last executing test programs: 4.536842683s ago: executing program 1 (id=11739): lstat$auto(0x0, &(0x7f0000000180)={0x80000000000001, 0x0, 0x0, 0x2, 0xee01, 0x0, 0x0, 0x2, 0x4, 0x80000002041000a, 0x4, 0x10000, 0x6, 0xffffffff80000000, 0xe0, 0x6, 0xfffffffffffffffb}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 4.338834268s ago: executing program 1 (id=11743): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8080}, 0x24004805) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x31, 0x7f, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x6, 0x7, 0x0, 0x800000007ffffffb, 0x5, 0xffffffff80000003, 0x2, 0x60, 0x401}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 4.016781157s ago: executing program 1 (id=11749): socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) 3.88427136s ago: executing program 1 (id=11751): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = epoll_create$auto(0x1) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, r0, 0x0) 3.757824842s ago: executing program 1 (id=11753): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(r0, 0x0, 0x800000006) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)="02") 1.271321196s ago: executing program 2 (id=11787): openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x14100, 0x0) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0xb213, 0x2c, 0x800}) sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f00000000c0)={&(0x7f0000000040)='f', 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x4}, 0x2, 0x100) 1.140439417s ago: executing program 3 (id=11788): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') write$auto(r0, &(0x7f0000000040)='\x00', 0x1) 1.139842002s ago: executing program 0 (id=11796): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x10000000008}, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x9ae, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0) 1.125106864s ago: executing program 2 (id=11789): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r0, 0x6b, 0x2, 0xfffffffffffffffe, 0x0) 1.046358407s ago: executing program 0 (id=11790): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x49, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 916.809644ms ago: executing program 2 (id=11791): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) setsockopt$auto(0x3, 0x10000000084, 0x84, 0x0, 0x90) 853.282876ms ago: executing program 3 (id=11792): socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clock_gettime$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) 744.327785ms ago: executing program 2 (id=11793): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) futex$auto(0x0, 0x7, 0x8, 0x0, 0x0, 0x0) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cpu/0/msr\x00', 0x100000, 0x0) 731.330733ms ago: executing program 0 (id=11794): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) timer_create$auto(0x2, 0x0, 0x0) setrlimit$auto(0x9, 0x0) io_setup$auto(0x1, 0x0) 688.414211ms ago: executing program 3 (id=11795): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x1000, 0x400050, 0x9) 564.584262ms ago: executing program 0 (id=11797): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x40000002c55, 0x0) setsockopt$auto(r0, 0x10000000084, 0x7f, 0x0, 0xad4) 538.41398ms ago: executing program 1 (id=11798): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x8400, 0x0) mlock$auto(0xfbea, 0x7fffffffffffffff) 538.050928ms ago: executing program 3 (id=11799): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x1, 0x0) listen$auto(0x3, 0x81) getsockopt$auto(r0, 0x6, 0x23, 0x0, &(0x7f00000000c0)=0x28000) 503.41904ms ago: executing program 2 (id=11800): sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x60, 0x0, 0x2, 0x70bd29, 0x25dfdbff, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x14, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x400}, @NFSD_A_VERSION_ENABLED={0x4}, @NFSD_A_VERSION_ENABLED={0x4}]}, @NFSD_A_SERVER_PROTO_VERSION={0x30, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_ENABLED={0x4}, @NFSD_A_VERSION_MINOR={0x8, 0x2, 0xc}, @NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x6}, @NFSD_A_VERSION_MINOR={0x8, 0x2, 0x9}, @NFSD_A_VERSION_MINOR={0x8, 0x2, 0x2}, @NFSD_A_VERSION_ENABLED={0x4}, @NFSD_A_VERSION_ENABLED={0x4}]}, @NFSD_A_SERVER_PROTO_VERSION={0x8, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_ENABLED={0x4}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4081}, 0x200000c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 410.832195ms ago: executing program 0 (id=11801): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) readv$auto(r0, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) write$auto(r0, 0x0, 0x3) 358.610682ms ago: executing program 3 (id=11802): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f0000003b80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="0100fdc3af1ccc001a8b0700001008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x180c0) 271.311969ms ago: executing program 2 (id=11803): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u50x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) kernel console output (not intermixed with test programs): /0x80 [ 357.604789][T20083] ? sysfs_file_kobj+0xe4/0x290 [ 357.609666][T20083] ? sysfs_file_kobj+0xe4/0x290 [ 357.614524][T20083] ? __pfx_set_bank+0x10/0x10 [ 357.619197][T20083] dev_attr_store+0x58/0x80 [ 357.623793][T20083] ? __pfx_dev_attr_store+0x10/0x10 [ 357.629003][T20083] sysfs_kf_write+0xf2/0x150 [ 357.633595][T20083] kernfs_fop_write_iter+0x3e0/0x5f0 [ 357.638863][T20083] ? __pfx_sysfs_kf_write+0x10/0x10 [ 357.644051][T20083] vfs_write+0x6ac/0x1070 [ 357.648407][T20083] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 357.654200][T20083] ? __pfx_vfs_write+0x10/0x10 [ 357.658965][T20083] ksys_write+0x12a/0x250 [ 357.663276][T20083] ? __pfx_ksys_write+0x10/0x10 [ 357.668117][T20083] do_syscall_64+0x106/0xf80 [ 357.672698][T20083] ? clear_bhb_loop+0x40/0x90 [ 357.677401][T20083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.683281][T20083] RIP: 0033:0x7f63a599c799 [ 357.687685][T20083] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 357.707287][T20083] RSP: 002b:00007f63a68b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 357.715764][T20083] RAX: ffffffffffffffda RBX: 00007f63a5c15fa0 RCX: 00007f63a599c799 [ 357.723717][T20083] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 357.731670][T20083] RBP: 00007f63a5a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 357.739626][T20083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 357.747577][T20083] R13: 00007f63a5c16038 R14: 00007f63a5c15fa0 R15: 00007ffe01b14b78 [ 357.755543][T20083] [ 357.959351][T20090] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 359.453504][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 359.464530][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 360.897326][T20199] could not allocate digest TFM handle [ 361.732903][T20248] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 363.551074][T20338] program syz.2.6430 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 364.492394][T20389] sysfs_service_op_show: Client not running :-5: [ 364.775831][T20405] random: crng reseeded on system resumption [ 365.679187][T20452] ecryptfs_parse_packet_length: Error parsing packet length [ 365.710734][T20452] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 365.963072][T20466] kAFS: Invalid Command on /proc/fs/afs/cells file [ 366.307898][T20485] kAFS: Invalid Command on /proc/fs/afs/cells file [ 366.341477][T20483] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 366.386213][T20483] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 366.419981][T20483] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 366.467672][T20483] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 366.507044][T20483] page dumped because: unmovable page [ 366.529158][T20483] page_owner info is not present (never set?) [ 367.730409][T20561] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 368.151386][T20586] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 368.355043][T20597] syz_tun: tun_chr_ioctl cmd 1074812117 [ 369.504269][T20651] zram: Added device: zram1 [ 370.054665][ T30] audit: type=1800 audit(4294967343.305:40): pid=20682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6581" name="lu_gp_id" dev="configfs" ino=50733 res=0 errno=0 [ 370.081140][T20680] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 370.098872][T20682] kstrtoul() returned -22 for lu_gp_id [ 371.050229][T20738] random: crng reseeded on system resumption [ 371.714920][T20775] futex_wake_op: syz.1.6621 tries to shift op by -1; fix this program [ 373.173411][T20857] program syz.0.6654 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 374.483572][ T9600] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 374.483601][ T9600] Bluetooth: hci3: unexpected subevent 0x06 length: 725 > 10 [ 374.954893][ T9600] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 374.954917][ T9600] Bluetooth: hci1: unexpected subevent 0x06 length: 725 > 10 [ 375.117574][T20958] bond0: no command found in slaves file - use +ifname or -ifname [ 376.563080][ T9600] Bluetooth: hci3: command 0x0406 tx timeout [ 377.042483][ T9600] Bluetooth: hci1: command 0x0406 tx timeout [ 377.675399][T21107] Format for deleting device is "id" (uint). [ 378.649071][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.660377][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.461900][ T30] audit: type=1800 audit(4294967354.715:41): pid=21251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6822" name="members" dev="configfs" ino=52264 res=0 errno=0 [ 382.311622][T21274] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[21274] [ 383.869855][T21329] vhci_hcd vhci_hcd.2: invalid port number 16 [ 383.913142][T21329] vhci_hcd vhci_hcd.2: invalid port number 16 [ 385.020022][T21374] delete_channel: no stack [ 385.106173][T21377] [U]  [ 385.453680][T21393] pci 0000:00:01.3: enabling device (0000 -> 0001) [ 385.668365][T21393] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 385.697627][T21402] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 385.718979][T21393] pci 0000:00:01.3: PCI INT A: no GSI [ 386.441242][T21443] phram: not enough arguments [ 386.622807][T21452] nvme_fcloop: unknown parameter or missing value '7' [ 387.076402][T21478] block2mtd: illegal erase size [ 387.757310][T21520] Line length is too long: Should be less than 4094 [ 387.864673][T21524] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 388.412053][ T9600] Bluetooth: hci0: Unexpected cc 0x7c89 with no status [ 388.869186][T21581] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 393.360351][T21757] synth uevent: /bus/mei: unknown uevent action string [ 395.238285][T21829] usbcore.quirks: string doesn't fit in 127 chars. [ 395.836034][ T9600] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 395.972737][T21872] wlan1: mtu less than device minimum [ 397.003696][T21929] Setting dangerous option i915.mitigations - tainting kernel [ 397.059995][T21931] usb usb13: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 397.921930][T11409] Bluetooth: hci2: command 0x0406 tx timeout [ 398.015645][T21984] usb usb37: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 398.043154][T21984] vhci_hcd vhci_hcd.2: invalid port number 0 [ 398.470950][T11409] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 398.490451][T22011] kfence: disabled [ 400.002412][T11669] Bluetooth: hci2: command 0x0406 tx timeout [ 400.559916][ T9600] Bluetooth: hci1: command 0x0406 tx timeout [ 400.625151][T22127] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 401.387754][T22171] netlink: Invalid conntrack timeout [ 401.500594][T22173] syz.0.7190 uses obsolete (PF_INET,SOCK_PACKET) [ 401.881688][T22197] openvswitch: netlink: Message has 20 unknown bytes. [ 402.640411][ T9600] Bluetooth: hci1: command 0x0406 tx timeout [ 402.735761][T22238] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 402.752064][T22240] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7218'. [ 402.865873][T22244] perf: Dynamic interrupt throttling disabled, can hang your system! [ 403.062503][T22253] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 404.393979][T22323] openvswitch: netlink: IP tunnel dst address not specified [ 404.538201][T22332] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 404.884416][T22344] ======================================================= [ 404.884416][T22344] WARNING: The mand mount option has been deprecated and [ 404.884416][T22344] and is ignored by this kernel. Remove the mand [ 404.884416][T22344] option from the mount to silence this warning. [ 404.884416][T22344] ======================================================= [ 405.023439][T22344] nfsd: Unknown parameter '*' [ 405.168030][T11409] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 405.168053][T11409] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 405.183663][T11409] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 405.183697][T11409] Bluetooth: hci0: Unknown advertising packet type: 0x77 [ 405.191106][T11409] Bluetooth: hci0: adv larger than maximum supported [ 405.199368][T11409] Bluetooth: hci0: Malformed LE Event: 0x0d [ 406.231498][T11409] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 406.465172][T22416] Zero length message leads to an empty skb [ 406.481632][T22426] FAULT_INJECTION: forcing a failure. [ 406.481632][T22426] name failslab, interval 1, probability 0, space 0, times 1 [ 406.550265][T22426] CPU: 0 UID: 0 PID: 22426 Comm: syz.2.7283 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 406.550297][T22426] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 406.550304][T22426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 406.550317][T22426] Call Trace: [ 406.550323][T22426] [ 406.550330][T22426] dump_stack_lvl+0x100/0x190 [ 406.550375][T22426] should_fail_ex.cold+0x5/0xa [ 406.550403][T22426] should_failslab+0xc2/0x120 [ 406.550428][T22426] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 406.550466][T22426] ? sk_prot_alloc+0x60/0x2a0 [ 406.550530][T22426] sk_prot_alloc+0x60/0x2a0 [ 406.550547][T22426] sk_alloc+0x36/0xe80 [ 406.550568][T22426] smc_create+0x11a/0x290 [ 406.550631][T22426] __sock_create+0x339/0x860 [ 406.550676][T22426] __sys_socket+0x14d/0x260 [ 406.550693][T22426] ? __pfx___sys_socket+0x10/0x10 [ 406.550716][T22426] __x64_sys_socket+0x72/0xb0 [ 406.550732][T22426] ? lockdep_hardirqs_on+0x78/0x100 [ 406.550754][T22426] do_syscall_64+0x106/0xf80 [ 406.550774][T22426] ? clear_bhb_loop+0x40/0x90 [ 406.550792][T22426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.550807][T22426] RIP: 0033:0x7f884f99c799 [ 406.550821][T22426] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 406.550834][T22426] RSP: 002b:00007f8850943028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 406.550853][T22426] RAX: ffffffffffffffda RBX: 00007f884fc15fa0 RCX: 00007f884f99c799 [ 406.550863][T22426] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b [ 406.550871][T22426] RBP: 00007f884fa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 406.550880][T22426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.550888][T22426] R13: 00007f884fc16038 R14: 00007f884fc15fa0 R15: 00007fffdc74cb48 [ 406.550908][T22426] [ 407.317186][T22457] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 407.389342][T22457] CIFS mount error: No usable UNC path provided in device string! [ 407.389342][T22457] [ 407.406467][T22460] netlink: 'syz.3.7296': attribute type 11 has an invalid length. [ 407.415036][T22457] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 408.320125][ T9600] Bluetooth: hci0: command 0x0406 tx timeout [ 408.751041][ T9600] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 408.758759][ T9600] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0' [ 408.768133][ T9600] CPU: 0 UID: 0 PID: 