last executing test programs: 10m55.751102965s ago: executing program 1 (id=4848): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_fd, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 10m52.609948974s ago: executing program 1 (id=4865): r0 = socket(0xa, 0x1, 0x84) ioctl$auto(0x3, 0x80108907, r0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 10m51.888951569s ago: executing program 1 (id=4878): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x8) 10m48.686982541s ago: executing program 1 (id=4917): socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x200000000eb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @local}, 0x10) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) 10m46.943084336s ago: executing program 1 (id=4939): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, &(0x7f0000001c00)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x240088d4}, 0x2400c884) 10m43.366278667s ago: executing program 1 (id=4973): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000002c0)={0x28, r1, 0x1, 0x74bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_TX_AGGR_MAX_FRAMES={0x8, 0x1b, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) 10m42.975188835s ago: executing program 32 (id=4973): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000002c0)={0x28, r1, 0x1, 0x74bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_TX_AGGR_MAX_FRAMES={0x8, 0x1b, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) 5.28513541s ago: executing program 4 (id=11354): close_range$auto(0x0, 0xfffffffffffff001, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1e, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4) 5.108396447s ago: executing program 4 (id=11358): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) shutdown$auto(0x200000003, 0x0) socket(0x2, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0xf39, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.90142805s ago: executing program 4 (id=11360): close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/tracing/saved_tgids\x00', 0x241842, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0xf3) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) r0 = open(&(0x7f0000000100)='./file0\x00', 0x149443, 0xc8) r1 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000000c0)={r0, 0x8, 0x2000000, 0x8000}) 4.564876035s ago: executing program 4 (id=11367): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0xfffffffd, 0x2, 0x8000000000000000, 0x0) clock_nanosleep$auto(0xfffffff2, 0x5, 0x0, 0x0) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0x4, 0x1, 0x9}, 0xe, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) landlock_restrict_self$auto(r0, 0xb) fanotify_mark$auto(0x0, 0x105, 0x8009, 0xffffffffffffffff, 0x0) 4.277113784s ago: executing program 4 (id=11371): socket(0x23, 0x2, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x40000080) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/035/001\x00', 0xa901, 0x0) 3.310574682s ago: executing program 4 (id=11380): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f0000000140)={[0x9, 0x5, 0xb, 0xa63f, 0x7fffffff, 0x6, 0x9, 0x5f, 0x7d2ee4e8, 0x6a7, 0x1, 0x5, 0x2, 0x0, 0x7, 0x5]}, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(r1, 0x0, 0x40100000a3d5) mmap$auto(0x0, 0x1009, 0x2, 0x8000000008011, 0x3, 0x0) 1.618562142s ago: executing program 2 (id=11391): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x4b3d}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.441009621s ago: executing program 2 (id=11392): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5o\x91p\xe6\x1eRN8\x99\x00\b\xaa\x1c\x00\x00\x00\x00c\x14\xaf\r\x94\x1a\xd3\xd3\x1d\xf8\xbebR\xddL\'\x03\xf1`\x9f5\xf9\xa4\xf8\x15\xdd\xac\x00\x00\x00\x00\x00\x00\"\x01\x0e\xa4\xdf\xdav\x1cC\xff\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\x9d*\xd1\x14^\xbe\xa2\x00\x00\x00\x01\x00\x00\x00\x00\x00\xe8\xff\x00\x00\x00\x00\x00', 0xfdef, 0x500000000000) 1.440867573s ago: executing program 3 (id=11393): r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0xb) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x23, 0x80805, 0x0) inotify_init1$auto(0x3000000000000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1cc5087217524dd0}}, 0x6a) 1.292892819s ago: executing program 3 (id=11394): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$auto(r0, &(0x7f0000000140)='7\x00\x04\xa0\x04|\x03\xcb\x12\xfa\b\x1c\x92T\xc3\xbe\x1e\xe9;l\xe4!\x90SE\xb1\xde\xc4\x10\x8b\xc4;\xc7SB\x99\xd7;lh\x04\xbbd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd9\xdd\xb0\xdfr\xda\v\x84\xa8\xdac2\x99\xcc\xad\x8b\x92\x06\xd2 B6\x1b\x1c\xd82\x85\xad\xff\x9f\xb8\v\xe9\x9d\xee{\a\x93SW\v\xdb\xd7\xfc\x05m1\xd2[c\xf06\x83Y]\xd1\xa8fFKqu\xb7\xe91Q\x82\xe9\x1c\x85_\x93', 0x81) mmap$auto(0x0, 0xfd, 0x4000000000df, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) 1.187541705s ago: executing program 0 (id=11395): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r0, 0x65, 0x8, 0x0, 0x0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto(r1, 0x4008af03, 0x0) io_uring_setup$auto(0x1, 0x0) ioctl$auto_VHOST_NET_SET_BACKEND(r1, 0x4008af30, 0x0) 1.105046252s ago: executing program 0 (id=11396): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x84) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) 692.077809ms ago: executing program 3 (id=11397): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0x10, 0x3, 0xa) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) 602.1901ms ago: executing program 3 (id=11398): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r0, 0x84, 0x6c, 0x0, 0x0) 580.302588ms ago: executing program 0 (id=11399): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70001cdddf250200020008000308"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1800"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000044}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00) 381.426013ms ago: executing program 2 (id=11401): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x40, &(0x7f00000001c0)={0x1200, 0x5, 0x10000, 0xd, 0x5b77b906, 0x0, 0xffffffffffffffff, [0xcfa, 0xe5d, 0x5], {0x8001, 0x38, 0x9, 0x4, 0x4, 0x3, 0x3ff, 0x3, 0xffff}, {0x20000000, 0x9, 0x7, 0x2, 0x2, 0xffff13a7, 0x0, 0x449e, 0x1}}) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0xc, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x6, 0xb, 0x1, 0xced80000000000, 0x5, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0xf, 0x0, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x2, 0xc, 0x5a}) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100) 373.365293ms ago: executing program 0 (id=11402): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}}) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000180)='./file0\x00', 0x440, 0x5bc) fcntl$auto_F_ADD_SEALS(r0, 0x410, 0x0) removexattr$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00') close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 280.202888ms ago: executing program 2 (id=11403): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x1, 0x0, 0x10000000000000, 0x2}, 0x895}, 0x3, 0x0) r0 = getpid() openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000080), 0x20802, 0x0) r1 = socket(0x2, 0x80002, 0x73) getsockopt$auto(r1, 0x0, 0x3, 0x0, &(0x7f0000000080)=0x3ff) process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x10ffffffff}, 0x6, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7) 234.392878ms ago: executing program 3 (id=11404): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) r1 = epoll_create$auto(0x8800001) epoll_ctl$auto(r1, 0x1, r0, 0x0) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 197.3974ms ago: executing program 0 (id=11405): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x3, 0x5, 0x4, 0xd, 0xfffffffffffffffc, 0x913, 0x2c2, 0x800002017d, 0x2, 0x40, 0x1ff, 0xd59, 0xfb, 0xff, 0x1e, 0x988]}, 0x0, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0xdf) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r1 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8955, 0x0) 79.551878ms ago: executing program 2 (id=11406): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4010ae68, &(0x7f0000000040)={0x80}) 68.812212ms ago: executing program 3 (id=11407): rt_sigprocmask$auto(0x0, 0x0, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 3.242771ms ago: executing program 0 (id=11408): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) ioctl$auto(0x3, 0x89e0, 0x91) 0s ago: executing program 2 (id=11409): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) socket(0x29, 0x2, 0x0) write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x00\x01_\x9e\x99:R\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc', 0x7f) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) io_uring_setup$auto(0x6, 0x0) bpf$auto(0x1, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x8000, 0xf9c, 0x466, 0x9, 0x3, 0x4, 0x2, 0x4, 0x200, 0x3, 0xb6, 0x4, 0x6, 0x9}, 0xa3) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) kernel console output (not intermixed with test programs): 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 894.013079][T28953] RSP: 002b:00007f221d2dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 894.013112][T28953] RAX: ffffffffffffffda RBX: 00007f221c625fa8 RCX: 00007f221c39de59 [ 894.013135][T28953] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f221c625fa8 [ 894.013156][T28953] RBP: 00007f221c625fa0 R08: 0000000000000000 R09: 0000000000000000 [ 894.013177][T28953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 894.013197][T28953] R13: 00007f221c626038 R14: 00007ffff27623e0 R15: 00007ffff27624c8 [ 894.013241][T28953] [ 894.793051][T28990] netlink: 'syz.0.9677': attribute type 15 has an invalid length. [ 894.817445][T28990] netlink: 186 bytes leftover after parsing attributes in process `syz.0.9677'. [ 894.929884][T28992] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9678'. [ 894.957474][T28992] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9678'. [ 895.090090][T28997] netlink: 334 bytes leftover after parsing attributes in process `syz.4.9680'. [ 896.908085][T29035] netlink: 314 bytes leftover after parsing attributes in process `syz.2.9693'. [ 896.984848][T29038] FAULT_INJECTION: forcing a failure. [ 896.984848][T29038] name failslab, interval 1, probability 0, space 0, times 0 [ 897.025502][T29038] CPU: 0 UID: 0 PID: 29038 Comm: syz.0.9694 Tainted: G L syzkaller #0 PREEMPT(full) [ 897.025552][T29038] Tainted: [L]=SOFTLOCKUP [ 897.025563][T29038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 897.025589][T29038] Call Trace: [ 897.025599][T29038] [ 897.025610][T29038] dump_stack_lvl+0x100/0x190 [ 897.025648][T29038] should_fail_ex.cold+0x5/0xa [ 897.025683][T29038] should_failslab+0xc2/0x120 [ 897.025721][T29038] kmem_cache_alloc_noprof+0x91/0x6a0 [ 897.025753][T29038] ? d_instantiate+0x8a/0xb0 [ 897.025783][T29038] ? d_instantiate+0x8a/0xb0 [ 897.025812][T29038] ? alloc_empty_file+0x5b/0x1c0 [ 897.025851][T29038] alloc_empty_file+0x5b/0x1c0 [ 897.025887][T29038] alloc_file_pseudo+0x183/0x290 [ 897.025930][T29038] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 897.025968][T29038] ? alloc_fd+0x471/0x7a0 [ 897.026022][T29038] ? do_raw_spin_unlock+0x145/0x1e0 [ 897.026063][T29038] __anon_inode_getfile+0xe8/0x280 [ 897.026108][T29038] anon_inode_getfile_fmode+0x37/0xa0 [ 897.026152][T29038] __do_sys_timerfd_create+0x2d6/0x3f0 [ 897.026196][T29038] ? do_syscall_64+0x90/0x840 [ 897.026251][T29038] do_syscall_64+0x115/0x840 [ 897.026301][T29038] ? clear_bhb_loop+0x40/0x90 [ 897.026345][T29038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 897.026382][T29038] RIP: 0033:0x7f38a259de59 [ 897.026410][T29038] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 897.026445][T29038] RSP: 002b:00007f38a33fd028 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 897.026479][T29038] RAX: ffffffffffffffda RBX: 00007f38a2825fa0 RCX: 00007f38a259de59 [ 897.026502][T29038] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 897.026523][T29038] RBP: 00007f38a2633e6f R08: 0000000000000000 R09: 0000000000000000 [ 897.026545][T29038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 897.026566][T29038] R13: 00007f38a2826038 R14: 00007f38a2825fa0 R15: 00007fff0b666858 [ 897.026613][T29038] [ 898.346034][T29064] netlink: 326 bytes leftover after parsing attributes in process `syz.3.9704'. [ 898.368925][T29066] netlink: 'syz.4.9703': attribute type 1 has an invalid length. [ 899.417137][T29085] netlink: 'syz.2.9712': attribute type 2 has an invalid length. [ 899.703987][T29081] Process accounting resumed [ 899.877340][T29095] netlink: 342 bytes leftover after parsing attributes in process `syz.4.9724'. [ 899.983767][T29100] netlink: 'syz.2.9716': attribute type 1 has an invalid length. [ 900.489437][T29107] netlink: 'syz.4.9720': attribute type 1 has an invalid length. [ 900.524672][T29107] netlink: 322 bytes leftover after parsing attributes in process `syz.4.9720'. [ 900.552609][T29107] netlink: 'syz.4.9720': attribute type 1 has an invalid length. [ 900.575962][T29107] netlink: 322 bytes leftover after parsing attributes in process `syz.4.9720'. [ 902.006340][T29147] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9735'. [ 904.714958][T29198] kexec: Could not allocate control_code_buffer [ 904.861211][T29213] netlink: 'syz.3.9759': attribute type 1 has an invalid length. [ 904.893802][T29211] FAULT_INJECTION: forcing a failure. [ 904.893802][T29211] name failslab, interval 1, probability 0, space 0, times 0 [ 904.914874][T29211] CPU: 1 UID: 0 PID: 29211 Comm: syz.4.9760 Tainted: G L syzkaller #0 PREEMPT(full) [ 904.914924][T29211] Tainted: [L]=SOFTLOCKUP [ 904.914935][T29211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 904.914954][T29211] Call Trace: [ 904.914965][T29211] [ 904.914978][T29211] dump_stack_lvl+0x100/0x190 [ 904.915020][T29211] should_fail_ex.cold+0x5/0xa [ 904.915059][T29211] should_failslab+0xc2/0x120 [ 904.915103][T29211] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 904.915144][T29211] ? start_dirop+0x79/0xb0 [ 904.915193][T29211] ? alloc_inode+0x68/0x250 [ 904.915234][T29211] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 904.915362][T29211] alloc_inode+0x68/0x250 [ 904.915404][T29211] new_inode+0x22/0x1c0 [ 904.915450][T29211] __debugfs_create_file+0x105/0x4f0 [ 904.915501][T29211] debugfs_create_file_full+0x41/0x60 [ 904.915555][T29211] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 904.915608][T29211] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 904.915660][T29211] ? ida_alloc_range+0x70d/0x830 [ 904.915789][T29211] ? kasan_save_track+0x14/0x30 [ 904.915829][T29211] ? __kasan_kmalloc+0xaa/0xb0 [ 904.915869][T29211] ? lockdep_init_map_type+0x5c/0x250 [ 904.915936][T29211] preinit_net.part.0+0x252/0x920 [ 904.915981][T29211] copy_net_ns+0x339/0x7c0 [ 904.916032][T29211] create_new_namespaces+0x3ea/0xac0 [ 904.916101][T29211] unshare_nsproxy_namespaces+0xf2/0x220 [ 904.916166][T29211] ksys_unshare+0x438/0xab0 [ 904.916210][T29211] ? __pfx_ksys_unshare+0x10/0x10 [ 904.916272][T29211] __x64_sys_unshare+0x31/0x40 [ 904.916312][T29211] do_syscall_64+0x115/0x840 [ 904.916360][T29211] ? clear_bhb_loop+0x40/0x90 [ 904.916402][T29211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 904.916438][T29211] RIP: 0033:0x7f9df939de59 [ 904.916466][T29211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 904.916500][T29211] RSP: 002b:00007f9dfa306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 904.916533][T29211] RAX: ffffffffffffffda RBX: 00007f9df9625fa0 RCX: 00007f9df939de59 [ 904.916555][T29211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 904.916576][T29211] RBP: 00007f9df9433e6f R08: 0000000000000000 R09: 0000000000000000 [ 904.916597][T29211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 904.916617][T29211] R13: 00007f9df9626038 R14: 00007f9df9625fa0 R15: 00007ffd4e4e1028 [ 904.916661][T29211] [ 904.955334][T29211] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88805a0a5100' [ 905.621444][T29224] FAULT_INJECTION: forcing a failure. [ 905.621444][T29224] name failslab, interval 1, probability 0, space 0, times 0 [ 905.655368][T29224] CPU: 0 UID: 0 PID: 29224 Comm: syz.3.9764 Tainted: G L syzkaller #0 PREEMPT(full) [ 905.655424][T29224] Tainted: [L]=SOFTLOCKUP [ 905.655438][T29224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 905.655458][T29224] Call Trace: [ 905.655469][T29224] [ 905.655483][T29224] dump_stack_lvl+0x100/0x190 [ 905.655527][T29224] should_fail_ex.cold+0x5/0xa [ 905.655567][T29224] ? __pfx_filemap_map_pages+0x10/0x10 [ 905.655619][T29224] should_failslab+0xc2/0x120 [ 905.655671][T29224] kmem_cache_alloc_noprof+0x91/0x6a0 [ 905.655713][T29224] ? ptlock_alloc+0x1f/0x70 [ 905.655785][T29224] ? __pfx_filemap_map_pages+0x10/0x10 [ 905.655833][T29224] ptlock_alloc+0x1f/0x70 [ 905.655882][T29224] pte_alloc_one+0x82/0x3d0 [ 905.655931][T29224] __do_fault+0x26c/0x440 [ 905.655970][T29224] do_fault+0x2db/0x1750 [ 905.656013][T29224] ? __pmd_alloc+0x3fb/0x950 [ 905.656061][T29224] __handle_mm_fault+0x187d/0x2a00 [ 905.656121][T29224] ? mt_find+0x45e/0x8e0 [ 905.656156][T29224] ? __pfx___handle_mm_fault+0x10/0x10 [ 905.656206][T29224] ? __pfx_mt_find+0x10/0x10 [ 905.656260][T29224] ? find_vma+0xbf/0x140 [ 905.656300][T29224] ? __pfx_find_vma+0x10/0x10 [ 905.656343][T29224] handle_mm_fault+0x37b/0xa30 [ 905.656403][T29224] do_user_addr_fault+0x74c/0x12f0 [ 905.656459][T29224] exc_page_fault+0x6f/0xd0 [ 905.656508][T29224] asm_exc_page_fault+0x26/0x30 [ 905.656542][T29224] RIP: 0010:rep_movs_alternative+0x33/0xa0 [ 905.656583][T29224] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 7d 9d 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 905.656615][T29224] RSP: 0018:ffffc90003867d68 EFLAGS: 00050216 [ 905.656643][T29224] RAX: 000040000007d000 RBX: 0000000000000020 RCX: 0000000000000020 [ 905.656678][T29224] RDX: 0000000000000001 RSI: ffffc90003867dd0 RDI: 0000000000000000 [ 905.656699][T29224] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff5200070cfbd [ 905.656720][T29224] R10: ffffc90003867def R11: 0000000000000000 R12: ffffc90003867dd0 [ 905.656741][T29224] R13: 0000000000000020 R14: 00007ffffffff000 R15: 0000000000000000 [ 905.656783][T29224] _copy_to_user+0xa4/0xd0 [ 905.656832][T29224] ksys_msgctl.constprop.0+0x2cc/0x340 [ 905.656885][T29224] ? __pfx_ksys_msgctl.constprop.0+0x10/0x10 [ 905.656932][T29224] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 905.657019][T29224] do_syscall_64+0x115/0x840 [ 905.657067][T29224] ? clear_bhb_loop+0x40/0x90 [ 905.657108][T29224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 905.657143][T29224] RIP: 0033:0x7f221c39de59 [ 905.657171][T29224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 905.657204][T29224] RSP: 002b:00007f221d2dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000047 [ 905.657235][T29224] RAX: ffffffffffffffda RBX: 00007f221c625fa0 RCX: 00007f221c39de59 [ 905.657258][T29224] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000000049e1 [ 905.657279][T29224] RBP: 00007f221c433e6f R08: 0000000000000000 R09: 0000000000000000 [ 905.657300][T29224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 905.657320][T29224] R13: 00007f221c626038 R14: 00007f221c625fa0 R15: 00007ffff27624c8 [ 905.657363][T29224] [ 906.696406][T29242] FAULT_INJECTION: forcing a failure. [ 906.696406][T29242] name failslab, interval 1, probability 0, space 0, times 0 [ 906.758113][T29242] CPU: 1 UID: 0 PID: 29242 Comm: syz.3.9771 Tainted: G L syzkaller #0 PREEMPT(full) [ 906.758170][T29242] Tainted: [L]=SOFTLOCKUP [ 906.758186][T29242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 906.758207][T29242] Call Trace: [ 906.758218][T29242] [ 906.758231][T29242] dump_stack_lvl+0x100/0x190 [ 906.758276][T29242] should_fail_ex.cold+0x5/0xa [ 906.758315][T29242] should_failslab+0xc2/0x120 [ 906.758360][T29242] kmem_cache_alloc_noprof+0x91/0x6a0 [ 906.758398][T29242] ? trace_kmem_cache_alloc+0xdd/0x100 [ 906.758442][T29242] ? security_file_alloc+0x34/0x2c0 [ 906.758491][T29242] security_file_alloc+0x34/0x2c0 [ 906.758532][T29242] init_file+0x95/0x480 [ 906.758568][T29242] alloc_empty_file+0x79/0x1c0 [ 906.758620][T29242] dentry_open+0x46/0xd0 [ 906.758657][T29242] ima_calc_file_hash+0xe1/0x380 [ 906.758777][T29242] ima_collect_measurement+0x94f/0xb30 [ 906.758827][T29242] ? __pfx_ima_collect_measurement+0x10/0x10 [ 906.758889][T29242] ? process_measurement+0x5ab/0x2350 [ 906.758923][T29242] ? is_bad_inode+0xd/0x40 [ 906.758967][T29242] ? xattr_resolve_name+0x27d/0x3f0 [ 906.759024][T29242] ? vfs_getxattr_alloc+0xec/0x350 [ 906.759091][T29242] ? ima_get_hash_algo+0x241/0x400 [ 906.759168][T29242] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 906.759227][T29242] ? process_measurement+0xdfe/0x2350 [ 906.759259][T29242] process_measurement+0xdfe/0x2350 [ 906.759323][T29242] ? __pfx_process_measurement+0x10/0x10 [ 906.759442][T29242] ? __configfs_open_file+0x6ca/0x9c0 [ 906.759557][T29242] ima_file_check+0xcc/0x120 [ 906.759594][T29242] ? __pfx_ima_file_check+0x10/0x10 [ 906.759641][T29242] security_file_post_open+0xc4/0x210 [ 906.759682][T29242] path_openat+0x985/0x4280 [ 906.759754][T29242] ? __pfx_path_openat+0x10/0x10 [ 906.759821][T29242] do_file_open+0x20e/0x430 [ 906.759878][T29242] ? __pfx_do_file_open+0x10/0x10 [ 906.759961][T29242] ? alloc_fd+0x471/0x7a0 [ 906.760017][T29242] ? do_getname+0x191/0x390 [ 906.760066][T29242] do_sys_openat2+0x10f/0x1e0 [ 906.760108][T29242] ? __pfx_do_sys_openat2+0x10/0x10 [ 906.760154][T29242] ? __fget_files+0x21f/0x3d0 [ 906.760215][T29242] __x64_sys_openat+0x12d/0x210 [ 906.760257][T29242] ? __pfx___x64_sys_openat+0x10/0x10 [ 906.760316][T29242] do_syscall_64+0x115/0x840 [ 906.760368][T29242] ? clear_bhb_loop+0x40/0x90 [ 906.760411][T29242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.760447][T29242] RIP: 0033:0x7f221c39de59 [ 906.760477][T29242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 906.760512][T29242] RSP: 002b:00007f221d2dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 906.760547][T29242] RAX: ffffffffffffffda RBX: 00007f221c625fa0 RCX: 00007f221c39de59 [ 906.760570][T29242] RDX: 00000000000c8003 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 906.760593][T29242] RBP: 00007f221c433e6f R08: 0000000000000000 R09: 0000000000000000 [ 906.760613][T29242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 906.760633][T29242] R13: 00007f221c626038 R14: 00007f221c625fa0 R15: 00007ffff27624c8 [ 906.760677][T29242] [ 906.831528][ T30] audit: type=1800 audit(4294967477.040:39): pid=29242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.9771" name="lu_gp_id" dev="configfs" ino=91581 res=0 errno=0 [ 907.310506][ T5644] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 907.310559][ T5644] Bluetooth: hci3: unexpected subevent 0x06 length: 725 > 10 [ 907.391217][T29260] kafs: addr_prefs: Invalid Command [ 907.403261][T29260] FAULT_INJECTION: forcing a failure. [ 907.403261][T29260] name fail_futex, interval 1, probability 0, space 0, times 0 [ 907.416410][T29260] CPU: 0 UID: 0 PID: 29260 Comm: syz.2.9780 Tainted: G L syzkaller #0 PREEMPT(full) [ 907.416459][T29260] Tainted: [L]=SOFTLOCKUP [ 907.416472][T29260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 907.416492][T29260] Call Trace: [ 907.416503][T29260] [ 907.416524][T29260] dump_stack_lvl+0x100/0x190 [ 907.416567][T29260] should_fail_ex.cold+0x5/0xa [ 907.416605][T29260] get_futex_key+0x1d2/0x14f0 [ 907.416662][T29260] ? __pfx_get_futex_key+0x10/0x10 [ 907.416717][T29260] ? kasan_quarantine_put+0x104/0x240 [ 907.416752][T29260] ? lockdep_hardirqs_on+0x78/0x100 [ 907.416802][T29260] ? proc_simple_write+0x110/0x1a0 [ 907.416839][T29260] futex_wake+0xf4/0x5e0 [ 907.416879][T29260] ? find_held_lock+0x2b/0x80 [ 907.416917][T29260] ? __pfx_futex_wake+0x10/0x10 [ 907.416961][T29260] ? rcu_read_lock_any_held+0x6a/0xa0 [ 907.417000][T29260] ? find_held_lock+0x2b/0x80 [ 907.417034][T29260] ? ksys_write+0x190/0x250 [ 907.417082][T29260] ? ksys_write+0x190/0x250 [ 907.417134][T29260] do_futex+0x2b2/0x440 [ 907.417168][T29260] ? __pfx_do_futex+0x10/0x10 [ 907.417203][T29260] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 907.417262][T29260] __x64_sys_futex+0x34f/0x4d0 [ 907.417301][T29260] ? __pfx___x64_sys_futex+0x10/0x10 [ 907.417349][T29260] do_syscall_64+0x115/0x840 [ 907.417397][T29260] ? clear_bhb_loop+0x40/0x90 [ 907.417446][T29260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 907.417484][T29260] RIP: 0033:0x7f9cad39de59 [ 907.417521][T29260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 907.417553][T29260] RSP: 002b:00007f9cae3520e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 907.417586][T29260] RAX: ffffffffffffffda RBX: 00007f9cad625fa8 RCX: 00007f9cad39de59 [ 907.417612][T29260] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9cad625fac [ 907.417633][T29260] RBP: 00007f9cad625fa0 R08: 0000000000000001 R09: 0000000000000000 [ 907.417653][T29260] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 907.417675][T29260] R13: 00007f9cad626038 R14: 00007ffcf409ccc0 R15: 00007ffcf409cda8 [ 907.417719][T29260] [ 908.562249][T29288] netlink: 326 bytes leftover after parsing attributes in process `syz.4.9790'. [ 909.335645][ T5644] Bluetooth: hci3: command 0x0406 tx timeout [ 910.201370][T29322] netlink: 338 bytes leftover after parsing attributes in process `syz.0.9802'. [ 910.247568][T29320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9801'. [ 910.819467][T29334] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9806'. [ 910.977119][T29334] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9806'. [ 911.360483][T29349] netlink: 338 bytes leftover after parsing attributes in process `syz.2.9811'. [ 911.667670][T29356] netlink: 326 bytes leftover after parsing attributes in process `syz.4.9814'. [ 912.361800][T29371] FAULT_INJECTION: forcing a failure. [ 912.361800][T29371] name failslab, interval 1, probability 0, space 0, times 0 [ 912.378285][T29371] CPU: 1 UID: 0 PID: 29371 Comm: syz.4.9823 Tainted: G L syzkaller #0 PREEMPT(full) [ 912.378338][T29371] Tainted: [L]=SOFTLOCKUP [ 912.378351][T29371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 912.378372][T29371] Call Trace: [ 912.378384][T29371] [ 912.378396][T29371] dump_stack_lvl+0x100/0x190 [ 912.378439][T29371] should_fail_ex.cold+0x5/0xa [ 912.378483][T29371] should_failslab+0xc2/0x120 [ 912.378525][T29371] __kvmalloc_node_noprof+0x116/0x970 [ 912.378566][T29371] ? percpu_ref_init+0xec/0x3f0 [ 912.378600][T29371] ? io_alloc_cache_init+0x38/0x170 [ 912.378732][T29371] io_alloc_cache_init+0x38/0x170 [ 912.378769][T29371] io_uring_setup.cold+0x46e/0x1c2e [ 912.378819][T29371] ? ksys_write+0x190/0x250 [ 912.378868][T29371] ? ksys_write+0x190/0x250 [ 912.378915][T29371] ? __pfx_io_uring_setup+0x10/0x10 [ 912.379019][T29371] ? do_futex+0x190/0x440 [ 912.379052][T29371] ? __pfx_do_futex+0x10/0x10 [ 912.379095][T29371] ? xfd_validate_state+0x129/0x190 [ 912.379139][T29371] __x64_sys_io_uring_setup+0xc2/0x170 [ 912.379219][T29371] do_syscall_64+0x115/0x840 [ 912.379265][T29371] ? clear_bhb_loop+0x40/0x90 [ 912.379306][T29371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.379339][T29371] RIP: 0033:0x7f9df939de59 [ 912.379366][T29371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 912.379401][T29371] RSP: 002b:00007f9dfa306028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 912.379430][T29371] RAX: ffffffffffffffda RBX: 00007f9df9625fa0 RCX: 00007f9df939de59 [ 912.379450][T29371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 912.379481][T29371] RBP: 00007f9df9433e6f R08: 0000000000000000 R09: 0000000000000000 [ 912.379498][T29371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 912.379516][T29371] R13: 00007f9df9626038 R14: 00007f9df9625fa0 R15: 00007ffd4e4e1028 [ 912.379551][T29371] [ 912.666593][T25999] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 912.692661][T25999] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 912.707625][T25999] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 912.755597][T25999] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 912.765071][T25999] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 913.198393][T29394] netlink: 'syz.4.9827': attribute type 1 has an invalid length. [ 913.765964][T29409] netlink: 334 bytes leftover after parsing attributes in process `syz.4.9830'. [ 914.254032][T29376] bridge0: port 1(bridge_slave_0) entered blocking state [ 914.269418][T29376] bridge0: port 1(bridge_slave_0) entered disabled state [ 914.285055][T29376] bridge_slave_0: entered allmulticast mode [ 914.304173][T29376] bridge_slave_0: entered promiscuous mode [ 914.327657][T29376] bridge0: port 2(bridge_slave_1) entered blocking state [ 914.344683][T29376] bridge0: port 2(bridge_slave_1) entered disabled state [ 914.365045][T29376] bridge_slave_1: entered allmulticast mode [ 914.377397][T29376] bridge_slave_1: entered promiscuous mode [ 914.473259][T29376] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 914.502813][T29376] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 914.597934][T29376] team0: Port device team_slave_0 added [ 914.617379][T29376] team0: Port device team_slave_1 added [ 914.711103][T29376] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 914.726002][T29376] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 914.774522][T29376] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 914.797202][T29376] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 914.804225][T29376] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 914.854552][ T5644] Bluetooth: hci0: command tx timeout [ 914.862020][T29376] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 914.935291][T29376] hsr_slave_0: entered promiscuous mode [ 914.942330][T29376] hsr_slave_1: entered promiscuous mode [ 914.949058][T29376] debugfs: 'hsr0' already exists in 'hsr' [ 914.955002][T29376] Cannot create hsr debugfs directory [ 915.396379][T29446] netlink: 342 bytes leftover after parsing attributes in process `syz.2.9844'. [ 915.437313][T29376] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 915.665464][T29376] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 915.851235][T29376] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 916.100257][T29376] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 916.368146][T29376] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 916.382177][T29376] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 916.392000][T29376] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 916.401978][T29376] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 916.410291][T29376] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 916.421454][T29376] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 916.429656][T29376] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 916.440340][T29376] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 916.523342][T29376] 8021q: adding VLAN 0 to HW filter on device bond0 [ 916.548175][T29376] 8021q: adding VLAN 0 to HW filter on device team0 [ 916.561406][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 916.568639][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 916.588076][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 916.595262][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 916.934549][ T5644] Bluetooth: hci0: command tx timeout [ 917.007294][T29376] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 917.062423][T29376] veth0_vlan: entered promiscuous mode [ 917.077854][T29376] veth1_vlan: entered promiscuous mode [ 917.114022][T29376] veth0_macvtap: entered promiscuous mode [ 917.126647][T29376] veth1_macvtap: entered promiscuous mode [ 917.150506][T29376] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 917.165519][T29376] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 917.181309][ T1129] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.191436][ T1129] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.201205][ T1129] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.216525][ T1129] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.350843][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 917.359407][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 917.400844][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 917.410026][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 917.477789][T29475] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9819'. [ 918.984243][T29510] FAULT_INJECTION: forcing a failure. [ 918.984243][T29510] name failslab, interval 1, probability 0, space 0, times 0 [ 919.009154][T29510] CPU: 0 UID: 0 PID: 29510 Comm: syz.0.9860 Tainted: G L syzkaller #0 PREEMPT(full) [ 919.009208][T29510] Tainted: [L]=SOFTLOCKUP [ 919.009220][T29510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 919.009242][T29510] Call Trace: [ 919.009263][T29510] [ 919.009276][T29510] dump_stack_lvl+0x100/0x190 [ 919.009320][T29510] should_fail_ex.cold+0x5/0xa [ 919.009361][T29510] should_failslab+0xc2/0x120 [ 919.009407][T29510] __kmalloc_noprof+0xfc/0x820 [ 919.009446][T29510] ? afs_proc_addr_prefs_write+0x3da/0x1540 [ 919.009591][T29510] afs_proc_addr_prefs_write+0x3da/0x1540 [ 919.009643][T29510] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 919.009688][T29510] ? find_held_lock+0x2b/0x80 [ 919.009727][T29510] ? __might_fault+0xc5/0x140 [ 919.009781][T29510] ? __might_fault+0xc5/0x140 [ 919.009856][T29510] ? proc_simple_write+0x10e/0x1a0 [ 919.009889][T29510] proc_simple_write+0x10e/0x1a0 [ 919.009924][T29510] ? __pfx_proc_simple_write+0x10/0x10 [ 919.009961][T29510] proc_reg_write+0x240/0x330 [ 919.010017][T29510] vfs_write+0x2aa/0x1050 [ 919.010068][T29510] ? __pfx_proc_reg_write+0x10/0x10 [ 919.010122][T29510] ? __pfx_vfs_write+0x10/0x10 [ 919.010171][T29510] ? __fget_files+0x215/0x3d0 [ 919.010231][T29510] ? __fget_files+0x21f/0x3d0 [ 919.010302][T29510] ksys_write+0x12a/0x250 [ 919.010352][T29510] ? __pfx_ksys_write+0x10/0x10 [ 919.010416][T29510] do_syscall_64+0x115/0x840 [ 919.010466][T29510] ? clear_bhb_loop+0x40/0x90 [ 919.010508][T29510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 919.010544][T29510] RIP: 0033:0x7f38a259de59 [ 919.010571][T29510] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 919.010603][T29510] RSP: 002b:00007f38a33fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 919.010636][T29510] RAX: ffffffffffffffda RBX: 00007f38a2825fa0 RCX: 00007f38a259de59 [ 919.010660][T29510] RDX: 0000000000000009 RSI: 0000200000000100 RDI: 0000000000000003 [ 919.010679][T29510] RBP: 00007f38a2633e6f R08: 0000000000000000 R09: 0000000000000000 [ 919.010700][T29510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 919.010720][T29510] R13: 00007f38a2826038 R14: 00007f38a2825fa0 R15: 00007fff0b666858 [ 919.010764][T29510] [ 919.264628][ T5644] Bluetooth: hci0: command tx timeout [ 919.283258][T29512] FAULT_INJECTION: forcing a failure. [ 919.283258][T29512] name failslab, interval 1, probability 0, space 0, times 0 [ 919.296299][T29512] CPU: 0 UID: 0 PID: 29512 Comm: syz.4.9859 Tainted: G L syzkaller #0 PREEMPT(full) [ 919.296350][T29512] Tainted: [L]=SOFTLOCKUP [ 919.296362][T29512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 919.296381][T29512] Call Trace: [ 919.296392][T29512] [ 919.296404][T29512] dump_stack_lvl+0x100/0x190 [ 919.296447][T29512] should_fail_ex.cold+0x5/0xa [ 919.296486][T29512] should_failslab+0xc2/0x120 [ 919.296529][T29512] kmem_cache_alloc_noprof+0x91/0x6a0 [ 919.296568][T29512] ? prepare_creds+0x2c/0x950 [ 919.296620][T29512] prepare_creds+0x2c/0x950 [ 919.296669][T29512] __sys_setuid+0x9c/0x440 [ 919.296722][T29512] do_syscall_64+0x115/0x840 [ 919.296769][T29512] ? clear_bhb_loop+0x40/0x90 [ 919.296811][T29512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 919.296844][T29512] RIP: 0033:0x7f9df939de59 [ 919.296872][T29512] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 919.296905][T29512] RSP: 002b:00007f9dfa306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 919.296936][T29512] RAX: ffffffffffffffda RBX: 00007f9df9625fa0 RCX: 00007f9df939de59 [ 919.296959][T29512] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 919.296978][T29512] RBP: 00007f9df9433e6f R08: 0000000000000000 R09: 0000000000000000 [ 919.296999][T29512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 919.297018][T29512] R13: 00007f9df9626038 R14: 00007f9df9625fa0 R15: 00007ffd4e4e1028 [ 919.297061][T29512] [ 920.331037][T29531] netlink: 186 bytes leftover after parsing attributes in process `syz.2.9867'. [ 920.356635][T29531] netlink: 186 bytes leftover after parsing attributes in process `syz.2.9867'. [ 921.334484][ T5644] Bluetooth: hci0: command tx timeout [ 922.048503][T29569] netlink: 326 bytes leftover after parsing attributes in process `syz.2.9879'. [ 922.093752][T29569] bridge0: port 5(team0) entered disabled state [ 922.303212][T29575] netlink: 334 bytes leftover after parsing attributes in process `syz.2.9880'. [ 922.371505][T29577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9881'. [ 922.398025][T29577] netlink: 354 bytes leftover after parsing attributes in process `syz.0.9881'. [ 922.927530][T29591] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9887'. [ 922.961092][T29591] vlan1: entered allmulticast mode [ 923.395052][T29602] netlink: 326 bytes leftover after parsing attributes in process `syz.0.9890'. [ 924.104696][T29619] netlink: 25 bytes leftover after parsing attributes in process `syz.4.9896'. [ 924.597401][T29634] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9900'. [ 926.014965][T29665] __nla_validate_parse: 1 callbacks suppressed [ 926.015000][T29665] netlink: 350 bytes leftover after parsing attributes in process `syz.4.9906'. [ 927.380960][T29704] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9915'. [ 928.911743][T29751] FAULT_INJECTION: forcing a failure. [ 928.911743][T29751] name failslab, interval 1, probability 0, space 0, times 0 [ 928.926303][T29751] CPU: 0 UID: 0 PID: 29751 Comm: syz.0.9929 Tainted: G L syzkaller #0 PREEMPT(full) [ 928.926357][T29751] Tainted: [L]=SOFTLOCKUP [ 928.926369][T29751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 928.926390][T29751] Call Trace: [ 928.926401][T29751] [ 928.926414][T29751] dump_stack_lvl+0x100/0x190 [ 928.926458][T29751] should_fail_ex.cold+0x5/0xa [ 928.926498][T29751] should_failslab+0xc2/0x120 [ 928.926543][T29751] __kmalloc_cache_noprof+0x91/0x6c0 [ 928.926595][T29751] ? kstrdup_quotable_cmdline+0x110/0x210 [ 928.926650][T29751] ? kstrdup_quotable_cmdline+0x132/0x210 [ 928.926705][T29751] ? kstrdup_quotable_cmdline+0x52/0x210 [ 928.926768][T29751] kstrdup_quotable_cmdline+0x52/0x210 [ 928.926828][T29751] __report_access+0x77/0x230 [ 928.926870][T29751] ? _raw_spin_unlock_irq+0x23/0x50 [ 928.926920][T29751] task_work_run+0x150/0x240 [ 928.926970][T29751] ? __pfx_task_work_run+0x10/0x10 [ 928.927030][T29751] exit_to_user_mode_loop+0x1d8/0x6f0 [ 928.927084][T29751] ? rcu_is_watching+0x12/0xc0 [ 928.927129][T29751] do_syscall_64+0x652/0x840 [ 928.927181][T29751] ? clear_bhb_loop+0x40/0x90 [ 928.927232][T29751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.927269][T29751] RIP: 0033:0x7f38a259de59 [ 928.927298][T29751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 928.927333][T29751] RSP: 002b:00007f38a33fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 928.927366][T29751] RAX: ffffffffffffffff RBX: 00007f38a2825fa0 RCX: 00007f38a259de59 [ 928.927389][T29751] RDX: 0000000000000003 RSI: 0000200000002980 RDI: 0000000000000001 [ 928.927410][T29751] RBP: 00007f38a2633e6f R08: 0000000000000004 R09: 0000000000000000 [ 928.927432][T29751] R10: 0000200000002a40 R11: 0000000000000246 R12: 0000000000000000 [ 928.927458][T29751] R13: 00007f38a2826038 R14: 00007f38a2825fa0 R15: 00007fff0b666858 [ 928.927502][T29751] [ 928.928283][T29751] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[22300] was attempted by "(null)"[29751] [ 929.342128][T29755] block nbd3: Unsupported socket: should be TCP or UNIX. [ 929.603107][T29762] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9934'. [ 929.823444][T29767] unsupported nlmsg_type 40 [ 930.289523][T29772] Process accounting paused [ 930.394061][T29780] netlink: 350 bytes leftover after parsing attributes in process `syz.4.9939'. [ 930.438479][T29782] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9940'. [ 930.638975][T29786] netlink: 334 bytes leftover after parsing attributes in process `syz.2.9942'. [ 931.108251][T29804] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9948'. [ 931.236786][T29809] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9948'. [ 931.742667][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.752252][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 933.411781][T29860] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9965'. [ 933.424930][T29860] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9965'. [ 934.405563][T29878] FAULT_INJECTION: forcing a failure. [ 934.405563][T29878] name failslab, interval 1, probability 0, space 0, times 0 [ 934.434687][T29878] CPU: 1 UID: 0 PID: 29878 Comm: syz.2.9972 Tainted: G L syzkaller #0 PREEMPT(full) [ 934.434743][T29878] Tainted: [L]=SOFTLOCKUP [ 934.434755][T29878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 934.434776][T29878] Call Trace: [ 934.434786][T29878] [ 934.434799][T29878] dump_stack_lvl+0x100/0x190 [ 934.434848][T29878] should_fail_ex.cold+0x5/0xa [ 934.434885][T29878] should_failslab+0xc2/0x120 [ 934.434931][T29878] kmem_cache_alloc_noprof+0x91/0x6a0 [ 934.434967][T29878] ? d_instantiate+0x8a/0xb0 [ 934.435002][T29878] ? d_instantiate+0x8a/0xb0 [ 934.435035][T29878] ? alloc_empty_file+0x5b/0x1c0 [ 934.435081][T29878] alloc_empty_file+0x5b/0x1c0 [ 934.435122][T29878] alloc_file_pseudo+0x183/0x290 [ 934.435163][T29878] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 934.435207][T29878] ? _raw_spin_unlock+0x28/0x50 [ 934.435251][T29878] ? alloc_fd+0x471/0x7a0 [ 934.435307][T29878] __anon_inode_getfile+0xe8/0x280 [ 934.435351][T29878] __anon_inode_getfd+0x5c/0xe0 [ 934.435397][T29878] do_inotify_init+0x483/0x5e0 [ 934.435444][T29878] __x64_sys_inotify_init1+0x30/0x40 [ 934.435490][T29878] do_syscall_64+0x115/0x840 [ 934.435540][T29878] ? clear_bhb_loop+0x40/0x90 [ 934.435582][T29878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 934.435619][T29878] RIP: 0033:0x7f9cad39de59 [ 934.435655][T29878] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 934.435689][T29878] RSP: 002b:00007f9cae352028 EFLAGS: 00000246 ORIG_RAX: 0000000000000126 [ 934.435722][T29878] RAX: ffffffffffffffda RBX: 00007f9cad625fa0 RCX: 00007f9cad39de59 [ 934.435744][T29878] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0003000000000000 [ 934.435765][T29878] RBP: 00007f9cad433e6f R08: 0000000000000000 R09: 0000000000000000 [ 934.435786][T29878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 934.435807][T29878] R13: 00007f9cad626038 R14: 00007f9cad625fa0 R15: 00007ffcf409cda8 [ 934.435851][T29878] [ 935.284917][T29898] FAULT_INJECTION: forcing a failure. [ 935.284917][T29898] name fail_futex, interval 1, probability 0, space 0, times 0 [ 935.313349][T29898] CPU: 1 UID: 0 PID: 29898 Comm: syz.4.9980 Tainted: G L syzkaller #0 PREEMPT(full) [ 935.313403][T29898] Tainted: [L]=SOFTLOCKUP [ 935.313416][T29898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 935.313438][T29898] Call Trace: [ 935.313449][T29898] [ 935.313461][T29898] dump_stack_lvl+0x100/0x190 [ 935.313505][T29898] should_fail_ex.cold+0x5/0xa [ 935.313552][T29898] get_futex_key+0x1d2/0x14f0 [ 935.313612][T29898] ? __pfx_get_futex_key+0x10/0x10 [ 935.313665][T29898] ? __pfx_futex_hash+0x10/0x10 [ 935.313728][T29898] futex_wake+0xf4/0x5e0 [ 935.313770][T29898] ? __lock_acquire+0x49f/0x1a40 [ 935.313820][T29898] ? __pfx_futex_wake+0x10/0x10 [ 935.313861][T29898] ? __lock_acquire+0x49f/0x1a40 [ 935.313925][T29898] do_futex+0x2b2/0x440 [ 935.313960][T29898] ? __pfx_do_futex+0x10/0x10 [ 935.313996][T29898] ? rcu_is_watching+0x12/0xc0 [ 935.314038][T29898] __x64_sys_futex+0x34f/0x4d0 [ 935.314071][T29898] ? __pfx___x64_sys_rt_sigprocmask+0x10/0x10 [ 935.314129][T29898] ? __pfx___x64_sys_futex+0x10/0x10 [ 935.314178][T29898] do_syscall_64+0x115/0x840 [ 935.314229][T29898] ? clear_bhb_loop+0x40/0x90 [ 935.314272][T29898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.314305][T29898] RIP: 0033:0x7f9df939de59 [ 935.314331][T29898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 935.314370][T29898] RSP: 002b:00007f9dfa3060e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 935.314403][T29898] RAX: ffffffffffffffda RBX: 00007f9df9625fa8 RCX: 00007f9df939de59 [ 935.314424][T29898] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9df9625fac [ 935.314444][T29898] RBP: 00007f9df9625fa0 R08: 0000000000000001 R09: 0000000000000000 [ 935.314464][T29898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 935.314484][T29898] R13: 00007f9df9626038 R14: 00007ffd4e4e0f40 R15: 00007ffd4e4e1028 [ 935.314527][T29898] [ 935.785229][T29904] netlink: 342 bytes leftover after parsing attributes in process `syz.4.9981'. [ 936.400361][T29920] bond0: option lp_interval: invalid value (0) [ 936.427122][T29920] bond0: option lp_interval: allowed values 1 - 2147483647 [ 936.691167][T29928] netlink: 222 bytes leftover after parsing attributes in process `syz.0.9990'. [ 937.730469][T29947] netlink: 114 bytes leftover after parsing attributes in process `syz.4.9995'. [ 938.062304][T29957] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9999'. [ 938.820925][T29980] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10009'. [ 938.945701][T29983] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10010'. [ 938.988661][T29986] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10009'. [ 940.243809][T30021] netlink: 206 bytes leftover after parsing attributes in process `syz.2.10022'. [ 940.808963][T30033] netlink: 504 bytes leftover after parsing attributes in process `syz.3.10028'. [ 941.446274][T30046] netlink: 330 bytes leftover after parsing attributes in process `syz.0.10032'. [ 945.304313][T30123] netlink: 74 bytes leftover after parsing attributes in process `syz.2.10060'. [ 946.661144][T30159] netlink: 342 bytes leftover after parsing attributes in process `syz.4.10074'. [ 946.828810][T30161] netlink: 326 bytes leftover after parsing attributes in process `syz.4.10075'. [ 948.528938][T30167] kexec: Could not allocate control_code_buffer [ 950.608676][T30247] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10105'. [ 950.619530][T30247] netlink: 13 bytes leftover after parsing attributes in process `syz.4.10105'. [ 950.629435][T30247] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10105'. [ 953.020912][T30279] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10115'. [ 953.060256][T30279] netlink: 5 bytes leftover after parsing attributes in process `syz.3.10115'. [ 953.099353][T30279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10115'. [ 953.153274][T30286] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10116'. [ 953.198503][T30288] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10118'. [ 954.411229][T30325] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10131'. [ 954.429625][T30325] netlink: 'syz.2.10131': attribute type 7 has an invalid length. [ 954.901000][T30343] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10138'. [ 957.102495][T30404] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10161'. [ 957.869825][T30422] netlink: 'syz.3.10168': attribute type 4 has an invalid length. [ 958.604972][T30437] sctp: [Deprecated]: syz.4.10173 (pid 30437) Use of int in maxseg socket option. [ 958.604972][T30437] Use struct sctp_assoc_value instead [ 959.961267][T30475] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10181'. [ 959.980063][T30474] netlink: 'syz.0.10182': attribute type 27 has an invalid length. [ 959.989883][T30474] netlink: 334 bytes leftover after parsing attributes in process `syz.0.10182'. [ 960.008725][T30475] veth1_macvtap: left promiscuous mode [ 960.015738][T30475] macsec0: entered promiscuous mode [ 960.021045][T30475] macsec0: entered allmulticast mode [ 960.173425][T30478] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10183'. [ 960.402240][T30479] Process accounting resumed [ 960.619534][T30498] netlink: 'syz.0.10193': attribute type 4 has an invalid length. [ 960.637020][T30498] netlink: 'syz.0.10193': attribute type 4 has an invalid length. [ 961.053731][T30509] FAULT_INJECTION: forcing a failure. [ 961.053731][T30509] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 961.096566][T30509] CPU: 0 UID: 0 PID: 30509 Comm: syz.2.10196 Tainted: G L syzkaller #0 PREEMPT(full) [ 961.096620][T30509] Tainted: [L]=SOFTLOCKUP [ 961.096632][T30509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 961.096652][T30509] Call Trace: [ 961.096663][T30509] [ 961.096676][T30509] dump_stack_lvl+0x100/0x190 [ 961.096719][T30509] should_fail_ex.cold+0x5/0xa [ 961.096759][T30509] _copy_to_iter+0x1f3/0x1720 [ 961.096814][T30509] ? __pfx__copy_to_iter+0x10/0x10 [ 961.096863][T30509] ? rcu_is_watching+0x12/0xc0 [ 961.096901][T30509] ? __up_read+0x333/0x980 [ 961.096941][T30509] copy_page_to_iter+0x285/0x370 [ 961.096990][T30509] process_vm_rw_core.constprop.0+0x5a3/0x950 [ 961.097049][T30509] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 961.097103][T30509] ? import_ubuf+0x1b6/0x220 [ 961.097163][T30509] ? iovec_from_user+0xda/0x140 [ 961.097214][T30509] process_vm_rw+0x226/0x2d0 [ 961.097248][T30509] ? futex_wait+0x11e/0x370 [ 961.097292][T30509] ? __pfx_process_vm_rw+0x10/0x10 [ 961.097347][T30509] ? do_writev+0x214/0x340 [ 961.097394][T30509] ? do_writev+0x214/0x340 [ 961.097456][T30509] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 961.097530][T30509] ? xfd_validate_state+0x129/0x190 [ 961.097578][T30509] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 961.097618][T30509] ? do_syscall_64+0x90/0x840 [ 961.097669][T30509] ? lockdep_hardirqs_on+0x78/0x100 [ 961.097719][T30509] do_syscall_64+0x115/0x840 [ 961.097768][T30509] ? clear_bhb_loop+0x40/0x90 [ 961.097811][T30509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 961.097848][T30509] RIP: 0033:0x7f9cad39de59 [ 961.097877][T30509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 961.097912][T30509] RSP: 002b:00007f9cae352028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 961.097947][T30509] RAX: ffffffffffffffda RBX: 00007f9cad625fa0 RCX: 00007f9cad39de59 [ 961.097970][T30509] RDX: 0000040000000001 RSI: 0000200000000000 RDI: 0000000000001900 [ 961.097991][T30509] RBP: 00007f9cad433e6f R08: 0000000000000006 R09: 0000000000000000 [ 961.098011][T30509] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 961.098033][T30509] R13: 00007f9cad626038 R14: 00007f9cad625fa0 R15: 00007ffcf409cda8 [ 961.098077][T30509] [ 962.990117][T30554] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10210'. [ 963.154194][T30526] kexec: Could not allocate control_code_buffer [ 963.323924][T30565] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10214'. [ 963.590738][T30572] __vm_enough_memory: pid: 30572, comm: syz.4.10216, bytes: 4398046457856 not enough memory for the allocation [ 963.694008][T30574] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10217'. [ 965.285455][T30606] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10227'. [ 965.677750][T30615] netlink: 'syz.2.10233': attribute type 33 has an invalid length. [ 965.765142][T30591] kexec: Could not allocate control_code_buffer [ 965.848254][T30619] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10235'. [ 966.002979][T30628] netlink: 330 bytes leftover after parsing attributes in process `syz.2.10238'. [ 966.292304][T30639] netlink: 'syz.3.10243': attribute type 1 has an invalid length. [ 966.303659][T30639] netlink: 33 bytes leftover after parsing attributes in process `syz.3.10243'. [ 966.851542][T30664] : renamed from team0 [ 967.906158][T30699] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10266'. [ 969.059522][T30727] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10275'. [ 969.182716][T30729] FAULT_INJECTION: forcing a failure. [ 969.182716][T30729] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 969.203082][T30729] CPU: 1 UID: 0 PID: 30729 Comm: syz.3.10276 Tainted: G L syzkaller #0 PREEMPT(full) [ 969.203133][T30729] Tainted: [L]=SOFTLOCKUP [ 969.203145][T30729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 969.203166][T30729] Call Trace: [ 969.203176][T30729] [ 969.203189][T30729] dump_stack_lvl+0x100/0x190 [ 969.203241][T30729] should_fail_ex.cold+0x5/0xa [ 969.203279][T30729] _copy_to_iter+0x1f3/0x1720 [ 969.203332][T30729] ? __pfx__copy_to_iter+0x10/0x10 [ 969.203380][T30729] ? rcu_is_watching+0x12/0xc0 [ 969.203420][T30729] ? __up_read+0x333/0x980 [ 969.203460][T30729] copy_page_to_iter+0x285/0x370 [ 969.203510][T30729] process_vm_rw_core.constprop.0+0x5a3/0x950 [ 969.203576][T30729] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 969.203619][T30729] ? import_ubuf+0x1b6/0x220 [ 969.203678][T30729] ? iovec_from_user+0xda/0x140 [ 969.203728][T30729] process_vm_rw+0x226/0x2d0 [ 969.203762][T30729] ? futex_wait+0x11e/0x370 [ 969.203807][T30729] ? __pfx_process_vm_rw+0x10/0x10 [ 969.203852][T30729] ? do_writev+0x214/0x340 [ 969.203898][T30729] ? do_writev+0x214/0x340 [ 969.203960][T30729] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 969.204030][T30729] ? xfd_validate_state+0x129/0x190 [ 969.204075][T30729] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 969.204114][T30729] ? do_syscall_64+0x90/0x840 [ 969.204168][T30729] ? lockdep_hardirqs_on+0x78/0x100 [ 969.204217][T30729] do_syscall_64+0x115/0x840 [ 969.204267][T30729] ? clear_bhb_loop+0x40/0x90 [ 969.204309][T30729] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 969.204345][T30729] RIP: 0033:0x7efd91f9de59 [ 969.204374][T30729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 969.204409][T30729] RSP: 002b:00007efd92ed7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 969.204443][T30729] RAX: ffffffffffffffda RBX: 00007efd92225fa0 RCX: 00007efd91f9de59 [ 969.204467][T30729] RDX: 0000040000000001 RSI: 0000200000000000 RDI: 0000000000000117 [ 969.204489][T30729] RBP: 00007efd92033e6f R08: 0000000000000006 R09: 0000000000000000 [ 969.204511][T30729] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 969.204532][T30729] R13: 00007efd92226038 R14: 00007efd92225fa0 R15: 00007ffc702cb0e8 [ 969.204585][T30729] [ 969.991982][T30750] FAULT_INJECTION: forcing a failure. [ 969.991982][T30750] name failslab, interval 1, probability 0, space 0, times 0 [ 970.006010][T30750] CPU: 1 UID: 0 PID: 30750 Comm: syz.4.10283 Tainted: G L syzkaller #0 PREEMPT(full) [ 970.006062][T30750] Tainted: [L]=SOFTLOCKUP [ 970.006074][T30750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 970.006093][T30750] Call Trace: [ 970.006104][T30750] [ 970.006116][T30750] dump_stack_lvl+0x100/0x190 [ 970.006171][T30750] should_fail_ex.cold+0x5/0xa [ 970.006205][T30750] should_failslab+0xc2/0x120 [ 970.006243][T30750] kmem_cache_alloc_noprof+0x91/0x6a0 [ 970.006277][T30750] ? __pmd_alloc+0xbf/0x950 [ 970.006320][T30750] __pmd_alloc+0xbf/0x950 [ 970.006361][T30750] move_page_tables+0x2f7c/0x4610 [ 970.006446][T30750] ? __pfx_move_page_tables+0x10/0x10 [ 970.006520][T30750] ? __lock_acquire+0x49f/0x1a40 [ 970.006569][T30750] ? rcu_is_watching+0x12/0xc0 [ 970.006632][T30750] copy_vma_and_data+0x25c/0x7c0 [ 970.006695][T30750] ? __pfx_copy_vma_and_data+0x10/0x10 [ 970.006756][T30750] ? mtree_load+0x311/0xa90 [ 970.006816][T30750] ? arch_get_unmapped_area_topdown+0x3e6/0x9b0 [ 970.006871][T30750] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 970.006926][T30750] move_vma+0x574/0x1920 [ 970.006993][T30750] ? __pfx_move_vma+0x10/0x10 [ 970.007055][T30750] ? shmem_get_unmapped_area+0x141/0x960 [ 970.007110][T30750] ? cap_mmap_addr+0x4b/0x120 [ 970.007162][T30750] ? bpf_lsm_mmap_addr+0x9/0x30 [ 970.007223][T30750] ? security_mmap_addr+0x71/0x1e0 [ 970.007263][T30750] ? __get_unmapped_area+0x255/0x3e0 [ 970.007311][T30750] ? vrm_set_new_addr+0x204/0x290 [ 970.007368][T30750] mremap_to+0x234/0x4c0 [ 970.007408][T30750] ? __pfx_mremap_to+0x10/0x10 [ 970.007438][T30750] ? check_prep_vma+0x912/0xe60 [ 970.007518][T30750] __do_sys_mremap+0xb3e/0x1850 [ 970.007561][T30750] ? find_held_lock+0x2b/0x80 [ 970.007601][T30750] ? do_writev+0x214/0x340 [ 970.007649][T30750] ? __pfx___do_sys_mremap+0x10/0x10 [ 970.007695][T30750] ? __pfx_do_futex+0x10/0x10 [ 970.007730][T30750] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 970.007787][T30750] ? __fget_files+0x21f/0x3d0 [ 970.007843][T30750] ? __x64_sys_futex+0x34f/0x4d0 [ 970.007901][T30750] do_syscall_64+0x115/0x840 [ 970.007952][T30750] ? clear_bhb_loop+0x40/0x90 [ 970.007996][T30750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.008033][T30750] RIP: 0033:0x7f9df939de59 [ 970.008062][T30750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 970.008096][T30750] RSP: 002b:00007f9dfa306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 970.008130][T30750] RAX: ffffffffffffffda RBX: 00007f9df9625fa0 RCX: 00007f9df939de59 [ 970.008154][T30750] RDX: 0000000000003fd6 RSI: 000000000000fee0 RDI: 00000000001fc000 [ 970.008176][T30750] RBP: 00007f9df9433e6f R08: 00000000fffff000 R09: 0000000000000000 [ 970.008198][T30750] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 970.008219][T30750] R13: 00007f9df9626038 R14: 00007f9df9625fa0 R15: 00007ffd4e4e1028 [ 970.008264][T30750] [ 970.827541][T30764] netlink: 146 bytes leftover after parsing attributes in process `syz.2.10292'. [ 970.900289][T30770] netlink: 146 bytes leftover after parsing attributes in process `syz.4.10291'. [ 972.216213][T30798] netlink: 330 bytes leftover after parsing attributes in process `syz.4.10302'. [ 972.570324][ T30] audit: type=1800 audit(4294967542.780:40): pid=30806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.10305" name="file0" dev="tmpfs" ino=3713 res=0 errno=0 [ 972.690223][T30811] __vm_enough_memory: pid: 30811, comm: syz.3.10307, bytes: 4398046457856 not enough memory for the allocation [ 972.872993][T30814] netlink: 342 bytes leftover after parsing attributes in process `syz.4.10308'. [ 973.048528][T30816] FAULT_INJECTION: forcing a failure. [ 973.048528][T30816] name failslab, interval 1, probability 0, space 0, times 0 [ 973.061604][T30816] CPU: 1 UID: 0 PID: 30816 Comm: syz.4.10309 Tainted: G L syzkaller #0 PREEMPT(full) [ 973.061666][T30816] Tainted: [L]=SOFTLOCKUP [ 973.061682][T30816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 973.061706][T30816] Call Trace: [ 973.061720][T30816] [ 973.061735][T30816] dump_stack_lvl+0x100/0x190 [ 973.061784][T30816] should_fail_ex.cold+0x5/0xa [ 973.061830][T30816] should_failslab+0xc2/0x120 [ 973.061881][T30816] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 973.061927][T30816] ? find_held_lock+0x2b/0x80 [ 973.061973][T30816] ? alloc_inode+0x183/0x250 [ 973.062038][T30816] alloc_inode+0x183/0x250 [ 973.062086][T30816] path_from_stashed+0x25b/0x750 [ 973.062136][T30816] pidfs_alloc_file+0xf8/0x290 [ 973.062198][T30816] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 973.062272][T30816] pidfd_prepare+0x107/0x1b0 [ 973.062318][T30816] __x64_sys_pidfd_open+0x105/0x1a0 [ 973.062371][T30816] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 973.062435][T30816] do_syscall_64+0x115/0x840 [ 973.062492][T30816] ? clear_bhb_loop+0x40/0x90 [ 973.062543][T30816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 973.062584][T30816] RIP: 0033:0x7f9df939de59 [ 973.062617][T30816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 973.062655][T30816] RSP: 002b:00007f9dfa306028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 973.062692][T30816] RAX: ffffffffffffffda RBX: 00007f9df9625fa0 RCX: 00007f9df939de59 [ 973.062719][T30816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000caf [ 973.062742][T30816] RBP: 00007f9df9433e6f R08: 0000000000000000 R09: 0000000000000000 [ 973.062766][T30816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 973.062789][T30816] R13: 00007f9df9626038 R14: 00007f9df9625fa0 R15: 00007ffd4e4e1028 [ 973.062849][T30816] [ 973.372336][T30820] netlink: 'syz.2.10312': attribute type 4 has an invalid length. [ 973.401655][T30820] netlink: 314 bytes leftover after parsing attributes in process `syz.2.10312'. [ 973.747546][T30832] zswap: compressor not available [ 975.462962][T30873] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10327'. [ 975.530545][T30876] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 975.696414][T30879] netlink: 322 bytes leftover after parsing attributes in process `syz.0.10329'. [ 975.923193][T30885] __vm_enough_memory: pid: 30885, comm: syz.2.10332, bytes: 4398046457856 not enough memory for the allocation [ 975.966894][T30887] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10334'. [ 976.401635][T30903] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10340'. [ 976.436151][T30903] IPv6: NLM_F_CREATE should be specified when creating new route [ 976.460271][T30905] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10340'. [ 976.475312][T30903] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 976.485828][T30903] IPv6: NLM_F_CREATE should be set when creating new route [ 976.493128][T30903] IPv6: NLM_F_CREATE should be set when creating new route [ 976.514579][T30905] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 979.117834][T30958] FAULT_INJECTION: forcing a failure. [ 979.117834][T30958] name failslab, interval 1, probability 0, space 0, times 0 [ 979.147671][T30958] CPU: 1 UID: 0 PID: 30958 Comm: syz.4.10358 Tainted: G L syzkaller #0 PREEMPT(full) [ 979.147724][T30958] Tainted: [L]=SOFTLOCKUP [ 979.147737][T30958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 979.147758][T30958] Call Trace: [ 979.147770][T30958] [ 979.147784][T30958] dump_stack_lvl+0x100/0x190 [ 979.147828][T30958] should_fail_ex.cold+0x5/0xa [ 979.147867][T30958] should_failslab+0xc2/0x120 [ 979.147911][T30958] kmem_cache_alloc_noprof+0x91/0x6a0 [ 979.147952][T30958] ? __pfx_map_id_range_down+0x10/0x10 [ 979.147998][T30958] ? security_inode_alloc+0x3b/0x2c0 [ 979.148070][T30958] security_inode_alloc+0x3b/0x2c0 [ 979.148130][T30958] inode_init_always_gfp+0xc77/0xfb0 [ 979.148187][T30958] alloc_inode+0x8e/0x250 [ 979.148226][T30958] alloc_anon_inode+0x2a/0x3e0 [ 979.148284][T30958] anon_inode_make_secure_inode+0x2f/0x140 [ 979.148330][T30958] __anon_inode_getfile+0x1cf/0x280 [ 979.148367][T30958] ? _copy_to_user+0xaf/0xd0 [ 979.148415][T30958] io_uring_setup.cold+0x1928/0x1c2e [ 979.148473][T30958] ? __pfx_io_uring_setup+0x10/0x10 [ 979.148531][T30958] ? __pfx_do_futex+0x10/0x10 [ 979.148584][T30958] ? xfd_validate_state+0x129/0x190 [ 979.148631][T30958] __x64_sys_io_uring_setup+0xc2/0x170 [ 979.148697][T30958] do_syscall_64+0x115/0x840 [ 979.148749][T30958] ? clear_bhb_loop+0x40/0x90 [ 979.148789][T30958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 979.148823][T30958] RIP: 0033:0x7f9df939de59 [ 979.148852][T30958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 979.148882][T30958] RSP: 002b:00007f9dfa306028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 979.148911][T30958] RAX: ffffffffffffffda RBX: 00007f9df9625fa0 RCX: 00007f9df939de59 [ 979.148931][T30958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000fa3 [ 979.148950][T30958] RBP: 00007f9df9433e6f R08: 0000000000000000 R09: 0000000000000000 [ 979.148969][T30958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 979.148987][T30958] R13: 00007f9df9626038 R14: 00007f9df9625fa0 R15: 00007ffd4e4e1028 [ 979.149024][T30958] [ 979.885874][T30973] netlink: 21 bytes leftover after parsing attributes in process `syz.3.10363'. [ 981.517038][T31003] netlink: 'syz.0.10371': attribute type 22 has an invalid length. [ 981.525622][T31003] netlink: 330 bytes leftover after parsing attributes in process `syz.0.10371'. [ 982.001151][T31020] netlink: 86 bytes leftover after parsing attributes in process `syz.2.10378'. [ 982.217852][ T5644] Bluetooth: hci2: unexpected event 0x08 length: 6 > 4 [ 982.321681][T31032] netlink: 'syz.2.10383': attribute type 29 has an invalid length. [ 982.354719][T31032] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10383'. [ 982.721458][T31037] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10385'. [ 982.802985][T31052] netlink: 'syz.2.10390': attribute type 19 has an invalid length. [ 982.811143][T31052] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10390'. [ 982.938653][T31054] netlink: 25 bytes leftover after parsing attributes in process `syz.4.10392'. [ 982.989082][T31056] netlink: 'syz.2.10391': attribute type 4 has an invalid length. [ 983.149417][T31064] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10396'. [ 984.161187][T31085] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10401'. [ 986.672626][T31159] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10427'. [ 986.710477][ T5644] Bluetooth: hci0: unexpected event 0x04 length: 47 > 10 [ 986.710528][ T5644] Bluetooth: unknown link type 255 [ 986.724107][ T5644] Bluetooth: hci0: connection err: -111 [ 986.978825][T31167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10429'. [ 987.018674][T31167] netlink: 25 bytes leftover after parsing attributes in process `syz.3.10429'. [ 987.605638][T31185] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10435'. [ 987.656876][T31187] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10434'. [ 988.098250][T31193] netlink: 'syz.0.10439': attribute type 33 has an invalid length. [ 988.124655][T31193] netlink: 322 bytes leftover after parsing attributes in process `syz.0.10439'. [ 988.450894][ T30] audit: type=1800 audit(4294967558.660:41): pid=31212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.10445" name="file0" dev="tmpfs" ino=752 res=0 errno=0 [ 990.617538][T31266] Process accounting paused [ 990.977199][T31281] netlink: 'syz.2.10466': attribute type 19 has an invalid length. [ 990.985755][T31281] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10466'. [ 992.201731][T31314] netlink: 'syz.2.10473': attribute type 27 has an invalid length. [ 992.219727][T31314] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10473'. [ 992.794468][T31324] netlink: 330 bytes leftover after parsing attributes in process `syz.0.10479'. [ 993.176714][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.187593][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 994.521982][T31354] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10491'. [ 994.555567][T31356] netlink: 