscall_64+0xcd/0xf80 [ 319.676375][T15192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.676388][T15192] RIP: 0033:0x7fb3d458f7c9 [ 319.676400][T15192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.676413][T15192] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 319.676427][T15192] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 319.676435][T15192] RDX: 0000000000000000 RSI: 0000200000002ac0 RDI: ffffffffffffffff [ 319.676443][T15192] RBP: 00007fb3d4613f91 R08: 0000000000000000 R09: 0000000000000000 [ 319.676451][T15192] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 319.676458][T15192] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 319.676482][T15192] [ 320.121925][T15135] kexec: Could not allocate control_code_buffer [ 321.538881][T15245] FAULT_INJECTION: forcing a failure. [ 321.538881][T15245] name failslab, interval 1, probability 0, space 0, times 0 [ 321.595983][T15245] CPU: 0 UID: 0 PID: 15245 Comm: syz.2.4246 Tainted: G U L syzkaller #0 PREEMPT(full) [ 321.596012][T15245] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 321.596019][T15245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 321.596027][T15245] Call Trace: [ 321.596032][T15245] [ 321.596038][T15245] dump_stack_lvl+0x16c/0x1f0 [ 321.596066][T15245] should_fail_ex+0x512/0x640 [ 321.596081][T15245] ? kmem_cache_alloc_noprof+0x62/0x770 [ 321.596103][T15245] should_failslab+0xc2/0x120 [ 321.596125][T15245] kmem_cache_alloc_noprof+0x83/0x770 [ 321.596140][T15245] ? security_inode_alloc+0x3b/0x2b0 [ 321.596154][T15245] ? sk_prot_alloc+0x60/0x2a0 [ 321.596177][T15245] ? sk_prot_alloc+0x60/0x2a0 [ 321.596196][T15245] sk_prot_alloc+0x60/0x2a0 [ 321.596217][T15245] sk_alloc+0x36/0xe30 [ 321.596233][T15245] smc_create+0x114/0x2a0 [ 321.596260][T15245] __sock_create+0x339/0x8a0 [ 321.596277][T15245] __sys_socket+0x14d/0x260 [ 321.596290][T15245] ? fdget_pos+0x2b8/0x370 [ 321.596310][T15245] ? __pfx___sys_socket+0x10/0x10 [ 321.596323][T15245] ? xfd_validate_state+0x61/0x180 [ 321.596334][T15245] ? __pfx_ksys_read+0x10/0x10 [ 321.596356][T15245] __x64_sys_socket+0x72/0xb0 [ 321.596369][T15245] ? lockdep_hardirqs_on+0x7c/0x110 [ 321.596389][T15245] do_syscall_64+0xcd/0xf80 [ 321.596402][T15245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.596416][T15245] RIP: 0033:0x7fa02b58f7c9 [ 321.596427][T15245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.596440][T15245] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 321.596453][T15245] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 321.596463][T15245] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b [ 321.596472][T15245] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 321.596480][T15245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.596488][T15245] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 321.596506][T15245] [ 322.179597][T15253] bridge_slave_1: left allmulticast mode [ 322.185499][T15253] bridge_slave_1: left promiscuous mode [ 322.197381][T15253] bridge0: port 2(bridge_slave_1) entered disabled state [ 322.258424][T15255] FAULT_INJECTION: forcing a failure. [ 322.258424][T15255] name failslab, interval 1, probability 0, space 0, times 0 [ 322.296911][T15255] CPU: 0 UID: 0 PID: 15255 Comm: syz.2.4251 Tainted: G U L syzkaller #0 PREEMPT(full) [ 322.296939][T15255] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 322.296944][T15255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 322.296952][T15255] Call Trace: [ 322.296958][T15255] [ 322.296963][T15255] dump_stack_lvl+0x16c/0x1f0 [ 322.296989][T15255] should_fail_ex+0x512/0x640 [ 322.297005][T15255] ? __kmalloc_noprof+0xca/0x910 [ 322.297022][T15255] should_failslab+0xc2/0x120 [ 322.297042][T15255] __kmalloc_noprof+0xeb/0x910 [ 322.297056][T15255] ? lockdep_init_map_type+0x5c/0x270 [ 322.297070][T15255] ? udpv6_init_sock+0x24e/0x450 [ 322.297091][T15255] ? udpv6_init_sock+0x24e/0x450 [ 322.297107][T15255] udpv6_init_sock+0x24e/0x450 [ 322.297127][T15255] udplitev6_sk_init+0x15/0x60 [ 322.297145][T15255] ? __pfx_udplitev6_sk_init+0x10/0x10 [ 322.297163][T15255] inet6_create+0xb30/0x12b0 [ 322.297192][T15255] ? inet6_create+0x7f/0x12b0 [ 322.297214][T15255] __sock_create+0x339/0x8a0 [ 322.297232][T15255] __sys_socket+0x14d/0x260 [ 322.297245][T15255] ? fput+0x70/0xf0 [ 322.297257][T15255] ? __pfx___sys_socket+0x10/0x10 [ 322.297270][T15255] ? xfd_validate_state+0x61/0x180 [ 322.297282][T15255] ? __pfx_ksys_write+0x10/0x10 [ 322.297304][T15255] __x64_sys_socket+0x72/0xb0 [ 322.297316][T15255] ? lockdep_hardirqs_on+0x7c/0x110 [ 322.297336][T15255] do_syscall_64+0xcd/0xf80 [ 322.297349][T15255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.297363][T15255] RIP: 0033:0x7fa02b58f7c9 [ 322.297374][T15255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.297387][T15255] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 322.297400][T15255] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 322.297408][T15255] RDX: 0000000000000088 RSI: 0000000000000002 RDI: 000000000000000a [ 322.297416][T15255] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 322.297424][T15255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.297431][T15255] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 322.297449][T15255] [ 322.583832][T15257] netlink: 'syz.2.4253': attribute type 33 has an invalid length. [ 322.627244][T15259] FAULT_INJECTION: forcing a failure. [ 322.627244][T15259] name failslab, interval 1, probability 0, space 0, times 0 [ 322.640043][T15259] CPU: 0 UID: 0 PID: 15259 Comm: syz.2.4254 Tainted: G U L syzkaller #0 PREEMPT(full) [ 322.640070][T15259] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 322.640075][T15259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 322.640084][T15259] Call Trace: [ 322.640089][T15259] [ 322.640095][T15259] dump_stack_lvl+0x16c/0x1f0 [ 322.640122][T15259] should_fail_ex+0x512/0x640 [ 322.640138][T15259] ? kmem_cache_alloc_noprof+0x62/0x770 [ 322.640158][T15259] should_failslab+0xc2/0x120 [ 322.640187][T15259] kmem_cache_alloc_noprof+0x83/0x770 [ 322.640203][T15259] ? ptlock_alloc+0x1f/0x70 [ 322.640221][T15259] ? ptlock_alloc+0x1f/0x70 [ 322.640234][T15259] ptlock_alloc+0x1f/0x70 [ 322.640248][T15259] pte_alloc_one+0x84/0x3d0 [ 322.640267][T15259] __pte_alloc+0x6d/0x3f0 [ 322.640284][T15259] ? __pfx___pte_alloc+0x10/0x10 [ 322.640302][T15259] ? _raw_spin_unlock+0x28/0x50 [ 322.640320][T15259] ? __pmd_alloc+0x6aa/0x9c0 [ 322.640341][T15259] walk_pgd_range+0xb8f/0x1f80 [ 322.640359][T15259] ? __pfx_guard_install_set_pte+0x10/0x10 [ 322.640378][T15259] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 322.640392][T15259] ? __pfx_guard_install_set_pte+0x10/0x10 [ 