last executing test programs: 10m18.897972284s ago: executing program 3 (id=5997): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r1, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}]}, 0x24}}, 0x4000000) 10m18.445626992s ago: executing program 3 (id=6002): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0x8080) 10m18.095248169s ago: executing program 3 (id=6007): r0 = eventfd2$auto(0x6af3, 0x800) readv$auto(r0, &(0x7f0000000580)={0x0, 0x29e4}, 0xe8) read$auto_fops_u8_(r0, &(0x7f0000001e40)=""/109, 0x6d) 10m17.730820145s ago: executing program 3 (id=6011): openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/clk/clk_orphan_summary\x00', 0x80, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 10m17.405886919s ago: executing program 3 (id=6014): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x25, 0x1, 0x0) setsockopt$auto(r0, 0x116, 0x7f, 0x0, 0x400) 10m17.011738482s ago: executing program 3 (id=6018): r0 = openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) poll$auto(&(0x7f00000000c0)={r0, 0x2, 0x7ff}, 0x1, 0x5) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000200)=""/72, 0x48) 10m1.857319117s ago: executing program 32 (id=6018): r0 = openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) poll$auto(&(0x7f00000000c0)={r0, 0x2, 0x7ff}, 0x1, 0x5) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000200)=""/72, 0x48) 25.784777274s ago: executing program 0 (id=11723): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x1, 0x0, 0x10) 20.683555229s ago: executing program 0 (id=11745): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x23, 0x80805, 0x0) poll$auto(&(0x7f0000000040)={r0, 0x7, 0x8}, 0x80, 0x400400) setsockopt$auto(r1, 0x113, 0x1, 0x0, 0x81) 19.868885776s ago: executing program 0 (id=11754): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex, 0x7f, 0x0, 0x8, 0x1, @relative_fd, 0xd}, 0x92) openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000040), 0x88400, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) write$auto(r0, &(0x7f0000000040)='S\x00\x00\x00\xfc\xff\xff\xff', 0x8587) 19.624599733s ago: executing program 4 (id=11757): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents64$auto(r0, 0x0, 0x803) r1 = socket(0xa, 0x5, 0x0) ioctl$auto(r1, 0x8941, 0x8) 19.503173807s ago: executing program 4 (id=11759): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000006c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="110b27bd7000fbdbdf250900000008000300", @ANYRES32=r3, @ANYBLOB="08000600e1"], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x9800) 19.384069712s ago: executing program 4 (id=11760): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x9, 0x15) write$auto(0x3, 0x0, 0x100082) 19.238834785s ago: executing program 4 (id=11761): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_TX_AGGR_MAX_BYTES={0x8, 0x1a, 0x8000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4089c}, 0x0) 19.160586777s ago: executing program 0 (id=11762): sendto$auto(0xffffffffffffffff, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x1, 0x1, 0x43, &(0x7f0000000000)='\x00', 0xbb) 19.119208143s ago: executing program 4 (id=11763): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x2, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/airtime_flags\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9) 18.99584313s ago: executing program 4 (id=11765): mmap$auto(0x0, 0x4, 0x3, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x8048ae66, 0x38) 18.716790539s ago: executing program 0 (id=11767): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x22, 0x2, 0x1) fstat$auto(r0, 0x0) r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000005f00), 0x80002, 0x0) ioctl$auto_SIOCSIFHWADDR(r1, 0x8924, 0x0) 17.75879062s ago: executing program 0 (id=11770): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)={0x1c, r2, 0xb01, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000050}, 0x240088e4) 16.697497874s ago: executing program 2 (id=11777): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mq_open$auto(&(0x7f0000000000)='P\x02\xb9\xd5\x02r\xbc\xd0\t^\xc0!\x7f\xc0\xdd8\xb0\x80\xfa;\x97\x05n\xf4~Z\x05\xf1\xef\xd1\xf1\b\xd9J\x9bp\xdf\xe7\xcd\x1f\x84-\xbb\x05\xa5\xb8\xfc\xf7v<)\xddR\x02\xd8\r_\x03\xe7\x8eWta\xfa\xbd\xaf\x06kG\xf7\xaa6\x1ch\vmD\xfc|v\xd4Q', 0xfe, 0x9, 0x0) r0 = socket(0x11, 0x2, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x3, 0x3}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, 0x0, 0x4, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100) 16.606119758s ago: executing program 2 (id=11778): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @empty}, 0x51) 16.495119341s ago: executing program 2 (id=11779): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2a, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getsockopt$auto(0x6, 0x1, 0x4d, 0xfffffffffffffffe, 0x0) 16.365141621s ago: executing program 2 (id=11781): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) close_range$auto(0x2, 0x8, 0x0) 16.235665633s ago: executing program 2 (id=11783): close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x4604, 0x0) 16.084504111s ago: executing program 2 (id=11785): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x200000000000011, 0x2, 0x0) io_uring_setup$auto(0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000080)={'bond0\x00'}) 15.918599691s ago: executing program 1 (id=11787): socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) 15.826260342s ago: executing program 1 (id=11788): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x4fffffdf2) close_range$auto(0x2, 0x8, 0x0) 15.554860259s ago: executing program 1 (id=11789): socket(0x2a, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x3c, r1, 0x1b, 0x70bc26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xb, 0x0, 0x0, @fd=r0}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) 15.462059614s ago: executing program 1 (id=11790): mmap$auto(0x0, 0x2020009, 0x3, 0x4000eb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) 15.387484879s ago: executing program 1 (id=11791): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x801, 0x84) listen$auto(r0, 0x3) getsockopt$auto(r0, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d) 15.314819978s ago: executing program 1 (id=11792): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = socket(0x2, 0x1, 0x106) ioctl$auto(r0, 0x890b, r0) 3.975222203s ago: executing program 33 (id=11765): mmap$auto(0x0, 0x4, 0x3, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x8048ae66, 0x38) 2.606939928s ago: executing program 34 (id=11770): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)={0x1c, r2, 0xb01, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000050}, 0x240088e4) 1.013294502s ago: executing program 35 (id=11785): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x200000000000011, 0x2, 0x0) io_uring_setup$auto(0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000080)={'bond0\x00'}) 0s ago: executing program 36 (id=11792): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = socket(0x2, 0x1, 0x106) ioctl$auto(r0, 0x890b, r0) kernel console output (not intermixed with test programs): WARE_WORKAROUND [ 904.890495][T27048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 904.890510][T27048] Call Trace: [ 904.890518][T27048] [ 904.890527][T27048] dump_stack_lvl+0x16c/0x1f0 [ 904.890562][T27048] should_fail_ex+0x512/0x640 [ 904.890600][T27048] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 904.890633][T27048] should_failslab+0xc2/0x120 [ 904.890668][T27048] kmem_cache_alloc_noprof+0x75/0x6e0 [ 904.890694][T27048] ? key_alloc+0x3e0/0x1330 [ 904.890725][T27048] ? key_alloc+0x3e0/0x1330 [ 904.890747][T27048] key_alloc+0x3e0/0x1330 [ 904.890782][T27048] ? __pfx_key_alloc+0x10/0x10 [ 904.890808][T27048] ? aa_get_newest_label+0xd2/0x250 [ 904.890850][T27048] keyring_alloc+0x44/0xc0 [ 904.890882][T27048] lookup_user_key+0xc51/0x1300 [ 904.890910][T27048] ? __pfx_lookup_user_key+0x10/0x10 [ 904.890941][T27048] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 904.890995][T27048] keyctl_setperm_key+0x9d/0x3a0 [ 904.891032][T27048] ? __pfx_keyctl_setperm_key+0x10/0x10 [ 904.891075][T27048] ? xfd_validate_state+0x61/0x180 [ 904.891111][T27048] ? __pfx_ksys_write+0x10/0x10 [ 904.891143][T27048] __do_sys_keyctl+0x29a/0x590 [ 904.891181][T27048] do_syscall_64+0xcd/0xfa0 [ 904.891212][T27048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 904.891259][T27048] RIP: 0033:0x7efea2f8f7c9 [ 904.891278][T27048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 904.891302][T27048] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 904.891324][T27048] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 904.891340][T27048] RDX: 0000000000000005 RSI: ffffffffffffffff RDI: 0000000000000005 [ 904.891356][T27048] RBP: 00007efea3013f91 R08: 0000000000000008 R09: 0000000000000000 [ 904.891370][T27048] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 904.891384][T27048] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 904.891416][T27048] [ 905.837493][T27054] erspan0: entered allmulticast mode [ 909.054236][T27116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9957'. [ 913.176940][T27196] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9997'. [ 915.120532][T23954] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 915.120567][T23954] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 915.137901][T23954] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 915.137955][T23954] Bluetooth: hci1: Malformed LE Event: 0x0d [ 917.986644][T27233] kexec: Could not allocate control_code_buffer [ 918.293307][T27260] ovs_: entered promiscuous mode [ 919.376812][T27271] zswap: compressor not available [ 920.748659][T27304] FAULT_INJECTION: forcing a failure. [ 920.748659][T27304] name failslab, interval 1, probability 0, space 0, times 0 [ 920.837974][T27304] CPU: 0 UID: 0 PID: 27304 Comm: syz.1.10044 Tainted: G U I syzkaller #0 PREEMPT(full) [ 920.838018][T27304] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 920.838028][T27304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 920.838042][T27304] Call Trace: [ 920.838050][T27304] [ 920.838059][T27304] dump_stack_lvl+0x16c/0x1f0 [ 920.838094][T27304] should_fail_ex+0x512/0x640 [ 920.838132][T27304] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 920.838161][T27304] should_failslab+0xc2/0x120 [ 920.838195][T27304] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 920.838223][T27304] ? __d_alloc+0x32/0xae0 [ 920.838256][T27304] ? __d_alloc+0x32/0xae0 [ 920.838282][T27304] __d_alloc+0x32/0xae0 [ 920.838309][T27304] ? rcu_is_watching+0x12/0xc0 [ 920.838338][T27304] d_alloc_pseudo+0x1c/0xc0 [ 920.838374][T27304] alloc_file_pseudo+0xcf/0x230 [ 920.838412][T27304] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 920.838452][T27304] ? do_raw_spin_unlock+0x172/0x230 [ 920.838478][T27304] __anon_inode_getfile+0xe8/0x280 [ 920.838513][T27304] anon_inode_getfile_fmode+0x37/0xa0 [ 920.838545][T27304] __do_sys_timerfd_create+0x216/0x3e0 [ 920.838578][T27304] ? do_syscall_64+0x91/0xfa0 [ 920.838609][T27304] do_syscall_64+0xcd/0xfa0 [ 920.838640][T27304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.838664][T27304] RIP: 0033:0x7efea2f8f7c9 [ 920.838683][T27304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 920.838707][T27304] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 920.838730][T27304] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 920.838746][T27304] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 920.838760][T27304] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 920.838774][T27304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 920.838788][T27304] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 920.838820][T27304] [ 922.954835][T27345] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10064'. [ 923.700149][T27360] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 923.706649][T27360] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 924.407461][T27372] FAULT_INJECTION: forcing a failure. [ 924.407461][T27372] name failslab, interval 1, probability 0, space 0, times 0 [ 924.472816][T27372] CPU: 0 UID: 0 PID: 27372 Comm: syz.4.10076 Tainted: G U I syzkaller #0 PREEMPT(full) [ 924.472860][T27372] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 924.472870][T27372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 924.472884][T27372] Call Trace: [ 924.472892][T27372] [ 924.472900][T27372] dump_stack_lvl+0x16c/0x1f0 [ 924.472937][T27372] should_fail_ex+0x512/0x640 [ 924.472974][T27372] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 924.473004][T27372] should_failslab+0xc2/0x120 [ 924.473038][T27372] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 924.473066][T27372] ? __d_alloc+0x32/0xae0 [ 924.473098][T27372] ? __d_alloc+0x32/0xae0 [ 924.473125][T27372] __d_alloc+0x32/0xae0 [ 924.473152][T27372] ? rcu_is_watching+0x12/0xc0 [ 924.473180][T27372] d_alloc_pseudo+0x1c/0xc0 [ 924.473216][T27372] alloc_file_pseudo+0xcf/0x230 [ 924.473253][T27372] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 924.473294][T27372] ? do_raw_spin_unlock+0x172/0x230 [ 924.473321][T27372] __anon_inode_getfile+0xe8/0x280 [ 924.473354][T27372] anon_inode_getfile_fmode+0x37/0xa0 [ 924.473387][T27372] __do_sys_timerfd_create+0x216/0x3e0 [ 924.473420][T27372] ? do_syscall_64+0x91/0xfa0 [ 924.473451][T27372] do_syscall_64+0xcd/0xfa0 [ 924.473483][T27372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 924.473507][T27372] RIP: 0033:0x7fa6bff8f7c9 [ 924.473525][T27372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 924.473553][T27372] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 924.473575][T27372] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 924.473592][T27372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 924.473606][T27372] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 924.473621][T27372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 924.473636][T27372] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 924.473674][T27372] [ 925.078300][T27378] bridge0: port 5(syz_tun) entered blocking state [ 925.103831][T27378] bridge0: port 5(syz_tun) entered disabled state [ 925.111163][T27378] syz_tun: entered allmulticast mode [ 925.147151][T27378] syz_tun: entered promiscuous mode [ 925.173321][T27378] bridge0: port 5(syz_tun) entered blocking state [ 925.180135][T27378] bridge0: port 5(syz_tun) entered forwarding state [ 927.104325][T27389] kexec: Could not allocate control_code_buffer [ 929.235181][T27466] bridge0: port 4(syz_tun) entered blocking state [ 929.288535][T27466] bridge0: port 4(syz_tun) entered disabled state [ 929.322605][T27466] syz_tun: entered allmulticast mode [ 929.352570][T27466] syz_tun: entered promiscuous mode [ 929.370158][T27466] bridge0: port 4(syz_tun) entered blocking state [ 929.376773][T27466] bridge0: port 4(syz_tun) entered forwarding state [ 930.597355][T27492] netlink: 21 bytes leftover after parsing attributes in process `syz.0.10129'. [ 932.012054][T27523] netlink: 21 bytes leftover after parsing attributes in process `syz.4.10142'. [ 932.969652][T27533] kexec: Could not allocate control_code_buffer [ 933.467740][T27537] Process accounting paused [ 933.958456][T27565] aoe: could not set interface list: too many interfaces [ 935.147934][T27595] netlink: 206 bytes leftover after parsing attributes in process `syz.1.10171'. [ 936.259963][T27623] netlink: 178 bytes leftover after parsing attributes in process `syz.0.10184'. [ 936.655920][T27632] FAULT_INJECTION: forcing a failure. [ 936.655920][T27632] name failslab, interval 1, probability 0, space 0, times 0 [ 936.744260][T27632] CPU: 0 UID: 0 PID: 27632 Comm: syz.1.10188 Tainted: G U I syzkaller #0 PREEMPT(full) [ 936.744306][T27632] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 936.744316][T27632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 936.744331][T27632] Call Trace: [ 936.744339][T27632] [ 936.744348][T27632] dump_stack_lvl+0x16c/0x1f0 [ 936.744383][T27632] should_fail_ex+0x512/0x640 [ 936.744425][T27632] should_failslab+0xc2/0x120 [ 936.744460][T27632] __kmalloc_cache_noprof+0x72/0x780 [ 936.744482][T27632] ? __task_pid_nr_ns+0x1f5/0x500 [ 936.744518][T27632] ? proc_thread_self_get_link+0x1c6/0x240 [ 936.744556][T27632] ? proc_thread_self_get_link+0x1c6/0x240 [ 936.744589][T27632] proc_thread_self_get_link+0x1c6/0x240 [ 936.744623][T27632] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 936.744665][T27632] step_into+0x189e/0x21a0 [ 936.744694][T27632] ? __pfx_step_into+0x10/0x10 [ 936.744722][T27632] ? lookup_fast+0x156/0x610 [ 936.744748][T27632] walk_component+0xfc/0x5b0 [ 936.744774][T27632] link_path_walk+0x627/0xe20 [ 936.744808][T27632] path_openat+0x1b0/0x2cb0 [ 936.744846][T27632] ? __pfx_path_openat+0x10/0x10 [ 936.744874][T27632] ? __lock_acquire+0xb8a/0x1c90 [ 936.744911][T27632] do_filp_open+0x20b/0x470 [ 936.744939][T27632] ? __pfx_do_filp_open+0x10/0x10 [ 936.744987][T27632] ? alloc_fd+0x471/0x7d0 [ 936.745020][T27632] do_sys_openat2+0x11b/0x1d0 [ 936.745057][T27632] ? __pfx_do_sys_openat2+0x10/0x10 [ 936.745105][T27632] __x64_sys_openat+0x174/0x210 [ 936.745143][T27632] ? __pfx___x64_sys_openat+0x10/0x10 [ 936.745193][T27632] do_syscall_64+0xcd/0xfa0 [ 936.745225][T27632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.745250][T27632] RIP: 0033:0x7efea2f8f7c9 [ 936.745269][T27632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 936.745293][T27632] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 936.745316][T27632] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 936.745332][T27632] RDX: 0000000000000002 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 936.745347][T27632] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 936.745362][T27632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 936.745376][T27632] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 936.745408][T27632] syzkaller syzkaller login: [ 939.318805][T27642] kexec: Could not allocate control_code_buffer [ 942.069398][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 942.076221][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 943.099780][T27760] zswap: compressor not available [ 944.994843][T27801] hugetlbfs: syz.1.10263 (27801): Using mlock ulimits for SHM_HUGETLB is obsolete [ 946.605015][T27834] bridge_slave_1: left allmulticast mode [ 946.651561][T27834] bridge_slave_1: left promiscuous mode [ 946.678153][T27834] bridge0: port 2(bridge_slave_1) entered disabled state [ 948.222927][T27866] zswap: compressor not available [ 949.679615][T27904] CIFS: VFS: Invalid SecurityFlags: 0 [ 951.076965][T27937] FAULT_INJECTION: forcing a failure. [ 951.076965][T27937] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 951.140203][T27937] CPU: 0 UID: 0 PID: 27937 Comm: syz.1.10321 Tainted: G U I syzkaller #0 PREEMPT(full) [ 951.140247][T27937] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 951.140257][T27937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 