last executing test programs: 1.583498736s ago: executing program 1 (id=1767): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) get_mempolicy$auto(0x0, 0x0, 0x80, 0x1000, 0x2) 1.452977061s ago: executing program 1 (id=1769): openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x121041, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xc, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x8, 0x1, 0x1]}, 0x0) write$auto(0x3, 0x0, 0xfdef) 1.244251167s ago: executing program 1 (id=1774): openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x1a6b75d638929210, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto(r0, 0x3b8a, 0x38) 1.106798394s ago: executing program 1 (id=1778): close_range$auto(0x2, 0xa, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket(0xa, 0x2, 0x88) setsockopt$auto(0x3, 0x0, 0x17, 0x0, 0x0) 1.060577714s ago: executing program 0 (id=1779): r0 = socket(0x2, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_HANDSHAKE_CMD_DONE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd22, 0x25dfdbff, {}, [@HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}]}, 0x1c}}, 0xd4) 1.005777492s ago: executing program 1 (id=1781): socket(0x2b, 0x1, 0x0) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0x7ffd, 0xffffffffffffffff, 0x7) r0 = socket(0x2, 0x3, 0x2) setsockopt$auto(r0, 0x0, 0xd1, 0xfffffffffffffffc, 0x3) 876.435062ms ago: executing program 1 (id=1784): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 822.653687ms ago: executing program 0 (id=1785): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0xa, 0x3) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b67, 0x1) 705.735942ms ago: executing program 2 (id=1788): sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x14, 0x0, 0x77bed28568c43d3b, 0x70bd2a, 0x25dfdbfc}, 0x14}}, 0x80) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000100)={0x0, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c2, 0x9, 0x100000000}}) io_uring_register$auto(0x2, 0x21, &(0x7f0000000240), 0x1) 578.280308ms ago: executing program 0 (id=1789): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) 577.235608ms ago: executing program 3 (id=1790): openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x121041, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xc, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x8, 0x1, 0x1]}, 0x0) write$auto(0x3, 0x0, 0xfdef) 548.542925ms ago: executing program 2 (id=1791): openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x1a6b75d638929210, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto(r0, 0x3b8a, 0x38) 459.146516ms ago: executing program 3 (id=1792): r0 = socket(0x1, 0x1, 0x1) bind$auto(r0, &(0x7f0000000140), 0xd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) connect$auto(0x3, &(0x7f0000000140), 0x55) 397.216295ms ago: executing program 2 (id=1793): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'macvlan0\x00'}) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000ec0), r0) sendmsg$auto_NETDEV_CMD_QUEUE_GET2(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000080) 282.133621ms ago: executing program 2 (id=1794): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) close_range$auto(0xffffffffffffffff, r0, 0x9) keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2) 280.211459ms ago: executing program 3 (id=1802): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x20, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video52\x00', 0x0, 0x0) ioctl$auto(r0, 0xc0285628, r0) 236.620573ms ago: executing program 0 (id=1795): mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b47, 0x1) 216.283709ms ago: executing program 3 (id=1796): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1, 0x2, 0x13, 0xc) r0 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x20) 170.585694ms ago: executing program 2 (id=1797): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x3, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14be02, 0x0) ioctl$auto_BLKZEROOUT(r0, 0x127f, 0x0) 110.26251ms ago: executing program 0 (id=1798): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0x2, 0x5, 0x13, 0x9) r0 = socket(0xa, 0x801, 0x84) setsockopt$auto(r0, 0x10000000084, 0x0, 0x0, 0x10) 110.12891ms ago: executing program 3 (id=1799): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/fail_futex/ignore-private\x00', 0x101202, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe) 2.550541ms ago: executing program 3 (id=1800): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fstat$auto(0x2, 0x0) r0 = socket(0xa, 0x2, 0x88) setsockopt$auto(r0, 0x11, 0xb, 0x0, 0x8) 463.592µs ago: executing program 0 (id=1809): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x102, 0x0) sendfile$auto(r0, r0, 0x0, 0x7) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b4d", 0xfdef) 0s ago: executing program 2 (id=1801): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002800)={0x20, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r1}, @WGDEVICE_A_PEERS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000011}, 0x810) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.55' (ED25519) to the list of known hosts. [ 76.515207][ T5813] cgroup: Unknown subsys name 'net' [ 76.665750][ T5813] cgroup: Unknown subsys name 'cpuset' [ 76.675209][ T5813] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 78.165320][ T5813] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 80.013520][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.032680][ T5826] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.062497][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.070994][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 80.081045][ T5147] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 80.099230][ T5147] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.107535][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 80.116205][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 80.133544][ T5147] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 80.137792][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 80.148712][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 80.149123][ T5147] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 80.156441][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 80.181675][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 80.192153][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 80.199651][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 80.206817][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 80.216848][ T5831] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 80.231496][ T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 80.239363][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 80.648323][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 80.808771][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 80.923167][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.930882][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.938581][ T5824] bridge_slave_0: entered allmulticast mode [ 80.945773][ T5824] bridge_slave_0: entered promiscuous mode [ 80.954267][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 80.984276][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.991414][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.998768][ T5824] bridge_slave_1: entered allmulticast mode [ 81.005846][ T5824] bridge_slave_1: entered promiscuous mode [ 81.024602][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 81.119030][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.156744][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.176300][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.184891][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.192310][ T5836] bridge_slave_0: entered allmulticast mode [ 81.199625][ T5836] bridge_slave_0: entered promiscuous mode [ 81.229715][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.237020][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.244353][ T5836] bridge_slave_1: entered allmulticast mode [ 81.251374][ T5836] bridge_slave_1: entered promiscuous mode [ 81.275297][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.282465][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.289718][ T5832] bridge_slave_0: entered allmulticast mode [ 81.297136][ T5832] bridge_slave_0: entered promiscuous mode [ 81.322985][ T5824] team0: Port device team_slave_0 added [ 81.328806][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.336025][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.343547][ T5832] bridge_slave_1: entered allmulticast mode [ 81.350587][ T5832] bridge_slave_1: entered promiscuous mode [ 81.382607][ T5824] team0: Port device team_slave_1 added [ 81.400325][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.440418][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.449869][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.457152][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.464505][ T5828] bridge_slave_0: entered allmulticast mode [ 81.471482][ T5828] bridge_slave_0: entered promiscuous mode [ 81.491726][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.509546][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.517047][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.524465][ T5828] bridge_slave_1: entered allmulticast mode [ 81.531578][ T5828] bridge_slave_1: entered promiscuous mode [ 81.539934][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.547156][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 81.573841][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.587310][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.620095][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.627316][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 81.653824][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.677443][ T5836] team0: Port device team_slave_0 added [ 81.714594][ T5836] team0: Port device team_slave_1 added [ 81.723406][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.735682][ T5832] team0: Port device team_slave_0 added [ 81.754047][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.765461][ T5832] team0: Port device team_slave_1 added [ 81.817019][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.824176][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 81.850303][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.894702][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.901699][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 81.928564][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.941409][ T5828] team0: Port device team_slave_0 added [ 81.953776][ T5824] hsr_slave_0: entered promiscuous mode [ 81.960148][ T5824] hsr_slave_1: entered promiscuous mode [ 81.968591][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.975734][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.002053][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.023377][ T5828] team0: Port device team_slave_1 added [ 82.030322][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.037421][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.063759][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.164697][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.171681][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.198430][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.209825][ T5834] Bluetooth: hci0: command tx timeout [ 82.212277][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.222580][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.248966][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.282548][ T5834] Bluetooth: hci1: command tx timeout [ 82.288145][ T5834] Bluetooth: hci3: command tx timeout [ 82.294155][ T51] Bluetooth: hci2: command tx timeout [ 82.309260][ T5832] hsr_slave_0: entered promiscuous mode [ 82.315891][ T5832] hsr_slave_1: entered promiscuous mode [ 82.322150][ T5832] debugfs: 'hsr0' already exists in 'hsr' [ 82.327952][ T5832] Cannot create hsr debugfs directory [ 82.354245][ T5836] hsr_slave_0: entered promiscuous mode [ 82.360841][ T5836] hsr_slave_1: entered promiscuous mode [ 82.367453][ T5836] debugfs: 'hsr0' already exists in 'hsr' [ 82.373246][ T5836] Cannot create hsr debugfs directory [ 82.451380][ T5828] hsr_slave_0: entered promiscuous mode [ 82.457717][ T5828] hsr_slave_1: entered promiscuous mode [ 82.463949][ T5828] debugfs: 'hsr0' already exists in 'hsr' [ 82.469694][ T5828] Cannot create hsr debugfs directory [ 82.818119][ T5824] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.832734][ T5824] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.842879][ T5824] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.853837][ T5824] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.930680][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.947188][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.958384][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.984308][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 83.063561][ T5836] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 83.076936][ T5836] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 83.109597][ T5836] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 83.133289][ T5836] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 83.170356][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 83.199572][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 83.211833][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 83.238633][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 83.271124][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.326331][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.353946][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.361393][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.400041][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.407243][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.430705][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.500895][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.510901][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.549309][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.556520][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.567972][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.575124][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.609810][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.641468][ T146] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.648666][ T146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.689929][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.727587][ T146] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.734734][ T146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.770784][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.803575][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.810732][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.821965][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.829083][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.874336][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.051537][ T5824] veth0_vlan: entered promiscuous mode [ 84.087604][ T5824] veth1_vlan: entered promiscuous mode [ 84.161893][ T5824] veth0_macvtap: entered promiscuous mode [ 84.194089][ T5824] veth1_macvtap: entered promiscuous mode [ 84.235486][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.257917][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.283901][ T5834] Bluetooth: hci0: command tx timeout [ 84.323105][ T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.345527][ T146] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.357430][ T146] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.366565][ T5834] Bluetooth: hci3: command tx timeout [ 84.375620][ T5831] Bluetooth: hci2: command tx timeout [ 84.381135][ T5831] Bluetooth: hci1: command tx timeout [ 84.412827][ T2980] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.445949][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.507161][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.518675][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.591422][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.612180][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.619446][ T5836] veth0_vlan: entered promiscuous mode [ 84.687095][ T3030] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.701379][ T5836] veth1_vlan: entered promiscuous mode [ 84.709411][ T5828] veth0_vlan: entered promiscuous mode [ 84.712500][ T3030] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.736868][ T5832] veth0_vlan: entered promiscuous mode [ 84.774195][ T5828] veth1_vlan: entered promiscuous mode [ 84.796459][ T5832] veth1_vlan: entered promiscuous mode [ 84.833274][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 84.872801][ T5836] veth0_macvtap: entered promiscuous mode [ 84.881096][ T5828] veth0_macvtap: entered promiscuous mode [ 84.912688][ T5836] veth1_macvtap: entered promiscuous mode [ 84.957819][ T5828] veth1_macvtap: entered promiscuous mode [ 84.985841][ T5832] veth0_macvtap: entered promiscuous mode [ 85.008847][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.032862][ T5832] veth1_macvtap: entered promiscuous mode [ 85.055497][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.077329][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.107933][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.146013][ T2980] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.172203][ T2980] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.222778][ T2980] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.244999][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.260948][ T2980] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.272420][ T2980] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.281165][ T2980] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.305811][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.313443][ T2980] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.345047][ T2980] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.410901][ T2980] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.444208][ T2980] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.485990][ T2980] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.538227][ T2980] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.556496][ T2980] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.566919][ T2980] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.661341][ T146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.678001][ T146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.734455][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.753271][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.823632][ T2980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.831505][ T2980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.906775][ T3030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.945655][ T3030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.055550][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.083693][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.247693][ T5942] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 86.366192][ T5831] Bluetooth: hci0: command tx timeout [ 86.442266][ T5831] Bluetooth: hci1: command tx timeout [ 86.447708][ T5831] Bluetooth: hci3: command tx timeout [ 86.448848][ T5834] Bluetooth: hci2: command tx timeout [ 86.493138][ T5948] ptrace attach of "./syz-executor exec"[5828] was attempted by ""[5948] [ 86.706785][ T5960] block nbd0: Unsupported socket: should be TCP or UNIX. [ 86.989910][ T5969] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 87.784741][ T5991] Zero length message leads to an empty skb [ 88.443430][ T5834] Bluetooth: hci0: command tx timeout [ 88.523179][ T5834] Bluetooth: hci3: command tx timeout [ 88.528719][ T51] Bluetooth: hci1: command tx timeout [ 88.528758][ T5831] Bluetooth: hci2: command tx timeout [ 88.741291][ T6017] syz.0.45 uses obsolete (PF_INET,SOCK_PACKET) [ 88.915016][ T6035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.53'. [ 89.209253][ T6046] netlink: 'syz.0.58': attribute type 1 has an invalid length. [ 90.898944][ T6106] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.83'. [ 91.509236][ T5831] Bluetooth: hci0: Malformed Event: 0x13 [ 91.512755][ T6134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.95'. [ 91.964318][ T10] cfg80211: failed to load regulatory.db [ 93.306963][ T6206] netlink: 21 bytes leftover after parsing attributes in process `syz.2.129'. [ 93.510507][ T6212] FAULT_INJECTION: forcing a failure. [ 93.510507][ T6212] name failslab, interval 1, probability 0, space 0, times 1 [ 93.544110][ T6212] CPU: 1 UID: 0 PID: 6212 Comm: syz.0.132 Not tainted syzkaller #0 PREEMPT(full) [ 93.544152][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 93.544175][ T6212] Call Trace: [ 93.544185][ T6212] [ 93.544195][ T6212] dump_stack_lvl+0x100/0x190 [ 93.544253][ T6212] should_fail_ex.cold+0x5/0xa [ 93.544289][ T6212] should_failslab+0xc2/0x120 [ 93.544322][ T6212] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 93.544368][ T6212] ? __anon_vma_prepare+0x344/0x5e0 [ 93.544418][ T6212] __anon_vma_prepare+0x344/0x5e0 [ 93.544458][ T6212] ? __filemap_get_folio_mpol+0x3ba/0xe70 [ 93.544492][ T6212] __vmf_anon_prepare+0x11f/0x250 [ 93.544530][ T6212] hugetlb_no_page+0xe28/0x1970 [ 93.544583][ T6212] hugetlb_fault+0x5df/0x1450 [ 93.544627][ T6212] ? __pfx_hugetlb_fault+0x10/0x10 [ 93.544681][ T6212] ? find_vma+0xbf/0x140 [ 93.544709][ T6212] ? __pfx_find_vma+0x10/0x10 [ 93.544743][ T6212] handle_mm_fault+0x5f1/0xa20 [ 93.544791][ T6212] do_user_addr_fault+0x74c/0x12f0 [ 93.544831][ T6212] exc_page_fault+0x6f/0xd0 [ 93.544862][ T6212] asm_exc_page_fault+0x26/0x30 [ 93.544891][ T6212] RIP: 0010:__put_user_4+0xd/0x20 [ 93.544919][ T6212] Code: 66 89 01 31 c9 0f 01 ca e9 c0 d0 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 d0 03 00 0f 1f 80 00 00 00 00 90 90 90 [ 93.544958][ T6212] RSP: 0018:ffffc9000512fe58 EFLAGS: 00050202 [ 93.544981][ T6212] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000007 [ 93.544998][ T6212] RDX: 0000000000000000 RSI: ffffffff82563a41 RDI: ffff88806bd6e15c [ 93.545017][ T6212] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000000001c6 [ 93.545034][ T6212] R10: 0000000000000200 R11: 0000000000000000 R12: 1ffff92000a25fce [ 93.545052][ T6212] R13: 0000000000000007 R14: 0000000000000000 R15: dffffc0000000000 [ 93.545083][ T6212] ? __might_fault+0x111/0x140 [ 93.545133][ T6212] __do_sys_prctl+0xd67/0x2330 [ 93.545179][ T6212] ? __pfx___do_sys_prctl+0x10/0x10 [ 93.545235][ T6212] do_syscall_64+0x106/0xf80 [ 93.545262][ T6212] ? clear_bhb_loop+0x40/0x90 [ 93.545298][ T6212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.545327][ T6212] RIP: 0033:0x7ff456d9c819 [ 93.545350][ T6212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 93.545377][ T6212] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 93.545402][ T6212] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 93.545421][ T6212] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 93.545437][ T6212] RBP: 00007ff456e32c91 R08: 0000000000000001 R09: 0000000000000000 [ 93.545454][ T6212] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 93.545471][ T6212] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 93.545511][ T6212] [ 94.728463][ T6251] IPVS: length: 7562853 != 24 [ 95.063223][ T6266] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 95.848620][ T6300] netlink: 16 bytes leftover after parsing attributes in process `syz.3.171'. [ 95.859013][ T6297] ovs_: entered promiscuous mode [ 96.358062][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.3.179'. [ 97.507019][ T6354] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 97.592006][ T6356] capability: warning: `syz.0.197' uses 32-bit capabilities (legacy support in use) [ 97.794142][ T6364] FAULT_INJECTION: forcing a failure. [ 97.794142][ T6364] name failslab, interval 1, probability 0, space 0, times 0 [ 98.025235][ T6364] CPU: 0 UID: 0 PID: 6364 Comm: syz.0.201 Not tainted syzkaller #0 PREEMPT(full) [ 98.025277][ T6364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 98.025294][ T6364] Call Trace: [ 98.025304][ T6364] [ 98.025314][ T6364] dump_stack_lvl+0x100/0x190 [ 98.025364][ T6364] should_fail_ex.cold+0x5/0xa [ 98.025397][ T6364] ? sk_prot_alloc+0x10b/0x2a0 [ 98.025441][ T6364] should_failslab+0xc2/0x120 [ 98.025475][ T6364] __kmalloc_noprof+0xe0/0x850 [ 98.025529][ T6364] sk_prot_alloc+0x10b/0x2a0 [ 98.025565][ T6364] sk_alloc+0x36/0xe80 [ 98.025609][ T6364] mctp_pf_create+0xe8/0x360 [ 98.025642][ T6364] __sock_create+0x339/0x860 [ 98.025684][ T6364] __sys_socket+0x14d/0x260 [ 98.025721][ T6364] ? __pfx___sys_socket+0x10/0x10 [ 98.025769][ T6364] __x64_sys_socket+0x72/0xb0 [ 98.025804][ T6364] ? lockdep_hardirqs_on+0x78/0x100 [ 98.025840][ T6364] do_syscall_64+0x106/0xf80 [ 98.025868][ T6364] ? clear_bhb_loop+0x40/0x90 [ 98.025904][ T6364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.025934][ T6364] RIP: 0033:0x7ff456d9c819 [ 98.025958][ T6364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 98.025985][ T6364] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 98.026012][ T6364] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 98.026031][ T6364] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d [ 98.026048][ T6364] RBP: 00007ff456e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 98.026066][ T6364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 98.026082][ T6364] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 98.026120][ T6364] [ 98.712204][ T6372] could not allocate digest TFM handle [ 98.806275][ T6381] FAULT_INJECTION: forcing a failure. [ 98.806275][ T6381] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 98.853409][ T6381] CPU: 1 UID: 0 PID: 6381 Comm: syz.0.207 Not tainted syzkaller #0 PREEMPT(full) [ 98.853449][ T6381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 98.853464][ T6381] Call Trace: [ 98.853474][ T6381] [ 98.853484][ T6381] dump_stack_lvl+0x100/0x190 [ 98.853535][ T6381] should_fail_ex.cold+0x5/0xa [ 98.853567][ T6381] _copy_from_iter+0x1f4/0x1690 [ 98.853611][ T6381] ? alloc_pages_mpol+0x25a/0x550 [ 98.853644][ T6381] ? __pfx__copy_from_iter+0x10/0x10 [ 98.853681][ T6381] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 98.853728][ T6381] copy_page_from_iter+0xde/0x180 [ 98.853770][ T6381] tun_build_skb.constprop.0+0x2ea/0x15d0 [ 98.853818][ T6381] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 98.853863][ T6381] ? __lock_acquire+0x4a5/0x2630 [ 98.853924][ T6381] tun_get_user+0x16d0/0x3e10 [ 98.853974][ T6381] ? __pfx_tun_get_user+0x10/0x10 [ 98.854011][ T6381] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 98.854060][ T6381] ? find_held_lock+0x2b/0x80 [ 98.854087][ T6381] ? tun_get+0x191/0x370 [ 98.854116][ T6381] ? tun_get+0x191/0x370 [ 98.854155][ T6381] tun_chr_write_iter+0xdc/0x200 [ 98.854191][ T6381] vfs_write+0x6ac/0x1070 [ 98.854227][ T6381] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 98.854266][ T6381] ? __pfx_vfs_write+0x10/0x10 [ 98.854292][ T6381] ? find_held_lock+0x2b/0x80 [ 98.854342][ T6381] __x64_sys_pwrite64+0x1eb/0x250 [ 98.854375][ T6381] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 98.854417][ T6381] do_syscall_64+0x106/0xf80 [ 98.854445][ T6381] ? clear_bhb_loop+0x40/0x90 [ 98.854480][ T6381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.854509][ T6381] RIP: 0033:0x7ff456d9c819 [ 98.854534][ T6381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 98.854560][ T6381] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 98.854585][ T6381] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 98.854604][ T6381] RDX: 0000000000000096 RSI: 0000200000000340 RDI: 00000000000000c8 [ 98.854622][ T6381] RBP: 00007ff456e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 98.854639][ T6381] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 98.854655][ T6381] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 98.854692][ T6381] [ 99.289896][ T6388] netlink: 186 bytes leftover after parsing attributes in process `syz.3.210'. [ 101.698083][ T6458] binder: 6457:6458 ioctl c0306201 2000000000c0 returned -14 [ 101.788784][ T6461] mmap: syz.3.243 (6461) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 102.714728][ T6496] FAULT_INJECTION: forcing a failure. [ 102.714728][ T6496] name failslab, interval 1, probability 0, space 0, times 0 [ 102.764774][ T6496] CPU: 0 UID: 0 PID: 6496 Comm: syz.3.258 Not tainted syzkaller #0 PREEMPT(full) [ 102.764815][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 102.764833][ T6496] Call Trace: [ 102.764843][ T6496] [ 102.764854][ T6496] dump_stack_lvl+0x100/0x190 [ 102.764906][ T6496] should_fail_ex.cold+0x5/0xa [ 102.764938][ T6496] ? get_callchain_buffers+0x123/0x380 [ 102.764974][ T6496] should_failslab+0xc2/0x120 [ 102.765006][ T6496] __kmalloc_noprof+0xe0/0x850 [ 102.765049][ T6496] ? rcu_is_watching+0x10/0xc0 [ 102.765108][ T6496] get_callchain_buffers+0x123/0x380 [ 102.765146][ T6496] ? bpf_lsm_capable+0x9/0x10 [ 102.765177][ T6496] ? security_capable+0x80/0x260 [ 102.765209][ T6496] stack_map_alloc+0x316/0x610 [ 102.765244][ T6496] ? __pfx_stack_map_mem_usage+0x10/0x10 [ 102.765280][ T6496] map_create+0x84e/0x2ba0 [ 102.765308][ T6496] ? futex_unqueue+0x13d/0x2c0 [ 102.765346][ T6496] ? __futex_wait+0x256/0x300 [ 102.765397][ T6496] ? __pfx_map_create+0x10/0x10 [ 102.765424][ T6496] ? __might_fault+0xc5/0x140 [ 102.765464][ T6496] ? __might_fault+0xc5/0x140 [ 102.765522][ T6496] __sys_bpf+0x2091/0x4b90 [ 102.765561][ T6496] ? __pfx___sys_bpf+0x10/0x10 [ 102.765595][ T6496] ? __pfx_futex_wait+0x10/0x10 [ 102.765661][ T6496] ? do_futex+0x192/0x350 [ 102.765723][ T6496] ? xfd_validate_state+0x129/0x190 [ 102.765775][ T6496] __x64_sys_bpf+0x7b/0xc0 [ 102.765809][ T6496] ? lockdep_hardirqs_on+0x78/0x100 [ 102.765839][ T6496] do_syscall_64+0x106/0xf80 [ 102.765867][ T6496] ? clear_bhb_loop+0x40/0x90 [ 102.765903][ T6496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.765933][ T6496] RIP: 0033:0x7f9680d9c819 [ 102.765957][ T6496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 102.765984][ T6496] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 102.766012][ T6496] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 102.766032][ T6496] RDX: 00000000000006f4 RSI: 0000200000000580 RDI: 0000000000000000 [ 102.766050][ T6496] RBP: 00007f9680e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 102.766074][ T6496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.766091][ T6496] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 102.766131][ T6496] [ 103.046358][ T6493] zswap: compressor not available [ 103.662207][ T6517] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 104.639458][ T6557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.284'. [ 107.591512][ T6638] process 'syz.0.321' launched '/dev/fd/3/./file0' with NULL argv: empty string added [ 108.019930][ T6654] netlink: 4 bytes leftover after parsing attributes in process `syz.0.328'. [ 108.253802][ T6662] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 108.281471][ T6662] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 108.834619][ T6682] netlink: 12 bytes leftover after parsing attributes in process `syz.3.340'. [ 108.976795][ T6685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.343'. [ 109.632133][ T6714] Invalid ELF header magic: != ELF [ 109.678472][ T5831] Bluetooth: hci0: unexpected event 0x03 length: 43 > 11 [ 112.078415][ T6803] sctp: [Deprecated]: syz.2.398 (pid 6803) Use of int in maxseg socket option. [ 112.078415][ T6803] Use struct sctp_assoc_value instead [ 112.272757][ T6811] netlink: 8 bytes leftover after parsing attributes in process `syz.0.401'. [ 112.438245][ T6818] sd 0:0:1:0: PR command failed: 1026 [ 112.438305][ T6818] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 112.438356][ T6818] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 113.112044][ T6838] ======================================================= [ 113.112044][ T6838] WARNING: The mand mount option has been deprecated and [ 113.112044][ T6838] and is ignored by this kernel. Remove the mand [ 113.112044][ T6838] option from the mount to silence this warning. [ 113.112044][ T6838] ======================================================= [ 113.980926][ T6874] netlink: Unknown conntrack attr (0) [ 114.391125][ T6892] netlink: 16 bytes leftover after parsing attributes in process `syz.3.437'. [ 114.527293][ T6897] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 114.734522][ T6903] openvswitch: netlink: IP tunnel TTL not specified. [ 115.554961][ T6929] netlink: 20 bytes leftover after parsing attributes in process `syz.2.454'. [ 117.063542][ T6981] zswap: compressor not available [ 117.238744][ T6991] FAULT_INJECTION: forcing a failure. [ 117.238744][ T6991] name failslab, interval 1, probability 0, space 0, times 0 [ 117.254152][ T6991] CPU: 1 UID: 0 PID: 6991 Comm: syz.3.479 Not tainted syzkaller #0 PREEMPT(full) [ 117.254189][ T6991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 117.254204][ T6991] Call Trace: [ 117.254213][ T6991] [ 117.254223][ T6991] dump_stack_lvl+0x100/0x190 [ 117.254283][ T6991] should_fail_ex.cold+0x5/0xa [ 117.254316][ T6991] should_failslab+0xc2/0x120 [ 117.254348][ T6991] __kmalloc_cache_noprof+0x7a/0x6f0 [ 117.254380][ T6991] ? allocate_file_region_entries+0x1a0/0x620 [ 117.254409][ T6991] allocate_file_region_entries+0x1a0/0x620 [ 117.254436][ T6991] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 117.254486][ T6991] region_chg+0x85/0x140 [ 117.254532][ T6991] __vma_reservation_common+0x376/0x720 [ 117.254563][ T6991] ? __pfx___vma_reservation_common+0x10/0x10 [ 117.254587][ T6991] ? __pfx___might_resched+0x10/0x10 [ 117.254615][ T6991] hugetlb_no_page+0xb2b/0x1970 [ 117.254641][ T6991] hugetlb_fault+0x5df/0x1450 [ 117.254664][ T6991] ? __pfx_hugetlb_fault+0x10/0x10 [ 117.254690][ T6991] ? find_vma+0xbf/0x140 [ 117.254706][ T6991] ? __pfx_find_vma+0x10/0x10 [ 117.254723][ T6991] handle_mm_fault+0x5f1/0xa20 [ 117.254747][ T6991] do_user_addr_fault+0x74c/0x12f0 [ 117.254768][ T6991] exc_page_fault+0x6f/0xd0 [ 117.254783][ T6991] asm_exc_page_fault+0x26/0x30 [ 117.254799][ T6991] RIP: 0010:__put_user_4+0xd/0x20 [ 117.254814][ T6991] Code: 66 89 01 31 c9 0f 01 ca e9 c0 d0 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 d0 03 00 0f 1f 80 00 00 00 00 90 90 90 [ 117.254829][ T6991] RSP: 0018:ffffc9000cc6fe58 EFLAGS: 00050202 [ 117.254841][ T6991] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000007 [ 117.254850][ T6991] RDX: 0000000000000000 RSI: ffffffff82563a41 RDI: ffff888027d0a45c [ 117.254859][ T6991] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000000001c6 [ 117.254867][ T6991] R10: 0000000000000200 R11: 0000000000000000 R12: 1ffff9200198dfce [ 117.254875][ T6991] R13: 0000000000000007 R14: 0000000000000000 R15: dffffc0000000000 [ 117.254890][ T6991] ? __might_fault+0x111/0x140 [ 117.254915][ T6991] __do_sys_prctl+0xd67/0x2330 [ 117.254937][ T6991] ? __pfx___do_sys_prctl+0x10/0x10 [ 117.254965][ T6991] do_syscall_64+0x106/0xf80 [ 117.254978][ T6991] ? clear_bhb_loop+0x40/0x90 [ 117.254996][ T6991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.255010][ T6991] RIP: 0033:0x7f9680d9c819 [ 117.255030][ T6991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.255044][ T6991] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 117.255057][ T6991] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 117.255067][ T6991] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 117.255075][ T6991] RBP: 00007f9680e32c91 R08: 0000000000000001 R09: 0000000000000000 [ 117.255084][ T6991] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 117.255093][ T6991] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 117.255114][ T6991] [ 117.685567][ T5831] Bluetooth: hci0: Malformed LE Event: 0x0b [ 118.129768][ T29] audit: type=1800 audit(4294967321.460:2): pid=7018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.491" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 118.200053][ T7022] FAULT_INJECTION: forcing a failure. [ 118.200053][ T7022] name failslab, interval 1, probability 0, space 0, times 0 [ 118.250169][ T7022] CPU: 0 UID: 0 PID: 7022 Comm: syz.3.494 Not tainted syzkaller #0 PREEMPT(full) [ 118.250207][ T7022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 118.250222][ T7022] Call Trace: [ 118.250231][ T7022] [ 118.250242][ T7022] dump_stack_lvl+0x100/0x190 [ 118.250293][ T7022] should_fail_ex.cold+0x5/0xa [ 118.250326][ T7022] should_failslab+0xc2/0x120 [ 118.250366][ T7022] __kmalloc_cache_noprof+0x7a/0x6f0 [ 118.250404][ T7022] ? percpu_ref_init+0xec/0x3f0 [ 118.250437][ T7022] ? __pfx_io_ring_ctx_ref_free+0x10/0x10 [ 118.250476][ T7022] percpu_ref_init+0xec/0x3f0 [ 118.250509][ T7022] io_uring_setup.cold+0x23b/0x1d79 [ 118.250558][ T7022] ? ksys_write+0x190/0x250 [ 118.250595][ T7022] ? __pfx_io_uring_setup+0x10/0x10 [ 118.250637][ T7022] ? do_futex+0x192/0x350 [ 118.250673][ T7022] ? __pfx_do_futex+0x10/0x10 [ 118.250722][ T7022] ? xfd_validate_state+0x129/0x190 [ 118.250771][ T7022] __x64_sys_io_uring_setup+0xc2/0x170 [ 118.250814][ T7022] do_syscall_64+0x106/0xf80 [ 118.250838][ T7022] ? clear_bhb_loop+0x40/0x90 [ 118.250872][ T7022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.250900][ T7022] RIP: 0033:0x7f9680d9c819 [ 118.250923][ T7022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 118.250951][ T7022] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 118.250974][ T7022] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 118.250991][ T7022] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001d48 [ 118.251008][ T7022] RBP: 00007f9680e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 118.251024][ T7022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.251041][ T7022] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 118.251076][ T7022] [ 118.896573][ T7044] FAULT_INJECTION: forcing a failure. [ 118.896573][ T7044] name failslab, interval 1, probability 0, space 0, times 0 [ 118.942008][ T7044] CPU: 1 UID: 0 PID: 7044 Comm: syz.3.503 Not tainted syzkaller #0 PREEMPT(full) [ 118.942050][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 118.942068][ T7044] Call Trace: [ 118.942077][ T7044] [ 118.942088][ T7044] dump_stack_lvl+0x100/0x190 [ 118.942140][ T7044] should_fail_ex.cold+0x5/0xa [ 118.942177][ T7044] should_failslab+0xc2/0x120 [ 118.942210][ T7044] __kmalloc_cache_noprof+0x7a/0x6f0 [ 118.942249][ T7044] ? create_filter_start.constprop.0+0x1c4/0x310 [ 118.942296][ T7044] ? __asan_memcpy+0x3c/0x60 [ 118.942345][ T7044] create_filter_start.constprop.0+0x1c4/0x310 [ 118.942398][ T7044] apply_subsystem_event_filter+0x188/0x17d0 [ 118.942459][ T7044] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 118.942523][ T7044] ? _copy_from_user+0x59/0xd0 [ 118.942565][ T7044] ? __pfx_subsystem_filter_write+0x10/0x10 [ 118.942611][ T7044] subsystem_filter_write+0x95/0x120 [ 118.942661][ T7044] vfs_writev+0x5ea/0xe10 [ 118.942705][ T7044] ? rcu_is_watching+0x12/0xc0 [ 118.942760][ T7044] ? __pfx_vfs_writev+0x10/0x10 [ 118.942803][ T7044] ? fdget_pos+0x2aa/0x380 [ 118.942864][ T7044] ? __fget_files+0x21f/0x3d0 [ 118.942904][ T7044] ? do_writev+0x13e/0x340 [ 118.942928][ T7044] do_writev+0x13e/0x340 [ 118.942956][ T7044] ? __pfx_do_writev+0x10/0x10 [ 118.942994][ T7044] do_syscall_64+0x106/0xf80 [ 118.943023][ T7044] ? clear_bhb_loop+0x40/0x90 [ 118.943060][ T7044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.943089][ T7044] RIP: 0033:0x7f9680d9c819 [ 118.943114][ T7044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 118.943139][ T7044] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 118.943168][ T7044] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 118.943187][ T7044] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003 [ 118.943205][ T7044] RBP: 00007f9680e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 118.943223][ T7044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.943239][ T7044] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 118.943279][ T7044] [ 119.256813][ T7053] sctp: [Deprecated]: syz.2.507 (pid 7053) Use of int in maxseg socket option. [ 119.256813][ T7053] Use struct sctp_assoc_value instead [ 119.598748][ T7066] Invalid ELF header len 5 [ 122.431039][ T7146] openvswitch: netlink: IPv4 tunnel dst address is zero [ 122.896055][ T7158] bridge0: port 3(bond0) entered blocking state [ 122.903306][ T7158] bridge0: port 3(bond0) entered disabled state [ 122.916935][ T7158] bond0: entered allmulticast mode [ 122.932312][ T7158] bond_slave_0: entered allmulticast mode [ 122.938170][ T7158] bond_slave_1: entered allmulticast mode [ 122.956658][ T7158] bond0: entered promiscuous mode [ 122.961812][ T7158] bond_slave_0: entered promiscuous mode [ 122.971243][ T7158] bond_slave_1: entered promiscuous mode [ 122.978219][ T7158] bridge0: port 3(bond0) entered blocking state [ 122.984967][ T7158] bridge0: port 3(bond0) entered forwarding state [ 123.392724][ T7176] FAULT_INJECTION: forcing a failure. [ 123.392724][ T7176] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 123.421665][ T7176] CPU: 0 UID: 0 PID: 7176 Comm: syz.1.562 Not tainted syzkaller #0 PREEMPT(full) [ 123.421703][ T7176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 123.421719][ T7176] Call Trace: [ 123.421728][ T7176] [ 123.421738][ T7176] dump_stack_lvl+0x100/0x190 [ 123.421793][ T7176] should_fail_ex.cold+0x5/0xa [ 123.421823][ T7176] ? prepare_alloc_pages+0x16d/0x5f0 [ 123.421864][ T7176] should_fail_alloc_page+0xeb/0x140 [ 123.421895][ T7176] prepare_alloc_pages+0x1f0/0x5f0 [ 123.421925][ T7176] ? unwind_get_return_address+0x59/0xa0 [ 123.421961][ T7176] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 123.422019][ T7176] ? stack_trace_save+0x8e/0xc0 [ 123.422046][ T7176] ? __pfx_stack_trace_save+0x10/0x10 [ 123.422074][ T7176] ? stack_depot_save_flags+0x27/0x9d0 [ 123.422109][ T7176] ? find_held_lock+0x2b/0x80 [ 123.422135][ T7176] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 123.422177][ T7176] ? kasan_save_stack+0x3f/0x50 [ 123.422199][ T7176] ? kasan_save_track+0x14/0x30 [ 123.422223][ T7176] ? __kasan_slab_alloc+0x89/0x90 [ 123.422249][ T7176] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 123.422288][ T7176] ? security_inode_alloc+0x3b/0x2c0 [ 123.422315][ T7176] ? inode_init_always_gfp+0xced/0x1040 [ 123.422344][ T7176] ? alloc_inode+0x8e/0x250 [ 123.422378][ T7176] ? sock_alloc+0x44/0x280 [ 123.422402][ T7176] ? __sock_create+0xc2/0x860 [ 123.422432][ T7176] ? __sys_socket+0x14d/0x260 [ 123.422478][ T7176] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 123.422510][ T7176] ? policy_nodemask+0xed/0x4f0 [ 123.422543][ T7176] alloc_pages_mpol+0x1fb/0x550 [ 123.422573][ T7176] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 123.422609][ T7176] ? sk_prot_alloc+0x10b/0x2a0 [ 123.422634][ T7176] ___kmalloc_large_node+0x104/0x150 [ 123.422669][ T7176] __kmalloc_large_node_noprof+0x1c/0x70 [ 123.422708][ T7176] __kmalloc_noprof+0x5be/0x850 [ 123.422757][ T7176] sk_prot_alloc+0x10b/0x2a0 [ 123.422801][ T7176] sk_alloc+0x36/0xe80 [ 123.422845][ T7176] can_create+0x1e5/0x630 [ 123.422892][ T7176] __sock_create+0x339/0x860 [ 123.422930][ T7176] __sys_socket+0x14d/0x260 [ 123.422965][ T7176] ? __pfx___sys_socket+0x10/0x10 [ 123.423008][ T7176] __x64_sys_socket+0x72/0xb0 [ 123.423041][ T7176] ? lockdep_hardirqs_on+0x78/0x100 [ 123.423070][ T7176] do_syscall_64+0x106/0xf80 [ 123.423098][ T7176] ? clear_bhb_loop+0x40/0x90 [ 123.423133][ T7176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.423163][ T7176] RIP: 0033:0x7fa654d9c819 [ 123.423187][ T7176] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 123.423214][ T7176] RSP: 002b:00007fa655c49028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 123.423242][ T7176] RAX: ffffffffffffffda RBX: 00007fa655015fa0 RCX: 00007fa654d9c819 [ 123.423261][ T7176] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 123.423277][ T7176] RBP: 00007fa654e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 123.423294][ T7176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.423311][ T7176] R13: 00007fa655016038 R14: 00007fa655015fa0 R15: 00007ffdbf8f98b8 [ 123.423349][ T7176] [ 124.980301][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.3.577'. [ 125.263177][ T7215] sd 0:0:1:0: PR command failed: 1026 [ 125.268705][ T7215] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 125.283207][ T7215] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 125.398094][ T7227] netlink: 342 bytes leftover after parsing attributes in process `syz.3.584'. [ 127.742174][ T7314] binder: 7313:7314 ioctl 400c620e 0 returned -22 [ 128.077154][ T7327] netlink: 338 bytes leftover after parsing attributes in process `syz.3.630'. [ 128.908483][ T7365] FAULT_INJECTION: forcing a failure. [ 128.908483][ T7365] name failslab, interval 1, probability 0, space 0, times 0 [ 128.950904][ T7365] CPU: 1 UID: 0 PID: 7365 Comm: syz.0.646 Tainted: G L syzkaller #0 PREEMPT(full) [ 128.950953][ T7365] Tainted: [L]=SOFTLOCKUP [ 128.950963][ T7365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 128.950980][ T7365] Call Trace: [ 128.950989][ T7365] [ 128.951000][ T7365] dump_stack_lvl+0x100/0x190 [ 128.951050][ T7365] should_fail_ex.cold+0x5/0xa [ 128.951086][ T7365] should_failslab+0xc2/0x120 [ 128.951119][ T7365] __kmalloc_node_noprof+0xe6/0x850 [ 128.951164][ T7365] ? get_callchain_buffers+0x1e5/0x380 [ 128.951211][ T7365] get_callchain_buffers+0x1e5/0x380 [ 128.951248][ T7365] ? security_capable+0x80/0x260 [ 128.951279][ T7365] stack_map_alloc+0x316/0x610 [ 128.951317][ T7365] ? __pfx_stack_map_mem_usage+0x10/0x10 [ 128.951353][ T7365] map_create+0x84e/0x2ba0 [ 128.951381][ T7365] ? futex_unqueue+0x13d/0x2c0 [ 128.951420][ T7365] ? __futex_wait+0x256/0x300 [ 128.951473][ T7365] ? __pfx_map_create+0x10/0x10 [ 128.951501][ T7365] ? __might_fault+0xc5/0x140 [ 128.951550][ T7365] ? __might_fault+0xc5/0x140 [ 128.951607][ T7365] __sys_bpf+0x2091/0x4b90 [ 128.951646][ T7365] ? __pfx___sys_bpf+0x10/0x10 [ 128.951680][ T7365] ? __pfx_futex_wait+0x10/0x10 [ 128.951746][ T7365] ? do_futex+0x192/0x350 [ 128.951807][ T7365] ? xfd_validate_state+0x129/0x190 [ 128.951861][ T7365] __x64_sys_bpf+0x7b/0xc0 [ 128.951891][ T7365] ? lockdep_hardirqs_on+0x78/0x100 [ 128.951918][ T7365] do_syscall_64+0x106/0xf80 [ 128.951943][ T7365] ? clear_bhb_loop+0x40/0x90 [ 128.951978][ T7365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.952006][ T7365] RIP: 0033:0x7ff456d9c819 [ 128.952029][ T7365] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.952053][ T7365] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 128.952079][ T7365] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 128.952096][ T7365] RDX: 00000000000006f4 RSI: 0000200000000580 RDI: 0000000000000000 [ 128.952112][ T7365] RBP: 00007ff456e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 128.952128][ T7365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.952143][ T7365] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 128.952181][ T7365] [ 129.633410][ T7383] zswap: compressor not available [ 130.369446][ T7406] zswap: compressor not available [ 130.860119][ T7435] netlink: 8 bytes leftover after parsing attributes in process `syz.2.674'. [ 131.169083][ T7447] FAULT_INJECTION: forcing a failure. [ 131.169083][ T7447] name failslab, interval 1, probability 0, space 0, times 0 [ 131.215864][ T7447] CPU: 0 UID: 0 PID: 7447 Comm: syz.0.682 Tainted: G L syzkaller #0 PREEMPT(full) [ 131.215912][ T7447] Tainted: [L]=SOFTLOCKUP [ 131.215921][ T7447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 131.215937][ T7447] Call Trace: [ 131.215944][ T7447] [ 131.215953][ T7447] dump_stack_lvl+0x100/0x190 [ 131.216000][ T7447] should_fail_ex.cold+0x5/0xa [ 131.216035][ T7447] ? sk_prot_alloc+0x10b/0x2a0 [ 131.216066][ T7447] should_failslab+0xc2/0x120 [ 131.216098][ T7447] __kmalloc_noprof+0xe0/0x850 [ 131.216141][ T7447] ? lockdep_init_map_type+0x5c/0x250 [ 131.216185][ T7447] sk_prot_alloc+0x10b/0x2a0 [ 131.216220][ T7447] sk_alloc+0x36/0xe80 [ 131.216263][ T7447] pppol2tp_create+0x32/0x250 [ 131.216301][ T7447] pppox_create+0x15c/0x2c0 [ 131.216342][ T7447] __sock_create+0x339/0x860 [ 131.216392][ T7447] __sys_socket+0x14d/0x260 [ 131.216429][ T7447] ? __pfx___sys_socket+0x10/0x10 [ 131.216477][ T7447] __x64_sys_socket+0x72/0xb0 [ 131.216513][ T7447] ? lockdep_hardirqs_on+0x78/0x100 [ 131.216542][ T7447] do_syscall_64+0x106/0xf80 [ 131.216570][ T7447] ? clear_bhb_loop+0x40/0x90 [ 131.216605][ T7447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.216634][ T7447] RIP: 0033:0x7ff456d9c819 [ 131.216657][ T7447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 131.216683][ T7447] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 131.216709][ T7447] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 131.216728][ T7447] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000018 [ 131.216745][ T7447] RBP: 00007ff456e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 131.216761][ T7447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.216782][ T7447] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 131.216819][ T7447] [ 132.507766][ T7504] netlink: 8 bytes leftover after parsing attributes in process `syz.1.704'. [ 132.640905][ T7510] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 132.928222][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.934828][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.948116][ T7526] bridge_slave_1: left allmulticast mode [ 132.958151][ T7526] bridge_slave_1: left promiscuous mode [ 132.973167][ T7526] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.077171][ T7531] block nbd7: not configured, cannot reconfigure [ 133.249863][ T7540] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 134.995221][ T7614] FAULT_INJECTION: forcing a failure. [ 134.995221][ T7614] name failslab, interval 1, probability 0, space 0, times 0 [ 135.032494][ T7614] CPU: 0 UID: 0 PID: 7614 Comm: syz.0.758 Tainted: G L syzkaller #0 PREEMPT(full) [ 135.032540][ T7614] Tainted: [L]=SOFTLOCKUP [ 135.032548][ T7614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 135.032564][ T7614] Call Trace: [ 135.032573][ T7614] [ 135.032584][ T7614] dump_stack_lvl+0x100/0x190 [ 135.032633][ T7614] should_fail_ex.cold+0x5/0xa [ 135.032666][ T7614] should_failslab+0xc2/0x120 [ 135.032699][ T7614] __kmalloc_cache_noprof+0x7a/0x6f0 [ 135.032736][ T7614] ? __do_sys_fanotify_init+0x5cf/0xe50 [ 135.032778][ T7614] ? get_mem_cgroup_from_mm+0x88/0x600 [ 135.032814][ T7614] ? get_mem_cgroup_from_mm+0x132/0x600 [ 135.032856][ T7614] __do_sys_fanotify_init+0x5cf/0xe50 [ 135.032905][ T7614] do_syscall_64+0x106/0xf80 [ 135.032934][ T7614] ? clear_bhb_loop+0x40/0x90 [ 135.032970][ T7614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.033007][ T7614] RIP: 0033:0x7ff456d9c819 [ 135.033030][ T7614] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 135.033057][ T7614] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 135.033083][ T7614] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 135.033100][ T7614] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000602 [ 135.033115][ T7614] RBP: 00007ff456e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 135.033132][ T7614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.033148][ T7614] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 135.033185][ T7614] [ 137.298200][ T29] audit: type=1804 audit(4294967340.630:3): pid=7723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.806" name="/newroot/167/file0" dev="tmpfs" ino=871 res=1 errno=0 [ 137.560835][ T7732] netlink: 4 bytes leftover after parsing attributes in process `syz.2.811'. [ 138.011442][ T7751] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 138.023960][ T7751] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 138.332507][ T7767] netlink: 'syz.3.828': attribute type 33 has an invalid length. [ 138.846180][ T7790] netlink: 12 bytes leftover after parsing attributes in process `syz.2.838'. [ 139.583856][ T7821] netlink: 342 bytes leftover after parsing attributes in process `syz.1.853'. [ 140.011604][ T7837] Invalid ELF header magic: != ELF [ 140.150469][ T5831] Bluetooth: hci1: unexpected event 0x03 length: 43 > 11 [ 140.650908][ T7868] FAULT_INJECTION: forcing a failure. [ 140.650908][ T7868] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 140.698803][ T7868] CPU: 1 UID: 0 PID: 7868 Comm: syz.1.877 Tainted: G L syzkaller #0 PREEMPT(full) [ 140.698850][ T7868] Tainted: [L]=SOFTLOCKUP [ 140.698859][ T7868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 140.698876][ T7868] Call Trace: [ 140.698886][ T7868] [ 140.698897][ T7868] dump_stack_lvl+0x100/0x190 [ 140.698945][ T7868] should_fail_ex.cold+0x5/0xa [ 140.698973][ T7868] ? prepare_alloc_pages+0x16d/0x5f0 [ 140.699012][ T7868] should_fail_alloc_page+0xeb/0x140 [ 140.699046][ T7868] prepare_alloc_pages+0x1f0/0x5f0 [ 140.699080][ T7868] ? __lock_acquire+0x4a5/0x2630 [ 140.699121][ T7868] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 140.699173][ T7868] ? lock_acquire+0x1cf/0x380 [ 140.699220][ T7868] ? find_held_lock+0x2b/0x80 [ 140.699245][ T7868] ? page_table_check_set+0x49a/0xa10 [ 140.699272][ T7868] ? page_table_check_set+0x49a/0xa10 [ 140.699304][ T7868] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 