322.640413][T15259] ? __pfx_guard_install_set_pte+0x10/0x10 [ 322.640433][T15259] ? __pfx_guard_install_set_pte+0x10/0x10 [ 322.640453][T15259] ? __pfx_walk_pgd_range+0x10/0x10 [ 322.640474][T15259] __walk_page_range+0x163/0x820 [ 322.640492][T15259] ? find_vma+0xbf/0x140 [ 322.640508][T15259] ? __pfx_find_vma+0x10/0x10 [ 322.640527][T15259] ? walk_page_test+0x9b/0x180 [ 322.640543][T15259] walk_page_range_mm_unsafe+0x461/0xb40 [ 322.640563][T15259] ? __pfx_walk_page_range_mm_unsafe+0x10/0x10 [ 322.640585][T15259] ? __anon_vma_prepare+0x2e2/0x5e0 [ 322.640602][T15259] madvise_guard_install+0x31f/0x860 [ 322.640626][T15259] ? __pfx_madvise_guard_install+0x10/0x10 [ 322.640648][T15259] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 322.640667][T15259] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 322.640686][T15259] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 322.640700][T15259] ? __pfx_guard_install_set_pte+0x10/0x10 [ 322.640724][T15259] madvise_vma_behavior+0x8f8/0x29e0 [ 322.640738][T15259] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 322.640759][T15259] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 322.640772][T15259] ? mas_prev+0x9b/0xf0 [ 322.640784][T15259] ? __pfx_mas_prev+0x10/0x10 [ 322.640800][T15259] ? find_vma_prev+0xd3/0x150 [ 322.640817][T15259] ? lock_vma_under_rcu+0x1f3/0x580 [ 322.640831][T15259] ? __pfx_find_vma_prev+0x10/0x10 [ 322.640855][T15259] ? madvise_do_behavior+0x1e2/0x530 [ 322.640870][T15259] madvise_walk_vmas+0x31f/0xac0 [ 322.640886][T15259] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 322.640900][T15259] ? find_held_lock+0x2b/0x80 [ 322.640919][T15259] madvise_do_behavior+0x1e2/0x530 [ 322.640931][T15259] ? futex_private_hash_put+0x160/0x1b0 [ 322.640946][T15259] ? __pfx_madvise_do_behavior+0x10/0x10 [ 322.640958][T15259] ? futex_wake+0x1ad/0x530 [ 322.640981][T15259] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 322.641002][T15259] do_madvise+0x176/0x240 [ 322.641014][T15259] ? __pfx_do_madvise+0x10/0x10 [ 322.641026][T15259] ? do_futex+0x122/0x350 [ 322.641053][T15259] ? xfd_validate_state+0x61/0x180 [ 322.641065][T15259] ? __pfx_ksys_write+0x10/0x10 [ 322.641086][T15259] __x64_sys_madvise+0xa9/0x110 [ 322.641099][T15259] ? lockdep_hardirqs_on+0x7c/0x110 [ 322.641118][T15259] do_syscall_64+0xcd/0xf80 [ 322.641131][T15259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.641145][T15259] RIP: 0033:0x7fa02b58f7c9 [ 322.641157][T15259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.641179][T15259] RSP: 002b:00007fa02c391038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 322.641193][T15259] RAX: ffffffffffffffda RBX: 00007fa02b7e5fa0 RCX: 00007fa02b58f7c9 [ 322.641203][T15259] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 322.641211][T15259] RBP: 00007fa02b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 322.641219][T15259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.641228][T15259] R13: 00007fa02b7e6038 R14: 00007fa02b7e5fa0 R15: 00007fff45767dc8 [ 322.641247][T15259] [ 323.098581][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 323.104947][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.814996][T15218] kexec: Could not allocate control_code_buffer [ 324.409525][ T30] audit: type=1800 audit(2147483674.150:19): pid=15316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4281" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 325.010155][T15341] bridge0: port 3(team0) entered blocking state [ 325.037221][T15341] bridge0: port 3(team0) entered disabled state [ 325.064210][T15341] team0: entered allmulticast mode [ 325.074185][T15341] team_slave_0: entered allmulticast mode [ 325.094256][T15341] team_slave_1: entered allmulticast mode [ 325.117418][T15341] team0: entered promiscuous mode [ 325.134449][T15341] team_slave_0: entered promiscuous mode [ 325.152356][T15341] team_slave_1: entered promiscuous mode [ 325.176660][T15341] bridge0: port 3(team0) entered blocking state [ 325.183028][T15341] bridge0: port 3(team0) entered forwarding state [ 327.067138][T15424] netlink: 100 bytes leftover after parsing attributes in process `syz.2.4331'. [ 327.580358][T15446] netlink: 206 bytes leftover after parsing attributes in process `syz.1.4340'. [ 328.531087][T15494] FAULT_INJECTION: forcing a failure. [ 328.531087][T15494] name failslab, interval 1, probability 0, space 0, times 0 [ 328.574974][T15494] CPU: 0 UID: 0 PID: 15494 Comm: syz.0.4363 Tainted: G U L syzkaller #0 PREEMPT(full) [ 328.575001][T15494] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 328.575007][T15494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 328.575015][T15494] Call Trace: [ 328.575020][T15494] [ 328.575027][T15494] dump_stack_lvl+0x16c/0x1f0 [ 328.575053][T15494] should_fail_ex+0x512/0x640 [ 328.575069][T15494] ? kmem_cache_alloc_noprof+0x62/0x770 [ 328.575087][T15494] should_failslab+0xc2/0x120 [ 328.575108][T15494] kmem_cache_alloc_noprof+0x83/0x770 [ 328.575124][T15494] ? ptlock_alloc+0x1f/0x70 [ 328.575141][T15494] ? ptlock_alloc+0x1f/0x70 [ 328.575153][T15494] ptlock_alloc+0x1f/0x70 [ 328.575166][T15494] pte_alloc_one+0x84/0x3d0 [ 328.575185][T15494] __do_fault+0x320/0x490 [ 328.575203][T15494] do_fault+0x302/0x1ad0 [ 328.575220][T15494] ? __pfx_filemap_map_pages+0x10/0x10 [ 328.575235][T15494] ? __pmd_alloc+0x6aa/0x9c0 [ 328.575256][T15494] __handle_mm_fault+0x1919/0x2bb0 [ 328.575275][T15494] ? __pfx___handle_mm_fault+0x10/0x10 [ 328.575299][T15494] ? find_vma+0xbf/0x140 [ 328.575316][T15494] ? __pfx_find_vma+0x10/0x10 [ 328.575336][T15494] handle_mm_fault+0x3fe/0xad0 [ 328.575353][T15494] do_user_addr_fault+0x7a6/0x1370 [ 328.575370][T15494] ? rcu_is_watching+0x12/0xc0 [ 328.575390][T15494] exc_page_fault+0x64/0xc0 [ 328.575411][T15494] asm_exc_page_fault+0x26/0x30 [ 328.575424][T15494] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 328.575441][T15494] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 328.575453][T15494] RSP: 0018:ffffc90003577d90 EFLAGS: 00050246 [ 328.575464][T15494] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008 [ 328.575473][T15494] RDX: fffff520006aefc5 RSI: ffffc90003577e20 RDI: 000000000000556d [ 328.575481][T15494] RBP: 000000000000556d R08: 0000000000000000 R09: fffff520006aefc4 [ 328.575490][T15494] R10: ffffc90003577e27 R11: ffff888032904830 R12: ffffc90003577e20 [ 328.575499][T15494] R13: 0000000000005575 R14: 00007ffffffff000 R15: 0000000000000000 [ 328.575519][T15494] _copy_to_user+0xbb/0xd0 [ 328.575536][T15494] do_fcntl+0x13f4/0x1660 [ 328.575551][T15494] ? __pfx_do_fcntl+0x10/0x10 [ 328.575571][T15494] ? tomoyo_file_fcntl+0x6c/0xc0 [ 328.575593][T15494] __x64_sys_fcntl+0x163/0x200 [ 