951.140272][T27937] Call Trace: [ 951.140280][T27937] [ 951.140289][T27937] dump_stack_lvl+0x16c/0x1f0 [ 951.140324][T27937] should_fail_ex+0x512/0x640 [ 951.140366][T27937] should_fail_alloc_page+0xe7/0x130 [ 951.140403][T27937] prepare_alloc_pages+0x3c2/0x610 [ 951.140441][T27937] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 951.140467][T27937] ? __alloc_frozen_pages_noprof+0x292/0x2470 [ 951.140494][T27937] ? css_rstat_updated+0x1c2/0x510 [ 951.140541][T27937] ? find_held_lock+0x2b/0x80 [ 951.140566][T27937] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 951.140592][T27937] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 951.140638][T27937] ? __alloc_frozen_pages_noprof+0x292/0x2470 [ 951.140668][T27937] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 951.140718][T27937] ? policy_nodemask+0xea/0x4e0 [ 951.140754][T27937] alloc_pages_mpol+0x1fb/0x550 [ 951.140789][T27937] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 951.140823][T27937] ? do_raw_spin_lock+0x12c/0x2b0 [ 951.140861][T27937] ? find_held_lock+0x2b/0x80 [ 951.140891][T27937] alloc_pages_noprof+0x131/0x390 [ 951.140925][T27937] __pmd_alloc+0x3b/0x8b0 [ 951.140963][T27937] ? __pud_alloc+0x51f/0x6b0 [ 951.140998][T27937] walk_to_pmd+0x3a6/0x4c0 [ 951.141035][T27937] __get_locked_pte+0x25/0xc0 [ 951.141071][T27937] map_ldt_struct+0x3b0/0xa60 [ 951.141103][T27937] ? __pfx_map_ldt_struct+0x10/0x10 [ 951.141129][T27937] ? alloc_pages_noprof+0x23c/0x390 [ 951.141167][T27937] write_ldt+0x8fa/0xd20 [ 951.141196][T27937] ? __pfx_write_ldt+0x10/0x10 [ 951.141220][T27937] ? fput+0x9b/0xd0 [ 951.141254][T27937] ? __pfx_ksys_write+0x10/0x10 [ 951.141287][T27937] __x64_sys_modify_ldt+0xb1/0x170 [ 951.141313][T27937] do_syscall_64+0xcd/0xfa0 [ 951.141346][T27937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.141371][T27937] RIP: 0033:0x7efea2f8f7c9 [ 951.141392][T27937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 951.141416][T27937] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 951.141440][T27937] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 951.141457][T27937] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000001 [ 951.141471][T27937] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 951.141486][T27937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 951.141501][T27937] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 951.141539][T27937] [ 951.809633][T27927] kexec: Could not allocate control_code_buffer [ 952.554453][T27953] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 952.624018][T27953] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 952.694070][T27953] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 952.727015][T27953] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 952.793983][T27953] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 952.966890][T27959] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10331'. [ 953.731277][T27977] syz.4.10338 (27977): /proc/27973/oom_adj is deprecated, please use /proc/27973/oom_score_adj instead. [ 954.622638][T23954] Bluetooth: hci0: command 0x0406 tx timeout [ 954.702005][T23954] Bluetooth: hci4: command 0x0406 tx timeout [ 954.708101][T23954] Bluetooth: hci3: command 0x0406 tx timeout [ 954.781302][T23954] Bluetooth: hci1: command 0x0c1a tx timeout [ 955.122440][T28007] CIFS: VFS: Invalid SecurityFlags: 0 [ 956.429576][T28033] kAFS: bad VL server IP address [ 956.853018][T23954] Bluetooth: hci1: command 0x0c1a tx timeout [ 958.220294][T28070] Process accounting resumed [ 959.476083][T28087] zswap: compressor not available [ 959.606357][T28096] FAULT_INJECTION: forcing a failure. [ 959.606357][T28096] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 959.641140][T28096] CPU: 0 UID: 0 PID: 28096 Comm: syz.1.10386 Tainted: G U I syzkaller #0 PREEMPT(full) [ 959.641183][T28096] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 959.641193][T28096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 959.641208][T28096] Call Trace: [ 959.641216][T28096] [ 959.641225][T28096] dump_stack_lvl+0x16c/0x1f0 [ 959.641261][T28096] should_fail_ex+0x512/0x640 [ 959.641309][T28096] _copy_from_user+0x2e/0xd0 [ 959.641350][T28096] get_timespec64+0x8b/0x1b0 [ 959.641383][T28096] ? __pfx_get_timespec64+0x10/0x10 [ 959.641422][T28096] do_pselect.constprop.0+0xc1/0x1e0 [ 959.641449][T28096] ? __pfx_do_pselect.constprop.0+0x10/0x10 [ 959.641481][T28096] ? __x64_sys_futex+0x1e0/0x4c0 [ 959.641518][T28096] __x64_sys_pselect6+0x182/0x240 [ 959.641544][T28096] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 959.641578][T28096] do_syscall_64+0xcd/0xfa0 [ 959.641611][T28096] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 959.641636][T28096] RIP: 0033:0x7efea2f8f7c9 [ 959.641655][T28096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 959.641678][T28096] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 959.641701][T28096] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 959.641717][T28096] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000007ff [ 959.641731][T28096] RBP: 00007efea3013f91 R08: 0000200000000040 R09: 0000000000000000 [ 959.641746][T28096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 959.641761][T28096] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 959.641792][T28096] [ 964.401394][T28210] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 964.434400][T28210] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 964.448629][T28210] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 964.472759][T28210] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 965.670894][T28244] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10445'. [ 966.152247][T28249] netlink: 294 bytes leftover after parsing attributes in process `syz.2.10448'. [ 966.400684][T23954] Bluetooth: hci0: command 0x0406 tx timeout [ 966.481402][T23954] Bluetooth: hci1: command 0x0c1a tx timeout [ 966.488291][T16036] Bluetooth: hci4: command 0x0406 tx timeout [ 966.494887][T16036] Bluetooth: hci3: command 0x0406 tx timeout [ 968.215578][T28298] netlink: 122 bytes leftover after parsing attributes in process `syz.4.10467'. [ 969.546919][T28330] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10480'. [ 972.238632][T28393] netlink: 294 bytes leftover after parsing attributes in process `syz.4.10503'. [ 972.468825][T28399] netlink: 338 bytes leftover after parsing attributes in process `syz.4.10506'. [ 972.897834][T28410] netlink: 122 bytes leftover after parsing attributes in process `syz.2.10513'. [ 973.545754][T28427] mtrr: base(0x1000) is not aligned on a size(0x0000) boundary [ 976.057343][T28255] block nbd0: Receive control failed (result -107) [ 976.624178][T28495] FAULT_INJECTION: forcing a failure. [ 976.624178][T28495] name failslab, interval 1, probability 0, space 0, times 0 [ 976.677983][T28495] CPU: 0 UID: 0 PID: 28495 Comm: syz.1.10547 Tainted: G U I syzkaller #0 PREEMPT(full) [ 976.678027][T28495] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 976.678037][T28495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 976.678059][T28495] Call Trace: [ 976.678067][T28495] [ 976.678076][T28495] dump_stack_lvl+0x16c/0x1f0 [ 976.678110][T28495] should_fail_ex+0x512/0x640 [ 976.678148][T28495] ? __kmalloc_cache_noprof+0x5f/0x780 [ 976.678174][T28495] should_failslab+0xc2/0x120 [ 976.678208][T28495] __kmalloc_cache_noprof+0x72/0x780 [ 976.678230][T28495] ? __pfx_srcu_delay_timer+0x10/0x10 [ 976.678266][T28495] ? init_srcu_struct_fields+0x97a/0xde0 [ 976.678309][T28495] ? init_srcu_struct_fields+0x97a/0xde0 [ 976.678346][T28495] init_srcu_struct_fields+0x97a/0xde0 [ 976.678386][T28495] ? lockdep_init_map_type+0x5c/0x280 [ 976.678426][T28495] kvm_dev_ioctl+0x7ac/0x1a80 [ 976.678458][T28495] ? find_held_lock+0x2b/0x80 [ 976.678482][T28495] ? hook_file_ioctl_common+0x145/0x410 [ 976.678509][T28495] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 976.678540][T28495] ? __fget_files+0x20e/0x3c0 [ 976.678575][T28495] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 976.678605][T28495] __x64_sys_ioctl+0x18e/0x210 [ 976.678645][T28495] do_syscall_64+0xcd/0xfa0 [ 976.678677][T28495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 976.678701][T28495] RIP: 0033:0x7efea2f8f7c9 [ 976.678720][T28495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 976.678743][T28495] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 976.678766][T28495] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 976.678782][T28495] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 976.678797][T28495] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 976.678811][T28495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 976.678826][T28495] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 976.678857][T28495] [ 978.039011][T28526] FAULT_INJECTION: forcing a failure. [ 978.039011][T28526] name failslab, interval 1, probability 0, space 0, times 0 [ 978.120008][T28526] CPU: 0 UID: 0 PID: 28526 Comm: syz.4.10561 Tainted: G U I syzkaller #0 PREEMPT(full) [ 978.120052][T28526] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 978.120062][T28526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 978.120077][T28526] Call Trace: [ 978.120085][T28526] [ 978.120093][T28526] dump_stack_lvl+0x16c/0x1f0 [ 978.120129][T28526] should_fail_ex+0x512/0x640 [ 978.120166][T28526] ? __kmalloc_cache_noprof+0x5f/0x780 [ 978.120194][T28526] should_failslab+0xc2/0x120 [ 978.120227][T28526] __kmalloc_cache_noprof+0x72/0x780 [ 978.120249][T28526] ? snprintf+0xc7/0x100 [ 978.120274][T28526] ? init_srcu_struct_fields+0x97a/0xde0 [ 978.120317][T28526] ? init_srcu_struct_fields+0x97a/0xde0 [ 978.120355][T28526] init_srcu_struct_fields+0x97a/0xde0 [ 978.120394][T28526] ? lockdep_init_map_type+0x5c/0x280 [ 978.120443][T28526] kvm_dev_ioctl+0x57f/0x1a80 [ 978.120476][T28526] ? find_held_lock+0x2b/0x80 [ 978.120501][T28526] ? hook_file_ioctl_common+0x145/0x410 [ 978.120529][T28526] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 978.120560][T28526] ? __fget_files+0x20e/0x3c0 [ 978.120590][T28526] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 978.120620][T28526] __x64_sys_ioctl+0x18e/0x210 [ 978.120663][T28526] do_syscall_64+0xcd/0xfa0 [ 978.120695][T28526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 978.120720][T28526] RIP: 0033:0x7fa6bff8f7c9 [ 978.120738][T28526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 978.120762][T28526] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 978.120784][T28526] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 978.120801][T28526] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 978.120815][T28526] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 978.120830][T28526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 978.120844][T28526] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 978.120880][T28526] [ 979.088341][T28255] block nbd1: Receive control failed (result -107) [ 979.418500][T28553] busy [ 981.411979][ T30] audit: type=1804 audit(2147485900.607:39): pid=28609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.10595" name=2F6E6577726F6F742F3932302F22050820 dev="tmpfs" ino=4675 res=1 errno=0 [ 981.566775][ T30] audit: type=1800 audit(2147485900.607:40): pid=28609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10595" name=22050820 dev="tmpfs" ino=4675 res=0 errno=0 [ 981.718702][T28617] FAULT_INJECTION: forcing a failure. [ 981.718702][T28617] name fail_futex, interval 1, probability 0, space 0, times 1 [ 981.793972][T28617] CPU: 0 UID: 0 PID: 28617 Comm: syz.1.10599 Tainted: G U I syzkaller #0 PREEMPT(full) [ 981.794015][T28617] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 981.794025][T28617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 981.794039][T28617] Call Trace: [ 981.794047][T28617] [ 981.794056][T28617] dump_stack_lvl+0x16c/0x1f0 [ 981.794089][T28617] should_fail_ex+0x512/0x640 [ 981.794132][T28617] get_futex_key+0x1d0/0x1560 [ 981.794165][T28617] ? __pfx_do_wp_page+0x10/0x10 [ 981.794199][T28617] ? __pfx_get_futex_key+0x10/0x10 [ 981.794240][T28617] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 981.794280][T28617] ? ___pte_offset_map+0x2ad/0x4f0 [ 981.794316][T28617] futex_wake+0xea/0x530 [ 981.794357][T28617] ? __pfx_futex_wake+0x10/0x10 [ 981.794402][T28617] ? css_rstat_updated+0x1c2/0x510 [ 981.794434][T28617] do_futex+0x1e3/0x350 [ 981.794468][T28617] ? __pfx_do_futex+0x10/0x10 [ 981.794501][T28617] ? find_held_lock+0x2b/0x80 [ 981.794526][T28617] ? handle_mm_fault+0x2ab/0xd10 [ 981.794567][T28617] __x64_sys_futex+0x1e0/0x4c0 [ 981.794602][T28617] ? exc_page_fault+0x64/0xc0 [ 981.794630][T28617] ? __pfx___x64_sys_futex+0x10/0x10 [ 981.794676][T28617] do_syscall_64+0xcd/0xfa0 [ 981.794708][T28617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.794732][T28617] RIP: 0033:0x7efea2f8f7c9 [ 981.794753][T28617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 981.794779][T28617] RSP: 002b:00007efea11f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.794803][T28617] RAX: ffffffffffffffda RBX: 00007efea31e5fa8 RCX: 00007efea2f8f7c9 [ 981.794819][T28617] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007efea31e5fac [ 981.794834][T28617] RBP: 00007efea31e5fa0 R08: 00007efea3d1e000 R09: 0000000000000000 [ 981.794848][T28617] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 981.794862][T28617] R13: 00007efea31e6038 R14: 00007ffe13fe0f40 R15: 00007ffe13fe1028 [ 981.794893][T28617] [ 984.547469][T28667] FAULT_INJECTION: forcing a failure. [ 984.547469][T28667] name failslab, interval 1, probability 0, space 0, times 0 [ 984.594703][T28667] CPU: 0 UID: 0 PID: 28667 Comm: syz.0.10627 Tainted: G U I syzkaller #0 PREEMPT(full) [ 984.594746][T28667] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 984.594756][T28667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 984.594770][T28667] Call Trace: [ 984.594778][T28667] [ 984.594787][T28667] dump_stack_lvl+0x16c/0x1f0 [ 984.594821][T28667] should_fail_ex+0x512/0x640 [ 984.594859][T28667] ? __kmalloc_cache_noprof+0x5f/0x780 [ 984.594886][T28667] should_failslab+0xc2/0x120 [ 984.594920][T28667] __kmalloc_cache_noprof+0x72/0x780 [ 984.594944][T28667] ? key_user_lookup+0x195/0x560 [ 984.594975][T28667] ? key_user_lookup+0x195/0x560 [ 984.595006][T28667] key_user_lookup+0x195/0x560 [ 984.595032][T28667] ? __pfx_key_user_lookup+0x10/0x10 [ 984.595066][T28667] key_alloc+0x18b/0x1330 [ 984.595098][T28667] ? rcu_is_watching+0x12/0xc0 [ 984.595127][T28667] ? __pfx_key_alloc+0x10/0x10 [ 984.595151][T28667] ? lsm_blob_alloc+0x68/0x90 [ 984.595194][T28667] keyring_alloc+0x44/0xc0 [ 984.595226][T28667] install_thread_keyring_to_cred+0xc1/0x140 [ 984.595270][T28667] keyctl_set_reqkey_keyring+0xcf/0x1c0 [ 984.595311][T28667] __do_sys_keyctl+0x6d/0x590 [ 984.595350][T28667] do_syscall_64+0xcd/0xfa0 [ 984.595382][T28667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.595406][T28667] RIP: 0033:0x7f60ebb8f7c9 [ 984.595424][T28667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 984.595448][T28667] RSP: 002b:00007f60ecac8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 984.595471][T28667] RAX: ffffffffffffffda RBX: 00007f60ebde5fa0 RCX: 00007f60ebb8f7c9 [ 984.595487][T28667] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000e [ 984.595501][T28667] RBP: 00007f60ebc13f91 R08: 0000000000000008 R09: 0000000000000000 [ 984.595516][T28667] R10: 0000000000005eaf R11: 0000000000000246 R12: 0000000000000000 [ 984.595531][T28667] R13: 00007f60ebde6038 R14: 00007f60ebde5fa0 R15: 00007fff8997d1a8 [ 984.595562][T28667] [ 985.409684][T28684] futex_wake_op: syz.1.10635 tries to shift op by -2048; fix this program [ 985.478429][T28684] futex_wake_op: syz.1.10635 tries to shift op by -2048; fix this program [ 986.666893][T28709] futex_wake_op: syz.4.10640 tries to shift op by -2048; fix this program [ 986.719663][T28709] futex_wake_op: syz.4.10640 tries to shift op by -2048; fix this program [ 987.042863][T28716] FAULT_INJECTION: forcing a failure. [ 987.042863][T28716] name failslab, interval 1, probability 0, space 0, times 0 [ 987.107808][T28716] CPU: 0 UID: 0 PID: 28716 Comm: syz.4.10642 Tainted: G U I syzkaller #0 PREEMPT(full) [ 987.107852][T28716] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 987.107862][T28716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 987.107877][T28716] Call Trace: [ 987.107885][T28716] [ 987.107894][T28716] dump_stack_lvl+0x16c/0x1f0 [ 987.107928][T28716] should_fail_ex+0x512/0x640 [ 987.107966][T28716] ? __kmalloc_cache_noprof+0x5f/0x780 [ 987.107993][T28716] should_failslab+0xc2/0x120 [ 987.108027][T28716] __kmalloc_cache_noprof+0x72/0x780 [ 987.108051][T28716] ? key_user_lookup+0x195/0x560 [ 987.108090][T28716] ? key_user_lookup+0x195/0x560 [ 987.108115][T28716] key_user_lookup+0x195/0x560 [ 987.108141][T28716] ? __pfx_key_user_lookup+0x10/0x10 [ 987.108176][T28716] key_alloc+0x18b/0x1330 [ 987.108208][T28716] ? rcu_is_watching+0x12/0xc0 [ 987.108236][T28716] ? __pfx_key_alloc+0x10/0x10 [ 987.108261][T28716] ? lsm_blob_alloc+0x68/0x90 [ 987.108298][T28716] keyring_alloc+0x44/0xc0 [ 987.108330][T28716] install_thread_keyring_to_cred+0xc1/0x140 [ 987.108374][T28716] keyctl_set_reqkey_keyring+0xcf/0x1c0 [ 987.108413][T28716] __do_sys_keyctl+0x6d/0x590 [ 987.108452][T28716] do_syscall_64+0xcd/0xfa0 [ 987.108484][T28716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 987.108508][T28716] RIP: 0033:0x7fa6bff8f7c9 [ 987.108527][T28716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 987.108551][T28716] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 987.108573][T28716] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 987.108589][T28716] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000e [ 987.108604][T28716] RBP: 00007fa6c0013f91 R08: 0000000000000008 R09: 0000000000000000 [ 987.108618][T28716] R10: 0000000000005eaf R11: 0000000000000246 R12: 0000000000000000 [ 987.108633][T28716] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 987.108664][T28716] [ 989.013542][T28690] Process accounting paused [ 992.206747][T28821] netlink: 130 bytes leftover after parsing attributes in process `syz.1.10685'. [ 994.684037][T28871] netlink: 130 bytes leftover after parsing attributes in process `syz.2.10705'. [ 997.690814][T28919] FAULT_INJECTION: forcing a failure. [ 997.690814][T28919] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 997.765592][T28919] CPU: 0 UID: 0 PID: 28919 Comm: syz.0.10726 Tainted: G U I syzkaller #0 PREEMPT(full) [ 997.765636][T28919] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 997.765645][T28919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 997.765660][T28919] Call Trace: [ 997.765668][T28919] [ 997.765678][T28919] dump_stack_lvl+0x16c/0x1f0 [ 997.765713][T28919] should_fail_ex+0x512/0x640 [ 997.765756][T28919] should_fail_alloc_page+0xe7/0x130 [ 997.765792][T28919] prepare_alloc_pages+0x3c2/0x610 [ 997.765830][T28919] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 997.765858][T28919] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 