9600 Comm: kworker/u11:0 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 408.768162][ T9600] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 408.768169][ T9600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 408.768180][ T9600] Workqueue: hci3 hci_rx_work [ 408.768257][ T9600] Call Trace: [ 408.768263][ T9600] [ 408.768269][ T9600] dump_stack_lvl+0x100/0x190 [ 408.768296][ T9600] sysfs_warn_dup.cold+0x1c/0x28 [ 408.768326][ T9600] sysfs_create_dir_ns+0x24b/0x2b0 [ 408.768349][ T9600] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 408.768368][ T9600] ? find_held_lock+0x2b/0x80 [ 408.768383][ T9600] ? kobject_add_internal+0x25f/0x930 [ 408.768440][ T9600] ? kobject_add_internal+0x25f/0x930 [ 408.768457][ T9600] ? do_raw_spin_unlock+0x145/0x1e0 [ 408.768481][ T9600] kobject_add_internal+0x2c8/0x930 [ 408.768501][ T9600] kobject_add+0x16a/0x1e0 [ 408.768516][ T9600] ? __pfx_kobject_add+0x10/0x10 [ 408.768531][ T9600] ? class_to_subsys+0x10f/0x150 [ 408.768601][ T9600] ? kobject_put+0xb9/0x640 [ 408.768615][ T9600] ? _raw_spin_unlock+0x28/0x50 [ 408.768640][ T9600] device_add+0x294/0x1950 [ 408.768659][ T9600] ? __pfx_dev_set_name+0x10/0x10 [ 408.768680][ T9600] ? __pfx_device_add+0x10/0x10 [ 408.768698][ T9600] ? mgmt_send_event_skb+0x2fb/0x460 [ 408.768782][ T9600] hci_conn_add_sysfs+0x1a3/0x260 [ 408.768848][ T9600] le_conn_complete_evt+0x11cb/0x1f40 [ 408.768901][ T9600] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 408.768919][ T9600] ? __pfx_bt_warn+0x10/0x10 [ 408.768953][ T9600] hci_le_conn_complete_evt+0x23c/0x3a0 [ 408.768973][ T9600] ? skb_pull_data+0x15f/0x1e0 [ 408.769022][ T9600] hci_le_meta_evt+0x34a/0x5f0 [ 408.769065][ T9600] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 408.769088][ T9600] hci_event_packet+0x682/0x11c0 [ 408.769106][ T9600] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 408.769128][ T9600] ? __pfx_hci_event_packet+0x10/0x10 [ 408.769149][ T9600] ? kcov_remote_start+0x374/0x660 [ 408.769163][ T9600] ? lockdep_hardirqs_on+0x78/0x100 [ 408.769189][ T9600] hci_rx_work+0x451/0xfc0 [ 408.769210][ T9600] process_one_work+0xa23/0x19a0 [ 408.769249][ T9600] ? __pfx_process_one_work+0x10/0x10 [ 408.769275][ T9600] ? __pfx_hci_rx_work+0x10/0x10 [ 408.769295][ T9600] worker_thread+0x5ef/0xe50 [ 408.769324][ T9600] ? kthread+0x13a/0x450 [ 408.769342][ T9600] ? __pfx_worker_thread+0x10/0x10 [ 408.769361][ T9600] kthread+0x370/0x450 [ 408.769379][ T9600] ? __pfx_kthread+0x10/0x10 [ 408.769399][ T9600] ret_from_fork+0x754/0xd80 [ 408.769436][ T9600] ? __pfx_ret_from_fork+0x10/0x10 [ 408.769460][ T9600] ? __switch_to+0x7b4/0x1120 [ 408.769477][ T9600] ? __pfx_kthread+0x10/0x10 [ 408.769498][ T9600] ret_from_fork_asm+0x1a/0x30 [ 408.769525][ T9600] [ 408.769549][ T9600] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 409.079066][ T9600] Bluetooth: hci3: failed to register connection device [ 410.400294][ T9600] Bluetooth: hci0: command 0x0406 tx timeout [ 411.126620][T11669] Bluetooth: hci3: command 0x0406 tx timeout [ 411.240823][T22657] netlink: Unknown NAT attribute (type=262, max=9) [ 411.447724][T22667] ksmbd: Unknown IPC event: 14, ignore. [ 412.337297][T11409] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 412.846527][T22754] netlink: 'syz.2.7390': attribute type 1 has an invalid length. [ 412.866180][T22755] program syz.0.7391 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 413.201746][T11669] Bluetooth: hci3: command 0x0406 tx timeout [ 413.674508][ T9600] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 414.170902][T22822] sd 0:0:1:0: PR command failed: 1026 [ 414.185236][T22822] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 414.198907][T22822] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 414.400068][T11669] Bluetooth: hci1: command 0x0406 tx timeout [ 415.258613][T11409] Bluetooth: hci0: SCO packet too small [ 415.629273][T22897] syz_tun: tun_chr_ioctl cmd 2147767519 [ 415.760827][T11409] Bluetooth: hci0: command 0x0406 tx timeout [ 415.779183][T22904] FAULT_INJECTION: forcing a failure. [ 415.779183][T22904] name failslab, interval 1, probability 0, space 0, times 0 [ 415.836622][T22904] CPU: 0 UID: 0 PID: 22904 Comm: syz.0.7439 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 415.836652][T22904] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 415.836659][T22904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 415.836668][T22904] Call Trace: [ 415.836673][T22904] [ 415.836679][T22904] dump_stack_lvl+0x100/0x190 [ 415.836708][T22904] should_fail_ex.cold+0x5/0xa [ 415.836728][T22904] ? tomoyo_realpath_from_path+0xb6/0x690 [ 415.836856][T22904] should_failslab+0xc2/0x120 [ 415.836874][T22904] __kmalloc_noprof+0xe0/0x850 [ 415.836900][T22904] tomoyo_realpath_from_path+0xb6/0x690 [ 415.836924][T22904] tomoyo_check_open_permission+0x2af/0x3c0 [ 415.836942][T22904] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 415.836977][T22904] ? lock_acquire+0x1cf/0x380 [ 415.836996][T22904] ? find_held_lock+0x2b/0x80 [ 415.837015][T22904] tomoyo_file_open+0x6b/0x90 [ 415.837037][T22904] security_file_open+0xb5/0x1e0 [ 415.837097][T22904] do_dentry_open+0x5aa/0x1660 [ 415.837120][T22904] vfs_open+0x82/0x3f0 [ 415.837141][T22904] path_openat+0x208c/0x31a0 [ 415.837164][T22904] ? __pfx_path_openat+0x10/0x10 [ 415.837187][T22904] do_file_open+0x20e/0x430 [ 415.837204][T22904] ? __pfx_do_file_open+0x10/0x10 [ 415.837233][T22904] ? alloc_fd+0x476/0x790 [ 415.837258][T22904] ? do_getname+0x191/0x390 [ 415.837279][T22904] do_sys_openat2+0x10d/0x1e0 [ 415.837298][T22904] ? __pfx_do_sys_openat2+0x10/0x10 [ 415.837324][T22904] __x64_sys_openat+0x12d/0x210 [ 415.837344][T22904] ? __pfx___x64_sys_openat+0x10/0x10 [ 415.837370][T22904] do_syscall_64+0x106/0xf80 [ 415.837392][T22904] ? clear_bhb_loop+0x40/0x90 [ 415.837409][T22904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 415.837424][T22904] RIP: 0033:0x7f551439c799 [ 415.837438][T22904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 415.837451][T22904] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 415.837466][T22904] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 415.837475][T22904] RDX: 0000000000000002 RSI: 0000200000001680 RDI: ffffffffffffff9c [ 415.837484][T22904] RBP: 00007f5514432c99 R08: 0000000000000000 R09: 0000000000000000 [ 415.837493][T22904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 415.837502][T22904] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 415.837521][T22904] [ 415.837528][T22904] ERROR: Out of memory at tomoyo_realpath_from_path. [ 416.109853][T22909] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 416.206975][T22914] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 416.508939][T11444] Bluetooth: hci1: command 0x0406 tx timeout [ 417.840261][T11669] Bluetooth: hci0: command 0x0406 tx timeout [ 418.070675][T23016] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 419.382674][T23074] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7507'. [ 419.589931][T23084] FAULT_INJECTION: forcing a failure. [ 419.589931][T23084] name failslab, interval 1, probability 0, space 0, times 0 [ 419.672658][T23084] CPU: 0 UID: 0 PID: 23084 Comm: syz.1.7512 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 419.672689][T23084] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 419.672696][T23084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 419.672705][T23084] Call Trace: [ 419.672711][T23084] [ 419.672718][T23084] dump_stack_lvl+0x100/0x190 [ 419.672747][T23084] should_fail_ex.cold+0x5/0xa [ 419.672765][T23084] should_failslab+0xc2/0x120 [ 419.672782][T23084] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 419.672804][T23084] ? __pmd_alloc+0xbf/0x950 [ 419.672825][T23084] __pmd_alloc+0xbf/0x950 [ 419.672843][T23084] move_page_tables+0x3224/0x4500 [ 419.672866][T23084] ? __pfx_copy_vma+0x10/0x10 [ 419.672894][T23084] ? __pfx_move_page_tables+0x10/0x10 [ 419.672926][T23084] ? finish_task_switch.isra.0+0x200/0xb80 [ 419.672945][T23084] copy_vma_and_data+0x25c/0x7c0 [ 419.672968][T23084] ? __pfx_copy_vma_and_data+0x10/0x10 [ 419.672997][T23084] ? __vma_start_write+0x17f/0x280 [ 419.673016][T23084] ? __pfx___vma_start_write+0x10/0x10 [ 419.673040][T23084] move_vma+0x51b/0x1890 [ 419.673064][T23084] ? __pfx_move_vma+0x10/0x10 [ 419.673086][T23084] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 419.673104][T23084] ? cap_mmap_addr+0x4b/0x120 [ 419.673219][T23084] ? bpf_lsm_mmap_addr+0x9/0x30 [ 419.673241][T23084] ? security_mmap_addr+0x71/0x1e0 [ 419.673260][T23084] ? __get_unmapped_area+0x255/0x3e0 [ 419.673280][T23084] ? vrm_set_new_addr+0x204/0x290 [ 419.673303][T23084] mremap_to+0x1b7/0x450 [ 419.673325][T23084] do_mremap+0xb76/0x2130 [ 419.673354][T23084] ? __pfx_do_mremap+0x10/0x10 [ 419.673379][T23084] ? ksys_write+0x190/0x250 [ 419.673397][T23084] __do_sys_mremap+0x126/0x170 [ 419.673418][T23084] ? __pfx___do_sys_mremap+0x10/0x10 [ 419.673444][T23084] ? __x64_sys_futex+0x34f/0x4d0 [ 419.673475][T23084] do_syscall_64+0x106/0xf80 [ 419.673497][T23084] ? clear_bhb_loop+0x40/0x90 [ 419.673516][T23084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.673531][T23084] RIP: 0033:0x7f63a599c799 [ 419.673545][T23084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 419.673558][T23084] RSP: 002b:00007f63a68b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 419.673573][T23084] RAX: ffffffffffffffda RBX: 00007f63a5c15fa0 RCX: 00007f63a599c799 [ 419.673584][T23084] RDX: 0000000000000013 RSI: 0000000000000004 RDI: 0000200000000000 [ 419.673593][T23084] RBP: 00007f63a5a32c99 R08: 0000000100000000 R09: 0000000000000000 [ 419.673602][T23084] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 419.673611][T23084] R13: 00007f63a5c16038 R14: 00007f63a5c15fa0 R15: 00007ffe01b14b78 [ 419.673631][T23084] [ 420.422447][T23117] openvswitch: netlink: IP tunnel dst address not specified [ 420.632006][ T9600] Bluetooth: hci2: unexpected event 0x36 length: 123 > 7 [ 421.124193][T23148] bonding: no command found in bonding_masters - use +ifname or -ifname [ 421.177448][T23151] openvswitch: netlink: Flow key attribute not present in set flow. [ 422.723614][T23230] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 423.702436][T23269] netlink: 'syz.0.7593': attribute type 9 has an invalid length. [ 423.743187][T23271] nbd: must specify a device to reconfigure [ 424.063248][T23284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 425.882995][T23385] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 426.369626][ T30] audit: type=1326 audit(4294967399.615:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23403 comm="syz.0.7638" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f551439c799 code=0x0 [ 427.779587][T23466] sctp: [Deprecated]: syz.0.7663 (pid 23466) Use of int in max_burst socket option deprecated. [ 427.779587][T23466] Use struct sctp_assoc_value instead [ 428.960538][T23528] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 429.058536][T23531] process 'syz.2.7679' launched '/dev/fd/0' with NULL argv: empty string added [ 431.501079][T23653] queue_state_write: unsupported operation '' [ 431.577484][T23653] queue_state_write: use 'run', 'start' or 'kick' [ 433.944659][T23788] netlink: zone id is out of range [ 435.274846][T23850] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 435.947028][T23901] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 437.695615][T23985] mmap: syz.2.7812 (23985): VmData 45879296 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 438.867160][T24034] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd1f [ 439.834393][T24078] netlink: 'syz.3.7848': attribute type 11 has an invalid length. [ 439.885908][T24078] netlink: 'syz.3.7848': attribute type 11 has an invalid length. [ 439.918517][T24078] netlink: 'syz.3.7848': attribute type 11 has an invalid length. [ 440.052153][T24091] capability: warning: `syz.1.7851' uses 32-bit capabilities (legacy support in use) [ 440.074080][T24092] FAULT_INJECTION: forcing a failure. [ 440.074080][T24092] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 440.102332][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.108641][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.160393][T24092] CPU: 0 UID: 0 PID: 24092 Comm: syz.0.7852 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 440.160431][T24092] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 440.160440][T24092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 440.160449][T24092] Call Trace: [ 440.160455][T24092] [ 440.160461][T24092] dump_stack_lvl+0x100/0x190 [ 440.160492][T24092] should_fail_ex.cold+0x5/0xa [ 440.160509][T24092] ? prepare_alloc_pages+0x16d/0x5f0 [ 440.160530][T24092] should_fail_alloc_page+0xeb/0x140 [ 440.160548][T24092] prepare_alloc_pages+0x1f0/0x5f0 [ 440.160564][T24092] ? rcu_is_watching+0x12/0xc0 [ 440.160621][T24092] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 440.160644][T24092] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 440.160669][T24092] ? __pfx_css_rstat_updated+0x10/0x10 [ 440.160692][T24092] ? find_held_lock+0x2b/0x80 [ 440.160707][T24092] ? rcu_read_unlock+0x17/0x60 [ 440.160723][T24092] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 440.160744][T24092] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 440.160765][T24092] ? page_counter_charge+0x1d2/0x240 [ 440.160785][T24092] ? rcu_is_watching+0x12/0xc0 [ 440.160806][T24092] ? trace_mm_page_alloc+0x17a/0x1d0 [ 440.160830][T24092] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 440.160846][T24092] ? policy_nodemask+0xed/0x4f0 [ 440.160863][T24092] alloc_pages_mpol+0x1fb/0x550 [ 440.160879][T24092] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 440.160895][T24092] ? do_raw_spin_lock+0x128/0x260 [ 440.160916][T24092] ? find_held_lock+0x2b/0x80 [ 440.160929][T24092] ? __pud_alloc+0x529/0x6e0 [ 440.160948][T24092] alloc_pages_noprof+0x131/0x390 [ 440.160965][T24092] __pmd_alloc+0x3b/0x950 [ 440.160981][T24092] ? __pud_alloc+0x52e/0x6e0 [ 440.160999][T24092] walk_to_pmd+0x3a3/0x4c0 [ 440.161017][T24092] get_locked_pte+0x25/0xc0 [ 440.161036][T24092] map_ldt_struct+0x3c1/0xa70 [ 440.161056][T24092] ? __pfx_map_ldt_struct+0x10/0x10 [ 440.161071][T24092] ? alloc_pages_noprof+0x233/0x390 [ 440.161090][T24092] write_ldt+0x6d3/0xd40 [ 440.161108][T24092] ? __pfx_write_ldt+0x10/0x10 [ 440.161124][T24092] ? xfd_validate_state+0x129/0x190 [ 440.161150][T24092] __x64_sys_modify_ldt+0xb1/0x170 [ 440.161166][T24092] do_syscall_64+0x106/0xf80 [ 440.161189][T24092] ? clear_bhb_loop+0x40/0x90 [ 440.161208][T24092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.161224][T24092] RIP: 0033:0x7f551439c799 [ 440.161237][T24092] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 440.161252][T24092] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 440.161266][T24092] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 440.161276][T24092] RDX: 0000000000000010 RSI: 0000200000000140 RDI: 0000000000000001 [ 440.161284][T24092] RBP: 00007f5514432c99 R08: 0000000000000000 R09: 0000000000000000 [ 440.161293][T24092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 440.161302][T24092] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 440.161321][T24092] [ 441.370753][T24111] netlink: Setting conntrack mark requires 'commit' flag. [ 441.664445][T24125] openvswitch: netlink: Key 15 has unexpected len 16 expected 4 [ 443.276168][T24193] netlink: zone id is out of range [ 443.299354][T24193] netlink: zone id is out of range [ 447.364665][T24374] netlink: 'syz.2.7972': attribute type 1 has an invalid length. [ 448.004205][T24403] FAULT_INJECTION: forcing a failure. [ 448.004205][T24403] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 448.004298][T24403] CPU: 0 UID: 0 PID: 24403 Comm: syz.3.7985 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 448.004332][T24403] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 