330 bytes leftover after parsing attributes in process `syz.0.10497'. [ 994.668343][T31352] netlink: 'syz.3.10489': attribute type 33 has an invalid length. [ 994.676493][T31352] netlink: 322 bytes leftover after parsing attributes in process `syz.3.10489'. [ 996.001813][T31395] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10504'. [ 997.472450][T31440] netlink: 318 bytes leftover after parsing attributes in process `syz.2.10518'. [ 997.538667][T31442] netlink: 322 bytes leftover after parsing attributes in process `syz.2.10519'. [ 998.346066][T31459] zswap: compressor not available [ 998.758625][T31484] netlink: 'syz.3.10534': attribute type 14 has an invalid length. [ 998.767276][T31484] netlink: 330 bytes leftover after parsing attributes in process `syz.3.10534'. [ 999.179369][T31492] zswap: compressor û not available [ 999.404679][T31509] FAULT_INJECTION: forcing a failure. [ 999.404679][T31509] name failslab, interval 1, probability 0, space 0, times 0 [ 999.421231][T31509] CPU: 1 UID: 0 PID: 31509 Comm: syz.2.10542 Tainted: G L syzkaller #0 PREEMPT(full) [ 999.421286][T31509] Tainted: [L]=SOFTLOCKUP [ 999.421300][T31509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 999.421321][T31509] Call Trace: [ 999.421334][T31509] [ 999.421348][T31509] dump_stack_lvl+0x100/0x190 [ 999.421392][T31509] should_fail_ex.cold+0x5/0xa [ 999.421432][T31509] should_failslab+0xc2/0x120 [ 999.421478][T31509] kmem_cache_alloc_noprof+0x91/0x6a0 [ 999.421516][T31509] ? stack_trace_save+0x8e/0xc0 [ 999.421561][T31509] ? alloc_empty_file+0x5b/0x1c0 [ 999.421609][T31509] alloc_empty_file+0x5b/0x1c0 [ 999.421650][T31509] path_openat+0xe7/0x4280 [ 999.421701][T31509] ? __kasan_slab_alloc+0x89/0x90 [ 999.421742][T31509] ? kmem_cache_alloc_noprof+0x26b/0x6a0 [ 999.421787][T31509] ? do_getname+0x35/0x390 [ 999.421824][T31509] ? do_sys_openat2+0xc7/0x1e0 [ 999.421863][T31509] ? __x64_sys_openat+0x12d/0x210 [ 999.421905][T31509] ? do_syscall_64+0x115/0x840 [ 999.421956][T31509] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 999.422006][T31509] ? __pfx_path_openat+0x10/0x10 [ 999.422073][T31509] do_file_open+0x20e/0x430 [ 999.422144][T31509] ? __pfx_do_file_open+0x10/0x10 [ 999.422229][T31509] ? alloc_fd+0x471/0x7a0 [ 999.422286][T31509] ? do_getname+0x191/0x390 [ 999.422329][T31509] do_sys_openat2+0x10f/0x1e0 [ 999.422372][T31509] ? __pfx_do_sys_openat2+0x10/0x10 [ 999.422429][T31509] __x64_sys_openat+0x12d/0x210 [ 999.422475][T31509] ? __pfx___x64_sys_openat+0x10/0x10 [ 999.422535][T31509] do_syscall_64+0x115/0x840 [ 999.422587][T31509] ? clear_bhb_loop+0x40/0x90 [ 999.422629][T31509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 999.422666][T31509] RIP: 0033:0x7f9cad35e68e [ 999.422694][T31509] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 999.422729][T31509] RSP: 002b:00007f9cae351ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 999.422764][T31509] RAX: ffffffffffffffda RBX: 00007f9cae3526c0 RCX: 00007f9cad35e68e [ 999.422796][T31509] RDX: 0000000000000002 RSI: 00007f9cae351f90 RDI: ffffffffffffff9c [ 999.422819][T31509] RBP: 00007f9cad433e6f R08: 0000000000000000 R09: 0000000000000000 [ 999.422842][T31509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 999.422864][T31509] R13: 00007f9cad626038 R14: 00007f9cad625fa0 R15: 00007ffcf409cda8 [ 999.422909][T31509] [ 999.849822][T31520] FAULT_INJECTION: forcing a failure. [ 999.849822][T31520] name failslab, interval 1, probability 0, space 0, times 0 [ 999.863034][T31520] CPU: 1 UID: 0 PID: 31520 Comm: syz.2.10544 Tainted: G L syzkaller #0 PREEMPT(full) [ 999.863089][T31520] Tainted: [L]=SOFTLOCKUP [ 999.863103][T31520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 999.863124][T31520] Call Trace: [ 999.863136][T31520] [ 999.863150][T31520] dump_stack_lvl+0x100/0x190 [ 999.863194][T31520] should_fail_ex.cold+0x5/0xa [ 999.863245][T31520] should_failslab+0xc2/0x120 [ 999.863292][T31520] kmem_cache_alloc_noprof+0x91/0x6a0 [ 999.863329][T31520] ? d_instantiate+0x8a/0xb0 [ 999.863366][T31520] ? d_instantiate+0x8a/0xb0 [ 999.863399][T31520] ? alloc_empty_file+0x5b/0x1c0 [ 999.863447][T31520] alloc_empty_file+0x5b/0x1c0 [ 999.863488][T31520] alloc_file_pseudo+0x183/0x290 [ 999.863530][T31520] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 999.863574][T31520] ? _raw_spin_unlock+0x28/0x50 [ 999.863620][T31520] ? alloc_fd+0x471/0x7a0 [ 999.863675][T31520] __anon_inode_getfile+0xe8/0x280 [ 999.863723][T31520] do_epoll_create+0x3ac/0x540 [ 999.863783][T31520] __x64_sys_epoll_create+0x45/0x70 [ 999.863820][T31520] do_syscall_64+0x115/0x840 [ 999.863871][T31520] ? clear_bhb_loop+0x40/0x90 [ 999.863916][T31520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 999.863953][T31520] RIP: 0033:0x7f9cad39de59 [ 999.863983][T31520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 999.864018][T31520] RSP: 002b:00007f9cae352028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 999.864049][T31520] RAX: ffffffffffffffda RBX: 00007f9cad625fa0 RCX: 00007f9cad39de59 [ 999.864071][T31520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000003e [ 999.864092][T31520] RBP: 00007f9cad433e6f R08: 0000000000000000 R09: 0000000000000000 [ 999.864112][T31520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 999.864133][T31520] R13: 00007f9cad626038 R14: 00007f9cad625fa0 R15: 00007ffcf409cda8 [ 999.864177][T31520] [ 1001.025115][T31542] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10554'. [ 1001.391733][ T30] audit: type=1800 audit(4294967571.600:42): pid=31554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.10555" name="file0" dev="tmpfs" ino=6956 res=0 errno=0 [ 1002.967984][T31595] udc dummy_udc.0: soft-connect without a gadget driver [ 1003.314907][T31606] random: crng reseeded on system resumption [ 1003.951742][T31619] netlink: 130 bytes leftover after parsing attributes in process `syz.3.10579'. [ 1005.017723][T31651] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10592'. [ 1005.060390][T31651] macvtap0: entered promiscuous mode [ 1005.082267][T31651] macvtap0: entered allmulticast mode [ 1005.095632][T31651] veth0_macvtap: entered allmulticast mode [ 1005.300001][T31657] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10596'. [ 1005.478571][T31664] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10598'. [ 1005.647680][T31669] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10600'. [ 1005.719547][T31669] team0: Port device team_slave_1 removed [ 1006.951154][T31670] kexec: Could not allocate control_code_buffer [ 1007.123248][T31703] netlink: 342 bytes leftover after parsing attributes in process `syz.4.10610'. [ 1007.486089][T31715] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10615'. [ 1007.638888][T31721] udc dummy_udc.0: soft-connect without a gadget driver [ 1007.790675][ T30] audit: type=1800 audit(4294967578.000:43): pid=31724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.10616" name="file0" dev="tmpfs" ino=14832 res=0 errno=0 [ 1007.858340][T31727] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10619'. [ 1008.235043][T31738] netlink: 'syz.3.10623': attribute type 19 has an invalid length. [ 1008.255308][T31738] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10623'. [ 1009.155683][T31764] FAULT_INJECTION: forcing a failure. [ 1009.155683][T31764] name failslab, interval 1, probability 0, space 0, times 0 [ 1009.168889][T31764] CPU: 0 UID: 0 PID: 31764 Comm: syz.0.10633 Tainted: G L syzkaller #0 PREEMPT(full) [ 1009.168939][T31764] Tainted: [L]=SOFTLOCKUP [ 1009.168950][T31764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1009.168972][T31764] Call Trace: [ 1009.168984][T31764] [ 1009.168995][T31764] dump_stack_lvl+0x100/0x190 [ 1009.169040][T31764] should_fail_ex.cold+0x5/0xa [ 1009.169075][T31764] should_failslab+0xc2/0x120 [ 1009.169114][T31764] kmem_cache_alloc_noprof+0x91/0x6a0 [ 1009.169147][T31764] ? d_instantiate+0x8a/0xb0 [ 1009.169177][T31764] ? d_instantiate+0x8a/0xb0 [ 1009.169206][T31764] ? alloc_empty_file+0x5b/0x1c0 [ 1009.169254][T31764] alloc_empty_file+0x5b/0x1c0 [ 1009.169291][T31764] alloc_file_pseudo+0x183/0x290 [ 1009.169328][T31764] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1009.169367][T31764] ? _raw_spin_unlock+0x28/0x50 [ 1009.169406][T31764] ? alloc_fd+0x471/0x7a0 [ 1009.169455][T31764] __anon_inode_getfile+0xe8/0x280 [ 1009.169494][T31764] do_epoll_create+0x3ac/0x540 [ 1009.169545][T31764] __x64_sys_epoll_create+0x45/0x70 [ 1009.169577][T31764] do_syscall_64+0x115/0x840 [ 1009.169620][T31764] ? clear_bhb_loop+0x40/0x90 [ 1009.169658][T31764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1009.169690][T31764] RIP: 0033:0x7f38a259de59 [ 1009.169717][T31764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1009.169747][T31764] RSP: 002b:00007f38a33fd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 1009.169781][T31764] RAX: ffffffffffffffda RBX: 00007f38a2825fa0 RCX: 00007f38a259de59 [ 1009.169804][T31764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000003e [ 1009.169826][T31764] RBP: 00007f38a2633e6f R08: 0000000000000000 R09: 0000000000000000 [ 1009.169848][T31764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1009.169869][T31764] R13: 00007f38a2826038 R14: 00007f38a2825fa0 R15: 00007fff0b666858 [ 1009.169913][T31764] [ 1009.587634][ T30] audit: type=1800 audit(4294967579.800:44): pid=31769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.10635" name="file0" dev="tmpfs" ino=14843 res=0 errno=0 [ 1010.267574][T31789] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10643'. [ 1010.278464][T31789] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10643'. [ 1010.339030][T31791] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10644'. [ 1010.403466][T31793] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10645'. [ 1010.967925][T31814] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10654'. [ 1011.092176][T31819] netlink: 346 bytes leftover after parsing attributes in process `syz.2.10656'. [ 1011.253093][T31825] random: crng reseeded on system resumption [ 1011.298164][T31825] Restarting kernel threads ... [ 1011.310312][T31825] Done restarting kernel threads. [ 1011.636115][T31844] netlink: 222 bytes leftover after parsing attributes in process `syz.0.10668'. [ 1012.025390][T31856] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10671'. [ 1012.069932][T31856] team0: Port device team_slave_1 removed [ 1012.826641][T31888] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10683'. [ 1012.843933][T31888] : Port device team_slave_1 removed [ 1013.380207][T31902] ovs_: entered promiscuous mode [ 1014.416322][T31922] skbuff: bad partial csum: csum=65535/1 headroom=4 headlen=65543 [ 1014.521138][T31925] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10696'. [ 1014.587137][T31925] team_slave_1 (unregistering): left promiscuous mode [ 1014.616530][T31925] team_slave_1 (unregistering): left allmulticast mode [ 1014.637387][T31925] team0: Port device team_slave_1 removed [ 1015.631955][T31956] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10708'. [ 1015.841570][T31962] netlink: 'syz.0.10711': attribute type 4 has an invalid length. [ 1017.631753][T32001] netlink: 342 bytes leftover after parsing attributes in process `syz.4.10725'. [ 1017.862502][T32010] netlink: 'syz.4.10728': attribute type 16 has an invalid length. [ 1017.880318][T32010] netlink: 306 bytes leftover after parsing attributes in process `syz.4.10728'. [ 1018.078576][T32007] zswap: compressor not available [ 1018.935599][T32036] netlink: 146 bytes leftover after parsing attributes in process `syz.4.10736'. [ 1019.447697][T32054] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10743'. [ 1020.119298][T32066] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10747'. [ 1020.926853][T32064] Process accounting resumed [ 1021.082142][T32087] netlink: 334 bytes leftover after parsing attributes in process `syz.0.10755'. [ 1021.163633][T32090] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10756'. [ 1021.892776][T32108] netlink: 74 bytes leftover after parsing attributes in process `syz.0.10761'. [ 1022.588021][T32129] netlink: 326 bytes leftover after parsing attributes in process `syz.4.10769'. [ 1022.646995][T32131] netlink: 110 bytes leftover after parsing attributes in process `syz.2.10770'. [ 1022.800063][T32134] FAULT_INJECTION: forcing a failure. [ 1022.800063][T32134] name failslab, interval 1, probability 0, space 0, times 0 [ 1022.813090][T32134] CPU: 1 UID: 0 PID: 32134 Comm: syz.4.10771 Tainted: G L syzkaller #0 PREEMPT(full) [ 1022.813145][T32134] Tainted: [L]=SOFTLOCKUP [ 1022.813159][T32134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1022.813180][T32134] Call Trace: [ 1022.813192][T32134] [ 1022.813205][T32134] dump_stack_lvl+0x100/0x190 [ 1022.813248][T32134] should_fail_ex.cold+0x5/0xa [ 1022.813298][T32134] should_failslab+0xc2/0x120 [ 1022.813343][T32134] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 1022.813385][T32134] ? __d_alloc+0x35/0xa50 [ 1022.813426][T32134] __d_alloc+0x35/0xa50 [ 1022.813464][T32134] d_alloc_pseudo+0x1c/0xc0 [ 1022.813510][T32134] alloc_file_pseudo+0x118/0x290 [ 1022.813551][T32134] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1022.813601][T32134] __shmem_file_setup+0x205/0x460 [ 1022.813654][T32134] ? __pfx___shmem_file_setup+0x10/0x10 [ 1022.813698][T32134] ? vm_area_alloc+0x1f/0x160 [ 1022.813744][T32134] shmem_zero_setup+0x96/0x1b0 [ 1022.813775][T32134] __mmap_region+0x24ef/0x2db0 [ 1022.813836][T32134] ? __pfx___mmap_region+0x10/0x10 [ 1022.813889][T32134] ? __pfx___might_resched+0x10/0x10 [ 1022.813947][T32134] ? do_raw_spin_lock+0x128/0x260 [ 1022.813993][T32134] ? do_raw_spin_unlock+0x145/0x1e0 [ 1022.814032][T32134] ? debug_object_activate+0x343/0x4b0 [ 1022.814082][T32134] ? __pfx_debug_object_activate+0x10/0x10 [ 1022.814126][T32134] ? __lock_acquire+0x49f/0x1a40 [ 1022.814206][T32134] ? hrtimer_start_range_ns_common+0x78e/0x18b0 [ 1022.814262][T32134] ? rcu_is_watching+0x12/0xc0 [ 1022.814309][T32134] ? finish_task_switch.isra.0+0x2c5/0x10c0 [ 1022.814365][T32134] ? lockdep_hardirqs_on+0x78/0x100 [ 1022.814478][T32134] mmap_region+0x35d/0x620 [ 1022.814514][T32134] ? rcu_is_watching+0x12/0xc0 [ 1022.814550][T32134] ? __pfx_mmap_region+0x10/0x10 [ 1022.814587][T32134] ? cap_mmap_addr+0x4b/0x120 [ 1022.814636][T32134] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1022.814686][T32134] ? security_mmap_addr+0x71/0x1e0 [ 1022.814727][T32134] ? __get_unmapped_area+0x255/0x3e0 [ 1022.814774][T32134] do_mmap+0xc63/0x12f0 [ 1022.814825][T32134] ? __pfx_do_mmap+0x10/0x10 [ 1022.814868][T32134] ? __pfx_down_write_killable+0x10/0x10 [ 1022.814919][T32134] ? __pfx_futex_wait+0x10/0x10 [ 1022.814957][T32134] vm_mmap_pgoff+0x29e/0x470 [ 1022.814998][T32134] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1022.815041][T32134] ? __pfx_do_futex+0x10/0x10 [ 1022.815082][T32134] ksys_mmap_pgoff+0xe4/0x610 [ 1022.815124][T32134] ? __x64_sys_futex+0x358/0x4d0 [ 1022.815157][T32134] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1022.815198][T32134] ? xfd_validate_state+0x129/0x190 [ 1022.815243][T32134] __x64_sys_mmap+0x125/0x190 [ 1022.815294][T32134] do_syscall_64+0x115/0x840 [ 1022.815343][T32134] ? clear_bhb_loop+0x40/0x90 [ 1022.815385][T32134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1022.815423][T32134] RIP: 0033:0x7f9df939de59 [ 1022.815451][T32134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1022.815483][T32134] RSP: 002b:00007f9dfa306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1022.815516][T32134] RAX: ffffffffffffffda RBX: 00007f9df9625fa0 RCX: 00007f9df939de59 [ 1022.815538][T32134] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1022.815558][T32134] RBP: 00007f9df9433e6f R08: fffffffffffffffa R09: 0000000000008000 [ 1022.815580][T32134] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1022.815600][T32134] R13: 00007f9df9626038 R14: 00007f9df9625fa0 R15: 00007ffd4e4e1028 [ 1022.815646][T32134] [ 1023.668493][T32162] netlink: 'syz.2.10780': attribute type 4 has an invalid length. [ 1023.732561][T32162] netlink: 314 bytes leftover after parsing attributes in process `syz.2.10780'. [ 1024.917208][T32201] FAULT_INJECTION: forcing a failure. [ 1024.917208][T32201] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.930620][T32201] CPU: 1 UID: 0 PID: 32201 Comm: syz.3.10794 Tainted: G L syzkaller #0 PREEMPT(full) [ 1024.930673][T32201] Tainted: [L]=SOFTLOCKUP [ 1024.930686][T32201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1024.930707][T32201] Call Trace: [ 1024.930719][T32201] [ 1024.930732][T32201] dump_stack_lvl+0x100/0x190 [ 