997.765893][T28919] ? __lock_acquire+0x622/0x1c90 [ 997.765947][T28919] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 997.765985][T28919] ? __lock_acquire+0x622/0x1c90 [ 997.766024][T28919] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 997.766075][T28919] ? policy_nodemask+0xea/0x4e0 [ 997.766113][T28919] alloc_pages_mpol+0x1fb/0x550 [ 997.766149][T28919] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 997.766189][T28919] ? blk_cgroup_congested+0x140/0x270 [ 997.766220][T28919] alloc_pages_noprof+0x131/0x390 [ 997.766255][T28919] pte_alloc_one+0x1e/0x350 [ 997.766283][T28919] do_huge_pmd_anonymous_page+0x2bb/0x1f50 [ 997.766311][T28919] ? find_held_lock+0x2b/0x80 [ 997.766338][T28919] __handle_mm_fault+0x1cff/0x2aa0 [ 997.766390][T28919] ? __pfx___handle_mm_fault+0x10/0x10 [ 997.766456][T28919] handle_mm_fault+0x589/0xd10 [ 997.766501][T28919] __get_user_pages+0x54e/0x3530 [ 997.766548][T28919] ? __pfx___get_user_pages+0x10/0x10 [ 997.766595][T28919] populate_vma_page_range+0x267/0x3f0 [ 997.766634][T28919] ? __pfx_populate_vma_page_range+0x10/0x10 [ 997.766669][T28919] ? __pfx_find_vma_intersection+0x10/0x10 [ 997.766704][T28919] ? do_mmap+0x69c/0x1210 [ 997.766738][T28919] __mm_populate+0x1d8/0x380 [ 997.766775][T28919] ? __pfx___mm_populate+0x10/0x10 [ 997.766814][T28919] ? up_write+0x1b2/0x520 [ 997.766853][T28919] vm_mmap_pgoff+0x37f/0x470 [ 997.766889][T28919] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 997.766928][T28919] ? __x64_sys_futex+0x1e0/0x4c0 [ 997.766961][T28919] ? __x64_sys_futex+0x1e9/0x4c0 [ 997.766999][T28919] ksys_mmap_pgoff+0x7d/0x5c0 [ 997.767036][T28919] ? xfd_validate_state+0x61/0x180 [ 997.767071][T28919] ? __pfx_ksys_write+0x10/0x10 [ 997.767102][T28919] __x64_sys_mmap+0x125/0x190 [ 997.767143][T28919] do_syscall_64+0xcd/0xfa0 [ 997.767181][T28919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.767205][T28919] RIP: 0033:0x7f60ebb8f7c9 [ 997.767225][T28919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 997.767249][T28919] RSP: 002b:00007f60ecac8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 997.767272][T28919] RAX: ffffffffffffffda RBX: 00007f60ebde5fa0 RCX: 00007f60ebb8f7c9 [ 997.767291][T28919] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000003000000 [ 997.767309][T28919] RBP: 00007f60ebc13f91 R08: ffffffffffffffff R09: 0000000000008000 [ 997.767325][T28919] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 997.767343][T28919] R13: 00007f60ebde6038 R14: 00007f60ebde5fa0 R15: 00007fff8997d1a8 [ 997.767375][T28919] [ 999.838987][T28952] FAULT_INJECTION: forcing a failure. [ 999.838987][T28952] name failslab, interval 1, probability 0, space 0, times 0 [ 999.900394][T28952] CPU: 0 UID: 0 PID: 28952 Comm: syz.4.10740 Tainted: G U I syzkaller #0 PREEMPT(full) [ 999.900444][T28952] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 999.900454][T28952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 999.900469][T28952] Call Trace: [ 999.900477][T28952] [ 999.900486][T28952] dump_stack_lvl+0x16c/0x1f0 [ 999.900520][T28952] should_fail_ex+0x512/0x640 [ 999.900558][T28952] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 999.900588][T28952] should_failslab+0xc2/0x120 [ 999.900622][T28952] kmem_cache_alloc_node_noprof+0x78/0x770 [ 999.900647][T28952] ? kasan_save_stack+0x42/0x60 [ 999.900676][T28952] ? __alloc_skb+0x2b2/0x380 [ 999.900714][T28952] ? kasan_save_track+0x14/0x30 [ 999.900748][T28952] ? __alloc_skb+0x2b2/0x380 [ 999.900791][T28952] __alloc_skb+0x2b2/0x380 [ 999.900829][T28952] ? __pfx___alloc_skb+0x10/0x10 [ 999.900879][T28952] netlink_ack+0x15d/0xb80 [ 999.900906][T28952] ? __lock_acquire+0x622/0x1c90 [ 999.900946][T28952] rdma_nl_rcv_skb.constprop.0.isra.0+0x330/0x430 [ 999.900988][T28952] ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10 [ 999.901035][T28952] ? netlink_deliver_tap+0x1ae/0xd30 [ 999.901066][T28952] netlink_unicast+0x5aa/0x870 [ 999.901096][T28952] ? __pfx_netlink_unicast+0x10/0x10 [ 999.901133][T28952] netlink_sendmsg+0x8c8/0xdd0 [ 999.901164][T28952] ? __pfx_netlink_sendmsg+0x10/0x10 [ 999.901194][T28952] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 999.901236][T28952] __sys_sendto+0x4a3/0x520 [ 999.901275][T28952] ? __pfx___sys_sendto+0x10/0x10 [ 999.901338][T28952] ? xfd_validate_state+0x61/0x180 [ 999.901372][T28952] ? __pfx_ksys_write+0x10/0x10 [ 999.901404][T28952] __x64_sys_sendto+0xe0/0x1c0 [ 999.901441][T28952] ? do_syscall_64+0x91/0xfa0 [ 999.901470][T28952] ? lockdep_hardirqs_on+0x7c/0x110 [ 999.901504][T28952] do_syscall_64+0xcd/0xfa0 [ 999.901536][T28952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 999.901561][T28952] RIP: 0033:0x7fa6bff9165c [ 999.901580][T28952] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 999.901604][T28952] RSP: 002b:00007fa6c0e7bec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 999.901627][T28952] RAX: ffffffffffffffda RBX: 00007fa6c0e7bfc0 RCX: 00007fa6bff9165c [ 999.901643][T28952] RDX: 0000000000000020 RSI: 00007fa6c0e7c010 RDI: 0000000000000004 [ 999.901658][T28952] RBP: 0000000000000000 R08: 00007fa6c0e7bf14 R09: 000000000000000c [ 999.901672][T28952] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 999.901687][T28952] R13: 00007fa6c0e7bf68 R14: 00007fa6c0e7c010 R15: 0000000000000000 [ 999.901718][T28952] [ 1003.253775][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.262460][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1005.711456][T29033] overlayfs: missing 'lowerdir' [ 1007.171180][T29063] netlink: 'syz.4.10787': attribute type 1 has an invalid length. [ 1007.964739][T29084] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input41 [ 1010.215899][T29113] zswap: compressor not available [ 1011.010339][T29132] FAULT_INJECTION: forcing a failure. [ 1011.010339][T29132] name failslab, interval 1, probability 0, space 0, times 0 [ 1011.092263][T29132] CPU: 0 UID: 0 PID: 29132 Comm: syz.4.10816 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1011.092306][T29132] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1011.092316][T29132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1011.092330][T29132] Call Trace: [ 1011.092338][T29132] [ 1011.092347][T29132] dump_stack_lvl+0x16c/0x1f0 [ 1011.092380][T29132] should_fail_ex+0x512/0x640 [ 1011.092418][T29132] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1011.092448][T29132] should_failslab+0xc2/0x120 [ 1011.092482][T29132] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1011.092507][T29132] ? __lock_acquire+0xb8a/0x1c90 [ 1011.092542][T29132] ? __d_alloc+0x32/0xae0 [ 1011.092575][T29132] ? __d_alloc+0x32/0xae0 [ 1011.092600][T29132] __d_alloc+0x32/0xae0 [ 1011.092631][T29132] d_alloc_pseudo+0x1c/0xc0 [ 1011.092667][T29132] alloc_file_pseudo+0xcf/0x230 [ 1011.092705][T29132] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1011.092742][T29132] ? _raw_spin_unlock+0x28/0x50 [ 1011.092768][T29132] ? alloc_fd+0x471/0x7d0 [ 1011.092794][T29132] __anon_inode_getfile+0xe8/0x280 [ 1011.092824][T29132] ? __init_waitqueue_head+0xca/0x150 [ 1011.092849][T29132] do_epoll_create+0x329/0x480 [ 1011.092875][T29132] __x64_sys_epoll_create+0x45/0x70 [ 1011.092918][T29132] do_syscall_64+0xcd/0xfa0 [ 1011.092950][T29132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.092975][T29132] RIP: 0033:0x7fa6bff8f7c9 [ 1011.092993][T29132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1011.093017][T29132] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 1011.093039][T29132] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1011.093056][T29132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 1011.093070][T29132] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1011.093085][T29132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1011.093099][T29132] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1011.093130][T29132] [ 1013.141348][T29164] zswap: compressor not available [ 1013.799587][T29181] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 1014.364152][T29191] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10840'. [ 1015.558385][T29213] bond0: invalid ARP target specified [ 1016.836252][T29242] FAULT_INJECTION: forcing a failure. [ 1016.836252][T29242] name failslab, interval 1, probability 0, space 0, times 0 [ 1017.110810][T29242] CPU: 0 UID: 0 PID: 29242 Comm: syz.1.10860 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1017.110852][T29242] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1017.110862][T29242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1017.110877][T29242] Call Trace: [ 1017.110884][T29242] [ 1017.110894][T29242] dump_stack_lvl+0x16c/0x1f0 [ 1017.110927][T29242] should_fail_ex+0x512/0x640 [ 1017.110965][T29242] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1017.110991][T29242] should_failslab+0xc2/0x120 [ 1017.111025][T29242] __kmalloc_cache_noprof+0x72/0x780 [ 1017.111049][T29242] ? do_epoll_create+0x62/0x480 [ 1017.111074][T29242] ? __do_sys_rseq+0x51d/0x760 [ 1017.111101][T29242] ? do_epoll_create+0x62/0x480 [ 1017.111125][T29242] do_epoll_create+0x62/0x480 [ 1017.111151][T29242] __x64_sys_epoll_create+0x45/0x70 [ 1017.111178][T29242] do_syscall_64+0xcd/0xfa0 [ 1017.111210][T29242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.111235][T29242] RIP: 0033:0x7efea2f8f7c9 [ 1017.111253][T29242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1017.111277][T29242] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 1017.111300][T29242] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 1017.111316][T29242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 1017.111331][T29242] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1017.111345][T29242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1017.111360][T29242] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 1017.111391][T29242] [ 1017.768031][T29251] netlink: 280 bytes leftover after parsing attributes in process `syz.4.10869'. [ 1019.148351][T29281] bond0: invalid ARP target specified [ 1019.405505][T29279] Process accounting resumed [ 1019.499083][T29285] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 1020.139639][T29306] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10890'. [ 1022.702181][T29358] zswap: compressor not available [ 1024.078571][T29380] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1024.820659][T29397] FAULT_INJECTION: forcing a failure. [ 1024.820659][T29397] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1024.836429][T29397] CPU: 0 UID: 0 PID: 29397 Comm: syz.4.10937 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1024.836488][T29397] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1024.836503][T29397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1024.836522][T29397] Call Trace: [ 1024.836532][T29397] [ 1024.836551][T29397] dump_stack_lvl+0x16c/0x1f0 [ 1024.836601][T29397] should_fail_ex+0x512/0x640 [ 1024.836660][T29397] core_sys_select+0x4c5/0xc20 [ 1024.836704][T29397] ? __pfx_core_sys_select+0x10/0x10 [ 1024.836746][T29397] ? futex_wait+0x120/0x380 [ 1024.836808][T29397] ? __pfx_do_futex+0x10/0x10 [ 1024.836863][T29397] ? __sys_connect+0xe0/0x160 [ 1024.836918][T29397] kern_select+0x15d/0x1e0 [ 1024.836950][T29397] ? __pfx_kern_select+0x10/0x10 [ 1024.836997][T29397] ? __pfx_ksys_write+0x10/0x10 [ 1024.837041][T29397] __x64_sys_select+0xbd/0x160 [ 1024.837071][T29397] ? do_syscall_64+0x91/0xfa0 [ 1024.837111][T29397] ? lockdep_hardirqs_on+0x7c/0x110 [ 1024.837150][T29397] do_syscall_64+0xcd/0xfa0 [ 1024.837194][T29397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1024.837225][T29397] RIP: 0033:0x7fa6bff8f7c9 [ 1024.837251][T29397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1024.837284][T29397] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1024.837315][T29397] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1024.837336][T29397] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 1024.837354][T29397] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1024.837373][T29397] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000 [ 1024.837391][T29397] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1024.837435][T29397] [ 1027.965522][T29454] zswap: compressor not available [ 1029.597006][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1029.658230][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1029.861828][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1030.454126][T29515] FAULT_INJECTION: forcing a failure. [ 1030.454126][T29515] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1030.467571][T29515] CPU: 1 UID: 0 PID: 29515 Comm: syz.1.10975 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1030.467624][T29515] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1030.467636][T29515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1030.467654][T29515] Call Trace: [ 1030.467665][T29515] [ 1030.467678][T29515] dump_stack_lvl+0x16c/0x1f0 [ 1030.467722][T29515] should_fail_ex+0x512/0x640 [ 1030.467779][T29515] core_sys_select+0x4c5/0xc20 [ 1030.467823][T29515] ? __pfx_core_sys_select+0x10/0x10 [ 1030.467865][T29515] ? futex_wait+0x120/0x380 [ 1030.467927][T29515] ? __pfx_do_futex+0x10/0x10 [ 1030.467976][T29515] ? __sys_connect+0xe0/0x160 [ 1030.468027][T29515] kern_select+0x15d/0x1e0 [ 1030.468059][T29515] ? __pfx_kern_select+0x10/0x10 [ 1030.468095][T29515] ? xfd_validate_state+0x61/0x180 [ 1030.468141][T29515] ? __pfx_ksys_write+0x10/0x10 [ 1030.468183][T29515] __x64_sys_select+0xbd/0x160 [ 1030.468213][T29515] ? do_syscall_64+0x91/0xfa0 [ 1030.468250][T29515] ? lockdep_hardirqs_on+0x7c/0x110 [ 1030.468289][T29515] do_syscall_64+0xcd/0xfa0 [ 1030.468331][T29515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.468365][T29515] RIP: 0033:0x7efea2f8f7c9 [ 1030.468391][T29515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1030.468433][T29515] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1030.468464][T29515] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 1030.468486][T29515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 1030.468505][T29515] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1030.468524][T29515] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000 [ 1030.468542][T29515] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 1030.468585][T29515] [ 1031.353124][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1031.361579][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1031.370363][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1031.379162][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1031.388439][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 1031.397916][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1031.407417][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1031.759067][ T30] audit: type=1804 audit(2147485951.198:41): pid=29538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.10984" name="/newroot/1358/file0" dev="tmpfs" ino=6893 res=1 errno=0 [ 1034.173235][T29592] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 1034.189032][T29595] smc: net device dummy0 erased user defined pnetid DUMMY0 [ 1035.779901][T15593] Bluetooth: hci4: unexpected event 0x3e length: 0 < 1 [ 1036.430303][T29667] ptp ptp0: new virtual clock ptp1 [ 1036.446547][T29667] ptp ptp0: new virtual clock ptp2 [ 1036.463287][T29667] ptp ptp0: new virtual clock ptp3 [ 1036.508681][T29667] ptp ptp0: new virtual clock ptp4 [ 1036.522252][T29667] ptp ptp0: new virtual clock ptp5 [ 1036.542383][T29667] ptp ptp0: new virtual clock ptp6 [ 1036.553890][T29667] ptp ptp0: new virtual clock ptp7 [ 1036.574577][T29667] ptp ptp0: new virtual clock ptp8 [ 1036.588319][T29667] ptp ptp0: new virtual clock ptp9 [ 1036.608948][T29667] ptp ptp0: new virtual clock ptp10 [ 1036.627641][T29667] ptp ptp0: new virtual clock ptp11 [ 1036.650731][T29667] ptp ptp0: new virtual clock ptp12 [ 1036.668417][T29667] ptp ptp0: new virtual clock ptp13 [ 1036.684746][T29667] ptp ptp0: new virtual clock ptp14 [ 1036.696974][T29667] ptp ptp0: new virtual clock ptp15 [ 1036.723545][T29667] ptp ptp0: new virtual clock ptp16 [ 1036.740595][T29667] ptp ptp0: new virtual clock ptp17 [ 1036.752423][T29667] ptp ptp0: new virtual clock ptp18 [ 1036.771715][T29667] ptp ptp0: new virtual clock ptp19 [ 1036.798202][T29667] ptp ptp0: new virtual clock ptp20 [ 1036.816196][T29667] ptp ptp0: new virtual clock ptp21 [ 1036.830940][T29667] ptp ptp0: new virtual clock ptp22 [ 1036.857218][T29667] ptp ptp0: new virtual clock ptp23 [ 1036.871520][T29667] ptp ptp0: new virtual clock ptp24 [ 1036.889730][T29667] ptp ptp0: new virtual clock ptp25 [ 1036.917370][T29667] ptp ptp0: new virtual clock ptp26 [ 1036.948014][T29667] ptp ptp0: new virtual clock ptp27 [ 1036.965435][T29667] ptp ptp0: new virtual clock ptp28 [ 1036.988195][T29667] ptp ptp0: new virtual clock ptp29 [ 1037.000109][T29667] ptp ptp0: new virtual clock ptp30 [ 1037.018213][T29667] ptp ptp0: new virtual clock ptp31 [ 1037.028867][T29667] ptp ptp0: new virtual clock ptp32 [ 1037.068607][T29667] ptp ptp0: new virtual clock ptp33 [ 1037.077067][T29667] ptp ptp0: new virtual clock ptp34 [ 1037.097845][T29667] ptp ptp0: new virtual clock ptp35 [ 1037.134281][T29667] ptp ptp0: new virtual clock ptp36 [ 1037.149469][T29667] ptp ptp0: new virtual clock ptp37 [ 1037.159808][T29667] ptp ptp0: new virtual clock ptp38 [ 1037.172364][T29667] ptp ptp0: new virtual clock ptp39 [ 1037.215746][T29667] ptp ptp0: new virtual clock ptp40 [ 1037.229807][T29667] failed to create ptp aux_worker -4 [ 1037.747393][T29735] FAULT_INJECTION: forcing a failure. [ 1037.747393][T29735] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.761520][T29735] CPU: 1 UID: 0 PID: 29735 Comm: syz.4.11049 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1037.761579][T29735] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1037.761594][T29735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1037.761613][T29735] Call Trace: [ 1037.761624][T29735] [ 1037.761636][T29735] dump_stack_lvl+0x16c/0x1f0 [ 1037.761685][T29735] should_fail_ex+0x512/0x640 [ 1037.761737][T29735] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1037.761775][T29735] should_failslab+0xc2/0x120 [ 1037.761822][T29735] __kmalloc_cache_noprof+0x72/0x780 [ 1037.761865][T29735] ? __asan_memset+0x23/0x50 [ 1037.761897][T29735] ? snd_pcm_oss_change_params_locked+0x6f4/0x3a30 [ 1037.761954][T29735] ? snd_pcm_oss_change_params_locked+0x6f4/0x3a30 [ 1037.762002][T29735] snd_pcm_oss_change_params_locked+0x6f4/0x3a30 [ 1037.762065][T29735] ? __mutex_lock+0x1c5/0x1060 [ 1037.762110][T29735] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1037.762158][T29735] ? __pfx___futex_wait+0x10/0x10 [ 1037.762186][T29735] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1037.762224][T29735] ? lockdep_hardirqs_on+0x7c/0x110 [ 1037.762272][T29735] ? __pfx_futex_wake_mark+0x10/0x10 [ 1037.762332][T29735] ? find_held_lock+0x2b/0x80 [ 1037.762372][T29735] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1037.762418][T29735] snd_pcm_oss_write+0x4c2/0xa10 [ 1037.762467][T29735] ? bpf_lsm_file_permission+0x9/0x10 [ 1037.762507][T29735] ? security_file_permission+0x71/0x210 [ 1037.762550][T29735] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 1037.762597][T29735] vfs_write+0x2a0/0x11d0 [ 1037.762644][T29735] ? __pfx_vfs_write+0x10/0x10 [ 1037.762675][T29735] ? find_held_lock+0x2b/0x80 [ 1037.762708][T29735] ? __fget_files+0x204/0x3c0 [ 1037.762747][T29735] ? __fget_files+0x20e/0x3c0 [ 1037.762791][T29735] ksys_write+0x12a/0x250 [ 1037.762846][T29735] ? __pfx_ksys_write+0x10/0x10 [ 1037.762904][T29735] do_syscall_64+0xcd/0xfa0 [ 1037.762948][T29735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1037.762981][T29735] RIP: 0033:0x7fa6bff8f7c9 [ 1037.763007][T29735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1037.763040][T29735] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1037.763070][T29735] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1037.763091][T29735] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 1037.763110][T29735] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1037.763128][T29735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1037.763147][T29735] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1037.763191][T29735] [ 1041.225896][ T30] audit: type=1804 audit(2147485960.748:42): pid=29815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.11079" name="/newroot/1032/file0" dev="tmpfs" ino=5241 res=1 errno=0 [ 1041.918267][T29828] netlink: 346 bytes leftover after parsing attributes in process `syz.4.11087'. [ 1043.651338][T29836] kexec: Could not allocate control_code_buffer [ 1046.082665][T29875] ptp ptp0: new virtual clock ptp41 [ 1046.103886][T29875] ptp ptp0: new virtual clock ptp42 [ 1046.137979][T29875] ptp ptp0: new virtual clock ptp43 [ 1046.154926][T29875] ptp ptp0: new virtual clock ptp44 [ 1046.184098][T29875] ptp ptp0: new virtual clock ptp45 [ 1046.209017][T29875] ptp ptp0: new virtual clock ptp46 [ 1046.221744][T29875] ptp ptp0: new virtual clock ptp47 [ 1046.246306][T29875] ptp ptp0: new virtual clock ptp48 [ 1046.273127][T29875] ptp ptp0: new virtual clock ptp49 [ 1046.294622][T29875] ptp ptp0: new virtual clock ptp50 [ 1046.307687][T29875] ptp ptp0: new virtual clock ptp51 [ 1046.330112][T29875] ptp ptp0: new virtual clock ptp52 [ 1046.358439][T29875] ptp ptp0: new virtual clock ptp53 [ 1046.381922][T29875] ptp ptp0: new virtual clock ptp54 [ 1046.395648][T29875] ptp ptp0: new virtual clock ptp55 [ 1046.414872][T29875] ptp ptp0: new virtual clock ptp56 [ 1046.425650][T29875] ptp ptp0: new virtual clock ptp57 [ 1046.446832][T29875] ptp ptp0: new virtual clock ptp58 [ 1046.456790][T29875] ptp ptp0: new virtual clock ptp59 [ 1046.476552][T29875] ptp ptp0: new virtual clock ptp60 [ 1046.504637][T29875] ptp ptp0: new virtual clock ptp61 [ 1046.525861][T29875] ptp ptp0: new virtual clock ptp62 [ 1046.535760][T29875] ptp ptp0: new virtual clock ptp63 [ 1046.555796][T29875] ptp ptp0: new virtual clock ptp64 [ 1046.577466][T29875] ptp ptp0: new virtual clock ptp65 [ 1046.842697][T29875] ptp ptp0: new virtual clock ptp66 [ 1046.900866][T29875] ptp ptp0: new virtual clock ptp67 [ 1046.932164][T29875] ptp ptp0: new virtual clock ptp68 [ 1046.963403][T29875] ptp ptp0: new virtual clock ptp69 [ 1046.994160][T29875] ptp ptp0: new virtual clock ptp70 [ 1046.999802][T29875] failed to create ptp aux_worker -4 [ 1047.527778][T15593] Bluetooth: hci1: unexpected event 0x3e length: 0 < 1 [ 1048.889718][T29936] bonding: no command found in bonding_masters - use +ifname or -ifname [ 1049.473915][T29944] Process accounting paused [ 1052.235304][T30004] FAULT_INJECTION: forcing a failure. [ 1052.235304][T30004] name failslab, interval 1, probability 0, space 0, times 0 [ 1052.248175][T30004] CPU: 1 UID: 0 PID: 30004 Comm: syz.4.11148 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1052.248231][T30004] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1052.248244][T30004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1052.248262][T30004] Call Trace: [ 1052.248272][T30004] [ 1052.248284][T30004] dump_stack_lvl+0x16c/0x1f0 [ 1052.248333][T30004] should_fail_ex+0x512/0x640 [ 1052.248381][T30004] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1052.248418][T30004] should_failslab+0xc2/0x120 [ 1052.248462][T30004] __kmalloc_cache_noprof+0x72/0x780 [ 1052.248497][T30004] ? __do_sys_fanotify_init+0x4c3/0xc80 [ 1052.248548][T30004] ? get_mem_cgroup_from_mm+0x12a/0x600 [ 1052.248586][T30004] ? __do_sys_fanotify_init+0x4c3/0xc80 [ 1052.248635][T30004] __do_sys_fanotify_init+0x4c3/0xc80 [ 1052.248695][T30004] do_syscall_64+0xcd/0xfa0 [ 1052.248748][T30004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1052.248782][T30004] RIP: 0033:0x7fa6bff8f7c9 [ 1052.248808][T30004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1052.248839][T30004] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 1052.248871][T30004] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1052.248892][T30004] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000c00 [ 1052.248911][T30004] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1052.248930][T30004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1052.248949][T30004] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1052.248992][T30004] [ 1052.444481][T29965] kexec: Could not allocate control_code_buffer [ 1052.631917][ T30] audit: type=1804 audit(2147485972.207:43): pid=30002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.11142" name="file0" dev="tmpfs" ino=11568 res=1 errno=0 [ 1053.761198][T30032] nbd: socks must be embedded in a SOCK_ITEM attr [ 1056.189662][T30076] FAULT_INJECTION: forcing a failure. [ 1056.189662][T30076] name failslab, interval 1, probability 0, space 0, times 0 [ 1056.202642][T30076] CPU: 0 UID: 0 PID: 30076 Comm: syz.4.11178 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1056.202696][T30076] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1056.202709][T30076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1056.202727][T30076] Call Trace: [ 1056.202738][T30076] [ 1056.202750][T30076] dump_stack_lvl+0x16c/0x1f0 [ 1056.202795][T30076] should_fail_ex+0x512/0x640 [ 1056.202841][T30076] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1056.202874][T30076] should_failslab+0xc2/0x120 [ 1056.202916][T30076] __kmalloc_cache_noprof+0x72/0x780 [ 1056.202946][T30076] ? do_eventfd+0x67/0x2c0 [ 1056.202996][T30076] ? do_eventfd+0x67/0x2c0 [ 1056.203039][T30076] do_eventfd+0x67/0x2c0 [ 1056.203080][T30076] ? rcu_is_watching+0x12/0xc0 [ 1056.203115][T30076] __x64_sys_eventfd+0x32/0x50 [ 1056.203160][T30076] do_syscall_64+0xcd/0xfa0 [ 1056.203200][T30076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1056.203232][T30076] RIP: 0033:0x7fa6bff8f7c9 [ 1056.203256][T30076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1056.203288][T30076] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 1056.203317][T30076] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1056.203338][T30076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1056.203356][T30076] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1056.203374][T30076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1056.203392][T30076] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1056.203444][T30076] [ 1057.108894][ T30] audit: type=1804 audit(2147485976.700:44): pid=30090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.11177" name="/newroot/2994/file0" dev="tmpfs" ino=15088 res=1 errno=0 [ 1057.699593][T30038] kexec: Could not allocate control_code_buffer [ 1058.525363][T30111] FAULT_INJECTION: forcing a failure. [ 1058.525363][T30111] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.539114][T30111] CPU: 1 UID: 0 PID: 30111 Comm: syz.4.11194 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1058.539174][T30111] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1058.539188][T30111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1058.539209][T30111] Call Trace: [ 1058.539220][T30111] [ 1058.539232][T30111] dump_stack_lvl+0x16c/0x1f0 [ 1058.539280][T30111] should_fail_ex+0x512/0x640 [ 1058.539342][T30111] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1058.539380][T30111] should_failslab+0xc2/0x120 [ 1058.539425][T30111] __kmalloc_cache_noprof+0x72/0x780 [ 1058.539453][T30111] ? rcu_is_watching+0x12/0xc0 [ 1058.539496][T30111] ? resv_map_alloc+0x46/0x400 [ 1058.539550][T30111] ? resv_map_alloc+0x46/0x400 [ 1058.539595][T30111] resv_map_alloc+0x46/0x400 [ 1058.539641][T30111] hugetlbfs_get_inode+0x33f/0x730 [ 1058.539687][T30111] hugetlb_file_setup+0x15b/0x620 [ 1058.539728][T30111] ksys_mmap_pgoff+0x189/0x5c0 [ 1058.539779][T30111] __x64_sys_mmap+0x125/0x190 [ 1058.539836][T30111] do_syscall_64+0xcd/0xfa0 [ 1058.539881][T30111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1058.539915][T30111] RIP: 0033:0x7fa6bff8f7c9 [ 1058.539951][T30111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1058.539988][T30111] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1058.540018][T30111] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1058.540038][T30111] RDX: 0000000000000002 RSI: 0000000000000006 RDI: 0000000000000000 [ 1058.540056][T30111] RBP: 00007fa6c0013f91 R08: ffffffffffffffff R09: 0000308000000000 [ 1058.540077][T30111] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1058.540095][T30111] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1058.540139][T30111] [ 1062.005369][T30143] FAULT_INJECTION: forcing a failure. [ 1062.005369][T30143] name failslab, interval 1, probability 0, space 0, times 0 [ 1062.034057][T30143] CPU: 0 UID: 0 PID: 30143 Comm: syz.1.11208 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1062.034117][T30143] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1062.034131][T30143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1062.034150][T30143] Call Trace: [ 1062.034161][T30143] [ 1062.034174][T30143] dump_stack_lvl+0x16c/0x1f0 [ 1062.034220][T30143] should_fail_ex+0x512/0x640 [ 1062.034269][T30143] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1062.034305][T30143] should_failslab+0xc2/0x120 [ 1062.034350][T30143] __kmalloc_cache_noprof+0x72/0x780 [ 1062.034382][T30143] ? do_eventfd+0x67/0x2c0 [ 1062.034434][T30143] ? do_eventfd+0x67/0x2c0 [ 1062.034478][T30143] do_eventfd+0x67/0x2c0 [ 1062.034520][T30143] ? rcu_is_watching+0x12/0xc0 [ 1062.034558][T30143] __x64_sys_eventfd+0x32/0x50 [ 1062.034607][T30143] do_syscall_64+0xcd/0xfa0 [ 1062.034651][T30143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1062.034684][T30143] RIP: 0033:0x7efea2f8f7c9 [ 1062.034710][T30143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1062.034743][T30143] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 1062.034775][T30143] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 1062.034796][T30143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1062.034814][T30143] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1062.034832][T30143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1062.034851][T30143] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 1062.034894][T30143] [ 1062.483824][T30116] warn_alloc: 1 callbacks suppressed [ 1062.483855][T30116] syz.2.11193: vmalloc error: size 8003584, failed to allocated page array size 15632, mode:0x400cc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1062.549268][T30116] CPU: 1 UID: 0 PID: 30116 Comm: syz.2.11193 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1062.549326][T30116] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1062.549340][T30116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1062.549359][T30116] Call Trace: [ 1062.549369][T30116] [ 1062.549382][T30116] dump_stack_lvl+0x16c/0x1f0 [ 1062.549427][T30116] warn_alloc+0x248/0x3a0 [ 1062.549462][T30116] ? __pfx_warn_alloc+0x10/0x10 [ 1062.549512][T30116] ? __do_sys_listmount+0x27f/0xf00 [ 1062.549562][T30116] ? __vmalloc_node_noprof+0xad/0xf0 [ 1062.549616][T30116] __vmalloc_node_range_noprof+0xfe2/0x1480 [ 1062.549678][T30116] ? __do_sys_listmount+0x27f/0xf00 [ 1062.549742][T30116] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1062.549798][T30116] ? ___kmalloc_large_node+0xed/0x160 [ 1062.549853][T30116] __kvmalloc_node_noprof+0x431/0x9c0 [ 1062.549888][T30116] ? __do_sys_listmount+0x27f/0xf00 [ 1062.549935][T30116] ? __do_sys_listmount+0x27f/0xf00 [ 1062.549979][T30116] ? _copy_from_user+0x59/0xd0 [ 1062.550028][T30116] ? __do_sys_listmount+0x27f/0xf00 [ 1062.550071][T30116] __do_sys_listmount+0x27f/0xf00 [ 1062.550120][T30116] ? arch_do_signal_or_restart+0x211/0x790 [ 1062.550158][T30116] ? __pfx___do_sys_listmount+0x10/0x10 [ 1062.550333][T30116] do_syscall_64+0xcd/0xfa0 [ 1062.550373][T30116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1062.550401][T30116] RIP: 0033:0x7f442df8f7c9 [ 1062.550425][T30116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1062.550451][T30116] RSP: 002b:00007f442ee5a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1062.550483][T30116] RAX: ffffffffffffffda RBX: 00007f442e1e5fa0 RCX: 00007f442df8f7c9 [ 1062.550502][T30116] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 1062.550519][T30116] RBP: 00007f442e013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1062.550536][T30116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1062.550553][T30116] R13: 00007f442e1e6038 R14: 00007f442e1e5fa0 R15: 00007ffd814bb9f8 [ 1062.550594][T30116] [ 1062.892517][T30116] Mem-Info: [ 1062.895890][T30116] active_anon:3323 inactive_anon:7380 isolated_anon:32 [ 1062.895890][T30116] active_file:16988 inactive_file:37914 isolated_file:0 [ 1062.895890][T30116] unevictable:768 dirty:52 writeback:0 [ 1062.895890][T30116] slab_reclaimable:11706 slab_unreclaimable:96651 [ 1062.895890][T30116] mapped:32897 shmem:3379 pagetables:1509 [ 1062.895890][T30116] sec_pagetables:0 bounce:0 [ 1062.895890][T30116] kernel_misc_reclaimable:0 [ 1062.895890][T30116] free:1305384 free_pcp:20277 free_cma:0 [ 1062.952794][T30116] Node 0 active_anon:13392kB inactive_anon:29520kB active_file:67944kB inactive_file:151532kB unevictable:1536kB isolated(anon):128kB isolated(file):0kB mapped:131584kB dirty:208kB writeback:0kB shmem:11980kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:12288kB kernel_stack:13456kB pagetables:5904kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1062.995564][T30116] Node 1 active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:124kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1063.026061][T30145] FAULT_INJECTION: forcing a failure. [ 1063.026061][T30145] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.045687][T30145] CPU: 0 UID: 0 PID: 30145 Comm: syz.0.11200 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1063.045744][T30145] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1063.045758][T30145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1063.045777][T30145] Call Trace: [ 1063.045787][T30145] [ 1063.045799][T30145] dump_stack_lvl+0x16c/0x1f0 [ 1063.045846][T30145] should_fail_ex+0x512/0x640 [ 1063.045893][T30145] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1063.045930][T30145] should_failslab+0xc2/0x120 [ 1063.045987][T30145] __kmalloc_cache_noprof+0x72/0x780 [ 1063.046019][T30145] ? __do_sys_fanotify_init+0x4c3/0xc80 [ 1063.046071][T30145] ? get_mem_cgroup_from_mm+0x12a/0x600 [ 1063.046110][T30145] ? __do_sys_fanotify_init+0x4c3/0xc80 [ 1063.046158][T30145] __do_sys_fanotify_init+0x4c3/0xc80 [ 1063.046216][T30145] do_syscall_64+0xcd/0xfa0 [ 1063.046261][T30145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1063.046292][T30145] RIP: 0033:0x7f60ebb8f7c9 [ 1063.046319][T30145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1063.046352][T30145] RSP: 002b:00007f60ecac8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 1063.046384][T30145] RAX: ffffffffffffffda RBX: 00007f60ebde5fa0 RCX: 00007f60ebb8f7c9 [ 1063.046405][T30145] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000c00 [ 1063.046424][T30145] RBP: 00007f60ebc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1063.046443][T30145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1063.046462][T30145] R13: 00007f60ebde6038 R14: 00007f60ebde5fa0 R15: 00007fff8997d1a8 [ 1063.046506][T30145] [ 1063.046606][T30116] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1063.260685][T30116] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 1063.266559][T30116] Node 0 DMA32 free:1297972kB boost:0kB min:34364kB low:42952kB high:51540kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13636kB inactive_anon:29360kB active_file:67944kB inactive_file:151604kB unevictable:1536kB writepending:208kB zspages:2660kB present:3129332kB managed:2545056kB mlocked:0kB bounce:0kB free_pcp:80824kB local_pcp:28480kB free_cma:0kB [ 1063.307522][T30116] lowmem_reserve[]: 0 0 1 1 1 [ 1063.312355][T30116] Node 0 Normal free:12kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1063.349266][T30116] lowmem_reserve[]: 0 0 0 0 0 [ 1063.354110][T30116] Node 1 Normal free:3908436kB boost:0kB min:55512kB low:69388kB high:83264kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:124kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1063.389954][T30116] lowmem_reserve[]: 0 0 0 0 0 [ 1063.395942][T30116] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1063.409624][T30116] Node 0 DMA32: 1995*4kB (UME) 1611*8kB (UME) 1381*16kB (UME) 812*32kB (UME) 479*64kB (UME) 384*128kB (UM) 280*256kB (UME) 135*512kB (UME) 65*1024kB (UM) 4*2048kB (UM) 228*4096kB (UM) = 1298196kB [ 1063.435086][T30116] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 1063.450701][T30116] Node 1 Normal: 65*4kB (UM) 28*8kB (UME) 45*16kB (UME) 211*32kB (UME) 97*64kB (UME) 26*128kB (UME) 15*256kB (UME) 10*512kB (UM) 5*1024kB (UM) 7*2048kB (UME) 943*4096kB (UM) = 3908436kB [ 1063.509073][T30116] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1063.519983][T30116] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 1063.530261][T30116] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1063.540268][T30116] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 1063.550714][T30116] 58669 total pagecache pages [ 1063.558269][T30116] 259 pages in swap cache [ 1063.562696][T30116] Free swap = 11400kB [ 1063.567475][T30116] Total swap = 124996kB [ 1063.571846][T30116] 2097051 pages RAM [ 1063.583109][T30116] 0 pages HighMem/MovableOnly [ 1063.588413][T30116] 428697 pages reserved [ 1063.592625][T30116] 0 pages cma reserved [ 1064.377006][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1064.383553][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1064.741673][T30154] syz.0.11218 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1064.814390][T30154] CPU: 1 UID: 0 PID: 30154 Comm: syz.0.11218 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1064.814442][T30154] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1064.814455][T30154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1064.814473][T30154] Call Trace: [ 1064.814483][T30154] [ 1064.814494][T30154] dump_stack_lvl+0x16c/0x1f0 [ 