448.004340][T24403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 448.004350][T24403] Call Trace: [ 448.004355][T24403] [ 448.004361][T24403] dump_stack_lvl+0x100/0x190 [ 448.004389][T24403] should_fail_ex.cold+0x5/0xa [ 448.004410][T24403] ? prepare_alloc_pages+0x16d/0x5f0 [ 448.004429][T24403] should_fail_alloc_page+0xeb/0x140 [ 448.004446][T24403] prepare_alloc_pages+0x1f0/0x5f0 [ 448.004463][T24403] ? bpf_ksym_find+0x124/0x1c0 [ 448.004514][T24403] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 448.004539][T24403] ? __kernel_text_address+0xd/0x30 [ 448.004561][T24403] ? unwind_get_return_address+0x59/0xa0 [ 448.004578][T24403] ? arch_stack_walk+0xa6/0xf0 [ 448.004599][T24403] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 448.004620][T24403] ? stack_trace_save+0x8e/0xc0 [ 448.004635][T24403] ? __pfx_stack_trace_save+0x10/0x10 [ 448.004650][T24403] ? stack_depot_save_flags+0x27/0x9d0 [ 448.004725][T24403] ? mas_store_prealloc+0x893/0xfb0 [ 448.004745][T24403] ? kasan_save_stack+0x30/0x50 [ 448.004766][T24403] ? kasan_save_track+0x14/0x30 [ 448.004779][T24403] ? __kasan_slab_alloc+0x89/0x90 [ 448.004792][T24403] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 448.004813][T24403] ? __pmd_alloc+0xbf/0x950 [ 448.004829][T24403] ? __handle_mm_fault+0xa99/0x2b60 [ 448.004847][T24403] ? handle_mm_fault+0x36d/0xa20 [ 448.004864][T24403] ? __get_user_pages+0xf9c/0x34d0 [ 448.004880][T24403] ? populate_vma_page_range+0x267/0x3f0 [ 448.004896][T24403] ? __mm_populate+0x107/0x3a0 [ 448.004912][T24403] ? vm_mmap_pgoff+0x37f/0x470 [ 448.004932][T24403] ? ksys_mmap_pgoff+0xe1/0x650 [ 448.004946][T24403] ? __x64_sys_mmap+0x125/0x190 [ 448.004967][T24403] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 448.004983][T24403] ? policy_nodemask+0xed/0x4f0 [ 448.005001][T24403] alloc_pages_mpol+0x1fb/0x550 [ 448.005017][T24403] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 448.005039][T24403] alloc_pages_noprof+0x131/0x390 [ 448.005055][T24403] pte_alloc_one+0x1c/0x3d0 [ 448.005082][T24403] __pte_alloc+0x6d/0x3e0 [ 448.005097][T24403] ? __pfx___pte_alloc+0x10/0x10 [ 448.005113][T24403] ? do_raw_spin_lock+0x128/0x260 [ 448.005134][T24403] ? find_held_lock+0x2b/0x80 [ 448.005149][T24403] do_anonymous_page+0x13cc/0x1fb0 [ 448.005169][T24403] ? do_raw_spin_unlock+0x145/0x1e0 [ 448.005191][T24403] ? _raw_spin_unlock+0x28/0x50 [ 448.005209][T24403] ? __pmd_alloc+0x3fb/0x950 [ 448.005228][T24403] __handle_mm_fault+0x1d42/0x2b60 [ 448.005250][T24403] ? mt_find+0x45e/0x8e0 [ 448.005264][T24403] ? __pfx___handle_mm_fault+0x10/0x10 [ 448.005282][T24403] ? __pfx_mt_find+0x10/0x10 [ 448.005311][T24403] handle_mm_fault+0x36d/0xa20 [ 448.005334][T24403] __get_user_pages+0xf9c/0x34d0 [ 448.005358][T24403] ? __pfx___get_user_pages+0x10/0x10 [ 448.005380][T24403] populate_vma_page_range+0x267/0x3f0 [ 448.005399][T24403] ? __pfx_populate_vma_page_range+0x10/0x10 [ 448.005416][T24403] ? __pfx_find_vma_intersection+0x10/0x10 [ 448.005433][T24403] ? do_mmap+0x93f/0x12f0 [ 448.005451][T24403] __mm_populate+0x107/0x3a0 [ 448.005481][T24403] ? __pfx___mm_populate+0x10/0x10 [ 448.005501][T24403] ? up_write+0x290/0x4f0 [ 448.005525][T24403] vm_mmap_pgoff+0x37f/0x470 [ 448.005544][T24403] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 448.005563][T24403] ? do_futex+0x192/0x350 [ 448.005583][T24403] ? __pfx_do_futex+0x10/0x10 [ 448.005605][T24403] ksys_mmap_pgoff+0xe1/0x650 [ 448.005621][T24403] ? __x64_sys_futex+0x34f/0x4d0 [ 448.005638][T24403] ? __x64_sys_futex+0x358/0x4d0 [ 448.005657][T24403] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 448.005673][T24403] ? xfd_validate_state+0x129/0x190 [ 448.005697][T24403] __x64_sys_mmap+0x125/0x190 [ 448.005720][T24403] do_syscall_64+0x106/0xf80 [ 448.005741][T24403] ? clear_bhb_loop+0x40/0x90 [ 448.005759][T24403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.005774][T24403] RIP: 0033:0x7fea8cd9c799 [ 448.005788][T24403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 448.005802][T24403] RSP: 002b:00007fea8dcbc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 448.005817][T24403] RAX: ffffffffffffffda RBX: 00007fea8d015fa0 RCX: 00007fea8cd9c799 [ 448.005827][T24403] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 448.005836][T24403] RBP: 00007fea8ce32c99 R08: 0000000000000002 R09: 0000000000008000 [ 448.005846][T24403] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 448.005854][T24403] R13: 00007fea8d016038 R14: 00007fea8d015fa0 R15: 00007ffde4ece758 [ 448.005874][T24403] [ 448.837467][T24434] MTRR 1 not used [ 449.192621][T24441] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 450.005799][T24471] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8011'. [ 451.265253][T24514] blktrace: Concurrent blktraces are not allowed on loop2 [ 451.619123][T24530] netlink: 'syz.3.8033': attribute type 1 has an invalid length. [ 451.659863][T24530] netlink: 'syz.3.8033': attribute type 1 has an invalid length. [ 451.680824][T24530] netlink: 124 bytes leftover after parsing attributes in process `syz.3.8033'. [ 451.714466][T24530] netlink: 100 bytes leftover after parsing attributes in process `syz.3.8033'. [ 451.822701][T24539] netlink: 'syz.2.8037': attribute type 11 has an invalid length. [ 451.863653][T24539] netlink: 'syz.2.8037': attribute type 11 has an invalid length. [ 451.903700][T24539] netlink: 'syz.2.8037': attribute type 11 has an invalid length. [ 452.634451][T24575] netlink: 206 bytes leftover after parsing attributes in process `syz.3.8053'. [ 452.651055][T24577] FAULT_INJECTION: forcing a failure. [ 452.651055][T24577] name fail_futex, interval 1, probability 0, space 0, times 1 [ 452.663945][T24577] CPU: 0 UID: 0 PID: 24577 Comm: syz.2.8054 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 452.663982][T24577] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 452.663990][T24577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 452.664000][T24577] Call Trace: [ 452.664006][T24577] [ 452.664012][T24577] dump_stack_lvl+0x100/0x190 [ 452.664041][T24577] should_fail_ex.cold+0x5/0xa [ 452.664060][T24577] should_fail_futex+0x4c/0x60 [ 452.664080][T24577] futex_lock_pi_atomic+0xe7/0xaf0 [ 452.664105][T24577] futex_lock_pi+0x246/0x7b0 [ 452.664129][T24577] ? __pfx_futex_lock_pi+0x10/0x10 [ 452.664152][T24577] ? __pfx___futex_wait+0x10/0x10 [ 452.664197][T24577] ? __pfx_futex_wake_mark+0x10/0x10 [ 452.664224][T24577] ? ksys_write+0x190/0x250 [ 452.664238][T24577] ? ksys_write+0x190/0x250 [ 452.664256][T24577] do_futex+0x18a/0x350 [ 452.664275][T24577] ? __pfx_do_futex+0x10/0x10 [ 452.664299][T24577] __x64_sys_futex+0x34f/0x4d0 [ 452.664320][T24577] ? __pfx___x64_sys_futex+0x10/0x10 [ 452.664346][T24577] do_syscall_64+0x106/0xf80 [ 452.664367][T24577] ? clear_bhb_loop+0x40/0x90 [ 452.664385][T24577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.664400][T24577] RIP: 0033:0x7f884f99c799 [ 452.664414][T24577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 452.664427][T24577] RSP: 002b:00007f8850943028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 452.664442][T24577] RAX: ffffffffffffffda RBX: 00007f884fc15fa0 RCX: 00007f884f99c799 [ 452.664451][T24577] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000200000000080 [ 452.664460][T24577] RBP: 00007f884fa32c99 R08: 0000000000000000 R09: 00000000fffffffa [ 452.664468][T24577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.664477][T24577] R13: 00007f884fc16038 R14: 00007f884fc15fa0 R15: 00007fffdc74cb48 [ 452.664497][T24577] [ 452.932365][T24579] netlink: ct_mark mask cannot be 0 [ 453.132002][T24590] MTRR 1 not used [ 454.393183][T24651] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8086'. [ 454.472958][T24651] i: entered promiscuous mode [ 454.909295][T24676] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3) [ 454.937070][T24679] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 455.203526][T24691] netlink: 'syz.3.8105': attribute type 1 has an invalid length. [ 455.842302][T24717] netlink: ct family unspecified [ 456.147781][T24730] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 456.154445][T24730] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 456.412404][T24741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 456.454940][T24741] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 457.060163][T24774] netlink: 'syz.3.8142': attribute type 2 has an invalid length. [ 457.247862][T24783] FAULT_INJECTION: forcing a failure. [ 457.247862][T24783] name failslab, interval 1, probability 0, space 0, times 0 [ 457.309286][T24783] CPU: 0 UID: 0 PID: 24783 Comm: syz.3.8148 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 457.309324][T24783] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 457.309333][T24783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 457.309342][T24783] Call Trace: [ 457.309347][T24783] [ 457.309353][T24783] dump_stack_lvl+0x100/0x190 [ 457.309382][T24783] should_fail_ex.cold+0x5/0xa [ 457.309400][T24783] should_failslab+0xc2/0x120 [ 457.309417][T24783] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 457.309439][T24783] ? sk_prot_alloc+0x60/0x2a0 [ 457.309455][T24783] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 457.309475][T24783] ? security_inode_alloc+0x3b/0x2c0 [ 457.309495][T24783] sk_prot_alloc+0x60/0x2a0 [ 457.309512][T24783] sk_alloc+0x36/0xe80 [ 457.309533][T24783] __vsock_create.constprop.0+0x3c/0xba0 [ 457.309659][T24783] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 457.309677][T24783] vsock_create+0x126/0x510 [ 457.309701][T24783] __sock_create+0x339/0x860 [ 457.309722][T24783] __sys_socket+0x14d/0x260 [ 457.309740][T24783] ? __pfx___sys_socket+0x10/0x10 [ 457.309769][T24783] __x64_sys_socket+0x72/0xb0 [ 457.309787][T24783] ? lockdep_hardirqs_on+0x78/0x100 [ 457.309810][T24783] do_syscall_64+0x106/0xf80 [ 457.309831][T24783] ? clear_bhb_loop+0x40/0x90 [ 457.309850][T24783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.309864][T24783] RIP: 0033:0x7fea8cd9c799 [ 457.309878][T24783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 457.309892][T24783] RSP: 002b:00007fea8dcbc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 457.309907][T24783] RAX: ffffffffffffffda RBX: 00007fea8d015fa0 RCX: 00007fea8cd9c799 [ 457.309917][T24783] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000028 [ 457.309926][T24783] RBP: 00007fea8ce32c99 R08: 0000000000000000 R09: 0000000000000000 [ 457.309934][T24783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 457.309943][T24783] R13: 00007fea8d016038 R14: 00007fea8d015fa0 R15: 00007ffde4ece758 [ 457.309963][T24783] [ 458.127804][T24820] netlink: 'syz.2.8165': attribute type 1 has an invalid length. [ 459.011618][T24862] netlink: 'syz.3.8185': attribute type 11 has an invalid length. [ 459.510182][T24887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8198'. [ 461.371444][T24968] netlink: 'syz.0.8234': attribute type 1 has an invalid length. [ 461.449602][T24970] .^: entered promiscuous mode [ 462.785114][T25038] openvswitch: netlink: Flow actions attr not present in new flow. [ 462.990270][T25049] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 463.122623][T25054] FAULT_INJECTION: forcing a failure. [ 463.122623][T25054] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 463.181848][T25055] [U] ^@ [ 463.184970][T25054] CPU: 0 UID: 0 PID: 25054 Comm: syz.3.8273 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 463.185005][T25054] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 463.185015][T25054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 463.185024][T25054] Call Trace: [ 463.185029][T25054] [ 463.185034][T25054] dump_stack_lvl+0x100/0x190 [ 463.185062][T25054] should_fail_ex.cold+0x5/0xa [ 463.185079][T25054] ? prepare_alloc_pages+0x16d/0x5f0 [ 463.185105][T25054] should_fail_alloc_page+0xeb/0x140 [ 463.185123][T25054] prepare_alloc_pages+0x1f0/0x5f0 [ 463.185144][T25054] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 463.185169][T25054] ? do_syscall_64+0x81/0xf80 [ 463.185200][T25054] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 463.185232][T25054] ? rcu_is_watching+0x12/0xc0 [ 463.185256][T25054] ? trace_kmalloc+0x101/0x130 [ 463.185271][T25054] ? __kasan_kmalloc+0xaa/0xb0 [ 463.185294][T25054] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 463.185310][T25054] ? policy_nodemask+0xed/0x4f0 [ 463.185327][T25054] alloc_pages_mpol+0x1fb/0x550 [ 463.185344][T25054] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 463.185359][T25054] ? __alloc_skb+0x5b7/0x710 [ 463.185379][T25054] ? __pfx___alloc_skb+0x10/0x10 [ 463.185397][T25054] ? finish_task_switch.isra.0+0x200/0xb80 [ 463.185416][T25054] alloc_pages_noprof+0x131/0x390 [ 463.185433][T25054] alloc_skb_with_frags+0x500/0x810 [ 463.185488][T25054] sock_alloc_send_pskb+0x801/0x980 [ 463.185514][T25054] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 463.185542][T25054] tun_get_user+0x8f7/0x3e10 [ 463.185632][T25054] ? __pfx_tun_get_user+0x10/0x10 [ 463.185650][T25054] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 463.185677][T25054] ? find_held_lock+0x2b/0x80 [ 463.185691][T25054] ? tun_get+0x191/0x370 [ 463.185704][T25054] ? tun_get+0x191/0x370 [ 463.185722][T25054] tun_chr_write_iter+0xdc/0x200 [ 463.185739][T25054] vfs_write+0x6ac/0x1070 [ 463.185754][T25054] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 463.185772][T25054] ? __pfx_vfs_write+0x10/0x10 [ 463.185785][T25054] ? find_held_lock+0x2b/0x80 [ 463.185810][T25054] __x64_sys_pwrite64+0x1eb/0x250 [ 463.185826][T25054] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 463.185846][T25054] do_syscall_64+0x106/0xf80 [ 463.185867][T25054] ? clear_bhb_loop+0x40/0x90 [ 463.185885][T25054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.185900][T25054] RIP: 0033:0x7fea8cd9c799 [ 463.185914][T25054] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 463.185928][T25054] RSP: 002b:00007fea8dcbc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 463.185942][T25054] RAX: ffffffffffffffda RBX: 00007fea8d015fa0 RCX: 00007fea8cd9c799 [ 463.185952][T25054] RDX: 000000000000fdf0 RSI: 0000200000000140 RDI: 00000000000000c8 [ 463.185961][T25054] RBP: 00007fea8ce32c99 R08: 0000000000000000 R09: 0000000000000000 [ 463.185970][T25054] R10: 0000000000000039 R11: 0000000000000246 R12: 0000000000000000 [ 463.185978][T25054] R13: 00007fea8d016038 R14: 00007fea8d015fa0 R15: 00007ffde4ece758 [ 463.185998][T25054] [ 463.720868][T25068] delete_channel: no stack [ 463.843508][T25072] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 464.777537][T25102] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 465.154787][T25114] openvswitch: netlink: Duplicate key (type 15). [ 465.907766][T25071] kexec: Could not allocate control_code_buffer [ 466.448438][T25166] netlink: zone id is out of range [ 466.482060][T25166] netlink: zone id is out of range [ 466.561678][T25166] netlink: set zone limit has 8 unknown bytes [ 466.890022][T25189] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 467.015148][T25196] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8337'. [ 467.065585][T25196] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8337'. [ 467.130892][T25200] netlink: 'syz.1.8339': attribute type 4 has an invalid length. [ 467.180717][T25200] netlink: 'syz.1.8339': attribute type 1 has an invalid length. [ 467.466615][ T9600] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 468.230931][T25248] delete_channel: no stack [ 468.495447][T25263] nbd: must specify an index to disconnect [ 469.216322][T25299] FAULT_INJECTION: forcing a failure. [ 469.216322][T25299] name failslab, interval 1, probability 0, space 0, times 0 [ 469.274833][T25299] CPU: 0 UID: 0 PID: 25299 Comm: syz.0.8386 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 469.274870][T25299] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 469.274879][T25299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 