1024.930776][T32201] should_fail_ex.cold+0x5/0xa [ 1024.930816][T32201] should_failslab+0xc2/0x120 [ 1024.930862][T32201] __kmalloc_cache_noprof+0x91/0x6c0 [ 1024.930917][T32201] ? rcu_is_watching+0x12/0xc0 [ 1024.930949][T32201] ? report_access+0x101/0x4d0 [ 1024.930994][T32201] report_access+0x101/0x4d0 [ 1024.931036][T32201] yama_ptrace_access_check+0x645/0xd00 [ 1024.931083][T32201] security_ptrace_access_check+0xe9/0x210 [ 1024.931141][T32201] __ptrace_may_access+0x4c1/0xa80 [ 1024.931177][T32201] ptrace_may_access+0x2b/0x50 [ 1024.931212][T32201] mm_access+0x180/0x2e0 [ 1024.931246][T32201] process_vm_rw_core.constprop.0+0x214/0x950 [ 1024.931287][T32201] ? __futex_wait+0x256/0x300 [ 1024.931326][T32201] ? __pfx___futex_wait+0x10/0x10 [ 1024.931362][T32201] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 1024.931399][T32201] ? iovec_from_user+0xda/0x140 [ 1024.931454][T32201] ? iovec_from_user+0xda/0x140 [ 1024.931497][T32201] process_vm_rw+0x226/0x2d0 [ 1024.931525][T32201] ? futex_wait+0x11e/0x370 [ 1024.931563][T32201] ? __pfx_process_vm_rw+0x10/0x10 [ 1024.931638][T32201] ? xfd_validate_state+0x129/0x190 [ 1024.931676][T32201] __x64_sys_process_vm_writev+0xe2/0x1c0 [ 1024.931711][T32201] ? do_syscall_64+0x90/0x840 [ 1024.931755][T32201] ? lockdep_hardirqs_on+0x78/0x100 [ 1024.931796][T32201] do_syscall_64+0x115/0x840 [ 1024.931838][T32201] ? clear_bhb_loop+0x40/0x90 [ 1024.931874][T32201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1024.931906][T32201] RIP: 0033:0x7efd91f9de59 [ 1024.931930][T32201] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1024.931966][T32201] RSP: 002b:00007efd92ed7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1024.931997][T32201] RAX: ffffffffffffffda RBX: 00007efd92225fa0 RCX: 00007efd91f9de59 [ 1024.932019][T32201] RDX: 0000000000000003 RSI: 0000200000002980 RDI: 0000000000000001 [ 1024.932038][T32201] RBP: 00007efd92033e6f R08: 0000000000000004 R09: 0000000000000000 [ 1024.932057][T32201] R10: 0000200000002a40 R11: 0000000000000246 R12: 0000000000000000 [ 1024.932077][T32201] R13: 00007efd92226038 R14: 00007efd92225fa0 R15: 00007ffc702cb0e8 [ 1024.932126][T32201] [ 1025.797685][T32217] nbd: couldn't find device at index 0 [ 1025.956240][T32225] netlink: 146 bytes leftover after parsing attributes in process `syz.3.10801'. [ 1026.159166][T32234] netlink: 342 bytes leftover after parsing attributes in process `syz.4.10805'. [ 1026.237776][T32236] input input12: cannot allocate more than FF_MAX_EFFECTS effects [ 1026.499004][T32245] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10809'. [ 1026.513802][T32245] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10809'. [ 1026.891364][T32253] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10812'. [ 1027.578084][T32266] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1027.632636][T32269] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10817'. [ 1028.500310][T32287] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10822'. [ 1028.561654][T32289] netlink: 338 bytes leftover after parsing attributes in process `syz.4.10823'. [ 1029.517223][T32320] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10833'. [ 1029.538788][T32319] netlink: 146 bytes leftover after parsing attributes in process `syz.4.10834'. [ 1029.898693][T32333] FAULT_INJECTION: forcing a failure. [ 1029.898693][T32333] name failslab, interval 1, probability 0, space 0, times 0 [ 1029.917805][T32333] CPU: 1 UID: 0 PID: 32333 Comm: syz.3.10838 Tainted: G L syzkaller #0 PREEMPT(full) [ 1029.917859][T32333] Tainted: [L]=SOFTLOCKUP [ 1029.917872][T32333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1029.917893][T32333] Call Trace: [ 1029.917905][T32333] [ 1029.917918][T32333] dump_stack_lvl+0x100/0x190 [ 1029.917963][T32333] should_fail_ex.cold+0x5/0xa [ 1029.918002][T32333] should_failslab+0xc2/0x120 [ 1029.918048][T32333] kmem_cache_alloc_noprof+0x91/0x6a0 [ 1029.918098][T32333] ? rcu_is_watching+0x12/0xc0 [ 1029.918138][T32333] ? anon_vma_clone+0x2ba/0xcd0 [ 1029.918195][T32333] anon_vma_clone+0x2ba/0xcd0 [ 1029.918256][T32333] copy_vma+0x6ed/0xac0 [ 1029.918300][T32333] ? __pfx_copy_vma+0x10/0x10 [ 1029.918383][T32333] copy_vma_and_data+0x1cf/0x7c0 [ 1029.918447][T32333] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1029.918524][T32333] ? __vma_start_write+0x17f/0x280 [ 1029.918576][T32333] ? __pfx___vma_start_write+0x10/0x10 [ 1029.918638][T32333] move_vma+0x574/0x1920 [ 1029.918704][T32333] ? __pfx_move_vma+0x10/0x10 [ 1029.918765][T32333] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1029.918814][T32333] ? cap_mmap_addr+0x4b/0x120 [ 1029.918867][T32333] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1029.918918][T32333] ? security_mmap_addr+0x71/0x1e0 [ 1029.918960][T32333] ? __get_unmapped_area+0x255/0x3e0 [ 1029.919010][T32333] ? vrm_set_new_addr+0x204/0x290 [ 1029.919079][T32333] mremap_to+0x234/0x4c0 [ 1029.919110][T32333] ? mas_walk+0x6ef/0x9b0 [ 1029.919162][T32333] ? __pfx_mremap_to+0x10/0x10 [ 1029.919194][T32333] ? check_prep_vma+0x912/0xe60 [ 1029.919258][T32333] __do_sys_mremap+0x88c/0x1850 [ 1029.919307][T32333] ? __pfx___do_sys_mremap+0x10/0x10 [ 1029.919353][T32333] ? __pfx_do_futex+0x10/0x10 [ 1029.919399][T32333] ? __x64_sys_futex+0x34f/0x4d0 [ 1029.919459][T32333] do_syscall_64+0x115/0x840 [ 1029.919510][T32333] ? clear_bhb_loop+0x40/0x90 [ 1029.919553][T32333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1029.919590][T32333] RIP: 0033:0x7efd91f9de59 [ 1029.919618][T32333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1029.919653][T32333] RSP: 002b:00007efd92eb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1029.919687][T32333] RAX: ffffffffffffffda RBX: 00007efd92226090 RCX: 00007efd91f9de59 [ 1029.919710][T32333] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 1029.919732][T32333] RBP: 00007efd92033e6f R08: 0000000100000000 R09: 0000000000000000 [ 1029.919755][T32333] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1029.919775][T32333] R13: 00007efd92226128 R14: 00007efd92226090 R15: 00007ffc702cb0e8 [ 1029.919821][T32333] [ 1032.784822][T32386] nbd: couldn't find device at index 0 [ 1033.055154][T32401] netlink: 'syz.3.10857': attribute type 4 has an invalid length. [ 1033.558657][T32419] FAULT_INJECTION: forcing a failure. [ 1033.558657][T32419] name failslab, interval 1, probability 0, space 0, times 0 [ 1033.607028][T32419] CPU: 0 UID: 0 PID: 32419 Comm: syz.2.10867 Tainted: G L syzkaller #0 PREEMPT(full) [ 1033.607084][T32419] Tainted: [L]=SOFTLOCKUP [ 1033.607097][T32419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1033.607117][T32419] Call Trace: [ 1033.607129][T32419] [ 1033.607142][T32419] dump_stack_lvl+0x100/0x190 [ 1033.607186][T32419] should_fail_ex.cold+0x5/0xa [ 1033.607226][T32419] should_failslab+0xc2/0x120 [ 1033.607280][T32419] kmem_cache_alloc_noprof+0x91/0x6a0 [ 1033.607317][T32419] ? rcu_is_watching+0x12/0xc0 [ 1033.607357][T32419] ? anon_vma_clone+0x2ba/0xcd0 [ 1033.607417][T32419] anon_vma_clone+0x2ba/0xcd0 [ 1033.607479][T32419] copy_vma+0x6ed/0xac0 [ 1033.607519][T32419] ? __pfx_copy_vma+0x10/0x10 [ 1033.607598][T32419] copy_vma_and_data+0x1cf/0x7c0 [ 1033.607661][T32419] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1033.607747][T32419] ? __vma_start_write+0x17f/0x280 [ 1033.607799][T32419] ? __pfx___vma_start_write+0x10/0x10 [ 1033.607863][T32419] move_vma+0x574/0x1920 [ 1033.607927][T32419] ? __pfx_move_vma+0x10/0x10 [ 1033.607988][T32419] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1033.608035][T32419] ? cap_mmap_addr+0x4b/0x120 [ 1033.608086][T32419] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1033.608135][T32419] ? security_mmap_addr+0x71/0x1e0 [ 1033.608176][T32419] ? __get_unmapped_area+0x255/0x3e0 [ 1033.608224][T32419] ? vrm_set_new_addr+0x204/0x290 [ 1033.608294][T32419] mremap_to+0x234/0x4c0 [ 1033.608325][T32419] ? mas_walk+0x6ef/0x9b0 [ 1033.608389][T32419] ? __pfx_mremap_to+0x10/0x10 [ 1033.608415][T32419] ? check_prep_vma+0x912/0xe60 [ 1033.608469][T32419] __do_sys_mremap+0x88c/0x1850 [ 1033.608508][T32419] ? __pfx___do_sys_mremap+0x10/0x10 [ 1033.608547][T32419] ? __pfx_do_futex+0x10/0x10 [ 1033.608586][T32419] ? __x64_sys_futex+0x34f/0x4d0 [ 1033.608635][T32419] do_syscall_64+0x115/0x840 [ 1033.608682][T32419] ? clear_bhb_loop+0x40/0x90 [ 1033.608718][T32419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1033.608752][T32419] RIP: 0033:0x7f9cad39de59 [ 1033.608778][T32419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1033.608808][T32419] RSP: 002b:00007f9cae331028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1033.608838][T32419] RAX: ffffffffffffffda RBX: 00007f9cad626090 RCX: 00007f9cad39de59 [ 1033.608858][T32419] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 1033.608877][T32419] RBP: 00007f9cad433e6f R08: 0000000100000000 R09: 0000000000000000 [ 1033.608897][T32419] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1033.608915][T32419] R13: 00007f9cad626128 R14: 00007f9cad626090 R15: 00007ffcf409cda8 [ 1033.608952][T32419] [ 1033.964271][T32421] netlink: 322 bytes leftover after parsing attributes in process `syz.3.10868'. [ 1034.582280][T32435] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10872'. [ 1035.143341][T32444] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10876'. [ 1035.511099][T32444] bridge0: port 6(vlan1) entered disabled state [ 1035.572401][T32444] vlan1 (unregistering): left allmulticast mode [ 1035.594490][T32444] veth0_vlan (unregistering): left allmulticast mode [ 1035.607426][T32444] vlan1 (unregistering): left promiscuous mode [ 1035.621990][T32444] bridge0: port 6(vlan1) entered disabled state [ 1035.730856][T32463] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10883'. [ 1036.224616][ T5644] Bluetooth: hci0: command 0x0406 tx timeout [ 1037.456398][T32502] FAULT_INJECTION: forcing a failure. [ 1037.456398][T32502] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.505978][T32502] CPU: 1 UID: 0 PID: 32502 Comm: syz.4.10893 Tainted: G L syzkaller #0 PREEMPT(full) [ 1037.506036][T32502] Tainted: [L]=SOFTLOCKUP [ 1037.506049][T32502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1037.506070][T32502] Call Trace: [ 1037.506082][T32502] [ 1037.506095][T32502] dump_stack_lvl+0x100/0x190 [ 1037.506139][T32502] should_fail_ex.cold+0x5/0xa [ 1037.506179][T32502] should_failslab+0xc2/0x120 [ 1037.506226][T32502] kmem_cache_alloc_noprof+0x91/0x6a0 [ 1037.506262][T32502] ? rcu_is_watching+0x12/0xc0 [ 1037.506309][T32502] ? anon_vma_clone+0x2ba/0xcd0 [ 1037.506366][T32502] anon_vma_clone+0x2ba/0xcd0 [ 1037.506429][T32502] copy_vma+0x6ed/0xac0 [ 1037.506469][T32502] ? __pfx_copy_vma+0x10/0x10 [ 1037.506553][T32502] copy_vma_and_data+0x1cf/0x7c0 [ 1037.506617][T32502] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1037.506693][T32502] ? __vma_start_write+0x17f/0x280 [ 1037.506745][T32502] ? __pfx___vma_start_write+0x10/0x10 [ 1037.506809][T32502] move_vma+0x574/0x1920 [ 1037.506874][T32502] ? __pfx_move_vma+0x10/0x10 [ 1037.506935][T32502] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1037.506982][T32502] ? cap_mmap_addr+0x4b/0x120 [ 1037.507034][T32502] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1037.507085][T32502] ? security_mmap_addr+0x71/0x1e0 [ 1037.507139][T32502] ? __get_unmapped_area+0x255/0x3e0 [ 1037.507188][T32502] ? vrm_set_new_addr+0x204/0x290 [ 1037.507260][T32502] mremap_to+0x234/0x4c0 [ 1037.507299][T32502] ? mas_walk+0x6ef/0x9b0 [ 1037.507350][T32502] ? __pfx_mremap_to+0x10/0x10 [ 1037.507381][T32502] ? check_prep_vma+0x912/0xe60 [ 1037.507444][T32502] __do_sys_mremap+0x88c/0x1850 [ 1037.507497][T32502] ? __pfx___do_sys_mremap+0x10/0x10 [ 1037.507547][T32502] ? __pfx_do_futex+0x10/0x10 [ 1037.507595][T32502] ? __x64_sys_futex+0x34f/0x4d0 [ 1037.507656][T32502] do_syscall_64+0x115/0x840 [ 1037.507708][T32502] ? clear_bhb_loop+0x40/0x90 [ 1037.507752][T32502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1037.507790][T32502] RIP: 0033:0x7f9df939de59 [ 1037.507819][T32502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1037.507856][T32502] RSP: 002b:00007f9dfa2e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1037.507892][T32502] RAX: ffffffffffffffda RBX: 00007f9df9626090 RCX: 00007f9df939de59 [ 1037.507916][T32502] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 1037.507938][T32502] RBP: 00007f9df9433e6f R08: 0000000100000000 R09: 0000000000000000 [ 1037.507979][T32502] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1037.508000][T32502] R13: 00007f9df9626128 R14: 00007f9df9626090 R15: 00007ffd4e4e1028 [ 1037.508046][T32502] [ 1038.729632][T32525] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10903'. [ 1039.179639][T32538] netlink: 342 bytes leftover after parsing attributes in process `syz.4.10908'. [ 1039.463670][T32546] FAULT_INJECTION: forcing a failure. [ 1039.463670][T32546] name failslab, interval 1, probability 0, space 0, times 0 [ 1039.497335][T32546] CPU: 1 UID: 0 PID: 32546 Comm: syz.0.10909 Tainted: G L syzkaller #0 PREEMPT(full) [ 1039.497387][T32546] Tainted: [L]=SOFTLOCKUP [ 1039.497400][T32546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1039.497420][T32546] Call Trace: [ 1039.497431][T32546] [ 1039.497445][T32546] dump_stack_lvl+0x100/0x190 [ 1039.497488][T32546] should_fail_ex.cold+0x5/0xa [ 1039.497536][T32546] should_failslab+0xc2/0x120 [ 1039.497583][T32546] kmem_cache_alloc_noprof+0x91/0x6a0 [ 1039.497622][T32546] ? rcu_is_watching+0x12/0xc0 [ 1039.497659][T32546] ? anon_vma_clone+0x2ba/0xcd0 [ 1039.497705][T32546] anon_vma_clone+0x2ba/0xcd0 [ 1039.497764][T32546] copy_vma+0x6ed/0xac0 [ 1039.497808][T32546] ? __pfx_copy_vma+0x10/0x10 [ 1039.497891][T32546] copy_vma_and_data+0x1cf/0x7c0 [ 1039.497955][T32546] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1039.498031][T32546] ? __vma_start_write+0x17f/0x280 [ 1039.498083][T32546] ? __pfx___vma_start_write+0x10/0x10 [ 1039.498147][T32546] move_vma+0x574/0x1920 [ 1039.498210][T32546] ? __pfx_move_vma+0x10/0x10 [ 1039.498270][T32546] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1039.498319][T32546] ? cap_mmap_addr+0x4b/0x120 [ 1039.498370][T32546] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1039.498421][T32546] ? security_mmap_addr+0x71/0x1e0 [ 1039.498461][T32546] ? __get_unmapped_area+0x255/0x3e0 [ 1039.498512][T32546] ? vrm_set_new_addr+0x204/0x290 [ 1039.498582][T32546] mremap_to+0x234/0x4c0 [ 1039.498613][T32546] ? mas_walk+0x6ef/0x9b0 [ 1039.498665][T32546] ? __pfx_mremap_to+0x10/0x10 [ 1039.498696][T32546] ? check_prep_vma+0x912/0xe60 [ 1039.498760][T32546] __do_sys_mremap+0x88c/0x1850 [ 1039.498809][T32546] ? __pfx___do_sys_mremap+0x10/0x10 [ 1039.498854][T32546] ? __pfx_do_futex+0x10/0x10 [ 1039.498898][T32546] ? __x64_sys_futex+0x34f/0x4d0 [ 1039.498957][T32546] do_syscall_64+0x115/0x840 [ 1039.499008][T32546] ? clear_bhb_loop+0x40/0x90 [ 1039.499053][T32546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1039.499091][T32546] RIP: 0033:0x7f38a259de59 [ 1039.499121][T32546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1039.499156][T32546] RSP: 002b:00007f38a33dc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1039.499189][T32546] RAX: ffffffffffffffda RBX: 00007f38a2826090 RCX: 00007f38a259de59 [ 1039.499213][T32546] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 1039.499233][T32546] RBP: 00007f38a2633e6f R08: 0000000100000000 R09: 0000000000000000 [ 1039.499256][T32546] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1039.499277][T32546] R13: 00007f38a2826128 R14: 00007f38a2826090 R15: 00007fff0b666858 [ 1039.499321][T32546] [ 1040.051304][T25999] Bluetooth: hci2: unexpected event 0x03 length: 8 < 11 [ 1040.123316][T32555] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10915'. [ 1041.674487][T32601] batadv_slave_1: entered promiscuous mode [ 1041.688862][T32601] batadv_slave_1: left promiscuous mode [ 1041.779087][T32603] netlink: 330 bytes leftover after parsing attributes in process `syz.0.10931'. [ 1041.794517][T32603] IPv6: NLM_F_CREATE should be specified when creating new route [ 1041.979177][T32612] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10935'. [ 1042.316216][T32619] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10938'. [ 1043.707158][T25999] block nbd3: Receive control failed (result -32) [ 1043.906869][T32655] netlink: 25 bytes leftover after parsing attributes in process `syz.3.10949'. [ 1044.240072][T32657] netlink: 330 bytes leftover after parsing attributes in process `syz.2.10950'. [ 1045.481815][T32695] netlink: 198 bytes leftover after parsing attributes in process `syz.2.10963'. [ 1045.612880][T32697] netlink: 330 bytes