1064.814537][T30154] dump_header+0x101/0x930 [ 1064.814573][T30154] oom_kill_process+0x272/0xa40 [ 1064.814610][T30154] out_of_memory+0x350/0x1700 [ 1064.814652][T30154] ? __pfx_out_of_memory+0x10/0x10 [ 1064.814696][T30154] mem_cgroup_out_of_memory+0x118/0x130 [ 1064.814830][T30154] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1064.814890][T30154] ? do_raw_spin_unlock+0x172/0x230 [ 1064.814927][T30154] try_charge_memcg+0x695/0xd30 [ 1064.814974][T30154] ? __pfx_try_charge_memcg+0x10/0x10 [ 1064.815023][T30154] ? find_held_lock+0x2b/0x80 [ 1064.815061][T30154] charge_memcg+0x8a/0x230 [ 1064.815101][T30154] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1064.815145][T30154] __read_swap_cache_async+0x397/0x500 [ 1064.815180][T30154] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1064.815210][T30154] ? __lock_acquire+0xb8a/0x1c90 [ 1064.815250][T30154] ? __xa_erase+0xee/0x150 [ 1064.815291][T30154] swap_cluster_readahead+0x528/0x770 [ 1064.815329][T30154] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1064.815366][T30154] ? move_cluster+0x39d/0x560 [ 1064.815404][T30154] ? lock_acquire+0x179/0x350 [ 1064.815442][T30154] ? get_vma_policy+0x242/0x3c0 [ 1064.815484][T30154] swapin_readahead+0x160/0x1180 [ 1064.815525][T30154] ? __pfx_swapin_readahead+0x10/0x10 [ 1064.815555][T30154] ? find_held_lock+0x2b/0x80 [ 1064.815581][T30154] ? swap_cache_get_folio+0x267/0x8e0 [ 1064.815606][T30154] ? swap_cache_get_folio+0x267/0x8e0 [ 1064.815630][T30154] ? swap_cache_get_folio+0x267/0x8e0 [ 1064.815659][T30154] ? swap_cache_get_folio+0x267/0x8e0 [ 1064.815685][T30154] ? swap_cache_get_folio+0x1f/0x8e0 [ 1064.815709][T30154] ? swap_cache_get_folio+0x293/0x8e0 [ 1064.815738][T30154] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1064.815851][T30154] ? __pfx_get_swap_device+0x10/0x10 [ 1064.815889][T30154] ? do_swap_page+0x125/0x6340 [ 1064.815930][T30154] ? do_swap_page+0x86c/0x6340 [ 1064.815964][T30154] do_swap_page+0x86c/0x6340 [ 1064.816020][T30154] ? __pfx_do_swap_page+0x10/0x10 [ 1064.816062][T30154] ? __pfx_default_wake_function+0x10/0x10 [ 1064.816093][T30154] ? __lock_acquire+0x622/0x1c90 [ 1064.816135][T30154] ? rcu_is_watching+0x12/0xc0 [ 1064.816164][T30154] ? ___pte_offset_map+0x2ad/0x4f0 [ 1064.816204][T30154] __handle_mm_fault+0x17d1/0x2aa0 [ 1064.816257][T30154] ? __pfx___handle_mm_fault+0x10/0x10 [ 1064.816307][T30154] ? lock_vma_under_rcu+0x176/0x580 [ 1064.816362][T30154] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1064.816415][T30154] handle_mm_fault+0x589/0xd10 [ 1064.816461][T30154] ? __pkru_allows_pkey+0x21/0xb0 [ 1064.816508][T30154] do_user_addr_fault+0x60c/0x1370 [ 1064.816538][T30154] ? rcu_is_watching+0x12/0xc0 [ 1064.816570][T30154] exc_page_fault+0x64/0xc0 [ 1064.816604][T30154] asm_exc_page_fault+0x26/0x30 [ 1064.816630][T30154] RIP: 0033:0x7f60eba6f113 [ 1064.816653][T30154] Code: 89 e7 4c 89 44 24 10 4c 89 54 24 08 e8 06 e6 fd ff 4c 8b 54 24 08 4c 8b 44 24 10 84 c0 0f 85 60 ff ff ff 80 7c 24 1f 00 75 0d <80> 3d 6e 2f 37 00 00 0f 85 70 01 00 00 48 83 7b 50 07 77 08 48 c7 [ 1064.816680][T30154] RSP: 002b:00007fff8997d1e0 EFLAGS: 00010246 [ 1064.816702][T30154] RAX: 0000000000000000 RBX: 00007f60ec915720 RCX: 0000000000000000 [ 1064.816719][T30154] RDX: 0000000000000701 RSI: ffffffff84542701 RDI: 0000000000000000 [ 1064.816735][T30154] RBP: ffffffff84542701 R08: 00007f60ebde6038 R09: 00007f60ebdd2000 [ 1064.816760][T30154] R10: 00007f60eb5ff008 R11: 0000000000000000 R12: 0000000000000000 [ 1064.816777][T30154] R13: 0000000000000007 R14: ffffffff8454243b R15: 0000000000000007 [ 1064.816794][T30154] ? security_mmap_file+0x76b/0x990 [ 1064.816824][T30154] ? security_mmap_addr+0x91/0x1e0 [ 1064.816858][T30154] ? security_mmap_addr+0x91/0x1e0 [ 1064.816892][T30154] [ 1064.816908][T30154] memory: usage 3072kB, limit 3072kB, failcnt 30384 [ 1065.248180][T30154] memory+swap: usage 43492kB, limit 9007199254740988kB, failcnt 0 [ 1065.256066][T30154] kmem: usage 2488kB, limit 9007199254740988kB, failcnt 0 [ 1065.289529][T30154] Memory cgroup stats for /syz0: [ 1065.289908][T30154] cache 409600 [ 1065.303338][T30154] rss 0 [ 1065.306232][T30154] rss_huge 0 [ 1065.309454][T30154] shmem 409600 [ 1065.312859][T30154] mapped_file 409600 [ 1065.327415][T30154] dirty 0 [ 1065.330627][T30154] writeback 0 [ 1065.334179][T30154] workingset_refault_anon 2713 [ 1065.339140][T30154] workingset_refault_file 18454 [ 1065.349999][T30154] swap 41390080 [ 1065.353521][T30154] swapcached 188416 [ 1065.388032][T30154] pgpgin 294907 [ 1065.391570][T30154] pgpgout 304047 [ 1065.395241][T30154] pgfault 385717 [ 1065.405753][T30154] pgmajfault 2127 [ 1065.409666][T30154] inactive_anon 0 [ 1065.413339][T30154] active_anon 188416 [ 1065.425672][T30154] inactive_file 0 [ 1065.429564][T30154] active_file 0 [ 1065.433167][T30154] unevictable 409600 [ 1065.471697][T30154] hierarchical_memory_limit 3145728 [ 1065.482579][T30154] hierarchical_memsw_limit 9223372036854771712 [ 1065.494717][T30154] total_cache 409600 [ 1065.523424][T30154] total_rss 0 [ 1065.549000][T30154] total_rss_huge 0 [ 1065.552806][T30154] total_shmem 409600 [ 1065.573626][T30154] total_mapped_file 409600 [ 1065.578231][T30154] total_dirty 0 [ 1065.581733][T30154] total_writeback 0 [ 1065.586166][T30154] total_workingset_refault_anon 2713 [ 1065.591492][T30154] total_workingset_refault_file 18454 [ 1065.597640][T30154] total_swap 41390080 [ 1065.601685][T30154] total_swapcached 188416 [ 1065.606690][T30154] total_pgpgin 294907 [ 1065.612977][T30154] total_pgpgout 304047 [ 1065.623897][T30154] total_pgfault 385717 [ 1065.634346][T30154] total_pgmajfault 2127 [ 1065.640090][T30154] total_inactive_anon 0 [ 1065.651492][T30154] total_active_anon 188416 [ 1065.664176][T30154] total_inactive_file 0 [ 1065.670863][T30154] total_active_file 0 [ 1065.675307][T30154] total_unevictable 409600 [ 1065.679889][T30154] anon_cost 19 [ 1065.683394][T30154] file_cost 0 [ 1065.687603][T30154] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.11076,pid=29809,uid=0 [ 1065.707476][T30154] Memory cgroup out of memory: Killed process 29809 (syz.0.11076) total-vm:104340kB, anon-rss:1264kB, file-rss:54848kB, shmem-rss:0kB, UID:0 pgtables:200kB oom_score_adj:1000 [ 1066.311260][T30197] FAULT_INJECTION: forcing a failure. [ 1066.311260][T30197] name failslab, interval 1, probability 0, space 0, times 0 [ 1066.334430][T30197] CPU: 1 UID: 0 PID: 30197 Comm: syz.1.11228 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1066.334491][T30197] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1066.334505][T30197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1066.334526][T30197] Call Trace: [ 1066.334536][T30197] [ 1066.334554][T30197] dump_stack_lvl+0x16c/0x1f0 [ 1066.334601][T30197] should_fail_ex+0x512/0x640 [ 1066.334652][T30197] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1066.334690][T30197] should_failslab+0xc2/0x120 [ 1066.334735][T30197] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1066.334768][T30197] ? prepare_creds+0x2c/0x7d0 [ 1066.334825][T30197] ? prepare_creds+0x2c/0x7d0 [ 1066.334867][T30197] prepare_creds+0x2c/0x7d0 [ 1066.335024][T30197] __sys_setreuid+0x101/0xaf0 [ 1066.335073][T30197] ? rcu_is_watching+0x12/0xc0 [ 1066.335115][T30197] do_syscall_64+0xcd/0xfa0 [ 1066.335161][T30197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1066.335194][T30197] RIP: 0033:0x7efea2f8f7c9 [ 1066.335222][T30197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1066.335255][T30197] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 1066.335289][T30197] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 1066.335311][T30197] RDX: 0000000000000000 RSI: 7fffffffffffffff RDI: 0000000080000000 [ 1066.335333][T30197] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1066.335352][T30197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1066.335372][T30197] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 1066.335423][T30197] [ 1067.342302][T30216] FAULT_INJECTION: forcing a failure. [ 1067.342302][T30216] name failslab, interval 1, probability 0, space 0, times 0 [ 1067.355245][T30216] CPU: 1 UID: 0 PID: 30216 Comm: syz.4.11237 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1067.355305][T30216] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1067.355320][T30216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1067.355339][T30216] Call Trace: [ 1067.355351][T30216] [ 1067.355363][T30216] dump_stack_lvl+0x16c/0x1f0 [ 1067.355410][T30216] should_fail_ex+0x512/0x640 [ 1067.355465][T30216] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1067.355501][T30216] should_failslab+0xc2/0x120 [ 1067.355547][T30216] __kmalloc_cache_noprof+0x72/0x780 [ 1067.355576][T30216] ? rcu_is_watching+0x12/0xc0 [ 1067.355618][T30216] ? call_usermodehelper_setup+0xaf/0x360 [ 1067.355653][T30216] ? __pfx_free_modprobe_argv+0x10/0x10 [ 1067.355707][T30216] ? call_usermodehelper_setup+0xaf/0x360 [ 1067.355738][T30216] call_usermodehelper_setup+0xaf/0x360 [ 1067.355778][T30216] __request_module+0x3bd/0x690 [ 1067.355827][T30216] ? __pfx___request_module+0x10/0x10 [ 1067.355897][T30216] ? rcu_is_watching+0x12/0xc0 [ 1067.355933][T30216] ? lockdep_hardirqs_on+0x7c/0x110 [ 1067.355980][T30216] netlink_create+0x226/0x620 [ 1067.356017][T30216] __sock_create+0x338/0x8d0 [ 1067.356069][T30216] __sys_socket+0x14d/0x260 [ 1067.356112][T30216] ? __pfx___sys_socket+0x10/0x10 [ 1067.356155][T30216] ? xfd_validate_state+0x61/0x180 [ 1067.356198][T30216] ? __pfx_ksys_write+0x10/0x10 [ 1067.356242][T30216] __x64_sys_socket+0x72/0xb0 [ 1067.356282][T30216] ? lockdep_hardirqs_on+0x7c/0x110 [ 1067.356328][T30216] do_syscall_64+0xcd/0xfa0 [ 1067.356370][T30216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1067.356402][T30216] RIP: 0033:0x7fa6bff8f7c9 [ 1067.356433][T30216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1067.356465][T30216] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1067.356496][T30216] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1067.356518][T30216] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 1067.356538][T30216] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1067.356558][T30216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1067.356577][T30216] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1067.356624][T30216] [ 1072.140214][T30288] syz.0.11269 invoked oom-killer: gfp_mask=0x402cc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 1072.154863][T30288] CPU: 1 UID: 0 PID: 30288 Comm: syz.0.11269 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1072.154918][T30288] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1072.154931][T30288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1072.154950][T30288] Call Trace: [ 1072.154962][T30288] [ 1072.154974][T30288] dump_stack_lvl+0x16c/0x1f0 [ 1072.155020][T30288] dump_header+0x101/0x930 [ 1072.155064][T30288] oom_kill_process+0x272/0xa40 [ 1072.155103][T30288] out_of_memory+0x350/0x1700 [ 1072.155146][T30288] ? __pfx_out_of_memory+0x10/0x10 [ 1072.155191][T30288] mem_cgroup_out_of_memory+0x118/0x130 [ 1072.155252][T30288] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1072.155316][T30288] ? do_raw_spin_unlock+0x172/0x230 [ 1072.155354][T30288] try_charge_memcg+0x695/0xd30 [ 1072.155405][T30288] ? __pfx_try_charge_memcg+0x10/0x10 [ 1072.155446][T30288] ? find_held_lock+0x2b/0x80 [ 1072.155480][T30288] ? rcu_read_unlock+0x17/0x60 [ 1072.155536][T30288] __memcg_kmem_charge_page+0xda/0x420 [ 1072.155584][T30288] __alloc_frozen_pages_noprof+0x323/0x2470 [ 1072.155624][T30288] ? __pfx_vmap_small_pages_range_noflush+0x10/0x10 [ 1072.155676][T30288] ? alloc_pages_bulk_noprof+0xac5/0x1410 [ 1072.155713][T30288] ? __vmap_pages_range_noflush+0x1d0/0x230 [ 1072.155757][T30288] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1072.155798][T30288] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1072.155833][T30288] ? __vmalloc_node_range_noprof+0xf53/0x1480 [ 1072.155898][T30288] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1072.155955][T30288] ? policy_nodemask+0xea/0x4e0 [ 1072.156001][T30288] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1072.156055][T30288] ? policy_nodemask+0xea/0x4e0 [ 1072.156109][T30288] alloc_pages_mpol+0x1fb/0x550 [ 1072.156154][T30288] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1072.156195][T30288] ? __pfx_alloc_pages_bulk_mempolicy_noprof+0x10/0x10 [ 1072.156265][T30288] ? __do_sys_listmount+0x27f/0xf00 [ 1072.156321][T30288] alloc_pages_noprof+0x131/0x390 [ 1072.156367][T30288] __vmalloc_node_range_noprof+0x6f8/0x1480 [ 1072.156432][T30288] ? __do_sys_listmount+0x27f/0xf00 [ 1072.156496][T30288] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1072.156552][T30288] ? ___kmalloc_large_node+0xed/0x160 [ 1072.156606][T30288] __kvmalloc_node_noprof+0x431/0x9c0 [ 1072.156648][T30288] ? __do_sys_listmount+0x27f/0xf00 [ 1072.156702][T30288] ? __do_sys_listmount+0x27f/0xf00 [ 1072.156751][T30288] ? _copy_from_user+0x59/0xd0 [ 1072.156812][T30288] ? __do_sys_listmount+0x27f/0xf00 [ 1072.156863][T30288] __do_sys_listmount+0x27f/0xf00 [ 1072.156919][T30288] ? __fput+0x68d/0xb70 [ 1072.156963][T30288] ? __pfx___might_resched+0x10/0x10 [ 1072.157001][T30288] ? __pfx___do_sys_listmount+0x10/0x10 [ 1072.157057][T30288] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 1072.157120][T30288] do_syscall_64+0xcd/0xfa0 [ 1072.157164][T30288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1072.157197][T30288] RIP: 0033:0x7f60ebb8f7c9 [ 1072.157224][T30288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1072.157264][T30288] RSP: 002b:00007f60ecac8038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1072.157296][T30288] RAX: ffffffffffffffda RBX: 00007f60ebde5fa0 RCX: 00007f60ebb8f7c9 [ 1072.157317][T30288] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 1072.157337][T30288] RBP: 00007f60ebc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1072.157356][T30288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1072.157376][T30288] R13: 00007f60ebde6038 R14: 00007f60ebde5fa0 R15: 00007fff8997d1a8 [ 1072.157421][T30288] [ 1072.157512][T30288] memory: usage 3072kB, limit 3072kB, failcnt 31099 [ 1072.527730][T30288] memory+swap: usage 3672kB, limit 9007199254740988kB, failcnt 0 [ 1072.537165][T30288] kmem: usage 2920kB, limit 9007199254740988kB, failcnt 0 [ 1072.544385][T30288] Memory cgroup stats for /syz0: [ 1072.544848][T30288] cache 0 [ 1072.552985][T30288] rss 28672 [ 1072.556131][T30288] rss_huge 0 [ 1072.559482][T30288] shmem 0 [ 1072.562606][T30288] mapped_file 0 [ 1072.566095][T30288] dirty 0 [ 1072.569313][T30288] writeback 0 [ 1072.572639][T30288] workingset_refault_anon 2779 [ 1072.577590][T30288] workingset_refault_file 18588 [ 1072.590926][T30288] swap 614400 [ 1072.594282][T30288] swapcached 126976 [ 1072.598127][T30288] pgpgin 295511 [ 1072.618184][T30288] pgpgout 304717 [ 1072.621813][T30288] pgfault 387109 [ 1072.625397][T30288] pgmajfault 2189 [ 1072.629272][T30306] random: crng reseeded on system resumption [ 1072.660094][T30288] inactive_anon 131072 [ 1072.664342][T30288] active_anon 24576 [ 1072.673758][T30288] inactive_file 0 [ 1072.678340][T30288] active_file 0 [ 1072.681847][T30288] unevictable 0 [ 1072.685328][T30288] hierarchical_memory_limit 3145728 [ 1072.707861][T30288] hierarchical_memsw_limit 9223372036854771712 [ 1072.714179][T30288] total_cache 0 [ 1072.746976][T30288] total_rss 28672 [ 1072.757108][T30288] total_rss_huge 0 [ 1072.767230][T30288] total_shmem 0 [ 1072.777408][T30288] total_mapped_file 0 [ 1072.784909][T30288] total_dirty 0 [ 1072.789647][T30288] total_writeback 0 [ 1072.795043][T30288] total_workingset_refault_anon 2779 [ 1072.832621][T30288] total_workingset_refault_file 18588 [ 1072.844250][T30288] total_swap 614400 [ 1072.862737][T30288] total_swapcached 126976 [ 1072.874798][T30288] total_pgpgin 295511 [ 1072.906701][T30288] total_pgpgout 304717 [ 1072.914312][T30288] total_pgfault 387109 [ 1072.924465][T30288] total_pgmajfault 2189 [ 1072.965001][T30288] total_inactive_anon 131072 [ 1072.969734][T30288] total_active_anon 24576 [ 1072.974284][T30288] total_inactive_file 0 [ 1072.986334][T30288] total_active_file 0 [ 1072.990566][T30288] total_unevictable 0 [ 1072.994591][T30288] anon_cost 20 [ 1073.002858][T30288] file_cost 0 [ 1073.010774][T30288] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.11269,pid=30287,uid=0 [ 1073.080399][T30288] Memory cgroup out of memory: Killed process 30287 (syz.0.11269) total-vm:136980kB, anon-rss:1268kB, file-rss:22780kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1073.642411][T30329] FAULT_INJECTION: forcing a failure. [ 1073.642411][T30329] name failslab, interval 1, probability 0, space 0, times 0 [ 1073.676793][T30329] CPU: 0 UID: 0 PID: 30329 Comm: syz.0.11285 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1073.676849][T30329] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1073.676863][T30329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1073.676884][T30329] Call Trace: [ 1073.676894][T30329] [ 1073.676907][T30329] dump_stack_lvl+0x16c/0x1f0 [ 1073.676954][T30329] should_fail_ex+0x512/0x640 [ 1073.677003][T30329] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1073.677037][T30329] should_failslab+0xc2/0x120 [ 1073.677088][T30329] __kmalloc_cache_noprof+0x72/0x780 [ 1073.677118][T30329] ? ptrace_attach+0x290/0x6a0 [ 1073.677155][T30329] ? kstrdup_quotable_cmdline+0x52/0x210 [ 1073.677211][T30329] ? kstrdup_quotable_cmdline+0x52/0x210 [ 1073.677247][T30329] kstrdup_quotable_cmdline+0x52/0x210 [ 1073.677291][T30329] __report_access+0x4b/0x370 [ 1073.677327][T30329] ? _raw_spin_unlock_irq+0x23/0x50 [ 1073.677366][T30329] task_work_run+0x150/0x240 [ 1073.677418][T30329] ? __pfx_task_work_run+0x10/0x10 [ 1073.677481][T30329] exit_to_user_mode_loop+0xec/0x130 [ 1073.677531][T30329] do_syscall_64+0x426/0xfa0 [ 1073.677573][T30329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1073.677605][T30329] RIP: 0033:0x7f60ebb8f7c9 [ 1073.677630][T30329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1073.677661][T30329] RSP: 002b:00007f60ecac8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 1073.677691][T30329] RAX: ffffffffffffffff RBX: 00007f60ebde5fa0 RCX: 00007f60ebb8f7c9 [ 1073.677712][T30329] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000004206 [ 1073.677730][T30329] RBP: 00007f60ebc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1073.677749][T30329] R10: 0000000000200005 R11: 0000000000000246 R12: 0000000000000000 [ 1073.677768][T30329] R13: 00007f60ebde6038 R14: 00007f60ebde5fa0 R15: 00007fff8997d1a8 [ 1073.677811][T30329] [ 1073.677912][T30329] ptrace attach of "(null)"[5835] was attempted by "./syz-executor exec"[30329] [ 1075.170497][T30357] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11297'. [ 1076.010397][T30382] netlink: 338 bytes leftover after parsing attributes in process `syz.1.11307'. [ 1076.681320][T30400] FAULT_INJECTION: forcing a failure. [ 1076.681320][T30400] name