328.575610][T15494] do_syscall_64+0xcd/0xf80 [ 328.575623][T15494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.575635][T15494] RIP: 0033:0x7fb3d458f7c9 [ 328.575646][T15494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.575658][T15494] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 328.575670][T15494] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 328.575679][T15494] RDX: 000000000000556d RSI: 000000000000040b RDI: 0000000000000003 [ 328.575687][T15494] RBP: 00007fb3d4613f91 R08: 0000000000000000 R09: 0000000000000000 [ 328.575694][T15494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.575702][T15494] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 328.575720][T15494] [ 329.184199][T15511] bridge0: port 3(team0) entered blocking state [ 329.195389][T15511] bridge0: port 3(team0) entered disabled state [ 329.202283][T15511] team0: entered allmulticast mode [ 329.207458][T15511] team_slave_0: entered allmulticast mode [ 329.213235][T15511] team_slave_1: entered allmulticast mode [ 329.220256][T15511] team0: entered promiscuous mode [ 329.225370][T15511] team_slave_0: entered promiscuous mode [ 329.231293][T15511] team_slave_1: entered promiscuous mode [ 329.237668][T15511] bridge0: port 3(team0) entered blocking state [ 329.243997][T15511] bridge0: port 3(team0) entered forwarding state [ 329.394162][T15509] zswap: compressor not available [ 329.613036][T15532] bridge0: port 3(hsr0) entered blocking state [ 329.633785][T15532] bridge0: port 3(hsr0) entered disabled state [ 329.655357][T15532] hsr0: entered allmulticast mode [ 329.676141][T15532] hsr_slave_0: entered allmulticast mode [ 329.696629][T15532] hsr_slave_1: entered allmulticast mode [ 329.718618][T15532] hsr0: entered promiscuous mode [ 329.735780][T15532] bridge0: port 3(hsr0) entered blocking state [ 329.742157][T15532] bridge0: port 3(hsr0) entered forwarding state [ 330.173689][T15550] netlink: Unknown conntrack attr (0) [ 330.367923][T15557] FAULT_INJECTION: forcing a failure. [ 330.367923][T15557] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 330.431220][T15557] CPU: 0 UID: 0 PID: 15557 Comm: syz.1.4390 Tainted: G U L syzkaller #0 PREEMPT(full) [ 330.431248][T15557] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 330.431253][T15557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 330.431262][T15557] Call Trace: [ 330.431268][T15557] [ 330.431274][T15557] dump_stack_lvl+0x16c/0x1f0 [ 330.431302][T15557] should_fail_ex+0x512/0x640 [ 330.431321][T15557] should_fail_alloc_page+0xe7/0x130 [ 330.431343][T15557] prepare_alloc_pages+0x401/0x670 [ 330.431364][T15557] ? __lock_acquire+0x436/0x2890 [ 330.431379][T15557] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 330.431402][T15557] ? __lock_acquire+0x436/0x2890 [ 330.431420][T15557] ? __lock_acquire+0x436/0x2890 [ 330.431433][T15557] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 330.431454][T15557] ? register_lock_class+0x41/0x4b0 [ 330.431473][T15557] ? __lock_acquire+0x436/0x2890 [ 330.431487][T15557] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 330.431510][T15557] ? policy_nodemask+0xea/0x4e0 [ 330.431532][T15557] alloc_pages_mpol+0x1fb/0x550 [ 330.431552][T15557] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 330.431572][T15557] ? __pfx___mutex_lock+0x10/0x10 [ 330.431589][T15557] alloc_pages_noprof+0x131/0x390 [ 330.431609][T15557] __pmd_alloc+0x3b/0x9c0 [ 330.431631][T15557] huge_pte_alloc+0x41d/0x5b0 [ 330.431647][T15557] hugetlb_fault+0x36b/0x1730 [ 330.431664][T15557] ? __pfx_hugetlb_fault+0x10/0x10 [ 330.431685][T15557] ? find_vma+0xbf/0x140 [ 330.431702][T15557] ? __pfx_find_vma+0x10/0x10 [ 330.431722][T15557] handle_mm_fault+0x95d/0xad0 [ 330.431739][T15557] do_user_addr_fault+0x7a6/0x1370 [ 330.431756][T15557] ? kmalloc_reserve+0x18b/0x2c0 [ 330.431778][T15557] ? rcu_is_watching+0x12/0xc0 [ 330.431799][T15557] exc_page_fault+0x64/0xc0 [ 330.431819][T15557] asm_exc_page_fault+0x26/0x30 [ 330.431833][T15557] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 330.431850][T15557] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 330.431863][T15557] RSP: 0018:ffffc900025cfd68 EFLAGS: 00050216 [ 330.431875][T15557] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000020 [ 330.431884][T15557] RDX: ffffed100b931e1c RSI: 0000000000000000 RDI: ffff88805c98f0c0 [ 330.431892][T15557] RBP: 0000000000000020 R08: 0000000000000001 R09: ffffed100b931e1b [ 330.431900][T15557] R10: ffff88805c98f0df R11: ffff88802aeee6b0 R12: 0000000000000000 [ 330.431909][T15557] R13: ffff88805c98f0c0 R14: 0000000000000002 R15: ffff8880485a3dc0 [ 330.431927][T15557] _copy_from_user+0x98/0xd0 [ 330.431943][T15557] do_mq_notify+0x3bc/0xfd0 [ 330.431957][T15557] ? __might_fault+0xe3/0x190 [ 330.431972][T15557] ? __pfx_do_mq_notify+0x10/0x10 [ 330.431990][T15557] __x64_sys_mq_notify+0x100/0x170 [ 330.432004][T15557] ? __pfx___x64_sys_mq_notify+0x10/0x10 [ 330.432023][T15557] ? rcu_is_watching+0x12/0xc0 [ 330.432042][T15557] do_syscall_64+0xcd/0xf80 [ 330.432056][T15557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.432070][T15557] RIP: 0033:0x7f816f18f7c9 [ 330.432080][T15557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.432092][T15557] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f4 [ 330.432104][T15557] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 330.432113][T15557] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffffff [ 330.432121][T15557] RBP: 00007f816f213f91 R08: 0000000000000000 R09: 0000000000000000 [ 330.432128][T15557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.432136][T15557] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 330.432155][T15557] [ 331.897508][T15608] binder: 15606:15608 unknown command 0 [ 331.903838][T15607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4414'. [ 331.925056][T15608] binder: 15606:15608 ioctl c0306201 0 returned -22 [ 332.419287][T15628] ovs_?: entered promiscuous mode [ 332.434933][T15621] could not allocate digest TFM handle [ 333.027780][T10594] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 333.027802][T10594] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 333.042831][T10594] Bluetooth: hci3: Dropping invalid advertising data [ 333.051496][T10594] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 333.051516][T10594] Bluetooth: hci3: Dropping invalid advertising data [ 333.068007][T10594] Bluetooth: hci3: Malformed LE Event: 0x02 [ 333.183615][T15659] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4437'. [ 333.613303][T15675] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4443'. [ 334.717482][T15734] FAULT_INJECTION: forcing a failure. [ 334.717482][T15734] name failslab, interval 