469.274888][T25299] Call Trace: [ 469.274893][T25299] [ 469.274899][T25299] dump_stack_lvl+0x100/0x190 [ 469.274927][T25299] should_fail_ex.cold+0x5/0xa [ 469.274947][T25299] should_failslab+0xc2/0x120 [ 469.274963][T25299] __kmalloc_node_noprof+0xe6/0x850 [ 469.274984][T25299] ? get_callchain_buffers+0x1e5/0x380 [ 469.275009][T25299] get_callchain_buffers+0x1e5/0x380 [ 469.275026][T25299] ? security_capable+0x80/0x260 [ 469.275051][T25299] stack_map_alloc+0x316/0x610 [ 469.275069][T25299] ? __pfx_stack_map_mem_usage+0x10/0x10 [ 469.275085][T25299] map_create+0x84e/0x2ba0 [ 469.275099][T25299] ? futex_unqueue+0x13d/0x2c0 [ 469.275118][T25299] ? __futex_wait+0x256/0x300 [ 469.275144][T25299] ? __pfx_map_create+0x10/0x10 [ 469.275157][T25299] ? __might_fault+0xc5/0x140 [ 469.275177][T25299] ? __might_fault+0xc5/0x140 [ 469.275204][T25299] __sys_bpf+0x2091/0x4b90 [ 469.275223][T25299] ? __pfx___sys_bpf+0x10/0x10 [ 469.275239][T25299] ? __pfx_futex_wait+0x10/0x10 [ 469.275265][T25299] ? ksys_write+0x190/0x250 [ 469.275283][T25299] ? do_futex+0x192/0x350 [ 469.275312][T25299] ? xfd_validate_state+0x129/0x190 [ 469.275338][T25299] __x64_sys_bpf+0x7b/0xc0 [ 469.275354][T25299] ? lockdep_hardirqs_on+0x78/0x100 [ 469.275376][T25299] do_syscall_64+0x106/0xf80 [ 469.275396][T25299] ? clear_bhb_loop+0x40/0x90 [ 469.275415][T25299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.275430][T25299] RIP: 0033:0x7f551439c799 [ 469.275453][T25299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 469.275468][T25299] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 469.275484][T25299] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 469.275494][T25299] RDX: 00000000000006f4 RSI: 0000200000000580 RDI: 0000000000000000 [ 469.275503][T25299] RBP: 00007f5514432c99 R08: 0000000000000000 R09: 0000000000000000 [ 469.275512][T25299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 469.275520][T25299] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 469.275540][T25299] [ 469.632718][T25307] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 470.142580][T25336] block nbd2: not configured, cannot reconfigure [ 471.761892][T25411] NFSD: Failed to start, no listeners configured. [ 472.094648][T25431] sctp: [Deprecated]: syz.0.8446 (pid 25431) Use of struct sctp_assoc_value in delayed_ack socket option. [ 472.094648][T25431] Use struct sctp_sack_info instead [ 472.821734][T25471] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8464'. [ 472.915585][T25473] mmap: syz.2.8466 (25473) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 473.759946][T25507] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8480'. [ 477.152865][T25716] netlink: 'syz.0.8550': attribute type 1 has an invalid length. [ 477.992228][T25741] syz.2.8561 (25741) used greatest stack depth: 19672 bytes left [ 478.672794][T25785] netlink: 'syz.2.8582': attribute type 1 has an invalid length. [ 478.888787][T25795] netlink: 'syz.3.8587': attribute type 3 has an invalid length. [ 479.018509][T25801] netlink: 'syz.2.8590': attribute type 1 has an invalid length. [ 479.241421][T25815] netlink: 'syz.3.8596': attribute type 3 has an invalid length. [ 480.159630][T25862] netlink: NAT attribute type 0 has unexpected length (4 != 0) [ 482.480748][T25986] __vm_enough_memory: pid: 25986, comm: syz.2.8663, bytes: 4398046511104 not enough memory for the allocation [ 482.793977][T26001] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 482.793977][T26001] The task syz.0.8668 (26001) triggered the difference, watch for misbehavior. [ 482.888790][T26006] tc_dump_action: action bad kind [ 483.445016][T26048] netlink: 'syz.3.8681': attribute type 1 has an invalid length. [ 483.757742][T26059] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 485.283904][T26135] openvswitch: netlink: IP tunnel dst address not specified [ 487.349962][T26206] netlink: 'syz.0.8754': attribute type 2 has an invalid length. [ 489.845780][T26300] netlink: 'syz.3.8800': attribute type 2 has an invalid length. [ 490.982685][T26357] netlink: 'syz.2.8816': attribute type 1 has an invalid length. [ 492.453647][T26431] delete_channel: no stack [ 492.598570][T26435] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 492.608579][T26438] netlink: 338 bytes leftover after parsing attributes in process `syz.3.8843'. [ 492.649840][T26438] netlink: 338 bytes leftover after parsing attributes in process `syz.3.8843'. [ 492.980905][T26447] netlink: 'syz.3.8847': attribute type 1 has an invalid length. [ 493.147399][ T30] audit: type=1326 audit(4294967466.395:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26454 comm="syz.3.8851" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fea8cd9c799 code=0x0 [ 493.202113][ T9600] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11 [ 493.244703][T26456] &#$@\]\-: entered promiscuous mode [ 493.433753][T26465] dyndbg: expected <4096 bytes into control [ 494.415178][T26506] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 494.843570][T26521] openvswitch: netlink: Multiple metadata blocks provided [ 495.387952][T26548] NFSD: Failed to start, no listeners configured. [ 496.059553][T26581] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 496.359601][T26590] netlink: 'syz.0.8906': attribute type 1 has an invalid length. [ 497.246585][T26649] openvswitch: netlink: Key type 261 is out of range max 32 [ 497.928237][T26675] HfR: entered promiscuous mode [ 498.778146][ T9600] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 498.778170][ T9600] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 498.794966][ T9600] Bluetooth: hci0: Dropping invalid advertising data [ 498.802976][ T9600] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 498.802998][ T9600] Bluetooth: hci0: Dropping invalid advertising data [ 498.817261][ T9600] Bluetooth: hci0: Malformed LE Event: 0x02 [ 500.468728][T26850] netlink: set zone limit has 8 unknown bytes [ 501.301240][T26906] FAULT_INJECTION: forcing a failure. [ 501.301240][T26906] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 501.354875][T26906] CPU: 0 UID: 0 PID: 26906 Comm: syz.1.8984 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 501.354914][T26906] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 501.354923][T26906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 501.354932][T26906] Call Trace: [ 501.354938][T26906] [ 501.354944][T26906] dump_stack_lvl+0x100/0x190 [ 501.354972][T26906] should_fail_ex.cold+0x5/0xa [ 501.354987][T26906] ? prepare_alloc_pages+0x16d/0x5f0 [ 501.355007][T26906] should_fail_alloc_page+0xeb/0x140 [ 501.355025][T26906] prepare_alloc_pages+0x1f0/0x5f0 [ 501.355044][T26906] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 501.355066][T26906] ? __print_lock_name+0x61/0x80 [ 501.355081][T26906] ? is_bpf_text_address+0x8a/0x1a0 [ 501.355102][T26906] ? is_bpf_text_address+0x8a/0x1a0 [ 501.355124][T26906] ? bpf_ksym_find+0x124/0x1c0 [ 501.355141][T26906] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 501.355158][T26906] ? is_bpf_text_address+0x94/0x1a0 [ 501.355179][T26906] ? kernel_text_address+0x8d/0x100 [ 501.355199][T26906] ? __kernel_text_address+0xd/0x30 [ 501.355220][T26906] ? unwind_get_return_address+0x59/0xa0 [ 501.355236][T26906] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 501.355266][T26906] ? __pfx_stack_trace_save+0x10/0x10 [ 501.355281][T26906] ? stack_depot_save_flags+0x27/0x9d0 [ 501.355300][T26906] ? stack_trace_save+0x8e/0xc0 [ 501.355315][T26906] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 501.355331][T26906] ? policy_nodemask+0xed/0x4f0 [ 501.355348][T26906] alloc_pages_mpol+0x1fb/0x550 [ 501.355365][T26906] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 501.355386][T26906] alloc_pages_noprof+0x131/0x390 [ 501.355404][T26906] kimage_alloc_pages+0x72/0x380 [ 501.355421][T26906] kimage_alloc_control_pages+0x157/0xa20 [ 501.355442][T26906] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 501.355471][T26906] do_kexec_load+0x275/0x810 [ 501.355490][T26906] ? __pfx_do_kexec_load+0x10/0x10 [ 501.355509][T26906] ? _copy_from_user+0x59/0xd0 [ 501.355622][T26906] __x64_sys_kexec_load+0x1bf/0x230 [ 501.355641][T26906] do_syscall_64+0x106/0xf80 [ 501.355663][T26906] ? clear_bhb_loop+0x40/0x90 [ 501.355682][T26906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.355697][T26906] RIP: 0033:0x7f63a599c799 [ 501.355711][T26906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 501.355725][T26906] RSP: 002b:00007f63a68b7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 501.355739][T26906] RAX: ffffffffffffffda RBX: 00007f63a5c15fa0 RCX: 00007f63a599c799 [ 501.355750][T26906] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 501.355758][T26906] RBP: 00007f63a5a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 501.355768][T26906] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 501.355777][T26906] R13: 00007f63a5c16038 R14: 00007f63a5c15fa0 R15: 00007ffe01b14b78 [ 501.355796][T26906] [ 501.355821][T26906] kexec: Could not allocate control_code_buffer [ 501.708084][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.714455][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.954108][T26953] nbd: illegal input index 37139 [ 503.399997][T26973] openvswitch: netlink: Missing valid actions attribute. [ 503.777201][T26992] delete_channel: no stack [ 503.899106][T26997] openvswitch: netlink: Flow key attr not present in new flow. [ 504.021049][T27003] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9029'. [ 504.996024][T27047] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 505.376754][T27065] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 505.464113][T27067] netlink: 'syz.0.9061': attribute type 1 has an invalid length. [ 505.891276][T27089] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input42 [ 506.118997][T27103] openvswitch: netlink: Duplicate or invalid key (type 0). [ 507.024675][T27151] netlink: 'syz.3.9100': attribute type 1 has an invalid length. [ 507.574853][T27183] netlink: 'syz.0.9114': attribute type 1 has an invalid length. [ 507.654990][T27185] FAULT_INJECTION: forcing a failure. [ 507.654990][T27185] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 507.712504][T27185] CPU: 0 UID: 0 PID: 27185 Comm: syz.2.9117 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 507.712542][T27185] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 507.712551][T27185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 507.712559][T27185] Call Trace: [ 507.712565][T27185] [ 507.712571][T27185] dump_stack_lvl+0x100/0x190 [ 507.712600][T27185] should_fail_ex.cold+0x5/0xa [ 507.712619][T27185] core_sys_select+0x938/0xbb0 [ 507.712639][T27185] ? __pfx_core_sys_select+0x10/0x10 [ 507.712673][T27185] ? ktime_get_ts64+0x2d2/0x3f0 [ 507.712691][T27185] ? read_tsc+0x9/0x20 [ 507.712706][T27185] ? ktime_get_ts64+0x256/0x3f0 [ 507.712725][T27185] kern_select+0x20c/0x270 [ 507.712741][T27185] ? __pfx_kern_select+0x10/0x10 [ 507.712762][T27185] __x64_sys_select+0xbd/0x160 [ 507.712776][T27185] ? do_syscall_64+0x95/0xf80 [ 507.712798][T27185] ? lockdep_hardirqs_on+0x78/0x100 [ 507.712819][T27185] do_syscall_64+0x106/0xf80 [ 507.712838][T27185] ? clear_bhb_loop+0x40/0x90 [ 507.712857][T27185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.712872][T27185] RIP: 0033:0x7f884f99c799 [ 507.712885][T27185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 507.712899][T27185] RSP: 002b:00007f8850943028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 507.712913][T27185] RAX: ffffffffffffffda RBX: 00007f884fc15fa0 RCX: 00007f884f99c799 [ 507.712923][T27185] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 507.712932][T27185] RBP: 00007f884fa32c99 R08: 00002000000001c0 R09: 0000000000000000 [ 507.712940][T27185] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 507.712949][T27185] R13: 00007f884fc16038 R14: 00007f884fc15fa0 R15: 00007fffdc74cb48 [ 507.712967][T27185] [ 508.748453][T27241] netlink: 'syz.3.9139': attribute type 11 has an invalid length. [ 508.783664][T27241] netlink: 'syz.3.9139': attribute type 11 has an invalid length. [ 508.819805][T27241] netlink: 'syz.3.9139': attribute type 11 has an invalid length. [ 508.872286][T27248] netlink: 'syz.1.9143': attribute type 1 has an invalid length. [ 509.091070][T27256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9146'. [ 510.349562][T27328] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9178'. [ 511.088257][T27369] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 511.366821][T27384] netlink: 'syz.3.9202': attribute type 1 has an invalid length. [ 511.483072][ T30] audit: type=1800 audit(4294967484.735:44): pid=27388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.9204" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 513.299922][T27471] netlink: zone id is out of range [ 513.318505][T27471] netlink: zone id is out of range [ 513.343992][T27471] netlink: zone id is out of range [ 513.369167][T27471] netlink: zone id is out of range [ 513.399898][T27471] netlink: zone id is out of range [ 513.425182][T27471] netlink: zone id is out of range [ 513.445503][T27471] netlink: zone id is out of range [ 513.476579][T27471] netlink: zone id is out of range [ 513.502930][T27471] netlink: zone id is out of range [ 513.522873][T27471] netlink: zone id is out of range [ 514.340272][T27505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9261'. [ 514.617865][T27511] random: crng reseeded on system resumption [ 515.440376][T27554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9282'. [ 516.459940][T27599] netlink: 'syz.3.9301': attribute type 2 has an invalid length. [ 517.835874][T27657] syz.2.9330 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 519.548004][T27744] net_ratelimit: 49 callbacks suppressed [ 519.548020][T27744] openvswitch: netlink: IP tunnel dst address not specified [ 519.568412][T27746] tc_dump_action: action bad kind [ 519.663704][T27750] openvswitch: netlink: Key type 29 is not supported [ 519.901564][T27767] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 520.014420][T27771] netlink: 116 bytes leftover after parsing attributes in process `syz.2.9380'. [ 520.788628][T27803] netlink: Failed to add  helper -22 [ 522.995792][T27928] ALSA: mixer_oss: invalid OSS volume '' [ 523.081296][T27930] netlink: zone id is out of range [ 523.107010][T27930] netlink: zone id is out of range [ 523.126068][T27930] netlink: zone id is out of range [ 523.160770][T27930] netlink: zone id is out of range [ 523.179839][T27930] netlink: zone id is out of range [ 523.202855][T27930] netlink: zone id is out of range [ 523.524955][T27954] nfs: Unknown parameter 'm?LH>「^eko}* ' [ 524.566740][T28001] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9487'. [ 524.638577][T28004] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9489'. [ 526.088789][T28082] syz_tun: tun_chr_ioctl cmd 1074025684 [ 526.430285][T28093] net_ratelimit: 22 callbacks suppressed [ 526.430302][T28093] openvswitch: netlink: IPv4 tunnel dst address is zero [ 526.466923][T28095] FAULT_INJECTION: forcing a failure. [ 526.466923][T28095] name failslab, interval 1, probability 0, space 0, times 0 [ 526.507686][T28097] netlink: 'syz.3.9528': attribute type 1 has an invalid length. [ 526.531578][T28095] CPU: 0 UID: 0 PID: 28095 Comm: syz.2.9527 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 526.531648][T28095] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 526.531670][T28095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 526.531688][T28095] Call Trace: [ 526.531693][T28095] [ 526.531699][T28095] dump_stack_lvl+0x100/0x190 [ 526.531728][T28095] should_fail_ex.cold+0x5/0xa [ 526.531747][T28095] should_failslab+0xc2/0x120 [ 526.531764][T28095] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 526.531787][T28095] ? __d_alloc+0x34/0xa80 [ 526.531803][T28095] ? make_vfsgid+0xf1/0x140 [ 526.531827][T28095] __d_alloc+0x34/0xa80 [ 526.531843][T28095] ? bpf_lsm_inode_permission+0x9/0x10 [ 526.531866][T28095] d_alloc+0x4a/0x1e0 [ 526.531884][T28095] vfs_tmpfile+0x148/0x9a0 [ 526.531904][T28095] path_openat+0x164e/0x31a0 [ 526.531919][T28095] ? kasan_save_stack+0x3f/0x50 [ 526.531940][T28095] ? kasan_save_stack+0x30/0x50 [ 526.531962][T28095] ? __kasan_slab_alloc+0x89/0x90 [ 526.531975][T28095] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 526.531995][T28095] ? do_getname+0x35/0x390 [ 526.532013][T28095] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.532031][T28095] ? __pfx_path_openat+0x10/0x10 [ 526.532053][T28095] do_file_open+0x20e/0x430 [ 526.532070][T28095] ? __pfx_do_file_open+0x10/0x10 [ 526.532107][T28095] ? _raw_spin_unlock+0x28/0x50 [ 526.532128][T28095] ? alloc_fd+0x476/0x790 [ 526.532150][T28095] do_sys_openat2+0x10d/0x1e0 [ 526.532170][T28095] ? __pfx_do_sys_openat2+0x10/0x10 [ 526.532197][T28095] __x64_sys_open+0xfe/0x1d0 [ 526.532217][T28095] ? __pfx___x64_sys_open+0x10/0x10 [ 526.532243][T28095] do_syscall_64+0x106/0xf80 [ 526.532264][T28095] ? clear_bhb_loop+0x40/0x90 [ 526.532282][T28095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.532296][T28095] RIP: 0033:0x7f884f99c799 [ 526.532310][T28095] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 526.532324][T28095] RSP: 002b:00007f8850943028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 526.532339][T28095] RAX: ffffffffffffffda RBX: 00007f884fc15fa0 RCX: 00007f884f99c799 [ 526.532349][T28095] RDX: 0000000000000408 RSI: 0000000000595002 RDI: 0000200000000100 [ 526.532357][T28095] RBP: 00007f884fa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 526.532366][T28095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 526.532374][T28095] R13: 00007f884fc16038 R14: 00007f884fc15fa0 R15: 00007fffdc74cb48 [ 526.532393][T28095] [ 526.537350][T28097] nbd: error processing sock list [ 527.419571][T28117] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9536'. [ 527.612744][T28125] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 529.199294][T28193] netlink: 'syz.3.9569': attribute type 11 has an invalid length. [ 529.274536][T28193] netlink: 'syz.3.9569': attribute type 11 has an invalid length. [ 529.352525][T28193] netlink: 'syz.3.9569': attribute type 11 has an invalid length. [ 529.440699][T28193] netlink: 'syz.3.9569': attribute type 11 has an invalid length. [ 529.458972][T28205] FAULT_INJECTION: forcing a failure. [ 529.458972][T28205] name failslab, interval 1, probability 0, space 0, times 0 [ 529.531537][T28205] CPU: 0 UID: 0 PID: 28205 Comm: syz.0.9575 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 529.531574][T28205] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 529.531584][T28205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 529.531593][T28205] Call Trace: [ 529.531598][T28205] [ 529.531605][T28205] dump_stack_lvl+0x100/0x190 [ 529.531635][T28205] should_fail_ex.cold+0x5/0xa [ 529.531654][T28205] should_failslab+0xc2/0x120 [ 529.531671][T28205] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 529.531693][T28205] ? prepare_creds+0x2c/0x950 [ 529.531720][T28205] prepare_creds+0x2c/0x950 [ 529.531742][T28205] join_session_keyring+0x17/0x350 [ 529.531762][T28205] lookup_user_key+0x32f/0x1300 [ 529.531780][T28205] ? __pfx_lookup_user_key+0x10/0x10 [ 529.531797][T28205] ? __pfx_do_futex+0x10/0x10 [ 529.531821][T28205] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 529.531843][T28205] ? xfd_validate_state+0x129/0x190 [ 529.531866][T28205] keyctl_keyring_link+0x57/0xe0 [ 529.531971][T28205] __do_sys_keyctl+0x1bf/0x5a0 [ 529.531988][T28205] do_syscall_64+0x106/0xf80 [ 529.532011][T28205] ? clear_bhb_loop+0x40/0x90 [ 529.532028][T28205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.532043][T28205] RIP: 0033:0x7f551439c799 [ 529.532057][T28205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.532071][T28205] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 529.532087][T28205] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 529.532096][T28205] RDX: ffffffffffffffff RSI: fffffffffffffffd RDI: 0000000000000008 [ 529.532106][T28205] RBP: 00007f5514432c99 R08: 0000000000000002 R09: 0000000000000000 [ 529.532115][T28205] R10: 0000000000005092 R11: 0000000000000246 R12: 0000000000000000 [ 529.532124][T28205] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 529.532144][T28205] [ 530.276666][T28214] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 530.523134][ T9600] Bluetooth: hci2: unexpected subevent 0x18 length: 123 > 19 [ 530.534946][ T9600] Bluetooth: hci2: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 531.070145][T28244] netlink: zone id is out of range [ 531.302336][ T30] audit: type=1107 audit(4295033041.553:45): pid=28251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 531.367279][ T30] audit: type=1107 audit(4295033041.603:46): pid=28251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 533.184736][T28346] FAULT_INJECTION: forcing a failure. [ 533.184736][T28346] name failslab, interval 1, probability 0, space 0, times 0 [ 533.241609][T28346] CPU: 0 UID: 0 PID: 28346 Comm: syz.0.9626 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 533.241647][T28346] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 533.241656][T28346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 533.241665][T28346] Call Trace: [ 533.241671][T28346] [ 533.241677][T28346] dump_stack_lvl+0x100/0x190 [ 533.241705][T28346] should_fail_ex.cold+0x5/0xa [ 533.241725][T28346] should_failslab+0xc2/0x120 [ 533.241742][T28346] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 533.241764][T28346] ? security_file_alloc+0x34/0x2c0 [ 533.241783][T28346] ? trace_kmem_cache_alloc+0xf3/0x120 [ 533.241802][T28346] security_file_alloc+0x34/0x2c0 [ 533.241828][T28346] init_file+0x95/0x480 [ 533.241847][T28346] alloc_empty_file+0x73/0x1c0 [ 533.241868][T28346] alloc_file_pseudo+0x13a/0x230 [ 533.241888][T28346] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 533.241907][T28346] ? alloc_fd+0x476/0x790 [ 533.241923][T28346] ? do_raw_spin_unlock+0x145/0x1e0 [ 533.241947][T28346] __anon_inode_getfile+0xe8/0x280 [ 533.241992][T28346] anon_inode_getfile_fmode+0x37/0xa0 [ 533.242012][T28346] do_signalfd4+0x1ed/0x480 [ 533.242032][T28346] __x64_sys_signalfd+0x120/0x1a0 [ 533.242051][T28346] ? __pfx___x64_sys_signalfd+0x10/0x10 [ 533.242075][T28346] do_syscall_64+0x106/0xf80 [ 533.242097][T28346] ? clear_bhb_loop+0x40/0x90 [ 533.242116][T28346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.242131][T28346] RIP: 0033:0x7f551439c799 [ 533.242144][T28346] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 533.242159][T28346] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000011a [ 533.242173][T28346] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 533.242183][T28346] RDX: 0000000000000008 RSI: 00002000000000c0 RDI: ffffffffffffffff [ 533.242192][T28346] RBP: 00007f5514432c99 R08: 0000000000000000 R09: 0000000000000000 [ 533.242201][T28346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 533.242210][T28346] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 533.242230][T28346] [ 535.576419][T28444] netlink: NAT attribute has 4 unknown bytes [ 535.855213][T28453] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 536.221068][T28472] No such timeout policy "" [ 536.225991][T28472] netlink: Failed to associated timeout policy '' [ 536.302228][T28475] netlink: Unknown conntrack attr (type=257, max=9) [ 538.803356][T28596] IPVS: length: 131 != 8 [ 539.436526][T28626] netlink: 'syz.3.9749': attribute type 8 has an invalid length. [ 539.922944][T28649] netlink: 'syz.2.9761': attribute type 1 has an invalid length. [ 540.185192][T28662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9768'. [ 540.577737][T28683] HfR: entered promiscuous mode [ 540.761786][T28693] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9783'. [ 541.095653][T28707] openvswitch: netlink: IP tunnel TTL not specified. [ 542.042659][T28756] netlink: 'syz.3.9810': attribute type 12 has an invalid length. [ 542.094634][T28760] sd 0:0:1:0: PR command failed: 1026 [ 542.118596][T28760] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 542.155917][T28760] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 542.556972][T28781] FAULT_INJECTION: forcing a failure. [ 542.556972][T28781] name failslab, interval 1, probability 0, space 0, times 0 [ 542.627368][T28781] CPU: 0 UID: 0 PID: 28781 Comm: syz.2.9821 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 542.627407][T28781] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 542.627418][T28781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 542.627427][T28781] Call Trace: [ 542.627434][T28781] [ 542.627440][T28781] dump_stack_lvl+0x100/0x190 [ 542.627471][T28781] should_fail_ex.cold+0x5/0xa [ 542.627498][T28781] should_failslab+0xc2/0x120 [ 542.627517][T28781] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 542.627543][T28781] ? sock_alloc_inode+0x25/0x1c0 [ 542.627563][T28781] ? __pfx_sock_alloc_inode+0x10/0x10 [ 542.627578][T28781] sock_alloc_inode+0x25/0x1c0 [ 542.627593][T28781] alloc_inode+0x68/0x250 [ 542.627615][T28781] sock_alloc+0x44/0x280 [ 542.627627][T28781] ? security_socket_create+0x7f/0x250 [ 542.627654][T28781] __sock_create+0xc2/0x860 [ 542.627670][T28781] ? lockdep_init_map_type+0x5c/0x250 [ 542.627694][T28781] smc_create+0x163/0x290 [ 542.627716][T28781] __sock_create+0x339/0x860 [ 542.627736][T28781] __sys_socket+0x14d/0x260 [ 542.627753][T28781] ? __pfx___sys_socket+0x10/0x10 [ 542.627775][T28781] __x64_sys_socket+0x72/0xb0 [ 542.627792][T28781] ? lockdep_hardirqs_on+0x78/0x100 [ 542.627815][T28781] do_syscall_64+0x106/0xf80 [ 542.627835][T28781] ? clear_bhb_loop+0x40/0x90 [ 542.627853][T28781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.627868][T28781] RIP: 0033:0x7f884f99c799 [ 542.627881][T28781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 542.627895][T28781] RSP: 002b:00007f8850943028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 542.627910][T28781] RAX: ffffffffffffffda RBX: 00007f884fc15fa0 RCX: 00007f884f99c799 [ 542.627920][T28781] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b [ 542.627928][T28781] RBP: 00007f884fa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 542.627937][T28781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 542.627945][T28781] R13: 00007f884fc16038 R14: 00007f884fc15fa0 R15: 00007fffdc74cb48 [ 542.627964][T28781] [ 542.627984][T28781] socket: no more sockets [ 543.181232][T28802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9831'. [ 543.215752][T28802] netlink: 29 bytes leftover after parsing attributes in process `syz.1.9831'. [ 543.312981][T28806] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9832'. [ 543.762750][T28826] usb usb13: usbfs: process 28826 (syz.2.9841) did not claim interface 10 before use [ 544.107014][T28846] netlink: 'syz.0.9851': attribute type 11 has an invalid length. [ 544.508601][T28864] netlink: 148 bytes leftover after parsing attributes in process `syz.3.9860'. [ 545.592228][T28922] warning: `syz.1.9886' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 547.086294][T28987] NFSD: Failed to start, no listeners configured. [ 548.354336][T29049] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 549.758437][T29115] tc_dump_action: action bad kind [ 550.098348][T29133] netlink: Conntrack attr has 16 unknown bytes [ 550.180482][T29136] netlink: 'syz.3.9983': attribute type 11 has an invalid length. [ 550.395114][T29145] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9988'. [ 551.031621][T29170] NFSD: Failed to start, no listeners configured. [ 552.048236][T29222] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10019'. [ 552.392025][T29238] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 552.578605][T29250] random: crng reseeded on system resumption [ 552.721273][T29254] openvswitch: netlink: VXLAN extension message has 16 unknown bytes. [ 553.109396][T29273] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 553.787058][T29306] Invalid ELF header magic: != ELF [ 554.381220][T29335] ptrace attach of "./syz-executor exec"[5821] was attempted by ""[29335] [ 556.252219][T29428] tc_dump_action: action bad kind [ 556.692488][T29441] netlink: 'syz.0.10103': attribute type 2 has an invalid length. [ 556.947279][T29451] netlink: 'syz.2.10108': attribute type 2 has an invalid length. [ 556.993905][T29451] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10108'. [ 557.226191][T29463] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 557.471894][T29473] netlink: 'syz.2.10119': attribute type 2 has an invalid length. [ 557.804646][T29489] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 557.811132][T29489] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 558.031157][T29497] : entered promiscuous mode [ 558.678669][T29523] NFSD: Failed to start, no listeners configured. [ 558.751869][T29536] netlink: 'syz.0.10146': attribute type 3 has an invalid length. [ 560.390366][T29611] nbd: couldn't find a device at index 35644 [ 560.609978][T29621] zram0: detected capacity change from 16 to 0 [ 560.647488][T29621] zram: Removed device: zram0 [ 560.917744][T29637] openvswitch: netlink: IP tunnel dst address not specified [ 561.433282][T29674] netlink: 'syz.1.10208': attribute type 1 has an invalid length. [ 561.532587][T29675] NFSD: Failed to start, no listeners configured. [ 561.564659][T29683] syz_tun: tun_chr_ioctl cmd 1074025698 [ 562.263885][T29715] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.2.10215: 7 [ 562.505451][T29717] NFSD: Failed to start, no listeners configured. [ 562.965249][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.972273][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.683796][T29810] openvswitch: netlink: IPv6 tunnel dst address is zero [ 564.978197][T29823] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 568.554204][ T9600] Bluetooth: hci3: unexpected event 0x04 length: 64 > 10 [ 568.554375][ T9600] Bluetooth: hci3: connection err: -111 [ 568.733153][T30023] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10323'. [ 570.166872][T30090] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10352'. [ 570.410397][T30104] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10358'. [ 571.342527][T30145] could not allocate digest TFM handle [ 571.602754][T30161] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10374'. [ 572.576759][T30213] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10399'. [ 573.594872][T30250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10415'. [ 573.681407][T30253] syz_tun: tun_chr_ioctl cmd 1074025678 [ 573.686972][T30253] syz_tun: group set to 23693 [ 574.568307][T30294] netlink: 'syz.3.10435': attribute type 2 has an invalid length. [ 575.785805][T30348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10460'. [ 575.848497][T30348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10460'. [ 576.955237][T30392] sctp: [Deprecated]: syz.3.10480 (pid 30392) Use of int in maxseg socket option. [ 576.955237][T30392] Use struct sctp_assoc_value instead [ 577.430103][T30417] tipc: Started in network mode [ 577.459819][T30417] tipc: Node identity ee00, cluster identity 4711 [ 577.481896][T30417] tipc: Node number set to 60928 [ 577.692538][T30427] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10496'. [ 578.732311][T30462] bridge0: port 3(veth1_macvtap) entered blocking state [ 578.759956][T30462] bridge0: port 3(veth1_macvtap) entered disabled state [ 578.779736][T30462] veth1_macvtap: entered allmulticast mode [ 578.803110][T30462] veth1_macvtap: left allmulticast mode [ 580.696910][T30506] delete_channel: no stack [ 583.474268][T30587] delete_channel: no stack [ 584.609568][T30631] ovs_: entered promiscuous mode [ 584.855116][T30644] netlink: 334 bytes leftover after parsing attributes in process `syz.1.10589'. [ 