failslab, interval 1, probability 0, space 0, times 0 [ 1076.707611][T30400] CPU: 0 UID: 0 PID: 30400 Comm: syz.4.11316 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1076.707670][T30400] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1076.707683][T30400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1076.707704][T30400] Call Trace: [ 1076.707715][T30400] [ 1076.707728][T30400] dump_stack_lvl+0x16c/0x1f0 [ 1076.707773][T30400] should_fail_ex+0x512/0x640 [ 1076.707820][T30400] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1076.707865][T30400] should_failslab+0xc2/0x120 [ 1076.707910][T30400] __kmalloc_cache_noprof+0x72/0x780 [ 1076.707943][T30400] ? newseg+0x25a/0xe60 [ 1076.707983][T30400] ? newseg+0x25a/0xe60 [ 1076.708013][T30400] ? __pfx___might_resched+0x10/0x10 [ 1076.708047][T30400] newseg+0x25a/0xe60 [ 1076.708087][T30400] ? __pfx_newseg+0x10/0x10 [ 1076.708125][T30400] ? __sched_setaffinity+0x173/0x280 [ 1076.708170][T30400] ipcget+0xf6/0xfa0 [ 1076.708205][T30400] ? do_futex+0x122/0x350 [ 1076.708249][T30400] ? __pfx_do_futex+0x10/0x10 [ 1076.708294][T30400] ? sched_setaffinity+0xe0/0x400 [ 1076.708331][T30400] ? __pfx_ipcget+0x10/0x10 [ 1076.708367][T30400] ? __x64_sys_futex+0x1e0/0x4c0 [ 1076.708409][T30400] ? __x64_sys_futex+0x1e9/0x4c0 [ 1076.708461][T30400] __x64_sys_shmget+0x13b/0x1b0 [ 1076.708500][T30400] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1076.708537][T30400] ? rcu_is_watching+0x12/0xc0 [ 1076.708569][T30400] do_syscall_64+0xcd/0xfa0 [ 1076.708605][T30400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1076.708633][T30400] RIP: 0033:0x7fa6bff8f7c9 [ 1076.708655][T30400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1076.708682][T30400] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1076.708708][T30400] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1076.708726][T30400] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 1076.708742][T30400] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1076.708758][T30400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1076.708774][T30400] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1076.708811][T30400] [ 1077.032419][T30404] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11317'. [ 1077.654877][T30417] netlink: 342 bytes leftover after parsing attributes in process `syz.4.11324'. [ 1078.881070][T30454] sctp: [Deprecated]: syz.4.11338 (pid 30454) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1078.881070][T30454] Use struct sctp_sack_info instead [ 1079.582051][T30475] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input42 [ 1080.221302][T30473] Process accounting resumed [ 1080.654779][T30480] zswap: compressor not available [ 1082.445597][T30530] netlink: 346 bytes leftover after parsing attributes in process `syz.0.11366'. [ 1084.435436][T30595] netlink: 330 bytes leftover after parsing attributes in process `syz.2.11396'. [ 1086.358882][T15593] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 1087.065271][T30641] zswap: compressor not available [ 1087.785770][T30672] FAULT_INJECTION: forcing a failure. [ 1087.785770][T30672] name failslab, interval 1, probability 0, space 0, times 0 [ 1087.805470][T30672] CPU: 1 UID: 0 PID: 30672 Comm: syz.4.11434 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1087.805525][T30672] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1087.805538][T30672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1087.805556][T30672] Call Trace: [ 1087.805568][T30672] [ 1087.805580][T30672] dump_stack_lvl+0x16c/0x1f0 [ 1087.805627][T30672] should_fail_ex+0x512/0x640 [ 1087.805676][T30672] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1087.805715][T30672] should_failslab+0xc2/0x120 [ 1087.805762][T30672] __kmalloc_cache_noprof+0x72/0x780 [ 1087.805797][T30672] ? drm_atomic_state_alloc+0xb8/0x120 [ 1087.805854][T30672] ? drm_atomic_state_alloc+0xb8/0x120 [ 1087.805901][T30672] drm_atomic_state_alloc+0xb8/0x120 [ 1087.805951][T30672] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 1087.806005][T30672] ? __pfx___might_resched+0x10/0x10 [ 1087.806052][T30672] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1087.806104][T30672] ? __mutex_lock+0x1c5/0x1060 [ 1087.806146][T30672] ? rcu_is_watching+0x12/0xc0 [ 1087.806231][T30672] drm_client_modeset_commit_locked+0x14d/0x580 [ 1087.806292][T30672] drm_client_modeset_commit+0x4f/0x80 [ 1087.806345][T30672] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 1087.806399][T30672] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1087.806442][T30672] drm_fbdev_client_restore+0x2c/0x40 [ 1087.806481][T30672] drm_client_dev_restore+0x1f6/0x2a0 [ 1087.806538][T30672] drm_release+0x2c4/0x360 [ 1087.806589][T30672] ? __pfx_drm_release+0x10/0x10 [ 1087.806635][T30672] __fput+0x402/0xb70 [ 1087.806690][T30672] task_work_run+0x150/0x240 [ 1087.806757][T30672] ? __pfx_task_work_run+0x10/0x10 [ 1087.806811][T30672] ? __pfx___do_sys_close_range+0x10/0x10 [ 1087.806861][T30672] exit_to_user_mode_loop+0xec/0x130 [ 1087.806915][T30672] do_syscall_64+0x426/0xfa0 [ 1087.806959][T30672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1087.806993][T30672] RIP: 0033:0x7fa6bff8f7c9 [ 1087.807019][T30672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1087.807051][T30672] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1087.807084][T30672] RAX: 0000000000000000 RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1087.807104][T30672] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1087.807124][T30672] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1087.807143][T30672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1087.807161][T30672] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1087.807207][T30672] [ 1089.982435][T30732] sg_write: data in/out 8156/1 bytes for SCSI command 0x0-- guessing data in; [ 1089.982435][T30732] program syz.1.11458 not setting count and/or reply_len properly [ 1090.203093][T30741] PM: Enabling pm_trace changes system date and time during resume. [ 1090.203093][T30741] PM: Correct system time has to be restored manually after resume. [ 1090.790097][T30770] futex_wake_op: syz.4.11476 tries to shift op by -2048; fix this program [ 1090.800063][T30770] futex_wake_op: syz.4.11476 tries to shift op by -2048; fix this program [ 1090.816697][T30770] 0x000000000001-0x000000020000 : "" [ 1090.856354][T30770] ftl_cs: FTL header corrupt! [ 1091.211802][T30789] FAULT_INJECTION: forcing a failure. [ 1091.211802][T30789] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1091.226108][T30789] CPU: 1 UID: 0 PID: 30789 Comm: syz.4.11485 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1091.226163][T30789] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1091.226178][T30789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1091.226197][T30789] Call Trace: [ 1091.226207][T30789] [ 1091.226219][T30789] dump_stack_lvl+0x16c/0x1f0 [ 1091.226266][T30789] should_fail_ex+0x512/0x640 [ 1091.226324][T30789] should_fail_alloc_page+0xe7/0x130 [ 1091.226370][T30789] prepare_alloc_pages+0x3c2/0x610 [ 1091.226418][T30789] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1091.226452][T30789] ? __pfx_futex_wake_mark+0x10/0x10 [ 1091.226511][T30789] ? futex_hash+0x2c5/0x380 [ 1091.226558][T30789] ? futex_private_hash_put+0xd5/0x190 [ 1091.226597][T30789] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1091.226635][T30789] ? futex_wait+0x120/0x380 [ 1091.226662][T30789] ? __pfx_futex_wait+0x10/0x10 [ 1091.226712][T30789] ? ksys_write+0x190/0x250 [ 1091.226748][T30789] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1091.226780][T30789] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1091.226836][T30789] ? policy_nodemask+0xea/0x4e0 [ 1091.226884][T30789] alloc_pages_mpol+0x1fb/0x550 [ 1091.226930][T30789] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1091.226980][T30789] ? aa_get_newest_label+0xd2/0x250 [ 1091.227033][T30789] ___kmalloc_large_node+0xed/0x160 [ 1091.227084][T30789] __kmalloc_large_noprof+0x1c/0x70 [ 1091.227130][T30789] ? bpf_lsm_locked_down+0x9/0x10 [ 1091.227175][T30789] ksys_ioperm+0x3c9/0x4f0 [ 1091.227224][T30789] do_syscall_64+0xcd/0xfa0 [ 1091.227270][T30789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1091.227302][T30789] RIP: 0033:0x7fa6bff8f7c9 [ 1091.227329][T30789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1091.227362][T30789] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad [ 1091.227394][T30789] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1091.227415][T30789] RDX: 0000000000000002 RSI: 0000000000000006 RDI: 0000000000000007 [ 1091.227434][T30789] RBP: 00007fa6c0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1091.227452][T30789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1091.227471][T30789] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1091.227511][T30789] [ 1092.075490][T30817] i2c i2c-0: delete_device: Can't find device in list [ 1094.187077][T30884] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11524'. [ 1096.856048][T30965] program syz.4.11558 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1097.214695][T30948] UHID_CREATE from different security context by process 6350 (syz.0.11550), this is not allowed. [ 1097.365863][T30981] netlink: zone id is out of range [ 1097.399041][T30981] netlink: set zone limit has 8 unknown bytes [ 1098.490589][T31010] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11577'. [ 1098.570584][T31012] FAULT_INJECTION: forcing a failure. [ 1098.570584][T31012] name failslab, interval 1, probability 0, space 0, times 0 [ 1098.618935][T31012] CPU: 0 UID: 0 PID: 31012 Comm: syz.0.11576 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1098.618990][T31012] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1098.619002][T31012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1098.619022][T31012] Call Trace: [ 1098.619033][T31012] [ 1098.619047][T31012] dump_stack_lvl+0x16c/0x1f0 [ 1098.619096][T31012] should_fail_ex+0x512/0x640 [ 1098.619156][T31012] ? fs_reclaim_acquire+0xae/0x150 [ 1098.619203][T31012] should_failslab+0xc2/0x120 [ 1098.619247][T31012] __kmalloc_noprof+0xdd/0x880 [ 1098.619278][T31012] ? tomoyo_encode2+0x100/0x3e0 [ 1098.619323][T31012] ? tomoyo_encode2+0x100/0x3e0 [ 1098.619359][T31012] tomoyo_encode2+0x100/0x3e0 [ 1098.619402][T31012] tomoyo_encode+0x29/0x50 [ 1098.619438][T31012] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1098.619491][T31012] tomoyo_path_number_perm+0x245/0x580 [ 1098.619542][T31012] ? tomoyo_path_number_perm+0x237/0x580 [ 1098.619598][T31012] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1098.619655][T31012] ? rcu_read_unlock+0x17/0x60 [ 1098.619709][T31012] ? do_raw_spin_lock+0x12c/0x2b0 [ 1098.619760][T31012] ? find_held_lock+0x2b/0x80 [ 1098.619813][T31012] ? find_held_lock+0x2b/0x80 [ 1098.619846][T31012] ? __pfx___d_add+0x10/0x10 [ 1098.619888][T31012] ? d_alloc+0x176/0x1e0 [ 1098.619923][T31012] ? current_check_access_path+0x33c/0x460 [ 1098.619967][T31012] ? __pfx_current_check_access_path+0x10/0x10 [ 1098.620008][T31012] ? simple_lookup+0x105/0x1d0 [ 1098.620048][T31012] tomoyo_path_mknod+0x10c/0x190 [ 1098.620092][T31012] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 1098.620147][T31012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1098.620212][T31012] security_path_mknod+0x161/0x310 [ 1098.620246][T31012] do_mknodat+0x239/0x5d0 [ 1098.620286][T31012] ? __pfx_do_mknodat+0x10/0x10 [ 1098.620319][T31012] ? getname_flags.part.0+0x1c5/0x550 [ 1098.620375][T31012] __x64_sys_mknod+0x87/0xb0 [ 1098.620413][T31012] do_syscall_64+0xcd/0xfa0 [ 1098.620457][T31012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.620489][T31012] RIP: 0033:0x7f60ebb8f7c9 [ 1098.620515][T31012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1098.620545][T31012] RSP: 002b:00007f60ecac8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 1098.620576][T31012] RAX: ffffffffffffffda RBX: 00007f60ebde5fa0 RCX: 00007f60ebb8f7c9 [ 1098.620597][T31012] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 1098.620616][T31012] RBP: 00007f60ebc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1098.620635][T31012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1098.620652][T31012] R13: 00007f60ebde6038 R14: 00007f60ebde5fa0 R15: 00007fff8997d1a8 [ 1098.620696][T31012] [ 1098.620727][T31012] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1099.061073][T31025] FAULT_INJECTION: forcing a failure. [ 1099.061073][T31025] name failslab, interval 1, probability 0, space 0, times 0 [ 1099.080451][T31025] CPU: 0 UID: 0 PID: 31025 Comm: syz.4.11583 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1099.080526][T31025] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1099.080538][T31025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1099.080564][T31025] Call Trace: [ 1099.080575][T31025] [ 1099.080593][T31025] dump_stack_lvl+0x16c/0x1f0 [ 1099.080644][T31025] should_fail_ex+0x512/0x640 [ 1099.080695][T31025] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1099.080739][T31025] should_failslab+0xc2/0x120 [ 1099.080785][T31025] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1099.080818][T31025] ? prepare_creds+0x2c/0x7d0 [ 1099.080876][T31025] ? prepare_creds+0x2c/0x7d0 [ 1099.080922][T31025] prepare_creds+0x2c/0x7d0 [ 1099.080974][T31025] lookup_user_key+0x399/0x1300 [ 1099.081010][T31025] ? __pfx_lookup_user_key+0x10/0x10 [ 1099.081044][T31025] ? ksys_shmctl.constprop.0+0x1d4/0x380 [ 1099.081088][T31025] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1099.081162][T31025] keyctl_setperm_key+0x9d/0x3a0 [ 1099.081213][T31025] ? __pfx_keyctl_setperm_key+0x10/0x10 [ 1099.081259][T31025] ? __pfx___x64_sys_futex+0x10/0x10 [ 1099.081316][T31025] __do_sys_keyctl+0x29a/0x590 [ 1099.081378][T31025] do_syscall_64+0xcd/0xfa0 [ 1099.081422][T31025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1099.081455][T31025] RIP: 0033:0x7fa6bff8f7c9 [ 1099.081480][T31025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1099.081512][T31025] RSP: 002b:00007fa6c0e7d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1099.081544][T31025] RAX: ffffffffffffffda RBX: 00007fa6c01e5fa0 RCX: 00007fa6bff8f7c9 [ 1099.081564][T31025] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000005 [ 1099.081584][T31025] RBP: 00007fa6c0013f91 R08: 0000000000000005 R09: 0000000000000000 [ 1099.081604][T31025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1099.081624][T31025] R13: 00007fa6c01e6038 R14: 00007fa6c01e5fa0 R15: 00007fff6043a7b8 [ 1099.081669][T31025] [ 1103.081333][T31152] svc: failed to register nfsdv3 RPC service (errno 111). [ 1103.091828][T31152] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1104.249185][T31188] bridge0: port 5(batadv0) entered blocking state [ 1104.271115][T31188] bridge0: port 5(batadv0) entered disabled state [ 1104.298630][T31188] batadv0: entered allmulticast mode [ 1104.323497][T31188] batadv0: entered promiscuous mode [ 1104.336394][T31188] bridge0: port 5(batadv0) entered blocking state [ 1104.343336][T31188] bridge0: port 5(batadv0) entered forwarding state [ 1104.664018][T15885] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 1104.674897][T15885] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 1107.813990][T31289] futex_wake_op: syz.4.11695 tries to shift op by -2048; fix this program [ 1107.824799][T31289] futex_wake_op: syz.4.11695 tries to shift op by -2048; fix this program [ 1107.918344][T31292] sock: sock_timestamping_bind_phc: sock not bind to device [ 1107.956049][T31283] zswap: compressor not available [ 1108.372464][T31308] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 1108.380004][T31308] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 1110.706894][T31370] netlink: 342 bytes leftover after parsing attributes in process `syz.4.11732'. [ 1110.894647][T31311] kexec: Could not allocate control_code_buffer [ 1110.978067][T31374] netlink: 342 bytes leftover after parsing attributes in process `syz.2.11734'. [ 1114.169354][T31394] futex_wake_op: syz.4.11742 tries to shift op by -2048; fix this program [ 1114.183207][T31394] futex_wake_op: syz.4.11742 tries to shift op by -2048; fix this program [ 1114.195737][T31394] 0x000000000001-0x000000020000 : "" [ 1114.252579][T31394] ftl_cs: FTL header corrupt! [ 1115.081871][T31351] Process accounting paused [ 1116.586225][T31446] sock: sock_set_timeout: `syz.0.11762' (pid 31446) tries to set negative timeout [ 1117.900305][T31455] zswap: compressor 000 not available [ 1125.508195][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1125.514893][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1132.411717][T28255] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1132.473889][T28255] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1132.643072][T28255] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1132.710832][T28255] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1132.777273][T28255] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1135.698474][T16036] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1135.887408][T15593] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1136.504832][T31522] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1136.588720][T15593] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1136.611636][T31522] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1136.891252][T31530] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1140.505766][T28255] Bluetooth: hci5: Opcode 0x1001 failed: -110 [ 1140.552135][T23954] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1140.660253][T31522] Bluetooth: hci2: command tx timeout [ 1140.905705][T31522] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1140.949168][T15593] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1141.031348][T31529] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1141.088252][T31531] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1141.243347][T31531] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1141.286249][T31531] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1141.306451][T31529] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1141.417877][T28255] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1141.546515][T31531] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1141.605116][T28255] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1141.695830][T28255] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1141.768441][T31529] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1141.911716][T31529] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1141.955801][T28255] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1142.945150][T28255] Bluetooth: hci2: command tx timeout [ 1147.423225][T28255] Bluetooth: hci7: command tx timeout [ 1147.444864][T28255] Bluetooth: hci6: command tx timeout [ 1147.474615][T31531] Bluetooth: hci2: command tx timeout [ 1147.496696][T31529] Bluetooth: hci5: command tx timeout [ 1149.625028][T31529] Bluetooth: hci5: command tx timeout [ 1149.643859][T31529] Bluetooth: hci2: command tx timeout [ 1149.668517][T31531] Bluetooth: hci6: command tx timeout [ 1149.674006][T31531] Bluetooth: hci7: command tx timeout [ 1152.494390][T31531] Bluetooth: hci7: command tx timeout [ 1152.499931][T31531] Bluetooth: hci6: command tx timeout [ 1152.524598][T31531] Bluetooth: hci5: command tx timeout [ 1156.211308][T28255] Bluetooth: hci5: command tx timeout [ 1156.230304][T31529] Bluetooth: hci6: command tx timeout [ 1158.834310][T31531] Bluetooth: hci7: command tx timeout [ 1186.626219][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1186.632713][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1196.386838][T16036] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1196.422219][T23954] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1196.453332][T15593] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1196.572472][T23954] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1196.671471][T31553] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1196.748995][T15593] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1196.809875][T23954] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1196.831737][T31553] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1196.954793][T15593] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1196.978962][T15593] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1197.035619][T23954] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1197.120352][T23954] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1197.216697][T31522] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1197.293806][T31529] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1197.627952][T23954] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1197.649309][T23954] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1197.734151][T23954] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1197.879175][T23954] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1198.369960][T23954] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1198.441526][T23954] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1199.601704][T23954] Bluetooth: hci10: command tx timeout [ 1199.766623][T23954] Bluetooth: hci11: command tx timeout [ 1199.839419][T23954] Bluetooth: hci8: command tx timeout [ 1201.291822][T23954] Bluetooth: hci9: command tx timeout [ 1201.668885][T23954] Bluetooth: hci10: command tx timeout [ 1222.570721][T23954] Bluetooth: hci11: command tx timeout [ 1222.595088][T23954] Bluetooth: hci8: command tx timeout [ 1222.637221][T23954] Bluetooth: hci9: command tx timeout [ 1222.660577][T23954] Bluetooth: hci10: command tx timeout [ 1226.682200][T23954] Bluetooth: hci10: command tx timeout [ 1226.706751][T23954] Bluetooth: hci9: command tx timeout [ 1226.740185][T23954] Bluetooth: hci8: command tx timeout [ 1226.745665][T23954] Bluetooth: hci11: command tx timeout [ 1233.987340][T28255] Bluetooth: hci8: command tx timeout [ 1234.013319][T28255] Bluetooth: hci9: command tx timeout [ 1234.018762][T28255] Bluetooth: hci11: command tx timeout [ 1242.661330][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1242.679748][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1242.692918][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1242.709218][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1242.722286][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1242.735450][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1242.751406][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1242.764404][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1242.777423][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1242.793760][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1247.639322][ C0] net_ratelimit: 3731 callbacks suppressed [ 1247.639343][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1247.658306][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1247.671395][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1247.687409][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1247.700396][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1247.714006][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1247.730339][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1247.743477][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1247.756874][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1247.777848][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1247.778189][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1247.807208][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1252.127989][T31529] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 1252.397635][T31529] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 1252.623885][ C0] net_ratelimit: 3533 callbacks suppressed [ 1252.623904][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1252.642880][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1252.655803][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1252.670721][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1252.683495][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1252.696665][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1252.711502][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1252.724455][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1252.737245][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1252.752158][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1254.033828][T31529] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 1254.201245][T31522] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 1254.305796][T31522] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 1254.337235][T31529] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 1254.520429][T31529] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 1256.754090][T28255] Bluetooth: hci12: Opcode 0x0c38 failed: -110 [ 1256.821138][T31529] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 1257.006165][T31531] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 1257.037664][T28255] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 1257.068013][T31531] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 1257.097651][T31530] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 1257.275250][T31530] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 1257.302551][T31530] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 1257.331626][T31531] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 1257.359269][T31553] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 1257.425075][T28255] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 1257.534013][T31531] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 1257.563327][T31530] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 1257.606628][ C0] net_ratelimit: 3240 callbacks suppressed [ 1257.606650][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1257.625624][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1257.640576][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1257.653442][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1257.666408][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1257.681391][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1257.697787][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1257.710693][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1257.725888][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1257.738657][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1259.183550][T31553] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 1259.215917][T31530] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 1259.291715][T31553] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 1261.267237][T31562] Bluetooth: hci12: Opcode 0x0c23 failed: -110 [ 1261.346807][T31569] Bluetooth: hci14: Opcode 0x0c1a failed: -110 [ 1262.590291][ C0] net_ratelimit: 3729 callbacks suppressed [ 1262.590312][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1262.612719][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1262.625378][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1262.638273][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1262.652916][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1262.666750][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1262.679951][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1262.694701][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1262.707454][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1262.720385][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1265.565047][ T31] INFO: task syz.0.11770:31462 blocked for more than 143 seconds. [ 1265.572959][ T31] Tainted: G U I syzkaller #0 [ 1265.591687][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1265.612128][ T31] task:syz.0.11770 state:D stack:27288 pid:31462 tgid:31461 ppid:5835 task_flags:0x400040 flags:0x00080002 [ 1265.634756][ T31] Call Trace: [ 1265.638106][ T31] [ 1265.641085][ T31] __schedule+0x1190/0x5de0 [ 1265.664316][ T31] ? check_path.constprop.0+0x24/0x50 [ 1265.669807][ T31] ? __lock_acquire+0x622/0x1c90 [ 1265.684450][ T31] ? __pfx___schedule+0x10/0x10 [ 1265.689412][ T31] ? find_held_lock+0x2b/0x80 [ 1265.701581][ T31] ? schedule+0x2d7/0x3a0 [ 1265.763826][ T31] ? nl80211_dump_interface+0x310/0x830 [ 1265.769565][ T31] schedule+0xe7/0x3a0 [ 1265.821340][ T31] schedule_preempt_disabled+0x13/0x30 [ 1265.838165][ T31] __mutex_lock+0x818/0x1060 [ 1265.842885][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1265.883207][ T31] ? nl80211_dump_interface+0x310/0x830 [ 1265.888860][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1265.923002][ T31] ? nl80211_dump_wiphy_parse.constprop.0+0x45d/0x5a0 [ 1265.929881][ T31] ? __pfx_nl80211_dump_wiphy_parse.constprop.0+0x10/0x10 [ 1265.972745][ T31] ? nl80211_dump_interface+0x310/0x830 [ 1265.978391][ T31] ? rtnl_is_locked+0x15/0x20 [ 1265.992611][ T31] nl80211_dump_interface+0x310/0x830 [ 1265.998095][ T31] ? __asan_memset+0x23/0x50 [ 1266.012531][ T31] ? __pfx_nl80211_dump_interface+0x10/0x10 [ 1266.018527][ T31] ? __pfx___alloc_skb+0x10/0x10 [ 1266.033050][ T31] genl_dumpit+0x125/0x230 [ 1266.038267][ T31] netlink_dump+0x539/0xd30 [ 1266.062217][ T31] ? __pfx_netlink_dump+0x10/0x10 [ 1266.067366][ T31] ? __asan_memset+0x23/0x50 [ 1266.072014][ T31] ? genl_start+0x67f/0x980 [ 1266.085880][ T31] __netlink_dump_start+0x6d6/0x990 [ 1266.091177][ T31] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 1266.111998][ T31] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 1266.118335][ T31] ? genl_op_from_small+0x25/0x440 [ 1266.141866][ T31] ? __pfx_genl_get_cmd+0x10/0x10 [ 1266.147163][ T31] ? __pfx_genl_start+0x10/0x10 [ 1266.161735][ T31] ? __pfx_genl_dumpit+0x10/0x10 [ 1266.166762][ T31] ? __pfx_genl_done+0x10/0x10 [ 1266.181654][ T31] ? __radix_tree_lookup+0x21f/0x2c0 [ 1266.187056][ T31] genl_rcv_msg+0x46e/0x800 [ 1266.201684][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1266.206822][ T31] ? __pfx_nl80211_dump_interface+0x10/0x10 [ 1266.221394][ T31] netlink_rcv_skb+0x158/0x420 [ 1266.226408][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1266.241649][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1266.247135][ T31] ? netlink_deliver_tap+0x1ae/0xd30 [ 1266.260181][ T31] genl_rcv+0x28/0x40 [ 1266.267912][ T31] netlink_unicast+0x5aa/0x870 [ 1266.273138][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 1266.278517][ T31] netlink_sendmsg+0x8c8/0xdd0 [ 1266.284286][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1266.289647][ T31] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1266.296352][ T31] ____sys_sendmsg+0xa98/0xc70 [ 1266.301560][ T31] ? copy_msghdr_from_user+0x10a/0x160 [ 1266.307078][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1266.313081][ T31] ? __pfx_futex_wake_mark+0x10/0x10 [ 1266.318557][ T31] ___sys_sendmsg+0x134/0x1d0 [ 1266.323803][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 1266.329068][ T31] ? __lock_acquire+0x622/0x1c90 [ 1266.334850][ T31] __sys_sendmsg+0x16d/0x220 [ 1266.339615][ T31] ? __pfx___sys_sendmsg+0x10/0x10 [ 1266.345437][ T31] ? __x64_sys_futex+0x1e0/0x4c0 [ 1266.350578][ T31] do_syscall_64+0xcd/0xfa0 [ 1266.355708][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1266.362188][ T31] RIP: 0033:0x7f60ebb8f7c9 [ 1266.366660][ T31] RSP: 002b:00007f60ecac8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1266.375729][ T31] RAX: ffffffffffffffda RBX: 00007f60ebde5fa0 RCX: 00007f60ebb8f7c9 [ 1266.384320][ T31] RDX: 00000000240088e4 RSI: 0000200000000240 RDI: 0000000000000004 [ 1266.392783][ T31] RBP: 00007f60ebc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1266.401233][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1266.409339][ T31] R13: 00007f60ebde6038 R14: 00007f60ebde5fa0 R15: 00007fff8997d1a8 [ 1266.417808][ T31] [ 1266.421366][ T31] INFO: task syz.2.11785:31495 blocked for more than 144 seconds. [ 1266.429221][ T31] Tainted: G U I syzkaller #0 [ 1266.436360][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1266.445688][ T31] task:syz.2.11785 state:D stack:27592 pid:31495 tgid:31494 ppid:5845 task_flags:0x400140 flags:0x00080002 [ 1266.458350][ T31] Call Trace: [ 1266.462254][ T31] [ 1266.465335][ T31] __schedule+0x1190/0x5de0 [ 1266.470612][ T31] ? __lock_acquire+0xb8a/0x1c90 [ 1266.475645][ T31] ? __lock_acquire+0x622/0x1c90 [ 1266.484209][ T31] ? __pfx___schedule+0x10/0x10 [ 1266.489147][ T31] ? find_held_lock+0x2b/0x80 [ 1266.494528][ T31] ? schedule+0x2d7/0x3a0 [ 1266.498931][ T31] ? dev_ioctl+0x212/0x1060 [ 1266.504017][ T31] schedule+0xe7/0x3a0 [ 1266.508153][ T31] schedule_preempt_disabled+0x13/0x30 [ 1266.514231][ T31] __mutex_lock+0x818/0x1060 [ 1266.518893][ T31] ? __lock_acquire+0x622/0x1c90 [ 1266.524529][ T31] ? dev_ioctl+0x212/0x1060 [ 1266.529096][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1266.534752][ T31] ? dev_load+0x8e/0x240 [ 1266.539078][ T31] ? dev_ioctl+0x212/0x1060 [ 1266.544118][ T31] ? rtnl_lock+0x9/0x20 [ 1266.548441][ T31] dev_ioctl+0x212/0x1060 [ 1266.553555][ T31] sock_do_ioctl+0x19d/0x280 [ 1266.558300][ T31] ? __pfx_sock_do_ioctl+0x10/0x10 [ 1266.563989][ T31] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1266.569186][ T31] sock_ioctl+0x227/0x6b0 [ 1266.574148][ T31] ? __pfx_sock_ioctl+0x10/0x10 [ 1266.579074][ T31] ? hook_file_ioctl_common+0x145/0x410 [ 1266.585253][ T31] ? __fget_files+0x20e/0x3c0 [ 1266.590392][ T31] ? __pfx_sock_ioctl+0x10/0x10 [ 1266.595314][ T31] __x64_sys_ioctl+0x18e/0x210 [ 1266.600813][ T31] do_syscall_64+0xcd/0xfa0 [ 1266.605405][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1266.612010][ T31] RIP: 0033:0x7f442df8f7c9 [ 1266.616484][ T31] RSP: 002b:00007f442ee5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1266.625496][ T31] RAX: ffffffffffffffda RBX: 00007f442e1e5fa0 RCX: 00007f442df8f7c9 [ 1266.633952][ T31] RDX: 0000200000000080 RSI: 00000000000089b0 RDI: 0000000000000003 [ 1266.645241][ T31] RBP: 00007f442e013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1266.653673][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1266.662061][ T31] R13: 00007f442e1e6038 R14: 00007f442e1e5fa0 R15: 00007ffd814bb9f8 [ 1266.670515][ T31] [ 1266.673585][ T31] INFO: task syz.1.11792:31511 blocked for more than 144 seconds. [ 1266.685907][ T31] Tainted: G U I syzkaller #0 [ 1266.692990][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1266.702083][ T31] task:syz.1.11792 state:D stack:28664 pid:31511 tgid:31510 ppid:21389 task_flags:0x400140 flags:0x00080002 [ 1266.714573][ T31] Call Trace: [ 1266.717895][ T31] [ 1266.721371][ T31] __schedule+0x1190/0x5de0 [ 1266.725955][ T31] ? __lock_acquire+0x622/0x1c90 [ 1266.731512][ T31] ? __pfx___schedule+0x10/0x10 [ 1266.736441][ T31] ? find_held_lock+0x2b/0x80 [ 1266.741711][ T31] ? schedule+0x2d7/0x3a0 [ 1266.746117][ T31] ? register_netdevice_notifier_net+0x23/0xb0 [ 1266.752937][ T31] schedule+0xe7/0x3a0 [ 1266.757074][ T31] schedule_preempt_disabled+0x13/0x30 [ 1266.763218][ T31] __mutex_lock+0x818/0x1060 [ 1266.767881][ T31] ? register_netdevice_notifier_net+0x23/0xb0 [ 1266.774722][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1266.780921][ T31] ? find_held_lock+0x2b/0x80 [ 1266.785682][ T31] ? net_generic+0xea/0x2a0 [ 1266.790847][ T31] ? register_netdevice_notifier_net+0x23/0xb0 [ 1266.797509][ T31] ? rtnl_lock+0x9/0x20 [ 1266.802359][ T31] register_netdevice_notifier_net+0x23/0xb0 [ 1266.808817][ T31] ? __pfx_rtnl_net_debug_net_init+0x10/0x10 [ 1266.814860][ T31] ops_init+0x1e2/0x5f0 [ 1266.819576][ T31] setup_net+0x100/0x390 [ 1266.823885][ T31] ? __pfx_setup_net+0x10/0x10 [ 1266.829259][ T31] ? debug_mutex_init+0x37/0x70 [ 1266.834178][ T31] copy_net_ns+0x2f8/0x690 [ 1266.839536][ T31] create_new_namespaces+0x3ea/0xa90 [ 1266.844910][ T31] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1266.851127][ T31] ksys_unshare+0x45b/0xa40 [ 1266.855713][ T31] ? __pfx_ksys_unshare+0x10/0x10 [ 1266.861353][ T31] ? do_user_addr_fault+0x843/0x1370 [ 1266.866792][ T31] __x64_sys_unshare+0x31/0x40 [ 1266.872214][ T31] do_syscall_64+0xcd/0xfa0 [ 1266.876810][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1266.886605][ T31] RIP: 0033:0x7efea2f8f7c9 [ 1266.891633][ T31] RSP: 002b:00007efea11f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1266.900528][ T31] RAX: ffffffffffffffda RBX: 00007efea31e5fa0 RCX: 00007efea2f8f7c9 [ 1266.908948][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1266.918572][ T31] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1266.926607][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1266.935260][ T31] R13: 00007efea31e6038 R14: 00007efea31e5fa0 R15: 00007ffe13fe1028 [ 1266.944196][ T31] [ 1266.947269][ T31] INFO: task syz.1.11792:31512 blocked for more than 144 seconds. [ 1266.955890][ T31] Tainted: G U I syzkaller #0 [ 1266.962833][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1266.971961][ T31] task:syz.1.11792 state:D stack:27064 pid:31512 tgid:31510 ppid:21389 task_flags:0x400140 flags:0x00080002 [ 1266.984584][ T31] Call Trace: [ 1266.988463][ T31] [ 1266.991455][ T31] __schedule+0x1190/0x5de0 [ 1266.996034][ T31] ? __lock_acquire+0x622/0x1c90 [ 1267.001746][ T31] ? __pfx___schedule+0x10/0x10 [ 1267.006675][ T31] ? find_held_lock+0x2b/0x80 [ 1267.011971][ T31] ? schedule+0x2d7/0x3a0 [ 1267.016371][ T31] ? ip_rt_ioctl+0xfc/0x13f0 [ 1267.021540][ T31] schedule+0xe7/0x3a0 [ 1267.025669][ T31] schedule_preempt_disabled+0x13/0x30 [ 1267.031763][ T31] __mutex_lock+0x818/0x1060 [ 1267.036438][ T31] ? ip_rt_ioctl+0xfc/0x13f0 [ 1267.041824][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1267.046940][ T31] ? rcu_is_watching+0x12/0xc0 [ 1267.052161][ T31] ? apparmor_capable+0x114/0x1d0 [ 1267.057891][ T31] ? bpf_lsm_capable+0x9/0x10 [ 1267.062742][ T31] ? security_capable+0x7e/0x260 [ 1267.068278][ T31] ? ip_rt_ioctl+0xfc/0x13f0 [ 1267.072939][ T31] ip_rt_ioctl+0xfc/0x13f0 [ 1267.077979][ T31] ? __pfx_ip_rt_ioctl+0x10/0x10 [ 1267.083090][ T31] ? rcu_is_watching+0x12/0xc0 [ 1267.088553][ T31] ? rep_movs_alternative+0x4a/0x90 [ 1267.093841][ T31] inet_ioctl+0x344/0x3f0 [ 1267.101970][ T31] ? __pfx_inet_ioctl+0x10/0x10 [ 1267.107250][ T31] ? tomoyo_path_number_perm+0x18d/0x580 [ 1267.112969][ T31] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1267.119407][ T31] sock_do_ioctl+0x118/0x280 [ 1267.124083][ T31] ? __pfx_sock_do_ioctl+0x10/0x10 [ 1267.129788][ T31] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1267.134899][ T31] sock_ioctl+0x227/0x6b0 [ 1267.139841][ T31] ? __pfx_sock_ioctl+0x10/0x10 [ 1267.144759][ T31] ? hook_file_ioctl_common+0x145/0x410 [ 1267.150913][ T31] ? __fget_files+0x20e/0x3c0 [ 1267.155657][ T31] ? __pfx_sock_ioctl+0x10/0x10 [ 1267.161150][ T31] __x64_sys_ioctl+0x18e/0x210 [ 1267.166082][ T31] do_syscall_64+0xcd/0xfa0 [ 1267.171791][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1267.178150][ T31] RIP: 0033:0x7efea2f8f7c9 [ 1267.182617][ T31] RSP: 002b:00007efea11d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1267.191592][ T31] RAX: ffffffffffffffda RBX: 00007efea31e6090 RCX: 00007efea2f8f7c9 [ 1267.200044][ T31] RDX: 0000000000000003 RSI: 000000000000890b RDI: 0000000000000003 [ 1267.208425][ T31] RBP: 00007efea3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1267.216866][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1267.224894][ T31] R13: 00007efea31e6128 R14: 00007efea31e6090 R15: 00007ffe13fe1028 [ 1267.233509][ T31] [ 1267.236960][ T31] [ 1267.236960][ T31] Showing all locks held in the system: [ 1267.244719][ T31] 1 lock held by khungtaskd/31: [ 1267.250319][ T31] #0: ffffffff8e3c45e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1267.260733][ T31] 4 locks held by kworker/1:2/982: [ 1267.266328][ T31] #0: ffff888060e2a948 ((wq_completion)wg-kex-wg0#12){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1267.278113][ T31] #1: ffffc900038ffd00 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1267.321798][ T31] #2: ffff88807ed15308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1c2/0x880 [ 1267.334767][ T31] #3: ffff888029520d20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x5ac/0x880 [ 1267.347242][ T31] 2 locks held by kworker/0:2/1211: [ 1267.352792][ T31] 3 locks held by kworker/R-ipv6_/3184: [ 1267.359096][ T31] #0: ffff8880303f1148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1267.370946][ T31] #1: ffffc9000b537c98 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1267.384618][ T31] #2: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x12/0x30 [ 1267.394668][ T31] 7 locks held by kworker/R-bat_e/3409: [ 1267.400718][ T31] 3 locks held by kworker/u11:0/15592: [ 1267.406738][ T31] 3 locks held by kworker/u11:1/15596: [ 1267.412292][ T31] 3 locks held by kworker/u11:3/15625: [ 1267.418377][ T31] 3 locks held by kworker/u11:4/15885: [ 1267.423887][ T31] 2 locks held by kworker/0:0/17904: [ 1267.429873][ T31] 3 locks held by kworker/u11:5/18717: [ 1267.435828][ T31] 2 locks held by kworker/u11:7/18781: [ 1267.441422][ T31] #0: ffff88813ff29948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1267.453534][ T31] #1: ffffc9000b957d00 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1267.465317][ T31] 3 locks held by kworker/u12:1/23954: [ 1267.470830][ T31] 2 locks held by getty/27633: [ 1267.476149][ T31] #0: ffff8880349fd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1267.486451][ T31] #1: ffffc9000bc772f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 1267.497030][ T31] 3 locks held by kworker/u11:2/29497: [ 1267.502538][ T31] 3 locks held by kworker/u11:6/31404: [ 1267.511888][ T31] 3 locks held by kworker/u11:8/31424: [ 1267.517778][ T31] 1 lock held by syz.4.11765/31443: [ 1267.523020][ T31] #0: ffffffff8e3cfa40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0 [ 1267.533617][ T31] 4 locks held by syz.0.11770/31462: [ 1267.539287][ T31] #0: ffffffff9018f490 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1267.548506][ T31] #1: ffff88802ac036e8 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: __netlink_dump_start+0x150/0x990 [ 1267.559529][ T31] #2: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_dump_interface+0xda/0x830 [ 1267.570134][ T31] #3: ffff88807a760788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: nl80211_dump_interface+0x310/0x830 [ 1267.577458][ C0] net_ratelimit: 3192 callbacks suppressed [ 1267.577489][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1267.581057][ T31] 1 lock held by syz.2.11785/31495: [ 1267.587566][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1267.599216][ T31] #0: [ 1267.604921][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1267.616162][ T31] ffffffff900eb6c8 [ 1267.622590][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1267.630917][ T31] ( [ 1267.635331][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1267.646706][ T31] rtnl_mutex [ 1267.649872][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1267.661260][ T31] ){+.+.}-{4:4} [ 1267.670790][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1267.677673][ T31] , at: dev_ioctl+0x212/0x1060 [ 1267.681706][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1267.693828][ T31] 2 locks held by syz.1.11792/31511: [ 1267.699266][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1267.710861][ T31] #0: [ 1267.719850][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1267.728772][ T31] ffffffff900d52b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690 [ 1267.752284][ T31] #1: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x23/0xb0 [ 1267.763623][ T31] 1 lock held by syz.1.11792/31512: [ 1267.768962][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_rt_ioctl+0xfc/0x13f0 [ 1267.778705][ T31] 2 locks held by kworker/u11:9/31513: [ 1267.784617][ T31] #0: ffff88813ff29948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1267.796712][ T31] #1: ffffc90015977d00 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1267.807683][ T31] 1 lock held by syz-executor/31515: [ 1267.813598][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.823495][ T31] 4 locks held by kworker/u11:10/31518: [ 1267.829095][ T31] 1 lock held by syz-executor/31520: [ 1267.835181][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.845210][ T31] 1 lock held by syz-executor/31524: [ 1267.850744][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.864488][ T31] 1 lock held by syz-executor/31527: [ 1267.870076][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.880670][ T31] 3 locks held by kworker/u12:5/31529: [ 1267.886886][ T31] 2 locks held by kworker/u12:6/31530: [ 1267.892489][ T31] 2 locks held by kworker/u12:7/31531: [ 1267.898598][ T31] 4 locks held by kworker/u11:11/31533: [ 1267.904551][ T31] 2 locks held by kworker/u11:12/31538: [ 1267.909088][T28255] Bluetooth: hci2: command 0x0406 tx timeout [ 1267.910347][ T31] #0: ffff88813ff29148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1267.928758][ T31] #1: ffffc900048a7d00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1267.941015][ T31] 1 lock held by syz-executor/31541: [ 1267.946802][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.956745][ T31] 1 lock held by syz-executor/31544: [ 1267.962084][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.972875][ T31] 1 lock held by syz-executor/31548: [ 1267.978464][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.979310][T31522] Bluetooth: hci13: command tx timeout [ 1267.988741][ T31] 1 lock held by syz-executor/31551: [ 1267.988767][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.988864][ T31] 2 locks held by kworker/u12:8/31553: [ 1267.988884][ T31] 1 lock held by dhcpcd/31554: [ 1267.988902][ T31] #0: ffff8880331ad848 (&sb->s_type->i_mutex_key#11){+.+.}-{4:4}, at: __sock_release+0x86/0x270 [ 1267.988998][ T31] 2 locks held by dhcpcd/31555: [ 1267.989018][ T31] #0: ffff888024864260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf60 [ 1267.989111][ T31] #1: ffffffff8e3cfb78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 1267.989209][ T31] 1 lock held by dhcpcd/31556: [ 1267.989228][ T31] #0: ffff888024860260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf60 [ 1267.989307][ T31] 1 lock held by dhcpcd/31557: [ 1267.989325][ T31] #0: ffff88802c9ec260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf60 [ 1267.989405][ T31] 4 locks held by kworker/u11:13/31558: [ 1267.989425][ T31] 2 locks held by kworker/u11:12/31559: [ 1267.989446][ T31] 1 lock held by syz-executor/31562: [ 1267.989465][ T31] #0: ffff88807f5b4dc8 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open+0x22/0x90 [ 1267.989548][ T31] 1 lock held by syz-executor/31566: [ 1267.989568][ T31] #0: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 [ 1267.989661][ T31] [ 1267.989670][ T31] ============================================= [ 1267.989670][ T31] [ 1267.989698][ T31] NMI backtrace for cpu 1 [ 1267.989720][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U I syzkaller #0 PREEMPT(full) [ 1267.989765][ T31] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1267.989776][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1267.989792][ T31] Call Trace: [ 1267.989802][ T31] [ 1267.989813][ T31] dump_stack_lvl+0x116/0x1f0 [ 1267.989853][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1267.989905][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1267.989951][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1267.990005][ T31] watchdog+0xf3f/0x1170 [ 1267.990041][ T31] ? rcu_is_watching+0x12/0xc0 [ 1267.990082][ T31] ? __pfx_watchdog+0x10/0x10 [ 1267.990110][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1267.990152][ T31] ? __kthread_parkme+0x19e/0x250 [ 1267.990192][ T31] ? __pfx_watchdog+0x10/0x10 [ 1267.990221][ T31] kthread+0x3c5/0x780 [ 1267.990269][ T31] ? __pfx_kthread+0x10/0x10 [ 1267.990319][ T31] ? rcu_is_watching+0x12/0xc0 [ 1267.990350][ T31] ? __pfx_kthread+0x10/0x10 [ 1267.990397][ T31] ret_from_fork+0x675/0x7d0 [ 1267.990444][ T31] ? __pfx_kthread+0x10/0x10 [ 1267.990488][ T31] ret_from_fork_asm+0x1a/0x30 [ 1267.990551][ T31] [ 1267.990562][ T31] Sending NMI from CPU 1 to CPUs 0: [ 1267.990610][ C0] NMI backtrace for cpu 0 [ 1267.990630][ C0] CPU: 0 UID: 0 PID: 31522 Comm: kworker/u12:4 Tainted: G U I syzkaller #0 PREEMPT(full) [ 1267.990671][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1267.990681][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1267.990699][ C0] Workqueue: hci13 hci_cmd_timeout [ 1267.990726][ C0] RIP: 0010:unwind_get_return_address+0x72/0xa0 [ 1267.990756][ C0] Code: ea 03 80 3c 02 00 75 36 48 8b 7b 48 e8 47 50 19 00 85 c0 74 cf 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 <75> 1c 48 8b 43 48 5b 5d e9 c1 19 f5 09 e8 ac 57 b8 00 eb a0 48 89 [ 1267.990786][ C0] RSP: 0000:ffffc90000006d18 EFLAGS: 00000246 [ 1267.990805][ C0] RAX: dffffc0000000000 RBX: ffffc90000006d30 RCX: ffffc90000006c84 [ 1267.990823][ C0] RDX: 1ffff92000000daf RSI: ffffffff8da03cd1 RDI: ffffffff8223d0b4 [ 1267.990841][ C0] RBP: ffffc90000006d78 R08: 0000000000000001 R09: 0000000000000000 [ 1267.990856][ C0] R10: 0000000000000000 R11: 00000000000123d0 R12: ffffffff81a76b90 [ 1267.990873][ C0] R13: ffffc90000006df0 R14: 0000000000000000 R15: ffff888052500000 [ 1267.990890][ C0] FS: 0000000000000000(0000) GS:ffff888124a0d000(0000) knlGS:0000000000000000 [ 1267.990915][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1267.990931][ C0] CR2: 0000001b2fd1cff8 CR3: 000000000e182000 CR4: 00000000003526f0 [ 1267.990948][ C0] Call Trace: [ 1267.990955][ C0] [ 1267.990964][ C0] arch_stack_walk+0xa6/0x100 [ 1267.990994][ C0] ? kasan_save_track+0x14/0x30 [ 1267.991029][ C0] stack_trace_save+0x8e/0xc0 [ 1267.991059][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1267.991092][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 1267.991129][ C0] kasan_save_stack+0x33/0x60 [ 1267.991158][ C0] ? kasan_save_stack+0x33/0x60 [ 1267.991217][ C0] kasan_save_track+0x14/0x30 [ 1267.991247][ C0] __kasan_save_free_info+0x3b/0x60 [ 1267.991271][ C0] __kasan_slab_free+0x5f/0x80 [ 1267.991303][ C0] kmem_cache_free+0x2d4/0x6c0 [ 1267.991337][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 1267.991374][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 1267.991406][ C0] kfree_skbmem+0x1a4/0x1f0 [ 1267.991439][ C0] consume_skb+0xcc/0x100 [ 1267.991467][ C0] netlink_broadcast_filtered+0x3ee/0xf90 [ 1267.991512][ C0] ? __asan_memcpy+0x3c/0x60 [ 1267.991539][ C0] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 1267.991566][ C0] ? nla_put+0x101/0x140 [ 1267.991598][ C0] ? __pfx_fdb_fill_info+0x10/0x10 [ 1267.991636][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 1267.991679][ C0] nlmsg_notify+0x9e/0x220 [ 1267.991709][ C0] fdb_notify+0xfd/0x1a0 [ 1267.991748][ C0] br_fdb_update+0x323/0x7c0 [ 1267.991773][ C0] ? __pfx_br_fdb_update+0x10/0x10 [ 1267.991796][ C0] ? br_allowed_ingress+0xdd/0x11b0 [ 1267.991827][ C0] br_handle_frame_finish+0xdf1/0x1f00 [ 1267.991862][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 1267.991901][ C0] ? ip6t_do_table+0xc25/0x1c30 [ 1267.991942][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 1267.991980][ C0] ? nf_hook_slow+0x132/0x200 [ 1267.992005][ C0] br_nf_hook_thresh+0x307/0x410 [ 1267.992037][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 1267.992080][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 1267.992116][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 1267.992151][ C0] ? __pfx_nf_nat_ipv6_in+0x10/0x10 [ 1267.992187][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1267.992229][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1267.992273][ C0] br_nf_pre_routing_finish_ipv6+0x76a/0xfc0 [ 1267.992307][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 1267.992351][ C0] br_nf_pre_routing_ipv6+0x3cd/0x8c0 [ 1267.992384][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 1267.992417][ C0] ? lock_acquire+0x179/0x350 [ 1267.992454][ C0] ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10 [ 1267.992489][ C0] ? net_generic+0xea/0x2a0 [ 1267.992520][ C0] br_nf_pre_routing+0x860/0x15b0 [ 1267.992554][ C0] br_handle_frame+0xb28/0x14e0 [ 1267.992588][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 1267.992620][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 1267.992651][ C0] ? kasan_quarantine_put+0x10a/0x240 [ 1267.992681][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 1267.992715][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 1267.992745][ C0] __netif_receive_skb_core.constprop.0+0xa25/0x4bd0 [ 1267.992791][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 1267.992822][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 1267.992855][ C0] ? dst_release+0x12/0x340 [ 1267.992894][ C0] ? arp_process+0x9f5/0x2440 [ 1267.992933][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 1267.992979][ C0] ? __pfx_arp_process+0x10/0x10 [ 1267.993017][ C0] ? __pfx_arp_process+0x10/0x10 [ 1267.993056][ C0] ? __pfx_nf_hook.constprop.0+0x10/0x10 [ 1267.993100][ C0] ? __pfx_arp_process+0x10/0x10 [ 1267.993141][ C0] ? __lock_acquire+0x622/0x1c90 [ 1267.993179][ C0] ? process_backlog+0x3e7/0x15e0 [ 1267.993216][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 1267.993256][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 1267.993298][ C0] ? lock_acquire+0x179/0x350 [ 1267.993342][ C0] ? process_backlog+0x3e7/0x15e0 [ 1267.993380][ C0] __netif_receive_skb+0x1d/0x160 [ 1267.993419][ C0] process_backlog+0x439/0x15e0 [ 1267.993462][ C0] __napi_poll.constprop.0+0xba/0x550 [ 1267.993501][ C0] ? skb_defer_free_flush+0x149/0x280 [ 1267.993533][ C0] net_rx_action+0x97f/0xef0 [ 1267.993577][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 1267.993617][ C0] ? mark_held_locks+0x49/0x80 [ 1267.993651][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 1267.993683][ C0] ? tmigr_handle_remote+0x132/0x380 [ 1267.993716][ C0] ? run_timer_base+0x121/0x190 [ 1267.993750][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 1267.993789][ C0] handle_softirqs+0x219/0x8e0 [ 1267.993822][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 1267.993856][ C0] __irq_exit_rcu+0x109/0x170 [ 1267.993884][ C0] irq_exit_rcu+0x9/0x30 [ 1267.993911][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1267.993942][ C0] [ 1267.993949][ C0] [ 1267.993958][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1267.993987][ C0] RIP: 0010:vprintk_emit+0x526/0x680 [ 1267.994015][ C0] Code: 00 4d 85 ed 0f 85 19 01 00 00 e8 35 ff 20 00 9c 5d 81 e5 00 02 00 00 31 ff 48 89 ee e8 93 fa 20 00 48 85 ed 0f 85 25 01 00 00 15 ff 20 00 45 31 c9 41 b8 01 00 00 00 31 c9 48 8d 05 00 00 00 [ 1267.994039][ C0] RSP: 0000:ffffc900044379b8 EFLAGS: 00000293 [ 1267.994058][ C0] RAX: 0000000000000000 RBX: 0000000000000024 RCX: ffffffff819b598b [ 1267.994076][ C0] RDX: ffff888052500000 RSI: ffffffff819b5995 RDI: 0000000000000007 [ 1267.994093][ C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 1267.994108][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000886f39 [ 1267.994124][ C0] R13: 0000000000000200 R14: ffff88801dac0000 R15: ffffc90004437a80 [ 1267.994147][ C0] ? vprintk_emit+0x63b/0x680 [ 1267.994172][ C0] ? vprintk_emit+0x645/0x680 [ 1267.994200][ C0] ? vprintk_emit+0x645/0x680 [ 1267.994227][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 1267.994256][ C0] ? stack_trace_save+0x8e/0xc0 [ 1267.994288][ C0] _printk+0xc7/0x100 [ 1267.994329][ C0] ? __pfx__printk+0x10/0x10 [ 1267.994366][ C0] ? save_trace+0x1ad/0x380 [ 1267.994401][ C0] bt_err+0xe4/0x120 [ 1267.994423][ C0] ? __pfx_bt_err+0x10/0x10 [ 1267.994450][ C0] ? lock_acquire+0x62/0x350 [ 1267.994487][ C0] ? process_one_work+0x13d6/0x1b70 [ 1267.994529][ C0] hci_cmd_timeout+0x1ff/0x260 [ 1267.994557][ C0] process_one_work+0x9cf/0x1b70 [ 1267.994605][ C0] ? __pfx_process_one_work+0x10/0x10 [ 1267.994652][ C0] ? assign_work+0x1a0/0x250 [ 1267.994691][ C0] worker_thread+0x6c8/0xf10 [ 1267.994721][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1267.994744][ C0] kthread+0x3c5/0x780 [ 1267.994781][ C0] ? __pfx_kthread+0x10/0x10 [ 1267.994820][ C0] ? rcu_is_watching+0x12/0xc0 [ 1267.994847][ C0] ? __pfx_kthread+0x10/0x10 [ 1267.994885][ C0] ret_from_fork+0x675/0x7d0 [ 1267.994922][ C0] ? __pfx_kthread+0x10/0x10 [ 1267.994960][ C0] ret_from_fork_asm+0x1a/0x30 [ 1267.995005][ C0] [ 1272.558721][ C0] net_ratelimit: 2416 callbacks suppressed [ 1272.558742][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1272.580926][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1272.593704][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1272.606988][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1272.621686][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1272.634469][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1272.648011][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1272.663041][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1272.676251][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1272.689791][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)