1, probability 0, space 0, times 0 [ 334.760973][T15734] CPU: 0 UID: 0 PID: 15734 Comm: syz.1.4470 Tainted: G U L syzkaller #0 PREEMPT(full) [ 334.761000][T15734] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 334.761006][T15734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 334.761014][T15734] Call Trace: [ 334.761019][T15734] [ 334.761025][T15734] dump_stack_lvl+0x16c/0x1f0 [ 334.761050][T15734] should_fail_ex+0x512/0x640 [ 334.761066][T15734] ? __kmalloc_cache_noprof+0x5f/0x800 [ 334.761084][T15734] should_failslab+0xc2/0x120 [ 334.761109][T15734] __kmalloc_cache_noprof+0x80/0x800 [ 334.761126][T15734] ? alloc_mnt_ns+0xce/0x510 [ 334.761147][T15734] ? alloc_mnt_ns+0xce/0x510 [ 334.761163][T15734] alloc_mnt_ns+0xce/0x510 [ 334.761181][T15734] copy_mnt_ns+0x226/0xc40 [ 334.761194][T15734] ? create_new_namespaces+0x30/0xab0 [ 334.761216][T15734] create_new_namespaces+0xd3/0xab0 [ 334.761233][T15734] ? bpf_lsm_capable+0x9/0x10 [ 334.761249][T15734] ? security_capable+0x7e/0x260 [ 334.761272][T15734] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 334.761292][T15734] ksys_unshare+0x45b/0xa40 [ 334.761313][T15734] ? __pfx_ksys_unshare+0x10/0x10 [ 334.761333][T15734] ? xfd_validate_state+0x61/0x180 [ 334.761351][T15734] __x64_sys_unshare+0x31/0x40 [ 334.761362][T15734] do_syscall_64+0xcd/0xf80 [ 334.761376][T15734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.761389][T15734] RIP: 0033:0x7f816f18f7c9 [ 334.761400][T15734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.761414][T15734] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 334.761428][T15734] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 334.761436][T15734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 334.761444][T15734] RBP: 00007f816f213f91 R08: 0000000000000000 R09: 0000000000000000 [ 334.761452][T15734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.761459][T15734] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 334.761477][T15734] [ 336.084879][T15784] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4494'. [ 339.600950][T15953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4569'. [ 339.779380][T15959] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4572'. [ 340.332175][T15981] FAULT_INJECTION: forcing a failure. [ 340.332175][T15981] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 340.373906][ T30] audit: type=1326 audit(2147483690.110:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.3.4584" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fde1ad8f7c9 code=0x0 [ 340.396034][T15981] CPU: 0 UID: 0 PID: 15981 Comm: syz.1.4583 Tainted: G U L syzkaller #0 PREEMPT(full) [ 340.396060][T15981] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 340.396065][T15981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 340.396074][T15981] Call Trace: [ 340.396080][T15981] [ 340.396087][T15981] dump_stack_lvl+0x16c/0x1f0 [ 340.396113][T15981] should_fail_ex+0x512/0x640 [ 340.396133][T15981] should_fail_alloc_page+0xe7/0x130 [ 340.396155][T15981] prepare_alloc_pages+0x401/0x670 [ 340.396176][T15981] ? arch_stack_walk+0xa6/0x100 [ 340.396193][T15981] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 340.396214][T15981] ? stack_trace_save+0x8e/0xc0 [ 340.396235][T15981] ? __pfx_stack_trace_save+0x10/0x10 [ 340.396255][T15981] ? stack_depot_save_flags+0x29/0x9b0 [ 340.396272][T15981] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 340.396290][T15981] ? kasan_save_stack+0x42/0x60 [ 340.396306][T15981] ? kasan_save_stack+0x33/0x60 [ 340.396322][T15981] ? kasan_save_track+0x14/0x30 [ 340.396337][T15981] ? __kasan_slab_alloc+0x89/0x90 [ 340.396354][T15981] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 340.396369][T15981] ? security_inode_alloc+0x3b/0x2b0 [ 340.396383][T15981] ? inode_init_always_gfp+0xced/0x1040 [ 340.396403][T15981] ? do_syscall_64+0xcd/0xf80 [ 340.396414][T15981] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.396432][T15981] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 340.396453][T15981] ? policy_nodemask+0xea/0x4e0 [ 340.396473][T15981] alloc_pages_mpol+0x1fb/0x550 [ 340.396493][T15981] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 340.396517][T15981] ___kmalloc_large_node+0x10c/0x150 [ 340.396532][T15981] __kmalloc_large_node_noprof+0x1c/0x70 [ 340.396546][T15981] __kmalloc_noprof.cold+0xc/0x62 [ 340.396565][T15981] ? sk_prot_alloc+0x1a8/0x2a0 [ 340.396592][T15981] ? sk_prot_alloc+0x1a8/0x2a0 [ 340.396612][T15981] sk_prot_alloc+0x1a8/0x2a0 [ 340.396634][T15981] sk_alloc+0x36/0xe30 [ 340.396652][T15981] can_create+0x1e5/0x630 [ 340.396673][T15981] __sock_create+0x339/0x8a0 [ 340.396723][T15981] __sys_socket+0x14d/0x260 [ 340.396738][T15981] ? __pfx___sys_socket+0x10/0x10 [ 340.396753][T15981] ? xfd_validate_state+0x61/0x180 [ 340.396764][T15981] ? __task_pid_nr_ns+0x1f5/0x500 [ 340.396781][T15981] __x64_sys_socket+0x72/0xb0 [ 340.396795][T15981] ? lockdep_hardirqs_on+0x7c/0x110 [ 340.396815][T15981] do_syscall_64+0xcd/0xf80 [ 340.396828][T15981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.396842][T15981] RIP: 0033:0x7f816f18f7c9 [ 340.396854][T15981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.396867][T15981] RSP: 002b:00007f81700ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 340.396880][T15981] RAX: ffffffffffffffda RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 340.396889][T15981] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 340.396897][T15981] RBP: 00007f816f213f91 R08: 0000000000000000 R09: 0000000000000000 [ 340.396906][T15981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 340.396914][T15981] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 340.396933][T15981] [ 341.509031][T15994] zswap: compressor not available [ 341.797434][T16009] ovs_: entered promiscuous mode [ 342.156873][T16022] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4593'. [ 343.370671][T16061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4610'. [ 346.014919][T16166] hugetlbfs: syz.2.4658 (16166): Using mlock ulimits for SHM_HUGETLB is obsolete [ 348.167554][T16204] kexec: Could not allocate control_code_buffer [ 349.089085][T16258] Invalid ELF header len 5 [ 349.424811][T16281] FAULT_INJECTION: forcing a failure. [ 349.424811][T16281] name failslab, interval 1, probability 0, space 0, times 0 [ 349.496059][T16281] CPU: 0 UID: 0 PID: 16281 Comm: syz.0.4711 Tainted: G U L syzkaller #0 PREEMPT(full) [ 349.496087][T16281] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 349.496093][T16281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 349.496101][T16281] Call Trace: [ 349.496106][T16281] [ 349.496112][T16281] dump_stack_lvl+0x16c/0x1f0 [ 349.496139][T16281] should_fail_ex+0x512/0x640 [ 349.496155][T16281] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 349.496175][T16281] should_failslab+0xc2/0x120 [ 349.496196][T16281] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 349.496211][T16281] ? dquot_alloc_inode+0x51b/0xb90 [ 349.496226][T16281] ? __dquot_initialize+0x299/0xd50 [ 349.496240][T16281] ? __d_alloc+0x35/0xa80 [ 349.496255][T16281] ? __d_alloc+0x35/0xa80 [ 349.496266][T16281] __d_alloc+0x35/0xa80 [ 349.496280][T16281] d_alloc_pseudo+0x1c/0xc0 [ 349.496295][T16281] alloc_file_pseudo+0xcf/0x230 [ 349.496310][T16281] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 349.496330][T16281] __shmem_file_setup+0x1a8/0x350 [ 349.496353][T16281] shmem_zero_setup+0x93/0x1b0 [ 349.496370][T16281] __mmap_region+0x2271/0x2a00 [ 349.496387][T16281] ? __lock_acquire+0x436/0x2890 [ 349.496400][T16281] ? __pfx___mmap_region+0x10/0x10 [ 349.496421][T16281] ? lock_acquire+0x179/0x330 [ 349.496440][T16281] ? finish_task_switch.isra.0+0x207/0xbd0 [ 349.496505][T16281] ? rcu_is_watching+0x12/0xc0 [ 349.496529][T16281] mmap_region+0x1ab/0x3f0 [ 349.496546][T16281] ? __get_unmapped_area+0x267/0x3f0 [ 349.496569][T16281] do_mmap+0xa3e/0x1210 [ 349.496595][T16281] ? __pfx_do_mmap+0x10/0x10 [ 349.496614][T16281] ? __pfx_down_write_killable+0x10/0x10 [ 349.496633][T16281] vm_mmap_pgoff+0x29e/0x470 [ 349.496656][T16281] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 349.496679][T16281] ? __x64_sys_futex+0x1e0/0x4c0 [ 349.496693][T16281] ? __x64_sys_futex+0x1e9/0x4c0 [ 349.496710][T16281] ksys_mmap_pgoff+0x7d/0x5c0 [ 349.496727][T16281] ? xfd_validate_state+0x61/0x180 [ 349.496739][T16281] ? __pfx_ksys_write+0x10/0x10 [ 349.496759][T16281] __x64_sys_mmap+0x125/0x190 [ 349.496774][T16281] do_syscall_64+0xcd/0xf80 [ 349.496787][T16281] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.496801][T16281] RIP: 0033:0x7fb3d458f7c9 [ 349.496814][T16281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.496827][T16281] RSP: 002b:00007fb3d5475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 349.496841][T16281] RAX: ffffffffffffffda RBX: 00007fb3d47e5fa0 RCX: 00007fb3d458f7c9 [ 349.496849][T16281] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 349.496858][T16281] RBP: 00007fb3d4613f91 R08: fffffffffffffffa R09: 0000000000008000 [ 349.496867][T16281] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 349.496875][T16281] R13: 00007fb3d47e6038 R14: 00007fb3d47e5fa0 R15: 00007ffec2ac43f8 [ 349.496894][T16281] [ 351.186323][T16343] syz.1.4738 (16343) used obsolete PPPIOCDETACH ioctl [ 352.579765][T16399] netlink: 'syz.3.4762': attribute type 1 has an invalid length. [ 353.734249][T16450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4784'. [ 353.779261][T16447] block nbd8: shutting down sockets [ 354.076391][T16462] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ekl*[GCHFx^ĒPktkyve' [ 354.225699][T16462] CIFS mount error: No usable UNC path provided in device string! [ 354.225699][T16462] [ 354.275695][T16462] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 354.679872][ T30] audit: type=1804 audit(2147483704.420:21): pid=16486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4801" name="file0" dev="tmpfs" ino=6236 res=1 errno=0 [ 356.767406][T16558] sctp: [Deprecated]: syz.2.4834 (pid 16558) Use of struct sctp_assoc_value in delayed_ack socket option. [ 356.767406][T16558] Use struct sctp_sack_info instead [ 357.262402][T16580] bridge0: port 4(veth0_to_bridge) entered blocking state [ 357.290228][T16580] bridge0: port 4(veth0_to_bridge) entered disabled state [ 357.306581][T16580] veth0_to_bridge: entered allmulticast mode [ 357.334128][T16580] veth0_to_bridge: entered promiscuous mode [ 357.353956][T16580] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 357.395378][T16580] bridge0: port 4(veth0_to_bridge) entered blocking state [ 357.402674][T16580] bridge0: port 4(veth0_to_bridge) entered forwarding state [ 358.185255][T16602] IPVS: length: 7562853 != 24 [ 373.948020][ C0] sched: DL replenish lagged too much [ 385.103208][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 386.559035][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.502795][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.595638][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 516.923913][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 516.937816][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 516.951682][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 516.965989][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 516.980172][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 516.993899][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 517.007790][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 517.021527][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 517.035902][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 517.049768][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 520.935829][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 520.942790][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P16419/1:b..l P5835/1:b..l [ 520.952251][ C0] rcu: (detected by 0, t=10502 jiffies, g=64053, q=1076 ncpus=1) [ 520.960040][ C0] task:syz-executor state:R running task stack:23416 pid:5835 tgid:5835 ppid:5828 task_flags:0x400140 flags:0x00080000 [ 520.974411][ C0] Call Trace: [ 520.977683][ C0] [ 520.980608][ C0] ? __schedule+0x10b9/0x6150 [ 520.985281][ C0] __schedule+0x1139/0x6150 [ 520.989779][ C0] ? __lock_acquire+0x436/0x2890 [ 520.994714][ C0] ? __pfx___schedule+0x10/0x10 [ 520.999560][ C0] ? mark_held_locks+0x49/0x80 [ 521.004312][ C0] preempt_schedule_irq+0x51/0x90 [ 521.009331][ C0] irqentry_exit+0x1d8/0x8c0 [ 521.013914][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 521.019884][ C0] RIP: 0010:lock_release+0x183/0x2d0 [ 521.025152][ C0] Code: 0f c1 05 a8 36 19 12 83 f8 01 0f 85 03 01 00 00 9c 58 f6 c4 02 0f 85 ee 00 00 00 41 f7 c5 00 02 00 00 74 01 fb 48 8b 44 24 10 <65> 48 2b 05 3d ef 18 12 0f 85 32 01 00 00 48 83 c4 18 5b 41 5c 41 [ 521.044747][ C0] RSP: 0018:ffffc90003ea7458 EFLAGS: 00000206 [ 521.050857][ C0] RAX: 953ef3b4b8f85000 RBX: ffffffff8e3c9520 RCX: ffffc90003ea7464 [ 521.058816][ C0] RDX: 0000000000000004 RSI: ffffffff8daa50c6 RDI: ffffffff8bf2b680 [ 521.066862][ C0] RBP: 0000000000000001 R08: ffffffff91264246 R09: 00000000530eb4f6 [ 521.074848][ C0] R10: 0000000000000002 R11: 000000000000a8ed R12: ffffffff816c7a34 [ 521.082802][ C0] R13: 0000000000000206 R14: ffff888034280000 R15: 0000000000000005 [ 521.090770][ C0] ? unwind_next_frame+0x3f4/0x20b0 [ 521.095971][ C0] unwind_next_frame+0x3f9/0x20b0 [ 