140.699359][ T7868] ? __page_table_check_ptes_set+0x1b5/0x4e0 [ 140.699388][ T7868] ? xas_move_index+0xae/0x110 [ 140.699417][ T7868] ? xas_find+0x32c/0x8e0 [ 140.699451][ T7868] ? find_held_lock+0x2b/0x80 [ 140.699477][ T7868] ? find_held_lock+0x2b/0x80 [ 140.699500][ T7868] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 140.699529][ T7868] ? policy_nodemask+0xed/0x4f0 [ 140.699559][ T7868] alloc_pages_mpol+0x1fb/0x550 [ 140.699589][ T7868] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 140.699628][ T7868] folio_alloc_mpol_noprof+0x36/0x340 [ 140.699664][ T7868] vma_alloc_folio_noprof+0xed/0x1d0 [ 140.699697][ T7868] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 140.699743][ T7868] do_anonymous_page+0xb3a/0x1fb0 [ 140.699793][ T7868] __handle_mm_fault+0x1d48/0x2b60 [ 140.699837][ T7868] ? reacquire_held_locks+0xce/0x1e0 [ 140.699875][ T7868] ? __pfx___handle_mm_fault+0x10/0x10 [ 140.699920][ T7868] ? lock_vma_under_rcu+0x17c/0x590 [ 140.699982][ T7868] handle_mm_fault+0x36d/0xa20 [ 140.700029][ T7868] do_user_addr_fault+0x5a3/0x12f0 [ 140.700068][ T7868] exc_page_fault+0x6f/0xd0 [ 140.700095][ T7868] asm_exc_page_fault+0x26/0x30 [ 140.700123][ T7868] RIP: 0033:0x7fa654c5dfcb [ 140.700148][ T7868] Code: 00 00 00 48 8d 3d bd a6 1a 00 48 89 c1 31 c0 e8 5b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 a6 1a 00 48 89 34 24 48 8b 14 24 48 8b [ 140.700176][ T7868] RSP: 002b:00007fa655c47fa0 EFLAGS: 00010206 [ 140.700208][ T7868] RAX: 0000000000000000 RBX: 00007fa655015fa0 RCX: 0000000000000000 [ 140.700226][ T7868] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000100 [ 140.700244][ T7868] RBP: 00007fa654e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 140.700261][ T7868] R10: 0000200000000100 R11: 0000000000000000 R12: 0000000000000000 [ 140.700277][ T7868] R13: 00007fa655016038 R14: 00007fa655015fa0 R15: 00007ffdbf8f98b8 [ 140.700315][ T7868] [ 140.700520][ T7868] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 142.960294][ T7973] FAULT_INJECTION: forcing a failure. [ 142.960294][ T7973] name failslab, interval 1, probability 0, space 0, times 0 [ 142.973677][ T7973] CPU: 0 UID: 0 PID: 7973 Comm: syz.0.925 Tainted: G L syzkaller #0 PREEMPT(full) [ 142.973720][ T7973] Tainted: [L]=SOFTLOCKUP [ 142.973729][ T7973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 142.973744][ T7973] Call Trace: [ 142.973754][ T7973] [ 142.973765][ T7973] dump_stack_lvl+0x100/0x190 [ 142.973812][ T7973] should_fail_ex.cold+0x5/0xa [ 142.973846][ T7973] should_failslab+0xc2/0x120 [ 142.973878][ T7973] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 142.973919][ T7973] ? key_alloc+0x3c5/0x1310 [ 142.973952][ T7973] ? rcu_is_watching+0x12/0xc0 [ 142.973997][ T7973] key_alloc+0x3c5/0x1310 [ 142.974046][ T7973] ? __pfx_key_alloc+0x10/0x10 [ 142.974094][ T7973] keyring_alloc+0x44/0xc0 [ 142.974138][ T7973] lookup_user_key+0x9b8/0x1300 [ 142.974178][ T7973] ? __pfx_lookup_user_key+0x10/0x10 [ 142.974221][ T7973] ? __pfx_do_futex+0x10/0x10 [ 142.974266][ T7973] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 142.974311][ T7973] ? xfd_validate_state+0x129/0x190 [ 142.974356][ T7973] keyctl_keyring_link+0x22/0xe0 [ 142.974386][ T7973] __do_sys_keyctl+0x1bf/0x5a0 [ 142.974418][ T7973] do_syscall_64+0x106/0xf80 [ 142.974445][ T7973] ? clear_bhb_loop+0x40/0x90 [ 142.974479][ T7973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.974507][ T7973] RIP: 0033:0x7ff456d9c819 [ 142.974528][ T7973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 142.974553][ T7973] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 142.974581][ T7973] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 142.974600][ T7973] RDX: ffffffffffffffff RSI: fffffffffffffffd RDI: 0000000000000008 [ 142.974618][ T7973] RBP: 00007ff456e32c91 R08: 0000000000000002 R09: 0000000000000000 [ 142.974635][ T7973] R10: 0000000000005092 R11: 0000000000000246 R12: 0000000000000000 [ 142.974651][ T7973] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 142.974688][ T7973] [ 143.480965][ T7984] sctp: [Deprecated]: syz.1.931 (pid 7984) Use of int in maxseg socket option. [ 143.480965][ T7984] Use struct sctp_assoc_value instead [ 143.644793][ T7989] netlink: 8 bytes leftover after parsing attributes in process `syz.3.933'. [ 144.949910][ T8043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.959'. [ 145.153129][ T8048] openvswitch: netlink: IP tunnel TTL not specified. [ 147.047749][ T8106] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 147.999374][ T8139] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1001'. [ 148.300672][ T8145] sd 0:0:1:0: PR command failed: 1026 [ 148.350962][ T8145] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 148.366293][ T8145] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 148.780232][ T8161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1012'. [ 149.541167][ T8187] sctp: [Deprecated]: syz.1.1023 (pid 8187) Use of int in maxseg socket option. [ 149.541167][ T8187] Use struct sctp_assoc_value instead [ 149.949473][ T8204] tunl0: entered allmulticast mode [ 150.133541][ T8215] Invalid ELF header len 5 [ 152.072822][ T8306] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1079'. [ 152.440914][ T8322] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1087'. [ 153.582029][ T8377] syz.2.1109 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 154.723302][ T8420] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1125'. [ 154.824928][ T8424] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1129'. [ 154.906744][ T8428] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 156.379917][ T8490] netlink: 'syz.2.1157': attribute type 9 has an invalid length. [ 156.812680][ T8507] netlink: 294 bytes leftover after parsing attributes in process `syz.2.1164'. [ 159.052287][ T8588] bond0: option lp_interval: invalid value (0) [ 159.058746][ T8588] bond0: option lp_interval: allowed values 1 - 2147483647 [ 159.528017][ T8606] FAULT_INJECTION: forcing a failure. [ 159.528017][ T8606] name failslab, interval 1, probability 0, space 0, times 0 [ 159.552054][ T8606] CPU: 1 UID: 0 PID: 8606 Comm: syz.1.1209 Tainted: G L syzkaller #0 PREEMPT(full) [ 159.552103][ T8606] Tainted: [L]=SOFTLOCKUP [ 159.552113][ T8606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 159.552131][ T8606] Call Trace: [ 159.552140][ T8606] [ 159.552151][ T8606] dump_stack_lvl+0x100/0x190 [ 159.552205][ T8606] should_fail_ex.cold+0x5/0xa [ 159.552240][ T8606] ? get_callchain_buffers+0x123/0x380 [ 159.552277][ T8606] should_failslab+0xc2/0x120 [ 159.552309][ T8606] __kmalloc_noprof+0xe0/0x850 [ 159.552353][ T8606] ? rcu_is_watching+0x10/0xc0 [ 159.552404][ T8606] get_callchain_buffers+0x123/0x380 [ 159.552441][ T8606] ? bpf_lsm_capable+0x9/0x10 [ 159.552471][ T8606] ? security_capable+0x80/0x260 [ 159.552503][ T8606] stack_map_alloc+0x316/0x610 [ 159.552540][ T8606] ? __pfx_stack_map_mem_usage+0x10/0x10 [ 159.552582][ T8606] map_create+0x84e/0x2ba0 [ 159.552611][ T8606] ? futex_unqueue+0x13d/0x2c0 [ 159.552661][ T8606] ? __futex_wait+0x256/0x300 [ 159.552721][ T8606] ? __pfx_map_create+0x10/0x10 [ 159.552749][ T8606] ? __might_fault+0xc5/0x140 [ 159.552801][ T8606] ? __might_fault+0xc5/0x140 [ 159.552874][ T8606] __sys_bpf+0x2091/0x4b90 [ 159.552916][ T8606] ? __pfx___sys_bpf+0x10/0x10 [ 159.552952][ T8606] ? __pfx_futex_wait+0x10/0x10 [ 159.553023][ T8606] ? do_futex+0x192/0x350 [ 159.553082][ T8606] ? xfd_validate_state+0x129/0x190 [ 159.553135][ T8606] __x64_sys_bpf+0x7b/0xc0 [ 159.553170][ T8606] ? lockdep_hardirqs_on+0x78/0x100 [ 159.553200][ T8606] do_syscall_64+0x106/0xf80 [ 159.553229][ T8606] ? clear_bhb_loop+0x40/0x90 [ 159.553266][ T8606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.553296][ T8606] RIP: 0033:0x7fa654d9c819 [ 159.553320][ T8606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.553347][ T8606] RSP: 002b:00007fa655c49028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 159.553375][ T8606] RAX: ffffffffffffffda RBX: 00007fa655015fa0 RCX: 00007fa654d9c819 [ 159.553395][ T8606] RDX: 00000000000006f4 RSI: 0000200000000580 RDI: 0000000000000000 [ 159.553413][ T8606] RBP: 00007fa654e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 159.553431][ T8606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.553448][ T8606] R13: 00007fa655016038 R14: 00007fa655015fa0 R15: 00007ffdbf8f98b8 [ 159.553488][ T8606] [ 159.857255][ T8612] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1213'. [ 160.869494][ T8655] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1229'. [ 163.407704][ T8718] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1254'. [ 163.542424][ T8723] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1256'. [ 165.656780][ T8777] zswap: compressor not available [ 170.220869][ T8941] bond0: option all_slaves_active: invalid value () [ 170.313503][ T8943] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1350'. [ 170.336630][ T8947] block nbd7: not configured, cannot reconfigure [ 170.739689][ T8963] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1360'. [ 170.954103][ T8966] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1361'. [ 171.281633][ T8978] bridge_slave_1: left allmulticast mode [ 171.296588][ T8978] bridge_slave_1: left promiscuous mode [ 171.342364][ T8978] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.291632][ T9016] kexec: Could not allocate control_code_buffer [ 174.102759][ T5831] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 174.102794][ T5831] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 174.118000][ T5831] Bluetooth: hci1: Dropping invalid advertising data [ 174.125761][ T5831] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 174.125796][ T5831] Bluetooth: hci1: Dropping invalid advertising data [ 174.139745][ T5831] Bluetooth: hci1: Malformed LE Event: 0x02 [ 175.110806][ T9108] FAULT_INJECTION: forcing a failure. [ 175.110806][ T9108] name failslab, interval 1, probability 0, space 0, times 0 [ 175.123654][ T9108] CPU: 0 UID: 0 PID: 9108 Comm: syz.3.1423 Tainted: G L syzkaller #0 PREEMPT(full) [ 175.123702][ T9108] Tainted: [L]=SOFTLOCKUP [ 175.123712][ T9108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 175.123733][ T9108] Call Trace: [ 175.123747][ T9108] [ 175.123758][ T9108] dump_stack_lvl+0x100/0x190 [ 175.123809][ T9108] should_fail_ex.cold+0x5/0xa [ 175.123845][ T9108] ? process_vm_rw_core.constprop.0+0x1d7/0x950 [ 175.123875][ T9108] should_failslab+0xc2/0x120 [ 175.123906][ T9108] __kmalloc_noprof+0xe0/0x850 [ 175.123951][ T9108] ? find_held_lock+0x2b/0x80 [ 175.123985][ T9108] process_vm_rw_core.constprop.0+0x1d7/0x950 [ 175.124019][ T9108] ? futex_unqueue+0x13d/0x2c0 [ 175.124066][ T9108] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 175.124096][ T9108] ? lockdep_hardirqs_on+0x78/0x100 [ 175.124125][ T9108] ? import_ubuf+0x1b6/0x220 [ 175.124183][ T9108] ? iovec_from_user+0xda/0x140 [ 175.124222][ T9108] process_vm_rw+0x226/0x2d0 [ 175.124251][ T9108] ? __pfx_process_vm_rw+0x10/0x10 [ 175.124299][ T9108] ? __sys_connect+0xe4/0x170 [ 175.124354][ T9108] ? xfd_validate_state+0x129/0x190 [ 175.124404][ T9108] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 175.124434][ T9108] ? do_syscall_64+0x95/0xf80 [ 175.124463][ T9108] ? lockdep_hardirqs_on+0x78/0x100 [ 175.124492][ T9108] do_syscall_64+0x106/0xf80 [ 175.124519][ T9108] ? clear_bhb_loop+0x40/0x90 [ 175.124555][ T9108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.124585][ T9108] RIP: 0033:0x7f9680d9c819 [ 175.124609][ T9108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 175.124637][ T9108] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 175.124665][ T9108] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 175.124684][ T9108] RDX: 0000040000000001 RSI: 0000200000000000 RDI: 0000000000000335 [ 175.124702][ T9108] RBP: 00007f9680e32c91 R08: 0000000000000004 R09: 0000000000000000 [ 175.124720][ T9108] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 175.124738][ T9108] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 175.124777][ T9108] [ 176.399685][ T9138] FAULT_INJECTION: forcing a failure. [ 176.399685][ T9138] name failslab, interval 1, probability 0, space 0, times 0 [ 176.431448][ T9138] CPU: 0 UID: 0 PID: 9138 Comm: syz.3.1436 Tainted: G L syzkaller #0 PREEMPT(full) [ 176.431492][ T9138] Tainted: [L]=SOFTLOCKUP [ 176.431502][ T9138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 176.431518][ T9138] Call Trace: [ 176.431526][ T9138] [ 176.431537][ T9138] dump_stack_lvl+0x100/0x190 [ 176.431585][ T9138] should_fail_ex.cold+0x5/0xa [ 176.431629][ T9138] should_failslab+0xc2/0x120 [ 176.431663][ T9138] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 176.431705][ T9138] ? __anon_vma_prepare+0xae/0x5e0 [ 176.431751][ T9138] __anon_vma_prepare+0xae/0x5e0 [ 176.431788][ T9138] ? __filemap_get_folio_mpol+0x3ba/0xe70 [ 176.431822][ T9138] __vmf_anon_prepare+0x11f/0x250 [ 176.431862][ T9138] hugetlb_no_page+0xe28/0x1970 [ 176.431907][ T9138] hugetlb_fault+0x5df/0x1450 [ 176.431948][ T9138] ? __pfx_hugetlb_fault+0x10/0x10 [ 176.431999][ T9138] ? find_vma+0xbf/0x140 [ 176.432034][ T9138] ? __pfx_find_vma+0x10/0x10 [ 176.432068][ T9138] handle_mm_fault+0x5f1/0xa20 [ 176.432116][ T9138] do_user_addr_fault+0x74c/0x12f0 [ 176.432156][ T9138] exc_page_fault+0x6f/0xd0 [ 176.432187][ T9138] asm_exc_page_fault+0x26/0x30 [ 176.432215][ T9138] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 176.432253][ T9138] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 176.432279][ T9138] RSP: 0018:ffffc90003097e70 EFLAGS: 00050246 [ 176.432301][ T9138] RAX: 003270756f726763 RBX: 0000000000000008 RCX: 0000000000000008 [ 176.432317][ T9138] RDX: 0000000000000001 RSI: ffffffff8bb3edc0 RDI: 0000000000000000 [ 176.432334][ T9138] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff1767db8 [ 176.432349][ T9138] R10: ffffffff8bb3edc7 R11: 0000000000000000 R12: ffffffff8bb3edc0 [ 176.432366][ T9138] R13: 0000000000000008 R14: 00007ffffffff000 R15: 0000000000000000 [ 176.432402][ T9138] _copy_to_user+0xa4/0xd0 [ 176.432441][ T9138] fs_name+0x144/0x220 [ 176.432477][ T9138] __x64_sys_sysfs+0x14f/0x190 [ 176.432516][ T9138] do_syscall_64+0x106/0xf80 [ 176.432543][ T9138] ? clear_bhb_loop+0x40/0x90 [ 176.432578][ T9138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.432607][ T9138] RIP: 0033:0x7f9680d9c819 [ 176.432629][ T9138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 176.432654][ T9138] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 000000000000008b [ 176.432679][ T9138] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 176.432698][ T9138] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 176.432714][ T9138] RBP: 00007f9680e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 176.432730][ T9138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 176.432746][ T9138] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 176.432782][ T9138] [ 177.011539][ T9146] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 177.026529][ T9146] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 179.599273][ T9222] zswap: compressor 000 not available [ 180.515563][ T9261] usb usb3: usbfs: process 9261 (syz.1.1487) did not claim interface 0 before use [ 181.880086][ T9311] MTRR 1 not used [ 182.749156][ T29] audit: type=1804 audit(4294967386.060:4): pid=9334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1514" name="/newroot/375/file0" dev="tmpfs" ino=1910 res=1 errno=0 [ 182.974126][ T9340] FAULT_INJECTION: forcing a failure. [ 182.974126][ T9340] name failslab, interval 1, probability 0, space 0, times 0 [ 183.012139][ T9340] CPU: 1 UID: 0 PID: 9340 Comm: syz.3.1519 Tainted: G L syzkaller #0 PREEMPT(full) [ 183.012183][ T9340] Tainted: [L]=SOFTLOCKUP [ 183.012192][ T9340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 183.012208][ T9340] Call Trace: [ 183.012217][ T9340] [ 183.012227][ T9340] dump_stack_lvl+0x100/0x190 [ 183.012276][ T9340] should_fail_ex.cold+0x5/0xa [ 183.012310][ T9340] ? lsm_blob_alloc+0x68/0x90 [ 183.012358][ T9340] should_failslab+0xc2/0x120 [ 183.012392][ T9340] __kmalloc_noprof+0xe0/0x850 [ 183.012437][ T9340] ? trace_kmem_cache_alloc+0xf3/0x120 [ 183.012476][ T9340] lsm_blob_alloc+0x68/0x90 [ 183.012520][ T9340] security_prepare_creds+0x2d/0x290 [ 183.012562][ T9340] prepare_creds+0x5d6/0x950 [ 183.012610][ T9340] __do_sys_landlock_restrict_self+0x143/0x9e0 [ 183.012651][ T9340] do_syscall_64+0x106/0xf80 [ 183.012678][ T9340] ? clear_bhb_loop+0x40/0x90 [ 183.012714][ T9340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.012743][ T9340] RIP: 0033:0x7f9680d9c819 [ 183.012766][ T9340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 183.012791][ T9340] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 183.012818][ T9340] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 183.012836][ T9340] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003 [ 183.012852][ T9340] RBP: 00007f9680e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 183.012869][ T9340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.012886][ T9340] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 183.012923][ T9340] [ 183.281965][ T9347] netlink: 4394 bytes leftover after parsing attributes in process `syz.1.1522'. [ 184.344640][ T29] audit: type=1804 audit(4294967387.680:5): pid=9369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1530" name="/newroot/398/file0" dev="tmpfs" ino=2023 res=1 errno=0 [ 184.816616][ T29] audit: type=1326 audit(4294967388.150:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9387 comm="syz.2.1539" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f949239c819 code=0x0 [ 185.550110][ T29] audit: type=1804 audit(4294967388.880:7): pid=9405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1544" name="/newroot/377/file0" dev="tmpfs" ino=1938 res=1 errno=0 [ 186.180323][ T9424] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 186.233465][ T9388] kexec: Could not allocate control_code_buffer [ 186.550036][ T29] audit: type=1804 audit(4294967389.880:8): pid=9438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1559" name="/newroot/381/file0" dev="tmpfs" ino=1959 res=1 errno=0 [ 186.959983][ T9454] netlink: 'syz.1.1566': attribute type 33 has an invalid length. [ 187.432015][ T29] audit: type=1804 audit(4294967390.760:9): pid=9478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1576" name="/newroot/386/file0" dev="tmpfs" ino=1986 res=1 errno=0 [ 188.241921][ T29] audit: type=1804 audit(4294967391.570:10): pid=9503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1587" name="/newroot/390/file0" dev="tmpfs" ino=2007 res=1 errno=0 [ 189.622678][ T29] audit: type=1804 audit(4294967392.950:11): pid=9531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1599" name="/newroot/394/file0" dev="tmpfs" ino=2029 res=1 errno=0 [ 189.896231][ T9537] Invalid ELF header magic: != ELF [ 190.072123][ T29] audit: type=1804 audit(4294967393.400:12): pid=9541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1610" name="/newroot/412/file0" dev="tmpfs" ino=2094 res=1 errno=0 [ 190.656141][ T9560] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1613'. [ 191.779220][ T9598] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1626'. [ 192.458032][ T9626] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 193.902632][ T9655] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 194.039085][ T9663] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 194.366560][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.373306][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.034220][ T9758] FAULT_INJECTION: forcing a failure. [ 197.034220][ T9758] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 197.052211][ T9758] CPU: 1 UID: 0 PID: 9758 Comm: syz.3.1701 Tainted: G L syzkaller #0 PREEMPT(full) [ 197.052259][ T9758] Tainted: [L]=SOFTLOCKUP [ 197.052270][ T9758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 197.052287][ T9758] Call Trace: [ 197.052297][ T9758] [ 197.052308][ T9758] dump_stack_lvl+0x100/0x190 [ 197.052360][ T9758] should_fail_ex.cold+0x5/0xa [ 197.052389][ T9758] ? prepare_alloc_pages+0x16d/0x5f0 [ 197.052425][ T9758] should_fail_alloc_page+0xeb/0x140 [ 197.052460][ T9758] prepare_alloc_pages+0x1f0/0x5f0 [ 197.052493][ T9758] ? __lock_acquire+0x4a5/0x2630 [ 197.052533][ T9758] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 197.052589][ T9758] ? lock_acquire+0x1cf/0x380 [ 197.052646][ T9758] ? find_held_lock+0x2b/0x80 [ 197.052673][ T9758] ? page_table_check_set+0x49a/0xa10 [ 197.052702][ T9758] ? page_table_check_set+0x49a/0xa10 [ 197.052735][ T9758] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 197.052789][ T9758] ? __page_table_check_ptes_set+0x1b5/0x4e0 [ 197.052818][ T9758] ? xas_move_index+0xae/0x110 [ 197.052847][ T9758] ? xas_find+0x32c/0x8e0 [ 197.052880][ T9758] ? find_held_lock+0x2b/0x80 [ 197.052905][ T9758] ? find_held_lock+0x2b/0x80 [ 197.052931][ T9758] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 197.052960][ T9758] ? policy_nodemask+0xed/0x4f0 [ 197.052998][ T9758] alloc_pages_mpol+0x1fb/0x550 [ 197.053033][ T9758] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 197.053076][ T9758] folio_alloc_mpol_noprof+0x36/0x340 [ 197.053116][ T9758] vma_alloc_folio_noprof+0xed/0x1d0 [ 197.053153][ T9758] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 197.053200][ T9758] do_anonymous_page+0xb3a/0x1fb0 [ 197.053254][ T9758] __handle_mm_fault+0x1d48/0x2b60 [ 197.053301][ T9758] ? reacquire_held_locks+0xce/0x1e0 [ 197.053340][ T9758] ? __pfx___handle_mm_fault+0x10/0x10 [ 197.053386][ T9758] ? lock_vma_under_rcu+0x17c/0x590 [ 197.053448][ T9758] handle_mm_fault+0x36d/0xa20 [ 197.053518][ T9758] do_user_addr_fault+0x5a3/0x12f0 [ 197.053561][ T9758] exc_page_fault+0x6f/0xd0 [ 197.053590][ T9758] asm_exc_page_fault+0x26/0x30 [ 197.053619][ T9758] RIP: 0033:0x7f9680c5dfcb [ 197.053644][ T9758] Code: 00 00 00 48 8d 3d bd a6 1a 00 48 89 c1 31 c0 e8 5b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 a6 1a 00 48 89 34 24 48 8b 14 24 48 8b [ 197.053671][ T9758] RSP: 002b:00007f9681ccbfa0 EFLAGS: 00010206 [ 197.053694][ T9758] RAX: 0000000000000000 RBX: 00007f9681015fa0 RCX: 0000000000000000 [ 197.053713][ T9758] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000100 [ 197.053731][ T9758] RBP: 00007f9680e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 197.053747][ T9758] R10: 0000200000000100 R11: 0000000000000000 R12: 0000000000000000 [ 197.053762][ T9758] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 197.053799][ T9758] [ 197.054439][ T9758] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 199.879637][ T9856] FAULT_INJECTION: forcing a failure. [ 199.879637][ T9856] name failslab, interval 1, probability 0, space 0, times 0 [ 199.899971][ T9856] CPU: 0 UID: 0 PID: 9856 Comm: syz.3.1747 Tainted: G L syzkaller #0 PREEMPT(full) [ 199.900019][ T9856] Tainted: [L]=SOFTLOCKUP [ 199.900030][ T9856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 199.900046][ T9856] Call Trace: [ 199.900055][ T9856] [ 199.900066][ T9856] dump_stack_lvl+0x100/0x190 [ 199.900117][ T9856] should_fail_ex.cold+0x5/0xa [ 199.900151][ T9856] should_failslab+0xc2/0x120 [ 199.900182][ T9856] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 199.900211][ T9856] ? key_alloc+0x423/0x1310 [ 199.900248][ T9856] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 199.900300][ T9856] kmemdup_noprof+0x29/0x60 [ 199.900329][ T9856] key_alloc+0x423/0x1310 [ 199.900379][ T9856] ? __pfx_key_alloc+0x10/0x10 [ 199.900425][ T9856] keyring_alloc+0x44/0xc0 [ 199.900470][ T9856] lookup_user_key+0x9b8/0x1300 [ 199.900509][ T9856] ? __pfx_lookup_user_key+0x10/0x10 [ 199.900545][ T9856] ? __pfx_do_futex+0x10/0x10 [ 199.900604][ T9856] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 199.900648][ T9856] ? xfd_validate_state+0x129/0x190 [ 199.900695][ T9856] keyctl_keyring_link+0x22/0xe0 [ 199.900725][ T9856] __do_sys_keyctl+0x1bf/0x5a0 [ 199.900759][ T9856] do_syscall_64+0x106/0xf80 [ 199.900787][ T9856] ? clear_bhb_loop+0x40/0x90 [ 199.900866][ T9856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.900905][ T9856] RIP: 0033:0x7f9680d9c819 [ 199.900931][ T9856] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 199.900958][ T9856] RSP: 002b:00007f9681ccd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 199.900992][ T9856] RAX: ffffffffffffffda RBX: 00007f9681015fa0 RCX: 00007f9680d9c819 [ 199.901011][ T9856] RDX: ffffffffffffffff RSI: fffffffffffffffd RDI: 0000000000000008 [ 199.901030][ T9856] RBP: 00007f9680e32c91 R08: 0000000000000002 R09: 0000000000000000 [ 199.901047][ T9856] R10: 0000000000005092 R11: 0000000000000246 R12: 0000000000000000 [ 199.901064][ T9856] R13: 00007f9681016038 R14: 00007f9681015fa0 R15: 00007fffa1ff59e8 [ 199.901108][ T9856] [ 201.772301][ T9917] netlink: Unknown conntrack attr (0) [ 202.126996][ T9938] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 202.978729][ T9973] ================================================================== [ 202.978753][ T9973] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x174a/0x1910 [ 202.978807][ T9973] Write of size 8 at addr ffffc900042a9000 by task syz.0.1809/9973 [ 202.978832][ T9973] [ 202.978848][ T9973] CPU: 1 UID: 0 PID: 9973 Comm: syz.0.1809 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.978890][ T9973] Tainted: [L]=SOFTLOCKUP [ 202.978900][ T9973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 202.978917][ T9973] Call Trace: [ 202.978926][ T9973] [ 202.978937][ T9973] dump_stack_lvl+0x100/0x190 [ 202.978979][ T9973] print_report+0x156/0x4c9 [ 202.979019][ T9973] ? _raw_spin_lock_irqsave+0x52/0x60 [ 202.979062][ T9973] ? __virt_addr_valid+0x81/0x620 [ 202.979100][ T9973] ? sys_fillrect+0x174a/0x1910 [ 202.979143][ T9973] kasan_report+0xdf/0x1e0 [ 202.979176][ T9973] ? sys_fillrect+0x174a/0x1910 [ 202.979223][ T9973] sys_fillrect+0x174a/0x1910 [ 202.979273][ T9973] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 202.979308][ T9973] bit_clear+0x17d/0x220 [ 202.979344][ T9973] ? __pfx_bit_clear+0x10/0x10 [ 202.979381][ T9973] ? fb_get_color_depth+0x120/0x250 [ 202.979414][ T9973] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 202.979448][ T9973] __fbcon_clear+0x633/0x760 [ 202.979482][ T9973] ? __pfx_bit_clear+0x10/0x10 [ 202.979526][ T9973] fbcon_scroll+0x48b/0x650 [ 202.979562][ T9973] con_scroll+0x464/0x690 [ 202.979608][ T9973] do_con_write+0x6883/0x8540 [ 202.979646][ T9973] ? __pfx_do_con_write+0x10/0x10 [ 202.979679][ T9973] con_write+0x23/0xb0 [ 202.979703][ T9973] n_tty_write+0x44f/0x12d0 [ 202.979743][ T9973] ? __pfx_n_tty_write+0x10/0x10 [ 202.979775][ T9973] ? trace_kmalloc+0x101/0x130 [ 202.979807][ T9973] ? __pfx_woken_wake_function+0x10/0x10 [ 202.979852][ T9973] ? rcu_is_watching+0x12/0xc0 [ 202.979895][ T9973] ? file_tty_write.isra.0+0x694/0x890 [ 202.979940][ T9973] ? kfree+0x2ec/0x6b0 [ 202.979977][ T9973] ? __pfx_n_tty_write+0x10/0x10 [ 202.980011][ T9973] file_tty_write.isra.0+0x4d2/0x890 [ 202.980060][ T9973] redirected_tty_write+0xd4/0x120 [ 202.980106][ T9973] vfs_write+0x6ac/0x1070 [ 202.980134][ T9973] ? __pfx_redirected_tty_write+0x10/0x10 [ 202.980182][ T9973] ? __pfx_vfs_write+0x10/0x10 [ 202.980208][ T9973] ? find_held_lock+0x2b/0x80 [ 202.980247][ T9973] ksys_write+0x12a/0x250 [ 202.980273][ T9973] ? __pfx_ksys_write+0x10/0x10 [ 202.980307][ T9973] do_syscall_64+0x106/0xf80 [ 202.980334][ T9973] ? clear_bhb_loop+0x40/0x90 [ 202.980367][ T9973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.980397][ T9973] RIP: 0033:0x7ff456d9c819 [ 202.980419][ T9973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 202.980447][ T9973] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 202.980474][ T9973] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 202.980494][ T9973] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 202.980513][ T9973] RBP: 00007ff456e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 202.980537][ T9973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.980555][ T9973] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 202.980584][ T9973] [ 202.980594][ T9973] [ 202.980602][ T9973] The buggy address belongs to a vmalloc virtual mapping [ 202.980622][ T9973] Memory state around the buggy address: [ 202.980637][ T9973] ffffc900042a8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 202.980663][ T9973] ffffc900042a8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 202.980683][ T9973] >ffffc900042a9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 202.980698][ T9973] ^ [ 202.980713][ T9973] ffffc900042a9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 202.980733][ T9973] ffffc900042a9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 202.980749][ T9973] ================================================================== [ 202.980765][ T9973] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 202.980786][ T9973] CPU: 1 UID: 0 PID: 9973 Comm: syz.0.1809 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.980827][ T9973] Tainted: [L]=SOFTLOCKUP [ 202.980838][ T9973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 202.980855][ T9973] Call Trace: [ 202.980864][ T9973] [ 202.980874][ T9973] dump_stack_lvl+0x100/0x190 [ 202.980916][ T9973] vpanic+0x552/0x970 [ 202.980941][ T9973] ? __pfx_vpanic+0x10/0x10 [ 202.980968][ T9973] ? __pfx_vprintk_emit+0x10/0x10 [ 202.981000][ T9973] ? sys_fillrect+0x174a/0x1910 [ 202.981041][ T9973] panic+0xd1/0xe0 [ 202.981066][ T9973] ? __pfx_panic+0x10/0x10 [ 202.981096][ T9973] ? sys_fillrect+0x174a/0x1910 [ 202.981140][ T9973] check_panic_on_warn.cold+0x19/0x34 [ 202.981171][ T9973] end_report.part.0+0x3a/0x90 [ 202.981210][ T9973] kasan_report.cold+0xe/0x18 [ 202.981251][ T9973] ? sys_fillrect+0x174a/0x1910 [ 202.981298][ T9973] sys_fillrect+0x174a/0x1910 [ 202.981344][ T9973] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 202.981375][ T9973] bit_clear+0x17d/0x220 [ 202.981408][ T9973] ? __pfx_bit_clear+0x10/0x10 [ 202.981445][ T9973] ? fb_get_color_depth+0x120/0x250 [ 202.981479][ T9973] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 202.981530][ T9973] __fbcon_clear+0x633/0x760 [ 202.981565][ T9973] ? __pfx_bit_clear+0x10/0x10 [ 202.981604][ T9973] fbcon_scroll+0x48b/0x650 [ 202.981639][ T9973] con_scroll+0x464/0x690 [ 202.981684][ T9973] do_con_write+0x6883/0x8540 [ 202.981721][ T9973] ? __pfx_do_con_write+0x10/0x10 [ 202.981756][ T9973] con_write+0x23/0xb0 [ 202.981782][ T9973] n_tty_write+0x44f/0x12d0 [ 202.981823][ T9973] ? __pfx_n_tty_write+0x10/0x10 [ 202.981859][ T9973] ? trace_kmalloc+0x101/0x130 [ 202.981886][ T9973] ? __pfx_woken_wake_function+0x10/0x10 [ 202.981928][ T9973] ? rcu_is_watching+0x12/0xc0 [ 202.981969][ T9973] ? file_tty_write.isra.0+0x694/0x890 [ 202.982010][ T9973] ? kfree+0x2ec/0x6b0 [ 202.982047][ T9973] ? __pfx_n_tty_write+0x10/0x10 [ 202.982080][ T9973] file_tty_write.isra.0+0x4d2/0x890 [ 202.982129][ T9973] redirected_tty_write+0xd4/0x120 [ 202.982174][ T9973] vfs_write+0x6ac/0x1070 [ 202.982201][ T9973] ? __pfx_redirected_tty_write+0x10/0x10 [ 202.982248][ T9973] ? __pfx_vfs_write+0x10/0x10 [ 202.982273][ T9973] ? find_held_lock+0x2b/0x80 [ 202.982312][ T9973] ksys_write+0x12a/0x250 [ 202.982337][ T9973] ? __pfx_ksys_write+0x10/0x10 [ 202.982369][ T9973] do_syscall_64+0x106/0xf80 [ 202.982396][ T9973] ? clear_bhb_loop+0x40/0x90 [ 202.982428][ T9973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.982455][ T9973] RIP: 0033:0x7ff456d9c819 [ 202.982475][ T9973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 202.982501][ T9973] RSP: 002b:00007ff457b77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 202.982535][ T9973] RAX: ffffffffffffffda RBX: 00007ff457015fa0 RCX: 00007ff456d9c819 [ 202.982555][ T9973] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 202.982573][ T9973] RBP: 00007ff456e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 202.982591][ T9973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.982608][ T9973] R13: 00007ff457016038 R14: 00007ff457015fa0 R15: 00007fffcb828818 [ 202.982637][ T9973] [ 202.983051][ T9973] Kernel Offset: disabled