585.217698][ T30] audit: type=1326 audit(4295033095.473:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30660 comm="syz.3.10596" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fea8cd9c799 code=0x0 [ 585.427985][T30672] netlink: 'syz.1.10601': attribute type 1 has an invalid length. [ 586.550701][T30702] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10621'. [ 586.868320][T30714] sctp: [Deprecated]: syz.0.10618 (pid 30714) Use of int in maxseg socket option. [ 586.868320][T30714] Use struct sctp_assoc_value instead [ 587.109378][T30723] FAULT_INJECTION: forcing a failure. [ 587.109378][T30723] name failslab, interval 1, probability 0, space 0, times 0 [ 587.152940][T30726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10624'. [ 587.179810][T30723] CPU: 0 UID: 0 PID: 30723 Comm: syz.0.10623 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 587.179848][T30723] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 587.179857][T30723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 587.179867][T30723] Call Trace: [ 587.179873][T30723] [ 587.179879][T30723] dump_stack_lvl+0x100/0x190 [ 587.179908][T30723] should_fail_ex.cold+0x5/0xa [ 587.179928][T30723] should_failslab+0xc2/0x120 [ 587.179945][T30723] __kmalloc_cache_noprof+0x7a/0x6f0 [ 587.179966][T30723] ? allocate_file_region_entries+0x1a0/0x620 [ 587.179993][T30723] allocate_file_region_entries+0x1a0/0x620 [ 587.180019][T30723] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 587.180048][T30723] region_chg+0x85/0x140 [ 587.180070][T30723] __vma_reservation_common+0x376/0x720 [ 587.180094][T30723] ? __pfx___vma_reservation_common+0x10/0x10 [ 587.180117][T30723] ? __pfx___might_resched+0x10/0x10 [ 587.180144][T30723] hugetlb_no_page+0xb2b/0x1970 [ 587.180177][T30723] hugetlb_fault+0x5df/0x1450 [ 587.180199][T30723] ? __pfx_hugetlb_fault+0x10/0x10 [ 587.180226][T30723] ? find_vma+0xbf/0x140 [ 587.180242][T30723] ? __pfx_find_vma+0x10/0x10 [ 587.180259][T30723] handle_mm_fault+0x5f1/0xa20 [ 587.180283][T30723] do_user_addr_fault+0x74c/0x12f0 [ 587.180305][T30723] exc_page_fault+0x6f/0xd0 [ 587.180329][T30723] asm_exc_page_fault+0x26/0x30 [ 587.180344][T30723] RIP: 0010:__put_user_4+0xd/0x20 [ 587.180366][T30723] Code: 66 89 01 31 c9 0f 01 ca e9 c0 d0 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 d0 03 00 0f 1f 80 00 00 00 00 90 90 90 [ 587.180380][T30723] RSP: 0018:ffffc900042a7e58 EFLAGS: 00050202 [ 587.180393][T30723] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000007 [ 587.180402][T30723] RDX: 0000000000000000 RSI: ffffffff82561531 RDI: ffff888026fac2dc [ 587.180411][T30723] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000000001c5 [ 587.180420][T30723] R10: 0000000000000200 R11: 0000000000000000 R12: 1ffff92000854fce [ 587.180429][T30723] R13: 0000000000000007 R14: 0000000000000000 R15: dffffc0000000000 [ 587.180443][T30723] ? __might_fault+0x111/0x140 [ 587.180467][T30723] __do_sys_prctl+0xd67/0x2330 [ 587.180489][T30723] ? __pfx___do_sys_prctl+0x10/0x10 [ 587.180516][T30723] do_syscall_64+0x106/0xf80 [ 587.180536][T30723] ? clear_bhb_loop+0x40/0x90 [ 587.180555][T30723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.180570][T30723] RIP: 0033:0x7f551439c799 [ 587.180582][T30723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 587.180596][T30723] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 587.180609][T30723] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 587.180619][T30723] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 587.180627][T30723] RBP: 00007f5514432c99 R08: 0000000000000001 R09: 0000000000000000 [ 587.180635][T30723] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 587.180644][T30723] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 587.180664][T30723] [ 590.383964][T30819] netlink: 'syz.1.10668': attribute type 2 has an invalid length. [ 591.342915][T30870] tunl0: entered allmulticast mode [ 591.387130][ T30] audit: type=1804 audit(4295033101.643:48): pid=30872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.10693" name="file0" dev="tmpfs" ino=13568 res=1 errno=0 [ 591.660590][T30886] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10699'. [ 592.190973][T30909] sctp: [Deprecated]: syz.0.10706 (pid 30909) Use of int in max_burst socket option. [ 592.190973][T30909] Use struct sctp_assoc_value instead [ 592.952145][T30947] Invalid ELF header len 5 [ 593.136572][T30960] FAULT_INJECTION: forcing a failure. [ 593.136572][T30960] name failslab, interval 1, probability 0, space 0, times 0 [ 593.181694][T30960] CPU: 0 UID: 0 PID: 30960 Comm: syz.0.10720 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 593.181732][T30960] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 593.181748][T30960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 593.181757][T30960] Call Trace: [ 593.181763][T30960] [ 593.181769][T30960] dump_stack_lvl+0x100/0x190 [ 593.181798][T30960] should_fail_ex.cold+0x5/0xa [ 593.181817][T30960] should_failslab+0xc2/0x120 [ 593.181834][T30960] __kmalloc_cache_noprof+0x7a/0x6f0 [ 593.181854][T30960] ? __do_sys_fanotify_init+0x5cf/0xe50 [ 593.181877][T30960] ? get_mem_cgroup_from_mm+0x88/0x600 [ 593.181898][T30960] ? get_mem_cgroup_from_mm+0x132/0x600 [ 593.181922][T30960] __do_sys_fanotify_init+0x5cf/0xe50 [ 593.181947][T30960] do_syscall_64+0x106/0xf80 [ 593.181968][T30960] ? clear_bhb_loop+0x40/0x90 [ 593.181986][T30960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.182001][T30960] RIP: 0033:0x7f551439c799 [ 593.182015][T30960] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 593.182030][T30960] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 593.182046][T30960] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 593.182055][T30960] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 593.182064][T30960] RBP: 00007f5514432c99 R08: 0000000000000000 R09: 0000000000000000 [ 593.182072][T30960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.182081][T30960] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 593.182100][T30960] [ 593.374930][T30964] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 595.625837][T31045] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10757'. [ 596.125884][T31069] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10768'. [ 599.322604][T31196] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 599.596537][T31212] syz_tun: tun_chr_ioctl cmd 1074025678 [ 599.617786][T31212] syz_tun: group set to 23693 [ 600.457511][ T9600] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 600.457535][ T9600] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 600.473811][ T9600] Bluetooth: hci3: Dropping invalid advertising data [ 600.482159][ T9600] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 600.482182][ T9600] Bluetooth: hci3: Dropping invalid advertising data [ 600.500389][ T9600] Bluetooth: hci3: Malformed LE Event: 0x02 [ 600.991543][T31287] FAULT_INJECTION: forcing a failure. [ 600.991543][T31287] name failslab, interval 1, probability 0, space 0, times 0 [ 601.088125][T31287] CPU: 0 UID: 0 PID: 31287 Comm: syz.1.10849 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 601.088164][T31287] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 601.088173][T31287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 601.088182][T31287] Call Trace: [ 601.088188][T31287] [ 601.088195][T31287] dump_stack_lvl+0x100/0x190 [ 601.088223][T31287] should_fail_ex.cold+0x5/0xa [ 601.088242][T31287] ? lsm_blob_alloc+0x68/0x90 [ 601.088262][T31287] should_failslab+0xc2/0x120 [ 601.088279][T31287] __kmalloc_noprof+0xe0/0x850 [ 601.088300][T31287] ? trace_kmem_cache_alloc+0xf3/0x120 [ 601.088320][T31287] lsm_blob_alloc+0x68/0x90 [ 601.088342][T31287] security_sk_alloc+0x2d/0x290 [ 601.088358][T31287] sk_prot_alloc+0x1d1/0x2a0 [ 601.088376][T31287] sk_alloc+0x36/0xe80 [ 601.088396][T31287] inet6_create+0x385/0x12b0 [ 601.088502][T31287] ? inet6_create+0x7f/0x12b0 [ 601.088526][T31287] __sock_create+0x339/0x860 [ 601.088546][T31287] udp_sock_create6+0xc7/0x6a0 [ 601.088598][T31287] ? __pfx_udp_sock_create6+0x10/0x10 [ 601.088622][T31287] ? crng_make_state+0x477/0x6c0 [ 601.088688][T31287] ? lockdep_hardirqs_on+0x78/0x100 [ 601.088711][T31287] ? crng_make_state+0x2b0/0x6c0 [ 601.088730][T31287] rxrpc_open_socket+0x206/0x6b0 [ 601.088810][T31287] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 601.088838][T31287] ? rcu_is_watching+0x12/0xc0 [ 601.088864][T31287] rxrpc_lookup_local+0xac7/0x1220 [ 601.088885][T31287] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 601.088908][T31287] ? __local_bh_enable_ip+0x9e/0x120 [ 601.088934][T31287] rxrpc_sendmsg+0x34a/0x680 [ 601.089009][T31287] sock_write_iter+0x524/0x5a0 [ 601.089031][T31287] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 601.089056][T31287] ? __pfx_sock_write_iter+0x10/0x10 [ 601.089080][T31287] ? bpf_lsm_file_permission+0x9/0x10 [ 601.089099][T31287] ? security_file_permission+0x76/0x210 [ 601.089121][T31287] ? rw_verify_area+0xce/0x6d0 [ 601.089145][T31287] vfs_write+0x6ac/0x1070 [ 601.089160][T31287] ? __pfx_sock_write_iter+0x10/0x10 [ 601.089178][T31287] ? __pfx_vfs_write+0x10/0x10 [ 601.089190][T31287] ? find_held_lock+0x2b/0x80 [ 601.089223][T31287] ksys_write+0x1f8/0x250 [ 601.089243][T31287] ? __pfx_ksys_write+0x10/0x10 [ 601.089262][T31287] do_syscall_64+0x106/0xf80 [ 601.089284][T31287] ? clear_bhb_loop+0x40/0x90 [ 601.089302][T31287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.089318][T31287] RIP: 0033:0x7f63a599c799 [ 601.089332][T31287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 601.089347][T31287] RSP: 002b:00007f63a68b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 601.089362][T31287] RAX: ffffffffffffffda RBX: 00007f63a5c15fa0 RCX: 00007f63a599c799 [ 601.089372][T31287] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 601.089381][T31287] RBP: 00007f63a5a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 601.089390][T31287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.089399][T31287] R13: 00007f63a5c16038 R14: 00007f63a5c15fa0 R15: 00007ffe01b14b78 [ 601.089419][T31287] [ 601.794547][T31302] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input44 [ 603.159876][T31366] FAULT_INJECTION: forcing a failure. [ 603.159876][T31366] name failslab, interval 1, probability 0, space 0, times 0 [ 603.199375][T31366] CPU: 0 UID: 0 PID: 31366 Comm: syz.0.10882 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 603.199413][T31366] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 603.199423][T31366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 603.199433][T31366] Call Trace: [ 603.199438][T31366] [ 603.199445][T31366] dump_stack_lvl+0x100/0x190 [ 603.199474][T31366] should_fail_ex.cold+0x5/0xa [ 603.199493][T31366] should_failslab+0xc2/0x120 [ 603.199510][T31366] __kmalloc_cache_noprof+0x7a/0x6f0 [ 603.199530][T31366] ? copy_net_ns+0x135/0x7c0 [ 603.199636][T31366] copy_net_ns+0x135/0x7c0 [ 603.199650][T31366] ? copy_cgroup_ns+0x71/0x970 [ 603.199670][T31366] create_new_namespaces+0x3ea/0xac0 [ 603.199691][T31366] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 603.199709][T31366] ksys_unshare+0x473/0xad0 [ 603.199730][T31366] ? __pfx_ksys_unshare+0x10/0x10 [ 603.199756][T31366] __x64_sys_unshare+0x31/0x40 [ 603.199774][T31366] do_syscall_64+0x106/0xf80 [ 603.199795][T31366] ? clear_bhb_loop+0x40/0x90 [ 603.199813][T31366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.199828][T31366] RIP: 0033:0x7f551439c799 [ 603.199843][T31366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 603.199858][T31366] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 603.199872][T31366] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 603.199883][T31366] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 603.199892][T31366] RBP: 00007f5514432c99 R08: 0000000000000000 R09: 0000000000000000 [ 603.199901][T31366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 603.199910][T31366] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 603.199931][T31366] [ 603.732525][T31388] bridge0: port 3(batadv0) entered blocking state [ 603.754712][T31388] bridge0: port 3(batadv0) entered disabled state [ 603.785570][T31388] batadv0: entered allmulticast mode [ 603.799778][T31388] batadv0: entered promiscuous mode [ 603.826730][T31388] bridge0: port 3(batadv0) entered blocking state [ 603.833552][T31388] bridge0: port 3(batadv0) entered forwarding state [ 603.916969][ T9614] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 603.928702][ T9614] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 604.067523][T31401] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input45 [ 606.051924][ T9600] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 606.051949][ T9600] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 606.067731][ T9600] Bluetooth: hci2: Dropping invalid advertising data [ 606.074408][ T9600] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 606.074428][ T9600] Bluetooth: hci2: Dropping invalid advertising data [ 606.091552][ T9600] Bluetooth: hci2: Malformed LE Event: 0x02 [ 606.486555][T31518] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 607.230963][T31551] openvswitch: netlink: IPv4 tunnel dst address is zero [ 607.263370][ T9600] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 607.263401][ T9600] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 607.263417][ T9600] Bluetooth: hci0: Dropping invalid advertising data [ 607.263434][ T9600] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 607.263448][ T9600] Bluetooth: hci0: Dropping invalid advertising data [ 607.263463][ T9600] Bluetooth: hci0: Malformed LE Event: 0x02 [ 608.616471][T31613] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10967'. [ 608.712367][T31610] zswap: compressor not available [ 609.481288][T31652] bridge_slave_1: left allmulticast mode [ 609.510335][T31652] bridge_slave_1: left promiscuous mode [ 609.518494][T31652] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.585934][T31651] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10984'. [ 610.595691][ T9600] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 610.595715][ T9600] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 610.611570][ T9600] Bluetooth: hci1: Dropping invalid advertising data [ 610.619978][ T9600] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 610.620002][ T9600] Bluetooth: hci1: Dropping invalid advertising data [ 610.633918][ T9600] Bluetooth: hci1: Malformed LE Event: 0x02 [ 611.617696][T31731] netlink: 'syz.3.11011': attribute type 33 has an invalid length. [ 612.019280][T31747] FAULT_INJECTION: forcing a failure. [ 612.019280][T31747] name failslab, interval 1, probability 0, space 0, times 0 [ 612.074297][T31747] CPU: 0 UID: 0 PID: 31747 Comm: syz.1.11017 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 612.074335][T31747] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 612.074345][T31747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 612.074355][T31747] Call Trace: [ 612.074360][T31747] [ 612.074367][T31747] dump_stack_lvl+0x100/0x190 [ 612.074397][T31747] should_fail_ex.cold+0x5/0xa [ 612.074417][T31747] should_failslab+0xc2/0x120 [ 612.074435][T31747] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 612.074457][T31747] ? prepare_creds+0x2c/0x950 [ 612.074478][T31747] ? __sys_socket+0xac/0x260 [ 612.074499][T31747] prepare_creds+0x2c/0x950 [ 612.074522][T31747] __sys_setuid+0x9c/0x440 [ 612.074539][T31747] do_syscall_64+0x106/0xf80 [ 612.074560][T31747] ? clear_bhb_loop+0x40/0x90 [ 612.074579][T31747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.074595][T31747] RIP: 0033:0x7f63a599c799 [ 612.074607][T31747] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.074622][T31747] RSP: 002b:00007f63a68b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 612.074637][T31747] RAX: ffffffffffffffda RBX: 00007f63a5c15fa0 RCX: 00007f63a599c799 [ 