leftover after parsing attributes in process `syz.4.10964'. [ 1046.550359][T32717] netlink: 334 bytes leftover after parsing attributes in process `syz.4.10972'. [ 1046.676870][T32724] FAULT_INJECTION: forcing a failure. [ 1046.676870][T32724] name failslab, interval 1, probability 0, space 0, times 0 [ 1046.702094][T32724] CPU: 1 UID: 0 PID: 32724 Comm: syz.3.10973 Tainted: G L syzkaller #0 PREEMPT(full) [ 1046.702151][T32724] Tainted: [L]=SOFTLOCKUP [ 1046.702166][T32724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1046.702187][T32724] Call Trace: [ 1046.702199][T32724] [ 1046.702213][T32724] dump_stack_lvl+0x100/0x190 [ 1046.702258][T32724] should_fail_ex.cold+0x5/0xa [ 1046.702299][T32724] should_failslab+0xc2/0x120 [ 1046.702344][T32724] __kmalloc_cache_noprof+0x91/0x6c0 [ 1046.702401][T32724] ? copy_mount_options+0x55/0x190 [ 1046.702451][T32724] copy_mount_options+0x55/0x190 [ 1046.702496][T32724] __x64_sys_mount+0x1ab/0x310 [ 1046.702535][T32724] ? __pfx___x64_sys_mount+0x10/0x10 [ 1046.702585][T32724] do_syscall_64+0x115/0x840 [ 1046.702635][T32724] ? clear_bhb_loop+0x40/0x90 [ 1046.702679][T32724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1046.702716][T32724] RIP: 0033:0x7efd91f9de59 [ 1046.702745][T32724] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1046.702789][T32724] RSP: 002b:00007efd92eb6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1046.702825][T32724] RAX: ffffffffffffffda RBX: 00007efd92226090 RCX: 00007efd91f9de59 [ 1046.702848][T32724] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000200000000080 [ 1046.702871][T32724] RBP: 00007efd92033e6f R08: 00002000000002c0 R09: 0000000000000000 [ 1046.702893][T32724] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 1046.702914][T32724] R13: 00007efd92226128 R14: 00007efd92226090 R15: 00007ffc702cb0e8 [ 1046.702959][T32724] [ 1047.747454][T32742] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10980'. [ 1047.801021][T32742] bridge0: port 2(bridge_slave_1) entered disabled state [ 1047.808945][T32742] bridge0: port 1(bridge_slave_0) entered disabled state [ 1047.828126][T32742] bridge0: entered promiscuous mode [ 1051.302454][ T349] Process accounting paused [ 1051.683219][ T379] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11017'. [ 1052.613645][ T395] netlink: 342 bytes leftover after parsing attributes in process `syz.4.11023'. [ 1053.082992][ T409] netlink: 334 bytes leftover after parsing attributes in process `syz.2.11028'. [ 1053.095707][ T409] netlink: 334 bytes leftover after parsing attributes in process `syz.2.11028'. [ 1053.602744][ T422] FAULT_INJECTION: forcing a failure. [ 1053.602744][ T422] name failslab, interval 1, probability 0, space 0, times 0 [ 1053.629125][ T422] CPU: 1 UID: 0 PID: 422 Comm: syz.2.11031 Tainted: G L syzkaller #0 PREEMPT(full) [ 1053.629179][ T422] Tainted: [L]=SOFTLOCKUP [ 1053.629201][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1053.629221][ T422] Call Trace: [ 1053.629233][ T422] [ 1053.629246][ T422] dump_stack_lvl+0x100/0x190 [ 1053.629288][ T422] should_fail_ex.cold+0x5/0xa [ 1053.629328][ T422] should_failslab+0xc2/0x120 [ 1053.629376][ T422] __kmalloc_cache_noprof+0x91/0x6c0 [ 1053.629433][ T422] ? copy_mount_options+0x55/0x190 [ 1053.629481][ T422] copy_mount_options+0x55/0x190 [ 1053.629527][ T422] __x64_sys_mount+0x1ab/0x310 [ 1053.629564][ T422] ? __pfx___x64_sys_mount+0x10/0x10 [ 1053.629611][ T422] do_syscall_64+0x115/0x840 [ 1053.629661][ T422] ? clear_bhb_loop+0x40/0x90 [ 1053.629704][ T422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1053.629739][ T422] RIP: 0033:0x7f9cad39de59 [ 1053.629767][ T422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1053.629800][ T422] RSP: 002b:00007f9cae331028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1053.629830][ T422] RAX: ffffffffffffffda RBX: 00007f9cad626090 RCX: 00007f9cad39de59 [ 1053.629851][ T422] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000200000000080 [ 1053.629870][ T422] RBP: 00007f9cad433e6f R08: 00002000000002c0 R09: 0000000000000000 [ 1053.629890][ T422] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 1053.629912][ T422] R13: 00007f9cad626128 R14: 00007f9cad626090 R15: 00007ffcf409cda8 [ 1053.629956][ T422] [ 1053.972428][ T424] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11032'. [ 1054.007572][ T424] bridge0: port 3(bond0) entered disabled state [ 1054.014086][ T424] bridge0: port 2(bridge_slave_1) entered disabled state [ 1054.021447][ T424] bridge0: port 1(bridge_slave_0) entered disabled state [ 1054.101593][ T424] bridge0: entered promiscuous mode [ 1054.617646][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.624137][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.390820][ T461] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11045'. [ 1055.400680][ T461] bridge0: port 2(bridge_slave_1) entered disabled state [ 1055.408202][ T461] bridge0: port 1(bridge_slave_0) entered disabled state [ 1055.420117][ T461] bridge0: left allmulticast mode [ 1055.667176][ T482] netlink: 'syz.3.11051': attribute type 27 has an invalid length. [ 1055.676346][ T482] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11051'. [ 1055.686353][ T480] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11050'. [ 1055.746104][ T484] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11050'. [ 1055.841972][ T486] netlink: 146 bytes leftover after parsing attributes in process `syz.3.11052'. [ 1057.680494][ T528] mmap: syz.2.11069 (528) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 1057.758126][ T531] netlink: 342 bytes leftover after parsing attributes in process `syz.3.11067'. [ 1059.064268][ T565] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11079'. [ 1060.282789][ T595] netlink: 25 bytes leftover after parsing attributes in process `syz.2.11091'. [ 1060.713879][ T610] netlink: 342 bytes leftover after parsing attributes in process `syz.2.11096'. [ 1060.890930][ T617] netlink: 334 bytes leftover after parsing attributes in process `syz.2.11100'. [ 1061.330607][ T630] netlink: 346 bytes leftover after parsing attributes in process `syz.2.11105'. [ 1061.926708][ T649] netlink: 342 bytes leftover after parsing attributes in process `syz.2.11110'. [ 1062.583303][ T663] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11117'. [ 1062.602193][ T663] netlink: 17 bytes leftover after parsing attributes in process `syz.4.11117'. [ 1063.070280][ T670] netlink: 334 bytes leftover after parsing attributes in process `syz.4.11119'. [ 1063.760206][ T693] netlink: 350 bytes leftover after parsing attributes in process `syz.2.11126'. [ 1064.474740][ T709] netlink: 342 bytes leftover after parsing attributes in process `syz.2.11130'. [ 1065.283825][ T730] netlink: 342 bytes leftover after parsing attributes in process `syz.0.11138'. [ 1065.869665][ T748] netlink: 330 bytes leftover after parsing attributes in process `syz.3.11144'. [ 1067.070441][ T781] netlink: 342 bytes leftover after parsing attributes in process `syz.3.11156'. [ 1067.081428][ T781] netlink: 342 bytes leftover after parsing attributes in process `syz.3.11156'. [ 1067.539736][ T795] netlink: 342 bytes leftover after parsing attributes in process `syz.4.11162'. [ 1067.918887][ T811] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11168'. [ 1068.304436][ T822] netlink: 146 bytes leftover after parsing attributes in process `syz.3.11173'. [ 1068.538932][ T826] FAULT_INJECTION: forcing a failure. [ 1068.538932][ T826] name failslab, interval 1, probability 0, space 0, times 0 [ 1068.562600][ T826] CPU: 1 UID: 0 PID: 826 Comm: syz.0.11182 Tainted: G L syzkaller #0 PREEMPT(full) [ 1068.562655][ T826] Tainted: [L]=SOFTLOCKUP [ 1068.562669][ T826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1068.562691][ T826] Call Trace: [ 1068.562704][ T826] [ 1068.562716][ T826] dump_stack_lvl+0x100/0x190 [ 1068.562764][ T826] should_fail_ex.cold+0x5/0xa [ 1068.562805][ T826] should_failslab+0xc2/0x120 [ 1068.562850][ T826] __kmalloc_cache_noprof+0x91/0x6c0 [ 1068.562907][ T826] ? snd_pcm_oss_open+0x5e5/0x1390 [ 1068.562963][ T826] snd_pcm_oss_open+0x5e5/0x1390 [ 1068.563026][ T826] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1068.563075][ T826] ? __lock_acquire+0x49f/0x1a40 [ 1068.563125][ T826] ? __pfx_default_wake_function+0x10/0x10 [ 1068.563174][ T826] ? do_raw_spin_lock+0x128/0x260 [ 1068.563209][ T826] ? soundcore_open+0x231/0x5a0 [ 1068.563329][ T826] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1068.563378][ T826] soundcore_open+0x2e3/0x5a0 [ 1068.563420][ T826] ? __pfx_soundcore_open+0x10/0x10 [ 1068.563469][ T826] chrdev_open+0x234/0x6a0 [ 1068.563523][ T826] ? __pfx_apparmor_file_open+0x10/0x10 [ 1068.563581][ T826] ? __pfx_chrdev_open+0x10/0x10 [ 1068.563637][ T826] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1068.563680][ T826] do_dentry_open+0x6ab/0x14d0 [ 1068.563731][ T826] ? __pfx_chrdev_open+0x10/0x10 [ 1068.563790][ T826] vfs_open+0x82/0x3f0 [ 1068.563831][ T826] path_openat+0x2873/0x4280 [ 1068.563902][ T826] ? __pfx_path_openat+0x10/0x10 [ 1068.563964][ T826] do_file_open+0x20e/0x430 [ 1068.564019][ T826] ? __pfx_do_file_open+0x10/0x10 [ 1068.564100][ T826] ? alloc_fd+0x471/0x7a0 [ 1068.564154][ T826] ? do_getname+0x191/0x390 [ 1068.564196][ T826] do_sys_openat2+0x10f/0x1e0 [ 1068.564238][ T826] ? __pfx_do_sys_openat2+0x10/0x10 [ 1068.564282][ T826] ? __fget_files+0x21f/0x3d0 [ 1068.564356][ T826] __x64_sys_openat+0x12d/0x210 [ 1068.564399][ T826] ? __pfx___x64_sys_openat+0x10/0x10 [ 1068.564468][ T826] do_syscall_64+0x115/0x840 [ 1068.564521][ T826] ? clear_bhb_loop+0x40/0x90 [ 1068.564565][ T826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1068.564602][ T826] RIP: 0033:0x7f38a259de59 [ 1068.564632][ T826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1068.564687][ T826] RSP: 002b:00007f38a33fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1068.564724][ T826] RAX: ffffffffffffffda RBX: 00007f38a2825fa0 RCX: 00007f38a259de59 [ 1068.564749][ T826] RDX: 0000000000020342 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1068.564772][ T826] RBP: 00007f38a2633e6f R08: 0000000000000000 R09: 0000000000000000 [ 1068.564794][ T826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1068.564817][ T826] R13: 00007f38a2826038 R14: 00007f38a2825fa0 R15: 00007fff0b666858 [ 1068.564863][ T826] [ 1068.583100][ T831] netlink: 21 bytes leftover after parsing attributes in process `syz.4.11175'. [ 1069.224560][ T837] netlink: 146 bytes leftover after parsing attributes in process `syz.0.11178'. [ 1069.531868][ T847] sctp: [Deprecated]: syz.0.11181 (pid 847) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1069.531868][ T847] Use struct sctp_sack_info instead [ 1069.969709][ T852] netlink: 86 bytes leftover after parsing attributes in process `syz.0.11184'. [ 1071.332197][ T30] audit: type=1800 audit(4294967641.530:45): pid=879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11194" name="dbroot" dev="configfs" ino=108926 res=0 errno=0 [ 1071.819998][ T886] FAULT_INJECTION: forcing a failure. [ 1071.819998][ T886] name failslab, interval 1, probability 0, space 0, times 0 [ 1071.861941][ T886] CPU: 1 UID: 0 PID: 886 Comm: syz.0.11196 Tainted: G L syzkaller #0 PREEMPT(full) [ 1071.861998][ T886] Tainted: [L]=SOFTLOCKUP [ 1071.862008][ T886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1071.862024][ T886] Call Trace: [ 1071.862032][ T886] [ 1071.862043][ T886] dump_stack_lvl+0x100/0x190 [ 1071.862075][ T886] should_fail_ex.cold+0x5/0xa [ 1071.862103][ T886] should_failslab+0xc2/0x120 [ 1071.862135][ T886] __kmalloc_cache_noprof+0x91/0x6c0 [ 1071.862177][ T886] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1071.862219][ T886] ? subdev_open+0x7f/0x510 [ 1071.862261][ T886] subdev_open+0x7f/0x510 [ 1071.862298][ T886] v4l2_open+0x1d2/0x490 [ 1071.862327][ T886] ? __pfx_v4l2_open+0x10/0x10 [ 1071.862356][ T886] chrdev_open+0x234/0x6a0 [ 1071.862393][ T886] ? __pfx_apparmor_file_open+0x10/0x10 [ 1071.862433][ T886] ? __pfx_chrdev_open+0x10/0x10 [ 1071.862473][ T886] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1071.862504][ T886] do_dentry_open+0x6ab/0x14d0 [ 1071.862542][ T886] ? __pfx_chrdev_open+0x10/0x10 [ 1071.862586][ T886] vfs_open+0x82/0x3f0 [ 1071.862616][ T886] path_openat+0x2873/0x4280 [ 1071.862667][ T886] ? stack_depot_save_flags+0x27/0x9d0 [ 1071.862707][ T886] ? __pfx_path_openat+0x10/0x10 [ 1071.862744][ T886] ? kasan_save_stack+0x3f/0x50 [ 1071.862770][ T886] ? kasan_save_stack+0x30/0x50 [ 1071.862799][ T886] ? kasan_save_track+0x14/0x30 [ 1071.862825][ T886] ? __kasan_slab_alloc+0x89/0x90 [ 1071.862853][ T886] ? kmem_cache_alloc_noprof+0x26b/0x6a0 [ 1071.862878][ T886] ? do_getname+0x35/0x390 [ 1071.862903][ T886] ? acct_on+0x93/0xa00 [ 1071.862928][ T886] ? __x64_sys_acct+0x81/0x1e0 [ 1071.862959][ T886] do_file_open+0x20e/0x430 [ 1071.863006][ T886] ? __pfx_do_file_open+0x10/0x10 [ 1071.863068][ T886] ? find_held_lock+0x2b/0x80 [ 1071.863096][ T886] ? __might_fault+0xc5/0x140 [ 1071.863135][ T886] ? __might_fault+0xc5/0x140 [ 1071.863179][ T886] file_open_name+0x1c3/0x3e0 [ 1071.863208][ T886] ? __pfx_file_open_name+0x10/0x10 [ 1071.863243][ T886] ? do_getname+0x191/0x390 [ 1071.863272][ T886] acct_on+0xa6/0xa00 [ 1071.863301][ T886] ? __pfx_acct_on+0x10/0x10 [ 1071.863370][ T886] ? bpf_lsm_capable+0x9/0x10 [ 1071.863394][ T886] ? security_capable+0x80/0x260 [ 1071.863436][ T886] __x64_sys_acct+0x81/0x1e0 [ 1071.863463][ T886] ? lockdep_hardirqs_on+0x78/0x100 [ 1071.863499][ T886] do_syscall_64+0x115/0x840 [ 1071.863535][ T886] ? clear_bhb_loop+0x40/0x90 [ 1071.863565][ T886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.863591][ T886] RIP: 0033:0x7f38a259de59 [ 1071.863612][ T886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1071.863637][ T886] RSP: 002b:00007f38a33fd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 1071.863667][ T886] RAX: ffffffffffffffda RBX: 00007f38a2825fa0 RCX: 00007f38a259de59 [ 1071.863684][ T886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 1071.863700][ T886] RBP: 00007f38a2633e6f R08: 0000000000000000 R09: 0000000000000000 [ 1071.863715][ T886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1071.863730][ T886] R13: 00007f38a2826038 R14: 00007f38a2825fa0 R15: 00007fff0b666858 [ 1071.863762][ T886] [ 1072.602279][ T889] netlink: 346 bytes leftover after parsing attributes in process `syz.2.11197'. [ 1074.143612][ T930] netlink: 'syz.0.11209': attribute type 64 has an invalid length. [ 1074.184537][ T930] netlink: 74 bytes leftover after parsing attributes in process `syz.0.11209'. [ 1074.316197][ T942] netlink: 342 bytes leftover after parsing attributes in process `syz.2.11214'. [ 1075.245217][ T982] vivid-007: ================= START STATUS ================= [ 1075.253100][ T982] vivid-007: Enable Output Cropping: true [ 1075.261711][ T982] vivid-007: Enable Output Composing: true [ 1075.272942][ T982] vivid-007: Enable Output Scaler: true [ 1075.278767][ T982] vivid-007: Tx RGB Quantization Range: Automatic [ 1075.286854][ T982] vivid-007: Transmit Mode: HDMI [ 1075.293553][ T982] vivid-007: Hotplug Present: 0x00000000 [ 1075.300750][ T982] vivid-007: RxSense Present: 0x00000000 [ 1075.308749][ T982] vivid-007: EDID Present: 0x00000000 [ 1075.314249][ T982] vivid-007: ================== END STATUS ================== [ 1077.085908][ T1049] netlink: 342 bytes leftover after parsing attributes in process `syz.3.11246'. [ 1077.298911][ T1061] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11251'. [ 1078.236207][ T1090] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11257'. [ 1080.150417][ T1158] netlink: 330 bytes leftover after parsing attributes in process `syz.3.11284'. [ 1080.761058][ T1179] netlink: 334 bytes leftover after parsing attributes in process `syz.4.11289'. [ 1081.140970][ T1182] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11299'. [ 1081.201635][ T1182] netlink: 25 bytes leftover after parsing attributes in process `syz.4.11299'. [ 1081.327505][ T1186] netlink: 'syz.4.11292': attribute type 21 has an invalid length. [ 1081.337657][ T1186] netlink: 334 bytes leftover after parsing attributes in process `syz.4.11292'. [ 1081.387973][ T1185] Process accounting resumed [ 1081.801225][ T1197] netlink: 'syz.3.11297': attribute type 1 has an invalid length. [ 1082.389539][ T1216] vivid-007: ================= START STATUS ================= [ 1082.415346][ T1216] vivid-007: Enable Output Cropping: true [ 1082.434992][ T1216] vivid-007: Enable Output Composing: true [ 1082.442022][ T1216] vivid-007: Enable Output Scaler: true [ 1082.478923][ T1216] vivid-007: Tx RGB