521.100995][ C0] ? stack_trace_save+0x8e/0xc0 [ 521.105843][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 521.112000][ C0] arch_stack_walk+0x94/0x100 [ 521.116695][ C0] ? save_stack+0x160/0x1f0 [ 521.121200][ C0] stack_trace_save+0x8e/0xc0 [ 521.125866][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 521.131235][ C0] ? __lock_acquire+0x436/0x2890 [ 521.136157][ C0] ? __lock_acquire+0x436/0x2890 [ 521.141077][ C0] save_stack+0x160/0x1f0 [ 521.145397][ C0] ? __pfx_save_stack+0x10/0x10 [ 521.150245][ C0] ? page_ext_put+0x3e/0xd0 [ 521.154738][ C0] __reset_page_owner+0x84/0x1a0 [ 521.159668][ C0] __free_frozen_pages+0x7df/0x1170 [ 521.164853][ C0] ? mark_held_locks+0x49/0x80 [ 521.169602][ C0] __put_partials+0x130/0x170 [ 521.174307][ C0] qlist_free_all+0x4c/0xf0 [ 521.178797][ C0] kasan_quarantine_reduce+0x195/0x1e0 [ 521.184243][ C0] __kasan_slab_alloc+0x69/0x90 [ 521.189083][ C0] kmem_cache_alloc_noprof+0x25e/0x770 [ 521.194527][ C0] ? vm_area_dup+0x27/0x8d0 [ 521.199044][ C0] ? vm_area_dup+0x27/0x8d0 [ 521.203540][ C0] vm_area_dup+0x27/0x8d0 [ 521.207854][ C0] dup_mmap+0x6a4/0x20e0 [ 521.212109][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 521.216781][ C0] copy_process+0x3b9f/0x7430 [ 521.221450][ C0] ? do_wp_page+0x1c04/0x5010 [ 521.226144][ C0] ? __pfx_copy_process+0x10/0x10 [ 521.231246][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 521.236270][ C0] kernel_clone+0xfc/0x910 [ 521.240676][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 521.245706][ C0] __do_sys_clone+0xce/0x120 [ 521.250294][ C0] ? __pfx___do_sys_clone+0x10/0x10 [ 521.255482][ C0] ? count_memcg_events+0x122/0x290 [ 521.260676][ C0] ? do_user_addr_fault+0x843/0x1370 [ 521.265973][ C0] do_syscall_64+0xcd/0xf80 [ 521.270473][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 521.276353][ C0] RIP: 0033:0x7fa02b585f13 [ 521.280749][ C0] RSP: 002b:00007fff45768048 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 521.289150][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa02b585f13 [ 521.297105][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 521.305083][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 521.313057][ C0] R10: 00005555610337d0 R11: 0000000000000246 R12: 0000000000000000 [ 521.321015][ C0] R13: 00000000000927c0 R14: 0000000000057615 R15: 00007fff457681e0 [ 521.329069][ C0] [ 521.332076][ C0] task:syz.1.4769 state:R running task stack:23144 pid:16419 tgid:16419 ppid:5834 task_flags:0x40064c flags:0x00080001 [ 521.345636][ C0] Call Trace: [ 521.348900][ C0] [ 521.351905][ C0] ? __schedule+0x10b9/0x6150 [ 521.356603][ C0] __schedule+0x1139/0x6150 [ 521.361124][ C0] ? lock_acquire+0x179/0x330 [ 521.365791][ C0] ? __pfx___schedule+0x10/0x10 [ 521.370635][ C0] ? lock_acquire+0x179/0x330 [ 521.375303][ C0] preempt_schedule_irq+0x51/0x90 [ 521.380325][ C0] irqentry_exit+0x1d8/0x8c0 [ 521.384903][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 521.390870][ C0] RIP: 0010:lock_acquire+0x62/0x330 [ 521.396054][ C0] Code: ea 18 12 83 f8 07 0f 87 a2 02 00 00 89 c0 48 0f a3 05 d2 6b ef 0e 0f 82 74 02 00 00 8b 35 4a 9c ef 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 e9 e9 18 12 0f 85 ad 02 00 00 48 83 c4 [ 521.415648][ C0] RSP: 0018:ffffc9000bc3eec0 EFLAGS: 00000206 [ 521.421702][ C0] RAX: 0000000000000046 RBX: ffffffff8e3c9520 RCX: 0000000068c1bacb [ 521.429746][ C0] RDX: 0000000000000000 RSI: ffffffff8daa50c6 RDI: ffffffff8bf2b680 [ 521.437700][ C0] RBP: 0000000000000002 R08: 00000000ffffffff R09: 00000000ffffffff [ 521.445658][ C0] R10: 0000000000000002 R11: ffff88802ba2e6b0 R12: 0000000000000000 [ 521.453638][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 521.461664][ C0] ? unwind_next_frame+0x3f4/0x20b0 [ 521.466869][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 521.473049][ C0] unwind_next_frame+0xd1/0x20b0 [ 521.477996][ C0] ? unwind_next_frame+0xbd/0x20b0 [ 521.483100][ C0] ? dput+0x1f/0x30 [ 521.486915][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 521.493071][ C0] arch_stack_walk+0x94/0x100 [ 521.497745][ C0] ? dput+0x1f/0x30 [ 521.501591][ C0] stack_trace_save+0x8e/0xc0 [ 521.506318][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 521.511836][ C0] ? __lock_acquire+0x436/0x2890 [ 521.516792][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 521.521997][ C0] save_stack+0x160/0x1f0 [ 521.526323][ C0] ? __pfx_save_stack+0x10/0x10 [ 521.531187][ C0] ? free_unref_folios+0xa22/0x1610 [ 521.536387][ C0] ? folios_put_refs+0x4be/0x750 [ 521.541313][ C0] ? shmem_undo_range+0x58f/0x1140 [ 521.546410][ C0] ? shmem_evict_inode+0x39e/0xbe0 [ 521.551505][ C0] ? evict+0x3c2/0xad0 [ 521.555580][ C0] ? iput.part.0+0x621/0x1190 [ 521.560246][ C0] ? iput+0x35/0x40 [ 521.564041][ C0] ? dentry_unlink_inode+0x29c/0x480 [ 521.569327][ C0] ? __dentry_kill+0x1d0/0x600 [ 521.574086][ C0] ? finish_dput+0x76/0x480 [ 521.578590][ C0] ? dput.part.0+0x451/0x570 [ 521.583171][ C0] ? dput+0x1f/0x30 [ 521.586966][ C0] ? page_ext_put+0x3e/0xd0 [ 521.591496][ C0] __reset_page_owner+0x84/0x1a0 [ 521.596426][ C0] free_unref_folios+0xa22/0x1610 [ 521.601464][ C0] ? rcu_is_watching+0x12/0xc0 [ 521.606228][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 521.612072][ C0] folios_put_refs+0x4be/0x750 [ 521.616852][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 521.622150][ C0] ? folio_batch_remove_exceptionals+0x115/0x1a0 [ 521.628486][ C0] shmem_undo_range+0x58f/0x1140 [ 521.633430][ C0] ? __pfx_shmem_undo_range+0x10/0x10 [ 521.638822][ C0] ? __kernel_text_address+0xd/0x40 [ 521.644010][ C0] ? unwind_get_return_address+0x59/0xa0 [ 521.649647][ C0] ? __lock_acquire+0x436/0x2890 [ 521.654621][ C0] ? find_held_lock+0x2b/0x80 [ 521.659308][ C0] ? is_bpf_text_address+0x8a/0x1a0 [ 521.664501][ C0] ? bpf_ksym_find+0x124/0x1c0 [ 521.669251][ C0] shmem_evict_inode+0x39e/0xbe0 [ 521.674180][ C0] ? inode_wait_for_writeback+0x170/0x390 [ 521.679888][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 521.685419][ C0] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 521.691474][ C0] ? find_held_lock+0x2b/0x80 [ 521.696146][ C0] ? evict+0x37e/0xad0 [ 521.700204][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 521.705653][ C0] evict+0x3c2/0xad0 [ 521.709537][ C0] ? find_held_lock+0x2b/0x80 [ 521.714203][ C0] ? __pfx_evict+0x10/0x10 [ 521.718606][ C0] ? iput.part.0+0x619/0x1190 [ 521.723274][ C0] iput.part.0+0x621/0x1190 [ 521.727833][ C0] iput+0x35/0x40 [ 521.731520][ C0] dentry_unlink_inode+0x29c/0x480 [ 521.736730][ C0] __dentry_kill+0x1d0/0x600 [ 521.741319][ C0] finish_dput+0x76/0x480 [ 521.745650][ C0] dput.part.0+0x451/0x570 [ 521.750143][ C0] dput+0x1f/0x30 [ 521.753764][ C0] __fput+0x51c/0xb70 [ 521.757756][ C0] task_work_run+0x150/0x240 [ 521.762427][ C0] ? __pfx_task_work_run+0x10/0x10 [ 521.767550][ C0] ? do_raw_spin_unlock+0x172/0x230 [ 521.772773][ C0] do_exit+0x87f/0x2bd0 [ 521.776919][ C0] ? proc_coredump_connector+0x2d1/0x4f0 [ 521.782547][ C0] ? __pfx_do_exit+0x10/0x10 [ 521.787143][ C0] do_group_exit+0xd3/0x2a0 [ 521.791657][ C0] get_signal+0x2671/0x26d0 [ 521.796161][ C0] ? __pfx_get_signal+0x10/0x10 [ 521.801011][ C0] arch_do_signal_or_restart+0x8f/0x7a0 [ 521.806557][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 521.812860][ C0] ? do_user_addr_fault+0x926/0x1370 [ 521.818278][ C0] irqentry_exit+0x38a/0x8c0 [ 521.822969][ C0] asm_exc_page_fault+0x26/0x30 [ 521.827818][ C0] RIP: 0033:0x7f816f18f7d1 [ 521.832220][ C0] RSP: 002b:0000000000005feb EFLAGS: 00010217 [ 521.838272][ C0] RAX: 0000000000000000 RBX: 00007f816f3e5fa0 RCX: 00007f816f18f7c9 [ 521.846228][ C0] RDX: 0000000000000000 RSI: 0000000000005feb RDI: 0000000000000002 [ 521.854182][ C0] RBP: 00007f816f213f91 R08: 0002000000000003 R09: 0000000000000000 [ 521.862175][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 521.870134][ C0] R13: 00007f816f3e6038 R14: 00007f816f3e5fa0 R15: 00007ffe587722b8 [ 521.878101][ C0] [ 521.881107][ C0] rcu: rcu_preempt kthread starved for 1825 jiffies! g64053 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 521.892195][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 521.902145][ C0] rcu: RCU grace-period kthread stack dump: [ 521.908013][ C0] task:rcu_preempt state:R running task stack:28440 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 521.921488][ C0] Call Trace: [ 521.924753][ C0] [ 521.927671][ C0] ? __schedule+0x10b9/0x6150 [ 521.932343][ C0] __schedule+0x1139/0x6150 [ 521.936841][ C0] ? __lock_acquire+0x436/0x2890 [ 521.941764][ C0] ? __mod_timer+0x8f2/0xd30 [ 521.946344][ C0] ? __pfx___schedule+0x10/0x10 [ 521.951184][ C0] ? find_held_lock+0x2b/0x80 [ 521.955851][ C0] ? schedule+0x2d7/0x3a0 [ 521.960172][ C0] schedule+0xe7/0x3a0 [ 521.964232][ C0] schedule_timeout+0x123/0x290 [ 521.969074][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 521.974437][ C0] ? __pfx_process_timeout+0x10/0x10 [ 521.979723][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 521.985621][ C0] ? prepare_to_swait_event+0xf5/0x480 [ 521.991097][ C0] rcu_gp_fqs_loop+0x1ea/0xaf0 [ 521.995954][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 522.001492][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 522.006710][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 522.011888][ C0] ? rcu_gp_cleanup+0x7c1/0xe90 [ 522.016749][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 522.022570][ C0] rcu_gp_kthread+0x26d/0x380 [ 522.027268][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 522.032471][ C0] ? rcu_is_watching+0x12/0xc0 [ 522.037241][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 522.042436][ C0] ? __kthread_parkme+0x19e/0x250 [ 522.047452][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 522.052725][ C0] kthread+0x3c5/0x780 [ 522.056784][ C0] ? __pfx_kthread+0x10/0x10 [ 522.061366][ C0] ? rcu_is_watching+0x12/0xc0 [ 522.066120][ C0] ? __pfx_kthread+0x10/0x10 [ 522.070695][ C0] ret_from_fork+0x983/0xb10 [ 522.075272][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 522.080399][ C0] ? __switch_to+0x7af/0x10d0 [ 522.085155][ C0] ? __pfx_kthread+0x10/0x10 [ 522.089732][ C0] ret_from_fork_asm+0x1a/0x30 [ 522.094500][ C0] [ 522.097505][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 522.103815][ C0] CPU: 0 UID: 0 PID: 3408 Comm: kworker/R-bat_e Tainted: G U L syzkaller #0 PREEMPT(full) [ 522.115086][ C0] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 522.120257][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 522.130339][ C0] Workqueue: bat_events batadv_tt_purge [ 522.135902][ C0] RIP: 0010:__orc_find+0x68/0xf0 [ 522.140843][ C0] Code: 8d 6b 04 49 89 df 49 39 ec 72 4e 4c 89 e2 48 29 ea 48 89 d6 48 c1 ea 3f 48 c1 fe 02 48 01 f2 48 d1 fa 48 8d 5c 95 00 48 89 da <48> c1 ea 03 0f b6 34 0a 48 89 da 83 e2 07 83 c2 03 40 38 f2 7c 05 [ 522.160439][ C0] RSP: 0018:ffffc90000006d88 EFLAGS: 00000203 [ 522.166492][ C0] RAX: ffffffff911b79dc RBX: ffffffff909a2d10 RCX: dffffc0000000000 [ 522.174463][ C0] RDX: ffffffff909a2d10 RSI: 000000000000000f RDI: ffffffff909a2cb4 [ 522.182437][ C0] RBP: ffffffff909a2cf4 R08: ffffffff911b7a9c R09: 000000000ac0d5af [ 522.190399][ C0] R10: 0000000000000002 R11: 0000000000002b91 R12: ffffffff909a2d30 [ 522.198358][ C0] R13: ffffffff812b91c9 R14: ffffffff909a2cb4 R15: ffffffff909a2cf0 [ 522.206341][ C0] FS: 0000000000000000(0000) GS:ffff8881248f9000(0000) knlGS:0000000000000000 [ 522.215288][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 522.221859][ C0] CR2: 00007fed98600218 CR3: 0000000022b68000 CR4: 00000000003526f0 [ 522.229908][ C0] Call Trace: [ 522.233180][ C0] [ 522.236012][ C0] ? ret_from_fork_asm+0x19/0x30 [ 522.240953][ C0] unwind_next_frame+0x2ec/0x20b0 [ 522.245970][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 522.250907][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 522.257070][ C0] arch_stack_walk+0x94/0x100 [ 522.261751][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 522.266686][ C0] stack_trace_save+0x8e/0xc0 [ 522.271357][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 522.276761][ C0] ? stack_trace_save+0x8e/0xc0 [ 522.281607][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 522.286974][ C0] ? stack_depot_save_flags+0x29/0x9b0 [ 522.292421][ C0] kasan_save_stack+0x33/0x60 [ 522.297089][ C0] ? kasan_save_stack+0x33/0x60 [ 522.301933][ C0] ? kasan_save_track+0x14/0x30 [ 522.306776][ C0] ? __kasan_slab_alloc+0x89/0x90 [ 522.311791][ C0] ? kmem_cache_alloc_node_noprof+0x298/0x800 [ 522.317872][ C0] ? kmalloc_reserve+0x18b/0x2c0 [ 522.322814][ C0] ? __alloc_skb+0x186/0x410 [ 522.327386][ C0] ? fdb_notify+0xa4/0x1a0 [ 522.331786][ C0] ? br_fdb_update+0x323/0x7c0 [ 522.336535][ C0] ? br_handle_frame_finish+0xdf1/0x1f00 [ 522.342156][ C0] ? br_nf_hook_thresh+0x307/0x410 [ 522.347262][ C0] ? br_nf_pre_routing_finish_ipv6+0x76a/0xfc0 [ 522.353580][ C0] ? br_nf_pre_routing_ipv6+0x3cd/0x8c0 [ 522.359117][ C0] ? br_nf_pre_routing+0x860/0x15b0 [ 522.364320][ C0] ? br_handle_frame+0xb28/0x14e0 [ 522.369331][ C0] ? __netif_receive_skb_core.constprop.0+0x6b3/0x35b0 [ 522.376164][ C0] ? __netif_receive_skb_one_core+0xb0/0x1e0 [ 522.382128][ C0] ? __netif_receive_skb+0x1d/0x160 [ 522.387399][ C0] ? process_backlog+0x4a2/0x1650 [ 522.392407][ C0] ? __napi_poll.constprop.0+0xb3/0x540 [ 522.397940][ C0] ? net_rx_action+0x9f9/0xfa0 [ 522.402688][ C0] ? handle_softirqs+0x219/0x950 [ 522.407616][ C0] ? do_softirq+0xb2/0xf0 [ 522.411932][ C0] ? __local_bh_enable_ip+0x100/0x120 [ 522.417300][ C0] ? batadv_tt_purge+0x25f/0xb80 [ 522.422244][ C0] ? process_one_work+0x9ba/0x1b20 [ 522.427351][ C0] ? rescuer_thread+0x8c5/0xf10 [ 522.432191][ C0] ? kthread+0x3c5/0x780 [ 522.436413][ C0] ? ret_from_fork+0x983/0xb10 [ 522.441159][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 522.446108][ C0] kasan_save_track+0x14/0x30 [ 522.450774][ C0] __kasan_slab_alloc+0x89/0x90 [ 522.455618][ C0] kmem_cache_alloc_node_noprof+0x298/0x800 [ 522.461501][ C0] ? kmalloc_reserve+0x18b/0x2c0 [ 522.466434][ C0] ? kmalloc_reserve+0x18b/0x2c0 [ 522.471451][ C0] kmalloc_reserve+0x18b/0x2c0 [ 522.476226][ C0] __alloc_skb+0x186/0x410 [ 522.480627][ C0] ? __alloc_skb+0x35d/0x410 [ 522.485203][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 522.490137][ C0] fdb_notify+0xa4/0x1a0 [ 522.494368][ C0] br_fdb_update+0x323/0x7c0 [ 522.498945][ C0] ? __pfx_br_fdb_update+0x10/0x10 [ 522.504135][ C0] ? mark_held_locks+0x49/0x80 [ 522.508887][ C0] br_handle_frame_finish+0xdf1/0x1f00 [ 522.514340][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 522.520228][ C0] ? __lock_acquire+0x436/0x2890 [ 522.525193][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 522.530306][ C0] ? nf_hook_slow+0x132/0x200 [ 522.534992][ C0] br_nf_hook_thresh+0x307/0x410 [ 522.539924][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 522.545810][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 522.551260][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 522.557145][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 522.563028][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 522.568921][ C0] br_nf_pre_routing_finish_ipv6+0x76a/0xfc0 [ 522.574894][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 522.580782][ C0] br_nf_pre_routing_ipv6+0x3cd/0x8c0 [ 522.586154][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 522.592046][ C0] ? lock_acquire+0x179/0x330 [ 522.596706][ C0] ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10 [ 522.603202][ C0] ? net_generic+0xea/0x2a0 [ 522.607698][ C0] br_nf_pre_routing+0x860/0x15b0 [ 522.612715][ C0] br_handle_frame+0xb28/0x14e0 [ 522.617560][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 522.622937][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 522.628827][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 522.634110][ C0] __netif_receive_skb_core.constprop.0+0x6b3/0x35b0 [ 522.640791][ C0] ? kmem_cache_free+0x2d8/0x770 [ 522.646162][ C0] ? find_held_lock+0x2b/0x80 [ 522.650834][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 522.655574][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 522.662677][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 522.667346][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 522.672005][ C0] ? sk_skb_reason_drop+0x136/0x1a0 [ 522.677194][ C0] ? ip6_mc_input+0x515/0xf60 [ 522.681869][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 522.686904][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 522.692186][ C0] ? __lock_acquire+0x436/0x2890 [ 522.697112][ C0] ? process_backlog+0x450/0x1650 [ 522.702132][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 522.707929][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 522.714331][ C0] ? lock_acquire+0x179/0x330 [ 522.718998][ C0] ? process_backlog+0x450/0x1650 [ 522.724023][ C0] __netif_receive_skb+0x1d/0x160 [ 522.729037][ C0] process_backlog+0x4a2/0x1650 [ 522.733879][ C0] __napi_poll.constprop.0+0xb3/0x540 [ 522.739246][ C0] net_rx_action+0x9f9/0xfa0 [ 522.743877][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 522.748977][ C0] ? mark_held_locks+0x49/0x80 [ 522.753726][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 522.758916][ C0] ? tmigr_handle_remote+0x132/0x380 [ 522.764194][ C0] ? run_timer_base+0x121/0x190 [ 522.769030][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 522.774215][ C0] handle_softirqs+0x219/0x950 [ 522.778972][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 522.784247][ C0] ? batadv_tt_purge+0x25f/0xb80 [ 522.789174][ C0] do_softirq+0xb2/0xf0 [ 522.793320][ C0] [ 522.796233][ C0] [ 522.799150][ C0] __local_bh_enable_ip+0x100/0x120 [ 522.804339][ C0] batadv_tt_purge+0x25f/0xb80 [ 522.809095][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 522.814369][ C0] ? rcu_is_watching+0x12/0xc0 [ 522.819136][ C0] process_one_work+0x9ba/0x1b20 [ 522.824066][ C0] ? __pfx_process_one_work+0x10/0x10 [ 522.829429][ C0] ? assign_work+0x1a0/0x250 [ 522.834005][ C0] rescuer_thread+0x8c5/0xf10 [ 522.838684][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 522.843875][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 522.849067][ C0] ? __kthread_parkme+0x19e/0x250 [ 522.854093][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 522.859277][ C0] kthread+0x3c5/0x780 [ 522.863337][ C0] ? __pfx_kthread+0x10/0x10 [ 522.867911][ C0] ? rcu_is_watching+0x12/0xc0 [ 522.872697][ C0] ? __pfx_kthread+0x10/0x10 [ 522.877271][ C0] ret_from_fork+0x983/0xb10 [ 522.881859][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 522.886956][ C0] ? __switch_to+0x7af/0x10d0 [ 522.891619][ C0] ? __pfx_kthread+0x10/0x10 [ 522.896203][ C0] ret_from_fork_asm+0x1a/0x30 [ 522.900993][ C0] [ 522.905425][ C0] net_ratelimit: 2315 callbacks suppressed [ 522.905439][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 522.924976][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 522.938669][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 522.953734][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 522.967670][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 522.981373][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 522.995175][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 523.008911][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 523.023472][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 523.037264][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 527.906250][ C0] net_ratelimit: 2687 callbacks suppressed [ 527.906266][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 527.926106][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 527.939975][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 527.953962][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 527.967932][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 527.981823][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 527.995626][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 528.009449][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 528.023262][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0) [ 528.037214][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1a:28:3d:03:82:29, vlan:0)