612.074647][T31747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 612.074656][T31747] RBP: 00007f63a5a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 612.074664][T31747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 612.074672][T31747] R13: 00007f63a5c16038 R14: 00007f63a5c15fa0 R15: 00007ffe01b14b78 [ 612.074691][T31747] [ 613.781004][T31799] netlink: 350 bytes leftover after parsing attributes in process `syz.3.11041'. [ 614.458765][T31827] bridge0: port 3(bond0) entered blocking state [ 614.482952][T31827] bridge0: port 3(bond0) entered disabled state [ 614.519511][T31827] bond0: entered allmulticast mode [ 614.542808][T31827] bond_slave_0: entered allmulticast mode [ 614.575453][T31827] bond_slave_1: entered allmulticast mode [ 614.614904][T31827] bond0: entered promiscuous mode [ 614.643161][T31827] bond_slave_0: entered promiscuous mode [ 614.665314][T31827] bond_slave_1: entered promiscuous mode [ 614.692200][T31827] bridge0: port 3(bond0) entered blocking state [ 614.698585][T31827] bridge0: port 3(bond0) entered forwarding state [ 615.179563][T31856] ptrace attach of "./syz-executor exec"[5831] was attempted by ""[31856] [ 615.379554][ T9600] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 615.379580][ T9600] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 615.394513][ T9600] Bluetooth: hci1: Dropping invalid advertising data [ 615.402377][ T9600] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 615.402399][ T9600] Bluetooth: hci1: Dropping invalid advertising data [ 615.417000][ T9600] Bluetooth: hci1: Malformed LE Event: 0x02 [ 616.412467][T31943] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11084'. [ 616.694575][ T9600] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 616.694599][ T9600] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 616.709822][ T9600] Bluetooth: hci3: Dropping invalid advertising data [ 616.716545][ T9600] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 616.716568][ T9600] Bluetooth: hci3: Dropping invalid advertising data [ 616.731457][ T9600] Bluetooth: hci3: Malformed LE Event: 0x02 [ 619.019199][T32066] futex_wake_op: syz.1.11125 tries to shift op by -2048; fix this program [ 619.069063][T32066] futex_wake_op: syz.1.11125 tries to shift op by -2048; fix this program [ 619.153077][T32069] sctp: [Deprecated]: syz.2.11126 (pid 32069) Use of struct sctp_assoc_value in delayed_ack socket option. [ 619.153077][T32069] Use struct sctp_sack_info instead [ 620.632584][T32140] FAULT_INJECTION: forcing a failure. [ 620.632584][T32140] name failslab, interval 1, probability 0, space 0, times 0 [ 620.702577][T32140] CPU: 0 UID: 0 PID: 32140 Comm: syz.2.11156 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 620.702614][T32140] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 620.702624][T32140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 620.702633][T32140] Call Trace: [ 620.702639][T32140] [ 620.702644][T32140] dump_stack_lvl+0x100/0x190 [ 620.702674][T32140] should_fail_ex.cold+0x5/0xa [ 620.702692][T32140] should_failslab+0xc2/0x120 [ 620.702710][T32140] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 620.702732][T32140] ? __anon_vma_prepare+0x344/0x5e0 [ 620.702757][T32140] __anon_vma_prepare+0x344/0x5e0 [ 620.702776][T32140] ? __filemap_get_folio_mpol+0x3ba/0xe70 [ 620.702802][T32140] __vmf_anon_prepare+0x11f/0x250 [ 620.702820][T32140] hugetlb_no_page+0xe28/0x1970 [ 620.702846][T32140] hugetlb_fault+0x5df/0x1450 [ 620.702867][T32140] ? __pfx_hugetlb_fault+0x10/0x10 [ 620.702893][T32140] ? find_vma+0xbf/0x140 [ 620.702907][T32140] ? __pfx_find_vma+0x10/0x10 [ 620.702924][T32140] handle_mm_fault+0x5f1/0xa20 [ 620.702947][T32140] do_user_addr_fault+0x74c/0x12f0 [ 620.702968][T32140] exc_page_fault+0x6f/0xd0 [ 620.702991][T32140] asm_exc_page_fault+0x26/0x30 [ 620.703005][T32140] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 620.703024][T32140] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 620.703038][T32140] RSP: 0018:ffffc90007077e48 EFLAGS: 00050212 [ 620.703051][T32140] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000010 [ 620.703060][T32140] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90007077ea0 [ 620.703069][T32140] RBP: 0000000000000010 R08: 0000000000000001 R09: fffff52000e0efd5 [ 620.703077][T32140] R10: ffffc90007077eaf R11: 0000000000000000 R12: 0000000000000000 [ 620.703086][T32140] R13: ffffc90007077ea0 R14: 0000000000000000 R15: 0000000000000000 [ 620.703105][T32140] _copy_from_user+0x98/0xd0 [ 620.703135][T32140] __x64_sys_setrlimit+0xc6/0x160 [ 620.703159][T32140] ? __pfx___x64_sys_setrlimit+0x10/0x10 [ 620.703186][T32140] do_syscall_64+0x106/0xf80 [ 620.703206][T32140] ? clear_bhb_loop+0x40/0x90 [ 620.703224][T32140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.703239][T32140] RIP: 0033:0x7f884f99c799 [ 620.703251][T32140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.703265][T32140] RSP: 002b:00007f8850943028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0 [ 620.703278][T32140] RAX: ffffffffffffffda RBX: 00007f884fc15fa0 RCX: 00007f884f99c799 [ 620.703287][T32140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 620.703295][T32140] RBP: 00007f884fa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 620.703304][T32140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.703312][T32140] R13: 00007f884fc16038 R14: 00007f884fc15fa0 R15: 00007fffdc74cb48 [ 620.703332][T32140] [ 622.666491][T32193] random: crng reseeded on system resumption [ 623.188906][T32215] futex_wake_op: syz.2.11186 tries to shift op by -2048; fix this program [ 623.227875][T32215] futex_wake_op: syz.2.11186 tries to shift op by -2048; fix this program [ 623.282219][T32215] 0x000000000001-0x000000020000 : "" [ 623.302201][T32213] sctp: [Deprecated]: syz.0.11185 (pid 32213) Use of struct sctp_assoc_value in delayed_ack socket option. [ 623.302201][T32213] Use struct sctp_sack_info instead [ 623.364604][T32215] ftl_cs: FTL header corrupt! [ 623.732807][T32232] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11193'. [ 624.212669][T32256] FAULT_INJECTION: forcing a failure. [ 624.212669][T32256] name failslab, interval 1, probability 0, space 0, times 0 [ 624.257589][T32256] CPU: 0 UID: 0 PID: 32256 Comm: syz.0.11201 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 624.257634][T32256] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 624.257645][T32256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 624.257655][T32256] Call Trace: [ 624.257660][T32256] [ 624.257666][T32256] dump_stack_lvl+0x100/0x190 [ 624.257696][T32256] should_fail_ex.cold+0x5/0xa [ 624.257715][T32256] should_failslab+0xc2/0x120 [ 624.257732][T32256] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 624.257753][T32256] ? __pmd_alloc+0xbf/0x950 [ 624.257775][T32256] __pmd_alloc+0xbf/0x950 [ 624.257794][T32256] __handle_mm_fault+0xa99/0x2b60 [ 624.257823][T32256] ? mt_find+0x45e/0x8e0 [ 624.257840][T32256] ? __pfx___handle_mm_fault+0x10/0x10 [ 624.257859][T32256] ? __pfx_mt_find+0x10/0x10 [ 624.257888][T32256] handle_mm_fault+0x36d/0xa20 [ 624.257912][T32256] __get_user_pages+0xf9c/0x34d0 [ 624.257936][T32256] ? __pfx___get_user_pages+0x10/0x10 [ 624.257959][T32256] populate_vma_page_range+0x267/0x3f0 [ 624.257979][T32256] ? __pfx_populate_vma_page_range+0x10/0x10 [ 624.257996][T32256] ? __pfx_find_vma_intersection+0x10/0x10 [ 624.258013][T32256] ? do_mmap+0x93f/0x12f0 [ 624.258031][T32256] __mm_populate+0x107/0x3a0 [ 624.258050][T32256] ? __pfx___mm_populate+0x10/0x10 [ 624.258069][T32256] ? up_write+0x290/0x4f0 [ 624.258092][T32256] vm_mmap_pgoff+0x37f/0x470 [ 624.258112][T32256] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 624.258130][T32256] ? do_futex+0x192/0x350 [ 624.258150][T32256] ? __pfx_do_futex+0x10/0x10 [ 624.258172][T32256] ksys_mmap_pgoff+0xe1/0x650 [ 624.258188][T32256] ? __x64_sys_futex+0x34f/0x4d0 [ 624.258206][T32256] ? __x64_sys_futex+0x358/0x4d0 [ 624.258228][T32256] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 624.258244][T32256] ? xfd_validate_state+0x129/0x190 [ 624.258269][T32256] __x64_sys_mmap+0x125/0x190 [ 624.258292][T32256] do_syscall_64+0x106/0xf80 [ 624.258313][T32256] ? clear_bhb_loop+0x40/0x90 [ 624.258331][T32256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.258346][T32256] RIP: 0033:0x7f551439c799 [ 624.258360][T32256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 624.258375][T32256] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 624.258389][T32256] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 624.258399][T32256] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 624.258409][T32256] RBP: 00007f5514432c99 R08: 0000000000000002 R09: 0000000000008000 [ 624.258419][T32256] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 624.258428][T32256] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 624.258448][T32256] [ 624.579053][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.585337][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.937980][T32279] block nbd0: Unsupported socket: should be TCP or UNIX. [ 626.376869][T32348] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11241'. [ 629.093573][T32496] libceph: secret too big 61 [ 630.298208][T32555] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11324'. [ 630.447536][T32563] openvswitch: HfR: Dropping previously announced user features [ 630.525589][T32566] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11329'. [ 631.745223][ T9600] Bluetooth: hci1: unexpected event 0x03 length: 43 > 11 [ 633.469937][T32724] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11392'. [ 634.430074][ T304] sd 0:0:1:0: PR command failed: 1026 [ 634.448450][ T304] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 634.478168][ T304] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 634.776727][ T313] FAULT_INJECTION: forcing a failure. [ 634.776727][ T313] name failslab, interval 1, probability 0, space 0, times 0 [ 634.856003][ T313] CPU: 0 UID: 0 PID: 313 Comm: syz.0.11416 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 634.856043][ T313] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 634.856052][ T313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 634.856061][ T313] Call Trace: [ 634.856067][ T313] [ 634.856073][ T313] dump_stack_lvl+0x100/0x190 [ 634.856102][ T313] should_fail_ex.cold+0x5/0xa [ 634.856120][ T313] should_failslab+0xc2/0x120 [ 634.856137][ T313] __kvmalloc_node_noprof+0xfa/0xa00 [ 634.856159][ T313] ? keyctl_update_key+0xdf/0x160 [ 634.856188][ T313] keyctl_update_key+0xdf/0x160 [ 634.856211][ T313] __do_sys_keyctl+0x302/0x5a0 [ 634.856228][ T313] do_syscall_64+0x106/0xf80 [ 634.856249][ T313] ? clear_bhb_loop+0x40/0x90 [ 634.856267][ T313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.856282][ T313] RIP: 0033:0x7f551439c799 [ 634.856295][ T313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 634.856310][ T313] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 634.856325][ T313] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 634.856334][ T313] RDX: 0000000000000107 RSI: ffffeffffffffffe RDI: 0000000000000002 [ 634.856343][ T313] RBP: 00007f5514432c99 R08: 000800000000000c R09: 0000000000000000 [ 634.856352][ T313] R10: 0000000000000803 R11: 0000000000000246 R12: 0000000000000000 [ 634.856360][ T313] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 634.856379][ T313] [ 635.273094][ T319] ubi0: attaching mtd0 [ 635.278342][ T319] ubi0: scanning is finished [ 635.349009][ T319] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 635.438462][ T331] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 635.460058][ T331] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 635.761518][ T319] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 635.911964][ T343] syz.0.11429 (343) used obsolete PPPIOCDETACH ioctl [ 636.073826][ T349] ovs_?: entered promiscuous mode [ 636.590215][ T30] audit: type=1800 audit(4294967317.860:49): pid=369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.11439" name="dbroot" dev="configfs" ino=86802 res=0 errno=0 [ 636.782414][ T374] random: crng reseeded on system resumption [ 638.401819][ T463] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11471'. [ 638.916026][ T485] FAULT_INJECTION: forcing a failure. [ 638.916026][ T485] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 638.949107][ T485] CPU: 0 UID: 0 PID: 485 Comm: syz.0.11481 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 638.949145][ T485] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 638.949155][ T485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 638.949165][ T485] Call Trace: [ 638.949171][ T485] [ 638.949184][ T485] dump_stack_lvl+0x100/0x190 [ 638.949217][ T485] should_fail_ex.cold+0x5/0xa [ 638.949233][ T485] ? prepare_alloc_pages+0x16d/0x5f0 [ 638.949253][ T485] should_fail_alloc_page+0xeb/0x140 [ 638.949271][ T485] prepare_alloc_pages+0x1f0/0x5f0 [ 638.949292][ T485] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 638.949315][ T485] ? stack_trace_save+0x8e/0xc0 [ 638.949331][ T485] ? __pfx_stack_trace_save+0x10/0x10 [ 638.949346][ T485] ? stack_depot_save_flags+0x27/0x9d0 [ 638.949371][ T485] ? kasan_save_stack+0x3f/0x50 [ 638.949392][ T485] ? kasan_save_stack+0x30/0x50 [ 638.949413][ T485] ? kasan_save_track+0x14/0x30 [ 638.949426][ T485] ? __kasan_slab_alloc+0x89/0x90 [ 638.949440][ T485] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 638.949463][ T485] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 638.949484][ T485] ? insert_page+0xcc/0x220 [ 638.949500][ T485] ? vm_insert_page+0x2c0/0x400 [ 638.949516][ T485] ? kcov_mmap+0xca/0x130 [ 638.949528][ T485] ? mmap_region+0x30a/0x3e0 [ 638.949549][ T485] ? vm_mmap_pgoff+0x29e/0x470 [ 638.949564][ T485] ? ksys_mmap_pgoff+0x3c8/0x650 [ 638.949579][ T485] ? __x64_sys_mmap+0x125/0x190 [ 638.949600][ T485] ? do_syscall_64+0x106/0xf80 [ 638.949620][ T485] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.949645][ T485] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 638.949661][ T485] ? policy_nodemask+0xed/0x4f0 [ 638.949679][ T485] alloc_pages_mpol+0x1fb/0x550 [ 638.949696][ T485] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 638.949715][ T485] ? do_raw_spin_lock+0x128/0x260 [ 638.949739][ T485] alloc_pages_noprof+0x131/0x390 [ 638.949756][ T485] pte_alloc_one+0x1c/0x3d0 [ 638.949773][ T485] __pte_alloc+0x6d/0x3e0 [ 638.949788][ T485] ? __pfx___pte_alloc+0x10/0x10 [ 638.949805][ T485] ? walk_to_pmd+0x302/0x4c0 [ 638.949824][ T485] get_locked_pte+0xa1/0xc0 [ 638.949843][ T485] insert_page+0xcc/0x220 [ 638.949861][ T485] ? __pfx_insert_page+0x10/0x10 [ 638.949877][ T485] ? __pfx_down_read_trylock+0x10/0x10 [ 638.949903][ T485] vm_insert_page+0x2c0/0x400 [ 638.949940][ T485] kcov_mmap+0xca/0x130 [ 638.949956][ T485] __mmap_region+0x1443/0x29e0 [ 638.949982][ T485] ? __pfx___mmap_region+0x10/0x10 [ 638.950006][ T485] ? find_held_lock+0x2b/0x80 [ 638.950020][ T485] ? ima_match_policy+0x8c4/0x2350 [ 638.950131][ T485] ? ima_match_policy+0x8c4/0x2350 [ 638.950167][ T485] ? find_held_lock+0x2b/0x80 [ 638.950190][ T485] ? process_measurement+0x4c8/0x2350 [ 638.950212][ T485] ? process_measurement+0x4c8/0x2350 [ 638.950244][ T485] ? process_measurement+0x1f4/0x2350 [ 638.950299][ T485] mmap_region+0x30a/0x3e0 [ 638.950325][ T485] do_mmap+0xc63/0x12f0 [ 638.950346][ T485] ? __pfx_do_mmap+0x10/0x10 [ 638.950362][ T485] ? __pfx_down_write_killable+0x10/0x10 [ 638.950382][ T485] vm_mmap_pgoff+0x29e/0x470 [ 638.950403][ T485] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 638.950419][ T485] ? __fget_files+0x215/0x3d0 [ 638.950437][ T485] ? __fget_files+0x21f/0x3d0 [ 638.950455][ T485] ksys_mmap_pgoff+0x3c8/0x650 [ 638.950472][ T485] ? __x64_sys_futex+0x34f/0x4d0 [ 638.950491][ T485] ? __x64_sys_futex+0x358/0x4d0 [ 638.950511][ T485] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 638.950527][ T485] ? xfd_validate_state+0x129/0x190 [ 638.950552][ T485] __x64_sys_mmap+0x125/0x190 [ 638.950575][ T485] do_syscall_64+0x106/0xf80 [ 638.950596][ T485] ? clear_bhb_loop+0x40/0x90 [ 638.950614][ T485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.950630][ T485] RIP: 0033:0x7f551439c799 [ 638.950645][ T485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 638.950659][ T485] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 638.950676][ T485] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 638.950686][ T485] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000009000 [ 638.950695][ T485] RBP: 00007f5514432c99 R08: 00000000000000dd R09: 0000000000000000 [ 638.950704][ T485] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 638.950713][ T485] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 638.950734][ T485] [ 638.950852][ T485] kcov: kcov: vm_insert_page() failed [ 641.979293][ T581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11525'. [ 642.025519][ T581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11525'. [ 642.610789][ T605] bridge0: port 3(dummy0) entered blocking state [ 642.640631][ T607] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11538'. [ 642.660830][ T605] bridge0: port 3(dummy0) entered disabled state [ 642.668171][ T605] dummy0: entered allmulticast mode [ 642.709911][ T605] dummy0: entered promiscuous mode [ 642.722715][ T605] bridge0: port 3(dummy0) entered blocking state [ 642.729219][ T605] bridge0: port 3(dummy0) entered forwarding state [ 643.456865][ T643] random: crng reseeded on system resumption [ 643.848726][ T655] input: jJǸ-9%vJ86 as /devices/virtual/input/input46 [ 644.077553][ T670] netlink: 21 bytes leftover after parsing attributes in process `syz.2.11561'. [ 644.987098][ T703] netlink: 338 bytes leftover after parsing attributes in process `syz.0.11577'. [ 645.947579][ T735] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11592'. [ 646.712780][ T760] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11602'. [ 648.001785][ T827] random: crng reseeded on system resumption [ 648.558350][ T847] netlink: 29 bytes leftover after parsing attributes in process `syz.3.11628'. [ 648.722814][ T855] FAULT_INJECTION: forcing a failure. [ 648.722814][ T855] name failslab, interval 1, probability 0, space 0, times 0 [ 648.788966][ T855] CPU: 0 UID: 0 PID: 855 Comm: syz.0.11633 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 648.789022][ T855] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 648.789032][ T855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 648.789041][ T855] Call Trace: [ 648.789047][ T855] [ 648.789053][ T855] dump_stack_lvl+0x100/0x190 [ 648.789081][ T855] should_fail_ex.cold+0x5/0xa [ 648.789100][ T855] ? sk_prot_alloc+0x10b/0x2a0 [ 648.789114][ T855] should_failslab+0xc2/0x120 [ 648.789131][ T855] __kmalloc_noprof+0xe0/0x850 [ 648.789157][ T855] sk_prot_alloc+0x10b/0x2a0 [ 648.789173][ T855] sk_alloc+0x36/0xe80 [ 648.789194][ T855] mctp_pf_create+0xe8/0x360 [ 648.789301][ T855] __sock_create+0x339/0x860 [ 648.789322][ T855] __sys_socket+0x14d/0x260 [ 648.789340][ T855] ? __pfx___sys_socket+0x10/0x10 [ 648.789362][ T855] __x64_sys_socket+0x72/0xb0 [ 648.789378][ T855] ? lockdep_hardirqs_on+0x78/0x100 [ 648.789400][ T855] do_syscall_64+0x106/0xf80 [ 648.789420][ T855] ? clear_bhb_loop+0x40/0x90 [ 648.789438][ T855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.789453][ T855] RIP: 0033:0x7f551439c799 [ 648.789466][ T855] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 648.789480][ T855] RSP: 002b:00007f55152fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 648.789495][ T855] RAX: ffffffffffffffda RBX: 00007f5514615fa0 RCX: 00007f551439c799 [ 648.789505][ T855] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d [ 648.789513][ T855] RBP: 00007f5514432c99 R08: 0000000000000000 R09: 0000000000000000 [ 648.789522][ T855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 648.789530][ T855] R13: 00007f5514616038 R14: 00007f5514615fa0 R15: 00007ffddd86c308 [ 648.789550][ T855] [ 649.262826][ T865] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11640'. [ 649.537991][ T875] zswap: compressor not available [ 649.660808][ T886] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 651.434098][ T987] FAULT_INJECTION: forcing a failure. [ 651.434098][ T987] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 651.509013][ T987] CPU: 0 UID: 0 PID: 987 Comm: syz.1.11673 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 651.509050][ T987] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 651.509059][ T987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 651.509069][ T987] Call Trace: [ 651.509076][ T987] [ 651.509081][ T987] dump_stack_lvl+0x100/0x190 [ 651.509111][ T987] should_fail_ex.cold+0x5/0xa [ 651.509139][ T987] _copy_from_user+0x2e/0xd0 [ 651.509160][ T987] get_itimerspec64+0x16c/0x2f0 [ 651.509180][ T987] ? __pfx_get_itimerspec64+0x10/0x10 [ 651.509198][ T987] ? __pfx_do_futex+0x10/0x10 [ 651.509224][ T987] __x64_sys_timerfd_settime+0x15f/0x280 [ 651.509247][ T987] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 651.509270][ T987] ? xfd_validate_state+0x129/0x190 [ 651.509298][ T987] do_syscall_64+0x106/0xf80 [ 651.509319][ T987] ? clear_bhb_loop+0x40/0x90 [ 651.509337][ T987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.509352][ T987] RIP: 0033:0x7f63a599c799 [ 651.509365][ T987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 651.509379][ T987] RSP: 002b:00007f63a68b7028 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 651.509394][ T987] RAX: ffffffffffffffda RBX: 00007f63a5c15fa0 RCX: 00007f63a599c799 [ 651.509403][ T987] RDX: 0000200000000040 RSI: 0000000000000003 RDI: ffffffffffffffff [ 651.509413][ T987] RBP: 00007f63a5a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 651.509421][ T987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.509429][ T987] R13: 00007f63a5c16038 R14: 00007f63a5c15fa0 R15: 00007ffe01b14b78 [ 651.509448][ T987] [ 651.753928][ T990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11675'. [ 653.203337][ T1051] bridge0: port 2(veth0_to_bridge) entered blocking state [ 653.239318][ T1051] bridge0: port 2(veth0_to_bridge) entered disabled state [ 653.265380][ T1051] veth0_to_bridge: entered allmulticast mode [ 653.284835][ T1051] veth0_to_bridge: entered promiscuous mode [ 653.312451][ T1051] bridge0: port 2(veth0_to_bridge) entered blocking state [ 653.319776][ T1051] bridge0: port 2(veth0_to_bridge) entered forwarding state [ 653.843024][ T1076] FAULT_INJECTION: forcing a failure. [ 653.843024][ T1076] name failslab, interval 1, probability 0, space 0, times 0 [ 653.905252][ T1076] CPU: 0 UID: 0 PID: 1076 Comm: syz.1.11706 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 653.905291][ T1076] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 653.905302][ T1076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 653.905311][ T1076] Call Trace: [ 653.905316][ T1076] [ 653.905323][ T1076] dump_stack_lvl+0x100/0x190 [ 653.905354][ T1076] should_fail_ex.cold+0x5/0xa [ 653.905373][ T1076] should_failslab+0xc2/0x120 [ 653.905398][ T1076] __kmalloc_cache_noprof+0x7a/0x6f0 [ 653.905419][ T1076] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 653.905562][ T1076] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 653.905583][ T1076] snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 653.905603][ T1076] ? rcu_is_watching+0x12/0xc0 [ 653.905626][ T1076] ? trace_contention_end+0x140/0x180 [ 653.905650][ T1076] ? snd_pcm_oss_write+0x49a/0xa30 [ 653.905668][ T1076] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 653.905689][ T1076] ? __pfx___mutex_lock+0x10/0x10 [ 653.905719][ T1076] ? __pfx___might_resched+0x10/0x10 [ 653.905743][ T1076] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 653.905763][ T1076] snd_pcm_oss_write+0x4bb/0xa30 [ 653.905782][ T1076] ? bpf_lsm_file_permission+0x9/0x10 [ 653.905796][ T1076] ? security_file_permission+0x76/0x210 [ 653.905819][ T1076] vfs_write+0x2aa/0x1070 [ 653.905835][ T1076] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 653.905855][ T1076] ? __pfx_vfs_write+0x10/0x10 [ 653.905867][ T1076] ? find_held_lock+0x2b/0x80 [ 653.905881][ T1076] ? __fget_files+0x215/0x3d0 [ 653.905896][ T1076] ? __fget_files+0x215/0x3d0 [ 653.905913][ T1076] ? __fget_files+0x21f/0x3d0 [ 653.905933][ T1076] ksys_write+0x12a/0x250 [ 653.905947][ T1076] ? __pfx_ksys_write+0x10/0x10 [ 653.905966][ T1076] do_syscall_64+0x106/0xf80 [ 653.905987][ T1076] ? clear_bhb_loop+0x40/0x90 [ 653.906005][ T1076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.906021][ T1076] RIP: 0033:0x7f63a599c799 [ 653.906034][ T1076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 653.906048][ T1076] RSP: 002b:00007f63a68b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 653.906064][ T1076] RAX: ffffffffffffffda RBX: 00007f63a5c15fa0 RCX: 00007f63a599c799 [ 653.906074][ T1076] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 653.906082][ T1076] RBP: 00007f63a5a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 653.906092][ T1076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 653.906101][ T1076] R13: 00007f63a5c16038 R14: 00007f63a5c15fa0 R15: 00007ffe01b14b78 [ 653.906120][ T1076] [ 655.191915][ T1100] sock: sock_timestamping_bind_phc: sock not bind to device [ 655.234547][ T1095] zswap: compressor not available [ 656.435911][ T1154] netlink: 186 bytes leftover after parsing attributes in process `syz.1.11739'. [ 656.629932][ T1163] bridge0: port 4(hsr0) entered blocking state [ 656.643068][ T1163] bridge0: port 4(hsr0) entered disabled state [ 656.675622][ T1163] hsr0: entered allmulticast mode [ 656.691108][ T1163] hsr_slave_0: entered allmulticast mode [ 656.719550][ T1163] hsr_slave_1: entered allmulticast mode [ 656.737978][ T1163] hsr0: entered promiscuous mode [ 656.760156][ T1163] bridge0: port 4(hsr0) entered blocking state [ 656.766529][ T1163] bridge0: port 4(hsr0) entered forwarding state [ 659.096815][ T1297] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11779'. [ 665.798883][ C0] sched: DL replenish lagged too much [ 685.962228][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.975188][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.398811][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 766.068721][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 766.075704][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P1355/1:b..l [ 766.084133][ C0] rcu: (detected by 0, t=10502 jiffies, g=164185, q=1161 ncpus=1) [ 766.092029][ C0] task:syz.2.11803 state:R running task stack:26976 pid:1355 tgid:1352 ppid:5827 task_flags:0x400140 flags:0x00080002 [ 766.106707][ C0] Call Trace: [ 766.109985][ C0] [ 766.112914][ C0] __schedule+0xfee/0x6120 [ 766.117323][ C0] ? finish_task_switch.isra.0+0x205/0xb80 [ 766.123123][ C0] ? __pfx___schedule+0x10/0x10 [ 766.127963][ C0] ? mark_held_locks+0x40/0x70 [ 766.132711][ C0] preempt_schedule_irq+0x50/0x90 [ 766.137742][ C0] irqentry_exit+0x17b/0x670 [ 766.142333][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 766.148299][ C0] RIP: 0010:unwind_next_frame+0xaf1/0x1ea0 [ 766.154090][ C0] Code: 00 0f b6 41 05 4c 89 44 24 18 83 e0 07 3c 03 0f 84 8d 03 00 00 3c 04 0f 84 47 04 00 00 48 89 4c 24 20 3c 02 0f 85 4a f8 ff ff <49> 8d 76 f8 ba 08 00 00 00 4d 8d 7d 34 4c 89 ef 48 89 74 24 28 e8 [ 766.173684][ C0] RSP: 0018:ffffc90005716f00 EFLAGS: 00000246 [ 766.179752][ C0] RAX: 0000000000000002 RBX: 0000000000000001 RCX: ffffffff918600be [ 766.187717][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 766.195670][ C0] RBP: ffffc90005716fb8 R08: ffffffff918600c2 R09: 0000000000000007 [ 766.203620][ C0] R10: 0000000000000200 R11: 0000000000016599 R12: ffffc90005716fc0 [ 766.211745][ C0] R13: ffffc90005716f70 R14: ffffc900057173e8 R15: ffffc900057172b8 [ 766.219711][ C0] ? get_page_from_freelist+0x111d/0x3140 [ 766.225425][ C0] ? __kernel_text_address+0xd/0x30 [ 766.230617][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 766.236754][ C0] arch_stack_walk+0x94/0xf0 [ 766.241335][ C0] ? get_page_from_freelist+0x111d/0x3140 [ 766.247045][ C0] stack_trace_save+0x8e/0xc0 [ 766.251744][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 766.257124][ C0] save_stack+0x162/0x1e0 [ 766.261436][ C0] ? __pfx_save_stack+0x10/0x10 [ 766.266279][ C0] ? post_alloc_hook+0x153/0x170 [ 766.271200][ C0] ? get_page_from_freelist+0x111d/0x3140 [ 766.276912][ C0] ? __lock_acquire+0x4a5/0x2630 [ 766.281839][ C0] __set_page_owner+0x8c/0x540 [ 766.286592][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 766.291945][ C0] ? bad_range+0x261/0x400 [ 766.296362][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 766.301551][ C0] post_alloc_hook+0x153/0x170 [ 766.306302][ C0] get_page_from_freelist+0x111d/0x3140 [ 766.311844][ C0] ? __pfx___might_resched+0x10/0x10 [ 766.317144][ C0] ? prepare_alloc_pages+0x16d/0x5f0 [ 766.322420][ C0] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 766.328302][ C0] ? __pfx_css_rstat_updated+0x10/0x10 [ 766.333748][ C0] ? trace_ignore_this_task+0xbc/0x100 [ 766.339192][ C0] ? trace_ignore_this_task+0xbc/0x100 [ 766.344664][ C0] ? rcu_is_watching+0x12/0xc0 [ 766.349417][ C0] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 766.355737][ C0] ? lru_gen_add_folio+0x20f/0x13e0 [ 766.360927][ C0] ? lock_acquire+0x1cf/0x380 [ 766.365587][ C0] ? find_held_lock+0x2b/0x80 [ 766.370246][ C0] ? page_table_check_set+0x49a/0xa10 [ 766.375597][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 766.381471][ C0] ? policy_nodemask+0xed/0x4f0 [ 766.386302][ C0] alloc_pages_mpol+0x1fb/0x550 [ 766.391136][ C0] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 766.396496][ C0] folio_alloc_mpol_noprof+0x36/0x340 [ 766.401852][ C0] vma_alloc_folio_noprof+0xed/0x1d0 [ 766.407122][ C0] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 766.413005][ C0] do_anonymous_page+0xb3a/0x1fb0 [ 766.418020][ C0] __handle_mm_fault+0x1d42/0x2b60 [ 766.423125][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 766.428569][ C0] ? pte_offset_map_lock+0x174/0x320 [ 766.433850][ C0] ? find_held_lock+0x2b/0x80 [ 766.438511][ C0] ? follow_page_pte+0x5b3/0x1400 [ 766.443520][ C0] handle_mm_fault+0x36d/0xa20 [ 766.448272][ C0] __get_user_pages+0xf9c/0x34d0 [ 766.453196][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 766.458553][ C0] populate_vma_page_range+0x267/0x3f0 [ 766.463998][ C0] ? __pfx_populate_vma_page_range+0x10/0x10 [ 766.469959][ C0] ? __pfx_find_vma_intersection+0x10/0x10 [ 766.475745][ C0] ? do_mmap+0x93f/0x12f0 [ 766.480057][ C0] __mm_populate+0x107/0x3a0 [ 766.484720][ C0] ? __pfx___mm_populate+0x10/0x10 [ 766.489841][ C0] ? up_write+0x290/0x4f0 [ 766.494161][ C0] vm_mmap_pgoff+0x37f/0x470 [ 766.498923][ C0] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 766.504045][ C0] ksys_mmap_pgoff+0xe1/0x650 [ 766.508726][ C0] ? kcov_ioctl+0x16a/0x720 [ 766.513222][ C0] ? kfree+0x2ec/0x6b0 [ 766.517279][ C0] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 766.522546][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 766.528357][ C0] __x64_sys_mmap+0x125/0x190 [ 766.533029][ C0] do_syscall_64+0x106/0xf80 [ 766.537608][ C0] ? clear_bhb_loop+0x40/0x90 [ 766.542269][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.548141][ C0] RIP: 0033:0x7f884f99c799 [ 766.552533][ C0] RSP: 002b:00007f8850943028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 766.560930][ C0] RAX: ffffffffffffffda RBX: 00007f884fc15fa0 RCX: 00007f884f99c799 [ 766.568900][ C0] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 766.576883][ C0] RBP: 00007f884fa32c99 R08: 0000000000000002 R09: 0000000000008000 [ 766.584842][ C0] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 766.592793][ C0] R13: 00007f884fc16038 R14: 00007f884fc15fa0 R15: 00007fffdc74cb48 [ 766.600756][ C0] [ 771.314502][ T1300] ieee802154 phy1 wpan1: encryption failed: -22