Quantization Range: Automatic [ 1082.498329][ T1216] vivid-007: Transmit Mode: HDMI [ 1082.511805][ T1216] vivid-007: Hotplug Present: 0x00000000 [ 1082.537962][ T1216] vivid-007: RxSense Present: 0x00000000 [ 1082.558332][ T1216] vivid-007: EDID Present: 0x00000000 [ 1082.575622][ T1216] vivid-007: ================== END STATUS ================== [ 1082.694189][ T1226] netlink: 25 bytes leftover after parsing attributes in process `syz.2.11307'. [ 1083.853311][ T1254] MTRR 0 not used [ 1085.073856][ T1278] netlink: 198 bytes leftover after parsing attributes in process `syz.2.11323'. [ 1085.277093][ T1282] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11326'. [ 1085.657399][ T1296] netlink: 342 bytes leftover after parsing attributes in process `syz.4.11331'. [ 1086.032385][T25999] Bluetooth: hci3: unexpected event 0x05 length: 6 > 4 [ 1086.252581][ T1310] netlink: 334 bytes leftover after parsing attributes in process `syz.4.11338'. [ 1086.299431][ T1312] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11339'. [ 1086.328470][ T1312] netlink: 25 bytes leftover after parsing attributes in process `syz.0.11339'. [ 1087.333468][ T1352] [U]  [ 1087.336791][ T1352] [U] [ 1087.339577][ T1352] [U] [ 1087.342336][ T1352] [U] [ 1087.347228][ T1352] [U] [ 1087.350013][ T1352] [U] [ 1087.352765][ T1352] [U] [ 1087.355530][ T1352] [U] [ 1087.358853][ T1352] [U] [ 1087.361629][ T1352] [U] [ 1087.364390][ T1352] [U] [ 1087.367147][ T1352] [U] [ 1087.371644][ T1352] [U] [ 1087.374418][ T1352] [U] [ 1087.377180][ T1352] [U] [ 1087.379944][ T1352] [U] [ 1087.398813][ T1352] [U] [ 1087.401649][ T1352] [U] [ 1087.404419][ T1352] [U] [ 1087.407180][ T1352] [U] [ 1087.421119][ T1352] [U] [ 1087.423916][ T1352] [U] [ 1087.426684][ T1352] [U] [ 1087.429450][ T1352] [U] [ 1087.435317][ T1352] [U] [ 1087.438097][ T1352] [U] [ 1087.440853][ T1352] [U] [ 1087.443615][ T1352] [U] [ 1087.446818][ T1352] [U] [ 1087.449585][ T1352] [U] [ 1087.452348][ T1352] [U] [ 1087.455109][ T1352] [U] [ 1087.459692][ T1352] [U] [ 1087.462466][ T1352] [U] [ 1087.465238][ T1352] [U] [ 1087.467995][ T1352] [U] [ 1087.482437][ T1352] [U] [ 1087.485248][ T1352] [U] [ 1087.488057][ T1352] [U] [ 1087.490824][ T1352] [U] [ 1087.507626][ T1352] [U] [ 1087.510426][ T1352] [U] [ 1087.513195][ T1352] [U] [ 1087.515952][ T1352] [U] [ 1087.519184][ T1352] [U] [ 1087.521954][ T1352] [U] [ 1087.524726][ T1352] [U] [ 1087.527484][ T1352] [U] [ 1087.532005][ T1352] [U] [ 1087.534785][ T1352] [U] [ 1087.537544][ T1352] [U] [ 1087.540311][ T1352] [U] [ 1087.546289][ T1352] [U] [ 1087.549080][ T1352] [U] [ 1087.551836][ T1352] [U] [ 1087.554638][ T1352] [U] [ 1087.557893][ T1352] [U] [ 1087.560660][ T1352] [U] [ 1087.563433][ T1352] [U] [ 1087.566199][ T1352] [U] [ 1087.569646][ T1352] [U] [ 1087.572424][ T1352] [U] [ 1087.575186][ T1352] [U] [ 1087.577942][ T1352] [U] [ 1087.582535][ T1352] [U] [ 1087.585303][ T1352] [U] [ 1087.588068][ T1352] [U] [ 1087.590945][ T1352] [U] [ 1087.626152][ T1352] [U] [ 1087.628954][ T1352] [U] [ 1087.631712][ T1352] [U] [ 1087.634472][ T1352] [U] [ 1087.669318][ T1352] [U] [ 1087.672134][ T1352] [U] [ 1087.674898][ T1352] [U] [ 1087.677665][ T1352] [U] [ 1087.708827][ T1352] [U] [ 1087.711668][ T1352] [U] [ 1087.714432][ T1352] [U] [ 1087.717274][ T1352] [U] [ 1087.755747][ T1352] [U] [ 1087.758553][ T1352] [U] [ 1087.761311][ T1352] [U] [ 1087.764091][ T1352] [U] [ 1087.779498][ T1352] [U] [ 1087.782295][ T1352] [U] [ 1087.785056][ T1352] [U] [ 1087.787813][ T1352] [U] [ 1087.812104][ T1352] [U] [ 1087.814896][ T1352] [U] [ 1087.817654][ T1352] [U] [ 1087.820412][ T1352] [U] [ 1087.842003][ T1352] [U] [ 1087.844798][ T1352] [U] [ 1087.847559][ T1352] [U] [ 1087.850336][ T1352] [U] [ 1087.864847][ T1352] [U] [ 1087.867649][ T1352] [U] [ 1087.870451][ T1352] [U] [ 1087.873210][ T1352] [U] [ 1087.884660][ T1352] [U] [ 1087.887458][ T1352] [U] [ 1087.890217][ T1352] [U] [ 1087.892965][ T1352] [U] [ 1087.914482][ T1352] [U] [ 1087.917283][ T1352] [U] [ 1087.920057][ T1352] [U] [ 1087.922810][ T1352] [U] [ 1087.934671][ T1352] [U] [ 1087.937457][ T1352] [U] [ 1087.940214][ T1352] [U] [ 1087.942978][ T1352] [U] [ 1087.955923][ T1352] [U] [ 1087.958761][ T1352] [U] [ 1087.961521][ T1352] [U] [ 1087.964284][ T1352] [U] [ 1087.989315][ T1352] [U] [ 1087.992112][ T1352] [U] [ 1087.994898][ T1352] [U] [ 1087.997653][ T1352] [U] [ 1088.019527][ T1352] [U] [ 1088.022334][ T1352] [U] [ 1088.025096][ T1352] [U] [ 1088.027855][ T1352] [U] [ 1088.066280][ T1352] [U] [ 1088.069091][ T1352] [U] [ 1088.071851][ T1352] [U] [ 1088.098770][ T1351] [U] [ 1088.697053][ T1382] netlink: 'syz.0.11364': attribute type 1 has an invalid length. [ 1088.716044][ T1382] netlink: 314 bytes leftover after parsing attributes in process `syz.0.11364'. [ 1089.157254][ T1402] netlink: 146 bytes leftover after parsing attributes in process `syz.0.11372'. [ 1089.361932][ T1403] FAULT_INJECTION: forcing a failure. [ 1089.361932][ T1403] name failslab, interval 1, probability 0, space 0, times 0 [ 1089.393605][ T1403] CPU: 0 UID: 0 PID: 1403 Comm: syz.4.11371 Tainted: G L syzkaller #0 PREEMPT(full) [ 1089.393664][ T1403] Tainted: [L]=SOFTLOCKUP [ 1089.393677][ T1403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1089.393699][ T1403] Call Trace: [ 1089.393711][ T1403] [ 1089.393725][ T1403] dump_stack_lvl+0x100/0x190 [ 1089.393771][ T1403] should_fail_ex.cold+0x5/0xa [ 1089.393812][ T1403] should_failslab+0xc2/0x120 [ 1089.393857][ T1403] __kmalloc_cache_noprof+0x91/0x6c0 [ 1089.393916][ T1403] ? usbdev_open+0x9d/0x870 [ 1089.393973][ T1403] usbdev_open+0x9d/0x870 [ 1089.394022][ T1403] ? kobject_get_unless_zero+0x156/0x200 [ 1089.394062][ T1403] ? __pfx_usbdev_open+0x10/0x10 [ 1089.394108][ T1403] ? chrdev_open+0x10b/0x6a0 [ 1089.394162][ T1403] ? chrdev_open+0x10b/0x6a0 [ 1089.394224][ T1403] ? __pfx_usbdev_open+0x10/0x10 [ 1089.394285][ T1403] chrdev_open+0x234/0x6a0 [ 1089.394336][ T1403] ? __pfx_apparmor_file_open+0x10/0x10 [ 1089.394393][ T1403] ? __pfx_chrdev_open+0x10/0x10 [ 1089.394451][ T1403] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1089.394496][ T1403] do_dentry_open+0x6ab/0x14d0 [ 1089.394550][ T1403] ? __pfx_chrdev_open+0x10/0x10 [ 1089.394615][ T1403] vfs_open+0x82/0x3f0 [ 1089.394659][ T1403] path_openat+0x2873/0x4280 [ 1089.394731][ T1403] ? __pfx_path_openat+0x10/0x10 [ 1089.394796][ T1403] do_file_open+0x20e/0x430 [ 1089.394854][ T1403] ? __pfx_do_file_open+0x10/0x10 [ 1089.394939][ T1403] ? alloc_fd+0x471/0x7a0 [ 1089.394995][ T1403] ? do_getname+0x191/0x390 [ 1089.395038][ T1403] do_sys_openat2+0x10f/0x1e0 [ 1089.395080][ T1403] ? __pfx_do_sys_openat2+0x10/0x10 [ 1089.395125][ T1403] ? do_raw_spin_lock+0x128/0x260 [ 1089.395169][ T1403] __x64_sys_openat+0x12d/0x210 [ 1089.395213][ T1403] ? __pfx___x64_sys_openat+0x10/0x10 [ 1089.395280][ T1403] do_syscall_64+0x115/0x840 [ 1089.395332][ T1403] ? clear_bhb_loop+0x40/0x90 [ 1089.395375][ T1403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.395412][ T1403] RIP: 0033:0x7f9df939de59 [ 1089.395440][ T1403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1089.395476][ T1403] RSP: 002b:00007f9dfa2e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1089.395510][ T1403] RAX: ffffffffffffffda RBX: 00007f9df9626090 RCX: 00007f9df939de59 [ 1089.395534][ T1403] RDX: 000000000000a901 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 1089.395558][ T1403] RBP: 00007f9df9433e6f R08: 0000000000000000 R09: 0000000000000000 [ 1089.395579][ T1403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1089.395600][ T1403] R13: 00007f9df9626128 R14: 00007f9df9626090 R15: 00007ffd4e4e1028 [ 1089.395644][ T1403] [ 1089.539707][ T1405] bcache: register_bcache() error : failed to open device [ 1090.236574][ T1422] netlink: 'syz.0.11379': attribute type 8 has an invalid length. [ 1090.723934][ T1434] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11383'. [ 1091.214140][ T1442] netlink: 350 bytes leftover after parsing attributes in process `syz.2.11385'. [ 1091.809310][ T1463] netlink: 330 bytes leftover after parsing attributes in process `syz.2.11391'. [ 1092.262524][ T1476] FAULT_INJECTION: forcing a failure. [ 1092.262524][ T1476] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.292703][ T1476] CPU: 0 UID: 0 PID: 1476 Comm: syz.3.11394 Tainted: G L syzkaller #0 PREEMPT(full) [ 1092.292763][ T1476] Tainted: [L]=SOFTLOCKUP [ 1092.292777][ T1476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1092.292799][ T1476] Call Trace: [ 1092.292810][ T1476] [ 1092.292824][ T1476] dump_stack_lvl+0x100/0x190 [ 1092.292869][ T1476] should_fail_ex.cold+0x5/0xa [ 1092.292910][ T1476] should_failslab+0xc2/0x120 [ 1092.292955][ T1476] kmem_cache_alloc_noprof+0x91/0x6a0 [ 1092.292997][ T1476] ? sk_prot_alloc+0x60/0x2a0 [ 1092.293051][ T1476] sk_prot_alloc+0x60/0x2a0 [ 1092.293100][ T1476] sk_alloc+0x36/0xe80 [ 1092.293136][ T1476] inet_create+0x3a0/0x1060 [ 1092.293177][ T1476] ? inet_create+0x94/0x1060 [ 1092.293217][ T1476] __sock_create+0x339/0x860 [ 1092.293274][ T1476] smc_create+0x163/0x290 [ 1092.293327][ T1476] __sock_create+0x339/0x860 [ 1092.293384][ T1476] __sys_socket+0x14d/0x260 [ 1092.293435][ T1476] ? __pfx___sys_socket+0x10/0x10 [ 1092.293507][ T1476] __x64_sys_socket+0x72/0xb0 [ 1092.293556][ T1476] ? lockdep_hardirqs_on+0x78/0x100 [ 1092.293607][ T1476] do_syscall_64+0x115/0x840 [ 1092.293657][ T1476] ? clear_bhb_loop+0x40/0x90 [ 1092.293700][ T1476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1092.293736][ T1476] RIP: 0033:0x7efd91f9de59 [ 1092.293766][ T1476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1092.293801][ T1476] RSP: 002b:00007efd92eb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1092.293836][ T1476] RAX: ffffffffffffffda RBX: 00007efd92226090 RCX: 00007efd91f9de59 [ 1092.293858][ T1476] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b [ 1092.293880][ T1476] RBP: 00007efd92033e6f R08: 0000000000000000 R09: 0000000000000000 [ 1092.293901][ T1476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1092.293921][ T1476] R13: 00007efd92226128 R14: 00007efd92226090 R15: 00007ffc702cb0e8 [ 1092.293964][ T1476] [ 1092.854078][ T1489] netlink: 342 bytes leftover after parsing attributes in process `syz.0.11399'. [ 1092.864638][ T1489] IPv6: NLM_F_CREATE should be specified when creating new route [ 1092.872657][ T1489] IPv6: Can't replace route, no match found [ 1092.881115][ T1489] netlink: 342 bytes leftover after parsing attributes in process `syz.0.11399'. [ 1092.890732][ T1489] IPv6: Can't replace route, no match found [ 1093.372777][T25999] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1093.393225][ T5644] Bluetooth: hci2: unexpected event 0x08 length: 44 > 4 [ 1093.395705][ T1509] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 1095.418504][T25999] ------------[ cut here ]------------ [ 1095.424223][T25999] refcnt < 0 [ 1095.424250][T25999] WARNING: net/bluetooth/hci_conn.c:631 at hci_conn_timeout+0x16a/0x230, CPU#1: kworker/u9:0/25999 [ 1095.438534][T25999] Modules linked in: [ 1095.442884][T25999] CPU: 1 UID: 0 PID: 25999 Comm: kworker/u9:0 Tainted: G L syzkaller #0 PREEMPT(full) [ 1095.456191][T25999] Tainted: [L]=SOFTLOCKUP [ 1095.461049][T25999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1095.471467][T25999] Workqueue: hci2 hci_conn_timeout [ 1095.476732][T25999] RIP: 0010:hci_conn_timeout+0x16a/0x230 [ 1095.482425][T25999] Code: 44 0f b6 2d 5b cf 70 06 31 ff 41 83 e5 40 44 89 ee e8 ea 2e 5c f7 45 84 ed 0f 84 02 ff ff ff e9 f0 64 c4 f6 e8 c7 34 5c f7 90 <0f> 0b 90 e8 be 34 5c f7 48 8d bb fd f5 ff ff 48 b8 00 00 00 00 00 [ 1095.502174][T25999] RSP: 0018:ffffc90007a27c18 EFLAGS: 00010293 [ 1095.508594][T25999] RAX: 0000000000000000 RBX: ffff8880282f0a40 RCX: ffffffff8aacf67f [ 1095.516726][T25999] RDX: ffff8880337e0000 RSI: ffffffff8aacf779 RDI: ffff8880337e0000 [ 1095.524823][T25999] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000 [ 1095.532841][T25999] R10: 00000000ffffffff R11: 0000000000000000 R12: ffff8880282f0000 [ 1095.540936][T25999] R13: ffff8880337e04c4 R14: ffffffff91227e44 R15: 0000000000000000 [ 1095.548986][T25999] FS: 0000000000000000(0000) GS:ffff888123ef5000(0000) knlGS:0000000000000000 [ 1095.558011][T25999] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1095.565047][T25999] CR2: 00007f0ae7d467c1 CR3: 000000007891e000 CR4: 00000000003526f0 [ 1095.573051][T25999] Call Trace: [ 1095.576867][T25999] [ 1095.579858][T25999] process_one_work+0xa23/0x1940 [ 1095.584918][T25999] ? __pfx_process_one_work+0x10/0x10 [ 1095.590394][T25999] ? __pfx_hci_conn_timeout+0x10/0x10 [ 1095.595914][T25999] worker_thread+0x5ef/0xe50 [ 1095.600563][T25999] ? __pfx_worker_thread+0x10/0x10 [ 1095.605782][T25999] ? kthread+0x13a/0x450 [ 1095.610168][T25999] ? __pfx_worker_thread+0x10/0x10 [ 1095.615452][T25999] kthread+0x370/0x450 [ 1095.619582][T25999] ? __pfx_kthread+0x10/0x10 [ 1095.624206][T25999] ret_from_fork+0x72b/0xd50 [ 1095.628900][T25999] ? __pfx_ret_from_fork+0x10/0x10 [ 1095.634071][T25999] ? __switch_to+0x800/0x10f0 [ 1095.638904][T25999] ? __switch_to_asm+0x39/0x70 [ 1095.643731][T25999] ? __pfx_kthread+0x10/0x10 [ 1095.648414][T25999] ret_from_fork_asm+0x1a/0x30 [ 1095.653255][T25999] [ 1095.656481][T25999] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1095.663811][T25999] CPU: 1 UID: 0 PID: 25999 Comm: kworker/u9:0 Tainted: G L syzkaller #0 PREEMPT(full) [ 1095.674977][T25999] Tainted: [L]=SOFTLOCKUP [ 1095.679344][T25999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1095.689469][T25999] Workqueue: hci2 hci_conn_timeout [ 1095.694670][T25999] Call Trace: [ 1095.698005][T25999] [ 1095.700987][T25999] dump_stack_lvl+0x100/0x190 [ 1095.705732][T25999] vpanic+0x552/0x970 [ 1095.709789][T25999] ? __pfx_vpanic+0x10/0x10 [ 1095.714374][T25999] panic+0xd1/0xe0 [ 1095.718162][T25999] ? __pfx_panic+0x10/0x10 [ 1095.722663][T25999] ? check_panic_on_warn+0x1f/0x90 [ 1095.727849][T25999] check_panic_on_warn.cold+0x19/0x34 [ 1095.733279][T25999] ? hci_conn_timeout+0x16a/0x230 [ 1095.738348][T25999] __warn.cold+0x191/0x318 [ 1095.742826][T25999] __report_bug+0x30f/0x440 [ 1095.747372][T25999] ? hci_conn_timeout+0x16a/0x230 [ 1095.752429][T25999] ? __pfx___report_bug+0x10/0x10 [ 1095.757496][T25999] ? trace_contention_end+0x126/0x160 [ 1095.762928][T25999] ? __mutex_lock+0x26d/0x1bd0 [ 1095.767768][T25999] ? look_up_lock_class+0x55/0x120 [ 1095.772951][T25999] ? register_lock_class+0x40/0x560 [ 1095.778233][T25999] ? do_raw_spin_lock+0x128/0x260 [ 1095.783312][T25999] ? hci_conn_timeout+0x16a/0x230 [ 1095.788362][T25999] report_bug+0xb2/0x220 [ 1095.792676][T25999] ? hci_conn_timeout+0x16a/0x230 [ 1095.797726][T25999] handle_bug+0x16a/0x2a0 [ 1095.802119][T25999] exc_invalid_op+0x17/0x50 [ 1095.806670][T25999] asm_exc_invalid_op+0x1a/0x20 [ 1095.811580][T25999] RIP: 0010:hci_conn_timeout+0x16a/0x230 [ 1095.817279][T25999] Code: 44 0f b6 2d 5b cf 70 06 31 ff 41 83 e5 40 44 89 ee e8 ea 2e 5c f7 45 84 ed 0f 84 02 ff ff ff e9 f0 64 c4 f6 e8 c7 34 5c f7 90 <0f> 0b 90 e8 be 34 5c f7 48 8d bb fd f5 ff ff 48 b8 00 00 00 00 00 [ 1095.836946][T25999] RSP: 0018:ffffc90007a27c18 EFLAGS: 00010293 [ 1095.843076][T25999] RAX: 0000000000000000 RBX: ffff8880282f0a40 RCX: ffffffff8aacf67f [ 1095.851111][T25999] RDX: ffff8880337e0000 RSI: ffffffff8aacf779 RDI: ffff8880337e0000 [ 1095.859100][T25999] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000 [ 1095.867106][T25999] R10: 00000000ffffffff R11: 0000000000000000 R12: ffff8880282f0000 [ 1095.875118][T25999] R13: ffff8880337e04c4 R14: ffffffff91227e44 R15: 0000000000000000 [ 1095.883133][T25999] ? hci_conn_timeout+0x6f/0x230 [ 1095.888121][T25999] ? hci_conn_timeout+0x169/0x230 [ 1095.893179][T25999] ? hci_conn_timeout+0x169/0x230 [ 1095.898239][T25999] process_one_work+0xa23/0x1940 [ 1095.903227][T25999] ? __pfx_process_one_work+0x10/0x10 [ 1095.908655][T25999] ? __pfx_hci_conn_timeout+0x10/0x10 [ 1095.914076][T25999] worker_thread+0x5ef/0xe50 [ 1095.918720][T25999] ? __pfx_worker_thread+0x10/0x10 [ 1095.924018][T25999] ? kthread+0x13a/0x450 [ 1095.928342][T25999] ? __pfx_worker_thread+0x10/0x10 [ 1095.933506][T25999] kthread+0x370/0x450 [ 1095.937607][T25999] ? __pfx_kthread+0x10/0x10 [ 1095.942228][T25999] ret_from_fork+0x72b/0xd50 [ 1095.946848][T25999] ? __pfx_ret_from_fork+0x10/0x10 [ 1095.952016][T25999] ? __switch_to+0x800/0x10f0 [ 1095.956728][T25999] ? __switch_to_asm+0x39/0x70 [ 1095.961521][T25999] ? __pfx_kthread+0x10/0x10 [ 1095.966144][T25999] ret_from_fork_asm+0x1a/0x30 [ 1095.970973][T25999] [ 1095.974200][T25999] Kernel Offset: disabled [ 1095.978556][T25999] Rebooting in 86400 seconds..